- It was working before because the Routers were restarting about 10 times for each operation
e.g. adding a VM to a network ot acquiring a new IP.
- Adding stat_rules of internal LB to iptables
We needed one extra rule in the INPUT chain
- With the keepalived fixed they should not be needed anymore. So first reducing them drasticaly
- I am now making a backup of the template file, write to the template file and compare it with the existing configuration
- The template file is recovered afer the process
- I also check if the process is running
- I fixed a bug in the compare method
- I am now updating the configuration variable once the file content is flushed to disk
CLOUDSTACK-8947 - Load Balancer not working with Isolated NetworksThis PR fixes the Load Balance feature by adding iptables rules for the public IP and port of the LB.
In order to cover the changes, I improved and executed the smoke/test_loadbalance.py. In addition, I also executed many other tests to make sure the main network/VM functionalities are working as expected.
Test report will follow.
* pr/931:
CLOUDSTACK-8947 - Do not rely on the machine hostname to verify the test
CLOUDSTACK-8947 - Fail fast!
CLOUDSTACK-8947 - Adding some logging to better understand whay is happening with the Processes
CLOUDSTACK-8947 - Adding some logging to better understand what's happening with the rules
CLOUDSTACK-8947 - Configure the firewall when the load balancer is setup
CLOUDSTACK-8947 - Avoid multiple entries in the FW_EGRESS_RULES table
CLOUDSTACK-8947 - Open the input chain to IP when loadbalancer is configured
CLOUDSTACK-8947 - FW_EGRESS should be added only to filter table
Signed-off-by: Remi Bergsma <github@remi.nl>
CLOUDSTACK-8934 - Default routes not configured for rVPC and RVRThis PR fixes the default routes for redundant VPCs and isolated networks. New tests were introduced in order to make sure that the routers are working properly.
During the tests, I found out that the Firewall Egress was not working properly when creating the network offering with default allow. The bug has been fixed and tests for redundant and non-redundant isolated networks were added.
Test reports will follow in a separate comment.
* pr/923:
CLOUDSTACK-8934 - Fix the AclIP class to make it configure the default FW policy
CLOUDSTACK-8934 - Fix default EGRESS rules for isolated networks
CLOUDSTACK-8934 - Adding tests to cover default routes on IsoNest and RVR nets
CLOUDSTACK-8934 - Add default gateway when the public interface is up again
Signed-off-by: Remi Bergsma <github@remi.nl>
Pr 906 912 bug zone wizard and adv search popup
* pr/915:
PR 906 (CLOUDSTACK-8930) and PR 912 combined. Bugs on localization buttons in zone wizard final step and Advanced search popup
CLOUDSTACK-8930: Showing blank screen when click 'Next' link in final step of Add Zone wizard.
Signed-off-by: Rajani Karuturi <rajanikaruturi@gmail.com>
- The default is Accept and will be changed based on the configuration of the offering.
CLOUDSTACK-8934 - The default egress is set as Deny in the router.
- We had to change it on the Java side in order to make the apply it once the default is defined as allowed on the net offering
CLOUDSTACK-8879: Depend in rados-java 0.2.0This should fix the CloudStack Agent from crashing when it has to
handle more then 16 RBD snapshots on one Volume.
* pr/889:
CLOUDSTACK-8879: Depend in rados-java 0.2.0
Signed-off-by: Remi Bergsma <github@remi.nl>
CLOUDSTACK-8915 - Cannot SSH into VMs deployed Redundant VPC routersIn order to reproduce the problem, I did the following
* Create a Redundant VPC
* Add a tier
* Add a new VM to the tier
* Add an ACL, open port 22 and associate the ACL with the tier
* Acquire a pub IP
* Add a PF rule to port 22 towards the VM
* Try to SSH to the VM through the Pub IP
It failed with "No route to host".
This PR contains the following:
* Fix for the keepalived (vrrp) configuration;
* Refactor the default router code for both isolated and [r]VPC routers
* Revert CsRedundant changes
* Add default route tests
* Add logging to tests - so we see what's happening during test execution.
* pr/908:
CLOUDSTACK-8915 - Making sure cleanup resources passes
CLOUDSTACK-8915 - Fix the assertion used for the default routes test
CLOUDSTACK-8915 - Copy the conntrackd configuration every time _redundant_on() function is called
CLOUDSTACK-8915 - This test is still under construction
CLOUDSTACK-8915 - Adding logging to tests
CLOUDSTACK-8915 - Improve routers tests
CLOUDSTACK-8915 - Reverting changes from commit id 1a02773b556a0efa277cf18cd099fc62a4e27706
CLOUDSTACK-8915 - Reverting changes from commit id 18dbc0c4cbe506ad698bc513c901dc2d0e48159f
CLOUDSTACK-8915 - VRRP needs a cidr in order to work properly
CLOUDSTACK-8915 - Rearrenging a bit the default route code in order to make it more clear
CLOUDSTACK-8915 - Add the default route only on address that have not been configured yet.
Signed-off-by: Remi Bergsma <github@remi.nl>
- Due to an issue with VPC routers (CLOUDSTACK-8935) we are not able to destroy networks before destroying the routers
- Added a forcestop/destroy routers inside the tearDown to make sure it passes. The issue will be addressed in a separate PR
- Make sure the routers list is cleaned after destroy_routers() is called
- Populate routers list after the router is recreated
- Add egress tests in order to check if VMs can reach the outside world
- Increase the wait when testing redundant routers: they fight to become master
- Make sure the clean up is done properly
- That's not the place to fix the default routes for redundant VPC,
- Adding tests to cover PF and FW in isolated networks
* Will still add some tests for egress as well
- The cidr was replaced by the single IP, which broke the feature.
- Wait during transition from master to backup otherwise the test fails due to wronge state
CLOUDSTACK-8848 ensure power state is up to date for missing PowerState handlingadded a null guard to @resmo's #885 A unit test or two would be nice as well but as this is a blocker I want to get it to review asap.
@koushik-das @wilderrodrigues @anshul1886 @karuturi @remibergsma you all commented on the original, please have a look. @bhaisaab welcome to comment as well.
* pr/909:
CLOUDSTACK-8848: added null pointer guard to new public method
CLOUDSTACK-8848: ensure power state is up to date when handling missing VMs in powerReport
Signed-off-by: Rajani Karuturi <rajani.karuturi@citrix.com>
CLOUDSTACK-8808: Successfully registered VHD template is downloaded again due to missing virtualsize property in template.propertiesWe have multiple file processors to process different types of image
formats. The processor interface has two methods getVirtualSize() and
process().
1. getVirtualSize() as the name says, returns the virtual size of
the file and is used at get the size while copying files from NFS to s3
2. process() returns FormatInfo struct which has fileType, size,
virutalSize, filename. on successfully downloading a template, each
file is passed to all the processors.process() and whichever returns a
FormatInfo, that will be used to create template.properties file. If
process() throws an InternalErrorException, template installation fails.
But, if process() returns null, template registration is successful with
template.properties missing some attributes like virtualSize, file
format etc. which results in this bug on restart of ssvm/cloud
service/management server.
failing the template download if virutalsize or some other properties
cannot be determined.
The following changes are done:
getVirtualSize() to always return size(if it can calculate, get virtual
size else return file size). This would mean the following changes
1. QCOW2Processor.getVirtualSize() to return file size if virtual
size calculation fails
2. VHDProcessor.getVirtualSize() to return file size if virtual size
calculation fails
process() to throw InternalErrorException if virtual size calculation
fails or any other exceptions occur. This would mean the following
changes
1. OVAProcessor to throw InternalErrorException if untar fails
2. QCOW2Processor to throw InternalErrorException if virtual size
calculation fails
3. VHDProcessor to throw InternalErrorException if virtual size
calculation fails
Testing:
added unittests for the changes in the file processors.
manual test:
setup: host xenserver 6.5, management server centos 6.7
template: disk created using the process specified by andy at https://issues.apache.org/jira/browse/CLOUDSTACK-8808?focusedCommentId=14933368
tried to register the template and it failed with an error. Template never moved to Ready state.
* pr/901:
CLOUDSTACK-8808: Successfully registered VHD template is downloaded again due to missing virtualsize property in template.properties
Signed-off-by: Remi Bergsma <github@remi.nl>
CLOUDSTACK-8924: Removed duplicate test from test_scale_vm.pyPlease go through CS-8924 for more details.
* pr/900:
CLOUDSTACK-8924: Removed duplicate test from test_scale_vm.py
Signed-off-by: Remi Bergsma <github@remi.nl>
again due to missing virtualsize property in template.properties
We have multiple file processors to process different types of image
formats. The processor interface has two methods getVirtualSize() and
process().
1. getVirtualSize() as the name says, returns the virtual size of
the file and is used at get the size while copying files from NFS to s3
2. process() returns FormatInfo struct which has fileType, size,
virutalSize, filename. on successfully downloading a template, each
file is passed to all the processors.process() and whichever returns a
FormatInfo, that will be used to create template.properties file. If
process() throws an InternalErrorException, template installation fails.
But, if process() returns null, template registration is successful with
template.properties missing some attributes like virtualSize, file
format etc. which results in this bug on restart of ssvm/cloud
service/management server.
failing the template download if virutalsize or some other properties
cannot be determined.
The following changes are done:
getVirtualSize() to always return size(if it can calculate, get virtual
size else return file size). This would mean the following changes
1. QCOW2Processor.getVirtualSize() to return file size if virtual
size calculation fails
2. VHDProcessor.getVirtualSize() to return file size if virtual size
calculation fails
process() to throw InternalErrorException if virtual size calculation
fails or any other exceptions occur. This would mean the following
changes
1. OVAProcessor to throw InternalErrorException if untar fails
2. QCOW2Processor to throw InternalErrorException if virtual size
calculation fails
3. VHDProcessor to throw InternalErrorException if virtual size
calculation fails
