Chandan Purushothama created CLOUDSTACK-2403:
------------------------------------------------
Summary: NTier: Inspite of specifying "sourcenatsupported" as
"false", Private Gateway to the VPC is created on the VPC VR with a source NAT
rule
Key: CLOUDSTACK-2403
URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2403
Project: CloudStack
Issue Type: Bug
Security Level: Public (Anyone can view this level - this is the default.)
Components: Management Server
Affects Versions: 4.2.0
Reporter: Chandan Purushothama
Priority: Critical
Fix For: 4.2.0
===============
Steps to Reproduce:
===============
1. Create a Private Gateway to the VPC with "sourcenatsupported" parameter set
to "false".
===========
Observations:
===========
2013-05-08 17:01:33,779 DEBUG [cloud.async.AsyncJobManagerImpl]
(catalina-exec-7:null) submit async job-92, details: AsyncJobVO {id:92, userId:
2, accountId: 2, sessionKey: null, instanceType: PrivateGateway, instanceId:
26, cmd: org.apache.cloudstack.api.command.admin.vpc.CreatePrivateGatewayCmd,
cmdOriginator: null, cmdInfo:
{"physicalnetworkid":"aa64a672-74cc-4498-a0e9-5cbb333a141f","sessionkey":"J5RF+KuEucFSQi3XIQmJhxorqOM\u003d","sourcenatsupported":"false","gateway":"10.223.60.1","ctxUserId":"2","httpmethod":"GET","ipaddress":"10.223.60.46","netmask":"255.255.255.192","response":"json","id":"26","vlan":"600","_":"1368057576121","ctxAccountId":"2","vpcid":"a81bcb5a-0787-49f0-93dd-5e8bcdbeb85a","ctxStartEventId":"248"},
cmdVersion: 0, callbackType: 0, callbackAddress: null, status: 0,
processStatus: 0, resultCode: 0, result: null, initMsid: 7508777239729,
completeMsid: null, lastUpdated: null, lastPolled: null, created: null}
2013-05-08 17:01:33,780 DEBUG [cloud.api.ApiServlet] (catalina-exec-7:null)
===END=== 10.216.132.104 -- GET
command=createPrivateGateway&response=json&sessionkey=J5RF%2BKuEucFSQi3XIQmJhxorqOM%3D&physicalnetworkid=aa64a672-74cc-4498-a0e9-5cbb333a141f&vpcid=a81bcb5a-0787-49f0-93dd-5e8bcdbeb85a&ipaddress=10.223.60.46&sourcenatsupported=false&gateway=10.223.60.1&netmask=255.255.255.192&vlan=600&_=1368057576121
2013-05-08 17:01:33,782 DEBUG [cloud.async.AsyncJobManagerImpl]
(Job-Executor-132:job-92) Executing
org.apache.cloudstack.api.command.admin.vpc.CreatePrivateGatewayCmd for job-92
2013-05-08 17:01:33,787 DEBUG [cloud.async.AsyncJobManagerImpl]
(Job-Executor-132:job-92) Sync job-92 execution on object vpc.5
2013-05-08 17:01:33,792 DEBUG [cloud.async.AsyncJobManagerImpl]
(Job-Executor-132:job-92) job
org.apache.cloudstack.api.command.admin.vpc.CreatePrivateGatewayCmd for job-92
was queued, processing the queue.
2013-05-08 17:01:33,796 DEBUG [cloud.async.AsyncJobManagerImpl]
(Job-Executor-132:job-92) Executing sync queue item: SyncQueueItemVO {id:52,
queueId: 48, contentType: AsyncJob, contentId: 92, lastProcessMsid:
7508777239729, lastprocessNumber: 5, lastProcessTime: Wed May 08 17:01:33 PDT
2013, created: Wed May 08 17:01:33 PDT 2013}
2013-05-08 17:01:33,797 DEBUG [cloud.async.AsyncJobManagerImpl]
(Job-Executor-132:job-92) Schedule queued job-92
2013-05-08 17:01:33,802 DEBUG [cloud.async.SyncQueueManagerImpl]
(Job-Executor-132:job-92) There is a pending process in sync queue(id: 48)
2013-05-08 17:01:33,803 DEBUG [cloud.async.AsyncJobManagerImpl]
(Job-Executor-133:job-92) Executing
org.apache.cloudstack.api.command.admin.vpc.CreatePrivateGatewayCmd for job-92
2013-05-08 17:01:33,819 DEBUG [cloud.vm.VirtualMachineManagerImpl]
(Job-Executor-133:job-92) Adding vm VM[DomainRouter|r-9-NATONPRVGW] to network
Ntwk[209|Guest|5]; requested nic profile
NicProfile[0-0-600-10.223.60.46-vlan://600
2013-05-08 17:01:33,825 DEBUG [cloud.network.NetworkManagerImpl]
(Job-Executor-133:job-92) Allocating nic for vm VM[DomainRouter|r-9-NATONPRVGW]
in network Ntwk[209|Guest|5] with requested profile
NicProfile[0-0-600-10.223.60.46-vlan://600
2013-05-08 17:01:33,837 DEBUG [cloud.network.NetworkModelImpl]
(Job-Executor-133:job-92) Service SecurityGroup is not supported in the network
id=209
2013-05-08 17:01:33,839 DEBUG [cloud.network.NetworkManagerImpl]
(Job-Executor-133:job-92) Nic is allocated successfully for vm
VM[DomainRouter|r-9-NATONPRVGW] in network Ntwk[209|Guest|5]
2013-05-08 17:01:33,840 DEBUG [cloud.network.NetworkManagerImpl]
(Job-Executor-133:job-92) Lock is acquired for network id 209 as a part of
network implement
2013-05-08 17:01:33,841 DEBUG [cloud.network.NetworkManagerImpl]
(Job-Executor-133:job-92) Network id=209 is already implemented
2013-05-08 17:01:33,841 DEBUG [cloud.network.NetworkManagerImpl]
(Job-Executor-133:job-92) Lock is released for network id 209 as a part of
network implement
2013-05-08 17:01:33,851 DEBUG [cloud.network.NetworkModelImpl]
(Job-Executor-133:job-92) Service SecurityGroup is not supported in the network
id=209
2013-05-08 17:01:33,859 DEBUG [cloud.network.NetworkManagerImpl]
(Job-Executor-133:job-92) Asking JuniperSRX to prepare for
Nic[47-9-null-10.223.60.46]
2013-05-08 17:01:33,859 DEBUG [cloud.network.NetworkManagerImpl]
(Job-Executor-133:job-92) Asking Netscaler to prepare for
Nic[47-9-null-10.223.60.46]
2013-05-08 17:01:33,859 DEBUG [cloud.network.NetworkManagerImpl]
(Job-Executor-133:job-92) Asking F5BigIP to prepare for
Nic[47-9-null-10.223.60.46]
2013-05-08 17:01:33,859 DEBUG [cloud.network.NetworkManagerImpl]
(Job-Executor-133:job-92) Asking CiscoNexus1000vVSM to prepare for
Nic[47-9-null-10.223.60.46]
2013-05-08 17:01:33,859 DEBUG [cloud.network.NetworkManagerImpl]
(Job-Executor-133:job-92) Asking CiscoVNMC to prepare for
Nic[47-9-null-10.223.60.46]
2013-05-08 17:01:33,859 DEBUG [cloud.network.NetworkManagerImpl]
(Job-Executor-133:job-92) Asking NiciraNvp to prepare for
Nic[47-9-null-10.223.60.46]
2013-05-08 17:01:33,859 DEBUG [network.element.NiciraNvpElement]
(Job-Executor-133:job-92) Checking if NiciraNvpElement can handle service
Connectivity on network vpc-Atoms-VPC-1-privateNetwork
2013-05-08 17:01:33,859 DEBUG [cloud.network.NetworkManagerImpl]
(Job-Executor-133:job-92) Asking MidoNetElement to prepare for
Nic[47-9-null-10.223.60.46]
2013-05-08 17:01:33,859 DEBUG [network.element.MidoNetElement]
(Job-Executor-133:job-92) prepare called with network: Ntwk[209|Guest|5] nic:
NicProfile[47-9-null-10.223.60.46-vlan://600 vm: VM[DomainRouter|r-9-NATONPRVGW]
2013-05-08 17:01:33,859 DEBUG [cloud.network.NetworkManagerImpl]
(Job-Executor-133:job-92) Asking BigSwitchVnsElement to prepare for
Nic[47-9-null-10.223.60.46]
2013-05-08 17:01:33,859 DEBUG [network.element.BigSwitchVnsElement]
(Job-Executor-133:job-92) Checking if BigSwitchVnsElement can handle service
Connectivity on network vpc-Atoms-VPC-1-privateNetwork
2013-05-08 17:01:33,859 DEBUG [cloud.network.NetworkManagerImpl]
(Job-Executor-133:job-92) Asking VirtualRouter to prepare for
Nic[47-9-null-10.223.60.46]
2013-05-08 17:01:33,859 DEBUG [cloud.network.NetworkManagerImpl]
(Job-Executor-133:job-92) Asking Ovs to prepare for Nic[47-9-null-10.223.60.46]
2013-05-08 17:01:33,859 DEBUG [cloud.network.NetworkManagerImpl]
(Job-Executor-133:job-92) Asking SecurityGroupProvider to prepare for
Nic[47-9-null-10.223.60.46]
2013-05-08 17:01:33,859 DEBUG [cloud.network.NetworkManagerImpl]
(Job-Executor-133:job-92) Asking VpcVirtualRouter to prepare for
Nic[47-9-null-10.223.60.46]
2013-05-08 17:01:33,860 DEBUG [cloud.network.NetworkModelImpl]
(Job-Executor-133:job-92) Service SecurityGroup is not supported in the network
id=209
2013-05-08 17:01:33,860 DEBUG [cloud.network.NetworkManagerImpl]
(Job-Executor-133:job-92) Nic is prepared successfully for vm
VM[DomainRouter|r-9-NATONPRVGW] in network Ntwk[209|Guest|5]
2013-05-08 17:01:33,864 DEBUG [cloud.vm.VirtualMachineManagerImpl]
(Job-Executor-133:job-92) Plugging nic for vm VM[DomainRouter|r-9-NATONPRVGW]
in network Ntwk[209|Guest|5]
2013-05-08 17:01:33,867 DEBUG [agent.transport.Request]
(Job-Executor-133:job-92) Seq 1-275056266: Sending { Cmd , MgmtId:
7508777239729, via: 1, Ver: v1, Flags: 100111,
[{"PlugNicCommand":{"nic":{"deviceId":6,"networkRateMbps":200,"defaultNic":false,"uuid":"90ecc07d-a949-47a3-b7dc-dcc21ca7c758","ip":"10.223.60.46","netmask":"255.255.255.192","gateway":"10.223.60.1","mac":"06:82:06:00:00:3a","dns1":"8.8.8.8","dns2":"8.8.4.4","broadcastType":"Vlan","type":"Guest","broadcastUri":"vlan://600","isolationUri":"vlan://600","isSecurityGroupEnabled":false},"instanceName":"r-9-NATONPRVGW","wait":0}}]
}
2013-05-08 17:01:34,182 DEBUG [agent.transport.Request]
(AgentManager-Handler-15:null) Seq 1-275056266: Processing: { Ans: , MgmtId:
7508777239729, via: 1, Ver: v1, Flags: 110,
[{"PlugNicAnswer":{"result":true,"details":"success","wait":0}}] }
2013-05-08 17:01:34,182 DEBUG [agent.manager.AgentAttache]
(AgentManager-Handler-15:null) Seq 1-275056266: No more commands found
2013-05-08 17:01:34,182 DEBUG [agent.transport.Request]
(Job-Executor-133:job-92) Seq 1-275056266: Received: { Ans: , MgmtId:
7508777239729, via: 1, Ver: v1, Flags: 110, { PlugNicAnswer } }
2013-05-08 17:01:34,182 DEBUG [cloud.vm.VirtualMachineManagerImpl]
(Job-Executor-133:job-92) Nic is plugged successfully for vm
VM[DomainRouter|r-9-NATONPRVGW] in network Ntwk[209|Guest|5]. Vm is a part of
network now
2013-05-08 17:01:34,200 DEBUG [agent.transport.Request]
(Job-Executor-133:job-92) Seq 1-275056267: Sending { Cmd , MgmtId:
7508777239729, via: 1, Ver: v1, Flags: 100011,
[{"routing.IpAssocVpcCommand":{"ipAddresses":[{"accountId":1,"publicIp":"10.223.60.46","sourceNat":true,"add":true,"oneToOneNat":false,"firstIP":false,"vlanId":"600","vlanGateway":"10.223.60.1","vlanNetmask":"255.255.255.192","vifMacAddress":"06:82:06:00:00:3a","trafficType":"Guest"}],"accessDetails":{"router.guest.ip":"10.223.60.43","zone.network.type":"Advanced","router.ip":"169.254.3.119","router.name":"r-9-NATONPRVGW"},"wait":0}}]
}
2013-05-08 17:01:35,167 DEBUG [cloud.api.ApiServlet] (catalina-exec-24:null)
===START=== 10.216.132.104 -- GET
command=queryAsyncJobResult&jobId=f59a7cf1-06c1-4ef0-ba31-835acf8be6c8&response=json&sessionkey=J5RF%2BKuEucFSQi3XIQmJhxorqOM%3D&_=1368057731615
2013-05-08 17:01:35,174 DEBUG [cloud.async.AsyncJobManagerImpl]
(catalina-exec-24:null) Async job-67 completed
2013-05-08 17:01:35,176 DEBUG [cloud.api.ApiServlet] (catalina-exec-24:null)
===END=== 10.216.132.104 -- GET
command=queryAsyncJobResult&jobId=f59a7cf1-06c1-4ef0-ba31-835acf8be6c8&response=json&sessionkey=J5RF%2BKuEucFSQi3XIQmJhxorqOM%3D&_=1368057731615
2013-05-08 17:01:36,192 DEBUG [cloud.api.ApiServlet] (catalina-exec-10:null)
===START=== 10.216.132.104 -- GET
command=queryAsyncJobResult&jobId=c7f1611c-8ede-4a46-a4f9-6a98dda0bf43&response=json&sessionkey=J5RF%2BKuEucFSQi3XIQmJhxorqOM%3D&_=1368057732640
2013-05-08 17:01:36,199 DEBUG [cloud.async.AsyncJobManagerImpl]
(catalina-exec-10:null) Async job-68 completed
2013-05-08 17:01:36,201 DEBUG [cloud.api.ApiServlet] (catalina-exec-10:null)
===END=== 10.216.132.104 -- GET
command=queryAsyncJobResult&jobId=c7f1611c-8ede-4a46-a4f9-6a98dda0bf43&response=json&sessionkey=J5RF%2BKuEucFSQi3XIQmJhxorqOM%3D&_=1368057732640
2013-05-08 17:01:36,580 DEBUG [agent.transport.Request]
(AgentManager-Handler-1:null) Seq 1-275056267: Processing: { Ans: , MgmtId:
7508777239729, via: 1, Ver: v1, Flags: 10,
[{"routing.IpAssocAnswer":{"results":["10.223.60.46 -
success"],"result":true,"wait":0}}] }
2013-05-08 17:01:36,580 DEBUG [agent.transport.Request]
(Job-Executor-133:job-92) Seq 1-275056267: Received: { Ans: , MgmtId:
7508777239729, via: 1, Ver: v1, Flags: 10, { IpAssocAnswer } }
2013-05-08 17:01:36,580 DEBUG
[network.router.VpcVirtualNetworkApplianceManagerImpl]
(Job-Executor-133:job-92) Successfully applied ip association for ip
com.cloud.network.vpc.PrivateIpAddress@551c0528 in vpc network Ntwk[209|Guest|5]
2013-05-08 17:01:36,580 DEBUG [network.vpc.VpcManagerImpl]
(Job-Executor-133:job-92) Private gateway
com.cloud.network.vpc.PrivateGatewayProfile@2296b0bf was applied succesfully on
the backend
2013-05-08 17:01:36,584 DEBUG [network.vpc.VpcManagerImpl]
(Job-Executor-133:job-92) Marke gateway
com.cloud.network.vpc.PrivateGatewayProfile@2296b0bf with state Ready
2013-05-08 17:01:36,589 DEBUG [cloud.async.AsyncJobManagerImpl]
(Job-Executor-133:job-92) Complete async job-92, jobStatus: 1, resultCode: 0,
result: org.apache.cloudstack.api.response.PrivateGatewayResponse@6e9dcf00
2013-05-08 17:01:36,599 DEBUG [cloud.async.SyncQueueManagerImpl]
(Job-Executor-133:job-92) Sync queue (48) is currently empty
2013-05-08 17:01:36,599 DEBUG [cloud.async.AsyncJobManagerImpl]
(Job-Executor-133:job-92) Done executing
org.apache.cloudstack.api.command.admin.vpc.CreatePrivateGatewayCmd for job-92
mysql> select
id,ip4_address,gateway,vlan_tag,vpc_id,account_id,state,removed,source_nat from
vpc_gateways where vpc_id=5;
+----+--------------+-------------+----------+--------+------------+-------+---------+------------+
| id | ip4_address | gateway | vlan_tag | vpc_id | account_id | state |
removed | source_nat |
+----+--------------+-------------+----------+--------+------------+-------+---------+------------+
| 22 | 10.223.60.42 | 10.223.60.1 | 600 | 5 | 2 | Ready |
NULL | 0 |
| 23 | 10.223.60.43 | 10.223.60.1 | 600 | 5 | 2 | Ready |
NULL | 1 |
| 24 | 10.223.60.44 | 10.223.60.1 | 600 | 5 | 2 | Ready |
NULL | 1 |
| 25 | 10.223.60.45 | 10.223.60.1 | 600 | 5 | 2 | Ready |
NULL | 1 |
| 26 | 10.223.60.46 | 10.223.60.1 | 600 | 5 | 2 | Ready |
NULL | 1 |
+----+--------------+-------------+----------+--------+------------+-------+---------+------------+
5 rows in set (0.00 sec)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
