From 08dc5c6f91290160a902ee816501e3591e0db140 Mon Sep 17 00:00:00 2001
From: Kishan Kavala <kishan@apache.org>
Date: Wed, 27 Aug 2014 01:11:29 +0530
Subject: [PATCH] CLOUDSTACK-7428: Allow LXC cluster in SG enabled zones. Use
 lxc driver in security_group.py script for lxc host

---
 scripts/vm/network/security_group.py                | 13 +++++++++----
 .../src/com/cloud/resource/ResourceManagerImpl.java |  3 ++-
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/scripts/vm/network/security_group.py b/scripts/vm/network/security_group.py
index 14f7e845663..b4a355d9ecc 100755
--- a/scripts/vm/network/security_group.py
+++ b/scripts/vm/network/security_group.py
@@ -33,6 +33,11 @@ iptables = Command("iptables")
 bash = Command("/bin/bash")
 ebtablessave = Command("ebtables-save")
 ebtables = Command("ebtables")
+driver = "qemu:///system"
+cfo = configFileOps("/etc/cloudstack/agent/agent.properties")
+hyper = cfo.getEntry("hypervisor.type")
+if hyper == "lxc":
+    driver = "lxc:///"
 def execute(cmd):
     logging.debug(cmd)
     return bash("-c", cmd).stdout
@@ -96,7 +101,7 @@ def virshlist(*states):
 
     searchstates = list(libvirt_states[state] for state in states)
 
-    conn = libvirt.openReadOnly('qemu:///system')
+    conn = libvirt.openReadOnly(driver)
     if conn == None:
        print 'Failed to open connection to the hypervisor'
        sys.exit(3)
@@ -124,7 +129,7 @@ def virshdomstate(domain):
                      libvirt.VIR_DOMAIN_CRASHED  : 'crashed',
     }
 
-    conn = libvirt.openReadOnly('qemu:///system')
+    conn = libvirt.openReadOnly(driver)
     if conn == None:
        print 'Failed to open connection to the hypervisor'
        sys.exit(3)
@@ -141,7 +146,7 @@ def virshdomstate(domain):
 
 def virshdumpxml(domain):
 
-    conn = libvirt.openReadOnly('qemu:///system')
+    conn = libvirt.openReadOnly(driver)
     if conn == None:
        print 'Failed to open connection to the hypervisor'
        sys.exit(3)
@@ -925,7 +930,7 @@ def getBridges(vmName):
 
 def getvmId(vmName):
 
-    conn = libvirt.openReadOnly('qemu:///system')
+    conn = libvirt.openReadOnly(driver)
     if conn == None:
        print 'Failed to open connection to the hypervisor'
        sys.exit(3)
diff --git a/server/src/com/cloud/resource/ResourceManagerImpl.java b/server/src/com/cloud/resource/ResourceManagerImpl.java
index 50086212cf3..3405f99c64a 100755
--- a/server/src/com/cloud/resource/ResourceManagerImpl.java
+++ b/server/src/com/cloud/resource/ResourceManagerImpl.java
@@ -419,7 +419,8 @@ public class ResourceManagerImpl extends ManagerBase implements ResourceManager,
         }
 
         if (zone.isSecurityGroupEnabled() && zone.getNetworkType().equals(NetworkType.Advanced)) {
-            if (hypervisorType != HypervisorType.KVM && hypervisorType != HypervisorType.XenServer && hypervisorType != HypervisorType.Simulator) {
+            if (hypervisorType != HypervisorType.KVM && hypervisorType != HypervisorType.XenServer
+                    && hypervisorType != HypervisorType.LXC && hypervisorType != HypervisorType.Simulator) {
                 throw new InvalidParameterValueException("Don't support hypervisor type " + hypervisorType + " in advanced security enabled zone");
             }
         }