cloudstack-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CLOUDSTACK-9756) IP address must not be allocated to other VR if releasing ip address is failed
Date Thu, 02 Mar 2017 16:31:45 GMT

    [ https://issues.apache.org/jira/browse/CLOUDSTACK-9756?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15892545#comment-15892545
] 

ASF GitHub Bot commented on CLOUDSTACK-9756:
--------------------------------------------

Github user srinivas-gandikota commented on a diff in the pull request:

    https://github.com/apache/cloudstack/pull/1917#discussion_r103966991
  
    --- Diff: engine/components-api/src/com/cloud/network/IpAddressManager.java ---
    @@ -43,6 +43,9 @@
             "If true, when account has dedicated public ip range(s), once the ips dedicated
to the account have been consumed ips will be acquired from the system pool",
             true, ConfigKey.Scope.Account);
     
    +    static final ConfigKey<Boolean> RulesContinueOnError = new ConfigKey<Boolean>("Advanced",
Boolean.class, "network.rule.delete.ignoreerror", "true",
    --- End diff --
    
    sound appropriate.


>  IP address must not be allocated to other VR if releasing ip address is failed
> -------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-9756
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9756
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the default.) 
>          Components: Network Controller
>            Reporter: Jayapal Reddy
>            Assignee: Jayapal Reddy
>             Fix For: 4.10.0.0
>
>
> Apply rule (delete) is success on failure of ip assoc on back end. Cloudstack ignored
the ip assoc failure.
> Due to this the ip got freed and assigned to another network/account. It caused the ip
to be present in more than one router.
> Fix: Failing the apply rule (delete) on ipassoc failure
> Repro steps:
> 1. Configure PF/static nat/Firewall rules
> 2. Delete the rule configured.
> On deleting the rule, fail the ip assoc on the router.
> 3. Delete rule fails because ip assoc got failed.
> For RVR:
> 1. acquire several public ips,
> 2. add some rules on those public ips, so ips should show up in RVR,
> 3. change ipassoc.sh in RVR, make it always returns error on disassociate ip.
> 4. disassociate ip from  UI, ip should  is freed even though disassociate fails inside
VR.



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

Mime
View raw message