Return-Path: <dev-return-109111-archive-asf-public=cust-asf.ponee.io@cloudstack.apache.org>
X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io
Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io
Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183])
	by cust-asf2.ponee.io (Postfix) with ESMTP id F0A4F200C68
	for <archive-asf-public-internal@cust-asf2.ponee.io>; Wed,  3 May 2017 22:46:48 +0200 (CEST)
Received: by cust-asf.ponee.io (Postfix)
	id EF404160BA1; Wed,  3 May 2017 20:46:48 +0000 (UTC)
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by cust-asf.ponee.io (Postfix) with SMTP id 42D3F160BB5
	for <archive-asf-public@cust-asf.ponee.io>; Wed,  3 May 2017 22:46:48 +0200 (CEST)
Received: (qmail 45587 invoked by uid 500); 3 May 2017 20:46:46 -0000
Mailing-List: contact dev-help@cloudstack.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@cloudstack.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@cloudstack.apache.org>
List-Post: <mailto:dev@cloudstack.apache.org>
List-Id: <dev.cloudstack.apache.org>
Reply-To: dev@cloudstack.apache.org
Delivered-To: mailing list dev@cloudstack.apache.org
Received: (qmail 45532 invoked by uid 99); 3 May 2017 20:46:46 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 03 May 2017 20:46:46 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id E17B11A04E8;
	Wed,  3 May 2017 20:46:45 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -0.396
X-Spam-Level: 
X-Spam-Status: No, score=-0.396 tagged_above=-999 required=6.31
	tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
	HTML_MESSAGE=2, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-2.796,
	RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001]
	autolearn=disabled
Authentication-Results: spamd2-us-west.apache.org (amavisd-new);
	dkim=pass (2048-bit key) header.d=gmail.com
Received: from mx1-lw-eu.apache.org ([10.40.0.8])
	by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024)
	with ESMTP id ah8X7s5vzN7i; Wed,  3 May 2017 20:46:44 +0000 (UTC)
Received: from mail-io0-f169.google.com (mail-io0-f169.google.com [209.85.223.169])
	by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTPS id 9EF405F665;
	Wed,  3 May 2017 20:46:43 +0000 (UTC)
Received: by mail-io0-f169.google.com with SMTP id p80so198363737iop.3;
        Wed, 03 May 2017 13:46:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:from:date:message-id:subject:to;
        bh=8eFQmlP91HEIk9zoRqP6UBau2Mx0+sjZUpM25ikSCUY=;
        b=r+HGue4NPzoMwo+SW2wEnZokhkry1h6AkAe6AIGTWKeLWwwUjXpviBPxALNPK2cgLN
         juGB2x/MnsIpZ+wa+lxnfvG2LrXqxB4gshIz02uzArfRaYLsPbYdmp6k8NbhfIOtfm9e
         ThOhC8Ykj2BJn5L8zzArSn53+b+k0cxVVkUZDeDdIxlMjA/GR9cFSPU/0moAjcyMlKk0
         EgmKpxkALN/ZUqxYhVfWu7DjyRAhxPY9XgHqkA/A0ySE2RktNCyh6N2l2L6/AmS7+e9o
         PzDpcOB0ti+OsBDWG0VbUdTuLDe768NexxalPVItUS+zCsafxvpvfz2WWLf7YNj6kKQb
         ANDA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
        bh=8eFQmlP91HEIk9zoRqP6UBau2Mx0+sjZUpM25ikSCUY=;
        b=o9VU0MDlmvM8jOcYyPhOWZlCKZAB38yoANwdwd43NxOhWHQSgj1oiOEp2Xu44I+zMI
         gHyH7gJmAlES35JFEsb/i3nD3DgGJQ4pefwyR8L1g6QUf43sAA0F+1Do0r3SIaU9RxFR
         idlbWIdeLaZaEFRMI3cOmWrUcd0p4WD2AXkiTEM9C6UeLGW/LwjR/fkHeDO6JyOnBEyI
         eCP4mAfKCS6Ao8HFnjhmPgjPwbBaWn26PidcKczRE8J7ILx8OXqd9ptwNxn7dWA+gIij
         xa29E8vKlmroniEIVVWZw1yAL3I8GsBqeh21uXjSumiD8d3C5Z2Z10Qt9b4O3ZHwg9Rl
         DNbQ==
X-Gm-Message-State: AN3rC/4F0+gFEOf5l9qDfR6toZs9x34YIJihh//jc3pwIuIbXoSpvdFH
	Tiqer0J5zqckrRco1hQ2azblN7Tx8536b74=
X-Received: by 10.157.14.236 with SMTP id 99mr6167161otj.164.1493844401665;
 Wed, 03 May 2017 13:46:41 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.157.4.20 with HTTP; Wed, 3 May 2017 13:46:41 -0700 (PDT)
From: Andrija Panic <andrija.panic@gmail.com>
Date: Wed, 3 May 2017 22:46:41 +0200
Message-ID: <CAMvtBPPbLt62Q2BXcJZdQHm-vYCMc=o24MUg4oyHLHaA8J8VxQ@mail.gmail.com>
Subject: help/advise needed: Private gateway vs. new physcial network issue
To: "users@cloudstack.apache.org" <users@cloudstack.apache.org>,
	"dev@cloudstack.apache.org" <dev@cloudstack.apache.org>
Content-Type: multipart/alternative; boundary=001a11372618e93c75054ea4c0ad
archived-at: Wed, 03 May 2017 20:46:49 -0000

--001a11372618e93c75054ea4c0ad
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

Hi all,

I'm trying to to test Private Gateway on our production (actually on DEV
first :) ) setup, of ACS 4.5,
but I'm hitting some strange issues during actual creation of PV GTW.

My setup is the following:

ACS 4.5, advanced zone KVM (ubuntu 14)
mgmt network: KVM label/name: cloudbr0
sec. stor.network KMV label/name: cloudbr2
guest network KVM label/name: bond0.950 (we use vxlans, so this is
apropriate...)
public network KVM label/name: cloudbr3

This above is all fine, but when adding PRIV.GTW, ACS tries to provision
new vlan interface (later with bridge...) on top of selected physical
interface (from the list above) - which in my case is impossible, as it
seems.

So I decided to add addional Physical Network (name: bond0), so I expect
ACS will provision i.e. bond0.999 vlan interface for one PRIV.GTW for
testing purposes (vlan 999)

PROBLEM:
- in running zone, I need to disable it, then I use CloudMonkey to add zone=
:
* create physicalnetwork name=3Dbond0 broadcastdomainrange=3Dzone
zoneid=3Dd27f6354-a715-40c7-8322-a31091f97699 isolationmethod=3Dvlan
Afterwards I do enable the zone: update physicalnetwork state=3DEnabled
id=3D3424e392-e0a1-4c21-81d9-db69acbe6c8e

First command above, does NOT update DB table
cloud.physical_network_isolation_methods
with new record, so when you list network it dont mentions isolation_method=
.
OK, I edit DB directly, and create new row referencing new network by ID,
and vlan set as isolation method.

BTW, table cloud.physical_network_traffic_types is not populated, which I
assume is OK/good since I don't want any normal traffci
(mgmt/guest.public/storage) to go over this physical net - but again this
might be the root of problems ? Since the only guest network is on PIF
bond0.950

When I try to create PRIV.GTW, ACS does some magic, and again tries to
provision vlan 999 interface (example vlan from above) on bond0.950 (guest
network) (bond0.950.999)

I checked the logs (attached below) and it does trie to provision GTW on
new physical network really.

I'm assuming, that maybe since no values for new bond0 network inside table
cloud.physical_network_traffic_types is populated, that than ACS fails back
to only available guest network, and that is bond0.950 - also I recall we
need to define KVM label so the ACS will actaully know on which interface
to use... (which is missing from DB for new bond0 network, as explained...)

I checked the logs, and didn't see any intersting stuff really (perhaps I'm
missing something...)
https://pastebin.com/MZXrK31M

I would really appreciate any help, since I dont know which direction to go
now...





--=20

Andrija Pani=C4=87

--001a11372618e93c75054ea4c0ad--