Github user wilderrodrigues commented on the pull request:
https://github.com/apache/cloudstack/pull/887#issuecomment-143353564
ping @remibergsma @karuturi @borisroman @miguelaferreira
I executed a few Marvin tests but some manual tests. The changes are
working fine and will fix quite a few issues.
@remibergsma also executed his CloudMonkey VPN tests, which can be found
here:
https://github.com/schubergphilis/MCT-shared/tree/master/helper_scripts/cloudstack/vpn_tests
All went fine and you can simply execute them as well!
:+1: LGTM
Manual tests:
* Create VM and isolated network
* Add FW and PF rules
* Try to ping 8.8.8.8 before opening egress:
- Doens't workt
* Open egress and it works!
[root@cs1 integration]# ssh root@192.168.23.6
The authenticity of host '192.168.23.6 (192.168.23.6)' can't be established.
ECDSA key fingerprint is 44:1f:60:67:51:e5:c0:e1:65:6d:5d:dd:1f:eb:b0:3a.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.23.6' (ECDSA) to the list of known
hosts.
root@192.168.23.6's password:
# ls /
bin dev home lib64 lost+found mnt
proc run sys usr
boot etc lib linuxrc media opt
root sbin tmp var
# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
^C
--- 8.8.8.8 ping statistics ---
4 packets transmitted, 0 packets received, 100% packet loss
# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=47 time=10.100 ms
64 bytes from 8.8.8.8: seq=1 ttl=47 time=9.648 ms
64 bytes from 8.8.8.8: seq=2 ttl=47 time=9.155 ms
^C
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 9.155/9.634/10.100 ms
#
* Create VPC
* Add Tier, VM and public IP
* Add PF rule
* Try to ping 8.8.8.8 and it works!
[root@cs1 integration]# ssh root@192.168.23.4
The authenticity of host '192.168.23.4 (192.168.23.4)' can't be established.
ECDSA key fingerprint is 6d:0d:71:3a:43:00:16:4a:0b:ee:2b:3e:4c:dc:d9:f9.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.23.4' (ECDSA) to the list of known
hosts.
root@192.168.23.4's password:
# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=47 time=9.137 ms
64 bytes from 8.8.8.8: seq=1 ttl=47 time=10.937 ms
64 bytes from 8.8.8.8: seq=2 ttl=47 time=9.618 ms
^C
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 packets received, 0% packet loss
round-trip min/avg/max = 9.137/9.897/10.937 ms
#
Automated tests executed:
test_vpc_routers
test_vpc_offerings
test_vm_life_cycle
test_vpc_vpn
test_vpn_users
test_routers_iptables_default_policy
Test start/stop of router after addition of one guest network ... ===
TestName: test_01_start_stop_router_after_addition_of_one_guest_network |
Status : SUCCESS ===
ok
Test reboot of router after addition of one guest network ... === TestName:
test_02_reboot_router_after_addition_of_one_guest_network | Status : SUCCESS ===
ok
Test to change service offering of router after addition of one guest
network ... === TestName:
test_04_chg_srv_off_router_after_addition_of_one_guest_network | Status :
SUCCESS ===
ok
Test destroy of router after addition of one guest network ... ===
TestName: test_05_destroy_router_after_addition_of_one_guest_network | Status :
SUCCESS ===
ok
Test to stop and start router after creation of VPC ... === TestName:
test_01_stop_start_router_after_creating_vpc | Status : SUCCESS ===
ok
Test to reboot the router after creating a VPC ... === TestName:
test_02_reboot_router_after_creating_vpc | Status : SUCCESS ===
ok
Tests to change service offering of the Router after ... === TestName:
test_04_change_service_offerring_vpc | Status : SUCCESS ===
ok
Test to destroy the router after creating a VPC ... === TestName:
test_05_destroy_router_after_creating_vpc | Status : SUCCESS ===
ok
----------------------------------------------------------------------
Ran 8 tests in 1107.930s
OK
/tmp//MarvinLogs/test_vpc_routers_2UGRJR/results.txt (END)
Test create VPC offering ... === TestName: test_01_create_vpc_offering |
Status : SUCCESS ===
ok
Test VPC offering without load balancing service ... === TestName:
test_03_vpc_off_without_lb | Status : SUCCESS ===
ok
Test VPC offering without static NAT service ... === TestName:
test_04_vpc_off_without_static_nat | Status : SUCCESS ===
ok
Test VPC offering without port forwarding service ... === TestName:
test_05_vpc_off_without_pf | Status : SUCCESS ===
ok
Test VPC offering with invalid services ... === TestName:
test_06_vpc_off_invalid_services | Status : SUCCESS ===
ok
Test update VPC offering ... === TestName: test_07_update_vpc_off | Status
: SUCCESS ===
ok
Test list VPC offering ... === TestName: test_08_list_vpc_off | Status :
SUCCESS ===
ok
test_09_create_redundant_vpc_offering
(integration.component.test_vpc_offerings.TestVPCOffering) ... === TestName:
test_09_create_redundant_vpc_offering | Status : SUCCESS ===
ok
----------------------------------------------------------------------
Ran 8 tests in 1486.109s
OK
/tmp//MarvinLogs/test_vpc_offerings_68E5MJ/results.txt (END)
Test advanced zone virtual router ... === TestName:
test_advZoneVirtualRouter | Status : SUCCESS ===
ok
Test Deploy Virtual Machine ... === TestName: test_deploy_vm | Status :
SUCCESS ===
ok
Test Multiple Deploy Virtual Machine ... === TestName:
test_deploy_vm_multiple | Status : SUCCESS ===
ok
Test Stop Virtual Machine ... === TestName: test_01_stop_vm | Status :
SUCCESS ===
ok
Test Start Virtual Machine ... === TestName: test_02_start_vm | Status :
SUCCESS ===
ok
Test Reboot Virtual Machine ... === TestName: test_03_reboot_vm | Status :
SUCCESS ===
ok
Test destroy Virtual Machine ... === TestName: test_06_destroy_vm | Status
: SUCCESS ===
ok
Test recover Virtual Machine ... === TestName: test_07_restore_vm | Status
: SUCCESS ===
ok
Test migrate VM ... SKIP: At least two hosts should be present in the zone
for migration
Test destroy(expunge) Virtual Machine ... === TestName: test_09_expunge_vm
| Status : SUCCESS ===
ok
----------------------------------------------------------------------
Ran 10 tests in 1636.117s
OK (SKIP=1)
/tmp//MarvinLogs/test_vm_life_cycle_TK4597/results.txt (END)
Test VPN in VPC ... === TestName: test_vpc_remote_access_vpn | Status :
SUCCESS ===
ok
Test VPN in VPC ... === TestName: test_vpc_site2site_vpn | Status : SUCCESS
===
ok
----------------------------------------------------------------------
Ran 2 tests in 846.637s
OK
/tmp//MarvinLogs/test_vpc_vpn_73XROS/results.txt (END)
VPN remote access user limit tests ... === TestName: test_01_VPN_user_limit
| Status : SUCCESS ===
ok
Test create VPN when L2TP port in use ... === TestName:
test_02_use_vpn_port | Status : SUCCESS ===
ok
Test create NAT rule when VPN when L2TP enabled ... === TestName:
test_03_enable_vpn_use_port | Status : SUCCESS ===
ok
Test add new users to existing VPN ... === TestName: test_04_add_new_users
| Status : SUCCESS ===
ok
Test add duplicate user to existing VPN ... === TestName:
test_05_add_duplicate_user | Status : SUCCESS ===
ok
Test as global admin, add a new VPN user to an existing VPN entry ... ===
TestName: test_06_add_VPN_user_global_admin | Status : SUCCESS ===
ok
Test as domain admin, add a new VPN user to an existing VPN entry ... ===
TestName: test_07_add_VPN_user_domain_admin | Status : SUCCESS ===
ok
----------------------------------------------------------------------
Ran 7 tests in 2295.400s
OK
/tmp//MarvinLogs/test_vpn_users_QBYU77/results.txt (END)
Test iptables default INPUT/FORWARD policy on RouterVM ... === TestName:
test_02_routervm_iptables_policies | Status : SUCCESS ===
ok
Test iptables default INPUT/FORWARD policies on VPC router ... ===
TestName: test_01_single_VPC_iptables_policies | Status : SUCCESS ===
ok
----------------------------------------------------------------------
Ran 2 tests in 908.229s
OK
/tmp//MarvinLogs/test_routers_iptables_default_policy_KSMXG6/results.txt
(END)
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
