[jira] [Commented] (CLOUDSTACK-2475) Failed to create PF rules with Cisco VNMC as the port pool object name is exceeding the max limit

["Koushik Das (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-2475?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13657870#comment-13657870 ] 

Koushik Das commented on CLOUDSTACK-2475:
-----------------------------------------

commit f484f4af09ce9e9532e17fb231c48d7a7e7c9e81
Author: Koushik Das <ko...@citrix.com>
Date:   Wed May 15 09:12:48 2013 +0530

    CLOUDSTACK-2475: Failed to create PF rules with Cisco VNMC as the port pool object name is exceeding the max limit
    Ip and port pool object names in VNMC were created by appending guest vlan, public ip and id of corresponding rule for better readability. This resulted in the name exceeding max. length allowed.
    Shortened the name by removing public ip part from it.

                
> Failed to create PF rules with Cisco VNMC as the port pool object name is exceeding the max limit 
> --------------------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-2475
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2475
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Network Devices
>    Affects Versions: 4.2.0
>            Reporter: Sailaja Mada
>            Assignee: Koushik Das
>            Priority: Critical
>
> Setup: Advanced Networking Zone with VMWARE Cluster 
> Steps :
> 1. Configure VMWARE Cluster with Nexus 1000v 
> 2. Add Network Service provider CiscoVnmc and add Cisco VNMC and ASA firewall devices to CS 
> 3. Create Network offering with Firewall/PF/Source Nat/Static NAT provider as Cisco VNMC 
> 4. Deploy guest network with this Offering and deploy instance using this guest network 
> 5. Acquire IP and configure PF rules. 
> 6. Create PF/Delete/Create more than 9 rules. 
> Observation: 
> 1. Failed to create PF rules with Cisco VNMC as the port pool object name is exceeding the max limit 
> 2. Creation of PF rule worked fine till it has single digit in the drule.
> [PFPort-Vlan-vlanid-PublicIP-druleid]  
> 'PFPort-vlan-770-10-102-196-232-15'
> 2013-05-14 09:42:09,912 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-92:job-66) Executing org.apache.cloudstack.api.command.user.firewall.CreatePortForwardingRuleCmd for job-66
> 2013-05-14 09:42:09,921 DEBUG [cloud.user.AccountManagerImpl] (Job-Executor-92:job-66) Access to Acct[3-cdcuser1] granted to Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
> 2013-05-14 09:42:09,937 DEBUG [cloud.user.AccountManagerImpl] (Job-Executor-92:job-66) Access to Rule[15-PortForwarding-Add] granted to Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
> 2013-05-14 09:42:09,960 DEBUG [agent.transport.Request] (Job-Executor-92:job-66) Seq 6-602734649: Sending  { Cmd , MgmtId: 214053811722752, via: 6, Ver: v1, Flags: 100011, [{"routing.SetPortForwardingRulesCommand":{"rules":[{"dstIp":"10.0.0.106","dstPortRange":[22,22],"id":15,"srcVlanTag":"100","srcIp":"10.102.196.232","protocol":"tcp","srcPortRange":[22,22],"revoked":false,"alreadyAdded":false,"purpose":"PortForwarding"}],"accessDetails":{},"wait":0}}] }
> 2013-05-14 09:42:09,961 DEBUG [agent.transport.Request] (Job-Executor-92:job-66) Seq 6-602734649: Executing:  { Cmd , MgmtId: 214053811722752, via: 6, Ver: v1, Flags: 100011, [{"routing.SetPortForwardingRulesCommand":{"rules":[{"dstIp":"10.0.0.106","dstPortRange":[22,22],"id":15,"srcVlanTag":"100","srcIp":"10.102.196.232","protocol":"tcp","srcPortRange":[22,22],"revoked":false,"alreadyAdded":false,"purpose":"PortForwarding"}],"accessDetails":{},"wait":0}}] }
> 2013-05-14 09:42:09,965 DEBUG [agent.manager.DirectAgentAttache] (DirectAgent-392:null) Seq 6-602734649: Executing request
> 2013-05-14 09:42:10,468 ERROR [network.resource.CiscoVnmcResource] (DirectAgent-392:null) SetSourceNatCommand failed due to property name of objgrp-PFPort-vlan-770-10-102-196-232-15 failed validation for value 'PFPort-vlan-770-10-102-196-232-15'
> com.cloud.utils.exception.ExecutionException: property name of objgrp-PFPort-vlan-770-10-102-196-232-15 failed validation for value 'PFPort-vlan-770-10-102-196-232-15'
>         at com.cloud.network.cisco.CiscoVnmcConnectionImpl.verifySuccess(CiscoVnmcConnectionImpl.java:1361)
>         at com.cloud.network.cisco.CiscoVnmcConnectionImpl.createTenantVDCPortPool(CiscoVnmcConnectionImpl.java:824)
>         at com.cloud.network.cisco.CiscoVnmcConnectionImpl.createTenantVDCPFPortPool(CiscoVnmcConnectionImpl.java:958)
>         at com.cloud.network.resource.CiscoVnmcResource.execute(CiscoVnmcResource.java:578)
>         at com.cloud.network.resource.CiscoVnmcResource.execute(CiscoVnmcResource.java:514)
>         at com.cloud.network.resource.CiscoVnmcResource.executeRequest(CiscoVnmcResource.java:99)
>         at com.cloud.agent.manager.DirectAgentAttache$Task.run(DirectAgentAttache.java:186)
>         at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
>         at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
>         at java.util.concurrent.FutureTask.run(FutureTask.java:166)
>         at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$101(ScheduledThreadPoolExecutor.java:165)
>         at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:266)
>         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
>         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
>         at java.lang.Thread.run(Thread.java:679)
> 2013-05-14 09:42:10,469 DEBUG [agent.manager.DirectAgentAttache] (DirectAgent-392:null) Seq 6-602734649: Response Received:
> 2013-05-14 09:42:10,469 DEBUG [agent.transport.Request] (DirectAgent-392:null) Seq 6-602734649: Processing:  { Ans: , MgmtId: 214053811722752, via: 6, Ver: v1, Flags: 10, [{"Answer":{"result":false,"details":"SetSourceNatCommand failed due to property name of objgrp-PFPort-vlan-770-10-102-196-232-15 failed validation for value 'PFPort-vlan-770-10-102-196-232-15'","wait":0}}] }
> 2013-05-14 09:42:10,469 DEBUG [agent.transport.Request] (Job-Executor-92:job-66) Seq 6-602734649: Received:  { Ans: , MgmtId: 214053811722752, via: 6, Ver: v1, Flags: 10, { Answer } }
> 2013-05-14 09:42:10,469 DEBUG [agent.manager.AgentManagerImpl] (Job-Executor-92:job-66) Details from executing class com.cloud.agent.api.routing.SetPortForwardingRulesCommand: SetSourceNatCommand failed due to property name of objgrp-PFPort-vlan-770-10-102-196-232-15 failed validation for value 'PFPort-vlan-770-10-102-196-232-15'
> 2013-05-14 09:42:10,469 ERROR [network.element.CiscoVnmcElement] (Job-Executor-92:job-66) Unable to apply port forwarding rules to Cisco ASA 1000v appliance due to: SetSourceNatCommand failed due to property name of objgrp-PFPort-vlan-770-10-102-196-232-15 failed validation for value 'PFPort-vlan-770-10-102-196-232-15'.
> 2013-05-14 09:42:10,470 WARN  [network.rules.RulesManagerImpl] (Job-Executor-92:job-66) Failed to apply port forwarding rules for ip due to
> com.cloud.exception.ResourceUnavailableException: Resource [DataCenter:1] is unreachable: Unable to apply port forwarding rules to Cisco ASA 1000v appliance due to: SetSourceNatCommand failed due to property name of objgrp-PFPort-vlan-770-10-102-196-232-15 failed validation for value 'PFPort-vlan-770-10-102-196-232-15'.
>         at com.cloud.network.element.CiscoVnmcElement.applyPFRules(CiscoVnmcElement.java:726)
>         at com.cloud.network.firewall.FirewallManagerImpl.applyRules(FirewallManagerImpl.java:560)
>         at com.cloud.network.NetworkManagerImpl.applyRules(NetworkManagerImpl.java:2472)
>         at com.cloud.network.firewall.FirewallManagerImpl.applyRules(FirewallManagerImpl.java:504)
>         at com.cloud.network.rules.RulesManagerImpl.applyPortForwardingRules(RulesManagerImpl.java:840)
>         at com.cloud.network.rules.RulesManagerImpl.applyPortForwardingRules(RulesManagerImpl.java:1023)
>         at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125)
>         at org.apache.cloudstack.api.command.user.firewall.CreatePortForwardingRuleCmd.execute(CreatePortForwardingRuleCmd.java:184)
>         at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:155)
>         at com.cloud.async.AsyncJobManagerImpl$1.run(AsyncJobManagerImpl.java:437)
> at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
>         at java.util.concurrent.FutureTask.run(FutureTask.java:166)
>         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
>         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
>         at java.lang.Thread.run(Thread.java:679)
> 2013-05-14 09:42:10,484 DEBUG [cloud.user.AccountManagerImpl] (Job-Executor-92:job-66) Access to Rule[15-PortForwarding-Add] granted to Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
> 2013-05-14 09:42:10,487 DEBUG [cloud.user.AccountManagerImpl] (Job-Executor-92:job-66) Access to Rule[15-PortForwarding-Add] granted to Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
> 2013-05-14 09:42:10,505 DEBUG [cloud.user.AccountManagerImpl] (Job-Executor-92:job-66) Access to Rule[15-PortForwarding-Revoke] granted to Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
> 2013-05-14 09:42:10,525 DEBUG [agent.transport.Request] (Job-Executor-92:job-66) Seq 6-602734650: Sending  { Cmd , MgmtId: 214053811722752, via: 6, Ver: v1, Flags: 100011, [{"routing.SetPortForwardingRulesCommand":{"rules":[{"dstIp":"10.0.0.106","dstPortRange":[22,22],"id":15,"srcVlanTag":"100","srcIp":"10.102.196.232","protocol":"tcp","srcPortRange":[22,22],"revoked":true,"alreadyAdded":false,"purpose":"PortForwarding"}],"accessDetails":{},"wait":0}}] }
> 2013-05-14 09:42:10,526 DEBUG [agent.transport.Request] (Job-Executor-92:job-66) Seq 6-602734650: Executing:  { Cmd , MgmtId: 214053811722752, via: 6, Ver: v1, Flags: 100011, [{"routing.SetPortForwardingRulesCommand":{"rules":[{"dstIp":"10.0.0.106","dstPortRange":[22,22],"id":15,"srcVlanTag":"100","srcIp":"10.102.196.232","protocol":"tcp","srcPortRange":[22,22],"revoked":true,"alreadyAdded":false,"purpose":"PortForwarding"}],"accessDetails":{},"wait":0}}] }
> 2013-05-14 09:42:10,531 DEBUG [agent.manager.DirectAgentAttache] (DirectAgent-96:null) Seq 6-602734650: Executing request
> 2013-05-14 09:42:10,943 DEBUG [agent.manager.DirectAgentAttache] (DirectAgent-96:null) Seq 6-602734650: Response Received:
> 2013-05-14 09:42:10,944 DEBUG [agent.transport.Request] (DirectAgent-96:null) Seq 6-602734650: Processing:  { Ans: , MgmtId: 214053811722752, via: 6, Ver: v1, Flags: 10, [{"Answer":{"result":true,"details":"Success","wait":0}}] }
> 2013-05-14 09:42:10,944 DEBUG [agent.transport.Request] (Job-Executor-92:job-66) Seq 6-602734650: Received:  { Ans: , MgmtId: 214053811722752, via: 6, Ver: v1, Flags: 10, { Answer } }
> 2013-05-14 09:42:10,944 DEBUG [agent.manager.AgentManagerImpl] (Job-Executor-92:job-66) Details from executing class com.cloud.agent.api.routing.SetPortForwardingRulesCommand: Success
> 2013-05-14 09:42:10,964 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-92:job-66) Complete async job-66, jobStatus: 2, resultCode: 530, result: Error Code: 530 Error text: Failed to apply port forwarding rule

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira