cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sailaja Mada (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CLOUDSTACK-2417) NPE while creating Egress rules with Networking using Cisco ASA firewall provider
Date Thu, 09 May 2013 11:51:15 GMT
Sailaja Mada created CLOUDSTACK-2417:
----------------------------------------

             Summary: NPE while creating Egress rules with Networking using Cisco ASA firewall
provider
                 Key: CLOUDSTACK-2417
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2417
             Project: CloudStack
          Issue Type: Bug
      Security Level: Public (Anyone can view this level - this is the default.)
          Components: Network Controller
    Affects Versions: 4.2.0
            Reporter: Sailaja Mada
            Priority: Critical


Setup: Advanced Networking Zone with VMWARE Cluster 

Steps :
1. Configure VMWARE Cluster with Nexus 1000v 
2. Add Network Service provider CiscoVnmc and add Cisco VNMC and ASA firewall devices to CS
3. Create Network offering with Firewall/PF/Source Nat/Static NAT provider as Cisco VNMC 
4. Deploy guest network with this Offering and deploy instance using this guest network
5. Tried to create Egress rules with Cidr 10.0.0.0/00 TCP with 22 port 

Observation: 
NPE while creating Egress rules with Networking using Cisco ASA firewall provider

2013-05-09 17:14:22,886 DEBUG [cloud.api.ApiServlet] (catalina-exec-5:null) ===START===  10.144.6.19
-- GET  command=createEgressFirewallRule&response=json&sessionkey=zynphD7KqJbmsaitAu1b9gOogUw%3D&protocol=tcp&cidrlist=10.0.0.0%2F00&networkid=7fac418a-19e7-4455-8e8c-1dc11b9200d3&startport=8080&endport=8080&_=1368100003217
2013-05-09 17:14:22,896 DEBUG [cloud.user.AccountManagerImpl] (catalina-exec-5:null) Access
to Acct[3-cdcuser1] granted to Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
2013-05-09 17:14:22,907 DEBUG [network.firewall.FirewallManagerImpl] (catalina-exec-5:null)
No network rule conflicts detected for Rule[11-Firewall-Staged] against 0 existing rules
2013-05-09 17:14:22,956 DEBUG [cloud.async.AsyncJobManagerImpl] (catalina-exec-5:null) submit
async job-45, details: AsyncJobVO {id:45, userId: 3, accountId: 3, sessionKey: null, instanceType:
FirewallRule, instanceId: 11, cmd: org.apache.cloudstack.api.command.user.firewall.CreateEgressFirewallRuleCmd,
cmdOriginator: null, cmdInfo: {"sessionkey":"zynphD7KqJbmsaitAu1b9gOogUw\u003d","protocol":"tcp","ctxUserId":"3","httpmethod":"GET","startport":"8080","endport":"8080","response":"json","id":"11","cidrlist":"10.0.0.0/00","_":"1368100003217","ctxAccountId":"3","networkid":"7fac418a-19e7-4455-8e8c-1dc11b9200d3","ctxStartEventId":"191"},
cmdVersion: 0, callbackType: 0, callbackAddress: null, status: 0, processStatus: 0, resultCode:
0, result: null, initMsid: 214053811722752, completeMsid: null, lastUpdated: null, lastPolled:
null, created: null}
2013-05-09 17:14:22,958 DEBUG [cloud.api.ApiServlet] (catalina-exec-5:null) ===END===  10.144.6.19
-- GET  command=createEgressFirewallRule&response=json&sessionkey=zynphD7KqJbmsaitAu1b9gOogUw%3D&protocol=tcp&cidrlist=10.0.0.0%2F00&networkid=7fac418a-19e7-4455-8e8c-1dc11b9200d3&startport=8080&endport=8080&_=1368100003217
2013-05-09 17:14:22,961 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-52:job-45) Executing
org.apache.cloudstack.api.command.user.firewall.CreateEgressFirewallRuleCmd for job-45
2013-05-09 17:14:22,968 DEBUG [cloud.user.AccountManagerImpl] (Job-Executor-52:job-45) Access
to Acct[3-cdcuser1] granted to Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
2013-05-09 17:14:22,969 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-52:job-45) Sync
job-45 execution on object network.204
2013-05-09 17:14:22,979 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-52:job-45) job
org.apache.cloudstack.api.command.user.firewall.CreateEgressFirewallRuleCmd for job-45 was
queued, processing the queue.
2013-05-09 17:14:22,998 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-52:job-45) Executing
sync queue item: SyncQueueItemVO {id:24, queueId: 1, contentType: AsyncJob, contentId: 45,
lastProcessMsid: 214053811722752, lastprocessNumber: 21, lastProcessTime: Thu May 09 17:14:22
IST 2013, created: Thu May 09 17:14:22 IST 2013}
2013-05-09 17:14:23,000 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-52:job-45) Schedule
queued job-45
2013-05-09 17:14:23,016 DEBUG [cloud.async.SyncQueueManagerImpl] (Job-Executor-52:job-45)
There is a pending process in sync queue(id: 1)
2013-05-09 17:14:23,018 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-53:job-45) Executing
org.apache.cloudstack.api.command.user.firewall.CreateEgressFirewallRuleCmd for job-45
2013-05-09 17:14:23,024 DEBUG [cloud.user.AccountManagerImpl] (Job-Executor-53:job-45) Access
to Acct[3-cdcuser1] granted to Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
2013-05-09 17:14:23,033 DEBUG [cloud.user.AccountManagerImpl] (Job-Executor-53:job-45) Access
to Rule[9-Firewall-Revoke] granted to Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
2013-05-09 17:14:23,034 DEBUG [cloud.user.AccountManagerImpl] (Job-Executor-53:job-45) Access
to Rule[10-Firewall-Revoke] granted to Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
2013-05-09 17:14:23,036 DEBUG [cloud.user.AccountManagerImpl] (Job-Executor-53:job-45) Access
to Rule[11-Firewall-Add] granted to Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
2013-05-09 17:14:23,058 DEBUG [cloud.user.AccountManagerImpl] (Job-Executor-53:job-45) Access
to Rule[11-Firewall-Add] granted to Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
2013-05-09 17:14:23,060 DEBUG [cloud.user.AccountManagerImpl] (Job-Executor-53:job-45) Access
to Rule[11-Firewall-Add] granted to Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
2013-05-09 17:14:23,072 DEBUG [cloud.user.AccountManagerImpl] (Job-Executor-53:job-45) Access
to Rule[9-Firewall-Revoke] granted to Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
2013-05-09 17:14:23,074 DEBUG [cloud.user.AccountManagerImpl] (Job-Executor-53:job-45) Access
to Rule[10-Firewall-Revoke] granted to Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
2013-05-09 17:14:23,075 DEBUG [cloud.user.AccountManagerImpl] (Job-Executor-53:job-45) Access
to Rule[11-Firewall-Revoke] granted to Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
2013-05-09 17:14:23,094 ERROR [cloud.async.AsyncJobManagerImpl] (Job-Executor-53:job-45) Unexpected
exception while executing org.apache.cloudstack.api.command.user.firewall.CreateEgressFirewallRuleCmd
java.lang.NullPointerException
        at com.cloud.network.element.CiscoVnmcElement.applyFWRules(CiscoVnmcElement.java:657)
        at com.cloud.network.firewall.FirewallManagerImpl.applyRules(FirewallManagerImpl.java:548)
        at com.cloud.network.NetworkManagerImpl.applyRules(NetworkManagerImpl.java:2472)
        at com.cloud.network.firewall.FirewallManagerImpl.applyRules(FirewallManagerImpl.java:504)
        at com.cloud.network.firewall.FirewallManagerImpl.applyFirewallRules(FirewallManagerImpl.java:634)
        at com.cloud.network.firewall.FirewallManagerImpl.revokeFirewallRule(FirewallManagerImpl.java:674)
        at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125)
        at com.cloud.network.firewall.FirewallManagerImpl.revokeFirewallRule(FirewallManagerImpl.java:687)
        at org.apache.cloudstack.api.command.user.firewall.CreateEgressFirewallRuleCmd.execute(CreateEgressFirewallRuleCmd.java:147)
        at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:155)
        at com.cloud.async.AsyncJobManagerImpl$1.run(AsyncJobManagerImpl.java:437)
        at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
        at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
        at java.util.concurrent.FutureTask.run(FutureTask.java:166)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
        at java.lang.Thread.run(Thread.java:679)
2013-05-09 17:14:23,096 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-53:job-45) Complete
async job-45, jobStatus: 2, resultCode: 530, result: Error Code: 530 Error text: null
2013-05-09 17:14:23,123 DEBUG [cloud.async.SyncQueueManagerImpl] (Job-Executor-53:job-45)
Sync queue (1) is currently empty

2013-05-09 17:14:22,958 INFO  [cloud.api.ApiServer] (catalina-exec-5:null) (userId=3 accountId=3
sessionId=F7A1166AF52AE9647B9147F569AD7683) 10.144.6.19 -- GET command=createEgressFirewallRule&response=json&sessionkey=zynphD7KqJbmsaitAu1b9gOogUw%3D&protocol=tcp&cidrlist=10.0.0.0%2F00&networkid=7fac418a-19e7-4455-8e8c-1dc11b9200d3&startport=8080&endport=8080&_=1368100003217
200 { "createegressfirewallruleresponse" : {"id":"11","jobid":"9ad7ea78-c358-4367-a811-163a5b0d91d8"}
}


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message