[ https://issues.apache.org/jira/browse/CLOUDSTACK-2938?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Bharat Kumar resolved CLOUDSTACK-2938. -------------------------------------- Resolution: Fixed fixed commit d92a01336bc41b77a8723089b1c6103678932798 > [Multiple_IP_Ranges] Password Service does not work in case of multiple > subnets in a vlan > ----------------------------------------------------------------------------------------- > > Key: CLOUDSTACK-2938 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2938 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Components: Management Server > Affects Versions: 4.2.0 > Environment: Basic Zone with xen cluster > Build: Latest build from master > Reporter: Sanjeev N > Assignee: Bharat Kumar > Priority: Critical > Fix For: 4.2.0 > > > Password Service does not work in case of multiple subnets in a vlan > Steps to Reproduce: > ================= > 1.Bring up CS in basic zone with xen cluster > 2.Add two CIDRs in guest network in the same vlan > 3.Deploy a vm with password enabled template with ip address from CIDR1 > 4.Deploy another vm with the same password enabled template with ip address > from CIDR2 > Expected Behaviour: > ================= > Password reset should work for the guest vms deployed with ip addresses from > both the CIDRs > Actual Behaviour: > ============== > Password reset functionality worked only for the guest vm deployed with ip > address from primary CIDR > Observations: > ============ > On the router vm it is observed that password service is running using socat > process and it is listening only on the Router guest vms primary address. > root@r-25-QA:~# netstat -atnp | grep 8080 > tcp 0 0 10.147.43.2:8080 0.0.0.0:* LISTEN > 4723/socat > root@r-25-QA:~# ip addr show eth0 > 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP > qlen 1000 > link/ether 06:f8:fc:00:00:0b brd ff:ff:ff:ff:ff:ff > inet 10.147.43.2/25 brd 10.147.43.127 scope global eth0 > inet 10.147.43.131/26 brd 10.147.43.191 scope global eth0:21 > inet6 fe80::4f8:fcff:fe00:b/64 scope link > valid_lft forever preferred_lft forever > In the above output 10.147.43.131/26 is the alias ip address which got > created after deploying the vm with the ip address from the second cidr. > Password reset script resides on guest vm would be sending request to alias > ip on VR to get the password, but would fail since socat process is not > listening on the alias ip. > Workaround: > =========== > Restarting password server process "/etc/init.d/cloud-passwd-srvr" would > create another socat process listening on alias ip: > root@r-25-QA:~# netstat -atnp | grep 8080 > tcp 0 0 10.147.43.131:8080 0.0.0.0:* LISTEN > 4725/socat > tcp 0 0 10.147.43.2:8080 0.0.0.0:* LISTEN > 4723/socat -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira