etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://git-wip-us.apache.org/repos/asf/incubator-cloudstack

This commit is contained in:
Sebastien Goasguen 2013-02-08 22:36:26 +01:00
parent 795853d0b0 606fa9df70
commit 553f892954
42 changed files with 1918 additions and 436 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
INSTALL.md
View File

@ -51,19 +51,21 @@ Apache CloudStack uses some ports, make sure at least those used by the manageme
server are available and not blocked by any local firewall. Following ports are
used by Apache CloudStack and its entities:
8787: Apache CloudStack (Tomcat) debug socket
9090, 8250, 8080: Apache CloudStack Management Server, User/Client API
8096: User/Client to CloudStack Management Server (unauthenticated)
7080: AWS API Server
3306: MySQL Server
3922, 8250, 80/443, 111/2049, 53: Secondary Storage VM
3922, 8250, 53: Console Proxy VM
3922, 8250, 53: Virtual Router
8080: API Server (authenticated), browser or CLI client to management server
8096: API Server (unauthenticated), browser or CLI client to management server
8787: Remote java debug debugging port, from IDE to management server
9090: Management server to management server (cluster)
7080: AWS API Server to which an AWS client can connect
80/443: HTTP client to Secondary Storage VM (template download)
111/2049: Secondary Storage to NFS server
3922: Port used to ssh/scp into system vms (SSVM, CPVM, VR)
8250: Agent (SSVM, CPVM, VR) to management server
22, 80, 443: XenServer, XAPI
22: KVM
443: vCenter
DNS: 53
NFS: 111/2049
53: DNS
111/2049: NFS
3306: MySQL Server to which the management server connects
### Configuring MySQL Server
@ -93,8 +95,7 @@ For example, for master:
Clean and build:
$ mvn clean
$ mvn install
$ mvn clean install -P systemvm,developer
In case you want support for VMWare, SRX and other non-Apache (referred to as nonoss)
compliant libs, you may download the following jar artifacts from respective vendors:
@ -112,9 +113,9 @@ Install them to ~/.m2 so maven can get them as dependencies:
$ cd deps
$ ./install-non-oss.sh
And build them with the nonoss flag:
To build with nonoss components, use the build command with the nonoss flag:
$ mvn install -Dnonoss
$ mvn clean install -P systemvm,developer -Dnonoss
Clear old database (if any) and deploy the database schema:
@ -122,7 +123,7 @@ Clear old database (if any) and deploy the database schema:
Export the following variable if you need to run and debug the management server:
$ export MAVEN_OPTS="-Xmx1024m -Xdebug -Xrunjdwp:transport=dt_socket,address=8787,server=y,suspend=n"
$ export MAVEN_OPTS="-Xmx1024m -XX:MaxPermSize=500m -Xdebug -Xrunjdwp:transport=dt_socket,address=8787,server=y,suspend=n"
Start the management server:

2
api/src/org/apache/cloudstack/api/command/user/config/ListCapabilitiesCmd.java
View File

@ -52,6 +52,8 @@ public class ListCapabilitiesCmd extends BaseCmd {
response.setProjectInviteRequired((Boolean)capabilities.get("projectInviteRequired"));
response.setAllowUsersCreateProjects((Boolean)capabilities.get("allowusercreateprojects"));
response.setDiskOffMaxSize((Long)capabilities.get("customDiskOffMaxSize"));
response.setApiLimitInterval((Integer)capabilities.get("apiLimitInterval"));
response.setApiLimitMax((Integer)capabilities.get("apiLimitMax"));
response.setObjectName("capability");
response.setResponseName(getCommandName());
this.setResponseObject(response);

15
api/src/org/apache/cloudstack/api/response/CapabilitiesResponse.java
View File

@ -46,6 +46,12 @@ public class CapabilitiesResponse extends BaseResponse {
"create disk from disk offering with custom size")
private Long diskOffMaxSize;
@SerializedName("apilimitinterval") @Param(description="time interval (in seconds) to reset api count")
private Integer apiLimitInterval;
@SerializedName("apilimitmax") @Param(description="Max allowed number of api requests within the specified interval")
private Integer apiLimitMax;
public void setSecurityGroupsEnabled(boolean securityGroupsEnabled) {
this.securityGroupsEnabled = securityGroupsEnabled;
@ -75,4 +81,13 @@ public class CapabilitiesResponse extends BaseResponse {
this.diskOffMaxSize = diskOffMaxSize;
}
public void setApiLimitInterval(Integer apiLimitInterval) {
this.apiLimitInterval = apiLimitInterval;
}
public void setApiLimitMax(Integer apiLimitMax) {
this.apiLimitMax = apiLimitMax;
}
}

162
awsapi/src/com/cloud/bridge/service/EC2RestServlet.java
View File

@ -87,6 +87,7 @@ import com.amazon.ec2.DetachVolumeResponse;
import com.amazon.ec2.DisassociateAddressResponse;
import com.amazon.ec2.GetPasswordDataResponse;
import com.amazon.ec2.ImportKeyPairResponse;
import com.amazon.ec2.LaunchPermissionItemType;
import com.amazon.ec2.ModifyImageAttributeResponse;
import com.amazon.ec2.RebootInstancesResponse;
import com.amazon.ec2.RegisterImageResponse;
@ -104,14 +105,17 @@ import com.cloud.bridge.persist.dao.CloudStackUserDaoImpl;
import com.cloud.bridge.persist.dao.OfferingDaoImpl;
import com.cloud.bridge.persist.dao.UserCredentialsDaoImpl;
import com.cloud.bridge.service.controller.s3.ServiceProvider;
import com.cloud.bridge.service.core.ec2.EC2AddressFilterSet;
import com.cloud.bridge.service.core.ec2.EC2AssociateAddress;
import com.cloud.bridge.service.core.ec2.EC2AuthorizeRevokeSecurityGroup;
import com.cloud.bridge.service.core.ec2.EC2AvailabilityZonesFilterSet;
import com.cloud.bridge.service.core.ec2.EC2CreateImage;
import com.cloud.bridge.service.core.ec2.EC2CreateKeyPair;
import com.cloud.bridge.service.core.ec2.EC2CreateVolume;
import com.cloud.bridge.service.core.ec2.EC2DeleteKeyPair;
import com.cloud.bridge.service.core.ec2.EC2DescribeAddresses;
import com.cloud.bridge.service.core.ec2.EC2DescribeAvailabilityZones;
import com.cloud.bridge.service.core.ec2.EC2DescribeImageAttribute;
import com.cloud.bridge.service.core.ec2.EC2DescribeImages;
import com.cloud.bridge.service.core.ec2.EC2DescribeInstances;
import com.cloud.bridge.service.core.ec2.EC2DescribeKeyPairs;
@ -123,10 +127,13 @@ import com.cloud.bridge.service.core.ec2.EC2Engine;
import com.cloud.bridge.service.core.ec2.EC2Filter;
import com.cloud.bridge.service.core.ec2.EC2GroupFilterSet;
import com.cloud.bridge.service.core.ec2.EC2Image;
import com.cloud.bridge.service.core.ec2.EC2ImageAttributes.ImageAttribute;
import com.cloud.bridge.service.core.ec2.EC2ImageLaunchPermission;
import com.cloud.bridge.service.core.ec2.EC2ImportKeyPair;
import com.cloud.bridge.service.core.ec2.EC2InstanceFilterSet;
import com.cloud.bridge.service.core.ec2.EC2IpPermission;
import com.cloud.bridge.service.core.ec2.EC2KeyPairFilterSet;
import com.cloud.bridge.service.core.ec2.EC2ModifyImageAttribute;
import com.cloud.bridge.service.core.ec2.EC2RebootInstances;
import com.cloud.bridge.service.core.ec2.EC2RegisterImage;
import com.cloud.bridge.service.core.ec2.EC2ReleaseAddress;
@ -1021,38 +1028,105 @@ public class EC2RestServlet extends HttpServlet {
serializeResponse(response, EC2response);
}
private void modifyImageAttribute( HttpServletRequest request, HttpServletResponse response )
private void modifyImageAttribute( HttpServletRequest request, HttpServletResponse response )
throws ADBException, XMLStreamException, IOException {
EC2Image image = new EC2Image();
EC2ModifyImageAttribute ec2request = new EC2ModifyImageAttribute();
// -> its interesting to note that the SOAP API docs has description but the REST API docs do not
String[] imageId = request.getParameterValues( "ImageId" );
if ( null != imageId && 0 < imageId.length )
image.setId( imageId[0] );
else { response.sendError(530, "Missing ImageId parameter" ); return; }
String[] imageId = request.getParameterValues( "ImageId" );
if ( imageId != null && imageId.length > 0 )
ec2request.setImageId( imageId[0]);
else {
response.sendError(530, "Missing ImageId parameter" );
return;
}
String[] description = request.getParameterValues( "Description" );
if ( null != description && 0 < description.length )
image.setDescription( description[0] );
else { response.sendError(530, "Missing Description parameter" ); return; }
String[] description = request.getParameterValues( "Description.Value" );
if ( description != null && description.length > 0 ) {
ec2request.setAttribute(ImageAttribute.description);
ec2request.setDescription(description[0]);
} else {
//add all launch permissions to ec2request
ec2request = addLaunchPermImageAttribute(request, ec2request);
if (ec2request.getLaunchPermissionSet().length > 0)
ec2request.setAttribute(ImageAttribute.launchPermission);
else {
response.sendError(530, "Missing Attribute parameter - Description/LaunchPermission should be provided" );
return;
}
}
// -> execute the request
ModifyImageAttributeResponse EC2response = EC2SoapServiceImpl.toModifyImageAttributeResponse( ServiceProvider.getInstance().getEC2Engine().modifyImageAttribute( image ));
ModifyImageAttributeResponse EC2response = EC2SoapServiceImpl.toModifyImageAttributeResponse(
ServiceProvider.getInstance().getEC2Engine().modifyImageAttribute( ec2request ));
serializeResponse(response, EC2response);
}
private EC2ModifyImageAttribute addLaunchPermImageAttribute(HttpServletRequest request, EC2ModifyImageAttribute ec2request) {
String[] users = {".UserId", ".Group"};
String[] operations = {"LaunchPermission.Add.", "LaunchPermission.Remove."};
int nCount = 1;
for (int i = 0; i < 2; i++) {
for (int j = 0; j < 2; j++) {
List<String> launchPermissionList = new ArrayList<String>();
do {
String[] launchPermissionAddGroup = request.getParameterValues( operations[j] + nCount + users[i] );
if (launchPermissionAddGroup != null && launchPermissionAddGroup.length > 0)
launchPermissionList.add(launchPermissionAddGroup[0]);
else
break;
nCount++;
} while (true);
if (nCount != 1) {
EC2ImageLaunchPermission ec2LaunchPermission = new EC2ImageLaunchPermission();
if (operations[j].contains("Add"))
ec2LaunchPermission.setLaunchPermOp(EC2ImageLaunchPermission.Operation.add);
else
ec2LaunchPermission.setLaunchPermOp(EC2ImageLaunchPermission.Operation.remove);
for (String launchPerm : launchPermissionList) {
ec2LaunchPermission.addLaunchPermission(launchPerm);
}
ec2request.addLaunchPermission(ec2LaunchPermission);
nCount = 1;
}
}
}
return ec2request;
}
private void resetImageAttribute( HttpServletRequest request, HttpServletResponse response )
throws ADBException, XMLStreamException, IOException {
EC2Image image = new EC2Image();
EC2ModifyImageAttribute ec2request = new EC2ModifyImageAttribute();
String[] imageId = request.getParameterValues( "ImageId" );
if ( null != imageId && 0 < imageId.length )
image.setId( imageId[0] );
else { response.sendError(530, "Missing ImageId parameter" ); return; }
if ( imageId != null && imageId.length > 0)
ec2request.setImageId(imageId[0]);
else {
response.sendError(530, "Missing ImageId parameter" );
return;
}
String[] attribute = request.getParameterValues( "Attribute" );
if ( attribute != null && attribute.length > 0 ) {
if (attribute[0].equalsIgnoreCase("launchPermission"))
ec2request.setAttribute(ImageAttribute.launchPermission);
else {
response.sendError(501, "Unsupported Attribute - only launchPermission supported" );
return;
}
} else {
response.sendError(530, "Missing Attribute parameter" );
return;
}
EC2ImageLaunchPermission launchPermission = new EC2ImageLaunchPermission();
launchPermission.setLaunchPermOp(EC2ImageLaunchPermission.Operation.reset);
ec2request.addLaunchPermission(launchPermission);
// -> execute the request
image.setDescription( "" );
ResetImageAttributeResponse EC2response = EC2SoapServiceImpl.toResetImageAttributeResponse( ServiceProvider.getInstance().getEC2Engine().modifyImageAttribute( image ));
ResetImageAttributeResponse EC2response = EC2SoapServiceImpl.toResetImageAttributeResponse(
ServiceProvider.getInstance().getEC2Engine().modifyImageAttribute( ec2request ));
serializeResponse(response, EC2response);
}
@ -1214,6 +1288,17 @@ public class EC2RestServlet extends HttpServlet {
if (null != value && 0 < value.length) EC2request.addZone( value[0] );
}
}
// add filters
EC2Filter[] filterSet = extractFilters( request );
if ( filterSet != null ) {
EC2AvailabilityZonesFilterSet afs = new EC2AvailabilityZonesFilterSet();
for( int i=0; i < filterSet.length; i++ ) {
afs.addFilter(filterSet[i]);
}
EC2request.setFilterSet( afs );
}
// -> execute the request
DescribeAvailabilityZonesResponse EC2response = EC2SoapServiceImpl.toDescribeAvailabilityZonesResponse( ServiceProvider.getInstance().getEC2Engine().handleRequest( EC2request ));
serializeResponse(response, EC2response);
@ -1240,25 +1325,35 @@ public class EC2RestServlet extends HttpServlet {
private void describeImageAttribute( HttpServletRequest request, HttpServletResponse response )
throws ADBException, XMLStreamException, IOException {
EC2DescribeImages EC2request = new EC2DescribeImages();
EC2DescribeImageAttribute ec2request = new EC2DescribeImageAttribute();
// -> only works for queries about descriptions
String[] descriptions = request.getParameterValues( "Description" );
if ( null != descriptions && 0 < descriptions.length ) {
String[] value = request.getParameterValues( "ImageId" );
EC2request.addImageSet( value[0] );
}
String[] imageId = request.getParameterValues( "ImageId" );
if (imageId != null && imageId.length > 0)
ec2request.setImageId(imageId[0]);
else {
response.sendError(501, "Unsupported - only description supported" );
response.sendError(530, "Missing ImageId parameter");
return;
}
// -> execute the request
DescribeImageAttributeResponse EC2response = EC2SoapServiceImpl.toDescribeImageAttributeResponse( ServiceProvider.getInstance().getEC2Engine().describeImages( EC2request ));
String[] attribute = request.getParameterValues( "Attribute" );
if (attribute != null && attribute.length > 0) {
if (attribute[0].equalsIgnoreCase("description"))
ec2request.setAttribute(ImageAttribute.description);
else if (attribute[0].equalsIgnoreCase("launchPermission"))
ec2request.setAttribute(ImageAttribute.launchPermission);
else {
response.sendError(501, "Unsupported Attribute - description and launchPermission supported" );
return;
}
} else {
response.sendError(530, "Missing Attribute parameter");
return;
}
DescribeImageAttributeResponse EC2response = EC2SoapServiceImpl.toDescribeImageAttributeResponse( ServiceProvider.getInstance().getEC2Engine().describeImageAttribute( ec2request ));
serializeResponse(response, EC2response);
}
private void describeInstances( HttpServletRequest request, HttpServletResponse response )
throws ADBException, XMLStreamException, IOException
{
@ -1303,6 +1398,15 @@ public class EC2RestServlet extends HttpServlet {
if (null != value && 0 < value.length) ec2Request.addPublicIp( value[0] );
}
}
// add filters
EC2Filter[] filterSet = extractFilters( request );
if ( filterSet != null ) {
EC2AddressFilterSet afs = new EC2AddressFilterSet();
for ( int i=0; i < filterSet.length; i++ )
afs.addFilter( filterSet[i] );
ec2Request.setFilterSet( afs );
}
// -> execute the request
EC2Engine engine = ServiceProvider.getInstance().getEC2Engine();
serializeResponse(response, EC2SoapServiceImpl.toDescribeAddressesResponse( engine.describeAddresses( ec2Request)));

30
awsapi/src/com/cloud/bridge/service/EC2SoapServiceImpl.java
View File

@ -47,6 +47,7 @@ import com.cloud.bridge.service.core.ec2.EC2DescribeInstances;
import com.cloud.bridge.service.core.ec2.EC2DescribeInstancesResponse;
import com.cloud.bridge.service.core.ec2.EC2DescribeKeyPairs;
import com.cloud.bridge.service.core.ec2.EC2DescribeKeyPairsResponse;
import com.cloud.bridge.service.core.ec2.EC2ImageLaunchPermission;
import com.cloud.bridge.service.core.ec2.EC2ResourceTag;
import com.cloud.bridge.service.core.ec2.EC2DescribeSecurityGroups;
import com.cloud.bridge.service.core.ec2.EC2DescribeSecurityGroupsResponse;
@ -595,31 +596,32 @@ public class EC2SoapServiceImpl implements AmazonEC2SkeletonInterface {
request.setImageId(miat.getImageId());
request.setAttribute(ImageAttribute.launchPermission);
if(launchPermOp.getAdd() != null){
request.setLaunchPermOperation(EC2ModifyImageAttribute.Operation.add);
setAccountOrGroupList(launchPermOp.getAdd().getItem(), request);
setAccountOrGroupList(launchPermOp.getAdd().getItem(), request, "add");
}else if(launchPermOp.getRemove() != null){
request.setLaunchPermOperation(EC2ModifyImageAttribute.Operation.remove);
setAccountOrGroupList(launchPermOp.getRemove().getItem(), request);
setAccountOrGroupList(launchPermOp.getRemove().getItem(), request, "remove");
}
return toModifyImageAttributeResponse( engine.modifyImageAttribute( request ));
}
throw new EC2ServiceException( ClientError.Unsupported, "Unsupported - can only modify image description or launchPermission");
}
private void setAccountOrGroupList(LaunchPermissionItemType[] items, EC2ModifyImageAttribute request){
List<String> launchPermissionAccountsOrGroupList = new ArrayList<String>();
private void setAccountOrGroupList(LaunchPermissionItemType[] items, EC2ModifyImageAttribute request, String operation){
EC2ImageLaunchPermission launchPermission = new EC2ImageLaunchPermission();
if (operation.equalsIgnoreCase("add"))
launchPermission.setLaunchPermOp(EC2ImageLaunchPermission.Operation.add);
else
launchPermission.setLaunchPermOp(EC2ImageLaunchPermission.Operation.remove);
for (LaunchPermissionItemType lpItem : items) {
if(lpItem.getGroup() != null){
launchPermissionAccountsOrGroupList.add(lpItem.getGroup());
launchPermission.addLaunchPermission(lpItem.getGroup());
}else if(lpItem.getUserId() != null){
launchPermissionAccountsOrGroupList.add(lpItem.getUserId());
launchPermission.addLaunchPermission(lpItem.getUserId());
}
}
request.setLaunchPermissionAccountsOrGroupList(launchPermissionAccountsOrGroupList);
request.addLaunchPermission(launchPermission);
}
/**
* Did not find a matching service offering so for now we just return disabled
@ -702,7 +704,9 @@ public class EC2SoapServiceImpl implements AmazonEC2SkeletonInterface {
if(elementType != null){
request.setImageId( riat.getImageId());
request.setAttribute(ImageAttribute.launchPermission);
request.setLaunchPermOperation(EC2ModifyImageAttribute.Operation.reset);
EC2ImageLaunchPermission launchPermission = new EC2ImageLaunchPermission();
launchPermission.setLaunchPermOp(EC2ImageLaunchPermission.Operation.reset);
request.addLaunchPermission(launchPermission);
return toResetImageAttributeResponse( engine.modifyImageAttribute( request ));
}
throw new EC2ServiceException( ClientError.Unsupported, "Unsupported - can only reset image launchPermission" );

71
awsapi/src/com/cloud/bridge/service/core/ec2/EC2Engine.java
View File

@ -535,32 +535,6 @@ public class EC2Engine extends ManagerBase {
}
/** REST API calls this method.
* Modify an existing template
*
* @param request
* @return
*/
public boolean modifyImageAttribute( EC2Image request )
{
// TODO: This is incomplete
EC2DescribeImagesResponse images = new EC2DescribeImagesResponse();
try {
images = listTemplates( request.getId(), images );
EC2Image[] imageSet = images.getImageSet();
CloudStackTemplate resp = getApi().updateTemplate(request.getId(), null, request.getDescription(), null, imageSet[0].getName(), null, null);
if (resp != null) {
return true;
}
return false;
} catch( Exception e ) {
logger.error( "EC2 ModifyImage - ", e);
throw new EC2ServiceException(ServerError.InternalError, e.getMessage());
}
}
/**
* Modify an existing template
@ -572,32 +546,35 @@ public class EC2Engine extends ManagerBase {
{
try {
if(request.getAttribute().equals(ImageAttribute.launchPermission)){
String accounts = "";
Boolean isPublic = null;
EC2ModifyImageAttribute.Operation operation = request.getLaunchPermOperation();
List<String> accountOrGroupList = request.getLaunchPermissionAccountsList();
if(accountOrGroupList != null && !accountOrGroupList.isEmpty()){
boolean first = true;
for(String accountOrGroup : accountOrGroupList){
if("all".equalsIgnoreCase(accountOrGroup)){
if(operation.equals(EC2ModifyImageAttribute.Operation.add)){
isPublic = true;
EC2ImageLaunchPermission[] launchPermissions = request.getLaunchPermissionSet();
for (EC2ImageLaunchPermission launchPermission : launchPermissions) {
String accounts = "";
Boolean isPublic = null;
EC2ImageLaunchPermission.Operation operation = launchPermission.getLaunchPermOp();
List<String> accountOrGroupList = launchPermission.getLaunchPermissionList();
if(accountOrGroupList != null && !accountOrGroupList.isEmpty()){
boolean first = true;
for(String accountOrGroup : accountOrGroupList){
if("all".equalsIgnoreCase(accountOrGroup)){
if(operation.equals(EC2ImageLaunchPermission.Operation.add)){
isPublic = true;
}else{
isPublic = false;
}
}else{
isPublic = false;
if(!first){
accounts = accounts + ",";
}
accounts = accounts + accountOrGroup;
first = false;
}
}else{
if(!first){
accounts = accounts + ",";
}
accounts = accounts + accountOrGroup;
first = false;
}
}
CloudStackInfoResponse resp = getApi().updateTemplatePermissions(request.getImageId(), accounts, null, null, isPublic, operation.toString());
if (!resp.getSuccess())
return false;
}
CloudStackInfoResponse resp = getApi().updateTemplatePermissions(request.getImageId(), accounts, null, null, isPublic, operation.toString());
return resp.getSuccess();
return true;
}else if(request.getAttribute().equals(ImageAttribute.description)){
CloudStackTemplate resp = getApi().updateTemplate(request.getImageId(), null, request.getDescription(), null, null, null, null);
if (resp != null) {

53
awsapi/src/com/cloud/bridge/service/core/ec2/EC2ImageLaunchPermission.java Normal file
View File

@ -0,0 +1,53 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package com.cloud.bridge.service.core.ec2;
import java.util.ArrayList;
import java.util.List;
public class EC2ImageLaunchPermission {
private Operation launchPermOperation;
public enum Operation{
add,
remove,
reset;
}
private List<String> launchPermissionList = new ArrayList<String>();
public EC2ImageLaunchPermission() {
launchPermOperation = null;
}
public void addLaunchPermission(String launchPermission) {
launchPermissionList.add(launchPermission);
}
public List<String> getLaunchPermissionList() {
return launchPermissionList;
}
public void setLaunchPermOp( Operation launchPermOperation ) {
this.launchPermOperation = launchPermOperation;
}
public Operation getLaunchPermOp() {
return this.launchPermOperation;
}
}

39
awsapi/src/com/cloud/bridge/service/core/ec2/EC2ModifyImageAttribute.java
View File

@ -16,7 +16,7 @@
// under the License.
package com.cloud.bridge.service.core.ec2;
import java.util.ArrayList;
import java.util.List;
import com.cloud.bridge.service.core.ec2.EC2ImageAttributes.ImageAttribute;
@ -28,15 +28,7 @@ public class EC2ModifyImageAttribute {
private String description;
private Boolean isPublic = null;
private Operation launchPermOperation = null;
public enum Operation{
add,
remove,
reset;
}
private List<String> launchPermissionAccountsOrGroupList;
private List<EC2ImageLaunchPermission> launchPermissionList = new ArrayList<EC2ImageLaunchPermission>();
public EC2ModifyImageAttribute() {
}
@ -65,31 +57,20 @@ public class EC2ModifyImageAttribute {
return this.description;
}
public void setLaunchPermissionAccountsOrGroupList(List<String> launchPermissionAccountsOrGroupList) {
this.launchPermissionAccountsOrGroupList = launchPermissionAccountsOrGroupList;
}
public List<String> getLaunchPermissionAccountsList() {
return launchPermissionAccountsOrGroupList;
}
public void setLaunchPermOperation( Operation launchPermOperation ) {
this.launchPermOperation = launchPermOperation;
}
public Operation getLaunchPermOperation() {
return this.launchPermOperation;
}
public void setIsPublic(Boolean isPublic) {
this.isPublic = isPublic;
}
public Boolean getIsPublic() {
return isPublic;
}
public void addLaunchPermission( EC2ImageLaunchPermission param ) {
launchPermissionList.add( param );
}
public EC2ImageLaunchPermission[] getLaunchPermissionSet() {
return launchPermissionList.toArray(new EC2ImageLaunchPermission[0]);
}
}

7
client/tomcatconf/componentContext.xml.in
View File

@ -52,9 +52,8 @@
<bean id="randomlyIncreasingVMInstanceDaoImpl" class="com.cloud.vm.dao.RandomlyIncreasingVMInstanceDaoImpl" />
<bean id="ipv6AddressManagerImpl" class="com.cloud.network.Ipv6AddressManagerImpl" />
<bean id="ApiRateLimitService" class="org.apache.cloudstack.ratelimit.ApiRateLimitServiceImpl">
<property name="name" value="ApiRateLimitService"/>
</bean>
<bean id="apiRateLimitServiceImpl" class="org.apache.cloudstack.ratelimit.ApiRateLimitServiceImpl"/>
<!--
Network Elements
@ -116,8 +115,6 @@
<bean id="StaticRoleBasedAPIAccessChecker" class="org.apache.cloudstack.acl.StaticRoleBasedAPIAccessChecker"/>
<bean id="ApiRateLimitServiceImpl" class="org.apache.cloudstack.ratelimit.ApiRateLimitServiceImpl"/>
<bean id="ExteralIpAddressAllocator" class="com.cloud.network.ExteralIpAddressAllocator">
<property name="name" value="Basic"/>
</bean>

7
client/tomcatconf/nonossComponentContext.xml.in
View File

@ -52,9 +52,8 @@
<bean id="randomlyIncreasingVMInstanceDaoImpl" class="com.cloud.vm.dao.RandomlyIncreasingVMInstanceDaoImpl" />
<bean id="ipv6AddressManagerImpl" class="com.cloud.network.Ipv6AddressManagerImpl" />
<bean id="ApiRateLimitService" class="org.apache.cloudstack.ratelimit.ApiRateLimitServiceImpl">
<property name="name" value="ApiRateLimitService"/>
</bean>
<bean id="apiRateLimitServiceImpl" class="org.apache.cloudstack.ratelimit.ApiRateLimitServiceImpl"/>
<!-- bean id="bareMetalVmManagerImpl" class="com.cloud.baremetal.BareMetalVmManagerImpl" / -->
<bean id="VmwareManager" class="com.cloud.hypervisor.vmware.manager.VmwareManagerImpl"/>
@ -125,8 +124,6 @@
<bean id="StaticRoleBasedAPIAccessChecker" class="org.apache.cloudstack.acl.StaticRoleBasedAPIAccessChecker"/>
<bean id="ApiRateLimitServiceImpl" class="org.apache.cloudstack.ratelimit.ApiRateLimitServiceImpl"/>
<bean id="ExteralIpAddressAllocator" class="com.cloud.network.ExteralIpAddressAllocator">
<property name="name" value="Basic"/>
</bean>

2
docs/en-US/hypervisor-host-install-libvirt.xml
View File

@ -31,7 +31,7 @@
<para>Set the following paramaters:</para>
<programlisting>listen_tls = 0</programlisting>
<programlisting>listen_tcp = 1</programlisting>
<programlisting>tcp_port = "16059"</programlisting>
<programlisting>tcp_port = "16509"</programlisting>
<programlisting>auth_tcp = "none"</programlisting>
<programlisting>mdns_adv = 0</programlisting>
</listitem>

3
packaging/centos63/cloud.spec
View File

@ -185,7 +185,7 @@ install -D console-proxy/dist/systemvm.iso ${RPM_BUILD_ROOT}%{_datadir}/%{name}-
install -D console-proxy/dist/systemvm.zip ${RPM_BUILD_ROOT}%{_datadir}/%{name}-common/vms/systemvm.zip
install python/lib/cloud_utils.py ${RPM_BUILD_ROOT}%{_libdir}/python2.6/site-packages/cloud_utils.py
cp -r python/lib/cloudutils ${RPM_BUILD_ROOT}%{_libdir}/python2.6/site-packages/
python -m compileall ${RPM_BUILD_ROOT}%{_libdir}/python2.6/site-packages/cloud_utils.py
python -m py_compile ${RPM_BUILD_ROOT}%{_libdir}/python2.6/site-packages/cloud_utils.py
python -m compileall ${RPM_BUILD_ROOT}%{_libdir}/python2.6/site-packages/cloudutils
# Management
@ -382,6 +382,7 @@ fi
%attr(0644, root, root) %{_datadir}/%{name}-common/vms/systemvm.iso
%attr(0644, root, root) %{_datadir}/%{name}-common/vms/systemvm.zip
%attr(0644,root,root) %{_libdir}/python2.6/site-packages/cloud_utils.py
%attr(0644,root,root) %{_libdir}/python2.6/site-packages/cloud_utils.pyc
%attr(0644,root,root) %{_libdir}/python2.6/site-packages/cloudutils/*
%doc LICENSE
%doc NOTICE

4
plugins/api/discovery/src/org/apache/cloudstack/discovery/ApiDiscoveryServiceImpl.java
View File

@ -68,9 +68,7 @@ public class ApiDiscoveryServiceImpl implements ApiDiscoveryService {
if (s_apiNameDiscoveryResponseMap == null) {
long startTime = System.nanoTime();
s_apiNameDiscoveryResponseMap = new HashMap<String, ApiDiscoveryResponse>();
//TODO: Fix and use PluggableService to get the classes
Set<Class<?>> cmdClasses = ReflectUtil.getClassesWithAnnotation(APICommand.class,
new String[]{"org.apache.cloudstack.api", "com.cloud.api"});
Set<Class<?>> cmdClasses = new HashSet<Class<?>>();
for(PluggableService service: _services)
cmdClasses.addAll(service.getCommands());
cacheResponseMap(cmdClasses);

2
plugins/api/discovery/test/org/apache/cloudstack/discovery/ApiDiscoveryTest.java
View File

@ -83,7 +83,7 @@ public class ApiDiscoveryTest {
@Test
public void verifyListApis() throws Exception {
ListResponse<ApiDiscoveryResponse> responses = (ListResponse<ApiDiscoveryResponse>) _discoveryService.listApis(testUser, null);
assertTrue("No. of response items > 1", responses.getCount() > 1);
assertTrue("No. of response items > 1", responses.getCount() == 1);
for (ApiDiscoveryResponse response: responses.getResponses()) {
assertFalse("API name is empty", response.getName().isEmpty());
assertFalse("API description is empty", response.getDescription().isEmpty());

23
plugins/api/rate-limit/src/org/apache/cloudstack/ratelimit/ApiRateLimitServiceImpl.java
View File

@ -29,10 +29,13 @@ import net.sf.ehcache.CacheManager;
import org.apache.log4j.Logger;
import org.apache.cloudstack.acl.APIChecker;
import org.apache.cloudstack.api.ApiConstants.LDAPParams;
import org.apache.cloudstack.api.command.admin.ratelimit.ResetApiLimitCmd;
import org.apache.cloudstack.api.command.user.ratelimit.GetApiLimitCmd;
import org.apache.cloudstack.api.response.ApiLimitResponse;
import com.cloud.configuration.Config;
import com.cloud.configuration.dao.ConfigurationDao;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.exception.RequestLimitException;
import com.cloud.user.Account;
@ -56,34 +59,34 @@ public class ApiRateLimitServiceImpl extends AdapterBase implements APIChecker,
*/
private int maxAllowed = 30;
private static LimitStore _store = null;
private LimitStore _store = null;
@Inject
AccountService _accountService;
@Inject
ConfigurationDao _configDao;
@Override
public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
super.configure(name, params);
if (_store == null) {
// not configured yet, note that since this class is both adapter
// and pluggableService, so this method
// may be invoked twice in ComponentLocator.
// get global configured duration and max values
Object duration = params.get("api.throttling.interval");
String duration = _configDao.getValue(Config.ApiLimitInterval.key());
if (duration != null) {
timeToLive = Integer.parseInt((String) duration);
timeToLive = Integer.parseInt(duration);
}
Object maxReqs = params.get("api.throttling.max");
String maxReqs = _configDao.getValue(Config.ApiLimitMax.key());
if (maxReqs != null) {
maxAllowed = Integer.parseInt((String) maxReqs);
maxAllowed = Integer.parseInt(maxReqs);
}
// create limit store
EhcacheLimitStore cacheStore = new EhcacheLimitStore();
int maxElements = 10000;
Object cachesize = params.get("api.throttling.cachesize");
String cachesize = _configDao.getValue(Config.ApiLimitCacheSize.key());
if ( cachesize != null ){
maxElements = Integer.parseInt((String)cachesize);
maxElements = Integer.parseInt(cachesize);
}
CacheManager cm = CacheManager.create();
Cache cache = new Cache("api-limit-cache", maxElements, false, false, timeToLive, timeToLive);

8
plugins/api/rate-limit/test/org/apache/cloudstack/ratelimit/ApiRateLimitTest.java
View File

@ -29,6 +29,8 @@ import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import com.cloud.configuration.Config;
import com.cloud.configuration.dao.ConfigurationDao;
import com.cloud.exception.RequestLimitException;
import com.cloud.user.Account;
import com.cloud.user.AccountService;
@ -43,12 +45,18 @@ public class ApiRateLimitTest {
static ApiRateLimitServiceImpl _limitService = new ApiRateLimitServiceImpl();
static AccountService _accountService = mock(AccountService.class);
static ConfigurationDao _configDao = mock(ConfigurationDao.class);
private static long acctIdSeq = 5L;
private static Account testAccount;
@BeforeClass
public static void setUp() throws ConfigurationException {
when(_configDao.getValue(Config.ApiLimitInterval.key())).thenReturn(null);
when(_configDao.getValue(Config.ApiLimitMax.key())).thenReturn(null);
when(_configDao.getValue(Config.ApiLimitCacheSize.key())).thenReturn(null);
_limitService._configDao = _configDao;
_limitService.configure("ApiRateLimitTest", Collections.<String, Object> emptyMap());
_limitService._accountService = _accountService;

3
plugins/file-systems/netapp/src/com/cloud/netapp/NetappManager.java
View File

@ -24,8 +24,9 @@ import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.ResourceAllocationException;
import com.cloud.exception.ResourceInUseException;
import com.cloud.utils.component.Manager;
import com.cloud.utils.component.PluggableService;
public interface NetappManager extends Manager {
public interface NetappManager extends Manager, PluggableService {
enum AlgorithmType {
RoundRobin,
LeastFull

22
plugins/file-systems/netapp/src/com/cloud/netapp/NetappManagerImpl.java
View File

@ -17,6 +17,7 @@
package com.cloud.netapp;
import java.io.IOException;
import java.lang.Override;
import java.net.UnknownHostException;
import java.rmi.ServerException;
import java.util.ArrayList;
@ -40,6 +41,7 @@ import netapp.manage.NaServer;
import org.apache.log4j.Logger;
import org.springframework.stereotype.Component;
import com.cloud.api.commands.netapp.*;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.ResourceAllocationException;
import com.cloud.exception.ResourceInUseException;
@ -123,7 +125,25 @@ public class NetappManagerImpl extends ManagerBase implements NetappManager
return s;
}
@Override
public List<Class<?>> getCommands() {
List<Class<?>> cmdList = new ArrayList<Class<?>>();
cmdList.add(CreateLunCmd.class);
cmdList.add(ListLunsCmd.class);
cmdList.add(DissociateLunCmd.class);
cmdList.add(CreateVolumeOnFilerCmd.class);
cmdList.add(ModifyVolumePoolCmd.class);
cmdList.add(ListVolumesOnFilerCmd.class);
cmdList.add(ListVolumePoolsCmd.class);
cmdList.add(DestroyLunCmd.class);
cmdList.add(CreateVolumePoolCmd.class);
cmdList.add(DeleteVolumePoolCmd.class);
cmdList.add(AssociateLunCmd.class);
cmdList.add(DestroyVolumeOnFilerCmd.class);
return cmdList;
}
@Override
public void modifyPool(String poolName, String algorithm) throws InvalidParameterValueException
{

128
plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
View File

@ -368,10 +368,6 @@ ServerResource {
NATIVE, OPENVSWITCH
}
protected enum defineOps {
UNDEFINE_VM, DEFINE_VM
}
protected BridgeType _bridgeType;
private String getEndIpFromStartIp(String startIp, int numIps) {
@ -979,77 +975,24 @@ ServerResource {
}
}
protected String startDomain(Connect conn, String vmName, String domainXML)
protected String startVM(Connect conn, String vmName, String domainXML)
throws LibvirtException, InternalErrorException {
/* No duplicated vm, we will success, or failed */
boolean failed = false;
Domain dm = null;
try {
dm = conn.domainDefineXML(domainXML);
/*
We create a transient domain here. When this method gets
called we receive a full XML specification of the guest,
so no need to define it persistent.
This also makes sure we never have any old "garbage" defined
in libvirt which might haunt us.
*/
dm = conn.domainCreateXML(domainXML, 0);
} catch (final LibvirtException e) {
/* Duplicated defined vm */
s_logger.warn("Failed to define domain " + vmName + ": "
s_logger.warn("Failed to start domain " + vmName + ": "
+ e.getMessage());
failed = true;
} finally {
try {
if (dm != null) {
dm.free();
}
} catch (final LibvirtException e) {
}
}
/* If failed, undefine the vm */
Domain dmOld = null;
Domain dmNew = null;
try {
if (failed) {
dmOld = conn.domainLookupByUUID(UUID.nameUUIDFromBytes(vmName
.getBytes()));
dmOld.undefine();
dmNew = conn.domainDefineXML(domainXML);
}
} catch (final LibvirtException e) {
s_logger.warn("Failed to define domain (second time) " + vmName
+ ": " + e.getMessage());
throw e;
} catch (Exception e) {
s_logger.warn("Failed to define domain (second time) " + vmName
+ ": " + e.getMessage());
throw new InternalErrorException(e.toString());
} finally {
try {
if (dmOld != null) {
dmOld.free();
}
if (dmNew != null) {
dmNew.free();
}
} catch (final LibvirtException e) {
}
}
/* Start the VM */
try {
dm = conn.domainLookupByUUID(UUID.nameUUIDFromBytes(vmName
.getBytes()));
dm.create();
} catch (LibvirtException e) {
s_logger.warn("Failed to start domain: " + vmName + ": "
+ e.getMessage());
throw e;
} finally {
try {
if (dm != null) {
dm.free();
}
} catch (final LibvirtException e) {
}
}
return null;
}
@ -1064,28 +1007,6 @@ ServerResource {
return true;
}
public static void main(String[] args) {
s_logger.addAppender(new org.apache.log4j.ConsoleAppender(
new org.apache.log4j.PatternLayout(), "System.out"));
LibvirtComputingResource test = new LibvirtComputingResource();
Map<String, Object> params = new HashMap<String, Object>();
try {
test.configure("test", params);
} catch (ConfigurationException e) {
System.out.println(e.getMessage());
e.printStackTrace();
}
String result = null;
// String result = test.startDomainRouter("domr1",
// "/var/lib/images/centos.5-4.x86-64/centos-small.img", 128, "0064",
// "02:00:30:00:01:01", "00:16:3e:77:e2:a1", "02:00:30:00:64:01");
boolean created = (result == null);
s_logger.info("Domain " + (created ? " " : " not ") + " created");
s_logger.info("Rule " + (created ? " " : " not ") + " created");
test.stop();
}
@Override
public Answer executeRequest(Command cmd) {
@ -2867,7 +2788,7 @@ ServerResource {
List<InterfaceDef> ifaces = getInterfaces(conn, vmName);
destroy_network_rules_for_vm(conn, vmName);
String result = stopVM(conn, vmName, defineOps.UNDEFINE_VM);
String result = stopVM(conn, vmName);
if (result == null) {
for (DiskDef disk : disks) {
if (disk.getDeviceType() == DiskDef.deviceType.CDROM
@ -3085,7 +3006,7 @@ ServerResource {
createVifs(vmSpec, vm);
s_logger.debug("starting " + vmName + ": " + vm.toString());
startDomain(conn, vmName, vm.toString());
startVM(conn, vmName, vm.toString());
NicTO[] nics = vmSpec.getNics();
for (NicTO nic : nics) {
@ -3910,8 +3831,8 @@ ServerResource {
.getBytes()));
String vmDef = dm.getXMLDesc(0);
s_logger.debug(vmDef);
msg = stopVM(conn, vmName, defineOps.UNDEFINE_VM);
msg = startDomain(conn, vmName, vmDef);
msg = stopVM(conn, vmName);
msg = startVM(conn, vmName, vmDef);
return null;
} catch (LibvirtException e) {
s_logger.warn("Failed to create vm", e);
@ -3932,7 +3853,7 @@ ServerResource {
return msg;
}
protected String stopVM(Connect conn, String vmName, defineOps df) {
protected String stopVM(Connect conn, String vmName) {
DomainInfo.DomainState state = null;
Domain dm = null;
@ -3982,23 +3903,6 @@ ServerResource {
}
}
if (df == defineOps.UNDEFINE_VM) {
try {
dm = conn.domainLookupByUUID(UUID.nameUUIDFromBytes(vmName
.getBytes()));
dm.undefine();
} catch (LibvirtException e) {
} finally {
try {
if (dm != null) {
dm.free();
}
} catch (LibvirtException l) {
}
}
}
return null;
}

2
plugins/network-elements/bigswitch-vns/src/com/cloud/api/commands/AddBigSwitchVnsDeviceCmd.java
View File

@ -37,7 +37,7 @@ import com.cloud.network.element.BigSwitchVnsElementService;
import com.cloud.user.UserContext;
import com.cloud.utils.exception.CloudRuntimeException;
@APICommand(name = "addBigSwitchVnsDevice", responseObject=BigSwitchVnsDeviceResponse.class, description="Adds a BigSwitch VNS device")
@APICommand(name = "addBigSwitchVnsDevice", responseObject=BigSwitchVnsDeviceResponse.class, description="Adds a BigSwitch VNS device", since = "4.1.0")
public class AddBigSwitchVnsDeviceCmd extends BaseAsyncCmd {
private static final String s_name = "addbigswitchvnsdeviceresponse";
@Inject BigSwitchVnsElementService _bigswitchVnsElementService;

2
plugins/network-elements/bigswitch-vns/src/com/cloud/api/commands/DeleteBigSwitchVnsDeviceCmd.java
View File

@ -35,7 +35,7 @@ import com.cloud.network.element.BigSwitchVnsElementService;
import com.cloud.user.UserContext;
import com.cloud.utils.exception.CloudRuntimeException;
@APICommand(name = "deleteBigSwitchVnsDevice", responseObject=SuccessResponse.class, description=" delete a bigswitch vns device")
@APICommand(name = "deleteBigSwitchVnsDevice", responseObject=SuccessResponse.class, description=" delete a bigswitch vns device", since = "4.1.0")
public class DeleteBigSwitchVnsDeviceCmd extends BaseAsyncCmd {
private static final String s_name = "deletebigswitchvnsdeviceresponse";
@Inject BigSwitchVnsElementService _bigswitchVnsElementService;

2
plugins/network-elements/bigswitch-vns/src/com/cloud/api/commands/ListBigSwitchVnsDevicesCmd.java
View File

@ -41,7 +41,7 @@ import com.cloud.network.BigSwitchVnsDeviceVO;
import com.cloud.network.element.BigSwitchVnsElementService;
import com.cloud.utils.exception.CloudRuntimeException;
@APICommand(name = "listBigSwitchVnsDevices", responseObject=BigSwitchVnsDeviceResponse.class, description="Lists BigSwitch Vns devices")
@APICommand(name = "listBigSwitchVnsDevices", responseObject=BigSwitchVnsDeviceResponse.class, description="Lists BigSwitch Vns devices", since = "4.1.0")
public class ListBigSwitchVnsDevicesCmd extends BaseListCmd {
public static final Logger s_logger = Logger.getLogger(ListBigSwitchVnsDevicesCmd.class.getName());
private static final String s_name = "listbigswitchvnsdeviceresponse";

2
plugins/network-elements/bigswitch-vns/src/com/cloud/network/element/BigSwitchVnsElement.java
View File

@ -88,7 +88,9 @@ import com.cloud.vm.NicProfile;
import com.cloud.vm.ReservationContext;
import com.cloud.vm.VirtualMachine;
import com.cloud.vm.VirtualMachineProfile;
import org.springframework.stereotype.Component;
@Component
@Local(value = {NetworkElement.class, ConnectivityProvider.class})
public class BigSwitchVnsElement extends AdapterBase implements
BigSwitchVnsElementService, ConnectivityProvider, ResourceStateAdapter {

16
scripts/storage/secondary/cloud-install-sys-tmplt
View File

@ -20,7 +20,7 @@
usage() {
printf "Usage: %s: -m <secondary storage mount point> -f <system vm template file> [-h <hypervisor name: kvm|vmware|xenserver> ] [ -s <mgmt server secret key, if you specified any when running cloud-setup-database, default is password>][-u <Url to system vm template>] [-F <clean up system templates of specified hypervisor>] [-e <Template suffix, e.g vhd, ova, qcow2>] [-o <Database server hostname or ip, e.g localhost>] [-r <Database user name, e.g root>] [-d <Database password. Fllowed by nothing if the password is empty>]\n" $(basename $0) >&2
printf "Usage: %s: -m <secondary storage mount point> -f <system vm template file> [-h <hypervisor name: kvm|vmware|xenserver> ] [ -s <mgmt server secret key, if you specified any when running cloudstack-setup-database, default is password>][-u <Url to system vm template>] [-F <clean up system templates of specified hypervisor>] [-e <Template suffix, e.g vhd, ova, qcow2>] [-o <Database server hostname or ip, e.g localhost>] [-r <Database user name, e.g root>] [-d <Database password. Fllowed by nothing if the password is empty>]\n" $(basename $0) >&2
printf "or\n" >&2
printf "%s: -m <secondary storage mount point> -u <http url for system vm template> [-h <hypervisor name: kvm|vmware|xenserver> ] [ -s <mgmt server secret key>]\n" $(basename $0) >&2
}
@ -104,17 +104,17 @@ fi
if [ "$oflag" != 1 ]; then
dbHost=$(sed '/^\#/d' /etc/cloud/management/db.properties | grep 'db.cloud.host' | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
dbHost=$(sed '/^\#/d' /etc/cloudstack/management/db.properties | grep 'db.cloud.host' | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
fi
if [ "$rflag" != 1 ]; then
dbUser=$(sed '/^\#/d' /etc/cloud/management/db.properties | grep 'db.cloud.username' | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
dbUser=$(sed '/^\#/d' /etc/cloudstack/management/db.properties | grep 'db.cloud.username' | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
fi
if [ -f /etc/cloud/management/db.properties ]; then
encType=$(sed '/^\#/d' /etc/cloud/management/db.properties | grep 'db.cloud.encryption.type' | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
if [ -f /etc/cloudstack/management/db.properties ]; then
encType=$(sed '/^\#/d' /etc/cloudstack/management/db.properties | grep 'db.cloud.encryption.type' | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//')
if [ "$encType" == "file" ]
then
msKey=$(cat /etc/cloud/management/key)
msKey=$(cat /etc/cloudstack/management/key)
elif [ "$encType" == "web" ]
then
if [ ! "$sflag" == "1" ]
@ -127,7 +127,7 @@ fi
if [[ "$encType" == "file" || "$encType" == "web" ]]
then
encPassword=$(sed '/^\#/d' /etc/cloud/management/db.properties | grep 'db.cloud.password' | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//'i | sed 's/^ENC(\(.*\))/\1/')
encPassword=$(sed '/^\#/d' /etc/cloudstack/management/db.properties | grep 'db.cloud.password' | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//'i | sed 's/^ENC(\(.*\))/\1/')
if [ ! $encPassword == "" ]
then
dbPassword=(`java -classpath $jasypt org.jasypt.intf.cli.JasyptPBEStringDecryptionCLI decrypt.sh input=$encPassword password=$msKey verbose=false`)
@ -139,7 +139,7 @@ then
fi
else
if [ "$dflag" != 1 ]; then
dbPassword=$(sed '/^\#/d' /etc/cloud/management/db.properties | grep 'db.cloud.password' | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//'i )
dbPassword=$(sed '/^\#/d' /etc/cloudstack/management/db.properties | grep 'db.cloud.password' | tail -n 1 | cut -d "=" -f2- | sed 's/^[[:space:]]*//;s/[[:space:]]*$//'i )
fi
fi

17
server/src/com/cloud/api/ApiServer.java
View File

@ -29,15 +29,7 @@ import java.security.SecureRandom;
import java.text.DateFormat;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.TimeZone;
import java.util.*;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.ThreadPoolExecutor;
@ -64,7 +56,6 @@ import org.apache.cloudstack.api.command.admin.router.ListRoutersCmd;
import org.apache.cloudstack.api.command.admin.storage.ListStoragePoolsCmd;
import org.apache.cloudstack.api.command.admin.user.ListUsersCmd;
import com.cloud.event.ActionEventUtils;
import com.cloud.utils.ReflectUtil;
import org.apache.cloudstack.acl.APILimitChecker;
import org.apache.cloudstack.api.*;
import org.apache.cloudstack.api.command.user.account.ListAccountsCmd;
@ -149,7 +140,6 @@ import com.cloud.utils.concurrency.NamedThreadFactory;
import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.db.Transaction;
@Component
public class ApiServer implements HttpRequestHandler {
private static final Logger s_logger = Logger.getLogger(ApiServer.class.getName());
@ -165,7 +155,6 @@ public class ApiServer implements HttpRequestHandler {
@Inject private ConfigurationDao _configDao;
@Inject List<PluggableService> _pluggableServices;
@Inject List<APIChecker> _apiAccessCheckers;
private Account _systemAccount = null;
@ -219,9 +208,7 @@ public class ApiServer implements HttpRequestHandler {
}
}
Set<Class<?>> cmdClasses = ReflectUtil.getClassesWithAnnotation(APICommand.class,
new String[]{"org.apache.cloudstack.api", "com.cloud.api"});
Set<Class<?>> cmdClasses = new HashSet<Class<?>>();
for(PluggableService pluggableService: _pluggableServices)
cmdClasses.addAll(pluggableService.getCommands());

8
server/src/com/cloud/configuration/Config.java
View File

@ -358,12 +358,16 @@ public enum Config {
ConcurrentSnapshotsThresholdPerHost("Advanced", ManagementServer.class, Long.class, "concurrent.snapshots.threshold.perhost",
null, "Limits number of snapshots that can be handled by the host concurrently; default is NULL - unlimited", null),
NetworkIPv6SearchRetryMax("Network", ManagementServer.class, Integer.class, "network.ipv6.search.retry.max", "10000", "The maximum number of retrying times to search for an available IPv6 address in the table", null),
ExternalBaremetalSystemUrl("Advanced", ManagementServer.class, String.class, "external.baremetal.system.url", null, "url of external baremetal system that CloudStack will talk to", null),
ExternalBaremetalResourceClassName("Advanced", ManagementServer.class, String.class, "external,baremetal.resource.classname", null, "class name for handling external baremetal resource", null),
EnableBaremetalSecurityGroupAgentEcho("Advanced", ManagementServer.class, Boolean.class, "enable.baremetal.securitygroup.agent.echo", "false", "After starting provision process, periodcially echo security agent installed in the template. Treat provisioning as success only if echo successfully", null),
IntervalToEchoBaremetalSecurityGroupAgent("Advanced", ManagementServer.class, Integer.class, "interval.baremetal.securitygroup.agent.echo", "10", "Interval to echo baremetal security group agent, in seconds", null),
TimeoutToEchoBaremetalSecurityGroupAgent("Advanced", ManagementServer.class, Integer.class, "timeout.baremetal.securitygroup.agent.echo", "3600", "Timeout to echo baremetal security group agent, in seconds, the provisioning process will be treated as a failure", null);
TimeoutToEchoBaremetalSecurityGroupAgent("Advanced", ManagementServer.class, Integer.class, "timeout.baremetal.securitygroup.agent.echo", "3600", "Timeout to echo baremetal security group agent, in seconds, the provisioning process will be treated as a failure", null),
ApiLimitInterval("Advanced", ManagementServer.class, Integer.class, "api.throttling.interval", "1", "Time interval (in seconds) to reset API count", null),
ApiLimitMax("Advanced", ManagementServer.class, Integer.class, "api.throttling.max", "25", "Max allowed number of APIs within fixed interval", null),
ApiLimitCacheSize("Advanced", ManagementServer.class, Integer.class, "api.throttling.cachesize", "50000", "Account based API count cache size", null);
private final String _category;
private final Class<?> _componentClass;

17
server/src/com/cloud/network/NetworkManagerImpl.java
View File

@ -1859,11 +1859,14 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
}
// Only Account specific Isolated network with sourceNat service disabled are allowed in security group
// enabled zone
boolean allowCreation = (ntwkOff.getGuestType() == GuestType.Isolated
&& !_networkModel.areServicesSupportedByNetworkOffering(ntwkOff.getId(), Service.SourceNat));
if (!allowCreation) {
throw new InvalidParameterValueException("Only Account specific Isolated network with sourceNat " +
"service disabled are allowed in security group enabled zone");
if ( ntwkOff.getGuestType() != GuestType.Shared ){
throw new InvalidParameterValueException("Only shared guest network can be created in security group enabled zone");
}
if ( _networkModel.areServicesSupportedByNetworkOffering(ntwkOff.getId(), Service.SourceNat)) {
throw new InvalidParameterValueException("Service SourceNat is not allowed in security group enabled zone");
}
if ( _networkModel.areServicesSupportedByNetworkOffering(ntwkOff.getId(), Service.SecurityGroup)) {
throw new InvalidParameterValueException("network must have SecurityGroup provider in security group enabled zone");
}
}
@ -2991,6 +2994,7 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
private boolean shutdownNetworkResources(long networkId, Account caller, long callerUserId) {
// This method cleans up network rules on the backend w/o touching them in the DB
boolean success = true;
Network network = _networksDao.findById(networkId);
// Mark all PF rules as revoked and apply them on the backend (not in the DB)
List<PortForwardingRuleVO> pfRules = _portForwardingRulesDao.listByNetwork(networkId);
@ -3063,7 +3067,7 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
}
try {
if (!_firewallMgr.applyRules(lbRules, true, false)) {
if (!_lbMgr.applyRules(network, Purpose.LoadBalancing, lbs)) {
s_logger.warn("Failed to cleanup lb rules as a part of shutdownNetworkRules");
success = false;
}
@ -3142,7 +3146,6 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
}
// Get all ip addresses, mark as releasing and release them on the backend
Network network = _networksDao.findById(networkId);
List<IPAddressVO> userIps = _ipAddressDao.listByAssociatedNetwork(networkId, null);
List<PublicIp> publicIpsToRelease = new ArrayList<PublicIp>();
if (userIps != null && !userIps.isEmpty()) {

10
server/src/com/cloud/network/lb/LoadBalancingRulesManager.java
View File

@ -16,16 +16,18 @@
// under the License.
package com.cloud.network.lb;
import java.util.List;
import org.apache.cloudstack.api.command.user.loadbalancer.CreateLoadBalancerRuleCmd;
import com.cloud.exception.NetworkRuleConflictException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.Network;
import com.cloud.network.lb.LoadBalancingRule.LbDestination;
import com.cloud.network.lb.LoadBalancingRule.LbStickinessPolicy;
import com.cloud.network.rules.FirewallRule;
import com.cloud.network.rules.LbStickinessMethod;
import com.cloud.network.rules.LoadBalancer;
import com.cloud.user.Account;
import org.apache.cloudstack.api.command.user.loadbalancer.CreateLoadBalancerRuleCmd;
import java.util.List;
public interface LoadBalancingRulesManager extends LoadBalancingRulesService {
@ -43,7 +45,7 @@ public interface LoadBalancingRulesManager extends LoadBalancingRulesService {
* @return true if removal is successful
*/
boolean removeVmFromLoadBalancers(long vmId);
boolean applyRules(Network network, FirewallRule.Purpose purpose, List<? extends FirewallRule> rules) throws ResourceUnavailableException ;
boolean applyLoadBalancersForNetwork(long networkId) throws ResourceUnavailableException;
String getLBCapability(long networkid, String capabilityName);
boolean configureLbAutoScaleVmGroup(long vmGroupid, String currentState) throws ResourceUnavailableException;

408
server/src/com/cloud/server/ManagementServerImpl.java
View File

@ -5,7 +5,7 @@
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
@ -53,40 +53,56 @@ import org.apache.cloudstack.api.ApiConstants;
import com.cloud.event.ActionEventUtils;
import org.apache.cloudstack.api.BaseUpdateTemplateOrIsoCmd;
import org.apache.cloudstack.api.command.admin.cluster.ListClustersCmd;
import org.apache.cloudstack.api.command.admin.config.ListCfgsByCmd;
import org.apache.cloudstack.api.command.admin.domain.UpdateDomainCmd;
import org.apache.cloudstack.api.command.admin.host.ListHostsCmd;
import org.apache.cloudstack.api.command.admin.host.UpdateHostPasswordCmd;
import org.apache.cloudstack.api.command.admin.pod.ListPodsByCmd;
import org.apache.cloudstack.api.command.admin.resource.ListAlertsCmd;
import org.apache.cloudstack.api.command.admin.resource.ListCapacityCmd;
import org.apache.cloudstack.api.command.admin.resource.UploadCustomCertificateCmd;
import org.apache.cloudstack.api.command.admin.systemvm.DestroySystemVmCmd;
import org.apache.cloudstack.api.command.admin.systemvm.ListSystemVMsCmd;
import org.apache.cloudstack.api.command.admin.systemvm.RebootSystemVmCmd;
import org.apache.cloudstack.api.command.admin.systemvm.StopSystemVmCmd;
import org.apache.cloudstack.api.command.admin.systemvm.UpgradeSystemVMCmd;
import org.apache.cloudstack.api.command.admin.vlan.ListVlanIpRangesCmd;
import org.apache.cloudstack.api.command.user.address.ListPublicIpAddressesCmd;
import org.apache.cloudstack.api.command.user.config.ListCapabilitiesCmd;
import org.apache.cloudstack.api.command.user.guest.ListGuestOsCategoriesCmd;
import org.apache.cloudstack.api.command.user.guest.ListGuestOsCmd;
import org.apache.cloudstack.api.command.user.iso.ListIsosCmd;
import org.apache.cloudstack.api.command.user.iso.UpdateIsoCmd;
import org.apache.cloudstack.api.command.user.offering.ListDiskOfferingsCmd;
import org.apache.cloudstack.api.command.user.offering.ListServiceOfferingsCmd;
import org.apache.cloudstack.api.command.user.ssh.CreateSSHKeyPairCmd;
import org.apache.cloudstack.api.command.user.ssh.ListSSHKeyPairsCmd;
import org.apache.cloudstack.api.command.user.ssh.DeleteSSHKeyPairCmd;
import org.apache.cloudstack.api.command.user.ssh.ListSSHKeyPairsCmd;
import org.apache.cloudstack.api.command.user.ssh.RegisterSSHKeyPairCmd;
import org.apache.cloudstack.api.command.user.template.ListTemplatesCmd;
import org.apache.cloudstack.api.command.user.template.UpdateTemplateCmd;
import org.apache.cloudstack.api.command.user.vm.GetVMPasswordCmd;
import org.apache.cloudstack.api.command.user.vmgroup.UpdateVMGroupCmd;
import org.apache.cloudstack.api.command.user.volume.ExtractVolumeCmd;
import org.apache.cloudstack.api.command.user.zone.ListZonesByCmd;
import org.apache.cloudstack.api.command.admin.account.*;
import org.apache.cloudstack.api.command.admin.autoscale.*;
import org.apache.cloudstack.api.command.admin.cluster.*;
import org.apache.cloudstack.api.command.admin.config.*;
import org.apache.cloudstack.api.command.admin.domain.*;
import org.apache.cloudstack.api.command.admin.host.*;
import org.apache.cloudstack.api.command.admin.ldap.*;
import org.apache.cloudstack.api.command.admin.network.*;
import org.apache.cloudstack.api.command.admin.offering.*;
import org.apache.cloudstack.api.command.admin.pod.*;
import org.apache.cloudstack.api.command.admin.region.*;
import org.apache.cloudstack.api.command.admin.resource.*;
import org.apache.cloudstack.api.command.admin.router.*;
import org.apache.cloudstack.api.command.admin.storage.*;
import org.apache.cloudstack.api.command.admin.swift.*;
import org.apache.cloudstack.api.command.admin.systemvm.*;
import org.apache.cloudstack.api.command.admin.template.*;
import org.apache.cloudstack.api.command.admin.usage.*;
import org.apache.cloudstack.api.command.admin.user.*;
import org.apache.cloudstack.api.command.admin.vlan.*;
import org.apache.cloudstack.api.command.admin.vm.*;
import org.apache.cloudstack.api.command.admin.vpc.*;
import org.apache.cloudstack.api.command.admin.zone.*;
import org.apache.cloudstack.api.command.user.account.*;
import org.apache.cloudstack.api.command.user.address.*;
import org.apache.cloudstack.api.command.user.autoscale.*;
import org.apache.cloudstack.api.command.user.config.*;
import org.apache.cloudstack.api.command.user.event.*;
import org.apache.cloudstack.api.command.user.firewall.*;
import org.apache.cloudstack.api.command.user.guest.*;
import org.apache.cloudstack.api.command.user.iso.*;
import org.apache.cloudstack.api.command.user.job.*;
import org.apache.cloudstack.api.command.user.loadbalancer.*;
import org.apache.cloudstack.api.command.user.nat.*;
import org.apache.cloudstack.api.command.user.network.*;
import org.apache.cloudstack.api.command.user.offering.*;
import org.apache.cloudstack.api.command.user.project.*;
import org.apache.cloudstack.api.command.user.region.*;
import org.apache.cloudstack.api.command.user.resource.*;
import org.apache.cloudstack.api.command.user.securitygroup.*;
import org.apache.cloudstack.api.command.user.snapshot.*;
import org.apache.cloudstack.api.command.user.ssh.*;
import org.apache.cloudstack.api.command.user.tag.*;
import org.apache.cloudstack.api.command.user.template.*;
import org.apache.cloudstack.api.command.user.vm.*;
import org.apache.cloudstack.api.command.user.vmgroup.*;
import org.apache.cloudstack.api.command.user.volume.*;
import org.apache.cloudstack.api.command.user.vpc.*;
import org.apache.cloudstack.api.command.user.vpn.*;
import org.apache.cloudstack.api.command.user.zone.*;
import org.apache.cloudstack.api.response.ExtractResponse;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
@ -375,7 +391,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Inject
S3Manager _s3Mgr;
/*
/*
@Inject
ComponentContext _forceContextRef; // create a dependency to ComponentContext so that it can be loaded beforehead
@ -417,14 +433,14 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
for (String id : availableIds) {
_availableIdsMap.put(id, true);
}
return true;
}
@Override
public boolean start() {
s_logger.info("Startup CloudStack management server...");
enableAdminUser("password");
return true;
}
@ -1820,7 +1836,313 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
@Override
public List<Class<?>> getCommands() {
List<Class<?>> cmdList = new ArrayList<Class<?>>();
//TODO: Add cmd classes
cmdList.add(CreateAccountCmd.class);
cmdList.add(DeleteAccountCmd.class);
cmdList.add(DisableAccountCmd.class);
cmdList.add(EnableAccountCmd.class);
cmdList.add(LockAccountCmd.class);
cmdList.add(UpdateAccountCmd.class);
cmdList.add(CreateCounterCmd.class);
cmdList.add(DeleteCounterCmd.class);
cmdList.add(AddClusterCmd.class);
cmdList.add(DeleteClusterCmd.class);
cmdList.add(ListClustersCmd.class);
cmdList.add(UpdateClusterCmd.class);
cmdList.add(ListCfgsByCmd.class);
cmdList.add(ListHypervisorCapabilitiesCmd.class);
cmdList.add(UpdateCfgCmd.class);
cmdList.add(UpdateHypervisorCapabilitiesCmd.class);
cmdList.add(CreateDomainCmd.class);
cmdList.add(DeleteDomainCmd.class);
cmdList.add(ListDomainChildrenCmd.class);
cmdList.add(ListDomainsCmd.class);
cmdList.add(UpdateDomainCmd.class);
cmdList.add(AddHostCmd.class);
cmdList.add(AddSecondaryStorageCmd.class);
cmdList.add(CancelMaintenanceCmd.class);
cmdList.add(DeleteHostCmd.class);
cmdList.add(ListHostsCmd.class);
cmdList.add(PrepareForMaintenanceCmd.class);
cmdList.add(ReconnectHostCmd.class);
cmdList.add(UpdateHostCmd.class);
cmdList.add(UpdateHostPasswordCmd.class);
cmdList.add(LDAPConfigCmd.class);
cmdList.add(LDAPRemoveCmd.class);
cmdList.add(AddNetworkDeviceCmd.class);
cmdList.add(AddNetworkServiceProviderCmd.class);
cmdList.add(CreateNetworkOfferingCmd.class);
cmdList.add(CreatePhysicalNetworkCmd.class);
cmdList.add(CreateStorageNetworkIpRangeCmd.class);
cmdList.add(DeleteNetworkDeviceCmd.class);
cmdList.add(DeleteNetworkOfferingCmd.class);
cmdList.add(DeleteNetworkServiceProviderCmd.class);
cmdList.add(DeletePhysicalNetworkCmd.class);
cmdList.add(DeleteStorageNetworkIpRangeCmd.class);
cmdList.add(ListNetworkDeviceCmd.class);
cmdList.add(ListNetworkServiceProvidersCmd.class);
cmdList.add(ListPhysicalNetworksCmd.class);
cmdList.add(ListStorageNetworkIpRangeCmd.class);
cmdList.add(ListSupportedNetworkServicesCmd.class);
cmdList.add(UpdateNetworkOfferingCmd.class);
cmdList.add(UpdateNetworkServiceProviderCmd.class);
cmdList.add(UpdatePhysicalNetworkCmd.class);
cmdList.add(UpdateStorageNetworkIpRangeCmd.class);
cmdList.add(CreateDiskOfferingCmd.class);
cmdList.add(CreateServiceOfferingCmd.class);
cmdList.add(DeleteDiskOfferingCmd.class);
cmdList.add(DeleteServiceOfferingCmd.class);
cmdList.add(UpdateDiskOfferingCmd.class);
cmdList.add(UpdateServiceOfferingCmd.class);
cmdList.add(CreatePodCmd.class);
cmdList.add(DeletePodCmd.class);
cmdList.add(ListPodsByCmd.class);
cmdList.add(UpdatePodCmd.class);
cmdList.add(AddRegionCmd.class);
cmdList.add(RemoveRegionCmd.class);
cmdList.add(UpdateRegionCmd.class);
cmdList.add(ListAlertsCmd.class);
cmdList.add(ListCapacityCmd.class);
cmdList.add(UploadCustomCertificateCmd.class);
cmdList.add(ConfigureVirtualRouterElementCmd.class);
cmdList.add(CreateVirtualRouterElementCmd.class);
cmdList.add(DestroyRouterCmd.class);
cmdList.add(ListRoutersCmd.class);
cmdList.add(ListVirtualRouterElementsCmd.class);
cmdList.add(RebootRouterCmd.class);
cmdList.add(StartRouterCmd.class);
cmdList.add(StopRouterCmd.class);
cmdList.add(UpgradeRouterCmd.class);
cmdList.add(AddS3Cmd.class);
cmdList.add(CancelPrimaryStorageMaintenanceCmd.class);
cmdList.add(CreateStoragePoolCmd.class);
cmdList.add(DeletePoolCmd.class);
cmdList.add(ListS3sCmd.class);
cmdList.add(ListStoragePoolsCmd.class);
cmdList.add(PreparePrimaryStorageForMaintenanceCmd.class);
cmdList.add(UpdateStoragePoolCmd.class);
cmdList.add(AddSwiftCmd.class);
cmdList.add(ListSwiftsCmd.class);
cmdList.add(DestroySystemVmCmd.class);
cmdList.add(ListSystemVMsCmd.class);
cmdList.add(MigrateSystemVMCmd.class);
cmdList.add(RebootSystemVmCmd.class);
cmdList.add(StartSystemVMCmd.class);
cmdList.add(StopSystemVmCmd.class);
cmdList.add(UpgradeSystemVMCmd.class);
cmdList.add(PrepareTemplateCmd.class);
cmdList.add(AddTrafficMonitorCmd.class);
cmdList.add(AddTrafficTypeCmd.class);
cmdList.add(DeleteTrafficMonitorCmd.class);
cmdList.add(DeleteTrafficTypeCmd.class);
cmdList.add(GenerateUsageRecordsCmd.class);
cmdList.add(GetUsageRecordsCmd.class);
cmdList.add(ListTrafficMonitorsCmd.class);
cmdList.add(ListTrafficTypeImplementorsCmd.class);
cmdList.add(ListTrafficTypesCmd.class);
cmdList.add(ListUsageTypesCmd.class);
cmdList.add(UpdateTrafficTypeCmd.class);
cmdList.add(CreateUserCmd.class);
cmdList.add(DeleteUserCmd.class);
cmdList.add(DisableUserCmd.class);
cmdList.add(EnableUserCmd.class);
cmdList.add(GetUserCmd.class);
cmdList.add(ListUsersCmd.class);
cmdList.add(LockUserCmd.class);
cmdList.add(RegisterCmd.class);
cmdList.add(UpdateUserCmd.class);
cmdList.add(CreateVlanIpRangeCmd.class);
cmdList.add(DeleteVlanIpRangeCmd.class);
cmdList.add(ListVlanIpRangesCmd.class);
cmdList.add(AssignVMCmd.class);
cmdList.add(MigrateVMCmd.class);
cmdList.add(RecoverVMCmd.class);
cmdList.add(CreatePrivateGatewayCmd.class);
cmdList.add(CreateVPCOfferingCmd.class);
cmdList.add(DeletePrivateGatewayCmd.class);
cmdList.add(DeleteVPCOfferingCmd.class);
cmdList.add(UpdateVPCOfferingCmd.class);
cmdList.add(CreateZoneCmd.class);
cmdList.add(DeleteZoneCmd.class);
cmdList.add(MarkDefaultZoneForAccountCmd.class);
cmdList.add(UpdateZoneCmd.class);
cmdList.add(AddAccountToProjectCmd.class);
cmdList.add(DeleteAccountFromProjectCmd.class);
cmdList.add(ListAccountsCmd.class);
cmdList.add(ListProjectAccountsCmd.class);
cmdList.add(AssociateIPAddrCmd.class);
cmdList.add(DisassociateIPAddrCmd.class);
cmdList.add(ListPublicIpAddressesCmd.class);
cmdList.add(CreateAutoScalePolicyCmd.class);
cmdList.add(CreateAutoScaleVmGroupCmd.class);
cmdList.add(CreateAutoScaleVmProfileCmd.class);
cmdList.add(CreateConditionCmd.class);
cmdList.add(DeleteAutoScalePolicyCmd.class);
cmdList.add(DeleteAutoScaleVmGroupCmd.class);
cmdList.add(DeleteAutoScaleVmProfileCmd.class);
cmdList.add(DeleteConditionCmd.class);
cmdList.add(DisableAutoScaleVmGroupCmd.class);
cmdList.add(EnableAutoScaleVmGroupCmd.class);
cmdList.add(ListAutoScalePoliciesCmd.class);
cmdList.add(ListAutoScaleVmGroupsCmd.class);
cmdList.add(ListAutoScaleVmProfilesCmd.class);
cmdList.add(ListConditionsCmd.class);
cmdList.add(ListCountersCmd.class);
cmdList.add(UpdateAutoScalePolicyCmd.class);
cmdList.add(UpdateAutoScaleVmGroupCmd.class);
cmdList.add(UpdateAutoScaleVmProfileCmd.class);
cmdList.add(ListCapabilitiesCmd.class);
cmdList.add(ListEventsCmd.class);
cmdList.add(ListEventTypesCmd.class);
cmdList.add(CreateEgressFirewallRuleCmd.class);
cmdList.add(CreateFirewallRuleCmd.class);
cmdList.add(CreatePortForwardingRuleCmd.class);
cmdList.add(DeleteEgressFirewallRuleCmd.class);
cmdList.add(DeleteFirewallRuleCmd.class);
cmdList.add(DeletePortForwardingRuleCmd.class);
cmdList.add(ListEgressFirewallRulesCmd.class);
cmdList.add(ListFirewallRulesCmd.class);
cmdList.add(ListPortForwardingRulesCmd.class);
cmdList.add(UpdatePortForwardingRuleCmd.class);
cmdList.add(ListGuestOsCategoriesCmd.class);
cmdList.add(ListGuestOsCmd.class);
cmdList.add(AttachIsoCmd.class);
cmdList.add(CopyIsoCmd.class);
cmdList.add(DeleteIsoCmd.class);
cmdList.add(DetachIsoCmd.class);
cmdList.add(ExtractIsoCmd.class);
cmdList.add(ListIsoPermissionsCmd.class);
cmdList.add(ListIsosCmd.class);
cmdList.add(RegisterIsoCmd.class);
cmdList.add(UpdateIsoCmd.class);
cmdList.add(UpdateIsoPermissionsCmd.class);
cmdList.add(ListAsyncJobsCmd.class);
cmdList.add(QueryAsyncJobResultCmd.class);
cmdList.add(AssignToLoadBalancerRuleCmd.class);
cmdList.add(CreateLBStickinessPolicyCmd.class);
cmdList.add(CreateLoadBalancerRuleCmd.class);
cmdList.add(DeleteLBStickinessPolicyCmd.class);
cmdList.add(DeleteLoadBalancerRuleCmd.class);
cmdList.add(ListLBStickinessPoliciesCmd.class);
cmdList.add(ListLoadBalancerRuleInstancesCmd.class);
cmdList.add(ListLoadBalancerRulesCmd.class);
cmdList.add(RemoveFromLoadBalancerRuleCmd.class);
cmdList.add(UpdateLoadBalancerRuleCmd.class);
cmdList.add(CreateIpForwardingRuleCmd.class);
cmdList.add(DeleteIpForwardingRuleCmd.class);
cmdList.add(DisableStaticNatCmd.class);
cmdList.add(EnableStaticNatCmd.class);
cmdList.add(ListIpForwardingRulesCmd.class);
cmdList.add(CreateNetworkACLCmd.class);
cmdList.add(CreateNetworkCmd.class);
cmdList.add(DeleteNetworkACLCmd.class);
cmdList.add(DeleteNetworkCmd.class);
cmdList.add(ListNetworkACLsCmd.class);
cmdList.add(ListNetworkOfferingsCmd.class);
cmdList.add(ListNetworksCmd.class);
cmdList.add(RestartNetworkCmd.class);
cmdList.add(UpdateNetworkCmd.class);
cmdList.add(ListDiskOfferingsCmd.class);
cmdList.add(ListServiceOfferingsCmd.class);
cmdList.add(ActivateProjectCmd.class);
cmdList.add(CreateProjectCmd.class);
cmdList.add(DeleteProjectCmd.class);
cmdList.add(DeleteProjectInvitationCmd.class);
cmdList.add(ListProjectInvitationsCmd.class);
cmdList.add(ListProjectsCmd.class);
cmdList.add(SuspendProjectCmd.class);
cmdList.add(UpdateProjectCmd.class);
cmdList.add(UpdateProjectInvitationCmd.class);
cmdList.add(ListRegionsCmd.class);
cmdList.add(GetCloudIdentifierCmd.class);
cmdList.add(ListHypervisorsCmd.class);
cmdList.add(ListResourceLimitsCmd.class);
cmdList.add(UpdateResourceCountCmd.class);
cmdList.add(UpdateResourceLimitCmd.class);
cmdList.add(AuthorizeSecurityGroupEgressCmd.class);
cmdList.add(AuthorizeSecurityGroupIngressCmd.class);
cmdList.add(CreateSecurityGroupCmd.class);
cmdList.add(DeleteSecurityGroupCmd.class);
cmdList.add(ListSecurityGroupsCmd.class);
cmdList.add(RevokeSecurityGroupEgressCmd.class);
cmdList.add(RevokeSecurityGroupIngressCmd.class);
cmdList.add(CreateSnapshotCmd.class);
cmdList.add(CreateSnapshotPolicyCmd.class);
cmdList.add(DeleteSnapshotCmd.class);
cmdList.add(DeleteSnapshotPoliciesCmd.class);
cmdList.add(ListSnapshotPoliciesCmd.class);
cmdList.add(ListSnapshotsCmd.class);
cmdList.add(CreateSSHKeyPairCmd.class);
cmdList.add(DeleteSSHKeyPairCmd.class);
cmdList.add(ListSSHKeyPairsCmd.class);
cmdList.add(RegisterSSHKeyPairCmd.class);
cmdList.add(CreateTagsCmd.class);
cmdList.add(DeleteTagsCmd.class);
cmdList.add(ListTagsCmd.class);
cmdList.add(CopyTemplateCmd.class);
cmdList.add(CreateTemplateCmd.class);
cmdList.add(DeleteTemplateCmd.class);
cmdList.add(ExtractTemplateCmd.class);
cmdList.add(ListTemplatePermissionsCmd.class);
cmdList.add(ListTemplatesCmd.class);
cmdList.add(RegisterTemplateCmd.class);
cmdList.add(UpdateTemplateCmd.class);
cmdList.add(UpdateTemplatePermissionsCmd.class);
cmdList.add(AddNicToVMCmd.class);
cmdList.add(DeployVMCmd.class);
cmdList.add(DestroyVMCmd.class);
cmdList.add(GetVMPasswordCmd.class);
cmdList.add(ListVMsCmd.class);
cmdList.add(RebootVMCmd.class);
cmdList.add(RemoveNicFromVMCmd.class);
cmdList.add(ResetVMPasswordCmd.class);
cmdList.add(ResetVMSSHKeyCmd.class);
cmdList.add(RestoreVMCmd.class);
cmdList.add(StartVMCmd.class);
cmdList.add(StopVMCmd.class);
cmdList.add(UpdateDefaultNicForVMCmd.class);
cmdList.add(UpdateVMCmd.class);
cmdList.add(UpgradeVMCmd.class);
cmdList.add(CreateVMGroupCmd.class);
cmdList.add(DeleteVMGroupCmd.class);
cmdList.add(ListVMGroupsCmd.class);
cmdList.add(UpdateVMGroupCmd.class);
cmdList.add(AttachVolumeCmd.class);
cmdList.add(CreateVolumeCmd.class);
cmdList.add(DeleteVolumeCmd.class);
cmdList.add(DetachVolumeCmd.class);
cmdList.add(ExtractVolumeCmd.class);
cmdList.add(ListVolumesCmd.class);
cmdList.add(MigrateVolumeCmd.class);
cmdList.add(ResizeVolumeCmd.class);
cmdList.add(UploadVolumeCmd.class);
cmdList.add(CreateStaticRouteCmd.class);
cmdList.add(CreateVPCCmd.class);
cmdList.add(DeleteStaticRouteCmd.class);
cmdList.add(DeleteVPCCmd.class);
cmdList.add(ListPrivateGatewaysCmd.class);
cmdList.add(ListStaticRoutesCmd.class);
cmdList.add(ListVPCOfferingsCmd.class);
cmdList.add(ListVPCsCmd.class);
cmdList.add(RestartVPCCmd.class);
cmdList.add(UpdateVPCCmd.class);
cmdList.add(AddVpnUserCmd.class);
cmdList.add(CreateRemoteAccessVpnCmd.class);
cmdList.add(CreateVpnConnectionCmd.class);
cmdList.add(CreateVpnCustomerGatewayCmd.class);
cmdList.add(CreateVpnGatewayCmd.class);
cmdList.add(DeleteRemoteAccessVpnCmd.class);
cmdList.add(DeleteVpnConnectionCmd.class);
cmdList.add(DeleteVpnCustomerGatewayCmd.class);
cmdList.add(DeleteVpnGatewayCmd.class);
cmdList.add(ListRemoteAccessVpnsCmd.class);
cmdList.add(ListVpnConnectionsCmd.class);
cmdList.add(ListVpnCustomerGatewaysCmd.class);
cmdList.add(ListVpnGatewaysCmd.class);
cmdList.add(ListVpnUsersCmd.class);
cmdList.add(RemoveVpnUserCmd.class);
cmdList.add(ResetVpnConnectionCmd.class);
cmdList.add(UpdateVpnCustomerGatewayCmd.class);
cmdList.add(ListZonesByCmd.class);
return cmdList;
}
@ -2187,6 +2509,10 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
String userPublicTemplateEnabled = _configs.get(Config.AllowPublicUserTemplates.key());
// add some parameters UI needs to handle API throttling
Integer apiLimitInterval = Integer.valueOf(_configDao.getValue(Config.ApiLimitInterval.key()));
Integer apiLimitMax = Integer.valueOf(_configDao.getValue(Config.ApiLimitMax.key()));
capabilities.put("securityGroupsEnabled", securityGroupsEnabled);
capabilities
.put("userPublicTemplateEnabled", (userPublicTemplateEnabled == null || userPublicTemplateEnabled.equals("false") ? false : true));
@ -2195,6 +2521,8 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
capabilities.put("projectInviteRequired", _projectMgr.projectInviteRequired());
capabilities.put("allowusercreateprojects", _projectMgr.allowUserToCreateProject());
capabilities.put("customDiskOffMaxSize", diskOffMaxSize);
capabilities.put("apiLimitInterval", apiLimitInterval);
capabilities.put("apiLimitMax", apiLimitMax);
return capabilities;
}

31
server/src/com/cloud/vm/UserVmManagerImpl.java
View File

@ -2873,34 +2873,26 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Use
// Verify that caller can perform actions in behalf of vm owner
_accountMgr.checkAccess(caller, null, true, owner);
// If no network is specified, find system security group enabled
// network
// If no network is specified, find system security group enabled network
if (networkIdList == null || networkIdList.isEmpty()) {
Network networkWithSecurityGroup = _networkModel.getNetworkWithSecurityGroupEnabled(zone.getId());
if (networkWithSecurityGroup == null) {
throw new InvalidParameterValueException(
"No network with security enabled is found in zone id="
+ zone.getId());
throw new InvalidParameterValueException("No network with security enabled is found in zone id=" + zone.getId());
}
networkList.add(_networkDao.findById(networkWithSecurityGroup.getId()));
isSecurityGroupEnabledNetworkUsed = true;
} else if (securityGroupIdList != null
&& !securityGroupIdList.isEmpty()) {
} else if (securityGroupIdList != null && !securityGroupIdList.isEmpty()) {
if (isVmWare) {
throw new InvalidParameterValueException(
"Security group feature is not supported for vmWare hypervisor");
throw new InvalidParameterValueException("Security group feature is not supported for vmWare hypervisor");
}
// Only one network can be specified, and it should be security
// group enabled
// Only one network can be specified, and it should be security group enabled
if (networkIdList.size() > 1) {
throw new InvalidParameterValueException(
"Only support one network per VM if security group enabled");
throw new InvalidParameterValueException("Only support one network per VM if security group enabled");
}
NetworkVO network = _networkDao.findById(networkIdList.get(0)
.longValue());
NetworkVO network = _networkDao.findById(networkIdList.get(0).longValue());
if (network == null) {
throw new InvalidParameterValueException(
@ -2921,9 +2913,7 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Use
NetworkVO network = _networkDao.findById(networkId);
if (network == null) {
throw new InvalidParameterValueException(
"Unable to find network by id "
+ networkIdList.get(0).longValue());
throw new InvalidParameterValueException("Unable to find network by id " + networkIdList.get(0).longValue());
}
boolean isSecurityGroupEnabled = _networkModel.isSecurityGroupSupportedInNetwork(network);
@ -2952,9 +2942,8 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Use
// if network is security group enabled, and no security group is specified, then add the default security group automatically
if (isSecurityGroupEnabledNetworkUsed && !isVmWare && _networkModel.canAddDefaultSecurityGroup()) {
// add the default securityGroup only if no security group is
// specified
if (securityGroupIdList == null || securityGroupIdList.isEmpty()) {
//add the default securityGroup only if no security group is specified
if(securityGroupIdList == null || securityGroupIdList.isEmpty()){
if (securityGroupIdList == null) {
securityGroupIdList = new ArrayList<Long>();
}

4
setup/db/db/schema-40to410.sql
View File

@ -146,6 +146,10 @@ UPDATE `cloud`.`counter` set uuid=id WHERE uuid is NULL;
UPDATE `cloud`.`conditions` set uuid=id WHERE uuid is NULL;
INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', '"detail.batch.query.size"', '2000', 'Default entity detail batch query size for listing');
INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', '"api.throttling.interval"', '1', 'Time interval (in seconds) to reset API count');
INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', '"api.throttling.max"', '25', 'Max allowed number of APIs within fixed interval');
INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', '"api.throttling.cachesize"', '50000', 'Account based API count cache size');
-- DB views for list api

21
tools/appliance/definitions/systemvmtemplate/LICENSE Normal file
View File

@ -0,0 +1,21 @@
The MIT License
Copyright (c) 2010-2012 Patrick Debois
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.

45
tools/appliance/definitions/systemvmtemplate/base.sh Normal file
View File

@ -0,0 +1,45 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
# Update the box
apt-get -y update
#below are needed for ruby perhaps
#apt-get -y install linux-headers-$(uname -r) build-essential
#apt-get -y install zlib1g-dev libssl-dev libreadline-gplv2-dev
apt-get -y install curl unzip
apt-get clean
# Set up sudo
echo 'vagrant ALL=NOPASSWD:ALL' > /etc/sudoers.d/vagrant
# Tweak sshd to prevent DNS resolution (speed up logins)
echo 'UseDNS no' >> /etc/ssh/sshd_config
# Remove 5s grub timeout to speed up booting
echo <<EOF > /etc/default/grub
# If you change this file, run 'update-grub' afterwards to update
# /boot/grub/grub.cfg.
GRUB_DEFAULT=0
GRUB_TIMEOUT=0
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
GRUB_CMDLINE_LINUX_DEFAULT="quiet"
GRUB_CMDLINE_LINUX="debian-installer=en_US"
EOF
update-grub

39
tools/appliance/definitions/systemvmtemplate/cleanup.sh Normal file
View File

@ -0,0 +1,39 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
# Clean up
#apt-get -y remove linux-headers-$(uname -r) build-essential
apt-get -y remove dictionaries-common busybox
apt-get -y autoremove
apt-get clean
# Removing leftover leases and persistent rules
echo "cleaning up dhcp leases"
rm /var/lib/dhcp/*
# Make sure Udev doesn't block our network
echo "cleaning up udev rules"
rm /etc/udev/rules.d/70-persistent-net.rules
mkdir /etc/udev/rules.d/70-persistent-net.rules
rm -rf /dev/.udev/
rm /lib/udev/rules.d/75-persistent-net-generator.rules
echo "Adding a 2 sec delay to the interface up, to make the dhclient happy"
echo "pre-up sleep 2" >> /etc/network/interfaces
#clean up stuff copied in by veewee
rm -f /root/*

90
tools/appliance/definitions/systemvmtemplate/cloudstack-packages.sh Normal file
View File

@ -0,0 +1,90 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
ROOTPW=password
CLOUDSTACK_RELEASE=4.2.0
install_packages() {
DEBIAN_FRONTEND=noninteractive
DEBIAN_PRIORITY=critical
#basic stuff
apt-get --no-install-recommends -q -y --force-yes install rsyslog logrotate cron chkconfig insserv net-tools ifupdown vim-tiny netbase iptables openssh-server grub-legacy e2fsprogs dhcp3-client dnsmasq tcpdump socat wget python bzip2 sed gawk diff grep gzip less tar telnet ftp rsync traceroute psmisc lsof procps monit inetutils-ping iputils-arping httping dnsutils zip unzip ethtool uuid file iproute acpid iptables-persistent virt-what sudo
#sysstat
echo 'sysstat sysstat/enable boolean true' | debconf-set-selections
apt-get --no-install-recommends -q -y --force-yes install sysstat
#apache
apt-get --no-install-recommends -q -y --force-yes install apache2 ssl-cert
#haproxy
apt-get --no-install-recommends -q -y --force-yes install haproxy
#dnsmasq
apt-get --no-install-recommends -q -y --force-yes install dnsmasq
#nfs client
apt-get --no-install-recommends -q -y --force-yes install nfs-common
#vpn stuff
apt-get --no-install-recommends -q -y --force-yes install xl2tpd bcrelay ppp ipsec-tools tdb-tools
echo "openswan openswan/install_x509_certificate boolean false" | debconf-set-selections
echo "openswan openswan/install_x509_certificate seen true" | debconf-set-selections
chroot . apt-get --no-install-recommends -q -y --force-yes install openswan
#vmware tools
apt-get --no-install-recommends -q -y --force-yes install open-vm-tools
#xenstore utils
apt-get --no-install-recommends -q -y --force-yes install xenstore-utils libxenstore3.0
#keepalived and conntrackd
apt-get --no-install-recommends -q -y --force-yes install keepalived conntrackd ipvsadm libnetfilter-conntrack3 libnl1
#ipcalc
apt-get --no-install-recommends -q -y --force-yes install ipcalc
#java
apt-get --no-install-recommends -q -y --force-yes install default-jre-headless
}
accounts() {
# Setup sudo to allow no-password sudo for "admin"
groupadd -r admin
#create a 'cloud' user
useradd -G admin cloud
echo "root:password" | chpasswd
echo "cloud:password" | chpasswd
sed -i -e '/Defaults\s\+env_reset/a Defaults\texempt_group=admin' /etc/sudoers
sed -i -e 's/%admin ALL=(ALL) ALL/%admin ALL=NOPASSWD:ALL/g' /etc/sudoers
mkdir -p /home/cloud/.ssh
chmod 700 /home/cloud/.ssh
}
do_fixes() {
#fix hostname in openssh-server generated keys
sed -i "s/root@\(.*\)$/root@systemvm/g" /etc/ssh/ssh_host_*.pub
}
signature() {
mkdir -p /var/cache/cloud/
touch /var/cache/cloud/cloud-scripts-signature
echo "Cloudstack Release $CLOUDSTACK_RELEASE $(date)" > /etc/cloudstack-release
}
echo "*************INSTALLING PACKAGES********************"
install_packages
echo "*************DONE INSTALLING PACKAGES********************"
accounts
do_fixes
signature

878
tools/appliance/definitions/systemvmtemplate/config.dat Normal file
View File

File diff suppressed because one or more lines are too long

8
tools/appliance/definitions/systemvmtemplate/definition.rb
View File

@ -38,6 +38,7 @@ Veewee::Definition.declare({
'debconf/frontend=noninteractive ',
'console-setup/ask_detect=false ',
'console-keymaps-at/keymap=us ',
'keyboard-configuration/xkb-keymap=us ',
'<Enter>'
],
:kickstart_port => "7122",
@ -52,7 +53,10 @@ Veewee::Definition.declare({
:sudo_cmd => "echo '%p'|sudo -S sh '%f'",
:shutdown_cmd => "halt -p",
:postinstall_files => [
"postinstall.sh",
"base.sh",
"cloudstack-packages.sh",
"cleanup.sh",
"zerodisk.sh"
],
:postinstall_timeout => "10000"
:postinstall_timeout => "100000"
})

46
tools/appliance/definitions/systemvmtemplate/postinstall.sh
View File

@ -59,44 +59,46 @@ EOF
install_packages() {
DEBIAN_FRONTEND=noninteractive
DEBIAN_PRIORITY=critical
DEBCONF_DB_OVERRIDE=File{/root/config.dat}
export DEBIAN_FRONTEND DEBIAN_PRIORITY DEBCONF_DB_OVERRIDE
#basic stuff
chroot . apt-get --no-install-recommends -q -y --force-yes install rsyslog logrotate cron chkconfig insserv net-tools ifupdown vim-tiny netbase iptables openssh-server grub-legacy e2fsprogs dhcp3-client dnsmasq tcpdump socat wget python bzip2 sed gawk diff grep gzip less tar telnet ftp rsync traceroute psmisc lsof procps monit inetutils-ping iputils-arping httping dnsutils zip unzip ethtool uuid file iproute acpid iptables-persistent virt-what sudo
apt-get --no-install-recommends -q -y --force-yes install rsyslog logrotate cron chkconfig insserv net-tools ifupdown vim-tiny netbase iptables openssh-server grub-legacy e2fsprogs dhcp3-client dnsmasq tcpdump socat wget python bzip2 sed gawk diff grep gzip less tar telnet ftp rsync traceroute psmisc lsof procps monit inetutils-ping iputils-arping httping dnsutils zip unzip ethtool uuid file iproute acpid iptables-persistent virt-what sudo
#fix hostname in openssh-server generated keys
sed -i "s/root@\(.*\)$/root@systemvm/g" etc/ssh/ssh_host_*.pub
#sysstat
chroot . echo 'sysstat sysstat/enable boolean true' | chroot . debconf-set-selections
chroot . apt-get --no-install-recommends -q -y --force-yes install sysstat
echo 'sysstat sysstat/enable boolean true' | debconf-set-selections
apt-get --no-install-recommends -q -y --force-yes install sysstat
#apache
chroot . apt-get --no-install-recommends -q -y --force-yes install apache2 ssl-cert
apt-get --no-install-recommends -q -y --force-yes install apache2 ssl-cert
#haproxy
chroot . apt-get --no-install-recommends -q -y --force-yes install haproxy
apt-get --no-install-recommends -q -y --force-yes install haproxy
#dnsmasq
chroot . apt-get --no-install-recommends -q -y --force-yes install dnsmasq
apt-get --no-install-recommends -q -y --force-yes install dnsmasq
#nfs client
chroot . apt-get --no-install-recommends -q -y --force-yes install nfs-common
apt-get --no-install-recommends -q -y --force-yes install nfs-common
#vpn stuff
chroot . apt-get --no-install-recommends -q -y --force-yes install xl2tpd openswan bcrelay ppp ipsec-tools tdb-tools
apt-get --no-install-recommends -q -y --force-yes install xl2tpd openswan bcrelay ppp ipsec-tools tdb-tools
#vmware tools
chroot . apt-get --no-install-recommends -q -y --force-yes install open-vm-tools
apt-get --no-install-recommends -q -y --force-yes install open-vm-tools
#xenstore utils
chroot . apt-get --no-install-recommends -q -y --force-yes install xenstore-utils libxenstore3.0
apt-get --no-install-recommends -q -y --force-yes install xenstore-utils libxenstore3.0
#keepalived and conntrackd
chroot . apt-get --no-install-recommends -q -y --force-yes install keepalived conntrackd ipvsadm libnetfilter-conntrack3 libnl1
apt-get --no-install-recommends -q -y --force-yes install keepalived conntrackd ipvsadm libnetfilter-conntrack3 libnl1
#ipcalc
chroot . apt-get --no-install-recommends -q -y --force-yes install ipcalc
apt-get --no-install-recommends -q -y --force-yes install ipcalc
#java
apt-get --no-install-recommends -q -y --force-yes install default-jre-headless
# Setup sudo to allow no-password sudo for "admin"
groupadd -r admin
usermod -a -G admin cloud
echo "root:password" | chpasswd
sed -i -e '/Defaults\s\+env_reset/a Defaults\texempt_group=admin' /etc/sudoers
sed -i -e 's/%admin ALL=(ALL) ALL/%admin ALL=NOPASSWD:ALL/g' /etc/sudoers
mkdir /home/cloud/.ssh
chmod 700 /home/cloud/.ssh
echo "***** getting sun jre 6*********"
chroot . echo 'sun-java6-bin shared/accepted-sun-dlj-v1-1 boolean true
sun-java6-jre shared/accepted-sun-dlj-v1-1 boolean true
sun-java6-jre sun-java6-jre/stopthread boolean true
sun-java6-jre sun-java6-jre/jcepolicy note
sun-java6-bin shared/present-sun-dlj-v1-1 note
sun-java6-jre shared/present-sun-dlj-v1-1 note ' | chroot . debconf-set-selections
chroot . apt-get --no-install-recommends -q -y install sun-java6-jre
}
cleanup() {

6
tools/appliance/definitions/systemvmtemplate/preseed.cfg
View File

@ -187,7 +187,7 @@ d-i partman/confirm_nooverwrite boolean true
### Account setup
# Skip creation of a root account (normal user account will be able to
# use sudo).
d-i passwd/root-login boolean false
d-i passwd/root-login boolean true
# Alternatively, to skip creation of a normal user account.
#d-i passwd/make-user boolean false
@ -233,7 +233,7 @@ d-i passwd/user-default-groups string audio cdrom video admin
#d-i debian-installer/allow_unauthenticated string true
### Package selection
tasksel tasksel/first multiselect standard
tasksel tasksel/first multiselect ssh-server
# If the desktop task is selected, install the kde and xfce desktops
# instead of the default gnome desktop.
#tasksel tasksel/desktop multiselect kde, xfce
@ -265,7 +265,7 @@ d-i grub-installer/only_debian boolean true
# This one makes grub-installer install to the MBR if it also finds some other
# OS, which is less safe as it might not be able to boot that other OS.
d-i grub-installer/with_other_os boolean true
#d-i grub-installer/with_other_os boolean true
# Alternatively, if you want to install to a location other than the mbr,
# uncomment and edit these lines:

20
tools/appliance/definitions/systemvmtemplate/zerodisk.sh Normal file
View File

@ -0,0 +1,20 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
# Zero out the free space to save space in the final image:
dd if=/dev/zero of=/EMPTY bs=1M
rm -f /EMPTY

24
ui/scripts/instanceWizard.js
View File

@ -360,14 +360,11 @@
canusefordeploy: true
};
// step5ContainerType of Advanced SG-enabled zone is 'select-security-group', so won't come into this block
/*
if(selectedZoneObj.networktype == 'Advanced' && selectedZoneObj.securitygroupsenabled == true) {
$.extend(networkData, {
type: 'Shared'
});
}
*/
}
if (!(cloudStack.context.projects && cloudStack.context.projects[0])) {
networkData.domainid = g_domainid;
@ -386,22 +383,31 @@
}
});
var networkObjsToPopulate = [];
$.ajax({
url: createURL('listNetworks'),
data: networkData,
async: false,
success: function(json) {
networkObjs = json.listnetworksresponse.network ? json.listnetworksresponse.network : [];
networkObjs = json.listnetworksresponse.network ? json.listnetworksresponse.network : [];
if(networkObjs.length > 0) {
for(var i = 0; i < networkObjs.length; i++) {
var networkObj = networkObjs[i];
var includingSecurityGroup = false;
var serviceObjArray = networkObj.service;
for(var k = 0; k < serviceObjArray.length; k++) {
if(serviceObjArray[k].name == "SecurityGroup") {
networkObjs[i].type = networkObjs[i].type + ' (sg)';
networkObjs[i].type = networkObjs[i].type + ' (sg)';
includingSecurityGroup = true;
break;
}
}
}
//for Advanced SG-enabled zone, list only SG network offerings
if(selectedZoneObj.networktype == 'Advanced' && selectedZoneObj.securitygroupsenabled == true) {
if(includingSecurityGroup == false)
continue; //skip to next network offering
}
networkObjsToPopulate.push(networkObj);
}
}
}
@ -439,7 +445,7 @@
args.response.success({
type: 'select-network',
data: {
networkObjs: networkObjs,
networkObjs: networkObjsToPopulate,
securityGroups: [],
networkOfferings: networkOfferingObjs,
vpcs: vpcObjs

46
ui/scripts/system.js
View File

@ -1144,8 +1144,7 @@
docID: 'helpGuestNetworkZoneScope',
select: function(args) {
var array1 = [];
if(args.context.zones[0].networktype == "Advanced" && args.context.zones[0].securitygroupsenabled == true) {
array1.push({id: 'account-specific', description: 'Account'});
if(args.context.zones[0].networktype == "Advanced" && args.context.zones[0].securitygroupsenabled == true) {
array1.push({id: 'zone-wide', description: 'All'});
}
else {
@ -1312,38 +1311,31 @@
}
var networkOfferingArray = [];
$.ajax({
url: createURL(apiCmd + array1.join("")),
dataType: "json",
async: false,
success: function(json) {
success: function(json) {
networkOfferingObjs = json.listnetworkofferingsresponse.networkoffering;
if (networkOfferingObjs != null && networkOfferingObjs.length > 0) {
for (var i = 0; i < networkOfferingObjs.length; i++) {
if(args.scope=="account-specific" && args.context.zones[0].securitygroupsenabled == true) { //BUG - CLOUDSTACK-1063
var serviceObjArray = networkOfferingObjs[i].name;
if(serviceObjArray == "DefaultSharedNetworkOfferingWithSGService"){
continue;
}
}
//comment out the following 12 lines because of CS-16718
/*
if(args.scope == "account-specific" || args.scope == "project-specific") { //if args.scope == "account-specific" or "project-specific", exclude Isolated network offerings with SourceNat service (bug 12869)
var includingSourceNat = false;
var serviceObjArray = networkOfferingObjs[i].service;
for(var k = 0; k < serviceObjArray.length; k++) {
if(serviceObjArray[k].name == "SourceNat") {
includingSourceNat = true;
break;
}
}
if(includingSourceNat == true)
continue; //skip to next network offering
for (var i = 0; i < networkOfferingObjs.length; i++) {
//for zone-wide network in Advanced SG-enabled zone, list only SG network offerings
if(args.context.zones[0].networktype == 'Advanced' && args.context.zones[0].securitygroupsenabled == true) {
if(args.scope == "zone-wide") {
var includingSecurityGroup = false;
var serviceObjArray = networkOfferingObjs[i].service;
for(var k = 0; k < serviceObjArray.length; k++) {
if(serviceObjArray[k].name == "SecurityGroup") {
includingSecurityGroup = true;
break;
}
}
if(includingSecurityGroup == false)
continue; //skip to next network offering
}
}
*/
networkOfferingArray.push({id: networkOfferingObjs[i].id, description: networkOfferingObjs[i].displaytext});
}
}