-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/8406/
-----------------------------------------------------------
Review request for cloudstack.
Description
-------
When checking for rebooted VMs, security_group.py assumed bridge names would
not include dashed. The original code split the name found in iptables and used
the 2nd member of the returned array. In a case where the bridge had a hyphen
in the name, only a partial name was returned. For example, with a bridge named
br-public, the line 'iptables-save |grep physdev-is-bridged |grep FORWARD
|grep BF |grep '\-o' |awk '{print $9}'' returns BF-br-public. The name is
parsed by splitting the name by hyphens and taking the 2nd member of the array.
This returns br resulting in the script attempting to modify chains 'BF-br-IN'
and 'BF-br-OUT' which don't exist.
I changed the code to use regular expressions to remove "^BF-" from the chain
name. This will consistently remove just the unwanted part of the chain name to
get the standard brname used throughout the rest of the script.
This addresses bug CLOUDSTACK-591.
Diffs
-----
scripts/vm/network/security_group.py b079890
Diff: https://reviews.apache.org/r/8406/diff/
Testing
-------
-Modified /var/run/cloud/<VM>.log on hv to include a different ID.
-Waited for security_group.py get_rule_logs_for_vms to be run.
-Checked /var/log/cloud/security_group.log for errors and that the correct
information was being parsed
-Confirmed network connectivity for VM
Thanks,
Bill Rich
