Return-Path: X-Original-To: apmail-cloudstack-issues-archive@www.apache.org Delivered-To: apmail-cloudstack-issues-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id C45FB9A85 for ; Tue, 21 May 2013 15:17:16 +0000 (UTC) Received: (qmail 75713 invoked by uid 500); 21 May 2013 15:17:17 -0000 Delivered-To: apmail-cloudstack-issues-archive@cloudstack.apache.org Received: (qmail 75565 invoked by uid 500); 21 May 2013 15:17:16 -0000 Mailing-List: contact issues-help@cloudstack.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@cloudstack.apache.org Delivered-To: mailing list issues@cloudstack.apache.org Received: (qmail 75551 invoked by uid 500); 21 May 2013 15:17:16 -0000 Delivered-To: apmail-incubator-cloudstack-issues@incubator.apache.org Received: (qmail 75547 invoked by uid 99); 21 May 2013 15:17:16 -0000 Received: from arcas.apache.org (HELO arcas.apache.org) (140.211.11.28) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 21 May 2013 15:17:16 +0000 Date: Tue, 21 May 2013 15:17:16 +0000 (UTC) From: "venkata swamybabu budumuru (JIRA)" To: cloudstack-issues@incubator.apache.org Message-ID: In-Reply-To: References: Subject: [jira] [Updated] (CLOUDSTACK-2604) [Multiple IpsPerNic] Unable to removeIpFromNic even when there are no PF rules associated with it MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394 [ https://issues.apache.org/jira/browse/CLOUDSTACK-2604?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] venkata swamybabu budumuru updated CLOUDSTACK-2604: --------------------------------------------------- Attachment: logs.tgz > [Multiple IpsPerNic] Unable to removeIpFromNic even when there are no PF rules associated with it > -------------------------------------------------------------------------------------------------- > > Key: CLOUDSTACK-2604 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2604 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the default.) > Components: Network Controller > Affects Versions: 4.2.0 > Environment: commit # 85d54cd1c088997dd08f0328984bee1a55703636 > Reporter: venkata swamybabu budumuru > Assignee: Jayapal Reddy > Labels: integration-test > Fix For: 4.2.0 > > Attachments: logs.tgz > > > Steps to reproduce : > 1. Have latest CloudStack setup with at least 1 advanced zone having KVM cluster with 1 host. > 2. Have a non-ROOT domain user > 3. Login as the above user and try to deploy a VM with two nics > NIC1 : (eth0) => Network1 (10.1.1.0/24) > NIC2 : (eth1) => Network2 (10.1.1.0/24) > - by default, in my case it got the following primary IPs > > NIC1 - 10.1.1.233 > NIC2 - 10.1.1.241 > 4. acquired (addIpToNic) a secondary IP on NIC1 > NIC1 => First secondary IP : 10.1.1.29 > 5. acquired another secondary IP on NIC1 > NIC1 => another secondary IP : 10.1.1.121 > 6. acquired the same secondary IP on NIC2 as well > NIC2 => secondary IP : 10.1.1.121 > 7. Create a PF rule along with firewall rule on the Network2 public IP which maps to the NIC2 secondary IP > create portforwardingrule virtualmachineid=a44ca6c5-ff25-4934-842d-2401b9325076 ipaddressid=b167c584-3ab4-4575-b812-9ed8e13f5040 openfirewall=true vmguestip=10.1.1.121 privateendport=22 privateport=22 publicport=2222 publicendport=2222 protocol=tcp > 8. Try to remove the second secondary IP on NIC1 which has no rules associated with it. > Observations: > (i) Snapshot of the relevant tables from DB > id: 216 > name: Network2 > uuid: 23d1de85-18c0-481e-9e9a-cc77e23157c9 > display_text: Network2 > traffic_type: Guest > broadcast_domain_type: Vlan > broadcast_uri: vlan://904 > gateway: 10.1.1.1 > cidr: 10.1.1.0/24 > mode: Dhcp > network_offering_id: 8 > physical_network_id: 202 > data_center_id: 3 > guru_name: ExternalGuestNetworkGuru > state: Implemented > related: 216 > domain_id: 2 > account_id: 4 > dns1: NULL > dns2: NULL > guru_data: NULL > set_fields: 0 > acl_type: Account > network_domain: cs4cloud.internal > reservation_id: NULL > guest_type: Isolated > restart_required: 0 > created: 2013-05-21 11:27:17 > removed: NULL > specify_ip_ranges: 0 > vpc_id: NULL > ip6_gateway: NULL > ip6_cidr: NULL > network_cidr: NULL > display_network: 1 > network_acl_id: NULL > mysql> select * from networks where id=214\G > *************************** 1. row *************************** > id: 214 > name: Network1 > uuid: 3bc9f5eb-d77f-4308-8353-ff9f86dfd7d9 > display_text: Network1 > traffic_type: Guest > broadcast_domain_type: Vlan > broadcast_uri: vlan://900 > gateway: 10.1.1.1 > cidr: 10.1.1.0/24 > mode: Dhcp > network_offering_id: 8 > physical_network_id: 202 > data_center_id: 3 > guru_name: ExternalGuestNetworkGuru > state: Implemented > related: 214 > domain_id: 2 > account_id: 4 > dns1: 10.103.128.16 > dns2: NULL > guru_data: NULL > set_fields: 0 > acl_type: Account > network_domain: cs4cloud.internal > reservation_id: d5673437-8149-4dad-bf0b-5435e6d6711d > guest_type: Isolated > restart_required: 0 > created: 2013-05-21 09:16:41 > removed: NULL > specify_ip_ranges: 0 > vpc_id: NULL > ip6_gateway: NULL > ip6_cidr: NULL > network_cidr: NULL > display_network: 1 > network_acl_id: NULL > mysql> select * from port_forwarding_rules; > +----+-------------+-----------------+-----------------+---------------+ > | id | instance_id | dest_ip_address | dest_port_start | dest_port_end | > +----+-------------+-----------------+-----------------+---------------+ > | 5 | 19 | 10.1.1.121 | 22 | 22 | > +----+-------------+-----------------+-----------------+---------------+ > mysql> select * from firewall_rules; > +----+--------------------------------------+---------------+------------+----------+--------+----------+----------------+------------+-----------+------------+--------------------------------------+---------------------+-----------+-----------+---------+------+--------+--------------+ > | id | uuid | ip_address_id | start_port | end_port | state | protocol | purpose | account_id | domain_id | network_id | xid | created | icmp_code | icmp_type | related | type | vpc_id | traffic_type | > +----+--------------------------------------+---------------+------------+----------+--------+----------+----------------+------------+-----------+------------+--------------------------------------+---------------------+-----------+-----------+---------+------+--------+--------------+ > | 5 | 2e27bee8-afcb-4f3f-b0cf-714114c7996a | 26 | 2222 | 2222 | Active | tcp | PortForwarding | 4 | 2 | 216 | bd27206d-2740-4f56-9621-0e46bf76c0cf | 2013-05-21 11:48:58 | NULL | NULL | NULL | User | NULL | NULL | > | 6 | ce902029-dcde-4b44-9dde-8ef416ee13d3 | 26 | 2222 | 2222 | Active | tcp | Firewall | 4 | 2 | 216 | 7956251a-2d7c-4f46-a858-7a2c3bfd91c4 | 2013-05-21 11:48:58 | NULL | NULL | 5 | User | NULL | Ingress | > +----+--------------------------------------+---------------+------------+----------+--------+----------+----------------+------------+-----------+------------+--------------------------------------+---------------------+-----------+-----------+---------+------+--------+--------------+ > (ii) removeIpFromNic fails with the following error in mgmt server logs. > 2013-05-21 08:30:26,714 DEBUG [cloud.api.ApiServlet] (catalina-exec-9:null) ===START=== 10.252.240.57 -- GET command=removeIpFromNic&response=json&sessionkey=ukCfrtllTOOzAsW%2BVDDUpV9o75w%3D&id=6c1f4925-81d8-47ff-9138-1ee167eb6307&_=1369119689178 > 2013-05-21 08:30:26,747 DEBUG [cloud.async.AsyncJobManagerImpl] (catalina-exec-9:null) submit async job-79, details: AsyncJobVO {id:79, userId: 4, accountId: 4, sessionKey: null, instanceType: IpAddress, instanceId: null, cmd: org.apache.cloudstack.api.command.user.vm.RemoveIpFromVmNicCmd, cmdOriginator: null, cmdInfo: {"response":"json","id":"6c1f4925-81d8-47ff-9138-1ee167eb6307","sessionkey":"ukCfrtllTOOzAsW+VDDUpV9o75w\u003d","ctxUserId":"4","httpmethod":"GET","_":"1369119689178","ctxAccountId":"4","ctxStartEventId":"327"}, cmdVersion: 0, callbackType: 0, callbackAddress: null, status: 0, processStatus: 0, resultCode: 0, result: null, initMsid: 7280707764394, completeMsid: null, lastUpdated: null, lastPolled: null, created: null} > 2013-05-21 08:30:26,750 DEBUG [cloud.api.ApiServlet] (catalina-exec-9:null) ===END=== 10.252.240.57 -- GET command=removeIpFromNic&response=json&sessionkey=ukCfrtllTOOzAsW%2BVDDUpV9o75w%3D&id=6c1f4925-81d8-47ff-9138-1ee167eb6307&_=1369119689178 > 2013-05-21 08:30:26,753 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-25:job-79) Executing org.apache.cloudstack.api.command.user.vm.RemoveIpFromVmNicCmd for job-79 > 2013-05-21 08:30:26,791 DEBUG [cloud.user.AccountManagerImpl] (Job-Executor-25:job-79) Access to VM[User|VM1] granted to Acct[4-dom1Acc1] by DomainChecker_EnhancerByCloudStack_3714c36a > 2013-05-21 08:30:26,796 DEBUG [cloud.network.NetworkServiceImpl] (Job-Executor-25:job-79) ip id = 3 nic id = 55 > 2013-05-21 08:30:26,799 DEBUG [cloud.network.NetworkServiceImpl] (Job-Executor-25:job-79) Calling the ip allocation ... > 2013-05-21 08:30:26,801 DEBUG [cloud.network.NetworkServiceImpl] (Job-Executor-25:job-79) VM nic IP 10.1.1.121 is associated with the port forwarding rule > 2013-05-21 08:30:26,802 ERROR [cloud.async.AsyncJobManagerImpl] (Job-Executor-25:job-79) Unexpected exception while executing org.apache.cloudstack.api.command.user.vm.RemoveIpFromVmNicCmd > com.cloud.exception.InvalidParameterValueException: Removing guest ip from nic failed > at org.apache.cloudstack.api.command.user.vm.RemoveIpFromVmNicCmd.execute(RemoveIpFromVmNicCmd.java:158) > at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:155) > at com.cloud.async.AsyncJobManagerImpl$1.run(AsyncJobManagerImpl.java:437) > at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) > at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) > at java.util.concurrent.FutureTask.run(FutureTask.java:166) > at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1146) > at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) > at java.lang.Thread.run(Thread.java:679) > 2013-05-21 08:30:26,803 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-25:job-79) Complete async job-79, jobStatus: 2, resultCode: 530, result: Error Code: 530 Error text: Removing guest ip from nic failed > (iii) though there are no PF/Firewall rules associated with 10.1.1.121 on NIC1, it still fails saying there are PF rules associated with it. > Attaching all the required logs along with db dump. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira