The number is the ID of the instance in the nova.instances table: mysql> select id from instances where uuid = '9927550c-5950-4daf-9f05-0530e51d36c7'; +-------+ | id | +-------+ | 19437 | +-------+
$ iptables-save | grep 19437 :nova-compute-inst-19437 - [0:0] -A nova-compute-inst-19437 -m state --state INVALID -j DROP -A nova-compute-inst-19437 -m state --state RELATED,ESTABLISHED -j ACCEPT -A nova-compute-inst-19437 -j nova-compute-provider ... The only way I've found to obtain that ID without looking directly in the DB is to convert the `OS-EXT-SRV-ATTR:instance_name` value to decimal: $ nova show 9927550c-5950-4daf-9f05-0530e51d36c7 | grep OS-EXT-SRV-ATTR:instance_name | OS-EXT-SRV-ATTR:instance_name | instance-00004bed 00004bed in hex = 19437 in decimal Hope that helps :) Joe On Wed, Mar 18, 2015 at 3:57 PM, James Denton <james.den...@rackspace.com> wrote: > I’m not sure, but the X may be arbitrary. You should be able to correlate > the nova-compute-inst-X chain to the instance by looking at the > 'nova-compute-local’ chain and looking for the fixed IP: > > -A nova-compute-local -d 10.239.0.11/32 -j nova-compute-inst-25 > -A nova-compute-local -d 10.239.0.18/32 -j nova-compute-inst-65 > -A nova-compute-local -d 10.239.0.26/32 -j nova-compute-inst-95 > -A nova-compute-local -d 10.239.0.20/32 -j nova-compute-inst-69 > > In the DB, the correlation exists: > > root@controller01:~# nova list --all-ten | grep 10.239.0.11 > | 1bbb6888-b74f-4fc3-8c22-4c5231823567 | myInstance | ACTIVE | > public=10.239.0.11, 10.242.0.232 | > > mysql> use nova; select * from security_group_instance_association where > instance_uuid='1bbb6888-b74f-4fc3-8c22-4c5231823567'; > Database changed > > +---------------------+------------+------------+---------+----+-------------------+--------------------------------------+ > | created_at | updated_at | deleted_at | deleted | id | > security_group_id | instance_uuid | > > +---------------------+------------+------------+---------+----+-------------------+--------------------------------------+ > | 2013-07-03 14:40:47 | NULL | NULL | 0 | 25 | > 3 | 1bbb6888-b74f-4fc3-8c22-4c5231823567 | > > +---------------------+------------+------------+---------+----+-------------------+———————————————————+ > > The ID (25) corresponds to the chain name seen here: > > -A nova-compute-local -d 10.239.0.11/32 -j nova-compute-inst-25 > > James > > On Mar 18, 2015, at 1:37 PM, mad Engineer <themadengin...@gmail.com> > wrote: > > I am having issue troubleshooting iptables rules. > > How can i identify which chain belongs to which instance.. > > i can see nova-compute-inst-X but i am not able to relate X to nova list > or to virsh list,Can some one please help in identifying proper iptables > chains > > _______________________________________________ > Mailing list: > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : openstack@lists.openstack.org > Unsubscribe : > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > > > > _______________________________________________ > Mailing list: > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : openstack@lists.openstack.org > Unsubscribe : > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > >
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
