osdir.com

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Egress rules not applied in 4.11.0


Hi martin,

I've just read your issue on github and was wondering how you;ve been able to select Debian 9.
But maybe you did a fresh installation.

We did an update from 4.9.2 to 4.11.0 and were able to select "Debian GNU/Linux 7(64-bit)" as
highest possible Debian-version. The documentation said to register the new systemvm-template
before updating the management server.

Maybe your issue is hot-fixed by registering a template with Debian 7 profile.

Cheers,

- Stephan


Am Mittwoch, den 11.04.2018, 13:30 +0200 schrieb Martin Emrich:
> I investigated further, and opened an issue: 
> https://github.com/apache/cloudstack/issues/2561
> 
> Cheers,
> 
> Martin
> 
> 
> Am 11.04.18 um 12:18 schrieb Martin Emrich:
> > 
> > Thanks... But I think something else is now broken, too...:
> > 
> > The SystemVMs are now no longer being provisioned: They come up 
> > "empty" with "systemvm type=".
> > 
> > I also deleted the Console Proxy VM, and the new one is plain, too...
> > 
> > I tried with Git branch 4.11 (producing 4.11.1-SNAPSHOT RPMs), same 
> > effect...
> > 
> > Cheers,
> > 
> > Martin
> > 
> > 
> > Am 11.04.18 um 00:56 schrieb Rohit Yadav:
> > > 
> > > Hi Martin,
> > > 
> > > 
> > > This is a known issue, a freshly restarted VR may not have the EGREE 
> > > related tables which is why any rules will fail to apply. As a 
> > > workaround, you can restart the network without selecting the cleanup 
> > > option which will reconfigure the VR and add the egress table.
> > > 
> > > 
> > > I've a fix in this PR: 
> > > https://github.com/apache/cloudstack/pull/2508/files#diff-2d3ea57dfd9156e3983b1bb2d64abecd
> > > 
> > > 
> > > 
> > > - Rohit
> > > 
> > > <https://cloudstack.apache.org>
> > > 
> > > 
> > > 
> > > ________________________________
> > > From: Martin Emrich <martin.emrich@xxxxxxxxxxx>
> > > Sent: Tuesday, April 10, 2018 2:13:57 PM
> > > To: CloudStack-Users
> > > Subject: Egress rules not applied in 4.11.0
> > > 
> > > Hi!
> > > 
> > > I upgraded my test cluster from 4.9 to 4.11. The default policy for
> > > isolated networks is "Deny".
> > > 
> > > But now, adding rules to allow egress traffic are not applied to the
> > > virtual router. adding a 0.0.0.0/0 rule looks fine from the UI, but does
> > > not appear in the iptables output on the VR.
> > > 
> > > Any Ideas?
> > > 
> > > Thanks
> > > 
> > > Martin
> > > 
> > > 
> > > rohit.yadav@xxxxxxxxxxxxx
> > > www.shapeblue.com
> > > 53 Chandos Place, Covent Garden, London  WC2N 4HSUK
> > > @shapeblue
> > > 
Mit freundlichen Grüßen,

Stephan Seitz

--

Heinlein Support GmbH
Schwedter Str. 8/9b, 10119 Berlin

http://www.heinlein-support.de

Tel: 030 / 405051-44
Fax: 030 / 405051-19

Zwangsangaben lt. §35a GmbHG: HRB 93818 B / Amtsgericht
Berlin-Charlottenburg,
Geschäftsführer: Peer Heinlein -- Sitz: Berlin

Attachment: signature.asc
Description: This is a digitally signed message part