Return-Path: 
 <cloudstack-issues-return-2264-apmail-incubator-cloudstack-issues-archive=incubator.apache.org@incubator.apache.org>
X-Original-To: apmail-incubator-cloudstack-issues-archive@minotaur.apache.org
Delivered-To: apmail-incubator-cloudstack-issues-archive@minotaur.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id C3818F5E9
	for <apmail-incubator-cloudstack-issues-archive@minotaur.apache.org>;
 Wed, 20 Mar 2013 17:53:16 +0000 (UTC)
Received: (qmail 80928 invoked by uid 500); 20 Mar 2013 17:53:16 -0000
Delivered-To: apmail-incubator-cloudstack-issues-archive@incubator.apache.org
Received: (qmail 80861 invoked by uid 500); 20 Mar 2013 17:53:16 -0000
Mailing-List: contact cloudstack-issues-help@incubator.apache.org;
 run by ezmlm
Precedence: bulk
List-Help: <mailto:cloudstack-issues-help@incubator.apache.org>
List-Unsubscribe: <mailto:cloudstack-issues-unsubscribe@incubator.apache.org>
List-Post: <mailto:cloudstack-issues@incubator.apache.org>
List-Id: <cloudstack-issues.incubator.apache.org>
Reply-To: cloudstack-dev@incubator.apache.org
Delivered-To: mailing list cloudstack-issues@incubator.apache.org
Received: (qmail 80840 invoked by uid 99); 20 Mar 2013 17:53:16 -0000
Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 20 Mar 2013 17:53:16 +0000
Date: Wed, 20 Mar 2013 17:53:16 +0000 (UTC)
From: "Pradeep Soundararajan (JIRA)" <jira@apache.org>
To: cloudstack-issues@incubator.apache.org
Message-ID: <JIRA.12637694.1363657082816.20758.1363801996401@arcas>
In-Reply-To: <JIRA.12637694.1363657082816@arcas>
References: <JIRA.12637694.1363657082816@arcas>
Subject: [jira] [Resolved] (CLOUDSTACK-1719) EC2 REST API: AWS APIs are not
 getting translated on the CloudStack Management Server
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


     [ https://issues.apache.org/jira/browse/CLOUDSTACK-1719?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Pradeep Soundararajan resolved CLOUDSTACK-1719.
-----------------------------------------------

    Resolution: Fixed
    
> EC2 REST API: AWS APIs are not getting translated on the CloudStack Management Server
> -------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-1719
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-1719
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Management Server
>    Affects Versions: 4.1.0, 4.2.0
>            Reporter: Chandan Purushothama
>            Assignee: Pradeep Soundararajan
>            Priority: Blocker
>             Fix For: 4.1.0, 4.2.0
>
>         Attachments: awsapi.log
>
>
> ===========
> Observations:
> ===========
> AWS REST API fired from the client is reaching the management server but it is not getting translated to corresponding native CloudStack API Call. The awsapi.log doesn't show any information.
> ==============
> On the Client Side:
> ==============
> -----------------------------
> BotoClient Request:
> ------------------------------
> import boto.ec2
> import pprint
> from boto.ec2.connection import EC2Connection as ec2conn
> region = boto.ec2.regioninfo.RegionInfo(name="AmazonEC2",endpoint="10.223.59.67")
> conn = boto.connect_ec2(aws_access_key_id='d1gbjBy6NjAq9RnkZMo_nAJuB5cUyC3DAF6rdMShLWH8ryXSoXvL_D2fuZM0YW8GIgs8aDWxBdvzXXtNIShZOg',aws_secret_access_key='d1gbjBy6NjAq9RnkZMo_nAJuB5cUyC3DAF6rdMShLWH8ryXSoXvL_D2fuZM0YW8GIgs8aDWxBdvzXXtNIShZOg',is_secure=False,region=region,port=7080,path="/awsapi",api_version="2010-11-15")
> pp = pprint.PrettyPrinter()
> #print globals()
> #DescribeImage
> describeImage = conn.get_all_images()
> pp.pprint(describeImage)
> ----------------------------------
> BotoClient Response:
> ----------------------------------
> Traceback (most recent call last):
>   File "/home/chandan/pyworkspace/botoawsproject/src/botoQuery.py", line 13, in <module>
>     describeImage = conn.get_all_images()
>   File "/usr/lib/python2.7/site-packages/boto-2.6.0-py2.7.egg/boto/ec2/connection.py", line 171, in get_all_images
>     [('item', Image)], verb='POST')
>   File "/usr/lib/python2.7/site-packages/boto-2.6.0-py2.7.egg/boto/connection.py", line 971, in get_list
>     raise self.ResponseError(response.status, response.reason, body)
> boto.exception.EC2ResponseError: EC2ResponseError: 400 Bad Request
> ------------------------------------------------------------------------------------------
> WireShark Network Analyzer Packet Information on the Client:
> ------------------------------------------------------------------------------------------
> POST /awsapi/ HTTP/1.1
> Host: 10.223.59.67:7080
> Accept-Encoding: identity
> Content-Length: 286
> Content-Type: application/x-www-form-urlencoded; charset=UTF-8
> User-Agent: Boto/2.6.0 (linux2)
> AWSAccessKeyId=d1gbjBy6NjAq9RnkZMo_nAJuB5cUyC3DAF6rdMShLWH8ryXSoXvL_D2fuZM0YW8GIgs8aDWxBdvzXXtNIShZOg&Action=DescribeImages&SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2013-03-19T00%3A57%3A29Z&Version=2010-11-15&Signature=lzo7%2Fb8GfDTRsHuYy4EINS%2FauCoYd2HpMcB%2BqSNWBAQ%3DHTTP/1.1 400 Bad Request
> Server: Apache-Coyote/1.1
> Transfer-Encoding: chunked
> Date: Tue, 19 Mar 2013 03:50:13 GMT
> Connection: close
> =====================
> On the Management Server:
> =====================
> -------------------------------------
> Tcpdump of the Request:
> -------------------------------------
> 20:50:13.455199 IP 10.216.133.50.42571 > Rack3Host23.lab.vmops.com.empowerid: Flags [S], seq 2327957294, win 5840, options [mss 1380,sackOK,TS val 1204227094 ecr 0,nop,wscale 7], length 0
> 20:50:13.455276 IP Rack3Host23.lab.vmops.com.empowerid > 10.216.133.50.42571: Flags [S.], seq 2924982523, ack 2327957295, win 14480, options [mss 1460,sackOK,TS val 11532923 ecr 1204227094,nop,wscale 7], length 0
> 20:50:13.455494 IP 10.216.133.50.42571 > Rack3Host23.lab.vmops.com.empowerid: Flags [.], ack 1, win 46, options [nop,nop,TS val 1204227095 ecr 11532923], length 0
> 20:50:13.455573 IP 10.216.133.50.42571 > Rack3Host23.lab.vmops.com.empowerid: Flags [P.], seq 1:483, ack 1, win 46, options [nop,nop,TS val 1204227095 ecr 11532923], length 482
> 20:50:13.455589 IP Rack3Host23.lab.vmops.com.empowerid > 10.216.133.50.42571: Flags [.], ack 483, win 122, options [nop,nop,TS val 11532924 ecr 1204227095], length 0
> 20:50:13.456773 IP Rack3Host23.lab.vmops.com.empowerid > 10.216.133.50.42571: Flags [P.], seq 1:145, ack 483, win 122, options [nop,nop,TS val 11532925 ecr 1204227095], length 144
> 20:50:13.456863 IP Rack3Host23.lab.vmops.com.empowerid > 10.216.133.50.42571: Flags [F.], seq 145, ack 483, win 122, options [nop,nop,TS val 11532925 ecr 1204227095], length 0
> 20:50:13.457023 IP 10.216.133.50.42571 > Rack3Host23.lab.vmops.com.empowerid: Flags [.], ack 145, win 54, options [nop,nop,TS val 1204227096 ecr 11532925], length 0
> 20:50:13.457416 IP 10.216.133.50.42571 > Rack3Host23.lab.vmops.com.empowerid: Flags [F.], seq 483, ack 146, win 54, options [nop,nop,TS val 1204227097 ecr 11532925], length 0
> 20:50:13.457440 IP Rack3Host23.lab.vmops.com.empowerid > 10.216.133.50.42571: Flags [.], ack 484, win 122, options [nop,nop,TS val 11532925 ecr 1204227097], length 0
> -------------------------------------------------------------
> Firewall Rules on the Management Server:
> --------------------------------------------------------------
> [root@Rack3Host23 awsapi]# iptables-save
> # Generated by iptables-save v1.4.7 on Mon Mar 18 20:33:54 2013
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [122197:37439134]
> -A INPUT -p tcp -m tcp --dport 9090 -j ACCEPT
> -A INPUT -p tcp -m tcp --dport 8250 -j ACCEPT
> -A INPUT -p tcp -m tcp --dport 7080 -j ACCEPT
> -A INPUT -p tcp -m tcp --dport 8080 -j ACCEPT
> -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
> -A INPUT -p icmp -j ACCEPT
> -A INPUT -i lo -j ACCEPT
> -A INPUT -i em1 -j ACCEPT
> -A INPUT -i em2 -j ACCEPT
> -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
> -A INPUT -j REJECT --reject-with icmp-host-prohibited
> -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
> -A FORWARD -p icmp -j ACCEPT
> -A FORWARD -i lo -j ACCEPT
> -A FORWARD -i em1 -j ACCEPT
> -A FORWARD -i em2 -j ACCEPT
> -A FORWARD -j REJECT --reject-with icmp-host-prohibited
> COMMIT
> # Completed on Mon Mar 18 20:33:54 2013
> [root@Rack3Host23 awsapi]#
> ------------------------------------------
> webserver listening on 7080:
> ------------------------------------------
> [root@Rack3Host23 awsapi]# netstat -ant | grep 7080
> tcp        0      0 :::7080                     :::*                        LISTEN
> mysql> select * from configuration where name like "%ec2%";
> +----------+----------+-------------------+----------------+-------+------------------------------+
> | category | instance | component         | name           | value | description                  |
> +----------+----------+-------------------+----------------+-------+------------------------------+
> | Advanced | DEFAULT  | management-server | enable.ec2.api | true  | enable EC2 API on CloudStack |
> +----------+----------+-------------------+----------------+-------+------------------------------+
> 1 row in set (0.00 sec)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira