cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <>
Subject [jira] [Commented] (CLOUDSTACK-9727) Password reset discrepancy in RVR when one of the Router is not in Running state.
Date Tue, 14 Mar 2017 08:42:41 GMT


ASF GitHub Bot commented on CLOUDSTACK-9727:

Github user bvbharatk commented on the issue:
    We are saving the password in the user_vm_details explicitly. We are not checking if ssh
key pair is set for this vm or not.
    I agree that ideally we should sync the password between the master and backup, For any
kind of sync to work we need to know if the password was read from one of the VRs and In cases
when one of the Vr is Stopped we will have to clear the password from db when it is read from
the other one. These type of changes add complexity to the simple task of setting a password.
The next best thing is to make sure we save the same password in both the routers. This will
fix will at least solve the problem of sending the correct password even if the master and
backup change state before the VM starts. 
    Yes like you pointed out this will lead to the problem that the user might receive the
old password when he stop starts the VM, In this case the user will get a notification in
the UI that his password will be changed.  So he at least knows what the password is and so
he can log into the VM.

> Password reset discrepancy in RVR when one of the Router is not in Running state.
> ---------------------------------------------------------------------------------
>                 Key: CLOUDSTACK-9727
>                 URL:
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>    Affects Versions: 4.9.0
>            Reporter: Bharat Kumar
>            Assignee: Bharat Kumar
>             Fix For:
> - Deploy an instance and place " cloud-set-guest-password " script in the /etc/init.d
location and provide the executable permission.
> - Create a template from the above VM.
> - Create a new network offering with RVR enabled.
> - Deploy a new VM from the above created template and select the above RVR offering.
> - Ensure that the password script is sucessfuly running.
> - Put the backup router in stopped state and ensure only master is running.
> - Now stop the VM and and Reset the password.
> - DO not start the VM , Now Stop the current Master and start the Back up.
> - Now the Back Up would be the Master. Now start the VM.
> Observations:
> - The password is saved onto only Master which is in stopped state now or either in backup
if we start it.
> - The current Master which was back up earlier do not have the new password. Hence user
cannot now login with the new password.
> - In this scenario there is disperancy in the password stored on both the RVR's.
> The only way to sync both the passwords now is , ensure both the RVR are running and
reset the password on VM. 

This message was sent by Atlassian JIRA

View raw message