cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <>
Subject [jira] [Commented] (CLOUDSTACK-8947) Load Balancer not working with Isolated Networks
Date Wed, 14 Oct 2015 09:12:05 GMT


ASF GitHub Bot commented on CLOUDSTACK-8947:

GitHub user wilderrodrigues opened a pull request:

    CLOUDSTACK-8947 - Load Balancer not working with Isolated Networks

    This PR fixes the Load Balance feature by adding iptables rules for the public IP and
port of the LB.
    In order to cover the changes, I improved and executed the smoke/
In addition, I also executed many other tests to make sure the main network/VM functionalities
are working as expected.
    Test report will follow.

You can merge this pull request into a Git repository by running:

    $ git pull fix/loadbalancer

Alternatively you can review and apply these changes as the patch at:

To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:

    This closes #931
commit cbd6464b88a027b535c7ea553ac3f5868490d2e6
Author: Wilder Rodrigues <>
Date:   2015-10-13T10:24:42Z

    CLOUDSTACK-8947 - FW_EGRESS should be added only to filter table

commit 052c0dc4c92ee2f586daa600051f7365176f675f
Author: Wilder Rodrigues <>
Date:   2015-10-13T10:28:48Z

    CLOUDSTACK-8947 - Open the input chain to IP when loadbalancer is configured
       - Also remove the chain rule when it is removed.

commit 4a177031b055f3649e3b4a00c80eddb5cafa1dd7
Author: Wilder Rodrigues <>
Date:   2015-10-13T13:50:58Z

    CLOUDSTACK-8947 - Avoid multiple entries in the FW_EGRESS_RULES table

commit 59bd935f3eb43d06580c737c69d5e5e46d481868
Author: Wilder Rodrigues <>
Date:   2015-10-13T13:54:59Z

    CLOUDSTACK-8947 - Configure the firewall when the load balancer is setup
       - Only restart HAproxy if it's not running yet

commit 80b51a7972e590c64a97650d7f53dc6431411007
Author: Wilder Rodrigues <>
Date:   2015-10-13T13:58:29Z

    CLOUDSTACK-8947 - Adding some logging to better understand what's happening with the rules

commit f35a16c19e8d8c851a250a7d713b30ba58dbf5a0
Author: Wilder Rodrigues <>
Date:   2015-10-13T13:59:14Z

    CLOUDSTACK-8947 - Adding some logging to better understand whay is happening with the

commit 384b6c7cd44b7a42390689a322027d1bcd83a31d
Author: Wilder Rodrigues <>
Date:   2015-10-13T14:13:52Z

    CLOUDSTACK-8947 - Fail fast!
       - If we canno SSH after 5 retries, it means it's not working. Do not wait for 60 attempts

commit bb3d1cde60f0bb37587da5116e487b13c8f3ad40
Author: Wilder Rodrigues <>
Date:   2015-10-13T14:45:46Z

    CLOUDSTACK-8947 - Do not rely on the machine hostname to verify the test
       - The machine hostname might be different depending on the template. So do not rely
on it.
       - Using the "uname" command instead.


> Load Balancer not working with Isolated Networks
> ------------------------------------------------
>                 Key: CLOUDSTACK-8947
>                 URL:
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Virtual Router
>    Affects Versions: 4.6.0
>            Reporter: Wilder Rodrigues
>            Assignee: Wilder Rodrigues
>            Priority: Blocker
>             Fix For: 4.6.0
> 1. acquire IP in an isolated network
> 2. go to ipaddress -> configuration -> firewall 
> 3. add firewall exception for port 22
> 4. then add LB rule for port 22 to a user VM
> 5. try sshing to the new acquired ip(in step 1) --- ssh fails

This message was sent by Atlassian JIRA

View raw message