Password Reset ignores redundant VR status when saving new password #3144
Description
ISSUE TYPE
- Bug Report
COMPONENT NAME
Management Server
CLOUDSTACK VERSION
Verified on 4.8 and 4.11.2
CONFIGURATION
Advanced Network, Redundant Virtual Routers
OS / ENVIRONMENT
n/a
SUMMARY
When you use the password reset feature, the password is always saved to the first running VR, not the master. The code in VirtualRouterElement.savePassword appears to iterate over the output of routerDao.listByNetworkOnRole, and returns after the first running router. This has the outcome that password resets don't work if the first VR on a network is backup.
STEPS TO REPRODUCE
- Deploy Isolated Network using DefaultIsolatedNetworkOfferingWithSourceNatService
- Restart Network with "Make Redundant" ticked, wait for network to complete so that there is one VR as BACKUP and another as MASTER.
- Deploy a VM on new network with password-enabled template, Stop it
- Ensure second VR (one with highest r-XXX-VM number) is MASTER. If not, restart the current master and wait for CS status to update.
- Issue password reset for VM.
EXPECTED RESULTS
CloudStack should've saved the password to the MASTER VR
ACTUAL RESULTS
CloudStack saved the password to the BACKUP (first) VR.
The problem can be fixed by sorting the list of routers by redundant status, with MASTER first. If there are no MASTER routers on a redundant network, I would expect the password reset to fail.