Github user wilderrodrigues commented on the pull request:
https://github.com/apache/cloudstack/pull/1259#issuecomment-166560296
Ping @remibergsma @miguelaferreira @borisroman @michaelandersen
One test failed: test_02_RVR_Network_FW_PF_SSH_default_routes_egress_false.
This test should reate a RVR network with default egress set to false (deny);
try to ping google and expect failure; add the egress rules (port 80/tcp and
53/udp); try to ping google again and expect a success.
I did the same thing manually and all worked fine:
* Ping
I will investigate.
```
sbpltk1zffh04:sbp_dev wrodrigues$ ssh root@192.168.23.10
root@192.168.23.10's password:
# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=0 ttl=48 time=9.871 ms
64 bytes from 8.8.8.8: seq=1 ttl=48 time=11.822 ms
64 bytes from 8.8.8.8: seq=2 ttl=48 time=11.335 ms
64 bytes from 8.8.8.8: seq=3 ttl=48 time=9.681 ms
64 bytes from 8.8.8.8: seq=4 ttl=48 time=10.592 ms
64 bytes from 8.8.8.8: seq=5 ttl=48 time=10.015 ms
^C
--- 8.8.8.8 ping statistics ---
6 packets transmitted, 6 packets received, 0% packet loss
round-trip min/avg/max = 9.681/10.552/11.822 ms
```
* Environment
```
```
* Tests Executed
```
```
* Results
```
Test iptables default INPUT/FORWARD policy on RouterVM ... === TestName:
test_02_routervm_iptables_policies | Status : SUCCESS ===
ok
Test iptables default INPUT/FORWARD policies on VPC router ... ===
TestName: test_01_single_VPC_iptables_policies | Status : SUCCESS ===
ok
Test redundant router internals ... === TestName:
test_01_isolate_network_FW_PF_default_routes_egress_true | Status : SUCCESS ===
ok
Test redundant router internals ... === TestName:
test_02_isolate_network_FW_PF_default_routes_egress_false | Status : SUCCESS ===
ok
Test redundant router internals ... === TestName:
test_01_RVR_Network_FW_PF_SSH_default_routes_egress_true | Status : SUCCESS ===
ok
Test redundant router internals ... === TestName:
test_02_RVR_Network_FW_PF_SSH_default_routes_egress_false | Status : FAILED ===
FAIL
Test redundant router internals ... === TestName:
test_03_RVR_Network_check_router_state | Status : SUCCESS ===
ok
Create a VPC with two networks with one VM in each network and test nics
after destroy ... === TestName: test_01_VPC_nics_after_destroy | Status :
SUCCESS ===
ok
Create a VPC with two networks with one VM in each network and test default
routes ... === TestName: test_02_VPC_default_routes | Status : SUCCESS ===
ok
Check the password file in the Router VM ... === TestName:
test_isolate_network_password_server | Status : SUCCESS ===
ok
Check that the /etc/dhcphosts.txt doesn't contain duplicate IPs ... ===
TestName: test_router_dhcphosts | Status : SUCCESS ===
ok
Test to create Load balancing rule with source NAT ... === TestName:
test_01_create_lb_rule_src_nat | Status : SUCCESS ===
ok
Test to create Load balancing rule with non source NAT ... === TestName:
test_02_create_lb_rule_non_nat | Status : SUCCESS ===
ok
Test for assign & removing load balancing rule ... === TestName:
test_assign_and_removal_lb | Status : SUCCESS ===
ok
Test create, assign, remove of an Internal LB with roundrobin http traffic
to 3 vm's in a Single VPC ... === TestName:
test_01_internallb_roundrobin_1VPC_3VM_HTTP_port80 | Status : SUCC
ESS ===
ok
Test create, assign, remove of an Internal LB with roundrobin http traffic
to 3 vm's in a Redundant VPC ... === TestName:
test_02_internallb_roundrobin_1RVPC_3VM_HTTP_port80 | Status :
SUCCESS ===
ok
Test to verify access to loadbalancer haproxy admin stats page ... ===
TestName: test_03_vpc_internallb_haproxy_stats_on_all_interfaces | Status :
SUCCESS ===
ok
Test to verify access to loadbalancer haproxy admin stats page ... ===
TestName: test_04_rvpc_internallb_haproxy_stats_on_all_interfaces | Status :
SUCCESS ===
ok
Test SSVM Internals ... === TestName: test_03_ssvm_internals | Status :
SUCCESS ===
ok
Test CPVM Internals ... === TestName: test_04_cpvm_internals | Status :
SUCCESS ===
ok
Test stop SSVM ... === TestName: test_05_stop_ssvm | Status : SUCCESS ===
ok
Test stop CPVM ... === TestName: test_06_stop_cpvm | Status : SUCCESS ===
ok
Test reboot SSVM ... === TestName: test_07_reboot_ssvm | Status : SUCCESS
===
ok
Test reboot CPVM ... === TestName: test_08_reboot_cpvm | Status : SUCCESS
===
ok
Test destroy SSVM ... === TestName: test_09_destroy_ssvm | Status : SUCCESS
===
ok
Test destroy CPVM ... === TestName: test_10_destroy_cpvm | Status : SUCCESS
===
ok
Test Remote Access VPN in VPC ... === TestName: test_vpc_remote_access_vpn
| Status : SUCCESS ===
ok
Test VPN in VPC ... === TestName: test_vpc_site2site_vpn | Status : SUCCESS
===
ok
Test for port forwarding on source NAT ... === TestName:
test_01_port_fwd_on_src_nat | Status : SUCCESS ===
ok
Test for port forwarding on non source NAT ... === TestName:
test_02_port_fwd_on_non_src_nat | Status : SUCCESS ===
ok
Test for reboot router ... === TestName: test_reboot_router | Status :
SUCCESS ===
ok
Test for Router rules for network rules on acquired public IP ... ===
TestName: test_network_rules_acquired_public_ip_1_static_nat_rule | Status :
SUCCESS ===
ok
Test for Router rules for network rules on acquired public IP ... ===
TestName: test_network_rules_acquired_public_ip_2_nat_rule | Status : SUCCESS
===
ok
Test for Router rules for network rules on acquired public IP ... ===
TestName: test_network_rules_acquired_public_ip_3_Load_Balancer_Rule | Status :
SUCCESS ===
ok
test_01_vpc_privategw_acl
(integration.smoke.test_privategw_acl.TestPrivateGwACL) ... === TestName:
test_01_vpc_privategw_acl | Status : SUCCESS ===
ok
test_02_vpc_privategw_static_routes
(integration.smoke.test_privategw_acl.TestPrivateGwACL) ... === TestName:
test_02_vpc_privategw_static_routes | Status : SUCCESS ===
ok
test_03_rvpc_privategw_static_routes
(integration.smoke.test_privategw_acl.TestPrivateGwACL) ... === TestName:
test_03_rvpc_privategw_static_routes | Status : SUCCESS ===
ok
======================================================================
FAIL: Test redundant router internals
----------------------------------------------------------------------
Traceback (most recent call last):
File
"/data/git/cs1/cloudstack/test/integration/smoke/test_routers_network_ops.py",
line 483, in test_02_RVR_Network_FW_PF_SSH_default_routes_egress_false
"Attempt to retrieve google.com index page should be successful once
rule is added!"
AssertionError: Attempt to retrieve google.com index page should be
successful once rule is added!
----------------------------------------------------------------------
Ran 37 tests in 18150.221s
FAILED (failures=1)
(END)
```
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
