[Openstack] iptables chain and instance id

mad Engineer themadengin33r at gmail.com
Fri Mar 20 11:25:50 UTC 2015 

Thanks james,
                      That really helps

On Thu, Mar 19, 2015 at 3:27 AM, James Denton <james.denton at rackspace.com>
wrote:

> I’m not sure, but the X may be arbitrary. You should be able to correlate
> the nova-compute-inst-X chain to the instance by looking at the
> 'nova-compute-local’ chain and looking for the fixed IP:
>
> -A nova-compute-local -d 10.239.0.11/32 -j nova-compute-inst-25
> -A nova-compute-local -d 10.239.0.18/32 -j nova-compute-inst-65
> -A nova-compute-local -d 10.239.0.26/32 -j nova-compute-inst-95
> -A nova-compute-local -d 10.239.0.20/32 -j nova-compute-inst-69
>
> In the DB, the correlation exists:
>
> root at controller01:~# nova list --all-ten | grep 10.239.0.11
> | 1bbb6888-b74f-4fc3-8c22-4c5231823567 | myInstance     | ACTIVE |
> public=10.239.0.11, 10.242.0.232 |
>
> mysql> use nova; select * from security_group_instance_association where
> instance_uuid='1bbb6888-b74f-4fc3-8c22-4c5231823567';
> Database changed
>
> +---------------------+------------+------------+---------+----+-------------------+--------------------------------------+
> | created_at          | updated_at | deleted_at | deleted | id |
> security_group_id | instance_uuid                        |
>
> +---------------------+------------+------------+---------+----+-------------------+--------------------------------------+
> | 2013-07-03 14:40:47 | NULL       | NULL       |       0 | 25 |
>       3 | 1bbb6888-b74f-4fc3-8c22-4c5231823567 |
>
> +---------------------+------------+------------+---------+----+-------------------+———————————————————+
>
> The ID (25) corresponds to the chain name seen here:
>
> -A nova-compute-local -d 10.239.0.11/32 -j nova-compute-inst-25
>
> James
>
> On Mar 18, 2015, at 1:37 PM, mad Engineer <themadengin33r at gmail.com>
> wrote:
>
> I am having issue troubleshooting iptables rules.
>
> How can i identify which chain belongs to which instance..
>
> i can see nova-compute-inst-X  but i am not able to relate X to nova list
> or to virsh list,Can some one please help in identifying proper iptables
> chains
>
> _______________________________________________
> Mailing list:
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
> Post to     : openstack at lists.openstack.org
> Unsubscribe :
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20150320/a08677c0/attachment.html>

More information about the Openstack mailing list