cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chandan Purushothama (JIRA)" <j...@apache.org>
Subject [jira] [Closed] (CLOUDSTACK-1719) EC2 REST API: AWS APIs are not getting translated on the CloudStack Management Server
Date Tue, 26 Mar 2013 21:05:15 GMT

     [ https://issues.apache.org/jira/browse/CLOUDSTACK-1719?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Chandan Purushothama closed CLOUDSTACK-1719.
--------------------------------------------


Observed the successful execution of an API from the Client:

2013-03-26 16:40:07,167 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) EC2
Request method: POST
2013-03-26 16:40:07,167 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
contextPath: /awsapi
2013-03-26 16:40:07,167 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
pathInfo: /
2013-03-26 16:40:07,167 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
pathTranslated: /usr/share/cloudstack-management/webapps7080/awsapi/
2013-03-26 16:40:07,167 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
queryString: null
2013-03-26 16:40:07,167 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
requestURI: /awsapi/rest/AmazonEC2/
2013-03-26 16:40:07,167 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
requestURL: http://10.223.59.67:7080/awsapi/rest/AmazonEC2/
2013-03-26 16:40:07,167 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
servletPath: /rest/AmazonEC2
2013-03-26 16:40:07,168 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
header host:10.223.59.67:7080
2013-03-26 16:40:07,168 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
header accept-encoding:identity
2013-03-26 16:40:07,168 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
header content-length:285
2013-03-26 16:40:07,168 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
header content-type:application/x-www-form-urlencoded; charset=UTF-8
2013-03-26 16:40:07,168 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
header user-agent:Boto/2.6.0 (linux2)
2013-03-26 16:40:07,168 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
parameter Action:DescribeInstances
2013-03-26 16:40:07,168 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
parameter SignatureMethod:HmacSHA256
2013-03-26 16:40:07,168 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
parameter AWSAccessKeyId:YQOVNYIyKChroewN04VyloDSuO_-7D-IclyFFJY43gMWKrUm1Jn-JKQdFcvYfekSkSEJD5QMcLZvgZOK9ydCWQ
2013-03-26 16:40:07,168 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
parameter Version:2010-11-15
2013-03-26 16:40:07,168 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
parameter SignatureVersion:2
2013-03-26 16:40:07,168 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
parameter Signature:EsfAiAtq58uBQy1Vxp0RvomapgpV6/jFQyNgL9twank=
2013-03-26 16:40:07,168 INFO  [bridge.service.EC2RestServlet] (catalina-exec-int-2:null) Request
parameter Timestamp:2013-03-26T20:46:34Z
2013-03-26 16:40:07,176 DEBUG [bridge.service.UserContext] (catalina-exec-int-2:null) initializing
a new [anonymous] UserContext!
2013-03-26 16:40:07,178 DEBUG [cloud.stack.CloudStackClient] (catalina-exec-int-2:null) Cloud
API call + [http://127.0.0.1:8080/client/api?command=listVirtualMachines&response=json&listall=true&apikey=YQOVNYIyKChroewN04VyloDSuO_-7D-IclyFFJY43gMWKrUm1Jn-JKQdFcvYfekSkSEJD5QMcLZvgZOK9ydCWQ&signature=C2Zszeq2KfJXW6rCq7onWKC%2B5Co%3D]
2013-03-26 16:40:07,206 DEBUG [cloud.stack.CloudStackClient] (catalina-exec-int-2:null) Cloud
API call + [http://127.0.0.1:8080/client/api?command=listVirtualMachines&response=json&listall=true&apikey=YQOVNYIyKChroewN04VyloDSuO_-7D-IclyFFJY43gMWKrUm1Jn-JKQdFcvYfekSkSEJD5QMcLZvgZOK9ydCWQ&signature=C2Zszeq2KfJXW6rCq7onWKC%2B5Co%3D]
returned: {"listvirtualmachinesresponse":{}}
2013-03-26 16:40:07,207 DEBUG [cloud.stack.CloudStackClient] (catalina-exec-int-2:null) CloudSatck
API response doesn't contain responseObjName:virtualmachine because response is empty

                
> EC2 REST API: AWS APIs are not getting translated on the CloudStack Management Server
> -------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-1719
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-1719
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Management Server
>    Affects Versions: 4.1.0, 4.2.0
>            Reporter: Chandan Purushothama
>            Assignee: Pradeep Soundararajan
>            Priority: Blocker
>             Fix For: 4.1.0, 4.2.0
>
>         Attachments: awsapi.log, catalina.zip
>
>
> ===========
> Observations:
> ===========
> AWS REST API fired from the client is reaching the management server but it is not getting
translated to corresponding native CloudStack API Call. The awsapi.log doesn't show any information.
> ==============
> On the Client Side:
> ==============
> -----------------------------
> BotoClient Request:
> ------------------------------
> import boto.ec2
> import pprint
> from boto.ec2.connection import EC2Connection as ec2conn
> region = boto.ec2.regioninfo.RegionInfo(name="AmazonEC2",endpoint="10.223.59.67")
> conn = boto.connect_ec2(aws_access_key_id='d1gbjBy6NjAq9RnkZMo_nAJuB5cUyC3DAF6rdMShLWH8ryXSoXvL_D2fuZM0YW8GIgs8aDWxBdvzXXtNIShZOg',aws_secret_access_key='d1gbjBy6NjAq9RnkZMo_nAJuB5cUyC3DAF6rdMShLWH8ryXSoXvL_D2fuZM0YW8GIgs8aDWxBdvzXXtNIShZOg',is_secure=False,region=region,port=7080,path="/awsapi",api_version="2010-11-15")
> pp = pprint.PrettyPrinter()
> #print globals()
> #DescribeImage
> describeImage = conn.get_all_images()
> pp.pprint(describeImage)
> ----------------------------------
> BotoClient Response:
> ----------------------------------
> Traceback (most recent call last):
>   File "/home/chandan/pyworkspace/botoawsproject/src/botoQuery.py", line 13, in <module>
>     describeImage = conn.get_all_images()
>   File "/usr/lib/python2.7/site-packages/boto-2.6.0-py2.7.egg/boto/ec2/connection.py",
line 171, in get_all_images
>     [('item', Image)], verb='POST')
>   File "/usr/lib/python2.7/site-packages/boto-2.6.0-py2.7.egg/boto/connection.py", line
971, in get_list
>     raise self.ResponseError(response.status, response.reason, body)
> boto.exception.EC2ResponseError: EC2ResponseError: 400 Bad Request
> ------------------------------------------------------------------------------------------
> WireShark Network Analyzer Packet Information on the Client:
> ------------------------------------------------------------------------------------------
> POST /awsapi/ HTTP/1.1
> Host: 10.223.59.67:7080
> Accept-Encoding: identity
> Content-Length: 286
> Content-Type: application/x-www-form-urlencoded; charset=UTF-8
> User-Agent: Boto/2.6.0 (linux2)
> AWSAccessKeyId=d1gbjBy6NjAq9RnkZMo_nAJuB5cUyC3DAF6rdMShLWH8ryXSoXvL_D2fuZM0YW8GIgs8aDWxBdvzXXtNIShZOg&Action=DescribeImages&SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2013-03-19T00%3A57%3A29Z&Version=2010-11-15&Signature=lzo7%2Fb8GfDTRsHuYy4EINS%2FauCoYd2HpMcB%2BqSNWBAQ%3DHTTP/1.1
400 Bad Request
> Server: Apache-Coyote/1.1
> Transfer-Encoding: chunked
> Date: Tue, 19 Mar 2013 03:50:13 GMT
> Connection: close
> =====================
> On the Management Server:
> =====================
> -------------------------------------
> Tcpdump of the Request:
> -------------------------------------
> 20:50:13.455199 IP 10.216.133.50.42571 > Rack3Host23.lab.vmops.com.empowerid: Flags
[S], seq 2327957294, win 5840, options [mss 1380,sackOK,TS val 1204227094 ecr 0,nop,wscale
7], length 0
> 20:50:13.455276 IP Rack3Host23.lab.vmops.com.empowerid > 10.216.133.50.42571: Flags
[S.], seq 2924982523, ack 2327957295, win 14480, options [mss 1460,sackOK,TS val 11532923
ecr 1204227094,nop,wscale 7], length 0
> 20:50:13.455494 IP 10.216.133.50.42571 > Rack3Host23.lab.vmops.com.empowerid: Flags
[.], ack 1, win 46, options [nop,nop,TS val 1204227095 ecr 11532923], length 0
> 20:50:13.455573 IP 10.216.133.50.42571 > Rack3Host23.lab.vmops.com.empowerid: Flags
[P.], seq 1:483, ack 1, win 46, options [nop,nop,TS val 1204227095 ecr 11532923], length 482
> 20:50:13.455589 IP Rack3Host23.lab.vmops.com.empowerid > 10.216.133.50.42571: Flags
[.], ack 483, win 122, options [nop,nop,TS val 11532924 ecr 1204227095], length 0
> 20:50:13.456773 IP Rack3Host23.lab.vmops.com.empowerid > 10.216.133.50.42571: Flags
[P.], seq 1:145, ack 483, win 122, options [nop,nop,TS val 11532925 ecr 1204227095], length
144
> 20:50:13.456863 IP Rack3Host23.lab.vmops.com.empowerid > 10.216.133.50.42571: Flags
[F.], seq 145, ack 483, win 122, options [nop,nop,TS val 11532925 ecr 1204227095], length
0
> 20:50:13.457023 IP 10.216.133.50.42571 > Rack3Host23.lab.vmops.com.empowerid: Flags
[.], ack 145, win 54, options [nop,nop,TS val 1204227096 ecr 11532925], length 0
> 20:50:13.457416 IP 10.216.133.50.42571 > Rack3Host23.lab.vmops.com.empowerid: Flags
[F.], seq 483, ack 146, win 54, options [nop,nop,TS val 1204227097 ecr 11532925], length 0
> 20:50:13.457440 IP Rack3Host23.lab.vmops.com.empowerid > 10.216.133.50.42571: Flags
[.], ack 484, win 122, options [nop,nop,TS val 11532925 ecr 1204227097], length 0
> -------------------------------------------------------------
> Firewall Rules on the Management Server:
> --------------------------------------------------------------
> [root@Rack3Host23 awsapi]# iptables-save
> # Generated by iptables-save v1.4.7 on Mon Mar 18 20:33:54 2013
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [122197:37439134]
> -A INPUT -p tcp -m tcp --dport 9090 -j ACCEPT
> -A INPUT -p tcp -m tcp --dport 8250 -j ACCEPT
> -A INPUT -p tcp -m tcp --dport 7080 -j ACCEPT
> -A INPUT -p tcp -m tcp --dport 8080 -j ACCEPT
> -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
> -A INPUT -p icmp -j ACCEPT
> -A INPUT -i lo -j ACCEPT
> -A INPUT -i em1 -j ACCEPT
> -A INPUT -i em2 -j ACCEPT
> -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
> -A INPUT -j REJECT --reject-with icmp-host-prohibited
> -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
> -A FORWARD -p icmp -j ACCEPT
> -A FORWARD -i lo -j ACCEPT
> -A FORWARD -i em1 -j ACCEPT
> -A FORWARD -i em2 -j ACCEPT
> -A FORWARD -j REJECT --reject-with icmp-host-prohibited
> COMMIT
> # Completed on Mon Mar 18 20:33:54 2013
> [root@Rack3Host23 awsapi]#
> ------------------------------------------
> webserver listening on 7080:
> ------------------------------------------
> [root@Rack3Host23 awsapi]# netstat -ant | grep 7080
> tcp        0      0 :::7080                     :::*                        LISTEN
> mysql> select * from configuration where name like "%ec2%";
> +----------+----------+-------------------+----------------+-------+------------------------------+
> | category | instance | component         | name           | value | description    
             |
> +----------+----------+-------------------+----------------+-------+------------------------------+
> | Advanced | DEFAULT  | management-server | enable.ec2.api | true  | enable EC2 API on
CloudStack |
> +----------+----------+-------------------+----------------+-------+------------------------------+
> 1 row in set (0.00 sec)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message