You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cloudstack.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2015/10/02 11:16:27 UTC
[jira] [Commented] (CLOUDSTACK-8915) Cannot SSH into VMs deployed
Redundant VPC routers
[ https://issues.apache.org/jira/browse/CLOUDSTACK-8915?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14940934#comment-14940934 ]
ASF GitHub Bot commented on CLOUDSTACK-8915:
--------------------------------------------
GitHub user wilderrodrigues opened a pull request:
https://github.com/apache/cloudstack/pull/908
CLOUDSTACK-8915 - Cannot SSH into VMs deployed Redundant VPC routers
In order to reproduce the problem, I did the following
* Create a Redundant VPC
* Add a tier
* Add a new VM to the tier
* Add an ACL, open port 22 and associate the ACL with the tier
* Acquire a pub IP
* Add a PF rule to port 22 towards the VM
* Try to SSH to the VM through the Pub IP
It failed with "No route to host".
This PR contains the following:
* Fix for the keepalived (vrrp) configuration;
* Refactor the default router code for both isolated and [r]VPC routers
* Revert CsRedundant changes
* Add default route tests
* Add logging to tests - so we see what's happening during test execution.
The following tests have been, successfully, executed:
nosetests --with-marvin --marvin-config=${marvinCfg} -s -a tags=advanced,required_hardware=true \
component/test_vpc_redundant.py \
component/test_routers_iptables_default_policy.py \
component/test_vpc_router_nics.py
nosetests --with-marvin --marvin-config=${marvinCfg} -s -a tags=advanced,required_hardware=false \
smoke/test_routers.py \
smoke/test_network_acl.py \
smoke/test_privategw_acl.py \
smoke/test_reset_vm_on_reboot.py \
smoke/test_vm_life_cycle.py \
smoke/test_vpc_vpn.py \
smoke/test_service_offerings.py \
component/test_vpc_offerings.py \
component/test_vpc_routers.py
Report will follow in a separate comment.
Cheers,
Wilder
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/ekholabs/cloudstack fix/rVPC_routes_CLOUDSTACK-8915
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/cloudstack/pull/908.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #908
----
commit 459b0fd393db2ed5182f370cf08029adc147e16e
Author: Wilder Rodrigues <wr...@schubergphilis.com>
Date: 2015-09-28T11:15:54Z
CLOUDSTACK-8915 - Add the default route only on address that have not been configured yet.
- In case of rVPC we experienced the wrong route being added to the VPC tiers
commit 829cf735068fc498e88c6c420d523615418efe10
Author: Wilder Rodrigues <wr...@schubergphilis.com>
Date: 2015-09-29T12:35:48Z
CLOUDSTACK-8915 - Rearrenging a bit the default route code in order to make it more clear
commit b075fd875ac3b6b8547344b88909b288d9276f5a
Author: Wilder Rodrigues <wr...@schubergphilis.com>
Date: 2015-09-29T13:13:10Z
CLOUDSTACK-8915 - VRRP needs a cidr in order to work properly
- The cidr was replaced by the single IP, which broke the feature.
- Wait during transition from master to backup otherwise the test fails due to wronge state
commit caadc7a0f98746a042afb0f286674c1b07930c53
Author: Wilder Rodrigues <wr...@schubergphilis.com>
Date: 2015-09-29T17:38:02Z
CLOUDSTACK-8915 - Reverting changes from commit id 18dbc0c4cbe506ad698bc513c901dc2d0e48159f
- If the file is always copied, it will result in restarting keepalived everytime which makes the routers transit between master/backup
commit 9724693898d3e84036fccda6259219baf4df97ba
Author: Wilder Rodrigues <wr...@schubergphilis.com>
Date: 2015-09-29T18:35:37Z
CLOUDSTACK-8915 - Reverting changes from commit id 1a02773b556a0efa277cf18cd099fc62a4e27706
- That's not the place to fix the default routes for redundant VPC,
- Adding tests to cover PF and FW in isolated networks
* Will still add some tests for egress as well
commit 711372713836ff06168897a0fce4d443457ee5e0
Author: Wilder Rodrigues <wr...@schubergphilis.com>
Date: 2015-09-30T08:29:46Z
CLOUDSTACK-8915 - Improve routers tests
- Add egress tests in order to check if VMs can reach the outside world
- Increase the wait when testing redundant routers: they fight to become master
- Make sure the clean up is done properly
commit 25811b0cc20000875b3911833d49a13310f365b8
Author: Wilder Rodrigues <wr...@schubergphilis.com>
Date: 2015-10-01T08:46:54Z
CLOUDSTACK-8915 - Adding logging to tests
commit fbb373aa9384e9902213f814f363c66595ac0f93
Author: Wilder Rodrigues <wr...@schubergphilis.com>
Date: 2015-10-01T11:30:12Z
CLOUDSTACK-8915 - This test is still under construction
- It will help to increase coverage of VR use: PF; LB and FW
----
> Cannot SSH into VMs deployed Redundant VPC routers
> --------------------------------------------------
>
> Key: CLOUDSTACK-8915
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8915
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the default.)
> Components: Virtual Router
> Affects Versions: 4.6.0
> Reporter: Wilder Rodrigues
> Assignee: Wilder Rodrigues
> Priority: Blocker
>
> The Marvin test under componenet/test_vpc_redundant.py no longer passes. I also tried to test it manually, but unfortunately the feature is now broken.
> * Create a Redundant VPC
> * Add a tier
> * Add a new VM to the tier
> * Add an ACL, open port 22 and associate the ACL with the tier
> * Acquire a pub IP
> * Add a PF rule to port 22 towards the VM
> * Try to SSH to the VM through the Pub IP
> It fails with "No route to host"
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)