You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Sanjeev N (JIRA)" <ji...@apache.org> on 2013/06/12 07:37:19 UTC

[jira] [Created] (CLOUDSTACK-2938) [Multiple_IP_Ranges] Password Service does not work in case of multiple subnets in a vlan

Sanjeev N created CLOUDSTACK-2938:
-------------------------------------

             Summary: [Multiple_IP_Ranges] Password Service does not work in case of multiple subnets in a vlan
                 Key: CLOUDSTACK-2938
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2938
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Management Server
    Affects Versions: 4.2.0
         Environment: Basic Zone with xen cluster
Build: Latest build from master
            Reporter: Sanjeev N
            Priority: Critical
             Fix For: 4.2.0


Password Service does not work in case of multiple subnets in a vlan

Steps to Reproduce:
=================
1.Bring up CS in basic zone with xen cluster
2.Add two CIDRs in guest network in the same vlan
3.Deploy a vm with password enabled template with ip address from CIDR1
4.Deploy another vm with the same password enabled template with ip address from CIDR2

Expected Behaviour:
=================
Password reset should work for the guest vms deployed with ip addresses from both the CIDRs

Actual Behaviour:
==============
Password reset functionality worked only for the guest vm deployed with ip address from primary CIDR 

Observations:
============
On the router vm it is observed that password service is running using socat process and it is listening only on the Router guest vms primary address.

root@r-25-QA:~# netstat -atnp | grep 8080
tcp        0      0 10.147.43.2:8080        0.0.0.0:*               LISTEN      4723/socat

root@r-25-QA:~# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 06:f8:fc:00:00:0b brd ff:ff:ff:ff:ff:ff
    inet 10.147.43.2/25 brd 10.147.43.127 scope global eth0
    inet 10.147.43.131/26 brd 10.147.43.191 scope global eth0:21
    inet6 fe80::4f8:fcff:fe00:b/64 scope link
       valid_lft forever preferred_lft forever

In the above output 10.147.43.131/26 is the alias ip address which got created after deploying the vm with the ip address from the second cidr.

Password reset script resides on guest vm would be sending request to alias ip on VR to get the password, but would fail since socat process is not listening on the alias ip.

Workaround:
===========
Restarting password server process "/etc/init.d/cloud-passwd-srvr" would create another socat process listening on alias ip:

root@r-25-QA:~# netstat -atnp | grep 8080
tcp        0      0 10.147.43.131:8080      0.0.0.0:*               LISTEN      4725/socat
tcp        0      0 10.147.43.2:8080        0.0.0.0:*               LISTEN      4723/socat


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira