cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael Andersen (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (CLOUDSTACK-8697) Assign VPC Internal LB rule to a VM fails
Date Thu, 01 Oct 2015 16:02:27 GMT

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-8697?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14940012#comment-14940012
] 

Michael Andersen edited comment on CLOUDSTACK-8697 at 10/1/15 4:02 PM:
-----------------------------------------------------------------------

I was able to reproduce this error on ACS 4.4.4.
there is a global configuration setting which determines on which interfaces the haproxy statistics
(stats) is bound to on startup of haproxy. this setting is: network.loadbalancer.haproxy.stats.visibility
 it defaults to all.
description:
Load Balancer(haproxy) stats visibilty, the value can be one of the following six parameters
: global,guest-network,link-local,disabled,all,default	all	

When the above setting is left on the default a configuration is generated for haproxy which
has a public and guest stats directive which try to bind to the same (guest) ip address. This
results in an haproxy error:
[ALERT] 273/131923 (3076) : Starting proxy stats_on_guest: cannot bind socket [10.10.2.151:8081]
 and haproxy never restarts with the new config.

the faulty config directives:

listen stats_on_public 10.10.2.151:8081
	mode http
	option httpclose
	stats enable
	stats uri     /admin?stats
	stats realm   Haproxy\ Statistics
	stats auth    admin493:test123

listen stats_on_guest 10.10.2.151:8081
	mode http
	option httpclose
	stats enable
	stats uri     /admin?stats
	stats realm   Haproxy\ Statistics
	stats auth    admin493:test123

In the code the visibility setting is retrieved by:
 ElasticLoadBalancerManagerImpl.java
 private void createApplyLoadBalancingRulesCommands(List<LoadBalancingRule> rules, DomainRouterVO
elbVm, Commands cmds, long guestNetworkId) {
...
 //FIXME: why are we setting attributes directly? Ick!! There should be accessors and
 //the constructor should set defaults.
 cmd.lbStatsVisibility = _configDao.getValue(Config.NetworkLBHaproxyStatsVisbility.key());

then in core/src/com/cloud/network/HAProxyConfigurator.java
the following function determines what to add to the generate haproxy config:

line 542:   public String[] generateConfiguration(LoadBalancerConfigCommand lbCmd) {
...
line 575: 
       if (!lbCmd.lbStatsVisibility.equals("disabled")) {
            /* new rule : listen admin_page guestip/link-local:8081 */
            if (lbCmd.lbStatsVisibility.equals("global")) {
                result.add(generateStatsRule(lbCmd, "stats_on_public", lbCmd.lbStatsPublicIP));

            } else if (lbCmd.lbStatsVisibility.equals("guest-network")) {
                result.add(generateStatsRule(lbCmd, "stats_on_guest", lbCmd.lbStatsGuestIP));

            } else if (lbCmd.lbStatsVisibility.equals("link-local")) {
                result.add(generateStatsRule(lbCmd, "stats_on_private", lbCmd.lbStatsPrivateIP));

            } else if (lbCmd.lbStatsVisibility.equals("all")) {
                result.add(generateStatsRule(lbCmd, "stats_on_public", lbCmd.lbStatsPublicIP));
                result.add(generateStatsRule(lbCmd, "stats_on_guest", lbCmd.lbStatsGuestIP));
                result.add(generateStatsRule(lbCmd, "stats_on_private", lbCmd.lbStatsPrivateIP));
            } else {

I have not yet tested it but setting the global setting to guest-network will most likely
allow for assigning LB rules on an internal LB.

In the code i think we should either retrieve the interfaces of the internallbVm before applying
rules in the equals('all') case or simply the 'all' case drastically by only applying a single
directive which listens on 0.0.0.0?




was (Author: michaelandersen):
I was able to reproduce this error on ACS 4.4.4.
there is a global configuration setting which determines on which interfaces the haproxy statistics
(stats) is bound to on startup of haproxy. this setting is: network.loadbalancer.haproxy.stats.visibility
 it defaults to all.
description:
Load Balancer(haproxy) stats visibilty, the value can be one of the following six parameters
: global,guest-network,link-local,disabled,all,default	all	

When the above setting is left on the default a configuration is generated for haproxy which
has a public and guest stats directive which try to bind to the same (guest) ip address. This
results in an haproxy error:
[ALERT] 273/131923 (3076) : Starting proxy stats_on_guest: cannot bind socket [10.10.2.151:8081]
 and haproxy never restarts with the new config.

the faulty config directives:

listen stats_on_public 10.10.2.151:8081
	mode http
	option httpclose
	stats enable
	stats uri     /admin?stats
	stats realm   Haproxy\ Statistics
	stats auth    admin493:test123

listen stats_on_guest 10.10.2.151:8081
	mode http
	option httpclose
	stats enable
	stats uri     /admin?stats
	stats realm   Haproxy\ Statistics
	stats auth    admin493:test123

In the code the visibility setting is retrieved by:
 ElasticLoadBalancerManagerImpl.java
 private void createApplyLoadBalancingRulesCommands(List<LoadBalancingRule> rules, DomainRouterVO
elbVm, Commands cmds, long guestNetworkId) {
...
 //FIXME: why are we setting attributes directly? Ick!! There should be accessors and
 //the constructor should set defaults.
 cmd.lbStatsVisibility = _configDao.getValue(Config.NetworkLBHaproxyStatsVisbility.key());

then in core/src/com/cloud/network/HAProxyConfigurator.java
the following function determines what to add to the generate haproxy config:

line 542:   public String[] generateConfiguration(LoadBalancerConfigCommand lbCmd) {
...
line 575: 
       if (!lbCmd.lbStatsVisibility.equals("disabled")) {
            /* new rule : listen admin_page guestip/link-local:8081 */
            if (lbCmd.lbStatsVisibility.equals("global")) {
                result.add(generateStatsRule(lbCmd, "stats_on_public", lbCmd.lbStatsPublicIP));

            } else if (lbCmd.lbStatsVisibility.equals("guest-network")) {
                result.add(generateStatsRule(lbCmd, "stats_on_guest", lbCmd.lbStatsGuestIP));

            } else if (lbCmd.lbStatsVisibility.equals("link-local")) {
                result.add(generateStatsRule(lbCmd, "stats_on_private", lbCmd.lbStatsPrivateIP));

            } else if (lbCmd.lbStatsVisibility.equals("all")) {
                result.add(generateStatsRule(lbCmd, "stats_on_public", lbCmd.lbStatsPublicIP));
                result.add(generateStatsRule(lbCmd, "stats_on_guest", lbCmd.lbStatsGuestIP));
                result.add(generateStatsRule(lbCmd, "stats_on_private", lbCmd.lbStatsPrivateIP));
            } else {

I have not yet tested it but setting the global setting to guest-network will most likely
allow for assigning LB rules on an internal LB.

In the code i think we should either retrieve the interfaces of the internallbVm before appling
rules in the equals('all') case or simply the 'all' case drastically by only applying a single
directive which listens on 0.0.0.0?



> Assign VPC Internal LB rule to a VM fails
> -----------------------------------------
>
>                 Key: CLOUDSTACK-8697
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8697
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Network Controller
>    Affects Versions: 4.4.4, 4.6.0
>            Reporter: Pavan Kumar Bandarupally
>            Assignee: Wilder Rodrigues
>            Priority: Blocker
>         Attachments: MS Log.rar, MSLog.rar
>
>
> Assigning an internal LB rule to a VM inside VPC network fails. Seems to be a configuration
issue.
> ================
> 2015-07-31 21:13:49,059 ERROR [c.c.u.s.SshHelper] (DirectAgent-345:ctx-2bdddfcc) SSH
execution of command /opt/cloud/bin/router_proxy.sh update_config.py 169.254.2.171 load_balancer.json
has an error status code in return. result output:
> 2015-07-31 21:13:49,062 DEBUG [c.c.a.r.v.VirtualRoutingResource] (DirectAgent-345:ctx-2bdddfcc)
Processing ScriptConfigItem, executing update_config.py load_balancer.json took 6656ms
> 2015-07-31 21:13:49,062 WARN  [c.c.a.r.v.VirtualRoutingResource] (DirectAgent-345:ctx-2bdddfcc)
Expected 1 answers while executing LoadBalancerConfigCommand but received 2
> 2015-07-31 21:13:49,062 DEBUG [c.c.a.m.DirectAgentAttache] (DirectAgent-345:ctx-2bdddfcc)
Seq 7-4435764157983228083: Response Received:
> 2015-07-31 21:13:49,063 DEBUG [c.c.a.t.Request] (DirectAgent-345:ctx-2bdddfcc) Seq 7-4435764157983228083:
Processing:  { Ans: , MgmtId: 6702933999656, via: 7, Ver: v1, Flags: 0, [{"com.cloud.agent.api.routing.GroupAnswer":{"results":["null
- failed: ","null - failed: "],"result":false,"wait":0}}] }
> 2015-07-31 21:13:49,063 DEBUG [c.c.a.t.Request] (API-Job-Executor-9:ctx-4c2d49d3 job-315
ctx-06ebb5a1) Seq 7-4435764157983228083: Received:  { Ans: , MgmtId: 6702933999656, via: 7,
Ver: v1, Flags: 0, { GroupAnswer } }
> 2015-07-31 21:13:49,133 DEBUG [c.c.n.l.LoadBalancingRulesManagerImpl] (API-Job-Executor-9:ctx-4c2d49d3
job-315 ctx-06ebb5a1) LB Rollback rule id: 6  while attaching VM: [29]



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Mime
View raw message