[GitHub] [cloudstack] weizhouapache commented on a change in pull request #5013: network/VR: fix dhcp/password/metadata issues on shared networks with multiple subnets

[GitBox <gi...@apache.org>]

weizhouapache commented on a change in pull request #5013:
URL: https://github.com/apache/cloudstack/pull/5013#discussion_r630028261



##########
File path: systemvm/debian/opt/cloud/bin/configure.py
##########
@@ -1070,8 +1070,8 @@ def main(argv):
     config.address().process()
 
     databag_map = OrderedDict([("guest_network",     {"process_iptables": True,  "executor": []}),
-                               ("vm_password",       {"process_iptables": False, "executor": [CsPassword("vmpassword", config)]}),
-                               ("vm_metadata",       {"process_iptables": False, "executor": [CsVmMetadata('vmdata', config)]}),
+                               ("vm_password",       {"process_iptables": True, "executor": [CsPassword("vmpassword", config)]}),
+                               ("vm_metadata",       {"process_iptables": True, "executor": [CsVmMetadata('vmdata', config)]}),

Review comment:
       @rhtyd
   for additional subnet, cloudstack acquires a ip in the new subnet as alias of the guest IP in first subnet.
   I have checked VR, the ip alias looks good, dnsmasq and password server are configured correctly.
   
   The only problem is, the rules for port 80 (apache2/metadata) and 8080 (password server) are missing.
   The rules are configured but not applied. https://github.com/apache/cloudstack/blob/master/systemvm/debian/opt/cloud/bin/cs/CsAddress.py#L419-L424
   so add a new line to process iptables rules.
   ``` ("ip_aliases",        {"process_iptables": True,  "executor": []}),```




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org