<div>Hi!!! </div><div><br></div><div>A weird thing happens. I had configured a security group to permit SSH and ICMP, as in all tutorial we can see on the Internet. However, when these problems started, and after this help about security groups, I noticed that these rules disappeared from database. euca-describe-groups have no output and queries in the database show nothing. </div>
<div><br></div><div>Is there a way to clean a supposed bad security group? </div><div><br></div><div>iptables-save and iptables-restore are command to save and restore rules. Does Nova save these files somewhere or are they just temporary? </div>
<div><br></div><div>If there's no way to revert this I'll have to flush the database and start again. </div><div><br></div><div>Thanks a bunch!!!</div><br><div class="gmail_quote">On Fri, Oct 7, 2011 at 10:15 AM, Nathanael Burton <span dir="ltr"><<a href="mailto:nathanael.i.burton@gmail.com">nathanael.i.burton@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><p>You've probably got a bad security group rule applied (there isn't good input validation), which causes iptables-restore to fail on the bad rule.</p>
<div class="gmail_quote">On Oct 7, 2011 9:11 AM, "Jorge Luiz Correa" <<a href="mailto:correajl@gmail.com" target="_blank">correajl@gmail.com</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Hi! I would like some help with nova-network. Yestarday it was working and now I'm having problems.<div><br></div><div><br></div><div><br></div><div><div>2011-10-07 08:56:20,884 AUDIT nova [-] Starting network node (version 2011.3-nova-milestone-tarball:tarmac-20110922115702-k9nkvxqzhj130av2)</div>
<div>2011-10-07 08:56:20,885 DEBUG nova.utils [-] Attempting to grab semaphore "iptables" for method "apply"... from (pid=20298) inner /usr/lib/python2.7/dist-packages/nova/utils.py:672</div><div>2011-10-07 08:56:20,885 DEBUG nova.utils [-] Attempting to grab file lock "iptables" for method "apply"... from (pid=20298) inner /usr/lib/python2.7/dist-packages/nova/utils.py:677</div>
<div>2011-10-07 08:56:20,886 DEBUG nova.utils [-] Running cmd (subprocess): sudo iptables-save -t filter from (pid=20298) execute /usr/lib/python2.7/dist-packages/nova/utils.py:165</div><div>2011-10-07 08:56:20,920 DEBUG nova.utils [-] Running cmd (subprocess): sudo iptables-restore from (pid=20298) execute /usr/lib/python2.7/dist-packages/nova/utils.py:165</div>
<div>2011-10-07 08:56:20,952 DEBUG nova.utils [-] Running cmd (subprocess): sudo iptables-save -t nat from (pid=20298) execute /usr/lib/python2.7/dist-packages/nova/utils.py:165</div><div>2011-10-07 08:56:20,989 DEBUG nova.utils [-] Running cmd (subprocess): sudo iptables-restore from (pid=20298) execute /usr/lib/python2.7/dist-packages/nova/utils.py:165</div>
<div>2011-10-07 08:56:21,031 DEBUG nova.utils [-] Result was 2 from (pid=20298) execute /usr/lib/python2.7/dist-packages/nova/utils.py:180</div><div>2011-10-07 08:56:21,032 DEBUG nova.utils [-] ['sudo', 'iptables-restore'] failed. Retrying. from (pid=20298) execute /usr/lib/python2.7/dist-packages/nova/utils.py:194</div>
<div>2011-10-07 08:56:22,223 DEBUG nova.utils [-] Running cmd (subprocess): sudo iptables-restore from (pid=20298) execute /usr/lib/python2.7/dist-packages/nova/utils.py:165</div><div>2011-10-07 08:56:22,241 DEBUG nova.utils [-] Result was 2 from (pid=20298) execute /usr/lib/python2.7/dist-packages/nova/utils.py:180</div>
<div>2011-10-07 08:56:22,242 DEBUG nova.utils [-] ['sudo', 'iptables-restore'] failed. Retrying. from (pid=20298) execute /usr/lib/python2.7/dist-packages/nova/utils.py:194</div><div>2011-10-07 08:56:23,684 DEBUG nova.utils [-] Running cmd (subprocess): sudo iptables-restore from (pid=20298) execute /usr/lib/python2.7/dist-packages/nova/utils.py:165</div>
<div>2011-10-07 08:56:23,698 DEBUG nova.utils [-] Result was 2 from (pid=20298) execute /usr/lib/python2.7/dist-packages/nova/utils.py:180</div><div>2011-10-07 08:56:23,699 DEBUG nova.utils [-] ['sudo', 'iptables-restore'] failed. Retrying. from (pid=20298) execute /usr/lib/python2.7/dist-packages/nova/utils.py:194</div>
<div>2011-10-07 08:56:24,440 DEBUG nova.utils [-] Running cmd (subprocess): sudo iptables-restore from (pid=20298) execute /usr/lib/python2.7/dist-packages/nova/utils.py:165</div><div>2011-10-07 08:56:24,456 DEBUG nova.utils [-] Result was 2 from (pid=20298) execute /usr/lib/python2.7/dist-packages/nova/utils.py:180</div>
<div>2011-10-07 08:56:24,456 DEBUG nova.utils [-] ['sudo', 'iptables-restore'] failed. Retrying. from (pid=20298) execute /usr/lib/python2.7/dist-packages/nova/utils.py:194</div><div>2011-10-07 08:56:24,817 DEBUG nova.utils [-] Running cmd (subprocess): sudo iptables-restore from (pid=20298) execute /usr/lib/python2.7/dist-packages/nova/utils.py:165</div>
<div>2011-10-07 08:56:24,832 DEBUG nova.utils [-] Result was 2 from (pid=20298) execute /usr/lib/python2.7/dist-packages/nova/utils.py:180</div><div>2011-10-07 08:56:24,833 CRITICAL nova [-] Unexpected error while running command.</div>
<div>Command: sudo iptables-restore</div><div>Exit code: 2</div><div>Stdout: ''</div><div>Stderr: "Bad argument `#'\nError occurred at line: 18\nTry `iptables-restore -h' or 'iptables-restore --help' for more information.\n"</div>
<div>(nova): TRACE: Traceback (most recent call last):</div><div>(nova): TRACE: File "/usr/bin/nova-network", line 49, in <module></div><div>(nova): TRACE: service.wait()</div><div>(nova): TRACE: File "/usr/lib/python2.7/dist-packages/nova/service.py", line 357, in wait</div>
<div>(nova): TRACE: _launcher.wait()</div><div>(nova): TRACE: File "/usr/lib/python2.7/dist-packages/nova/service.py", line 107, in wait</div><div>(nova): TRACE: service.wait()</div><div>(nova): TRACE: File "/usr/lib/python2.7/dist-packages/eventlet/greenthread.py", line 166, in wait</div>
<div>(nova): TRACE: return self._exit_event.wait()</div><div>(nova): TRACE: File "/usr/lib/python2.7/dist-packages/eventlet/event.py", line 116, in wait</div><div>(nova): TRACE: return hubs.get_hub().switch()</div>
<div>(nova): TRACE: File "/usr/lib/python2.7/dist-packages/eventlet/hubs/hub.py", line 177, in switch</div><div>(nova): TRACE: return self.greenlet.switch()</div><div>(nova): TRACE: File "/usr/lib/python2.7/dist-packages/eventlet/greenthread.py", line 192, in main</div>
<div>(nova): TRACE: result = function(*args, **kwargs)</div><div>(nova): TRACE: File "/usr/lib/python2.7/dist-packages/nova/service.py", line 77, in run_server</div><div>(nova): TRACE: server.start()</div>
<div>(nova): TRACE: File "/usr/lib/python2.7/dist-packages/nova/service.py", line 137, in start</div><div>(nova): TRACE: self.manager.init_host()</div><div>(nova): TRACE: File "/usr/lib/python2.7/dist-packages/nova/network/manager.py", line 954, in init_host</div>
<div>(nova): TRACE: self.driver.init_host()</div><div>(nova): TRACE: File "/usr/lib/python2.7/dist-packages/nova/network/linux_net.py", line 404, in init_host</div><div>(nova): TRACE: iptables_manager.apply()</div>
<div>(nova): TRACE: File "/usr/lib/python2.7/dist-packages/nova/utils.py", line 685, in inner</div><div>(nova): TRACE: retval = f(*args, **kwargs)</div><div>(nova): TRACE: File "/usr/lib/python2.7/dist-packages/nova/network/linux_net.py", line 318, in apply</div>
<div>(nova): TRACE: attempts=5)</div><div>(nova): TRACE: File "/usr/lib/python2.7/dist-packages/nova/network/linux_net.py", line 735, in _execute</div><div><div>nova): TRACE: return utils.execute(*cmd, **kwargs)</div>
<div>(nova): TRACE: File "/usr/lib/python2.7/dist-packages/nova/utils.py", line 188, in execute</div><div>(nova): TRACE: cmd=' '.join(cmd))</div><div>(nova): TRACE: ProcessExecutionError: Unexpected error while running command.</div>
<div>(nova): TRACE: Command: sudo iptables-restore</div><div>(nova): TRACE: Exit code: 2</div><div>(nova): TRACE: Stdout: ''</div><div>(nova): TRACE: Stderr: "Bad argument `#'\nError occurred at line: 18\nTry `iptables-restore -h' or 'iptables-restore --help' for more information.\n"</div>
<div>(nova): TRACE:</div></div><div><br></div><div><div>I'm running Ubuntu Server 11-04 and I'm following the Openstack guide. </div><div>ii nova-network 2011.3-0ubuntu2~ppa1~natty1 OpenStack Compute - Network manager</div>
</div><div><br></div><div>The nova version is Diablo. (version 2011.3-nova-milestone-tarball:tarmac-20110922115702-k9nkvxqzhj130av2</div><div><br></div><div>Thanks!</div><div><br></div><div><br></div>-- <br>- MSc. Correa, J.L.<br>
<br>
</div>
<br>_______________________________________________<br>
Mailing list: <a href="https://launchpad.net/~openstack" target="_blank">https://launchpad.net/~openstack</a><br>
Post to : <a href="mailto:openstack@lists.launchpad.net" target="_blank">openstack@lists.launchpad.net</a><br>
Unsubscribe : <a href="https://launchpad.net/~openstack" target="_blank">https://launchpad.net/~openstack</a><br>
More help : <a href="https://help.launchpad.net/ListHelp" target="_blank">https://help.launchpad.net/ListHelp</a><br>
<br></blockquote></div>
<br>_______________________________________________<br>
Mailing list: <a href="https://launchpad.net/~openstack" target="_blank">https://launchpad.net/~openstack</a><br>
Post to : <a href="mailto:openstack@lists.launchpad.net">openstack@lists.launchpad.net</a><br>
Unsubscribe : <a href="https://launchpad.net/~openstack" target="_blank">https://launchpad.net/~openstack</a><br>
More help : <a href="https://help.launchpad.net/ListHelp" target="_blank">https://help.launchpad.net/ListHelp</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br>- MSc. Correa, J.L.<br><br>