You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Jayapal Reddy (JIRA)" <ji...@apache.org> on 2013/12/27 07:10:04 UTC
[jira] [Reopened] (CLOUDSTACK-4622) [IP Reservation][If a VM from
guest network is added to network tier of VPC then IP reservation allows
the CIDR to be a superset of Network CIDR for that VPC tier
[ https://issues.apache.org/jira/browse/CLOUDSTACK-4622?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jayapal Reddy reopened CLOUDSTACK-4622:
---------------------------------------
> [IP Reservation][If a VM from guest network is added to network tier of VPC then IP reservation allows the CIDR to be a superset of Network CIDR for that VPC tier
> -------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: CLOUDSTACK-4622
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-4622
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the default.)
> Components: Network Controller
> Affects Versions: 4.2.0
> Reporter: Abhinav Roy
> Assignee: Saksham Srivastava
> Priority: Critical
> Fix For: 4.3.0
>
> Attachments: CS-4622.zip
>
>
> Steps :
> ===================
> 1. Deploy a CS 4.2 advanced networking setup
> 2. Create a Guest network , gn1 and deploy a VM, vm1 on that network.
> 3. Create a VPC Tier, tier1 with CIDR as 10.1.2.1/24 and deploy a vm , v1t1 on that tier.
> 4. Go to Instances -> vm1 -> nics -> Add Network to VM and add tier1 network to vm1.
> 5. Now, go to tier1 and do IP reservation with CIDR as 10.1.2.1/23
> Expected behaviour :
> =================
> The IP reservation should fail as the CIDR 10.1.2.1/23 is not a subset of the network CIDR which is 10.1.2.1/24
> Observed behaviour :
> ================
> The IP reservation goes through , here is a snippet from management server logs
> 2013-09-06 12:13:27,760 DEBUG [cloud.async.AsyncJobManagerImpl] (catalina-exec-13:null) submit async job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ], details: AsyncJobVO {id:39, userId: 2, accountId: 2, sessionKey: null, instanceType: None, instanceId: null, cmd: org.apache.cloudstack.api.command.user.network.UpdateNetworkCmd, cmdOriginator: null, cmdInfo: {"id":"674355e5-8c3b-44a2-b47d-d198548ccea7","response":"json","sessionkey":"moOLxaFrqNc50wz6SDh6v413RnA\u003d","cmdEventType":"NETWORK.UPDATE","ctxUserId":"2","name":"TIER-1","guestvmcidr":"10.1.2.0/23","displaytext":"TIER-1","httpmethod":"GET","_":"1378450020843","ctxAccountId":"2","ctxStartEventId":"134"}, cmdVersion: 0, callbackType: 0, callbackAddress: null, status: 0, processStatus: 0, resultCode: 0, result: null, initMsid: 280320865129348, completeMsid: null, lastUpdated: null, lastPolled: null, created: null}
> 2013-09-06 12:13:27,761 DEBUG [cloud.api.ApiServlet] (catalina-exec-13:null) ===END=== 10.144.7.25 -- GET command=updateNetwork&response=json&sessionkey=moOLxaFrqNc50wz6SDh6v413RnA%3D&id=674355e5-8c3b-44a2-b47d-d198548ccea7&name=TIER-1&displaytext=TIER-1&guestvmcidr=10.1.2.0%2F23&_=1378450020843
> 2013-09-06 12:13:27,763 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-53:job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ]) Executing org.apache.cloudstack.api.command.user.network.UpdateNetworkCmd for job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ]
> 2013-09-06 12:13:27,771 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-53:job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ]) Sync job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ] execution on object network.205
> 2013-09-06 12:13:27,778 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-53:job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ]) job org.apache.cloudstack.api.command.user.network.UpdateNetworkCmd for job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ] was queued, processing the queue.
> 2013-09-06 12:13:27,782 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-53:job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ]) Executing sync queue item: SyncQueueItemVO {id:15, queueId: 1, contentType: AsyncJob, contentId: 39, lastProcessMsid: 280320865129348, lastprocessNumber: 7, lastProcessTime: Fri Sep 06 12:13:27 IST 2013, created: Fri Sep 06 12:13:27 IST 2013}
> 2013-09-06 12:13:27,783 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-53:job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ]) Schedule queued job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ]
> 2013-09-06 12:13:27,786 DEBUG [cloud.async.SyncQueueManagerImpl] (Job-Executor-53:job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ]) There is a pending process in sync queue(id: 1)
> 2013-09-06 12:13:27,788 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-54:job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ]) Executing org.apache.cloudstack.api.command.user.network.UpdateNetworkCmd for job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ]
> 2013-09-06 12:13:27,809 INFO [cloud.network.NetworkServiceImpl] (Job-Executor-54:job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ]) The start IP of the specified guest vm cidr is: 10.1.2.1 and end IP is: 10.1.3.254
> 2013-09-06 12:13:27,809 INFO [cloud.network.NetworkServiceImpl] (Job-Executor-54:job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ]) The specified guest vm cidr has 510 IPs
> 2013-09-06 12:13:27,811 INFO [cloud.network.NetworkServiceImpl] (Job-Executor-54:job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ]) IP Reservation has been applied. The new CIDR for Guests Vms is 10.1.2.0/23
> 2013-09-06 12:13:27,843 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-54:job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ]) Complete async job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ], jobStatus: 1, resultCode: 0, result: org.apache.cloudstack.api.response.NetworkResponse@3f57d929
> 2013-09-06 12:13:27,851 DEBUG [cloud.async.SyncQueueManagerImpl] (Job-Executor-54:job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ]) Sync queue (1) is currently empty
> 2013-09-06 12:13:27,851 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-54:job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ]) Done executing org.apache.cloudstack.api.command.user.network.UpdateNetworkCmd for job-39 = [ 4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e ]
> Here is a snippet from api logs :
> 2013-09-06 12:13:27,761 INFO [cloud.api.ApiServer] (catalina-exec-13:null) (userId=2 accountId=2 sessionId=DA08FA8E57384D44EDBD0EB02D547164) 10.144.7.25 -- GET command=updateNetwork&response=json&sessionkey=moOLxaFrqNc50wz6SDh6v413RnA%3D&id=674355e5-8c3b-44a2-b47d-d198548ccea7&name=TIER-1&displaytext=TIER-1&guestvmcidr=10.1.2.0%2F23&_=1378450020843 200 { "updatenetworkresponse" : {"jobid":"4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e"} }
> 2013-09-06 12:13:30,804 INFO [cloud.api.ApiServer] (catalina-exec-20:null) (userId=2 accountId=2 sessionId=DA08FA8E57384D44EDBD0EB02D547164) 10.144.7.25 -- GET command=queryAsyncJobResult&jobId=4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e&response=json&sessionkey=moOLxaFrqNc50wz6SDh6v413RnA%3D&_=1378450023951 200 { "queryasyncjobresultresponse" : {"accountid":"0add9fc0-15ef-11e3-9b03-fef34996d384","userid":"0addcf54-15ef-11e3-9b03-fef34996d384","cmd":"org.apache.cloudstack.api.command.user.network.UpdateNetworkCmd","jobstatus":1,"jobprocstatus":0,"jobresultcode":0,"jobresulttype":"object","jobresult":{"network":{"id":"674355e5-8c3b-44a2-b47d-d198548ccea7","name":"TIER-1","displaytext":"TIER-1","broadcastdomaintype":"Vlan","traffictype":"Guest","gateway":"10.1.2.1","netmask":"255.255.255.0","cidr":"10.1.2.0/23","networkcidr":"10.1.2.0/24","zoneid":"b53dc749-1576-495a-91b8-49db37aecf15","zonename":"Zone-1","networkofferingid":"6c52357c-3013-4d9e-a035-910bd5eb59ab","networkofferingname":"DefaultIsolatedNetworkOfferingForVpcNetworks","networkofferingdisplaytext":"Offering for Isolated Vpc networks with Source Nat service enabled","networkofferingconservemode":false,"networkofferingavailability":"Optional","issystem":false,"state":"Implemented","related":"674355e5-8c3b-44a2-b47d-d198548ccea7","broadcasturi":"vlan://726","dns1":"10.103.128.15","type":"Isolated","vlan":"726","acltype":"Account","account":"admin","domainid":"e3b3104c-15ee-11e3-9b03-fef34996d384","domain":"ROOT","service":[{"name":"Vpn","capability":[{"name":"VpnTypes","value":"s2svpn","canchooseservicecapability":false},{"name":"SupportedVpnTypes","value":"pptp,l2tp,ipsec","canchooseservicecapability":false}]},{"name":"PortForwarding"},{"name":"Dns","capability":[{"name":"AllowDnsSuffixModification","value":"true","canchooseservicecapability":false}]},{"name":"Dhcp","capability":[{"name":"DhcpAccrossMultipleSubnets","value":"true","canchooseservicecapability":false}]},{"name":"NetworkACL","capability":[{"name":"SupportedProtocols","value":"tcp,udp,icmp","canchooseservicecapability":false}]},{"name":"StaticNat"},{"name":"UserData"},{"name":"SourceNat","capability":[{"name":"RedundantRouter","value":"false","canchooseservicecapability":false},{"name":"SupportedSourceNatTypes","value":"peraccount","canchooseservicecapability":false}]},{"name":"Lb","capability":[{"name":"SupportedLBIsolation","value":"dedicated","canchooseservicecapability":false},{"name":"SupportedStickinessMethods","value":"[{\"methodname\":\"LbCookie\",\"paramlist\":[{\"paramname\":\"cookie-name\",\"required\":false,\"isflag\":false,\"description\":\" \"},{\"paramname\":\"mode\",\"required\":false,\"isflag\":false,\"description\":\" \"},{\"paramname\":\"nocache\",\"required\":false,\"isflag\":true,\"description\":\" \"},{\"paramname\":\"indirect\",\"required\":false,\"isflag\":true,\"description\":\" \"},{\"paramname\":\"postonly\",\"required\":false,\"isflag\":true,\"description\":\" \"},{\"paramname\":\"domain\",\"required\":false,\"isflag\":false,\"description\":\" \"}],\"description\":\"This is loadbalancer cookie based stickiness method.\"},{\"methodname\":\"AppCookie\",\"paramlist\":[{\"paramname\":\"cookie-name\",\"required\":false,\"isflag\":false,\"description\":\" \"},{\"paramname\":\"length\",\"required\":false,\"isflag\":false,\"description\":\" \"},{\"paramname\":\"holdtime\",\"required\":false,\"isflag\":false,\"description\":\" \"},{\"paramname\":\"request-learn\",\"required\":false,\"isflag\":true,\"description\":\" \"},{\"paramname\":\"prefix\",\"required\":false,\"isflag\":true,\"description\":\" \"},{\"paramname\":\"mode\",\"required\":false,\"isflag\":false,\"description\":\" \"}],\"description\":\"This is App session based sticky method. Define session stickiness on an existing application cookie. It can be used only for a specific http traffic\"},{\"methodname\":\"SourceBased\",\"paramlist\":[{\"paramname\":\"tablesize\",\"required\":false,\"isflag\":false,\"description\":\" \"},{\"paramname\":\"expire\",\"required\":false,\"isflag\":false,\"description\":\" \"}],\"description\":\"This is source based Stickiness method, it can be used for any type of protocol.\"}]","canchooseservicecapability":false},{"name":"SupportedProtocols","value":"tcp, udp","canchooseservicecapability":false},{"name":"LbSchemes","value":"Public","canchooseservicecapability":false},{"name":"SupportedLbAlgorithms","value":"roundrobin,leastconn,source","canchooseservicecapability":false}]}],"networkdomain":"cs2cloud.internal","physicalnetworkid":"a0368cfe-3d15-4d18-afee-906bd5a998c6","restartrequired":false,"specifyipranges":false,"vpcid":"8a647441-3d3f-49ff-95b9-e4f20a57bdbc","canusefordeploy":true,"ispersistent":false,"tags":[],"displaynetwork":true}},"created":"2013-09-06T12:13:27+0530","jobid":"4562cb4d-54d5-4b7e-90bd-e3d2c679ab5e"} }
> NOTE :
> =============================
> This problem is seen only in this particular scenario. I executed some other tests around this and the issue was not seen,
> i) Add the VM to another guest network and do IP reservation on that network with CIDR as a subset of network CIDR .
> ii) Add a VM from VPC tier to a guest network and do IP reservation on that network with CIDR as a subset of network CIDR.
> ii) Add a VM from VPC tier to another VPC tier and do IP reservation on that tier with CIDR as a subset of network CIDR.
> Attaching management server logs and api logs
--
This message was sent by Atlassian JIRA
(v6.1.5#6160)