Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OpenStack provisioning: IllegalStateException "cidrBlock ::/0 is not a valid CIDR" #257

Open
aledsage opened this issue Mar 24, 2016 · 5 comments
Open

OpenStack provisioning: IllegalStateException "cidrBlock ::/0 is not a valid CIDR" #257

aledsage opened this issue Mar 24, 2016 · 5 comments
Labels
1.x bug

Comments

@aledsage
Copy link
Member

Not sure whether to report this again jclouds, Brooklyn or Clocker (so reporting it here for now)! I'll likely cross-post on jclouds jira.

When launching docker-cloud-weave to OpenStack (BlueBox), without specifying a security group anywhere, it gave the error below. This prevented it from creating any VMs.

Failed after 6.11s: Error invoking start at DockerHostImpl{id=uMtN8h3W}: UncheckedExecutionException: java.lang.IllegalArgumentException: cidrBlock ::/0 is not a valid CIDR

org.apache.brooklyn.core.mgmt.internal.EffectorUtils$EffectorCallPropagatedRuntimeException: Error invoking start at DockerHostImpl{id=uMtN8h3W}: UncheckedExecutionException: java.lang.IllegalArgumentException: cidrBlock ::/0 is not a valid CIDR
    at org.apache.brooklyn.core.mgmt.internal.EffectorUtils$EffectorCallPropagatedRuntimeException.propagate(EffectorUtils.java:299)
    at org.apache.brooklyn.core.mgmt.internal.EffectorUtils$EffectorCallPropagatedRuntimeException.access$100(EffectorUtils.java:266)
    at org.apache.brooklyn.core.mgmt.internal.EffectorUtils.handleEffectorException(EffectorUtils.java:306)
    at org.apache.brooklyn.core.effector.EffectorTasks$EffectorBodyTaskFactory$2.handleException(EffectorTasks.java:90)
    at org.apache.brooklyn.util.core.task.DynamicSequentialTask.handleException(DynamicSequentialTask.java:469)
    at org.apache.brooklyn.util.core.task.DynamicSequentialTask$DstJob.call(DynamicSequentialTask.java:417)
    at org.apache.brooklyn.util.core.task.BasicExecutionManager$SubmissionCallable.call(BasicExecutionManager.java:518)
    at java.util.concurrent.FutureTask.run(FutureTask.java:262)
    at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
    at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.brooklyn.util.exceptions.PropagatedRuntimeException: UncheckedExecutionException: java.lang.IllegalArgumentException: cidrBlock ::/0 is not a valid CIDR
    at org.apache.brooklyn.util.exceptions.Exceptions.propagate(Exceptions.java:128)
    at org.apache.brooklyn.util.core.task.BasicTask.getUnchecked(BasicTask.java:372)
    at org.apache.brooklyn.util.core.task.Tasks$2.get(Tasks.java:285)
    at org.apache.brooklyn.entity.software.base.lifecycle.MachineLifecycleEffectorTasks.preStartAtMachineAsync(MachineLifecycleEffectorTasks.java:412)
    at org.apache.brooklyn.entity.software.base.lifecycle.MachineLifecycleEffectorTasks.startInLocation(MachineLifecycleEffectorTasks.java:339)
    at org.apache.brooklyn.entity.software.base.lifecycle.MachineLifecycleEffectorTasks.startInLocations(MachineLifecycleEffectorTasks.java:324)
    at org.apache.brooklyn.entity.software.base.lifecycle.MachineLifecycleEffectorTasks.start(MachineLifecycleEffectorTasks.java:313)
    at org.apache.brooklyn.entity.software.base.lifecycle.MachineLifecycleEffectorTasks$StartEffectorBody.call(MachineLifecycleEffectorTasks.java:214)
    at org.apache.brooklyn.entity.software.base.lifecycle.MachineLifecycleEffectorTasks$StartEffectorBody.call(MachineLifecycleEffectorTasks.java:201)
    at org.apache.brooklyn.core.effector.EffectorTasks$EffectorBodyTaskFactory$1.call(EffectorTasks.java:82)
    at org.apache.brooklyn.util.core.task.DynamicSequentialTask$DstJob.call(DynamicSequentialTask.java:359)
    ... 5 more
Caused by: java.util.concurrent.ExecutionException: com.google.common.util.concurrent.UncheckedExecutionException: java.lang.IllegalArgumentException: cidrBlock ::/0 is not a valid CIDR
    at java.util.concurrent.FutureTask.report(FutureTask.java:122)
    at java.util.concurrent.FutureTask.get(FutureTask.java:188)
    at com.google.common.util.concurrent.ForwardingFuture.get(ForwardingFuture.java:63)
    at org.apache.brooklyn.util.core.task.BasicTask.get(BasicTask.java:361)
    at org.apache.brooklyn.util.core.task.BasicTask.getUnchecked(BasicTask.java:370)
    ... 14 more
Caused by: com.google.common.util.concurrent.UncheckedExecutionException: java.lang.IllegalArgumentException: cidrBlock ::/0 is not a valid CIDR
    at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2201)
    at com.google.common.cache.LocalCache.get(LocalCache.java:3934)
    at com.google.common.cache.LocalCache$LocalManualCache.get(LocalCache.java:4736)
    at org.apache.brooklyn.location.jclouds.networking.JcloudsLocationSecurityGroupCustomizer.setSecurityGroupOnTemplate(JcloudsLocationSecurityGroupCustomizer.java:389)
    at org.apache.brooklyn.location.jclouds.networking.JcloudsLocationSecurityGroupCustomizer.customize(JcloudsLocationSecurityGroupCustomizer.java:380)
    at org.apache.brooklyn.location.jclouds.JcloudsLocation.customizeTemplate(JcloudsLocation.java:1419)
    at org.apache.brooklyn.location.jclouds.JcloudsLocation.obtainOnce(JcloudsLocation.java:713)
    at org.apache.brooklyn.location.jclouds.JcloudsLocation.obtain(JcloudsLocation.java:613)
    at org.apache.brooklyn.entity.software.base.lifecycle.MachineLifecycleEffectorTasks$ObtainLocationTask.call(MachineLifecycleEffectorTasks.java:406)
    at org.apache.brooklyn.entity.software.base.lifecycle.MachineLifecycleEffectorTasks$ObtainLocationTask.call(MachineLifecycleEffectorTasks.java:396)
    at org.apache.brooklyn.util.core.task.Tasks.withBlockingDetails(Tasks.java:98)
    at org.apache.brooklyn.entity.software.base.lifecycle.MachineLifecycleEffectorTasks$ProvisionMachineTask.call(MachineLifecycleEffectorTasks.java:380)
    at org.apache.brooklyn.entity.software.base.lifecycle.MachineLifecycleEffectorTasks$ProvisionMachineTask.call(MachineLifecycleEffectorTasks.java:364)
    ... 6 more
Caused by: java.lang.IllegalArgumentException: cidrBlock ::/0 is not a valid CIDR
    at com.google.common.base.Preconditions.checkArgument(Preconditions.java:148)
    at org.jclouds.net.domain.IpPermission$Builder.cidrBlock(IpPermission.java:107)
    at org.jclouds.openstack.nova.v2_0.compute.functions.SecurityGroupRuleToIpPermission.apply(SecurityGroupRuleToIpPermission.java:81)
    at org.jclouds.openstack.nova.v2_0.compute.functions.SecurityGroupRuleToIpPermission.apply(SecurityGroupRuleToIpPermission.java:48)
    at com.google.common.collect.Iterators$8.transform(Iterators.java:794)
    at com.google.common.collect.TransformedIterator.next(TransformedIterator.java:48)
    at com.google.common.collect.ImmutableCollection$Builder.addAll(ImmutableCollection.java:281)
    at com.google.common.collect.ImmutableCollection$ArrayBasedBuilder.addAll(ImmutableCollection.java:360)
    at com.google.common.collect.ImmutableSet$Builder.addAll(ImmutableSet.java:508)
    at org.jclouds.compute.domain.SecurityGroupBuilder.ipPermissions(SecurityGroupBuilder.java:43)
    at org.jclouds.openstack.nova.v2_0.compute.functions.NovaSecurityGroupToSecurityGroup.apply(NovaSecurityGroupToSecurityGroup.java:61)
    at org.jclouds.openstack.nova.v2_0.compute.functions.NovaSecurityGroupToSecurityGroup.apply(NovaSecurityGroupToSecurityGroup.java:39)
    at org.jclouds.openstack.nova.v2_0.compute.functions.NovaSecurityGroupInRegionToSecurityGroup.apply(NovaSecurityGroupInRegionToSecurityGroup.java:61)
    at org.jclouds.openstack.nova.v2_0.compute.functions.NovaSecurityGroupInRegionToSecurityGroup.apply(NovaSecurityGroupInRegionToSecurityGroup.java:43)
    at com.google.common.collect.Iterators$8.transform(Iterators.java:794)
    at com.google.common.collect.TransformedIterator.next(TransformedIterator.java:48)
    at com.google.common.collect.ImmutableCollection$Builder.addAll(ImmutableCollection.java:301)
    at com.google.common.collect.ImmutableSet$Builder.addAll(ImmutableSet.java:522)
    at com.google.common.collect.ImmutableSet.copyOf(ImmutableSet.java:321)
    at com.google.common.collect.ImmutableSet.copyOf(ImmutableSet.java:300)
    at org.jclouds.openstack.nova.v2_0.compute.extensions.NovaSecurityGroupExtension.listSecurityGroupsInLocation(NovaSecurityGroupExtension.java:116)
    at org.jclouds.openstack.nova.v2_0.compute.extensions.NovaSecurityGroupExtension.listSecurityGroupsInLocation(NovaSecurityGroupExtension.java:109)
    at org.apache.brooklyn.location.jclouds.networking.JcloudsLocationSecurityGroupCustomizer.getOrCreateSharedSecurityGroup(JcloudsLocationSecurityGroupCustomizer.java:420)
    at org.apache.brooklyn.location.jclouds.networking.JcloudsLocationSecurityGroupCustomizer.access$100(JcloudsLocationSecurityGroupCustomizer.java:90)
    at org.apache.brooklyn.location.jclouds.networking.JcloudsLocationSecurityGroupCustomizer$3.call(JcloudsLocationSecurityGroupCustomizer.java:391)
    at org.apache.brooklyn.location.jclouds.networking.JcloudsLocationSecurityGroupCustomizer$3.call(JcloudsLocationSecurityGroupCustomizer.java:389)
    at com.google.common.cache.LocalCache$LocalManualCache$1.load(LocalCache.java:4739)
    at com.google.common.cache.LocalCache$LoadingValueReference.loadFuture(LocalCache.java:3524)
    at com.google.common.cache.LocalCache$Segment.loadSync(LocalCache.java:2317)
    at com.google.common.cache.LocalCache$Segment.lockedGetOrLoad(LocalCache.java:2280)
    at com.google.common.cache.LocalCache$Segment.get(LocalCache.java:2195)
    ... 18 more
@aledsage aledsage added the bug label Mar 24, 2016
@aledsage
Copy link
Member Author

See https://issues.apache.org/jira/browse/JCLOUDS-1100

@grkvlt
Copy link
Member

grkvlt commented Mar 25, 2016

Odd, because ::/0 is a valid CIDR, but for IPV6. The equivalent of 0.0.0.0/0 for IPV4. OpenStack supports the syntax (at least in the Horizon UI, I'm sure) but it's what you get in the default set of rules for a security group.

@johnmccabe
Copy link
Member

@grkvlt I'm still seeing this with a build of brooklyn/advanced-networking from master and the #272 pr of clocker. I've specified the security group in my location and would have expected that to be used instead of having to specify the docker.host.securityGroup property but still see the JcloudsLocationSecurityGroupCustomizer being invoked and a new default security group being created.

@grkvlt
Copy link
Member

grkvlt commented Apr 14, 2016

We always add the customizer, it should be optional, yes

@johnmccabe
Copy link
Member

johnmccabe commented Apr 15, 2016
edited
Loading

Partially addressed this in d88341a in #272 which will use the securityGroup in the location if present and a String.
Still need to sort out handling for the IPv6 wildcards.

@grkvlt grkvlt added the 1.x label Sep 30, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
1.x bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@johnmccabe @grkvlt @aledsage