[jira] [Commented] (CLOUDSTACK-5405) [Automation] Basic zone with SG : Test cases deploying VMs with security group which not belong to account

Tue, 10 Dec 2013 02:26:22 -0800 

    [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-5405?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13844168#comment-13844168
 ] 

Girish Shilamkar commented on CLOUDSTACK-5405:
----------------------------------------------

 ssh_access_group() is everytime called whenever a vm is created in basic zone. 
It creates a sg, applies ingress rule (to allow ssh) in case vm is deployed in 
basic zone. 

So effectively we ended creating sg using in root admin account and deploying 
vm in the test account, with fix for CLOUDSTACK-5152 we can no longer do that.  
We should change marvin to create sg in the account in which vm is to be 
deployed. 

> [Automation] Basic zone with SG : Test cases deploying VMs with security 
> group which not belong to account 
> -----------------------------------------------------------------------------------------------------------
>
>                 Key: CLOUDSTACK-5405
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-5405
>             Project: CloudStack
>          Issue Type: Test
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Automation
>    Affects Versions: 4.3.0
>         Environment: KVM
> Automation
>            Reporter: Rayees Namathponnan
>            Priority: Blocker
>             Fix For: 4.3.0
>
>
> run BVT test cases in basic zone with SG environment 
> test_volume.py:TestVolumes
> Test cases failing with below error 
> Execute cmd: deployvirtualmachine failed, due to: errorCode: 531, 
> errorText:Entity 
> com.cloud.network.security.SecurityGroupVO$$EnhancerByCGLIB$$adfb77c8@6c9922fd
>  and entity 
> Acct[1ba19e88-1614-4675-9613-89b2f104e836-test-TestCreateVolume-UCFUY3] 
> belong to different accounts
> Stacktrace
> Traceback (most recent call last):
>   File "/usr/local/lib/python2.7/site-packages/nose/suite.py", line 208, in 
> run
>     self.setUp()
>   File "/usr/local/lib/python2.7/site-packages/nose/suite.py", line 291, in 
> setUp
>     self.setupContext(ancestor)
>   File "/usr/local/lib/python2.7/site-packages/nose/suite.py", line 314, in 
> setupContext
>     try_run(context, names)
>   File "/usr/local/lib/python2.7/site-packages/nose/util.py", line 469, in 
> try_run
>     return func()
>   File "/Repo_30X/ipcl/cloudstack/test/integration/smoke/test_volumes.py", 
> line 333, in setUpClass
>     mode=cls.services["mode"]
>   File 
> "/usr/local/lib/python2.7/site-packages/marvin/integration/lib/base.py", line 
> 408, in create
>     virtual_machine = apiclient.deployVirtualMachine(cmd, method=method)
>   File 
> "/usr/local/lib/python2.7/site-packages/marvin/cloudstackAPI/cloudstackAPIClient.py",
>  line 623, in deployVirtualMachine
>     response = self.connection.marvinRequest(command, response_type=response, 
> method=method)
>   File 
> "/usr/local/lib/python2.7/site-packages/marvin/cloudstackConnection.py", line 
> 279, in marvinRequest
>     response = jsonHelper.getResultObj(response.json(), response_type)
>   File "/usr/local/lib/python2.7/site-packages/marvin/jsonHelper.py", line 
> 148, in getResultObj
>     raise cloudstackException.cloudstackAPIException(respname, errMsg)
> cloudstackAPIException: Execute cmd: deployvirtualmachine failed, due to: 
> errorCode: 531, errorText:Entity 
> com.cloud.network.security.SecurityGroupVO$$EnhancerByCGLIB$$adfb77c8@6c9922fd
>  and entity 
> Acct[1ba19e88-1614-4675-9613-89b2f104e836-test-TestCreateVolume-UCFUY3] 
> belong to different accounts
> Reason for the failure 
> Test case created account "test-TestCreateVolume-QXLJ8M" and created security 
> group for this account "Name : default,  Description : Default Security 
> Group,  Account: test-TestCreateVolume-QXLJ8M"
> Please see the log test case trying to deploy with SG "basic_sec_grp" which 
> is belong to admin account  , instead of security belong to account 
> "test-TestCreateVolume-QXLJ8M" 
> 2013-12-06 11:03:09,136 INFO  [a.c.c.a.ApiServer] 
> (catalina-exec-25:ctx-66962f4f ctx-ab72e36e ctx-0de15a42) (userId=2 
> accountId=2 sessionId=null) 10.223.240.193 -- GET apiKey=4PKA7xH56
> fMp-9S0TEAsyBYNBzdnffzYeq03cm4GuA6RDO6E9d69ULNWiu778dzPb5tFhSk6RBqJ26Xdi_iTlg&securitygroupname=basic_sec_grp&command=listSecurityGroups&signature=Dv7uasuirly5dQHFW5MJwHzgZkg%3D&respon
> se=json 200 { "listsecuritygroupsresponse" : { "count":1 ,"securitygroup" : [ 
>  
> {"id":"98e72a15-c505-49f8-951e-aba15d58442b","name":"basic_sec_grp","account":"admin","domainid":"bce4672
> 4-5e44-11e3-8936-4290361b938f","domain":"ROOT","ingressrule":[{"ruleid":"9e112034-99ef-4d6b-8417-3c5383706045","protocol":"tcp","startport":22,"endport":22,"cidr":"0.0.0.0/0"}],"egress
> rule":[],"tags":[]} ] } }
> 2013-12-06 11:03:09,203 INFO  [a.c.c.a.ApiServer] 
> (catalina-exec-19:ctx-f8b6a8b5 ctx-646818bc ctx-d643d28e) (userId=2 
> accountId=2 sessionId=null) 10.223.240.193 -- GET domainid=bce4672
> 4-5e44-11e3-8936-4290361b938f&zoneid=f229ef91-e5a0-4a29-9965-3dd95581b8f7&apiKey=4PKA7xH56fMp-9S0TEAsyBYNBzdnffzYeq03cm4GuA6RDO6E9d69ULNWiu778dzPb5tFhSk6RBqJ26Xdi_iTlg&serviceofferingi
> d=9d809384-94f5-41e2-9ac0-249d0053883d&signature=L%2FfAYntOVSOFcICWJHKo%2Bs6k954%3D&templateid=bce8a51e-5e44-11e3-8936-4290361b938f&response=json&account=test-TestCreateVolume-QXLJ8M&s
> ecuritygroupids=98e72a15-c505-49f8-951e-aba15d58442b&command=deployVirtualMachine&hypervisor=KVM
>  531 Entity 
> com.cloud.network.security.SecurityGroupVO$$EnhancerByCGLIB$$adfb77c8@7bcf65
> c3 and entity 
> Acct[91cc0e4b-909d-4d5d-9383-b572c347cccf-test-TestCreateVolume-QXLJ8M] 
> belong to different accounts



--
This message was sent by Atlassian JIRA
(v6.1.4#6159)

Reply via email to