How to check or monitor build status of a cloud server that belong to a RackConnect cloud account

There is a difference when you use cloud account that is linked with Rackspace RackConnect (RC) product.

Every cloud server from a cloud account that is rackconnected is gong to be reconfigured. All tasks that the RackConnect system will execute can be seen and followed on MyRackspace portal. In short these tasks will change the initial IP settings, route configuration and firewall settings on the original cloud server.

• RC tasks from MyRackspace portal

Cloud Server Created: Add "rackconnect" user 
Cloud Server Created: Validate existence of gateway interface on dedicated network device 
Cloud Server Created: Retrieve metadata 
Cloud Server Created: Provision public IP address 
Cloud Server Created: Update access on dedicated network devices 
Cloud Server Created: Configure network stack 
Cloud Server Created: Configure software firewall 
Cloud Server Created: Update software firewall on other Cloud Servers

• Status and monitoring

At the moment the only way to know that the RC is done is to monitor the network settings on the cloud server manually. This is a known limitation and there are going to be new changes deployed to address this in a close future. For now to know that the RC is done we can for example monitor the last possible task: Cloud Server Created: Configure software firewall.

As soon as we know that the firewall config has changed the RC is done (almost done because there is one last task that can still be something that affects our cloud server). A simple example how the settings change is below.

• Before the RC changes

# iptables -nL
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

• After the RC changes

# iptables -nL
Chain INPUT (policy DROP)
target     prot opt source               destination         
RS-RackConnect-INBOUND  all  --  0.0.0.0/0            0.0.0.0/0           /* RackConnectChain-INBOUND */ 

Chain FORWARD (policy DROP)
target     prot opt source               destination         
RS-RackConnect-INBOUND  all  --  0.0.0.0/0            0.0.0.0/0           /* RackConnectChain-FORWARD */ 

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain RS-RackConnect-INBOUND (2 references)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED /* RackConnectChain-INBOUND-RE */ 
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           /* Local-Loopback */ 
...

To know that the RC is done you need some simple script to check this. An example bash script is listed below.


That means the you can use the example script above and run it as many times as you want (in some loop with delays between the executions). As soon as the cloud server will be rackconnected the script output will turn into 'yes'.