[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-8697?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14940012#comment-14940012
 ] 

Michael Andersen edited comment on CLOUDSTACK-8697 at 10/1/15 4:12 PM:
-----------------------------------------------------------------------

I was able to reproduce this error on ACS 4.4.4.
there is a global configuration setting which determines on which interfaces 
the haproxy statistics (stats) is bound to on startup of haproxy. this setting 
is: network.loadbalancer.haproxy.stats.visibility    it defaults to all.
description:
Load Balancer(haproxy) stats visibilty, the value can be one of the following 
six parameters : global,guest-network,link-local,disabled,all,default     all   
  

When the above setting is left on the default a configuration is generated for 
haproxy which has a public and guest stats directive which try to bind to the 
same (guest) ip address. This results in an haproxy error:
[ALERT] 273/131923 (3076) : Starting proxy stats_on_guest: cannot bind socket 
[10.10.2.151:8081]
 and haproxy never restarts with the new config.

the faulty config directives:

listen stats_on_public 10.10.2.151:8081
        mode http
        option httpclose
        stats enable
        stats uri     /admin?stats
        stats realm   Haproxy\ Statistics
        stats auth    admin493:test123

listen stats_on_guest 10.10.2.151:8081
        mode http
        option httpclose
        stats enable
        stats uri     /admin?stats
        stats realm   Haproxy\ Statistics
        stats auth    admin493:test123

In the code the visibility setting is retrieved by:
 ElasticLoadBalancerManagerImpl.java
 private void createApplyLoadBalancingRulesCommands(List<LoadBalancingRule> 
rules, DomainRouterVO elbVm, Commands cmds, long guestNetworkId) {
...
 //FIXME: why are we setting attributes directly? Ick!! There should be 
accessors and
 //the constructor should set defaults.
 cmd.lbStatsVisibility = 
_configDao.getValue(Config.NetworkLBHaproxyStatsVisbility.key());

then in core/src/com/cloud/network/HAProxyConfigurator.java
the following function determines what to add to the generate haproxy config:

line 542:   public String[] generateConfiguration(LoadBalancerConfigCommand 
lbCmd) {
...
line 575: 
       if (!lbCmd.lbStatsVisibility.equals("disabled")) {
            /* new rule : listen admin_page guestip/link-local:8081 */
            if (lbCmd.lbStatsVisibility.equals("global")) {
                result.add(generateStatsRule(lbCmd, "stats_on_public", 
lbCmd.lbStatsPublicIP));

            } else if (lbCmd.lbStatsVisibility.equals("guest-network")) {
                result.add(generateStatsRule(lbCmd, "stats_on_guest", 
lbCmd.lbStatsGuestIP));

            } else if (lbCmd.lbStatsVisibility.equals("link-local")) {
                result.add(generateStatsRule(lbCmd, "stats_on_private", 
lbCmd.lbStatsPrivateIP));

            } else if (lbCmd.lbStatsVisibility.equals("all")) {
                result.add(generateStatsRule(lbCmd, "stats_on_public", 
lbCmd.lbStatsPublicIP));
                result.add(generateStatsRule(lbCmd, "stats_on_guest", 
lbCmd.lbStatsGuestIP));
                result.add(generateStatsRule(lbCmd, "stats_on_private", 
lbCmd.lbStatsPrivateIP));
            } else {

I have not yet tested it but setting the global setting to guest-network will 
most likely allow for assigning LB rules on an internal LB.

In the code i think we should either retrieve the interfaces of the 
internallbVm before applying rules in the equals('all') case or simplify the 
'all' case drastically by only applying a single directive which simply listens 
on 0.0.0.0?




was (Author: michaelandersen):
I was able to reproduce this error on ACS 4.4.4.
there is a global configuration setting which determines on which interfaces 
the haproxy statistics (stats) is bound to on startup of haproxy. this setting 
is: network.loadbalancer.haproxy.stats.visibility    it defaults to all.
description:
Load Balancer(haproxy) stats visibilty, the value can be one of the following 
six parameters : global,guest-network,link-local,disabled,all,default     all   
  

When the above setting is left on the default a configuration is generated for 
haproxy which has a public and guest stats directive which try to bind to the 
same (guest) ip address. This results in an haproxy error:
[ALERT] 273/131923 (3076) : Starting proxy stats_on_guest: cannot bind socket 
[10.10.2.151:8081]
 and haproxy never restarts with the new config.

the faulty config directives:

listen stats_on_public 10.10.2.151:8081
        mode http
        option httpclose
        stats enable
        stats uri     /admin?stats
        stats realm   Haproxy\ Statistics
        stats auth    admin493:test123

listen stats_on_guest 10.10.2.151:8081
        mode http
        option httpclose
        stats enable
        stats uri     /admin?stats
        stats realm   Haproxy\ Statistics
        stats auth    admin493:test123

In the code the visibility setting is retrieved by:
 ElasticLoadBalancerManagerImpl.java
 private void createApplyLoadBalancingRulesCommands(List<LoadBalancingRule> 
rules, DomainRouterVO elbVm, Commands cmds, long guestNetworkId) {
...
 //FIXME: why are we setting attributes directly? Ick!! There should be 
accessors and
 //the constructor should set defaults.
 cmd.lbStatsVisibility = 
_configDao.getValue(Config.NetworkLBHaproxyStatsVisbility.key());

then in core/src/com/cloud/network/HAProxyConfigurator.java
the following function determines what to add to the generate haproxy config:

line 542:   public String[] generateConfiguration(LoadBalancerConfigCommand 
lbCmd) {
...
line 575: 
       if (!lbCmd.lbStatsVisibility.equals("disabled")) {
            /* new rule : listen admin_page guestip/link-local:8081 */
            if (lbCmd.lbStatsVisibility.equals("global")) {
                result.add(generateStatsRule(lbCmd, "stats_on_public", 
lbCmd.lbStatsPublicIP));

            } else if (lbCmd.lbStatsVisibility.equals("guest-network")) {
                result.add(generateStatsRule(lbCmd, "stats_on_guest", 
lbCmd.lbStatsGuestIP));

            } else if (lbCmd.lbStatsVisibility.equals("link-local")) {
                result.add(generateStatsRule(lbCmd, "stats_on_private", 
lbCmd.lbStatsPrivateIP));

            } else if (lbCmd.lbStatsVisibility.equals("all")) {
                result.add(generateStatsRule(lbCmd, "stats_on_public", 
lbCmd.lbStatsPublicIP));
                result.add(generateStatsRule(lbCmd, "stats_on_guest", 
lbCmd.lbStatsGuestIP));
                result.add(generateStatsRule(lbCmd, "stats_on_private", 
lbCmd.lbStatsPrivateIP));
            } else {

I have not yet tested it but setting the global setting to guest-network will 
most likely allow for assigning LB rules on an internal LB.

In the code i think we should either retrieve the interfaces of the 
internallbVm before applying rules in the equals('all') case or simply the 
'all' case drastically by only applying a single directive which listens on 
0.0.0.0?



> Assign VPC Internal LB rule to a VM fails
> -----------------------------------------
>
>                 Key: CLOUDSTACK-8697
>                 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8697
>             Project: CloudStack
>          Issue Type: Bug
>      Security Level: Public(Anyone can view this level - this is the 
> default.) 
>          Components: Network Controller
>    Affects Versions: 4.4.4, 4.6.0
>            Reporter: Pavan Kumar Bandarupally
>            Assignee: Wilder Rodrigues
>            Priority: Blocker
>         Attachments: MS Log.rar, MSLog.rar
>
>
> Assigning an internal LB rule to a VM inside VPC network fails. Seems to be a 
> configuration issue.
> ================
> 2015-07-31 21:13:49,059 ERROR [c.c.u.s.SshHelper] 
> (DirectAgent-345:ctx-2bdddfcc) SSH execution of command 
> /opt/cloud/bin/router_proxy.sh update_config.py 169.254.2.171 
> load_balancer.json has an error status code in return. result output:
> 2015-07-31 21:13:49,062 DEBUG [c.c.a.r.v.VirtualRoutingResource] 
> (DirectAgent-345:ctx-2bdddfcc) Processing ScriptConfigItem, executing 
> update_config.py load_balancer.json took 6656ms
> 2015-07-31 21:13:49,062 WARN  [c.c.a.r.v.VirtualRoutingResource] 
> (DirectAgent-345:ctx-2bdddfcc) Expected 1 answers while executing 
> LoadBalancerConfigCommand but received 2
> 2015-07-31 21:13:49,062 DEBUG [c.c.a.m.DirectAgentAttache] 
> (DirectAgent-345:ctx-2bdddfcc) Seq 7-4435764157983228083: Response Received:
> 2015-07-31 21:13:49,063 DEBUG [c.c.a.t.Request] 
> (DirectAgent-345:ctx-2bdddfcc) Seq 7-4435764157983228083: Processing:  { Ans: 
> , MgmtId: 6702933999656, via: 7, Ver: v1, Flags: 0, 
> [{"com.cloud.agent.api.routing.GroupAnswer":{"results":["null - failed: 
> ","null - failed: "],"result":false,"wait":0}}] }
> 2015-07-31 21:13:49,063 DEBUG [c.c.a.t.Request] 
> (API-Job-Executor-9:ctx-4c2d49d3 job-315 ctx-06ebb5a1) Seq 
> 7-4435764157983228083: Received:  { Ans: , MgmtId: 6702933999656, via: 7, 
> Ver: v1, Flags: 0, { GroupAnswer } }
> 2015-07-31 21:13:49,133 DEBUG [c.c.n.l.LoadBalancingRulesManagerImpl] 
> (API-Job-Executor-9:ctx-4c2d49d3 job-315 ctx-06ebb5a1) LB Rollback rule id: 6 
>  while attaching VM: [29]



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to