GitHub user wilderrodrigues opened a pull request:
https://github.com/apache/cloudstack/pull/908
CLOUDSTACK-8915 - Cannot SSH into VMs deployed Redundant VPC routers
In order to reproduce the problem, I did the following
* Create a Redundant VPC
* Add a tier
* Add a new VM to the tier
* Add an ACL, open port 22 and associate the ACL with the tier
* Acquire a pub IP
* Add a PF rule to port 22 towards the VM
* Try to SSH to the VM through the Pub IP
It failed with "No route to host".
This PR contains the following:
* Fix for the keepalived (vrrp) configuration;
* Refactor the default router code for both isolated and [r]VPC routers
* Revert CsRedundant changes
* Add default route tests
* Add logging to tests - so we see what's happening during test execution.
The following tests have been, successfully, executed:
nosetests --with-marvin --marvin-config=${marvinCfg} -s -a
tags=advanced,required_hardware=true \
component/test_vpc_redundant.py \
component/test_routers_iptables_default_policy.py \
component/test_vpc_router_nics.py
nosetests --with-marvin --marvin-config=${marvinCfg} -s -a
tags=advanced,required_hardware=false \
smoke/test_routers.py \
smoke/test_network_acl.py \
smoke/test_privategw_acl.py \
smoke/test_reset_vm_on_reboot.py \
smoke/test_vm_life_cycle.py \
smoke/test_vpc_vpn.py \
smoke/test_service_offerings.py \
component/test_vpc_offerings.py \
component/test_vpc_routers.py
Report will follow in a separate comment.
Cheers,
Wilder
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/ekholabs/cloudstack
fix/rVPC_routes_CLOUDSTACK-8915
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/cloudstack/pull/908.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #908
----
commit 459b0fd393db2ed5182f370cf08029adc147e16e
Author: Wilder Rodrigues <wrodrig...@schubergphilis.com>
Date: 2015-09-28T11:15:54Z
CLOUDSTACK-8915 - Add the default route only on address that have not been
configured yet.
- In case of rVPC we experienced the wrong route being added to the VPC
tiers
commit 829cf735068fc498e88c6c420d523615418efe10
Author: Wilder Rodrigues <wrodrig...@schubergphilis.com>
Date: 2015-09-29T12:35:48Z
CLOUDSTACK-8915 - Rearrenging a bit the default route code in order to make
it more clear
commit b075fd875ac3b6b8547344b88909b288d9276f5a
Author: Wilder Rodrigues <wrodrig...@schubergphilis.com>
Date: 2015-09-29T13:13:10Z
CLOUDSTACK-8915 - VRRP needs a cidr in order to work properly
- The cidr was replaced by the single IP, which broke the feature.
- Wait during transition from master to backup otherwise the test fails
due to wronge state
commit caadc7a0f98746a042afb0f286674c1b07930c53
Author: Wilder Rodrigues <wrodrig...@schubergphilis.com>
Date: 2015-09-29T17:38:02Z
CLOUDSTACK-8915 - Reverting changes from commit id
18dbc0c4cbe506ad698bc513c901dc2d0e48159f
- If the file is always copied, it will result in restarting keepalived
everytime which makes the routers transit between master/backup
commit 9724693898d3e84036fccda6259219baf4df97ba
Author: Wilder Rodrigues <wrodrig...@schubergphilis.com>
Date: 2015-09-29T18:35:37Z
CLOUDSTACK-8915 - Reverting changes from commit id
1a02773b556a0efa277cf18cd099fc62a4e27706
- That's not the place to fix the default routes for redundant VPC,
- Adding tests to cover PF and FW in isolated networks
* Will still add some tests for egress as well
commit 711372713836ff06168897a0fce4d443457ee5e0
Author: Wilder Rodrigues <wrodrig...@schubergphilis.com>
Date: 2015-09-30T08:29:46Z
CLOUDSTACK-8915 - Improve routers tests
- Add egress tests in order to check if VMs can reach the outside world
- Increase the wait when testing redundant routers: they fight to become
master
- Make sure the clean up is done properly
commit 25811b0cc20000875b3911833d49a13310f365b8
Author: Wilder Rodrigues <wrodrig...@schubergphilis.com>
Date: 2015-10-01T08:46:54Z
CLOUDSTACK-8915 - Adding logging to tests
commit fbb373aa9384e9902213f814f363c66595ac0f93
Author: Wilder Rodrigues <wrodrig...@schubergphilis.com>
Date: 2015-10-01T11:30:12Z
CLOUDSTACK-8915 - This test is still under construction
- It will help to increase coverage of VR use: PF; LB and FW
----
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
