etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of ssh://git.cloud.com/var/lib/git/cloudstack-oss

This commit is contained in:
David Nalley 2011-12-20 14:15:50 -05:00
parent 59f7766c04 ff92901baf
commit 36689a95b3
119 changed files with 2142 additions and 2206 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@ -16,6 +16,7 @@ dist/
cloud-*.tar.bz2
*.log
*.pyc
*.cfg
build.number
api.log.*.gz
cloud.log.*.*
@ -23,4 +24,4 @@ unittest
deps/cloud.userlibraries
.DS_Store
.idea
*.iml
*.iml

10
INSTALL.txt
View File

@ -11,6 +11,16 @@ yum install ant ant-devel openjdk openjdk-devel mysql mysql-server tomcat
Dependencies:
yum install jakarta-commons-collections jakarta-commons-dbcp.noarch apache-commons-logging.noarch jakarta-commons-pool jakarta-commons-httpclient.noarch ws-commons-util.noarch glibc-devel gcc python MySQL-python openssh-clients
Tomcat:
Download tomcat6.0.33 from http://archive.apache.org/dist/tomcat/tomcat-6/v6.0.33/bin/ instead of using distribution's default tomcat. Set CATALINA_HOME and CATALINA_BASE to path where you extract tomcat in environment variable, it would be better off setting them in .bashrc as it will take effect every time you log in.
Note: Tomcat6.0.35 has some known issue with CloudStack, please avoid it
SSHKEY:
Run:
sh-keygen -t rsa -q
to create sshkey for your account if you don't have one
Step 2: Configuration
Start the MySQL service :

15
agent-simulator/src/com/cloud/agent/manager/MockAgentManagerImpl.java
View File

@ -29,7 +29,9 @@ import com.cloud.agent.api.MaintainAnswer;
import com.cloud.agent.api.PingTestCommand;
import com.cloud.agent.api.PrepareForMigrationAnswer;
import com.cloud.agent.api.PrepareForMigrationCommand;
import com.cloud.agent.api.StartupCommand;
import com.cloud.dc.dao.HostPodDao;
import com.cloud.host.Host;
import com.cloud.host.Host.Type;
import com.cloud.resource.AgentResourceBase;
import com.cloud.resource.AgentRoutingResource;
@ -261,21 +263,20 @@ public class MockAgentManagerImpl implements MockAgentManager {
AgentStorageResource storageResource = new AgentStorageResource();
try {
Map<String, Object> params = new HashMap<String, Object>();
Map<String, String> details = new HashMap<String, String>();
params.put("guid", this.guid);
details.put("guid", this.guid);
storageResource.configure("secondaryStorage", params);
storageResource.start();
//on the simulator the ssvm is as good as a direct agent
_resourceMgr.addHost(mockHost.getDataCenterId(), storageResource, Host.Type.SecondaryStorageVM, details);
_resources.put(this.guid, storageResource);
} catch (ConfigurationException e) {
s_logger.debug("Failed to load secondary storage resource: " + e.toString());
return;
}
Map<String, String> details = new HashMap<String, String>();
_resourceMgr.addHost(this.dcId, storageResource, Type.SecondaryStorageVM, details);
_resources.put(this.guid, storageResource);
}
}
}
}
@Override

3
agent-simulator/src/com/cloud/resource/AgentStorageResource.java
View File

@ -18,6 +18,7 @@ import com.cloud.agent.api.ReadyAnswer;
import com.cloud.agent.api.ReadyCommand;
import com.cloud.agent.api.StartupCommand;
import com.cloud.agent.api.StartupSecondaryStorageCommand;
import com.cloud.agent.api.StartupStorageCommand;
import com.cloud.agent.api.storage.ssCommand;
import com.cloud.agent.manager.SimulatorManager;
import com.cloud.agent.manager.SimulatorManager.AgentType;
@ -67,7 +68,7 @@ public class AgentStorageResource extends AgentResourceBase implements Secondary
@Override
public StartupCommand[] initialize() {
StartupSecondaryStorageCommand cmd = new StartupSecondaryStorageCommand();
StartupSecondaryStorageCommand cmd = new StartupSecondaryStorageCommand();
cmd.setPrivateIpAddress(agentHost.getPrivateIpAddress());
cmd.setPrivateNetmask(agentHost.getPrivateNetMask());

2
agent-simulator/src/com/cloud/resource/SimulatorDiscoverer.java
View File

@ -307,7 +307,6 @@ public class SimulatorDiscoverer extends DiscovererBase implements Discoverer, L
@Override
public HostVO createHostVOForConnectedAgent(HostVO host,
StartupCommand[] cmd) {
// TODO Auto-generated method stub
return null;
}
@ -331,7 +330,6 @@ public class SimulatorDiscoverer extends DiscovererBase implements Discoverer, L
@Override
public DeleteHostAnswer deleteHost(HostVO host, boolean isForced,
boolean isForceDeleteStorage) throws UnableDeleteHostException {
// TODO Auto-generated method stub
return null;
}

111
agent-simulator/src/com/cloud/resource/SimulatorSecondaryDiscoverer.java
View File

@ -6,17 +6,34 @@ import java.util.Map;
import javax.ejb.Local;
import javax.naming.ConfigurationException;
import com.cloud.agent.AgentManager;
import com.cloud.agent.Listener;
import com.cloud.agent.api.AgentControlAnswer;
import com.cloud.agent.api.AgentControlCommand;
import com.cloud.agent.api.Answer;
import com.cloud.agent.api.Command;
import com.cloud.agent.api.StartupCommand;
import com.cloud.agent.api.StartupSecondaryStorageCommand;
import com.cloud.agent.manager.MockStorageManager;
import com.cloud.exception.ConnectionException;
import com.cloud.host.HostVO;
import com.cloud.host.Status;
import com.cloud.storage.SnapshotVO;
import com.cloud.storage.dao.SnapshotDao;
import com.cloud.storage.secondary.SecondaryStorageDiscoverer;
import com.cloud.utils.component.Inject;
import com.cloud.utils.exception.CloudRuntimeException;
@Local(value=Discoverer.class)
public class SimulatorSecondaryDiscoverer extends SecondaryStorageDiscoverer {
@Inject
MockStorageManager _mockStorageMgr = null;
public class SimulatorSecondaryDiscoverer extends SecondaryStorageDiscoverer implements ResourceStateAdapter, Listener {
@Inject MockStorageManager _mockStorageMgr = null;
@Inject AgentManager _agentMgr;
@Inject ResourceManager _resourceMgr;
@Inject SnapshotDao _snapshotDao;
@Override
public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
_agentMgr.registerForHostEvents(this, true, false, false);
_resourceMgr.registerResourceStateAdapter(this.getClass().getSimpleName(), this);
return super.configure(name, params);
}
@ -27,4 +44,92 @@ public class SimulatorSecondaryDiscoverer extends SecondaryStorageDiscoverer {
_mockStorageMgr.preinstallTemplates(host.getStorageUrl(), host.getDataCenterId());
}
}
@Override
public HostVO createHostVOForConnectedAgent(HostVO host,
StartupCommand[] cmd) {
return null;
}
@Override
public HostVO createHostVOForDirectConnectAgent(HostVO host,
StartupCommand[] startup, ServerResource resource,
Map<String, String> details, List<String> hostTags) {
//for detecting SSVM dispatch
StartupCommand firstCmd = startup[0];
if (!(firstCmd instanceof StartupSecondaryStorageCommand)) {
return null;
}
host.setType(com.cloud.host.Host.Type.SecondaryStorageVM);
return host;
}
@Override
public DeleteHostAnswer deleteHost(HostVO host, boolean isForced,
boolean isForceDeleteStorage) throws UnableDeleteHostException {
long hostId = host.getId();
List<SnapshotVO> snapshots = _snapshotDao.listByHostId(hostId);
if (snapshots != null && !snapshots.isEmpty()) {
throw new CloudRuntimeException("Cannot delete this secondary storage because there are still snapshots on it ");
}
_vmTemplateHostDao.deleteByHost(hostId);
host.setGuid(null);
_hostDao.update(hostId, host);
_hostDao.remove(hostId);
return new DeleteHostAnswer(true);
}
@Override
public boolean start() {
return true;
}
@Override
public boolean stop() {
_resourceMgr.unregisterResourceStateAdapter(this.getClass().getSimpleName());
return true;
}
@Override
public int getTimeout() {
return 0;
}
@Override
public boolean isRecurring() {
return false;
}
@Override
public boolean processAnswers(long agentId, long seq, Answer[] answers) {
return false;
}
@Override
public boolean processCommands(long agentId, long seq, Command[] commands) {
return false;
}
@Override
public void processConnect(HostVO host, StartupCommand cmd,
boolean forRebalance) throws ConnectionException {
}
@Override
public AgentControlAnswer processControlCommand(long agentId,
AgentControlCommand cmd) {
return null;
}
@Override
public boolean processDisconnect(long agentId, Status state) {
return false;
}
@Override
public boolean processTimeout(long agentId, long seq) {
return false;
}
}

4
agent/distro/ubuntu/SYSCONFDIR/init.d/cloud-agent.in
View File

@ -37,10 +37,10 @@ wait_for_network() {
if ip addr show cloudbr0 |grep -w inet > /dev/null 2>&1; then
break
else
sleep 1
let i=$i+1
continue
fi
sleep 1
let i=$i+1
done
}

10
agent/src/com/cloud/agent/resource/computing/LibvirtComputingResource.java
View File

@ -1993,7 +1993,7 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv
getUsage.add("-d", vif);
}
getUsage.add(" -i ", privateIpAddress);
getUsage.add("-i", privateIpAddress);
final OutputInterpreter.OneLineParser usageParser = new OutputInterpreter.OneLineParser();
String result = getUsage.execute(usageParser);
if (result != null) {
@ -3434,8 +3434,12 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv
}
if (oldStats != null) {
stats.setNetworkReadKBs((rx - oldStats._rx)/1000);
stats.setNetworkWriteKBs((tx - oldStats._tx)/1000);
long deltarx = rx - oldStats._rx;
if (deltarx > 0)
stats.setNetworkReadKBs(deltarx/1000);
long deltatx = tx - oldStats._tx;
if (deltatx > 0)
stats.setNetworkWriteKBs(deltatx/1000);
}
vmStats newStat = new vmStats();

1
api/src/com/cloud/acl/SecurityChecker.java
View File

@ -21,7 +21,6 @@
*/
package com.cloud.acl;
import com.cloud.acl.SecurityChecker.AccessType;
import com.cloud.dc.DataCenter;
import com.cloud.domain.Domain;
import com.cloud.exception.PermissionDeniedException;

16
api/src/com/cloud/api/BaseCmd.java
View File

@ -35,6 +35,7 @@ import com.cloud.domain.Domain;
import com.cloud.exception.ConcurrentOperationException;
import com.cloud.exception.InsufficientCapacityException;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.exception.ResourceAllocationException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.NetworkService;
@ -459,7 +460,7 @@ public abstract class BaseCmd {
return this.fullUrlParams;
}
public Long getAccountId(String accountName, Long domainId, Long projectId) {
public Long finalyzeAccountId(String accountName, Long domainId, Long projectId, boolean enabledOnly) {
if (accountName != null) {
if (domainId == null) {
throw new InvalidParameterValueException("Account must be specified with domainId parameter");
@ -472,27 +473,28 @@ public abstract class BaseCmd {
Account account = _accountService.getActiveAccountByName(accountName, domainId);
if (account != null && account.getType() != Account.ACCOUNT_TYPE_PROJECT) {
return account.getId();
if (!enabledOnly || account.getState() == Account.State.enabled) {
return account.getId();
} else {
throw new PermissionDeniedException("Can't add resources to the account id=" + account.getId() + " in state=" + account.getState() + " as it's no longer active");
}
} else {
throw new InvalidParameterValueException("Unable to find account by name " + accountName + " in domain id=" + domainId);
}
}
if (projectId != null) {
Project project = _projectService.getProject(projectId);
if (project != null) {
if (project.getState() == Project.State.Active) {
if (!enabledOnly || project.getState() == Project.State.Active) {
return project.getProjectAccountId();
} else {
throw new InvalidParameterValueException("Can't add resources to the project id=" + projectId + " in state=" + project.getState() + " as it's no longer active");
throw new PermissionDeniedException("Can't add resources to the project id=" + projectId + " in state=" + project.getState() + " as it's no longer active");
}
} else {
throw new InvalidParameterValueException("Unable to find project by id " + projectId);
}
}
return null;
}
}

2
api/src/com/cloud/api/commands/AddVpnUserCmd.java
View File

@ -96,7 +96,7 @@ public class AddVpnUserCmd extends BaseAsyncCreateCmd {
@Override
public long getEntityOwnerId() {
Long accountId = getAccountId(accountName, domainId, projectId);
Long accountId = finalyzeAccountId(accountName, domainId, projectId, true);
if (accountId == null) {
return UserContext.current().getCaller().getId();
}

13
api/src/com/cloud/api/commands/AssignVMCmd.java
View File

@ -18,6 +18,9 @@
package com.cloud.api.commands;
import java.util.ArrayList;
import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
@ -32,6 +35,7 @@ import com.cloud.api.response.UserVmResponse;
import com.cloud.api.response.ZoneResponse;
import com.cloud.async.AsyncJob;
import com.cloud.event.EventTypes;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.user.Account;
import com.cloud.uservm.UserVm;
@ -54,7 +58,12 @@ public class AssignVMCmd extends BaseCmd {
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="an optional domainId for the vpn user. If the account parameter is used, domainId must also be used.")
private Long domainId;
//Network information
@IdentityMapper(entityTableName="networks")
@Parameter(name=ApiConstants.NETWORK_IDS, type=CommandType.LIST, collectionType=CommandType.LONG, description="list of network ids that will be part of VM network after move")
private List<Long> networkIds;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
@ -70,6 +79,10 @@ public class AssignVMCmd extends BaseCmd {
public Long getDomainId() {
return domainId;
}
public List<Long> getNetworkIds() {
return networkIds;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////

2
api/src/com/cloud/api/commands/AssociateIPAddrCmd.java
View File

@ -129,7 +129,7 @@ public class AssociateIPAddrCmd extends BaseAsyncCreateCmd {
@Override
public long getEntityOwnerId() {
Long accountId = getAccountId(accountName, domainId, projectId);
Long accountId = finalyzeAccountId(accountName, domainId, projectId, true);
if (accountId == null) {
return UserContext.current().getCaller().getId();
}

2
api/src/com/cloud/api/commands/AuthorizeSecurityGroupEgressCmd.java
View File

@ -164,7 +164,7 @@ public class AuthorizeSecurityGroupEgressCmd extends BaseAsyncCmd {
@Override
public long getEntityOwnerId() {
Long accountId = getAccountId(accountName, domainId, projectId);
Long accountId = finalyzeAccountId(accountName, domainId, projectId, true);
if (accountId == null) {
return UserContext.current().getCaller().getId();
}

2
api/src/com/cloud/api/commands/AuthorizeSecurityGroupIngressCmd.java
View File

@ -166,7 +166,7 @@ public class AuthorizeSecurityGroupIngressCmd extends BaseAsyncCmd {
@Override
public long getEntityOwnerId() {
Long accountId = getAccountId(accountName, domainId, projectId);
Long accountId = finalyzeAccountId(accountName, domainId, projectId, true);
if (accountId == null) {
return UserContext.current().getCaller().getId();
}

2
api/src/com/cloud/api/commands/CreateNetworkCmd.java
View File

@ -199,7 +199,7 @@ public class CreateNetworkCmd extends BaseCmd {
@Override
public long getEntityOwnerId() {
Long accountId = getAccountId(accountName, domainId, projectId);
Long accountId = finalyzeAccountId(accountName, domainId, projectId, true);
if (accountId == null) {
return UserContext.current().getCaller().getId();
}

2
api/src/com/cloud/api/commands/CreateSSHKeyPairCmd.java
View File

@ -80,7 +80,7 @@ public class CreateSSHKeyPairCmd extends BaseCmd {
/////////////////////////////////////////////////////
@Override
public long getEntityOwnerId() {
Long accountId = getAccountId(accountName, domainId, projectId);
Long accountId = finalyzeAccountId(accountName, domainId, projectId, true);
if (accountId == null) {
return UserContext.current().getCaller().getId();
}

26
api/src/com/cloud/api/commands/CreateSnapshotCmd.java
View File

@ -30,7 +30,10 @@ import com.cloud.api.ServerApiException;
import com.cloud.api.response.SnapshotResponse;
import com.cloud.async.AsyncJob;
import com.cloud.event.EventTypes;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.exception.ResourceAllocationException;
import com.cloud.projects.Project;
import com.cloud.storage.Snapshot;
import com.cloud.storage.Volume;
import com.cloud.user.Account;
@ -103,13 +106,24 @@ public class CreateSnapshotCmd extends BaseAsyncCreateCmd {
@Override
public long getEntityOwnerId() {
Volume volume = _entityMgr.findById(Volume.class, getVolumeId());
if (volume != null) {
return volume.getAccountId();
if (volume == null) {
throw new InvalidParameterValueException("Unable to find volume by id=" + volumeId);
}
// bad id given, parent this command to SYSTEM so ERROR events are tracked
return Account.ACCOUNT_ID_SYSTEM;
Account account = _accountService.getAccount(volume.getAccountId());
//Can create templates for enabled projects/accounts only
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
Project project = _projectService.findByProjectAccountId(volume.getAccountId());
if (project.getState() != Project.State.Active) {
throw new PermissionDeniedException("Can't add resources to the project id=" + project.getId() + " in state=" + project.getState() + " as it's no longer active");
}
} else if (account.getState() == Account.State.disabled) {
throw new PermissionDeniedException("The owner of template is disabled: " + account);
}
return volume.getAccountId();
}
@Override
@ -140,7 +154,7 @@ public class CreateSnapshotCmd extends BaseAsyncCreateCmd {
@Override
public void execute() {
UserContext.current().setEventDetails("Volume Id: "+getVolumeId());
Snapshot snapshot = _snapshotService.createSnapshot(getVolumeId(), getPolicyId(), getEntityId());
Snapshot snapshot = _snapshotService.createSnapshot(getVolumeId(), getPolicyId(), getEntityId(), _accountService.getAccount(getEntityOwnerId()));
if (snapshot != null) {
SnapshotResponse response = _responseGenerator.createSnapshotResponse(snapshot);
response.setResponseName(getCommandName());

24
api/src/com/cloud/api/commands/CreateSnapshotPolicyCmd.java
View File

@ -27,6 +27,9 @@ import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.ServerApiException;
import com.cloud.api.response.SnapshotPolicyResponse;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.projects.Project;
import com.cloud.storage.Volume;
import com.cloud.storage.snapshot.SnapshotPolicy;
import com.cloud.user.Account;
@ -100,16 +103,27 @@ public class CreateSnapshotPolicyCmd extends BaseCmd {
@Override
public long getEntityOwnerId() {
Volume volume = _entityMgr.findById(Volume.class, getVolumeId());
if (volume != null) {
return volume.getAccountId();
if (volume == null) {
throw new InvalidParameterValueException("Unable to find volume by id=" + volumeId);
}
return Account.ACCOUNT_ID_SYSTEM; // no account info given, parent this command to SYSTEM so ERROR events are tracked
Account account = _accountService.getAccount(volume.getAccountId());
//Can create templates for enabled projects/accounts only
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
Project project = _projectService.findByProjectAccountId(volume.getAccountId());
if (project.getState() != Project.State.Active) {
throw new PermissionDeniedException("Can't add resources to the project id=" + project.getId() + " in state=" + project.getState() + " as it's no longer active");
}
} else if (account.getState() == Account.State.disabled) {
throw new PermissionDeniedException("The owner of template is disabled: " + account);
}
return volume.getAccountId();
}
@Override
public void execute(){
SnapshotPolicy result = _snapshotService.createPolicy(this);
SnapshotPolicy result = _snapshotService.createPolicy(this, _accountService.getAccount(getEntityOwnerId()));
if (result != null) {
SnapshotPolicyResponse response = _responseGenerator.createSnapshotPolicyResponse(result);
response.setResponseName(getCommandName());

33
api/src/com/cloud/api/commands/CreateTemplateCmd.java
View File

@ -35,7 +35,10 @@ import com.cloud.api.response.StoragePoolResponse;
import com.cloud.api.response.TemplateResponse;
import com.cloud.async.AsyncJob;
import com.cloud.event.EventTypes;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.exception.ResourceAllocationException;
import com.cloud.projects.Project;
import com.cloud.storage.Snapshot;
import com.cloud.storage.Volume;
import com.cloud.template.VirtualMachineTemplate;
@ -185,20 +188,35 @@ import com.cloud.user.UserContext;
public long getEntityOwnerId() {
Long volumeId = getVolumeId();
Long snapshotId = getSnapshotId();
Long accountId = null;
if (volumeId != null) {
Volume volume = _entityMgr.findById(Volume.class, volumeId);
if (volume != null) {
return volume.getAccountId();
accountId = volume.getAccountId();
} else {
throw new InvalidParameterValueException("Unable to find volume by id=" + volumeId);
}
} else {
Snapshot snapshot = _entityMgr.findById(Snapshot.class, snapshotId);
if (snapshot != null) {
return snapshot.getAccountId();
accountId = snapshot.getAccountId();
} else {
throw new InvalidParameterValueException("Unable to find snapshot by id=" + snapshotId);
}
}
// bad id given, parent this command to SYSTEM so ERROR events are tracked
return Account.ACCOUNT_ID_SYSTEM;
Account account = _accountService.getAccount(accountId);
//Can create templates for enabled projects/accounts only
if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
Project project = _projectService.findByProjectAccountId(accountId);
if (project.getState() != Project.State.Active) {
throw new PermissionDeniedException("Can't add resources to the project id=" + project.getId() + " in state=" + project.getState() + " as it's no longer active");
}
} else if (account.getState() == Account.State.disabled) {
throw new PermissionDeniedException("The owner of template is disabled: " + account);
}
return accountId;
}
@Override
@ -223,13 +241,12 @@ import com.cloud.user.UserContext;
@Override
public void create() throws ResourceAllocationException {
if (isBareMetal()) {
_bareMetalVmService.createPrivateTemplateRecord(this);
_bareMetalVmService.createPrivateTemplateRecord(this, _accountService.getAccount(getEntityOwnerId()));
/*Baremetal creates template record after taking image proceeded, use vmId as entity id here*/
this.setEntityId(vmId);
} else {
VirtualMachineTemplate template = null;
template = _userVmService.createPrivateTemplateRecord(this);
template = _userVmService.createPrivateTemplateRecord(this, _accountService.getAccount(getEntityOwnerId()));
if (template != null) {
this.setEntityId(template.getId());
} else {

2
api/src/com/cloud/api/commands/CreateVMGroupCmd.java
View File

@ -84,7 +84,7 @@ public class CreateVMGroupCmd extends BaseCmd{
@Override
public long getEntityOwnerId() {
Long accountId = getAccountId(accountName, domainId, projectId);
Long accountId = finalyzeAccountId(accountName, domainId, projectId, true);
if (accountId == null) {
return UserContext.current().getCaller().getId();
}

2
api/src/com/cloud/api/commands/CreateVolumeCmd.java
View File

@ -131,7 +131,7 @@ public class CreateVolumeCmd extends BaseAsyncCreateCmd {
@Override
public long getEntityOwnerId() {
Long accountId = getAccountId(accountName, domainId, projectId);
Long accountId = finalyzeAccountId(accountName, domainId, projectId, true);
if (accountId == null) {
return UserContext.current().getCaller().getId();
}

2
api/src/com/cloud/api/commands/DeleteSecurityGroupCmd.java
View File

@ -89,7 +89,7 @@ public class DeleteSecurityGroupCmd extends BaseCmd {
@Override
public long getEntityOwnerId() {
Long accountId = getAccountId(accountName, domainId, projectId);
Long accountId = finalyzeAccountId(accountName, domainId, projectId, true);
if (accountId == null) {
return UserContext.current().getCaller().getId();
}

2
api/src/com/cloud/api/commands/DeployVMCmd.java
View File

@ -281,7 +281,7 @@ public class DeployVMCmd extends BaseAsyncCreateCmd {
@Override
public long getEntityOwnerId() {
Long accountId = getAccountId(accountName, domainId, projectId);
Long accountId = finalyzeAccountId(accountName, domainId, projectId, true);
if (accountId == null) {
return UserContext.current().getCaller().getId();
}

2
api/src/com/cloud/api/commands/ListResourceLimitsCmd.java
View File

@ -94,7 +94,7 @@ public class ListResourceLimitsCmd extends BaseListCmd {
@Override
public void execute(){
List<? extends ResourceLimit> result = _resourceLimitService.searchForLimits(id, getAccountId(accountName, domainId, projectId), domainId, resourceType, this.getStartIndex(), this.getPageSizeVal());
List<? extends ResourceLimit> result = _resourceLimitService.searchForLimits(id, finalyzeAccountId(accountName, domainId, projectId, false), domainId, resourceType, this.getStartIndex(), this.getPageSizeVal());
ListResponse<ResourceLimitResponse> response = new ListResponse<ResourceLimitResponse>();
List<ResourceLimitResponse> limitResponses = new ArrayList<ResourceLimitResponse>();
for (ResourceLimit limit : result) {

2
api/src/com/cloud/api/commands/RegisterIsoCmd.java
View File

@ -152,7 +152,7 @@ public class RegisterIsoCmd extends BaseCmd {
@Override
public long getEntityOwnerId() {
Long accountId = getAccountId(accountName, domainId, projectId);
Long accountId = finalyzeAccountId(accountName, domainId, projectId, true);
if (accountId == null) {
return UserContext.current().getCaller().getId();
}

2
api/src/com/cloud/api/commands/RegisterSSHKeyPairCmd.java
View File

@ -87,7 +87,7 @@ public class RegisterSSHKeyPairCmd extends BaseCmd {
@Override
public long getEntityOwnerId() {
Long accountId = getAccountId(accountName, domainId, projectId);
Long accountId = finalyzeAccountId(accountName, domainId, projectId, true);
if (accountId == null) {
return UserContext.current().getCaller().getId();
}

2
api/src/com/cloud/api/commands/RegisterTemplateCmd.java
View File

@ -213,7 +213,7 @@ public class RegisterTemplateCmd extends BaseCmd {
@Override
public long getEntityOwnerId() {
Long accountId = getAccountId(accountName, domainId, projectId);
Long accountId = finalyzeAccountId(accountName, domainId, projectId, true);
if (accountId == null) {
return UserContext.current().getCaller().getId();
}

2
api/src/com/cloud/api/commands/RemoveVpnUserCmd.java
View File

@ -88,7 +88,7 @@ public class RemoveVpnUserCmd extends BaseAsyncCmd {
@Override
public long getEntityOwnerId() {
Long accountId = getAccountId(accountName, domainId, projectId);
Long accountId = finalyzeAccountId(accountName, domainId, projectId, true);
if (accountId == null) {
return UserContext.current().getCaller().getId();
}

2
api/src/com/cloud/api/commands/UpdateResourceCountCmd.java
View File

@ -112,7 +112,7 @@ public class UpdateResourceCountCmd extends BaseCmd {
@Override
public void execute(){
List<? extends ResourceCount> result = _resourceLimitService.recalculateResourceCount(getAccountId(accountName, domainId, projectId), getDomainId(), getResourceType());
List<? extends ResourceCount> result = _resourceLimitService.recalculateResourceCount(finalyzeAccountId(accountName, domainId, projectId, true), getDomainId(), getResourceType());
if ((result != null) && (result.size()>0)){
ListResponse<ResourceCountResponse> response = new ListResponse<ResourceCountResponse>();

4
api/src/com/cloud/api/commands/UpdateResourceLimitCmd.java
View File

@ -89,7 +89,7 @@ public class UpdateResourceLimitCmd extends BaseCmd {
@Override
public long getEntityOwnerId() {
Long accountId = getAccountId(accountName, domainId, projectId);
Long accountId = finalyzeAccountId(accountName, domainId, projectId, true);
if (accountId == null) {
return UserContext.current().getCaller().getId();
}
@ -99,7 +99,7 @@ public class UpdateResourceLimitCmd extends BaseCmd {
@Override
public void execute(){
ResourceLimit result = _resourceLimitService.updateResourceLimit(getAccountId(accountName, domainId, projectId), getDomainId(), resourceType, max);
ResourceLimit result = _resourceLimitService.updateResourceLimit(finalyzeAccountId(accountName, domainId, projectId, true), getDomainId(), resourceType, max);
if (result != null || (result == null && max != null && max.longValue() == -1L)){
ResourceLimitResponse response = _responseGenerator.createResourceLimitResponse(result);
response.setResponseName(getCommandName());

2
api/src/com/cloud/configuration/Resource.java
View File

@ -18,6 +18,8 @@
package com.cloud.configuration;
public interface Resource {
public static final short RESOURCE_UNLIMITED = -1;
public enum ResourceType{
user_vm ("user_vm", 0, ResourceOwnerType.Account, ResourceOwnerType.Domain),

10
api/src/com/cloud/network/element/LoadBalancingServiceProvider.java
View File

@ -4,6 +4,7 @@ import java.util.List;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.Network;
import com.cloud.network.PublicIpAddress;
import com.cloud.network.lb.LoadBalancingRule;
public interface LoadBalancingServiceProvider extends NetworkElement {
@ -15,4 +16,13 @@ public interface LoadBalancingServiceProvider extends NetworkElement {
* @throws ResourceUnavailableException
*/
boolean applyLBRules(Network network, List<LoadBalancingRule> rules) throws ResourceUnavailableException;
/**
* Apply ip addresses to this network service provider
* @param network
* @param ipAddress
* @return
* @throws ResourceUnavailableException
*/
boolean applyLoadBalancerIp(Network network, List<? extends PublicIpAddress> ipAddress) throws ResourceUnavailableException;
}

10
api/src/com/cloud/network/element/PortForwardingServiceProvider.java
View File

@ -4,6 +4,7 @@ import java.util.List;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.Network;
import com.cloud.network.PublicIpAddress;
import com.cloud.network.rules.PortForwardingRule;
public interface PortForwardingServiceProvider extends NetworkElement {
@ -15,4 +16,13 @@ public interface PortForwardingServiceProvider extends NetworkElement {
* @throws ResourceUnavailableException
*/
boolean applyPFRules(Network network, List<PortForwardingRule> rules) throws ResourceUnavailableException;
/**
* Apply ip addresses to this network service provider
* @param network
* @param ipAddress
* @return
* @throws ResourceUnavailableException
*/
boolean applyIps(Network network, List<? extends PublicIpAddress> ipAddress) throws ResourceUnavailableException;
}

15
api/src/com/cloud/network/element/SourceNatServiceProvider.java
View File

@ -1,4 +1,19 @@
package com.cloud.network.element;
import java.util.List;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.Network;
import com.cloud.network.PublicIpAddress;
public interface SourceNatServiceProvider extends NetworkElement {
/**
* Apply ip addresses to this network
* @param network
* @param ipAddress
* @return
* @throws ResourceUnavailableException
*/
boolean applyIps(Network network, List<? extends PublicIpAddress> ipAddress) throws ResourceUnavailableException;
}

10
api/src/com/cloud/network/element/StaticNatServiceProvider.java
View File

@ -4,6 +4,7 @@ import java.util.List;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.Network;
import com.cloud.network.PublicIpAddress;
import com.cloud.network.rules.StaticNat;
public interface StaticNatServiceProvider extends NetworkElement {
@ -15,4 +16,13 @@ public interface StaticNatServiceProvider extends NetworkElement {
* @throws ResourceUnavailableException
*/
boolean applyStaticNats(Network config, List<? extends StaticNat> rules) throws ResourceUnavailableException;
/**
* Apply ip addresses to this network service provider
* @param network
* @param ipAddress
* @return
* @throws ResourceUnavailableException
*/
boolean applyIps(Network network, List<? extends PublicIpAddress> ipAddress) throws ResourceUnavailableException;
}

9
api/src/com/cloud/storage/snapshot/SnapshotService.java
View File

@ -27,6 +27,7 @@ import com.cloud.api.commands.ListSnapshotsCmd;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.exception.ResourceAllocationException;
import com.cloud.storage.Snapshot;
import com.cloud.user.Account;
public interface SnapshotService {
@ -53,9 +54,10 @@ public interface SnapshotService {
*
* @param cmd
* the command that
* @param policyOwner TODO
* @return the newly created snapshot policy if success, null otherwise
*/
SnapshotPolicy createPolicy(CreateSnapshotPolicyCmd cmd);
SnapshotPolicy createPolicy(CreateSnapshotPolicyCmd cmd, Account policyOwner);
/**
* Get the recurring snapshots scheduled for this volume currently along with the time at which they are scheduled
@ -82,10 +84,11 @@ public interface SnapshotService {
/**
* Create a snapshot of a volume
*
* @param snapshotOwner TODO
* @param cmd
* the API command wrapping the parameters for creating the snapshot (mainly volumeId)
*
* @return the Snapshot that was created
*/
Snapshot createSnapshot(Long volumeId, Long policyId, Long snapshotId);
Snapshot createSnapshot(Long volumeId, Long policyId, Long snapshotId, Account snapshotOwner);
}

3
api/src/com/cloud/vm/UserVmService.java
View File

@ -123,10 +123,11 @@ public interface UserVmService {
* @param cmd
* the command object that defines the name, display text, snapshot/volume, bits, public/private, etc. for the
* private template
* @param templateOwner TODO
* @return the vm template object if successful, null otherwise
* @throws ResourceAllocationException
*/
VirtualMachineTemplate createPrivateTemplateRecord(CreateTemplateCmd cmd) throws ResourceAllocationException;
VirtualMachineTemplate createPrivateTemplateRecord(CreateTemplateCmd cmd, Account templateOwner) throws ResourceAllocationException;
/**
* Creates a private template from a snapshot of a VM

11
core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
View File

@ -462,6 +462,17 @@ public class VirtualRoutingResource implements Manager {
command.add("-v", cmd.getVmIpAddress());
command.add("-m", cmd.getVmMac());
command.add("-n", cmd.getVmName());
if (cmd.getDefaultRouter() != null) {
command.add(" -d " + cmd.getDefaultRouter());
}
if (cmd.getStaticRoutes() != null) {
command.add(" -s " + cmd.getStaticRoutes());
}
if (cmd.getDefaultDns() != null) {
command.add(" -N " + cmd.getDefaultDns());
}
final String result = command.execute();
return new Answer(cmd, result==null, result);

8
core/src/com/cloud/configuration/ConfigurationVO.java
View File

@ -22,6 +22,8 @@ import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.Table;
import com.cloud.utils.crypt.DBEncryptionUtil;
@Entity
@Table(name="configuration")
@ -36,7 +38,7 @@ public class ConfigurationVO implements Configuration{
@Column(name="name")
private String name;
@Column(name="value", length=4095, encryptable=true)
@Column(name="value", length=4095)
private String value;
@Column(name="description", length=1024)
@ -88,8 +90,8 @@ public class ConfigurationVO implements Configuration{
this.name = name;
}
public String getValue() {
return value;
public String getValue() {
return ("Hidden".equals(getCategory()) ? DBEncryptionUtil.decrypt(value) : value);
}
public void setValue(String value) {

2
core/src/com/cloud/host/DetailVO.java
View File

@ -38,7 +38,7 @@ public class DetailVO {
@Column(name="name")
private String name;
@Column(name="value", encryptable=true)
@Column(name="value")
private String value;
protected DetailVO() {

19
core/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
View File

@ -933,11 +933,24 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa
s_logger.info("Executing resource DhcpEntryCommand: " + _gson.toJson(cmd));
}
// ssh -p 3922 -o StrictHostKeyChecking=no -i $cert root@$domr "/root/edithosts.sh $mac $ip $vm $dfltrt $ns $staticrt" >/dev/null
String args = " " + cmd.getVmMac();
args += " " + cmd.getVmIpAddress();
args += " " + cmd.getVmName();
if (s_logger.isDebugEnabled()) {
args += " " + cmd.getVmName();
if (cmd.getDefaultRouter() != null) {
args += " " + cmd.getDefaultRouter();
}
if (cmd.getDefaultDns() != null) {
args += " " + cmd.getDefaultDns();
}
if (cmd.getStaticRoutes() != null) {
args += " " + cmd.getStaticRoutes();
}
if (s_logger.isDebugEnabled()) {
s_logger.debug("Run command on domR " + cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP) + ", /root/edithosts.sh " + args);
}

61
core/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
View File

@ -253,7 +253,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
protected long _dcId;
protected String _pod;
protected String _cluster;
protected static final XenServerPoolVms s_vms = new XenServerPoolVms();
private static final XenServerPoolVms s_vms = new XenServerPoolVms();
protected String _privateNetworkName;
protected String _linkLocalPrivateNetworkName;
protected String _publicNetworkName;
@ -1081,7 +1081,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
}
}
}
s_logger.debug("The VM " + vmName + " is in Starting state.");
s_logger.debug("1. The VM " + vmName + " is in Starting state.");
s_vms.put(_cluster, _name, vmName, State.Starting);
Host host = Host.getByUuid(conn, _host.uuid);
@ -1164,7 +1164,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
} finally {
synchronized (s_vms) {
if (state != State.Stopped) {
s_logger.debug("The VM " + vmName + " is in " + state + " state.");
s_logger.debug("2. The VM " + vmName + " is in " + state + " state.");
s_vms.put(_cluster, _name, vmName, state);
} else {
s_logger.debug("The VM is in stopped state, detected problem during startup : " + vmName);
@ -2168,7 +2168,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
Integer vncPort = null;
if (state == State.Running) {
synchronized (s_vms) {
s_logger.debug("The VM " + vmName + " is in " + State.Running + " state");
s_logger.debug("3. The VM " + vmName + " is in " + State.Running + " state");
s_vms.put(_cluster, _name, vmName, State.Running);
}
}
@ -2191,7 +2191,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
for (NicTO nic : nics) {
getNetwork(conn, nic);
}
s_logger.debug("The VM " + vm.getName() + " is in " + State.Migrating + " state");
s_logger.debug("4. The VM " + vm.getName() + " is in " + State.Migrating + " state");
s_vms.put(_cluster, _name, vm.getName(), State.Migrating);
return new PrepareForMigrationAnswer(cmd);
@ -2428,7 +2428,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
state = s_vms.getState(_cluster, vmName);
s_logger.debug("The VM " + vmName + " is in " + State.Stopping + " state");
s_logger.debug("5. The VM " + vmName + " is in " + State.Stopping + " state");
s_vms.put(_cluster, _name, vmName, State.Stopping);
try {
Set<VM> vms = VM.getByNameLabel(conn, vmName);
@ -2495,7 +2495,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
s_logger.warn(msg, e);
return new MigrateAnswer(cmd, false, msg, null);
} finally {
s_logger.debug("The VM " + vmName + " is in " + state + " state");
s_logger.debug("6. The VM " + vmName + " is in " + state + " state");
s_vms.put(_cluster, _name, vmName, state);
}
@ -2618,7 +2618,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
@Override
public RebootAnswer execute(RebootCommand cmd) {
Connection conn = getConnection();
s_logger.debug("The VM " + cmd.getVmName() + " is in " + State.Starting + " state");
s_logger.debug("7. The VM " + cmd.getVmName() + " is in " + State.Starting + " state");
s_vms.put(_cluster, _name, cmd.getVmName(), State.Starting);
try {
Set<VM> vms = null;
@ -2642,7 +2642,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
}
return new RebootAnswer(cmd, "reboot succeeded", null, null);
} finally {
s_logger.debug("The VM " + cmd.getVmName() + " is in " + State.Running + " state");
s_logger.debug("8. The VM " + cmd.getVmName() + " is in " + State.Running + " state");
s_vms.put(_cluster, _name, cmd.getVmName(), State.Running);
}
}
@ -3136,7 +3136,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
State state = s_vms.getState(_cluster, vmName);
s_logger.debug("The VM " + vmName + " is in " + State.Stopping + " state");
s_logger.debug("9. The VM " + vmName + " is in " + State.Stopping + " state");
s_vms.put(_cluster, _name, vmName, State.Stopping);
try {
@ -3198,7 +3198,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
String msg = "VM destroy failed in Stop " + vmName + " Command due to " + e.getMessage();
s_logger.warn(msg, e);
} finally {
s_logger.debug("The VM " + vmName + " is in " + state + " state");
s_logger.debug("10. The VM " + vmName + " is in " + state + " state");
s_vms.put(_cluster, _name, vmName, state);
}
}
@ -5442,25 +5442,18 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
if (!createSecondaryStorageFolder(conn, remoteVolumesMountPath, volumeFolder)) {
throw new InternalErrorException("Failed to create the volume folder.");
}
VDI vdi = VDI.getByUuid(conn, volumeUUID);
String pUuid = getVhdParent(conn, srUuid, vdi.getUuid(conn), IsISCSI(primaryStoragePool.getType(conn)));
if( pUuid != null ) {
SR secondaryStorage = null;
try {
// Create a SR for the volume UUID folder
secondaryStorage = createNfsSRbyURI(conn, new URI(secondaryStorageURL + "/volumes/" + volumeFolder), false);
// Look up the volume on the source primary storage pool
VDI srcVolume = getVDIbyUuid(conn, volumeUUID);
// Copy the volume to secondary storage
VDI destVolume = cloudVDIcopy(conn, srcVolume, secondaryStorage, wait);
String destVolumeUUID = destVolume.getUuid(conn);
return new CopyVolumeAnswer(cmd, true, null, null, destVolumeUUID);
} finally {
removeSR(conn, secondaryStorage);
}
} else {
String uuid = copy_vhd_to_secondarystorage(conn, mountpoint, volumeUUID, srUuid, wait);
return new CopyVolumeAnswer(cmd, true, null, null, uuid);
SR secondaryStorage = null;
try {
// Create a SR for the volume UUID folder
secondaryStorage = createNfsSRbyURI(conn, new URI(secondaryStorageURL + "/volumes/" + volumeFolder), false);
// Look up the volume on the source primary storage pool
VDI srcVolume = getVDIbyUuid(conn, volumeUUID);
// Copy the volume to secondary storage
VDI destVolume = cloudVDIcopy(conn, srcVolume, secondaryStorage, wait);
String destVolumeUUID = destVolume.getUuid(conn);
return new CopyVolumeAnswer(cmd, true, null, null, destVolumeUUID);
} finally {
removeSR(conn, secondaryStorage);
}
} else {
try {
@ -6644,7 +6637,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
s_logger.warn("Detecting a change in host for " + vm);
changes.put(vm, new Pair<String, State>(host_uuid, newState));
s_logger.debug("The VM " + vm + " is in " + newState + " state");
s_logger.debug("11. The VM " + vm + " is in " + newState + " state");
s_vms.put(_cluster, host_uuid, vm, newState);
continue;
}
@ -6668,7 +6661,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
changes.put(vm, new Pair<String, State>(host_uuid, newState));
} else if (oldState.second() == State.Starting) {
if (newState == State.Running) {
s_logger.debug("The VM " + vm + " is in " + State.Running + " state");
s_logger.debug("12. The VM " + vm + " is in " + State.Running + " state");
s_vms.put(_cluster, host_uuid, vm, newState);
} else if (newState == State.Stopped) {
s_logger.warn("Ignoring vm " + vm + " because of a lag in starting the vm.");
@ -6680,13 +6673,13 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
}
} else if (oldState.second() == State.Stopping) {
if (newState == State.Stopped) {
s_logger.debug("The VM " + vm + " is in " + State.Stopped + " state");
s_logger.debug("13. The VM " + vm + " is in " + State.Stopped + " state");
s_vms.put(_cluster, host_uuid, vm, newState);
} else if (newState == State.Running) {
s_logger.warn("Ignoring vm " + vm + " because of a lag in stopping the vm. ");
}
} else if (oldState.second() != newState) {
s_logger.debug("The VM " + vm + " is in " + newState + " state was " + oldState.second());
s_logger.debug("14. The VM " + vm + " is in " + newState + " state was " + oldState.second());
s_vms.put(_cluster, host_uuid, vm, newState);
if (newState == State.Stopped) {
/*

3
core/src/com/cloud/storage/resource/NfsSecondaryStorageResource.java
View File

@ -153,6 +153,8 @@ public class NfsSecondaryStorageResource extends ServerResourceBase implements S
return execute((ListTemplateCommand)cmd);
} else if (cmd instanceof downloadSnapshotFromSwiftCommand){
return execute((downloadSnapshotFromSwiftCommand)cmd);
} else if (cmd instanceof DeleteSnapshotBackupCommand){
return execute((DeleteSnapshotBackupCommand)cmd);
} else if (cmd instanceof DeleteSnapshotsDirCommand){
return execute((DeleteSnapshotsDirCommand)cmd);
} else if (cmd instanceof downloadTemplateFromSwiftToSecondaryStorageCommand) {
@ -391,6 +393,7 @@ public class NfsSecondaryStorageResource extends ServerResourceBase implements S
}
}
}
return new Answer(cmd, true, "success");
} catch (Exception e) {
String msg = cmd + " Command failed due to " + e.toString();

4
core/src/com/cloud/vm/UserVmVO.java
View File

@ -126,4 +126,8 @@ public class UserVmVO extends VMInstanceVO implements UserVm {
public void setAccountId(long accountId){
this.accountId = accountId;
}
public void setDomainId(long domainId){
this.domainId = domainId;
}
}

250
scripts/vm/hypervisor/xenserver/vmops
View File

@ -385,6 +385,7 @@ def can_bridge_firewall(session, args):
util.pread2(['iptables', '-D', 'FORWARD', '-j', 'RH-Firewall-1-INPUT'])
except:
util.SMlog('Chain BRIDGE-FIREWALL already exists')
default_ebtables_rules()
privnic = get_private_nic(session, args)
result = 'true'
try:
@ -405,6 +406,30 @@ def can_bridge_firewall(session, args):
return result
@echo
def default_ebtables_rules():
try:
util.pread2(['ebtables', '-N', 'DEFAULT_EBTABLES'])
util.pread2(['ebtables', '-A', 'FORWARD', '-j' 'DEFAULT_EBTABLES'])
util.pread2(['ebtables', '-A', 'DEFAULT_EBTABLES', '-p', 'IPv4', '--ip-dst', '255.255.255.255', '--ip-proto', 'udp', '--ip-dport', '67', '-j', 'ACCEPT'])
util.pread2(['ebtables', '-A', 'DEFAULT_EBTABLES', '-p', 'ARP', '--arp-op', 'Request', '-j', 'ACCEPT'])
util.pread2(['ebtables', '-A', 'DEFAULT_EBTABLES', '-p', 'ARP', '--arp-op', 'Reply', '-j', 'ACCEPT'])
# deny mac broadcast and multicast
util.pread2(['ebtables', '-A', 'DEFAULT_EBTABLES', '-p', 'IPv4', '-d', 'Broadcast', '-j', 'DROP'])
util.pread2(['ebtables', '-A', 'DEFAULT_EBTABLES', '-p', 'IPv4', '-d', 'Multicast', '-j', 'DROP'])
# deny ip broadcast and multicast
util.pread2(['ebtables', '-A', 'DEFAULT_EBTABLES', '-p', 'IPv4', '--ip-dst', '255.255.255.255', '-j', 'DROP'])
util.pread2(['ebtables', '-A', 'DEFAULT_EBTABLES', '-p', 'IPv4', '--ip-dst', '224.0.0.0/4', '-j', 'DROP'])
util.pread2(['ebtables', '-A', 'DEFAULT_EBTABLES', '-p', 'IPv4', '-j', 'RETURN'])
# deny ipv6
util.pread2(['ebtables', '-A', 'DEFAULT_EBTABLES', '-p', 'IPv6', '-j', 'DROP'])
# deny vlan
util.pread2(['ebtables', '-A', 'DEFAULT_EBTABLES', '-p', '802_1Q', '-j', 'DROP'])
# deny all other 802. frames
util.pread2(['ebtables', '-A', 'FORWARD', '-j', 'DROP'])
except:
util.SMlog('Chain DEFAULT_EBTABLES already exists')
@echo
def allow_egress_traffic(session):
devs = []
@ -526,74 +551,119 @@ def destroy_network_rules_for_vm(session, args):
@echo
def destroy_ebtables_rules(vm_chain):
delcmd = "ebtables-save | grep ROUTING | grep " + vm_chain + " | sed 's/-A/-D/'"
delcmd = "ebtables-save | grep " + vm_chain + " | sed 's/-A/-D/'"
delcmds = util.pread2(['/bin/bash', '-c', delcmd]).split('\n')
delcmds.pop()
for cmd in delcmds:
try:
dc = cmd.split(' ')
dc.insert(0, 'ebtables')
dc.insert(1, '-t')
dc.insert(2, 'nat')
util.pread2(dc)
except:
util.SMlog("Ignoring failure to delete ebtables rules for vm " + vm_chain)
chains = [vm_chain+"-in", vm_chain+"-out"]
for chain in chains:
try:
util.pread2(['ebtables', '-t', 'nat', '-F', chain])
util.pread2(['ebtables', '-t', 'nat', '-X', chain])
except:
try:
util.pread2(['ebtables', '-F', vm_chain])
util.pread2(['ebtables', '-X', vm_chain])
except:
util.SMlog("Ignoring failure to delete ebtables chain for vm " + vm_chain)
@echo
def destroy_arptables_rules(vm_chain):
delcmd = "arptables -vL FORWARD | grep " + vm_chain + " | sed 's/-i any//' | sed 's/-o any//' | awk '{print $1,$2,$3,$4}' "
delcmds = util.pread2(['/bin/bash', '-c', delcmd]).split('\n')
delcmds.pop()
for cmd in delcmds:
try:
dc = cmd.split(' ')
dc.insert(0, 'arptables')
dc.insert(1, '-D')
dc.insert(2, 'FORWARD')
util.pread2(dc)
except:
util.SMlog("Ignoring failure to delete arptables rules for vm " + vm_chain)
try:
util.pread2(['arptables', '-F', vm_chain])
util.pread2(['arptables', '-X', vm_chain])
except:
util.SMlog("Ignoring failure to delete arptables chain for vm " + vm_chain)
@echo
def default_ebtables_rules(vm_chain, vif, vm_ip, vm_mac):
def default_ebtables_antispoof_rules(vm_chain, vifs, vm_ip, vm_mac):
if vm_mac == 'ff:ff:ff:ff:ff:ff':
util.SMlog("Ignoring since mac address is not valid")
return 'true'
vmchain_in = vm_chain + "-in"
vmchain_out = vm_chain + "-out"
for chain in [vmchain_in, vmchain_out]:
try:
util.pread2(['ebtables', '-N', vm_chain])
except:
try:
util.pread2(['ebtables', '-t', 'nat', '-N', chain])
util.pread2(['ebtables', '-F', vm_chain])
except:
try:
util.pread2(['ebtables', '-t', 'nat', '-F', chain])
except:
util.SMlog("Failed to create ebtables nat rule, skipping")
return 'true'
util.SMlog("Failed to create ebtables antispoof chain, skipping")
return 'true'
try:
# -s ! 52:54:0:56:44:32 -j DROP
util.pread2(['ebtables', '-t', 'nat', '-A', 'PREROUTING', '-i', vif, '-j', vmchain_in])
util.pread2(['ebtables', '-t', 'nat', '-A', 'POSTROUTING', '-o', vif, '-j', vmchain_out])
for vif in vifs:
util.pread2(['ebtables', '-I', 'FORWARD', '2', '-i', vif, '-j', vm_chain])
util.pread2(['ebtables', '-I', 'FORWARD', '2', '-o', vif, '-j', vm_chain])
except:
util.SMlog("Failed to program default rules")
util.SMlog("Failed to program default ebtables FORWARD rules for %s" % vm_chain)
return 'false'
try:
for vif in vifs:
# only allow source mac that belongs to the vm
util.pread2(['ebtables', '-A', vm_chain, '-i', vif, '-s', '!', vm_mac, '-j', 'DROP'])
# do not allow fake dhcp responses
util.pread2(['ebtables', '-A', vm_chain, '-i', vif, '-p', 'IPv4', '--ip-proto', 'udp', '--ip-dport', '68', '-j', 'DROP'])
# do not allow snooping of dhcp requests
util.pread2(['ebtables', '-A', vm_chain, '-o', vif, '-p', 'IPv4', '--ip-proto', 'udp', '--ip-dport', '67', '-j', 'DROP'])
except:
util.SMlog("Failed to program default ebtables antispoof rules for %s" % vm_chain)
return 'false'
return 'true'
@echo
def default_arp_antispoof(vm_chain, vifs, vm_ip, vm_mac):
if vm_mac == 'ff:ff:ff:ff:ff:ff':
util.SMlog("Ignoring since mac address is not valid")
return 'true'
try:
util.pread2(['arptables', '-N', vm_chain])
except:
try:
util.pread2(['arptables', '-F', vm_chain])
except:
util.SMlog("Failed to create arptables rule, skipping")
return 'true'
try:
for vif in vifs:
util.pread2(['arptables', '-A', 'FORWARD', '-i', vif, '-j', vm_chain])
util.pread2(['arptables', '-A', 'FORWARD', '-o', vif, '-j', vm_chain])
except:
util.SMlog("Failed to program default arptables rules in FORWARD chain vm=" + vm_chain)
return 'false'
try:
util.pread2(['ebtables', '-t', 'nat', '-A', vmchain_in, '-i', vif, '-s', '!', vm_mac, '-j', 'DROP'])
util.pread2(['ebtables', '-t', 'nat', '-A', vmchain_in, '-p', 'ARP', '-s', '!', vm_mac, '-j', 'DROP'])
util.pread2(['ebtables', '-t', 'nat', '-A', vmchain_in, '-p', 'ARP', '--arp-mac-src', '!', vm_mac, '-j', 'DROP'])
util.pread2(['ebtables', '-t', 'nat', '-A', vmchain_in, '-p', 'ARP', '--arp-ip-src', '!', vm_ip, '-j', 'DROP'])
util.pread2(['ebtables', '-t', 'nat', '-A', vmchain_in, '-p', 'ARP', '--arp-op', 'Request', '-j', 'ACCEPT'])
util.pread2(['ebtables', '-t', 'nat', '-A', vmchain_in, '-p', 'ARP', '--arp-op', 'Reply', '-j', 'ACCEPT'])
util.pread2(['ebtables', '-t', 'nat', '-A', vmchain_in, '-p', 'ARP', '-j', 'DROP'])
for vif in vifs:
#accept arp replies into the bridge as long as the source mac and ips match the vm
util.pread2(['arptables', '-A', vm_chain, '-i', vif, '--opcode', 'Reply', '--source-mac', vm_mac, '--source-ip', vm_ip, '-j', 'ACCEPT'])
#accept any arp requests from this vm. In the future this can be restricted to deny attacks on hosts
util.pread2(['arptables', '-A', vm_chain, '-i', vif, '--opcode', 'Request', '-j', 'ACCEPT'])
#accept any arp requests to this vm as long as the request is for this vm's ip
util.pread2(['arptables', '-A', vm_chain, '-o', vif, '--opcode', 'Request', '--destination-ip', vm_ip, '-j', 'ACCEPT'])
#accept any arp replies to this vm as long as the mac and ip matches
util.pread2(['arptables', '-A', vm_chain, '-o', vif, '--opcode', 'Reply', '--destination-mac', vm_mac, '--destination-ip', vm_ip, '-j', 'ACCEPT'])
util.pread2(['arptables', '-A', vm_chain, '-j', 'DROP'])
except:
util.SMlog("Failed to program default ebtables IN rules")
util.SMlog("Failed to program default arptables rules")
return 'false'
try:
util.pread2(['ebtables', '-t', 'nat', '-A', vmchain_out, '-p', 'ARP', '--arp-op', 'Reply', '--arp-mac-dst', '!', vm_mac, '-j', 'DROP'])
util.pread2(['ebtables', '-t', 'nat', '-A', vmchain_out, '-p', 'ARP', '--arp-ip-dst', '!', vm_ip, '-j', 'DROP'])
util.pread2(['ebtables', '-t', 'nat', '-A', vmchain_out, '-p', 'ARP', '--arp-op', 'Request', '-j', 'ACCEPT'])
util.pread2(['ebtables', '-t', 'nat', '-A', vmchain_out, '-p', 'ARP', '--arp-op', 'Reply', '-j', 'ACCEPT'])
util.pread2(['ebtables', '-t', 'nat', '-A', vmchain_out, '-p', 'ARP', '-j', 'DROP'])
except:
util.SMlog("Failed to program default ebtables OUT rules")
return 'false'
return 'true'
@echo
@ -722,15 +792,16 @@ def default_network_rules(session, args):
util.SMlog("Failed to program default rules for vm " + vm_name)
return 'false'
for v in vifs:
default_ebtables_rules(vmchain, v, vm_ip, vm_mac)
default_arp_antispoof(vmchain, vifs, vm_ip, vm_mac)
default_ebtables_antispoof_rules(vmchain, vifs, vm_ip, vm_mac)
if write_rule_log_for_vm(vm_name, vm_id, vm_ip, domid, '_initial_', '-1') == False:
if write_rule_log_for_vm(vm_name, vm_id, vm_ip, domid, '_initial_', '-1', vm_mac) == False:
util.SMlog("Failed to log default network rules, ignoring")
util.SMlog("Programmed default rules for vm " + vm_name)
return 'true'
@echo
def check_domid_changed(session, vmName):
curr_domid = '-1'
try:
@ -750,18 +821,22 @@ def check_domid_changed(session, vmName):
lines = (line.rstrip() for line in open(logfilename))
[_vmName,_vmID,_vmIP,old_domid,_signature,_seqno] = ['_', '-1', '_', '-1', '_', '-1']
[_vmName,_vmID,_vmIP,old_domid,_signature,_seqno, _vmMac] = ['_', '-1', '_', '-1', '_', '-1', 'ff:ff:ff:ff:ff:ff']
for line in lines:
[_vmName,_vmID,_vmIP,old_domid,_signature,_seqno] = line.split(',')
try:
[_vmName,_vmID,_vmIP,old_domid,_signature,_seqno,_vmMac] = line.split(',')
except ValueError,v:
[_vmName,_vmID,_vmIP,old_domid,_signature,_seqno] = line.split(',')
break
return [curr_domid, old_domid]
@echo
def delete_rules_for_vm_in_bridge_firewall_chain(vmName):
vm_name = vmName
vmchain = chain_name_def(vm_name)
delcmd = "iptables -S BRIDGE-FIREWALL | grep " + vmchain + " | sed 's/-A/-D/'"
delcmd = "iptables-save | grep '\-A BRIDGE-FIREWALL' | grep " + vmchain + " | sed 's/-A/-D/'"
delcmds = util.pread2(['/bin/bash', '-c', delcmd]).split('\n')
delcmds.pop()
for cmd in delcmds:
@ -769,11 +844,12 @@ def delete_rules_for_vm_in_bridge_firewall_chain(vmName):
dc = cmd.split(' ')
dc.insert(0, 'iptables')
dc.pop()
util.pread2(dc)
util.pread2(filter(None, dc))
except:
util.SMlog("Ignoring failure to delete rules for vm " + vmName)
@echo
def network_rules_for_rebooted_vm(session, vmName):
vm_name = vmName
[curr_domid, old_domid] = check_domid_changed(session, vm_name)
@ -811,12 +887,15 @@ def network_rules_for_rebooted_vm(session, vmName):
#change antispoof rule in vmchain
try:
delcmd = "iptables -S " + vmchain_default + " | grep physdev-in | sed 's/-A/-D/'"
inscmd = "iptables -S " + vmchain_default + " | grep physdev-in | grep vif | sed -r 's/vif[0-9]+.0/" + vif + "/' | sed 's/-A/-I/'"
inscmd2 = "iptables -S " + vmchain_default + " | grep physdev-in | grep tap | sed -r 's/tap[0-9]+.0/" + tap + "/' | sed 's/-A/-I/'"
delcmd = "iptables-save | grep '\-A " + vmchain_default + "' | grep physdev-in | sed 's/-A/-D/'"
delcmd2 = "iptables-save | grep '\-A " + vmchain_default + "' | grep physdev-out | sed 's/-A/-D/'"
inscmd = "iptables-save | grep '\-A " + vmchain_default + "' | grep physdev-in | grep vif | sed -r 's/vif[0-9]+.0/" + vif + "/' | sed 's/-A/-I/'"
inscmd2 = "iptables-save| grep '\-A " + vmchain_default + "' | grep physdev-in | grep tap | sed -r 's/tap[0-9]+.0/" + tap + "/' | sed 's/-A/-I/'"
inscmd3 = "iptables-save | grep '\-A " + vmchain_default + "' | grep physdev-out | grep vif | sed -r 's/vif[0-9]+.0/" + vif + "/' | sed 's/-A/-I/'"
inscmd4 = "iptables-save| grep '\-A " + vmchain_default + "' | grep physdev-out | grep tap | sed -r 's/tap[0-9]+.0/" + tap + "/' | sed 's/-A/-I/'"
ipts = []
for cmd in [delcmd, inscmd, inscmd2]:
for cmd in [delcmd, delcmd2, inscmd, inscmd2, inscmd3, inscmd4]:
cmds = util.pread2(['/bin/bash', '-c', cmd]).split('\n')
cmds.pop()
for c in cmds:
@ -827,12 +906,17 @@ def network_rules_for_rebooted_vm(session, vmName):
for ipt in ipts:
try:
util.pread2(ipt)
util.pread2(filter(None,ipt))
except:
util.SMlog("Failed to rewrite antispoofing rules for vm " + vm_name)
except:
util.SMlog("No rules found for vm " + vm_name)
destroy_ebtables_rules(vmchain)
destroy_arptables_rules(vmchain)
[vm_ip, vm_mac] = get_vm_mac_ip_from_log(vmchain)
default_arp_antispoof(vmchain, vifs, vm_ip, vm_mac)
default_ebtables_antispoof_rules(vmchain, vifs, vm_ip, vm_mac)
rewrite_rule_log_for_vm(vm_name, curr_domid)
return True
@ -842,12 +926,15 @@ def rewrite_rule_log_for_vm(vm_name, new_domid):
return
lines = (line.rstrip() for line in open(logfilename))
[_vmName,_vmID,_vmIP,_domID,_signature,_seqno] = ['_', '-1', '_', '-1', '_', '-1']
[_vmName,_vmID,_vmIP,_domID,_signature,_seqno,_vmMac] = ['_', '-1', '_', '-1', '_', '-1','ff:ff:ff:ff:ff:ff']
for line in lines:
[_vmName,_vmID,_vmIP,_domID,_signature,_seqno] = line.split(',')
break
try:
[_vmName,_vmID,_vmIP,_domID,_signature,_seqno,_vmMac] = line.split(',')
break
except ValueError,v:
[_vmName,_vmID,_vmIP,_domID,_signature,_seqno] = line.split(',')
write_rule_log_for_vm(_vmName, _vmID, '0.0.0.0', new_domid, _signature, '-1')
write_rule_log_for_vm(_vmName, _vmID, _vmIP, new_domid, _signature, '-1', _vmMac)
def get_rule_log_for_vm(session, vmName):
vm_name = vmName;
@ -857,13 +944,33 @@ def get_rule_log_for_vm(session, vmName):
lines = (line.rstrip() for line in open(logfilename))
[_vmName,_vmID,_vmIP,_domID,_signature,_seqno] = ['_', '-1', '_', '-1', '_', '-1']
[_vmName,_vmID,_vmIP,_domID,_signature,_seqno,_vmMac] = ['_', '-1', '_', '-1', '_', '-1', 'ff:ff:ff:ff:ff:ff']
for line in lines:
[_vmName,_vmID,_vmIP,_domID,_signature,_seqno] = line.split(',')
break
try:
[_vmName,_vmID,_vmIP,_domID,_signature,_seqno,_vmMac] = line.split(',')
break
except ValueError,v:
[_vmName,_vmID,_vmIP,_domID,_signature,_seqno] = line.split(',')
return ','.join([_vmName, _vmID, _vmIP, _domID, _signature, _seqno])
@echo
def get_vm_mac_ip_from_log(vm_name):
[_vmName,_vmID,_vmIP,_domID,_signature,_seqno,_vmMac] = ['_', '-1', '0.0.0.0', '-1', '_', '-1','ff:ff:ff:ff:ff:ff']
logfilename = "/var/run/cloud/" + vm_name +".log"
if not os.path.exists(logfilename):
return ['_', '_']
lines = (line.rstrip() for line in open(logfilename))
for line in lines:
try:
[_vmName,_vmID,_vmIP,_domID,_signature,_seqno,_vmMac] = line.split(',')
break
except ValueError,v:
[_vmName,_vmID,_vmIP,_domID,_signature,_seqno] = line.split(',')
return [ _vmIP, _vmMac]
@echo
def get_rule_logs_for_vms(session, args):
host_uuid = args.pop('host_uuid')
@ -956,10 +1063,13 @@ def check_rule_log_for_vm(vmName, vmID, vmIP, domID, signature, seqno):
lines = (line.rstrip() for line in open(logfilename))
[_vmName,_vmID,_vmIP,_domID,_signature,_seqno] = ['_', '-1', '_', '-1', '_', '-1']
[_vmName,_vmID,_vmIP,_domID,_signature,_seqno,_vmMac] = ['_', '-1', '_', '-1', '_', '-1', 'ff:ff:ff:ff:ff:ff']
try:
for line in lines:
[_vmName,_vmID,_vmIP,_domID,_signature,_seqno] = line.split(',')
try:
[_vmName,_vmID,_vmIP,_domID,_signature,_seqno, _vmMac] = line.split(',')
except ValueError,v:
[_vmName,_vmID,_vmIP,_domID,_signature,_seqno] = line.split(',')
break
except:
util.SMlog("Failed to parse log file for vm " + vmName)
@ -1002,12 +1112,12 @@ def check_rule_log_for_vm(vmName, vmID, vmIP, domID, signature, seqno):
@echo
def write_rule_log_for_vm(vmName, vmID, vmIP, domID, signature, seqno):
def write_rule_log_for_vm(vmName, vmID, vmIP, domID, signature, seqno, vmMac='ff:ff:ff:ff:ff:ff'):
vm_name = vmName
logfilename = "/var/run/cloud/" + vm_name +".log"
util.SMlog("Writing log to " + logfilename)
logf = open(logfilename, 'w')
output = ','.join([vmName, vmID, vmIP, domID, signature, seqno])
output = ','.join([vmName, vmID, vmIP, domID, signature, seqno, vmMac])
result = True
try:
logf.write(output)
@ -1044,6 +1154,7 @@ def network_rules(session, args):
vm_name = args.get('vmName')
vm_ip = args.get('vmIP')
vm_id = args.get('vmID')
vm_mac = args.get('vmMAC')
signature = args.pop('signature')
seqno = args.pop('seqno')
deflated = 'false'
@ -1083,7 +1194,7 @@ def network_rules(session, args):
reason = 'seqno_same_sig_same'
if rewriteLog:
reason = 'seqno_increased_sig_same'
write_rule_log_for_vm(vm_name, vm_id, vm_ip, domid, signature, seqno)
write_rule_log_for_vm(vm_name, vm_id, vm_ip, domid, signature, seqno, vm_mac)
util.SMlog("Programming network rules for vm %s seqno=%s signature=%s guestIp=%s,"\
" do nothing, reason=%s" % (vm_name, seqno, signature, vm_ip, reason))
return 'true'
@ -1181,7 +1292,7 @@ def network_rules(session, args):
util.pread2(['iptables', '-A', vmchain, '-j', 'DROP'])
if write_rule_log_for_vm(vm_name, vm_id, vm_ip, domid, signature, seqno) == False:
if write_rule_log_for_vm(vm_name, vm_id, vm_ip, domid, signature, seqno, vm_mac) == False:
return 'false'
return 'true'
@ -1246,4 +1357,3 @@ if __name__ == "__main__":
"setLinkLocalIP":setLinkLocalIP, "lt2p_vpn":lt2p_vpn,
"cleanup_rules":cleanup_rules, "checkRouter":checkRouter,
"bumpUpPriority":bumpUpPriority, "getDomRVersion":getDomRVersion })

1208
scripts/vm/hypervisor/xenserver/vmops.orig
View File

File diff suppressed because it is too large Load Diff

4
server/src/com/cloud/agent/manager/AgentManagerImpl.java
View File

@ -153,8 +153,6 @@ public class AgentManagerImpl implements AgentManager, HandlerFactory, Manager {
@Inject
protected HostDao _hostDao = null;
@Inject
protected HostDetailsDao _detailsDao = null;
@Inject
protected DataCenterDao _dcDao = null;
@Inject
protected DataCenterIpAddressDao _privateIPAddressDao = null;
@ -173,8 +171,6 @@ public class AgentManagerImpl implements AgentManager, HandlerFactory, Manager {
@Inject
protected StoragePoolHostDao _storagePoolHostDao = null;
@Inject
protected HostDetailsDao _hostDetailsDao = null;
@Inject
protected ClusterDao _clusterDao = null;
@Inject
protected ClusterDetailsDao _clusterDetailsDao = null;

2
server/src/com/cloud/baremetal/BareMetalVmManagerImpl.java
View File

@ -140,7 +140,7 @@ public class BareMetalVmManagerImpl extends UserVmManagerImpl implements BareMet
}
@Override
public VMTemplateVO createPrivateTemplateRecord(CreateTemplateCmd cmd) throws ResourceAllocationException {
public VMTemplateVO createPrivateTemplateRecord(CreateTemplateCmd cmd, Account templateOwner) throws ResourceAllocationException {
/*Baremetal creates record after host rebooting for imaging, in createPrivateTemplate*/
return null;
}

2
server/src/com/cloud/configuration/ConfigurationManager.java
View File

@ -59,7 +59,7 @@ public interface ConfigurationManager extends ConfigurationService, Manager {
* @param name
* @param value
*/
void updateConfiguration(long userId, String name, String value);
void updateConfiguration(long userId, String name, String category, String value);
/**
* Creates a new service offering

26
server/src/com/cloud/configuration/ConfigurationManagerImpl.java
View File

@ -194,8 +194,6 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
@Inject
VlanDao _vlanDao;
@Inject
HostDetailsDao _hostDetailsDao;
@Inject
IPAddressDao _publicIpAddressDao;
@Inject
DataCenterIpAddressDao _privateIpAddressDao;
@ -299,7 +297,7 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
s_logger.warn("Management network CIDR is not configured originally. Set it default to " + localCidrs[0]);
_alertMgr.sendAlert(AlertManager.ALERT_TYPE_MANAGMENT_NODE, 0, new Long(0), "Management network CIDR is not configured originally. Set it default to " + localCidrs[0], "");
_configDao.update(Config.ManagementNetwork.key(), localCidrs[0]);
_configDao.update(Config.ManagementNetwork.key(), Config.ManagementNetwork.getCategory(), localCidrs[0]);
} else {
s_logger.warn("Management network CIDR is not properly configured and we are not able to find a default setting");
_alertMgr.sendAlert(AlertManager.ALERT_TYPE_MANAGMENT_NODE, 0, new Long(0), "Management network CIDR is not properly configured and we are not able to find a default setting", "");
@ -316,7 +314,7 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
@Override
@DB
public void updateConfiguration(long userId, String name, String value) {
public void updateConfiguration(long userId, String name, String category, String value) {
if (value != null && (value.trim().isEmpty() || value.equals("null"))) {
value = null;
}
@ -332,7 +330,7 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
Transaction txn = Transaction.currentTxn();
txn.start();
if (!_configDao.update(name, value)) {
if (!_configDao.update(name, category, value)) {
s_logger.error("Failed to update configuration option, name: " + name + ", value:" + value);
throw new CloudRuntimeException("Failed to update configuration value. Please contact Cloud Support.");
}
@ -343,7 +341,7 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
String sql = "update host_details set value=? where name=?";
try {
pstmt = txn.prepareAutoCloseStatement(sql);
pstmt.setString(1, DBEncryptionUtil.encrypt(value));
pstmt.setString(1, value);
pstmt.setString(2, "guest.network.device");
pstmt.executeUpdate();
@ -354,7 +352,7 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
String sql = "update host_details set value=? where name=?";
try {
pstmt = txn.prepareAutoCloseStatement(sql);
pstmt.setString(1, DBEncryptionUtil.encrypt(value));
pstmt.setString(1, value);
pstmt.setString(2, "private.network.device");
pstmt.executeUpdate();
@ -365,7 +363,7 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
String sql = "update host_details set value=? where name=?";
try {
pstmt = txn.prepareAutoCloseStatement(sql);
pstmt.setString(1, DBEncryptionUtil.encrypt(value));
pstmt.setString(1, value);
pstmt.setString(2, "public.network.device");
pstmt.executeUpdate();
@ -376,7 +374,7 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
String sql = "update host_details set value=? where name=?";
try {
pstmt = txn.prepareAutoCloseStatement(sql);
pstmt.setString(1, DBEncryptionUtil.encrypt(value));
pstmt.setString(1, value);
pstmt.setString(2, "storage.network.device1");
pstmt.executeUpdate();
@ -387,7 +385,7 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
String sql = "update host_details set value=? where name=?";
try {
pstmt = txn.prepareAutoCloseStatement(sql);
pstmt.setString(1, DBEncryptionUtil.encrypt(value));
pstmt.setString(1, value);
pstmt.setString(2, "storage.network.device2");
pstmt.executeUpdate();
@ -435,7 +433,8 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
String value = cmd.getValue();
UserContext.current().setEventDetails(" Name: " + name + " New Value: " + ((value == null) ? "" : value));
// check if config value exists
if (_configDao.findByName(name) == null) {
ConfigurationVO config = _configDao.findByName(name);
if (config == null) {
throw new InvalidParameterValueException("Config parameter with name " + name + " doesn't exist");
}
@ -443,7 +442,7 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
return _configDao.findByName(name);
}
updateConfiguration(userId, name, value);
updateConfiguration(userId, name, config.getCategory(), value);
if (_configDao.getValue(name).equalsIgnoreCase(value)) {
return _configDao.findByName(name);
} else {
@ -2773,6 +2772,9 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
String value = cmd.getValue();
String description = cmd.getDescription();
try {
if("Hidden".equals(category)){
value = DBEncryptionUtil.encrypt(value);
}
ConfigurationVO entity = new ConfigurationVO(category, instance, component, name, value, description);
_configDao.persist(entity);
s_logger.info("Successfully added configuration value into db: category:" + category + " instance:" + instance + " component:" + component + " name:" + name + " value:" + value);

4
server/src/com/cloud/configuration/dao/ConfigurationDao.java
View File

@ -59,7 +59,7 @@ public interface ConfigurationDao extends GenericDao<ConfigurationVO, String> {
*/
public String getValue(String name);
public String getValueAndInitIfNotExist(String name, String initValue);
public String getValueAndInitIfNotExist(String name, String category, String initValue);
/**
@ -70,5 +70,5 @@ public interface ConfigurationDao extends GenericDao<ConfigurationVO, String> {
ConfigurationVO findByName(String name);
ConfigurationVO persistConfigValue(ConfigurationVO config);
boolean update(String name, String category, String value);
}

81
server/src/com/cloud/configuration/dao/ConfigurationDaoImpl.java
View File

@ -26,7 +26,6 @@ import java.util.Map;
import javax.ejb.Local;
import javax.naming.ConfigurationException;
import javax.persistence.EntityExistsException;
import org.apache.log4j.Logger;
@ -77,15 +76,18 @@ public class ConfigurationDaoImpl extends GenericDaoBase<ConfigurationVO, String
if (config.getValue() != null)
_configs.put(config.getName(), config.getValue());
}
if(!"DEFAULT".equals(instance)){
//Default instance params are already added, need not add again
sc = InstanceSearch.create();
sc.setParameters("instance", instance);
sc = InstanceSearch.create();
sc.setParameters("instance", instance);
configurations = listIncludingRemovedBy(sc);
configurations = listIncludingRemovedBy(sc);
for (ConfigurationVO config : configurations) {
if (config.getValue() != null)
_configs.put(config.getName(), config.getValue());
for (ConfigurationVO config : configurations) {
if (config.getValue() != null)
_configs.put(config.getName(), config.getValue());
}
}
}
@ -120,12 +122,13 @@ public class ConfigurationDaoImpl extends GenericDaoBase<ConfigurationVO, String
return true;
}
@Override
//Use update method with category instead
@Override @Deprecated
public boolean update(String name, String value) {
Transaction txn = Transaction.currentTxn();
try {
PreparedStatement stmt = txn.prepareStatement(UPDATE_CONFIGURATION_SQL);
stmt.setString(1, DBEncryptionUtil.encrypt(value));
stmt.setString(1, value);
stmt.setString(2, name);
stmt.executeUpdate();
return true;
@ -134,25 +137,32 @@ public class ConfigurationDaoImpl extends GenericDaoBase<ConfigurationVO, String
}
return false;
}
@Override
public boolean update(String name, String category, String value) {
Transaction txn = Transaction.currentTxn();
try {
value = "Hidden".equals(category) ? DBEncryptionUtil.encrypt(value) : value;
PreparedStatement stmt = txn.prepareStatement(UPDATE_CONFIGURATION_SQL);
stmt.setString(1, value);
stmt.setString(2, name);
stmt.executeUpdate();
return true;
} catch (Exception e) {
s_logger.warn("Unable to update Configuration Value", e);
}
return false;
}
@Override
public String getValue(String name) {
SearchCriteria<ConfigurationVO> sc = NameSearch.create();
sc.setParameters("name", name);
List<ConfigurationVO> configurations = listIncludingRemovedBy(sc);
if (configurations.size() == 0) {
return null;
}
ConfigurationVO config = configurations.get(0);
String value = config.getValue();
return value;
ConfigurationVO config = findByName(name);
return (config == null) ? null : config.getValue();
}
@Override
@DB
public String getValueAndInitIfNotExist(String name, String initValue) {
public String getValueAndInitIfNotExist(String name, String category, String initValue) {
Transaction txn = Transaction.currentTxn();
PreparedStatement stmt = null;
PreparedStatement stmtInsert = null;
@ -166,19 +176,26 @@ public class ConfigurationDaoImpl extends GenericDaoBase<ConfigurationVO, String
returnValue = rs.getString(1);
if(returnValue != null) {
txn.commit();
return DBEncryptionUtil.decrypt(returnValue);
if("Hidden".equals(category)){
return DBEncryptionUtil.decrypt(returnValue);
} else {
return returnValue;
}
} else {
// restore init value
returnValue = initValue;
}
}
stmt.close();
if("Hidden".equals(category)){
initValue = DBEncryptionUtil.encrypt(initValue);
}
stmtInsert = txn.prepareAutoCloseStatement(
"INSERT INTO configuration(instance, name, value, description) VALUES('DEFAULT', ?, ?, '') ON DUPLICATE KEY UPDATE value=?");
stmtInsert.setString(1, name);
stmtInsert.setString(2, DBEncryptionUtil.encrypt(initValue));
stmtInsert.setString(3, DBEncryptionUtil.encrypt(initValue));
stmtInsert.setString(2, initValue);
stmtInsert.setString(3, initValue);
if(stmtInsert.executeUpdate() < 1) {
throw new CloudRuntimeException("Unable to init configuration variable: " + name);
}
@ -197,16 +214,4 @@ public class ConfigurationDaoImpl extends GenericDaoBase<ConfigurationVO, String
return findOneIncludingRemovedBy(sc);
}
@Override
public ConfigurationVO persistConfigValue(ConfigurationVO config) {
ConfigurationVO vo = findByName(config.getName());
if (vo != null) {
return vo;
}
try {
return persist(config);
} catch (EntityExistsException e) {
return findByName(config.getName());
}
}
}

6
server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
View File

@ -1069,8 +1069,8 @@ public class ConsoleProxyManagerImpl implements ConsoleProxyManager, ConsoleProx
}
if (lastState != state) {
_configDao.update(Config.ConsoleProxyManagementLastState.key(), lastState.toString());
_configDao.update(Config.ConsoleProxyManagementState.key(), state.toString());
_configDao.update(Config.ConsoleProxyManagementLastState.key(), Config.ConsoleProxyManagementLastState.getCategory(), lastState.toString());
_configDao.update(Config.ConsoleProxyManagementState.key(), Config.ConsoleProxyManagementState.getCategory(), state.toString());
}
txn.commit();
@ -1109,7 +1109,7 @@ public class ConsoleProxyManagerImpl implements ConsoleProxyManager, ConsoleProx
}
if (lastState != state) {
_configDao.update(Config.ConsoleProxyManagementState.key(), lastState.toString());
_configDao.update(Config.ConsoleProxyManagementState.key(), Config.ConsoleProxyManagementState.getCategory(), lastState.toString());
}
txn.commit();

1
server/src/com/cloud/deploy/FirstFitPlanner.java
View File

@ -88,7 +88,6 @@ public class FirstFitPlanner extends PlannerBase implements DeploymentPlanner {
@Inject protected DataCenterDao _dcDao;
@Inject protected HostPodDao _podDao;
@Inject protected ClusterDao _clusterDao;
@Inject protected HostDetailsDao _hostDetailsDao = null;
@Inject protected GuestOSDao _guestOSDao = null;
@Inject protected GuestOSCategoryDao _guestOSCategoryDao = null;
@Inject protected DiskOfferingDao _diskOfferingDao;

19
server/src/com/cloud/host/dao/HostDetailsDaoImpl.java
View File

@ -24,6 +24,7 @@ import java.util.Map;
import javax.ejb.Local;
import com.cloud.host.DetailVO;
import com.cloud.utils.crypt.DBEncryptionUtil;
import com.cloud.utils.db.GenericDaoBase;
import com.cloud.utils.db.SearchBuilder;
import com.cloud.utils.db.SearchCriteria;
@ -51,7 +52,11 @@ public class HostDetailsDaoImpl extends GenericDaoBase<DetailVO, Long> implement
sc.setParameters("hostId", hostId);
sc.setParameters("name", name);
return findOneIncludingRemovedBy(sc);
DetailVO detail = findOneIncludingRemovedBy(sc);
if("password".equals(name) && detail != null){
detail.setValue(DBEncryptionUtil.decrypt(detail.getValue()));
}
return detail;
}
@Override
@ -62,7 +67,11 @@ public class HostDetailsDaoImpl extends GenericDaoBase<DetailVO, Long> implement
List<DetailVO> results = search(sc, null);
Map<String, String> details = new HashMap<String, String>(results.size());
for (DetailVO result : results) {
details.put(result.getName(), result.getValue());
if("password".equals(result.getName())){
details.put(result.getName(), DBEncryptionUtil.decrypt(result.getValue()));
} else {
details.put(result.getName(), result.getValue());
}
}
return details;
}
@ -87,7 +96,11 @@ public class HostDetailsDaoImpl extends GenericDaoBase<DetailVO, Long> implement
expunge(sc);
for (Map.Entry<String, String> detail : details.entrySet()) {
DetailVO vo = new DetailVO(hostId, detail.getKey(), detail.getValue());
String value = detail.getValue();
if("password".equals(detail.getKey())){
value = DBEncryptionUtil.encrypt(value);
}
DetailVO vo = new DetailVO(hostId, detail.getKey(), value);
persist(vo);
}
txn.commit();

1
server/src/com/cloud/hypervisor/guru/HypervGuru.java
View File

@ -29,7 +29,6 @@ public class HypervGuru extends HypervisorGuruBase implements HypervisorGuru {
@Inject GuestOSDao _guestOsDao;
@Inject HostDao _hostDao;
@Inject HostDetailsDao _hostDetailsDao;
protected HypervGuru() {
super();

3
server/src/com/cloud/network/ExternalFirewallDeviceManagerImpl.java
View File

@ -113,7 +113,6 @@ public abstract class ExternalFirewallDeviceManagerImpl extends AdapterBase impl
@Inject HostDao _hostDao;
@Inject NetworkServiceMapDao _ntwkSrvcProviderDao;
@Inject DataCenterDao _dcDao;
@Inject HostDetailsDao _detailsDao;
@Inject NetworkManager _networkMgr;
@Inject InlineLoadBalancerNicMapDao _inlineLoadBalancerNicMapDao;
@Inject NicDao _nicDao;
@ -316,7 +315,7 @@ public abstract class ExternalFirewallDeviceManagerImpl extends AdapterBase impl
}
public ExternalFirewallResponse createExternalFirewallResponse(Host externalFirewall) {
Map<String, String> fwDetails = _detailsDao.findDetails(externalFirewall.getId());
Map<String, String> fwDetails = _hostDetailDao.findDetails(externalFirewall.getId());
ExternalFirewallResponse response = new ExternalFirewallResponse();
response.setId(externalFirewall.getId());
response.setIpAddress(externalFirewall.getPrivateIpAddress());

6
server/src/com/cloud/network/ExternalLoadBalancerDeviceManagerImpl.java
View File

@ -134,8 +134,6 @@ public abstract class ExternalLoadBalancerDeviceManagerImpl extends AdapterBase
@Inject
DataCenterDao _dcDao;
@Inject
HostDetailsDao _detailsDao;
@Inject
NetworkManager _networkMgr;
@Inject
InlineLoadBalancerNicMapDao _inlineLoadBalancerNicMapDao;
@ -329,7 +327,7 @@ public abstract class ExternalLoadBalancerDeviceManagerImpl extends AdapterBase
}
public ExternalLoadBalancerResponse createExternalLoadBalancerResponse(Host externalLoadBalancer) {
Map<String, String> lbDetails = _detailsDao.findDetails(externalLoadBalancer.getId());
Map<String, String> lbDetails = _hostDetailDao.findDetails(externalLoadBalancer.getId());
ExternalLoadBalancerResponse response = new ExternalLoadBalancerResponse();
response.setId(externalLoadBalancer.getId());
response.setIpAddress(externalLoadBalancer.getPrivateIpAddress());
@ -650,7 +648,7 @@ public abstract class ExternalLoadBalancerDeviceManagerImpl extends AdapterBase
}
private boolean externalLoadBalancerIsInline(HostVO externalLoadBalancer) {
DetailVO detail = _detailsDao.findDetail(externalLoadBalancer.getId(), "inline");
DetailVO detail = _hostDetailDao.findDetail(externalLoadBalancer.getId(), "inline");
return (detail != null && detail.getValue().equals("true"));
}

1
server/src/com/cloud/network/ExternalNetworkDeviceManagerImpl.java
View File

@ -98,7 +98,6 @@ public class ExternalNetworkDeviceManagerImpl implements ExternalNetworkDeviceMa
@Inject PortForwardingRulesDao _portForwardingRulesDao;
@Inject LoadBalancerDao _loadBalancerDao;
@Inject ConfigurationDao _configDao;
@Inject HostDetailsDao _detailsDao;
@Inject NetworkOfferingDao _networkOfferingDao;
@Inject NicDao _nicDao;
@Inject VpnUserDao _vpnUsersDao;

112
server/src/com/cloud/network/NetworkManagerImpl.java
View File

@ -601,8 +601,79 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
return success;
}
protected boolean applyProviderIpAssociations(Network network, Purpose purpose, boolean continueOnError, List<? extends FirewallRule> rules) throws ResourceUnavailableException {
boolean success = true;
List<PublicIp> publicIps = new ArrayList<PublicIp>();
for (FirewallRule rule : rules) {
IPAddressVO lbIp = _ipAddressDao.findById(rule.getSourceIpAddressId());
PublicIp publicIp = new PublicIp(lbIp, _vlanDao.findById(lbIp.getVlanId()), NetUtils.createSequenceBasedMacAddress(lbIp.getMacAddress()));
publicIps.add(publicIp);
}
for (NetworkElement ne : _networkElements) {
try {
boolean handled;
switch (purpose) {
case LoadBalancing:
if (!(ne instanceof LoadBalancingServiceProvider)) {
continue;
}
LoadBalancingServiceProvider lbProvider = (LoadBalancingServiceProvider) ne;
s_logger.trace("Asking " + ne + " to apply ip associations for " + purpose.toString() + " purpose");
handled = lbProvider.applyLoadBalancerIp(network, publicIps);
break;
case PortForwarding:
if (!(ne instanceof PortForwardingServiceProvider)) {
continue;
}
PortForwardingServiceProvider pfProvider = (PortForwardingServiceProvider) ne;
s_logger.trace("Asking " + ne + " to apply ip associations for " + purpose.toString() + " purpose");
handled = pfProvider.applyIps(network, publicIps);
break;
case StaticNat:
case Firewall:
if (!(ne instanceof FirewallServiceProvider)) {
continue;
}
s_logger.trace("Asking " + ne + " to apply ip associations for " + purpose.toString() + " purpose");
FirewallServiceProvider fwProvider = (FirewallServiceProvider) ne;
handled = fwProvider.applyIps(network, publicIps);
break;
default:
s_logger.debug("Unable to handle IP association for purpose: " + purpose.toString());
handled = false;
}
s_logger.debug("Network Rules for network " + network.getId() + " were " + (handled ? "" : " not") + " handled by " + ne.getName());
} catch (ResourceUnavailableException e) {
success = false;
if (!continueOnError) {
throw e;
} else {
s_logger.debug("Resource is not available: " + ne.getName(), e);
}
}
}
return success;
}
protected boolean applyIpAssociations(Network network, boolean continueOnError, List<PublicIp> publicIps) throws ResourceUnavailableException {
boolean success = true;
List<PublicIp> srcNatpublicIps = new ArrayList<PublicIp>();
// apply IP only for source NAT public IP at this point. Depending on the network service for which
// public IP will be used do IP Association to respective network service provider before apply rules
if (publicIps != null && !publicIps.isEmpty()) {
for (PublicIp ip : publicIps) {
if (ip.isSourceNat()) {
srcNatpublicIps.add(ip);
}
}
}
for (NetworkElement element : _networkElements) {
try {
if (!(element instanceof FirewallServiceProvider)) {
@ -610,7 +681,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
}
FirewallServiceProvider e = (FirewallServiceProvider)element;
s_logger.trace("Asking " + element + " to apply ip associations");
e.applyIps(network, publicIps);
e.applyIps(network, srcNatpublicIps);
} catch (ResourceUnavailableException e) {
success = false;
if (!continueOnError) {
@ -2583,6 +2654,10 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
boolean success = true;
Network network = _networksDao.findById(rules.get(0).getNetworkId());
Purpose purpose = rules.get(0).getPurpose();
// associate the IP with corresponding network service provider
applyProviderIpAssociations(network, purpose, continueOnError, rules);
for (NetworkElement ne : _networkElements) {
try {
boolean handled;
@ -2745,14 +2820,19 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
s_logger.debug("Restarting network " + networkId + "...");
//shutdown the network
ReservationContext context = new ReservationContextImpl(null, null, callerUser, callerAccount);
s_logger.debug("Shutting down the network id=" + networkId + " as a part of network restart");
if (cleanup) {
//shutdown the network
s_logger.debug("Shutting down the network id=" + networkId + " as a part of network restart");
if (!shutdownNetworkElementsAndResources(context, cleanup, network)) {
s_logger.debug("Failed to shutdown the network elements and resources as a part of network restart: " + network.getState());
setRestartRequired(network, true);
return false;
if (!shutdownNetworkElementsAndResources(context, true, network)) {
s_logger.debug("Failed to shutdown the network elements and resources as a part of network restart: " + network.getState());
setRestartRequired(network, true);
return false;
}
} else {
s_logger.debug("Skip the shutting down of network id=" + networkId);
}
//implement the network elements and rules again
@ -3611,14 +3691,30 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
return true;
}
List<PublicIp> staticNatIps = new ArrayList<PublicIp>();
for (StaticNat rule : staticNats) {
IPAddressVO staticNatIP = _ipAddressDao.findById(rule.getSourceIpAddressId());
PublicIp publicIp = new PublicIp(staticNatIP, _vlanDao.findById(staticNatIP.getVlanId()), NetUtils.createSequenceBasedMacAddress(staticNatIP.getMacAddress()));
staticNatIps.add(publicIp);
}
boolean success = true;
boolean handled = false;
Network network = _networksDao.findById(staticNats.get(0).getNetworkId());
for (NetworkElement ne : _networkElements) {
try {
if (!(ne instanceof StaticNatServiceProvider)) {
continue;
}
boolean handled = ((StaticNatServiceProvider)ne).applyStaticNats(network, staticNats);
// associate the IP's with StaticNatServiceProvider for the network
handled = ((StaticNatServiceProvider)ne).applyIps(network, staticNatIps);
if(!handled) {
s_logger.debug(ne.getName() +" did not assocate IP with source Nat service provider for the network " + network.getId() + "so skippg apply static nats");
continue;
}
handled = ((StaticNatServiceProvider)ne).applyStaticNats(network, staticNats);
s_logger.debug("Static Nat for network " + network.getId() + " were " + (handled ? "" : " not") + " handled by " + ne.getName());
} catch (ResourceUnavailableException e) {
if (!continueOnError) {

7
server/src/com/cloud/network/element/ElasticLoadBalancerElement.java
View File

@ -39,6 +39,7 @@ import com.cloud.network.Network.Service;
import com.cloud.network.NetworkManager;
import com.cloud.network.Networks.TrafficType;
import com.cloud.network.PhysicalNetworkServiceProvider;
import com.cloud.network.PublicIpAddress;
import com.cloud.network.dao.NetworkDao;
import com.cloud.network.lb.ElasticLoadBalancerManager;
import com.cloud.network.lb.LoadBalancingRule;
@ -179,4 +180,10 @@ public class ElasticLoadBalancerElement extends AdapterBase implements LoadBalan
public boolean verifyServicesCombination(List<String> services) {
return true;
}
@Override
public boolean applyLoadBalancerIp(Network network, List<? extends PublicIpAddress> ipAddress) throws ResourceUnavailableException {
// TODO Auto-generated method stub
return false;
}
}

7
server/src/com/cloud/network/element/F5ExternalLoadBalancerElement.java
View File

@ -66,6 +66,7 @@ import com.cloud.network.NetworkManager;
import com.cloud.network.Networks.TrafficType;
import com.cloud.network.PhysicalNetworkServiceProvider;
import com.cloud.network.PhysicalNetworkVO;
import com.cloud.network.PublicIpAddress;
import com.cloud.network.dao.ExternalLoadBalancerDeviceDao;
import com.cloud.network.dao.NetworkDao;
import com.cloud.network.dao.NetworkExternalLoadBalancerDao;
@ -440,4 +441,10 @@ public class F5ExternalLoadBalancerElement extends ExternalLoadBalancerDeviceMan
public boolean verifyServicesCombination(List<String> services) {
return true;
}
@Override
public boolean applyLoadBalancerIp(Network network, List<? extends PublicIpAddress> ipAddress) throws ResourceUnavailableException {
// return true, as IP will be associated as part of LB rule configuration
return true;
}
}

16
server/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java
View File

@ -175,16 +175,6 @@ public class JuniperSRXExternalFirewallElement extends ExternalFirewallDeviceMan
return true;
}
@Override
public boolean applyIps(Network network, List<? extends PublicIpAddress> ipAddresses) throws ResourceUnavailableException {
if (!canHandle(network)) {
return false;
}
return applyIps(network, ipAddresses);
}
@Override
public boolean applyFWRules(Network config, List<? extends FirewallRule> rules) throws ResourceUnavailableException {
if (!canHandle(config)) {
@ -505,4 +495,10 @@ public class JuniperSRXExternalFirewallElement extends ExternalFirewallDeviceMan
public boolean verifyServicesCombination(List<String> services) {
return true;
}
@Override
public boolean applyIps(Network network, List<? extends PublicIpAddress> ipAddress) throws ResourceUnavailableException {
// TODO Auto-generated method stub
return false;
}
}

7
server/src/com/cloud/network/element/NetscalerExternalLoadBalancerElement.java
View File

@ -64,6 +64,7 @@ import com.cloud.network.NetworkVO;
import com.cloud.network.Networks.TrafficType;
import com.cloud.network.PhysicalNetworkServiceProvider;
import com.cloud.network.PhysicalNetworkVO;
import com.cloud.network.PublicIpAddress;
import com.cloud.network.dao.ExternalLoadBalancerDeviceDao;
import com.cloud.network.dao.NetworkDao;
import com.cloud.network.dao.NetworkExternalLoadBalancerDao;
@ -465,4 +466,10 @@ public class NetscalerExternalLoadBalancerElement extends ExternalLoadBalancerDe
public boolean verifyServicesCombination(List<String> services) {
return true;
}
@Override
public boolean applyLoadBalancerIp(Network network, List<? extends PublicIpAddress> ipAddress) throws ResourceUnavailableException {
// return true, as IP will be associated as part of LB rule configuration
return true;
}
}

16
server/src/com/cloud/network/element/VirtualRouterElement.java
View File

@ -270,6 +270,21 @@ public class VirtualRouterElement extends AdapterBase implements VirtualRouterEl
}
}
@Override
public boolean applyLoadBalancerIp(Network network, List<? extends PublicIpAddress> ipAddress) throws ResourceUnavailableException {
if (canHandle(network, Service.Lb)) {
List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER);
if (routers == null || routers.isEmpty()) {
s_logger.debug("Virtual router element doesn't need to associate load balancer ip addresses on the backend; virtual router doesn't exist in the network " + network.getId());
return true;
}
return _routerMgr.associateIP(network, ipAddress, routers);
} else {
return false;
}
}
@Override
public Provider getProvider() {
return Provider.VirtualRouter;
@ -644,4 +659,5 @@ public class VirtualRouterElement extends AdapterBase implements VirtualRouterEl
}
return true;
}
}

6
server/src/com/cloud/network/firewall/FirewallManagerImpl.java
View File

@ -55,8 +55,8 @@ import com.cloud.network.dao.FirewallRulesDao;
import com.cloud.network.dao.IPAddressDao;
import com.cloud.network.rules.FirewallManager;
import com.cloud.network.rules.FirewallRule;
import com.cloud.network.rules.FirewallRule.Purpose;
import com.cloud.network.rules.FirewallRule.FirewallRuleType;
import com.cloud.network.rules.FirewallRule.Purpose;
import com.cloud.network.rules.FirewallRule.State;
import com.cloud.network.rules.FirewallRuleVO;
import com.cloud.network.rules.PortForwardingRuleVO;
@ -375,8 +375,10 @@ public class FirewallManagerImpl implements FirewallService, FirewallManager, Ma
if (!_elbEnabled) {
protocolCapabilities = _networkMgr.getNetworkServiceCapabilities(network.getId(), Service.Lb);
}
} else {
} else if (purpose == Purpose.Firewall){
protocolCapabilities = _networkMgr.getNetworkServiceCapabilities(network.getId(), Service.Firewall);
} else if (purpose == Purpose.PortForwarding) {
protocolCapabilities = _networkMgr.getNetworkServiceCapabilities(network.getId(), Service.PortForwarding);
}
if (protocolCapabilities != null) {

43
server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
View File

@ -76,8 +76,6 @@ import com.cloud.agent.api.to.StaticNatRuleTO;
import com.cloud.agent.manager.Commands;
import com.cloud.alert.AlertManager;
import com.cloud.api.commands.UpgradeRouterCmd;
import com.cloud.async.AsyncJobManager;
import com.cloud.capacity.dao.CapacityDao;
import com.cloud.cluster.ManagementServerHostVO;
import com.cloud.cluster.ManagementServerNode;
import com.cloud.cluster.dao.ManagementServerHostDao;
@ -85,7 +83,6 @@ import com.cloud.configuration.Config;
import com.cloud.configuration.ConfigurationManager;
import com.cloud.configuration.ZoneConfig;
import com.cloud.configuration.dao.ConfigurationDao;
import com.cloud.configuration.dao.ResourceLimitDao;
import com.cloud.dc.ClusterVO;
import com.cloud.dc.DataCenter;
import com.cloud.dc.DataCenter.NetworkType;
@ -100,7 +97,6 @@ import com.cloud.deploy.DataCenterDeployment;
import com.cloud.deploy.DeployDestination;
import com.cloud.deploy.DeploymentPlan;
import com.cloud.deploy.DeploymentPlanner.ExcludeList;
import com.cloud.domain.dao.DomainDao;
import com.cloud.event.ActionEvent;
import com.cloud.event.EventTypes;
import com.cloud.event.dao.EventDao;
@ -146,7 +142,6 @@ import com.cloud.network.dao.IPAddressDao;
import com.cloud.network.dao.LoadBalancerDao;
import com.cloud.network.dao.LoadBalancerVMMapDao;
import com.cloud.network.dao.NetworkDao;
import com.cloud.network.dao.NetworkRuleConfigDao;
import com.cloud.network.dao.PhysicalNetworkServiceProviderDao;
import com.cloud.network.dao.RemoteAccessVpnDao;
import com.cloud.network.dao.VirtualRouterProviderDao;
@ -181,13 +176,11 @@ import com.cloud.storage.dao.VMTemplateHostDao;
import com.cloud.storage.dao.VolumeDao;
import com.cloud.user.Account;
import com.cloud.user.AccountManager;
import com.cloud.user.AccountService;
import com.cloud.user.User;
import com.cloud.user.UserContext;
import com.cloud.user.UserStatisticsVO;
import com.cloud.user.UserStatsLogVO;
import com.cloud.user.UserVO;
import com.cloud.user.dao.AccountDao;
import com.cloud.user.dao.UserDao;
import com.cloud.user.dao.UserStatisticsDao;
import com.cloud.user.dao.UserStatsLogDao;
@ -253,10 +246,6 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
@Inject
UserDao _userDao = null;
@Inject
AccountDao _accountDao = null;
@Inject
DomainDao _domainDao = null;
@Inject
UserStatisticsDao _userStatsDao = null;
@Inject
VolumeDao _volsDao = null;
@ -271,10 +260,6 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
@Inject
VMTemplateHostDao _vmTemplateHostDao = null;
@Inject
ResourceLimitDao _limitDao = null;
@Inject
CapacityDao _capacityDao = null;
@Inject
UserStatsLogDao _userStatsLogDao = null;
@Inject
AgentManager _agentMgr;
@ -285,20 +270,14 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
@Inject
AccountManager _accountMgr;
@Inject
AccountService _accountService;
@Inject
ConfigurationManager _configMgr;
@Inject
AsyncJobManager _asyncMgr;
@Inject
ServiceOfferingDao _serviceOfferingDao = null;
@Inject
UserVmDao _userVmDao;
@Inject
FirewallRulesDao _firewallRulesDao;
@Inject
NetworkRuleConfigDao _networkRuleConfigDao;
@Inject
UserStatisticsDao _statsDao = null;
@Inject
NetworkOfferingDao _networkOfferingDao = null;
@ -675,7 +654,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
throw new ConfigurationException(msg);
}
_systemAcct = _accountService.getSystemAccount();
_systemAcct = _accountMgr.getSystemAccount();
String aggregationRange = configs.get("usage.stats.job.aggregation.range");
_usageAggregationRange = NumbersUtil.parseInt(aggregationRange, 1440);
@ -1254,7 +1233,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
NicProfile defaultNic = new NicProfile();
//if source nat service is supported by the network, get the source nat ip address
if (publicNetwork) {
PublicIp sourceNatIp = _networkMgr.assignSourceNatIpAddress(owner, guestNetwork, _accountService.getSystemUser().getId());
PublicIp sourceNatIp = _networkMgr.assignSourceNatIpAddress(owner, guestNetwork, _accountMgr.getSystemUser().getId());
defaultNic.setDefaultNic(true);
defaultNic.setIp4Address(sourceNatIp.getAddress().addr());
defaultNic.setGateway(sourceNatIp.getGateway());
@ -1336,6 +1315,9 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
//Router is the network element, we don't know the hypervisor type yet.
//Try to allocate the domR twice using diff hypervisors, and when failed both times, throw the exception up
List<HypervisorType> supportedHypervisors = _resourceMgr.getSupportedHypervisorTypes(dest.getDataCenter().getId());
if (supportedHypervisors.isEmpty()) {
throw new InsufficientServerCapacityException("Unable to create virtual router, there are no clusters in the zone ", DataCenter.class, dest.getDataCenter().getId());
}
int retry = 0;
for (HypervisorType hType : supportedHypervisors) {
try {
@ -1346,9 +1328,15 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
s_logger.debug(hType + " won't support system vm, skip it");
continue;
}
boolean offerHA = routerOffering.getOfferHA();
/* We don't provide HA to redundant router VMs, admin should own it all, and redundant router themselves are HA */
if (isRedundant) {
offerHA = false;
}
router = new DomainRouterVO(id, routerOffering.getId(), vrProvider.getId(), VirtualMachineName.getRouterName(id, _instance), template.getId(), template.getHypervisorType(),
template.getGuestOSId(), owner.getDomainId(), owner.getId(), guestNetwork.getId(), isRedundant, 0, false, RedundantState.UNKNOWN, routerOffering.getOfferHA(), false);
template.getGuestOSId(), owner.getDomainId(), owner.getId(), guestNetwork.getId(), isRedundant, 0, false, RedundantState.UNKNOWN, offerHA, false);
router.setRole(Role.VIRTUAL_ROUTER);
router = _itMgr.allocate(router, template, routerOffering, networks, plan, null, owner);
break;
@ -1481,7 +1469,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
}
if (!skip) {
if (state != State.Running) {
router = startVirtualRouter(router, _accountService.getSystemUser(), _accountService.getSystemAccount(), params);
router = startVirtualRouter(router, _accountMgr.getSystemUser(), _accountMgr.getSystemAccount(), params);
}
if (router != null) {
runningRouters.add(router);
@ -2155,6 +2143,11 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
return null;
}
NetworkOfferingVO offering = _networkOfferingDao.findById(_networkDao.findById(defaultNic.getNetworkId()).getNetworkOfferingId());
if (offering.getRedundantRouter()) {
return findGatewayIp(userVmId);
}
//find domR's nic in the network
NicVO domrDefaultNic = _nicDao.findByNetworkIdAndType(defaultNic.getNetworkId(), VirtualMachine.Type.DomainRouter);
return domrDefaultNic.getIp4Address();

18
server/src/com/cloud/projects/ProjectManagerImpl.java
View File

@ -546,6 +546,11 @@ public class ProjectManagerImpl implements ProjectManager, Manager{
if (project == null) {
throw new InvalidParameterValueException("Unable to find the project id=" + projectId);
}
//User can be added to Active project only
if (project.getState() != Project.State.Active) {
throw new InvalidParameterValueException("Can't add account to the project id=" + projectId + " in state=" + project.getState() + " as it's no longer active");
}
//check that account-to-add exists
Account account = null;
@ -916,6 +921,7 @@ public class ProjectManagerImpl implements ProjectManager, Manager{
@Override
@ActionEvent(eventType = EventTypes.EVENT_PROJECT_ACTIVATE, eventDescription = "activating project")
@DB
public Project activateProject(long projectId) {
Account caller = UserContext.current().getCaller();
@ -941,9 +947,16 @@ public class ProjectManagerImpl implements ProjectManager, Manager{
throw new InvalidParameterValueException("Can't activate the project in " + currentState + " state");
}
Transaction txn = Transaction.currentTxn();
txn.start();
project.setState(Project.State.Active);
_projectDao.update(projectId, project);
_accountMgr.enableAccount(project.getProjectAccountId());
txn.commit();
return _projectDao.findById(projectId);
}
@ -970,7 +983,8 @@ public class ProjectManagerImpl implements ProjectManager, Manager{
}
private boolean suspendProject(ProjectVO project) throws ConcurrentOperationException, ResourceUnavailableException{
private boolean suspendProject(ProjectVO project) throws ConcurrentOperationException, ResourceUnavailableException {
s_logger.debug("Marking project " + project + " with state " + State.Suspended + " as a part of project suspend...");
project.setState(State.Suspended);
boolean updateResult = _projectDao.update(project.getId(), project);
@ -979,7 +993,7 @@ public class ProjectManagerImpl implements ProjectManager, Manager{
long projectAccountId = project.getProjectAccountId();
if (!_accountMgr.disableAccount(projectAccountId)) {
s_logger.warn("Failed to suspend all project's " + project + " resources; the resources will be suspended later by background thread");
}
}
} else {
throw new CloudRuntimeException("Failed to mark the project " + project + " with state " + State.Suspended);
}

2
server/src/com/cloud/projects/dao/ProjectAccountDao.java
View File

@ -32,4 +32,6 @@ public interface ProjectAccountDao extends GenericDao<ProjectAccountVO, Long>{
boolean canModifyProjectAccount(long accountId, long projectAccountId);
List<Long> listPermittedAccountIds(long accountId);
List<Long> listAdministratedProjects(long adminAccountId);
}

39
server/src/com/cloud/projects/dao/ProjectAccountDaoImpl.java
View File

@ -17,23 +17,23 @@
*/
package com.cloud.projects.dao;
import java.util.ArrayList;
import java.util.List;
import javax.ejb.Local;
import org.apache.log4j.Logger;
import com.cloud.projects.ProjectAccount;
import com.cloud.projects.ProjectAccountVO;
import com.cloud.utils.db.GenericDaoBase;
import com.cloud.utils.db.GenericSearchBuilder;
import com.cloud.utils.db.SearchBuilder;
import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.db.SearchCriteria.Op;
@Local(value={ProjectAccountDao.class})
public class ProjectAccountDaoImpl extends GenericDaoBase<ProjectAccountVO, Long> implements ProjectAccountDao {
private static final Logger s_logger = Logger.getLogger(ProjectAccountDaoImpl.class);
protected final SearchBuilder<ProjectAccountVO> AllFieldsSearch;
final GenericSearchBuilder<ProjectAccountVO, Long> AdminSearch;
final GenericSearchBuilder<ProjectAccountVO, Long> ProjectAccountSearch;
protected ProjectAccountDaoImpl() {
AllFieldsSearch = createSearchBuilder();
@ -42,6 +42,17 @@ public class ProjectAccountDaoImpl extends GenericDaoBase<ProjectAccountVO, Long
AllFieldsSearch.and("accountId", AllFieldsSearch.entity().getAccountId(), SearchCriteria.Op.EQ);
AllFieldsSearch.and("projectAccountId", AllFieldsSearch.entity().getProjectAccountId(), SearchCriteria.Op.EQ);
AllFieldsSearch.done();
AdminSearch = createSearchBuilder(Long.class);
AdminSearch.selectField(AdminSearch.entity().getProjectId());
AdminSearch.and("role", AdminSearch.entity().getAccountRole(), Op.EQ);
AdminSearch.and("accountId", AdminSearch.entity().getAccountId(), Op.EQ);
AdminSearch.done();
ProjectAccountSearch = createSearchBuilder(Long.class);
ProjectAccountSearch.selectField(ProjectAccountSearch.entity().getProjectAccountId());
ProjectAccountSearch.and("accountId", ProjectAccountSearch.entity().getAccountId(), Op.EQ);
ProjectAccountSearch.done();
}
@Override
@ -99,16 +110,16 @@ public class ProjectAccountDaoImpl extends GenericDaoBase<ProjectAccountVO, Long
@Override
public List<Long> listPermittedAccountIds(long accountId) {
List<Long> permittedAccounts = new ArrayList<Long>();
SearchCriteria<ProjectAccountVO> sc = AllFieldsSearch.create();
SearchCriteria<Long> sc = ProjectAccountSearch.create();
sc.setParameters("accountId", accountId);
List<ProjectAccountVO> records = listBy(sc);
for (ProjectAccountVO record : records) {
permittedAccounts.add(record.getProjectAccountId());
}
return permittedAccounts;
return customSearch(sc, null);
}
@Override
public List<Long> listAdministratedProjects(long adminAccountId) {
SearchCriteria<Long> sc = AdminSearch.create();
sc.setParameters("role", ProjectAccount.Role.Admin);
sc.setParameters("accountId", adminAccountId);
return customSearch(sc, null);
}
}

6
server/src/com/cloud/resource/ResourceManagerImpl.java
View File

@ -195,8 +195,6 @@ public class ResourceManagerImpl implements ResourceManager, ResourceService, Ma
protected ClusterManager _clusterMgr;
@Inject
protected StoragePoolHostDao _storagePoolHostDao;
@Inject
protected HostDetailsDao _detailsDao;
@Inject(adapter = PodAllocator.class)
protected Adapters<PodAllocator> _podAllocators = null;
@ -1800,9 +1798,9 @@ public class ResourceManagerImpl implements ResourceManager, ResourceService, Ma
return false;
}
DetailVO nv = _detailsDao.findDetail(hostId, ApiConstants.USERNAME);
DetailVO nv = _hostDetailsDao.findDetail(hostId, ApiConstants.USERNAME);
String username = nv.getValue();
nv = _detailsDao.findDetail(hostId, ApiConstants.PASSWORD);
nv = _hostDetailsDao.findDetail(hostId, ApiConstants.PASSWORD);
String password = nv.getValue();
UpdateHostPasswordCommand cmd = new UpdateHostPasswordCommand(username, password);
attache.updatePassword(cmd);

18
server/src/com/cloud/resourcelimit/ResourceLimitManagerImpl.java
View File

@ -200,7 +200,7 @@ public class ResourceLimitManagerImpl implements ResourceLimitService, Manager{
@Override
public long findCorrectResourceLimitForAccount(Account account, ResourceType type) {
long max = -1; //if resource limit is not found, then we treat it as unlimited
long max = Resource.RESOURCE_UNLIMITED; //if resource limit is not found, then we treat it as unlimited
ResourceLimitVO limit = _resourceLimitDao.findByOwnerIdAndType(account.getId(), ResourceOwnerType.Account, type);
// Check if limit is configured for account
@ -224,7 +224,7 @@ public class ResourceLimitManagerImpl implements ResourceLimitService, Manager{
@Override
public long findCorrectResourceLimitForDomain(Domain domain, ResourceType type) {
long max = -1;
long max = Resource.RESOURCE_UNLIMITED;
// Check account
ResourceLimitVO limit = _resourceLimitDao.findByOwnerIdAndType(domain.getId(), ResourceOwnerType.Domain, type);
@ -274,11 +274,11 @@ public class ResourceLimitManagerImpl implements ResourceLimitService, Manager{
// Check account limits
long accountLimit = findCorrectResourceLimitForAccount(account, type);
long potentialCount = _resourceCountDao.getResourceCount(account.getId(), ResourceOwnerType.Account, type) + numResources;
if (accountLimit != -1 && potentialCount > accountLimit) {
String message = "Maximum number of resources of type \"" + type + "\" for account name=" + account.getAccountName()
if (accountLimit != Resource.RESOURCE_UNLIMITED && potentialCount > accountLimit) {
String message = "Maximum number of resources of type '" + type + "' for account name=" + account.getAccountName()
+ " in domain id=" + account.getDomainId() + " has been exceeded.";
if (project != null) {
message = "Maximum number of resources of type \"" + type + "\" for project name=" + project.getName()
message = "Maximum number of resources of type '" + type + "' for project name=" + project.getName()
+ " in domain id=" + account.getDomainId() + " has been exceeded.";
}
throw new ResourceAllocationException(message, type);
@ -295,10 +295,10 @@ public class ResourceLimitManagerImpl implements ResourceLimitService, Manager{
while (domainId != null) {
DomainVO domain = _domainDao.findById(domainId);
ResourceLimitVO domainLimit = _resourceLimitDao.findByOwnerIdAndType(domainId, ResourceOwnerType.Domain, type);
if (domainLimit != null) {
if (domainLimit != null && domainLimit.getMax().longValue() != Resource.RESOURCE_UNLIMITED) {
long domainCount = _resourceCountDao.getResourceCount(domainId, ResourceOwnerType.Domain, type);
if ((domainCount + numResources) > domainLimit.getMax().longValue()) {
throw new ResourceAllocationException("Maximum number of resources of type \"" + type + "\" for domain id=" + domainId + " has been exceeded.", type);
throw new ResourceAllocationException("Maximum number of resources of type '" + type + "' for domain id=" + domainId + " has been exceeded.", type);
}
}
@ -458,8 +458,8 @@ public class ResourceLimitManagerImpl implements ResourceLimitService, Manager{
Account caller = UserContext.current().getCaller();
if (max == null) {
max = new Long(-1);
} else if (max < -1) {
max = new Long(Resource.RESOURCE_UNLIMITED);
} else if (max.longValue() < Resource.RESOURCE_UNLIMITED) {
throw new InvalidParameterValueException("Please specify either '-1' for an infinite limit, or a limit that is at least '0'.");
}

19
server/src/com/cloud/server/ConfigurationServerImpl.java
View File

@ -174,16 +174,17 @@ public class ConfigurationServerImpl implements ConfigurationServer {
String instance = "DEFAULT";
String component = c.getComponent();
String value = c.getDefaultValue();
value = ("Hidden".equals(category)) ? DBEncryptionUtil.encrypt(value) : value;
String description = c.getDescription();
ConfigurationVO configVO = new ConfigurationVO(category, instance, component, name, value, description);
_configDao.persist(configVO);
}
}
_configDao.update("secondary.storage.vm", "true");
_configDao.update(Config.UseSecondaryStorageVm.key(), Config.UseSecondaryStorageVm.getCategory(), "true");
s_logger.debug("ConfigurationServer made secondary storage vm required.");
_configDao.update("secstorage.encrypt.copy", "true");
_configDao.update(Config.SecStorageEncryptCopy.key(), Config.SecStorageEncryptCopy.getCategory(), "true");
s_logger.debug("ConfigurationServer made secondary storage copy encrypted.");
_configDao.update("secstorage.secure.copy.cert", "realhostip");
@ -201,7 +202,7 @@ public class ConfigurationServerImpl implements ConfigurationServer {
// Save the mount parent to the configuration table
String mountParent = getMountParent();
if (mountParent != null) {
_configDao.update("mount.parent", mountParent);
_configDao.update(Config.MountParent.key(), Config.MountParent.getCategory(), mountParent);
s_logger.debug("ConfigurationServer saved \"" + mountParent + "\" as mount.parent.");
} else {
s_logger.debug("ConfigurationServer could not detect mount.parent.");
@ -209,7 +210,7 @@ public class ConfigurationServerImpl implements ConfigurationServer {
String hostIpAdr = NetUtils.getDefaultHostIp();
if (hostIpAdr != null) {
_configDao.update("host", hostIpAdr);
_configDao.update(Config.ManagementHostIPAdr.key(), Config.ManagementHostIPAdr.getCategory(), hostIpAdr);
s_logger.debug("ConfigurationServer saved \"" + hostIpAdr + "\" as host.");
}
@ -266,7 +267,7 @@ public class ConfigurationServerImpl implements ConfigurationServer {
updateCloudIdentifier();
// Set init to true
_configDao.update("init", "true");
_configDao.update("init", "Hidden", "true");
}
@ -402,7 +403,7 @@ public class ConfigurationServerImpl implements ConfigurationServer {
String currentCloudIdentifier = _configDao.getValue("cloud.identifier");
if (currentCloudIdentifier == null || currentCloudIdentifier.isEmpty()) {
String uuid = UUID.randomUUID().toString();
_configDao.update("cloud.identifier", uuid);
_configDao.update(Config.CloudIdentifier.key(),Config.CloudIdentifier.getCategory(), uuid);
}
}
@ -485,14 +486,14 @@ public class ConfigurationServerImpl implements ConfigurationServer {
s_logger.info("Generated SSL keystore.");
}
String base64Keystore = getBase64Keystore(keystorePath);
ConfigurationVO configVO = new ConfigurationVO("Hidden", "DEFAULT", "management-server", "ssl.keystore", base64Keystore, "SSL Keystore for the management servers");
ConfigurationVO configVO = new ConfigurationVO("Hidden", "DEFAULT", "management-server", "ssl.keystore", DBEncryptionUtil.encrypt(base64Keystore), "SSL Keystore for the management servers");
_configDao.persist(configVO);
s_logger.info("Stored SSL keystore to database.");
} else if (keystoreFile.exists()) { // and dbExisted
// Check if they are the same one, otherwise override with local keystore
String base64Keystore = getBase64Keystore(keystorePath);
if (base64Keystore.compareTo(dbString) != 0) {
_configDao.update("ssl.keystore", base64Keystore);
_configDao.update("ssl.keystore", "Hidden", base64Keystore);
s_logger.info("Updated database keystore with local one.");
}
} else { // !keystoreFile.exists() and dbExisted
@ -702,7 +703,7 @@ public class ConfigurationServerImpl implements ConfigurationServer {
SecretKey key = generator.generateKey();
encodedKey = Base64.encodeBase64URLSafeString(key.getEncoded());
_configDao.update("security.singlesignon.key", encodedKey);
_configDao.update(Config.SSOKey.key(), Config.SSOKey.getCategory(), encodedKey);
} catch (NoSuchAlgorithmException ex) {
s_logger.error("error generating sso key", ex);
}

10
server/src/com/cloud/server/ManagementServerImpl.java
View File

@ -217,6 +217,7 @@ import com.cloud.utils.component.Adapters;
import com.cloud.utils.component.ComponentLocator;
import com.cloud.utils.component.Inject;
import com.cloud.utils.concurrency.NamedThreadFactory;
import com.cloud.utils.crypt.DBEncryptionUtil;
import com.cloud.utils.db.DB;
import com.cloud.utils.db.Filter;
import com.cloud.utils.db.GlobalLock;
@ -1294,8 +1295,9 @@ public class ManagementServerImpl implements ManagementServer {
} else {
domain = _domainDao.findById(DomainVO.ROOT_DOMAIN);
}
List<HypervisorType> hypers = null;
if( ! isIso ) {
if(!isIso) {
hypers = _resourceMgr.listAvailHypervisorInZone(null, null);
}
Set<Pair<Long, Long>> templateZonePairSet = new HashSet<Pair<Long, Long>>();
@ -3483,7 +3485,7 @@ public class ManagementServerImpl implements ManagementServer {
// although we may have race conditioning here, database transaction serialization should
// give us the same key
if (_hashKey == null) {
_hashKey = _configDao.getValueAndInitIfNotExist(Config.HashKey.key(), UUID.randomUUID().toString());
_hashKey = _configDao.getValueAndInitIfNotExist(Config.HashKey.key(), Config.HashKey.getCategory(), UUID.randomUUID().toString());
}
return _hashKey;
}
@ -3657,7 +3659,7 @@ public class ManagementServerImpl implements ManagementServer {
DetailVO nv = _detailsDao.findDetail(h.getId(), ApiConstants.USERNAME);
if (nv.getValue().equals(cmd.getUsername())) {
DetailVO nvp = new DetailVO(h.getId(), ApiConstants.PASSWORD, cmd.getPassword());
nvp.setValue(cmd.getPassword());
nvp.setValue(DBEncryptionUtil.encrypt(cmd.getPassword()));
_detailsDao.persist(nvp);
} else {
throw new InvalidParameterValueException("The username is not under use by management server.");
@ -3675,7 +3677,7 @@ public class ManagementServerImpl implements ManagementServer {
DetailVO nv = _detailsDao.findDetail(h.getId(), ApiConstants.USERNAME);
if (nv.getValue().equals(cmd.getUsername())) {
DetailVO nvp = _detailsDao.findDetail(h.getId(), ApiConstants.PASSWORD);
nvp.setValue(cmd.getPassword());
nvp.setValue(DBEncryptionUtil.encrypt(cmd.getPassword()));
_detailsDao.persist(nvp);
} else {
// if one host in the cluster has diff username then rollback to maintain consistency

2
server/src/com/cloud/storage/StorageManagerImpl.java
View File

@ -222,8 +222,6 @@ public class StorageManagerImpl implements StorageManager, StorageService, Manag
@Inject
protected ConsoleProxyDao _consoleProxyDao;
@Inject
protected HostDetailsDao _detailsDao;
@Inject
protected SnapshotDao _snapshotDao;
@Inject
protected SnapshotManager _snapMgr;

2
server/src/com/cloud/storage/dao/VMTemplateDaoImpl.java
View File

@ -575,7 +575,7 @@ public class VMTemplateDaoImpl extends GenericDaoBase<VMTemplateVO, Long> implem
}
} else if (templateFilter == TemplateFilter.all && caller.getType() == Account.ACCOUNT_TYPE_ADMIN) {
whereClause += attr;
} else if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
} else if (caller.getType() != Account.ACCOUNT_TYPE_ADMIN && !isIso) {
return templateZonePairList;
}

2
server/src/com/cloud/storage/snapshot/SnapshotManager.java
View File

@ -111,8 +111,6 @@ public interface SnapshotManager {
*/
boolean deleteSnapshotDirsForAccount(long accountId);
void validateSnapshot(Long userId, SnapshotVO snapshot);
SnapshotPolicyVO getPolicyForVolume(long volumeId);
boolean destroySnapshotBackUp(long snapshotId);

72
server/src/com/cloud/storage/snapshot/SnapshotManagerImpl.java
View File

@ -81,7 +81,6 @@ import com.cloud.storage.Storage;
import com.cloud.storage.StorageManager;
import com.cloud.storage.StoragePool;
import com.cloud.storage.StoragePoolVO;
import com.cloud.storage.SwiftVO;
import com.cloud.storage.VMTemplateVO;
import com.cloud.storage.Volume;
import com.cloud.storage.VolumeVO;
@ -118,7 +117,6 @@ import com.cloud.utils.db.SearchBuilder;
import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.db.Transaction;
import com.cloud.utils.exception.CloudRuntimeException;
import com.cloud.utils.fsm.NoTransitionException;
import com.cloud.vm.UserVmVO;
import com.cloud.vm.VMInstanceVO;
import com.cloud.vm.VirtualMachine.State;
@ -154,8 +152,6 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
@Inject
protected SnapshotScheduleDao _snapshotScheduleDao;
@Inject
protected HostDetailsDao _detailsDao;
@Inject
protected DomainDao _domainDao;
@Inject
protected StorageManager _storageMgr;
@ -300,6 +296,8 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
s_logger.debug("CreateSnapshot: this is empty snapshot ");
snapshot.setPath(preSnapshotPath);
snapshot.setBackupSnapshotId(preSnapshotVO.getBackupSnapshotId());
snapshot.setSwiftId(preSnapshotVO.getSwiftId());
snapshot.setStatus(Snapshot.Status.BackedUp);
snapshot.setPrevSnapshotId(preId);
snapshot.setSecHostId(preSnapshotVO.getSecHostId());
@ -368,32 +366,21 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
@Override
@DB
@ActionEvent(eventType = EventTypes.EVENT_SNAPSHOT_CREATE, eventDescription = "creating snapshot", async = true)
public SnapshotVO createSnapshot(Long volumeId, Long policyId, Long snapshotId) {
VolumeVO volume = _volsDao.findById(volumeId);
public SnapshotVO createSnapshot(Long volumeId, Long policyId, Long snapshotId, Account snapshotOwner) {
VolumeVO volume = _volsDao.findById(volumeId);
if (volume == null) {
throw new InvalidParameterValueException("No such volume exist");
}
Account owner = _accountMgr.getAccount(volume.getAccountId());
SnapshotVO snapshot = null;
boolean backedUp = false;
UserVmVO uservm = null;
// does the caller have the authority to act on this volume
_accountMgr.checkAccess(UserContext.current().getCaller(), null, volume);
try {
if (volume != null && _volsDao.getHypervisorType(volume.getId()).equals(HypervisorType.KVM)) {
/* KVM needs to lock on the vm of volume, because it takes snapshot on behalf of vm, not volume */
UserVmVO uservm = _vmDao.findById(volume.getInstanceId());
if (uservm != null) {
UserVmVO vm = _vmDao.acquireInLockTable(uservm.getId(), 10);
if (vm == null) {
throw new CloudRuntimeException("Creating snapshot failed due to volume:" + volumeId + " is being used, try it later ");
}
}
}
Long poolId = volume.getPoolId();
if (poolId == null) {
throw new CloudRuntimeException("You cannot take a snapshot of a volume until it has been attached to an instance");
@ -422,7 +409,7 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
+ userVm.getState().toString() + " state");
}
if(userVm.getHypervisorType() == HypervisorType.VMware) {
if(userVm.getHypervisorType() == HypervisorType.VMware || userVm.getHypervisorType() == HypervisorType.KVM) {
List<SnapshotVO> activeSnapshots = _snapshotDao.listByInstanceId(volume.getInstanceId(), Snapshot.Status.Creating, Snapshot.Status.CreatedOnPrimary, Snapshot.Status.BackingUp);
if(activeSnapshots.size() > 1)
throw new CloudRuntimeException("There is other active snapshot tasks on the instance to which the volume is attached, please try again later");
@ -432,6 +419,7 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
//when taking snapshot, make sure nobody can delete/move the volume
boolean stateTransit = false;
/*
try {
stateTransit = _storageMgr.stateTransitTo(volume, Volume.Event.SnapshotRequested);
} catch (NoTransitionException e) {
@ -441,7 +429,7 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
_snapshotDao.expunge(snapshotId);
throw new CloudRuntimeException("Creating snapshot failed due to volume:" + volumeId + " is being used, try it later ");
}
}
}*/
snapshot = createSnapshotOnPrimary(volume, policyId, snapshotId);
if (snapshot != null) {
@ -479,7 +467,7 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
snapshot.setStatus(Status.Error);
_snapshotDao.update(snapshot.getId(), snapshot);
} else {
_resourceLimitMgr.incrementResourceCount(owner.getId(), ResourceType.snapshot);
_resourceLimitMgr.incrementResourceCount(snapshotOwner.getId(), ResourceType.snapshot);
}
} else {
snapshot = _snapshotDao.findById(snapshotId);
@ -489,11 +477,12 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
}
}
/*
try {
_storageMgr.stateTransitTo(volume, Volume.Event.OperationSucceeded);
} catch (NoTransitionException e) {
s_logger.debug("Failed to transit volume state: " + e.toString());
}
}*/
}
@ -509,34 +498,6 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
return createdSnapshot;
}
@Override
@DB
@SuppressWarnings("fallthrough")
public void validateSnapshot(Long userId, SnapshotVO snapshot) {
assert snapshot != null;
Long id = snapshot.getId();
Status status = snapshot.getStatus();
s_logger.debug("Snapshot scheduler found a snapshot whose actual status is not clear. Snapshot id:" + id + " with DB status: " + status);
switch (status) {
case Creating:
// else continue to the next case.
case CreatedOnPrimary:
// The snapshot has been created on the primary and the DB has been updated.
// However, it hasn't entered the backupSnapshotToSecondaryStorage, else
// status would have been backing up.
// So call backupSnapshotToSecondaryStorage without any fear.
case BackingUp:
// It has entered backupSnapshotToSecondaryStorage.
// But we have no idea whether it was backed up or not.
// So call backupSnapshotToSecondaryStorage again.
backupSnapshotToSecondaryStorage(snapshot);
break;
case BackedUp:
// No need to do anything as snapshot has already been backed up.
}
}
@Override
public void deleteSnapshotsForVolume (String secondaryStoragePoolUrl, Long dcId, Long accountId, Long volumeId ){
@ -603,9 +564,6 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
}
private SwiftTO toSwiftTO(SwiftVO swift) {
return new SwiftTO(swift.getId(), swift.getUrl(), swift.getAccount(), swift.getUserName(), swift.getKey());
}
@Override
@DB
@ -682,7 +640,7 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
if (backedUp) {
if (backupSnapshotCommand.getSwift() != null ) {
snapshot.setSwiftId(1L);
snapshot.setSwiftId(swift.getId());
snapshot.setBackupSnapshotId(backedUpSnapshotUuid);
} else {
snapshot.setSecHostId(secHost.getId());
@ -1157,7 +1115,7 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
@Override
@DB
public SnapshotPolicyVO createPolicy(CreateSnapshotPolicyCmd cmd) {
public SnapshotPolicyVO createPolicy(CreateSnapshotPolicyCmd cmd, Account policyOwner) {
Long volumeId = cmd.getVolumeId();
VolumeVO volume = _volsDao.findById(cmd.getVolumeId());
if (volume == null) {
@ -1170,7 +1128,7 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
throw new InvalidParameterValueException("VolumeId: " + volumeId + " is not in " + Volume.State.Ready + " state but " + volume.getState() + ". Cannot take snapshot.");
}
if ( volume.getTemplateId() != null ) {
if (volume.getTemplateId() != null ) {
VMTemplateVO template = _templateDao.findById(volume.getTemplateId());
if( template != null && template.getTemplateType() == Storage.TemplateType.SYSTEM ) {
throw new InvalidParameterValueException("VolumeId: " + volumeId + " is for System VM , Creating snapshot against System VM volumes is not supported");

39
server/src/com/cloud/template/TemplateManagerImpl.java
View File

@ -357,7 +357,37 @@ public class TemplateManagerImpl implements TemplateManager, Manager, TemplateSe
}
}
if (tmpltHostRef == null ) {
if (tmpltHostRef == null && _swiftMgr.isSwiftEnabled()) {
SwiftTO swift = _swiftMgr.getSwiftTO(templateId);
if (swift != null && sservers != null) {
for (HostVO secondaryStorageHost : sservers) {
downloadTemplateFromSwiftToSecondaryStorageCommand cmd = new downloadTemplateFromSwiftToSecondaryStorageCommand(swift, secondaryStorageHost.getName(), zoneId,
template.getAccountId(), templateId, _primaryStorageDownloadWait);
try {
Answer answer = _agentMgr.sendToSSVM(zoneId, cmd);
if (answer == null || !answer.getResult()) {
String errMsg = "Failed to download template from Swift to secondary storage due to " + (answer == null ? "answer is null" : answer.getDetails());
s_logger.warn(errMsg);
throw new CloudRuntimeException(errMsg);
}
tmpltHostRef = _tmpltHostDao.findByHostTemplate(secondaryStorageHost.getId(), templateId);
if (tmpltHostRef != null) {
if (tmpltHostRef.getDownloadState() != com.cloud.storage.VMTemplateStorageResourceAssoc.Status.DOWNLOADED) {
tmpltHostRef = null;
} else {
break;
}
}
} catch (Exception e) {
String errMsg = "Failed to download template from Swift to secondary storage due to " + e.toString();
s_logger.warn(errMsg);
throw new CloudRuntimeException(errMsg);
}
}
}
}
if (tmpltHostRef == null) {
throw new InvalidParameterValueException("The " + desc + " has not been downloaded ");
}
@ -463,7 +493,12 @@ public class TemplateManagerImpl implements TemplateManager, Manager, TemplateSe
downloadTemplateFromSwiftToSecondaryStorageCommand cmd = new downloadTemplateFromSwiftToSecondaryStorageCommand(swift, secHost.getName(), dcId, template.getAccountId(), templateId,
_primaryStorageDownloadWait);
try {
_agentMgr.sendToSSVM(dcId, cmd);
Answer answer = _agentMgr.sendToSSVM(dcId, cmd);
if (answer == null || !answer.getResult()) {
String errMsg = "Failed to download template from Swift to secondary storage due to " + (answer == null ? "answer is null" : answer.getDetails());
s_logger.warn(errMsg);
throw new CloudRuntimeException(errMsg);
}
} catch (Exception e) {
String errMsg = "Failed to download template from Swift to secondary storage due to " + e.toString();
s_logger.warn(errMsg);

7
server/src/com/cloud/test/DatabaseConfig.java
View File

@ -57,7 +57,6 @@ import com.cloud.storage.DiskOfferingVO;
import com.cloud.storage.dao.DiskOfferingDaoImpl;
import com.cloud.utils.PropertiesUtil;
import com.cloud.utils.component.ComponentLocator;
import com.cloud.utils.crypt.DBEncryptionUtil;
import com.cloud.utils.db.DB;
import com.cloud.utils.db.Transaction;
import com.cloud.utils.net.NfsUtils;
@ -534,16 +533,16 @@ public class DatabaseConfig {
stmt.setLong(2, 1);
stmt.setString(3, "mount.path");
if (nfs) {
stmt.setString(4, DBEncryptionUtil.encrypt(mountPoint));
stmt.setString(4, mountPoint);
} else {
stmt.setString(4, DBEncryptionUtil.encrypt(url.replaceFirst("file:/", "")));
stmt.setString(4, url.replaceFirst("file:/", ""));
}
stmt.executeUpdate();
stmt.setLong(1, 3);
stmt.setLong(2, 1);
stmt.setString(3, "orig.url");
stmt.setString(4, DBEncryptionUtil.encrypt(url));
stmt.setString(4, url);
stmt.executeUpdate();
stmt = txn.prepareAutoCloseStatement(insertSql2);

4
server/src/com/cloud/upgrade/dao/Upgrade2214to30.java
View File

@ -324,7 +324,7 @@ public class Upgrade2214to30 implements DbUpgrade {
PreparedStatement pstmt = null;
ResultSet rs = null;
try {
pstmt = conn.prepareStatement("select name, value from configuration");
pstmt = conn.prepareStatement("select name, value from configuration where category = 'Hidden'");
rs = pstmt.executeQuery();
while (rs.next()) {
String name = rs.getString(1);
@ -360,7 +360,7 @@ public class Upgrade2214to30 implements DbUpgrade {
PreparedStatement pstmt = null;
ResultSet rs = null;
try {
pstmt = conn.prepareStatement("select id, value from host_details");
pstmt = conn.prepareStatement("select id, value from host_details where name = 'password'");
rs = pstmt.executeQuery();
while (rs.next()) {
long id = rs.getLong(1);

2
server/src/com/cloud/user/AccountManager.java
View File

@ -88,5 +88,7 @@ public interface AccountManager extends AccountService {
Pair<User, Account> findUserByApiKey(String apiKey);
boolean lockAccount(long accountId);
boolean enableAccount(long accountId);
}

15
server/src/com/cloud/user/AccountManagerImpl.java
View File

@ -83,6 +83,7 @@ import com.cloud.network.security.dao.SecurityGroupDao;
import com.cloud.network.vpn.RemoteAccessVpnService;
import com.cloud.projects.Project;
import com.cloud.projects.ProjectManager;
import com.cloud.projects.dao.ProjectAccountDao;
import com.cloud.projects.dao.ProjectDao;
import com.cloud.server.auth.UserAuthenticator;
import com.cloud.storage.StorageManager;
@ -194,6 +195,8 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
private AccountDetailsDao _accountDetailsDao;
@Inject
private DomainDao _domainDao;
@Inject
private ProjectAccountDao _projectAccountDao;
private Adapters<UserAuthenticator> _userAuthenticators;
@ -376,6 +379,7 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
return _userDao.update(Long.valueOf(userId), userForUpdate);
}
@Override
public boolean enableAccount(long accountId) {
boolean success = false;
AccountVO acctForUpdate = _accountDao.createForUpdate();
@ -962,6 +966,17 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
throw new PermissionDeniedException("Account id : " + accountId + " is a system account, delete is not allowed");
}
//Account that manages project(s) can't be removed
List<Long> managedProjectIds = _projectAccountDao.listAdministratedProjects(accountId);
if (!managedProjectIds.isEmpty()) {
StringBuilder projectIds = new StringBuilder();
for (Long projectId : managedProjectIds) {
projectIds.append(projectId + ", ");
}
throw new InvalidParameterValueException("The account id=" + accountId + " manages project(s) with ids " + projectIds + "and can't be removed");
}
return deleteAccount(account, callerUserId, caller);
}

210
server/src/com/cloud/vm/UserVmManagerImpl.java
View File

@ -18,6 +18,7 @@
package com.cloud.vm;
import java.util.ArrayList;
import com.cloud.network.rules.FirewallRule;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
@ -135,10 +136,13 @@ import com.cloud.network.element.UserDataServiceProvider;
import com.cloud.network.lb.LoadBalancingRulesManager;
import com.cloud.network.router.VirtualNetworkApplianceManager;
import com.cloud.network.rules.FirewallManager;
import com.cloud.network.rules.FirewallRuleVO;
import com.cloud.network.rules.RulesManager;
import com.cloud.network.security.SecurityGroup;
import com.cloud.network.security.SecurityGroupManager;
import com.cloud.network.security.SecurityGroupVMMapVO;
import com.cloud.network.security.dao.SecurityGroupDao;
import com.cloud.network.security.dao.SecurityGroupVMMapDao;
import com.cloud.offering.NetworkOffering;
import com.cloud.offering.NetworkOffering.Availability;
import com.cloud.offering.ServiceOffering;
@ -236,8 +240,6 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
@Inject
protected HostDao _hostDao = null;
@Inject
protected HostDetailsDao _detailsDao = null;
@Inject
protected DomainRouterDao _routerDao = null;
@Inject
protected ServiceOfferingDao _offeringDao = null;
@ -359,6 +361,8 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
protected ResourceManager _resourceMgr;
@Inject
protected NetworkServiceMapDao _ntwkSrvcDao;
@Inject
SecurityGroupVMMapDao _securityGroupVMMapDao;
protected ScheduledExecutorService _executor = null;
protected int _expungeInterval;
@ -1287,19 +1291,13 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
@Override
@ActionEvent(eventType = EventTypes.EVENT_TEMPLATE_CREATE, eventDescription = "creating template", create = true)
public VMTemplateVO createPrivateTemplateRecord(CreateTemplateCmd cmd) throws ResourceAllocationException {
public VMTemplateVO createPrivateTemplateRecord(CreateTemplateCmd cmd, Account templateOwner) throws ResourceAllocationException {
Long userId = UserContext.current().getCallerUserId();
Account caller = UserContext.current().getCaller();
boolean isAdmin = ((caller == null) || isAdmin(caller.getType()));
boolean isAdmin = (isAdmin(caller.getType()));
VMTemplateVO privateTemplate = null;
UserVO user = _userDao.findById(userId);
if (user == null) {
throw new InvalidParameterValueException("User " + userId + " does not exist");
}
_accountMgr.checkAccess(caller, null, templateOwner);
String name = cmd.getTemplateName();
if ((name == null) || (name.length() > 32)) {
@ -1307,7 +1305,7 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
}
if(cmd.getTemplateTag() != null){
if(!_accountService.isRootAdmin(caller.getType())){
if (!_accountService.isRootAdmin(caller.getType())){
throw new PermissionDeniedException("Parameter templatetag can only be specified by a Root Admin, permission denied");
}
}
@ -1338,10 +1336,9 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
throw new InvalidParameterValueException("Failed to create private template record, please specify only one of volume ID (" + volumeId + ") and snapshot ID (" + snapshotId + ")");
}
long domainId;
long accountId;
HypervisorType hyperType;
VolumeVO volume = null;
VMTemplateVO privateTemplate = null;
if (volumeId != null) { // create template from volume
volume = _volsDao.findById(volumeId);
if (volume == null) {
@ -1359,17 +1356,15 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
}
throw new CloudRuntimeException(msg);
}
domainId = volume.getDomainId();
accountId = volume.getAccountId();
hyperType = _volsDao.getHypervisorType(volumeId);
} else { // create template from snapshot
SnapshotVO snapshot = _snapshotDao.findById(snapshotId);
volume = _volsDao.findById(snapshot.getVolumeId());
VolumeVO snapshotVolume = _volsDao.findByIdIncludingRemoved(snapshot.getVolumeId());
if (snapshot == null) {
throw new InvalidParameterValueException("Failed to create private template record, unable to find snapshot " + snapshotId);
}
volume = _volsDao.findById(snapshot.getVolumeId());
VolumeVO snapshotVolume = _volsDao.findByIdIncludingRemoved(snapshot.getVolumeId());
//check permissions
_accountMgr.checkAccess(caller, null, snapshot);
@ -1383,13 +1378,10 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
throw new UnsupportedServiceException("operation not supported, snapshot with id " + snapshotId + " is created from Data Disk");
}
domainId = snapshot.getDomainId();
accountId = snapshot.getAccountId();
hyperType = snapshot.getHypervisorType();
}
AccountVO ownerAccount = _accountDao.findById(accountId);
_resourceLimitMgr.checkResourceLimit(ownerAccount, ResourceType.template);
_resourceLimitMgr.checkResourceLimit(templateOwner, ResourceType.template);
if (!isAdmin || featured == null) {
featured = Boolean.FALSE;
@ -1421,7 +1413,7 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
s_logger.debug("Adding template tag: "+templateTag);
}
}
privateTemplate = new VMTemplateVO(nextTemplateId, uniqueName, name, ImageFormat.RAW, isPublic, featured, isExtractable, TemplateType.USER, null, null, requiresHvmValue, bitsValue, accountId,
privateTemplate = new VMTemplateVO(nextTemplateId, uniqueName, name, ImageFormat.RAW, isPublic, featured, isExtractable, TemplateType.USER, null, null, requiresHvmValue, bitsValue, templateOwner.getId(),
null, description, passwordEnabledValue, guestOS.getId(), true, hyperType, templateTag, cmd.getDetails());
if(sourceTemplateId != null){
if(s_logger.isDebugEnabled()){
@ -1437,7 +1429,7 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
_templateDetailsDao.persist(template.getId(), cmd.getDetails());
}
_resourceLimitMgr.incrementResourceCount(accountId, ResourceType.template);
_resourceLimitMgr.incrementResourceCount(templateOwner.getId(), ResourceType.template);
}
if (template != null){
@ -2206,7 +2198,7 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
// Verify that caller can perform actions in behalf of vm owner
_accountMgr.checkAccess(caller, null, owner);
if (networkIdList == null || networkIdList.isEmpty()) {
NetworkVO defaultNetwork = null;
@ -3349,7 +3341,7 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
Account oldAccount = _accountService.getActiveAccountById(vm.getAccountId());
if (oldAccount == null) {
throw new InvalidParameterValueException("Invalid account for VM " + vm.getAccountId() + " in domain " + oldAccount.getDomainId());
throw new InvalidParameterValueException("Invalid account for VM " + vm.getAccountId() + " in domain.");
}
//don't allow to move the vm from the project
if (oldAccount.getType() == Account.ACCOUNT_TYPE_PROJECT) {
@ -3364,7 +3356,35 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
throw new InvalidParameterValueException("The new account owner " + cmd.getAccountName() + " is disabled.");
}
//don't allow to move the vm if it's assigned to Isolated
// don't allow to move the vm if there are existing PF/LB/Static Nat rules, existing Security groups or vm is assigned to static Nat ip
IPAddressVO ip = _ipAddressDao.findByAssociatedVmId(cmd.getVmId());
if (ip != null){
List<FirewallRuleVO> firewall_rules = _rulesDao.listByIpAndPurposeAndNotRevoked(ip.getId(), FirewallRule.Purpose.Firewall);
if (firewall_rules.size() > 0){
throw new InvalidParameterValueException("Remove the Firewall rules for this VM before assigning to another user.");
}
List<FirewallRuleVO> lb_rules = _rulesDao.listByIpAndPurposeAndNotRevoked(ip.getId(), FirewallRule.Purpose.LoadBalancing);
if (lb_rules.size() > 0){
throw new InvalidParameterValueException("Remove the LoadBalancing rules for this VM before assigning to another user.");
}
List<FirewallRuleVO> nat_rules = _rulesDao.listByIpAndPurposeAndNotRevoked(ip.getId(), FirewallRule.Purpose.StaticNat);
if (nat_rules.size() > 0){
throw new InvalidParameterValueException("Remove the StaticNat rules for this VM before assigning to another user.");
}
List<FirewallRuleVO> vpn_rules = _rulesDao.listByIpAndPurposeAndNotRevoked(ip.getId(), FirewallRule.Purpose.Vpn);
if (vpn_rules.size() > 0){
throw new InvalidParameterValueException("Remove the Vpn rules for this VM before assigning to another user.");
}
List<SecurityGroupVMMapVO> securityGroupsToVmMap = _securityGroupVMMapDao.listByInstanceId(cmd.getVmId());
if (securityGroupsToVmMap.size() > 0){
throw new InvalidParameterValueException("Remove the VM from security groups before assigning to another user.");
}
}
DataCenterVO zone = _dcDao.findById(vm.getDataCenterIdToDeployIn());
//Remove vm from instance group
removeInstanceFromInstanceGroup(cmd.getVmId());
//VV 2: check if account/domain is with in resource limits to create a new vm
_resourceLimitMgr.checkResourceLimit(newAccount, ResourceType.user_vm);
@ -3380,12 +3400,6 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
DomainVO domain = _domainDao.findById(cmd.getDomainId());
_accountMgr.checkAccess(newAccount, domain);
DataCenterVO zone = _dcDao.findById(vm.getDataCenterIdToDeployIn());
//check is zone networking is advanced
//if (zone.getNetworkType() != NetworkType.Advanced) {
// throw new InvalidParameterValueException("Assing virtual machine to another account is only available for advanced networking " + vm);
//}
VMInstanceVO vmoi = _itMgr.findByIdAndType(vm.getType(), vm.getId());
VirtualMachineProfileImpl<VMInstanceVO> vmOldProfile = new VirtualMachineProfileImpl<VMInstanceVO>(vmoi);
@ -3400,14 +3414,17 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
// OWNERSHIP STEP 1: update the vm owner
vm.setAccountId(newAccount.getAccountId());
vm.setDomainId(cmd.getDomainId());
_vmDao.persist(vm);
// OS 2: update volume
List<VolumeVO> volumes = _volsDao.findByInstance(cmd.getVmId());
for (VolumeVO volume : volumes) {
_usageEventDao.persist(new UsageEventVO(EventTypes.EVENT_VOLUME_DELETE, volume.getAccountId(), volume.getDataCenterId(), volume.getId(), volume.getName()));
_resourceLimitMgr.decrementResourceCount(oldAccount.getAccountId(), ResourceType.volume, Long.valueOf(volumes.size()));
volume.setAccountId(newAccount.getAccountId());
_volsDao.persist(volume);
_resourceLimitMgr.incrementResourceCount(newAccount.getAccountId(), ResourceType.volume, Long.valueOf(volumes.size()));
_usageEventDao.persist(new UsageEventVO(EventTypes.EVENT_VOLUME_CREATE, volume.getAccountId(), volume.getDataCenterId(), volume.getId(), volume.getName()));
}
_resourceLimitMgr.incrementResourceCount(newAccount.getAccountId(), ResourceType.user_vm);
@ -3418,57 +3435,100 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
txn.commit();
// OS 3: update the network
if (zone.getNetworkType() == NetworkType.Advanced) {
//cleanup the network for the oldOwner
_networkMgr.cleanupNics(vmOldProfile);
_networkMgr.expungeNics(vmOldProfile);
List<Long> networkIdList = cmd.getNetworkIds();
if (zone.getNetworkType() == NetworkType.Basic) {
//security groups will be recreated for the new account, when the VM is started
} else {
if (zone.isSecurityGroupEnabled()) {
throw new InvalidParameterValueException("not yet tested for SecurityGroupEnabled advanced networks.");
} else {
//cleanup the network for the oldOwner
_networkMgr.cleanupNics(vmOldProfile);
_networkMgr.expungeNics(vmOldProfile);
// add the new nics
List<NetworkVO> networkList = new ArrayList<NetworkVO>();
NetworkVO defaultNetwork = null;
// add the new nics
List<NetworkVO> networkList = new ArrayList<NetworkVO>();
NetworkVO defaultNetwork = null;
List<NetworkVO> oldNetworks = new ArrayList<NetworkVO>();
List<NetworkVO> zoneNetworks = _networkDao.listByZone(zone.getId());
for (NetworkVO network : zoneNetworks) { // get the default networks for the account
NetworkOfferingVO no = _networkOfferingDao.findById(network.getNetworkOfferingId());
if (!no.isSystemOnly()) {
if (network.getGuestType() == Network.GuestType.Shared || !_networkDao.listBy(oldAccount.getId(), network.getId()).isEmpty()) {
oldNetworks.add(network);
List<NetworkVO> applicableNetworks = new ArrayList<NetworkVO>();
// create the default network
List<NetworkVO> zoneNetworks = _networkDao.listByZone(zone.getId()); // get the default networks for the account
for (NetworkVO network : zoneNetworks) {
NetworkOfferingVO no = _networkOfferingDao.findById(network.getNetworkOfferingId());
if (!no.isSystemOnly()) {
if (network.getGuestType() == Network.GuestType.Shared || !_networkDao.listBy(oldAccount.getId(), network.getId()).isEmpty()) {
applicableNetworks.add(network);
}
}
}
}
for (NetworkVO oldNet: oldNetworks){
long networkOffering = oldNet.getNetworkOfferingId();
PhysicalNetwork physicalNetwork = _networkMgr.translateZoneIdToPhysicalNetwork(zone.getId());
List<NetworkVO> virtualNetworks = _networkMgr.listNetworksForAccount(newAccount.getId(), zone.getId(), Network.GuestType.Isolated);
if (virtualNetworks.isEmpty()) {
Network newNetwork = _networkMgr.createGuestNetwork(networkOffering, newAccount.getAccountName() + "-network", newAccount.getAccountName() + "-network", null, null,
null, null, newAccount, false, null, physicalNetwork, zone.getId(), ACLType.Account, null);
defaultNetwork = _networkDao.findById(newNetwork.getId());
} else if (virtualNetworks.size() > 1) {
throw new InvalidParameterValueException("More than 1 default Virtaul networks are found for account " + newAccount + "; please specify networkIds");
} else {
defaultNetwork = virtualNetworks.get(0);
if (networkIdList != null && !networkIdList.isEmpty()){
// add any additional networks
for (Long networkId : networkIdList) {
NetworkVO network = _networkDao.findById(networkId);
if (network == null) {
throw new InvalidParameterValueException("Unable to find network by id " + networkIdList.get(0).longValue());
}
// Perform account permission check
if (network.getGuestType() != Network.GuestType.Shared) {
List<NetworkVO> networkMap = _networkDao.listBy(newAccount.getId(), network.getId());
if (networkMap == null || networkMap.isEmpty()) {
throw new PermissionDeniedException("Unable to create a vm using network with id " + network.getId() + ", permission denied");
}
} else {
if (!_networkMgr.isNetworkAvailableInDomain(networkId, newAccount.getDomainId())) {
throw new PermissionDeniedException("Shared network id=" + networkId + " is not available in domain id=" + newAccount.getDomainId());
}
}
//don't allow to use system networks
NetworkOffering networkOffering = _configMgr.getNetworkOffering(network.getNetworkOfferingId());
if (networkOffering.isSystemOnly()) {
throw new InvalidParameterValueException("Network id=" + networkId + " is system only and can't be used for vm deployment");
}
applicableNetworks.add(network);
}
}
networkList.add(defaultNetwork);
List<Pair<NetworkVO, NicProfile>> networks = new ArrayList<Pair<NetworkVO, NicProfile>>();
for (NetworkVO network : networkList) {
networks.add(new Pair<NetworkVO, NicProfile>(network, null));
for (NetworkVO appNet: applicableNetworks){
long networkOffering = appNet.getNetworkOfferingId();
PhysicalNetwork physicalNetwork = _networkMgr.translateZoneIdToPhysicalNetwork(zone.getId());
List<NetworkVO> virtualNetworks = _networkMgr.listNetworksForAccount(newAccount.getId(), zone.getId(), Network.GuestType.Isolated);
if (virtualNetworks.isEmpty()) {
s_logger.debug("Creating network for account " + newAccount + " as a part of assignVM process");
Network newNetwork = _networkMgr.createGuestNetwork(networkOffering, newAccount.getAccountName() + "-network", newAccount.getAccountName() + "-network", null, null,
null, null, newAccount, false, null, physicalNetwork, zone.getId(), ACLType.Account, null);
defaultNetwork = _networkDao.findById(newNetwork.getId());
} else if (virtualNetworks.size() > 1) {
throw new InvalidParameterValueException("More than 1 default Virtaul networks are found for account " + newAccount + "; please specify networkIds");
} else {
defaultNetwork = virtualNetworks.get(0);
}
networkList.add(defaultNetwork);
List<Pair<NetworkVO, NicProfile>> networks = new ArrayList<Pair<NetworkVO, NicProfile>>();
int toggle=0;
for (NetworkVO network : networkList) {
NicProfile defaultNic = new NicProfile();
if (toggle==0){
defaultNic.setDefaultNic(true);
toggle++;
}
networks.add(new Pair<NetworkVO, NicProfile>(network, defaultNic));
}
VMInstanceVO vmi = _itMgr.findByIdAndType(vm.getType(), vm.getId());
VirtualMachineProfileImpl<VMInstanceVO> vmProfile = new VirtualMachineProfileImpl<VMInstanceVO>(vmi);
_networkMgr.allocate(vmProfile, networks);
}
VMInstanceVO vmi = _itMgr.findByIdAndType(vm.getType(), vm.getId());
VirtualMachineProfileImpl<VMInstanceVO> vmProfile = new VirtualMachineProfileImpl<VMInstanceVO>(vmi);
_networkMgr.allocate(vmProfile, networks);
}
}
} //END IF NON SEC GRP ENABLED
} // END IF ADVANCED
return vm;
}
@Override
public UserVm restoreVM(RestoreVMCmd cmd) {
// Input validation

2
server/src/com/cloud/vm/VirtualMachineManagerImpl.java
View File

@ -825,7 +825,7 @@ public class VirtualMachineManagerImpl implements VirtualMachineManager, Listene
}
} catch (Exception e) {
s_logger.error("Failed to start instance " + vm, e);
throw new AgentUnavailableException("Unable to start instance", destHostId, e);
throw new AgentUnavailableException("Unable to start instance due to " + e.getMessage(), destHostId, e);
} finally {
if (startedVm == null && canRetry) {
_workDao.updateStep(work, Step.Release);

2
server/test/com/cloud/vm/MockUserVmManagerImpl.java
View File

@ -260,7 +260,7 @@ public class MockUserVmManagerImpl implements UserVmManager, UserVmService, Mana
}
@Override
public VirtualMachineTemplate createPrivateTemplateRecord(CreateTemplateCmd cmd) throws ResourceAllocationException {
public VirtualMachineTemplate createPrivateTemplateRecord(CreateTemplateCmd cmd, Account templateOwner) throws ResourceAllocationException {
// TODO Auto-generated method stub
return null;
}

4
setup/db/create-schema-simulator.sql
View File

@ -103,7 +103,3 @@ CREATE TABLE `cloud`.`mocksecurityrules` (
INDEX `i_mocksecurityrules__vmid`(`vmid`),
INDEX `i_mocksecurityrules__hostid`(`hostid`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
-- Some alterations reqd for the simulator to work with a regular DB
ALTER TABLE `cloud`.`physical_network_traffic_types` ADD COLUMN `simulator_network_label` varchar(255) COMMENT 'The name labels needed for identifying the simulator'

2
setup/db/db/schema-21to22.sql
View File

@ -668,7 +668,7 @@ INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (127, 10,
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (128, 10, 'Ubuntu 9.04 (64-bit)');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (129, 10, 'Ubuntu 8.10 (64-bit)');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (130, 10, 'Ubuntu 8.04 (64-bit)');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (131, 10, 'Red Hat Enterprise Linux 2');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (131, 4, 'Red Hat Enterprise Linux 2');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (132, 2, 'Debian GNU/Linux 6(32-bit)');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (133, 2, 'Debian GNU/Linux 6(64-bit)');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (134, 3, 'Oracle Enterprise Linux 5.5 (32-bit)');

2
setup/db/db/schema-2214to30.sql
View File

@ -496,3 +496,5 @@ CREATE TABLE `cloud`.`op_user_stats_log` (
`updated` datetime COMMENT 'stats update timestamp',
UNIQUE KEY (`user_stats_id`, `updated`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
ALTER TABLE `cloud`.`physical_network_traffic_types` ADD COLUMN `simulator_network_label` varchar(255) COMMENT 'The name labels needed for identifying the simulator';

2
setup/db/templates.simulator.sql
View File

@ -161,7 +161,7 @@ INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (127, 10,
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (128, 10, 'Ubuntu 9.04 (64-bit)');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (129, 10, 'Ubuntu 8.10 (64-bit)');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (130, 10, 'Ubuntu 8.04 (64-bit)');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (131, 10, 'Red Hat Enterprise Linux 2');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (131, 4, 'Red Hat Enterprise Linux 2');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (132, 2, 'Debian GNU/Linux 6(32-bit)');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (133, 2, 'Debian GNU/Linux 6(64-bit)');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (134, 3, 'Oracle Enterprise Linux 5.5 (32-bit)');

2
setup/db/templates.sql
View File

@ -159,7 +159,7 @@ INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (127, 10,
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (128, 10, 'Ubuntu 9.04 (64-bit)');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (129, 10, 'Ubuntu 8.10 (64-bit)');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (130, 10, 'Ubuntu 8.04 (64-bit)');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (131, 10, 'Red Hat Enterprise Linux 2');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (131, 4, 'Red Hat Enterprise Linux 2');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (132, 2, 'Debian GNU/Linux 6(32-bit)');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (133, 2, 'Debian GNU/Linux 6(64-bit)');
INSERT INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (134, 3, 'Oracle Enterprise Linux 5.5 (32-bit)');

2
tools/testClient/deployDataCenter.py
View File

@ -142,6 +142,8 @@ class deployDataCenters():
self.createVlanIpRanges("Advanced", ipranges, zoneId, networkId=networkId)
def configureProviders(self, providers, zoneid, networktype):
if providers == None:
return
for prov in providers:
pnets = listPhysicalNetworks.listPhysicalNetworksCmd()
pnets.zoneid = zoneid

18
tools/testClient/sandbox/advanced/xen.properties
View File

@ -15,22 +15,22 @@ check.pod.cidrs=true
secstorage.allowed.internal.sites=10.147.28.0/24
[environment]
dns=10.147.28.6
mshost=localhost
mshost=10.147.29.110
database=localhost
hypervisor=XenServer
[cloudstack]
guest.vlan=675-679
guest.vlan=670-674
#pod configuration
private.gateway=10.147.29.1
private.pod.startip=10.147.29.150
private.pod.endip=10.147.29.159
private.pod.startip=10.147.29.140
private.pod.endip=10.147.29.149
#public vlan range
public.gateway=10.147.31.1
public.vlan=31
public.vlan.startip=10.147.31.150
public.vlan.endip=10.147.31.159
public.vlan.startip=10.147.31.140
public.vlan.endip=10.147.31.149
#hosts
host=10.147.29.57
host=10.147.29.56
#pools
pool=nfs://10.147.28.6:/export/home/prasanna/budhgaya
secondary=nfs://10.147.28.6:/export/home/prasanna/sstor
pool=nfs://10.147.28.6:/export/home/prasanna/taxila
secondary=nfs://10.147.28.6:/export/home/prasanna/secondary

113
tools/testClient/sandbox/simulator/setup.py
View File

@ -8,106 +8,87 @@
############################################################
'''
from ConfigParser import SafeConfigParser
from optparse import OptionParser
from configGenerator import *
import random
def getGlobalSettings():
global_settings = {'expunge.delay': '60',
'expunge.interval': '60',
'expunge.workers': '3',
'workers': '10',
'use.user.concentrated.pod.allocation': 'false',
'vm.allocation.algorithm': 'random',
'vm.op.wait.interval': '5',
'guest.domain.suffix': 'sandbox.simulator',
'instance.name': 'SIMQA',
'direct.agent.load.size': '1000',
'default.page.size': '10000',
'linkLocalIp.nums': '10',
'check.pod.cidrs': 'false',
}
for k, v in global_settings.iteritems():
def getGlobalSettings(config):
for k, v in dict(config.items('globals')).iteritems():
cfg = configuration()
cfg.name = k
cfg.value = v
yield cfg
def describeResources(dbnode='localhost', mshost='localhost'):
def describeResources(config):
zs = cloudstackConfiguration()
numberofpods = 1
clustersPerPod = 10
hostsPerCluster = 2
z = zone()
z.dns1 = '4.2.2.2'
z.dns2 = '10.223.110.254'
z.internaldns1 = '10.147.28.6'
z.internaldns2 = '10.223.110.254'
z.name = 'Sandbox-Simulator'
z.dns1 = config.get('environment', 'dns')
z.internaldns1 = config.get('environment', 'dns')
z.name = 'Sandbox-%s'%(config.get('environment', 'hypervisor'))
z.networktype = 'Advanced'
z.guestcidraddress = '10.1.1.0/24'
z.vlan='100-300'
prov = provider()
prov.vlan = config.get('cloudstack','guest.vlan')
z.providers.append(prov)
p = pod()
p.name = 'POD0'
p.gateway = '172.1.1.1'
p.startip = '172.1.1.2'
p.endip = '172.1.1.200'
p.gateway = config.get('cloudstack', 'private.gateway')
p.startip = config.get('cloudstack', 'private.pod.startip')
p.endip = config.get('cloudstack', 'private.pod.endip')
p.netmask = '255.255.255.0'
v = iprange()
v.vlan = '30'
v.gateway = '172.1.2.1'
v.startip = '172.1.2.2'
v.endip = '172.1.2.200'
v.gateway = config.get('cloudstack', 'public.gateway')
v.startip = config.get('cloudstack', 'public.vlan.startip')
v.endip = config.get('cloudstack', 'public.vlan.endip')
v.netmask = '255.255.255.0'
v.vlan = config.get('cloudstack', 'public.vlan')
z.ipranges.append(v)
curhost = 1
for i in range(1, clustersPerPod + 1):
c = cluster()
c.clustername = 'POD1-CLUSTER' + str(i)
c.hypervisor = 'Simulator'
c.clustertype = 'CloudManaged'
c = cluster()
c.clustername = 'C0'
c.hypervisor = config.get('environment', 'hypervisor')
c.clustertype = 'CloudManaged'
for j in range(1, hostsPerCluster + 1):
h = host()
h.username = 'root'
h.password = 'password'
h.url = 'http://sim/test-%d'%(curhost)
c.hosts.append(h)
curhost = curhost + 1
h = host()
h.username = 'root'
h.password = 'password'
h.url = 'http://%s'%(config.get('cloudstack', 'host'))
c.hosts.append(h)
ps = primaryStorage()
ps.name = 'spool'+str(i)
ps.url = 'nfs://172.16.24.32/export/path/'+str(i)
c.primaryStorages.append(ps)
p.clusters.append(c)
ps = primaryStorage()
ps.name = 'PS0'
ps.url = config.get('cloudstack', 'pool')
c.primaryStorages.append(ps)
p.clusters.append(c)
z.pods.append(p)
secondary = secondaryStorage()
secondary.url = 'nfs://172.16.25.32/secondary/path'
z.pods.append(p)
z.ipranges.append(v)
secondary.url = config.get('cloudstack', 'secondary')
z.secondaryStorages.append(secondary)
'''Add zone'''
zs.zones.append(z)
'''Add mgt server'''
mgt = managementServer()
mgt.mgtSvrIp = mshost
mgt.mgtSvrIp = config.get('environment', 'mshost')
zs.mgtSvr.append(mgt)
'''Add a database'''
db = dbServer()
db.dbSvr = opts.dbnode
db.dbSvr = config.get('environment', 'database')
zs.dbSvr = db
'''Add some configuration'''
[zs.globalConfig.append(cfg) for cfg in getGlobalSettings()]
[zs.globalConfig.append(cfg) for cfg in getGlobalSettings(config)]
''''add loggers'''
testClientLogger = logger()
@ -125,10 +106,16 @@ def describeResources(dbnode='localhost', mshost='localhost'):
if __name__ == '__main__':
parser = OptionParser()
parser.add_option('-o', '--output', action='store', default='./sandbox.cfg', dest='output', help='the path where the json config file generated')
parser.add_option('-d', '--dbnode', dest='dbnode', help='hostname/ip of the database node', action='store')
parser.add_option('-m', '--mshost', dest='mshost', help='hostname/ip of management server', action='store')
parser.add_option('-i', '--input', action='store', default='setup.properties', \
dest='input', help='file containing environment setup information')
parser.add_option('-o', '--output', action='store', default='./sandbox.cfg', \
dest='output', help='path where environment json will be generated')
(opts, args) = parser.parse_args()
cfg = describeResources(opts.dbnode, opts.mshost)
cfg_parser = SafeConfigParser()
cfg_parser.read(opts.input)
cfg = describeResources(cfg_parser)
generate_setup_config(cfg, opts.output)

5
tools/testClient/sandbox/simulator/tests/testProvision.py
View File

@ -1,9 +1,4 @@
#!/usr/bin/env python
try:
import unittest2 as unittest
except ImportError:
import unittest
import random
import hashlib
from cloudstackTestCase import *

69
ui/css/cloudstack3.css
View File

@ -6666,6 +6666,70 @@ div.panel.ui-dialog div.list-view div.fixed-header {
left: 0;
}
/*** Resource management*/
.project-dashboard .resources {
}
.project-dashboard .resources form {
background: #FFFFFF;
width: 87%;
/*+border-radius:11px;*/
-moz-border-radius: 11px;
-webkit-border-radius: 11px;
-khtml-border-radius: 11px;
border-radius: 11px 11px 11px 11px;
padding: 26px;
margin-top: 17px;
margin-left: 22px;
/*+box-shadow:inset 0px 3px 4px #979797;*/
-moz-box-shadow: inset 0px 3px 4px #979797;
-webkit-box-shadow: inset 0px 3px 4px #979797;
-o-box-shadow: inset 0px 3px 4px #979797;
box-shadow: inset 0px 3px 4px #979797;
display: inline-block;
}
.project-dashboard .resources form .field {
width: 100%;
float: left;
clear: both;
margin: auto auto 30px;
}
.project-dashboard .resources form label {
float: left;
}
.project-dashboard .resources form input[type=text] {
float: right;
width: 176px;
font-size: 16px;
margin: 0 287px 0 0;
/*+border-radius:4px;*/
-moz-border-radius: 4px;
-webkit-border-radius: 4px;
-khtml-border-radius: 4px;
border-radius: 4px 4px 4px 4px;
border: 1px solid #C6C6C6;
padding: 6px;
}
.project-dashboard .resources form input[type=submit] {
display: block;
border: none;
background: transparent url(../images/bg-gradients.png) 0px -220px;
float: left;
padding: 9px 20px;
cursor: pointer;
color: #FFFFFF;
/*+border-radius:4px;*/
-moz-border-radius: 4px;
-webkit-border-radius: 4px;
-khtml-border-radius: 4px;
border-radius: 4px 4px 4px 4px;
clear: both;
}
/*** Dashboard*/
.project-dashboard .toolbar {
position: relative;
@ -6837,6 +6901,8 @@ div.panel.ui-dialog div.list-view div.fixed-header {
.info-boxes .info-box.events {
margin-top: 4px;
min-height: 100px;
width: 228px;
}
.info-boxes .info-box.events ul {
@ -6854,7 +6920,7 @@ div.panel.ui-dialog div.list-view div.fixed-header {
.info-boxes .info-box ul li {
width: 224px;
margin: 0 2px 0 0;
height: 36px;
display: inline-block;
border-bottom: 1px solid #BDD2DF;
border-top: 1px solid #FFFFFF;
}
@ -6895,6 +6961,7 @@ div.panel.ui-dialog div.list-view div.fixed-header {
position: relative;
left: 0px;
top: 2px;
float: left;
}
.info-boxes .info-box .title .button {

BIN
ui/images/bg-breadcrumb.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.0 KiB

After

Width:  |  Height:  |  Size: 2.8 KiB

BIN
ui/images/bg-breadcrumbs.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.2 KiB

After

Width:  |  Height:  |  Size: 3.0 KiB

BIN
ui/images/bg-nav-item-active.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1.0 KiB

After

Width:  |  Height:  |  Size: 2.8 KiB

Some files were not shown because too many files have changed in this diff Show More