[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-API] XCP and Dell OpenManage Server Admin


  • To: "'Casper Biering'" <cb@xxxxxxxxxxx>
  • From: "Aric Aasgaard" <aric@xxxxxxxxxx>
  • Date: Thu, 27 Dec 2012 16:15:32 -0600
  • Cc: xen-api@xxxxxxxxxxxxx
  • Delivery-date: Thu, 27 Dec 2012 22:15:54 +0000
  • List-id: User and development list for XCP and XAPI <xen-api.lists.xen.org>
  • Thread-index: AQD9iVYLIRKfgpATg5LnDIpPjxlaCQIXKQhRAXbRsk2ZsTjV8A==

Thanks, that was it.

I had this, no luck

# iptables-save
# Generated by iptables-save v1.3.5 on Thu Dec 27 12:15:18 2012
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1246:384131]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A INPUT -p tcp -m tcp --dport 1311 -j ACCEPT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p esp -j ACCEPT
-A RH-Firewall-1-INPUT -p ah -j ACCEPT
-A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -i xenapi -p udp -m udp --dport 67 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 694 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Thu Dec 27 12:15:18 2012

I tried this, no luck

# iptables-save
# Generated by iptables-save v1.3.5 on Thu Dec 27 12:21:28 2012
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1246:384131]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A INPUT -p tcp -m tcp --dport 1311 -j ACCEPT
-A INPUT -p tcp -m tcp --sport 1024:65535 --dport 1311 -j ACCEPT
-A INPUT -p tcp -m tcp --sport 1024:65535 --dport 1311 -m state --state NEW -j 
ACCEPT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p esp -j ACCEPT
-A RH-Firewall-1-INPUT -p ah -j ACCEPT
-A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -i xenapi -p udp -m udp --dport 67 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 694 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Thu Dec 27 12:21:28 2012


I SCP'd /etc/sysconfig/iptables from a working Xenserver install and it worked 
.....no clue why the others didn't

# iptables-save
# Generated by iptables-save v1.3.5 on Thu Dec 27 12:44:35 2012
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [655:875233]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -p tcp -m tcp --sport 1024:65535 --dport 1311 -m state --state NEW -j 
ACCEPT
-A INPUT -p tcp -m tcp --sport 1024:65535 --dport 1311 -j ACCEPT
-A INPUT -p udp -m udp --dport 161 -j ACCEPT
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p esp -j ACCEPT
-A RH-Firewall-1-INPUT -p ah -j ACCEPT
-A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -i xenapi -p udp -m udp --dport 67 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m state --state NEW -m udp --dport 694 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Thu Dec 27 12:44:35 2012 




-----Original Message-----
From: Casper Biering [mailto:cb@xxxxxxxxxxx] 
Sent: Thursday, December 27, 2012 5:30 AM
To: Aric Aasgaard
Cc: xen-api@xxxxxxxxxxxxx
Subject: Re: [Xen-API] XCP and Dell OpenManage Server Admin

Hi,

It sounds like an iptables problem.

Could you please attach the output of the "iptables-save" command.

As a workaround, you can use SSH port forwarding:
ssh -L 1311:127.0.0.1:1311 <server-ip>
and then open https://localhost:1311/ in your local browser.

-- 
-- Casper


On Wed, 2012-12-26 at 17:32 -0600, Aric Aasgaard wrote:
> when I do a
> 
>  
> 
> wget --no-check-certificate  https://ipaddress:1311
> 
> nano index.html
> 
> From the XCP system I get what I should if it were working.
> 
>  
> 
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
> "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd";>
> 
> <html>
> 
> <head>
> 
> <META http-equiv="Content-Type" content="text/html; charset=UTF-8">
> 
> <title>Open Manage&trade;</title>
> 
> <link type="text/css" rel="stylesheet"
> href="/oma/css/loginmaster.css">
> 
> ââ..etc
> 
>  
> 
> From: xen-api-bounces@xxxxxxxxxxxxx
> [mailto:xen-api-bounces@xxxxxxxxxxxxx] On Behalf Of Aric Aasgaard
> Sent: Wednesday, December 26, 2012 5:22 PM
> To: xen-api@xxxxxxxxxxxxx
> Subject: [Xen-API] XCP and Dell OpenManage Server Admin
> 
> 
>  
> 
> I have several Dell 2950 and I have been using XenServer.  I am trying
> to install OMSA on XCP 1.6
> 
> When attempting to use 
> 
> OM-SrvAdmin-Dell-Web-LX-7.1.0-5304.XenServer60_A00.iso
> 
> I get 
> 
> Error: Repository is not compatible with installed product (XenServer
> expected)
> 
> Do you want to continue? (Y/N) y
> 
> FATAL: missing dependency xs:main
> 
>  
> 
> I seem to have installed it using this method 
> 
> http://linux.dell.com/wiki/index.php/Repository/OMSA
> 
>  
> 
> It looks good when I start it 
> 
>  
> 
> # /opt/dell/srvadmin/sbin/srvadmin-services.sh start
> 
> Starting Systems Management Device Drivers:
> 
> Starting dell_rbu: Already started                         [  OK  ]
> 
> Starting ipmi driver: Already started                      [  OK  ]
> 
> Starting Systems Management Data Engine:
> 
> Starting dsm_sa_datamgrd: Already started                  [  OK  ]
> 
> Starting dsm_sa_eventmgrd: Already started                 [  OK  ]
> 
> Starting dsm_sa_snmpd: Already started                     [  OK  ]
> 
> DSM SA Shared Services is already started
> 
> DSM SA Connection Service is already started
> 
>  
> 
> I added port 1311 to iptables even though it looks like everything is
> open.
> 
>  
> 
> It looks like it is listening
> 
>  
> 
> netstat -anp | grep 1311
> 
> tcp        0      0 0.0.0.0:1311                0.0.0.0:*
> LISTEN      10222/dsm_om_connsv
> 
>  
> 
> But I cannot access the web GUI on port 1311
> 
>  
> 
> Has anyone got this working?   Any suggestions?
> 
>  
> 
> 
> _______________________________________________
> Xen-api mailing list
> Xen-api@xxxxxxxxxxxxx
> http://lists.xen.org/cgi-bin/mailman/listinfo/xen-api



_______________________________________________
Xen-api mailing list
Xen-api@xxxxxxxxxxxxx
http://lists.xen.org/cgi-bin/mailman/listinfo/xen-api

 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.