You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cloudstack.apache.org by jayapalu <gi...@git.apache.org> on 2015/09/16 14:02:52 UTC
[GitHub] cloudstack pull request: Security group ingress/egress issues with...
GitHub user jayapalu opened a pull request:
https://github.com/apache/cloudstack/pull/843
Security group ingress/egress issues with xenserver 6.2
There is issue with the xenserver 6.2 ipset type nethash. Fixed it by adding nethash for ipset version 6 which is xenserver 6.5. For ipset version 4.x use iptreemap.
1. Tested configuring egress/ingress rules.
2. Tested the traffic for the configured rules from the VM.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/jayapalu/cloudstack SGIssue
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/cloudstack/pull/843.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #843
----
commit a15df0569fa0e56b14a9a119858c53e8ae6085c3
Author: Jayapal <ja...@apache.org>
Date: 2015-09-16T09:52:33Z
CLOUDSTACK-8843: Fixed issue in default iptables rules on shared network VR
commit f0d5d5942e6ef39f1ff8b92335656b1d233782c1
Author: Jayapal <ja...@apache.org>
Date: 2015-09-16T11:26:54Z
CLOUDSTACK-8871: fixed issue with the xenserver 6.2 ipset nethash
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack issue #843: Security group ingress/egress issues with xenserver 6...
Posted by rhtyd <gi...@git.apache.org>.
Github user rhtyd commented on the issue:
https://github.com/apache/cloudstack/pull/843
Thanks @jayapalu makes sense.
@blueorangutan package
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack pull request: Security group ingress/egress issues with...
Posted by rhtyd <gi...@git.apache.org>.
Github user rhtyd commented on the pull request:
https://github.com/apache/cloudstack/pull/843#issuecomment-216190725
@jayapalu please rebase against latest master and push -f, update on status of your PR
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack issue #843: Security group ingress/egress issues with xenserver 6...
Posted by bvbharatk <gi...@git.apache.org>.
Github user bvbharatk commented on the issue:
https://github.com/apache/cloudstack/pull/843
LGTM
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack issue #843: Security group ingress/egress issues with xenserver 6...
Posted by jayapalu <gi...@git.apache.org>.
Github user jayapalu commented on the issue:
https://github.com/apache/cloudstack/pull/843
@rhtyd
This is basic zone related changes. In the above results failures are not related to the changes.
Can you please review the changes once.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack issue #843: Security group ingress/egress issues with xenserver 6...
Posted by blueorangutan <gi...@git.apache.org>.
Github user blueorangutan commented on the issue:
https://github.com/apache/cloudstack/pull/843
@rhtyd a Trillian-Jenkins test job (centos7 mgmt + xenserver-65sp1) has been kicked to run smoke tests
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack pull request #843: Security group ingress/egress issues with xens...
Posted by jayapalu <gi...@git.apache.org>.
Github user jayapalu commented on a diff in the pull request:
https://github.com/apache/cloudstack/pull/843#discussion_r100766384
--- Diff: scripts/vm/hypervisor/xenserver/vmops ---
@@ -356,18 +356,25 @@ def allow_egress_traffic(session):
return 'false'
return 'true'
+def getIpsetType():
+ try:
+ util.pread2(['/bin/bash', '-c', "ipset -v | grep 'protocol version: 6'"])
+ return 'nethash'
--- End diff --
For xenserver 6.5 the ipset version is 6. For xenserver version less than 6.5 (i.e 6.2) the ipset version is 4.x.
if ipset version is 6 then it uses nethash otherwise it uses iptreemap
The getIpsetType method is as below.
def getIpsetType():
try:
util.pread2(['/bin/bash', '-c', "ipset -v | grep 'protocol version: 6'"])
return 'nethash'
except:
return 'iptreemap'
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack pull request: Security group ingress/egress issues with...
Posted by bhaisaab <gi...@git.apache.org>.
Github user bhaisaab commented on the pull request:
https://github.com/apache/cloudstack/pull/843#issuecomment-140729245
@jayapalu isn't nethash type not supported on XenServer 6.2?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack pull request: Security group ingress/egress issues with...
Posted by jayapalu <gi...@git.apache.org>.
Github user jayapalu commented on the pull request:
https://github.com/apache/cloudstack/pull/843#issuecomment-140724480
@bhaisaab can you please review this PR
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack issue #843: Security group ingress/egress issues with xenserver 6...
Posted by blueorangutan <gi...@git.apache.org>.
Github user blueorangutan commented on the issue:
https://github.com/apache/cloudstack/pull/843
@rhtyd a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack issue #843: Security group ingress/egress issues with xenserver 6...
Posted by blueorangutan <gi...@git.apache.org>.
Github user blueorangutan commented on the issue:
https://github.com/apache/cloudstack/pull/843
<b>Trillian test result (tid-881)</b>
Environment: xenserver-65sp1 (x2), Advanced Networking with Mgmt server 7
Total time taken: 46234 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr843-t881-xenserver-65sp1.zip
Intermitten failure detected: /marvin/tests/smoke/test_internal_lb.py
Intermitten failure detected: /marvin/tests/smoke/test_privategw_acl.py
Intermitten failure detected: /marvin/tests/smoke/test_routers_network_ops.py
Intermitten failure detected: /marvin/tests/smoke/test_snapshots.py
Intermitten failure detected: /marvin/tests/smoke/test_vpc_redundant.py
Test completed. 45 look ok, 4 have error(s)
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_05_rvpc_multi_tiers | `Failure` | 540.36 | test_vpc_redundant.py
test_04_rvpc_network_garbage_collector_nics | `Failure` | 1406.19 | test_vpc_redundant.py
test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL | `Failure` | 592.48 | test_vpc_redundant.py
test_04_rvpc_privategw_static_routes | `Failure` | 187.44 | test_privategw_acl.py
test_04_rvpc_internallb_haproxy_stats_on_all_interfaces | `Failure` | 328.62 | test_internal_lb.py
test_02_list_snapshots_with_removed_data_store | `Error` | 110.75 | test_snapshots.py
test_02_list_snapshots_with_removed_data_store | `Error` | 115.85 | test_snapshots.py
test_01_vpc_site2site_vpn | Success | 297.74 | test_vpc_vpn.py
test_01_vpc_remote_access_vpn | Success | 141.71 | test_vpc_vpn.py
test_01_redundant_vpc_site2site_vpn | Success | 533.23 | test_vpc_vpn.py
test_02_VPC_default_routes | Success | 320.04 | test_vpc_router_nics.py
test_01_VPC_nics_after_destroy | Success | 698.77 | test_vpc_router_nics.py
test_03_create_redundant_VPC_1tier_2VMs_2IPs_2PF_ACL_reboot_routers | Success | 865.61 | test_vpc_redundant.py
test_02_redundant_VPC_default_routes | Success | 1072.42 | test_vpc_redundant.py
test_09_delete_detached_volume | Success | 16.00 | test_volumes.py
test_08_resize_volume | Success | 96.11 | test_volumes.py
test_07_resize_fail | Success | 101.05 | test_volumes.py
test_06_download_detached_volume | Success | 30.58 | test_volumes.py
test_05_detach_volume | Success | 100.31 | test_volumes.py
test_04_delete_attached_volume | Success | 10.21 | test_volumes.py
test_03_download_attached_volume | Success | 15.33 | test_volumes.py
test_02_attach_volume | Success | 11.18 | test_volumes.py
test_01_create_volume | Success | 432.72 | test_volumes.py
test_change_service_offering_for_vm_with_snapshots | Success | 475.26 | test_vm_snapshots.py
test_03_delete_vm_snapshots | Success | 280.29 | test_vm_snapshots.py
test_02_revert_vm_snapshots | Success | 191.33 | test_vm_snapshots.py
test_01_create_vm_snapshots | Success | 100.86 | test_vm_snapshots.py
test_deploy_vm_multiple | Success | 283.18 | test_vm_life_cycle.py
test_deploy_vm | Success | 0.04 | test_vm_life_cycle.py
test_advZoneVirtualRouter | Success | 0.03 | test_vm_life_cycle.py
test_10_attachAndDetach_iso | Success | 26.82 | test_vm_life_cycle.py
test_09_expunge_vm | Success | 125.26 | test_vm_life_cycle.py
test_08_migrate_vm | Success | 71.29 | test_vm_life_cycle.py
test_07_restore_vm | Success | 0.16 | test_vm_life_cycle.py
test_06_destroy_vm | Success | 10.20 | test_vm_life_cycle.py
test_03_reboot_vm | Success | 20.31 | test_vm_life_cycle.py
test_02_start_vm | Success | 30.32 | test_vm_life_cycle.py
test_01_stop_vm | Success | 30.30 | test_vm_life_cycle.py
test_CreateTemplateWithDuplicateName | Success | 121.32 | test_templates.py
test_08_list_system_templates | Success | 0.05 | test_templates.py
test_07_list_public_templates | Success | 0.06 | test_templates.py
test_05_template_permissions | Success | 0.09 | test_templates.py
test_04_extract_template | Success | 5.28 | test_templates.py
test_03_delete_template | Success | 5.13 | test_templates.py
test_02_edit_template | Success | 90.08 | test_templates.py
test_01_create_template | Success | 61.04 | test_templates.py
test_10_destroy_cpvm | Success | 226.88 | test_ssvm.py
test_09_destroy_ssvm | Success | 229.24 | test_ssvm.py
test_08_reboot_cpvm | Success | 151.66 | test_ssvm.py
test_07_reboot_ssvm | Success | 144.28 | test_ssvm.py
test_06_stop_cpvm | Success | 171.97 | test_ssvm.py
test_05_stop_ssvm | Success | 138.98 | test_ssvm.py
test_04_cpvm_internals | Success | 1.19 | test_ssvm.py
test_03_ssvm_internals | Success | 3.68 | test_ssvm.py
test_02_list_cpvm_vm | Success | 0.14 | test_ssvm.py
test_01_list_sec_storage_vm | Success | 0.14 | test_ssvm.py
test_01_snapshot_root_disk | Success | 21.26 | test_snapshots.py
test_04_change_offering_small | Success | 129.37 | test_service_offerings.py
test_03_delete_service_offering | Success | 0.04 | test_service_offerings.py
test_02_edit_service_offering | Success | 0.07 | test_service_offerings.py
test_01_create_service_offering | Success | 0.09 | test_service_offerings.py
test_02_sys_template_ready | Success | 0.19 | test_secondary_storage.py
test_01_sys_vm_start | Success | 0.22 | test_secondary_storage.py
test_01_scale_vm | Success | 5.25 | test_scale_vm.py
test_09_reboot_router | Success | 85.74 | test_routers.py
test_08_start_router | Success | 65.68 | test_routers.py
test_07_stop_router | Success | 20.28 | test_routers.py
test_06_router_advanced | Success | 0.11 | test_routers.py
test_05_router_basic | Success | 0.06 | test_routers.py
test_04_restart_network_wo_cleanup | Success | 5.66 | test_routers.py
test_03_restart_network_cleanup | Success | 156.31 | test_routers.py
test_02_router_internal_adv | Success | 0.82 | test_routers.py
test_01_router_internal_basic | Success | 0.51 | test_routers.py
test_router_dns_guestipquery | Success | 48.91 | test_router_dns.py
test_router_dns_externalipquery | Success | 0.08 | test_router_dns.py
test_router_dhcphosts | Success | 103.16 | test_router_dhcphosts.py
test_router_dhcp_opts | Success | 31.69 | test_router_dhcphosts.py
test_01_updatevolumedetail | Success | 5.12 | test_resource_detail.py
test_01_reset_vm_on_reboot | Success | 110.95 | test_reset_vm_on_reboot.py
test_createRegion | Success | 0.04 | test_regions.py
test_create_pvlan_network | Success | 5.23 | test_pvlan.py
test_dedicatePublicIpRange | Success | 0.41 | test_public_ip_range.py
test_03_vpc_privategw_restart_vpc_cleanup | Success | 889.37 | test_privategw_acl.py
test_02_vpc_privategw_static_routes | Success | 624.03 | test_privategw_acl.py
test_01_vpc_privategw_acl | Success | 162.94 | test_privategw_acl.py
test_01_primary_storage_nfs | Success | 38.85 | test_primary_storage.py
test_01_primary_storage_iscsi | Success | 79.13 | test_primary_storage.py
test_createPortablePublicIPRange | Success | 15.39 | test_portable_publicip.py
test_createPortablePublicIPAcquire | Success | 15.43 | test_portable_publicip.py
test_isolate_network_password_server | Success | 36.17 | test_password_server.py
test_UpdateStorageOverProvisioningFactor | Success | 0.13 | test_over_provisioning.py
test_oobm_zchange_password | Success | 31.28 | test_outofbandmanagement.py
test_oobm_multiple_mgmt_server_ownership | Success | 16.60 | test_outofbandmanagement.py
test_oobm_issue_power_status | Success | 10.27 | test_outofbandmanagement.py
test_oobm_issue_power_soft | Success | 15.37 | test_outofbandmanagement.py
test_oobm_issue_power_reset | Success | 15.43 | test_outofbandmanagement.py
test_oobm_issue_power_on | Success | 15.34 | test_outofbandmanagement.py
test_oobm_issue_power_off | Success | 15.39 | test_outofbandmanagement.py
test_oobm_issue_power_cycle | Success | 15.36 | test_outofbandmanagement.py
test_oobm_enabledisable_across_clusterzones | Success | 82.94 | test_outofbandmanagement.py
test_oobm_enable_feature_valid | Success | 5.17 | test_outofbandmanagement.py
test_oobm_enable_feature_invalid | Success | 0.09 | test_outofbandmanagement.py
test_oobm_disable_feature_valid | Success | 5.19 | test_outofbandmanagement.py
test_oobm_disable_feature_invalid | Success | 0.10 | test_outofbandmanagement.py
test_oobm_configure_invalid_driver | Success | 0.08 | test_outofbandmanagement.py
test_oobm_configure_default_driver | Success | 0.07 | test_outofbandmanagement.py
test_oobm_background_powerstate_sync | Success | 23.49 | test_outofbandmanagement.py
test_extendPhysicalNetworkVlan | Success | 15.32 | test_non_contigiousvlan.py
test_01_nic | Success | 541.06 | test_nic.py
test_releaseIP | Success | 278.35 | test_network.py
test_reboot_router | Success | 544.94 | test_network.py
test_public_ip_user_account | Success | 10.31 | test_network.py
test_public_ip_admin_account | Success | 40.27 | test_network.py
test_network_rules_acquired_public_ip_3_Load_Balancer_Rule | Success | 86.68 | test_network.py
test_network_rules_acquired_public_ip_2_nat_rule | Success | 76.66 | test_network.py
test_network_rules_acquired_public_ip_1_static_nat_rule | Success | 103.13 | test_network.py
test_delete_account | Success | 308.25 | test_network.py
test_02_port_fwd_on_non_src_nat | Success | 70.82 | test_network.py
test_01_port_fwd_on_src_nat | Success | 83.80 | test_network.py
test_nic_secondaryip_add_remove | Success | 207.78 | test_multipleips_per_nic.py
login_test_saml_user | Success | 19.33 | test_login.py
test_assign_and_removal_lb | Success | 148.76 | test_loadbalance.py
test_02_create_lb_rule_non_nat | Success | 207.48 | test_loadbalance.py
test_01_create_lb_rule_src_nat | Success | 208.04 | test_loadbalance.py
test_03_list_snapshots | Success | 0.06 | test_list_ids_parameter.py
test_02_list_templates | Success | 0.04 | test_list_ids_parameter.py
test_01_list_volumes | Success | 0.04 | test_list_ids_parameter.py
test_07_list_default_iso | Success | 0.06 | test_iso.py
test_05_iso_permissions | Success | 0.06 | test_iso.py
test_04_extract_Iso | Success | 5.12 | test_iso.py
test_03_delete_iso | Success | 95.23 | test_iso.py
test_02_edit_iso | Success | 0.08 | test_iso.py
test_01_create_iso | Success | 21.04 | test_iso.py
test_03_vpc_internallb_haproxy_stats_on_all_interfaces | Success | 258.60 | test_internal_lb.py
test_02_internallb_roundrobin_1RVPC_3VM_HTTP_port80 | Success | 965.85 | test_internal_lb.py
test_01_internallb_roundrobin_1VPC_3VM_HTTP_port80 | Success | 667.79 | test_internal_lb.py
test_dedicateGuestVlanRange | Success | 10.27 | test_guest_vlan_range.py
test_UpdateConfigParamWithScope | Success | 0.14 | test_global_settings.py
test_rolepermission_lifecycle_update | Success | 6.19 | test_dynamicroles.py
test_rolepermission_lifecycle_list | Success | 5.99 | test_dynamicroles.py
test_rolepermission_lifecycle_delete | Success | 5.87 | test_dynamicroles.py
test_rolepermission_lifecycle_create | Success | 5.89 | test_dynamicroles.py
test_rolepermission_lifecycle_concurrent_updates | Success | 6.04 | test_dynamicroles.py
test_role_lifecycle_update_role_inuse | Success | 5.92 | test_dynamicroles.py
test_role_lifecycle_update | Success | 10.99 | test_dynamicroles.py
test_role_lifecycle_list | Success | 5.90 | test_dynamicroles.py
test_role_lifecycle_delete | Success | 11.07 | test_dynamicroles.py
test_role_lifecycle_create | Success | 5.94 | test_dynamicroles.py
test_role_inuse_deletion | Success | 5.89 | test_dynamicroles.py
test_role_account_acls_multiple_mgmt_servers | Success | 8.27 | test_dynamicroles.py
test_role_account_acls | Success | 8.31 | test_dynamicroles.py
test_default_role_deletion | Success | 6.08 | test_dynamicroles.py
test_04_create_fat_type_disk_offering | Success | 0.08 | test_disk_offerings.py
test_03_delete_disk_offering | Success | 0.04 | test_disk_offerings.py
test_02_edit_disk_offering | Success | 0.05 | test_disk_offerings.py
test_02_create_sparse_type_disk_offering | Success | 0.08 | test_disk_offerings.py
test_01_create_disk_offering | Success | 0.08 | test_disk_offerings.py
test_deployvm_userdispersing | Success | 106.39 | test_deploy_vms_with_varied_deploymentplanners.py
test_deployvm_userconcentrated | Success | 46.34 | test_deploy_vms_with_varied_deploymentplanners.py
test_deployvm_firstfit | Success | 197.35 | test_deploy_vms_with_varied_deploymentplanners.py
test_deployvm_userdata_post | Success | 20.48 | test_deploy_vm_with_userdata.py
test_deployvm_userdata | Success | 111.44 | test_deploy_vm_with_userdata.py
test_02_deploy_vm_root_resize | Success | 5.92 | test_deploy_vm_root_resize.py
test_01_deploy_vm_root_resize | Success | 5.87 | test_deploy_vm_root_resize.py
test_00_deploy_vm_root_resize | Success | 6.21 | test_deploy_vm_root_resize.py
test_deploy_vm_from_iso | Success | 152.44 | test_deploy_vm_iso.py
test_DeployVmAntiAffinityGroup | Success | 262.82 | test_affinity_groups.py
test_01_test_vm_volume_snapshot | Skipped | 0.00 | test_vm_snapshots.py
test_06_copy_template | Skipped | 0.00 | test_templates.py
test_static_role_account_acls | Skipped | 0.03 | test_staticroles.py
test_11_ss_nfs_version_on_ssvm | Skipped | 0.02 | test_ssvm.py
test_nested_virtualization_vmware | Skipped | 0.00 | test_nested_virtualization.py
test_06_copy_iso | Skipped | 0.00 | test_iso.py
test_deploy_vgpu_enabled_vm | Skipped | 0.03 | test_deploy_vgpu_enabled_vm.py
test_3d_gpu_support | Skipped | 0.04 | test_deploy_vgpu_enabled_vm.py
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack issue #843: Security group ingress/egress issues with xenserver 6...
Posted by jayapalu <gi...@git.apache.org>.
Github user jayapalu commented on the issue:
https://github.com/apache/cloudstack/pull/843
@rhtyd nethash is supported in xenserver 6.2 but the problem is when configure /32 cidr giving the error ' Out of range cidr `10.147.52.30/32' specified'. Please see the bug for more details.
I have also update the ipset version check. If version less than 6 use iptreemap else nethash.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack issue #843: Security group ingress/egress issues with xenserver 6...
Posted by rhtyd <gi...@git.apache.org>.
Github user rhtyd commented on the issue:
https://github.com/apache/cloudstack/pull/843
@blueorangutan help
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack pull request: Security group ingress/egress issues with...
Posted by bhaisaab <gi...@git.apache.org>.
Github user bhaisaab commented on the pull request:
https://github.com/apache/cloudstack/pull/843#issuecomment-140729493
Also, what if the protocol version is greater than 6; what's the idea behind using protocol version to determine which data-structure type to use?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack issue #843: Security group ingress/egress issues with xenserver 6...
Posted by jayapalu <gi...@git.apache.org>.
Github user jayapalu commented on the issue:
https://github.com/apache/cloudstack/pull/843
tag:mergeready
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack issue #843: Security group ingress/egress issues with xenserver 6...
Posted by blueorangutan <gi...@git.apache.org>.
Github user blueorangutan commented on the issue:
https://github.com/apache/cloudstack/pull/843
Packaging result: \u2714centos6 \u2714centos7 \u2714debian. JID-516
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack pull request: Security group ingress/egress issues with...
Posted by rhtyd <gi...@git.apache.org>.
Github user rhtyd commented on a diff in the pull request:
https://github.com/apache/cloudstack/pull/843#discussion_r61723868
--- Diff: scripts/vm/hypervisor/xenserver/vmops ---
@@ -356,18 +356,25 @@ def allow_egress_traffic(session):
return 'false'
return 'true'
+def getIpsetType():
+ try:
+ util.pread2(['/bin/bash', '-c', "ipset -v | grep 'protocol version: 6'"])
+ return 'nethash'
--- End diff --
what is the protocol version is 6, how about we test if it's less than 6 we fallback on iptreemap otherwise use the netmask type
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack issue #843: Security group ingress/egress issues with xenserver 6...
Posted by kishankavala <gi...@git.apache.org>.
Github user kishankavala commented on the issue:
https://github.com/apache/cloudstack/pull/843
Code LGTM
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack issue #843: Security group ingress/egress issues with xenserver 6...
Posted by rhtyd <gi...@git.apache.org>.
Github user rhtyd commented on the issue:
https://github.com/apache/cloudstack/pull/843
@blueorangutan test centos7 xenserver-65sp1
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack issue #843: Security group ingress/egress issues with xenserver 6...
Posted by jayapalu <gi...@git.apache.org>.
Github user jayapalu commented on the issue:
https://github.com/apache/cloudstack/pull/843
Rebased against master. This PR changes are for basic zone. CI runs test cases for advanced zone.
So tested manually.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack issue #843: Security group ingress/egress issues with xenserver 6...
Posted by blueorangutan <gi...@git.apache.org>.
Github user blueorangutan commented on the issue:
https://github.com/apache/cloudstack/pull/843
@rhtyd I understand these words: "help", "hello", "thanks", "package", "test"
Test command usage: test [mgmt os] [hypervisor] [additional tests]
Mgmt OS options: ['centos6', 'centos7', 'ubuntu']
Hypervisor options: ['kvm-centos6', 'kvm-centos7', 'kvm-ubuntu', 'xenserver-65sp1', 'xenserver-62sp1', 'vmware-60u2', 'vmware-55u3', 'vmware-51u1', 'vmware-50u1']
Additional tests: list of comma separated tests with paths relative to the `test/integration` directory, for example: component/test_acl_listvm.py, component/test_volumes.py
Note: when additional tests are passed, you need to specify mgmt server os and hypervisor or use the `matrix` command.
Blessed contributors for kicking Trillian test jobs: ['rhtyd', 'abhinandanprateek', 'PaulAngus', 'borisstoyanov', 'DaanHoogland']
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack pull request #843: Security group ingress/egress issues with xens...
Posted by asfgit <gi...@git.apache.org>.
Github user asfgit closed the pull request at:
https://github.com/apache/cloudstack/pull/843
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---
[GitHub] cloudstack issue #843: Security group ingress/egress issues with xenserver 6...
Posted by bvbharatk <gi...@git.apache.org>.
Github user bvbharatk commented on the issue:
https://github.com/apache/cloudstack/pull/843
### ACS CI BVT Run
**Sumarry:**
Build Number 118
Hypervisor xenserver
NetworkType Advanced
Passed=73
Failed=0
Skipped=3
_Link to logs Folder (search by build_no):_ https://www.dropbox.com/sh/yj3wnzbceo9uef2/AAB6u-Iap-xztdm6jHX9SjPja?dl=0
**Failed tests:**
**Skipped tests:**
test_vm_nic_adapter_vmxnet3
test_static_role_account_acls
test_deploy_vgpu_enabled_vm
**Passed test suits:**
test_deploy_vm_with_userdata.py
test_affinity_groups_projects.py
test_portable_publicip.py
test_vpc_vpn.py
test_over_provisioning.py
test_global_settings.py
test_scale_vm.py
test_service_offerings.py
test_routers_iptables_default_policy.py
test_routers.py
test_reset_vm_on_reboot.py
test_snapshots.py
test_deploy_vms_with_varied_deploymentplanners.py
test_login.py
test_list_ids_parameter.py
test_public_ip_range.py
test_multipleips_per_nic.py
test_regions.py
test_affinity_groups.py
test_network_acl.py
test_pvlan.py
test_volumes.py
test_nic.py
test_deploy_vm_root_resize.py
test_resource_detail.py
test_secondary_storage.py
test_vm_life_cycle.py
test_disk_offerings.py
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---