You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Michael Andersen (JIRA)" <ji...@apache.org> on 2015/10/01 18:02:27 UTC
[jira] [Comment Edited] (CLOUDSTACK-8697) Assign VPC Internal LB
rule to a VM fails
[ https://issues.apache.org/jira/browse/CLOUDSTACK-8697?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14940012#comment-14940012 ]
Michael Andersen edited comment on CLOUDSTACK-8697 at 10/1/15 4:02 PM:
-----------------------------------------------------------------------
I was able to reproduce this error on ACS 4.4.4.
there is a global configuration setting which determines on which interfaces the haproxy statistics (stats) is bound to on startup of haproxy. this setting is: network.loadbalancer.haproxy.stats.visibility it defaults to all.
description:
Load Balancer(haproxy) stats visibilty, the value can be one of the following six parameters : global,guest-network,link-local,disabled,all,default all
When the above setting is left on the default a configuration is generated for haproxy which has a public and guest stats directive which try to bind to the same (guest) ip address. This results in an haproxy error:
[ALERT] 273/131923 (3076) : Starting proxy stats_on_guest: cannot bind socket [10.10.2.151:8081]
and haproxy never restarts with the new config.
the faulty config directives:
listen stats_on_public 10.10.2.151:8081
mode http
option httpclose
stats enable
stats uri /admin?stats
stats realm Haproxy\ Statistics
stats auth admin493:test123
listen stats_on_guest 10.10.2.151:8081
mode http
option httpclose
stats enable
stats uri /admin?stats
stats realm Haproxy\ Statistics
stats auth admin493:test123
In the code the visibility setting is retrieved by:
ElasticLoadBalancerManagerImpl.java
private void createApplyLoadBalancingRulesCommands(List<LoadBalancingRule> rules, DomainRouterVO elbVm, Commands cmds, long guestNetworkId) {
...
//FIXME: why are we setting attributes directly? Ick!! There should be accessors and
//the constructor should set defaults.
cmd.lbStatsVisibility = _configDao.getValue(Config.NetworkLBHaproxyStatsVisbility.key());
then in core/src/com/cloud/network/HAProxyConfigurator.java
the following function determines what to add to the generate haproxy config:
line 542: public String[] generateConfiguration(LoadBalancerConfigCommand lbCmd) {
...
line 575:
if (!lbCmd.lbStatsVisibility.equals("disabled")) {
/* new rule : listen admin_page guestip/link-local:8081 */
if (lbCmd.lbStatsVisibility.equals("global")) {
result.add(generateStatsRule(lbCmd, "stats_on_public", lbCmd.lbStatsPublicIP));
} else if (lbCmd.lbStatsVisibility.equals("guest-network")) {
result.add(generateStatsRule(lbCmd, "stats_on_guest", lbCmd.lbStatsGuestIP));
} else if (lbCmd.lbStatsVisibility.equals("link-local")) {
result.add(generateStatsRule(lbCmd, "stats_on_private", lbCmd.lbStatsPrivateIP));
} else if (lbCmd.lbStatsVisibility.equals("all")) {
result.add(generateStatsRule(lbCmd, "stats_on_public", lbCmd.lbStatsPublicIP));
result.add(generateStatsRule(lbCmd, "stats_on_guest", lbCmd.lbStatsGuestIP));
result.add(generateStatsRule(lbCmd, "stats_on_private", lbCmd.lbStatsPrivateIP));
} else {
I have not yet tested it but setting the global setting to guest-network will most likely allow for assigning LB rules on an internal LB.
In the code i think we should either retrieve the interfaces of the internallbVm before applying rules in the equals('all') case or simply the 'all' case drastically by only applying a single directive which listens on 0.0.0.0?
was (Author: michaelandersen):
I was able to reproduce this error on ACS 4.4.4.
there is a global configuration setting which determines on which interfaces the haproxy statistics (stats) is bound to on startup of haproxy. this setting is: network.loadbalancer.haproxy.stats.visibility it defaults to all.
description:
Load Balancer(haproxy) stats visibilty, the value can be one of the following six parameters : global,guest-network,link-local,disabled,all,default all
When the above setting is left on the default a configuration is generated for haproxy which has a public and guest stats directive which try to bind to the same (guest) ip address. This results in an haproxy error:
[ALERT] 273/131923 (3076) : Starting proxy stats_on_guest: cannot bind socket [10.10.2.151:8081]
and haproxy never restarts with the new config.
the faulty config directives:
listen stats_on_public 10.10.2.151:8081
mode http
option httpclose
stats enable
stats uri /admin?stats
stats realm Haproxy\ Statistics
stats auth admin493:test123
listen stats_on_guest 10.10.2.151:8081
mode http
option httpclose
stats enable
stats uri /admin?stats
stats realm Haproxy\ Statistics
stats auth admin493:test123
In the code the visibility setting is retrieved by:
ElasticLoadBalancerManagerImpl.java
private void createApplyLoadBalancingRulesCommands(List<LoadBalancingRule> rules, DomainRouterVO elbVm, Commands cmds, long guestNetworkId) {
...
//FIXME: why are we setting attributes directly? Ick!! There should be accessors and
//the constructor should set defaults.
cmd.lbStatsVisibility = _configDao.getValue(Config.NetworkLBHaproxyStatsVisbility.key());
then in core/src/com/cloud/network/HAProxyConfigurator.java
the following function determines what to add to the generate haproxy config:
line 542: public String[] generateConfiguration(LoadBalancerConfigCommand lbCmd) {
...
line 575:
if (!lbCmd.lbStatsVisibility.equals("disabled")) {
/* new rule : listen admin_page guestip/link-local:8081 */
if (lbCmd.lbStatsVisibility.equals("global")) {
result.add(generateStatsRule(lbCmd, "stats_on_public", lbCmd.lbStatsPublicIP));
} else if (lbCmd.lbStatsVisibility.equals("guest-network")) {
result.add(generateStatsRule(lbCmd, "stats_on_guest", lbCmd.lbStatsGuestIP));
} else if (lbCmd.lbStatsVisibility.equals("link-local")) {
result.add(generateStatsRule(lbCmd, "stats_on_private", lbCmd.lbStatsPrivateIP));
} else if (lbCmd.lbStatsVisibility.equals("all")) {
result.add(generateStatsRule(lbCmd, "stats_on_public", lbCmd.lbStatsPublicIP));
result.add(generateStatsRule(lbCmd, "stats_on_guest", lbCmd.lbStatsGuestIP));
result.add(generateStatsRule(lbCmd, "stats_on_private", lbCmd.lbStatsPrivateIP));
} else {
I have not yet tested it but setting the global setting to guest-network will most likely allow for assigning LB rules on an internal LB.
In the code i think we should either retrieve the interfaces of the internallbVm before appling rules in the equals('all') case or simply the 'all' case drastically by only applying a single directive which listens on 0.0.0.0?
> Assign VPC Internal LB rule to a VM fails
> -----------------------------------------
>
> Key: CLOUDSTACK-8697
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8697
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the default.)
> Components: Network Controller
> Affects Versions: 4.4.4, 4.6.0
> Reporter: Pavan Kumar Bandarupally
> Assignee: Wilder Rodrigues
> Priority: Blocker
> Attachments: MS Log.rar, MSLog.rar
>
>
> Assigning an internal LB rule to a VM inside VPC network fails. Seems to be a configuration issue.
> ================
> 2015-07-31 21:13:49,059 ERROR [c.c.u.s.SshHelper] (DirectAgent-345:ctx-2bdddfcc) SSH execution of command /opt/cloud/bin/router_proxy.sh update_config.py 169.254.2.171 load_balancer.json has an error status code in return. result output:
> 2015-07-31 21:13:49,062 DEBUG [c.c.a.r.v.VirtualRoutingResource] (DirectAgent-345:ctx-2bdddfcc) Processing ScriptConfigItem, executing update_config.py load_balancer.json took 6656ms
> 2015-07-31 21:13:49,062 WARN [c.c.a.r.v.VirtualRoutingResource] (DirectAgent-345:ctx-2bdddfcc) Expected 1 answers while executing LoadBalancerConfigCommand but received 2
> 2015-07-31 21:13:49,062 DEBUG [c.c.a.m.DirectAgentAttache] (DirectAgent-345:ctx-2bdddfcc) Seq 7-4435764157983228083: Response Received:
> 2015-07-31 21:13:49,063 DEBUG [c.c.a.t.Request] (DirectAgent-345:ctx-2bdddfcc) Seq 7-4435764157983228083: Processing: { Ans: , MgmtId: 6702933999656, via: 7, Ver: v1, Flags: 0, [{"com.cloud.agent.api.routing.GroupAnswer":{"results":["null - failed: ","null - failed: "],"result":false,"wait":0}}] }
> 2015-07-31 21:13:49,063 DEBUG [c.c.a.t.Request] (API-Job-Executor-9:ctx-4c2d49d3 job-315 ctx-06ebb5a1) Seq 7-4435764157983228083: Received: { Ans: , MgmtId: 6702933999656, via: 7, Ver: v1, Flags: 0, { GroupAnswer } }
> 2015-07-31 21:13:49,133 DEBUG [c.c.n.l.LoadBalancingRulesManagerImpl] (API-Job-Executor-9:ctx-4c2d49d3 job-315 ctx-06ebb5a1) LB Rollback rule id: 6 while attaching VM: [29]
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)