angeline shen created CLOUDSTACK-2283: -----------------------------------------
Summary: SRX - Delete Egress firewall rule failed Key: CLOUDSTACK-2283 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-2283 Project: CloudStack Issue Type: Bug Security Level: Public (Anyone can view this level - this is the default.) Components: Management Server Affects Versions: 4.2.0 Environment: MS ACS 2.0 build 4/24/13 7:48 PM revision: 299cccf779f75c3ba04d9ec7303bed88394c3562 host XS 6.0.2 Reporter: angeline shen Assignee: Jayapal Reddy Priority: Critical Fix For: 4.2.0 MS ACS 2.0 build 4/24/13 7:48 PM revision: 299cccf779f75c3ba04d9ec7303bed88394c3562 host XS 6.0.2 1. SRX network offering : isolated DHCP: virtual router DNS: virtual router firewall: SRX userdata:virtual router sourceNAT: SRX staticNAT: SRX portforward: SRX sourceNAT type: perzone 2. advance zone, add SRX device for firewall. domain: ROOT admin create VM with network of above networking offering. Add egress rule TCP port 22 22 for egress 3. Delete this egress rule failed: 2013-04-29 15:15:40,818 DEBUG [agent.transport.Request] (Job-Executor-24:job-19) Seq 5-1743912980: Received: { Ans: , MgmtId: 6655051826959, via: 5, Ver: v1, Flags: 10, { Answer } } 2013-04-29 15:15:40,818 DEBUG [agent.manager.AgentManagerImpl] (Job-Executor-24:job-19) Details from executing class com.cloud.agent.api.routing.SetFirewallRulesCommand: Exception: com.cloud.utils.exception.ExecutionException Message: Failed to open a private configuration. Stack: com.cloud.utils.exception.ExecutionException: Failed to open a private configuration. at com.cloud.network.resource.JuniperSrxResource.openConfiguration(JuniperSrxResource.java:617) at com.cloud.network.resource.JuniperSrxResource.execute(JuniperSrxResource.java:827) at com.cloud.network.resource.JuniperSrxResource.execute(JuniperSrxResource.java:869) at com.cloud.network.resource.JuniperSrxResource.execute(JuniperSrxResource.java:869) at com.cloud.network.resource.JuniperSrxResource.execute(JuniperSrxResource.java:821) at com.cloud.network.resource.JuniperSrxResource.executeRequest(JuniperSrxResource.java:349) at com.cloud.agent.manager.DirectAgentAttache$Task.run(DirectAgentAttache.java:186) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) at java.util.concurrent.FutureTask.run(FutureTask.java:166) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$101(ScheduledThreadPoolExecutor.java:165) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) at java.lang.Thread.run(Thread.java:679) 2013-04-29 15:15:40,818 ERROR [cloud.network.ExternalFirewallDeviceManagerImpl] (Job-Executor-24:job-19) External firewall was unable to apply static nat rules to the SRX appliance in zone z1 due to: Exception: com.cloud.utils.exception.ExecutionException Message: Failed to open a private configuration. Stack: com.cloud.utils.exception.ExecutionException: Failed to open a private configuration. at com.cloud.network.resource.JuniperSrxResource.openConfiguration(JuniperSrxResource.java:617) at com.cloud.network.resource.JuniperSrxResource.execute(JuniperSrxResource.java:827) at com.cloud.network.resource.JuniperSrxResource.execute(JuniperSrxResource.java:869) at com.cloud.network.resource.JuniperSrxResource.execute(JuniperSrxResource.java:869) at com.cloud.network.resource.JuniperSrxResource.execute(JuniperSrxResource.java:821) at com.cloud.network.resource.JuniperSrxResource.executeRequest(JuniperSrxResource.java:349) at com.cloud.agent.manager.DirectAgentAttache$Task.run(DirectAgentAttache.java:186) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) at java.util.concurrent.FutureTask.run(FutureTask.java:166) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$101(ScheduledThreadPoolExecutor.java:165) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) at java.lang.Thread.run(Thread.java:679) . 2013-04-29 15:15:40,819 WARN [network.firewall.FirewallManagerImpl] (Job-Executor-24:job-19) Failed to apply firewall rules due to com.cloud.exception.ResourceUnavailableException: Resource [DataCenter:1] is unreachable: External firewall was unable to apply static nat rules to the SRX appliance in zone z1 due to: Exception: com.cloud.utils.exception.ExecutionException Message: Failed to open a private configuration. Stack: com.cloud.utils.exception.ExecutionException: Failed to open a private configuration. at com.cloud.network.resource.JuniperSrxResource.openConfiguration(JuniperSrxResource.java:617) at com.cloud.network.resource.JuniperSrxResource.execute(JuniperSrxResource.java:827) at com.cloud.network.resource.JuniperSrxResource.execute(JuniperSrxResource.java:869) at com.cloud.network.resource.JuniperSrxResource.execute(JuniperSrxResource.java:869) at com.cloud.network.resource.JuniperSrxResource.execute(JuniperSrxResource.java:821) at com.cloud.network.resource.JuniperSrxResource.executeRequest(JuniperSrxResource.java:349) at com.cloud.agent.manager.DirectAgentAttache$Task.run(DirectAgentAttache.java:186) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) at java.util.concurrent.FutureTask.run(FutureTask.java:166) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$101(ScheduledThreadPoolExecutor.java:165) at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:266) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) at java.lang.Thread.run(Thread.java:679) . at com.cloud.network.ExternalFirewallDeviceManagerImpl.sendFirewallRules(ExternalFirewallDeviceManagerImpl.java:600) at com.cloud.network.ExternalFirewallDeviceManagerImpl.applyFirewallRules(ExternalFirewallDeviceManagerImpl.java:559) at com.cloud.network.element.JuniperSRXExternalFirewallElement.applyFWRules(JuniperSRXExternalFirewallElement.java:190) at com.cloud.network.firewall.FirewallManagerImpl.applyRules(FirewallManagerImpl.java:544) at com.cloud.network.NetworkManagerImpl.applyRules(NetworkManagerImpl.java:2428) at com.cloud.network.firewall.FirewallManagerImpl.applyRules(FirewallManagerImpl.java:500) at com.cloud.network.firewall.FirewallManagerImpl.applyFirewallRules(FirewallManagerImpl.java:630) at com.cloud.network.firewall.FirewallManagerImpl.revokeFirewallRule(FirewallManagerImpl.java:670) at com.cloud.utils.component.ComponentInstantiationPostProcessor$InterceptorDispatcher.intercept(ComponentInstantiationPostProcessor.java:125) at com.cloud.network.firewall.FirewallManagerImpl.revokeFirewallRule(FirewallManagerImpl.java:683) at org.apache.cloudstack.api.command.user.firewall.DeleteEgressFirewallRuleCmd.execute(DeleteEgressFirewallRuleCmd.java:97) at com.cloud.api.ApiDispatcher.dispatch(ApiDispatcher.java:155) at com.cloud.async.AsyncJobManagerImpl$1.run(AsyncJobManagerImpl.java:437) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:334) at java.util.concurrent.FutureTask.run(FutureTask.java:166) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) at java.lang.Thread.run(Thread.java:679) 2013-04-29 15:15:40,826 DEBUG [cloud.async.AsyncJobManagerImpl] (Job-Executor-24:job-19) Complete async job-19, jobStatus: 2, resultCode: 530, result: Error Code: 530 Error text: Failed to delete egress firewall rule 2013-04-29 15:15:40,857 DEBUG [cloud.async.SyncQueueManagerImpl] (Job-Executor-24:job-19) Sync queue (1) is currently empty 2013-04-29 15:15:43,081 DEBUG [cloud.api.ApiServlet] (catalina-exec-4:null) ===START=== 10.216.133.70 -- GET command=listNetwo -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators For more information on JIRA, see: http://www.atlassian.com/software/jira