Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
4.10.0.0
-
Security Level: Public (Anyone can view this level - this is the default.)
-
Ubuntu 16.04 - KVM
Description
On a Hypervisor we saw the programming of Security Groups fail and I am not sure yet why:
2017-12-06 14:10:31,095 DEBUG [cloud.agent.Agent] (agentRequest-Handler-15:null) (logid:e68a57b9) Request:Seq 1-3318027025465216281: { Cmd , MgmtId: 90520741056852, via: 1, Ver: v1, Flags: 100111, [{"com.cloud.agent.api.SecurityGroupRulesCmd":{"guestIp":"62.221.192.7","vmName":"i-
4-6-VM","guestMac":"1e:00:4f:00:00:f9","signature":"4134ed9a39aa2aa85620780ce4b7bc27","seqNum":14,"vmId":6,"msId":90520741056852,"ingressRuleSet":[Unknown macro: {"proto"}],"egressRuleSet":[],"wait":0}}] }
2017-12-06 14:10:31,095 DEBUG [cloud.agent.Agent] (agentRequest-Handler-15:null) (logid:e68a57b9) Processing command: com.cloud.agent.api.SecurityGroupRulesCmd
2017-12-06 14:10:31,095 DEBUG [kvm.resource.LibvirtConnection] (agentRequest-Handler-15:null) (logid:e68a57b9) Looking for libvirtd connection at: qemu:///system
2017-12-06 14:10:31,098 DEBUG [kvm.resource.LibvirtComputingResource] (agentRequest-Handler-15:null) (logid:e68a57b9) Executing: /usr/share/cloudstack-common/scripts/vm/network/security_group.py add_network_rules --vmname i-4-6-VM --vmid 6 --vmip 62.221.192.7 --vmip6 null --sig 413
4ed9a39aa2aa85620780ce4b7bc27 --seq 14 --vmmac 1e:00:4f:00:00:f9 --vif vnet6 --brname cloudbr0 --nicsecips 0: --rules I:tcp:22:22:0.0.0.0/0,NEXT;
2017-12-06 14:10:31,098 WARN [kvm.resource.LibvirtComputingResource] (agentRequest-Handler-15:null) (logid:e68a57b9) Exception: /usr/share/cloudstack-common/scripts/vm/network/security_group.py add_network_rules --vmname i-4-6-VM --vmid 6 --vmip 62.221.192.7 --vmip6 null --sig 4134ed9a39aa2aa85620780ce4b7bc27 --seq 14 --vmmac 1e:00:4f:00:00:f9 --vif vnet6 --brname cloudbr0 --nicsecips 0: --rules I:tcp:22:22:0.0.0.0/0,NEXT;
java.lang.NullPointerException
at java.lang.ProcessBuilder.start(ProcessBuilder.java:1012)
at com.cloud.utils.script.Script.execute(Script.java:214)
at com.cloud.utils.script.Script.execute(Script.java:182)
at com.cloud.hypervisor.kvm.resource.LibvirtComputingResource.addNetworkRules(LibvirtComputingResource.java:3429)
at com.cloud.hypervisor.kvm.resource.wrapper.LibvirtSecurityGroupRulesCommandWrapper.execute(LibvirtSecurityGroupRulesCommandWrapper.java:57)
at com.cloud.hypervisor.kvm.resource.wrapper.LibvirtSecurityGroupRulesCommandWrapper.execute(LibvirtSecurityGroupRulesCommandWrapper.java:36)
at com.cloud.hypervisor.kvm.resource.wrapper.LibvirtRequestWrapper.execute(LibvirtRequestWrapper.java:75)
at com.cloud.hypervisor.kvm.resource.LibvirtComputingResource.executeRequest(LibvirtComputingResource.java:1369)
at com.cloud.agent.Agent.processRequest(Agent.java:525)
at com.cloud.agent.Agent$AgentRequestHandler.doTask(Agent.java:833)
at com.cloud.utils.nio.Task.call(Task.java:83)
at com.cloud.utils.nio.Task.call(Task.java:29)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
2017-12-06 14:10:31,098 WARN [resource.wrapper.LibvirtSecurityGroupRulesCommandWrapper] (agentRequest-Handler-15:null) (logid:e68a57b9) Failed to program network rules for vm i-4-6-VM
2017-12-06 14:10:31,098 DEBUG [cloud.agent.Agent] (agentRequest-Handler-15:null) (logid:e68a57b9) Seq 1-3318027025465216281: { Ans: , MgmtId: 90520741056852, via: 1, Ver: v1, Flags: 110, [{"com.cloud.agent.api.SecurityGroupRuleAnswer":{"logSequenceNumber":14,"vmId":6,"reason":"PROGRAMMING_FAILED","result":false,"details":"programming network rules failed","wait":0}}] }
I see the vmip6 being null and after setting a IPv6 address for the Instance it suddenly worked.
However, I was not yet able in the code to figure out why this is a NPE in com.cloud.utils.Script
It has a issue with getting back output from ProcessBuilder.
Creating this ticket to make sure it's tracked, but I don't know what is happening yet.
Attachments
Issue Links
- links to