Re: Integrating Cisco CloudCenter 4.8 with Public Clouds

gabriel.peral4 · ‎02-28-2018

Hi All,

I come back with another problem: I have all the cloudcenter 4.8.2 up and running in VMWare but for some reason when I tryied to integrate with AWS or Azure the manager cannot connect with the CCO of each cloud, all the components (cco and rabbitmq) are ok, I see all the rabbitmq_users and rabbitmq_connections ok, and i am able to reach the CCM from the CCO through the 8443 port.

But when I try to connect the CCM with the CCO an error appears, from the

/usr/local/cliqr/logs/mgmtserver.log

I can see the following:

VENDOR_ID::1::USER_ID::2::2018-02-28 16:19:03,089 ERROR impl.GatewayServiceImpl [http-nio-8080-exec-1] - Can not notify gateway: <account_name>-eu-west-1
VENDOR_ID::1::USER_ID::2::2018-02-28 16:19:03,089 ERROR impl.GatewayServiceImpl [http-nio-8080-exec-1] - Activate gateway exception message: 408

Where the account_name is the account that I set for the cloudcenter.

Any idea what I've missed?¿

Thank you all

Gabriel

Shaun Roberts · ‎02-28-2018

Did you try just rebooting both AMQP and CCO?

If not, it could be some networking issues as 408 is a timeout.

If you need deeper troubleshooting and log review, please open a TAC case and the team will address it.

thanks!

--Shaun Roberts
Principal Engineer, CX
shaurobe@cisco.com

viparame · ‎02-28-2018

Hi Gabriel,

I would like you to go over the firewall rules to verify if all the required ports are opened as per documentation.

https://docs.cloudcenter.cisco.com/display/CCD482/CCM+Firewall+Rules

https://docs.cloudcenter.cisco.com/display/CCD482/CCO+Firewall+Rules

https://docs.cloudcenter.cisco.com/display/CCD482/AMQP+Firewall+Rules

Also, check if you are getting any exception in rabbitmq log files.

https://docs.cloudcenter.cisco.com/display/CCD482/Log+Files

Regards

Vihar Kuruppathukattil

gabriel.peral4 · ‎02-28-2018

Hi Vihar,

All the ports are open, and all the rabbitmq connections and users are ok, the rabbitmq logs don't show anything wrong, I'm a little bit confused becasuse all the environments are the same than my actual cloudcenter-ready version 4.7 and for some reason it happens in both AWS and Azure,

I have to add that I launch the CCO and AMQP manually using the core_installer, not by using the cloud images of each provider. it can be a reason?

gabriel.peral4 · ‎03-01-2018

Hi all,

Quick update, I've been diging in the CCO log, precisely in the :

gateway.log

and it seems that even if the CCO is in AWS or Azure it tries to reach the private CCM ip, even if I have set a public IP for this environments,

The error is the following:

2018-03-01 11:29:04,061 INFO  config.GatewayConfigController [https-jsse-nio-8443-exec-3]  - Activating gateway: mgmtServer=<CCM_PRIVATE_IP>, cloudType=AWS-eu-west-1
2018-03-01 11:29:04,061 INFO  config.GatewayConfigController [https-jsse-nio-8443-exec-3]  - pinging management server at <CCM_PRIVATE_IP>
2018-03-01 11:29:24,078 ERROR config.GatewayConfigController [https-jsse-nio-8443-exec-3]  - cannot communicate with management server <CCM_PRIVATE_IP>

So where it says <CCM_PRIVATE_IP> shoudl be the CCM_PUBLIC_IP that I have associated to the CCM (via port nating)

Any idea how I can change the mgtServer parameter in the public cloud environments?

viparame · ‎03-01-2018

Hi Gabriel,

CCM should have Public IP if it is in private datacetner and CCO in public Cloud. When it tries to register the CCO in CCM GUI it tries to communicate to it hence all the components should be reachable. If you want to communicate it via private IP address, you may need to have VPN tunnel from your private and public cloud so that all components are reachable or else the direct public IP assigned to CCM.

So where it says <CCM_PRIVATE_IP> shoudl be the CCM_PUBLIC_IP that I have associated to the CCM (via port nating)

>> The IP address can be changed from the ccm_config_wizard.sh file and should be under /usr/local/cliqr/bin/ directory.

Regards

Vihar Kuruppathukattil

gabriel.peral4 · ‎03-01-2018

HI Vihar,

I see, but seems weird, in the version 4.7 when you configure the CCM you have the option to set an external url like in the image: Screenshot from 2018-03-01 15-12-48.png

but the ccm ip could be a internal ip, so in this new version it is mandatory to have a public ip as mgmtserver ip¿?

Thanks for the help

BR

Gabriel

viparame · ‎03-01-2018

It is not mandatory to have public IP address for the management server however if your CCM is in private cloud and CCO in public cloud and you do not have VPN then in that case you require public IP so that CCO will be able to reach the CCM directly.

In brief, all the components should be reachable to each other regardless of which cloud you are using.

Regards
Vihar K

gabriel.peral4 · ‎03-01-2018

Actually I have that situation,

let me explain: i have my ccm in vmware, with the (totally invented) 10.0.4.33 which is private, also i have a CCO, AMQP and POSTGRESS vms in the same vlan and environment, all in my own datacenter (on-premise), now I want to deploy a AWS CCO and rabbitqm, in order to conect both (CCM&CCO) in a bidirectional way, I set a public IP address which will point to the private CCM ip with port nating:

VMWare_ccm_pirvate_ip=10.0.4.33:8443 <------------> AWS_ccm_public_ip= 34.23.65.223:8443

So this way I say that all the comunications that are sending to the public ip address 34.23.65.223:8443 are actually passing through a firewall that will perform a NAT translation to the pirvate ip address 10.0.4.33:8443

And that works for me in the version 4.7,but in the 4.8 version, if I set the CCM private IP, even when I have in the CCO which is in AWS the /etc/hosts file the public ip for the CCM, the gateway is trying to connect to the private.

I am not sure if I've explained correctly.