[
https://issues.apache.org/jira/browse/CLOUDSTACK-2475?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Koushik Das resolved CLOUDSTACK-2475.
-------------------------------------
Resolution: Fixed
> Failed to create PF rules with Cisco VNMC as the port pool object name is
> exceeding the max limit
> --------------------------------------------------------------------------------------------------
>
> Key: CLOUDSTACK-2475
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2475
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: Network Devices
> Affects Versions: 4.2.0
> Reporter: Sailaja Mada
> Assignee: Koushik Das
> Priority: Critical
>
> Setup: Advanced Networking Zone with VMWARE Cluster
> Steps :
> 1. Configure VMWARE Cluster with Nexus 1000v
> 2. Add Network Service provider CiscoVnmc and add Cisco VNMC and ASA firewall
> devices to CS
> 3. Create Network offering with Firewall/PF/Source Nat/Static NAT provider as
> Cisco VNMC
> 4. Deploy guest network with this Offering and deploy instance using this
> guest network
> 5. Acquire IP and configure PF rules.
> 6. Create PF/Delete/Create more than 9 rules.
> Observation:
> 1. Failed to create PF rules with Cisco VNMC as the port pool object name is
> exceeding the max limit
> 2. Creation of PF rule worked fine till it has single digit in the drule.
> [PFPort-Vlan-vlanid-PublicIP-druleid]
> 'PFPort-vlan-770-10-102-196-232-15'
> 2013-05-14 09:42:09,912 DEBUG [cloud.async.AsyncJobManagerImpl]
> (Job-Executor-92:job-66) Executing
> org.apache.cloudstack.api.command.user.firewall.CreatePortForwardingRuleCmd
> for job-66
> 2013-05-14 09:42:09,921 DEBUG [cloud.user.AccountManagerImpl]
> (Job-Executor-92:job-66) Access to Acct[3-cdcuser1] granted to
> Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
> 2013-05-14 09:42:09,937 DEBUG [cloud.user.AccountManagerImpl]
> (Job-Executor-92:job-66) Access to Rule[15-PortForwarding-Add] granted to
> Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
> 2013-05-14 09:42:09,960 DEBUG [agent.transport.Request]
> (Job-Executor-92:job-66) Seq 6-602734649: Sending { Cmd , MgmtId:
> 214053811722752, via: 6, Ver: v1, Flags: 100011,
> [{"routing.SetPortForwardingRulesCommand":{"rules":[{"dstIp":"10.0.0.106","dstPortRange":[22,22],"id":15,"srcVlanTag":"100","srcIp":"10.102.196.232","protocol":"tcp","srcPortRange":[22,22],"revoked":false,"alreadyAdded":false,"purpose":"PortForwarding"}],"accessDetails":{},"wait":0}}]
> }
> 2013-05-14 09:42:09,961 DEBUG [agent.transport.Request]
> (Job-Executor-92:job-66) Seq 6-602734649: Executing: { Cmd , MgmtId:
> 214053811722752, via: 6, Ver: v1, Flags: 100011,
> [{"routing.SetPortForwardingRulesCommand":{"rules":[{"dstIp":"10.0.0.106","dstPortRange":[22,22],"id":15,"srcVlanTag":"100","srcIp":"10.102.196.232","protocol":"tcp","srcPortRange":[22,22],"revoked":false,"alreadyAdded":false,"purpose":"PortForwarding"}],"accessDetails":{},"wait":0}}]
> }
> 2013-05-14 09:42:09,965 DEBUG [agent.manager.DirectAgentAttache]
> (DirectAgent-392:null) Seq 6-602734649: Executing request
> 2013-05-14 09:42:10,468 ERROR [network.resource.CiscoVnmcResource]
> (DirectAgent-392:null) SetSourceNatCommand failed due to property name of
> objgrp-PFPort-vlan-770-10-102-196-232-15 failed validation for value
> 'PFPort-vlan-770-10-102-196-232-15'
> com.cloud.utils.exception.ExecutionException: property name of
> objgrp-PFPort-vlan-770-10-102-196-232-15 failed validation for value
> 'PFPort-vlan-770-10-102-196-232-15'
> at
> com.cloud.network.cisco.CiscoVnmcConnectionImpl.verifySuccess(CiscoVnmcConnectionImpl.java:1361)
> at
> com.cloud.network.cisco.CiscoVnmcConnectionImpl.createTenantVDCPortPool(CiscoVnmcConnectionImpl.java:824)
> at
> com.cloud.network.cisco.CiscoVnmcConnectionImpl.createTenantVDCPFPortPool(CiscoVnmcConnectionImpl.java:958)
> at
> com.cloud.network.resource.CiscoVnmcResource.execute(CiscoVnmcResource.java:578)
> at
> com.cloud.network.resource.CiscoVnmcResource.execute(CiscoVnmcResource.java:514)
> at
> com.cloud.network.resource.CiscoVnmcResource.executeRequest(CiscoVnmcResource.java:99)
> at
> com.cloud.agent.manager.DirectAgentAttache$Task.run(DirectAgentAttache.java:186)
> at
> java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
> at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
> at java.util.concurrent.FutureTask.run(FutureTask.java:166)
> at
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$101(ScheduledThreadPoolExecutor.java:165)
> at
> java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:266)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
> at java.lang.Thread.run(Thread.java:679)
> 2013-05-14 09:42:10,469 DEBUG [agent.manager.DirectAgentAttache]
> (DirectAgent-392:null) Seq 6-602734649: Response Received:
> 2013-05-14 09:42:10,469 DEBUG [agent.transport.Request]
> (DirectAgent-392:null) Seq 6-602734649: Processing: { Ans: , MgmtId:
> 214053811722752, via: 6, Ver: v1, Flags: 10,
> [{"Answer":{"result":false,"details":"SetSourceNatCommand failed due to
> property name of objgrp-PFPort-vlan-770-10-102-196-232-15 failed validation
> for value 'PFPort-vlan-770-10-102-196-232-15'","wait":0}}] }
> 2013-05-14 09:42:10,469 DEBUG [agent.transport.Request]
> (Job-Executor-92:job-66) Seq 6-602734649: Received: { Ans: , MgmtId:
> 214053811722752, via: 6, Ver: v1, Flags: 10, { Answer } }
> 2013-05-14 09:42:10,469 DEBUG [agent.manager.AgentManagerImpl]
> (Job-Executor-92:job-66) Details from executing class
> com.cloud.agent.api.routing.SetPortForwardingRulesCommand:
> SetSourceNatCommand failed due to property name of
> objgrp-PFPort-vlan-770-10-102-196-232-15 failed validation for value
> 'PFPort-vlan-770-10-102-196-232-15'
> 2013-05-14 09:42:10,469 ERROR [network.element.CiscoVnmcElement]
> (Job-Executor-92:job-66) Unable to apply port forwarding rules to Cisco ASA
> 1000v appliance due to: SetSourceNatCommand failed due to property name of
> objgrp-PFPort-vlan-770-10-102-196-232-15 failed validation for value
> 'PFPort-vlan-770-10-102-196-232-15'.
> 2013-05-14 09:42:10,470 WARN [network.rules.RulesManagerImpl]
> (Job-Executor-92:job-66) Failed to apply port forwarding rules for ip due to
> com.cloud.exception.ResourceUnavailableException: Resource [DataCenter:1] is
> unreachable: Unable to apply port forwarding rules to Cisco ASA 1000v
> appliance due to: SetSourceNatCommand failed due to property name of
> objgrp-PFPort-vlan-770-10-102-196-232-15 failed validation for value
> 'PFPort-vlan-770-10-102-196-232-15'.
> at
> com.cloud.network.element.CiscoVnmcElement.applyPFRules(CiscoVnmcElement.java:726)
> at
> com.cloud.network.firewall.FirewallManagerImpl.applyRules(FirewallManagerImpl.java:560)
> at
> com.cloud.network.NetworkManagerImpl.applyRules(NetworkManagerImpl.java:2472)
> at
> com.cloud.network.firewall.FirewallManagerImpl.applyRules(FirewallManagerImpl.java:504)
> at
> com.cloud.network.rules.RulesManagerImpl.applyPortForwardingRules(RulesManagerImpl.java:840)
> at
> com.cloud.network.rules.RulesManagerImpl.applyPortForwardingRules(RulesManagerImpl.java:1023)
> at
> com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125)
> at
> org.apache.cloudstack.api.command.user.firewall.CreatePortForwardingRuleCmd.execute(CreatePortForwardingRuleCmd.java:184)
> at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:155)
> at
> com.cloud.async.AsyncJobManagerImpl$1.run(AsyncJobManagerImpl.java:437)
> at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334)
> at java.util.concurrent.FutureTask.run(FutureTask.java:166)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
> at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
> at java.lang.Thread.run(Thread.java:679)
> 2013-05-14 09:42:10,484 DEBUG [cloud.user.AccountManagerImpl]
> (Job-Executor-92:job-66) Access to Rule[15-PortForwarding-Add] granted to
> Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
> 2013-05-14 09:42:10,487 DEBUG [cloud.user.AccountManagerImpl]
> (Job-Executor-92:job-66) Access to Rule[15-PortForwarding-Add] granted to
> Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
> 2013-05-14 09:42:10,505 DEBUG [cloud.user.AccountManagerImpl]
> (Job-Executor-92:job-66) Access to Rule[15-PortForwarding-Revoke] granted to
> Acct[3-cdcuser1] by DomainChecker_EnhancerByCloudStack_d007a7cf
> 2013-05-14 09:42:10,525 DEBUG [agent.transport.Request]
> (Job-Executor-92:job-66) Seq 6-602734650: Sending { Cmd , MgmtId:
> 214053811722752, via: 6, Ver: v1, Flags: 100011,
> [{"routing.SetPortForwardingRulesCommand":{"rules":[{"dstIp":"10.0.0.106","dstPortRange":[22,22],"id":15,"srcVlanTag":"100","srcIp":"10.102.196.232","protocol":"tcp","srcPortRange":[22,22],"revoked":true,"alreadyAdded":false,"purpose":"PortForwarding"}],"accessDetails":{},"wait":0}}]
> }
> 2013-05-14 09:42:10,526 DEBUG [agent.transport.Request]
> (Job-Executor-92:job-66) Seq 6-602734650: Executing: { Cmd , MgmtId:
> 214053811722752, via: 6, Ver: v1, Flags: 100011,
> [{"routing.SetPortForwardingRulesCommand":{"rules":[{"dstIp":"10.0.0.106","dstPortRange":[22,22],"id":15,"srcVlanTag":"100","srcIp":"10.102.196.232","protocol":"tcp","srcPortRange":[22,22],"revoked":true,"alreadyAdded":false,"purpose":"PortForwarding"}],"accessDetails":{},"wait":0}}]
> }
> 2013-05-14 09:42:10,531 DEBUG [agent.manager.DirectAgentAttache]
> (DirectAgent-96:null) Seq 6-602734650: Executing request
> 2013-05-14 09:42:10,943 DEBUG [agent.manager.DirectAgentAttache]
> (DirectAgent-96:null) Seq 6-602734650: Response Received:
> 2013-05-14 09:42:10,944 DEBUG [agent.transport.Request] (DirectAgent-96:null)
> Seq 6-602734650: Processing: { Ans: , MgmtId: 214053811722752, via: 6, Ver:
> v1, Flags: 10, [{"Answer":{"result":true,"details":"Success","wait":0}}] }
> 2013-05-14 09:42:10,944 DEBUG [agent.transport.Request]
> (Job-Executor-92:job-66) Seq 6-602734650: Received: { Ans: , MgmtId:
> 214053811722752, via: 6, Ver: v1, Flags: 10, { Answer } }
> 2013-05-14 09:42:10,944 DEBUG [agent.manager.AgentManagerImpl]
> (Job-Executor-92:job-66) Details from executing class
> com.cloud.agent.api.routing.SetPortForwardingRulesCommand: Success
> 2013-05-14 09:42:10,964 DEBUG [cloud.async.AsyncJobManagerImpl]
> (Job-Executor-92:job-66) Complete async job-66, jobStatus: 2, resultCode:
> 530, result: Error Code: 530 Error text: Failed to apply port forwarding rule
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
