[ https://issues.apache.org/jira/browse/CLOUDSTACK-8395?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14508968#comment-14508968 ]
ASF subversion and git services commented on CLOUDSTACK-8395: ------------------------------------------------------------- Commit 496ffcad832c6edf42fbd17e5067601e0228e924 in cloudstack's branch refs/heads/master from [~rohit.ya...@shapeblue.com] [ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=496ffca ] CLOUDSTACK-8395: vmops plugin should work on both XS 6.5 and 6.2 :fist: This fixes the issue of Security Groups not working in case of XenServer 6.5; - Uses nethash ipset data-structure to store CIDRs (efficient than iphash and avoids overflow errors in case users add /8 /4 ingress/egress cidrs) - Support for ipset versions both on 6.2 and 6.5, both have different outputs. This fixes the issue of destroy_network_rules_for_vm failing - Implements defensive filtering of list, instead of popping last item without checking if it's None or empty - Greps using names that are 'quoted' to avoid bash errors - Before setting up new network rule, tries to clean and remove old ipset entry - Idents, whitespace and naming fixes PS. This is my 1000th commit to the :monkey_face: project :) This closes #186 (cherry picked from commit d91d161107e20ffc8ec088ee55f99d6743330946) Signed-off-by: Rohit Yadav <rohit.ya...@shapeblue.com> Conflicts: scripts/vm/hypervisor/xenserver/vmops > Basic Zone Security Group rules fail with XenServer 6.5 > ------------------------------------------------------- > > Key: CLOUDSTACK-8395 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8395 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Affects Versions: 4.5.0, 4.6.0 > Reporter: Rohit Yadav > Assignee: Rohit Yadav > Priority: Blocker > Fix For: 4.6.0, 4.5.1 > > > With latest ACS 4.5 branch, SG rules on XenServer 6.5 were found to be flaky. > They worked sometimes and sometimes failed. On inspection of cloud.log and > SMLog, the following errors were found: > DEBUG [root] Ignoring failure to delete rules for vm s-2-VM > ... > DEBUG [root] Ignoring failure to delete ebtables chain for vm s-2-VM > > ... > DEBUG [root] Ignoring failure to delete arptables chain for vm s-2-VM > ... > DEBUG [root] Ignoring failure to delete ingress chain s-2-VM > DEBUG [root] Ignoring failure to delete egress chain s-2-VM-eg > ... > The possible issue discovered was how the python based vmops plugin execute > iptables rules. The sm/util.py shipped with XS 6.5 is possibly different than > that on XS 6.2. -- This message was sent by Atlassian JIRA (v6.3.4#6332)