You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "sadhu suresh (JIRA)" <ji...@apache.org> on 2014/07/23 09:12:39 UTC

[jira] [Created] (CLOUDSTACK-7169) VR_Rolling_Upgarde: command execution order changed when we restart the network

sadhu suresh created CLOUDSTACK-7169:
----------------------------------------

             Summary: VR_Rolling_Upgarde:  command execution order changed  when we restart the network
                 Key: CLOUDSTACK-7169
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-7169
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Management Server
    Affects Versions: 4.5.0
            Reporter: sadhu suresh
            Assignee: Sheng Yang
            Priority: Critical


when we reboot the VR, the order is proper (i.e ip assoc first then later firewall rule  next) but when restart the network ,the order has changed
i.e  we are programming  firewall before ipassoc.




1.configure advanced zone with vmware 
2.deploy a vm 
3.acquire a public IP and configure the LB rule
4. restart the router
5.  once the router is up ,check the command execution order
6.again perform the network restart 
7.check the configured order

actual result:
step 4:(incase of router  restart) - the order is ok as per expected (i.e programming firewall after ipassoc) 

Step 6:(restart network)

Here order has changed  and  it s programming firewall rule before ipassoc

please check the VR*.cfg


root@cen62307 ~]# cat VR-18351526-c087-48b9-8f8b-10b2c3f8a07e.cfg
#Apache CloudStack Virtual Router Config File
<version>
1.0
</version>
<script>
/opt/cloud/bin/firewall_ingress.sh  -F -a 10.147.49.200:tcp:22:22:0.0.0.0/0:,
</script>
<script>
/opt/cloud/bin/ipassoc.sh -A -s -f -l 10.147.49.189/24 -c eth2 -g 10.147.49.1
</script>
<script>
/opt/cloud/bin/ipassoc.sh -A -l 10.147.49.200/24 -c eth2 -g 10.147.49.1
</script>
<file>
/etc/haproxy/haproxy.cfg.new.1406117121933
global
        log 127.0.0.1:3914   local0 warning
        maxconn 4096
        maxpipes 1024
        chroot /var/lib/haproxy
        user haproxy
        group haproxy
        daemon

defaults
        log     global
        mode    tcp
        option  dontlognull
        retries 3
        option redispatch
        option forwardfor
        option forceclose
        timeout connect    5000
        timeout client     50000
        timeout server     50000

listen stats_on_public 10.147.49.189:8081
        mode http
        option httpclose
        stats enable
        stats uri     /admin?stats
        stats realm   Haproxy\ Statistics
        stats auth    admin1:AdMiN123


listen 10_147_49_189-22 10.147.49.189:22
        balance roundrobin
        server 10_147_49_189-22_0 10.1.1.2:22 check

listen 10_147_49_200-22 10.147.49.200:22
        balance roundrobin
        server 10_147_49_200-22_0 10.1.1.105:22 check



</file>
<script>
/opt/cloud/bin/loadbalancer.sh  -i 10.147.41.29 -f /etc/haproxy/haproxy.cfg.new.1406117121933 -a 10.147.49.189:22:,10.147.49.200:22:, -s 10.147.49.189:8081:0/0:,,
</script>
<script>
/opt/cloud/bin/ipassoc.sh -A -s -f -l 10.147.49.189/24 -c eth2 -g 10.147.49.1
</script>
<script>
/opt/cloud/bin/ipassoc.sh -A -l 10.147.49.200/24 -c eth2 -g 10.147.49.1


expected result:

"as per the functional spec:•Order is extremely important!••We don't want to program firewall before ipassoc". so need to handle the order when we restart the network as well.





--
This message was sent by Atlassian JIRA
(v6.2#6252)