You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "Serg Senko (JIRA)" <ji...@apache.org> on 2014/04/21 12:10:19 UTC
[jira] [Commented] (CLOUDSTACK-6464) [KVM:basic zone- upgrade to
4.3],after any vm restart,all the nics are plugged to default bridge
even though trafiic labels are being used
[ https://issues.apache.org/jira/browse/CLOUDSTACK-6464?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13975510#comment-13975510 ]
Serg Senko commented on CLOUDSTACK-6464:
----------------------------------------
Hello,
Also related to advanced zone with VLAN isolation:
Environment:
OS : CentOS 6.3
Hypervizor : KVM ( QEMU )
Zone : Advanced VLAN isolation
Traffic labels :
Guest: cloudbr1
private: cloudbr1
public: cloudbr0
After upgrade to ACS 4.3 new VR's started with duplicate NIC's.
All IP aliases started as network interfaces with same public IP
Following that, egress traffic iptables rules doesn't work and no outgoing network connectivity in any cases.
root@r-256-VM:~# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 02:00:6b:16:00:09 brd ff:ff:ff:ff:ff:ff
inet 10.1.1.1/24 brd 10.1.1.255 scope global eth0
inet6 fe80::6bff:fe16:9/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 0e:00:a9:fe:01:38 brd ff:ff:ff:ff:ff:ff
inet 169.254.1.56/16 brd 169.254.255.255 scope global eth1
inet6 fe80::c00:a9ff:fefe:138/64 scope link
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 06:06:ec:00:00:0e brd ff:ff:ff:ff:ff:ff
inet XXX.XXX.XXX.219/26 brd 46.165.231.255 scope global eth2
inet6 fe80::406:ecff:fe00:e/64 scope link
valid_lft forever preferred_lft forever
5: eth3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 06:81:44:00:00:0e brd ff:ff:ff:ff:ff:ff
inet XXX.XXX.XXX.219/26 brd 46.165.231.255 scope global eth3
inet XXX.XXX.XXX.230/26 brd 46.165.231.255 scope global secondary eth3
inet XXX.XXX.XXX.228/26 brd 46.165.231.255 scope global secondary eth3
inet XXX.XXX.XXX.209/26 brd 46.165.231.255 scope global secondary eth3
inet XXX.XXX.XXX.247/26 brd 46.165.231.255 scope global secondary eth3
inet XXX.XXX.XXX.227/26 brd 46.165.231.255 scope global secondary eth3
inet6 fe80::481:44ff:fe00:e/64 scope link
valid_lft forever preferred_lft forever
6: eth4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 06:e5:36:00:00:0e brd ff:ff:ff:ff:ff:ff
inet XXX.XXX.XXX.219/26 brd 46.165.231.255 scope global eth4
inet XXX.XXX.XXX.247/26 brd 46.165.231.255 scope global secondary eth4
inet XXX.XXX.XXX.209/26 brd 46.165.231.255 scope global secondary eth4
inet XXX.XXX.XXX.227/26 brd 46.165.231.255 scope global secondary eth4
inet XXX.XXX.XXX.230/26 brd 46.165.231.255 scope global secondary eth4
inet6 fe80::4e5:36ff:fe00:e/64 scope link
valid_lft forever preferred_lft forever
7: eth5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 06:6f:3a:00:00:0e brd ff:ff:ff:ff:ff:ff
inet XXX.XXX.XXX.219/26 brd 46.165.231.255 scope global eth5
inet XXX.XXX.XXX.228/26 brd 46.165.231.255 scope global secondary eth5
inet XXX.XXX.XXX.227/26 brd 46.165.231.255 scope global secondary eth5
inet XXX.XXX.XXX.209/26 brd 46.165.231.255 scope global secondary eth5
inet XXX.XXX.XXX.247/26 brd 46.165.231.255 scope global secondary eth5
inet XXX.XXX.XXX.230/26 brd 46.165.231.255 scope global secondary eth5
inet6 fe80::46f:3aff:fe00:e/64 scope link
valid_lft forever preferred_lft forever
8: eth6: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 06:b0:30:00:00:0e brd ff:ff:ff:ff:ff:ff
inet XXX.XXX.XXX.219/26 brd 46.165.231.255 scope global eth6
inet XXX.XXX.XXX.209/26 brd 46.165.231.255 scope global secondary eth6
inet XXX.XXX.XXX.247/26 brd 46.165.231.255 scope global secondary eth6
inet XXX.XXX.XXX.230/26 brd 46.165.231.255 scope global secondary eth6
inet XXX.XXX.XXX.227/26 brd 46.165.231.255 scope global secondary eth6
inet6 fe80::4b0:30ff:fe00:e/64 scope link
valid_lft forever preferred_lft forever
9: eth7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 06:26:b4:00:00:0e brd ff:ff:ff:ff:ff:ff
inet XXX.XXX.XXX.219/26 brd 46.165.231.255 scope global eth7
inet XXX.XXX.XXX.247/26 brd 46.165.231.255 scope global secondary eth7
inet XXX.XXX.XXX.228/26 brd 46.165.231.255 scope global secondary eth7
inet XXX.XXX.XXX.230/26 brd 46.165.231.255 scope global secondary eth7
inet XXX.XXX.XXX.209/26 brd 46.165.231.255 scope global secondary eth7
inet XXX.XXX.XXX.227/26 brd 46.165.231.255 scope global secondary eth7
inet6 fe80::426:b4ff:fe00:e/64 scope link
valid_lft forever preferred_lft forever
> [KVM:basic zone- upgrade to 4.3],after any vm restart,all the nics are plugged to default bridge even though trafiic labels are being used
> ----------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: CLOUDSTACK-6464
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-6464
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the default.)
> Components: Management Server
> Affects Versions: 4.3.0
> Reporter: sadhu suresh
> Priority: Critical
> Fix For: 4.3.1
>
>
> Steps:
> 1. create a KVM basic zone with 2 nics on host (pre 4.3 build)
> 2.use cloudbr0 for management and cloudbr1 for guest by specifying the traffic labels in the physical networks.
> 3.deploy few vms
> 4.upgrade to felton GA build as per the Upgrade instructions.
> actual result:
> Upgrade successful but all the vnets that were attached to cloudbr1 before upgrade are attached to cloudbr0.
> Due to this network connectivity is lost.
> Expected result:
> Even after upgrade ,all the vnets should be attached to the same bridge as before upgrade.
> ex:
> before Upgrade : this vms(i-5-616-VM) nic was attached to cloudbr1 and after upgrade and VM stop/start.
> the network rules are getting programmed in cloudbr0 .check below output
> ,984 DEBUG [kvm.resource.LibvirtComputingResource] (agentRequest-Handler-2:null) Executing: /usr/share/cloudstack-common/scripts/vm/network/security_group.py default_network_rules --vmname i-5-616-VM --vmid 616 --vmip 10.x.x245 --vmmac 06:14:48:00:00:7f --vif vnet15 --brname cloudbr0 --nicsecips 0:
> dumpxml output for i-5-616-VM after upgrade(& after VM restart)
> *****************************************************
> virsh # dumpxml 38
> <domain type='kvm' id='38'>
> <name>i-5-616-VM</name>
> <uuid>87557942-1393-49b3-a73e-ae24c40541d1</uuid>
> <description>Other CentOS (64-bit)</description>
> <memory unit='KiB'>2097152</memory>
> <currentMemory unit='KiB'>2097152</currentMemory>
> <vcpu placement='static'>1</vcpu>
> <cputune>
> <shares>1000</shares>
> </cputune>
> <os>
> <type arch='x86_64' machine='rhel6.2.0'>hvm</type>
> <boot dev='cdrom'/>
> <boot dev='hd'/>
> </os>
> <features>
> <acpi/>
> <apic/>
> <pae/>
> </features>
> <cpu>
> </cpu>
> <clock offset='utc'/>
> <on_poweroff>destroy</on_poweroff>
> <on_reboot>restart</on_reboot>
> <on_crash>destroy</on_crash>
> <devices>
> <emulator>/usr/libexec/qemu-kvm</emulator>
> <disk type='file' device='disk'>
> <driver name='qemu' type='qcow2' cache='none'/>
> <source file='/mnt/041e5d8e-d9c1-346d-aea9-cd9c7b80a211/75544e9d-a4c9-4a94-943e-b20827676a27'/>
> <target dev='hda' bus='ide'/>
> <alias name='ide0-0-0'/>
> <address type='drive' controller='0' bus='0' target='0' unit='0'/>
> </disk>
> <disk type='file' device='cdrom'>
> <driver name='qemu' type='raw' cache='none'/>
> <target dev='hdc' bus='ide'/>
> <readonly/>
> <alias name='ide0-1-0'/>
> <address type='drive' controller='0' bus='1' target='0' unit='0'/>
> </disk>
> <controller type='usb' index='0'>
> <alias name='usb0'/>
> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x2'/>
> </controller>
> <controller type='ide' index='0'>
> <alias name='ide0'/>
> <address type='pci' domain='0x0000' bus='0x00' slot='0x01' function='0x1'/>
> </controller>
> <interface type='bridge'>
> <mac address='06:14:48:00:00:7f'/>
> <source bridge='cloudbr0'/>
> <target dev='vnet15'/>
> <model type='e1000'/>
> <bandwidth>
> <inbound average='25600' peak='25600'/>
> <outbound average='25600' peak='25600'/>
> </bandwidth>
> <alias name='net0'/>
> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
> </interface>
> <serial type='pty'>
> <source path='/dev/pts/12'/>
> <target port='0'/>
> <alias name='serial0'/>
> </serial>
> <console type='pty' tty='/dev/pts/12'>
> <source path='/dev/pts/12'/>
> <target type='serial' port='0'/>
> <alias name='serial0'/>
> </console>
> <input type='tablet' bus='usb'>
> <alias name='input0'/>
> </input>
> <input type='mouse' bus='ps2'/>
> <graphics type='vnc' port='5912' autoport='yes' listen='10.x.x.3'>
> <listen type='address' address='10.147.37.3'/>
> </graphics>
> <video>
> <model type='cirrus' vram='9216' heads='1'/>
> <alias name='video0'/>
> <address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
> </video>
> <memballoon model='virtio'>
> <alias name='balloon0'/>
> <address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
> </memballoon>
> </devices>
> <seclabel type='none'/>
> </domain>
> its also applicable to new vm deployments.
--
This message was sent by Atlassian JIRA
(v6.2#6252)