incubator-cloudstack-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Francois Scala (JIRA)" <j...@apache.org>
Subject [jira] [Created] (CLOUDSTACK-309) iptables rules being delete from wrong VM after a migration
Date Wed, 10 Oct 2012 10:11:04 GMT
Francois Scala created CLOUDSTACK-309:
-----------------------------------------

             Summary: iptables rules being delete from wrong VM after a migration
                 Key: CLOUDSTACK-309
                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-309
             Project: CloudStack
          Issue Type: Bug
         Environment: cloudstack 3.0.2 with kvm on centos
            Reporter: Francois Scala




First migration :

2012-10-09 17:57:26,571 - iptables-save | grep BF | grep i-2-82 | grep physdev-is-bridged
| sed 's/-A/-D/'
2012-10-09 17:57:26,619 - iptables -A BF-cloudbr0-OUT -m physdev --physdev-is-bridged --physdev-out
vnet1 -j i-2-82-def
2012-10-09 17:57:26,628 - iptables -A BF-cloudbr0-IN -m physdev --physdev-is-bridged --physdev-in
vnet1 -j i-2-82-def


Second migration, wrong rule are being deleted due to grep mismatch :

2012-10-09 18:33:22,301 - iptables-save | grep BF | grep i-2-8 | grep physdev-is-bridged |
sed 's/-A/-D/'
2012-10-09 18:33:22,307 - iptables -D BF-cloudbr0-IN -m physdev --physdev-in vnet1 --physdev-is-bridged
-j i-2-82-def
2012-10-09 18:33:22,317 - iptables -D BF-cloudbr0-OUT -m physdev --physdev-out vnet1 --physdev-is-bridged
-j i-2-82-def
2012-10-09 18:33:22,372 - iptables -A BF-cloudbr0-OUT -m physdev --physdev-is-bridged --physdev-out
vnet2 -j i-2-8-def
2012-10-09 18:33:22,382 - iptables -A BF-cloudbr0-IN -m physdev --physdev-is-bridged --physdev-in
vnet2 -j i-2-8-def


Proposed patch :

/usr/lib64/cloud/agent/scripts/vm/network/security_group.py line 342 :

<<	delcmd = "iptables-save | grep BF | grep " +  vmchain + " | grep physdev-is-bridged
| sed 's/-A/-D/'"
>>	delcmd = "iptables-save | grep BF | grep " +  vmchain + "- | grep physdev-is-bridged
| sed 's/-A/-D/'"




--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message