Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot forward port in VPC tier to VM secondaray NIC #108

Open
rvalle opened this issue Jul 13, 2022 · 3 comments · May be fixed by #110
Open

Cannot forward port in VPC tier to VM secondaray NIC #108

rvalle opened this issue Jul 13, 2022 · 3 comments · May be fixed by #110
Labels
bug Something isn't working

Comments

@rvalle
Copy link
Collaborator

rvalle commented Jul 13, 2022
edited

I am not sure what is going wrong, I try to make this port forward in the UI and works.

As far as I understand when forwarding ports to secondary NIC the secondary IP of the VM needs to be specified, like so:

          cs_portforward:
            ip_address: "10.9.65.6"
            vm_guest_ip: "10.131.1.127"
            vm: "ft1c"
            public_port: "9000"
            private_port: "9000"
            network: "frontend3"
            vpc: "vpc3"
            zone: "z2"

vm_guest_ip belongs to network frontend3 but that is on secondary NIC for ft1c vm. In the UI I set similar parameters and works.

I get the following error:

An exception occurred during task execution. To see the full traceback, use -vvv. The error was: KeyError: 'secondaryip'
fatal: [localhost]: FAILED! => {"changed": false, "module_stderr": "Traceback (most recent call last):
File \"/home/ansible/.ansible/tmp/ansible-tmp-1657746542.2604373-64-246661389431216/AnsiballZ_cs_portforward.py\", line 102, in <module>
    _ansiballz_main()
  File \"/home/ansible/.ansible/tmp/ansible-tmp-1657746542.2604373-64-246661389431216/AnsiballZ_cs_portforward.py\", line 94, in _ansiballz_main
    invoke_module(zipped_mod, temp_path, ANSIBALLZ_PARAMS)
  File \"/home/ansible/.ansible/tmp/ansible-tmp-1657746542.2604373-64-246661389431216/AnsiballZ_cs_portforward.py\", line 40, in invoke_module
    runpy.run_module(mod_name='ansible_collections.ngine_io.cloudstack.plugins.modules.cs_portforward', init_globals=None, run_name='__main__', alter_sys=True)\n  File \"/usr/local/lib/python3.6/runpy.py\", line 205, in run_module
    return _run_module_code(code, init_globals, run_name, mod_spec)
  File \"/usr/local/lib/python3.6/runpy.py\", line 96, in _run_module_code
    mod_name, mod_spec, pkg_name, script_name)
  File \"/usr/local/lib/python3.6/runpy.py\", line 85, in _run_code
    exec(code, run_globals)
  File \"/tmp/ansible_cs_portforward_payload_fcii10oq/ansible_cs_portforward_payload.zip/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_portforward.py\", line 403, in <module>
  File \"/tmp/ansible_cs_portforward_payload_fcii10oq/ansible_cs_portforward_payload.zip/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_portforward.py\", line 396, in main
  File \"/tmp/ansible_cs_portforward_payload_fcii10oq/ansible_cs_portforward_payload.zip/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_portforward.py\", line 278, in present_portforwarding_rule
  File \"/tmp/ansible_cs_portforward_payload_fcii10oq/ansible_cs_portforward_payload.zip/ansible_collections/ngine_io/cloudstack/plugins/modules/cs_portforward.py\", line 320, in update_portforwarding_rule
  File \"/tmp/ansible_cs_portforward_payload_fcii10oq/ansible_cs_portforward_payload.zip/ansible_collections/ngine_io/cloudstack/plugins/module_utils/cloudstack.py\", line 404, in get_vm_guest_ip
KeyError: 'secondaryip'", "module_stdout": "", "msg": "MODULE FAILURE
See stdout/stderr for the exact error", "rc": 1}
@resmo resmo added the bug Something isn't working label Jul 13, 2022
@resmo
Copy link
Member

resmo commented Jul 13, 2022

related code:

ansible-collection-cloudstack/plugins/module_utils/cloudstack.py

Line 408 in 6da2b06

for secondary_ip in default_nic['secondaryip']:

@rvalle
Copy link
Collaborator Author

rvalle commented Jul 14, 2022

I think it is looking for a secondary IP on the default NIC, however the use case is the ip of a non default NIC.
I am not sure of what is the casuistic that should be supported. perhaps ANY ip primary or secondary of any interface should be allowed?

@Pearl1594
Copy link
Contributor

I believe it is not possible to add a port forward rule to the secondary NIC. Trying it directly via Cloudstack i.e, on trying to add a port-forward rule for the primary IP on the secondary nic fails with the following error:

(ansibletest) 🐱 > create portforwardingrule ipaddressid=75421aee-cc8b-47bd-b4ba-8bb926b330ab privateport=3000 privateendport=3000 publicport=3000 publicendport=3000 networkid=32621cf2-ca8a-4821-9f3a-1dadfdddf4fd vmguestip=10.1.1.184 protocol=tcp virtualmachineid=f57183a3-a7dd-4302-8414-2ed3e6fd310b 
🙈 Error: (HTTP 431, error code 4350) IP Address is not in the VM nic's network

However, there does exist an issue with creating a PF rule on the primary IP of the default NIC as well.

@Pearl1594 Pearl1594 linked a pull request Jul 27, 2022 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix port forward rule creation for primary IP of default NIC Pearl1594/ansible-collection-cloudstack
3 participants
@resmo @rvalle @Pearl1594