[GitHub] cloudstack pull request: CLOUDSTACK-9213 - As a user I want to be ...

Wed, 06 Jan 2016 03:31:19 -0800 

Github user wilderrodrigues commented on the pull request:

    https://github.com/apache/cloudstack/pull/1311#issuecomment-169303235
  
    Ping @remibergsma @miguelaferreira @michaelandersen
    
    * Environment
      - Management Server on CentOS 7.1
      - 1 KVM Host on CentOS 7.1
      - Agent + Common built from 4.7 source
    
    * Manual tests
    
    
![image](https://cloud.githubusercontent.com/assets/5129209/12141592/0b236cb2-b471-11e5-9ab8-3a6edf8bac19.png)
    
    * Network ACL JSON file
    
    ```
    root@r-3-VM:~# 
    root@r-3-VM:~# less /etc/cloudstack/networkacl.json 
    {
        "eth2": {
            "device": "eth2", 
            "egress_rules": [], 
            "ingress_rules": [
                {
                    "allowed": true, 
                    "cidr": "10.0.0.0/8,0.0.0.0/0", 
                    "first_port": 22, 
                    "last_port": 22, 
                    "type": "tcp"
                }
            ], 
            "mac_address": "02:00:7e:56:00:02", 
            "nic_ip": "10.0.1.1", 
            "nic_netmask": "26", 
            "private_gateway_acl": false, 
            "type": "networkacl"
        }, 
        "id": "networkacl"
    }
    /etc/cloudstack/networkacl.json (END)
    ```
    
    * SSH into VM
    
    ```
     sbpltk1zffh04:sbp_dev wrodrigues$ ssh root@192.168.23.5
    The authenticity of host '192.168.23.5 (192.168.23.5)' can't be established.
    RSA key fingerprint is 11:d8:17:ce:62:cf:f9:23:78:fe:ec:34:c3:90:6a:fc.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added '192.168.23.5' (RSA) to the list of known hosts.
    root@192.168.23.5's password: 
    # ping 8.8.8.8
    PING 8.8.8.8 (8.8.8.8): 56 data bytes
    64 bytes from 8.8.8.8: seq=0 ttl=48 time=9.879 ms
    64 bytes from 8.8.8.8: seq=1 ttl=48 time=9.777 ms
    ^C
    --- 8.8.8.8 ping statistics ---
    2 packets transmitted, 2 packets received, 0% packet loss
    round-trip min/avg/max = 9.777/9.828/9.879 ms
    # ip addr
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue 
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
           valid_lft forever preferred_lft forever
        inet6 ::1/128 scope host 
           valid_lft forever preferred_lft forever
    2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 
1000
        link/ether 02:00:76:53:00:01 brd ff:ff:ff:ff:ff:ff
        inet 10.0.1.28/26 brd 10.0.1.63 scope global eth0
           valid_lft forever preferred_lft forever
        inet6 fe80::76ff:fe53:1/64 scope link 
           valid_lft forever preferred_lft forever
    # 
    ```
    
    * ACL inbound (iptables)
    
    ```
    Chain ACL_INBOUND_eth2 (1 references)
     pkts bytes target     prot opt in     out     source               
destination         
        0     0 ACCEPT     all  --  any    any     anywhere             
225.0.0.50          
        0     0 ACCEPT     all  --  any    any     anywhere             
vrrp.mcast.net      
        2   128 ACCEPT     tcp  --  any    any     anywhere             
anywhere             tcp dpt:ssh
        0     0 ACCEPT     tcp  --  any    any     10.0.0.0/8           
anywhere             tcp dpt:ssh
        0     0 DROP       all  --  any    any     anywhere             
anywhere 
    ```
    
    I will run the integration tests now.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---

Reply via email to