cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jon Marshall <jms....@hotmail.co.uk>
Subject Possible bug in migrating VMs with advanced using security groups ?
Date Fri, 18 Jan 2019 15:12:57 GMT
Don't know whether this is a bug or to do wit setup -

CS 4.11.2

1 x manager, 3 x compute nodes runnning Advanced with security groups.

VM (internal name i-2-29-VM)  - is created and works fine with default security group allowing
inbound SSH and ICMP echo request.

Migrate the VM to another of the compute nodes and the VM migrate and from the proxy console
the VM can connect out but the default security group inbound is not copied across the compute
node.   The /var/log/cloudstack/agent/security_group.log shows on the compute node the VM
has migrated to -

2019-01-18 14:54:25,724 - Ignoring failure to delete ebtables chain for vm i-2-29-VM
2019-01-18 14:54:25,724 - ebtables -t nat -F i-2-29-VM-out
2019-01-18 14:54:25,730 - Ignoring failure to delete ebtables chain for vm i-2-29-VM
2019-01-18 14:54:25,730 - ebtables -t nat -F i-2-29-VM-in-ips
2019-01-18 14:54:25,735 - Ignoring failure to delete ebtables chain for vm i-2-29-VM
2019-01-18 14:54:25,735 - ebtables -t nat -F i-2-29-VM-out-ips
2019-01-18 14:54:25,740 - Ignoring failure to delete ebtables chain for vm i-2-29-VM
2019-01-18 14:54:25,741 - iptables -N i-2-29-VM
2019-01-18 14:54:25,745 - ip6tables -N i-2-29-VM
2019-01-18 14:54:25,749 - iptables -N i-2-29-VM-eg
2019-01-18 14:54:25,753 - ip6tables -N i-2-29-VM-eg
2019-01-18 14:54:25,758 - iptables -N i-2-29-def
2019-01-18 14:54:25,763 - ip6tables -N i-2-29-def
2019-01-18 14:54:25,767 - Creating ipset chain .... i-2-29-VM
2019-01-18 14:54:25,768 - ipset -F i-2-29-VM
2019-01-18 14:54:25,772 - ipset chain not exists creating.... i-2-29-VM
2019-01-18 14:54:25,772 - ipset -N i-2-29-VM iphash family inet
2019-01-18 14:54:25,777 - vm ip 172.30.6.60
2019-01-18 14:54:25,777 - ipset -A i-2-29-VM 172.30.6.60
2019-01-18 14:54:25,782 - Failed to network rule !
Traceback (most recent call last):
  File "/usr/share/cloudstack-common/scripts/vm/network/security_group.py", line 995, in add_network_rules
    default_network_rules(vmName, vm_id, vm_ip, vm_ip6, vmMac, vif, brname, sec_ips)
  File "/usr/share/cloudstack-common/scripts/vm/network/security_group.py", line 490, in default_network_rules
    if ips[0] == "0":
IndexError: list index out of range


Jon

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message