[
https://issues.apache.org/jira/browse/CLOUDSTACK-8793?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14972496#comment-14972496
]
ASF GitHub Bot commented on CLOUDSTACK-8793:
--------------------------------------------
Github user remibergsma commented on the pull request:
https://github.com/apache/cloudstack/pull/879#issuecomment-150777561
@pdube LGTM, based on a set of tests that I run on this branch:
```
nosetests --with-marvin --marvin-config=${marvinCfg} -s -a
tags=advanced,required_hardware=true \
component/test_vpc_redundant.py \
component/test_routers_iptables_default_policy.py \
component/test_routers_network_ops.py \
component/test_vpc_router_nics.py \
smoke/test_loadbalance.py \
smoke/test_internal_lb.py \
smoke/test_ssvm.py
```
Result:
```
Create a redundant VPC with two networks with two VMs in each network ...
=== TestName: test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL | Status :
SUCCESS ===
ok
Create a redundant VPC with two networks with two VMs in each network and
check default routes ... === TestName: test_02_redundant_VPC_default_routes |
Status : SUCCESS ===
ok
Test iptables default INPUT/FORWARD policy on RouterVM ... === TestName:
test_02_routervm_iptables_policies | Status : SUCCESS ===
ok
Test iptables default INPUT/FORWARD policies on VPC router ... ===
TestName: test_01_single_VPC_iptables_policies | Status : SUCCESS ===
ok
Stop existing router, add a PF rule and check we can access the VM ... ===
TestName: test_isolate_network_FW_PF_default_routes | Status : SUCCESS ===
ok
Test redundant router internals ... === TestName:
test_RVR_Network_FW_PF_SSH_default_routes | Status : SUCCESS ===
ok
Create a VPC with two networks with one VM in each network and test nics
after destroy ... === TestName: test_01_VPC_nics_after_destroy | Status :
SUCCESS ===
ok
Create a VPC with two networks with one VM in each network and test default
routes ... === TestName: test_02_VPC_default_routes | Status : SUCCESS ===
ok
Test to create Load balancing rule with source NAT ... === TestName:
test_01_create_lb_rule_src_nat | Status : SUCCESS ===
ok
Test to create Load balancing rule with non source NAT ... === TestName:
test_02_create_lb_rule_non_nat | Status : SUCCESS ===
ok
Test for assign & removing load balancing rule ... === TestName:
test_assign_and_removal_lb | Status : SUCCESS ===
ok
Test to verify access to loadbalancer haproxy admin stats page ... ===
TestName: test02_internallb_haproxy_stats_on_all_interfaces | Status : SUCCESS
===
ok
Test create, assign, remove of an Internal LB with roundrobin http traffic
to 3 vm's ... === TestName: test_01_internallb_roundrobin_1VPC_3VM_HTTP_port80
| Status : SUCCESS ===
ok
Test SSVM Internals ... === TestName: test_03_ssvm_internals | Status :
SUCCESS ===
ok
Test CPVM Internals ... === TestName: test_04_cpvm_internals | Status :
SUCCESS ===
ok
Test stop SSVM ... === TestName: test_05_stop_ssvm | Status : SUCCESS ===
ok
Test stop CPVM ... === TestName: test_06_stop_cpvm | Status : SUCCESS ===
ok
Test reboot SSVM ... === TestName: test_07_reboot_ssvm | Status : SUCCESS
===
ok
Test reboot CPVM ... === TestName: test_08_reboot_cpvm | Status : SUCCESS
===
ok
Test destroy SSVM ... === TestName: test_09_destroy_ssvm | Status : SUCCESS
===
ok
Test destroy CPVM ... === TestName: test_10_destroy_cpvm | Status : SUCCESS
===
ok
----------------------------------------------------------------------
Ran 21 tests in 10163.375s
OK
```
And:
```
nosetests --with-marvin --marvin-config=${marvinCfg} -s -a
tags=advanced,required_hardware=false \
smoke/test_routers.py \
smoke/test_network_acl.py \
smoke/test_privategw_acl.py \
smoke/test_reset_vm_on_reboot.py \
smoke/test_vm_life_cycle.py \
smoke/test_vpc_vpn.py \
smoke/test_service_offerings.py \
component/test_vpc_offerings.py \
component/test_vpc_routers.py
```
Result:
```
Test router internal advanced zone ... === TestName:
test_02_router_internal_adv | Status : SUCCESS ===
ok
Test restart network ... === TestName: test_03_restart_network_cleanup |
Status : SUCCESS ===
ok
Test router basic setup ... === TestName: test_05_router_basic | Status :
SUCCESS ===
ok
Test router advanced setup ... === TestName: test_06_router_advanced |
Status : SUCCESS ===
ok
Test stop router ... === TestName: test_07_stop_router | Status : SUCCESS
===
ok
Test start router ... === TestName: test_08_start_router | Status : SUCCESS
===
ok
Test reboot router ... === TestName: test_09_reboot_router | Status :
SUCCESS ===
ok
test_privategw_acl (integration.smoke.test_privategw_acl.TestPrivateGwACL)
... === TestName: test_privategw_acl | Status : SUCCESS ===
ok
Test reset virtual machine on reboot ... === TestName:
test_01_reset_vm_on_reboot | Status : SUCCESS ===
ok
Test advanced zone virtual router ... === TestName:
test_advZoneVirtualRouter | Status : SUCCESS ===
ok
Test Deploy Virtual Machine ... === TestName: test_deploy_vm | Status :
SUCCESS ===
ok
Test Multiple Deploy Virtual Machine ... === TestName:
test_deploy_vm_multiple | Status : SUCCESS ===
ok
Test Stop Virtual Machine ... === TestName: test_01_stop_vm | Status :
SUCCESS ===
ok
Test Start Virtual Machine ... === TestName: test_02_start_vm | Status :
SUCCESS ===
ok
Test Reboot Virtual Machine ... === TestName: test_03_reboot_vm | Status :
SUCCESS ===
ok
Test destroy Virtual Machine ... === TestName: test_06_destroy_vm | Status
: SUCCESS ===
ok
Test recover Virtual Machine ... === TestName: test_07_restore_vm | Status
: SUCCESS ===
ok
Test migrate VM ... SKIP: At least two hosts should be present in the zone
for migration
Test destroy(expunge) Virtual Machine ... === TestName: test_09_expunge_vm
| Status : SUCCESS ===
ok
Test Remote Access VPN in VPC ... === TestName: test_vpc_remote_access_vpn
| Status : SUCCESS ===
ok
Test VPN in VPC ... === TestName: test_vpc_site2site_vpn | Status : SUCCESS
===
ok
Test to create service offering ... === TestName:
test_01_create_service_offering | Status : SUCCESS ===
ok
Test to update existing service offering ... === TestName:
test_02_edit_service_offering | Status : SUCCESS ===
ok
Test to delete service offering ... === TestName:
test_03_delete_service_offering | Status : SUCCESS ===
ok
Test create VPC offering ... === TestName: test_01_create_vpc_offering |
Status : SUCCESS ===
ok
Test VPC offering without load balancing service ... === TestName:
test_03_vpc_off_without_lb | Status : EXCEPTION ===
ERROR
Test VPC offering without static NAT service ... === TestName:
test_04_vpc_off_without_static_nat | Status : EXCEPTION ===
ERROR
Test VPC offering without port forwarding service ... === TestName:
test_05_vpc_off_without_pf | Status : EXCEPTION ===
ERROR
Test VPC offering with invalid services ... === TestName:
test_06_vpc_off_invalid_services | Status : SUCCESS ===
ok
Test update VPC offering ... === TestName: test_07_update_vpc_off | Status
: SUCCESS ===
ok
Test list VPC offering ... === TestName: test_08_list_vpc_off | Status :
SUCCESS ===
ok
test_09_create_redundant_vpc_offering
(integration.component.test_vpc_offerings.TestVPCOffering) ... === TestName:
test_09_create_redundant_vpc_offering | Status : SUCCESS ===
ok
Test start/stop of router after addition of one guest network ... ===
TestName: test_01_start_stop_router_after_addition_of_one_guest_network |
Status : SUCCESS ===
ok
Test reboot of router after addition of one guest network ... === TestName:
test_02_reboot_router_after_addition_of_one_guest_network | Status : SUCCESS ===
ok
Test to change service offering of router after addition of one guest
network ... === TestName:
test_04_chg_srv_off_router_after_addition_of_one_guest_network | Status :
SUCCESS ===
ok
Test destroy of router after addition of one guest network ... ===
TestName: test_05_destroy_router_after_addition_of_one_guest_network | Status :
SUCCESS ===
ok
Test to stop and start router after creation of VPC ... === TestName:
test_01_stop_start_router_after_creating_vpc | Status : SUCCESS ===
ok
Test to reboot the router after creating a VPC ... === TestName:
test_02_reboot_router_after_creating_vpc | Status : SUCCESS ===
ok
Tests to change service offering of the Router after ... === TestName:
test_04_change_service_offerring_vpc | Status : SUCCESS ===
ok
Test to destroy the router after creating a VPC ... === TestName:
test_05_destroy_router_after_creating_vpc | Status : SUCCESS ===
ok
----------------------------------------------------------------------
Ran 40 tests in 7667.102s
FAILED (SKIP=1, errors=3)
```
The 3 errors are due to cleanup problems that are were broken on master
when this was branched off. It was fixed in PR #967.
Please note:
- There is no test covering your change, so I didn't test that. I would
appreciate it if you could somehow show here that it works, for example with
some screen shots (or better, write a Marvin test, but that doesn't have to be
done in this PR)
- Jenkins failed, please force-push to have it run again. We can only merge
once Jenkins is green.
- While you're at it, if you rebase the 3 errors above will also disappear.
Thanks for the fix @pdube !
> Project Site-2-Site VPN Connection Fails to Register Correctly
> --------------------------------------------------------------
>
> Key: CLOUDSTACK-8793
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8793
> Project: CloudStack
> Issue Type: Bug
> Security Level: Public(Anyone can view this level - this is the
> default.)
> Components: Projects
> Affects Versions: 4.5.2
> Environment: Clean install of ACS 4.5.2 on CentOS 6.6
> Reporter: Geoff Higgibottom
> Assignee: Patrick D.
> Labels: project, vpc, vpn
>
> When trying to create a new Site-2-Site VPN Connection for a Project using
> the UI the following error message is presented.
> "VPN connection can only be esitablished between same account's VPN gateway
> and customer gateway!"
> Apart from the spelling mistake in the error message, the main issue is that
> the VPN Connection fails to create as the VPN Customer Gateway is linked to
> the Logged in user account, and not the Project.
> The VPN Gateway is correctly linked to the Project, as this was fixed in
> CLOUDSTACK-5409.
> Manually updating the ‘domain_id’ and ‘account_id’ values in the
> ‘s2s_vpn_connection’ table in the DB will result in the successful creation
> of the VPN Connection, but this connection will not display in the UI or when
> querying via the API.
> The same error exists when using only the API so it is not a UI issue.
> This prevents the use of Site-2Site VPNs for VPCs belonging to Projects.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
