From cbd2b5a022476e8b85f8ce745d01db5370fb185f Mon Sep 17 00:00:00 2001
From: Pearl Dsilva <pearl1594@gmail.com>
Date: Thu, 19 Jun 2025 04:03:58 -0400
Subject: [PATCH 01/83] Add check for ldap truststore password (#11055)

---
 .../cloudstack/ldap/LdapContextFactory.java   | 34 +++++++++++++++++--
 .../cloudstack/ldap/LdapManagerImpl.java      |  5 +++
 2 files changed, 37 insertions(+), 2 deletions(-)

diff --git a/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapContextFactory.java b/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapContextFactory.java
index 0161adf9fda..ee48e8cc027 100644
--- a/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapContextFactory.java
+++ b/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapContextFactory.java
@@ -16,6 +16,7 @@
 // under the License.
 package org.apache.cloudstack.ldap;
 
+import java.io.FileInputStream;
 import java.io.IOException;
 import java.util.Hashtable;
 
@@ -24,6 +25,7 @@ import javax.naming.Context;
 import javax.naming.NamingException;
 import javax.naming.ldap.InitialLdapContext;
 import javax.naming.ldap.LdapContext;
+import java.security.KeyStore;
 
 import org.apache.commons.lang3.StringUtils;
 import org.apache.log4j.Logger;
@@ -72,8 +74,36 @@ public class LdapContextFactory {
         if (sslStatus) {
             s_logger.info("LDAP SSL enabled.");
             environment.put(Context.SECURITY_PROTOCOL, "ssl");
-            System.setProperty("javax.net.ssl.trustStore", _ldapConfiguration.getTrustStore(domainId));
-            System.setProperty("javax.net.ssl.trustStorePassword", _ldapConfiguration.getTrustStorePassword(domainId));
+            String trustStore = _ldapConfiguration.getTrustStore(domainId);
+            String trustStorePassword = _ldapConfiguration.getTrustStorePassword(domainId);
+
+            if (!validateTrustStore(trustStore, trustStorePassword)) {
+                throw new RuntimeException("Invalid truststore or truststore password");
+            }
+
+            System.setProperty("javax.net.ssl.trustStore", trustStore);
+            System.setProperty("javax.net.ssl.trustStorePassword", trustStorePassword);
+        }
+    }
+
+    private boolean validateTrustStore(String trustStore, String trustStorePassword) {
+        if (trustStore == null) {
+            return true;
+        }
+
+        if (trustStorePassword == null) {
+            return false;
+        }
+
+        try {
+            KeyStore.getInstance("JKS").load(
+                new FileInputStream(trustStore),
+                trustStorePassword.toCharArray()
+            );
+            return true;
+        } catch (Exception e) {
+            s_logger.warn("Failed to validate truststore: " + e.getMessage());
+            return false;
         }
     }
 
diff --git a/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapManagerImpl.java b/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapManagerImpl.java
index 6ed79a0c69f..352e439b50c 100644
--- a/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapManagerImpl.java
+++ b/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapManagerImpl.java
@@ -186,6 +186,11 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
             } catch (NamingException | IOException e) {
                 LOGGER.debug("NamingException while doing an LDAP bind", e);
                 throw new InvalidParameterValueException("Unable to bind to the given LDAP server");
+            } catch (RuntimeException e) {
+                if (e.getMessage().contains("Invalid truststore")) {
+                    throw new InvalidParameterValueException("Invalid truststore or truststore password");
+                }
+                throw e;
             } finally {
                 closeContext(context);
             }

From 75147b781163958200287aa9979e60bf602b2f89 Mon Sep 17 00:00:00 2001
From: Nicolas Vazquez <nicovazquez90@gmail.com>
Date: Mon, 23 Jun 2025 07:49:51 -0300
Subject: [PATCH 02/83] [Vmware to KVM Migration] Display virt-v2v and ovftool
 versions for supported hosts for migration (#11019)

* [Vmware to KVM Migration] Display virt-v2v and ovftool versions for supported hosts for migration

* Fix UI display

* Address review comments

* Fix ovftool and version display - also display versions on host details view
---
 api/src/main/java/com/cloud/host/Host.java    |  9 ++++--
 .../cloud/agent/manager/AgentManagerImpl.java | 17 ++++++++++-
 .../resource/LibvirtComputingResource.java    | 29 +++++++++++++++++--
 .../wrapper/LibvirtReadyCommandWrapper.java   |  8 +++++
 ui/public/locales/en.json                     |  2 ++
 ui/src/views/infra/HostInfo.vue               | 16 ++++++++++
 .../views/tools/ImportUnmanagedInstance.vue   |  6 ++++
 7 files changed, 81 insertions(+), 6 deletions(-)

diff --git a/api/src/main/java/com/cloud/host/Host.java b/api/src/main/java/com/cloud/host/Host.java
index 56b4ed75a31..a3b6ccadc01 100644
--- a/api/src/main/java/com/cloud/host/Host.java
+++ b/api/src/main/java/com/cloud/host/Host.java
@@ -53,9 +53,12 @@ public interface Host extends StateObject<Status>, Identity, Partition, HAResour
             return strs;
         }
     }
-    public static final String HOST_UEFI_ENABLE = "host.uefi.enable";
-    public static final String HOST_VOLUME_ENCRYPTION = "host.volume.encryption";
-    public static final String HOST_INSTANCE_CONVERSION = "host.instance.conversion";
+
+    String HOST_UEFI_ENABLE = "host.uefi.enable";
+    String HOST_VOLUME_ENCRYPTION = "host.volume.encryption";
+    String HOST_INSTANCE_CONVERSION = "host.instance.conversion";
+    String HOST_OVFTOOL_VERSION = "host.ovftool.version";
+    String HOST_VIRTV2V_VERSION = "host.virtv2v.version";
 
     /**
      * @return name of the machine.
diff --git a/engine/orchestration/src/main/java/com/cloud/agent/manager/AgentManagerImpl.java b/engine/orchestration/src/main/java/com/cloud/agent/manager/AgentManagerImpl.java
index 9137d1c1dff..aff528efede 100644
--- a/engine/orchestration/src/main/java/com/cloud/agent/manager/AgentManagerImpl.java
+++ b/engine/orchestration/src/main/java/com/cloud/agent/manager/AgentManagerImpl.java
@@ -54,6 +54,7 @@ import org.apache.cloudstack.utils.identity.ManagementServerNode;
 import org.apache.cloudstack.utils.reflectiontostringbuilderutils.ReflectionToStringBuilderUtils;
 import org.apache.commons.collections.MapUtils;
 import org.apache.commons.lang3.BooleanUtils;
+import org.apache.commons.lang3.ObjectUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.logging.log4j.ThreadContext;
 
@@ -703,11 +704,25 @@ public class AgentManagerImpl extends ManagerBase implements AgentManager, Handl
             Map<String, String> detailsMap = readyAnswer.getDetailsMap();
             if (detailsMap != null) {
                 String uefiEnabled = detailsMap.get(Host.HOST_UEFI_ENABLE);
+                String virtv2vVersion = detailsMap.get(Host.HOST_VIRTV2V_VERSION);
+                String ovftoolVersion = detailsMap.get(Host.HOST_OVFTOOL_VERSION);
                 logger.debug("Got HOST_UEFI_ENABLE [{}] for host [{}]:", uefiEnabled, host);
-                if (uefiEnabled != null) {
+                if (ObjectUtils.anyNotNull(uefiEnabled, virtv2vVersion, ovftoolVersion)) {
                     _hostDao.loadDetails(host);
+                    boolean updateNeeded = false;
                     if (!uefiEnabled.equals(host.getDetails().get(Host.HOST_UEFI_ENABLE))) {
                         host.getDetails().put(Host.HOST_UEFI_ENABLE, uefiEnabled);
+                        updateNeeded = true;
+                    }
+                    if (StringUtils.isNotBlank(virtv2vVersion) && !virtv2vVersion.equals(host.getDetails().get(Host.HOST_VIRTV2V_VERSION))) {
+                        host.getDetails().put(Host.HOST_VIRTV2V_VERSION, virtv2vVersion);
+                        updateNeeded = true;
+                    }
+                    if (StringUtils.isNotBlank(ovftoolVersion) && !ovftoolVersion.equals(host.getDetails().get(Host.HOST_OVFTOOL_VERSION))) {
+                        host.getDetails().put(Host.HOST_OVFTOOL_VERSION, ovftoolVersion);
+                        updateNeeded = true;
+                    }
+                    if (updateNeeded) {
                         _hostDao.saveDetails(host);
                     }
                 }
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
index 13518de5cb3..7fb3839860f 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
@@ -17,6 +17,8 @@
 package com.cloud.hypervisor.kvm.resource;
 
 import static com.cloud.host.Host.HOST_INSTANCE_CONVERSION;
+import static com.cloud.host.Host.HOST_OVFTOOL_VERSION;
+import static com.cloud.host.Host.HOST_VIRTV2V_VERSION;
 import static com.cloud.host.Host.HOST_VOLUME_ENCRYPTION;
 
 import java.io.BufferedReader;
@@ -3766,7 +3768,14 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv
         cmd.setIqn(getIqn());
         cmd.getHostDetails().put(HOST_VOLUME_ENCRYPTION, String.valueOf(hostSupportsVolumeEncryption()));
         cmd.setHostTags(getHostTags());
-        cmd.getHostDetails().put(HOST_INSTANCE_CONVERSION, String.valueOf(hostSupportsInstanceConversion()));
+        boolean instanceConversionSupported = hostSupportsInstanceConversion();
+        cmd.getHostDetails().put(HOST_INSTANCE_CONVERSION, String.valueOf(instanceConversionSupported));
+        if (instanceConversionSupported) {
+            cmd.getHostDetails().put(HOST_VIRTV2V_VERSION, getHostVirtV2vVersion());
+        }
+        if (hostSupportsOvfExport()) {
+            cmd.getHostDetails().put(HOST_OVFTOOL_VERSION, getHostOvfToolVersion());
+        }
         HealthCheckResult healthCheckResult = getHostHealthCheckResult();
         if (healthCheckResult != HealthCheckResult.IGNORE) {
             cmd.setHostHealthCheckResult(healthCheckResult == HealthCheckResult.SUCCESS);
@@ -5368,8 +5377,24 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv
         return exitValue == 0;
     }
 
+    public String getHostVirtV2vVersion() {
+        if (!hostSupportsInstanceConversion()) {
+            return "";
+        }
+        String cmd = String.format("%s | awk '{print $2}'", INSTANCE_CONVERSION_SUPPORTED_CHECK_CMD);
+        String version = Script.runSimpleBashScript(cmd);
+        return StringUtils.isNotBlank(version) ? version.split(",")[0] : "";
+    }
+
+    public String getHostOvfToolVersion() {
+        if (!hostSupportsOvfExport()) {
+            return "";
+        }
+        return Script.runSimpleBashScript(OVF_EXPORT_TOOl_GET_VERSION_CMD);
+    }
+
     public boolean ovfExportToolSupportsParallelThreads() {
-        String ovfExportToolVersion = Script.runSimpleBashScript(OVF_EXPORT_TOOl_GET_VERSION_CMD);
+        String ovfExportToolVersion = getHostOvfToolVersion();
         if (StringUtils.isBlank(ovfExportToolVersion)) {
             return false;
         }
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtReadyCommandWrapper.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtReadyCommandWrapper.java
index 8f23e79e4a3..485254c6bb9 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtReadyCommandWrapper.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtReadyCommandWrapper.java
@@ -47,6 +47,14 @@ public final class LibvirtReadyCommandWrapper extends CommandWrapper<ReadyComman
             hostDetails.put(Host.HOST_UEFI_ENABLE, Boolean.TRUE.toString());
         }
 
+        if (libvirtComputingResource.hostSupportsInstanceConversion()) {
+            hostDetails.put(Host.HOST_VIRTV2V_VERSION, libvirtComputingResource.getHostVirtV2vVersion());
+        }
+
+        if (libvirtComputingResource.hostSupportsOvfExport()) {
+            hostDetails.put(Host.HOST_OVFTOOL_VERSION, libvirtComputingResource.getHostOvfToolVersion());
+        }
+
         return new ReadyAnswer(command, hostDetails);
     }
 
diff --git a/ui/public/locales/en.json b/ui/public/locales/en.json
index f3ab19bb88a..026880e38fd 100644
--- a/ui/public/locales/en.json
+++ b/ui/public/locales/en.json
@@ -1089,7 +1089,9 @@
 "label.host": "IP address",
 "label.host.alerts": "Hosts in alert state",
 "label.host.name": "Host name",
+"label.host.ovftool.version": "OVFTool Version",
 "label.host.tag": "Host tag",
+"label.host.virtv2v.version": "Virt-v2v Version",
 "label.hostcontrolstate": "Compute Resource Status",
 "label.hostid": "Host",
 "label.hostname": "Host",
diff --git a/ui/src/views/infra/HostInfo.vue b/ui/src/views/infra/HostInfo.vue
index 259445154a0..a6d8fe8595e 100644
--- a/ui/src/views/infra/HostInfo.vue
+++ b/ui/src/views/infra/HostInfo.vue
@@ -56,6 +56,22 @@
           </div>
         </div>
       </a-list-item>
+      <a-list-item v-if="host.details && host.details['host.virtv2v.version']">
+        <div>
+          <strong>{{ $t('label.host.virtv2v.version') }}</strong>
+          <div>
+            {{ host.details['host.virtv2v.version'] }}
+          </div>
+        </div>
+      </a-list-item>
+      <a-list-item v-if="host.details && host.details['host.ovftool.version']">
+        <div>
+          <strong>{{ $t('label.host.ovftool.version') }}</strong>
+          <div>
+            {{ host.details['host.ovftool.version'] }}
+          </div>
+        </div>
+      </a-list-item>
       <a-list-item v-if="host.hosttags">
         <div>
           <strong>{{ $t('label.hosttags') }}</strong>
diff --git a/ui/src/views/tools/ImportUnmanagedInstance.vue b/ui/src/views/tools/ImportUnmanagedInstance.vue
index 50a0d631808..95c14f141d2 100644
--- a/ui/src/views/tools/ImportUnmanagedInstance.vue
+++ b/ui/src/views/tools/ImportUnmanagedInstance.vue
@@ -944,6 +944,12 @@ export default {
           } else {
             host.name = host.name + ' (' + this.$t('label.not.supported') + ')'
           }
+          if (host.details['host.virtv2v.version']) {
+            host.name = host.name + ' (virt-v2v=' + host.details['host.virtv2v.version'] + ')'
+          }
+          if (host.details['host.ovftool.version']) {
+            host.name = host.name + ' (ovftool=' + host.details['host.ovftool.version'] + ')'
+          }
         })
       })
     },

From ba0204f8edd6140d893e92bf33522f9a50637d8e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jo=C3=A3o=20Jandre?=
 <48719461+JoaoJandre@users.noreply.github.com>
Date: Tue, 24 Jun 2025 09:23:57 -0300
Subject: [PATCH 03/83] Block volume shrink on Xen (#11004)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: João Jandre <joao@scclouds.com.br>
---
 .../wrapper/xenbase/CitrixResizeVolumeCommandWrapper.java  | 7 +++++--
 .../main/java/com/cloud/storage/VolumeApiServiceImpl.java  | 3 +++
 ui/src/views/storage/ChangeOfferingForVolume.vue           | 2 +-
 3 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/plugins/hypervisors/xenserver/src/main/java/com/cloud/hypervisor/xenserver/resource/wrapper/xenbase/CitrixResizeVolumeCommandWrapper.java b/plugins/hypervisors/xenserver/src/main/java/com/cloud/hypervisor/xenserver/resource/wrapper/xenbase/CitrixResizeVolumeCommandWrapper.java
index 2ddf1bd1851..abf46b2771c 100755
--- a/plugins/hypervisors/xenserver/src/main/java/com/cloud/hypervisor/xenserver/resource/wrapper/xenbase/CitrixResizeVolumeCommandWrapper.java
+++ b/plugins/hypervisors/xenserver/src/main/java/com/cloud/hypervisor/xenserver/resource/wrapper/xenbase/CitrixResizeVolumeCommandWrapper.java
@@ -49,9 +49,12 @@ public final class CitrixResizeVolumeCommandWrapper extends CommandWrapper<Resiz
 
         try {
 
-            if (command.getCurrentSize() >= newSize) {
-                logger.info("No need to resize volume: " + volId +", current size " + toHumanReadableSize(command.getCurrentSize()) + " is same as  new size " + toHumanReadableSize(newSize));
+            if (command.getCurrentSize() == newSize) {
+                logger.info("No need to resize volume [{}], current size [{}] is same as new size [{}].", volId, toHumanReadableSize(command.getCurrentSize()), toHumanReadableSize(newSize));
                 return new ResizeVolumeAnswer(command, true, "success", newSize);
+            } else if (command.getCurrentSize() > newSize) {
+                logger.error("XenServer does not support volume shrink. Volume [{}] current size [{}] is smaller than new size [{}]", volId, toHumanReadableSize(command.getCurrentSize()), toHumanReadableSize(newSize));
+                return new ResizeVolumeAnswer(command, false, "operation not supported");
             }
             if (command.isManaged()) {
                 resizeSr(conn, command);
diff --git a/server/src/main/java/com/cloud/storage/VolumeApiServiceImpl.java b/server/src/main/java/com/cloud/storage/VolumeApiServiceImpl.java
index 6a2aa09c38a..84e4bbf258f 100644
--- a/server/src/main/java/com/cloud/storage/VolumeApiServiceImpl.java
+++ b/server/src/main/java/com/cloud/storage/VolumeApiServiceImpl.java
@@ -2429,6 +2429,9 @@ public class VolumeApiServiceImpl extends ManagerBase implements VolumeApiServic
                     throw new InvalidParameterValueException("Going from existing size of " + currentSize + " to size of " + newSize + " would shrink the volume."
                             + "Need to sign off by supplying the shrinkok parameter with value of true.");
                 }
+                if (ApiDBUtils.getHypervisorTypeFromFormat(volume.getDataCenterId(), volume.getFormat()) == HypervisorType.XenServer) {
+                    throw new InvalidParameterValueException("Shrink volume is not supported for the XenServer hypervisor.");
+                }
             }
         }
         /* Check resource limit for this account */
diff --git a/ui/src/views/storage/ChangeOfferingForVolume.vue b/ui/src/views/storage/ChangeOfferingForVolume.vue
index 5ab80390999..dedc2e8dc04 100644
--- a/ui/src/views/storage/ChangeOfferingForVolume.vue
+++ b/ui/src/views/storage/ChangeOfferingForVolume.vue
@@ -90,7 +90,7 @@
         :checked="autoMigrate"
         @change="val => { autoMigrate = val }"/>
     </a-form-item>
-    <a-form-item name="shrinkOk" ref="shrinkOk" :label="$t('label.shrinkok')">
+    <a-form-item name="shrinkOk" ref="shrinkOk" :label="$t('label.shrinkok')" v-if="!['XenServer'].includes(resource.hypervisor)">
       <a-switch
         v-model:checked="form.shrinkOk"
         :checked="shrinkOk"

From 544028ca8e6b80f7cdd1c9b9e0a2156f8fd69789 Mon Sep 17 00:00:00 2001
From: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
Date: Wed, 2 Jul 2025 15:45:32 +0530
Subject: [PATCH 04/83] Do not rely on Memory engine even transiently in DB
 setup scripts (#11106)

It is not safe for use with replication, and is straight up incompatible with highly-available active-active type MySQL distributions such as Galera

Co-authored-by: Tristan Deloche <tdeloche@apple.com>
---
 setup/db/create-schema.sql | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/setup/db/create-schema.sql b/setup/db/create-schema.sql
index 3f14fccd010..10141185eb4 100755
--- a/setup/db/create-schema.sql
+++ b/setup/db/create-schema.sql
@@ -398,7 +398,7 @@ CREATE TABLE `cloud`.`op_lock` (
   `waiters` int NOT NULL DEFAULT 0 COMMENT 'How many have the thread acquired this lock (reentrant)',
   PRIMARY KEY (`key`),
   INDEX `i_op_lock__mac_ip_thread`(`mac`, `ip`, `thread`)
-) ENGINE=Memory DEFAULT CHARSET=utf8;
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
 CREATE TABLE  `cloud`.`configuration` (
   `category` varchar(255) NOT NULL DEFAULT 'Advanced',
@@ -1793,7 +1793,7 @@ CREATE TABLE `cloud`.`op_nwgrp_work` (
   INDEX `i_op_nwgrp_work__taken`(`taken`),
   INDEX `i_op_nwgrp_work__step`(`step`),
   INDEX `i_op_nwgrp_work__seq_no`(`seq_no`)
-) ENGINE=MEMORY DEFAULT CHARSET=utf8;
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
 CREATE TABLE `cloud`.`op_vm_ruleset_log` (
   `id` bigint unsigned UNIQUE NOT NULL AUTO_INCREMENT COMMENT 'id',

From 3b54194aef18c44a37489614ce3391eceab55b2f Mon Sep 17 00:00:00 2001
From: Harikrishna <harikrishna.patnala@gmail.com>
Date: Thu, 3 Jul 2025 13:15:35 +0530
Subject: [PATCH 05/83] Correct quota type indexes (#11085)

---
 ui/src/utils/quota.js | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/ui/src/utils/quota.js b/ui/src/utils/quota.js
index 485c99131d2..b8adbb93518 100644
--- a/ui/src/utils/quota.js
+++ b/ui/src/utils/quota.js
@@ -107,7 +107,7 @@ export const QUOTA_TYPES = [
   },
   {
     id: 29,
-    type: 'VPC'
+    type: 'BUCKET'
   },
   {
     id: 30,
@@ -115,7 +115,7 @@ export const QUOTA_TYPES = [
   },
   {
     id: 31,
-    type: 'BACKUP_OBJECT'
+    type: 'VPC'
   }
 ]
 

From c24e4eea855bd21e72ce7aa182fada2671dbe857 Mon Sep 17 00:00:00 2001
From: Abhishek Kumar <abhishek.mrt22@gmail.com>
Date: Thu, 3 Jul 2025 13:20:36 +0530
Subject: [PATCH 06/83] server: fix orphan db transaction issue (#11095)

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
---
 .../com/cloud/alert/AlertManagerImpl.java     | 32 ++++++++++++-----
 .../com/cloud/storage/StorageManagerImpl.java | 36 +++++++++++--------
 2 files changed, 44 insertions(+), 24 deletions(-)

diff --git a/server/src/main/java/com/cloud/alert/AlertManagerImpl.java b/server/src/main/java/com/cloud/alert/AlertManagerImpl.java
index f35a0664a85..377b2134d78 100644
--- a/server/src/main/java/com/cloud/alert/AlertManagerImpl.java
+++ b/server/src/main/java/com/cloud/alert/AlertManagerImpl.java
@@ -89,6 +89,10 @@ import com.cloud.utils.Pair;
 import com.cloud.utils.component.ManagerBase;
 import com.cloud.utils.concurrency.NamedThreadFactory;
 import com.cloud.utils.db.SearchCriteria;
+import com.cloud.utils.db.Transaction;
+import com.cloud.utils.db.TransactionCallbackNoReturn;
+import com.cloud.utils.db.TransactionStatus;
+
 import org.jetbrains.annotations.Nullable;
 
 public class AlertManagerImpl extends ManagerBase implements AlertManager, Configurable {
@@ -290,8 +294,13 @@ public class AlertManagerImpl extends ManagerBase implements AlertManager, Confi
                 Math.min(CapacityManager.CapacityCalculateWorkers.value(), hostIds.size())));
         for (Long hostId : hostIds) {
             futures.put(hostId, executorService.submit(() -> {
-                final HostVO host = hostDao.findById(hostId);
-                _capacityMgr.updateCapacityForHost(host);
+                Transaction.execute(new TransactionCallbackNoReturn() {
+                    @Override
+                    public void doInTransactionWithoutResult(TransactionStatus status) {
+                        final HostVO host = hostDao.findById(hostId);
+                        _capacityMgr.updateCapacityForHost(host);
+                    }
+                });
                 return null;
             }));
         }
@@ -316,13 +325,18 @@ public class AlertManagerImpl extends ManagerBase implements AlertManager, Confi
                 Math.min(CapacityManager.CapacityCalculateWorkers.value(), storagePoolIds.size())));
         for (Long poolId: storagePoolIds) {
             futures.put(poolId, executorService.submit(() -> {
-                final StoragePoolVO pool = _storagePoolDao.findById(poolId);
-                long disk = _capacityMgr.getAllocatedPoolCapacity(pool, null);
-                if (pool.isShared()) {
-                    _storageMgr.createCapacityEntry(pool, Capacity.CAPACITY_TYPE_STORAGE_ALLOCATED, disk);
-                } else {
-                    _storageMgr.createCapacityEntry(pool, Capacity.CAPACITY_TYPE_LOCAL_STORAGE, disk);
-                }
+                Transaction.execute(new TransactionCallbackNoReturn() {
+                    @Override
+                    public void doInTransactionWithoutResult(TransactionStatus status) {
+                        final StoragePoolVO pool = _storagePoolDao.findById(poolId);
+                        long disk = _capacityMgr.getAllocatedPoolCapacity(pool, null);
+                        if (pool.isShared()) {
+                            _storageMgr.createCapacityEntry(pool, Capacity.CAPACITY_TYPE_STORAGE_ALLOCATED, disk);
+                        } else {
+                            _storageMgr.createCapacityEntry(pool, Capacity.CAPACITY_TYPE_LOCAL_STORAGE, disk);
+                        }
+                    }
+                });
                 return null;
             }));
         }
diff --git a/server/src/main/java/com/cloud/storage/StorageManagerImpl.java b/server/src/main/java/com/cloud/storage/StorageManagerImpl.java
index f9199b94288..90113f66aaf 100644
--- a/server/src/main/java/com/cloud/storage/StorageManagerImpl.java
+++ b/server/src/main/java/com/cloud/storage/StorageManagerImpl.java
@@ -257,6 +257,7 @@ import com.cloud.utils.db.SearchCriteria;
 import com.cloud.utils.db.SearchCriteria.Op;
 import com.cloud.utils.db.Transaction;
 import com.cloud.utils.db.TransactionCallbackNoReturn;
+import com.cloud.utils.db.TransactionCallbackWithExceptionNoReturn;
 import com.cloud.utils.db.TransactionLegacy;
 import com.cloud.utils.db.TransactionStatus;
 import com.cloud.utils.exception.CloudRuntimeException;
@@ -1591,22 +1592,27 @@ public class StorageManagerImpl extends ManagerBase implements StorageManager, C
                 if (exceptionOccurred.get()) {
                     return null;
                 }
-                HostVO host = _hostDao.findById(hostId);
-                try {
-                    connectHostToSharedPool(host, primaryStore.getId());
-                    poolHostIds.add(hostId);
-                } catch (Exception e) {
-                    if (handleExceptionsPartially && e.getCause() instanceof StorageConflictException) {
-                        exceptionOccurred.set(true);
-                        throw e;
+                Transaction.execute(new TransactionCallbackWithExceptionNoReturn<Exception>() {
+                    @Override
+                    public void doInTransactionWithoutResult(TransactionStatus status) throws Exception {
+                        HostVO host = _hostDao.findById(hostId);
+                        try {
+                            connectHostToSharedPool(host, primaryStore.getId());
+                            poolHostIds.add(hostId);
+                        } catch (Exception e) {
+                            if (handleExceptionsPartially && e.getCause() instanceof StorageConflictException) {
+                                exceptionOccurred.set(true);
+                                throw e;
+                            }
+                            logger.warn("Unable to establish a connection between {} and {}", host, primaryStore, e);
+                            String reason = getStoragePoolMountFailureReason(e.getMessage());
+                            if (handleExceptionsPartially && reason != null) {
+                                exceptionOccurred.set(true);
+                                throw new CloudRuntimeException(reason);
+                            }
+                        }
                     }
-                    logger.warn("Unable to establish a connection between {} and {}", host, primaryStore, e);
-                    String reason = getStoragePoolMountFailureReason(e.getMessage());
-                    if (handleExceptionsPartially && reason != null) {
-                        exceptionOccurred.set(true);
-                        throw new CloudRuntimeException(reason);
-                    }
-                }
+                });
                 return null;
             }));
         }

From 1a251c8b7899f5cee9d586047aaa469d9bec4ea6 Mon Sep 17 00:00:00 2001
From: Daan Hoogland <dahn@apache.org>
Date: Thu, 3 Jul 2025 12:55:21 +0200
Subject: [PATCH 07/83] merge forward fix

---
 .../org/apache/cloudstack/ldap/LdapContextFactory.java    | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapContextFactory.java b/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapContextFactory.java
index 4199b0757d8..1c759c6a45e 100644
--- a/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapContextFactory.java
+++ b/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapContextFactory.java
@@ -54,14 +54,14 @@ public class LdapContextFactory {
         return createInitialDirContext(bindPrincipal, bindPassword, providerUrl, true, domainId);
     }
 
-    private LdapContext createInitialDirContext(final String principal, final String password, final boolean isSystemContext, Long domainId) throws NamingException, IOException {
+    private LdapContext createInitialDirContext(final String principal, final String password, final boolean isSystemContext, Long domainId) throws NamingException {
         return createInitialDirContext(principal, password, null, isSystemContext, domainId);
     }
 
     private LdapContext createInitialDirContext(final String principal, final String password, final String providerUrl, final boolean isSystemContext, Long domainId)
-        throws NamingException, IOException {
+        throws NamingException {
         Hashtable<String, String> environment = getEnvironment(principal, password, providerUrl, isSystemContext, domainId);
-        logger.debug("initializing ldap with provider url: " + environment.get(Context.PROVIDER_URL));
+        logger.debug("initializing ldap with provider url: {}", environment.get(Context.PROVIDER_URL));
         return new InitialLdapContext(environment, null);
     }
 
@@ -103,7 +103,7 @@ public class LdapContextFactory {
             );
             return true;
         } catch (Exception e) {
-            s_logger.warn("Failed to validate truststore: " + e.getMessage());
+            logger.warn("Failed to validate truststore: {}", e.getMessage());
             return false;
         }
     }

From ed7bd5e5804c2d834b061f64bfd2d711e1ae5715 Mon Sep 17 00:00:00 2001
From: Abhishek Kumar <abhishek.mrt22@gmail.com>
Date: Thu, 3 Jul 2025 19:00:42 +0530
Subject: [PATCH 08/83] ui: fix handler for deploy button menu (#11116)

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
---
 ui/src/views/compute/DeployVM.vue             |  4 +-
 ui/src/views/compute/DeployVnfAppliance.vue   |  4 +-
 ui/src/views/compute/wizard/DeployButtons.vue | 47 +++++++++----------
 3 files changed, 27 insertions(+), 28 deletions(-)

diff --git a/ui/src/views/compute/DeployVM.vue b/ui/src/views/compute/DeployVM.vue
index 73ea3fcc59d..d61c9e08ea9 100644
--- a/ui/src/views/compute/DeployVM.vue
+++ b/ui/src/views/compute/DeployVM.vue
@@ -845,7 +845,7 @@
                 :deployButtonMenuOptions="deployMenuOptions"
                 @handle-cancel="() => $router.back()"
                 @handle-deploy="handleSubmit"
-                @handle-deploy-menu="handleSubmitAndStay" />
+                @handle-deploy-menu="(index, e) => handleSubmitAndStay(e)" />
             </div>
           </a-form>
         </a-card>
@@ -860,7 +860,7 @@
                 :deployButtonMenuOptions="deployMenuOptions"
                 @handle-cancel="() => $router.back()"
                 @handle-deploy="handleSubmit"
-                @handle-deploy-menu="handleSubmitAndStay" />
+                @handle-deploy-menu="(index, e) => handleSubmitAndStay(e)" />
             </template>
           </info-card>
         </a-affix>
diff --git a/ui/src/views/compute/DeployVnfAppliance.vue b/ui/src/views/compute/DeployVnfAppliance.vue
index 49a2a9ef8f3..b7e797ee57c 100644
--- a/ui/src/views/compute/DeployVnfAppliance.vue
+++ b/ui/src/views/compute/DeployVnfAppliance.vue
@@ -825,7 +825,7 @@
                 :deployButtonMenuOptions="deployMenuOptions"
                 @handle-cancel="() => $router.back()"
                 @handle-deploy="handleSubmit"
-                @handle-deploy-menu="handleSubmitAndStay" />
+                @handle-deploy-menu="(index, e) => handleSubmitAndStay(e)" />
             </div>
           </a-form>
         </a-card>
@@ -840,7 +840,7 @@
                 :deployButtonMenuOptions="deployMenuOptions"
                 @handle-cancel="() => $router.back()"
                 @handle-deploy="handleSubmit"
-                @handle-deploy-menu="handleSubmitAndStay" />
+                @handle-deploy-menu="(index, e) => handleSubmitAndStay(e)" />
             </template>
           </info-card>
         </a-affix>
diff --git a/ui/src/views/compute/wizard/DeployButtons.vue b/ui/src/views/compute/wizard/DeployButtons.vue
index 2bd2408e4ed..6fc9aee096d 100644
--- a/ui/src/views/compute/wizard/DeployButtons.vue
+++ b/ui/src/views/compute/wizard/DeployButtons.vue
@@ -86,7 +86,7 @@ export default {
       this.$emit('handle-deploy', e)
     },
     handleMenu (e) {
-      this.$emit('handle-deploy-menu', e.key - 1)
+      this.$emit('handle-deploy-menu', e.key - 1, e)
     }
   }
 }
@@ -94,37 +94,36 @@ export default {
 
 <style lang="less" scoped>
 
-.button-container {
-  display: flex;
-  flex-wrap: wrap;
-  gap: 10px;
-  justify-content: flex-start;
-}
-
-.equal-size-button {
-  flex-grow: 1; /* Make each button grow equally */
-  min-width: 120px; /* Set a minimum width so that the buttons don't shrink too much */
-}
-
-@media (max-width: 600px) {
   .button-container {
-    flex-direction: column;
+    display: flex;
+    flex-wrap: wrap;
+    gap: 10px;
+    justify-content: flex-start;
   }
 
-}
+  .equal-size-button {
+    flex-grow: 1; /* Make each button grow equally */
+    min-width: 120px; /* Set a minimum width so that the buttons don't shrink too much */
+  }
 
-.btn-stay-on-page {
-  &.ant-dropdown-menu-dark {
-    .ant-dropdown-menu-item:hover {
-      background: transparent !important;
+  @media (max-width: 600px) {
+    .button-container {
+      flex-direction: column;
     }
   }
-}
 </style>
 
 <style lang="less">
 
-.ant-btn-group > .ant-btn:first-child:not(:last-child) {
-  flex-grow: 1; /* Make each button grow equally */
-}
+  .btn-stay-on-page {
+    &.ant-dropdown-menu-dark {
+      .ant-dropdown-menu-item:hover {
+        background: transparent !important;
+      }
+    }
+  }
+
+  .ant-btn-group > .ant-btn:first-child:not(:last-child) {
+    flex-grow: 1; /* Make each button grow equally */
+  }
 </style>

From 80f46ad55d63bea88da0d1d38b00b045499aa105 Mon Sep 17 00:00:00 2001
From: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
Date: Fri, 4 Jul 2025 13:54:54 +0530
Subject: [PATCH 09/83] [VMware to KVM Migration] Fix for converted instance
 npe issue when source vmware instance ovf is exported from management server
 (#11003)

---
 .../com/cloud/storage/VolumeApiService.java   |   7 +
 .../agent/api/ConvertInstanceAnswer.java      |  16 --
 .../agent/api/ConvertInstanceCommand.java     |  11 +-
 .../LibvirtConvertInstanceCommandWrapper.java | 205 +-----------------
 ...virtConvertInstanceCommandWrapperTest.java |  70 ------
 .../vm/UnmanagedVMsManagerImpl.java           |  59 +----
 .../vm/UnmanagedVMsManagerImplTest.java       |   2 -
 7 files changed, 20 insertions(+), 350 deletions(-)

diff --git a/api/src/main/java/com/cloud/storage/VolumeApiService.java b/api/src/main/java/com/cloud/storage/VolumeApiService.java
index bb69b5b6650..4182728c204 100644
--- a/api/src/main/java/com/cloud/storage/VolumeApiService.java
+++ b/api/src/main/java/com/cloud/storage/VolumeApiService.java
@@ -171,6 +171,13 @@ public interface VolumeApiService {
      *   </table>
      */
     boolean doesStoragePoolSupportDiskOffering(StoragePool destPool, DiskOffering diskOffering);
+
+    /**
+     * Checks if the storage pool supports the required disk offering tags
+     * destPool the storage pool to check the disk offering tags
+     * diskOfferingTags the tags that should be supported
+     * return whether the tags are supported in the storage pool
+     */
     boolean doesStoragePoolSupportDiskOfferingTags(StoragePool destPool, String diskOfferingTags);
 
     Volume destroyVolume(long volumeId, Account caller, boolean expunge, boolean forceExpunge);
diff --git a/core/src/main/java/com/cloud/agent/api/ConvertInstanceAnswer.java b/core/src/main/java/com/cloud/agent/api/ConvertInstanceAnswer.java
index 174348f4f18..8092ab9b43f 100644
--- a/core/src/main/java/com/cloud/agent/api/ConvertInstanceAnswer.java
+++ b/core/src/main/java/com/cloud/agent/api/ConvertInstanceAnswer.java
@@ -16,8 +16,6 @@
 // under the License.
 package com.cloud.agent.api;
 
-import org.apache.cloudstack.vm.UnmanagedInstanceTO;
-
 public class ConvertInstanceAnswer extends Answer {
 
     private String temporaryConvertUuid;
@@ -25,16 +23,6 @@ public class ConvertInstanceAnswer extends Answer {
     public ConvertInstanceAnswer() {
         super();
     }
-    private UnmanagedInstanceTO convertedInstance;
-
-    public ConvertInstanceAnswer(Command command, boolean success, String details) {
-        super(command, success, details);
-    }
-
-    public ConvertInstanceAnswer(Command command, UnmanagedInstanceTO convertedInstance) {
-        super(command, true, "");
-        this.convertedInstance = convertedInstance;
-    }
 
     public ConvertInstanceAnswer(Command command, String temporaryConvertUuid) {
         super(command, true, "");
@@ -44,8 +32,4 @@ public class ConvertInstanceAnswer extends Answer {
     public String getTemporaryConvertUuid() {
         return temporaryConvertUuid;
     }
-
-    public UnmanagedInstanceTO getConvertedInstance() {
-        return convertedInstance;
-    }
 }
diff --git a/core/src/main/java/com/cloud/agent/api/ConvertInstanceCommand.java b/core/src/main/java/com/cloud/agent/api/ConvertInstanceCommand.java
index b8250903f85..f938d0ac55d 100644
--- a/core/src/main/java/com/cloud/agent/api/ConvertInstanceCommand.java
+++ b/core/src/main/java/com/cloud/agent/api/ConvertInstanceCommand.java
@@ -20,13 +20,10 @@ import com.cloud.agent.api.to.DataStoreTO;
 import com.cloud.agent.api.to.RemoteInstanceTO;
 import com.cloud.hypervisor.Hypervisor;
 
-import java.util.List;
-
 public class ConvertInstanceCommand extends Command {
 
     private RemoteInstanceTO sourceInstance;
     private Hypervisor.HypervisorType destinationHypervisorType;
-    private List<String> destinationStoragePools;
     private DataStoreTO conversionTemporaryLocation;
     private String templateDirOnConversionLocation;
     private boolean checkConversionSupport;
@@ -36,12 +33,10 @@ public class ConvertInstanceCommand extends Command {
     public ConvertInstanceCommand() {
     }
 
-    public ConvertInstanceCommand(RemoteInstanceTO sourceInstance, Hypervisor.HypervisorType destinationHypervisorType,
-                                  List<String> destinationStoragePools, DataStoreTO conversionTemporaryLocation,
+    public ConvertInstanceCommand(RemoteInstanceTO sourceInstance, Hypervisor.HypervisorType destinationHypervisorType, DataStoreTO conversionTemporaryLocation,
                                   String templateDirOnConversionLocation, boolean checkConversionSupport, boolean exportOvfToConversionLocation) {
         this.sourceInstance = sourceInstance;
         this.destinationHypervisorType = destinationHypervisorType;
-        this.destinationStoragePools = destinationStoragePools;
         this.conversionTemporaryLocation = conversionTemporaryLocation;
         this.templateDirOnConversionLocation = templateDirOnConversionLocation;
         this.checkConversionSupport = checkConversionSupport;
@@ -56,10 +51,6 @@ public class ConvertInstanceCommand extends Command {
         return destinationHypervisorType;
     }
 
-    public List<String> getDestinationStoragePools() {
-        return destinationStoragePools;
-    }
-
     public DataStoreTO getConversionTemporaryLocation() {
         return conversionTemporaryLocation;
     }
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtConvertInstanceCommandWrapper.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtConvertInstanceCommandWrapper.java
index a11730a1240..e79a8da9dda 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtConvertInstanceCommandWrapper.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtConvertInstanceCommandWrapper.java
@@ -18,22 +18,12 @@
 //
 package com.cloud.hypervisor.kvm.resource.wrapper;
 
-import java.io.BufferedInputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
 import java.net.URLEncoder;
 import java.nio.charset.Charset;
-import java.util.ArrayList;
 import java.util.List;
 import java.util.UUID;
-import java.util.stream.Collectors;
 
 import org.apache.cloudstack.storage.to.PrimaryDataStoreTO;
-import org.apache.cloudstack.vm.UnmanagedInstanceTO;
-import org.apache.commons.collections.CollectionUtils;
-import org.apache.commons.io.IOUtils;
 import org.apache.commons.lang3.StringUtils;
 
 import com.cloud.agent.api.Answer;
@@ -44,17 +34,12 @@ import com.cloud.agent.api.to.NfsTO;
 import com.cloud.agent.api.to.RemoteInstanceTO;
 import com.cloud.hypervisor.Hypervisor;
 import com.cloud.hypervisor.kvm.resource.LibvirtComputingResource;
-import com.cloud.hypervisor.kvm.resource.LibvirtDomainXMLParser;
 import com.cloud.hypervisor.kvm.resource.LibvirtVMDef;
-import com.cloud.hypervisor.kvm.storage.KVMPhysicalDisk;
 import com.cloud.hypervisor.kvm.storage.KVMStoragePool;
 import com.cloud.hypervisor.kvm.storage.KVMStoragePoolManager;
 import com.cloud.resource.CommandWrapper;
 import com.cloud.resource.ResourceWrapper;
-import com.cloud.storage.Storage;
 import com.cloud.utils.FileUtil;
-import com.cloud.utils.Pair;
-import com.cloud.utils.exception.CloudRuntimeException;
 import com.cloud.utils.script.OutputInterpreter;
 import com.cloud.utils.script.Script;
 
@@ -77,7 +62,7 @@ public class LibvirtConvertInstanceCommandWrapper extends CommandWrapper<Convert
             String msg = String.format("Cannot convert the instance %s from VMware as the virt-v2v binary is not found. " +
                     "Please install virt-v2v%s on the host before attempting the instance conversion.", sourceInstanceName, serverResource.isUbuntuHost()? ", nbdkit" : "");
             logger.info(msg);
-            return new ConvertInstanceAnswer(cmd, false, msg);
+            return new Answer(cmd, false, msg);
         }
 
         if (!areSourceAndDestinationHypervisorsSupported(sourceHypervisorType, destinationHypervisorType)) {
@@ -85,7 +70,7 @@ public class LibvirtConvertInstanceCommandWrapper extends CommandWrapper<Convert
                     String.format("The destination hypervisor type is %s, KVM was expected, cannot handle it", destinationHypervisorType) :
                     String.format("The source hypervisor type %s is not supported for KVM conversion", sourceHypervisorType);
             logger.error(err);
-            return new ConvertInstanceAnswer(cmd, false, err);
+            return new Answer(cmd, false, err);
         }
 
         final KVMStoragePoolManager storagePoolMgr = serverResource.getStoragePoolMgr();
@@ -103,7 +88,7 @@ public class LibvirtConvertInstanceCommandWrapper extends CommandWrapper<Convert
             if (StringUtils.isBlank(exportInstanceOVAUrl)) {
                 String err = String.format("Couldn't export OVA for the VM %s, due to empty url", sourceInstanceName);
                 logger.error(err);
-                return new ConvertInstanceAnswer(cmd, false, err);
+                return new Answer(cmd, false, err);
             }
 
             int noOfThreads = cmd.getThreadsCountToExportOvf();
@@ -117,7 +102,7 @@ public class LibvirtConvertInstanceCommandWrapper extends CommandWrapper<Convert
             if (!ovfExported) {
                 String err = String.format("Export OVA for the VM %s failed", sourceInstanceName);
                 logger.error(err);
-                return new ConvertInstanceAnswer(cmd, false, err);
+                return new Answer(cmd, false, err);
             }
             sourceOVFDirPath = String.format("%s%s/", sourceOVFDirPath, sourceInstanceName);
         } else {
@@ -140,7 +125,7 @@ public class LibvirtConvertInstanceCommandWrapper extends CommandWrapper<Convert
                                 "has a different virt-v2v version.",
                         ovfTemplateDirOnConversionLocation);
                 logger.error(err);
-                return new ConvertInstanceAnswer(cmd, false, err);
+                return new Answer(cmd, false, err);
             }
             return new ConvertInstanceAnswer(cmd, temporaryConvertUuid);
         } catch (Exception e) {
@@ -148,7 +133,7 @@ public class LibvirtConvertInstanceCommandWrapper extends CommandWrapper<Convert
                     sourceInstanceName, sourceHypervisorType, e.getMessage());
             logger.error(error, e);
             cleanupSecondaryStorage = true;
-            return new ConvertInstanceAnswer(cmd, false, error);
+            return new Answer(cmd, false, error);
         } finally {
             if (ovfExported && StringUtils.isNotBlank(ovfTemplateDirOnConversionLocation)) {
                 String sourceOVFDir = String.format("%s/%s", temporaryConvertPath, ovfTemplateDirOnConversionLocation);
@@ -205,55 +190,6 @@ public class LibvirtConvertInstanceCommandWrapper extends CommandWrapper<Convert
                 encodedUsername, encodedPassword, vcenter, datacenter, vm);
     }
 
-    protected List<KVMPhysicalDisk> getTemporaryDisksFromParsedXml(KVMStoragePool pool, LibvirtDomainXMLParser xmlParser, String convertedBasePath) {
-        List<LibvirtVMDef.DiskDef> disksDefs = xmlParser.getDisks();
-        disksDefs = disksDefs.stream().filter(x -> x.getDiskType() == LibvirtVMDef.DiskDef.DiskType.FILE &&
-                x.getDeviceType() == LibvirtVMDef.DiskDef.DeviceType.DISK).collect(Collectors.toList());
-        if (CollectionUtils.isEmpty(disksDefs)) {
-            String err = String.format("Cannot find any disk defined on the converted XML domain %s.xml", convertedBasePath);
-            logger.error(err);
-            throw new CloudRuntimeException(err);
-        }
-        sanitizeDisksPath(disksDefs);
-        return getPhysicalDisksFromDefPaths(disksDefs, pool);
-    }
-
-    private List<KVMPhysicalDisk> getPhysicalDisksFromDefPaths(List<LibvirtVMDef.DiskDef> disksDefs, KVMStoragePool pool) {
-        List<KVMPhysicalDisk> disks = new ArrayList<>();
-        for (LibvirtVMDef.DiskDef diskDef : disksDefs) {
-            KVMPhysicalDisk physicalDisk = pool.getPhysicalDisk(diskDef.getDiskPath());
-            disks.add(physicalDisk);
-        }
-        return disks;
-    }
-
-    protected List<KVMPhysicalDisk> getTemporaryDisksWithPrefixFromTemporaryPool(KVMStoragePool pool, String path, String prefix) {
-        String msg = String.format("Could not parse correctly the converted XML domain, checking for disks on %s with prefix %s", path, prefix);
-        logger.info(msg);
-        pool.refresh();
-        List<KVMPhysicalDisk> disksWithPrefix = pool.listPhysicalDisks()
-                .stream()
-                .filter(x -> x.getName().startsWith(prefix) && !x.getName().endsWith(".xml"))
-                .collect(Collectors.toList());
-        if (CollectionUtils.isEmpty(disksWithPrefix)) {
-            msg = String.format("Could not find any converted disk with prefix %s on temporary location %s", prefix, path);
-            logger.error(msg);
-            throw new CloudRuntimeException(msg);
-        }
-        return disksWithPrefix;
-    }
-
-    private void cleanupDisksAndDomainFromTemporaryLocation(List<KVMPhysicalDisk> disks,
-                                                            KVMStoragePool temporaryStoragePool,
-                                                            String temporaryConvertUuid) {
-        for (KVMPhysicalDisk disk : disks) {
-            logger.info(String.format("Cleaning up temporary disk %s after conversion from temporary location", disk.getName()));
-            temporaryStoragePool.deletePhysicalDisk(disk.getName(), Storage.ImageFormat.QCOW2);
-        }
-        logger.info(String.format("Cleaning up temporary domain %s after conversion from temporary location", temporaryConvertUuid));
-        FileUtil.deleteFiles(temporaryStoragePool.getLocalPath(), temporaryConvertUuid, ".xml");
-    }
-
     protected void sanitizeDisksPath(List<LibvirtVMDef.DiskDef> disks) {
         for (LibvirtVMDef.DiskDef disk : disks) {
             String[] diskPathParts = disk.getDiskPath().split("/");
@@ -262,114 +198,6 @@ public class LibvirtConvertInstanceCommandWrapper extends CommandWrapper<Convert
         }
     }
 
-    protected List<KVMPhysicalDisk> moveTemporaryDisksToDestination(List<KVMPhysicalDisk> temporaryDisks,
-                                                                  List<String> destinationStoragePools,
-                                                                  KVMStoragePoolManager storagePoolMgr) {
-        List<KVMPhysicalDisk> targetDisks = new ArrayList<>();
-        if (temporaryDisks.size() != destinationStoragePools.size()) {
-            String warn = String.format("Discrepancy between the converted instance disks (%s) " +
-                    "and the expected number of disks (%s)", temporaryDisks.size(), destinationStoragePools.size());
-            logger.warn(warn);
-        }
-        for (int i = 0; i < temporaryDisks.size(); i++) {
-            String poolPath = destinationStoragePools.get(i);
-            KVMStoragePool destinationPool = storagePoolMgr.getStoragePool(Storage.StoragePoolType.NetworkFilesystem, poolPath);
-            if (destinationPool == null) {
-                String err = String.format("Could not find a storage pool by URI: %s", poolPath);
-                logger.error(err);
-                continue;
-            }
-            if (destinationPool.getType() != Storage.StoragePoolType.NetworkFilesystem) {
-                String err = String.format("Storage pool by URI: %s is not an NFS storage", poolPath);
-                logger.error(err);
-                continue;
-            }
-            KVMPhysicalDisk sourceDisk = temporaryDisks.get(i);
-            if (logger.isDebugEnabled()) {
-                String msg = String.format("Trying to copy converted instance disk number %s from the temporary location %s" +
-                        " to destination storage pool %s", i, sourceDisk.getPool().getLocalPath(), destinationPool.getUuid());
-                logger.debug(msg);
-            }
-
-            String destinationName = UUID.randomUUID().toString();
-
-            KVMPhysicalDisk destinationDisk = storagePoolMgr.copyPhysicalDisk(sourceDisk, destinationName, destinationPool, 7200 * 1000);
-            targetDisks.add(destinationDisk);
-        }
-        return targetDisks;
-    }
-
-    private UnmanagedInstanceTO getConvertedUnmanagedInstance(String baseName,
-                                                              List<KVMPhysicalDisk> vmDisks,
-                                                              LibvirtDomainXMLParser xmlParser) {
-        UnmanagedInstanceTO instanceTO = new UnmanagedInstanceTO();
-        instanceTO.setName(baseName);
-        instanceTO.setDisks(getUnmanagedInstanceDisks(vmDisks, xmlParser));
-        instanceTO.setNics(getUnmanagedInstanceNics(xmlParser));
-        return instanceTO;
-    }
-
-    private List<UnmanagedInstanceTO.Nic> getUnmanagedInstanceNics(LibvirtDomainXMLParser xmlParser) {
-        List<UnmanagedInstanceTO.Nic> nics = new ArrayList<>();
-        if (xmlParser != null) {
-            List<LibvirtVMDef.InterfaceDef> interfaces = xmlParser.getInterfaces();
-            for (LibvirtVMDef.InterfaceDef interfaceDef : interfaces) {
-                UnmanagedInstanceTO.Nic nic = new UnmanagedInstanceTO.Nic();
-                nic.setMacAddress(interfaceDef.getMacAddress());
-                nic.setNicId(interfaceDef.getBrName());
-                nic.setAdapterType(interfaceDef.getModel().toString());
-                nics.add(nic);
-            }
-        }
-        return nics;
-    }
-
-    protected List<UnmanagedInstanceTO.Disk> getUnmanagedInstanceDisks(List<KVMPhysicalDisk> vmDisks, LibvirtDomainXMLParser xmlParser) {
-        List<UnmanagedInstanceTO.Disk> instanceDisks = new ArrayList<>();
-        List<LibvirtVMDef.DiskDef> diskDefs = xmlParser != null ? xmlParser.getDisks() : null;
-        for (int i = 0; i< vmDisks.size(); i++) {
-            KVMPhysicalDisk physicalDisk = vmDisks.get(i);
-            KVMStoragePool storagePool = physicalDisk.getPool();
-            UnmanagedInstanceTO.Disk disk = new UnmanagedInstanceTO.Disk();
-            disk.setPosition(i);
-            Pair<String, String> storagePoolHostAndPath = getNfsStoragePoolHostAndPath(storagePool);
-            disk.setDatastoreHost(storagePoolHostAndPath.first());
-            disk.setDatastorePath(storagePoolHostAndPath.second());
-            disk.setDatastoreName(storagePool.getUuid());
-            disk.setDatastoreType(storagePool.getType().name());
-            disk.setCapacity(physicalDisk.getVirtualSize());
-            disk.setFileBaseName(physicalDisk.getName());
-            if (CollectionUtils.isNotEmpty(diskDefs)) {
-                LibvirtVMDef.DiskDef diskDef = diskDefs.get(i);
-                disk.setController(diskDef.getBusType() != null ? diskDef.getBusType().toString() : LibvirtVMDef.DiskDef.DiskBus.VIRTIO.toString());
-            } else {
-                // If the job is finished but we cannot parse the XML, the guest VM can use the virtio driver
-                disk.setController(LibvirtVMDef.DiskDef.DiskBus.VIRTIO.toString());
-            }
-            instanceDisks.add(disk);
-        }
-        return instanceDisks;
-    }
-
-    protected Pair<String, String> getNfsStoragePoolHostAndPath(KVMStoragePool storagePool) {
-        String sourceHostIp = null;
-        String sourcePath = null;
-        List<String[]> commands = new ArrayList<>();
-        commands.add(new String[]{Script.getExecutableAbsolutePath("mount")});
-        commands.add(new String[]{Script.getExecutableAbsolutePath("grep"), storagePool.getLocalPath()});
-        String storagePoolMountPoint = Script.executePipedCommands(commands, 0).second();
-        logger.debug(String.format("NFS Storage pool: %s - local path: %s, mount point: %s", storagePool.getUuid(), storagePool.getLocalPath(), storagePoolMountPoint));
-        if (StringUtils.isNotEmpty(storagePoolMountPoint)) {
-            String[] res = storagePoolMountPoint.strip().split(" ");
-            res = res[0].split(":");
-            if (res.length > 1) {
-                sourceHostIp = res[0].strip();
-                sourcePath = res[1].strip();
-            }
-        }
-        return new Pair<>(sourceHostIp, sourcePath);
-    }
-
     private boolean exportOVAFromVMOnVcenter(String vmExportUrl,
                                              String targetOvfDir,
                                              int noOfThreads,
@@ -412,27 +240,6 @@ public class LibvirtConvertInstanceCommandWrapper extends CommandWrapper<Convert
         return exitValue == 0;
     }
 
-    protected LibvirtDomainXMLParser parseMigratedVMXmlDomain(String installPath) throws IOException {
-        String xmlPath = String.format("%s.xml", installPath);
-        if (!new File(xmlPath).exists()) {
-            String err = String.format("Conversion failed. Unable to find the converted XML domain, expected %s", xmlPath);
-            logger.error(err);
-            throw new CloudRuntimeException(err);
-        }
-        InputStream is = new BufferedInputStream(new FileInputStream(xmlPath));
-        String xml = IOUtils.toString(is, Charset.defaultCharset());
-        final LibvirtDomainXMLParser parser = new LibvirtDomainXMLParser();
-        try {
-            parser.parseDomainXML(xml);
-            return parser;
-        } catch (RuntimeException e) {
-            String err = String.format("Error parsing the converted instance XML domain at %s: %s", xmlPath, e.getMessage());
-            logger.error(err, e);
-            logger.debug(xml);
-            return null;
-        }
-    }
-
     protected String encodeUsername(String username) {
         return URLEncoder.encode(username, Charset.defaultCharset());
     }
diff --git a/plugins/hypervisors/kvm/src/test/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtConvertInstanceCommandWrapperTest.java b/plugins/hypervisors/kvm/src/test/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtConvertInstanceCommandWrapperTest.java
index 9537469145f..b369cf25f3d 100644
--- a/plugins/hypervisors/kvm/src/test/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtConvertInstanceCommandWrapperTest.java
+++ b/plugins/hypervisors/kvm/src/test/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtConvertInstanceCommandWrapperTest.java
@@ -22,7 +22,6 @@ import java.util.List;
 import java.util.UUID;
 
 import org.apache.cloudstack.storage.to.PrimaryDataStoreTO;
-import org.apache.cloudstack.vm.UnmanagedInstanceTO;
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.Test;
@@ -40,13 +39,10 @@ import com.cloud.agent.api.to.NfsTO;
 import com.cloud.agent.api.to.RemoteInstanceTO;
 import com.cloud.hypervisor.Hypervisor;
 import com.cloud.hypervisor.kvm.resource.LibvirtComputingResource;
-import com.cloud.hypervisor.kvm.resource.LibvirtDomainXMLParser;
 import com.cloud.hypervisor.kvm.resource.LibvirtVMDef;
 import com.cloud.hypervisor.kvm.storage.KVMPhysicalDisk;
 import com.cloud.hypervisor.kvm.storage.KVMStoragePool;
 import com.cloud.hypervisor.kvm.storage.KVMStoragePoolManager;
-import com.cloud.storage.Storage;
-import com.cloud.utils.Pair;
 import com.cloud.utils.script.Script;
 
 @RunWith(MockitoJUnitRunner.class)
@@ -118,72 +114,6 @@ public class LibvirtConvertInstanceCommandWrapperTest {
         Assert.assertEquals(relativePath, diskDef.getDiskPath());
     }
 
-    @Test
-    public void testMoveTemporaryDisksToDestination() {
-        KVMPhysicalDisk sourceDisk = Mockito.mock(KVMPhysicalDisk.class);
-        List<KVMPhysicalDisk> disks = List.of(sourceDisk);
-        String destinationPoolUuid = UUID.randomUUID().toString();
-        List<String> destinationPools = List.of(destinationPoolUuid);
-
-        KVMPhysicalDisk destDisk = Mockito.mock(KVMPhysicalDisk.class);
-        Mockito.when(destDisk.getPath()).thenReturn("xyz");
-        Mockito.when(storagePoolManager.getStoragePool(Storage.StoragePoolType.NetworkFilesystem, destinationPoolUuid))
-                .thenReturn(destinationPool);
-        Mockito.when(destinationPool.getType()).thenReturn(Storage.StoragePoolType.NetworkFilesystem);
-        Mockito.when(storagePoolManager.copyPhysicalDisk(Mockito.eq(sourceDisk), Mockito.anyString(), Mockito.eq(destinationPool), Mockito.anyInt()))
-                .thenReturn(destDisk);
-
-        List<KVMPhysicalDisk> movedDisks = convertInstanceCommandWrapper.moveTemporaryDisksToDestination(disks, destinationPools, storagePoolManager);
-        Assert.assertEquals(1, movedDisks.size());
-        Assert.assertEquals("xyz", movedDisks.get(0).getPath());
-    }
-
-    @Test
-    public void testGetUnmanagedInstanceDisks() {
-        try (MockedStatic<Script> ignored = Mockito.mockStatic(Script.class)) {
-            String relativePath = UUID.randomUUID().toString();
-            LibvirtVMDef.DiskDef diskDef = new LibvirtVMDef.DiskDef();
-            LibvirtVMDef.DiskDef.DiskBus bus = LibvirtVMDef.DiskDef.DiskBus.IDE;
-            LibvirtVMDef.DiskDef.DiskFmtType type = LibvirtVMDef.DiskDef.DiskFmtType.QCOW2;
-            diskDef.defFileBasedDisk(relativePath, relativePath, bus, type);
-
-            KVMPhysicalDisk sourceDisk = Mockito.mock(KVMPhysicalDisk.class);
-            Mockito.when(sourceDisk.getName()).thenReturn(UUID.randomUUID().toString());
-            Mockito.when(sourceDisk.getPool()).thenReturn(destinationPool);
-            Mockito.when(destinationPool.getType()).thenReturn(Storage.StoragePoolType.NetworkFilesystem);
-            List<KVMPhysicalDisk> disks = List.of(sourceDisk);
-
-            LibvirtDomainXMLParser parser = Mockito.mock(LibvirtDomainXMLParser.class);
-            Mockito.when(parser.getDisks()).thenReturn(List.of(diskDef));
-            Mockito.doReturn(new Pair<String, String>(null, null)).when(convertInstanceCommandWrapper).getNfsStoragePoolHostAndPath(destinationPool);
-
-            Mockito.when(Script.executePipedCommands(Mockito.anyList(), Mockito.anyLong()))
-                    .thenReturn(new Pair<>(0, null));
-
-            List<UnmanagedInstanceTO.Disk> unmanagedInstanceDisks = convertInstanceCommandWrapper.getUnmanagedInstanceDisks(disks, parser);
-            Assert.assertEquals(1, unmanagedInstanceDisks.size());
-            UnmanagedInstanceTO.Disk disk = unmanagedInstanceDisks.get(0);
-            Assert.assertEquals(LibvirtVMDef.DiskDef.DiskBus.IDE.toString(), disk.getController());
-        }
-    }
-
-    @Test
-    public void testGetNfsStoragePoolHostAndPath() {
-        try (MockedStatic<Script> ignored = Mockito.mockStatic(Script.class)) {
-            String localMountPoint = "/mnt/xyz";
-            String host = "192.168.1.2";
-            String path = "/secondary";
-            String mountOutput = String.format("%s:%s on %s type nfs (...)", host, path, localMountPoint);
-            Mockito.when(temporaryPool.getLocalPath()).thenReturn(localMountPoint);
-            Mockito.when(Script.executePipedCommands(Mockito.anyList(), Mockito.anyLong()))
-                    .thenReturn(new Pair<>(0, mountOutput));
-
-            Pair<String, String> pair = convertInstanceCommandWrapper.getNfsStoragePoolHostAndPath(temporaryPool);
-            Assert.assertEquals(host, pair.first());
-            Assert.assertEquals(path, pair.second());
-        }
-    }
-
     private RemoteInstanceTO getRemoteInstanceTO(Hypervisor.HypervisorType hypervisorType) {
         RemoteInstanceTO remoteInstanceTO = Mockito.mock(RemoteInstanceTO.class);
         Mockito.when(remoteInstanceTO.getHypervisorType()).thenReturn(hypervisorType);
diff --git a/server/src/main/java/org/apache/cloudstack/vm/UnmanagedVMsManagerImpl.java b/server/src/main/java/org/apache/cloudstack/vm/UnmanagedVMsManagerImpl.java
index 8d5387b3ffd..03c0ad06dc9 100644
--- a/server/src/main/java/org/apache/cloudstack/vm/UnmanagedVMsManagerImpl.java
+++ b/server/src/main/java/org/apache/cloudstack/vm/UnmanagedVMsManagerImpl.java
@@ -1962,27 +1962,12 @@ public class UnmanagedVMsManagerImpl implements UnmanagedVMsManager {
         RemoteInstanceTO remoteInstanceTO = new RemoteInstanceTO(sourceVM);
         List<String> destinationStoragePools = selectInstanceConversionStoragePools(convertStoragePools, sourceVMwareInstance.getDisks(), serviceOffering, dataDiskOfferingMap);
         ConvertInstanceCommand cmd = new ConvertInstanceCommand(remoteInstanceTO,
-                Hypervisor.HypervisorType.KVM, destinationStoragePools, temporaryConvertLocation, ovfTemplateDirConvertLocation, false, false);
+                Hypervisor.HypervisorType.KVM, temporaryConvertLocation, ovfTemplateDirConvertLocation, false, false);
         int timeoutSeconds = UnmanagedVMsManager.ConvertVmwareInstanceToKvmTimeout.value() * 60 * 60;
         cmd.setWait(timeoutSeconds);
 
-        Answer convertAnswer;
-        try {
-             convertAnswer = agentManager.send(convertHost.getId(), cmd);
-        } catch (AgentUnavailableException | OperationTimedoutException e) {
-            String err = String.format("Could not send the convert instance command to host %s due to: %s",
-                    convertHost, e.getMessage());
-            logger.error(err, e);
-            throw new CloudRuntimeException(err);
-        }
-
-        if (!convertAnswer.getResult()) {
-            String err = String.format("The convert process failed for instance %s from VMware to KVM on host %s: %s",
-                    sourceVM, convertHost, convertAnswer.getDetails());
-            logger.error(err);
-            throw new CloudRuntimeException(err);
-        }
-        return ((ConvertInstanceAnswer) convertAnswer).getConvertedInstance();
+        return convertAndImportToKVM(cmd, convertHost, importHost, sourceVM,
+                remoteInstanceTO, destinationStoragePools, temporaryConvertLocation);
     }
 
     private UnmanagedInstanceTO convertVmwareInstanceToKVMAfterExportingOVFToConvertLocation(
@@ -1997,7 +1982,7 @@ public class UnmanagedVMsManagerImpl implements UnmanagedVMsManager {
         RemoteInstanceTO remoteInstanceTO = new RemoteInstanceTO(sourceVMwareInstance.getName(), sourceVMwareInstance.getPath(), vcenterHost, vcenterUsername, vcenterPassword, datacenterName);
         List<String> destinationStoragePools = selectInstanceConversionStoragePools(convertStoragePools, sourceVMwareInstance.getDisks(), serviceOffering, dataDiskOfferingMap);
         ConvertInstanceCommand cmd = new ConvertInstanceCommand(remoteInstanceTO,
-                Hypervisor.HypervisorType.KVM, destinationStoragePools, temporaryConvertLocation, null, false, true);
+                Hypervisor.HypervisorType.KVM, temporaryConvertLocation, null, false, true);
         int timeoutSeconds = UnmanagedVMsManager.ConvertVmwareInstanceToKvmTimeout.value() * 60 * 60;
         cmd.setWait(timeoutSeconds);
         int noOfThreads = UnmanagedVMsManager.ThreadsOnKVMHostToImportVMwareVMFiles.value();
@@ -2065,7 +2050,6 @@ public class UnmanagedVMsManagerImpl implements UnmanagedVMsManager {
         List<StoragePoolVO> pools = new ArrayList<>();
         pools.addAll(primaryDataStoreDao.findClusterWideStoragePoolsByHypervisorAndPoolType(destinationCluster.getId(), Hypervisor.HypervisorType.KVM, Storage.StoragePoolType.NetworkFilesystem));
         pools.addAll(primaryDataStoreDao.findZoneWideStoragePoolsByHypervisorAndPoolType(destinationCluster.getDataCenterId(), Hypervisor.HypervisorType.KVM, Storage.StoragePoolType.NetworkFilesystem));
-        List<String> diskOfferingTags = new ArrayList<>();
         if (pools.isEmpty()) {
             String msg = String.format("Cannot find suitable storage pools in the cluster %s for the conversion", destinationCluster.getName());
             logger.error(msg);
@@ -2092,39 +2076,8 @@ public class UnmanagedVMsManagerImpl implements UnmanagedVMsManager {
                 logger.error(msg);
                 throw new CloudRuntimeException(msg);
             }
-            diskOfferingTags.add(diskOffering.getTags());
-        }
-        if (serviceOffering.getDiskOfferingId() != null) {
-            DiskOfferingVO diskOffering = diskOfferingDao.findById(serviceOffering.getDiskOfferingId());
-            if (diskOffering != null) {
-                diskOfferingTags.add(diskOffering.getTags());
-            }
-        }
-
-        pools = getPoolsWithMatchingTags(pools, diskOfferingTags);
-        if (pools.isEmpty()) {
-            String msg = String.format("Cannot find suitable storage pools in cluster %s for the conversion", destinationCluster);
-            logger.error(msg);
-            throw new CloudRuntimeException(msg);
-        }
-        return pools;
-    }
-
-    private List<StoragePoolVO> getPoolsWithMatchingTags(List<StoragePoolVO> pools, List<String> diskOfferingTags) {
-        if (diskOfferingTags.isEmpty()) {
-            return pools;
-        }
-        List<StoragePoolVO> poolsSupportingTags = new ArrayList<>(pools);
-        for (String tags : diskOfferingTags) {
-            boolean tagsMatched = false;
-            for (StoragePoolVO pool : pools) {
-                if (volumeApiService.doesStoragePoolSupportDiskOfferingTags(pool, tags)) {
-                    poolsSupportingTags.add(pool);
-                    tagsMatched = true;
-                }
-            }
-            if (!tagsMatched) {
-                String msg = String.format("Cannot find suitable storage pools for the conversion with disk offering tags %s", tags);
+            if (getStoragePoolWithTags(pools, diskOffering.getTags()) == null) {
+                String msg = String.format("Cannot find suitable storage pool for disk offering %s", diskOffering.getName());
                 logger.error(msg);
                 throw new CloudRuntimeException(msg);
             }
diff --git a/server/src/test/java/org/apache/cloudstack/vm/UnmanagedVMsManagerImplTest.java b/server/src/test/java/org/apache/cloudstack/vm/UnmanagedVMsManagerImplTest.java
index 8cfae6b9a6e..4ea6af7c6f4 100644
--- a/server/src/test/java/org/apache/cloudstack/vm/UnmanagedVMsManagerImplTest.java
+++ b/server/src/test/java/org/apache/cloudstack/vm/UnmanagedVMsManagerImplTest.java
@@ -700,11 +700,9 @@ public class UnmanagedVMsManagerImplTest {
         }
 
         when(volumeApiService.doesStoragePoolSupportDiskOffering(any(StoragePool.class), any(DiskOffering.class))).thenReturn(true);
-        when(volumeApiService.doesStoragePoolSupportDiskOfferingTags(any(StoragePool.class), any())).thenReturn(true);
 
         ConvertInstanceAnswer convertInstanceAnswer = mock(ConvertInstanceAnswer.class);
         ImportConvertedInstanceAnswer convertImportedInstanceAnswer = mock(ImportConvertedInstanceAnswer.class);
-        when(convertInstanceAnswer.getConvertedInstance()).thenReturn(instance);
         when(convertInstanceAnswer.getResult()).thenReturn(vcenterParameter != VcenterParameter.CONVERT_FAILURE);
         Mockito.lenient().when(convertImportedInstanceAnswer.getConvertedInstance()).thenReturn(instance);
         Mockito.lenient().when(convertImportedInstanceAnswer.getResult()).thenReturn(vcenterParameter != VcenterParameter.CONVERT_FAILURE);

From 39c8c4dbae98ec5695465d39c9ca1b6afba72354 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bernardo=20De=20Marco=20Gon=C3=A7alves?=
 <bernardomg2004@gmail.com>
Date: Sat, 5 Jul 2025 10:20:08 -0300
Subject: [PATCH 10/83] Normalize naming of Kubernetes clusters (#10778)

---
 ...esClusterResourceModifierActionWorker.java |  38 +++--
 ...usterResourceModifierActionWorkerTest.java | 138 ++++++++++++++++++
 .../java/com/cloud/utils/net/NetUtils.java    |  22 ++-
 3 files changed, 182 insertions(+), 16 deletions(-)
 create mode 100644 plugins/integrations/kubernetes-service/src/test/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterResourceModifierActionWorkerTest.java

diff --git a/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterResourceModifierActionWorker.java b/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterResourceModifierActionWorker.java
index 60cd9a2dff4..667bc00605b 100644
--- a/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterResourceModifierActionWorker.java
+++ b/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterResourceModifierActionWorker.java
@@ -153,6 +153,8 @@ public class KubernetesClusterResourceModifierActionWorker extends KubernetesClu
 
     protected String kubernetesClusterNodeNamePrefix;
 
+    private static final int MAX_CLUSTER_PREFIX_LENGTH = 43;
+
     protected KubernetesClusterResourceModifierActionWorker(final KubernetesCluster kubernetesCluster, final KubernetesClusterManagerImpl clusterManager) {
         super(kubernetesCluster, clusterManager);
     }
@@ -772,19 +774,35 @@ public class KubernetesClusterResourceModifierActionWorker extends KubernetesClu
         }
     }
 
+    /**
+     * Generates a valid name prefix for Kubernetes cluster nodes.
+     *
+     * <p>The prefix must comply with Kubernetes naming constraints:
+     * <ul>
+     *   <li>Maximum 63 characters total</li>
+     *   <li>Only lowercase alphanumeric characters and hyphens</li>
+     *   <li>Must start with a letter</li>
+     *   <li>Must end with an alphanumeric character</li>
+     * </ul>
+     *
+     * <p>The generated prefix is limited to 43 characters to accommodate the full node naming pattern:
+     * <pre>{'prefix'}-{'control' | 'node'}-{'11-digit-hash'}</pre>
+     *
+     * @return A valid node name prefix, truncated if necessary
+     * @see <a href="https://kubernetes.io/docs/concepts/overview/working-with-objects/names/">Kubernetes "Object Names and IDs" documentation</a>
+     */
     protected String getKubernetesClusterNodeNamePrefix() {
-        String prefix = kubernetesCluster.getName();
-        if (!NetUtils.verifyDomainNameLabel(prefix, true)) {
-            prefix = prefix.replaceAll("[^a-zA-Z0-9-]", "");
-            if (prefix.length() == 0) {
-                prefix = kubernetesCluster.getUuid();
-            }
-            prefix = "k8s-" + prefix;
+        String prefix = kubernetesCluster.getName().toLowerCase();
+
+        if (NetUtils.verifyDomainNameLabel(prefix, true)) {
+            return StringUtils.truncate(prefix, MAX_CLUSTER_PREFIX_LENGTH);
         }
-        if (prefix.length() > 40) {
-            prefix = prefix.substring(0, 40);
+
+        prefix = prefix.replaceAll("[^a-z0-9-]", "");
+        if (prefix.isEmpty()) {
+            prefix = kubernetesCluster.getUuid();
         }
-        return prefix;
+        return StringUtils.truncate("k8s-" + prefix, MAX_CLUSTER_PREFIX_LENGTH);
     }
 
     protected KubernetesClusterVO updateKubernetesClusterEntry(final Long cores, final Long memory, final Long size,
diff --git a/plugins/integrations/kubernetes-service/src/test/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterResourceModifierActionWorkerTest.java b/plugins/integrations/kubernetes-service/src/test/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterResourceModifierActionWorkerTest.java
new file mode 100644
index 00000000000..c220a3468af
--- /dev/null
+++ b/plugins/integrations/kubernetes-service/src/test/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterResourceModifierActionWorkerTest.java
@@ -0,0 +1,138 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package com.cloud.kubernetes.cluster.actionworkers;
+
+import com.cloud.kubernetes.cluster.KubernetesCluster;
+import com.cloud.kubernetes.cluster.KubernetesClusterManagerImpl;
+import com.cloud.kubernetes.cluster.dao.KubernetesClusterDao;
+import com.cloud.kubernetes.cluster.dao.KubernetesClusterDetailsDao;
+import com.cloud.kubernetes.cluster.dao.KubernetesClusterVmMapDao;
+import com.cloud.kubernetes.version.dao.KubernetesSupportedVersionDao;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.Mock;
+import org.mockito.Mockito;
+import org.mockito.junit.MockitoJUnitRunner;
+
+@RunWith(MockitoJUnitRunner.class)
+public class KubernetesClusterResourceModifierActionWorkerTest {
+    @Mock
+    private KubernetesClusterDao kubernetesClusterDaoMock;
+
+    @Mock
+    private KubernetesClusterDetailsDao kubernetesClusterDetailsDaoMock;
+
+    @Mock
+    private KubernetesClusterVmMapDao kubernetesClusterVmMapDaoMock;
+
+    @Mock
+    private KubernetesSupportedVersionDao kubernetesSupportedVersionDaoMock;
+
+    @Mock
+    private KubernetesClusterManagerImpl kubernetesClusterManagerMock;
+
+    @Mock
+    private KubernetesCluster kubernetesClusterMock;
+
+    private KubernetesClusterResourceModifierActionWorker kubernetesClusterResourceModifierActionWorker;
+
+    @Before
+    public void setUp() {
+        kubernetesClusterManagerMock.kubernetesClusterDao = kubernetesClusterDaoMock;
+        kubernetesClusterManagerMock.kubernetesSupportedVersionDao = kubernetesSupportedVersionDaoMock;
+        kubernetesClusterManagerMock.kubernetesClusterDetailsDao = kubernetesClusterDetailsDaoMock;
+        kubernetesClusterManagerMock.kubernetesClusterVmMapDao = kubernetesClusterVmMapDaoMock;
+
+        kubernetesClusterResourceModifierActionWorker = new KubernetesClusterResourceModifierActionWorker(kubernetesClusterMock, kubernetesClusterManagerMock);
+    }
+
+    @Test
+    public void getKubernetesClusterNodeNamePrefixTestReturnOriginalPrefixWhenNamingAllRequirementsAreMet() {
+        String originalPrefix = "k8s-cluster-01";
+        String expectedPrefix = "k8s-cluster-01";
+
+        Mockito.when(kubernetesClusterMock.getName()).thenReturn(originalPrefix);
+        Assert.assertEquals(expectedPrefix, kubernetesClusterResourceModifierActionWorker.getKubernetesClusterNodeNamePrefix());
+    }
+
+    @Test
+    public void getKubernetesClusterNodeNamePrefixTestNormalizedPrefixShouldOnlyContainLowerCaseCharacters() {
+        String originalPrefix = "k8s-CLUSTER-01";
+        String expectedPrefix = "k8s-cluster-01";
+
+        Mockito.when(kubernetesClusterMock.getName()).thenReturn(originalPrefix);
+        Assert.assertEquals(expectedPrefix, kubernetesClusterResourceModifierActionWorker.getKubernetesClusterNodeNamePrefix());
+    }
+
+    @Test
+    public void getKubernetesClusterNodeNamePrefixTestNormalizedPrefixShouldBeTruncatedWhenRequired() {
+        int maxPrefixLength = 43;
+
+        String originalPrefix = "c".repeat(maxPrefixLength + 1);
+        String expectedPrefix = "c".repeat(maxPrefixLength);
+
+        Mockito.when(kubernetesClusterMock.getName()).thenReturn(originalPrefix);
+        String normalizedPrefix = kubernetesClusterResourceModifierActionWorker.getKubernetesClusterNodeNamePrefix();
+        Assert.assertEquals(expectedPrefix, normalizedPrefix);
+        Assert.assertEquals(maxPrefixLength, normalizedPrefix.length());
+    }
+
+    @Test
+    public void getKubernetesClusterNodeNamePrefixTestNormalizedPrefixShouldBeTruncatedWhenRequiredAndWhenOriginalPrefixIsInvalid() {
+        int maxPrefixLength = 43;
+
+        String originalPrefix = "1!" + "c".repeat(maxPrefixLength);
+        String expectedPrefix = "k8s-1" + "c".repeat(maxPrefixLength - 5);
+
+        Mockito.when(kubernetesClusterMock.getName()).thenReturn(originalPrefix);
+        String normalizedPrefix = kubernetesClusterResourceModifierActionWorker.getKubernetesClusterNodeNamePrefix();
+        Assert.assertEquals(expectedPrefix, normalizedPrefix);
+        Assert.assertEquals(maxPrefixLength, normalizedPrefix.length());
+    }
+
+    @Test
+    public void getKubernetesClusterNodeNamePrefixTestNormalizedPrefixShouldOnlyIncludeAlphanumericCharactersAndHyphen() {
+        String originalPrefix = "Cluster!@#$%^&*()_+?.-01|<>";
+        String expectedPrefix = "k8s-cluster-01";
+
+        Mockito.when(kubernetesClusterMock.getName()).thenReturn(originalPrefix);
+        Assert.assertEquals(expectedPrefix, kubernetesClusterResourceModifierActionWorker.getKubernetesClusterNodeNamePrefix());
+    }
+
+    @Test
+    public void getKubernetesClusterNodeNamePrefixTestNormalizedPrefixShouldContainClusterUuidWhenAllCharactersAreInvalid() {
+        String clusterUuid = "2699b547-cb56-4a59-a2c6-331cfb21d2e4";
+        String originalPrefix = "!@#$%^&*()_+?.|<>";
+        String expectedPrefix = "k8s-" + clusterUuid;
+
+        Mockito.when(kubernetesClusterMock.getUuid()).thenReturn(clusterUuid);
+        Mockito.when(kubernetesClusterMock.getName()).thenReturn(originalPrefix);
+        Assert.assertEquals(expectedPrefix, kubernetesClusterResourceModifierActionWorker.getKubernetesClusterNodeNamePrefix());
+    }
+
+    @Test
+    public void getKubernetesClusterNodeNamePrefixTestNormalizedPrefixShouldNotStartWithADigit() {
+        String originalPrefix = "1 cluster";
+        String expectedPrefix = "k8s-1cluster";
+
+        Mockito.when(kubernetesClusterMock.getName()).thenReturn(originalPrefix);
+        Assert.assertEquals(expectedPrefix, kubernetesClusterResourceModifierActionWorker.getKubernetesClusterNodeNamePrefix());
+    }
+}
diff --git a/utils/src/main/java/com/cloud/utils/net/NetUtils.java b/utils/src/main/java/com/cloud/utils/net/NetUtils.java
index 47c35eaada1..802b84f6a1c 100644
--- a/utils/src/main/java/com/cloud/utils/net/NetUtils.java
+++ b/utils/src/main/java/com/cloud/utils/net/NetUtils.java
@@ -1055,13 +1055,23 @@ public class NetUtils {
         return Integer.toString(portRange[0]) + ":" + Integer.toString(portRange[1]);
     }
 
+    /**
+     * Validates a domain name.
+     *
+     * <p>Domain names must satisfy the following constraints:
+     * <ul>
+     *   <li>Length between 1 and 63 characters</li>
+     *   <li>Contain only ASCII letters 'a' through 'z' (case-insensitive)</li>
+     *   <li>Can include digits '0' through '9' and hyphens (-)</li>
+     *   <li>Must not start or end with a hyphen</li>
+     *   <li>If used as hostname, must not start with a digit</li>
+     * </ul>
+     *
+     * @param hostName The domain name to validate
+     * @param isHostName If true, verifies whether the domain name starts with a digit
+     * @return true if the domain name is valid, false otherwise
+     */
     public static boolean verifyDomainNameLabel(final String hostName, final boolean isHostName) {
-        // must be between 1 and 63 characters long and may contain only the ASCII letters 'a' through 'z' (in a
-        // case-insensitive manner),
-        // the digits '0' through '9', and the hyphen ('-').
-        // Can not start with a hyphen and digit, and must not end with a hyphen
-        // If it's a host name, don't allow to start with digit
-
         if (hostName.length() > 63 || hostName.length() < 1) {
             s_logger.warn("Domain name label must be between 1 and 63 characters long");
             return false;

From e47b78b2bbb4842625f7bf311a045815ed0badaa Mon Sep 17 00:00:00 2001
From: Wei Zhou <weizhou@apache.org>
Date: Mon, 7 Jul 2025 13:36:16 +0200
Subject: [PATCH 11/83] directdownload: fix keytool importcert (#11113)

* directdownload: fix keytool importcert

```
$ /usr/bin/keytool -importcert file /etc/cloudstack/agent/CSCERTIFICATE-full -keystore /etc/cloudstack/agent/cloud.jks -alias full -storepass DAWsfkJeeGrmhta6
Illegal option:  file
keytool -importcert [OPTION]...

Imports a certificate or a certificate chain

Options:

 -noprompt               do not prompt
 -trustcacerts           trust certificates from cacerts
 -protected              password through protected mechanism
 -alias <alias>          alias name of the entry to process
 -file <file>            input file name
 -keypass <arg>          key password
 -keystore <keystore>    keystore name
 -cacerts                access the cacerts keystore
 -storepass <arg>        keystore password
 -storetype <type>       keystore type
 -providername <name>    provider name
 -addprovider <name>     add security provider by name (e.g. SunPKCS11)
   [-providerarg <arg>]    configure argument for -addprovider
 -providerclass <class>  add security provider by fully-qualified class name
   [-providerarg <arg>]    configure argument for -providerclass
 -providerpath <list>    provider classpath
 -v                      verbose output

Use "keytool -?, -h, or --help" for this help message
```

* DirectDownload: drop HttpsMultiTrustManager
---
 .../HttpsDirectTemplateDownloader.java        |  11 +-
 .../download/HttpsMultiTrustManager.java      | 102 ------------------
 ...rectDownloadCertificateCommandWrapper.java |   2 +-
 3 files changed, 6 insertions(+), 109 deletions(-)
 delete mode 100644 core/src/main/java/org/apache/cloudstack/direct/download/HttpsMultiTrustManager.java

diff --git a/core/src/main/java/org/apache/cloudstack/direct/download/HttpsDirectTemplateDownloader.java b/core/src/main/java/org/apache/cloudstack/direct/download/HttpsDirectTemplateDownloader.java
index 3a48ade4cd8..e3c74213d74 100644
--- a/core/src/main/java/org/apache/cloudstack/direct/download/HttpsDirectTemplateDownloader.java
+++ b/core/src/main/java/org/apache/cloudstack/direct/download/HttpsDirectTemplateDownloader.java
@@ -39,9 +39,7 @@ import java.util.Map;
 
 import javax.net.ssl.HttpsURLConnection;
 import javax.net.ssl.SSLContext;
-import javax.net.ssl.TrustManager;
 
-import org.apache.cloudstack.utils.security.SSLUtils;
 import org.apache.commons.collections.MapUtils;
 import org.apache.commons.httpclient.HttpStatus;
 import org.apache.commons.io.IOUtils;
@@ -55,6 +53,7 @@ import org.apache.http.client.methods.HttpUriRequest;
 import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
 import org.apache.http.impl.client.CloseableHttpClient;
 import org.apache.http.impl.client.HttpClients;
+import org.apache.http.ssl.SSLContexts;
 import org.apache.http.util.EntityUtils;
 
 import com.cloud.utils.Pair;
@@ -120,10 +119,10 @@ public class HttpsDirectTemplateDownloader extends DirectTemplateDownloaderImpl
                 String password = "changeit";
                 defaultKeystore.load(is, password.toCharArray());
             }
-            TrustManager[] tm = HttpsMultiTrustManager.getTrustManagersFromKeyStores(customKeystore, defaultKeystore);
-            SSLContext sslContext = SSLUtils.getSSLContext();
-            sslContext.init(null, tm, null);
-            return sslContext;
+            return SSLContexts.custom()
+                    .loadTrustMaterial(customKeystore, null)
+                    .loadTrustMaterial(defaultKeystore, null)
+                    .build();
         } catch (KeyStoreException | NoSuchAlgorithmException | CertificateException | IOException | KeyManagementException e) {
             s_logger.error(String.format("Failure getting SSL context for HTTPS downloader, using default SSL context: %s", e.getMessage()), e);
             try {
diff --git a/core/src/main/java/org/apache/cloudstack/direct/download/HttpsMultiTrustManager.java b/core/src/main/java/org/apache/cloudstack/direct/download/HttpsMultiTrustManager.java
deleted file mode 100644
index fe47847c36c..00000000000
--- a/core/src/main/java/org/apache/cloudstack/direct/download/HttpsMultiTrustManager.java
+++ /dev/null
@@ -1,102 +0,0 @@
-// Licensed to the Apache Software Foundation (ASF) under one
-// or more contributor license agreements.  See the NOTICE file
-// distributed with this work for additional information
-// regarding copyright ownership.  The ASF licenses this file
-// to you under the Apache License, Version 2.0 (the
-// "License"); you may not use this file except in compliance
-// with the License.  You may obtain a copy of the License at
-//
-//   http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing,
-// software distributed under the License is distributed on an
-// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-// KIND, either express or implied.  See the License for the
-// specific language governing permissions and limitations
-// under the License.
-package org.apache.cloudstack.direct.download;
-
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.List;
-
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.TrustManagerFactory;
-import javax.net.ssl.X509TrustManager;
-
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.Iterables;
-
-public class HttpsMultiTrustManager implements X509TrustManager {
-
-    private final List<X509TrustManager> trustManagers;
-
-    public HttpsMultiTrustManager(KeyStore... keystores) {
-        List<X509TrustManager> trustManagers = new ArrayList<>();
-        trustManagers.add(getTrustManager(null));
-        for (KeyStore keystore : keystores) {
-            trustManagers.add(getTrustManager(keystore));
-        }
-        this.trustManagers = ImmutableList.copyOf(trustManagers);
-    }
-
-    public static TrustManager[] getTrustManagersFromKeyStores(KeyStore... keyStore) {
-        return new TrustManager[] { new HttpsMultiTrustManager(keyStore) };
-
-    }
-
-    @Override
-    public void checkClientTrusted(X509Certificate[] chain, String authType) throws CertificateException {
-        for (X509TrustManager trustManager : trustManagers) {
-            try {
-                trustManager.checkClientTrusted(chain, authType);
-                return;
-            } catch (CertificateException ignored) {}
-        }
-        throw new CertificateException("None of the TrustManagers trust this certificate chain");
-    }
-
-    @Override
-    public void checkServerTrusted(X509Certificate[] chain, String authType) throws CertificateException {
-        for (X509TrustManager trustManager : trustManagers) {
-            try {
-                trustManager.checkServerTrusted(chain, authType);
-                return;
-            } catch (CertificateException ignored) {}
-        }
-        throw new CertificateException("None of the TrustManagers trust this certificate chain");
-    }
-
-    @Override
-    public X509Certificate[] getAcceptedIssuers() {
-        ImmutableList.Builder<X509Certificate> certificates = ImmutableList.builder();
-        for (X509TrustManager trustManager : trustManagers) {
-            for (X509Certificate cert : trustManager.getAcceptedIssuers()) {
-                certificates.add(cert);
-            }
-        }
-        return Iterables.toArray(certificates.build(), X509Certificate.class);
-    }
-
-    public X509TrustManager getTrustManager(KeyStore keystore) {
-        return getTrustManager(TrustManagerFactory.getDefaultAlgorithm(), keystore);
-    }
-
-    public X509TrustManager getTrustManager(String algorithm, KeyStore keystore) {
-        TrustManagerFactory factory;
-        try {
-            factory = TrustManagerFactory.getInstance(algorithm);
-            factory.init(keystore);
-            return Iterables.getFirst(Iterables.filter(
-                    Arrays.asList(factory.getTrustManagers()), X509TrustManager.class), null);
-        } catch (NoSuchAlgorithmException | KeyStoreException e) {
-            e.printStackTrace();
-        }
-        return null;
-    }
-}
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtSetupDirectDownloadCertificateCommandWrapper.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtSetupDirectDownloadCertificateCommandWrapper.java
index d2b69412a72..1a8de7a8c5b 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtSetupDirectDownloadCertificateCommandWrapper.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtSetupDirectDownloadCertificateCommandWrapper.java
@@ -86,7 +86,7 @@ public class LibvirtSetupDirectDownloadCertificateCommandWrapper extends Command
     private void importCertificate(String tempCerFilePath, String keyStoreFile, String certificateName, String privatePassword) {
         s_logger.debug("Importing certificate from temporary file to keystore");
         String keyToolPath = Script.getExecutableAbsolutePath("keytool");
-        int result = Script.executeCommandForExitValue(keyToolPath, "-importcert", "file", tempCerFilePath,
+        int result = Script.executeCommandForExitValue(keyToolPath, "-importcert", "-file", tempCerFilePath,
                 "-keystore", keyStoreFile, "-alias", sanitizeBashCommandArgument(certificateName), "-storepass",
                 privatePassword, "-noprompt");
         if (result != 0) {

From c782835f01241be8ffdca4d6afa9896990e994e6 Mon Sep 17 00:00:00 2001
From: Nicolas Vazquez <nicovazquez90@gmail.com>
Date: Wed, 9 Jul 2025 04:41:34 -0300
Subject: [PATCH 12/83] [Vmware to KVM Migration] Fix issue with vCenter
 Standalone hosts for VM listing (#11091)

---
 .../cloud/hypervisor/vmware/mo/BaseMO.java    | 21 +++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)

diff --git a/vmware-base/src/main/java/com/cloud/hypervisor/vmware/mo/BaseMO.java b/vmware-base/src/main/java/com/cloud/hypervisor/vmware/mo/BaseMO.java
index 0d380bd7ff7..3f27f6c80fe 100644
--- a/vmware-base/src/main/java/com/cloud/hypervisor/vmware/mo/BaseMO.java
+++ b/vmware-base/src/main/java/com/cloud/hypervisor/vmware/mo/BaseMO.java
@@ -251,8 +251,9 @@ public class BaseMO {
                 hostClusterPair = hostClusterNamesMap.get(hostMorValue);
             } else {
                 HostMO hostMO = new HostMO(_context, hostMor);
-                ClusterMO clusterMO = new ClusterMO(_context, hostMO.getHyperHostCluster());
-                hostClusterPair = new Pair<>(hostMO.getHostName(), clusterMO.getName());
+                String hostName = hostMO.getHostName();
+                String clusterName = getClusterNameFromHostIncludingStandaloneHosts(hostMO, hostName);
+                hostClusterPair = new Pair<>(hostName, clusterName);
                 hostClusterNamesMap.put(hostMorValue, hostClusterPair);
             }
             vm.setHostName(hostClusterPair.first());
@@ -260,4 +261,20 @@ public class BaseMO {
         }
     }
 
+    /**
+     * Return the cluster name of the host on the vCenter
+     * @return null in case the host is standalone (doesn't belong to a cluster), cluster name otherwise
+     */
+    private String getClusterNameFromHostIncludingStandaloneHosts(HostMO hostMO, String hostName) {
+        try {
+            ClusterMO clusterMO = new ClusterMO(_context, hostMO.getHyperHostCluster());
+            return clusterMO.getName();
+        } catch (Exception e) {
+            String msg = String.format("Cannot find a cluster for host %s, assuming standalone host, " +
+                    "setting its cluster name as empty", hostName);
+            s_logger.info(msg);
+            return null;
+        }
+    }
+
 }

From 1cbf1cd2cd848baf12a92b814c3297d2b4cc97d2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bernardo=20De=20Marco=20Gon=C3=A7alves?=
 <bernardomg2004@gmail.com>
Date: Wed, 9 Jul 2025 09:31:18 -0300
Subject: [PATCH 13/83] fix volumes search filter (#11168)

---
 ui/src/components/view/SearchView.vue | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ui/src/components/view/SearchView.vue b/ui/src/components/view/SearchView.vue
index 57e941a5844..fb66d24221b 100644
--- a/ui/src/components/view/SearchView.vue
+++ b/ui/src/components/view/SearchView.vue
@@ -978,7 +978,7 @@ export default {
     },
     fetchVolumes (searchKeyword) {
       return new Promise((resolve, reject) => {
-        api('listvolumes', { listAll: true, isencrypted: searchKeyword }).then(json => {
+        api('listVolumes', { listAll: true, isencrypted: searchKeyword }).then(json => {
           const volumes = json.listvolumesresponse.volume
           resolve({
             type: 'isencrypted',

From 67a1ea35f4e40f8f81acdc99a6624f0c8590b564 Mon Sep 17 00:00:00 2001
From: Wei Zhou <weizhou@apache.org>
Date: Thu, 10 Jul 2025 03:44:46 +0200
Subject: [PATCH 14/83] .github: restrict codecov in UI build to
 apache/cloudstack repo (#11158)

---
 .github/workflows/ui.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/ui.yml b/.github/workflows/ui.yml
index 476526aff32..1c2d2c07fc0 100644
--- a/.github/workflows/ui.yml
+++ b/.github/workflows/ui.yml
@@ -56,6 +56,7 @@ jobs:
           npm run test:unit
 
       - uses: codecov/codecov-action@v4
+        if: github.repository == 'apache/cloudstack'
         with:
           working-directory: ui
           files: ./coverage/lcov.info

From 7715b3dc29876e6a414b9269a0255fb3c3ceff1f Mon Sep 17 00:00:00 2001
From: Abhisar Sinha <63767682+abh1sar@users.noreply.github.com>
Date: Thu, 10 Jul 2025 13:09:13 +0530
Subject: [PATCH 15/83] Improve the error throws when a template to owned by a
 non root-admin is registered for all zones. (#11170)

---
 .../src/main/java/com/cloud/template/TemplateAdapterBase.java  | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/server/src/main/java/com/cloud/template/TemplateAdapterBase.java b/server/src/main/java/com/cloud/template/TemplateAdapterBase.java
index 74347d1c057..905f4f6124d 100644
--- a/server/src/main/java/com/cloud/template/TemplateAdapterBase.java
+++ b/server/src/main/java/com/cloud/template/TemplateAdapterBase.java
@@ -192,7 +192,8 @@ public abstract class TemplateAdapterBase extends AdapterBase implements Templat
 
         if (!isAdmin && zoneIdList == null && !isRegionStore ) {
             // domain admin and user should also be able to register template on a region store
-            throw new InvalidParameterValueException("Please specify a valid zone Id. Only admins can create templates in all zones.");
+            throw new InvalidParameterValueException("Template registered for 'All zones' can only be owned a Root Admin account. " +
+                    "Please select specific zone(s).");
         }
 
         // check for the url format only when url is not null. url can be null incase of form based upload

From 49c6fbdfaf3d0fe1ec03064cae9c42c1fd150a15 Mon Sep 17 00:00:00 2001
From: Abhishek Kumar <abhishek.mrt22@gmail.com>
Date: Mon, 14 Jul 2025 10:10:23 +0530
Subject: [PATCH 16/83] schema: fix missing columns index (#11171)

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
---
 .../main/java/com/cloud/upgrade/dao/Upgrade42000to42010.java    | 2 --
 1 file changed, 2 deletions(-)

diff --git a/engine/schema/src/main/java/com/cloud/upgrade/dao/Upgrade42000to42010.java b/engine/schema/src/main/java/com/cloud/upgrade/dao/Upgrade42000to42010.java
index d442dc89904..0c0a9f070ba 100644
--- a/engine/schema/src/main/java/com/cloud/upgrade/dao/Upgrade42000to42010.java
+++ b/engine/schema/src/main/java/com/cloud/upgrade/dao/Upgrade42000to42010.java
@@ -100,8 +100,6 @@ public class Upgrade42000to42010 extends DbUpgradeAbstractImpl implements DbUpgr
 
         DbUpgradeUtils.addIndexIfNeeded(conn, "network_offering_details", "name");
 
-        DbUpgradeUtils.addIndexIfNeeded(conn, "network_offering_details", "resource_id", "resource_type");
-
         DbUpgradeUtils.addIndexIfNeeded(conn, "service_offering", "cpu");
         DbUpgradeUtils.addIndexIfNeeded(conn, "service_offering", "speed");
         DbUpgradeUtils.addIndexIfNeeded(conn, "service_offering", "ram_size");

From 06c80cdbe9149abdf86a20df27b620b379e5e1b4 Mon Sep 17 00:00:00 2001
From: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
Date: Mon, 14 Jul 2025 15:36:30 +0530
Subject: [PATCH 17/83] Remove unfinished usage job entries of the host
 (#10848)

---
 .../java/com/cloud/usage/dao/UsageJobDao.java |  2 +
 .../com/cloud/usage/dao/UsageJobDaoImpl.java  | 37 ++++++++++++++++++-
 .../com/cloud/usage/UsageManagerImpl.java     | 23 +++++-------
 3 files changed, 47 insertions(+), 15 deletions(-)

diff --git a/engine/schema/src/main/java/com/cloud/usage/dao/UsageJobDao.java b/engine/schema/src/main/java/com/cloud/usage/dao/UsageJobDao.java
index f22a906054d..d4038d4ceeb 100644
--- a/engine/schema/src/main/java/com/cloud/usage/dao/UsageJobDao.java
+++ b/engine/schema/src/main/java/com/cloud/usage/dao/UsageJobDao.java
@@ -37,4 +37,6 @@ public interface UsageJobDao extends GenericDao<UsageJobVO, Long> {
     UsageJobVO isOwner(String hostname, int pid);
 
     void updateJobSuccess(Long jobId, long startMillis, long endMillis, long execTime, boolean success);
+
+    void removeLastOpenJobsOwned(String hostname, int pid);
 }
diff --git a/engine/schema/src/main/java/com/cloud/usage/dao/UsageJobDaoImpl.java b/engine/schema/src/main/java/com/cloud/usage/dao/UsageJobDaoImpl.java
index 065dc309ebe..4c58062413d 100644
--- a/engine/schema/src/main/java/com/cloud/usage/dao/UsageJobDaoImpl.java
+++ b/engine/schema/src/main/java/com/cloud/usage/dao/UsageJobDaoImpl.java
@@ -22,6 +22,7 @@ import java.util.Date;
 import java.util.List;
 
 
+import org.apache.commons.collections.CollectionUtils;
 import org.apache.log4j.Logger;
 import org.springframework.stereotype.Component;
 
@@ -116,7 +117,7 @@ public class UsageJobDaoImpl extends GenericDaoBase<UsageJobVO, Long> implements
     public UsageJobVO isOwner(String hostname, int pid) {
         TransactionLegacy txn = TransactionLegacy.open(TransactionLegacy.USAGE_DB);
         try {
-            if ((hostname == null) || (pid <= 0)) {
+            if (hostname == null || pid <= 0) {
                 return null;
             }
 
@@ -176,7 +177,7 @@ public class UsageJobDaoImpl extends GenericDaoBase<UsageJobVO, Long> implements
         SearchCriteria<UsageJobVO> sc = createSearchCriteria();
         sc.addAnd("endMillis", SearchCriteria.Op.EQ, Long.valueOf(0));
         sc.addAnd("jobType", SearchCriteria.Op.EQ, Integer.valueOf(UsageJobVO.JOB_TYPE_SINGLE));
-        sc.addAnd("scheduled", SearchCriteria.Op.EQ, Integer.valueOf(0));
+        sc.addAnd("scheduled", SearchCriteria.Op.EQ, Integer.valueOf(UsageJobVO.JOB_NOT_SCHEDULED));
         List<UsageJobVO> jobs = search(sc, filter);
 
         if ((jobs == null) || jobs.isEmpty()) {
@@ -196,4 +197,36 @@ public class UsageJobDaoImpl extends GenericDaoBase<UsageJobVO, Long> implements
         }
         return jobs.get(0).getHeartbeat();
     }
+
+    private List<UsageJobVO> getLastOpenJobsOwned(String hostname, int pid) {
+        SearchCriteria<UsageJobVO> sc = createSearchCriteria();
+        sc.addAnd("endMillis", SearchCriteria.Op.EQ, Long.valueOf(0));
+        sc.addAnd("host", SearchCriteria.Op.EQ, hostname);
+        if (pid > 0) {
+            sc.addAnd("pid", SearchCriteria.Op.EQ, Integer.valueOf(pid));
+        }
+        return listBy(sc);
+    }
+
+    @Override
+    public void removeLastOpenJobsOwned(String hostname, int pid) {
+        if (hostname == null) {
+            return;
+        }
+
+        TransactionLegacy txn = TransactionLegacy.open(TransactionLegacy.USAGE_DB);
+        try {
+            List<UsageJobVO> jobs = getLastOpenJobsOwned(hostname, pid);
+            if (CollectionUtils.isNotEmpty(jobs)) {
+                s_logger.info(String.format("Found %s opens job, to remove", jobs.size()));
+                for (UsageJobVO job : jobs) {
+                    s_logger.debug(String.format("Removing job - id: %d, pid: %d, job type: %d, scheduled: %d, heartbeat: %s",
+                            job.getId(), job.getPid(), job.getJobType(), job.getScheduled(), job.getHeartbeat()));
+                    remove(job.getId());
+                }
+            }
+        } finally {
+            txn.close();
+        }
+    }
 }
diff --git a/usage/src/main/java/com/cloud/usage/UsageManagerImpl.java b/usage/src/main/java/com/cloud/usage/UsageManagerImpl.java
index cc129a9ec5e..95475452164 100644
--- a/usage/src/main/java/com/cloud/usage/UsageManagerImpl.java
+++ b/usage/src/main/java/com/cloud/usage/UsageManagerImpl.java
@@ -319,6 +319,9 @@ public class UsageManagerImpl extends ManagerBase implements UsageManager, Runna
             s_logger.info("Starting Usage Manager");
         }
 
+        _usageJobDao.removeLastOpenJobsOwned(_hostname, 0);
+        Runtime.getRuntime().addShutdownHook(new AbandonJob());
+
         // use the configured exec time and aggregation duration for scheduling the job
         _scheduledFuture =
                 _executor.scheduleAtFixedRate(this, _jobExecTime.getTimeInMillis() - System.currentTimeMillis(), _aggregationDuration * 60 * 1000, TimeUnit.MILLISECONDS);
@@ -331,7 +334,6 @@ public class UsageManagerImpl extends ManagerBase implements UsageManager, Runna
             _sanity = _sanityExecutor.scheduleAtFixedRate(new SanityCheck(), 1, _sanityCheckInterval, TimeUnit.DAYS);
         }
 
-        Runtime.getRuntime().addShutdownHook(new AbandonJob());
         TransactionLegacy usageTxn = TransactionLegacy.open(TransactionLegacy.USAGE_DB);
         try {
             if (_heartbeatLock.lock(3)) { // 3 second timeout
@@ -2255,17 +2257,17 @@ public class UsageManagerImpl extends ManagerBase implements UsageManager, Runna
                         // the aggregation range away from executing the next job
                         long now = System.currentTimeMillis();
                         long timeToJob = _jobExecTime.getTimeInMillis() - now;
-                        long timeSinceJob = 0;
+                        long timeSinceLastSuccessJob = 0;
                         long aggregationDurationMillis = _aggregationDuration * 60L * 1000L;
                         long lastSuccess = _usageJobDao.getLastJobSuccessDateMillis();
                         if (lastSuccess > 0) {
-                            timeSinceJob = now - lastSuccess;
+                            timeSinceLastSuccessJob = now - lastSuccess;
                         }
 
-                        if ((timeSinceJob > 0) && (timeSinceJob > (aggregationDurationMillis - 100))) {
+                        if ((timeSinceLastSuccessJob > 0) && (timeSinceLastSuccessJob > (aggregationDurationMillis - 100))) {
                             if (timeToJob > (aggregationDurationMillis / 2)) {
                                 if (s_logger.isDebugEnabled()) {
-                                    s_logger.debug("it's been " + timeSinceJob + " ms since last usage job and " + timeToJob +
+                                    s_logger.debug("it's been " + timeSinceLastSuccessJob + " ms since last usage job and " + timeToJob +
                                             " ms until next job, scheduling an immediate job to catch up (aggregation duration is " + _aggregationDuration + " minutes)");
                                 }
                                 scheduleParse();
@@ -2352,17 +2354,12 @@ public class UsageManagerImpl extends ManagerBase implements UsageManager, Runna
             }
         }
     }
+
     private class AbandonJob extends Thread {
         @Override
         public void run() {
-            s_logger.info("exitting Usage Manager");
-            deleteOpenjob();
-        }
-        private void deleteOpenjob() {
-            UsageJobVO job = _usageJobDao.isOwner(_hostname, _pid);
-            if (job != null) {
-                _usageJobDao.remove(job.getId());
-            }
+            s_logger.info("exiting Usage Manager");
+            _usageJobDao.removeLastOpenJobsOwned(_hostname, _pid);
         }
     }
 }

From 9688cbb0953494346a519a661c7bb4374688cb7d Mon Sep 17 00:00:00 2001
From: Wei Zhou <weizhou@apache.org>
Date: Tue, 15 Jul 2025 20:09:41 +0800
Subject: [PATCH 18/83] systemvm: build 4.20.2 template with 'depmod -a'
 (#11128)

---
 pom.xml                                              | 2 +-
 tools/appliance/systemvmtemplate/scripts/finalize.sh | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index af0ac94a1f2..17385ab5a8c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -50,7 +50,7 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
         <project.systemvm.template.location>https://download.cloudstack.org/systemvm</project.systemvm.template.location>
-        <project.systemvm.template.version>4.20.1.0</project.systemvm.template.version>
+        <project.systemvm.template.version>4.20.2.0</project.systemvm.template.version>
         <sonar.organization>apache</sonar.organization>
         <sonar.host.url>https://sonarcloud.io</sonar.host.url>
 
diff --git a/tools/appliance/systemvmtemplate/scripts/finalize.sh b/tools/appliance/systemvmtemplate/scripts/finalize.sh
index e5d15ecb61c..507d4a4133a 100644
--- a/tools/appliance/systemvmtemplate/scripts/finalize.sh
+++ b/tools/appliance/systemvmtemplate/scripts/finalize.sh
@@ -68,6 +68,7 @@ function zero_disk() {
 }
 
 function finalize() {
+  depmod -a
   configure_misc
   configure_rundisk_size
   configure_sudoers

From c94f75c7ea7dc01b636aec9dfc8c6632ca1a5419 Mon Sep 17 00:00:00 2001
From: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
Date: Wed, 16 Jul 2025 12:32:09 +0530
Subject: [PATCH 19/83] PowerFlex/ScaleIO - Wait after SDC service
 start/restart/stop, and retry to fetch SDC id/guid (#11099)

* [PowerFlex/ScaleIO] Added wait time after SDC service start/restart/stop, and retries to fetch SDC id/guid

* Added agent property 'powerflex.sdc.service.wait' for the time (in secs) to wait after SDC service start/restart/stop

* code improvements
---
 .../agent/properties/AgentProperties.java     |  2 +-
 .../kvm/storage/ScaleIOStorageAdaptor.java    | 54 ++++++++++++++-----
 .../storage/ScaleIOStorageAdaptorTest.java    |  6 +--
 .../manager/ScaleIOSDCManagerImpl.java        | 14 +++--
 .../provider/ScaleIOHostListener.java         |  6 +--
 .../storage/datastore/util/ScaleIOUtil.java   | 41 ++++++++++++--
 6 files changed, 96 insertions(+), 27 deletions(-)

diff --git a/agent/src/main/java/com/cloud/agent/properties/AgentProperties.java b/agent/src/main/java/com/cloud/agent/properties/AgentProperties.java
index e5593f10460..c781c07c227 100644
--- a/agent/src/main/java/com/cloud/agent/properties/AgentProperties.java
+++ b/agent/src/main/java/com/cloud/agent/properties/AgentProperties.java
@@ -823,7 +823,7 @@ public class AgentProperties{
         private T defaultValue;
         private Class<T> typeClass;
 
-        Property(String name, T value) {
+        public Property(String name, T value) {
             init(name, value);
         }
 
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/ScaleIOStorageAdaptor.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/ScaleIOStorageAdaptor.java
index 335ea0d03d2..195ce6c9984 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/ScaleIOStorageAdaptor.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/ScaleIOStorageAdaptor.java
@@ -37,6 +37,7 @@ import org.apache.cloudstack.utils.qemu.QemuImg;
 import org.apache.cloudstack.utils.qemu.QemuImgException;
 import org.apache.cloudstack.utils.qemu.QemuImgFile;
 import org.apache.cloudstack.utils.qemu.QemuObject;
+import org.apache.commons.collections.MapUtils;
 import org.apache.commons.io.filefilter.WildcardFileFilter;
 import org.apache.logging.log4j.Logger;
 import org.apache.logging.log4j.LogManager;
@@ -581,14 +582,23 @@ public class ScaleIOStorageAdaptor implements StorageAdaptor {
         }
 
         if (!ScaleIOUtil.isSDCServiceActive()) {
+            logger.debug("SDC service is not active on host, starting it");
             if (!ScaleIOUtil.startSDCService()) {
                 return new Ternary<>(false, null, "Couldn't start SDC service on host");
             }
-        } else if (!ScaleIOUtil.restartSDCService()) {
-            return new Ternary<>(false, null, "Couldn't restart SDC service on host");
+        } else {
+            logger.debug("SDC service is active on host, re-starting it");
+            if (!ScaleIOUtil.restartSDCService()) {
+                return new Ternary<>(false, null, "Couldn't restart SDC service on host");
+            }
         }
 
-        return new Ternary<>( true, getSDCDetails(details), "Prepared client successfully");
+        Map<String, String> sdcDetails = getSDCDetails(details);
+        if (MapUtils.isEmpty(sdcDetails)) {
+            return new Ternary<>(false, null, "Couldn't get the SDC details on the host");
+        }
+
+        return new Ternary<>( true, sdcDetails, "Prepared client successfully");
     }
 
     public Pair<Boolean, String> unprepareStorageClient(Storage.StoragePoolType type, String uuid) {
@@ -611,20 +621,40 @@ public class ScaleIOStorageAdaptor implements StorageAdaptor {
 
     private Map<String, String> getSDCDetails(Map<String, String> details) {
         Map<String, String> sdcDetails = new HashMap<String, String>();
-        if (details == null || !details.containsKey(ScaleIOGatewayClient.STORAGE_POOL_SYSTEM_ID))  {
+        if (MapUtils.isEmpty(details)  || !details.containsKey(ScaleIOGatewayClient.STORAGE_POOL_SYSTEM_ID))  {
             return sdcDetails;
         }
 
         String storageSystemId = details.get(ScaleIOGatewayClient.STORAGE_POOL_SYSTEM_ID);
-        String sdcId = ScaleIOUtil.getSdcId(storageSystemId);
-        if (sdcId != null) {
-            sdcDetails.put(ScaleIOGatewayClient.SDC_ID, sdcId);
-        } else {
-            String sdcGuId = ScaleIOUtil.getSdcGuid();
-            if (sdcGuId != null) {
-                sdcDetails.put(ScaleIOGatewayClient.SDC_GUID, sdcGuId);
-            }
+        if (StringUtils.isEmpty(storageSystemId)) {
+            return sdcDetails;
         }
+
+        int numberOfTries = 5;
+        int timeBetweenTries = 1000; // Try more frequently (every sec) and return early when SDC Id or Guid found
+        int attempt = 1;
+        do {
+            logger.debug("Get SDC details, attempt #{}", attempt);
+            String sdcId = ScaleIOUtil.getSdcId(storageSystemId);
+            if (sdcId != null) {
+                sdcDetails.put(ScaleIOGatewayClient.SDC_ID, sdcId);
+                return sdcDetails;
+            } else {
+                String sdcGuId = ScaleIOUtil.getSdcGuid();
+                if (sdcGuId != null) {
+                    sdcDetails.put(ScaleIOGatewayClient.SDC_GUID, sdcGuId);
+                    return sdcDetails;
+                }
+            }
+
+            try {
+                Thread.sleep(timeBetweenTries);
+            } catch (Exception ignore) {
+            }
+            numberOfTries--;
+            attempt++;
+        } while (numberOfTries > 0);
+
         return sdcDetails;
     }
 
diff --git a/plugins/hypervisors/kvm/src/test/java/com/cloud/hypervisor/kvm/storage/ScaleIOStorageAdaptorTest.java b/plugins/hypervisors/kvm/src/test/java/com/cloud/hypervisor/kvm/storage/ScaleIOStorageAdaptorTest.java
index 07aea0cfbee..c2002f56560 100644
--- a/plugins/hypervisors/kvm/src/test/java/com/cloud/hypervisor/kvm/storage/ScaleIOStorageAdaptorTest.java
+++ b/plugins/hypervisors/kvm/src/test/java/com/cloud/hypervisor/kvm/storage/ScaleIOStorageAdaptorTest.java
@@ -116,9 +116,9 @@ public class ScaleIOStorageAdaptorTest {
 
         Ternary<Boolean, Map<String, String>, String> result = scaleIOStorageAdaptor.prepareStorageClient(Storage.StoragePoolType.PowerFlex, poolUuid, new HashMap<>());
 
-        Assert.assertTrue(result.first());
-        Assert.assertNotNull(result.second());
-        Assert.assertTrue(result.second().isEmpty());
+        Assert.assertFalse(result.first());
+        Assert.assertNull(result.second());
+        Assert.assertEquals("Couldn't get the SDC details on the host", result.third());
     }
 
     @Test
diff --git a/plugins/storage/volume/scaleio/src/main/java/org/apache/cloudstack/storage/datastore/manager/ScaleIOSDCManagerImpl.java b/plugins/storage/volume/scaleio/src/main/java/org/apache/cloudstack/storage/datastore/manager/ScaleIOSDCManagerImpl.java
index f1177acc7b4..5f098badaa1 100644
--- a/plugins/storage/volume/scaleio/src/main/java/org/apache/cloudstack/storage/datastore/manager/ScaleIOSDCManagerImpl.java
+++ b/plugins/storage/volume/scaleio/src/main/java/org/apache/cloudstack/storage/datastore/manager/ScaleIOSDCManagerImpl.java
@@ -183,12 +183,13 @@ public class ScaleIOSDCManagerImpl implements ScaleIOSDCManager, Configurable {
                     storagePoolHost.setLocalPath(sdcId);
                     storagePoolHostDao.update(storagePoolHost.getId(), storagePoolHost);
                 }
+
+                int waitTimeInSecs = 15; // Wait for 15 secs (usual tests with SDC service start took 10-15 secs)
+                if (hostSdcConnected(sdcId, dataStore, waitTimeInSecs)) {
+                    return sdcId;
+                }
             }
 
-            int waitTimeInSecs = 15; // Wait for 15 secs (usual tests with SDC service start took 10-15 secs)
-            if (hostSdcConnected(sdcId, dataStore, waitTimeInSecs)) {
-                return sdcId;
-            }
             return null;
         } finally {
             if (storageSystemIdLock != null) {
@@ -246,7 +247,7 @@ public class ScaleIOSDCManagerImpl implements ScaleIOSDCManager, Configurable {
         }
 
         if (StringUtils.isBlank(sdcId)) {
-            logger.warn("Couldn't retrieve PowerFlex storage SDC details from the host: {}, try (re)install SDC and restart agent", host);
+            logger.warn("Couldn't retrieve PowerFlex storage SDC details from the host: {}, add MDMs if not or try (re)install SDC & restart agent", host);
             return null;
         }
 
@@ -381,6 +382,9 @@ public class ScaleIOSDCManagerImpl implements ScaleIOSDCManager, Configurable {
 
     private ScaleIOGatewayClient getScaleIOClient(final Long storagePoolId) throws Exception {
         StoragePoolVO storagePool = storagePoolDao.findById(storagePoolId);
+        if (storagePool == null) {
+            throw new CloudRuntimeException("Unable to find the storage pool with id " + storagePoolId);
+        }
         return ScaleIOGatewayClientConnectionPool.getInstance().getClient(storagePool, storagePoolDetailsDao);
     }
 
diff --git a/plugins/storage/volume/scaleio/src/main/java/org/apache/cloudstack/storage/datastore/provider/ScaleIOHostListener.java b/plugins/storage/volume/scaleio/src/main/java/org/apache/cloudstack/storage/datastore/provider/ScaleIOHostListener.java
index 5fc4868902e..4f4400ffacc 100644
--- a/plugins/storage/volume/scaleio/src/main/java/org/apache/cloudstack/storage/datastore/provider/ScaleIOHostListener.java
+++ b/plugins/storage/volume/scaleio/src/main/java/org/apache/cloudstack/storage/datastore/provider/ScaleIOHostListener.java
@@ -102,12 +102,12 @@ public class ScaleIOHostListener implements HypervisorHostListener {
         if (systemId == null) {
             throw new CloudRuntimeException("Failed to get the system id for PowerFlex storage pool " + storagePool.getName());
         }
-        Map<String,String> details = new HashMap<>();
+        Map<String, String> details = new HashMap<>();
         details.put(ScaleIOGatewayClient.STORAGE_POOL_SYSTEM_ID, systemId);
 
         ModifyStoragePoolCommand cmd = new ModifyStoragePoolCommand(true, storagePool, storagePool.getPath(), details);
         ModifyStoragePoolAnswer answer  = sendModifyStoragePoolCommand(cmd, storagePool, host);
-        Map<String,String> poolDetails = answer.getPoolInfo().getDetails();
+        Map<String, String> poolDetails = answer.getPoolInfo().getDetails();
         if (MapUtils.isEmpty(poolDetails)) {
             String msg = String.format("PowerFlex storage SDC details not found on the host: %s, (re)install SDC and restart agent", host);
             logger.warn(msg);
@@ -124,7 +124,7 @@ public class ScaleIOHostListener implements HypervisorHostListener {
         }
 
         if (StringUtils.isBlank(sdcId)) {
-            String msg = String.format("Couldn't retrieve PowerFlex storage SDC details from the host: %s, (re)install SDC and restart agent", host);
+            String msg = String.format("Couldn't retrieve PowerFlex storage SDC details from the host: %s, add MDMs if not or try (re)install SDC & restart agent", host);
             logger.warn(msg);
             _alertMgr.sendAlert(AlertManager.AlertType.ALERT_TYPE_HOST, host.getDataCenterId(), host.getPodId(), "SDC details not found on host: " + host.getUuid(), msg);
             return null;
diff --git a/plugins/storage/volume/scaleio/src/main/java/org/apache/cloudstack/storage/datastore/util/ScaleIOUtil.java b/plugins/storage/volume/scaleio/src/main/java/org/apache/cloudstack/storage/datastore/util/ScaleIOUtil.java
index 4bb8df9b60d..d91321a907f 100644
--- a/plugins/storage/volume/scaleio/src/main/java/org/apache/cloudstack/storage/datastore/util/ScaleIOUtil.java
+++ b/plugins/storage/volume/scaleio/src/main/java/org/apache/cloudstack/storage/datastore/util/ScaleIOUtil.java
@@ -17,6 +17,8 @@
 
 package org.apache.cloudstack.storage.datastore.util;
 
+import com.cloud.agent.properties.AgentProperties;
+import com.cloud.agent.properties.AgentPropertiesFileHandler;
 import org.apache.logging.log4j.Logger;
 import org.apache.logging.log4j.LogManager;
 
@@ -60,6 +62,14 @@ public class ScaleIOUtil {
     private static final String SDC_SERVICE_ENABLE_CMD = "systemctl enable scini";
 
     public static final String CONNECTED_SDC_COUNT_STAT = "ConnectedSDCCount";
+
+    /**
+     * Time (in seconds) to wait after SDC service 'scini' start/restart/stop.<br>
+     * Data type: Integer.<br>
+     * Default value: <code>3</code>
+     */
+    public static final AgentProperties.Property<Integer> SDC_SERVICE_ACTION_WAIT = new AgentProperties.Property<>("powerflex.sdc.service.wait", 3);
+
     /**
      * Cmd for querying volumes in SDC
      * Sample output for cmd: drv_cfg --query_vols:
@@ -216,16 +226,41 @@ public class ScaleIOUtil {
 
     public static boolean startSDCService() {
         int exitValue = Script.runSimpleBashScriptForExitValue(SDC_SERVICE_START_CMD);
-        return exitValue == 0;
+        if (exitValue != 0) {
+            return false;
+        }
+        waitForSdcServiceActionToComplete();
+        return true;
     }
 
     public static boolean stopSDCService() {
         int exitValue = Script.runSimpleBashScriptForExitValue(SDC_SERVICE_STOP_CMD);
-        return exitValue == 0;
+        if (exitValue != 0) {
+            return false;
+        }
+        waitForSdcServiceActionToComplete();
+        return true;
     }
 
     public static boolean restartSDCService() {
         int exitValue = Script.runSimpleBashScriptForExitValue(SDC_SERVICE_RESTART_CMD);
-        return exitValue == 0;
+        if (exitValue != 0) {
+            return false;
+        }
+        waitForSdcServiceActionToComplete();
+        return true;
+    }
+
+    private static void waitForSdcServiceActionToComplete() {
+        // Wait for the SDC service to settle after start/restart/stop and reaches a stable state
+        int waitTimeInSecs = AgentPropertiesFileHandler.getPropertyValue(SDC_SERVICE_ACTION_WAIT);
+        if (waitTimeInSecs < 0) {
+            waitTimeInSecs = SDC_SERVICE_ACTION_WAIT.getDefaultValue();
+        }
+        try {
+            LOGGER.debug(String.format("Waiting for %d secs after SDC service action, to reach a stable state", waitTimeInSecs));
+            Thread.sleep(waitTimeInSecs * 1000L);
+        } catch (InterruptedException ignore) {
+        }
     }
 }

From bf464585785b6c0848fb4b07953e12d1039af4ff Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bernardo=20De=20Marco=20Gon=C3=A7alves?=
 <bernardomg2004@gmail.com>
Date: Thu, 17 Jul 2025 04:01:49 -0300
Subject: [PATCH 20/83] List templates and ISOs by domain (#11179)

---
 .../com/cloud/api/query/QueryManagerImpl.java | 28 +++++++++++++------
 ui/src/components/view/InfoCard.vue           |  3 ++
 ui/src/config/section/domain.js               |  5 ++++
 3 files changed, 27 insertions(+), 9 deletions(-)

diff --git a/server/src/main/java/com/cloud/api/query/QueryManagerImpl.java b/server/src/main/java/com/cloud/api/query/QueryManagerImpl.java
index d0f6fc0b16d..1d8e8687051 100644
--- a/server/src/main/java/com/cloud/api/query/QueryManagerImpl.java
+++ b/server/src/main/java/com/cloud/api/query/QueryManagerImpl.java
@@ -29,6 +29,7 @@ import java.util.HashSet;
 import java.util.List;
 import java.util.ListIterator;
 import java.util.Map;
+import java.util.Objects;
 import java.util.Set;
 import java.util.UUID;
 import java.util.stream.Collectors;
@@ -4443,6 +4444,8 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         boolean showRemovedTmpl = cmd.getShowRemoved();
         Account caller = CallContext.current().getCallingAccount();
         Long parentTemplateId = cmd.getParentTemplateId();
+        Long domainId = cmd.getDomainId();
+        boolean isRecursive = cmd.isRecursive();
 
         boolean listAll = false;
         if (templateFilter != null && templateFilter == TemplateFilter.all) {
@@ -4453,7 +4456,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         }
 
         List<Long> permittedAccountIds = new ArrayList<Long>();
-        Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<>(cmd.getDomainId(), cmd.isRecursive(), null);
+        Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<>(domainId, isRecursive, null);
         accountMgr.buildACLSearchParameters(
                 caller, id, cmd.getAccountName(), cmd.getProjectId(), permittedAccountIds,
                 domainIdRecursiveListProject, listAll, false
@@ -4481,7 +4484,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
                 null, cmd.getPageSizeVal(), cmd.getStartIndex(), cmd.getZoneId(), cmd.getStoragePoolId(),
                 cmd.getImageStoreId(), hypervisorType, showDomr, cmd.listInReadyState(), permittedAccounts, caller,
                 listProjectResourcesCriteria, tags, showRemovedTmpl, cmd.getIds(), parentTemplateId, cmd.getShowUnique(),
-                templateType, isVnf);
+                templateType, isVnf, domainId, isRecursive);
     }
 
     private Pair<List<TemplateJoinVO>, Integer> searchForTemplatesInternal(Long templateId, String name, String keyword,
@@ -4490,7 +4493,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
             boolean showDomr, boolean onlyReady, List<Account> permittedAccounts, Account caller,
             ListProjectResourcesCriteria listProjectResourcesCriteria, Map<String, String> tags,
             boolean showRemovedTmpl, List<Long> ids, Long parentTemplateId, Boolean showUnique, String templateType,
-            Boolean isVnf) {
+            Boolean isVnf, Long domainId, boolean isRecursive) {
 
         // check if zone is configured, if not, just return empty list
         List<HypervisorType> hypers = null;
@@ -4572,7 +4575,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
             if (!permittedAccounts.isEmpty()) {
                 domain = _domainDao.findById(permittedAccounts.get(0).getDomainId());
             } else {
-                domain = _domainDao.findById(caller.getDomainId());
+                domain = _domainDao.findById(Objects.requireNonNullElse(domainId, caller.getDomainId()));
             }
 
             setIdsListToSearchCriteria(sc, ids);
@@ -4584,10 +4587,14 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
                 sc.addAnd("accountType", SearchCriteria.Op.EQ, Account.Type.PROJECT);
             }
 
-            // add criteria for domain path in case of domain admin
+            // add criteria for domain path in case of admins
             if ((templateFilter == TemplateFilter.self || templateFilter == TemplateFilter.selfexecutable)
-                    && (caller.getType() == Account.Type.DOMAIN_ADMIN || caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN)) {
-                sc.addAnd("domainPath", SearchCriteria.Op.LIKE, domain.getPath() + "%");
+                    && (accountMgr.isAdmin(caller.getAccountId()))) {
+                if (isRecursive) {
+                    sc.addAnd("domainPath", SearchCriteria.Op.LIKE, domain.getPath() + "%");
+                } else {
+                    sc.addAnd("domainPath", SearchCriteria.Op.EQ, domain.getPath());
+                }
             }
 
             List<Long> relatedDomainIds = new ArrayList<Long>();
@@ -4893,6 +4900,8 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         Map<String, String> tags = cmd.getTags();
         boolean showRemovedISO = cmd.getShowRemoved();
         Account caller = CallContext.current().getCallingAccount();
+        Long domainId = cmd.getDomainId();
+        boolean isRecursive = cmd.isRecursive();
 
         boolean listAll = false;
         if (isoFilter != null && isoFilter == TemplateFilter.all) {
@@ -4904,7 +4913,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
 
 
         List<Long> permittedAccountIds = new ArrayList<>();
-        Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<>(cmd.getDomainId(), cmd.isRecursive(), null);
+        Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<>(domainId, isRecursive, null);
         accountMgr.buildACLSearchParameters(caller, id, cmd.getAccountName(), cmd.getProjectId(), permittedAccountIds, domainIdRecursiveListProject, listAll, false);
         ListProjectResourcesCriteria listProjectResourcesCriteria = domainIdRecursiveListProject.third();
         List<Account> permittedAccounts = new ArrayList<>();
@@ -4917,7 +4926,8 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         return searchForTemplatesInternal(cmd.getId(), cmd.getIsoName(), cmd.getKeyword(), isoFilter, true, cmd.isBootable(),
                 cmd.getPageSizeVal(), cmd.getStartIndex(), cmd.getZoneId(), cmd.getStoragePoolId(), cmd.getImageStoreId(),
                 hypervisorType, true, cmd.listInReadyState(), permittedAccounts, caller, listProjectResourcesCriteria,
-                tags, showRemovedISO, null, null, cmd.getShowUnique(), null, null);
+                tags, showRemovedISO, null, null, cmd.getShowUnique(), null, null,
+                domainId, isRecursive);
     }
 
     @Override
diff --git a/ui/src/components/view/InfoCard.vue b/ui/src/components/view/InfoCard.vue
index 00cb4748a88..e59735c51ea 100644
--- a/ui/src/components/view/InfoCard.vue
+++ b/ui/src/components/view/InfoCard.vue
@@ -1162,6 +1162,9 @@ export default {
         if (item.name === 'template') {
           query.templatefilter = 'self'
           query.filter = 'self'
+        } else if (item.name === 'iso') {
+          query.isofilter = 'self'
+          query.filter = 'self'
         }
 
         if (item.param === 'account') {
diff --git a/ui/src/config/section/domain.js b/ui/src/config/section/domain.js
index e6807f06278..fbe20ef8891 100644
--- a/ui/src/config/section/domain.js
+++ b/ui/src/config/section/domain.js
@@ -48,6 +48,11 @@ export default {
     name: 'template',
     title: 'label.templates',
     param: 'domainid'
+  },
+  {
+    name: 'iso',
+    title: 'label.isos',
+    param: 'domainid'
   }],
   tabs: [
     {

From 30deec89e6b90c9f36ef40dfa2d2582265016417 Mon Sep 17 00:00:00 2001
From: Wei Zhou <weizhou@apache.org>
Date: Thu, 17 Jul 2025 15:56:48 +0800
Subject: [PATCH 21/83] kvm: consider Debian same as Ubuntu (#10917)

Co-authored-by: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
---
 .../kvm/resource/LibvirtComputingResource.java        | 11 ++++++-----
 .../LibvirtCheckConvertInstanceCommandWrapper.java    |  2 +-
 .../wrapper/LibvirtConvertInstanceCommandWrapper.java |  2 +-
 .../resource/wrapper/LibvirtReadyCommandWrapper.java  |  6 +++---
 4 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
index 7fb3839860f..5694c23a216 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
@@ -3368,7 +3368,7 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv
         if (!meetRequirements) {
             return false;
         }
-        return isUbuntuHost() || isIoUringSupportedByQemu();
+        return isUbuntuOrDebianHost() || isIoUringSupportedByQemu();
     }
 
     /**
@@ -3381,13 +3381,14 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv
         return diskBus != DiskDef.DiskBus.IDE || getHypervisorQemuVersion() >= HYPERVISOR_QEMU_VERSION_IDE_DISCARD_FIXED;
     }
 
-    public boolean isUbuntuHost() {
+    public boolean isUbuntuOrDebianHost() {
         Map<String, String> versionString = getVersionStrings();
         String hostKey = "Host.OS";
         if (MapUtils.isEmpty(versionString) || !versionString.containsKey(hostKey) || versionString.get(hostKey) == null) {
             return false;
         }
-        return versionString.get(hostKey).equalsIgnoreCase("ubuntu");
+        return versionString.get(hostKey).equalsIgnoreCase("ubuntu")
+                || versionString.get(hostKey).toLowerCase().startsWith("debian");
     }
 
     private KVMPhysicalDisk getPhysicalDiskFromNfsStore(String dataStoreUrl, DataTO data) {
@@ -5357,14 +5358,14 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv
 
     public boolean hostSupportsInstanceConversion() {
         int exitValue = Script.runSimpleBashScriptForExitValue(INSTANCE_CONVERSION_SUPPORTED_CHECK_CMD);
-        if (isUbuntuHost() && exitValue == 0) {
+        if (isUbuntuOrDebianHost() && exitValue == 0) {
             exitValue = Script.runSimpleBashScriptForExitValue(UBUNTU_NBDKIT_PKG_CHECK_CMD);
         }
         return exitValue == 0;
     }
 
     public boolean hostSupportsWindowsGuestConversion() {
-        if (isUbuntuHost()) {
+        if (isUbuntuOrDebianHost()) {
             int exitValue = Script.runSimpleBashScriptForExitValue(UBUNTU_WINDOWS_GUEST_CONVERSION_SUPPORTED_CHECK_CMD);
             return exitValue == 0;
         }
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtCheckConvertInstanceCommandWrapper.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtCheckConvertInstanceCommandWrapper.java
index d3ebb28b106..b94b4830003 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtCheckConvertInstanceCommandWrapper.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtCheckConvertInstanceCommandWrapper.java
@@ -32,7 +32,7 @@ public class LibvirtCheckConvertInstanceCommandWrapper extends CommandWrapper<Ch
     public Answer execute(CheckConvertInstanceCommand cmd, LibvirtComputingResource serverResource) {
         if (!serverResource.hostSupportsInstanceConversion()) {
             String msg = String.format("Cannot convert the instance from VMware as the virt-v2v binary is not found on host %s. " +
-                    "Please install virt-v2v%s on the host before attempting the instance conversion.", serverResource.getPrivateIp(), serverResource.isUbuntuHost()? ", nbdkit" : "");
+                    "Please install virt-v2v%s on the host before attempting the instance conversion.", serverResource.getPrivateIp(), serverResource.isUbuntuOrDebianHost()? ", nbdkit" : "");
             logger.info(msg);
             return new CheckConvertInstanceAnswer(cmd, false, msg);
         }
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtConvertInstanceCommandWrapper.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtConvertInstanceCommandWrapper.java
index e79a8da9dda..abc408f20f6 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtConvertInstanceCommandWrapper.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtConvertInstanceCommandWrapper.java
@@ -60,7 +60,7 @@ public class LibvirtConvertInstanceCommandWrapper extends CommandWrapper<Convert
 
         if (cmd.getCheckConversionSupport() && !serverResource.hostSupportsInstanceConversion()) {
             String msg = String.format("Cannot convert the instance %s from VMware as the virt-v2v binary is not found. " +
-                    "Please install virt-v2v%s on the host before attempting the instance conversion.", sourceInstanceName, serverResource.isUbuntuHost()? ", nbdkit" : "");
+                    "Please install virt-v2v%s on the host before attempting the instance conversion.", sourceInstanceName, serverResource.isUbuntuOrDebianHost()? ", nbdkit" : "");
             logger.info(msg);
             return new Answer(cmd, false, msg);
         }
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtReadyCommandWrapper.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtReadyCommandWrapper.java
index 485254c6bb9..e74923b281f 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtReadyCommandWrapper.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtReadyCommandWrapper.java
@@ -43,7 +43,7 @@ public final class LibvirtReadyCommandWrapper extends CommandWrapper<ReadyComman
     public Answer execute(final ReadyCommand command, final LibvirtComputingResource libvirtComputingResource) {
         Map<String, String> hostDetails = new HashMap<String, String>();
 
-        if (hostSupportsUefi(libvirtComputingResource.isUbuntuHost()) && libvirtComputingResource.isUefiPropertiesFileLoaded()) {
+        if (hostSupportsUefi(libvirtComputingResource.isUbuntuOrDebianHost()) && libvirtComputingResource.isUefiPropertiesFileLoaded()) {
             hostDetails.put(Host.HOST_UEFI_ENABLE, Boolean.TRUE.toString());
         }
 
@@ -58,10 +58,10 @@ public final class LibvirtReadyCommandWrapper extends CommandWrapper<ReadyComman
         return new ReadyAnswer(command, hostDetails);
     }
 
-    private boolean hostSupportsUefi(boolean isUbuntuHost) {
+    private boolean hostSupportsUefi(boolean isUbuntuOrDebianHost) {
         int timeout = AgentPropertiesFileHandler.getPropertyValue(AgentProperties.AGENT_SCRIPT_TIMEOUT) * 1000; // Get property value & convert to milliseconds
         int result;
-        if (isUbuntuHost) {
+        if (isUbuntuOrDebianHost) {
             logger.debug("Running command : [dpkg -l ovmf] with timeout : " + timeout + " ms");
             result = Script.executeCommandForExitValue(timeout, Script.getExecutableAbsolutePath("dpkg"), "-l", "ovmf");
         } else {

From 714b04e3a5fec5bf0aaa6ec4d956a052cea71ab7 Mon Sep 17 00:00:00 2001
From: dahn <daan@onecht.net>
Date: Thu, 17 Jul 2025 14:25:00 +0200
Subject: [PATCH 22/83] npe guard for get host info on vmware (#11054)

Co-authored-by: Daan Hoogland <dahn@apache.org>
---
 .../main/java/com/cloud/hypervisor/vmware/mo/HostMO.java   | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/vmware-base/src/main/java/com/cloud/hypervisor/vmware/mo/HostMO.java b/vmware-base/src/main/java/com/cloud/hypervisor/vmware/mo/HostMO.java
index 3b96e7e1999..93a471d56bb 100644
--- a/vmware-base/src/main/java/com/cloud/hypervisor/vmware/mo/HostMO.java
+++ b/vmware-base/src/main/java/com/cloud/hypervisor/vmware/mo/HostMO.java
@@ -75,7 +75,7 @@ import com.cloud.utils.Pair;
 
 public class HostMO extends BaseMO implements VmwareHypervisorHost {
     private static final Logger s_logger = Logger.getLogger(HostMO.class);
-    Map<String, VirtualMachineMO> _vmCache = new HashMap<String, VirtualMachineMO>();
+    Map<String, VirtualMachineMO> _vmCache = new HashMap<>();
 
     //Map<String, String> _vmInternalNameMapCache = new HashMap<String, String>();
 
@@ -320,6 +320,11 @@ public class HostMO extends BaseMO implements VmwareHypervisorHost {
 
     public VmwareHostType getHostType() throws Exception {
         AboutInfo aboutInfo = getHostAboutInfo();
+        if (aboutInfo == null) {
+            String msg = "no type info about host known, assuming ESXi";
+            s_logger.warn(msg);
+            return VmwareHostType.ESXi;
+        }
         if ("VMware ESXi".equals(aboutInfo.getName()))
             return VmwareHostType.ESXi;
         else if ("VMware ESX".equals(aboutInfo.getName()))

From 23de6c7db4db4f63c95b9f7a95aae1576cc0b583 Mon Sep 17 00:00:00 2001
From: Pearl Dsilva <pearl1594@gmail.com>
Date: Fri, 18 Jul 2025 16:35:38 -0400
Subject: [PATCH 23/83] Fix update resource count failure for domains (#11138)

---
 .../ResourceLimitManagerImpl.java             | 110 +++++++++---------
 1 file changed, 52 insertions(+), 58 deletions(-)

diff --git a/server/src/main/java/com/cloud/resourcelimit/ResourceLimitManagerImpl.java b/server/src/main/java/com/cloud/resourcelimit/ResourceLimitManagerImpl.java
index 4a2702eb76d..85cca63546c 100644
--- a/server/src/main/java/com/cloud/resourcelimit/ResourceLimitManagerImpl.java
+++ b/server/src/main/java/com/cloud/resourcelimit/ResourceLimitManagerImpl.java
@@ -139,6 +139,7 @@ import com.cloud.vm.dao.VMInstanceDao;
 @Component
 public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLimitService, Configurable {
 
+    public static final String CHECKING_IF = "Checking if {}";
     @Inject
     private AccountManager _accountMgr;
     @Inject
@@ -164,8 +165,6 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
     @Inject
     private ResourceLimitDao _resourceLimitDao;
     @Inject
-    private ResourceLimitService resourceLimitService;
-    @Inject
     private ReservationDao reservationDao;
     @Inject
     protected SnapshotDao _snapshotDao;
@@ -330,7 +329,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
             return;
         }
 
-        final long numToIncrement = (delta.length == 0) ? 1 : delta[0].longValue();
+        final long numToIncrement = (delta.length == 0) ? 1 : delta[0];
         removeResourceReservationIfNeededAndIncrementResourceCount(accountId, type, tag, numToIncrement);
     }
 
@@ -346,7 +345,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
             logger.trace("Not decrementing resource count for system accounts, returning");
             return;
         }
-        long numToDecrement = (delta.length == 0) ? 1 : delta[0].longValue();
+        long numToDecrement = (delta.length == 0) ? 1 : delta[0];
 
         if (!updateResourceCountForAccount(accountId, type, tag, false, numToDecrement)) {
             _alertMgr.sendAlert(AlertManager.AlertType.ALERT_TYPE_UPDATE_RESOURCE_COUNT, 0L, 0L, "Failed to decrement resource count of type " + type + " for account id=" + accountId,
@@ -373,11 +372,11 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
 
         // Check if limit is configured for account
         if (limit != null) {
-            max = limit.getMax().longValue();
+            max = limit.getMax();
         } else {
             String resourceTypeName = type.name();
             // If the account has an no limit set, then return global default account limits
-            Long value = null;
+            Long value;
             if (account.getType() == Account.Type.PROJECT) {
                 value = projectResourceLimitMap.get(resourceTypeName);
             } else {
@@ -418,10 +417,10 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
 
         // Check if limit is configured for account
         if (limit != null) {
-            max = limit.longValue();
+            max = limit;
         } else {
             // If the account has an no limit set, then return global default account limits
-            Long value = null;
+            Long value;
             if (account.getType() == Account.Type.PROJECT) {
                 value = projectResourceLimitMap.get(type.getName());
             } else {
@@ -453,7 +452,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
         ResourceLimitVO limit = _resourceLimitDao.findByOwnerIdAndTypeAndTag(domain.getId(), ResourceOwnerType.Domain, type, tag);
 
         if (limit != null) {
-            max = limit.getMax().longValue();
+            max = limit.getMax();
         } else {
             // check domain hierarchy
             Long domainId = domain.getParent();
@@ -467,12 +466,12 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
             }
 
             if (limit != null) {
-                max = limit.getMax().longValue();
+                max = limit.getMax();
             } else {
                 if (StringUtils.isNotEmpty(tag)) {
                     return findCorrectResourceLimitForDomain(domain, type, null);
                 }
-                Long value = null;
+                Long value;
                 value = domainResourceLimitMap.get(type.name());
                 if (value != null) {
                     if (value < 0) { // return unlimit if value is set to negative
@@ -491,7 +490,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
 
     protected void checkDomainResourceLimit(final Account account, final Project project, final ResourceType type, String tag, long numResources) throws ResourceAllocationException {
         // check all domains in the account's domain hierarchy
-        Long domainId = null;
+        Long domainId;
         if (project != null) {
             domainId = project.getDomainId();
         } else {
@@ -530,9 +529,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
                         convCurrentDomainResourceCount, convCurrentResourceReservation, convNumResources
                 );
 
-                if (logger.isDebugEnabled()) {
-                    logger.debug("Checking if" + messageSuffix);
-                }
+                logger.debug(CHECKING_IF, messageSuffix);
 
                 if (domainResourceLimit != Resource.RESOURCE_UNLIMITED && requestedDomainResourceCount > domainResourceLimit) {
                     String message = "Maximum" + messageSuffix;
@@ -571,9 +568,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
                 convertedAccountResourceLimit, convertedCurrentResourceCount, convertedCurrentResourceReservation, convertedNumResources
         );
 
-        if (logger.isDebugEnabled()) {
-            logger.debug("Checking if" + messageSuffix);
-        }
+        logger.debug(CHECKING_IF, messageSuffix);
 
         if (accountResourceLimit != Resource.RESOURCE_UNLIMITED && requestedResourceCount > accountResourceLimit) {
             String message = "Maximum" + messageSuffix;
@@ -592,14 +587,14 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
 
     @Override
     public long findDefaultResourceLimitForDomain(ResourceType resourceType) {
-        Long resourceLimit = null;
+        Long resourceLimit;
         resourceLimit = domainResourceLimitMap.get(resourceType.getName());
         if (resourceLimit != null && (resourceType == ResourceType.primary_storage || resourceType == ResourceType.secondary_storage)) {
             if (! Long.valueOf(Resource.RESOURCE_UNLIMITED).equals(resourceLimit)) {
                 resourceLimit = resourceLimit * ResourceType.bytesToGiB;
             }
         } else {
-            resourceLimit = Long.valueOf(Resource.RESOURCE_UNLIMITED);
+            resourceLimit = (long) Resource.RESOURCE_UNLIMITED;
         }
         return resourceLimit;
     }
@@ -677,8 +672,8 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
     @Override
     public List<ResourceLimitVO> searchForLimits(Long id, Long accountId, Long domainId, ResourceType resourceType, String tag, Long startIndex, Long pageSizeVal) {
         Account caller = CallContext.current().getCallingAccount();
-        List<ResourceLimitVO> limits = new ArrayList<ResourceLimitVO>();
-        boolean isAccount = true;
+        List<ResourceLimitVO> limits = new ArrayList<>();
+        boolean isAccount;
 
         if (!_accountMgr.isAdmin(caller.getId())) {
             accountId = caller.getId();
@@ -770,7 +765,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
             if (foundLimits.isEmpty()) {
                 ResourceOwnerType ownerType = ResourceOwnerType.Domain;
                 Long ownerId = domainId;
-                long max = 0;
+                long max;
                 if (isAccount) {
                     ownerType = ResourceOwnerType.Account;
                     ownerId = accountId;
@@ -788,8 +783,8 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
             // see if any limits are missing from the table, and if yes - get it from the config table and add
             ResourceType[] resourceTypes = ResourceCount.ResourceType.values();
             if (foundLimits.size() != resourceTypes.length) {
-                List<String> accountLimitStr = new ArrayList<String>();
-                List<String> domainLimitStr = new ArrayList<String>();
+                List<String> accountLimitStr = new ArrayList<>();
+                List<String> domainLimitStr = new ArrayList<>();
                 for (ResourceLimitVO foundLimit : foundLimits) {
                     if (foundLimit.getAccountId() != null) {
                         accountLimitStr.add(foundLimit.getType().toString());
@@ -883,8 +878,8 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
         Account caller = CallContext.current().getCallingAccount();
 
         if (max == null) {
-            max = new Long(Resource.RESOURCE_UNLIMITED);
-        } else if (max.longValue() < Resource.RESOURCE_UNLIMITED) {
+            max = (long)Resource.RESOURCE_UNLIMITED;
+        } else if (max < Resource.RESOURCE_UNLIMITED) {
             throw new InvalidParameterValueException("Please specify either '-1' for an infinite limit, or a limit that is at least '0'.");
         }
 
@@ -892,7 +887,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
         ResourceType resourceType = null;
         if (typeId != null) {
             for (ResourceType type : Resource.ResourceType.values()) {
-                if (type.getOrdinal() == typeId.intValue()) {
+                if (type.getOrdinal() == typeId) {
                     resourceType = type;
                 }
             }
@@ -929,7 +924,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
                 throw new InvalidParameterValueException("Only " + Resource.RESOURCE_UNLIMITED + " limit is supported for Root Admin accounts");
             }
 
-            if ((caller.getAccountId() == accountId.longValue()) && (_accountMgr.isDomainAdmin(caller.getId()) || caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN)) {
+            if ((caller.getAccountId() == accountId) && (_accountMgr.isDomainAdmin(caller.getId()) || caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN)) {
                 // If the admin is trying to update their own account, disallow.
                 throw new PermissionDeniedException(String.format("Unable to update resource limit for their own account %s, permission denied", account));
             }
@@ -955,12 +950,12 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
 
             _accountMgr.checkAccess(caller, domain);
 
-            if (Domain.ROOT_DOMAIN == domainId.longValue()) {
+            if (Domain.ROOT_DOMAIN == domainId) {
                 // no one can add limits on ROOT domain, disallow...
                 throw new PermissionDeniedException("Cannot update resource limit for ROOT domain " + domainId + ", permission denied");
             }
 
-            if ((caller.getDomainId() == domainId.longValue()) && caller.getType() == Account.Type.DOMAIN_ADMIN || caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) {
+            if ((caller.getDomainId() == domainId) && caller.getType() == Account.Type.DOMAIN_ADMIN || caller.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) {
                 // if the admin is trying to update their own domain, disallow...
                 throw new PermissionDeniedException("Unable to update resource limit for domain " + domainId + ", permission denied");
             }
@@ -975,7 +970,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
             if (parentDomainId != null) {
                 DomainVO parentDomain = _domainDao.findById(parentDomainId);
                 long parentMaximum = findCorrectResourceLimitForDomain(parentDomain, resourceType, tag);
-                if ((parentMaximum >= 0) && (max.longValue() > parentMaximum)) {
+                if ((parentMaximum >= 0) && (max > parentMaximum)) {
                     throw new InvalidParameterValueException(String.format("Domain %s has maximum allowed resource limit %d for %s, please specify a value less than or equal to %d", parentDomain, parentMaximum, resourceType, parentMaximum));
                 }
             }
@@ -1064,15 +1059,15 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
     @Override
     public List<? extends ResourceCount> recalculateResourceCount(Long accountId, Long domainId, Integer typeId, String tag) throws CloudRuntimeException {
         Account callerAccount = CallContext.current().getCallingAccount();
-        long count = 0;
-        List<ResourceCountVO> counts = new ArrayList<ResourceCountVO>();
-        List<ResourceType> resourceTypes = new ArrayList<ResourceType>();
+        long count;
+        List<ResourceCountVO> counts = new ArrayList<>();
+        List<ResourceType> resourceTypes = new ArrayList<>();
 
         ResourceType resourceType = null;
 
         if (typeId != null) {
             for (ResourceType type : Resource.ResourceType.values()) {
-                if (type.getOrdinal() == typeId.intValue()) {
+                if (type.getOrdinal() == typeId) {
                     resourceType = type;
                 }
             }
@@ -1091,12 +1086,13 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
             throw new InvalidParameterValueException("Please specify a valid domain ID.");
         }
         _accountMgr.checkAccess(callerAccount, domain);
-        Account account = _entityMgr.findById(Account.class, accountId);
-        if (account == null) {
-            throw new InvalidParameterValueException("Unable to find account " + accountId);
+        if (accountId != null) {
+            Account account = _entityMgr.findById(Account.class, accountId);
+            if (account == null) {
+                throw new InvalidParameterValueException("Unable to find account " + accountId);
+            }
+            _accountMgr.verifyCallerPrivilegeForUserOrAccountOperations(account);
         }
-        _accountMgr.verifyCallerPrivilegeForUserOrAccountOperations(account);
-
         if (resourceType != null) {
             resourceTypes.add(resourceType);
         } else {
@@ -1145,7 +1141,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
                 convertedDelta = toHumanReadableSize(delta);
             }
             String typeStr = StringUtils.isNotEmpty(tag) ? String.format("%s (tag: %s)", type, tag) : type.getName();
-            logger.debug("Updating resource Type = " + typeStr + " count for Account = " + accountId + " Operation = " + (increment ? "increasing" : "decreasing") + " Amount = " + convertedDelta);
+            logger.debug("Updating resource Type = {} count for Account with id = {} Operation = {} Amount = {}", typeStr, accountId, (increment ? "increasing" : "decreasing"), convertedDelta);
         }
         Set<Long> rowIdsToUpdate = _resourceCountDao.listAllRowsToUpdate(accountId, ResourceOwnerType.Account, type, tag);
         return _resourceCountDao.updateCountByDeltaForIds(new ArrayList<>(rowIdsToUpdate), increment, delta);
@@ -1200,6 +1196,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
                 newResourceCount += _projectDao.countProjectsForDomain(domainId);
             }
 
+            // TODO make sure that the resource counts are not null
             for (ResourceCountVO resourceCount : resourceCounts) {
                 if (resourceCount.getResourceOwnerType() == ResourceOwnerType.Domain && resourceCount.getDomainId() == domainId) {
                     oldResourceCount = resourceCount.getCount();
@@ -1209,11 +1206,12 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
                 }
             }
 
+            // TODO domainRC may be null if there are no resource counts for the domain found in the loop above
             if (oldResourceCount != newResourceCount) {
                 domainRC.setCount(newResourceCount);
                 _resourceCountDao.update(domainRC.getId(), domainRC);
-                logger.warn("Discrepency in the resource count has been detected " + "(original count = " + oldResourceCount + " correct count = " + newResourceCount + ") for Type = " + type
-                        + " for Domain ID = " + domainId + " is fixed during resource count recalculation.");
+                logger.warn("Discrepency in the resource count has been detected (original count = {} correct count = {}) for Type = {} for Domain ID = {} is fixed during resource count recalculation.",
+                        oldResourceCount, newResourceCount, type, domainId);
             }
             return newResourceCount;
         });
@@ -1280,8 +1278,8 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
         // resource count which will not lead to any discrepancy.
         if (newCount != null && !newCount.equals(oldCount) &&
                 type != Resource.ResourceType.primary_storage && type != Resource.ResourceType.secondary_storage) {
-            logger.warn("Discrepancy in the resource count " + "(original count=" + oldCount + " correct count = " + newCount + ") for type " + type +
-                    " for account ID " + accountId + " is fixed during resource count recalculation.");
+            logger.warn("Discrepancy in the resource count (original count={} correct count = {}) for type {} for account ID {} is fixed during resource count recalculation.",
+                    oldCount, newCount, type, accountId);
         }
 
         return (newCount == null) ? 0 : newCount;
@@ -1425,20 +1423,16 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
     }
 
     private long calculatePublicIpForAccount(long accountId) {
-        Long dedicatedCount = 0L;
-        Long allocatedCount = 0L;
+        long dedicatedCount = 0L;
+        long allocatedCount;
 
         List<VlanVO> dedicatedVlans = _vlanDao.listDedicatedVlans(accountId);
         for (VlanVO dedicatedVlan : dedicatedVlans) {
             List<IPAddressVO> ips = _ipAddressDao.listByVlanId(dedicatedVlan.getId());
-            dedicatedCount += new Long(ips.size());
+            dedicatedCount += ips.size();
         }
         allocatedCount = _ipAddressDao.countAllocatedIPsForAccount(accountId);
-        if (dedicatedCount > allocatedCount) {
-            return dedicatedCount;
-        } else {
-            return allocatedCount;
-        }
+        return Math.max(dedicatedCount, allocatedCount);
     }
 
     protected long calculatePrimaryStorageForAccount(long accountId, String tag) {
@@ -1526,10 +1520,10 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
 
     protected TaggedResourceLimitAndCountResponse getTaggedResourceLimitAndCountResponse(Account account,
          Domain domain, ResourceOwnerType ownerType, ResourceType type, String tag) {
-        Long limit = ResourceOwnerType.Account.equals(ownerType) ?
+        long limit = ResourceOwnerType.Account.equals(ownerType) ?
                 findCorrectResourceLimitForAccount(account, type, tag) :
                 findCorrectResourceLimitForDomain(domain, type, tag);
-        Long count = 0L;
+        long count = 0L;
         ResourceCountVO countVO = _resourceCountDao.findByOwnerAndTypeAndTag(
                 ResourceOwnerType.Account.equals(ownerType) ? account.getId() : domain.getId(), ownerType, type, tag);
         if (countVO != null) {
@@ -1778,7 +1772,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
         if (currentOfferingTags.isEmpty() && newOfferingTags.isEmpty()) {
             return null;
         }
-        Set<String> sameTags = currentOfferingTags.stream().filter(newOfferingTags::contains).collect(Collectors.toSet());;
+        Set<String> sameTags = currentOfferingTags.stream().filter(newOfferingTags::contains).collect(Collectors.toSet());
         Set<String> newTags = newOfferingTags.stream().filter(tag -> !currentOfferingTags.contains(tag)).collect(Collectors.toSet());
         Set<String> removedTags = currentOfferingTags.stream().filter(tag -> !newOfferingTags.contains(tag)).collect(Collectors.toSet());
         return new Ternary<>(sameTags, newTags, removedTags);
@@ -1849,7 +1843,7 @@ public class ResourceLimitManagerImpl extends ManagerBase implements ResourceLim
         if (currentOfferingTags.isEmpty() && newOfferingTags.isEmpty()) {
             return null;
         }
-        Set<String> sameTags = currentOfferingTags.stream().filter(newOfferingTags::contains).collect(Collectors.toSet());;
+        Set<String> sameTags = currentOfferingTags.stream().filter(newOfferingTags::contains).collect(Collectors.toSet());
         Set<String> newTags = newOfferingTags.stream().filter(tag -> !currentOfferingTags.contains(tag)).collect(Collectors.toSet());
         Set<String> removedTags = currentOfferingTags.stream().filter(tag -> !newOfferingTags.contains(tag)).collect(Collectors.toSet());
         return new Ternary<>(sameTags, newTags, removedTags);

From 9c6dfd2b26457fecbb2f0676703756c40233949e Mon Sep 17 00:00:00 2001
From: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
Date: Sun, 20 Jul 2025 21:31:52 +0530
Subject: [PATCH 24/83] Handle IllegalReferenceCountException for decoder,
 while uploading ISO from local (#10879)

---
 .../storage/resource/HttpUploadServerHandler.java    | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/services/secondary-storage/server/src/main/java/org/apache/cloudstack/storage/resource/HttpUploadServerHandler.java b/services/secondary-storage/server/src/main/java/org/apache/cloudstack/storage/resource/HttpUploadServerHandler.java
index 9b1c81284f4..73103c37660 100644
--- a/services/secondary-storage/server/src/main/java/org/apache/cloudstack/storage/resource/HttpUploadServerHandler.java
+++ b/services/secondary-storage/server/src/main/java/org/apache/cloudstack/storage/resource/HttpUploadServerHandler.java
@@ -27,6 +27,7 @@ import java.util.List;
 import java.util.Map;
 import java.util.Map.Entry;
 
+import io.netty.util.IllegalReferenceCountException;
 import org.apache.cloudstack.storage.template.UploadEntity;
 import org.apache.cloudstack.utils.imagestore.ImageStoreUtil;
 import org.apache.commons.lang3.StringUtils;
@@ -229,8 +230,15 @@ public class HttpUploadServerHandler extends SimpleChannelInboundHandler<HttpObj
     private void reset() {
         request = null;
         // destroy the decoder to release all resources
-        decoder.destroy();
-        decoder = null;
+        if (decoder != null) {
+            try {
+                decoder.destroy();
+            } catch (IllegalReferenceCountException e) {
+                logger.warn("Decoder already destroyed", e);
+            }
+
+            decoder = null;
+        }
     }
 
     private HttpResponseStatus readFileUploadData() throws IOException {

From 3fc02ddd45e41d6b358c55290d923aa90297aafd Mon Sep 17 00:00:00 2001
From: Manoj Kumar <manojkr.itbhu@gmail.com>
Date: Mon, 21 Jul 2025 15:52:38 +0530
Subject: [PATCH 25/83] Add format and physicalsize in listIsoOs api response
 (#11214)

---
 .../java/com/cloud/api/query/dao/TemplateJoinDaoImpl.java  | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/server/src/main/java/com/cloud/api/query/dao/TemplateJoinDaoImpl.java b/server/src/main/java/com/cloud/api/query/dao/TemplateJoinDaoImpl.java
index 063766761db..26a18818dbf 100644
--- a/server/src/main/java/com/cloud/api/query/dao/TemplateJoinDaoImpl.java
+++ b/server/src/main/java/com/cloud/api/query/dao/TemplateJoinDaoImpl.java
@@ -480,6 +480,7 @@ public class TemplateJoinDaoImpl extends GenericDaoBaseWithTagInformation<Templa
         isoResponse.setExtractable(iso.isExtractable() && !(iso.getTemplateType() == TemplateType.PERHOST));
         isoResponse.setCreated(iso.getCreatedOnStore());
         isoResponse.setDynamicallyScalable(iso.isDynamicallyScalable());
+        isoResponse.setFormat(iso.getFormat());
         if (iso.getTemplateType() == TemplateType.PERHOST) {
             // for TemplateManager.XS_TOOLS_ISO and TemplateManager.VMWARE_TOOLS_ISO, we didn't download, but is ready to use.
             isoResponse.setReady(true);
@@ -578,10 +579,14 @@ public class TemplateJoinDaoImpl extends GenericDaoBaseWithTagInformation<Templa
             isoResponse.setZoneName(iso.getDataCenterName());
         }
 
-        Long isoSize = iso.getSize();
+        long isoSize = iso.getSize();
         if (isoSize > 0) {
             isoResponse.setSize(isoSize);
         }
+        long isoPhysicalSize = iso.getPhysicalSize();
+        if (isoPhysicalSize > 0) {
+            isoResponse.setPhysicalSize(isoPhysicalSize);
+        }
 
         if (iso.getUserDataId() != null) {
             isoResponse.setUserDataId(iso.getUserDataUUid());

From d5f6b7cd1d18ad3b6e8057f3f36e95a0a24b7440 Mon Sep 17 00:00:00 2001
From: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
Date: Tue, 22 Jul 2025 21:36:26 +0530
Subject: [PATCH 26/83] Fix to create instances with smaller templates (< 1 GB)
 on PowerFlex/ScaleIO storage (#11211)

* Fix to create instances with smaller templates (< 1 GB) on PowerFlex/ScaleIO storage

* code improvements
---
 .../driver/ScaleIOPrimaryDataStoreDriver.java    | 16 ++++++++--------
 .../ScaleIOPrimaryDataStoreDriverTest.java       | 12 ++++++++++++
 .../kvm/storage/StorPoolStorageAdaptor.java      |  3 +++
 3 files changed, 23 insertions(+), 8 deletions(-)

diff --git a/plugins/storage/volume/scaleio/src/main/java/org/apache/cloudstack/storage/datastore/driver/ScaleIOPrimaryDataStoreDriver.java b/plugins/storage/volume/scaleio/src/main/java/org/apache/cloudstack/storage/datastore/driver/ScaleIOPrimaryDataStoreDriver.java
index 192ae4636e9..3d2ca5b1d09 100644
--- a/plugins/storage/volume/scaleio/src/main/java/org/apache/cloudstack/storage/datastore/driver/ScaleIOPrimaryDataStoreDriver.java
+++ b/plugins/storage/volume/scaleio/src/main/java/org/apache/cloudstack/storage/datastore/driver/ScaleIOPrimaryDataStoreDriver.java
@@ -1230,13 +1230,13 @@ public class ScaleIOPrimaryDataStoreDriver implements PrimaryDataStoreDriver {
             }
 
             org.apache.cloudstack.storage.datastore.api.Volume scaleIOVolume = client.getVolume(scaleIOVolumeId);
-            long newSizeInGB = newSizeInBytes / (1024 * 1024 * 1024);
-            long newSizeIn8gbBoundary = (long) (Math.ceil(newSizeInGB / 8.0) * 8.0);
+            double newSizeInGB = newSizeInBytes / (1024.0 * 1024 * 1024);
+            long newSizeIn8GBBoundary = (long) (Math.ceil(newSizeInGB / 8.0) * 8.0);
 
-            if (scaleIOVolume.getSizeInKb() == newSizeIn8gbBoundary << 20) {
+            if (scaleIOVolume.getSizeInKb() == newSizeIn8GBBoundary << 20) {
                 logger.debug("No resize necessary at API");
             } else {
-                scaleIOVolume = client.resizeVolume(scaleIOVolumeId, (int) newSizeIn8gbBoundary);
+                scaleIOVolume = client.resizeVolume(scaleIOVolumeId, (int) newSizeIn8GBBoundary);
                 if (scaleIOVolume == null) {
                     throw new CloudRuntimeException("Failed to resize volume: " + volumeInfo.getName());
                 }
@@ -1362,12 +1362,12 @@ public class ScaleIOPrimaryDataStoreDriver implements PrimaryDataStoreDriver {
 
     @Override
     public long getVolumeSizeRequiredOnPool(long volumeSize, Long templateSize, boolean isEncryptionRequired) {
-        long newSizeInGB = volumeSize / (1024 * 1024 * 1024);
+        double newSizeInGB = volumeSize / (1024.0 * 1024 * 1024);
         if (templateSize != null && isEncryptionRequired && needsExpansionForEncryptionHeader(templateSize, volumeSize)) {
-            newSizeInGB = (volumeSize + (1<<30)) / (1024 * 1024 * 1024);
+            newSizeInGB = (volumeSize + (1<<30)) / (1024.0 * 1024 * 1024);
         }
-        long newSizeIn8gbBoundary = (long) (Math.ceil(newSizeInGB / 8.0) * 8.0);
-        return newSizeIn8gbBoundary * (1024 * 1024 * 1024);
+        long newSizeIn8GBBoundary = (long) (Math.ceil(newSizeInGB / 8.0) * 8.0);
+        return newSizeIn8GBBoundary * (1024 * 1024 * 1024);
     }
 
     @Override
diff --git a/plugins/storage/volume/scaleio/src/test/java/org/apache/cloudstack/storage/datastore/driver/ScaleIOPrimaryDataStoreDriverTest.java b/plugins/storage/volume/scaleio/src/test/java/org/apache/cloudstack/storage/datastore/driver/ScaleIOPrimaryDataStoreDriverTest.java
index 921dd3d4d9f..610b595ee05 100644
--- a/plugins/storage/volume/scaleio/src/test/java/org/apache/cloudstack/storage/datastore/driver/ScaleIOPrimaryDataStoreDriverTest.java
+++ b/plugins/storage/volume/scaleio/src/test/java/org/apache/cloudstack/storage/datastore/driver/ScaleIOPrimaryDataStoreDriverTest.java
@@ -555,6 +555,18 @@ public class ScaleIOPrimaryDataStoreDriverTest {
 
     @Test
     public void testGetVolumeSizeRequiredOnPool() {
+        Assert.assertEquals(8L * (1024 * 1024 * 1024),
+                scaleIOPrimaryDataStoreDriver.getVolumeSizeRequiredOnPool(
+                        52428800,
+                        null,
+                        false));
+
+        Assert.assertEquals(8L * (1024 * 1024 * 1024),
+                scaleIOPrimaryDataStoreDriver.getVolumeSizeRequiredOnPool(
+                        52428800,
+                        52428800L,
+                        true));
+
         Assert.assertEquals(16L * (1024 * 1024 * 1024),
                 scaleIOPrimaryDataStoreDriver.getVolumeSizeRequiredOnPool(
                         10L * (1024 * 1024 * 1024),
diff --git a/plugins/storage/volume/storpool/src/main/java/com/cloud/hypervisor/kvm/storage/StorPoolStorageAdaptor.java b/plugins/storage/volume/storpool/src/main/java/com/cloud/hypervisor/kvm/storage/StorPoolStorageAdaptor.java
index d68e9cbd110..897b293f30d 100644
--- a/plugins/storage/volume/storpool/src/main/java/com/cloud/hypervisor/kvm/storage/StorPoolStorageAdaptor.java
+++ b/plugins/storage/volume/storpool/src/main/java/com/cloud/hypervisor/kvm/storage/StorPoolStorageAdaptor.java
@@ -139,6 +139,9 @@ public class StorPoolStorageAdaptor implements StorageAdaptor {
     }
 
     public static String getVolumeNameFromPath(final String volumeUuid, boolean tildeNeeded) {
+        if (volumeUuid == null) {
+            return null;
+        }
         if (volumeUuid.startsWith("/dev/storpool/")) {
             return volumeUuid.split("/")[3];
         } else if (volumeUuid.startsWith("/dev/storpool-byid/")) {

From d72a05aa5adb29952a3eb7eeef0c95d535e09768 Mon Sep 17 00:00:00 2001
From: Abhisar Sinha <63767682+abh1sar@users.noreply.github.com>
Date: Wed, 23 Jul 2025 11:21:59 +0530
Subject: [PATCH 27/83] Add special Icon to Shared FileSystem Instances
 (#10857)

* Use special icon for sharedfs instance and prefix for sharedfs volumes

* Give custom icon precedence over shared fs icon

* Fix sharedfsvm icon size

* Fix UT failure in StorageVmSharedFSLifeCycleTest
---
 .../lifecycle/StorageVmSharedFSLifeCycle.java | 25 +++++++++++++++----
 .../StorageVmSharedFSLifeCycleTest.java       | 11 +++++---
 ui/src/components/view/InfoCard.vue           |  7 +++++-
 ui/src/components/view/ListView.vue           |  7 +++++-
 4 files changed, 40 insertions(+), 10 deletions(-)

diff --git a/plugins/storage/sharedfs/storagevm/src/main/java/org/apache/cloudstack/storage/sharedfs/lifecycle/StorageVmSharedFSLifeCycle.java b/plugins/storage/sharedfs/storagevm/src/main/java/org/apache/cloudstack/storage/sharedfs/lifecycle/StorageVmSharedFSLifeCycle.java
index 31159e7d3d9..ed26963cf81 100644
--- a/plugins/storage/sharedfs/storagevm/src/main/java/org/apache/cloudstack/storage/sharedfs/lifecycle/StorageVmSharedFSLifeCycle.java
+++ b/plugins/storage/sharedfs/storagevm/src/main/java/org/apache/cloudstack/storage/sharedfs/lifecycle/StorageVmSharedFSLifeCycle.java
@@ -140,13 +140,18 @@ public class StorageVmSharedFSLifeCycle implements SharedFSLifeCycle {
         return fsVmConfig;
     }
 
-    private String getStorageVmName(String fileShareName) {
+    private String getStorageVmPrefix(String fileShareName) {
         String prefix = String.format("%s-%s", SharedFSVmNamePrefix, fileShareName);
-        String suffix = Long.toHexString(System.currentTimeMillis());
-
         if (!NetUtils.verifyDomainNameLabel(prefix, true)) {
             prefix = prefix.replaceAll("[^a-zA-Z0-9-]", "");
         }
+        return prefix;
+    }
+
+    private String getStorageVmName(String fileShareName) {
+        String prefix = getStorageVmPrefix(fileShareName);
+        String suffix = Long.toHexString(System.currentTimeMillis());
+
         int nameLength = prefix.length() + suffix.length() + SharedFSVmNamePrefix.length();
         if (nameLength > 63) {
             int prefixLength = prefix.length() - (nameLength - 63);
@@ -236,8 +241,18 @@ public class StorageVmSharedFSLifeCycle implements SharedFSLifeCycle {
         Account owner = accountMgr.getActiveAccountById(sharedFS.getAccountId());
         UserVm vm = deploySharedFSVM(sharedFS.getDataCenterId(), owner, List.of(networkId), sharedFS.getName(), sharedFS.getServiceOfferingId(), diskOfferingId, sharedFS.getFsType(), size, minIops, maxIops);
 
-        List<VolumeVO> volumes = volumeDao.findByInstanceAndType(vm.getId(), Volume.Type.DATADISK);
-        return new Pair<>(volumes.get(0).getId(), vm.getId());
+        List<VolumeVO> volumes = volumeDao.findByInstance(vm.getId());
+        VolumeVO dataVol = null;
+        for (VolumeVO vol : volumes) {
+            String volumeName = vol.getName();
+            String updatedVolumeName = SharedFSVmNamePrefix + "-" + volumeName;
+            vol.setName(updatedVolumeName);
+            volumeDao.update(vol.getId(), vol);
+            if (vol.getVolumeType() == Volume.Type.DATADISK) {
+                dataVol = vol;
+            }
+        }
+        return new Pair<>(dataVol.getId(), vm.getId());
     }
 
     @Override
diff --git a/plugins/storage/sharedfs/storagevm/src/test/java/org/apache/cloudstack/storage/sharedfs/lifecycle/StorageVmSharedFSLifeCycleTest.java b/plugins/storage/sharedfs/storagevm/src/test/java/org/apache/cloudstack/storage/sharedfs/lifecycle/StorageVmSharedFSLifeCycleTest.java
index 4393b0565f8..2cc909ce0d7 100644
--- a/plugins/storage/sharedfs/storagevm/src/test/java/org/apache/cloudstack/storage/sharedfs/lifecycle/StorageVmSharedFSLifeCycleTest.java
+++ b/plugins/storage/sharedfs/storagevm/src/test/java/org/apache/cloudstack/storage/sharedfs/lifecycle/StorageVmSharedFSLifeCycleTest.java
@@ -260,9 +260,14 @@ public class StorageVmSharedFSLifeCycleTest {
                 anyMap(), isNull(), isNull(), isNull(), isNull(),
                 anyBoolean(), anyString(), isNull())).thenReturn(vm);
 
-        VolumeVO volume = mock(VolumeVO.class);
-        when(volume.getId()).thenReturn(s_volumeId);
-        when(volumeDao.findByInstanceAndType(s_vmId, Volume.Type.DATADISK)).thenReturn(List.of(volume));
+        VolumeVO rootVol = mock(VolumeVO.class);
+        when(rootVol.getVolumeType()).thenReturn(Volume.Type.ROOT);
+        when(rootVol.getName()).thenReturn("ROOT-1");
+        VolumeVO dataVol = mock(VolumeVO.class);
+        when(dataVol.getId()).thenReturn(s_volumeId);
+        when(dataVol.getName()).thenReturn("DATA-1");
+        when(dataVol.getVolumeType()).thenReturn(Volume.Type.DATADISK);
+        when(volumeDao.findByInstance(s_vmId)).thenReturn(List.of(rootVol, dataVol));
 
          Pair<Long, Long> result = lifeCycle.deploySharedFS(sharedFS, s_networkId, s_diskOfferingId, s_size, s_minIops, s_maxIops);
          Assert.assertEquals(Optional.ofNullable(result.first()), Optional.ofNullable(s_volumeId));
diff --git a/ui/src/components/view/InfoCard.vue b/ui/src/components/view/InfoCard.vue
index 2ad7b96602f..d467665ed5f 100644
--- a/ui/src/components/view/InfoCard.vue
+++ b/ui/src/components/view/InfoCard.vue
@@ -34,6 +34,9 @@
                     <span v-if="(resource.icon && resource.icon.base64image || images.template || images.iso || resourceIcon) && !['router', 'systemvm', 'volume'].includes($route.path.split('/')[1])">
                       <resource-icon :image="getImage(resource.icon && resource.icon.base64image || images.template || images.iso || resourceIcon)" size="4x" style="margin-right: 5px"/>
                     </span>
+                    <span v-else-if="resource.vmtype === 'sharedfsvm'">
+                      <file-text-outlined style="font-size: 36px;" />
+                    </span>
                     <span v-else>
                       <os-logo v-if="resource.ostypeid || resource.ostypename || ['guestoscategory'].includes($route.path.split('/')[1])" :osId="resource.ostypeid" :osName="resource.ostypename || resource.name" size="3x" @update-osname="setResourceOsType"/>
                       <render-icon v-else-if="typeof $route.meta.icon ==='string'" style="font-size: 36px" :icon="$route.meta.icon" />
@@ -876,6 +879,7 @@ import UploadResourceIcon from '@/components/view/UploadResourceIcon'
 import eventBus from '@/config/eventBus'
 import ResourceIcon from '@/components/view/ResourceIcon'
 import ResourceLabel from '@/components/widgets/ResourceLabel'
+import { FileTextOutlined } from '@ant-design/icons-vue'
 
 export default {
   name: 'InfoCard',
@@ -887,7 +891,8 @@ export default {
     TooltipButton,
     UploadResourceIcon,
     ResourceIcon,
-    ResourceLabel
+    ResourceLabel,
+    FileTextOutlined
   },
   props: {
     resource: {
diff --git a/ui/src/components/view/ListView.vue b/ui/src/components/view/ListView.vue
index 3d41e01bb1c..eca99dc0346 100644
--- a/ui/src/components/view/ListView.vue
+++ b/ui/src/components/view/ListView.vue
@@ -44,6 +44,9 @@
           <span v-if="record.icon && record.icon.base64image">
             <resource-icon :image="record.icon.base64image" size="2x"/>
           </span>
+          <span v-else-if="record.vmtype === 'sharedfsvm'">
+            <file-text-outlined style="font-size: 18px;" />
+          </span>
           <os-logo v-else :osId="record.ostypeid" :osName="record.osdisplayname" size="xl" />
         </span>
         <span style="min-width: 120px" >
@@ -591,6 +594,7 @@ import { createPathBasedOnVmType } from '@/utils/plugins'
 import { validateLinks } from '@/utils/links'
 import cronstrue from 'cronstrue/i18n'
 import moment from 'moment-timezone'
+import { FileTextOutlined } from '@ant-design/icons-vue'
 
 export default {
   name: 'ListView',
@@ -601,7 +605,8 @@ export default {
     CopyLabel,
     TooltipButton,
     ResourceIcon,
-    ResourceLabel
+    ResourceLabel,
+    FileTextOutlined
   },
   props: {
     columns: {

From 0ebf72df0f149445c3bb9c94d4b94e0842c5f2ce Mon Sep 17 00:00:00 2001
From: Abhisar Sinha <63767682+abh1sar@users.noreply.github.com>
Date: Wed, 23 Jul 2025 16:15:33 +0530
Subject: [PATCH 28/83] Handle nas backup and restore on Shared mount point.
 (#11204)

---
 .../org/apache/cloudstack/backup/NASBackupProvider.java     | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/plugins/backup/nas/src/main/java/org/apache/cloudstack/backup/NASBackupProvider.java b/plugins/backup/nas/src/main/java/org/apache/cloudstack/backup/NASBackupProvider.java
index 141a0073498..46a2cf99e10 100644
--- a/plugins/backup/nas/src/main/java/org/apache/cloudstack/backup/NASBackupProvider.java
+++ b/plugins/backup/nas/src/main/java/org/apache/cloudstack/backup/NASBackupProvider.java
@@ -246,9 +246,13 @@ public class NASBackupProvider extends AdapterBase implements BackupProvider, Co
             if (Objects.isNull(storagePool)) {
                 throw new CloudRuntimeException("Unable to find storage pool associated to the volume");
             }
-            String volumePathPrefix = String.format("/mnt/%s", storagePool.getUuid());
+            String volumePathPrefix;
             if (ScopeType.HOST.equals(storagePool.getScope())) {
                 volumePathPrefix = storagePool.getPath();
+            } else if (Storage.StoragePoolType.SharedMountPoint.equals(storagePool.getPoolType())) {
+                volumePathPrefix = storagePool.getPath();
+            } else {
+                volumePathPrefix = String.format("/mnt/%s", storagePool.getUuid());
             }
             volumePaths.add(String.format("%s/%s", volumePathPrefix, volume.getPath()));
         }

From 1b74c2dd3f9eaca5f1d528c82f0aa1e2a078afff Mon Sep 17 00:00:00 2001
From: Abhisar Sinha <63767682+abh1sar@users.noreply.github.com>
Date: Wed, 23 Jul 2025 16:15:47 +0530
Subject: [PATCH 29/83] Fix restore from NAS backup when datadisk is older than
 the root disk. (#11258)

---
 .../cloudstack/backup/NASBackupProvider.java  |  7 ++-
 .../LibvirtRestoreBackupCommandWrapper.java   | 60 ++++++++++---------
 .../cloud/storage/VolumeApiServiceImpl.java   | 16 ++---
 .../cloudstack/backup/BackupManagerImpl.java  |  2 +
 .../storage/VolumeApiServiceImplTest.java     |  7 +--
 5 files changed, 49 insertions(+), 43 deletions(-)

diff --git a/plugins/backup/nas/src/main/java/org/apache/cloudstack/backup/NASBackupProvider.java b/plugins/backup/nas/src/main/java/org/apache/cloudstack/backup/NASBackupProvider.java
index 46a2cf99e10..9b5672e228f 100644
--- a/plugins/backup/nas/src/main/java/org/apache/cloudstack/backup/NASBackupProvider.java
+++ b/plugins/backup/nas/src/main/java/org/apache/cloudstack/backup/NASBackupProvider.java
@@ -51,6 +51,7 @@ import javax.inject.Inject;
 import java.text.SimpleDateFormat;
 import java.util.ArrayList;
 import java.util.Collections;
+import java.util.Comparator;
 import java.util.Date;
 import java.util.List;
 import java.util.Locale;
@@ -162,6 +163,7 @@ public class NASBackupProvider extends AdapterBase implements BackupProvider, Co
 
         if (VirtualMachine.State.Stopped.equals(vm.getState())) {
             List<VolumeVO> vmVolumes = volumeDao.findByInstance(vm.getId());
+            vmVolumes.sort(Comparator.comparing(Volume::getDeviceId));
             List<String> volumePaths = getVolumePaths(vmVolumes);
             command.setVolumePaths(volumePaths);
         }
@@ -212,7 +214,10 @@ public class NASBackupProvider extends AdapterBase implements BackupProvider, Co
     @Override
     public boolean restoreVMFromBackup(VirtualMachine vm, Backup backup) {
         List<Backup.VolumeInfo> backedVolumes = backup.getBackedUpVolumes();
-        List<VolumeVO> volumes = backedVolumes.stream().map(volume -> volumeDao.findByUuid(volume.getUuid())).collect(Collectors.toList());
+        List<VolumeVO> volumes = backedVolumes.stream()
+                .map(volume -> volumeDao.findByUuid(volume.getUuid()))
+                .sorted((v1, v2) -> Long.compare(v1.getDeviceId(), v2.getDeviceId()))
+                .collect(Collectors.toList());
 
         LOG.debug("Restoring vm {} from backup {} on the NAS Backup Provider", vm, backup);
         BackupRepository backupRepository = getBackupRepository(vm, backup);
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtRestoreBackupCommandWrapper.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtRestoreBackupCommandWrapper.java
index 2810f98c935..8abc359250c 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtRestoreBackupCommandWrapper.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtRestoreBackupCommandWrapper.java
@@ -62,16 +62,25 @@ public class LibvirtRestoreBackupCommandWrapper extends CommandWrapper<RestoreBa
         String restoreVolumeUuid = command.getRestoreVolumeUUID();
 
         String newVolumeId = null;
-        if (Objects.isNull(vmExists)) {
-            String volumePath = volumePaths.get(0);
-            int lastIndex = volumePath.lastIndexOf("/");
-            newVolumeId = volumePath.substring(lastIndex + 1);
-            restoreVolume(backupPath, backupRepoType, backupRepoAddress, volumePath, diskType, restoreVolumeUuid,
-                    new Pair<>(vmName, command.getVmState()), mountOptions);
-        } else if (Boolean.TRUE.equals(vmExists)) {
-            restoreVolumesOfExistingVM(volumePaths, backupPath, backupRepoType, backupRepoAddress, mountOptions);
-        } else {
-            restoreVolumesOfDestroyedVMs(volumePaths, vmName, backupPath, backupRepoType, backupRepoAddress, mountOptions);
+        try {
+            if (Objects.isNull(vmExists)) {
+                String volumePath = volumePaths.get(0);
+                int lastIndex = volumePath.lastIndexOf("/");
+                newVolumeId = volumePath.substring(lastIndex + 1);
+                restoreVolume(backupPath, backupRepoType, backupRepoAddress, volumePath, diskType, restoreVolumeUuid,
+                        new Pair<>(vmName, command.getVmState()), mountOptions);
+            } else if (Boolean.TRUE.equals(vmExists)) {
+                restoreVolumesOfExistingVM(volumePaths, backupPath, backupRepoType, backupRepoAddress, mountOptions);
+            } else {
+                restoreVolumesOfDestroyedVMs(volumePaths, vmName, backupPath, backupRepoType, backupRepoAddress, mountOptions);
+            }
+        } catch (CloudRuntimeException e) {
+            String errorMessage = "Failed to restore backup for VM: " + vmName + ".";
+            if (e.getMessage() != null && !e.getMessage().isEmpty()) {
+                errorMessage += " Details: " + e.getMessage();
+            }
+            logger.error(errorMessage);
+            return new BackupAnswer(command, false, errorMessage);
         }
 
         return new BackupAnswer(command, true, newVolumeId);
@@ -86,10 +95,8 @@ public class LibvirtRestoreBackupCommandWrapper extends CommandWrapper<RestoreBa
                 String volumePath = volumePaths.get(idx);
                 Pair<String, String> bkpPathAndVolUuid = getBackupPath(mountDirectory, volumePath, backupPath, diskType, null);
                 diskType = "datadisk";
-                try {
-                    replaceVolumeWithBackup(volumePath, bkpPathAndVolUuid.first());
-                } catch (IOException e) {
-                    throw new CloudRuntimeException(String.format("Unable to revert backup for volume [%s] due to [%s].", bkpPathAndVolUuid.second(), e.getMessage()), e);
+                if (!replaceVolumeWithBackup(volumePath, bkpPathAndVolUuid.first())) {
+                    throw new CloudRuntimeException(String.format("Unable to restore backup for volume [%s].", bkpPathAndVolUuid.second()));
                 }
             }
         } finally {
@@ -108,10 +115,8 @@ public class LibvirtRestoreBackupCommandWrapper extends CommandWrapper<RestoreBa
                 String volumePath = volumePaths.get(i);
                 Pair<String, String> bkpPathAndVolUuid = getBackupPath(mountDirectory, volumePath, backupPath, diskType, null);
                 diskType = "datadisk";
-                try {
-                    replaceVolumeWithBackup(volumePath, bkpPathAndVolUuid.first());
-                } catch (IOException e) {
-                    throw new CloudRuntimeException(String.format("Unable to revert backup for volume [%s] due to [%s].", bkpPathAndVolUuid.second(), e.getMessage()), e);
+                if (!replaceVolumeWithBackup(volumePath, bkpPathAndVolUuid.first())) {
+                    throw new CloudRuntimeException(String.format("Unable to restore backup for volume [%s].", bkpPathAndVolUuid.second()));
                 }
             }
         } finally {
@@ -126,15 +131,13 @@ public class LibvirtRestoreBackupCommandWrapper extends CommandWrapper<RestoreBa
         Pair<String, String> bkpPathAndVolUuid;
         try {
             bkpPathAndVolUuid = getBackupPath(mountDirectory, volumePath, backupPath, diskType, volumeUUID);
-            try {
-                replaceVolumeWithBackup(volumePath, bkpPathAndVolUuid.first());
-                if (VirtualMachine.State.Running.equals(vmNameAndState.second())) {
-                    if (!attachVolumeToVm(vmNameAndState.first(), volumePath)) {
-                        throw new CloudRuntimeException(String.format("Failed to attach volume to VM: %s", vmNameAndState.first()));
-                    }
+            if (!replaceVolumeWithBackup(volumePath, bkpPathAndVolUuid.first())) {
+                throw new CloudRuntimeException(String.format("Unable to restore backup for volume [%s].", bkpPathAndVolUuid.second()));
+            }
+            if (VirtualMachine.State.Running.equals(vmNameAndState.second())) {
+                if (!attachVolumeToVm(vmNameAndState.first(), volumePath)) {
+                    throw new CloudRuntimeException(String.format("Failed to attach volume to VM: %s", vmNameAndState.first()));
                 }
-            } catch (IOException e) {
-                throw new CloudRuntimeException(String.format("Unable to revert backup for volume [%s] due to [%s].", bkpPathAndVolUuid.second(), e.getMessage()), e);
             }
         } catch (Exception e) {
             throw new CloudRuntimeException("Failed to restore volume", e);
@@ -194,8 +197,9 @@ public class LibvirtRestoreBackupCommandWrapper extends CommandWrapper<RestoreBa
         return new Pair<>(bkpPath, volUuid);
     }
 
-    private void replaceVolumeWithBackup(String volumePath, String backupPath) throws IOException {
-        Script.runSimpleBashScript(String.format(RSYNC_COMMAND, backupPath, volumePath));
+    private boolean replaceVolumeWithBackup(String volumePath, String backupPath) {
+        int exitValue = Script.runSimpleBashScriptForExitValue(String.format(RSYNC_COMMAND, backupPath, volumePath));
+        return exitValue == 0;
     }
 
     private boolean attachVolumeToVm(String vmName, String volumePath) {
diff --git a/server/src/main/java/com/cloud/storage/VolumeApiServiceImpl.java b/server/src/main/java/com/cloud/storage/VolumeApiServiceImpl.java
index 84e4bbf258f..440da7e2c72 100644
--- a/server/src/main/java/com/cloud/storage/VolumeApiServiceImpl.java
+++ b/server/src/main/java/com/cloud/storage/VolumeApiServiceImpl.java
@@ -2605,7 +2605,9 @@ public class VolumeApiServiceImpl extends ManagerBase implements VolumeApiServic
 
         excludeLocalStorageIfNeeded(volumeToAttach);
 
-        checkForDevicesInCopies(vmId, vm);
+        checkForVMSnapshots(vmId, vm);
+
+        checkForBackups(vm, true);
 
         checkRightsToAttach(caller, volumeToAttach, vm);
 
@@ -2707,18 +2709,12 @@ public class VolumeApiServiceImpl extends ManagerBase implements VolumeApiServic
         }
     }
 
-    private void checkForDevicesInCopies(Long vmId, UserVmVO vm) {
+    private void checkForVMSnapshots(Long vmId, UserVmVO vm) {
         // if target VM has associated VM snapshots
         List<VMSnapshotVO> vmSnapshots = _vmSnapshotDao.findByVm(vmId);
         if (vmSnapshots.size() > 0) {
             throw new InvalidParameterValueException(String.format("Unable to attach volume to VM %s/%s, please specify a VM that does not have VM snapshots", vm.getName(), vm.getUuid()));
         }
-
-        // if target VM has backups
-        List<Backup> backups = backupDao.listByVmId(vm.getDataCenterId(), vm.getId());
-        if (vm.getBackupOfferingId() != null && !backups.isEmpty()) {
-            throw new InvalidParameterValueException(String.format("Unable to attach volume to VM %s/%s, please specify a VM that does not have any backups", vm.getName(), vm.getUuid()));
-        }
     }
 
     /**
@@ -2818,7 +2814,7 @@ public class VolumeApiServiceImpl extends ManagerBase implements VolumeApiServic
         return volumeToAttach;
     }
 
-    protected void validateIfVmHasBackups(UserVmVO vm, boolean attach) {
+    protected void checkForBackups(UserVmVO vm, boolean attach) {
         if ((vm.getBackupOfferingId() == null || CollectionUtils.isEmpty(vm.getBackupVolumeList())) || BooleanUtils.isTrue(BackupManager.BackupEnableAttachDetachVolumes.value())) {
             return;
         }
@@ -3038,7 +3034,7 @@ public class VolumeApiServiceImpl extends ManagerBase implements VolumeApiServic
             throw new InvalidParameterValueException("Unable to detach volume, please specify a VM that does not have VM snapshots");
         }
 
-        validateIfVmHasBackups(vm, false);
+        checkForBackups(vm, false);
 
         AsyncJobExecutionContext asyncExecutionContext = AsyncJobExecutionContext.getCurrentExecutionContext();
         if (asyncExecutionContext != null) {
diff --git a/server/src/main/java/org/apache/cloudstack/backup/BackupManagerImpl.java b/server/src/main/java/org/apache/cloudstack/backup/BackupManagerImpl.java
index 43fc705ad76..1e6ef1a7852 100644
--- a/server/src/main/java/org/apache/cloudstack/backup/BackupManagerImpl.java
+++ b/server/src/main/java/org/apache/cloudstack/backup/BackupManagerImpl.java
@@ -19,6 +19,7 @@ package org.apache.cloudstack.backup;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
+import java.util.Comparator;
 import java.util.Date;
 import java.util.HashMap;
 import java.util.List;
@@ -277,6 +278,7 @@ public class BackupManagerImpl extends ManagerBase implements BackupManager {
 
     public static String createVolumeInfoFromVolumes(List<VolumeVO> vmVolumes) {
         List<Backup.VolumeInfo> list = new ArrayList<>();
+        vmVolumes.sort(Comparator.comparing(VolumeVO::getDeviceId));
         for (VolumeVO vol : vmVolumes) {
             list.add(new Backup.VolumeInfo(vol.getUuid(), vol.getPath(), vol.getVolumeType(), vol.getSize()));
         }
diff --git a/server/src/test/java/com/cloud/storage/VolumeApiServiceImplTest.java b/server/src/test/java/com/cloud/storage/VolumeApiServiceImplTest.java
index 7dcf30c55e4..6c25e69876f 100644
--- a/server/src/test/java/com/cloud/storage/VolumeApiServiceImplTest.java
+++ b/server/src/test/java/com/cloud/storage/VolumeApiServiceImplTest.java
@@ -666,7 +666,6 @@ public class VolumeApiServiceImplTest {
         when(vm.getState()).thenReturn(State.Running);
         when(vm.getDataCenterId()).thenReturn(34L);
         when(vm.getBackupOfferingId()).thenReturn(null);
-        when(backupDaoMock.listByVmId(anyLong(), anyLong())).thenReturn(Collections.emptyList());
         when(volumeDaoMock.findByInstanceAndType(anyLong(), any(Volume.Type.class))).thenReturn(new ArrayList<>(10));
         when(volumeDataFactoryMock.getVolume(9L)).thenReturn(volumeToAttach);
         when(volumeToAttach.getState()).thenReturn(Volume.State.Uploaded);
@@ -1305,7 +1304,7 @@ public class VolumeApiServiceImplTest {
         try {
             UserVmVO vm = Mockito.mock(UserVmVO.class);
             when(vm.getBackupOfferingId()).thenReturn(1l);
-            volumeApiServiceImpl.validateIfVmHasBackups(vm, false);
+            volumeApiServiceImpl.checkForBackups(vm, false);
         } catch (Exception e) {
             Assert.assertEquals("Unable to detach volume, cannot detach volume from a VM that has backups. First remove the VM from the backup offering or set the global configuration 'backup.enable.attach.detach.of.volumes' to true.", e.getMessage());
         }
@@ -1316,7 +1315,7 @@ public class VolumeApiServiceImplTest {
         try {
             UserVmVO vm = Mockito.mock(UserVmVO.class);
             when(vm.getBackupOfferingId()).thenReturn(1l);
-            volumeApiServiceImpl.validateIfVmHasBackups(vm, true);
+            volumeApiServiceImpl.checkForBackups(vm, true);
         } catch (Exception e) {
             Assert.assertEquals("Unable to attach volume, please specify a VM that does not have any backups or set the global configuration 'backup.enable.attach.detach.of.volumes' to true.", e.getMessage());
         }
@@ -1326,7 +1325,7 @@ public class VolumeApiServiceImplTest {
     public void validateIfVmHaveBackupsTestSuccessWhenVMDontHaveBackupOffering() {
         UserVmVO vm = Mockito.mock(UserVmVO.class);
         when(vm.getBackupOfferingId()).thenReturn(null);
-        volumeApiServiceImpl.validateIfVmHasBackups(vm, true);
+        volumeApiServiceImpl.checkForBackups(vm, true);
     }
 
     @Test

From 264e404108ad3b35389e0a444db2fccb6592ae17 Mon Sep 17 00:00:00 2001
From: Manoj Kumar <manojkr.itbhu@gmail.com>
Date: Thu, 24 Jul 2025 09:30:20 +0530
Subject: [PATCH 30/83] Fix for dynamic scaling toggle for instance (#11086)

* Fix for dynamic scaling toggle for instance

* Update api/src/main/java/org/apache/cloudstack/api/response/CapabilitiesResponse.java

---------

Co-authored-by: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
---
 .../command/user/config/ListCapabilitiesCmd.java |  1 +
 .../api/response/CapabilitiesResponse.java       |  8 ++++++++
 .../com/cloud/server/ManagementServerImpl.java   |  1 +
 ui/src/views/compute/DeployVM.vue                | 14 +++-----------
 ui/src/views/compute/DeployVnfAppliance.vue      | 14 +++-----------
 ui/src/views/compute/EditVM.vue                  | 16 ++--------------
 6 files changed, 18 insertions(+), 36 deletions(-)

diff --git a/api/src/main/java/org/apache/cloudstack/api/command/user/config/ListCapabilitiesCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/user/config/ListCapabilitiesCmd.java
index 65920a97c98..4f036e89a64 100644
--- a/api/src/main/java/org/apache/cloudstack/api/command/user/config/ListCapabilitiesCmd.java
+++ b/api/src/main/java/org/apache/cloudstack/api/command/user/config/ListCapabilitiesCmd.java
@@ -71,6 +71,7 @@ public class ListCapabilitiesCmd extends BaseCmd {
         response.setInstancesStatsUserOnly((Boolean) capabilities.get(ApiConstants.INSTANCES_STATS_USER_ONLY));
         response.setInstancesDisksStatsRetentionEnabled((Boolean) capabilities.get(ApiConstants.INSTANCES_DISKS_STATS_RETENTION_ENABLED));
         response.setInstancesDisksStatsRetentionTime((Integer) capabilities.get(ApiConstants.INSTANCES_DISKS_STATS_RETENTION_TIME));
+        response.setDynamicScalingEnabled((Boolean) capabilities.get(ApiConstants.DYNAMIC_SCALING_ENABLED));
         response.setObjectName("capability");
         response.setResponseName(getCommandName());
         this.setResponseObject(response);
diff --git a/api/src/main/java/org/apache/cloudstack/api/response/CapabilitiesResponse.java b/api/src/main/java/org/apache/cloudstack/api/response/CapabilitiesResponse.java
index e4224c85e97..83fb4f4b372 100644
--- a/api/src/main/java/org/apache/cloudstack/api/response/CapabilitiesResponse.java
+++ b/api/src/main/java/org/apache/cloudstack/api/response/CapabilitiesResponse.java
@@ -124,6 +124,10 @@ public class CapabilitiesResponse extends BaseResponse {
     @Param(description = "the retention time for Instances disks stats", since = "4.18.0")
     private Integer instancesDisksStatsRetentionTime;
 
+    @SerializedName(ApiConstants.DYNAMIC_SCALING_ENABLED)
+    @Param(description = "true if dynamically scaling for instances is enabled", since = "4.21.0")
+    private Boolean dynamicScalingEnabled;
+
     public void setSecurityGroupsEnabled(boolean securityGroupsEnabled) {
         this.securityGroupsEnabled = securityGroupsEnabled;
     }
@@ -223,4 +227,8 @@ public class CapabilitiesResponse extends BaseResponse {
     public void setCustomHypervisorDisplayName(String customHypervisorDisplayName) {
         this.customHypervisorDisplayName = customHypervisorDisplayName;
     }
+
+    public void setDynamicScalingEnabled(Boolean dynamicScalingEnabled) {
+        this.dynamicScalingEnabled = dynamicScalingEnabled;
+    }
 }
diff --git a/server/src/main/java/com/cloud/server/ManagementServerImpl.java b/server/src/main/java/com/cloud/server/ManagementServerImpl.java
index 7ccd6b5e289..451c8f4e159 100644
--- a/server/src/main/java/com/cloud/server/ManagementServerImpl.java
+++ b/server/src/main/java/com/cloud/server/ManagementServerImpl.java
@@ -4408,6 +4408,7 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe
         capabilities.put(ApiConstants.INSTANCES_STATS_USER_ONLY, StatsCollector.vmStatsCollectUserVMOnly.value());
         capabilities.put(ApiConstants.INSTANCES_DISKS_STATS_RETENTION_ENABLED, StatsCollector.vmDiskStatsRetentionEnabled.value());
         capabilities.put(ApiConstants.INSTANCES_DISKS_STATS_RETENTION_TIME, StatsCollector.vmDiskStatsMaxRetentionTime.value());
+        capabilities.put(ApiConstants.DYNAMIC_SCALING_ENABLED, UserVmManager.EnableDynamicallyScaleVm.value());
         if (apiLimitEnabled) {
             capabilities.put("apiLimitInterval", apiLimitInterval);
             capabilities.put("apiLimitMax", apiLimitMax);
diff --git a/ui/src/views/compute/DeployVM.vue b/ui/src/views/compute/DeployVM.vue
index c99ffe4d321..30ac498c5c2 100644
--- a/ui/src/views/compute/DeployVM.vue
+++ b/ui/src/views/compute/DeployVM.vue
@@ -944,8 +944,7 @@ export default {
         keyboards: [],
         bootTypes: [],
         bootModes: [],
-        ioPolicyTypes: [],
-        dynamicScalingVmConfig: false
+        ioPolicyTypes: []
       },
       rowCount: {},
       loading: {
@@ -1175,13 +1174,6 @@ export default {
             type: 'Routing'
           },
           field: 'hostid'
-        },
-        dynamicScalingVmConfig: {
-          list: 'listConfigurations',
-          options: {
-            zoneid: _.get(this.zone, 'id'),
-            name: 'enable.dynamic.scale.vm'
-          }
         }
       }
     },
@@ -1312,7 +1304,7 @@ export default {
       return Boolean('listUserData' in this.$store.getters.apis)
     },
     dynamicScalingVmConfigValue () {
-      return this.options.dynamicScalingVmConfig?.[0]?.value === 'true'
+      return this.$store.getters.features.dynamicscalingenabled
     },
     isCustomizedDiskIOPS () {
       return this.diskSelected?.iscustomizediops || false
@@ -2215,7 +2207,7 @@ export default {
       param.loading = true
       param.opts = []
       const options = param.options || {}
-      if (!('listall' in options) && !['zones', 'pods', 'clusters', 'hosts', 'dynamicScalingVmConfig', 'hypervisors'].includes(name)) {
+      if (!('listall' in options) && !['zones', 'pods', 'clusters', 'hosts', 'hypervisors'].includes(name)) {
         options.listall = true
       }
       api(param.list, options).then((response) => {
diff --git a/ui/src/views/compute/DeployVnfAppliance.vue b/ui/src/views/compute/DeployVnfAppliance.vue
index 5e1baac3d8f..b69b67aa8d3 100644
--- a/ui/src/views/compute/DeployVnfAppliance.vue
+++ b/ui/src/views/compute/DeployVnfAppliance.vue
@@ -960,8 +960,7 @@ export default {
         keyboards: [],
         bootTypes: [],
         bootModes: [],
-        ioPolicyTypes: [],
-        dynamicScalingVmConfig: false
+        ioPolicyTypes: []
       },
       rowCount: {},
       loading: {
@@ -1194,13 +1193,6 @@ export default {
             type: 'Routing'
           },
           field: 'hostid'
-        },
-        dynamicScalingVmConfig: {
-          list: 'listConfigurations',
-          options: {
-            zoneid: _.get(this.zone, 'id'),
-            name: 'enable.dynamic.scale.vm'
-          }
         }
       }
     },
@@ -1332,7 +1324,7 @@ export default {
       return Boolean('listUserData' in this.$store.getters.apis)
     },
     dynamicScalingVmConfigValue () {
-      return this.options.dynamicScalingVmConfig?.[0]?.value === 'true'
+      return this.$store.getters.features.dynamicscalingenabled
     },
     isCustomizedDiskIOPS () {
       return this.diskSelected?.iscustomizediops || false
@@ -2403,7 +2395,7 @@ export default {
       param.loading = true
       param.opts = []
       const options = param.options || {}
-      if (!('listall' in options) && !['zones', 'pods', 'clusters', 'hosts', 'dynamicScalingVmConfig', 'hypervisors'].includes(name)) {
+      if (!('listall' in options) && !['zones', 'pods', 'clusters', 'hosts', 'hypervisors'].includes(name)) {
         options.listall = true
       }
       api(param.list, options).then((response) => {
diff --git a/ui/src/views/compute/EditVM.vue b/ui/src/views/compute/EditVM.vue
index 92079b84113..90cc96dd9ef 100644
--- a/ui/src/views/compute/EditVM.vue
+++ b/ui/src/views/compute/EditVM.vue
@@ -145,7 +145,6 @@ export default {
       template: {},
       userDataEnabled: false,
       securityGroupsEnabled: false,
-      dynamicScalingVmConfig: false,
       loading: false,
       securitygroups: {
         loading: false,
@@ -189,7 +188,6 @@ export default {
       this.fetchInstaceGroups()
       this.fetchServiceOfferingData()
       this.fetchTemplateData()
-      this.fetchDynamicScalingVmConfig()
       this.fetchUserData()
     },
     fetchZoneDetails () {
@@ -241,18 +239,8 @@ export default {
         this.template = templateResponses[0]
       })
     },
-    fetchDynamicScalingVmConfig () {
-      const params = {}
-      params.name = 'enable.dynamic.scale.vm'
-      params.zoneid = this.resource.zoneid
-      var apiName = 'listConfigurations'
-      api(apiName, params).then(json => {
-        const configResponse = json.listconfigurationsresponse.configuration
-        this.dynamicScalingVmConfig = configResponse[0]?.value === 'true'
-      })
-    },
-    canDynamicScalingEnabled () {
-      return this.template.isdynamicallyscalable && this.serviceOffering.dynamicscalingenabled && this.dynamicScalingVmConfig
+    isDynamicScalingEnabled () {
+      return this.template.isdynamicallyscalable && this.serviceOffering.dynamicscalingenabled && this.$store.getters.features.dynamicscalingenabled
     },
     fetchOsTypes () {
       this.osTypes.loading = true

From 4111061d2957ae447df05e37f2c8b38171e7eb3c Mon Sep 17 00:00:00 2001
From: dahn <daan@onecht.net>
Date: Thu, 24 Jul 2025 09:26:57 +0200
Subject: [PATCH 31/83] list only own zones for resource admin (#11087)

Co-authored-by: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
---
 .../java/com/cloud/user/AccountService.java   |   2 +
 .../admin/cluster/ListClustersCmd.java        |   6 +-
 .../api/command/admin/pod/ListPodsByCmd.java  |   4 +-
 .../api/command/user/zone/ListZonesCmd.java   |   7 -
 .../apache/cloudstack/query/QueryService.java |  12 +-
 .../management/MockAccountManager.java        |   6 +
 .../com/cloud/api/query/QueryManagerImpl.java | 490 ++++++++----------
 .../com/cloud/user/AccountManagerImpl.java    |   1 +
 .../cloud/user/MockAccountManagerImpl.java    |   5 +
 9 files changed, 254 insertions(+), 279 deletions(-)

diff --git a/api/src/main/java/com/cloud/user/AccountService.java b/api/src/main/java/com/cloud/user/AccountService.java
index e2c3bed0c29..c0ebcf09f59 100644
--- a/api/src/main/java/com/cloud/user/AccountService.java
+++ b/api/src/main/java/com/cloud/user/AccountService.java
@@ -87,6 +87,8 @@ public interface AccountService {
 
     boolean isDomainAdmin(Long accountId);
 
+    boolean isResourceDomainAdmin(Long accountId);
+
     boolean isNormalUser(long accountId);
 
     User getActiveUserByRegistrationToken(String registrationToken);
diff --git a/api/src/main/java/org/apache/cloudstack/api/command/admin/cluster/ListClustersCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/admin/cluster/ListClustersCmd.java
index 362913a1138..90ec9d1ff07 100644
--- a/api/src/main/java/org/apache/cloudstack/api/command/admin/cluster/ListClustersCmd.java
+++ b/api/src/main/java/org/apache/cloudstack/api/command/admin/cluster/ListClustersCmd.java
@@ -128,19 +128,19 @@ public class ListClustersCmd extends BaseListCmd {
 
     protected Pair<List<ClusterResponse>, Integer> getClusterResponses() {
         Pair<List<? extends Cluster>, Integer> result = _mgr.searchForClusters(this);
-        List<ClusterResponse> clusterResponses = new ArrayList<ClusterResponse>();
+        List<ClusterResponse> clusterResponses = new ArrayList<>();
         for (Cluster cluster : result.first()) {
             ClusterResponse clusterResponse = _responseGenerator.createClusterResponse(cluster, showCapacities);
             clusterResponse.setObjectName("cluster");
             clusterResponses.add(clusterResponse);
         }
-        return new Pair<List<ClusterResponse>, Integer>(clusterResponses, result.second());
+        return new Pair<>(clusterResponses, result.second());
     }
 
     @Override
     public void execute() {
         Pair<List<ClusterResponse>, Integer> clusterResponses = getClusterResponses();
-        ListResponse<ClusterResponse> response = new ListResponse<ClusterResponse>();
+        ListResponse<ClusterResponse> response = new ListResponse<>();
         response.setResponses(clusterResponses.first(), clusterResponses.second());
         response.setResponseName(getCommandName());
         this.setResponseObject(response);
diff --git a/api/src/main/java/org/apache/cloudstack/api/command/admin/pod/ListPodsByCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/admin/pod/ListPodsByCmd.java
index 5ad0b457ced..10370b4c78a 100644
--- a/api/src/main/java/org/apache/cloudstack/api/command/admin/pod/ListPodsByCmd.java
+++ b/api/src/main/java/org/apache/cloudstack/api/command/admin/pod/ListPodsByCmd.java
@@ -86,8 +86,8 @@ public class ListPodsByCmd extends BaseListCmd {
     @Override
     public void execute() {
         Pair<List<? extends Pod>, Integer> result = _mgr.searchForPods(this);
-        ListResponse<PodResponse> response = new ListResponse<PodResponse>();
-        List<PodResponse> podResponses = new ArrayList<PodResponse>();
+        ListResponse<PodResponse> response = new ListResponse<>();
+        List<PodResponse> podResponses = new ArrayList<>();
         for (Pod pod : result.first()) {
             PodResponse podResponse = _responseGenerator.createPodResponse(pod, showCapacities);
             podResponse.setObjectName("pod");
diff --git a/api/src/main/java/org/apache/cloudstack/api/command/user/zone/ListZonesCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/user/zone/ListZonesCmd.java
index d926257437e..8d371bb6761 100644
--- a/api/src/main/java/org/apache/cloudstack/api/command/user/zone/ListZonesCmd.java
+++ b/api/src/main/java/org/apache/cloudstack/api/command/user/zone/ListZonesCmd.java
@@ -34,8 +34,6 @@ import org.apache.cloudstack.api.response.ZoneResponse;
         requestHasSensitiveInfo = false, responseHasSensitiveInfo = false)
 public class ListZonesCmd extends BaseListCmd implements UserCmd {
 
-    private static final String s_name = "listzonesresponse";
-
     /////////////////////////////////////////////////////
     //////////////// API parameters /////////////////////
     /////////////////////////////////////////////////////
@@ -113,11 +111,6 @@ public class ListZonesCmd extends BaseListCmd implements UserCmd {
     /////////////// API Implementation///////////////////
     /////////////////////////////////////////////////////
 
-    @Override
-    public String getCommandName() {
-        return s_name;
-    }
-
     @Override
     public void execute() {
         ListResponse<ZoneResponse> response = _queryService.listDataCenters(this);
diff --git a/api/src/main/java/org/apache/cloudstack/query/QueryService.java b/api/src/main/java/org/apache/cloudstack/query/QueryService.java
index 0a5721abdc1..0f658e5d20d 100644
--- a/api/src/main/java/org/apache/cloudstack/query/QueryService.java
+++ b/api/src/main/java/org/apache/cloudstack/query/QueryService.java
@@ -112,11 +112,11 @@ public interface QueryService {
     ConfigKey<Boolean> AllowUserViewDestroyedVM = new ConfigKey<>("Advanced", Boolean.class, "allow.user.view.destroyed.vm", "false",
             "Determines whether users can view their destroyed or expunging vm ", true, ConfigKey.Scope.Account);
 
-    static final ConfigKey<String> UserVMDeniedDetails = new ConfigKey<>(String.class,
+    ConfigKey<String> UserVMDeniedDetails = new ConfigKey<>(String.class,
     "user.vm.denied.details", "Advanced", "rootdisksize, cpuOvercommitRatio, memoryOvercommitRatio, Message.ReservedCapacityFreed.Flag",
             "Determines whether users can view certain VM settings. When set to empty, default value used is: rootdisksize, cpuOvercommitRatio, memoryOvercommitRatio, Message.ReservedCapacityFreed.Flag.", true, ConfigKey.Scope.Global, null, null, null, null, null, ConfigKey.Kind.CSV, null);
 
-    static final ConfigKey<String> UserVMReadOnlyDetails = new ConfigKey<>(String.class,
+    ConfigKey<String> UserVMReadOnlyDetails = new ConfigKey<>(String.class,
     "user.vm.readonly.details", "Advanced", "dataDiskController, rootDiskController",
             "List of read-only VM settings/details as comma separated string", true, ConfigKey.Scope.Global, null, null, null, null, null, ConfigKey.Kind.CSV, null);
 
@@ -125,16 +125,20 @@ public interface QueryService {
                     "network offering, zones), we use the flag to determine if the entities should be sorted ascending (when flag is true) " +
                     "or descending (when flag is false). Within the scope of the config all users see the same result.", true, ConfigKey.Scope.Global);
 
-    public static final ConfigKey<Boolean> AllowUserViewAllDomainAccounts = new ConfigKey<>("Advanced", Boolean.class,
+    ConfigKey<Boolean> AllowUserViewAllDomainAccounts = new ConfigKey<>("Advanced", Boolean.class,
             "allow.user.view.all.domain.accounts", "false",
             "Determines whether users can view all user accounts within the same domain", true, ConfigKey.Scope.Domain);
 
-    static final ConfigKey<Boolean> SharePublicTemplatesWithOtherDomains = new ConfigKey<>("Advanced", Boolean.class, "share.public.templates.with.other.domains", "true",
+    ConfigKey<Boolean> AllowUserViewAllDataCenters = new ConfigKey<>("Advanced", Boolean.class, "allow.user.view.all.zones", "true",
+            "Determines whether for instance a Resource Admin can view zones that are not dedicated to them.", true, ConfigKey.Scope.Domain);
+
+    ConfigKey<Boolean> SharePublicTemplatesWithOtherDomains = new ConfigKey<>("Advanced", Boolean.class, "share.public.templates.with.other.domains", "true",
             "If false, templates of this domain will not show up in the list templates of other domains.", true, ConfigKey.Scope.Domain);
 
     ConfigKey<Boolean> ReturnVmStatsOnVmList = new ConfigKey<>("Advanced", Boolean.class, "list.vm.default.details.stats", "true",
             "Determines whether VM stats should be returned when details are not explicitly specified in listVirtualMachines API request. When false, details default to [group, nics, secgrp, tmpl, servoff, diskoff, backoff, iso, volume, min, affgrp]. When true, all details are returned including 'stats'.", true, ConfigKey.Scope.Global);
 
+
     ListResponse<UserResponse> searchForUsers(ResponseObject.ResponseView responseView, ListUsersCmd cmd) throws PermissionDeniedException;
 
     ListResponse<UserResponse> searchForUsers(Long domainId, boolean recursive) throws PermissionDeniedException;
diff --git a/plugins/network-elements/juniper-contrail/src/test/java/org/apache/cloudstack/network/contrail/management/MockAccountManager.java b/plugins/network-elements/juniper-contrail/src/test/java/org/apache/cloudstack/network/contrail/management/MockAccountManager.java
index d30d7b2f74d..bc9dbfa7b43 100644
--- a/plugins/network-elements/juniper-contrail/src/test/java/org/apache/cloudstack/network/contrail/management/MockAccountManager.java
+++ b/plugins/network-elements/juniper-contrail/src/test/java/org/apache/cloudstack/network/contrail/management/MockAccountManager.java
@@ -236,6 +236,12 @@ public class MockAccountManager extends ManagerBase implements AccountManager {
         return false;
     }
 
+    @Override
+    public boolean isResourceDomainAdmin(Long accountId) {
+        // TODO Auto-generated method stub
+        return false;
+    }
+
     @Override
     public boolean isNormalUser(long accountId) {
         // TODO Auto-generated method stub
diff --git a/server/src/main/java/com/cloud/api/query/QueryManagerImpl.java b/server/src/main/java/com/cloud/api/query/QueryManagerImpl.java
index a2edc05a492..7c8c9ae28c8 100644
--- a/server/src/main/java/com/cloud/api/query/QueryManagerImpl.java
+++ b/server/src/main/java/com/cloud/api/query/QueryManagerImpl.java
@@ -160,7 +160,6 @@ import org.apache.cloudstack.storage.datastore.db.SnapshotDataStoreVO;
 import org.apache.cloudstack.storage.datastore.db.StoragePoolDetailVO;
 import org.apache.cloudstack.storage.datastore.db.StoragePoolDetailsDao;
 import org.apache.cloudstack.storage.datastore.db.StoragePoolVO;
-import org.apache.cloudstack.storage.datastore.db.TemplateDataStoreDao;
 import org.apache.commons.collections.CollectionUtils;
 import org.apache.commons.collections.MapUtils;
 import org.apache.commons.lang3.EnumUtils;
@@ -193,6 +192,7 @@ import com.cloud.api.query.dao.VolumeJoinDao;
 import com.cloud.api.query.vo.AccountJoinVO;
 import com.cloud.api.query.vo.AffinityGroupJoinVO;
 import com.cloud.api.query.vo.AsyncJobJoinVO;
+import com.cloud.api.query.vo.BaseViewWithTagInformationVO;
 import com.cloud.api.query.vo.DataCenterJoinVO;
 import com.cloud.api.query.vo.DiskOfferingJoinVO;
 import com.cloud.api.query.vo.DomainJoinVO;
@@ -246,7 +246,6 @@ import com.cloud.network.RouterHealthCheckResult;
 import com.cloud.network.VNF;
 import com.cloud.network.VpcVirtualNetworkApplianceService;
 import com.cloud.network.as.AutoScaleVmGroupVmMapVO;
-import com.cloud.network.as.dao.AutoScaleVmGroupDao;
 import com.cloud.network.as.dao.AutoScaleVmGroupVmMapDao;
 import com.cloud.network.dao.IPAddressDao;
 import com.cloud.network.dao.IPAddressVO;
@@ -289,7 +288,6 @@ import com.cloud.storage.SnapshotVO;
 import com.cloud.storage.Storage;
 import com.cloud.storage.Storage.ImageFormat;
 import com.cloud.storage.Storage.TemplateType;
-import com.cloud.storage.StorageManager;
 import com.cloud.storage.StoragePool;
 import com.cloud.storage.StoragePoolHostVO;
 import com.cloud.storage.StoragePoolStatus;
@@ -524,9 +522,6 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     @Inject
     ProjectInvitationDao projectInvitationDao;
 
-    @Inject
-    TemplateDataStoreDao templateDataStoreDao;
-
     @Inject
     VMTemplatePoolDao templatePoolDao;
 
@@ -544,8 +539,6 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
 
     @Inject
     ResourceIconDao resourceIconDao;
-    @Inject
-    StorageManager storageManager;
 
     @Inject
     ManagementServerHostDao msHostDao;
@@ -583,9 +576,6 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     @Inject
     BackupOfferingDao backupOfferingDao;
 
-    @Inject
-    AutoScaleVmGroupDao autoScaleVmGroupDao;
-
     @Inject
     AutoScaleVmGroupVmMapDao autoScaleVmGroupVmMapDao;
 
@@ -613,46 +603,6 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     @Inject
     ManagementServerHostPeerJoinDao mshostPeerJoinDao;
 
-
-    private SearchCriteria<ServiceOfferingJoinVO> getMinimumCpuServiceOfferingJoinSearchCriteria(int cpu) {
-        SearchCriteria<ServiceOfferingJoinVO> sc = _srvOfferingJoinDao.createSearchCriteria();
-        SearchCriteria<ServiceOfferingJoinVO> sc1 = _srvOfferingJoinDao.createSearchCriteria();
-        sc1.addAnd("cpu", Op.GTEQ, cpu);
-        sc.addOr("cpu", Op.SC, sc1);
-        SearchCriteria<ServiceOfferingJoinVO> sc2 = _srvOfferingJoinDao.createSearchCriteria();
-        sc2.addAnd("cpu", Op.NULL);
-        sc2.addAnd("maxCpu", Op.NULL);
-        sc.addOr("cpu", Op.SC, sc2);
-        SearchCriteria<ServiceOfferingJoinVO> sc3 = _srvOfferingJoinDao.createSearchCriteria();
-        sc3.addAnd("cpu", Op.NULL);
-        sc3.addAnd("maxCpu", Op.GTEQ, cpu);
-        sc.addOr("cpu", Op.SC, sc3);
-        return sc;
-    }
-
-    private SearchCriteria<ServiceOfferingJoinVO> getMinimumMemoryServiceOfferingJoinSearchCriteria(int memory) {
-        SearchCriteria<ServiceOfferingJoinVO> sc = _srvOfferingJoinDao.createSearchCriteria();
-        SearchCriteria<ServiceOfferingJoinVO> sc1 = _srvOfferingJoinDao.createSearchCriteria();
-        sc1.addAnd("ramSize", Op.GTEQ, memory);
-        sc.addOr("ramSize", Op.SC, sc1);
-        SearchCriteria<ServiceOfferingJoinVO> sc2 = _srvOfferingJoinDao.createSearchCriteria();
-        sc2.addAnd("ramSize", Op.NULL);
-        sc2.addAnd("maxMemory", Op.NULL);
-        sc.addOr("ramSize", Op.SC, sc2);
-        SearchCriteria<ServiceOfferingJoinVO> sc3 = _srvOfferingJoinDao.createSearchCriteria();
-        sc3.addAnd("ramSize", Op.NULL);
-        sc3.addAnd("maxMemory", Op.GTEQ, memory);
-        sc.addOr("ramSize", Op.SC, sc3);
-        return sc;
-    }
-
-    private SearchCriteria<ServiceOfferingJoinVO> getMinimumCpuSpeedServiceOfferingJoinSearchCriteria(int speed) {
-        SearchCriteria<ServiceOfferingJoinVO> sc = _srvOfferingJoinDao.createSearchCriteria();
-        sc.addOr("speed", Op.GTEQ, speed);
-        sc.addOr("speed", Op.NULL);
-        return sc;
-    }
-
     /*
      * (non-Javadoc)
      *
@@ -668,7 +618,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
             responseView = ResponseView.Full;
         }
         List<UserResponse> userResponses = ViewResponseHelper.createUserResponse(responseView, CallContext.current().getCallingAccount().getDomainId(),
-                result.first().toArray(new UserAccountJoinVO[result.first().size()]));
+                result.first().toArray(new UserAccountJoinVO[0]));
         response.setResponses(userResponses, result.second());
         return response;
     }
@@ -676,17 +626,13 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     public ListResponse<UserResponse> searchForUsers(Long domainId, boolean recursive) throws PermissionDeniedException {
         Account caller = CallContext.current().getCallingAccount();
 
-        List<Long> permittedAccounts = new ArrayList<Long>();
+        List<Long> permittedAccounts = new ArrayList<>();
 
         boolean listAll = true;
         Long id = null;
 
         if (caller.getType() == Account.Type.NORMAL) {
-            long currentId = CallContext.current().getCallingUser().getId();
-            if (id != null && currentId != id.longValue()) {
-                throw new PermissionDeniedException("Calling user is not authorized to see the user requested by id");
-            }
-            id = currentId;
+            id = CallContext.current().getCallingUser().getId();
         }
         Object username = null;
         Object type = null;
@@ -696,9 +642,9 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
 
         Pair<List<UserAccountJoinVO>, Integer> result =  getUserListInternal(caller, permittedAccounts, listAll, id,
                 username, type, accountName, state, keyword, null, domainId, recursive, null);
-        ListResponse<UserResponse> response = new ListResponse<UserResponse>();
+        ListResponse<UserResponse> response = new ListResponse<>();
         List<UserResponse> userResponses = ViewResponseHelper.createUserResponse(ResponseView.Restricted, CallContext.current().getCallingAccount().getDomainId(),
-                result.first().toArray(new UserAccountJoinVO[result.first().size()]));
+                result.first().toArray(new UserAccountJoinVO[0]));
         response.setResponses(userResponses, result.second());
         return response;
     }
@@ -706,13 +652,13 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     private Pair<List<UserAccountJoinVO>, Integer> searchForUsersInternal(ListUsersCmd cmd) throws PermissionDeniedException {
         Account caller = CallContext.current().getCallingAccount();
 
-        List<Long> permittedAccounts = new ArrayList<Long>();
+        List<Long> permittedAccounts = new ArrayList<>();
 
         boolean listAll = cmd.listAll();
         Long id = cmd.getId();
         if (caller.getType() == Account.Type.NORMAL) {
             long currentId = CallContext.current().getCallingUser().getId();
-            if (id != null && currentId != id.longValue()) {
+            if (id != null && currentId != id) {
                 throw new PermissionDeniedException("Calling user is not authorized to see the user requested by id");
             }
             id = currentId;
@@ -736,7 +682,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
 
     private Pair<List<UserAccountJoinVO>, Integer> getUserListInternal(Account caller, List<Long> permittedAccounts, boolean listAll, Long id, Object username, Object type,
             String accountName, Object state, String keyword, String apiKeyAccess, Long domainId, boolean recursive, Filter searchFilter) {
-        Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<Long, Boolean, ListProjectResourcesCriteria>(domainId, recursive, null);
+        Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<>(domainId, recursive, null);
         accountMgr.buildACLSearchParameters(caller, id, accountName, null, permittedAccounts, domainIdRecursiveListProject, listAll, false);
         domainId = domainIdRecursiveListProject.first();
         Boolean isRecursive = domainIdRecursiveListProject.second();
@@ -747,8 +693,8 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         sb.and("username", sb.entity().getUsername(), Op.LIKE);
         if (id != null && id == 1) {
             // system user should NOT be searchable
-            List<UserAccountJoinVO> emptyList = new ArrayList<UserAccountJoinVO>();
-            return new Pair<List<UserAccountJoinVO>, Integer>(emptyList, 0);
+            List<UserAccountJoinVO> emptyList = new ArrayList<>();
+            return new Pair<>(emptyList, 0);
         } else if (id != null) {
             sb.and("id", sb.entity().getId(), Op.EQ);
         } else {
@@ -834,7 +780,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     public ListResponse<EventResponse> searchForEvents(ListEventsCmd cmd) {
         Pair<List<EventJoinVO>, Integer> result = searchForEventsInternal(cmd);
         ListResponse<EventResponse> response = new ListResponse<>();
-        List<EventResponse> eventResponses = ViewResponseHelper.createEventResponse(result.first().toArray(new EventJoinVO[result.first().size()]));
+        List<EventResponse> eventResponses = ViewResponseHelper.createEventResponse(result.first().toArray(new EventJoinVO[0]));
         response.setResponses(eventResponses, result.second());
         return response;
     }
@@ -1034,7 +980,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     public ListResponse<ResourceTagResponse> listTags(ListTagsCmd cmd) {
         Pair<List<ResourceTagJoinVO>, Integer> tags = listTagsInternal(cmd);
         ListResponse<ResourceTagResponse> response = new ListResponse<>();
-        List<ResourceTagResponse> tagResponses = ViewResponseHelper.createResourceTagResponse(false, tags.first().toArray(new ResourceTagJoinVO[tags.first().size()]));
+        List<ResourceTagResponse> tagResponses = ViewResponseHelper.createResourceTagResponse(false, tags.first().toArray(new ResourceTagJoinVO[0]));
         response.setResponses(tagResponses, tags.second());
         return response;
     }
@@ -1120,7 +1066,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     public ListResponse<InstanceGroupResponse> searchForVmGroups(ListVMGroupsCmd cmd) {
         Pair<List<InstanceGroupJoinVO>, Integer> groups = searchForVmGroupsInternal(cmd);
         ListResponse<InstanceGroupResponse> response = new ListResponse<>();
-        List<InstanceGroupResponse> grpResponses = ViewResponseHelper.createInstanceGroupResponse(groups.first().toArray(new InstanceGroupJoinVO[groups.first().size()]));
+        List<InstanceGroupResponse> grpResponses = ViewResponseHelper.createInstanceGroupResponse(groups.first().toArray(new InstanceGroupJoinVO[0]));
         response.setResponses(grpResponses, groups.second());
         return response;
     }
@@ -1183,7 +1129,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
             respView = ResponseView.Full;
         }
         List<UserVmResponse> vmResponses = ViewResponseHelper.createUserVmResponse(respView, "virtualmachine", cmd.getDetails(), cmd.getAccumulate(), cmd.getShowUserData(),
-                result.first().toArray(new UserVmJoinVO[result.first().size()]));
+                result.first().toArray(new UserVmJoinVO[0]));
 
         response.setResponses(vmResponses, result.second());
         return response;
@@ -1462,11 +1408,11 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
             resourceTagSearch.and().op();
             for (int count = 0; count < tags.size(); count++) {
                 if (count == 0) {
-                    resourceTagSearch.op("tagKey" + String.valueOf(count), resourceTagSearch.entity().getKey(), Op.EQ);
+                    resourceTagSearch.op("tagKey" + count, resourceTagSearch.entity().getKey(), Op.EQ);
                 } else {
-                    resourceTagSearch.or().op("tagKey" + String.valueOf(count), resourceTagSearch.entity().getKey(), Op.EQ);
+                    resourceTagSearch.or().op("tagKey" + count, resourceTagSearch.entity().getKey(), Op.EQ);
                 }
-                resourceTagSearch.and("tagValue" + String.valueOf(count), resourceTagSearch.entity().getValue(), Op.EQ);
+                resourceTagSearch.and("tagValue" + count, resourceTagSearch.entity().getValue(), Op.EQ);
                 resourceTagSearch.cp();
             }
             resourceTagSearch.cp();
@@ -1621,8 +1567,8 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
             int count = 0;
             userVmSearchCriteria.setJoinParameters("tags","resourceType", ResourceObjectType.UserVm);
             for (Map.Entry<String, String> entry : tags.entrySet()) {
-                userVmSearchCriteria.setJoinParameters("tags", "tagKey" + String.valueOf(count), entry.getKey());
-                userVmSearchCriteria.setJoinParameters("tags", "tagValue" + String.valueOf(count), entry.getValue());
+                userVmSearchCriteria.setJoinParameters("tags", "tagKey" + count, entry.getKey());
+                userVmSearchCriteria.setJoinParameters("tags", "tagValue" + count, entry.getValue());
                 count++;
             }
         }
@@ -1685,11 +1631,10 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
                 userVmSearchCriteria.setParameters("hostId", hostId);
             }
 
-            if (storageId != null && pool != null) {
+            if (storageId != null) {
                 if (pool.getPoolType().equals(Storage.StoragePoolType.DatastoreCluster)) {
                     List<StoragePoolVO> childDatastores = storagePoolDao.listChildStoragePoolsInDatastoreCluster(storageId);
-                    List<Long> childDatastoreIds = childDatastores.stream().map(mo -> mo.getId()).collect(Collectors.toList());
-                    userVmSearchCriteria.setJoinParameters("volume", "storagePoolId", childDatastoreIds.toArray());
+                    userVmSearchCriteria.setJoinParameters("volume", "storagePoolId", childDatastores.stream().map(StoragePoolVO::getId).toArray());
                 } else {
                     userVmSearchCriteria.setJoinParameters("volume", "storagePoolId", storageId);
                 }
@@ -1729,7 +1674,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
                 throw new InvalidParameterValueException("Unable to list network groups for virtual machine instance " + instanceId + "; instance not found.");
             }
             accountMgr.checkAccess(caller, null, true, userVM);
-            return listSecurityGroupRulesByVM(instanceId.longValue(), cmd.getStartIndex(), cmd.getPageSizeVal());
+            return listSecurityGroupRulesByVM(instanceId, cmd.getStartIndex(), cmd.getPageSizeVal());
         }
 
         Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<>(cmd.getDomainId(), cmd.isRecursive(), null);
@@ -1779,7 +1724,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         // search security group together with rules
         Pair<List<SecurityGroupJoinVO>, Integer> uniqueSgPair = _securityGroupJoinDao.searchAndCount(sc, searchFilter);
         Integer count = uniqueSgPair.second();
-        if (count.intValue() == 0) {
+        if (count == 0) {
             // handle empty result cases
             return uniqueSgPair;
         }
@@ -1798,7 +1743,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         Filter sf = new Filter(SecurityGroupVMMapVO.class, null, true, pageInd, pageSize);
         Pair<List<SecurityGroupVMMapVO>, Integer> sgVmMappingPair = securityGroupVMMapDao.listByInstanceId(vmId, sf);
         Integer count = sgVmMappingPair.second();
-        if (count.intValue() == 0) {
+        if (count == 0) {
             // handle empty result cases
             return new Pair<>(new ArrayList<>(), count);
         }
@@ -1817,7 +1762,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         Pair<List<DomainRouterJoinVO>, Integer> result = searchForRoutersInternal(cmd, cmd.getId(), cmd.getRouterName(), cmd.getState(), cmd.getZoneId(), cmd.getPodId(), cmd.getClusterId(),
                 cmd.getHostId(), cmd.getKeyword(), cmd.getNetworkId(), cmd.getVpcId(), cmd.getForVpc(), cmd.getRole(), cmd.getVersion(), cmd.isHealthCheckFailed());
         ListResponse<DomainRouterResponse> response = new ListResponse<>();
-        List<DomainRouterResponse> routerResponses = ViewResponseHelper.createDomainRouterResponse(result.first().toArray(new DomainRouterJoinVO[result.first().size()]));
+        List<DomainRouterResponse> routerResponses = ViewResponseHelper.createDomainRouterResponse(result.first().toArray(new DomainRouterJoinVO[0]));
         if (VirtualNetworkApplianceManager.RouterHealthChecksEnabled.value()) {
             for (DomainRouterResponse res : routerResponses) {
                 DomainRouterVO resRouter = _routerDao.findByUuid(res.getId());
@@ -1837,7 +1782,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         Pair<List<DomainRouterJoinVO>, Integer> result = searchForRoutersInternal(cmd, cmd.getId(), cmd.getRouterName(), cmd.getState(), cmd.getZoneId(), cmd.getPodId(), null, cmd.getHostId(),
                 cmd.getKeyword(), cmd.getNetworkId(), cmd.getVpcId(), cmd.getForVpc(), cmd.getRole(), null, null);
         ListResponse<DomainRouterResponse> response = new ListResponse<>();
-        List<DomainRouterResponse> routerResponses = ViewResponseHelper.createDomainRouterResponse(result.first().toArray(new DomainRouterJoinVO[result.first().size()]));
+        List<DomainRouterResponse> routerResponses = ViewResponseHelper.createDomainRouterResponse(result.first().toArray(new DomainRouterJoinVO[0]));
         if (VirtualNetworkApplianceManager.RouterHealthChecksEnabled.value()) {
             for (DomainRouterResponse res : routerResponses) {
                 DomainRouterVO resRouter = _routerDao.findByUuid(res.getId());
@@ -1978,13 +1923,13 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         }
 
         if (routersWithFailures != null && ! routersWithFailures.isEmpty()) {
-            sc.setParameters("routerId", routersWithFailures.toArray(new Object[routersWithFailures.size()]));
+            sc.setParameters("routerId", routersWithFailures.toArray(new Object[0]));
         }
 
         // search VR details by ids
         Pair<List<DomainRouterJoinVO>, Integer> uniqueVrPair = _routerJoinDao.searchAndCount(sc, searchFilter);
         Integer count = uniqueVrPair.second();
-        if (count.intValue() == 0) {
+        if (count == 0) {
             // empty result
             return uniqueVrPair;
         }
@@ -2002,7 +1947,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     public ListResponse<ProjectResponse> listProjects(ListProjectsCmd cmd) {
         Pair<List<ProjectJoinVO>, Integer> projects = listProjectsInternal(cmd);
         ListResponse<ProjectResponse> response = new ListResponse<>();
-        List<ProjectResponse> projectResponses = ViewResponseHelper.createProjectResponse(cmd.getDetails(), projects.first().toArray(new ProjectJoinVO[projects.first().size()]));
+        List<ProjectResponse> projectResponses = ViewResponseHelper.createProjectResponse(cmd.getDetails(), projects.first().toArray(new ProjectJoinVO[0]));
         response.setResponses(projectResponses, projects.second());
         return response;
     }
@@ -2158,7 +2103,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         // search distinct projects to get count
         Pair<List<ProjectJoinVO>, Integer> uniquePrjPair = _projectJoinDao.searchAndCount(sc, searchFilter);
         Integer count = uniquePrjPair.second();
-        if (count.intValue() == 0) {
+        if (count == 0) {
             // handle empty result cases
             return uniquePrjPair;
         }
@@ -2176,7 +2121,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     public ListResponse<ProjectInvitationResponse> listProjectInvitations(ListProjectInvitationsCmd cmd) {
         Pair<List<ProjectInvitationJoinVO>, Integer> invites = listProjectInvitationsInternal(cmd);
         ListResponse<ProjectInvitationResponse> response = new ListResponse<>();
-        List<ProjectInvitationResponse> projectInvitationResponses = ViewResponseHelper.createProjectInvitationResponse(invites.first().toArray(new ProjectInvitationJoinVO[invites.first().size()]));
+        List<ProjectInvitationResponse> projectInvitationResponses = ViewResponseHelper.createProjectInvitationResponse(invites.first().toArray(new ProjectInvitationJoinVO[0]));
 
         response.setResponses(projectInvitationResponses, invites.second());
         return response;
@@ -2252,7 +2197,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     public ListResponse<ProjectAccountResponse> listProjectAccounts(ListProjectAccountsCmd cmd) {
         Pair<List<ProjectAccountJoinVO>, Integer> projectAccounts = listProjectAccountsInternal(cmd);
         ListResponse<ProjectAccountResponse> response = new ListResponse<>();
-        List<ProjectAccountResponse> projectResponses = ViewResponseHelper.createProjectAccountResponse(projectAccounts.first().toArray(new ProjectAccountJoinVO[projectAccounts.first().size()]));
+        List<ProjectAccountResponse> projectResponses = ViewResponseHelper.createProjectAccountResponse(projectAccounts.first().toArray(new ProjectAccountJoinVO[0]));
         response.setResponses(projectResponses, projectAccounts.second());
         return response;
     }
@@ -2327,7 +2272,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         Pair<List<HostJoinVO>, Integer> hosts = searchForServersInternal(cmd);
         ListResponse<HostResponse> response = new ListResponse<>();
         logger.debug(">>>Generating Response>>>");
-        List<HostResponse> hostResponses = ViewResponseHelper.createHostResponse(cmd.getDetails(), hosts.first().toArray(new HostJoinVO[hosts.first().size()]));
+        List<HostResponse> hostResponses = ViewResponseHelper.createHostResponse(cmd.getDetails(), hosts.first().toArray(new HostJoinVO[0]));
         response.setResponses(hostResponses, hosts.second());
         return response;
     }
@@ -2357,7 +2302,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         Object outOfBandManagementEnabled = cmd.isOutOfBandManagementEnabled();
         Object powerState = cmd.getHostOutOfBandManagementPowerState();
         Object resourceState = cmd.getResourceState();
-        Object haHosts = cmd.getHaHost();
+        Boolean haHosts = cmd.getHaHost();
         Long startIndex = cmd.getStartIndex();
         Long pageSize = cmd.getPageSizeVal();
         Hypervisor.HypervisorType hypervisorType = cmd.getHypervisor();
@@ -2397,7 +2342,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         String haTag = _haMgr.getHaTag();
         if (haHosts != null && haTag != null && !haTag.isEmpty()) {
             SearchBuilder<HostTagVO> hostTagSearchBuilder = _hostTagDao.createSearchBuilder();
-            if ((Boolean)haHosts) {
+            if (haHosts) {
                 hostTagSearchBuilder.and("tag", hostTagSearchBuilder.entity().getTag(), SearchCriteria.Op.EQ);
             } else {
                 hostTagSearchBuilder.and().op("tag", hostTagSearchBuilder.entity().getTag(), Op.NEQ);
@@ -2484,7 +2429,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
             respView = ResponseView.Full;
         }
 
-        List<VolumeResponse> volumeResponses = ViewResponseHelper.createVolumeResponse(respView, result.first().toArray(new VolumeJoinVO[result.first().size()]));
+        List<VolumeResponse> volumeResponses = ViewResponseHelper.createVolumeResponse(respView, result.first().toArray(new VolumeJoinVO[0]));
 
         for (VolumeResponse vr : volumeResponses) {
             String poolId = vr.getStoragePoolId();
@@ -2852,7 +2797,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
             respView = ResponseView.Full;
         }
 
-        List<AccountResponse> accountResponses = ViewResponseHelper.createAccountResponse(respView, cmd.getDetails(), result.first().toArray(new AccountJoinVO[result.first().size()]));
+        List<AccountResponse> accountResponses = ViewResponseHelper.createAccountResponse(respView, cmd.getDetails(), result.first().toArray(new AccountJoinVO[0]));
         response.setResponses(accountResponses, result.second());
         return response;
     }
@@ -3032,7 +2977,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     public ListResponse<AsyncJobResponse> searchForAsyncJobs(ListAsyncJobsCmd cmd) {
         Pair<List<AsyncJobJoinVO>, Integer> result = searchForAsyncJobsInternal(cmd);
         ListResponse<AsyncJobResponse> response = new ListResponse<>();
-        List<AsyncJobResponse> jobResponses = ViewResponseHelper.createAsyncJobResponse(result.first().toArray(new AsyncJobJoinVO[result.first().size()]));
+        List<AsyncJobResponse> jobResponses = ViewResponseHelper.createAsyncJobResponse(result.first().toArray(new AsyncJobJoinVO[0]));
         response.setResponses(jobResponses, result.second());
         return response;
     }
@@ -3149,7 +3094,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     private ListResponse<StoragePoolResponse> createStoragesPoolResponse(Pair<List<StoragePoolJoinVO>, Integer> storagePools, boolean getCustomStats) {
         ListResponse<StoragePoolResponse> response = new ListResponse<>();
 
-        List<StoragePoolResponse> poolResponses = ViewResponseHelper.createStoragePoolResponse(getCustomStats, storagePools.first().toArray(new StoragePoolJoinVO[storagePools.first().size()]));
+        List<StoragePoolResponse> poolResponses = ViewResponseHelper.createStoragePoolResponse(getCustomStats, storagePools.first().toArray(new StoragePoolJoinVO[0]));
         Map<String, Long> poolUuidToIdMap = storagePools.first().stream().collect(Collectors.toMap(StoragePoolJoinVO::getUuid, StoragePoolJoinVO::getId, (a, b) -> a));
         for (StoragePoolResponse poolResponse : poolResponses) {
             DataStore store = dataStoreManager.getPrimaryDataStore(poolResponse.getId());
@@ -3202,16 +3147,16 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
 
     @Override
     public ListResponse<StorageTagResponse> searchForStorageTags(ListStorageTagsCmd cmd) {
-        Pair<List<StoragePoolTagVO>, Integer> result = searchForStorageTagsInternal(cmd);
+        Pair<List<StoragePoolTagVO>, Integer> result = searchForStorageTagsInternal();
         ListResponse<StorageTagResponse> response = new ListResponse<>();
-        List<StorageTagResponse> tagResponses = ViewResponseHelper.createStorageTagResponse(result.first().toArray(new StoragePoolTagVO[result.first().size()]));
+        List<StorageTagResponse> tagResponses = ViewResponseHelper.createStorageTagResponse(result.first().toArray(new StoragePoolTagVO[0]));
 
         response.setResponses(tagResponses, result.second());
 
         return response;
     }
 
-    private Pair<List<StoragePoolTagVO>, Integer> searchForStorageTagsInternal(ListStorageTagsCmd cmd) {
+    private Pair<List<StoragePoolTagVO>, Integer> searchForStorageTagsInternal() {
         Filter searchFilter = new Filter(StoragePoolTagVO.class, "id", Boolean.TRUE, null, null);
 
         SearchBuilder<StoragePoolTagVO> sb = _storageTagDao.createSearchBuilder();
@@ -3224,7 +3169,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         Pair<List<StoragePoolTagVO>, Integer> uniqueTagPair = _storageTagDao.searchAndCount(sc, searchFilter);
         Integer count = uniqueTagPair.second();
 
-        if (count.intValue() == 0) {
+        if (count == 0) {
             return uniqueTagPair;
         }
 
@@ -3243,16 +3188,16 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
 
     @Override
     public ListResponse<HostTagResponse> searchForHostTags(ListHostTagsCmd cmd) {
-        Pair<List<HostTagVO>, Integer> result = searchForHostTagsInternal(cmd);
+        Pair<List<HostTagVO>, Integer> result = searchForHostTagsInternal();
         ListResponse<HostTagResponse> response = new ListResponse<>();
-        List<HostTagResponse> tagResponses = ViewResponseHelper.createHostTagResponse(result.first().toArray(new HostTagVO[result.first().size()]));
+        List<HostTagResponse> tagResponses = ViewResponseHelper.createHostTagResponse(result.first().toArray(new HostTagVO[0]));
 
         response.setResponses(tagResponses, result.second());
 
         return response;
     }
 
-    private Pair<List<HostTagVO>, Integer> searchForHostTagsInternal(ListHostTagsCmd cmd) {
+    private Pair<List<HostTagVO>, Integer> searchForHostTagsInternal() {
         Filter searchFilter = new Filter(HostTagVO.class, "id", Boolean.TRUE, null, null);
 
         SearchBuilder<HostTagVO> sb = _hostTagDao.createSearchBuilder();
@@ -3265,7 +3210,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         Pair<List<HostTagVO>, Integer> uniqueTagPair = _hostTagDao.searchAndCount(sc, searchFilter);
         Integer count = uniqueTagPair.second();
 
-        if (count.intValue() == 0) {
+        if (count == 0) {
             return uniqueTagPair;
         }
 
@@ -3287,7 +3232,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         Pair<List<ImageStoreJoinVO>, Integer> result = searchForImageStoresInternal(cmd);
         ListResponse<ImageStoreResponse> response = new ListResponse<>();
 
-        List<ImageStoreResponse> poolResponses = ViewResponseHelper.createImageStoreResponse(result.first().toArray(new ImageStoreJoinVO[result.first().size()]));
+        List<ImageStoreResponse> poolResponses = ViewResponseHelper.createImageStoreResponse(result.first().toArray(new ImageStoreJoinVO[0]));
         response.setResponses(poolResponses, result.second());
         return response;
     }
@@ -3351,7 +3296,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         // search Store details by ids
         Pair<List<ImageStoreJoinVO>, Integer> uniqueStorePair = _imageStoreJoinDao.searchAndCount(sc, searchFilter);
         Integer count = uniqueStorePair.second();
-        if (count.intValue() == 0) {
+        if (count == 0) {
             // empty result
             return uniqueStorePair;
         }
@@ -3371,7 +3316,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         Pair<List<ImageStoreJoinVO>, Integer> result = searchForCacheStoresInternal(cmd);
         ListResponse<ImageStoreResponse> response = new ListResponse<>();
 
-        List<ImageStoreResponse> poolResponses = ViewResponseHelper.createImageStoreResponse(result.first().toArray(new ImageStoreJoinVO[result.first().size()]));
+        List<ImageStoreResponse> poolResponses = ViewResponseHelper.createImageStoreResponse(result.first().toArray(new ImageStoreJoinVO[0]));
         response.setResponses(poolResponses, result.second());
         return response;
     }
@@ -3430,7 +3375,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         // search Store details by ids
         Pair<List<ImageStoreJoinVO>, Integer> uniqueStorePair = _imageStoreJoinDao.searchAndCount(sc, searchFilter);
         Integer count = uniqueStorePair.second();
-        if (count.intValue() == 0) {
+        if (count == 0) {
             // empty result
             return uniqueStorePair;
         }
@@ -3497,10 +3442,10 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         Object id = cmd.getId();
         Object keyword = cmd.getKeyword();
         Long domainId = cmd.getDomainId();
-        Boolean isRootAdmin = accountMgr.isRootAdmin(account.getAccountId());
+        boolean isRootAdmin = accountMgr.isRootAdmin(account.getAccountId());
         Long projectId = cmd.getProjectId();
         String accountName = cmd.getAccountName();
-        Boolean isRecursive = cmd.isRecursive();
+        boolean isRecursive = cmd.isRecursive();
         Long zoneId = cmd.getZoneId();
         Long volumeId = cmd.getVolumeId();
         Long storagePoolId = cmd.getStoragePoolId();
@@ -3726,12 +3671,12 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     }
 
     private List<Long> findRelatedDomainIds(Domain domain, boolean isRecursive) {
-        List<Long> domainIds = _domainDao.getDomainParentIds(domain.getId())
-            .stream().collect(Collectors.toList());
+        List<Long> domainIds = new ArrayList<>(_domainDao.getDomainParentIds(domain.getId()));
         if (isRecursive) {
             List<Long> childrenIds = _domainDao.getDomainChildrenIds(domain.getPath());
-            if (childrenIds != null && !childrenIds.isEmpty())
-            domainIds.addAll(childrenIds);
+            if (childrenIds != null && !childrenIds.isEmpty()) {
+                domainIds.addAll(childrenIds);
+            }
         }
         return domainIds;
     }
@@ -3741,7 +3686,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         Pair<List<ServiceOfferingJoinVO>, Integer> result = searchForServiceOfferingsInternal(cmd);
         result.first();
         ListResponse<ServiceOfferingResponse> response = new ListResponse<>();
-        List<ServiceOfferingResponse> offeringResponses = ViewResponseHelper.createServiceOfferingResponse(result.first().toArray(new ServiceOfferingJoinVO[result.first().size()]));
+        List<ServiceOfferingResponse> offeringResponses = ViewResponseHelper.createServiceOfferingResponse(result.first().toArray(new ServiceOfferingJoinVO[0]));
         response.setResponses(offeringResponses, result.second());
         return response;
     }
@@ -3800,7 +3745,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         String vmTypeStr = cmd.getSystemVmType();
         ServiceOfferingVO currentVmOffering = null;
         DiskOfferingVO diskOffering = null;
-        Boolean isRecursive = cmd.isRecursive();
+        boolean isRecursive = cmd.isRecursive();
         Long zoneId = cmd.getZoneId();
         Integer cpuNumber = cmd.getCpuNumber();
         Integer memory = cmd.getMemory();
@@ -3808,7 +3753,6 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         Boolean encryptRoot = cmd.getEncryptRoot();
         String storageType = cmd.getStorageType();
         ServiceOffering.State state = cmd.getState();
-        final Long templateId = cmd.getTemplateId();
 
         final Account owner = accountMgr.finalizeOwner(caller, accountName, domainId, projectId);
 
@@ -4274,7 +4218,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
             respView = ResponseView.Full;
         }
 
-        List<ZoneResponse> dcResponses = ViewResponseHelper.createDataCenterResponse(respView, cmd.getShowCapacities(), cmd.getShowIcon(), result.first().toArray(new DataCenterJoinVO[result.first().size()]));
+        List<ZoneResponse> dcResponses = ViewResponseHelper.createDataCenterResponse(respView, cmd.getShowCapacities(), cmd.getShowIcon(), result.first().toArray(new DataCenterJoinVO[0]));
         response.setResponses(dcResponses, result.second());
         return response;
     }
@@ -4282,7 +4226,11 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     private Pair<List<DataCenterJoinVO>, Integer> listDataCentersInternal(ListZonesCmd cmd) {
         Account account = CallContext.current().getCallingAccount();
         Long domainId = cmd.getDomainId();
-        Long id = cmd.getId();
+        Long zoneId = cmd.getId();
+        if( ! AllowUserViewAllDataCenters.valueInDomain(account.getDomainId())) {
+            zoneId = accountMgr.checkAccessAndSpecifyAuthority(CallContext.current().getCallingAccount(), zoneId);
+            logger.debug("not allowing users to view all zones ; selected zone is = {}", zoneId);
+        }
         List<Long> ids = getIdsListFromCmd(cmd.getId(), cmd.getIds());
         String keyword = cmd.getKeyword();
         String name = cmd.getName();
@@ -4293,8 +4241,8 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         if (resourceTags != null && !resourceTags.isEmpty()) {
             SearchBuilder<ResourceTagVO> tagSearch = resourceTagDao.createSearchBuilder();
             for (int count = 0; count < resourceTags.size(); count++) {
-                tagSearch.or().op("key" + String.valueOf(count), tagSearch.entity().getKey(), SearchCriteria.Op.EQ);
-                tagSearch.and("value" + String.valueOf(count), tagSearch.entity().getValue(), SearchCriteria.Op.EQ);
+                tagSearch.or().op("key" + count, tagSearch.entity().getKey(), SearchCriteria.Op.EQ);
+                tagSearch.and("value" + count, tagSearch.entity().getValue(), SearchCriteria.Op.EQ);
                 tagSearch.cp();
             }
             tagSearch.and("resourceType", tagSearch.entity().getResourceType(), SearchCriteria.Op.EQ);
@@ -4314,8 +4262,8 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
             sc.addAnd("id", SearchCriteria.Op.IN, ids.toArray());
         }
 
-        if (id != null) {
-            sc.addAnd("id", SearchCriteria.Op.EQ, id);
+        if (zoneId != null) {
+            sc.addAnd("id", SearchCriteria.Op.EQ, zoneId);
         } else if (name != null) {
             sc.addAnd("name", SearchCriteria.Op.EQ, name);
         } else {
@@ -4326,109 +4274,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
                 sc.addAnd("name", SearchCriteria.Op.SC, ssc);
             }
 
-            /*
-             * List all resources due to Explicit Dedication except the
-             * dedicated resources of other account
-             */
-            if (domainId != null) { //
-                // for domainId != null // right now, we made the decision to
-                // only list zones associated // with this domain, private zone
-                sc.addAnd("domainId", SearchCriteria.Op.EQ, domainId);
-
-                if (accountMgr.isNormalUser(account.getId())) {
-                    // accountId == null (zones dedicated to a domain) or
-                    // accountId = caller
-                    SearchCriteria<DataCenterJoinVO> sdc = _dcJoinDao.createSearchCriteria();
-                    sdc.addOr("accountId", SearchCriteria.Op.EQ, account.getId());
-                    sdc.addOr("accountId", SearchCriteria.Op.NULL);
-
-                    sc.addAnd("accountId", SearchCriteria.Op.SC, sdc);
-                }
-
-            } else if (accountMgr.isNormalUser(account.getId())) {
-                // it was decided to return all zones for the user's domain, and
-                // everything above till root
-                // list all zones belonging to this domain, and all of its
-                // parents
-                // check the parent, if not null, add zones for that parent to
-                // list
-
-                // find all domain Id up to root domain for this account
-                List<Long> domainIds = new ArrayList<>();
-                DomainVO domainRecord = _domainDao.findById(account.getDomainId());
-                if (domainRecord == null) {
-                    logger.error("Could not find the domainId for account: {}", account);
-                    throw new CloudAuthenticationException("Could not find the domainId for account:" + account.getAccountName());
-                }
-                domainIds.add(domainRecord.getId());
-                while (domainRecord.getParent() != null) {
-                    domainRecord = _domainDao.findById(domainRecord.getParent());
-                    domainIds.add(domainRecord.getId());
-                }
-                // domainId == null (public zones) or domainId IN [all domain id
-                // up to root domain]
-                SearchCriteria<DataCenterJoinVO> sdc = _dcJoinDao.createSearchCriteria();
-                sdc.addOr("domainId", SearchCriteria.Op.IN, domainIds.toArray());
-                sdc.addOr("domainId", SearchCriteria.Op.NULL);
-                sc.addAnd("domainId", SearchCriteria.Op.SC, sdc);
-
-                // remove disabled zones
-                sc.addAnd("allocationState", SearchCriteria.Op.NEQ, Grouping.AllocationState.Disabled);
-
-                // accountId == null (zones dedicated to a domain) or
-                // accountId = caller
-                SearchCriteria<DataCenterJoinVO> sdc2 = _dcJoinDao.createSearchCriteria();
-                sdc2.addOr("accountId", SearchCriteria.Op.EQ, account.getId());
-                sdc2.addOr("accountId", SearchCriteria.Op.NULL);
-
-                sc.addAnd("accountId", SearchCriteria.Op.SC, sdc2);
-
-                // remove Dedicated zones not dedicated to this domainId or
-                // subdomainId
-                List<Long> dedicatedZoneIds = removeDedicatedZoneNotSuitabe(domainIds);
-                if (!dedicatedZoneIds.isEmpty()) {
-                    sdc.addAnd("id", SearchCriteria.Op.NIN, dedicatedZoneIds.toArray(new Object[dedicatedZoneIds.size()]));
-                }
-
-            } else if (accountMgr.isDomainAdmin(account.getId()) || account.getType() == Account.Type.RESOURCE_DOMAIN_ADMIN) {
-                // it was decided to return all zones for the domain admin, and
-                // everything above till root, as well as zones till the domain
-                // leaf
-                List<Long> domainIds = new ArrayList<>();
-                DomainVO domainRecord = _domainDao.findById(account.getDomainId());
-                if (domainRecord == null) {
-                    logger.error("Could not find the domainId for account: {}", account);
-                    throw new CloudAuthenticationException("Could not find the domainId for account:" + account.getAccountName());
-                }
-                domainIds.add(domainRecord.getId());
-                // find all domain Ids till leaf
-                List<DomainVO> allChildDomains = _domainDao.findAllChildren(domainRecord.getPath(), domainRecord.getId());
-                for (DomainVO domain : allChildDomains) {
-                    domainIds.add(domain.getId());
-                }
-                // then find all domain Id up to root domain for this account
-                while (domainRecord.getParent() != null) {
-                    domainRecord = _domainDao.findById(domainRecord.getParent());
-                    domainIds.add(domainRecord.getId());
-                }
-
-                // domainId == null (public zones) or domainId IN [all domain id
-                // up to root domain]
-                SearchCriteria<DataCenterJoinVO> sdc = _dcJoinDao.createSearchCriteria();
-                sdc.addOr("domainId", SearchCriteria.Op.IN, domainIds.toArray());
-                sdc.addOr("domainId", SearchCriteria.Op.NULL);
-                sc.addAnd("domainId", SearchCriteria.Op.SC, sdc);
-
-                // remove disabled zones
-                sc.addAnd("allocationState", SearchCriteria.Op.NEQ, Grouping.AllocationState.Disabled);
-
-                // remove Dedicated zones not dedicated to this domainId or
-                // subdomainId
-                List<Long> dedicatedZoneIds = removeDedicatedZoneNotSuitabe(domainIds);
-                if (!dedicatedZoneIds.isEmpty()) {
-                    sdc.addAnd("id", SearchCriteria.Op.NIN, dedicatedZoneIds.toArray(new Object[dedicatedZoneIds.size()]));
-                }
-            }
+            buildSearchCriteriaForOwnedExplicitlyDedicatedResources(domainId, sc, account);
 
             // handle available=FALSE option, only return zones with at least
             // one VM running there
@@ -4442,7 +4288,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
                     for (DomainRouterVO router : routers) {
                         dcIds.add(router.getDataCenterId());
                     }
-                    if (dcIds.size() == 0) {
+                    if (dcIds.isEmpty()) {
                         return new Pair<>(new ArrayList<>(), 0);
                     } else {
                         sc.addAnd("id", SearchCriteria.Op.IN, dcIds.toArray());
@@ -4452,25 +4298,147 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
             }
         }
 
-        if (resourceTags != null && !resourceTags.isEmpty()) {
-            int count = 0;
-            sc.setJoinParameters("tagSearch", "resourceType", ResourceObjectType.Zone.toString());
-            for (Map.Entry<String, String> entry : resourceTags.entrySet()) {
-                sc.setJoinParameters("tagSearch", "key" + String.valueOf(count), entry.getKey());
-                sc.setJoinParameters("tagSearch", "value" + String.valueOf(count), entry.getValue());
-                count++;
-            }
-        }
+        buildSearchCriteriaForTags(resourceTags, sc);
 
         return _dcJoinDao.searchAndCount(sc, searchFilter);
     }
 
-    private List<Long> removeDedicatedZoneNotSuitabe(List<Long> domainIds) {
+    private static void buildSearchCriteriaForTags(Map<String, String> resourceTags, SearchCriteria<DataCenterJoinVO> sc) {
+        if (resourceTags != null && !resourceTags.isEmpty()) {
+            int count = 0;
+            sc.setJoinParameters("tagSearch", "resourceType", ResourceObjectType.Zone.toString());
+            for (Map.Entry<String, String> entry : resourceTags.entrySet()) {
+                sc.setJoinParameters("tagSearch", "key" + count, entry.getKey());
+                sc.setJoinParameters("tagSearch", "value" + count, entry.getValue());
+                count++;
+            }
+        }
+    }
+
+    /**
+     * List all resources due to Explicit Dedication except the
+     * dedicated resources of other account
+     */
+    private void buildSearchCriteriaForOwnedExplicitlyDedicatedResources(Long domainId, SearchCriteria<DataCenterJoinVO> sc, Account account) {
+        if (domainId != null) {
+            buildSearchCriteriaForZonesBelongingToDomain(domainId, sc, account);
+        } else if (accountMgr.isNormalUser(account.getId())) {
+            buildSearchCriteriaForUserDomainAndAbove(sc, account);
+        } else if (accountMgr.isDomainAdmin(account.getId()) || accountMgr.isResourceDomainAdmin(account.getId())) {
+            buildSearchCriteriaForDomainAdmins(sc, account);
+        }
+    }
+
+    /**
+     * Return all zones for the domain admin, and everything above till root, as well as zones till the domain leaf
+     */
+    private void buildSearchCriteriaForDomainAdmins(SearchCriteria<DataCenterJoinVO> sc, Account account) {
+        List<Long> domainIds = new ArrayList<>();
+        DomainVO domainRecord = _domainDao.findById(account.getDomainId());
+        if (domainRecord == null) {
+            logger.error("Could not find the domainId for account: {}", account);
+            throw new CloudAuthenticationException("Could not find the domainId for account:" + account.getAccountName());
+        }
+        logger.trace("adding caller's domain {} to the list of domains to search for zones", account.getDomainId());
+        domainIds.add(domainRecord.getId());
+        // find all domain Ids till leaf
+        List<DomainVO> allChildDomains = _domainDao.findAllChildren(domainRecord.getPath(), domainRecord.getId());
+        for (DomainVO domain : allChildDomains) {
+            logger.trace("adding caller domain's child {} to the list of domains to search for zones", domain.getId());
+            domainIds.add(domain.getId());
+        }
+        // then find all domain Id up to root domain for this account
+        while (domainRecord.getParent() != null) {
+            domainRecord = _domainDao.findById(domainRecord.getParent());
+            logger.trace("adding caller domain's ancestor {} to the list of domains to search for zones", domainRecord.getId());
+            domainIds.add(domainRecord.getId());
+        }
+
+        // so search for domainId == null (public zones) or domainId this user has access to
+        SearchCriteria<DataCenterJoinVO> sdc = _dcJoinDao.createSearchCriteria();
+        sdc.addOr("domainId", Op.IN, domainIds.toArray());
+        sdc.addOr("domainId", Op.NULL);
+        sc.addAnd("domainId", Op.SC, sdc);
+
+        // remove disabled zones
+        sc.addAnd("allocationState", Op.NEQ, Grouping.AllocationState.Disabled);
+
+        // remove Dedicated zones not dedicated to this domainId or
+        // subdomainId
+        List<Long> dedicatedZoneIds = removeDedicatedZoneNotSuitable(domainIds);
+        if (!dedicatedZoneIds.isEmpty()) {
+            sdc.addAnd("id", Op.NIN, dedicatedZoneIds.toArray(new Object[0]));
+        }
+    }
+
+    /**
+     * Return all zones for the user's domain, and everything above till root
+     * list all zones belonging to this domain, and all of its parents
+     * check the parent, if not null, add zones for that parent to list
+     */
+    private void buildSearchCriteriaForUserDomainAndAbove(SearchCriteria<DataCenterJoinVO> sc, Account account) {
+
+        // find all domain Id up to root domain for this account
+        List<Long> domainIds = new ArrayList<>();
+        DomainVO domainRecord = _domainDao.findById(account.getDomainId());
+        if (domainRecord == null) {
+            logger.error("Could not find the domainId for account: {}", account);
+            throw new CloudAuthenticationException("Could not find the domainId for account:" + account.getAccountName());
+        }
+        domainIds.add(domainRecord.getId());
+        while (domainRecord.getParent() != null) {
+            domainRecord = _domainDao.findById(domainRecord.getParent());
+            domainIds.add(domainRecord.getId());
+        }
+        // domainId == null (public zones) or domainId IN [all domain id
+        // up to root domain]
+        SearchCriteria<DataCenterJoinVO> sdc = _dcJoinDao.createSearchCriteria();
+        sdc.addOr("domainId", Op.IN, domainIds.toArray());
+        sdc.addOr("domainId", Op.NULL);
+        sc.addAnd("domainId", Op.SC, sdc);
+
+        // remove disabled zones
+        sc.addAnd("allocationState", Op.NEQ, Grouping.AllocationState.Disabled);
+
+        // accountId == null (zones dedicated to a domain) or
+        // accountId = caller
+        SearchCriteria<DataCenterJoinVO> sdc2 = _dcJoinDao.createSearchCriteria();
+        sdc2.addOr("accountId", Op.EQ, account.getId());
+        sdc2.addOr("accountId", Op.NULL);
+
+        sc.addAnd("accountId", Op.SC, sdc2);
+
+        // remove Dedicated zones not dedicated to this domainId or
+        // subdomainId
+        List<Long> dedicatedZoneIds = removeDedicatedZoneNotSuitable(domainIds);
+        if (!dedicatedZoneIds.isEmpty()) {
+            sdc.addAnd("id", Op.NIN, dedicatedZoneIds.toArray(new Object[0]));
+        }
+    }
+
+    private void buildSearchCriteriaForZonesBelongingToDomain(Long domainId, SearchCriteria<DataCenterJoinVO> sc, Account account) {
+        // for domainId != null // right now, we made the decision to
+        // only list zones associated // with this domain, private zone
+        sc.addAnd("domainId", Op.EQ, domainId);
+
+        if (accountMgr.isNormalUser(account.getId())) {
+            // accountId == null (zones dedicated to a domain) or
+            // accountId = caller
+            SearchCriteria<DataCenterJoinVO> sdc = _dcJoinDao.createSearchCriteria();
+            sdc.addOr("accountId", Op.EQ, account.getId());
+            sdc.addOr("accountId", Op.NULL);
+
+            sc.addAnd("accountId", Op.SC, sdc);
+        }
+    }
+
+    private List<Long> removeDedicatedZoneNotSuitable(List<Long> domainIds) {
         // remove dedicated zone of other domain
         List<Long> dedicatedZoneIds = new ArrayList<>();
         List<DedicatedResourceVO> dedicatedResources = _dedicatedDao.listZonesNotInDomainIds(domainIds);
         for (DedicatedResourceVO dr : dedicatedResources) {
             if (dr != null) {
+                logger.trace("adding zone to exclude from callers list zones result: {}.", dr.getDataCenterId());
                 dedicatedZoneIds.add(dr.getDataCenterId());
             }
         }
@@ -4515,7 +4483,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
             respView = ResponseView.Full;
         }
 
-        List<TemplateResponse> templateResponses = ViewResponseHelper.createTemplateResponse(cmd.getDetails(), respView, result.first().toArray(new TemplateJoinVO[result.first().size()]));
+        List<TemplateResponse> templateResponses = ViewResponseHelper.createTemplateResponse(cmd.getDetails(), respView, result.first().toArray(new TemplateJoinVO[0]));
         response.setResponses(templateResponses, result.second());
         return response;
     }
@@ -4943,17 +4911,17 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     private Pair<List<TemplateJoinVO>, Integer> findTemplatesByIdOrTempZonePair(Pair<List<TemplateJoinVO>, Integer> templateDataPair,
                                                                                 boolean showRemoved, boolean showUnique, Account caller) {
         Integer count = templateDataPair.second();
-        if (count.intValue() == 0) {
+        if (count == 0) {
             // empty result
             return templateDataPair;
         }
         List<TemplateJoinVO> templateData = templateDataPair.first();
         List<TemplateJoinVO> templates;
         if (showUnique) {
-            Long[] templateIds = templateData.stream().map(template -> template.getId()).toArray(Long[]::new);
+            Long[] templateIds = templateData.stream().map(BaseViewWithTagInformationVO::getId).toArray(Long[]::new);
             templates = _templateJoinDao.findByDistinctIds(templateIds);
         } else {
-            String[] templateZonePairs = templateData.stream().map(template -> template.getTempZonePair()).toArray(String[]::new);
+            String[] templateZonePairs = templateData.stream().map(TemplateJoinVO::getTempZonePair).toArray(String[]::new);
             templates = _templateJoinDao.searchByTemplateZonePair(showRemoved, templateZonePairs);
         }
 
@@ -4970,7 +4938,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
             respView = ResponseView.Full;
         }
 
-        List<TemplateResponse> templateResponses = ViewResponseHelper.createIsoResponse(respView, result.first().toArray(new TemplateJoinVO[result.first().size()]));
+        List<TemplateResponse> templateResponses = ViewResponseHelper.createIsoResponse(respView, result.first().toArray(new TemplateJoinVO[0]));
         response.setResponses(templateResponses, result.second());
         return response;
     }
@@ -5033,7 +5001,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         }
         if (CallContext.current().getCallingAccount().getType() != Account.Type.ADMIN) {
             final List<String> userDenyListedSettings = Stream.of(QueryService.UserVMDeniedDetails.value().split(","))
-                    .map(item -> (item).trim())
+                    .map(String::trim)
                     .collect(Collectors.toList());
             userDenyListedSettings.addAll(QueryService.RootAdminOnlyVmSettings);
             for (final String detail : userDenyListedSettings) {
@@ -5055,7 +5023,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     private void fillVnfTemplateDetailOptions(final Map<String, List<String>> options) {
         for (VNF.AccessDetail detail : VNF.AccessDetail.values()) {
             if (VNF.AccessDetail.ACCESS_METHODS.equals(detail)) {
-                options.put(detail.name().toLowerCase(), Arrays.stream(VNF.AccessMethod.values()).map(method -> method.toString()).sorted().collect(Collectors.toList()));
+                options.put(detail.name().toLowerCase(), Arrays.stream(VNF.AccessMethod.values()).map(VNF.AccessMethod::toString).sorted().collect(Collectors.toList()));
             } else {
                 options.put(detail.name().toLowerCase(), Collections.emptyList());
             }
@@ -5106,7 +5074,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     @Override
     public ListResponse<AffinityGroupResponse> searchForAffinityGroups(ListAffinityGroupsCmd cmd) {
         Pair<List<AffinityGroupJoinVO>, Integer> result = searchForAffinityGroupsInternal(cmd);
-        ListResponse<AffinityGroupResponse> response = new ListResponse<AffinityGroupResponse>();
+        ListResponse<AffinityGroupResponse> response = new ListResponse<>();
         List<AffinityGroupResponse> agResponses = ViewResponseHelper.createAffinityGroupResponses(result.first());
         response.setResponses(agResponses, result.second());
         return response;
@@ -5135,7 +5103,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
                 throw new InvalidParameterValueException("Unable to list affinity groups for virtual machine instance " + vmId + "; instance not found.");
             }
             accountMgr.checkAccess(caller, null, true, userVM);
-            return listAffinityGroupsByVM(vmId.longValue(), startIndex, pageSize);
+            return listAffinityGroupsByVM(vmId, startIndex, pageSize);
         }
 
         List<Long> permittedAccounts = new ArrayList<>();
@@ -5158,7 +5126,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         List<AffinityGroupJoinVO> affinityGroups = new ArrayList<>();
 
         Integer count = uniqueGroupsPair.second();
-        if (count.intValue() != 0) {
+        if (count != 0) {
             List<AffinityGroupJoinVO> uniqueGroups = uniqueGroupsPair.first();
             Long[] vrIds = new Long[uniqueGroups.size()];
             int i = 0;
@@ -5280,7 +5248,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         Filter sf = new Filter(SecurityGroupVMMapVO.class, null, true, pageInd, pageSize);
         Pair<List<AffinityGroupVMMapVO>, Integer> agVmMappingPair = _affinityGroupVMMapDao.listByInstanceId(vmId, sf);
         Integer count = agVmMappingPair.second();
-        if (count.intValue() == 0) {
+        if (count == 0) {
             // handle empty result cases
             return new Pair<>(new ArrayList<>(), count);
         }
@@ -5316,7 +5284,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
             Pair<List<AffinityGroupJoinVO>, Integer> uniqueGroupsPair = _affinityGroupJoinDao.searchAndCount(sc, searchFilter);
             // search group by ids
             Integer count = uniqueGroupsPair.second();
-            if (count.intValue() == 0) {
+            if (count == 0) {
                 // empty result
                 return new Pair<>(new ArrayList<>(), 0);
             }
@@ -5355,9 +5323,6 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         //Validation - 1.3
         if (resourceIdStr != null) {
             resourceId = resourceManagerUtil.getResourceId(resourceIdStr, resourceType);
-            if (resourceId == null) {
-                throw new InvalidParameterValueException("Cannot find resource with resourceId " + resourceIdStr + " and of resource type " + resourceType);
-            }
         }
 
         List<? extends ResourceDetail> detailList = new ArrayList<>();
@@ -5394,7 +5359,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         resourceDetailResponse.setName(requestedDetail.getName());
         resourceDetailResponse.setValue(requestedDetail.getValue());
         resourceDetailResponse.setForDisplay(requestedDetail.isDisplay());
-        resourceDetailResponse.setResourceType(resourceType.toString().toString());
+        resourceDetailResponse.setResourceType(resourceType.toString());
         resourceDetailResponse.setObjectName("resourcedetail");
         return resourceDetailResponse;
     }
@@ -5489,7 +5454,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         }
 
         List<RouterHealthCheckResult> result = new ArrayList<>(routerHealthCheckResultDao.getHealthCheckResults(routerId));
-        if (result == null || result.size() == 0) {
+        if (result.isEmpty()) {
             throw new CloudRuntimeException("No health check results found for the router. This could happen for " +
                     "a newly created router. Please wait for periodic results to populate or manually call for checks to execute.");
         }
@@ -5583,7 +5548,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         if (cmd instanceof ListSnapshotsCmdByAdmin) {
             respView = ResponseView.Full;
         }
-        List<SnapshotResponse> templateResponses = ViewResponseHelper.createSnapshotResponse(respView, cmd.isShowUnique(), result.first().toArray(new SnapshotJoinVO[result.first().size()]));
+        List<SnapshotResponse> templateResponses = ViewResponseHelper.createSnapshotResponse(respView, cmd.isShowUnique(), result.first().toArray(new SnapshotJoinVO[0]));
         response.setResponses(templateResponses, result.second());
         return response;
     }
@@ -5659,8 +5624,8 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         if (tags != null && !tags.isEmpty()) {
             SearchBuilder<ResourceTagVO> tagSearch = resourceTagDao.createSearchBuilder();
             for (int count = 0; count < tags.size(); count++) {
-                tagSearch.or().op("key" + String.valueOf(count), tagSearch.entity().getKey(), SearchCriteria.Op.EQ);
-                tagSearch.and("value" + String.valueOf(count), tagSearch.entity().getValue(), SearchCriteria.Op.EQ);
+                tagSearch.or().op("key" + count, tagSearch.entity().getKey(), SearchCriteria.Op.EQ);
+                tagSearch.and("value" + count, tagSearch.entity().getValue(), SearchCriteria.Op.EQ);
                 tagSearch.cp();
             }
             tagSearch.and("resourceType", tagSearch.entity().getResourceType(), SearchCriteria.Op.EQ);
@@ -5698,8 +5663,8 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
             int count = 0;
             sc.setJoinParameters("tagSearch", "resourceType", ResourceObjectType.Snapshot.toString());
             for (String key : tags.keySet()) {
-                sc.setJoinParameters("tagSearch", "key" + String.valueOf(count), key);
-                sc.setJoinParameters("tagSearch", "value" + String.valueOf(count), tags.get(key));
+                sc.setJoinParameters("tagSearch", "key" + count, key);
+                sc.setJoinParameters("tagSearch", "value" + count, tags.get(key));
                 count++;
             }
         }
@@ -5774,7 +5739,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         Pair<List<ObjectStoreVO>, Integer> result = searchForObjectStoresInternal(cmd);
         ListResponse<ObjectStoreResponse> response = new ListResponse<>();
 
-        List<ObjectStoreResponse> poolResponses = ViewResponseHelper.createObjectStoreResponse(result.first().toArray(new ObjectStoreVO[result.first().size()]));
+        List<ObjectStoreResponse> poolResponses = ViewResponseHelper.createObjectStoreResponse(result.first().toArray(new ObjectStoreVO[0]));
         response.setResponses(poolResponses, result.second());
         return response;
     }
@@ -5821,7 +5786,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         // search Store details by ids
         Pair<List<ObjectStoreVO>, Integer> uniqueStorePair = objectStoreDao.searchAndCount(sc, searchFilter);
         Integer count = uniqueStorePair.second();
-        if (count.intValue() == 0) {
+        if (count == 0) {
             // empty result
             return uniqueStorePair;
         }
@@ -5852,7 +5817,6 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
 
         Long id = cmd.getId();
         String name = cmd.getBucketName();
-        Long storeId = cmd.getObjectStorageId();
         String keyword = cmd.getKeyword();
         Long startIndex = cmd.getStartIndex();
         Long pageSize = cmd.getPageSizeVal();
@@ -5908,7 +5872,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
         // search Volume details by ids
         Pair<List<BucketVO>, Integer> uniqueBktPair = bucketDao.searchAndCount(sc, searchFilter);
         Integer count = uniqueBktPair.second();
-        if (count.intValue() == 0) {
+        if (count == 0) {
             // empty result
             return uniqueBktPair.first();
         }
@@ -5930,6 +5894,6 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
     @Override
     public ConfigKey<?>[] getConfigKeys() {
         return new ConfigKey<?>[] {AllowUserViewDestroyedVM, UserVMDeniedDetails, UserVMReadOnlyDetails, SortKeyAscending,
-                AllowUserViewAllDomainAccounts, SharePublicTemplatesWithOtherDomains, ReturnVmStatsOnVmList};
+                AllowUserViewAllDomainAccounts, AllowUserViewAllDataCenters, SharePublicTemplatesWithOtherDomains, ReturnVmStatsOnVmList};
     }
 }
diff --git a/server/src/main/java/com/cloud/user/AccountManagerImpl.java b/server/src/main/java/com/cloud/user/AccountManagerImpl.java
index ecd761bb7d9..04a64fbfc8c 100644
--- a/server/src/main/java/com/cloud/user/AccountManagerImpl.java
+++ b/server/src/main/java/com/cloud/user/AccountManagerImpl.java
@@ -650,6 +650,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M
         return false;
     }
 
+    @Override
     public boolean isResourceDomainAdmin(Long accountId) {
         if (accountId != null) {
             AccountVO acct = _accountDao.findById(accountId);
diff --git a/server/src/test/java/com/cloud/user/MockAccountManagerImpl.java b/server/src/test/java/com/cloud/user/MockAccountManagerImpl.java
index 8c569fb3ec8..a84f02755c7 100644
--- a/server/src/test/java/com/cloud/user/MockAccountManagerImpl.java
+++ b/server/src/test/java/com/cloud/user/MockAccountManagerImpl.java
@@ -422,6 +422,11 @@ public class MockAccountManagerImpl extends ManagerBase implements Manager, Acco
         return false;
     }
 
+    @Override
+    public boolean isResourceDomainAdmin(Long accountId) {
+        return false;
+    }
+
     @Override
     public boolean isNormalUser(long accountId) {
         // TODO Auto-generated method stub

From 948ecda785ee2cc35d25a275dc4f98187f56dcca Mon Sep 17 00:00:00 2001
From: Pearl Dsilva <pearl1594@gmail.com>
Date: Thu, 24 Jul 2025 03:47:18 -0400
Subject: [PATCH 32/83] UI: Fix missing labels (#11102)

Co-authored-by: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
---
 ui/public/locales/en.json                          | 3 +++
 ui/src/views/infra/network/ServiceProvidersTab.vue | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/ui/public/locales/en.json b/ui/public/locales/en.json
index 026880e38fd..cb19eb4bdc4 100644
--- a/ui/public/locales/en.json
+++ b/ui/public/locales/en.json
@@ -2305,6 +2305,7 @@
 "label.threshold": "Threshold",
 "label.threshold.description": "Value for which the Counter will be evaluated with the Operator selected",
 "label.thursday": "Thursday",
+"label.tier0gateway": "Tier-0 Gateway",
 "label.time": "Time",
 "label.timeout": "Timeout",
 "label.timeout.in.second ": " Timeout (seconds)",
@@ -2323,6 +2324,7 @@
 "label.traffic.label": "Traffic label",
 "label.traffic.types": "Traffic types",
 "label.traffictype": "Traffic type",
+"label.transportzone": "Transport Zone",
 "label.transportzoneuuid": "Transport zone UUID",
 "label.trigger.shutdown": "Trigger Safe Shutdown",
 "label.true": "True",
@@ -2631,6 +2633,7 @@
 "label.bucket.update": "Update Bucket",
 "label.bucket.delete": "Delete Bucket",
 "label.quotagb": "Quota in GB",
+"label.edgecluster": "Edge Cluster",
 "label.encryption": "Encryption",
 "label.versioning": "Versioning",
 "label.objectlocking": "Object Lock",
diff --git a/ui/src/views/infra/network/ServiceProvidersTab.vue b/ui/src/views/infra/network/ServiceProvidersTab.vue
index 5eb8e3dbcce..beb3fe0d9dc 100644
--- a/ui/src/views/infra/network/ServiceProvidersTab.vue
+++ b/ui/src/views/infra/network/ServiceProvidersTab.vue
@@ -1118,7 +1118,7 @@ export default {
           ],
           lists: [
             {
-              title: 'label.nsx.controller',
+              title: 'label.nsx.provider',
               api: 'listNsxControllers',
               mapping: {
                 zoneid: {

From 111d87b845ab8bddf35f5d0f3303947bfff8719c Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Thu, 24 Jul 2025 16:32:35 +0530
Subject: [PATCH 33/83] console: optimise buffer sizes for faster console
 performance (#11221)

* console-proxy: fix stream buffer sizes to improve console performance

This bumps the input and output stream buffers to 64KiB and uses them
consistent across TLS and non-TLS based VNC connections.

This fixes #10650

Co-authored-by: Vishesh Jindal <vishesh.jindal@shapeblue.com>
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

* Make buffer size configurable & other improvements for CPU & memory utilisation

* Setup batching of data for TLS connections to the VNC server

* Apply suggestions from code review

* Fix buffer size for xenserver

---------

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Co-authored-by: Vishesh Jindal <vishesh.jindal@shapeblue.com>
Co-authored-by: vishesh92 <vishesh92@gmail.com>
---
 .../com/cloud/consoleproxy/ConsoleProxy.java  |  7 ++
 .../consoleproxy/ConsoleProxyNoVncClient.java | 84 +++++++++++++++----
 .../cloud/consoleproxy/vnc/NoVncClient.java   |  8 +-
 .../consoleproxy/vnc/network/NioSocket.java   |  3 +-
 .../vnc/network/NioSocketHandler.java         |  3 +-
 .../vnc/network/NioSocketHandlerImpl.java     | 16 ++--
 .../vnc/network/NioSocketInputStream.java     | 48 ++++++-----
 .../network/NioSocketSSLEngineManager.java    | 40 ++++++---
 .../vnc/network/NioSocketTLSInputStream.java  |  3 +-
 .../vnc/network/NioSocketTLSOutputStream.java |  5 +-
 systemvm/agent/conf/consoleproxy.properties   |  1 +
 11 files changed, 146 insertions(+), 72 deletions(-)

diff --git a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/ConsoleProxy.java b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/ConsoleProxy.java
index 22922f43f93..0befe392b4e 100644
--- a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/ConsoleProxy.java
+++ b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/ConsoleProxy.java
@@ -76,6 +76,7 @@ public class ConsoleProxy {
     static int httpCmdListenPort = 8001;
     static int reconnectMaxRetry = 5;
     static int readTimeoutSeconds = 90;
+    public static int defaultBufferSize = 64 * 1024;
     static int keyboardType = KEYBOARD_RAW;
     static String factoryClzName;
     static boolean standaloneStart = false;
@@ -160,6 +161,12 @@ public class ConsoleProxy {
             readTimeoutSeconds = Integer.parseInt(s);
             LOGGER.info("Setting readTimeoutSeconds=" + readTimeoutSeconds);
         }
+
+        s = conf.getProperty("consoleproxy.defaultBufferSize");
+        if (s != null) {
+            defaultBufferSize = Integer.parseInt(s);
+            LOGGER.info("Setting defaultBufferSize=" + defaultBufferSize);
+        }
     }
 
     public static ConsoleProxyServerFactory getHttpServerFactory() {
diff --git a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyNoVncClient.java b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyNoVncClient.java
index fece5bfaa22..85a2e5c541f 100644
--- a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyNoVncClient.java
+++ b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyNoVncClient.java
@@ -52,6 +52,9 @@ public class ConsoleProxyNoVncClient implements ConsoleProxyClient {
     private ConsoleProxyClientParam clientParam;
     private String sessionUuid;
 
+    private ByteBuffer readBuffer = null;
+    private int flushThreshold = -1;
+
     public ConsoleProxyNoVncClient(Session session) {
         this.session = session;
     }
@@ -109,8 +112,9 @@ public class ConsoleProxyNoVncClient implements ConsoleProxyClient {
                     connectClientToVNCServer(tunnelUrl, tunnelSession, websocketUrl);
                     authenticateToVNCServer(clientSourceIp);
 
-                    int readBytes;
-                    byte[] b;
+                    // Track consecutive iterations with no data and sleep accordingly. Only used for NIO socket connections.
+                    int consecutiveZeroReads = 0;
+                    int sleepTime = 1;
                     while (connectionAlive) {
                         logger.trace("Connection with client [{}] [IP: {}] is alive.", clientId, clientSourceIp);
                         if (client.isVncOverWebSocketConnection()) {
@@ -118,30 +122,53 @@ public class ConsoleProxyNoVncClient implements ConsoleProxyClient {
                                 updateFrontEndActivityTime();
                             }
                             connectionAlive = session.isOpen();
+                            sleepTime = 1;
                         } else if (client.isVncOverNioSocket()) {
-                            byte[] bytesArr;
-                            int nextBytes = client.getNextBytes();
-                            bytesArr = new byte[nextBytes];
-                            client.readBytes(bytesArr, nextBytes);
-                            logger.trace("Read [{}] bytes from client [{}].", nextBytes, clientId);
-                            if (nextBytes > 0) {
-                                session.getRemote().sendBytes(ByteBuffer.wrap(bytesArr));
+                            ByteBuffer buffer = getOrCreateReadBuffer();
+                            int bytesRead = client.readAvailableDataIntoBuffer(buffer, buffer.remaining());
+
+                            if (bytesRead > 0) {
                                 updateFrontEndActivityTime();
+                                consecutiveZeroReads = 0; // Reset counter on successful read
+
+                                sleepTime = 0; // Still no sleep to catch any remaining data quickly
                             } else {
                                 connectionAlive = session.isOpen();
+                                consecutiveZeroReads++;
+                                // Use adaptive sleep time to prevent excessive busy waiting
+                                sleepTime = Math.min(consecutiveZeroReads, 10); // Cap at 10ms max
+                            }
+
+                            final boolean bufferHasData = buffer.position() > 0;
+                            if (bufferHasData && (bytesRead == 0 || buffer.remaining() <= flushThreshold)) {
+                                buffer.flip();
+                                logger.trace("Flushing buffer with [{}] bytes for client [{}]", buffer.remaining(), clientId);
+                                session.getRemote().sendBytes(buffer);
+                                buffer.compact();
                             }
                         } else {
-                            b = new byte[100];
-                            readBytes = client.read(b);
+                            ByteBuffer buffer = getOrCreateReadBuffer();
+                            buffer.clear();
+                            int readBytes = client.read(buffer.array());
                             logger.trace("Read [{}] bytes from client [{}].", readBytes, clientId);
-                            if (readBytes == -1 || (readBytes > 0 && !sendReadBytesToNoVNC(b, readBytes))) {
+                            if (readBytes > 0) {
+                                // Update buffer position to reflect bytes read and flip for reading
+                                buffer.position(readBytes);
+                                buffer.flip();
+                                if (!sendReadBytesToNoVNC(buffer)) {
+                                    connectionAlive = false;
+                                }
+                            } else if (readBytes == -1) {
                                 connectionAlive = false;
                             }
+                            sleepTime = 1;
                         }
-                        try {
-                            Thread.sleep(1);
-                        } catch (InterruptedException e) {
-                            logger.error("Error on sleep for vnc sessions", e);
+                        if (sleepTime > 0 && connectionAlive) {
+                            try {
+                                Thread.sleep(sleepTime);
+                            } catch (InterruptedException e) {
+                                logger.error("Error on sleep for vnc sessions", e);
+                            }
                         }
                     }
                     logger.info("Connection with client [{}] [IP: {}] is dead.", clientId, clientSourceIp);
@@ -154,9 +181,10 @@ public class ConsoleProxyNoVncClient implements ConsoleProxyClient {
         worker.start();
     }
 
-    private boolean sendReadBytesToNoVNC(byte[] b, int readBytes) {
+    private boolean sendReadBytesToNoVNC(ByteBuffer buffer) {
         try {
-            session.getRemote().sendBytes(ByteBuffer.wrap(b, 0, readBytes));
+            // Buffer is already prepared for reading by flip()
+            session.getRemote().sendBytes(buffer);
             updateFrontEndActivityTime();
         } catch (WebSocketException | IOException e) {
             logger.error("VNC server connection exception.", e);
@@ -316,9 +344,29 @@ public class ConsoleProxyNoVncClient implements ConsoleProxyClient {
         this.clientParam = param;
     }
 
+    private ByteBuffer getOrCreateReadBuffer() {
+        if (readBuffer == null) {
+            readBuffer = ByteBuffer.allocate(ConsoleProxy.defaultBufferSize);
+            logger.debug("Allocated {} KB read buffer for client [{}]", ConsoleProxy.defaultBufferSize / 1024 , clientId);
+
+            // Only apply batching logic for NIO TLS connections to work around 16KB record limitation
+            // For non-TLS or non-NIO connections, use immediate flush for better responsiveness
+            if (client != null && client.isVncOverNioSocket() && client.isTLSConnectionEstablished()) {
+                flushThreshold = Math.min(ConsoleProxy.defaultBufferSize / 4, 2048);
+                logger.debug("NIO TLS connection detected - using batching with threshold {} for client [{}]", flushThreshold, clientId);
+            } else {
+                flushThreshold = ConsoleProxy.defaultBufferSize + 1; // Always flush immediately
+                logger.debug("Non-TLS or non-NIO connection - using immediate flush for client [{}]", clientId);
+            }
+        }
+        return readBuffer;
+    }
+
     @Override
     public void closeClient() {
         this.connectionAlive = false;
+        // Clear buffer reference to allow GC when client disconnects
+        this.readBuffer = null;
         ConsoleProxy.removeViewer(this);
     }
 
diff --git a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/NoVncClient.java b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/NoVncClient.java
index e4bb93711b9..493c2287931 100644
--- a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/NoVncClient.java
+++ b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/NoVncClient.java
@@ -502,18 +502,14 @@ public class NoVncClient {
         return nioSocketConnection.readServerInit();
     }
 
-    public int getNextBytes() {
-        return nioSocketConnection.readNextBytes();
+    public int readAvailableDataIntoBuffer(ByteBuffer buffer, int maxSize) {
+        return nioSocketConnection.readAvailableDataIntoBuffer(buffer, maxSize);
     }
 
     public boolean isTLSConnectionEstablished() {
         return nioSocketConnection.isTLSConnection();
     }
 
-    public void readBytes(byte[] arr, int len) {
-        nioSocketConnection.readNextByteArray(arr, len);
-    }
-
     public void processHandshakeSecurityType(int secType, String vmPassword, String host, int port) {
         waitForNoVNCReply();
 
diff --git a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocket.java b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocket.java
index dfc47f33377..9bd2a10e6f0 100644
--- a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocket.java
+++ b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocket.java
@@ -41,6 +41,8 @@ public class NioSocket {
             socketChannel = SocketChannel.open();
             socketChannel.configureBlocking(false);
             socketChannel.socket().setSoTimeout(5000);
+            socketChannel.socket().setKeepAlive(true);
+            socketChannel.socket().setTcpNoDelay(true);
             writeSelector = Selector.open();
             readSelector = Selector.open();
             socketChannel.register(writeSelector, SelectionKey.OP_WRITE);
@@ -77,7 +79,6 @@ public class NioSocket {
             socketChannel.register(selector, SelectionKey.OP_CONNECT);
 
             waitForSocketSelectorConnected(selector);
-            socketChannel.socket().setTcpNoDelay(false);
         } catch (IOException e) {
             logger.error(String.format("Error creating NioSocket to %s:%s: %s", host, port, e.getMessage()), e);
         }
diff --git a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketHandler.java b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketHandler.java
index e1ccd6feb11..757f9c126ec 100644
--- a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketHandler.java
+++ b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketHandler.java
@@ -29,8 +29,7 @@ public interface NioSocketHandler {
     void readBytes(ByteBuffer data, int length);
     String readString();
     byte[] readServerInit();
-    int readNextBytes();
-    void readNextByteArray(byte[] arr, int len);
+    int readAvailableDataIntoBuffer(ByteBuffer buffer, int maxSize);
 
     // Write operations
     void writeUnsignedInteger(int sizeInBits, int value);
diff --git a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketHandlerImpl.java b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketHandlerImpl.java
index 3aa3524ea83..fc19c36b3ed 100644
--- a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketHandlerImpl.java
+++ b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketHandlerImpl.java
@@ -17,6 +17,7 @@
 package com.cloud.consoleproxy.vnc.network;
 
 
+import com.cloud.consoleproxy.ConsoleProxy;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 
@@ -28,13 +29,11 @@ public class NioSocketHandlerImpl implements NioSocketHandler {
     private NioSocketOutputStream outputStream;
     private boolean isTLS = false;
 
-    private static final int DEFAULT_BUF_SIZE = 16384;
-
     protected Logger logger = LogManager.getLogger(getClass());
 
     public NioSocketHandlerImpl(NioSocket socket) {
-        this.inputStream = new NioSocketInputStream(DEFAULT_BUF_SIZE, socket);
-        this.outputStream = new NioSocketOutputStream(DEFAULT_BUF_SIZE, socket);
+        this.inputStream = new NioSocketInputStream(ConsoleProxy.defaultBufferSize, socket);
+        this.outputStream = new NioSocketOutputStream(ConsoleProxy.defaultBufferSize, socket);
     }
 
     @Override
@@ -97,13 +96,8 @@ public class NioSocketHandlerImpl implements NioSocketHandler {
     }
 
     @Override
-    public int readNextBytes() {
-        return inputStream.getNextBytes();
-    }
-
-    @Override
-    public void readNextByteArray(byte[] arr, int len) {
-        inputStream.readNextByteArrayFromReadBuffer(arr, len);
+    public int readAvailableDataIntoBuffer(ByteBuffer buffer, int maxSize) {
+        return inputStream.readAvailableDataIntoBuffer(buffer, maxSize);
     }
 
     @Override
diff --git a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketInputStream.java b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketInputStream.java
index 8747afd85e2..e347c95f280 100644
--- a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketInputStream.java
+++ b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketInputStream.java
@@ -175,28 +175,38 @@ public class NioSocketInputStream extends NioSocketStream {
         return ArrayUtils.addAll(ret, (byte) 0, (byte) 0, (byte) 0);
     }
 
-    protected int getNextBytes() {
-        int size = 200;
-        while (size > 0) {
-            if (checkForSizeWithoutWait(size)) {
-                break;
-            }
-            size--;
+    /**
+     * This method checks what data is immediately available and returns a reasonable amount.
+     *
+     * @param maxSize Maximum number of bytes to attempt to read
+     * @return Number of bytes available to read (0 if none available)
+     */
+    protected int getAvailableBytes(int maxSize) {
+        // First check if we have data already in our buffer
+        int bufferedData = endPosition - currentPosition;
+        if (bufferedData > 0) {
+            return Math.min(bufferedData, maxSize);
         }
-        return size;
+
+        // Try to read more data with non-blocking call
+        // This determines how much data is available
+        return getReadBytesAvailableToFitSize(1, maxSize, false);
     }
 
-    protected void readNextByteArrayFromReadBuffer(byte[] arr, int len) {
-        copyBytesFromReadBuffer(len, arr);
-    }
-
-    protected void copyBytesFromReadBuffer(int length, byte[] arr) {
-        int ptr = 0;
-        while (length > 0) {
-            int n = getReadBytesAvailableToFitSize(1, length, true);
-            readBytes(ByteBuffer.wrap(arr, ptr, n), n);
-            ptr += n;
-            length -= n;
+    /**
+     * Read available data directly into a ByteBuffer.
+     *
+     * @param buffer ByteBuffer to read data into
+     * @param maxSize Maximum number of bytes to read
+     * @return Number of bytes actually read (0 if none available)
+     */
+    protected int readAvailableDataIntoBuffer(ByteBuffer buffer, int maxSize) {
+        // Get the amount of data available to read
+        int available = getAvailableBytes(maxSize);
+        if (available > 0) {
+            // Read directly into the ByteBuffer
+            readBytes(buffer, available);
         }
+        return available;
     }
 }
diff --git a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketSSLEngineManager.java b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketSSLEngineManager.java
index 2b0229b7567..826e7c6dd50 100644
--- a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketSSLEngineManager.java
+++ b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketSSLEngineManager.java
@@ -16,6 +16,8 @@
 // under the License.
 package com.cloud.consoleproxy.vnc.network;
 
+import com.cloud.consoleproxy.ConsoleProxy;
+
 import javax.net.ssl.SSLEngine;
 import javax.net.ssl.SSLEngineResult;
 import javax.net.ssl.SSLException;
@@ -43,9 +45,9 @@ public class NioSocketSSLEngineManager {
 
         executor = Executors.newSingleThreadExecutor();
 
-        int pktBufSize = engine.getSession().getPacketBufferSize();
-        myNetData = ByteBuffer.allocate(pktBufSize);
-        peerNetData = ByteBuffer.allocate(pktBufSize);
+        int networkBufSize = Math.max(engine.getSession().getPacketBufferSize(), ConsoleProxy.defaultBufferSize);
+        myNetData = ByteBuffer.allocate(networkBufSize);
+        peerNetData = ByteBuffer.allocate(networkBufSize);
     }
 
     private void handshakeNeedUnwrap(ByteBuffer peerAppData) throws SSLException {
@@ -155,22 +157,25 @@ public class NioSocketSSLEngineManager {
     }
 
     public int write(ByteBuffer data) throws IOException {
-        int n = 0;
+        int totalBytesConsumed = 0;
+        int sessionAppBufSize = engine.getSession().getApplicationBufferSize();
+        boolean shouldBatch = ConsoleProxy.defaultBufferSize > sessionAppBufSize;
+
         while (data.hasRemaining()) {
             SSLEngineResult result = engine.wrap(data, myNetData);
-            n += result.bytesConsumed();
+            totalBytesConsumed += result.bytesConsumed();
             switch (result.getStatus()) {
                 case OK:
-                    myNetData.flip();
-                    outputStream.writeBytes(myNetData, myNetData.remaining());
-                    outputStream.flushWriteBuffer();
-                    myNetData.compact();
+                    // Flush immediately if: batching is disabled, small data, or last chunk
+                    if (!shouldBatch || result.bytesConsumed() < sessionAppBufSize || !data.hasRemaining()) {
+                        flush();
+                    }
+                    // Otherwise accumulate for batching (large chunk with more data coming)
                     break;
 
                 case BUFFER_OVERFLOW:
-                    myNetData.flip();
-                    outputStream.writeBytes(myNetData, myNetData.remaining());
-                    myNetData.compact();
+                    // Flush when buffer is full
+                    flush();
                     break;
 
                 case CLOSED:
@@ -181,7 +186,16 @@ public class NioSocketSSLEngineManager {
                     break;
             }
         }
-        return n;
+        return totalBytesConsumed;
+    }
+
+    public void flush() {
+        if (myNetData.position() > 0) {
+            myNetData.flip();
+            outputStream.writeBytes(myNetData, myNetData.remaining());
+            outputStream.flushWriteBuffer();
+            myNetData.compact();
+        }
     }
 
     public SSLSession getSession() {
diff --git a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketTLSInputStream.java b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketTLSInputStream.java
index f57a56e8a94..c3f46571e8a 100644
--- a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketTLSInputStream.java
+++ b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketTLSInputStream.java
@@ -16,6 +16,7 @@
 // under the License.
 package com.cloud.consoleproxy.vnc.network;
 
+import com.cloud.consoleproxy.ConsoleProxy;
 import com.cloud.utils.exception.CloudRuntimeException;
 
 import java.io.IOException;
@@ -26,7 +27,7 @@ public class NioSocketTLSInputStream extends NioSocketInputStream {
     private final NioSocketSSLEngineManager sslEngineManager;
 
     public NioSocketTLSInputStream(NioSocketSSLEngineManager sslEngineManager, NioSocket socket) {
-        super(sslEngineManager.getSession().getApplicationBufferSize(), socket);
+        super(ConsoleProxy.defaultBufferSize, socket);
         this.sslEngineManager = sslEngineManager;
     }
 
diff --git a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketTLSOutputStream.java b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketTLSOutputStream.java
index 6024e2718e9..f9bdb5cca49 100644
--- a/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketTLSOutputStream.java
+++ b/services/console-proxy/server/src/main/java/com/cloud/consoleproxy/vnc/network/NioSocketTLSOutputStream.java
@@ -16,6 +16,8 @@
 // under the License.
 package com.cloud.consoleproxy.vnc.network;
 
+import com.cloud.consoleproxy.ConsoleProxy;
+
 import java.io.IOException;
 import java.nio.ByteBuffer;
 
@@ -24,7 +26,7 @@ public class NioSocketTLSOutputStream extends NioSocketOutputStream {
     private final NioSocketSSLEngineManager sslEngineManager;
 
     public NioSocketTLSOutputStream(NioSocketSSLEngineManager sslEngineManager, NioSocket socket) {
-        super(sslEngineManager.getSession().getApplicationBufferSize(), socket);
+        super(ConsoleProxy.defaultBufferSize, socket);
         this.sslEngineManager = sslEngineManager;
     }
 
@@ -38,6 +40,7 @@ public class NioSocketTLSOutputStream extends NioSocketOutputStream {
         }
 
         currentPosition = start;
+        sslEngineManager.flush();
     }
 
     protected int writeThroughSSLEngineManager(byte[] data, int startPos, int length) {
diff --git a/systemvm/agent/conf/consoleproxy.properties b/systemvm/agent/conf/consoleproxy.properties
index 96a345b31f7..361b0a33a05 100644
--- a/systemvm/agent/conf/consoleproxy.properties
+++ b/systemvm/agent/conf/consoleproxy.properties
@@ -21,3 +21,4 @@ consoleproxy.httpCmdListenPort=8001
 consoleproxy.jarDir=./applet/
 consoleproxy.viewerLinger=180
 consoleproxy.reconnectMaxRetry=5
+consoleproxy.defaultBufferSize=65536

From eeb4d55e890386409aa7cbacfd63da86341732f1 Mon Sep 17 00:00:00 2001
From: Abhisar Sinha <63767682+abh1sar@users.noreply.github.com>
Date: Thu, 24 Jul 2025 22:18:35 +0530
Subject: [PATCH 34/83] polish: Fix some inconsistencies in object names and
 messages (#10856)

* Replace ACL list with ACL and related changes to the json files in public/locales

* Replace ACL list with ACL and related changes to network.js, VpcTab.vue and AclRulesTab.vue

* Replace Export ACLs with Export ACL rules

* standardize the term user data everywhere. fix the placeholder in register user data form.

* Convert resource names in main menu and action buttons to Title case

* Use special icon for sharedfs instance and prefix for sharedfs volumes

* Give custom icon precedence over shared fs icon

* Fixed some issues with public/locale files

* Revert sharedfsvm changes

* Added label.add.acl.name to en.json which was incorrectly removed

* replace all *userdata* labels to *user.data* in public json files.

* remove redundant labels label.user.data.l2 and label.replace.acl.list

* Update ui/src/views/offering/AddNetworkOffering.vue

Co-authored-by: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>

* user data -> User Data in cmd and response

* fix more Title case on action buttons and labels.

---------

Co-authored-by: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
---
 .../user/userdata/RegisterUserDataCmd.java    |  18 +-
 .../api/response/UserDataResponse.java        |  22 +-
 ui/public/locales/ar.json                     |  24 +-
 ui/public/locales/ca.json                     |  22 +-
 ui/public/locales/de_DE.json                  |  26 +-
 ui/public/locales/el_GR.json                  |  51 +-
 ui/public/locales/en.json                     | 783 +++++++++---------
 ui/public/locales/es.json                     |  24 +-
 ui/public/locales/fr_FR.json                  |  24 +-
 ui/public/locales/hi.json                     |   4 +-
 ui/public/locales/hu.json                     |  26 +-
 ui/public/locales/it_IT.json                  |  24 +-
 ui/public/locales/ja_JP.json                  |  24 +-
 ui/public/locales/ko_KR.json                  |  24 +-
 ui/public/locales/nb_NO.json                  |  24 +-
 ui/public/locales/nl_NL.json                  |  24 +-
 ui/public/locales/pl.json                     |  24 +-
 ui/public/locales/pt_BR.json                  |  24 +-
 ui/public/locales/ru_RU.json                  |  24 +-
 ui/public/locales/zh_CN.json                  |  24 +-
 ui/src/components/view/InfoCard.vue           |   2 +-
 ui/src/config/section/account.js              |   2 +-
 ui/src/config/section/compute.js              |   6 +-
 ui/src/config/section/network.js              |  21 +-
 ui/src/views/compute/AutoScaleVmProfile.vue   |  14 +-
 .../views/compute/CreateAutoScaleVmGroup.vue  |  14 +-
 ui/src/views/compute/DeployVM.vue             |  14 +-
 ui/src/views/compute/DeployVnfAppliance.vue   |  14 +-
 ui/src/views/compute/EditVM.vue               |   2 +-
 ui/src/views/compute/RegisterUserData.vue     |   8 +-
 ui/src/views/compute/ResetUserData.vue        |  14 +-
 .../compute/wizard/UserDataSelection.vue      |   4 +-
 ui/src/views/image/RegisterOrUploadIso.vue    |   4 +-
 .../views/image/RegisterOrUploadTemplate.vue  |   4 +-
 ui/src/views/image/UpdateISO.vue              |   4 +-
 ui/src/views/image/UpdateTemplate.vue         |   4 +-
 .../{AclListRulesTab.vue => AclRulesTab.vue}  |   2 +-
 ui/src/views/network/VpcTab.vue               |   8 +-
 ui/src/views/offering/AddNetworkOffering.vue  |   2 +-
 39 files changed, 674 insertions(+), 709 deletions(-)
 rename ui/src/views/network/{AclListRulesTab.vue => AclRulesTab.vue} (99%)

diff --git a/api/src/main/java/org/apache/cloudstack/api/command/user/userdata/RegisterUserDataCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/user/userdata/RegisterUserDataCmd.java
index 41d865d678c..4588d734847 100644
--- a/api/src/main/java/org/apache/cloudstack/api/command/user/userdata/RegisterUserDataCmd.java
+++ b/api/src/main/java/org/apache/cloudstack/api/command/user/userdata/RegisterUserDataCmd.java
@@ -43,7 +43,7 @@ import com.cloud.network.NetworkModel;
 import com.cloud.user.UserData;
 
 @APICommand(name = "registerUserData",
-        description = "Register a new userdata.",
+        description = "Register a new User Data.",
         since = "4.18",
         responseObject = SuccessResponse.class,
         requestHasSensitiveInfo = false,
@@ -56,33 +56,33 @@ public class RegisterUserDataCmd extends BaseCmd {
     //////////////// API parameters /////////////////////
     /////////////////////////////////////////////////////
 
-    @Parameter(name = ApiConstants.NAME, type = CommandType.STRING, required = true, description = "Name of the userdata")
+    @Parameter(name = ApiConstants.NAME, type = CommandType.STRING, required = true, description = "Name of the User Data")
     private String name;
 
     //Owner information
-    @Parameter(name = ApiConstants.ACCOUNT, type = CommandType.STRING, description = "an optional account for the userdata. Must be used with domainId.")
+    @Parameter(name = ApiConstants.ACCOUNT, type = CommandType.STRING, description = "an optional account for the User Data. Must be used with domainId.")
     private String accountName;
 
     @Parameter(name = ApiConstants.DOMAIN_ID,
             type = CommandType.UUID,
             entityType = DomainResponse.class,
-            description = "an optional domainId for the userdata. If the account parameter is used, domainId must also be used.")
+            description = "an optional domainId for the User Data. If the account parameter is used, domainId must also be used.")
     private Long domainId;
 
-    @Parameter(name = ApiConstants.PROJECT_ID, type = CommandType.UUID, entityType = ProjectResponse.class, description = "an optional project for the userdata")
+    @Parameter(name = ApiConstants.PROJECT_ID, type = CommandType.UUID, entityType = ProjectResponse.class, description = "an optional project for the User Data")
     private Long projectId;
 
     @Parameter(name = ApiConstants.USER_DATA,
             type = CommandType.STRING,
             required = true,
-            description = "Base64 encoded userdata content. " +
+            description = "Base64 encoded User Data content. " +
                     "Using HTTP GET (via querystring), you can send up to 4KB of data after base64 encoding. " +
-                    "Using HTTP POST (via POST body), you can send up to 1MB of data after base64 encoding. " +
-                    "You also need to change vm.userdata.max.length value",
+                    "Using HTTP POST (via POST body), you can send up to 32KB of data after base64 encoding, " +
+                    "which can be increased upto 1MB using the vm.userdata.max.length setting",
             length = 1048576)
     private String userData;
 
-    @Parameter(name = ApiConstants.PARAMS, type = CommandType.STRING, description = "comma separated list of variables declared in userdata content")
+    @Parameter(name = ApiConstants.PARAMS, type = CommandType.STRING, description = "comma separated list of variables declared in the User Data content")
     private String params;
 
 
diff --git a/api/src/main/java/org/apache/cloudstack/api/response/UserDataResponse.java b/api/src/main/java/org/apache/cloudstack/api/response/UserDataResponse.java
index 2dfc66fa7d5..ce344596aeb 100644
--- a/api/src/main/java/org/apache/cloudstack/api/response/UserDataResponse.java
+++ b/api/src/main/java/org/apache/cloudstack/api/response/UserDataResponse.java
@@ -27,41 +27,41 @@ import org.apache.cloudstack.api.EntityReference;
 public class UserDataResponse extends BaseResponseWithAnnotations implements ControlledEntityResponse {
 
     @SerializedName(ApiConstants.ID)
-    @Param(description = "ID of the ssh keypair")
+    @Param(description = "ID of the User Data")
     private String id;
 
     @SerializedName(ApiConstants.NAME)
-    @Param(description = "Name of the userdata")
+    @Param(description = "Name of the User Data")
     private String name;
 
-    @SerializedName(ApiConstants.ACCOUNT_ID) @Param(description="the owner id of the userdata")
+    @SerializedName(ApiConstants.ACCOUNT_ID) @Param(description="the owner id of the User Data")
     private String accountId;
 
-    @SerializedName(ApiConstants.ACCOUNT) @Param(description="the owner of the userdata")
+    @SerializedName(ApiConstants.ACCOUNT) @Param(description="the owner of the User Data")
     private String accountName;
 
     @SerializedName(ApiConstants.PROJECT_ID)
-    @Param(description = "the project id of the userdata", since = "4.19.1")
+    @Param(description = "the project id of the User Data", since = "4.19.1")
     private String projectId;
 
     @SerializedName(ApiConstants.PROJECT)
-    @Param(description = "the project name of the userdata", since = "4.19.1")
+    @Param(description = "the project name of the User Data", since = "4.19.1")
     private String projectName;
 
-    @SerializedName(ApiConstants.DOMAIN_ID) @Param(description="the domain id of the userdata owner")
+    @SerializedName(ApiConstants.DOMAIN_ID) @Param(description="the domain id of the User Data owner")
     private String domainId;
 
-    @SerializedName(ApiConstants.DOMAIN) @Param(description="the domain name of the userdata owner")
+    @SerializedName(ApiConstants.DOMAIN) @Param(description="the domain name of the User Data owner")
     private String domain;
 
     @SerializedName(ApiConstants.DOMAIN_PATH)
-    @Param(description = "path of the domain to which the userdata owner belongs", since = "4.19.2.0")
+    @Param(description = "path of the domain to which the User Data owner belongs", since = "4.19.2.0")
     private String domainPath;
 
-    @SerializedName(ApiConstants.USER_DATA) @Param(description="base64 encoded userdata content")
+    @SerializedName(ApiConstants.USER_DATA) @Param(description="base64 encoded User Data content")
     private String userData;
 
-    @SerializedName(ApiConstants.PARAMS) @Param(description="list of parameters which contains the list of keys or string parameters that are needed to be passed for any variables declared in userdata")
+    @SerializedName(ApiConstants.PARAMS) @Param(description="list of parameters which contains the list of keys or string parameters that are needed to be passed for any variables declared in the User Data")
     private String params;
 
     public UserDataResponse() {
diff --git a/ui/public/locales/ar.json b/ui/public/locales/ar.json
index 20499c63e04..e8e4db66cb5 100644
--- a/ui/public/locales/ar.json
+++ b/ui/public/locales/ar.json
@@ -14,12 +14,12 @@
 "label.account.specific": "Account-Specific",
 "label.accounts": "Accounts",
 "label.accounttype": "Account Type",
-"label.acl.export": "Export ACLs",
+"label.acl.export": "Export ACL rules",
 "label.acl.id": "ACL ID",
-"label.acl.list.rules": "ACL List Rules",
+"label.acl.rules": "ACL Rules",
 "label.acl.reason.description": "Enter the reason behind an ACL rule.",
 "label.aclid": "ACL",
-"label.aclname": "ACL Name",
+"label.acl.rule.name": "ACL Name",
 "label.acquire.new.ip": "Acquire New IP",
 "label.acquire.new.secondary.ip": "Acquire new secondary IP",
 "label.action": "Action",
@@ -119,8 +119,8 @@
 "label.activeviewersessions": "Active Sessions",
 "label.add": "Add",
 "label.add.account": "Add Account",
-"label.add.acl": "\u0625\u0636\u0627\u0641\u0629 ACL",
-"label.add.acl.list": "Add ACL List",
+"label.add.acl.rule": "\u0625\u0636\u0627\u0641\u0629 ACL",
+"label.add.acl": "Add ACL",
 "label.add.affinity.group": "Add new affinity group",
 "label.add.baremetal.dhcp.device": "Add Baremetal DHCP Device",
 "label.add.bigswitchbcf.device": "Add BigSwitch BCF Controller",
@@ -142,12 +142,12 @@
 "label.add.ip.range": "Add IP Range",
 "label.add.isolated.network": "Add Isolated Network",
 "label.add.ldap.account": "Add LDAP account",
-"label.add.list.name": "ACL List Name",
+"label.add.acl.name": "ACL Name",
 "label.add.more": "Add More",
 "label.add.netscaler.device": "Add Netscaler device",
 "label.add.network": "Add Network",
 "label.add.network.acl": "\u0625\u0636\u0627\u0641\u0629 \u0634\u0628\u0643\u0629 ACL",
-"label.add.network.acl.list": "Add Network ACL List",
+"label.add.network.acl": "Add Network ACL",
 "label.add.network.offering": "Add network offering",
 "label.add.new.gateway": "\u0623\u0636\u0641 \u0628\u0648\u0627\u0628\u0629 \u062c\u062f\u064a\u062f\u0629",
 "label.add.new.tier": "\u0625\u0636\u0627\u0641\u0629 \u0637\u0628\u0642\u0629 \u062c\u062f\u064a\u062f\u0629",
@@ -334,7 +334,7 @@
 "label.default.use": "Default Use",
 "label.default.view": "\u0637\u0631\u064a\u0642\u0629 \u0627\u0644\u0639\u0631\u0636 \u0627\u0644\u0627\u0641\u062a\u0631\u0627\u0636\u064a\u0629",
 "label.delete": "Delete",
-"label.delete.acl.list": "Delete ACL List",
+"label.delete.acl": "Delete ACL",
 "label.delete.affinity.group": "Delete Affinity Group",
 "label.delete.alerts": "Delete alerts",
 "label.delete.bigswitchbcf": "Remove BigSwitch BCF Controller",
@@ -419,7 +419,7 @@
 "label.dpd": "\u0643\u0634\u0641 \u0627\u0644\u0642\u0631\u064a\u0646 \u0627\u0644\u0645\u0641\u0642\u0648\u062f",
 "label.driver": "Driver",
 "label.edit": "Edit",
-"label.edit.acl.list": "Edit ACL List",
+"label.edit.acl": "Edit ACL",
 "label.edit.acl.rule": "Edit ACL rule",
 "label.edit.project.details": "\u0627\u0636\u0627\u0641\u0629 \u062a\u0641\u0627\u0635\u064a\u0644 \u0627\u0644\u0645\u0634\u0631\u0648\u0639",
 "label.edit.role": "Edit Role",
@@ -924,7 +924,6 @@
 "label.remove.vpc.offering": "Remove VPC offering",
 "label.removing": "Removing",
 "label.replace.acl": "Replace ACL",
-"label.replace.acl.list": "Replace ACL List",
 "label.required": "Required",
 "label.requireshvm": "HVM",
 "label.requiresupgrade": "Requires Upgrade",
@@ -1150,8 +1149,7 @@
 "label.usehttps": "\u0627\u0633\u062a\u062e\u062f\u0645 HTTPS",
 "label.usenewdiskoffering": "Replace disk offering?",
 "label.user": "User",
-"label.userdata": "Userdata",
-"label.userdatal2": "User Data",
+"label.user.data": "User Data",
 "label.username": "Username",
 "label.users": "Users",
 "label.utilization": "Utilisation",
@@ -1329,7 +1327,7 @@
 "message.confirm.archive.selected.alerts": "Please confirm you would like to archive the selected alerts",
 "message.confirm.archive.selected.events": "Please confirm you would like to archive the selected events",
 "message.confirm.attach.disk": "Are you sure you want to attach disk?",
-"message.confirm.delete.acl.list": "Are you sure you want to delete this ACL list?",
+"message.confirm.delete.acl": "Are you sure you want to delete this ACL?",
 "message.confirm.delete.bigswitchbcf": "Please confirm that you would like to delete this BigSwitch BCF Controller",
 "message.confirm.delete.brocadevcs": "Please confirm that you would like to delete Brocade Vcs Switch",
 "message.confirm.delete.ciscoasa1000v": "Please confirm you want to delete CiscoASA1000v",
diff --git a/ui/public/locales/ca.json b/ui/public/locales/ca.json
index 30ed3161448..d3e417eb821 100644
--- a/ui/public/locales/ca.json
+++ b/ui/public/locales/ca.json
@@ -14,12 +14,12 @@
 "label.account.specific": "Account-Specific",
 "label.accounts": "Accounts",
 "label.accounttype": "Account Type",
-"label.acl.export": "Export ACLs",
+"label.acl.export": "Export ACL rules",
 "label.acl.id": "ACL ID",
-"label.acl.list.rules": "ACL List Rules",
+"label.acl.rules": "ACL Rules",
 "label.acl.reason.description": "Enter the reason behind an ACL rule.",
 "label.aclid": "ACL",
-"label.aclname": "ACL Name",
+"label.acl.rule.name": "ACL Name",
 "label.acquire.new.ip": "Acquire New IP",
 "label.acquire.new.secondary.ip": "Acquire new secondary IP",
 "label.action": "Action",
@@ -119,8 +119,8 @@
 "label.activeviewersessions": "Active Sessions",
 "label.add": "Add",
 "label.add.account": "Add Account",
+"label.add.acl.rule": "Add ACL rule",
 "label.add.acl": "Add ACL",
-"label.add.acl.list": "Add ACL List",
 "label.add.affinity.group": "Add new affinity group",
 "label.add.baremetal.dhcp.device": "Add Baremetal DHCP Device",
 "label.add.bigswitchbcf.device": "Add BigSwitch BCF Controller",
@@ -142,12 +142,12 @@
 "label.add.ip.range": "Add IP Range",
 "label.add.isolated.network": "Add Isolated Network",
 "label.add.ldap.account": "Add LDAP account",
-"label.add.list.name": "ACL List Name",
+"label.add.acl.name": "ACL Name",
 "label.add.more": "Add More",
 "label.add.netscaler.device": "Add Netscaler device",
 "label.add.network": "Add Network",
 "label.add.network.acl": "Add network ACL",
-"label.add.network.acl.list": "Add Network ACL List",
+"label.add.network.acl": "Add Network ACL",
 "label.add.network.offering": "Add network offering",
 "label.add.new.gateway": "Add new gateway",
 "label.add.new.tier": "Add new tier",
@@ -334,7 +334,7 @@
 "label.default.use": "Default Use",
 "label.default.view": "Default View",
 "label.delete": "Delete",
-"label.delete.acl.list": "Delete ACL List",
+"label.delete.acl": "Delete ACL",
 "label.delete.affinity.group": "Delete Affinity Group",
 "label.delete.alerts": "Delete alerts",
 "label.delete.bigswitchbcf": "Remove BigSwitch BCF Controller",
@@ -419,7 +419,7 @@
 "label.dpd": "Dead Peer Detection",
 "label.driver": "Driver",
 "label.edit": "Edit",
-"label.edit.acl.list": "Edit ACL List",
+"label.edit.acl": "Edit ACL",
 "label.edit.acl.rule": "Edit ACL rule",
 "label.edit.project.details": "Editar detalls del projecte",
 "label.edit.role": "Edit Role",
@@ -924,7 +924,6 @@
 "label.remove.vpc.offering": "Remove VPC offering",
 "label.removing": "Esborrant",
 "label.replace.acl": "Replace ACL",
-"label.replace.acl.list": "Replace ACL List",
 "label.required": "Required",
 "label.requireshvm": "HVM",
 "label.requiresupgrade": "Requires Upgrade",
@@ -1150,8 +1149,7 @@
 "label.usehttps": "Use HTTPS",
 "label.usenewdiskoffering": "Replace disk offering?",
 "label.user": "User",
-"label.userdata": "Userdata",
-"label.userdatal2": "User Data",
+"label.user.data": "User Data",
 "label.username": "Username",
 "label.users": "Users",
 "label.utilization": "Utilisation",
@@ -1329,7 +1327,7 @@
 "message.confirm.archive.selected.alerts": "Please confirm you would like to archive the selected alerts",
 "message.confirm.archive.selected.events": "Please confirm you would like to archive the selected events",
 "message.confirm.attach.disk": "Are you sure you want to attach disk?",
-"message.confirm.delete.acl.list": "Are you sure you want to delete this ACL list?",
+"message.confirm.delete.acl": "Are you sure you want to delete this ACL?",
 "message.confirm.delete.bigswitchbcf": "Please confirm that you would like to delete this BigSwitch BCF Controller",
 "message.confirm.delete.brocadevcs": "Please confirm that you would like to delete Brocade Vcs Switch",
 "message.confirm.delete.ciscoasa1000v": "Please confirm you want to delete CiscoASA1000v",
diff --git a/ui/public/locales/de_DE.json b/ui/public/locales/de_DE.json
index c20bf175826..fd29ac3eb54 100644
--- a/ui/public/locales/de_DE.json
+++ b/ui/public/locales/de_DE.json
@@ -26,12 +26,12 @@
 "label.account.specific": "Besonderheiten des Benutzerkontos",
 "label.accounts": "Benutzerkonten",
 "label.accounttype": "Benutzerkontotyp",
-"label.acl.export": "Export ACLs",
+"label.acl.export": "Export ACL rules",
 "label.acl.id": "ACL-Kennung",
-"label.acl.list.rules": "ACL-Listenregeln",
+"label.acl.rules": "ACL-Listenregeln",
 "label.acl.reason.description": "Enter the reason behind an ACL rule.",
 "label.aclid": "ACL",
-"label.aclname": "ACL-Name",
+"label.acl.rule.name": "ACL-Name",
 "label.acquire.new.ip": "Neue IP erwerben",
 "label.acquire.new.secondary.ip": "Neue sekundäre IP anfordern",
 "label.acquiring.ip": "IP anfordern",
@@ -144,8 +144,8 @@
 "label.activeviewersessions": "Aktive Sitzungen",
 "label.add": "Hinzufügen",
 "label.add.account": "Konto hinzufügen",
-"label.add.acl": "ACL hinzufügen",
-"label.add.acl.list": "ACL-Liste hinzufügen",
+"label.add.acl.rule": "ACL hinzufügen",
+"label.add.acl": "ACL-Liste hinzufügen",
 "label.add.affinity.group": "Neue Affinitätsgruppe hinzufügen",
 "label.add.baremetal.dhcp.device": "Baremetal DHCP-Gerät hinzufügen",
 "label.add.bigswitchbcf.device": "Füge BigSwitch BCF Controller hinzu",
@@ -169,12 +169,12 @@
 "label.add.isolated.network": "Isoliertes Netzwerk hinzufügen",
 "label.add.kubernetes.cluster": "Kubernetes Cluster hinzufügen",
 "label.add.ldap.account": "LDAP-Konto hinzufügen",
-"label.add.list.name": "ACL-Listename",
+"label.add.acl.name": "ACL-Listename",
 "label.add.more": "Mehr hinzufügen",
 "label.add.netscaler.device": "Netscaler-Gerät hinzufügen",
 "label.add.network": "Netzwerk hinzufügen",
 "label.add.network.acl": "Netzwerk-ACL hinzufügen",
-"label.add.network.acl.list": "Netzwerk-ACL-Liste hinzufügen",
+"label.add.network.acl": "Netzwerk-ACL-Liste hinzufügen",
 "label.add.network.offering": "Netzwerkangebot hinzufügen",
 "label.add.new.gateway": "Neues Gateway hinzufügen",
 "label.add.new.tier": "Neue Ebene hinzufügen",
@@ -417,7 +417,7 @@
 "label.default.view": "Standardansicht",
 "label.defaultnetwork": "Standard-Netzwerk",
 "label.delete": "Löschen",
-"label.delete.acl.list": "ACL-Liste ersetzen",
+"label.delete.acl": "ACL-Liste ersetzen",
 "label.delete.affinity.group": "Affinitätsgruppe entfernen",
 "label.delete.alerts": "Alarme löschen",
 "label.delete.backup": "Backup löschen",
@@ -525,7 +525,7 @@
 "label.driver": "Treiber",
 "label.dynamicscalingenabled": "Dynamische Skalierung aktiviert",
 "label.edit": "Bearbeiten",
-"label.edit.acl.list": "Edit ACL List",
+"label.edit.acl": "Edit ACL",
 "label.edit.acl.rule": "ACL-Regel bearbeiten",
 "label.edit.project.details": "Projektdetails bearbeiten",
 "label.edit.role": "Rolle bearbeiten",
@@ -948,7 +948,7 @@
 "label.netscaler.vpx": "NetScaler VPX LoadBalancer",
 "label.network": "Netzwerk",
 "label.network.acl": "Netzwerk-ACL",
-"label.network.acl.lists": "Netzwerk ACL Listen",
+"label.network.acls": "Netzwerk ACL Listen",
 "label.network.addvm": "Netzwerk zur VM hinzufügen",
 "label.network.desc": "Netzwerkbeschreibung",
 "label.network.domain": "Netzwerk-Domain",
@@ -1198,7 +1198,6 @@
 "label.remove.vpc.offering": "VPC-Angebot entfernen",
 "label.removing": "am Entfernen",
 "label.replace.acl": "ACL ersetzen",
-"label.replace.acl.list": "ACL-Liste ersetzen",
 "label.report.bug": "Fehler melden",
 "label.required": "Erforderlich",
 "label.requireshvm": "HVM",
@@ -1492,8 +1491,7 @@
 "label.usenewdiskoffering": "Replace disk offering?",
 "label.user": "Benutzer",
 "label.user.conflict": "Konflikt",
-"label.userdata": "Benutzerdaten",
-"label.userdatal2": "Benutzerdaten",
+"label.user.data": "Benutzerdaten",
 "label.username": "Benutzername",
 "label.users": "Benutzer",
 "label.usersource": "Benutzertyp",
@@ -1733,7 +1731,7 @@
 "message.confirm.archive.selected.alerts": "Bitte bestätigen Sie, dass Sie die ausgewählten Alarme archivieren möchten",
 "message.confirm.archive.selected.events": "Bitte bestätigen Sie, dass Sie die ausgewählten Vorgänge archivieren möchten",
 "message.confirm.attach.disk": "Sind Sie sicher, dass Sie eine Platte hinzufügen möchten?",
-"message.confirm.delete.acl.list": "Sind Sie sicher, dass Sie diese ACL-Liste löschen möchten?",
+"message.confirm.delete.acl": "Sind Sie sicher, dass Sie diese ACL-Liste löschen möchten?",
 "message.confirm.delete.bigswitchbcf": "Bitte bestätigen Sie, dass Sie diesen BigSwitch BCF Controller löschen möchten",
 "message.confirm.delete.brocadevcs": "Bitte bestätigen Sie, dass Sie Brocade Vcs Switch löschen möchten",
 "message.confirm.delete.ciscoasa1000v": "Bitte bestätigen Sie, dass Sie CiscoASA1000v löschen möchten",
diff --git a/ui/public/locales/el_GR.json b/ui/public/locales/el_GR.json
index d26362907e4..41f42aa537d 100644
--- a/ui/public/locales/el_GR.json
+++ b/ui/public/locales/el_GR.json
@@ -33,10 +33,10 @@
 "label.access.kubernetes.nodes": "Πρόσβαση στους κόμβους Κυβερνητών",
 "label.acl.export": "Εξαγωγή Λίστας Πρόσβασης",
 "label.acl.id": "Αναγνωριστικό Λίστας Πρόσβασης",
-"label.acl.list.rules": "Κανόνες λίστας Πρόσωασης",
+"label.acl.rules": "Κανόνες λίστας Πρόσωασης",
 "label.acl.reason.description": "Εισαγάγετε αιτιολογία για τον κανόνα",
 "label.aclid": "Λίστα πρόσβασης",
-"label.aclname": "Όνομα Λίστας Πρόσβασης",
+"label.acl.rule.name": "Όνομα Λίστας Πρόσβασης",
 "label.acquire.new.ip": "Απόκτηση νέας διεύθυνση IP",
 "label.acquire.new.secondary.ip": "Απόκτηση νέας δευτερεύουσας διεύθυνσης IP",
 "label.acquiring.ip": "Απόδοση IP",
@@ -173,7 +173,7 @@
 "label.action.unmanage.virtualmachine": "Μη διαχείριση εικονικής μηχανής",
 "label.action.update.offering.access": "Ενημέρωση πρόσβασης για προσφορές",
 "label.action.update.resource.count": "Ενημέρωση πλήθους πόρων",
-"label.action.userdata.reset": "Επαναφορά δεδομένων χρήστη",
+"label.action.user.data.reset": "Επαναφορά δεδομένων χρήστη",
 "label.action.vmsnapshot.create": "Λήψη στιγμιότυπου εικονικής μηχανής",
 "label.action.vmsnapshot.delete": "Διαγραφή στιγμιότυπου εικονικής μηχανής",
 "label.action.vmsnapshot.revert": "Επαναφορά στο στιγμιότυπο εικονικής μηχανής",
@@ -183,8 +183,8 @@
 "label.activeviewersessions": "Ενεργές περίοδοι λειτουργίας",
 "label.add": "Προσθήκη",
 "label.add.account": "Προσθήκη λογαριασμού",
-"label.add.acl": "Προσθήκη εγγραφής στην λίστα πρόσβασης",
-"label.add.acl.list": "Προσθήκη λίστας πρόσβασης",
+"label.add.acl.rule": "Προσθήκη εγγραφής στην λίστα πρόσβασης",
+"label.add.acl": "Προσθήκη λίστας πρόσβασης",
 "label.add.affinity.group": "Προσθήκη νέας ομάδας συνάφειας",
 "label.add.baremetal.dhcp.device": "Προσθήκη συσκευής DHCP baremetal",
 "label.add.bigswitchbcf.device": "Προσθήκη ελεγκτή BCF BigSwitch",
@@ -209,12 +209,12 @@
 "label.add.isolated.network": "Προσθήκη απομονωμένου δικτύου",
 "label.add.kubernetes.cluster": "Προσθήκη ομάδας Κυβερνητών",
 "label.add.ldap.account": "Προσθήκη λογαριασμού LDAP",
-"label.add.list.name": "Όνομα λίστας Πρόσβασης",
+"label.add.acl.name": "Όνομα λίστας Πρόσβασης",
 "label.add.more": "Προσθήκη περισσότερων",
 "label.add.netscaler.device": "Προσθήκη συσκευής Netsccaler",
 "label.add.network": "Προσθήκη δικτύου",
 "label.add.network.acl": "Προσθήκη εγγραφής πρόσβασης δικτύου",
-"label.add.network.acl.list": "Προσθήκη λίστας πρόσβασης δικτύου",
+"label.add.network.acl": "Προσθήκη λίστας πρόσβασης δικτύου",
 "label.add.network.offering": "Προσθήκη προσφοράς υπηρεσίας δικτύου",
 "label.add.network.permission": "Προσθήκη δικαιωμάτων δικτύου",
 "label.add.new.gateway": "Προσθήκη νέας πύλης",
@@ -516,7 +516,7 @@
 "label.default.view": "Προεπιλεγμένη προβολή",
 "label.defaultnetwork": "Προεπιλεγμένο δίκτυο",
 "label.delete": "Διαγραφή",
-"label.delete.acl.list": "Διαγραφή λίστας πρόσβασης",
+"label.delete.acl": "Διαγραφή λίστας πρόσβασης",
 "label.delete.affinity.group": "Διαγραφή ομάδας συνάφειας",
 "label.delete.alerts": "Διαγραφή ειδοποιήσεων",
 "label.delete.backup": "Διαγραφή αντιγράφου ασφαλείας",
@@ -649,7 +649,7 @@
 "label.dynamicscalingenabled": "Δυναμική αναπροσαρμογή Ενεργοποίημένη",
 "label.dynamicscalingenabled.tooltip": "Η εικονική μηχανή μπορεί να αναπροσαρμόζεται δυναμικά μόνο αν το πρότυπο, η προσφερόμενη υπηρεσία και οι γενικές ρυθμίσεις έχουν την επιλογή δυναμικής αναπροσαρμογής ενεργοποιήμενη.",
 "label.edit": "Επεξεργασία",
-"label.edit.acl.list": "Επεξεργασία λίστας Πρόσβασης",
+"label.edit.acl": "Επεξεργασία λίστας Πρόσβασης",
 "label.edit.acl.rule": "Επεξεργασία κανόνα Λίστας Πρόσβασης",
 "label.edit.project.details": "Επεξεργασία λεπτομερειών έργου",
 "label.edit.project.role": "Επεξεργασία ρόλου έργου",
@@ -1142,7 +1142,7 @@
 "label.netscaler.vpx": "Εξισορρόπηση φόρτου VPX του NetScaler",
 "label.network": "Δίκτυο",
 "label.network.acl": "ACL δικτύου",
-"label.network.acl.lists": "Λίστες Λίστα Πρόσβασης δικτύου",
+"label.network.acls": "Λίστες Λίστα Πρόσβασης δικτύου",
 "label.network.addvm": "Προσθήκη δικτύου για την εικονική μηχανή",
 "label.network.addvm": "Προσθήκη δικτύου σε εικονική μηχανή",
 "label.network.desc": "Δίκτυο Desc",
@@ -1436,7 +1436,6 @@
 "label.remove.vpc.offering": "Κατάργηση προσφοράς υπηρεσίας Εικον. Ιδιωτ. Νέφους",
 "label.removing": "Αφαίρεση",
 "label.replace.acl": "Αντικατάσταση λίστας Πρόσβασης",
-"label.replace.acl.list": "Αντικατάσταση λίστας Πρόσβασης",
 "label.report.bug": "Θέμα αναφοράς",
 "label.required": "Απαιτείται",
 "label.requireshvm": "HVM",
@@ -1455,7 +1454,7 @@
 "label.reset.config.value": "Επαναφορά στις τιμές προεπιλογής",
 "label.reset.ssh.key.pair": "Επαναφορά ζεύγους κλειδιών SSH",
 "label.reset.to.default": "Επαναφορά στην τιμή προεπιλογής",
-"label.reset.userdata.on.vm": "Επαναφορά δεδομένων χρήστη της εικονικής μηχανής",
+"label.reset.user.data.on.vm": "Επαναφορά δεδομένων χρήστη της εικονικής μηχανής",
 "label.reset.vpn.connection": "Επαναφορά σύνδεσης Εικον. Ιδιωτ. Δικτύου",
 "label.resource": "Πόρος",
 "label.resource.limit.exceeded": "Υπέρβαση ορίου πόρων",
@@ -1811,19 +1810,17 @@
 "label.usenewdiskoffering": "Αντικατάσταση προσφοράς υπηρεσίας δίσκου;",
 "label.user": "Χρήστη",
 "label.user.conflict": "Σύγκρουση",
-"label.user.data": "Δεδομένα χρηστών",
-"label.userdata": "Δεδομένα χρήστη",
-"label.userdata.do.append": "Πρόσθεση δεδομένων χρήστη",
-"label.userdata.do.override": "Παράκαμψη δεδομένων χρήστη",
-"label.userdata.registered": "Εγγεγραμένα δεδομένα χρήστη",
-"label.userdata.text": "Κείμενο δεδομένων χρήστη",
-"label.userdatadetails": "Λεπτομέρειες δεδομένων χρήστη",
-"label.userdataid": "Αναγνωριστικό δεδομένων χρήστη",
-"label.userdatal2": "Δεδομένα χρήστη",
-"label.userdataname": "Όνομα δεδομένων χρήστη",
-"label.userdataparams": "Παράμετροι δεδομένων χρήστη",
-"label.userdatapolicy": "Συνδεμένες πολιτικές δεδομένων χρήστη",
-"label.userdatapolicy.tooltip": "Τα δεδομένα χρήστη που έχουν συνδεθεί στο πρότυπο μπορούν να παρακαμφθούν απο τα δεδομένα χρηστών που ορίστηκαν κατα την δημιουργία της vm. Διαλέξτε την πολιτική παράκαμψης ανάλογα με τις απαιτήσεις.",
+"label.user.data": "Δεδομένα χρήστη",
+"label.user.data.do.append": "Πρόσθεση δεδομένων χρήστη",
+"label.user.data.do.override": "Παράκαμψη δεδομένων χρήστη",
+"label.user.data.registered": "Εγγεγραμένα δεδομένα χρήστη",
+"label.user.data.text": "Κείμενο δεδομένων χρήστη",
+"label.user.data.details": "Λεπτομέρειες δεδομένων χρήστη",
+"label.user.data.id": "Αναγνωριστικό δεδομένων χρήστη",
+"label.user.data.name": "Όνομα δεδομένων χρήστη",
+"label.user.data.params": "Παράμετροι δεδομένων χρήστη",
+"label.user.data.policy": "Συνδεμένες πολιτικές δεδομένων χρήστη",
+"label.user.data.policy.tooltip": "Τα δεδομένα χρήστη που έχουν συνδεθεί στο πρότυπο μπορούν να παρακαμφθούν απο τα δεδομένα χρηστών που ορίστηκαν κατα την δημιουργία της vm. Διαλέξτε την πολιτική παράκαμψης ανάλογα με τις απαιτήσεις.",
 "label.username": "Όνομα χρήστη",
 "label.users": "Χρήστες",
 "label.usersource": "Τύπος χρήστη",
@@ -2116,7 +2113,7 @@
 "message.confirm.attach.disk": "Είστε βέβαιοι ότι θέλετε να επισυνάψετε το δίσκο;",
 "message.confirm.change.offering.for.volume": "Παρακαλώ επιβεβαιώστε ότι επιθυμείτε την αλλαγή της προσφοράς δίσκου για αυτόν τον τόμο",
 "message.confirm.configure.ovs": "Είστε βέβαιοι ότι θέλετε να ρυθμίσετε τις παραμέτρους του Ovs;",
-"message.confirm.delete.acl.list": "Είστε βέβαιοι ότι θέλετε να διαγράψετε αυτήν τη λίστα Λίστα Πρόσβασης;",
+"message.confirm.delete.acl": "Είστε βέβαιοι ότι θέλετε να διαγράψετε αυτήν τη λίστα Λίστα Πρόσβασης;",
 "message.confirm.delete.bigswitchbcf": "Επιβεβαιώστε ότι θέλετε να διαγράψετε αυτόν τον ελεγκτή BigSwitch BCF",
 "message.confirm.delete.brocadevcs": "Επιβεβαιώστε ότι θέλετε να διαγράψετε το εναλλάκτη Brocade Vcs",
 "message.confirm.delete.ciscoasa1000v": "Παρακαλώ επιβεβαιώστε ότι θέλετε να διαγράψετε CiscoASA1000v",
@@ -2350,7 +2347,7 @@
 "message.error.upload.template": "Η αποστολή του προτύπου απέτυχε",
 "message.error.upload.template.description": "Μόνο ένα πρότυπο μπορεί να αποσταλεί κάθε φορά",
 "message.error.url": "Πληκτρολογήστε διεύθυνση URL",
-"message.error.userdata": "Εισάγωγή δεδομένων χρηστών",
+"message.error.user.data": "Εισάγωγή δεδομένων χρηστών",
 "message.error.username": "Εισάγετε το όνομα χρήστη σας",
 "message.error.valid.iops.range": "Εισαγεται ένα σωστό εύρος εργασίων εισαγ./εξαγ ανα δευτ.",
 "message.error.vcenter.datacenter": "Πληκτρολογήστε vCenter Datacenter",
diff --git a/ui/public/locales/en.json b/ui/public/locales/en.json
index cb19eb4bdc4..c36b96cc961 100644
--- a/ui/public/locales/en.json
+++ b/ui/public/locales/en.json
@@ -1,23 +1,23 @@
 {
 "message.delete.account.not.disabled": "Please disable the account before attempting to delete it.",
-"alert.service.domainrouter": "Domain router",
+"alert.service.domainrouter": "Domain Router",
 "error.dedicate.bgp.peer.failed":"Failed to dedicate BGP peer",
-"error.dedicate.cluster.failed": "Failed to dedicate cluster.",
-"error.dedicate.host.failed": "Failed to dedicate host.",
+"error.dedicate.cluster.failed": "Failed to dedicate Cluster.",
+"error.dedicate.host.failed": "Failed to dedicate Host.",
 "error.dedicate.ipv4.subnet.failed": "Failed to dedicate IPv4 subnet.",
-"error.dedicate.pod.failed": "Failed to dedicate pod.",
-"error.dedicate.zone.failed": "Failed to dedicate zone.",
+"error.dedicate.pod.failed": "Failed to dedicate Pod.",
+"error.dedicate.zone.failed": "Failed to dedicate Zone.",
 "error.empty.counter.operator.threshold": "Either Counter, Operator or Threshold is empty",
 "error.execute.api.failed": "Failed to execute API.",
 "error.fetching.async.job.result": "Error encountered while fetching async job result.",
 "error.form.message": "There are errors in the form. Please fix them.",
 "error.password.not.match": "The password fields do not match",
 "error.release.dedicate.bgp.peer": "Failed to release dedicated BGP peer.",
-"error.release.dedicate.cluster": "Failed to release dedicated cluster.",
+"error.release.dedicate.cluster": "Failed to release dedicated Cluster.",
 "error.release.dedicate.host": "Failed to release dedicated host.",
 "error.release.dedicate.ipv4.subnet": "Failed to release dedicated IPv4 subnet.",
-"error.release.dedicate.pod": "Failed to release dedicated pod.",
-"error.release.dedicate.zone": "Failed to release dedicated zone.",
+"error.release.dedicate.pod": "Failed to release dedicated Pod.",
+"error.release.dedicate.zone": "Failed to release dedicated Zone.",
 "error.unable.to.add.setting.extraconfig": "It is not allowed to add setting for extraconfig. Please update VirtualMachine with extraconfig parameter.",
 "error.unable.to.proceed": "Unable to proceed. Please contact your administrator.",
 "firewall.close": "Firewall",
@@ -30,9 +30,9 @@
 "label.accept.project.invitation": "Accept project invitation",
 "label.access": "Access",
 "label.access.kubernetes.nodes": "Access Kubernetes nodes",
-"label.accesskey": "Access key",
-"label.access.key": "Access key",
-"label.secret.key": "Secret key",
+"label.accesskey": "Access Key",
+"label.access.key": "Access Key",
+"label.secret.key": "Secret Key",
 "label.apikeyaccess": "Api Key Access",
 "label.account": "Account",
 "label.account.and.security.group": "Account - security group",
@@ -42,18 +42,18 @@
 "label.accounts": "Accounts",
 "label.accountstate": "Account state",
 "label.accounttype": "Account type",
-"label.acl.export": "Export ACLs",
+"label.acl.export": "Export ACL rules",
 "label.acl.id": "ACL ID",
-"label.acl.list.rules": "ACL list rules",
+"label.acl.rules": "ACL rules",
 "label.acl.reason.description": "Enter the reason behind an ACL rule.",
 "label.aclid": "ACL",
-"label.aclname": "ACL name",
+"label.acl.rule.name": "ACL rule name",
 "label.acquire.new.ip": "Acquire new IP",
 "label.acquire.new.secondary.ip": "Acquire new secondary IP",
 "label.acquiring.ip": "Acquiring IP",
 "label.associated.resource": "Associated resource",
 "label.action": "Action",
-"label.action.attach.disk": "Attach disk",
+"label.action.attach.disk": "Attach Disk",
 "label.action.attach.iso": "Attach ISO",
 "label.action.attach.to.instance": "Attach to Instance",
 "label.action.bulk.delete.egress.firewall.rules": "Bulk delete egress firewall rules",
@@ -63,92 +63,92 @@
 "label.action.bulk.delete.load.balancer.rules": "Bulk delete load balancer rules",
 "label.action.bulk.delete.portforward.rules": "Bulk delete port forward rules",
 "label.action.bulk.delete.routing.firewall.rules": "Bulk remove IPv4 Routing firewall rules",
-"label.action.bulk.delete.snapshots": "Bulk delete snapshots",
+"label.action.bulk.delete.snapshots": "Bulk delete Snapshots",
 "label.action.bulk.delete.templates": "Bulk delete Templates",
 "label.action.bulk.release.public.ip.address": "Bulk release public IP addresses",
 "label.action.cancel.maintenance.mode": "Cancel maintenance mode",
 "label.action.change.password": "Change password",
 "label.action.clear.webhook.deliveries": "Clear deliveries",
 "label.action.delete.webhook.deliveries": "Delete deliveries",
-"label.action.change.primary.storage.scope": "Change primary storage scope",
+"label.action.change.primary.storage.scope": "Change Primary Storage scope",
 "label.action.configure.stickiness": "Stickiness",
 "label.action.copy.iso": "Copy ISO",
 "label.action.copy.snapshot": "Copy Snapshot",
 "label.action.copy.template": "Copy Template",
 "label.action.create.snapshot.from.vmsnapshot": "Create Snapshot from Instance Snapshot",
 "label.action.create.template.from.volume": "Create Template from volume",
-"label.action.create.volume": "Create volume",
+"label.action.create.volume": "Create Volume",
 "label.action.create.volume.add": "Create and Add Volume",
 "label.action.delete.account": "Delete Account",
 "label.action.delete.backup.offering": "Delete backup offering",
-"label.action.delete.cluster": "Delete cluster",
-"label.action.delete.domain": "Delete domain",
-"label.action.delete.egress.firewall": "Delete egress firewall rule",
-"label.action.delete.firewall": "Delete firewall rule",
+"label.action.delete.cluster": "Delete Cluster",
+"label.action.delete.domain": "Delete Domain",
+"label.action.delete.egress.firewall": "Delete Egress Firewall Rule",
+"label.action.delete.firewall": "Delete Firewall Rule",
 "label.action.delete.interface.static.route": "Remove Tungsten Fabric interface static route",
-"label.action.delete.guest.os": "Delete guest os",
-"label.action.delete.guest.os.hypervisor.mapping": "Delete guest os hypervisor mapping",
+"label.action.delete.guest.os": "Delete guest OS",
+"label.action.delete.guest.os.hypervisor.mapping": "Delete guest OS hypervisor mapping",
 "label.action.delete.ip.range": "Delete IP range",
 "label.action.delete.iso": "Delete ISO",
-"label.action.delete.load.balancer": "Delete load balancer rule",
+"label.action.delete.load.balancer": "Delete Load Balancer Rule",
 "label.action.delete.network": "Delete Network",
 "label.action.delete.network.static.route": "Remove Tungsten Fabric Network static route",
 "label.action.delete.network.permission": "Delete Network permission",
-"label.action.delete.node": "Delete node",
+"label.action.delete.node": "Delete Node",
 "label.action.delete.oauth.provider": "Delete OAuth provider",
 "label.action.delete.physical.network": "Delete physical Network",
 "label.action.delete.pod": "Delete Pod",
-"label.action.delete.primary.storage": "Delete primary storage",
+"label.action.delete.primary.storage": "Delete Primary Storage",
 "label.action.delete.routing.firewall.rule": "Delete IPv4 Routing firewall rule",
-"label.action.delete.secondary.storage": "Delete secondary storage",
-"label.action.delete.security.group": "Delete security group",
+"label.action.delete.secondary.storage": "Delete Secondary Storage",
+"label.action.delete.security.group": "Delete Security Group",
 "label.action.delete.snapshot": "Delete Snapshot",
 "label.action.delete.template": "Delete Template",
 "label.action.delete.tungsten.router.table": "Remove Tungsten Fabric route table from Network",
 "label.action.delete.user": "Delete User",
-"label.action.delete.volume": "Delete volume",
-"label.action.delete.zone": "Delete zone",
+"label.action.delete.volume": "Delete Volume",
+"label.action.delete.zone": "Delete Zone",
 "label.action.destroy.instance": "Destroy Instance",
-"label.action.destroy.systemvm": "Destroy system VM",
-"label.action.destroy.volume": "Destroy volume",
-"label.action.detach.disk": "Detach disk",
+"label.action.destroy.systemvm": "Destroy System VM",
+"label.action.destroy.volume": "Destroy Volume",
+"label.action.detach.disk": "Detach Disk",
 "label.action.detach.iso": "Detach ISO",
 "label.action.disable.account": "Disable Account",
-"label.action.disable.cluster": "Disable cluster",
-"label.action.disable.disk.offering": "Disable disk offering",
+"label.action.disable.cluster": "Disable Cluster",
+"label.action.disable.disk.offering": "Disable Disk Offering",
 "label.action.disable.physical.network": "Disable physical Network",
-"label.action.disable.pod": "Disable pod",
+"label.action.disable.pod": "Disable Pod",
 "label.action.disable.role": "Disable Role",
 "label.action.disable.static.nat": "Disable static NAT",
-"label.action.disable.service.offering": "Disable service offering",
-"label.action.disable.system.service.offering": "Disable system service offering",
+"label.action.disable.service.offering": "Disable Service Offering",
+"label.action.disable.system.service.offering": "Disable System Service Offering",
 "label.action.disable.user": "Disable User",
-"label.action.disable.zone": "Disable zone",
+"label.action.disable.zone": "Disable Zone",
 "label.action.download.iso": "Download ISO",
 "label.action.download.snapshot": "Download Snapshot",
 "label.action.download.template": "Download Template",
-"label.action.download.volume": "Download volume",
+"label.action.download.volume": "Download Volume",
 "label.action.edit.account": "Edit Account",
-"label.action.edit.domain": "Edit domain",
+"label.action.edit.domain": "Edit Domain",
 "label.action.edit.instance": "Edit Instance",
 "label.action.edit.iso": "Edit ISO",
 "label.action.edit.nfs.options": "Edit NFS mount options",
 "label.action.edit.template": "Edit Template",
-"label.action.edit.zone": "Edit zone",
+"label.action.edit.zone": "Edit Zone",
 "label.action.enable.two.factor.authentication": "Enabled Two factor authentication",
 "label.action.verify.two.factor.authentication": "Verified Two factor authentication",
 "label.action.enable.account": "Enable Account",
-"label.action.enable.cluster": "Enable cluster",
+"label.action.enable.cluster": "Enable Cluster",
 "label.action.enable.disk.offering": "Enable disk offering",
 "label.action.enable.maintenance.mode": "Enable maintenance mode",
 "label.action.enable.physical.network": "Enable physical Network",
-"label.action.enable.pod": "Enable pod",
+"label.action.enable.pod": "Enable Pod",
 "label.action.enable.role": "Enable Role",
-"label.action.enable.service.offering": "Enable service offering",
-"label.action.enable.system.service.offering": "Enable system service offering",
+"label.action.enable.service.offering": "Enable Service Offering",
+"label.action.enable.system.service.offering": "Enable System Service Offering",
 "label.action.enable.static.nat": "Enable static NAT",
 "label.action.enable.user": "Enable User",
-"label.action.enable.zone": "Enable zone",
+"label.action.enable.zone": "Enable Zone",
 "label.action.expunge.instance": "Expunge Instance",
 "label.action.force.reconnect": "Force reconnect",
 "label.action.generate.keys": "Generate keys",
@@ -164,22 +164,22 @@
 "label.action.iso.share": "Update ISO sharing",
 "label.action.lock.account": "Lock Account",
 "label.action.lock.user": "Lock User",
-"label.action.manage.cluster": "Manage cluster",
-"label.action.migrate.router": "Migrate router",
+"label.action.manage.cluster": "Manage Cluster",
+"label.action.migrate.router": "Migrate Router",
 "label.action.migrate.systemvm": "Migrate System VM",
-"label.action.migrate.systemvm.to.ps": "Migrate System VM to another primary storage",
-"label.action.patch.systemvm": "Patch system VM",
+"label.action.migrate.systemvm.to.ps": "Migrate System VM to another Primary Storage",
+"label.action.patch.systemvm": "Patch System VM",
 "label.action.patch.systemvm.vpc": "Patch System VM - VPC Router",
 "label.action.patch.systemvm.processing": "Patching System VM....",
-"label.action.project.add.account": "Add Account to project",
-"label.action.project.add.user": "Add User to project",
+"label.action.project.add.account": "Add Account to Project",
+"label.action.project.add.user": "Add User to Project",
 "label.action.quota.tariff.create": "Create Quota Tariff",
 "label.action.quota.tariff.edit": "Edit Quota Tariff",
 "label.action.quota.tariff.remove": "Remove Quota Tariff",
 "label.action.reboot.instance": "Reboot Instance",
-"label.action.reboot.router": "Reboot router",
+"label.action.reboot.router": "Reboot Router",
 "label.action.reboot.systemvm": "Reboot System VM",
-"label.action.recover.volume": "Recover volume",
+"label.action.recover.volume": "Recover Volume",
 "label.action.resize.sharedfs": "Resize Shared FileSystem",
 "label.action.restart.sharedfs": "Restart Shared FileSystem",
 "label.action.recurring.snapshot": "Recurring Snapshots",
@@ -189,7 +189,7 @@
 "label.action.release.asnumber": "Release AS Number",
 "label.action.release.ip": "Release IP",
 "label.action.release.reserved.ip": "Release reserved IP",
-"label.action.remove.host": "Remove host",
+"label.action.remove.host": "Remove Host",
 "label.action.remove.logical.router": "Remove Logical Router",
 "label.action.remove.network.policy": "Remove Network Policy",
 "label.action.remove.router.table.from.interface": "Remove Tungsten Fabric route table from interface",
@@ -198,36 +198,36 @@
 "label.action.reserve.ip": "Reserve Public IP",
 "label.action.reset.network.permissions": "Reset Network permissions",
 "label.action.reset.password": "Reset password",
-"label.action.resize.volume": "Resize volume",
+"label.action.resize.volume": "Resize Volume",
 "label.action.revert.snapshot": "Revert to Snapshot",
 "label.action.router.health.checks": "Get health checks result",
-"label.action.run.diagnostics": "Run diagnostics",
+"label.action.run.diagnostics": "Run Diagnostics",
 "label.action.secure.host": "Provision host security keys",
 "label.action.set.as.source.nat.ip": "make source NAT",
 "label.action.setup.2FA.user.auth": "Setup User Two Factor Authentication",
 "label.action.start.sharedfs": "Start Shared FileSystem",
 "label.action.start.instance": "Start Instance",
-"label.action.start.router": "Start router",
-"label.action.start.systemvm": "Start system VM",
+"label.action.start.router": "Start Router",
+"label.action.start.systemvm": "Start System VM",
 "label.action.stop.sharedfs": "Stop Shared FileSystem",
 "label.action.stop.instance": "Stop Instance",
-"label.action.stop.router": "Stop router",
-"label.action.stop.systemvm": "Stop system VM",
+"label.action.stop.router": "Stop Router",
+"label.action.stop.systemvm": "Stop System VM",
 "label.action.take.snapshot": "Take Snapshot",
 "label.action.template.permission": "Update Template permissions",
 "label.action.template.share": "Update Template sharing",
-"label.action.unmanage.cluster": "Unmanage cluster",
+"label.action.unmanage.cluster": "Unmanage Cluster",
 "label.action.unmanage.instance": "Unmanage Instance",
 "label.action.unmanage.instances": "Unmanage Instances",
 "label.action.unmanage.virtualmachine": "Unmanage Instance",
 "label.action.unmanage.volume": "Unmanage Volume",
 "label.action.unmanage.volumes": "Unmanage Volumes",
-"label.action.update.host": "Update host",
+"label.action.update.host": "Update Host",
 "label.action.update.security.groups": "Update security groups",
 "label.action.update.offering.access": "Update offering access",
 "label.action.update.resource.count": "Update resource count",
 "label.action.value": "Action/Value",
-"label.action.userdata.reset": "Reset Userdata",
+"label.action.user.data.reset": "Reset User Data",
 "label.action.vmsnapshot.create": "Take Instance Snapshot",
 "label.action.vmsnapshot.delete": "Delete Instance Snapshot",
 "label.action.vmsnapshot.revert": "Revert to Instance Snapshot",
@@ -238,73 +238,72 @@
 "label.activeviewersessions": "Active sessions",
 "label.add": "Add",
 "label.add.account": "Add Account",
+"label.add.acl.rule": "Add ACL rule",
 "label.add.acl": "Add ACL",
-"label.add.acl.list": "Add ACL list",
-"label.add.affinity.group": "Add new affinity group",
+"label.add.affinity.group": "Add new Affinity Group",
 "label.add.baremetal.dhcp.device": "Add bare metal DHCP device",
-"label.add.bgp.peer": "Add BGP peer",
-"label.add.bigswitchbcf.device": "Add BigSwitch BCF controller",
+"label.add.bgp.peer": "Add BGP Peer",
+"label.add.bigswitchbcf.device": "Add BigSwitch BCF Controller",
 "label.add.brocadevcs.device": "Add Brocade Vcs Switch",
 "label.add.by": "Add by",
 "label.add.certificate": "Add certificate",
 "label.add.ciscoasa1000v": "Add CiscoASA1000v resource",
-"label.add.cluster": "Add cluster",
-"label.add.compute.offering": "Add compute offering",
+"label.add.cluster": "Add Cluster",
+"label.add.compute.offering": "Add Compute Offering",
 "label.add.condition": "Add condition",
-"label.add.disk.offering": "Add disk offering",
-"label.add.domain": "Add domain",
-"label.add.egress.rule": "Add egress rule",
+"label.add.disk.offering": "Add Disk Offering",
+"label.add.domain": "Add Domain",
+"label.add.egress.rule": "Add Egress Rule",
 "label.add.f5.device": "Add F5 device",
-"label.add.firewall": "Add firewall rule",
+"label.add.firewall": "Add Firewall Rule",
 "label.add.firewallrule": "Add Firewall Rule",
-"label.add.guest.network": "Add guest Network",
-"label.add.guest.os": "Add guest os",
+"label.add.guest.network": "Add Guest Network",
+"label.add.guest.os": "Add Guest OS",
 "label.add.guest.os.hypervisor.mapping": "Add guest os hypervisor mapping",
-"label.add.host": "Add host",
-"label.add.ingress.rule": "Add ingress rule",
+"label.add.host": "Add Host",
+"label.add.ingress.rule": "Add Ingress Rule",
 "label.add.intermediate.certificate": "Add intermediate certificate",
 "label.add.internal.lb": "Add internal LB",
-"label.add.ip.range": "Add IP range",
-"label.add.ipv4.subnet": "Add IPv4 subnet for Routed networks",
+"label.add.ip.range": "Add IP Range",
+"label.add.ipv4.subnet": "Add IPv4 Subnet for Routed Networks",
 "label.add.ip.v6.prefix": "Add IPv6 prefix",
-"label.add.isolated.network": "Add isolated Network",
-"label.add.kubernetes.cluster": "Add Kubernetes cluster",
+"label.add.isolated.network": "Add Isolated Network",
+"label.add.kubernetes.cluster": "Add Kubernetes Cluster",
+"label.add.acl.name": "ACL name",
 "label.add.ldap.account": "Add LDAP Account",
-"label.add.list.name": "ACL List name",
 "label.add.logical.router": "Add Logical Router to this Network",
 "label.add.more": "Add more",
-"label.add.netscaler.device": "Add Netscaler device",
+"label.add.netscaler.device": "Add Netscaler Device",
 "label.add.network": "Add Network",
 "label.add.network.acl": "Add Network ACL",
-"label.add.network.acl.list": "Add Network ACL list",
-"label.add.network.offering": "Add Network offering",
+"label.add.network.offering": "Add Network Offering",
 "label.add.network.permission": "Add Network permission",
-"label.add.new.gateway": "Add new gateway",
+"label.add.new.gateway": "Add new Gateway",
 "label.add.new.tier": "Add new Network Tier",
 "label.add.niciranvp.device": "Add Nvp controller",
 "label.add.note": "Add comment",
 "label.add.opendaylight.device": "Add OpenDaylight controller",
 "label.add.pa.device": "Add Palo Alto device",
 "label.add.param": "Add param",
-"label.add.physical.network": "Add physical Network",
-"label.add.pod": "Add pod",
+"label.add.physical.network": "Add Physical Network",
+"label.add.pod": "Add Pod",
 "label.add.prefix": "Add prefix",
 "label.add.policy": "Add policy",
-"label.add.primary.storage": "Add primary storage",
-"label.add.private.gateway": "Add private gateway",
-"label.add.resources": "Add resources",
-"label.add.role": "Add role",
-"label.add.route": "Add route",
-"label.add.router.table.to.instance": "Add router table to this Instance",
-"label.add.routing.policy": "Add routing policy",
-"label.add.rule": "Add rule",
-"label.add.secondary.ip": "Add secondary IP",
-"label.add.secondary.storage": "Add secondary storage",
-"label.add.security.group": "Add security group",
+"label.add.primary.storage": "Add Primary Storage",
+"label.add.private.gateway": "Add Private Gateway",
+"label.add.resources": "Add Resources",
+"label.add.role": "Add Role",
+"label.add.route": "Add Route",
+"label.add.router.table.to.instance": "Add Router Table to this Instance",
+"label.add.routing.policy": "Add Routing Policy",
+"label.add.rule": "Add Rule",
+"label.add.secondary.ip": "Add Secondary IP",
+"label.add.secondary.storage": "Add Secondary Storage",
+"label.add.security.group": "Add Security Group",
 "label.add.setting": "Add setting",
-"label.add.srx.device": "Add SRX device",
-"label.add.static.route": "Add static route",
-"label.add.system.service.offering": "Add system service offering",
+"label.add.srx.device": "Add SRX Device",
+"label.add.static.route": "Add Static Route",
+"label.add.system.service.offering": "Add System Service Offering",
 "label.add.term.then": "Add term",
 "label.add.traffic": "Add traffic",
 "label.add.traffic.type": "Add traffic type",
@@ -328,24 +327,24 @@
 "label.add.upstream.ipv6.routes": "Add upstream IPv6 routes",
 "label.add.vm": "Add Instance",
 "label.add.vms": "Add Instances",
-"label.add.vmware.datacenter": "Add VMware datacenter",
-"label.add.vnmc.device": "Add VNMC device",
+"label.add.vmware.datacenter": "Add VMware Datacenter",
+"label.add.vnmc.device": "Add VNMC Device",
 "label.add.vpc": "Add VPC",
-"label.add.vpc.offering": "Add VPC offering",
-"label.add.vpn.customer.gateway": "Add VPN customer gateway",
-"label.add.vpn.gateway": "Add VPN gateway",
+"label.add.vpc.offering": "Add VPC Offering",
+"label.add.vpn.customer.gateway": "Add VPN Customer Gateway",
+"label.add.vpn.gateway": "Add VPN Gateway",
 "label.add.vpn.user": "Add VPN User",
-"label.add.zone": "Add zone",
+"label.add.zone": "Add Zone",
 "label.adding": "Adding",
 "label.adding.user": "Adding User...",
 "label.address": "Address",
 "label.address.group": "Address group",
-"label.admin": "Domain admin",
+"label.admin": "Domain Admin",
 "label.advanced": "Advanced",
 "label.advanced.mode": "Advanced mode",
 "label.affinity": "Affinity",
-"label.affinity.groups": "Affinity groups",
-"label.affinitygroup": "Affinity group",
+"label.affinity.groups": "Affinity Groups",
+"label.affinitygroup": "Affinity Group",
 "label.agentcount": "Number Of connected agents",
 "label.agent.password": "Agent password",
 "label.agent.username": "Agent username",
@@ -359,7 +358,7 @@
 "label.all": "All",
 "label.all.available.data": "All available data",
 "label.all.ipv6": "All IPv6",
-"label.all.zone": "All zones",
+"label.all.zone": "All Zones",
 "label.allocated": "Allocated",
 "label.allocatedonly": "Allocated",
 "label.allocationstate": "Allocation state",
@@ -428,13 +427,13 @@
 "label.backup.configure.schedule": "Configure Backup Schedule",
 "label.backup.offering.assign": "Assign Instance to backup offering",
 "label.backup.offering.remove": "Remove Instance from backup offering",
-"label.backup.offerings": "Backup offerings",
+"label.backup.offerings": "Backup Offerings",
 "label.backup.repository": "Backup Repository",
 "label.backup.restore": "Restore Instance backup",
-"label.backupofferingid": "Backup offering",
-"label.backupofferingname": "Backup offering",
-"label.backup.repository.add": "Add backup repository",
-"label.backup.repository.remove": "Remove backup repository",
+"label.backupofferingid": "Backup Offering",
+"label.backupofferingname": "Backup Offering",
+"label.backup.repository.add": "Add Backup Repository",
+"label.backup.repository.remove": "Remove Backup Repository",
 "label.balance": "Balance",
 "label.bandwidth": "Bandwidth",
 "label.baremetal.dhcp.devices": "Bare metal DHCP devices",
@@ -464,12 +463,12 @@
 "label.browser": "Browser",
 "label.bucket": "Bucket",
 "label.by.account": "By Account",
-"label.by.domain": "By domain",
+"label.by.domain": "By Domain",
 "label.by.level": "By level",
-"label.by.pod": "By pod",
+"label.by.pod": "By Pod",
 "label.by.state": "By state",
 "label.by.type": "By type",
-"label.by.zone": "By zone",
+"label.by.zone": "By Zone",
 "label.bypassvlanoverlapcheck": "Bypass VLAN id/range overlap",
 "label.cachemode": "Write-cache type",
 "label.cancel": "Cancel",
@@ -536,8 +535,8 @@
 "label.community": "Community",
 "label.complete": "Complete",
 "label.compute": "Compute",
-"label.compute.offerings": "Compute offerings",
-"label.compute.offering.for.sharedfs.instance": "Compute offering for Instance",
+"label.compute.offerings": "Compute Offerings",
+"label.compute.offering.for.sharedfs.instance": "Compute Offering for Instance",
 "label.computeonly.offering": "Compute only disk offering",
 "label.computeonly.offering.tooltip": "Option to specify root disk related information in the compute offering or to directly link a disk offering to the compute offering",
 "label.conditions": "Conditions",
@@ -555,7 +554,7 @@
 "label.confirm.delete.loadbalancer.rules": "Please confirm you wish to delete the selected load balancing rules.",
 "label.confirm.delete.portforward.rules": "Please confirm you wish to delete the selected port-forward rules.",
 "label.confirm.delete.routing.firewall.rules": "Please confirm you wish to delete the selected IPv4 Routing firewall rules",
-"label.confirm.delete.snapshot.zones": "Please confirm you wish to delete the Snapshot in the selected zones.",
+"label.confirm.delete.snapshot.zones": "Please confirm you wish to delete the Snapshot in the selected Zones.",
 "label.confirm.delete.templates": "Please confirm you wish to delete the selected Templates.",
 "label.confirm.delete.tungsten.address.group": "Please confirm that you would like to delete this Address Group",
 "label.confirm.delete.tungsten.firewall.policy": "Please confirm that you would like to delete this Firewall Policy",
@@ -590,11 +589,11 @@
 "label.copyid": "Copy ID",
 "label.copy.password": "Copy password",
 "label.core": "Core",
-"label.core.zone.type": "Core zone type",
+"label.core.zone.type": "Core Zone type",
 "label.counter": "Counter",
 "label.counter.name": "Name of the counter for which the policy will be evaluated",
 "label.cpu": "CPU",
-"label.cpu.sockets": "CPU sockets",
+"label.cpu.sockets": "CPU Sockets",
 "label.cpu.usage.info": "CPU usage information",
 "label.cpuallocated": "CPU allocated for Instances",
 "label.cpuallocatedghz": "CPU allocated",
@@ -609,19 +608,19 @@
 "label.cpuused": "CPU utilized",
 "label.cpuusedghz": "CPU used",
 "label.create": "Create",
-"label.create.instance": "Create cloud server",
+"label.create.instance": "Create Cloud Server",
 "label.create.account": "Create Account",
 "label.create.asnrange": "Create AS Range",
-"label.create.backup": "Start backup",
+"label.create.backup": "Start Backup",
 "label.create.sharedfs": "Create Shared FileSystem",
 "label.create.network": "Create new Network",
 "label.create.nfs.secondary.staging.storage": "Create NFS secondary staging storage",
-"label.create.project": "Create project",
-"label.create.project.role": "Create project role",
+"label.create.project": "Create Project",
+"label.create.project.role": "Create Project Role",
 "label.create.routing.policy": "Create Routing Policy",
 "label.create.site.vpn.connection": "Create site-to-site VPN connection",
 "label.create.site.vpn.gateway": "Create site-to-site VPN gateway",
-"label.create.snapshot.for.volume": "Created Snapshot for volume",
+"label.create.snapshot.for.volume": "Created Snapshot for Volume",
 "label.create.ssh.key.pair": "Create a SSH Key Pair",
 "label.create.template": "Create Template",
 "label.create.tier.aclid.description": "The ACL associated with the Network Tier.",
@@ -642,7 +641,7 @@
 "label.credit": "Credit",
 "label.cron": "Cron expression",
 "label.cron.mode": "Cron mode",
-"label.crosszones": "Cross zones",
+"label.crosszones": "Cross Zones",
 "label.currency": "Currency",
 "label.current": "Current",
 "label.current.storage": "Current storage",
@@ -654,8 +653,8 @@
 "label.daily": "Daily",
 "label.dark.mode": "Dark mode",
 "label.dashboard": "Dashboard",
-"label.data.disk": "Data disk",
-"label.data.disk.offering": "Data disk offering",
+"label.data.disk": "Data Disk",
+"label.data.disk.offering": "Data Disk Offering",
 "label.date": "Date",
 "label.datetime.filter.period": "From <b>{startDate}</b> to <b>{endDate}</b>",
 "label.datetime.filter.starting": "Starting <b>{startDate}</b>.",
@@ -664,19 +663,19 @@
 "label.days": "Days",
 "label.day.of.month": "Day of month",
 "label.day.of.week": "Day of week",
-"label.db.usage.metrics": "DB/Usage server",
+"label.db.usage.metrics": "DB/Usage Server",
 "label.dbislocal": "The db runs locally",
 "label.dc.name": "DC name",
 "label.declare.host.as.degraded": "Declare host as degraded",
 "label.decline.invitation": "Decline invitation",
 "label.dedicate": "Dedicate",
 "label.dedicate.bgp.peer": "Dedicate BGP peer",
-"label.dedicate.cluster": "Dedicate cluster",
-"label.dedicate.host": "Dedicate host",
+"label.dedicate.cluster": "Dedicate Cluster",
+"label.dedicate.host": "Dedicate Host",
 "label.dedicate.ipv4.subnet": "Dedicate IPv4 subnet",
-"label.dedicate.pod": "Dedicate pod",
+"label.dedicate.pod": "Dedicate Pod",
 "label.dedicate.vlan.vni.range": "Dedicate VLAN/VNI range",
-"label.dedicate.zone": "Dedicate zone",
+"label.dedicate.zone": "Dedicate Zone",
 "label.dedicated": "Dedicated",
 "label.dedicated.vlan.vni.ranges": "Dedicated VLAN/VNI ranges",
 "label.dedicatedresources": "Dedicated resources",
@@ -687,7 +686,7 @@
 "label.default.network.guestcidraddress.isolated.network": "Default guest CIDR for Isolated Networks",
 "label.defaultnetwork": "Default Network",
 "label.delete": "Delete",
-"label.delete.acl.list": "Delete ACL list",
+"label.delete.acl": "Delete ACL",
 "label.delete.affinity.group": "Delete affinity group",
 "label.delete.alerts": "Delete alerts",
 "label.delete.asnrange": "Delete AS Range",
@@ -718,13 +717,13 @@
 "label.delete.portforward.rules": "Delete port forward rules",
 "label.delete.project": "Delete project",
 "label.delete.project.role": "Delete project role",
-"label.delete.role": "Delete role",
-"label.delete.rule": "Delete rule",
-"label.delete.setting": "Delete setting",
+"label.delete.role": "Delete Role",
+"label.delete.rule": "Delete Rule",
+"label.delete.setting": "Delete Setting",
 "label.delete.snapshot.policy": "Delete Snapshot policy",
 "label.delete.srx": "Delete SRX",
 "label.delete.sslcertificate": "Delete SSL certificate",
-"label.delete.tag": "Remove tag",
+"label.delete.tag": "Remove Tag",
 "label.delete.term": "Delete term",
 "label.delete.traffic.type": "Delete traffic type",
 "label.delete.tungsten.address.group": "Delete Address Group",
@@ -754,13 +753,13 @@
 "label.deployasis": "Read Instance settings from OVA",
 "label.deploymentplanner": "Deployment planner",
 "label.desc.db.stats": "Database Statistics",
-"label.desc.importexportinstancewizard": "Import and export Instances to/from an existing VMware or KVM cluster.",
+"label.desc.importexportinstancewizard": "Import and export Instances to/from an existing VMware or KVM Cluster.",
 "label.desc.import.ext.kvm.wizard": "Import Instance from remote KVM host",
 "label.desc.import.local.kvm.wizard": "Import QCOW2 image from Local Storage",
 "label.desc.import.shared.kvm.wizard": "Import QCOW2 image from Shared Storage",
 "label.desc.import.unmanage.volume": "Import and unmanage volume on Storage Pools",
 "label.desc.ingesttinstancewizard": "Ingest instances from an external KVM host",
-"label.desc.importmigratefromvmwarewizard": "Import instances from VMware into a KVM cluster",
+"label.desc.importmigratefromvmwarewizard": "Import instances from VMware into a KVM Cluster",
 "label.desc.usage.stats": "Usage Server Statistics",
 "label.description": "Description",
 "label.destaddressgroupuuid": "Destination Address Group",
@@ -795,16 +794,16 @@
 "label.direction": "Direction",
 "label.disable.autoscale.vmgroup": "Disable AutoScaling Group",
 "label.disable.host": "Disable host",
-"label.disable.network.offering": "Disable Network offering",
+"label.disable.network.offering": "Disable Network Offering",
 "label.disable.provider": "Disable provider",
 "label.disable.storage": "Disable storage pool",
-"label.disable.vpc.offering": "Disable VPC offering",
+"label.disable.vpc.offering": "Disable VPC Offering",
 "label.disable.vpn": "Disable remote access VPN",
 "label.disable.webhook": "Disable Webhook",
 "label.disabled": "Disabled",
 "label.disconnected": "Last disconnected",
 "label.disk": "Disk",
-"label.disk.offerings": "Disk offerings",
+"label.disk.offerings": "Disk Offerings",
 "label.disk.path": "Disk Path",
 "label.disk.tooltip": "Disk Image filename in the selected Storage Pool",
 "label.disk.selection": "Disk selection",
@@ -825,9 +824,9 @@
 "label.diskkbswrite": "Disk write (KiB)",
 "label.diskread": "Disk read",
 "label.diskwrite": "Disk write",
-"label.diskoffering": "Disk offering",
-"label.diskofferingdisplaytext": "Disk offering",
-"label.diskofferingid": "Disk offering",
+"label.diskoffering": "Disk Offering",
+"label.diskofferingdisplaytext": "Disk Offering",
+"label.diskofferingid": "Disk Offering",
 "label.disksize": "Disk size (in GB)",
 "label.disksizeallocated": "Disk allocated",
 "label.disksizeallocatedgb": "Allocated",
@@ -848,7 +847,7 @@
 "label.domain": "Domain",
 "label.domain.id": "Domain ID",
 "label.domain.name": "Domain name",
-"label.domain.router": "Domain router",
+"label.domain.router": "Domain Router",
 "label.domain.suffix": "DNS domain suffix (i.e., xyz.com)",
 "label.domainid": "Domain",
 "label.domainname": "Domain",
@@ -888,15 +887,15 @@
 "label.edge.zone": "Edge Zone",
 "label.edit": "Edit",
 "label.edit.account": "Edit Account",
-"label.edit.acl.list": "Edit ACL list",
+"label.edit.acl": "Edit ACL",
 "label.edit.acl.rule": "Edit ACL rule",
 "label.edit.autoscale.vmprofile": "Edit AutoScale Instance Profile",
 "label.edit.project.details": "Edit project details",
 "label.edit.project.role": "Edit project role",
-"label.edit.role": "Edit role",
-"label.edit.rule": "Edit rule",
+"label.edit.role": "Edit Role",
+"label.edit.rule": "Edit Rule",
 "label.edit.secondary.ips": "Edit secondary IPs",
-"label.edit.tags": "Edit tags",
+"label.edit.tags": "Edit Tags",
 "label.edit.traffic.type": "Edit traffic type",
 "label.edit.user": "Edit User",
 "label.egress": "Egress",
@@ -907,11 +906,11 @@
 "label.email": "Email",
 "label.enable.autoscale.vmgroup": "Enable AutoScaling Group",
 "label.enable.host": "Enable Host",
-"label.enable.network.offering": "Enable Network offering",
+"label.enable.network.offering": "Enable Network Offering",
 "label.enable.oauth": "Enable OAuth Login",
 "label.enable.provider": "Enable provider",
-"label.enable.storage": "Enable storage pool",
-"label.enable.vpc.offering": "Enable VPC offering",
+"label.enable.storage": "Enable Storage Pool",
+"label.enable.vpc.offering": "Enable VPC Offering",
 "label.enable.vpn": "Enable remote access VPN",
 "label.enable.webhook": "Enable Webhook",
 "label.enabled": "Enabled",
@@ -996,12 +995,12 @@
 "label.firewall": "Firewall",
 "label.firewall.policy": "Firewall Policy",
 "label.firewallpolicy": "Firewall Policy",
-"label.firewallrule": "Firewall rule",
+"label.firewallrule": "Firewall Rule",
 "label.firewallruleuuid": "Firewall Rule",
 "label.firstname": "First name",
 "label.firstname.lower": "firstname",
 "label.fix.errors": "Fix errors",
-"label.fixed": "Fixed offering",
+"label.fixed": "Fixed Offering",
 "label.for": "for",
 "label.forbidden": "Forbidden",
 "label.forced": "Force",
@@ -1051,7 +1050,7 @@
 "label.guest.netmask": "Guest netmask",
 "label.guest.networks": "Guest Networks",
 "label.guest.os": "Guest OS",
-"label.guest.os.hypervisor.mappings": "Guest OS mappings",
+"label.guest.os.hypervisor.mappings": "Guest OS Mappings",
 "label.guest.start.ip": "Guest start IP",
 "label.guest.traffic": "Guest traffic",
 "label.guestcidraddress": "Guest CIDR",
@@ -1107,7 +1106,7 @@
 "label.hosttags.implicit.description": "The host tags defined by CloudStack Agent",
 "label.hourly": "Hourly",
 "label.hypervisor": "Hypervisor",
-"label.hypervisor.capabilities": "Hypervisor capabilities",
+"label.hypervisor.capabilities": "Hypervisor Capabilities",
 "label.hypervisor.type": "Hypervisor type",
 "label.hypervisors": "Hypervisors",
 "label.hypervisorsnapshotreserve": "Hypervisor Snapshot reserve",
@@ -1129,10 +1128,10 @@
 "label.ikeversion": "IKE version",
 "label.images": "Images",
 "label.imagestoreid": "Secondary Storage",
-"label.import.backup.offering": "Import backup offering",
+"label.import.backup.offering": "Import Backup Offering",
 "label.import.instance": "Import Instance",
-"label.import.offering": "Import offering",
-"label.import.role": "Import role",
+"label.import.offering": "Import Offering",
+"label.import.role": "Import Role",
 "label.import.volume": "Import Volume",
 "label.inactive": "Inactive",
 "label.in.progress": "in progress",
@@ -1146,12 +1145,12 @@
 "label.initial": "Inital",
 "label.initialized": "Initalized",
 "label.insideportprofile": "Inside port profile",
-"label.installwizard.addzoneintro.title": "Let's add a zone",
+"label.installwizard.addzoneintro.title": "Let's add a Zone",
 "label.installwizard.subtitle": "This guide will aid you in setting up your CloudStack™ installation",
 "label.installwizard.title": "Hello and welcome to CloudStack™",
 "label.instance": "Instance",
 "label.instance.conversion.support": "Instance Conversion Supported",
-"label.instance.groups": "Instance groups",
+"label.instance.groups": "Instance Groups",
 "label.instance.name": "Instance name",
 "label.instancename": "Internal name",
 "label.instanceport": "Instance port",
@@ -1273,16 +1272,16 @@
 "label.keyboardtype": "Keyboard type",
 "label.keypair": "SSH key pair",
 "label.keypairs": "SSH key pair(s)",
-"label.kubeconfig.cluster": "Kubernetes cluster config",
+"label.kubeconfig.cluster": "Kubernetes Cluster config",
 "label.kubernetes": "Kubernetes",
-"label.kubernetes.access.details": "The kubernetes nodes can be accessed via ssh using: <br> <code><b> ssh -i [ssh_key] -p [port_number] cloud@[public_ip_address] </b></code> <br><br> where, <br> <code><b>ssh_key:</b></code> points to the ssh private key file corresponding to the key that was associated while creating the Kubernetes cluster. If no ssh key was provided during Kubernetes cluster creation, use the ssh private key of the management server. <br> <code><b>port_number:</b></code> can be obtained from the Port Forwarding Tab (Public Port column)",
-"label.kubernetes.cluster": "Kubernetes cluster",
-"label.kubernetes.cluster.create": "Create Kubernetes cluster",
-"label.kubernetes.cluster.delete": "Delete Kubernetes cluster",
-"label.kubernetes.cluster.scale": "Scale Kubernetes cluster",
-"label.kubernetes.cluster.start": "Start Kubernetes cluster",
-"label.kubernetes.cluster.stop": "Stop Kubernetes cluster",
-"label.kubernetes.cluster.upgrade": "Upgrade Kubernetes cluster",
+"label.kubernetes.access.details": "The kubernetes nodes can be accessed via ssh using: <br> <code><b> ssh -i [ssh_key] -p [port_number] cloud@[public_ip_address] </b></code> <br><br> where, <br> <code><b>ssh_key:</b></code> points to the ssh private key file corresponding to the key that was associated while creating the Kubernetes Cluster. If no ssh key was provided during Kubernetes cluster creation, use the ssh private key of the management server. <br> <code><b>port_number:</b></code> can be obtained from the Port Forwarding Tab (Public Port column)",
+"label.kubernetes.cluster": "Kubernetes Cluster",
+"label.kubernetes.cluster.create": "Create Kubernetes Cluster",
+"label.kubernetes.cluster.delete": "Delete Kubernetes Cluster",
+"label.kubernetes.cluster.scale": "Scale Kubernetes Cluster",
+"label.kubernetes.cluster.start": "Start Kubernetes Cluster",
+"label.kubernetes.cluster.stop": "Stop Kubernetes Cluster",
+"label.kubernetes.cluster.upgrade": "Upgrade Kubernetes Cluster",
 "label.kubernetes.dashboard": "Kubernetes dashboard UI",
 "label.kubernetes.dashboard.create.token": "Create token for Kubernetes dashboard",
 "label.kubernetes.dashboard.create.token.desc": "Since Kubernetes v1.24.0, there is no auto-generation of secret-based service Account token due to security reason. You need to create a service Account and an optional long-lived Bearer Token for the service Account.",
@@ -1312,9 +1311,9 @@
 "label.launch": "Launch",
 "label.launch.vm": "Launch Instance",
 "label.launch.vm.and.stay": "Launch Instance & stay on this page",
-"label.launch.vnf.appliance": "Launch VNF appliance",
-"label.launch.vnf.appliance.and.stay": "Launch VNF appliance & stay on this page",
-"label.launch.zone": "Launch zone",
+"label.launch.vnf.appliance": "Launch VNF Appliance",
+"label.launch.vnf.appliance.and.stay": "Launch VNF Appliance & stay on this page",
+"label.launch.zone": "Launch Zone",
 "label.lb.algorithm.leastconn": "Least connections",
 "label.lb.algorithm.roundrobin": "Round-robin",
 "label.lb.algorithm.source": "Source",
@@ -1327,8 +1326,8 @@
 "label.lbprovider": "Load balancer provider",
 "label.lbruleid": "Load balancer ID",
 "label.lbtype": "Load balancer type",
-"label.ldap.configuration": "LDAP configuration",
-"label.ldap.group.name": "LDAP group",
+"label.ldap.configuration": "LDAP Configuration",
+"label.ldap.group.name": "LDAP Group",
 "label.level": "Level",
 "label.license.agreements": "License agreements",
 "label.limit": "Limit",
@@ -1342,11 +1341,11 @@
 "label.list.ciscoasa1000v": "ASA 1000v",
 "label.list.ciscovnmc": "Cisco VNMC",
 "label.list.nodes": "List nodes",
-"label.list.pods": "List pods",
+"label.list.pods": "List Pods",
 "label.list.services": "List services",
 "label.list.vmware.vcenter.vms": "List VMware Instances",
 "label.livepatch": "Live patch Network's router(s)",
-"label.load.balancer": "Load balancer",
+"label.load.balancer": "Load Balancer",
 "label.loadbalancerinstance": "Assigned Instances",
 "label.loadbalancerrule": "Load balancing rule",
 "label.loadbalancing": "Load balancing",
@@ -1388,8 +1387,8 @@
 "label.managementserverid": "Management server",
 "label.managementservername": "Management server",
 "label.management.ips": "Management IP addresses",
-"label.management.server": "Management server",
-"label.management.servers": "Management servers",
+"label.management.server": "Management Server",
+"label.management.servers": "Management Servers",
 "label.management.server.peers": "Peers",
 "label.managementservers": "Number of management servers",
 "label.matchall": "Match all",
@@ -1402,7 +1401,7 @@
 "label.maxdatavolumeslimit": "Max data volumes limit",
 "label.maxerrorretry": "Max error retry",
 "label.maxguestslimit": "Max guest limit",
-"label.maxhostspercluster": "Max hosts per cluster",
+"label.maxhostspercluster": "Max hosts per Cluster",
 "label.maximum": "Maximum",
 "label.maxinstance": "Max Instances",
 "label.maxiops": "Max IOPS",
@@ -1410,14 +1409,14 @@
 "label.maxmemory": "Max. memory (MiB)",
 "label.maxnetwork": "Max. Networks",
 "label.maxprimarystorage": "Max. primary storage (GiB)",
-"label.maxproject": "Max. projects",
+"label.maxproject": "Max. Projects",
 "label.maxpublicip": "Max. public IPs",
 "label.maxsecondarystorage": "Max. secondary storage (GiB)",
 "label.maxsize": "Maximum size",
 "label.maxsnapshot": "Max. Snapshots",
 "label.maxtemplate": "Max. Templates",
 "label.maxuservm": "Max. User Instances",
-"label.maxvolume": "Max. volumes",
+"label.maxvolume": "Max. Volumes",
 "label.maxvpc": "Max. VPCs",
 "label.may.continue": "You may now continue.",
 "label.mb.memory": "MB memory",
@@ -1437,8 +1436,8 @@
 "label.memoryused": "Used memory",
 "label.memoryusedgb": "Memory used",
 "label.memused": "Memory usage",
-"label.menu.security.groups": "Security groups",
-"label.menu.service.offerings": "Service offerings",
+"label.menu.security.groups": "Security Groups",
+"label.menu.service.offerings": "Service Offerings",
 "label.metadata": "Metadata",
 "label.metadata.description": "Metadata of the Object",
 "label.metadata.upload.description": "Set metadata for the object",
@@ -1450,8 +1449,8 @@
 "label.migrate.instance.to.ps": "Migrate Instance to another primary storage",
 "label.migrate.instance.single.storage": "Migrate all volume(s) of the Instance to a single primary storage",
 "label.migrate.instance.specific.storages": "Migrate volume(s) of the Instance to specific primary storages",
-"label.migrate.systemvm.to": "Migrate system VM to",
-"label.migrate.volume": "Migrate volume",
+"label.migrate.systemvm.to": "Migrate System VM to",
+"label.migrate.volume": "Migrate Volume",
 "message.memory.usage.info.hypervisor.additionals": "The data shown may not reflect the actual memory usage if the Instance does not have the additional hypervisor tools installed",
 "message.memory.usage.info.negative.value": "If the Instance's memory usage cannot be obtained from the hypervisor, the lines for free memory in the raw data graph and memory usage in the percentage graph will be disabled",
 "message.migrate.volume.tooltip": "Volume can be migrated to any suitable storage pool. Admin has to choose the appropriate disk offering to replace, that supports the new storage pool",
@@ -1502,14 +1501,14 @@
 "label.netscaler.vpx": "NetScaler VPX LoadBalancer",
 "label.network": "Network",
 "label.network.acl": "Network ACL",
-"label.network.acl.lists": "Network ACL lists",
+"label.network.acls": "Network ACLs",
 "label.network.addvm": "Add Network to Instance",
 "label.network.desc": "Network desc",
-"label.network.domain": "Network domain",
+"label.network.domain": "Network Domain",
 "label.network.label.display.for.blank.value": "Use default gateway",
 "label.network.name": "Network name",
-"label.network.offering": "Network offering",
-"label.network.offerings": "Network offerings",
+"label.network.offering": "Network Offerings",
+"label.network.offerings": "Network Offerings",
 "label.network.policy": "Network Policy",
 "label.network.restart.required": "Network restart required",
 "label.network.route.table": "Network route table",
@@ -1526,9 +1525,9 @@
 "label.networklimit": "Network limits",
 "label.networkmode": "Network Mode",
 "label.networkname": "Network name",
-"label.networkofferingdisplaytext": "Network offering",
-"label.networkofferingid": "Network offering",
-"label.networkofferingname": "Network offering",
+"label.networkofferingdisplaytext": "Network Offering",
+"label.networkofferingid": "Network Offering",
+"label.networkofferingname": "Network Offering",
 "label.networkrate": "Network rate (Mb/s)",
 "label.networkread": "Network read",
 "label.networks": "Networks",
@@ -1538,9 +1537,9 @@
 "label.never": "Never",
 "label.new": "New",
 "label.new.autoscale.vmgroup": "New AutoScaling Group",
-"label.new.instance.group": "New Instance group",
+"label.new.instance.group": "New Instance Group",
 "label.new.password": "New password",
-"label.new.project": "New project",
+"label.new.project": "New Project",
 "label.new.secondaryip.description": "Enter new secondary IP address",
 "label.new.tag": "New tag",
 "label.new.vm": "New Instance",
@@ -1581,16 +1580,16 @@
 "label.nsx.provider.port": "NSX provider port",
 "label.nsx.provider.username": "NSX provider username",
 "label.nsx.provider.password": "NSX provider password",
-"label.nsx.provider.edgecluster": "NSX provider edge cluster",
+"label.nsx.provider.edgecluster": "NSX provider edge Cluster",
 "label.nsx.provider.tier0gateway": "NSX provider tier-0 gateway",
-"label.nsx.provider.transportzone": "NSX provider transport zone",
+"label.nsx.provider.transportzone": "NSX provider transport Zone",
 "label.nsx.supports.internal.lb": "Enable NSX internal LB service",
 "label.nsx.supports.lb": "Enable NSX LB service",
 "label.num.cpu.cores": "# of CPU cores",
 "label.number": "#Rule",
 "label.numretries": "Number of retries",
 "label.nvpdeviceid": "ID",
-"label.oauth.configuration": "OAuth configuration",
+"label.oauth.configuration": "OAuth Configuration",
 "label.oauth.verification": "OAuth verification",
 "label.ocfs2": "OCFS2",
 "label.object.storage" : "Object Storage",
@@ -1607,7 +1606,7 @@
 "label.of.month": "of month",
 "label.offerha": "Offer HA",
 "label.offeringid": "Offering ID",
-"label.offeringtype": "Compute offering type",
+"label.offeringtype": "Compute Offering type",
 "label.ok": "OK",
 "label.only.end.date.and.time": "Only end date and time",
 "label.only.start.date.and.time": "Only start date and time",
@@ -1677,7 +1676,7 @@
 "label.passwordenabled": "Password enabled",
 "label.path": "Path",
 "label.patp": "Palo Alto threat profile",
-"label.pavr": "Virtual router",
+"label.pavr": "Virtual Router",
 "label.payload": "Payload",
 "label.payloadurl": "Payload URL",
 "label.pcidevice": "GPU",
@@ -1690,7 +1689,7 @@
 "label.peerstate.lastupdated": "Peer State Updated Time",
 "label.pending.jobs": "Pending Jobs",
 "label.per.account": "Per Account",
-"label.per.zone": "Per zone",
+"label.per.zone": "Per Zone",
 "label.percentage": "Percentage",
 "label.perfectforwardsecrecy": "Perfect forward secrecy",
 "label.perform.fresh.checks": "Perform fresh checks",
@@ -1722,7 +1721,7 @@
 "label.powerflex.gateway": "Gateway",
 "label.powerflex.gateway.password": "Gateway password",
 "label.powerflex.gateway.username": "Gateway username",
-"label.powerflex.storage.pool": "Storage pool",
+"label.powerflex.storage.pool": "Storage Pool",
 "label.powerstate": "Power state",
 "label.preferred": "Preferred",
 "label.prefix": "Prefix",
@@ -1739,13 +1738,13 @@
 "label.flashArray.username.tooltip": "The username with edit privileges",
 "label.flashArray.url.tooltip": "URL designating the Flash Array endpoint, formatted as: http[s]://HOSTNAME:PORT?pod=NAME&hostgroup=NAME[&skipTlsValidation=true][&postCopyWaitMs=#][&keyttl=#][&connectTimeoutMs=#][&apiLoginVersion=#][&apiVersion=#] where values in [] are optional.",
 "label.primary": "Primary",
-"label.primary.storage": "Primary storage",
-"label.primary.storage.allocated": "Primary storage allocated",
-"label.primary.storage.used": "Primary storage used",
-"label.primarystoragelimit": "Primary storage limits (GiB)",
-"label.primarystoragetotal": "Primary storage",
+"label.primary.storage": "Primary Storage",
+"label.primary.storage.allocated": "Primary Storage allocated",
+"label.primary.storage.used": "Primary Storage used",
+"label.primarystoragelimit": "Primary Storage limits (GiB)",
+"label.primarystoragetotal": "Primary Storage",
 "label.privatemtu": "Private Interface MTU",
-"label.private.gateway": "Private gateway",
+"label.private.gateway": "Private Gateway",
 "label.private.interface": "Private interface",
 "label.private.registry": "Private registry",
 "label.privateinterface": "Private interface",
@@ -1755,7 +1754,7 @@
 "label.privateport": "Private port",
 "label.profilename": "Profile",
 "label.project": "Project",
-"label.project.invitation": "Project invitations",
+"label.project.invitation": "Project Invitations",
 "label.project.name": "Project name",
 "label.project.owner": "Project owner(s)",
 "label.project.role": "Project role",
@@ -1782,7 +1781,7 @@
 "label.publicmtu": "Public Interface MTU",
 "label.public.interface": "Public interface",
 "label.public.ip": "Public IP address",
-"label.public.ip.addresses": "Public IP addresses",
+"label.public.ip.addresses": "Public IP Addresses",
 "label.public.ips": "Public IP addresses",
 "label.public.lb": "Public LB",
 "label.public.traffic": "Public traffic",
@@ -1863,7 +1862,8 @@
 "label.region": "Region",
 "label.register.oauth": "Register OAuth",
 "label.register.template": "Register Template",
-"label.register.user.data": "Register a userdata",
+"label.register.user.data": "Register User Data",
+"label.register.user.data.details": "Enter the User Data in plain text or in Base64 encoding. Up to 32KB of Base64 encoded User Data can be sent by default. The setting vm.userdata.max.length can be used to increase the limit to upto 1MB.",
 "label.reinstall.vm": "Reinstall Instance",
 "label.reject": "Reject",
 "label.related": "Related",
@@ -1871,11 +1871,11 @@
 "label.release": "Release",
 "label.release.account": "Release from Account",
 "label.release.dedicated.bgp.peer": "Release dedicated BGP peer",
-"label.release.dedicated.cluster": "Release dedicated cluster",
+"label.release.dedicated.cluster": "Release dedicated Cluster",
 "label.release.dedicated.host": "Release dedicated host",
 "label.release.dedicated.ipv4.subnet": "Release dedicated IPv4 subnet",
-"label.release.dedicated.pod": "Release dedicated pod",
-"label.release.dedicated.zone": "Release dedicated zone",
+"label.release.dedicated.pod": "Release dedicated Pod",
+"label.release.dedicated.zone": "Release dedicated Zone",
 "label.releasing.ip": "Releasing IP",
 "label.remote.instances": "Remote Instances",
 "label.remove": "Remove",
@@ -1888,7 +1888,7 @@
 "label.remove.ldap": "Remove LDAP",
 "label.remove.logical.network": "Remove Network from logical router",
 "label.remove.logical.router": "Remove logical router",
-"label.remove.network.offering": "Remove Network offering",
+"label.remove.network.offering": "Remove Network Offering",
 "label.remove.network.route.table": "Remove Tungsten Fabric Network routing table",
 "label.remove.pf": "Remove port forwarding rule",
 "label.remove.policy": "Remove policy",
@@ -1899,15 +1899,14 @@
 "label.remove.rule": "Remove rule",
 "label.remove.ssh.key.pair": "Remove SSH Key pair",
 "label.remove.tungsten.tag": "Remove Tag",
-"label.remove.user.data": "Remove Userdata",
+"label.remove.user.data": "Remove User Data",
 "label.remove.vm.from.lb": "Remove Instance from load balancer rule",
 "label.remove.vmware.datacenter": "Remove VMware Datacenter",
 "label.remove.vpc": "Remove VPC",
-"label.remove.vpc.offering": "Remove VPC offering",
+"label.remove.vpc.offering": "Remove VPC Offering",
 "label.removed": "Removed",
 "label.removing": "Removing",
 "label.replace.acl": "Replace ACL",
-"label.replace.acl.list": "Replace ACL list",
 "label.report.bug": "Ask a question or Report an issue",
 "label.request": "Request",
 "label.required": "Required",
@@ -1926,8 +1925,8 @@
 "label.reset.config.value": "Reset to default value",
 "label.reset.ssh.key.pair": "Reset SSH key pair",
 "label.reset.to.default": "Reset to default",
-"label.reset.userdata.on.autoscale.vm.group": "Reset Userdata on AutoScale VM Group",
-"label.reset.userdata.on.vm": "Reset Userdata on Instance",
+"label.reset.user.data.on.autoscale.vm.group": "Reset User Data on AutoScale VM Group",
+"label.reset.user.data.on.vm": "Reset User Data on Instance",
 "label.reset.vpn.connection": "Reset VPN connection",
 "label.resource": "Resource",
 "label.resource.limit.exceeded": "Resource limit exceeded",
@@ -2015,17 +2014,17 @@
 "label.search": "Search",
 "label.secondary.isolated.vlan.type.isolated": "Isolated",
 "label.secondary.isolated.vlan.type.promiscuous": "Promiscuous",
-"label.secondary.storage": "Secondary storage",
-"label.secondary.storage.vm": "Secondary storage VM",
+"label.secondary.storage": "Secondary Storage",
+"label.secondary.storage.vm": "Secondary Storage VM",
 "label.secondaryips": "Secondary IPs",
-"label.secondarystoragelimit": "Secondary storage limits (GiB)",
+"label.secondarystoragelimit": "Secondary Storage limits (GiB)",
 "label.secretkey": "Secret key",
 "label.secured": "Secured",
-"label.security.groups": "Security groups",
-"label.securitygroup": "Security group",
-"label.securitygroupenabled": "Security groups enabled",
+"label.security.groups": "Security Groups",
+"label.securitygroup": "Security Group",
+"label.securitygroupenabled": "Security Groups enabled",
 "label.securitygroups": "Security groups",
-"label.securitygroupsenabled": "Security groups enabled",
+"label.securitygroupsenabled": "Security Groups enabled",
 "label.select": "Select",
 "label.see.more.info.cpu.usage": "See more info about CPU usage",
 "label.see.more.info.memory.usage": "See more info about memory usage",
@@ -2033,18 +2032,18 @@
 "label.see.more.info.disk.usage": "See more info about disk usage",
 "label.see.more.info.shown.charts": "See more info about the shown charts",
 "label.select-view": "Select view",
-"label.select.a.zone": "Select a zone",
+"label.select.a.zone": "Select a Zone",
 "label.select.deployment.infrastructure": "Select deployment infrastructure",
 "label.select.guest.os.type": "Please select the guest OS type",
 "label.select.network": "Select Network",
 "label.select.period": "Select period",
-"label.select.project": "Select project",
-"label.select.projects": "Select projects",
-"label.select.ps": "Select primary storage",
+"label.select.project": "Select Project",
+"label.select.projects": "Select Projects",
+"label.select.ps": "Select Primary Storage",
 "label.select.root.disk": "Select the ROOT disk",
 "label.select.source.vcenter.datacenter": "Select the source VMware vCenter Datacenter",
 "label.select.tier": "Select Network Tier",
-"label.select.zones": "Select zones",
+"label.select.zones": "Select Zones",
 "label.select.2fa.provider": "Select the provider",
 "label.selected.storage": "Selected storage",
 "label.self": "Mine",
@@ -2057,20 +2056,20 @@
 "label.server.certificate": "Server certificate",
 "label.service.connectivity.distributedroutercapabilitycheckbox": "Distributed router",
 "label.service.connectivity.regionlevelvpccapabilitycheckbox": "Region level VPC",
-"label.service.group": "Service group",
+"label.service.group": "Service Group",
 "label.serviceip": "Management IP",
 "label.service.lb.elasticlbcheckbox": "Elastic LB",
 "label.service.lb.inlinemodedropdown": "Mode",
 "label.service.lb.lbisolationdropdown": "LB isolation",
 "label.service.lb.netscaler.servicepackages": "Netscaler service packages",
 "label.service.lb.netscaler.servicepackages.description": "Service package description",
-"label.service.offering": "Service offering",
+"label.service.offering": "Service Offering",
 "label.service.staticnat.associatepublicip": "Associate public IP",
 "label.service.staticnat.elasticipcheckbox": "Elastic IP",
 "label.servicegroupuuid": "Service Group",
 "label.servicelist": "Services",
-"label.serviceofferingid": "Compute offering",
-"label.serviceofferingname": "Compute offering",
+"label.serviceofferingid": "Compute Offering",
+"label.serviceofferingname": "Compute Offering",
 "label.sessions": "Active client sessions",
 "label.set.default.nic": "Set default NIC",
 "label.set.reservation": "Set reservation",
@@ -2139,20 +2138,21 @@
 "label.srctaguuid": "Source Tag",
 "label.srx": "SRX",
 "label.srx.firewall": "Juniper SRX firewall",
-"label.ssh.key.pairs": "SSH key pairs",
+"label.ssh.key.pairs": "SSH Key Pairs",
 "label.uefi.supported": "UEFI supported",
 "label.usediops": "IOPS used",
-"label.userdataid": "Userdata ID",
-"label.userdataname": "Userdata name",
-"label.userdatadetails": "Userdata details",
-"label.userdataparams": "Userdata parameters",
-"label.userdatapolicy": "Userdata link policy",
-"label.userdata.text": "Manual Userdata entry",
-"label.userdata.registered": "Stored Userdata",
-"label.userdata.do.override": "Userdata override",
-"label.userdata.do.append": "Userdata append",
-"label.userdatapolicy.tooltip": "Userdata linked to the Template can be overridden by Userdata provided during Instance deploy. Select the override policy as required.",
+"label.user.data.id": "User Data ID",
+"label.user.data.name": "User Data name",
+"label.user.data.details": "User Data details",
+"label.user.data.params": "User Data parameters",
+"label.user.data.policy": "User Data link policy",
+"label.user.data.text": "Manual User Data entry",
+"label.user.data.registered": "Stored User Data",
+"label.user.data.do.override": "User Data override",
+"label.user.data.do.append": "User Data append",
+"label.user.data.policy.tooltip": "User Data linked to the Template can be overridden by User Data provided during Instance deploy. Select the override policy as required.",
 "label.user.data": "User Data",
+"label.user.data.library": "User Data Library",
 "label.ssh.port": "SSH port",
 "label.sshkeypair": "New SSH key pair",
 "label.sshkeypairs": "SSH key pairs",
@@ -2179,7 +2179,7 @@
 "label.state.reported": "Reported State",
 "label.staticnat": "Static NAT",
 "label.static": "Static",
-"label.static.routes": "Static routes",
+"label.static.routes": "Static Routes",
 "label.status": "Status",
 "label.step.1": "Step 1",
 "label.step.2": "Step 2",
@@ -2205,9 +2205,9 @@
 "label.stopping": "Stopping",
 "label.storage": "Storage",
 "label.storage.migration.required": "Storage migration required",
-"label.storage.tags": "Storage tags",
+"label.storage.tags": "Storage Tags",
 "label.storage.traffic": "Storage traffic",
-"label.storageid": "Primary storage",
+"label.storageid": "Primary Storage",
 "label.storagemotionenabled": "Storage motion enabled",
 "label.storagepolicy": "Storage policy",
 "label.storagepool": "Storage pool",
@@ -2234,12 +2234,12 @@
 "label.supportspublicaccess": "Supports public access",
 "label.supportsstrechedl2subnet": "Supports stretched L2 subnet",
 "label.supportsvmautoscaling": "Supports auto scaling",
-"label.suspend.project": "Suspend project",
+"label.suspend.project": "Suspend Project",
 "label.switch.type": "Switch type",
-"label.sync.storage": "Sync storage pool",
+"label.sync.storage": "Sync Storage Pool",
 "label.system.ip.pool": "System Pool",
-"label.system.offering": "System offering",
-"label.system.offerings": "System offerings",
+"label.system.offering": "System Offering",
+"label.system.offerings": "System Offerings",
 "label.system.service.offering": "System service offering",
 "label.system.vm": "System VM",
 "label.system.vms": "System VMs",
@@ -2269,7 +2269,7 @@
 "label.tariffvalue": "Tariff value",
 "label.tcp": "TCP",
 "label.tcp.proxy": "TCP proxy",
-"label.template": "Select a template",
+"label.template": "Select a Template",
 "label.templatetag": "Tag",
 "label.template.select.existing": "Select an existing template",
 "label.template.temporary.import": "Use a temporary template for import",
@@ -2319,7 +2319,7 @@
 "label.total": "Total",
 "label.total.network": "Total Networks",
 "label.total.vms": "Total Instances",
-"label.total.volume": "Total volumes",
+"label.total.volume": "Total Volumes",
 "label.totalcpu": "Total CPU",
 "label.traffic.label": "Traffic label",
 "label.traffic.types": "Traffic types",
@@ -2408,8 +2408,8 @@
 "label.upload.resource.icon": "Upload icon",
 "label.upload.template.from.local": "Upload Template from local",
 "label.upload.volume": "Upload volume",
-"label.upload.volume.from.local": "Upload volume from local",
-"label.upload.volume.from.url": "Upload volume from URL",
+"label.upload.volume.from.local": "Upload Volume from local",
+"label.upload.volume.from.url": "Upload Volume from URL",
 "label.url": "URL",
 "label.usage.explanation": "Note: Only the usage server that owns the active usage job is shown here.",
 "label.usage": "Usage",
@@ -2435,11 +2435,10 @@
 "label.use.local.timezone": "Use local timezone",
 "label.used": "Used",
 "label.usehttps": "Use HTTPS",
-"label.usenewdiskoffering": "Replace disk offering?",
+"label.usenewdiskoffering": "Replace Disk Offering?",
 "label.user": "User",
 "label.user.conflict": "Conflict",
-"label.userdata": "Userdata",
-"label.userdatal2": "User data",
+"label.user.data": "User Data",
 "label.username": "Username",
 "label.username.tooltip": "The Username for the Host",
 "label.users": "Users",
@@ -2470,11 +2469,11 @@
 "label.viewing": "Viewing",
 "label.virtualmachine": "Instance",
 "label.virtualmachinecount": "Instances Count",
-"label.virtual.machine": "Virtual machine",
-"label.virtual.machines": "Virtual machines",
+"label.virtual.machine": "Virtual Machine",
+"label.virtual.machines": "Virtual Machines",
 "label.virtual.network": "Virtual Network",
 "label.virtual.networking": "Virtual Networking",
-"label.virtual.routers": "Virtual routers",
+"label.virtual.routers": "Virtual Routers",
 "label.virtualmachineid": "Instance ID",
 "label.virtualmachinename": "Instance name",
 "label.virtualsize": "Virtual Size",
@@ -2506,21 +2505,21 @@
 "label.vmwaredcvcenter": "VMware datacenter vCenter",
 "label.vmwarenetworklabel": "VMware traffic label",
 "label.vnf.appliance": "VNF Appliance",
-"label.vnf.appliances": "VNF appliances",
+"label.vnf.appliances": "VNF Appliances",
 "label.vnf.appliance.add": "Add VNF Appliance",
-"label.vnf.appliance.access.methods": "Management access information for this VNF appliance",
-"label.vnf.app.action.destroy": "Destroy VNF appliance",
-"label.vnf.app.action.edit": "Edit VNF appliance",
-"label.vnf.app.action.expunge": "Expunge VNF appliance",
-"label.vnf.app.action.migrate.to.host": "Migrate VNF appliance to another host",
-"label.vnf.app.action.migrate.to.ps": "Migrate VNF appliance to another primary storage",
-"label.vnf.app.action.recover": "Recover VNF appliance",
-"label.vnf.app.action.scale": "Scale VNF appliance",
-"label.vnf.app.action.start": "Start VNF appliance",
-"label.vnf.app.action.stop": "Stop VNF appliance",
-"label.vnf.app.action.reboot": "Reboot VNF appliance",
-"label.vnf.app.action.reinstall": "Reinstall VNF appliance",
-"label.vnf.cidr.list": "CIDR from which access to the VNF appliance’s Management interface should be allowed from",
+"label.vnf.appliance.access.methods": "Management access information for this VNF Appliance",
+"label.vnf.app.action.destroy": "Destroy VNF Appliance",
+"label.vnf.app.action.edit": "Edit VNF Appliance",
+"label.vnf.app.action.expunge": "Expunge VNF Appliance",
+"label.vnf.app.action.migrate.to.host": "Migrate VNF Appliance to another host",
+"label.vnf.app.action.migrate.to.ps": "Migrate VNF Appliance to another primary storage",
+"label.vnf.app.action.recover": "Recover VNF Appliance",
+"label.vnf.app.action.scale": "Scale VNF Appliance",
+"label.vnf.app.action.start": "Start VNF Appliance",
+"label.vnf.app.action.stop": "Stop VNF Appliance",
+"label.vnf.app.action.reboot": "Reboot VNF Appliance",
+"label.vnf.app.action.reinstall": "Reinstall VNF Appliance",
+"label.vnf.cidr.list": "CIDR from which access to the VNF appliance's Management interface should be allowed from",
 "label.vnf.cidr.list.tooltip": "the CIDR list to forward traffic from to the VNF management interface. Multiple entries must be separated by a single comma character (,). The default value is 0.0.0.0/0.",
 "label.vnf.configure.management": "Configure Firewall and Port Forwarding rules for VNF's management interfaces",
 "label.vnf.configure.management.tooltip": "True by default, security group or network rules (source nat and firewall rules) will be configured for VNF management interfaces. False otherwise. Learn what rules are configured at http://docs.cloudstack.apache.org/en/latest/adminguide/networking/vnf_templates_appliances.html#deploying-vnf-appliances",
@@ -2543,7 +2542,7 @@
 "label.vnf.templates": "VNF templates",
 "label.vnf.template.register": "Register VNF template",
 "label.vnmc": "VNMC",
-"label.volgroup": "Volume group",
+"label.volgroup": "Volume Group",
 "label.volume": "Volume",
 "label.volume.empty": "No data volumes attached to this Instance",
 "label.volume.encryption.support": "Volume Encryption Supported",
@@ -2552,7 +2551,7 @@
 "label.volumechecksum": "MD5 checksum",
 "label.volumechecksum.description": "Use the hash that you created at the start of the volume upload procedure.",
 "label.volumefileupload": "Local file",
-"label.volumegroup": "Volume group",
+"label.volumegroup": "Volume Group",
 "label.volumeid": "Volume",
 "label.volumeids": "Volumes to be deleted",
 "label.volumelimit": "Volume limits",
@@ -2563,20 +2562,20 @@
 "label.vpc": "VPC",
 "label.vpcs": "VPCs",
 "label.vpc.id": "VPC ID",
-"label.vpc.offerings": "VPC offerings",
-"label.vpc.virtual.router": "VPC virtual router",
+"label.vpc.offerings": "VPC Offerings",
+"label.vpc.virtual.router": "VPC Virtual Router",
 "label.vpc.restart.required": "VPC restart required",
 "label.vpcid": "VPC",
 "label.vpclimit": "VPC limits",
 "label.vpcname": "VPC",
-"label.vpcoffering": "VPC offering",
-"label.vpcofferingid": "VPC offering",
+"label.vpcoffering": "VPC Offering",
+"label.vpcofferingid": "VPC Offering",
 "label.vpn": "VPN",
 "label.vpn.connection": "VPN connection",
 "label.vpn.gateway": "VPN gateway",
 "label.vpn.users": "VPN Users",
 "label.vpncustomergateway": "IP address of the remote gateway",
-"label.vpncustomergatewayid": "VPN customer gateway",
+"label.vpncustomergatewayid": "VPN Customer Gateway",
 "label.vsmipaddress": "Nexus 1000v IP address",
 "label.vsmpassword": "Nexus 1000v password",
 "label.vsmusername": "Nexus 1000v username",
@@ -2611,7 +2610,7 @@
 "label.xenservertoolsversion61plus": "Original XS Version is 6.1+",
 "label.yes": "Yes",
 "label.yourinstance": "Your Instance",
-"label.your.autoscale.vmgroup": "Your autoscaling group",
+"label.your.autoscale.vmgroup": "Your Autoscaling Group",
 "label.zone": "Zone",
 "label.zone.dedicated": "Zone dedicated",
 "label.zone.details": "Zone details",
@@ -2649,7 +2648,7 @@
 "message.action.delete.autoscale.vmgroup": "Please confirm that you want to delete this autoscaling group.",
 "message.action.delete.backup.offering": "Please confirm that you want to delete this backup offering?",
 "message.action.delete.backup.repository": "Please confirm that you want to delete this backup repository?",
-"message.action.delete.cluster": "Please confirm that you want to delete this cluster.",
+"message.action.delete.cluster": "Please confirm that you want to delete this Cluster.",
 "message.action.delete.domain": "Please confirm that you want to delete this domain.",
 "message.action.delete.external.firewall": "Please confirm that you would like to remove this external firewall. Warning: If you are planning to add back the same external firewall, you must reset usage data on the device.",
 "message.action.delete.external.load.balancer": "Please confirm that you would like to remove this external load balancer. Warning: If you are planning to add back the same external load balancer, you must reset usage data on the device.",
@@ -2666,7 +2665,7 @@
 "message.action.delete.node": "Please confirm that you want to delete this node.",
 "message.action.delete.oauth.provider": "Please confirm that you want to delete the OAuth provider.",
 "message.action.delete.physical.network": "Please confirm that you want to delete this physical Network.",
-"message.action.delete.pod": "Please confirm that you want to delete this pod.",
+"message.action.delete.pod": "Please confirm that you want to delete this Pod.",
 "message.action.delete.secondary.storage": "Please confirm that you want to delete this secondary storage.",
 "message.action.delete.security.group": "Please confirm that you want to delete this security group.",
 "message.action.delete.snapshot": "Please confirm that you want to delete this Snapshot.",
@@ -2674,7 +2673,7 @@
 "message.action.delete.tungsten.router.table": "Please confirm that you want to remove Route Table from this Network?",
 "message.action.delete.volume": "Please confirm that you want to delete this volume. Note: this will not delete any Snapshots of this volume.",
 "message.action.delete.vpn.user": "Please confirm that you want to delete the VPN user.",
-"message.action.delete.zone": "Please confirm that you want to delete this zone.",
+"message.action.delete.zone": "Please confirm that you want to delete this Zone.",
 "message.action.destroy.sharedfs": "Please confirm that you want to destroy this Shared FileSystem.<br><b>Caution: This will delete all the data of the Shared FileSystem as well.</b>",
 "message.action.destroy.instance": "Please confirm that you want to destroy the Instance.",
 "message.action.destroy.instance.with.backups": "Please confirm that you want to destroy the Instance. There may be backups associated with the Instance which will not be deleted.",
@@ -2682,35 +2681,35 @@
 "message.action.destroy.volume": "Please confirm that you want to destroy the volume.",
 "message.action.disable.2FA.user.auth": "Please confirm that you want to disable User two factor authentication.",
 "message.action.about.mandate.and.disable.2FA.user.auth": "Two factor authentication is mandated for the User, if this is disabled now User will need to setup two factor authentication again during next login. <br><br>Please confirm that you want to disable.",
-"message.action.disable.cluster": "Please confirm that you want to disable this cluster.",
+"message.action.disable.cluster": "Please confirm that you want to disable this Cluster.",
 "message.action.disable.disk.offering": "Please confirm that you want to disable this disk offering.",
 "message.action.disable.service.offering": "Please confirm that you want to disable this service offering.",
 "message.action.disable.system.service.offering": "Please confirm that you want to disable this system service offering.",
 "message.action.disable.physical.network": "Please confirm that you want to disable this physical Network.",
-"message.action.disable.pod": "Please confirm that you want to disable this pod.",
+"message.action.disable.pod": "Please confirm that you want to disable this Pod.",
 "message.action.disable.static.nat": "Please confirm that you want to disable static NAT.",
-"message.action.disable.zone": "Please confirm that you want to disable this zone.",
+"message.action.disable.zone": "Please confirm that you want to disable this Zone.",
 "message.action.download.iso": "Please confirm that you want to download this ISO.",
 "message.action.download.snapshot": "Please confirm that you want to download this Snapshot.",
 "message.action.download.template": "Please confirm that you want to download this Template.",
 "message.action.edit.nfs.mount.options": "Changes to NFS mount options will only take affect on cancelling maintenance mode which will cause the storage pool to be remounted on all KVM hosts with the new mount options.",
-"message.action.enable.cluster": "Please confirm that you want to enable this cluster.",
+"message.action.enable.cluster": "Please confirm that you want to enable this Cluster.",
 "message.action.enable.disk.offering": "Please confirm that you want to enable this disk offering.",
 "message.action.enable.service.offering": "Please confirm that you want to enable this service offering.",
 "message.action.enable.system.service.offering": "Please confirm that you want to enable this system service offering.",
 "message.action.enable.physical.network": "Please confirm that you want to enable this physical Network.",
-"message.action.enable.pod": "Please confirm that you want to enable this pod.",
-"message.action.enable.zone": "Please confirm that you want to enable this zone.",
+"message.action.enable.pod": "Please confirm that you want to enable this Pod.",
+"message.action.enable.zone": "Please confirm that you want to enable this Zone.",
 "message.action.expunge.sharedfs": "Please confirm that you want to expunge this Shared FileSystem.",
 "message.action.expunge.instance": "Please confirm that you want to expunge this Instance.",
 "message.action.expunge.instance.with.backups": "Please confirm that you want to expunge this Instance. There may be backups associated with the Instance which will not be deleted.",
 "message.action.host.enable.maintenance.mode": "Enabling maintenance mode will cause a live migration of all running Instances on this host to any available host.",
 "message.action.instance.reset.password": "Please confirm that you want to change the ROOT password for this Instance.",
-"message.action.manage.cluster": "Please confirm that you want to manage the cluster.",
+"message.action.manage.cluster": "Please confirm that you want to manage the Cluster.",
 "message.action.patch.router": "Please confirm that you want to live patch the router. <br> This operation is equivalent updating the router packages and restarting the Network without cleanup.",
 "message.action.patch.systemvm": "Please confirm that you want to patch the System VM.",
-"message.action.primary.storage.scope.cluster": "Please confirm that you want to change the scope from zone to the specified cluster.<br>This operation will update the database and disconnect the storage pool from all hosts that were previously connected to the primary storage and are not part of the specified cluster.",
-"message.action.primary.storage.scope.zone": "Please confirm that you want to change the scope from cluster to zone.<br>This operation will update the database and connect the storage pool to all hosts of the zone running the same hypervisor as set on the storage pool.",
+"message.action.primary.storage.scope.cluster": "Please confirm that you want to change the scope from Zone to the specified Cluster.<br>This operation will update the database and disconnect the storage pool from all hosts that were previously connected to the primary storage and are not part of the specified cluster.",
+"message.action.primary.storage.scope.zone": "Please confirm that you want to change the scope from Cluster to Zone.<br>This operation will update the database and connect the storage pool to all hosts of the zone running the same hypervisor as set on the storage pool.",
 "message.action.primarystorage.enable.maintenance.mode": "Warning: placing the primary storage into maintenance mode will cause all Instances using volumes from it to be stopped.  Do you want to continue?",
 "message.action.quota.tariff.create.error.namerequired": "Please, inform a name for the quota tariff.",
 "message.action.quota.tariff.create.error.usagetyperequired": "Please, select the usage type of the quota tariff.",
@@ -2732,7 +2731,7 @@
 "message.action.revert.snapshot": "Please confirm that you want to revert the owning volume to this Snapshot.",
 "message.action.router.health.checks": "Health checks result will be fetched from router.",
 "message.action.router.health.checks.disabled.warning": "Please enable router health checks.",
-"message.action.scale.kubernetes.cluster.warning": "Please do not manually scale the cluster if cluster auto scaling is enabled.",
+"message.action.scale.kubernetes.cluster.warning": "Please do not manually scale the Cluster if cluster auto scaling is enabled.",
 "message.action.secondary.storage.read.only": "Please confirm that you want to make this secondary storage read only.",
 "message.action.secondary.storage.read.write": "Please confirm that you want to make this secondary storage read write.",
 "message.action.secure.host": "This will restart the host agent and libvirtd process after applying new X509 certificates, please confirm?",
@@ -2745,7 +2744,7 @@
 "message.action.stop.instance": "Please confirm that you want to stop this Instance.",
 "message.action.stop.router": "All services provided by this virtual router will be interrupted. Please confirm that you want to stop this router.",
 "message.action.stop.systemvm": "Please confirm that you want to stop this system VM.",
-"message.action.unmanage.cluster": "Please confirm that you want to unmanage the cluster.",
+"message.action.unmanage.cluster": "Please confirm that you want to unmanage the Cluster.",
 "message.action.unmanage.instance": "Please confirm that you want to unmanage the Instance.",
 "message.action.unmanage.instances": "Please confirm that you want to unmanage the Instances.",
 "message.action.unmanage.virtualmachine": "Please confirm that you want to unmanage the Instance.",
@@ -2756,7 +2755,7 @@
 "message.add.egress.rule.failed": "Adding new egress rule failed.",
 "message.add.egress.rule.processing": "Adding new egress rule...",
 "message.add.failed": "Adding failed.",
-"message.add.firewall": "Add a firewall to zone",
+"message.add.firewall": "Add a firewall to Zone",
 "message.add.firewall.rule.failed": "Adding new Firewall rule failed",
 "message.add.firewall.rule.processing": "Adding new Firewall rule...",
 "message.add.firewallrule.failed": "Adding Firewall Rule failed",
@@ -2774,22 +2773,22 @@
 "message.remove.ip.v6.firewall.rule.processing": "Removing IPv6 firewall rule...",
 "message.remove.ip.v6.firewall.rule.success": "Removed IPv6 firewall rule",
 "message.add.nsx.controller": "Add NSX Provider",
-"message.add.network": "Add a new network for zone: <b><span id=\"zone_name\"></span></b>",
-"message.add.network.acl.failed": "Adding network ACL list failed.",
-"message.add.network.acl.processing": "Adding network ACL list...",
+"message.add.network": "Add a new network for Zone: <b><span id=\"zone_name\"></span></b>",
+"message.add.network.acl.failed": "Adding network ACL failed.",
+"message.add.network.acl.processing": "Adding network ACL...",
 "message.add.network.failed": "Adding network failed.",
 "message.add.network.processing": "Adding network...",
 "message.add.new.gateway.to.vpc": "Please specify the information to add a new gateway to this VPC.",
 "message.add.physical.network.failed": "Adding physical network failed",
 "message.add.physical.network.processing": "Adding a new physical network...",
-"message.add.pod": "Add a new pod for zone <b><span id=\"add_pod_zone_name\"></span></b>",
-"message.add.pod.during.zone.creation": "Each zone must contain one or more pods. We will add the first pod now. A pod contains hosts and primary storage servers, which you will add in a later step. First, configure a range of reserved IP addresses for CloudStack's internal management traffic. The reserved IP range must be unique for each zone in the cloud.",
+"message.add.pod": "Add a new Pod for Zone <b><span id=\"add_pod_zone_name\"></span></b>",
+"message.add.pod.during.zone.creation": "Each Zone must contain one or more Pods. We will add the first pod now. A pod contains hosts and primary storage servers, which you will add in a later step. First, configure a range of reserved IP addresses for CloudStack's internal management traffic. The reserved IP range must be unique for each zone in the cloud.",
 "message.add.port.forward.failed": "Adding new port forwarding rule failed.",
 "message.add.port.forward.processing": "Adding new port forwarding rule...",
 "message.add.private.gateway.failed": "Adding private gateway failed.",
 "message.add.private.gateway.processing": "Adding private gateway...",
 "message.add.resource.description": "Add infrastructure resources",
-"message.add.resource.hint": "Add infrastructure resources - pods, clusters, primary/secondary storages.",
+"message.add.resource.hint": "Add infrastructure resources - Pods, Clusters, primary/secondary storages.",
 "message.add.routing.firewall.rule.failed": "Failed to add IPv4 Routing firewall rule",
 "message.add.routing.firewall.rule.processing": "Adding IPv4 Routing firewall rule...",
 "message.add.routing.firewall.rule.success": "Added IPv4 Routing firewall rule",
@@ -2872,7 +2871,7 @@
 "message.confirm.change.offering.for.volume": "Please confirm that you want to change disk offering for the volume",
 "message.confirm.change.service.offering.for.sharedfs": "Please confirm that you want to change the service offering for the Shared FileSystem.",
 "message.confirm.configure.ovs": "Are you sure you want to configure Ovs?",
-"message.confirm.delete.acl.list": "Are you sure you want to delete this ACL list?",
+"message.confirm.delete.acl": "Are you sure you want to delete this ACL?",
 "message.confirm.delete.bigswitchbcf": "Please confirm that you would like to delete this BigSwitch BCF Controller.",
 "message.confirm.delete.brocadevcs": "Please confirm that you would like to delete Brocade Vcs Switch.",
 "message.confirm.delete.ciscoasa1000v": "Please confirm you want to delete CiscoASA1000v.",
@@ -2921,7 +2920,7 @@
 "message.cpu.usage.info": "The CPU usage percentage can exceed 100% if the Instance has more than 1 vCPU or when CPU Cap is not enabled. This behavior happens according to the hypervisor being used (e.g: in KVM), due to how they account the stats",
 "message.create.bucket.failed": "Failed to create bucket.",
 "message.create.bucket.processing": "Bucket creation in progress",
-"message.create.compute.offering": "Compute offering created",
+"message.create.compute.offering": "Compute Offering created",
 "message.create.sharedfs.failed": "Failed to create Shared FileSystem.",
 "message.create.sharedfs.processing": "Shared FileSystem creation in progress.",
 "message.create.tungsten.public.network": "Create Tungsten-Fabric public Network",
@@ -2933,7 +2932,7 @@
 "message.create.snapshot.from.vmsnapshot.progress": "Snapshot creation in progress",
 "message.create.template.failed": "Failed to create template.",
 "message.create.template.processing": "Template creation in progress",
-"message.create.volume.failed": "Failed to create volume.",
+"message.create.volume.failed": "Failed to create Volume.",
 "message.create.volume.processing": "Volume creation in progress",
 "message.create.vpc.offering": "VPC offering created.",
 "message.create.vpn.customer.gateway.failed": "VPN customer gateway creation failed.",
@@ -2943,23 +2942,23 @@
 "message.creating.autoscale.scaledown.policy": "Creating ScaleDown policy",
 "message.creating.autoscale.scaleup.conditions": "Creating ScaleUp conditions",
 "message.creating.autoscale.scaleup.policy": "Creating ScaleUp policy",
-"message.creating.cluster": "Creating cluster",
+"message.creating.cluster": "Creating Cluster",
 "message.creating.guest.network": "Creating guest Network",
 "message.creating.physical.networks": "Creating physical Networks",
-"message.creating.pod": "Creating pod",
+"message.creating.pod": "Creating Pod",
 "message.creating.primary.storage": "Creating primary storage",
 "message.creating.secondary.storage": "Creating secondary storage",
-"message.creating.zone": "Creating zone",
+"message.creating.zone": "Creating Zone",
 "message.data.migration": "Data migration",
 "message.data.migration.progress": "Data migration between image stores",
 "message.datacenter.description": "Name of the datacenter on vCenter.",
 "message.datastore.description": "Name of the datastore on vCenter.",
-"message.dedicate.zone": "Dedicating zone",
+"message.dedicate.zone": "Dedicating Zone",
 "message.dedicated.zone.released": "Zone dedication released.",
-"message.dedicating.cluster": "Dedicating cluster...",
+"message.dedicating.cluster": "Dedicating Cluster...",
 "message.dedicating.host": "Dedicating host...",
-"message.dedicating.pod": "Dedicating pod...",
-"message.dedicating.zone": "Dedicating zone...",
+"message.dedicating.pod": "Dedicating Pod...",
+"message.dedicating.zone": "Dedicating Zone...",
 "message.delete.account.confirm": "Please confirm that you want to delete this account by entering the name of the account below.",
 "message.delete.account.failed": "Delete account failed",
 "message.delete.account.processing": "Deleting account",
@@ -2998,27 +2997,27 @@
 "message.deployasis": "Selected Template is Deploy As-Is i.e., the Instance is deployed by importing an OVA with vApps directly into vCenter. Root disk(s) resize is allowed only on stopped Instances for such Templates.",
 "message.desc.advanced.zone": "This is recommended and allows more sophisticated Network topologies. This Network model provides the most flexibility in defining guest Networks and providing custom Network offerings such as firewall, VPN, or load balancer support.",
 "message.desc.basic.zone": "Provide a single Network where each Instance is assigned an IP directly from the Network. Guest isolation can be provided through layer-3 means such as security groups (IP address source filtering).",
-"message.desc.core.zone": "Core Zones are intended for Datacenter based deployments and allow the full range of Networking and other functionality in Apache CloudStack. Core zones have a number of prerequisites and rely on the presence of shared storage and helper Instances.",
-"message.desc.edge.zone": "Edge Zones are lightweight zones, designed for deploying in edge computing scenarios. They are limited in functionality but have far fewer prerequisites than core zones.<br><br>Please refer to the Apache CloudStack documentation for more information on Zone Types<br><a href='http://docs.cloudstack.apache.org/en/latest/installguide/configuration.html#adding-a-zone'>http://docs.cloudstack.apache.org/en/latest/installguide/configuration.html#adding-a-zone</a>",
-"message.desc.cluster": "Each pod must contain one or more clusters. We will add the first cluster now. A cluster provides a way to group hosts. The hosts in a cluster all have identical hardware, run the same hypervisor, are on the same subnet, and access the same shared storage. Each cluster consists of one or more hosts and one or more primary storage servers.",
+"message.desc.core.zone": "Core Zones are intended for Datacenter based deployments and allow the full range of Networking and other functionality in Apache CloudStack. Core Zones have a number of prerequisites and rely on the presence of shared storage and helper Instances.",
+"message.desc.edge.zone": "Edge Zones are lightweight Zones, designed for deploying in edge computing scenarios. They are limited in functionality but have far fewer prerequisites than core zones.<br><br>Please refer to the Apache CloudStack documentation for more information on Zone Types<br><a href='http://docs.cloudstack.apache.org/en/latest/installguide/configuration.html#adding-a-zone'>http://docs.cloudstack.apache.org/en/latest/installguide/configuration.html#adding-a-zone</a>",
+"message.desc.cluster": "Each Pod must contain one or more Clusters. We will add the first cluster now. A cluster provides a way to group hosts. The hosts in a cluster all have identical hardware, run the same hypervisor, are on the same subnet, and access the same shared storage. Each cluster consists of one or more hosts and one or more primary storage servers.",
 "message.desc.create.ssh.key.pair": "Please fill in the following data to create or register a ssh key pair.<br><br>(1) If public key is set, CloudStack will register the public key. You can use it through your private key.<br><br>(2) If public key is not set, CloudStack will create a new SSH key pair. In this case, please copy and save the private key. CloudStack will not keep it.<br>",
 "message.desc.created.ssh.key.pair": "Created a SSH key pair.",
-"message.desc.host": "Each cluster must contain at least one host (computer) for guest Instances to run on. We will add the first host now. For a host to function in CloudStack, you must install hypervisor software on the host, assign an IP address to the host, and ensure the host is connected to the CloudStack management server.<br/><br/>Give the host's DNS or IP address, the user name (usually root) and password, and any labels you use to categorize hosts.",
+"message.desc.host": "Each Cluster must contain at least one host (computer) for guest Instances to run on. We will add the first host now. For a host to function in CloudStack, you must install hypervisor software on the host, assign an IP address to the host, and ensure the host is connected to the CloudStack management server.<br/><br/>Give the host's DNS or IP address, the user name (usually root) and password, and any labels you use to categorize hosts.",
 "message.desc.importingestinstancewizard": "This feature only applies to libvirt based KVM instances. Only Stopped instances can be ingested",
 "message.desc.import.ext.kvm.wizard": "Import libvirt domain from External KVM Host not managed by CloudStack",
 "message.desc.import.local.kvm.wizard": "Import QCOW2 image from Local Storage of selected KVM Host",
 "message.desc.import.shared.kvm.wizard": "Import QCOW2 image from selected Primary Storage Pool",
 "message.desc.import.unmanage.volume": "Please choose a storage pool that you want to import or unmanage volumes. The storage pool should be in Up status. <br>This feature only supports KVM.",
 "message.desc.importexportinstancewizard": "By choosing to manage an Instance, CloudStack takes over the orchestration of that Instance. Unmanaging an Instance removes CloudStack ability to manage it. In both cases, the Instance is left running and no changes are done to the VM on the hypervisor.<br><br>For KVM, managing a VM is an experimental feature.",
-"message.desc.importmigratefromvmwarewizard": "By selecting an existing or external VMware Datacenter and an instance to import, CloudStack migrates the selected instance from VMware to KVM on a conversion host using virt-v2v and imports it into a KVM cluster",
-"message.desc.primary.storage": "Each cluster must contain one or more primary storage servers. We will add the first one now. Primary storage contains the disk volumes for all the Instances running on hosts in the cluster. Use any standards-compliant protocol that is supported by the underlying hypervisor.",
+"message.desc.importmigratefromvmwarewizard": "By selecting an existing or external VMware Datacenter and an instance to import, CloudStack migrates the selected instance from VMware to KVM on a conversion host using virt-v2v and imports it into a KVM Cluster",
+"message.desc.primary.storage": "Each Cluster must contain one or more primary storage servers. We will add the first one now. Primary storage contains the disk volumes for all the Instances running on hosts in the cluster. Use any standards-compliant protocol that is supported by the underlying hypervisor.",
 "message.desc.reset.ssh.key.pair": "Please specify a ssh key pair that you would like to add to this Instance.",
-"message.desc.secondary.storage": "Each zone must have at least one NFS or secondary storage server. We will add the first one now. Secondary storage stores Instance Templates, ISO images, and Instance disk volume Snapshots. This server must be available to all hosts in the zone.<br/><br/>Provide the IP address and exported path.",
-"message.desc.register.user.data": "Please fill in the following data to register a User data.",
+"message.desc.secondary.storage": "Each Zone must have at least one NFS or secondary storage server. We will add the first one now. Secondary storage stores Instance Templates, ISO images, and Instance disk volume Snapshots. This server must be available to all hosts in the zone.<br/><br/>Provide the IP address and exported path.",
+"message.desc.register.user.data": "Please fill in the following to register new User Data.",
 "message.desc.registered.user.data": "Registered a User Data.",
-"message.desc.zone": "A zone is the largest organizational unit in CloudStack, and it typically corresponds to a single datacenter. Zones provide physical isolation and redundancy. A zone consists of one or more pods (each of which contains hosts and primary storage servers) and a secondary storage server which is shared by all pods in the zone.",
-"message.desc.zone.edge": "A zone is the largest organizational unit in CloudStack, and it typically corresponds to a single datacenter. Zones provide physical isolation and redundancy. An edge zone consists of one or more hosts (each of which provides local storage as primary storage servers). Only shared and L2 Networks can be deployed in such zones and functionalities that require secondary storages are not supported.",
-"message.drs.plan.description": "The maximum number of live migrations allowed for DRS. Configure DRS under the settings tab before generating a plan or to enable automatic DRS for the cluster.",
+"message.desc.zone": "A Zone is the largest organizational unit in CloudStack, and it typically corresponds to a single datacenter. Zones provide physical isolation and redundancy. A zone consists of one or more Pods (each of which contains hosts and primary storage servers) and a secondary storage server which is shared by all pods in the zone.",
+"message.desc.zone.edge": "A Zone is the largest organizational unit in CloudStack, and it typically corresponds to a single datacenter. Zones provide physical isolation and redundancy. An edge zone consists of one or more hosts (each of which provides local storage as primary storage servers). Only shared and L2 Networks can be deployed in such zones and functionalities that require secondary storages are not supported.",
+"message.drs.plan.description": "The maximum number of live migrations allowed for DRS. Configure DRS under the settings tab before generating a plan or to enable automatic DRS for the Cluster.",
 "message.drs.plan.executed": "DRS plan executed successfully.",
 "message.zone.edge.local.storage": "Local storage will be used by default for User Instances and virtual routers",
 "message.detach.disk": "Are you sure you want to detach this disk?",
@@ -3076,8 +3075,8 @@
 "message.error.cidr": "CIDR is required",
 "message.error.cidr.or.cidrsize": "CIDR or cidr size is required",
 "message.error.cloudian.console": "Single-Sign-On failed for Cloudian management console. Please ask your administrator to fix integration issues.",
-"message.error.cluster.description": "Please enter Kubernetes cluster description.",
-"message.error.cluster.name": "Please enter cluster name.",
+"message.error.cluster.description": "Please enter Kubernetes Cluster description.",
+"message.error.cluster.name": "Please enter Cluster name.",
 "message.error.confirm.password": "Please confirm new password.",
 "message.error.confirm.text": "Please enter the confirmation text",
 "message.error.current.password": "Please enter current password.",
@@ -3118,7 +3117,7 @@
 "message.error.ipv6.address": "Please enter a valid IP v6 address.",
 "message.error.ipv6.gateway": "Please enter IpV6 Gateway",
 "message.error.ipv6.gateway.format": "Please enter a valid IPv6 Gateway.",
-"message.error.kubecluster.name": "Please enter Kubernetes cluster name.",
+"message.error.kubecluster.name": "Please enter Kubernetes Cluster name.",
 "message.error.kuberversion": "Please enter Kubernetes semantic version.",
 "message.error.limit.value": "The value must not be less than",
 "message.error.loading.setting": "There was an error loading these settings.",
@@ -3152,7 +3151,7 @@
 "message.error.remove.vm.schedule": "Removing Instance Schedule failed",
 "message.error.required.input": "Please enter input",
 "message.error.reset.config": "Unable to reset config to default value",
-"message.error.retrieve.kubeconfig": "Unable to retrieve Kubernetes cluster config",
+"message.error.retrieve.kubeconfig": "Unable to retrieve Kubernetes Cluster config",
 "message.error.routing.policy.term": "Community need to have the following format number:number",
 "message.error.s3nfs.path": "Please enter S3 NFS Path",
 "message.error.s3nfs.server": "Please enter S3 NFS Server",
@@ -3170,11 +3169,11 @@
 "message.error.secret.key": "Please enter secret key.",
 "message.error.select": "Please select option.",
 "message.error.select.domain.to.dedicate": "Please select domain to dedicate to.",
-"message.error.select.zone.type": "Please select zone type below.",
+"message.error.select.zone.type": "Please select Zone type below.",
 "message.error.server": "Please enter server.",
-"message.error.serviceoffering.for.cluster": "Please select service offering for Kubernetes cluster.",
+"message.error.serviceoffering.for.cluster": "Please select service offering for Kubernetes Cluster.",
 "message.error.size": "Please enter size in GB.",
-"message.error.size.for.cluster": "Please enter size for Kubernetes cluster.",
+"message.error.size.for.cluster": "Please enter size for Kubernetes Cluster.",
 "message.error.smb.password": "Please enter SMB password.",
 "message.error.smb.username": "Please enter SMB username.",
 "message.error.specify.stickiness.method": "Please specify a stickiness method",
@@ -3192,7 +3191,7 @@
 "message.error.upload.template": "Template upload failed.",
 "message.error.upload.template.description": "Only one Template can be uploaded at a time.",
 "message.error.url": "Please enter URL.",
-"message.error.userdata": "Please enter Userdata",
+"message.error.user.data": "Please enter the User Data",
 "message.error.username": "Enter your username.",
 "message.error.valid.iops.range": "Please enter a valid IOPS range.",
 "message.error.vcenter.datacenter": "Please enter vCenter datacenter.",
@@ -3200,16 +3199,16 @@
 "message.error.vcenter.host": "Please enter vCenter host.",
 "message.error.vcenter.password": "Please enter vCenter password.",
 "message.error.vcenter.username": "Please enter vCenter username.",
-"message.error.version.for.cluster": "Please select Kubernetes version for Kubernetes cluster.",
+"message.error.version.for.cluster": "Please select Kubernetes version for Kubernetes Cluster.",
 "message.error.vlan.range": "Please enter a valid VLAN/VNI range.",
 "message.error.volume.name": "Please enter volume name.",
 "message.error.volume": "Please enter volume.",
 "message.error.volume.group": "Please enter volume group.",
-"message.error.zone": "Please select a zone.",
-"message.error.zone.combined": "All zones cannot be combined with any other zone.",
-"message.error.zone.for.cluster": "Please select zone for Kubernetes cluster.",
-"message.error.zone.name": "Please enter zone name.",
-"message.error.zone.type": "Please select zone type.",
+"message.error.zone": "Please select a Zone.",
+"message.error.zone.combined": "All Zones cannot be combined with any other zone.",
+"message.error.zone.for.cluster": "Please select Zone for Kubernetes Cluster.",
+"message.error.zone.name": "Please enter Zone name.",
+"message.error.zone.type": "Please select Zone type.",
 "message.error.linstor.resourcegroup": "Please enter the Linstor Resource-Group.",
 "message.error.fixed.offering.kvm": "It's not possible to scale up Instances that utilize KVM hypervisor with a fixed compute offering.",
 "message.error.create.webhook.local.account": "Account must be provided for creating a Webhook with Local scope.",
@@ -3233,8 +3232,8 @@
 "message.import.volume": "Please specify the domain, account or project name. <br>If not set, the volume will be imported for the caller.",
 "message.info.cloudian.console": "Cloudian Management Console should open in another window.",
 "message.installwizard.cloudstack.helptext.website": " * Project website:\t ",
-"message.infra.setup.nsx.description": "This zone must contain an NSX provider because the isolation method is NSX",
-"message.infra.setup.tungsten.description": "This zone must contain a Tungsten-Fabric provider because the isolation method is TF",
+"message.infra.setup.nsx.description": "This Zone must contain an NSX provider because the isolation method is NSX",
+"message.infra.setup.tungsten.description": "This Zone must contain a Tungsten-Fabric provider because the isolation method is TF",
 "message.installwizard.cloudstack.helptext.document": " * Documentation:\t ",
 "message.installwizard.cloudstack.helptext.header": "\nYou can find more information about Apache CloudStack™ on the pages listed below.\n",
 "message.installwizard.cloudstack.helptext.issues": " * Report issues:\t ",
@@ -3242,20 +3241,20 @@
 "message.installwizard.cloudstack.helptext.releasenotes": " * Release notes:\t ",
 "message.installwizard.cloudstack.helptext.survey": " * Take the survey:\t ",
 "message.installwizard.copy.whatiscloudstack": "CloudStack™ is a software platform that pools computing resources to build public, private, and hybrid Infrastructure as a Service (IaaS) clouds. CloudStack™ manages the Network, storage, and compute nodes that make up a cloud infrastructure. Use CloudStack™ to deploy, manage, and configure cloud computing environments.\n\nExtending beyond individual Instance images running on commodity hardware, CloudStack™ provides a turnkey cloud infrastructure software stack for delivering virtual datacenters as a service - delivering all of the essential components to build, deploy, and manage multi-tier and multi-tenant cloud applications.",
-"message.installwizard.tooltip.addpod.name": "A name for the pod.",
+"message.installwizard.tooltip.addpod.name": "A name for the Pod.",
 "message.installwizard.tooltip.addpod.reservedsystemendip": "This is the IP range in the private Network that the CloudStack uses to manage Secondary Storage VMs and Console Proxy VMs. These IP addresses are taken from the same subnet as computing servers.",
-"message.installwizard.tooltip.addpod.reservedsystemgateway": "The gateway for the hosts in that pod.",
+"message.installwizard.tooltip.addpod.reservedsystemgateway": "The gateway for the hosts in that Pod.",
 "message.installwizard.tooltip.addpod.reservedsystemstartip": "This is the IP range in the private Network that the CloudStack uses to manage Secondary Storage VMs and Console Proxy VMs. These IP addresses are taken from the same subnet as computing servers.",
-"message.installwizard.tooltip.configureguesttraffic.guestendip": "The range of IP addresses that will be available for allocation to guests in this zone. If one NIC is used, these IPs should be in the same CIDR as the pod CIDR.",
+"message.installwizard.tooltip.configureguesttraffic.guestendip": "The range of IP addresses that will be available for allocation to guests in this Zone. If one NIC is used, these IPs should be in the same CIDR as the Pod CIDR.",
 "message.installwizard.tooltip.configureguesttraffic.guestgateway": "The gateway that the guests should use.",
 "message.installwizard.tooltip.configureguesttraffic.guestnetmask": "The netmask in use on the subnet that the guests should use.",
-"message.installwizard.tooltip.configureguesttraffic.gueststartip": "The range of IP addresses that will be available for allocation to guests in this zone. If one NIC is used, these IPs should be in the same CIDR as the pod CIDR.",
+"message.installwizard.tooltip.configureguesttraffic.gueststartip": "The range of IP addresses that will be available for allocation to guests in this Zone. If one NIC is used, these IPs should be in the same CIDR as the Pod CIDR.",
 "message.installwizard.tooltip.nsx.provider.hostname": "NSX Provider hostname / IP address not provided",
 "message.installwizard.tooltip.nsx.provider.username": "NSX Provider username not provided",
 "message.installwizard.tooltip.nsx.provider.password": "NSX Provider password not provided",
-"message.installwizard.tooltip.nsx.provider.edgecluster": "NSX Provider edge cluster information not provided",
+"message.installwizard.tooltip.nsx.provider.edgecluster": "NSX Provider edge Cluster information not provided",
 "message.installwizard.tooltip.nsx.provider.tier0gateway": "NSX Provider tier-0 gateway information not provided",
-"message.installwizard.tooltip.nsx.provider.transportZone": "NSX Provider transport zone information not provided",
+"message.installwizard.tooltip.nsx.provider.transportZone": "NSX Provider transport Zone information not provided",
 "message.installwizard.tooltip.tungsten.provider.gateway": "Tungsten provider gateway is required",
 "message.installwizard.tooltip.tungsten.provider.hostname": "Tungsten provider hostname is required",
 "message.installwizard.tooltip.tungsten.provider.introspectport": "Tungsten provider introspect port is required",
@@ -3271,14 +3270,14 @@
 "message.ip.v6.prefix.delete": "IPv6 prefix deleted",
 "message.iso.arch": "Please select an ISO architecture",
 "message.iso.desc": "Disc image containing data or bootable media for OS.",
-"message.kubeconfig.cluster.not.available": "Kubernetes cluster kubeconfig not available currently.",
-"message.kubernetes.cluster.delete": "Please confirm that you want to destroy the cluster.",
-"message.kubernetes.cluster.scale": "Please select desired cluster configuration.",
-"message.kubernetes.cluster.start": "Please confirm that you want to start the cluster.",
-"message.kubernetes.cluster.stop": "Please confirm that you want to stop the cluster.",
+"message.kubeconfig.cluster.not.available": "Kubernetes Cluster kubeconfig not available currently.",
+"message.kubernetes.cluster.delete": "Please confirm that you want to destroy the Cluster.",
+"message.kubernetes.cluster.scale": "Please select desired Cluster configuration.",
+"message.kubernetes.cluster.start": "Please confirm that you want to start the Cluster.",
+"message.kubernetes.cluster.stop": "Please confirm that you want to stop the Cluster.",
 "message.kubernetes.cluster.upgrade": "Please select new Kubernetes version.",
 "message.kubernetes.version.delete": "Please confirm that you want to delete this Kubernetes version.",
-"message.l2.network.unsupported.for.nsx": "L2 networks aren't supported for NSX enabled zones",
+"message.l2.network.unsupported.for.nsx": "L2 networks aren't supported for NSX enabled Zones",
 "message.launch.zone": "Zone is ready to launch; please proceed to the next step.",
 "message.launch.zone.description": "Zone is ready to launch; please proceed to the next step.",
 "message.launch.zone.hint": "Configure Network components and traffic including IP addresses.",
@@ -3303,8 +3302,8 @@
 "message.lock.user": "Please confirm that you want to lock the User \"{user}\". By locking this User, they will no longer be able to manage their cloud resources. Existing resources can still be accessed.",
 "message.lock.user.success": "Successfully locked User \"{user}\"",
 "message.login.failed": "Login Failed",
-"message.migrate.instance.host.auto.assign": "Host for the Instance will be automatically chosen based on the suitability within the same cluster",
-"message.migrate.instance.to.host": "Please confirm that you want to migrate this Instance to another host. When migration is between hosts of different clusters volume(s) of the Instance may get migrated to suitable storage pools.",
+"message.migrate.instance.host.auto.assign": "Host for the Instance will be automatically chosen based on the suitability within the same Cluster",
+"message.migrate.instance.to.host": "Please confirm that you want to migrate this Instance to another host. When migration is between hosts of different Clusters volume(s) of the Instance may get migrated to suitable storage pools.",
 "message.migrate.instance.to.ps": "Please confirm that you want to migrate this Instance to another primary storage.",
 "message.migrate.resource.to.ss": "Please confirm that you want to migrate this resource to another secondary storage.",
 "message.migrate.router.confirm": "Please confirm the host you wish to migrate the router to:",
@@ -3354,11 +3353,11 @@
 "message.path": "Path : ",
 "message.path.description": "NFS: exported path from the server. VMFS: /datacenter name/datastore name. SharedMountPoint: path where primary storage is mounted, such as /mnt/primary.",
 "message.please.confirm.remove.ssh.key.pair": "Please confirm that you want to remove this SSH key pair.",
-"message.please.confirm.remove.user.data": "Please confirm that you want to remove this Userdata",
+"message.please.confirm.remove.user.data": "Please confirm that you want to remove this User Data",
 "message.please.enter.valid.value": "Please enter a valid value.",
 "message.please.enter.value": "Please enter values.",
 "message.please.wait.while.autoscale.vmgroup.is.being.created": "Please wait while your AutoScaling Group is being created; this may take a while...",
-"message.please.wait.while.zone.is.being.created": "Please wait while your zone is being created; this may take a while...",
+"message.please.wait.while.zone.is.being.created": "Please wait while your Zone is being created; this may take a while...",
 "message.pod.dedicated": "Pod dedicated.",
 "message.pod.dedication.released": "Pod dedication released.",
 "message.prepare.for.shutdown": "Please confirm that you would like to prep this Management server for shutdown. It will not accept any new Async Jobs but will NOT terminate after there are no pending jobs.",
@@ -3374,10 +3373,10 @@
 "message.recover.vm": "Please confirm that you would like to recover this Instance.",
 "message.reinstall.vm": "NOTE: Proceed with caution. This will cause the Instance to be reinstalled from the Template; data on the root disk will be lost. Extra data volumes, if any, will not be touched.",
 "message.release.ip.failed": "Failed to release IP",
-"message.releasing.dedicated.cluster": "Releasing dedicated cluster...",
+"message.releasing.dedicated.cluster": "Releasing dedicated Cluster...",
 "message.releasing.dedicated.host": "Releasing dedicated host...",
-"message.releasing.dedicated.pod": "Releasing dedicated pod...",
-"message.releasing.dedicated.zone": "Releasing dedicated zone...",
+"message.releasing.dedicated.pod": "Releasing dedicated Pod...",
+"message.releasing.dedicated.zone": "Releasing dedicated Zone...",
 "message.remove.annotation": "Are you sure you want to delete the comment?",
 "message.remove.egress.rule.failed": "Removing egress rule failed",
 "message.remove.egress.rule.processing": "Deleting egress rule...",
@@ -3423,7 +3422,7 @@
 "message.scaleup.policy.continue": "Please add at least a condition to ScaleUp policy to continue",
 "message.scaleup.policy.duration.continue": "Please input a valid duration to ScaleUp policy to continue",
 "message.scaleup.policy.name.continue": "Please input a name to ScaleUp policy to continue",
-"message.select.a.zone": "A zone typically corresponds to a single datacenter. Multiple zones help make the cloud more reliable by providing physical isolation and redundancy.",
+"message.select.a.zone": "A Zone typically corresponds to a single datacenter. Multiple zones help make the cloud more reliable by providing physical isolation and redundancy.",
 "message.select.affinity.groups": "Please select any affinity groups you want this Instance to belong to:",
 "message.select.bgp.peers": "Please select / deselect the BGP peers associated to the network or VPC:",
 "message.select.deselect.desired.options": "Please select / deselect the desired options",
@@ -3431,28 +3430,28 @@
 "message.select.destination.image.stores": "Please select Image Store(s) to which data is to be migrated to",
 "message.select.disk.offering": "Please select a disk offering for disk",
 "message.select.end.date.and.time": "Select an end date & time.",
-"message.select.kvm.host.instance.conversion": "(Optional) Select a KVM host in the zone to perform the instance conversion through virt-v2v",
-"message.select.kvm.host.instance.import": "(Optional) Select a KVM host in the cluster to perform the importing of the converted instance",
+"message.select.kvm.host.instance.conversion": "(Optional) Select a KVM host in the Zone to perform the instance conversion through virt-v2v",
+"message.select.kvm.host.instance.import": "(Optional) Select a KVM host in the Cluster to perform the importing of the converted instance",
 "message.select.load.balancer.rule": "Please select a load balancer rule for your AutoScale Instance group.",
 "message.select.migration.policy": "Please select a migration policy.",
 "message.select.nic.network": "Please select a Network for NIC",
 "message.select.security.groups": "Please select security group(s) for your new Instance.",
 "message.select.start.date.and.time": "Select a start date & time.",
 "message.select.temporary.storage.instance.conversion": "(Optional) Select a Storage temporary destination for the converted disks through virt-v2v",
-"message.select.zone.description": "Select type of zone basic/advanced.",
-"message.select.zone.hint": "This is the type of zone deployment that you want to use. Basic zone: provides a single Network where each Instance is assigned an IP directly from the Network. Guest isolation can be provided through layer-3 means such as security groups (IP address source filtering). Advanced zone: For more sophisticated Network topologies. This Network model provides the most flexibility in defining guest Networks and providing custom Network offerings such as firewall, VPN, or load balancer support.",
+"message.select.zone.description": "Select type of Zone basic/advanced.",
+"message.select.zone.hint": "This is the type of Zone deployment that you want to use. Basic zone: provides a single Network where each Instance is assigned an IP directly from the Network. Guest isolation can be provided through layer-3 means such as security groups (IP address source filtering). Advanced zone: For more sophisticated Network topologies. This Network model provides the most flexibility in defining guest Networks and providing custom Network offerings such as firewall, VPN, or load balancer support.",
 "message.server": "Server : ",
 "message.server.description": "NFS, iSCSI, or PreSetup: IP address or DNS name of the storage device. VMWare PreSetup: IP address or DNS name of the vCenter server. Linstor: http(s) url of the linstor-controller.",
 "message.set.default.nic": "Please confirm that you would like to make this NIC the default for this Instance.",
 "message.set.default.nic.manual": "Please manually update the default NIC on the Instance now.",
 "message.setting.updated": "Setting Updated:",
 "message.setting.update.delay": "The new value will take effect within 30 seconds.",
-"message.setup.physical.network.during.zone.creation": "When adding a zone, you need to set up one or more physical networks. Each physical network can carry one or more types of traffic, with certain restrictions on how they may be combined. Add or remove one or more traffic types onto each physical network.",
-"message.setup.physical.network.during.zone.creation.basic": "When adding a basic zone, you can set up one physical Network, which corresponds to a NIC on the hypervisor. The Network carries several types of traffic.<br/><br/>You may also <strong>add</strong> other traffic types onto the physical Network.",
+"message.setup.physical.network.during.zone.creation": "When adding a Zone, you need to set up one or more physical networks. Each physical network can carry one or more types of traffic, with certain restrictions on how they may be combined. Add or remove one or more traffic types onto each physical network.",
+"message.setup.physical.network.during.zone.creation.basic": "When adding a basic Zone, you can set up one physical Network, which corresponds to a NIC on the hypervisor. The Network carries several types of traffic.<br/><br/>You may also <strong>add</strong> other traffic types onto the physical Network.",
 "message.shared.network.offering.warning": "Domain admins and regular Users can only create shared Networks from Network offering with the setting specifyvlan=false. Please contact an administrator to create a Network offering if this list is empty.",
-"message.shared.network.unsupported.for.nsx": "Shared networks aren't supported for NSX enabled zones",
+"message.shared.network.unsupported.for.nsx": "Shared networks aren't supported for NSX enabled Zones",
 "message.shutdown.triggered": "A shutdown has been triggered. CloudStack will not accept new jobs",
-"message.snapshot.additional.zones": "Snapshots will always be created in its native zone - %x, here you can select additional zone(s) where it will be copied to at creation time",
+"message.snapshot.additional.zones": "Snapshots will always be created in its native Zone - %x, here you can select additional zone(s) where it will be copied to at creation time",
 "message.sourcenatip.change.warning": "WARNING: Changing the sourcenat IP address of the network will cause connectivity downtime for the Instances with NICs in the Network.",
 "message.sourcenatip.change.inhibited": "Changing the sourcenat to this IP of the Network to this address is inhibited as firewall rules are defined for it. This can include port forwarding or load balancing rules.\n - If this is an Isolated Network, please use updateNetwork/click the edit button.\n - If this is a VPC, first clear all other rules for this address.",
 "message.specify.tag.key": "Please specify a tag key.",
@@ -3474,7 +3473,7 @@
 "message.success.add.kuberversion": "Successfully added Kubernetes version",
 "message.success.add.logical.router": "Successfully added Logical Router",
 "message.success.add.network": "Successfully added Network",
-"message.success.add.network.acl": "Successfully added Network ACL list",
+"message.success.add.network.acl": "Successfully added Network ACL",
 "message.success.add.network.static.route": "Successfully added Network Static Route",
 "message.success.add.network.permissions": "Successfully added Network permissions",
 "message.success.add.physical.network": "Successfully added Physical Network",
@@ -3518,7 +3517,7 @@
 "message.success.create.internallb": "Successfully created Internal Load Balancer",
 "message.success.create.isolated.network": "Successfully created isolated Network",
 "message.success.create.keypair": "Successfully created SSH key pair",
-"message.success.create.kubernetes.cluter": "Successfully created Kubernetes cluster",
+"message.success.create.kubernetes.cluter": "Successfully created Kubernetes Cluster",
 "message.success.create.l2.network": "Successfully created L2 Network",
 "message.success.create.snapshot.from.vmsnapshot": "Successfully created Snapshot from Instance Snapshot",
 "message.success.create.template": "Successfully created Template",
@@ -3560,7 +3559,7 @@
 "message.success.register.iso": "Successfully registered ISO",
 "message.success.register.keypair": "Successfully registered SSH key pair",
 "message.success.register.template": "Successfully registered Template",
-"message.success.register.user.data": "Successfully registered Userdata",
+"message.success.register.user.data": "Successfully registered User Data",
 "message.success.release.ip": "Successfully released IP",
 "message.success.release.dedicated.bgp.peer": "Successfully released dedicated BGP peer",
 "message.success.release.dedicated.ipv4.subnet": "Successfully released dedicated IPv4 subnet",
@@ -3583,7 +3582,7 @@
 "message.success.remove.tungsten.routing.policy": "Successfully removed Tungsten-Fabric Routing Policy from Network",
 "message.success.reset.network.permissions": "Successfully reset Network Permissions",
 "message.success.resize.volume": "Successfully resized volume",
-"message.success.scale.kubernetes": "Successfully scaled Kubernetes cluster",
+"message.success.scale.kubernetes": "Successfully scaled Kubernetes Cluster",
 "message.success.unmanage.instance": "Successfully unmanaged Instance",
 "message.success.unmanage.volume": "Successfully unmanaged Volume",
 "message.success.update.account": "Successfully updated Account",
@@ -3598,7 +3597,7 @@
 "message.success.update.network": "Successfully updated Network",
 "message.success.update.template": "Successfully updated Template",
 "message.success.update.user": "Successfully updated User",
-"message.success.upgrade.kubernetes": "Successfully upgraded Kubernetes cluster",
+"message.success.upgrade.kubernetes": "Successfully upgraded Kubernetes Cluster",
 "message.success.upload": "Successfully uploaded",
 "message.success.upload.description": "This ISO file has been uploaded. Please check its status in the Templates menu.",
 "message.success.upload.icon": "Successfully uploaded icon for ",
@@ -3613,9 +3612,9 @@
 "message.template.import.vm.temporary": "If a temporary Template is used, the reset Instance operation will not work after importing it.",
 "message.template.iso": "Please select a Template or ISO to continue.",
 "message.template.type.change.warning": "WARNING: Changing the Template type to SYSTEM will disable further changes to the Template.",
-"message.tooltip.reserved.system.netmask": "The Network prefix that defines the pod subnet. Uses CIDR notation.",
+"message.tooltip.reserved.system.netmask": "The Network prefix that defines the Pod subnet. Uses CIDR notation.",
 "message.traffic.type.deleted": "Successfully deleted traffic type",
-"message.traffic.type.to.basic.zone": "traffic type to basic zone",
+"message.traffic.type.to.basic.zone": "traffic type to basic Zone",
 "message.trigger.shutdown": "Please confirm that you would like to trigger a shutdown on this Management server. It will not accept any new Async Jobs and will terminate after there are no pending jobs.",
 "message.type.values.to.add": "Please add additional values by typing them in",
 "message.update.autoscale.policy.failed": "Failed to update autoscale policy",
@@ -3714,11 +3713,11 @@
 "message.warn.change.primary.storage.scope": "This feature is tested and supported for the following configurations:<br>KVM - NFS/Ceph - DefaultPrimary<br>VMware - NFS - DefaultPrimary<br>*There might be extra steps involved to make it work for other configurations.",
 "message.warn.filetype": "jpg, jpeg, png, bmp and svg are the only supported image formats.",
 "message.warn.importing.instance.without.nic": "WARNING: This Instance is being imported without NICs and many Network resources will not be available. Consider creating a NIC via vCenter before importing or as soon as the Instance is imported.",
-"message.warn.zone.mtu.update": "Please note that this limit won't affect pre-existing Network’s MTU settings",
+"message.warn.zone.mtu.update": "Please note that this limit won't affect pre-existing Network's MTU settings",
 "message.webhook.deliveries.time.filter": "Webhook deliveries list can be filtered based on date-time. Select 'Custom' for specifying start and end date range.",
 "message.zone.creation.complete": "Zone creation complete.",
-"message.zone.detail.description": "Populate zone details.",
-"message.zone.detail.hint": "A zone is the largest organizational unit in CloudStack, and it typically corresponds to a single datacenter. Zones provide physical isolation and redundancy. A zone consists of one or more pods (each of which contains hosts and primary storage servers) and a secondary storage server which is shared by all pods in the zone.",
+"message.zone.detail.description": "Populate Zone details.",
+"message.zone.detail.hint": "A Zone is the largest organizational unit in CloudStack, and it typically corresponds to a single datacenter. Zones provide physical isolation and redundancy. A zone consists of one or more Pods (each of which contains hosts and primary storage servers) and a secondary storage server which is shared by all pods in the zone.",
 "message.validate.min": "Please enter a value greater than or equal to {0}.",
 "message.action.delete.object.storage": "Please confirm that you want to delete this Object Store",
 "message.bgp.peers.null": "Please note, if no BGP peers are selected, the VR will connect to <br> (1) dedicated BGP peers the owner can access, if the owner has dedicated BGP peers and account setting use.system.bgp.peers is set to false; <br> (2) all BGP peers the owner can access, otherwise.<br>",
diff --git a/ui/public/locales/es.json b/ui/public/locales/es.json
index ae4fa19f033..ab57c951531 100644
--- a/ui/public/locales/es.json
+++ b/ui/public/locales/es.json
@@ -14,12 +14,12 @@
 "label.account.specific": "espec\u00edficas de la cuenta",
 "label.accounts": "Cuentas",
 "label.accounttype": "Tipo de Cuenta",
-"label.acl.export": "Export ACLs",
+"label.acl.export": "Export ACL rules",
 "label.acl.id": "ID de ACL",
-"label.acl.list.rules": "Lista de Reglas ACL",
+"label.acl.rules": "Lista de Reglas ACL",
 "label.acl.reason.description": "Enter the reason behind an ACL rule.",
 "label.aclid": "ACL",
-"label.aclname": "Nombre de ACL",
+"label.acl.rule.name": "Nombre de ACL",
 "label.acquire.new.ip": "Adquirir nueva IP",
 "label.acquire.new.secondary.ip": "Adquirir nueva IP secundaria",
 "label.action": "Acci\u00f3n",
@@ -119,8 +119,8 @@
 "label.activeviewersessions": "Sesiones activas",
 "label.add": "Agregar",
 "label.add.account": "A\u00f1adir Cuenta",
-"label.add.acl": "Agregar ACL",
-"label.add.acl.list": "Agregar Lista ACL",
+"label.add.acl.rule": "Agregar ACL",
+"label.add.acl": "Agregar Lista ACL",
 "label.add.affinity.group": "Agregar un nuevo grupo de afinidad",
 "label.add.baremetal.dhcp.device": "Agregar dispositivo DHCP Baremetal",
 "label.add.bigswitchbcf.device": "Agregar Controlador BigSwitch BCF",
@@ -142,12 +142,12 @@
 "label.add.ip.range": "A\u00f1adir Rango IP",
 "label.add.isolated.network": "Agregar Red Aislada",
 "label.add.ldap.account": "Agregar cuenta LDAP",
-"label.add.list.name": "Nombre de la Lista ACL",
+"label.add.acl.name": "Nombre de la Lista ACL",
 "label.add.more": "A\u00f1adir m\u00e1s",
 "label.add.netscaler.device": "Agregar dispositivo Netscaler",
 "label.add.network": "Agregar Red",
 "label.add.network.acl": "Agregar ACL de Red",
-"label.add.network.acl.list": "Agregar Lista ACL de Red",
+"label.add.network.acl": "Agregar Lista ACL de Red",
 "label.add.network.offering": "Agregar Oferta de Red",
 "label.add.new.gateway": "Agregar nuevo gateway",
 "label.add.new.tier": "Agregar un nuevo tier",
@@ -344,7 +344,7 @@
 "label.default.use": "Uso por defecto",
 "label.default.view": "Vista Por Defecto",
 "label.delete": "Eliminar",
-"label.delete.acl.list": "Borrar Lista ACL",
+"label.delete.acl": "Borrar Lista ACL",
 "label.delete.affinity.group": "Borrar Grupo de Afinidad",
 "label.delete.alerts": "Eliminar alertas",
 "label.delete.bigswitchbcf": "Remover Controlador BigSwitch BCF",
@@ -431,7 +431,7 @@
 "label.driver": "Controlador",
 "label.dynamicscalingenabled": "Escalado din\u00e1mico habilitado",
 "label.edit": "Editar",
-"label.edit.acl.list": "Edit ACL List",
+"label.edit.acl": "Edit ACL",
 "label.edit.acl.rule": "Editar regla ACL",
 "label.edit.project.details": "Editar detalles de proyecto",
 "label.edit.role": "Editar Rol",
@@ -947,7 +947,6 @@
 "label.remove.vpc.offering": "Quitar Oferta VPC",
 "label.removing": "Quitando..",
 "label.replace.acl": "Reemplazar ACL",
-"label.replace.acl.list": "Reemplazar Lista ACL",
 "label.report.bug": "Reportar un Error",
 "label.required": "Requerido",
 "label.requireshvm": "HVM",
@@ -1180,8 +1179,7 @@
 "label.usehttps": "Use HTTPS",
 "label.usenewdiskoffering": "Replace disk offering?",
 "label.user": "Usuario",
-"label.userdata": "DatosUsuario",
-"label.userdatal2": "Datos de Usuario",
+"label.user.data": "DatosUsuario",
 "label.username": "Nombre de usuario",
 "label.users": "Usuarios",
 "label.utilization": "Utilisation",
@@ -1361,7 +1359,7 @@
 "message.confirm.archive.selected.alerts": "Por favor confirme que desea archivar las alertas seleccionadas",
 "message.confirm.archive.selected.events": "Por favor confirme que desea archivar los eventos seleccionados",
 "message.confirm.attach.disk": "\u00bf Est\u00e1 seguro que desea conectar el disco?",
-"message.confirm.delete.acl.list": "\u00bfEsta seguro que desea borrar esta lista de ACL?",
+"message.confirm.delete.acl": "\u00bfEsta seguro que desea borrar esta lista de ACL?",
 "message.confirm.delete.bigswitchbcf": "Por favor confirme que desa borrar este Controlador BigSwitch BCF",
 "message.confirm.delete.brocadevcs": "Por favor confirme que desa borrar este Switch Brocade Vcs",
 "message.confirm.delete.ciscoasa1000v": "Por favor confirme que desea borrar CiscoASA1000v",
diff --git a/ui/public/locales/fr_FR.json b/ui/public/locales/fr_FR.json
index 48a0560f176..424f4749aa3 100644
--- a/ui/public/locales/fr_FR.json
+++ b/ui/public/locales/fr_FR.json
@@ -14,12 +14,12 @@
 "label.account.specific": "Sp\u00e9cifique au compte",
 "label.accounts": "Comptes",
 "label.accounttype": "Type Compte",
-"label.acl.export": "Export ACLs",
+"label.acl.export": "Export ACL rules",
 "label.acl.id": "ID ACL",
-"label.acl.list.rules": "Liste r\u00e8gles ACL",
+"label.acl.rules": "Liste r\u00e8gles ACL",
 "label.acl.reason.description": "Enter the reason behind an ACL rule.",
 "label.aclid": "ACL",
-"label.aclname": "Nom ACL",
+"label.acl.rule.name": "Nom ACL",
 "label.acquire.new.ip": "Acqu\u00e9rir nouvelle adr. IP",
 "label.acquire.new.secondary.ip": "Acqu\u00e9rir nouvelle IP secondaire",
 "label.action": "Action",
@@ -119,8 +119,8 @@
 "label.activeviewersessions": "Sessions actives",
 "label.add": "Ajouter",
 "label.add.account": "Ajouter un compte",
-"label.add.acl": "Ajouter r\u00e8gle ACL",
-"label.add.acl.list": "Ajouter Liste ACL",
+"label.add.acl.rule": "Ajouter r\u00e8gle ACL",
+"label.add.acl": "Ajouter Liste ACL",
 "label.add.affinity.group": "Ajouter nouveau groupe d'affinit\u00e9",
 "label.add.baremetal.dhcp.device": "Ajouter un DHCP Baremetal",
 "label.add.bigswitchbcf.device": "Ajouter un contr\u00f4leur BigSwitch BCF",
@@ -142,12 +142,12 @@
 "label.add.ip.range": "Ajouter une plage IP",
 "label.add.isolated.network": "Ajouter un r\u00e9seau isol\u00e9",
 "label.add.ldap.account": "Ajouter un compte LDAP",
-"label.add.list.name": "Nom Liste ACL",
+"label.add.acl.name": "Nom Liste ACL",
 "label.add.more": "Ajouter plus",
 "label.add.netscaler.device": "Ajouter un Netscaler",
 "label.add.network": "Ajouter un r\u00e9seau",
 "label.add.network.acl": "Ajouter une r\u00e8gle d'acc\u00e8s r\u00e9seau ACL",
-"label.add.network.acl.list": "Ajouter Liste ACL r\u00e9seau",
+"label.add.network.acl": "Ajouter Liste ACL r\u00e9seau",
 "label.add.network.offering": "Ajouter Offre R\u00e9seau",
 "label.add.new.gateway": "Ajouter une nouvelle passerelle",
 "label.add.new.tier": "Ajouter un nouveau tiers",
@@ -334,7 +334,7 @@
 "label.default.use": "Utilisation par d\u00e9faut",
 "label.default.view": "Vue par d\u00e9faut",
 "label.delete": "Supprimer",
-"label.delete.acl.list": "Supprimer Liste ACL",
+"label.delete.acl": "Supprimer Liste ACL",
 "label.delete.affinity.group": "Supprimer le groupe d'affinit\u00e9",
 "label.delete.alerts": "Supprimer alertes",
 "label.delete.bigswitchbcf": "Supprimer contr\u00f4leur BigSwitch BCF",
@@ -419,7 +419,7 @@
 "label.dpd": "D\u00e9tection de pair mort",
 "label.driver": "Pilote",
 "label.edit": "Modifier",
-"label.edit.acl.list": "Edit ACL List",
+"label.edit.acl": "Edit ACL",
 "label.edit.acl.rule": "Modifier r\u00e8gle ACL",
 "label.edit.project.details": "Modifier les d\u00e9tails du projet",
 "label.edit.role": "\u00c9diter R\u00f4le",
@@ -926,7 +926,6 @@
 "label.remove.vpc.offering": "Supprimer offre VPC",
 "label.removing": "Suppression",
 "label.replace.acl": "Remplacer ACL",
-"label.replace.acl.list": "Remplacer Liste ACL",
 "label.required": "Requis",
 "label.requireshvm": "HVM",
 "label.requiresupgrade": "Mise \u00e0 jour n\u00e9cessaire",
@@ -1152,8 +1151,7 @@
 "label.usehttps": "Utiliser HTTPS",
 "label.usenewdiskoffering": "Replace disk offering?",
 "label.user": "Utilisateur",
-"label.userdata": "Donn\u00e9es Utilisateur",
-"label.userdatal2": "Donn\u00e9es utilisateur",
+"label.user.data": "Donn\u00e9es Utilisateur",
 "label.username": "Identifiant",
 "label.users": "Utilisateurs",
 "label.utilization": "Utilisation",
@@ -1331,7 +1329,7 @@
 "message.confirm.archive.selected.alerts": "Confirmer l'archivage des alertes s\u00e9lectionn\u00e9es",
 "message.confirm.archive.selected.events": "Confirmez l'archivage des \u00e9v\u00e9nements s\u00e9lectionn\u00e9s",
 "message.confirm.attach.disk": "Confirmer le rattachement de ce disque ?",
-"message.confirm.delete.acl.list": "Confirmer la suppression de cette liste ACL ?",
+"message.confirm.delete.acl": "Confirmer la suppression de cette liste ACL ?",
 "message.confirm.delete.bigswitchbcf": "Confirmer que vous voulez supprimer ce contr\u00f4leur BigSwitch BCF",
 "message.confirm.delete.brocadevcs": "Confirmer la suppression du switch Brocade Vcs",
 "message.confirm.delete.ciscoasa1000v": "Confirmez la suppression du CiscoASA1000v",
diff --git a/ui/public/locales/hi.json b/ui/public/locales/hi.json
index 055909360b5..9d7440b9262 100644
--- a/ui/public/locales/hi.json
+++ b/ui/public/locales/hi.json
@@ -6,7 +6,7 @@
 "label.accounts": "लेखा",
 "label.accounttype": "खाता प्रकार",
 "label.aclid": "ACL",
-"label.aclname": "ACL नाम",
+"label.acl.rule.name": "ACL नाम",
 "label.actions": "क्रियाएँ",
 "label.add": "जोड़ें",
 "label.adding": "जोड़ना",
@@ -410,7 +410,7 @@
 "label.usageunit": "Unit",
 "label.usehttps": "HTTPS का उपयोग करें",
 "label.user": "उपयोगकर्ता",
-"label.userdata": "Userdata",
+"label.user.data": "User Data",
 "label.username": "उपयोगकर्ता नाम",
 "label.users": "उपयोगकर्ता",
 "label.uuid": "ID",
diff --git a/ui/public/locales/hu.json b/ui/public/locales/hu.json
index 48275ce81fc..ae58379d343 100644
--- a/ui/public/locales/hu.json
+++ b/ui/public/locales/hu.json
@@ -14,12 +14,12 @@
 "label.account.specific": "Sz\u00e1mla-specifikus",
 "label.accounts": "Sz\u00e1ml\u00e1k",
 "label.accounttype": "Sz\u00e1mla t\u00edpus",
-"label.acl.export": "Export ACLs",
+"label.acl.export": "Export ACL rules",
 "label.acl.id": "ACL ID",
-"label.acl.list.rules": "ACL List Rules",
+"label.acl.rules": "ACL Rules",
 "label.acl.reason.description": "Enter the reason behind an ACL rule.",
 "label.aclid": "ACL",
-"label.aclname": "ACL n\u00e9v",
+"label.acl.rule.name": "ACL n\u00e9v",
 "label.acquire.new.ip": "\u00daj IP c\u00edm beszerz\u00e9se",
 "label.acquire.new.secondary.ip": "\u00daj m\u00e1sodlagos IP c\u00edm beszerz\u00e9se",
 "label.action": "M\u0171velet",
@@ -119,8 +119,8 @@
 "label.activeviewersessions": "Akt\u00edv munkamenetek",
 "label.add": "Felv\u00e9tel",
 "label.add.account": "Sz\u00e1mla felv\u00e9tele",
-"label.add.acl": "ACL felv\u00e9tele",
-"label.add.acl.list": "ACL lista felv\u00e9tele",
+"label.add.acl.rule": "ACL felv\u00e9tele",
+"label.add.acl": "ACL Lista felv\u00e9tele",
 "label.add.affinity.group": "\u00daj affin\u00edt\u00e1si csoport felv\u00e9tele",
 "label.add.baremetal.dhcp.device": "Baremetal DHCP eszk\u00f6z felv\u00e9tele",
 "label.add.bigswitchbcf.device": "BigSwitch BCF vez\u00e9rl\u0151 felv\u00e9tele",
@@ -142,12 +142,12 @@
 "label.add.ip.range": "IP c\u00edmtartom\u00e1ny felv\u00e9tele",
 "label.add.isolated.network": "Izol\u00e1lt h\u00e1l\u00f3zat felv\u00e9tele",
 "label.add.ldap.account": "LDAP hozz\u00e1f\u00e9r\u00e9s felv\u00e9tele",
-"label.add.list.name": "ACL lista n\u00e9v",
+"label.add.acl.name": "ACL Lista n\u00e9v",
 "label.add.more": "Tov\u00e1bbi felv\u00e9tele",
 "label.add.netscaler.device": "Netscaler eszk\u00f6z felv\u00e9tele",
 "label.add.network": "H\u00e1l\u00f3zat felv\u00e9tele",
 "label.add.network.acl": "H\u00e1l\u00f3zati ACL felv\u00e9tele",
-"label.add.network.acl.list": "H\u00e1l\u00f3zati ACL lista felv\u00e9tele",
+"label.add.network.acl": "H\u00e1l\u00f3zati ACL Lista felv\u00e9tele",
 "label.add.network.offering": "H\u00e1l\u00f3zati aj\u00e1nlat felv\u00e9tele",
 "label.add.new.gateway": "\u00daj \u00e1tj\u00e1r\u00f3 felv\u00e9tele",
 "label.add.new.tier": "\u00daj r\u00e9teg felv\u00e9tele",
@@ -334,7 +334,7 @@
 "label.default.use": "Alap\u00e9rtelmezett haszn\u00e1lat",
 "label.default.view": "Alap\u00e9rtelmezett n\u00e9zet",
 "label.delete": "T\u00f6rl\u00e9s",
-"label.delete.acl.list": "ACL lista t\u00f6rl\u00e9se",
+"label.delete.acl": "ACL Lista t\u00f6rl\u00e9se",
 "label.delete.affinity.group": "Affin\u00edt\u00e1si csoport t\u00f6rl\u00e9se",
 "label.delete.alerts": "T\u00f6rl\u00e9s riaszt\u00e1sok",
 "label.delete.bigswitchbcf": "BigSwitch BCF vez\u00e9rl\u0151 elt\u00e1vol\u00edt\u00e1sa",
@@ -419,7 +419,7 @@
 "label.driver": "Driver",
 "label.dynamicscalingenabled": "dinamikus m\u00e9retez\u00e9s enged\u00e9lyezve",
 "label.edit": "Szerkeszt\u00e9s",
-"label.edit.acl.list": "Edit ACL List",
+"label.edit.acl": "Edit ACL",
 "label.edit.acl.rule": "ACL szab\u00e1ly szerkeszt\u00e9se",
 "label.edit.project.details": "Projekt r\u00e9szletek szerkeszt\u00e9se",
 "label.edit.role": "Edit Role",
@@ -924,7 +924,6 @@
 "label.remove.vpc.offering": "VPC aj\u00e1nlat t\u00f6rl\u00e9se",
 "label.removing": "T\u00f6rl\u00e9s",
 "label.replace.acl": "ACL csere",
-"label.replace.acl.list": "ACL lista cser\u00e9je",
 "label.required": "Sz\u00fcks\u00e9ges",
 "label.requireshvm": "HVM",
 "label.requiresupgrade": "Friss\u00edt\u00e9st ig\u00e9nyel",
@@ -1150,8 +1149,7 @@
 "label.usehttps": "HTTPS haszn\u00e1lata",
 "label.usenewdiskoffering": "Replace disk offering?",
 "label.user": "Felhaszn\u00e1l\u00f3",
-"label.userdata": "Felhaszn\u00e1l\u00f3 adat",
-"label.userdatal2": "Felhaszn\u00e1l\u00f3i adat",
+"label.user.data": "Felhaszn\u00e1l\u00f3 adat",
 "label.username": "Felhaszn\u00e1l\u00f3n\u00e9v",
 "label.users": "Felhaszn\u00e1l\u00f3k",
 "label.utilization": "Utilisation",
@@ -1329,7 +1327,7 @@
 "message.confirm.archive.selected.alerts": "Er\u0151s\u00edtsd meg, hogy le akarod archiv\u00e1lni a kiv\u00e1lasztott riaszt\u00e1sokat!",
 "message.confirm.archive.selected.events": "Er\u0151s\u00edtsd meg, hogy archiv\u00e1lni szeretn\u00e9d a kiv\u00e1lasztott esem\u00e9nyeket!",
 "message.confirm.attach.disk": "Biztosan csatolni szeretn\u00e9d a merevlemezt?",
-"message.confirm.delete.acl.list": "Biztosan t\u00f6r\u00f6lni akarod ezt a ACL list\u00e1t?",
+"message.confirm.delete.acl": "Biztosan t\u00f6r\u00f6lni akarod ezt a ACL List\u00e1t?",
 "message.confirm.delete.bigswitchbcf": "Er\u0151s\u00edtsd meg, hogy t\u00f6r\u00f6lni szeretn\u00e9d ezt a BigSwitch BCF vez\u00e9rl\u0151t!",
 "message.confirm.delete.brocadevcs": "Er\u0151s\u00edtsd meg, hogy t\u00f6r\u00f6lni szeretn\u00e9d a Brocade Vcs Switch-et",
 "message.confirm.delete.ciscoasa1000v": "Er\u0151s\u00edtsd meg, hogy t\u00f6r\u00f6lni akarod a CiscoASA1000v-t",
@@ -1354,7 +1352,7 @@
 "message.confirm.remove.selected.events": "Er\u0151s\u00edtsd meg, hogy t\u00f6r\u00f6lni szeretn\u00e9d a kiv\u00e1lasztott esem\u00e9nyeket",
 "message.confirm.remove.vmware.datacenter": "Er\u0151s\u00edtsd meg, hogy el akarod t\u00e1vol\u00edtani a VMware adatk\u00f6zpontot!",
 "message.confirm.remove.vpc.offering": "Biztos vagy abban, hogy t\u00f6r\u00f6lni akarod ezt a VPC aj\u00e1nlatot?",
-"message.confirm.replace.acl.new.one": "Le akarod cser\u00e9lni ez ACL list\u00e1t egy \u00fajjal?",
+"message.confirm.replace.acl.new.one": "Le akarod cser\u00e9lni ez ACL List\u00e1t egy \u00fajjal?",
 "message.confirm.scale.up.router.vm": "Biztosan fel akarod m\u00e9retezni a router VM-et?",
 "message.confirm.scale.up.system.vm": "Biztosan fel akarod m\u00e9retezni a rendszer VM-et?",
 "message.confirm.start.lb.vm": "Er\u0151s\u00edtsd meg, hogy el akarod ind\u00edtani az LB VM-et!",
diff --git a/ui/public/locales/it_IT.json b/ui/public/locales/it_IT.json
index 844763eba3a..a2907b71f23 100644
--- a/ui/public/locales/it_IT.json
+++ b/ui/public/locales/it_IT.json
@@ -14,12 +14,12 @@
 "label.account.specific": "Specifico dell'Account",
 "label.accounts": "Utenti",
 "label.accounttype": "Account Type",
-"label.acl.export": "Export ACLs",
+"label.acl.export": "Export ACL rules",
 "label.acl.id": "ACL ID",
-"label.acl.list.rules": "ACL List Rules",
+"label.acl.rules": "ACL Rules",
 "label.acl.reason.description": "Enter the reason behind an ACL rule.",
 "label.aclid": "ACL",
-"label.aclname": "ACL Name",
+"label.acl.rule.name": "ACL Name",
 "label.acquire.new.ip": "Acquisizione nuovo indirizzo IP",
 "label.acquire.new.secondary.ip": "Acquisizione nuovo IP secondario",
 "label.action": "Action",
@@ -119,8 +119,8 @@
 "label.activeviewersessions": "Sessioni Attive",
 "label.add": "Add",
 "label.add.account": "Aggiungi un Account",
-"label.add.acl": "Aggiungere ACL",
-"label.add.acl.list": "Add ACL List",
+"label.add.acl.rule": "Aggiungere ACL",
+"label.add.acl": "Add ACL",
 "label.add.affinity.group": "Aggiungere un nuovo gruppo di affinit\u00e0",
 "label.add.baremetal.dhcp.device": "Add Baremetal DHCP Device",
 "label.add.bigswitchbcf.device": "Aggiungere Controller BigSwitch BCF",
@@ -142,12 +142,12 @@
 "label.add.ip.range": "Aggiungere un IP Range",
 "label.add.isolated.network": "Add Isolated Network",
 "label.add.ldap.account": "Aggiungi un account LDAP",
-"label.add.list.name": "ACL List Name",
+"label.add.acl.name": "ACL Name",
 "label.add.more": "Add More",
 "label.add.netscaler.device": "Aggiungere device Netscaler",
 "label.add.network": "Aggiungere una Rete",
 "label.add.network.acl": "Aggiungere le ACL di rete",
-"label.add.network.acl.list": "Add Network ACL List",
+"label.add.network.acl": "Add Network ACL",
 "label.add.network.offering": "Aggiungere offerta di rete",
 "label.add.new.gateway": "Aggiungere un nuovo gateway",
 "label.add.new.tier": "Aggiungere un nuovo livello",
@@ -334,7 +334,7 @@
 "label.default.use": "Default Use",
 "label.default.view": "Vista di default",
 "label.delete": "Cancellare",
-"label.delete.acl.list": "Delete ACL List",
+"label.delete.acl": "Delete ACL",
 "label.delete.affinity.group": "Cancellare Gruppo di Affinit\u00e0",
 "label.delete.alerts": "Cancella allarmi",
 "label.delete.bigswitchbcf": "Rimuovere Controller BigSwitch BCF",
@@ -419,7 +419,7 @@
 "label.dpd": "Dead Peer Detection",
 "label.driver": "Driver",
 "label.edit": "Modifica",
-"label.edit.acl.list": "Edit ACL List",
+"label.edit.acl": "Edit ACL",
 "label.edit.acl.rule": "Edit ACL rule",
 "label.edit.project.details": "Modificare i dettagli del progetto",
 "label.edit.role": "Edit Role",
@@ -924,7 +924,6 @@
 "label.remove.vpc.offering": "Remove VPC offering",
 "label.removing": "Rimozione",
 "label.replace.acl": "Replace ACL",
-"label.replace.acl.list": "Replace ACL List",
 "label.required": "Required",
 "label.requireshvm": "HVM",
 "label.requiresupgrade": "Requires Upgrade",
@@ -1150,8 +1149,7 @@
 "label.usehttps": "Utilizzare HTTPS",
 "label.usenewdiskoffering": "Replace disk offering?",
 "label.user": "User",
-"label.userdata": "Userdata",
-"label.userdatal2": "User Data",
+"label.user.data": "User Data",
 "label.username": "Username",
 "label.users": "Users",
 "label.utilization": "Utilisation",
@@ -1329,7 +1327,7 @@
 "message.confirm.archive.selected.alerts": "Please confirm you would like to archive the selected alerts",
 "message.confirm.archive.selected.events": "Please confirm you would like to archive the selected events",
 "message.confirm.attach.disk": "Are you sure you want to attach disk?",
-"message.confirm.delete.acl.list": "Are you sure you want to delete this ACL list?",
+"message.confirm.delete.acl": "Are you sure you want to delete this ACL?",
 "message.confirm.delete.bigswitchbcf": "Please confirm that you would like to delete this BigSwitch BCF Controller",
 "message.confirm.delete.brocadevcs": "Please confirm that you would like to delete Brocade Vcs Switch",
 "message.confirm.delete.ciscoasa1000v": "Please confirm you want to delete CiscoASA1000v",
diff --git a/ui/public/locales/ja_JP.json b/ui/public/locales/ja_JP.json
index 8357b9d49a2..3ab374a2a06 100644
--- a/ui/public/locales/ja_JP.json
+++ b/ui/public/locales/ja_JP.json
@@ -58,11 +58,11 @@
   "label.access.kubernetes.nodes": "Kubernetesノードに接続",
   "label.acl.export": "エクスポートACLs",
   "label.acl.id": "ACL ID",
-  "label.acl.list.rules": "ACLルールのリスト",
+  "label.acl.rules": "ACLルールのリスト",
   "label.acl.reason.description": "ACLルールの理由を入力してください。",
   "label.acl.replaced": "ACLが置き換えられました",
   "label.aclid": "ACL",
-  "label.aclname": "ACL名",
+  "label.acl.rule.name": "ACL名",
   "label.acltotal": "ネットワークACL合計",
   "label.acquire.new.ip": "新しいIPアドレスの取得",
   "label.acquire.new.secondary.ip": "セカンダリIPアドレスの取得",
@@ -298,8 +298,8 @@
   "label.add.account": "アカウント追加",
   "label.add.accounts": "アカウント追加",
   "label.add.accounts.to": "アカウントの追加先:",
-  "label.add.acl": "ACL追加",
-  "label.add.acl.list": "ACL一覧追加",
+  "label.add.acl.rule": "ACL追加",
+  "label.add.acl": "ACL一覧追加",
   "label.add.affinity.group": "新しいアフィニティグループ追加",
   "label.add.baremetal.dhcp.device": "ベアメタルDHCPデバイス追加",
   "label.add.baremetal.rack.configuration": "ベアメタルラック設定追加",
@@ -333,14 +333,14 @@
   "label.add.l2.guest.network": "L2ゲストネットワーク追加",
   "label.add.ldap.account": "LDAPアカウント追加",
   "label.add.ldap.list.users": "LDAPユーザー一覧",
-  "label.add.list.name": "ACL一覧名",
+  "label.add.acl.name": "ACL一覧名",
   "label.add.load.balancer": "ロードバランサー追加",
   "label.add.management.ip.range": "マネージメントIP範囲追加",
   "label.add.more": "その他の項目追加",
   "label.add.netscaler.device": "NetScalerデバイス追加",
   "label.add.network": "ネットワーク追加",
   "label.add.network.acl": "ネットワークACL追加",
-  "label.add.network.acl.list": "ネットワークACL一覧追加",
+  "label.add.network.acl": "ネットワークACL一覧追加",
   "label.add.network.device": "ネットワークデバイス追加",
   "label.add.network.offering": "ネットワークオファリング追加",
   "label.add.new.f5": "新しいF5追加",
@@ -718,7 +718,7 @@
   "label.default.view": "デフォルトビュー",
   "label.defaultnetwork": "デフォルトネットワーク",
   "label.delete": "削除",
-  "label.delete.acl.list": "ACL一覧削除",
+  "label.delete.acl": "ACL一覧削除",
   "label.delete.affinity.group": "アフィニティグループ削除",
   "label.delete.alerts": "アラート削除",
   "label.delete.backup": "バックアップ削除",
@@ -872,7 +872,7 @@
   "label.dynamicscalingenabled": "ダイナミックスケーリング有効",
   "label.dynamicscalingenabled.tooltip": "テンプレート、サービスオファリング、およびグローバル設定で動的スケーリングが有効になっている場合にのみ、VMは動的にスケーリングできます。",
   "label.edit": "編集",
-  "label.edit.acl.list": "ACL一覧編集",
+  "label.edit.acl": "ACL一覧編集",
   "label.edit.acl.rule": "ACLルール編集",
   "label.edit.affinity.group": "アフィニティグループ編集",
   "label.edit.lb.rule": "LBルール編集",
@@ -1498,7 +1498,7 @@
   "label.netscaler.vpx": "NetScaler VPXロードバランサー",
   "label.network": "ネットワーク",
   "label.network.acl": "ネットワークACL",
-  "label.network.acl.lists": "ネットワークACL一覧",
+  "label.network.acls": "ネットワークACL一覧",
   "label.network.acls": "ネットワークACL",
   "label.network.addvm": "VMへのネットワーク追加",
   "label.network.desc": "ネットワークの説明",
@@ -1871,7 +1871,6 @@
   "label.removing": "削除しています",
   "label.removing.user": "ユーザーを削除しています",
   "label.replace.acl": "ACLの置き換え",
-  "label.replace.acl.list": "ACL一覧の置き換え",
   "label.report.bug": "問題レポート",
   "label.required": "必須です",
   "label.requireshvm": "HVM",
@@ -2321,8 +2320,7 @@
   "label.user.details": "ユーザーの詳細",
   "label.user.source": "ソース",
   "label.user.vm": "ユーザーVM",
-  "label.userdata": "ユーザーデータ",
-  "label.userdatal2": "ユーザーデータ",
+  "label.user.data": "ユーザーデータ",
   "label.username": "ユーザー名",
   "label.users": "ユーザー",
   "label.usersource": "ユーザータイプ",
@@ -2727,7 +2725,7 @@
   "message.confirm.dedicate.host.domain.account": "このホストをドメイン/アカウント専用に設定してもよろしいですか？",
   "message.confirm.dedicate.pod.domain.account": "このポッドをドメイン/アカウント専用に設定してもよろしいですか？",
   "message.confirm.dedicate.zone": "このゾーンをドメイン/アカウント専用に設定してもよろしいですか？",
-  "message.confirm.delete.acl.list": "このACL一覧を削除してもよろしいですか？",
+  "message.confirm.delete.acl": "このACL一覧を削除してもよろしいですか？",
   "message.confirm.delete.alert": "このアラートを削除してもよろしいですか？",
   "message.confirm.delete.baremetal.rack.configuration": "ベアメタルラック設定を削除してもよろしいですか？",
   "message.confirm.delete.bigswitchbcf": "このBigSwitchBCFコントローラーを削除してもよろしいですか？",
diff --git a/ui/public/locales/ko_KR.json b/ui/public/locales/ko_KR.json
index f1fab4b584c..cc9683633be 100644
--- a/ui/public/locales/ko_KR.json
+++ b/ui/public/locales/ko_KR.json
@@ -32,10 +32,10 @@
 "label.accounttype": "\uacc4\uc815 \uc720\ud615",
 "label.acl.export": "ACL \ub0b4\ubcf4\ub0b4\uae30",
 "label.acl.id": "ACL ID",
-"label.acl.list.rules": "ACL \ubaa9\ub85d \uaddc\uce59",
+"label.acl.rules": "ACL \ubaa9\ub85d \uaddc\uce59",
 "label.acl.reason.description": "ACL \uaddc\uce59 \ub4a4\uc5d0 \uc124\uba85\uc744 \uc785\ub825\ud558\uc2ed\uc2dc\uc624.",
 "label.aclid": "ACL",
-"label.aclname": "ACL \uc774\ub984",
+"label.acl.rule.name": "ACL \uc774\ub984",
 "label.acquire.new.ip": "\uc0c8 IP \uc8fc\uc18c \uac00\uc838\uc624\uae30",
 "label.acquire.new.secondary.ip": "\uc0c8 \ubcf4\uc870 IP \uc8fc\uc18c \uac00\uc838\uc624\uae30",
 "label.acquiring.ip": "IP \uac00\uc838\uc624\uae30",
@@ -153,8 +153,8 @@
 "label.activeviewersessions": "\ud65c\uc131 \uc138\uc158",
 "label.add": "\ucd94\uac00",
 "label.add.account": "\uacc4\uc815 \ucd94\uac00",
-"label.add.acl": "\uad8c\ud55c \uad00\ub9ac(ACL) \ucd94\uac00",
-"label.add.acl.list": "ACL \ubaa9\ub85d \ucd94\uac00",
+"label.add.acl.rule": "\uad8c\ud55c \uad00\ub9ac(ACL) \ucd94\uac00",
+"label.add.acl": "ACL \ubaa9\ub85d \ucd94\uac00",
 "label.add.affinity.group": "\uc0c8 Affinity \uadf8\ub8f9 \ucd94\uac00",
 "label.add.baremetal.dhcp.device": "Baremetal DHCP \uc7a5\uce58 \ucd94\uac00",
 "label.add.bigswitchbcf.device": "BigSwitch BCF \ucee8\ud2b8\ub864\ub7ec \ucd94\uac00",
@@ -178,12 +178,12 @@
 "label.add.isolated.network": "isolated \ub124\ud2b8\uc6cc\ud06c \ucd94\uac00",
 "label.add.kubernetes.cluster": "\ucfe0\ubc84\ub124\ud14c\uc2a4 \ud074\ub7ec\uc2a4\ud130 \ucd94\uac00",
 "label.add.ldap.account": "LDAP \uacc4\uc815 \ucd94\uac00",
-"label.add.list.name": "ACL \ubaa9\ub85d \uc774\ub984",
+"label.add.acl.name": "ACL \ubaa9\ub85d \uc774\ub984",
 "label.add.more": "\ub2e4\ub978 \ud56d\ubaa9 \ucd94\uac00",
 "label.add.netscaler.device": "Netscaler \uc7a5\uce58 \ucd94\uac00",
 "label.add.network": "\ub124\ud2b8\uc6cc\ud06c \ucd94\uac00",
 "label.add.network.acl": "\ub124\ud2b8\uc6cc\ud06c \uad8c\ud55c \uad00\ub9ac(ACL) \ucd94\uac00",
-"label.add.network.acl.list": "\ub124\ud2b8\uc6cc\ud06c ACL \ubaa9\ub85d \ucd94\uac00",
+"label.add.network.acl": "\ub124\ud2b8\uc6cc\ud06c ACL \ubaa9\ub85d \ucd94\uac00",
 "label.add.network.offering": "\ub124\ud2b8\uc6cc\ud06c \uc624\ud37c\ub9c1 \ucd94\uac00",
 "label.add.new.gateway": "\uc0c8 \uac8c\uc774\ud2b8\uc6e8\uc774 \ucd94\uac00\ud558\uae30",
 "label.add.new.tier": "\uc0c8 \uc11c\ube0c\ub137 \ucd94\uac00",
@@ -436,7 +436,7 @@
 "label.default.view": "\uae30\ubcf8 \ubcf4\uae30",
 "label.defaultnetwork": "\uae30\ubcf8 \ub124\ud2b8\uc6cc\ud06c",
 "label.delete": "\uc0ad\uc81c",
-"label.delete.acl.list": "ACL \ubaa9\ub85d \uc0ad\uc81c",
+"label.delete.acl": "ACL \ubaa9\ub85d \uc0ad\uc81c",
 "label.delete.affinity.group": "Affinity \uadf8\ub8f9 \uc0ad\uc81c",
 "label.delete.alerts": "\uc54c\ub9bc \uc0ad\uc81c",
 "label.delete.backup": "\ubc31\uc5c5 \uc0ad\uc81c",
@@ -549,7 +549,7 @@
 "label.dpd": "Dead \ud53c\uc5b4 \uac10\uc9c0",
 "label.driver": "\ub4dc\ub77c\uc774\ubc84",
 "label.edit": "\ud3b8\uc9d1",
-"label.edit.acl.list": "ACL \ubaa9\ub85d \ud3b8\uc9d1",
+"label.edit.acl": "ACL \ubaa9\ub85d \ud3b8\uc9d1",
 "label.edit.acl.rule": "ACL \uaddc\uce59 \ud3b8\uc9d1",
 "label.edit.project.details": "\ud504\ub85c\uc81d\ud2b8 \uc0c1\uc138 \ud3b8\uc9d1",
 "label.edit.project.role": "\ud504\ub85c\uc81d\ud2b8 \uc5ed\ud560 \ud3b8\uc9d1",
@@ -985,7 +985,7 @@
 "label.netscaler.vpx": "NetScaler VPX \ub85c\ub4dc\ubc38\ub7f0\uc11c",
 "label.network": "\ub124\ud2b8\uc6cc\ud06c",
 "label.network.acl": "\ub124\ud2b8\uc6cc\ud06c \uad8c\ud55c \uad00\ub9ac(ACL)",
-"label.network.acl.lists": "Network ACL \ubaa9\ub85d",
+"label.network.acls": "Network ACL \ubaa9\ub85d",
 "label.network.addvm": "VM\uc5d0 \ub124\ud2b8\uc6cc\ud06c \ucd94\uac00",
 "label.network.desc": "\ub124\ud2b8\uc6cc\ud06c \uc124\uba85",
 "label.network.domain": "\ub124\ud2b8\uc6cc\ud06c \ub3c4\uba54\uc778",
@@ -1251,7 +1251,6 @@
 "label.remove.vpc.offering": "VPC \uc624\ud37c\ub9c1 \uc0ad\uc81c",
 "label.removing": "\uc0ad\uc81c\ud558\ub294 \uc911...",
 "label.replace.acl": "ACL \uad50\uccb4",
-"label.replace.acl.list": "ACL \ubaa9\ub85d \uad50\uccb4",
 "label.report.bug": "\uc774\uc288 \ub9ac\ud3ec\ud2b8",
 "label.required": "\ud544\uc218 \uc0ac\ud56d",
 "label.requireshvm": "HVM",
@@ -1560,8 +1559,7 @@
 "label.usenewdiskoffering": "\ub514\uc2a4\ud06c \uc624\ud37c\ub9c1\uc744 \ubcc0\uacbd\ud558\uc2dc\uaca0\uc2b5\ub2c8\uae4c?",
 "label.user": "\uc0ac\uc6a9\uc790",
 "label.user.conflict": "\ucda9\ub3cc",
-"label.userdata": "\uc0ac\uc6a9\uc790 \ub370\uc774\ud130",
-"label.userdatal2": "\uc0ac\uc6a9\uc790 \ub370\uc774\ud130",
+"label.user.data": "\uc0ac\uc6a9\uc790 \ub370\uc774\ud130",
 "label.username": "\uc0ac\uc6a9\uc790 \uc774\ub984",
 "label.users": "\uc0ac\uc6a9\uc790",
 "label.usersource": "\uc0ac\uc6a9\uc790 \uc720\ud615",
@@ -1818,7 +1816,7 @@
 "message.confirm.archive.selected.events": "\uc120\ud0dd\ud55c \uc774\ubca4\ud2b8\ub97c \ubcf4\uad00\ud560 \uac83\uc778\uc9c0 \ud655\uc778\ud558\uc2ed\uc2dc\uc624.",
 "message.confirm.attach.disk": "\ub514\uc2a4\ud06c\ub97c \uc5f0\uacb0 \ud558\uc2dc\uaca0\uc2b5\ub2c8\uae4c?",
 "message.confirm.configure.ovs": "Ovs\ub97c \uad6c\uc131\ud558\uc2dc\uaca0\uc2b5\ub2c8\uae4c?",
-"message.confirm.delete.acl.list": "\uc774 ACL \ubaa9\ub85d\uc744 \uc0ad\uc81c \ud558\uc2dc\uaca0\uc2b5\ub2c8\uae4c?",
+"message.confirm.delete.acl": "\uc774 ACL \ubaa9\ub85d\uc744 \uc0ad\uc81c \ud558\uc2dc\uaca0\uc2b5\ub2c8\uae4c?",
 "message.confirm.delete.bigswitchbcf": "\uc774 BigSwitch BCF \ucee8\ud2b8\ub864\ub7ec\ub97c \uc0ad\uc81c\ud560 \uac83\uc778\uc9c0 \ud655\uc778\ud558\uc2ed\uc2dc\uc624.",
 "message.confirm.delete.brocadevcs": "Brocade Vcs \uc2a4\uc704\uce58\ub97c \uc0ad\uc81c\ud560 \uac83\uc778\uc9c0 \ud655\uc778\ud558\uc2ed\uc2dc\uc624.",
 "message.confirm.delete.ciscoasa1000v": "CiscoASA1000\uc744 \uc0ad\uc81c\ud560 \uac83\uc778\uc9c0 \ud655\uc778\ud558\uc2ed\uc2dc\uc624.",
diff --git a/ui/public/locales/nb_NO.json b/ui/public/locales/nb_NO.json
index ec51f7415d3..586d1fc5b25 100644
--- a/ui/public/locales/nb_NO.json
+++ b/ui/public/locales/nb_NO.json
@@ -14,12 +14,12 @@
 "label.account.specific": "Kontospesifikk",
 "label.accounts": "Kontoer",
 "label.accounttype": "Kontotype",
-"label.acl.export": "Export ACLs",
+"label.acl.export": "Export ACL rules",
 "label.acl.id": "ACL ID",
-"label.acl.list.rules": "ACL Liste Regler",
+"label.acl.rules": "ACL Liste Regler",
 "label.acl.reason.description": "Enter the reason behind an ACL rule.",
 "label.aclid": "ACL",
-"label.aclname": "ACL Navn",
+"label.acl.rule.name": "ACL Navn",
 "label.acquire.new.ip": "Tilegne ny IP",
 "label.acquire.new.secondary.ip": "Tilegne ny sekund\u00e6r IP",
 "label.action": "Handling",
@@ -119,8 +119,8 @@
 "label.activeviewersessions": "Aktive sesjoner",
 "label.add": "Legg til",
 "label.add.account": "Legg til konto",
-"label.add.acl": "Legg til ACL",
-"label.add.acl.list": "Legg til ACL liste",
+"label.add.acl.rule": "Legg til ACL",
+"label.add.acl": "Legg til ACL liste",
 "label.add.affinity.group": "Legg til affinitetsgruppe",
 "label.add.baremetal.dhcp.device": "Legg Til Barmetall DHCP Enhet",
 "label.add.bigswitchbcf.device": "Legg til BigSwitch BCF kontroller",
@@ -142,12 +142,12 @@
 "label.add.ip.range": "Legg til IP-rekke",
 "label.add.isolated.network": "Legg Til Isolert Nettverk",
 "label.add.ldap.account": "Legg til LDAP-konto",
-"label.add.list.name": "ACL listenavn",
+"label.add.acl.name": "ACL listenavn",
 "label.add.more": "Legg til mer",
 "label.add.netscaler.device": "Legg til Netscaler enhet",
 "label.add.network": "Legg til nettverk",
 "label.add.network.acl": "Legg til nettverk ACL",
-"label.add.network.acl.list": "Legg til nettverk ACL liste",
+"label.add.network.acl": "Legg til nettverk ACL liste",
 "label.add.network.offering": "Legg til nettverkstilbud",
 "label.add.new.gateway": "Legg til ny gateway",
 "label.add.new.tier": "Legg til ny gren",
@@ -334,7 +334,7 @@
 "label.default.use": "Standard bruk",
 "label.default.view": "Standardvisning",
 "label.delete": "Slett",
-"label.delete.acl.list": "Slett ACL liste",
+"label.delete.acl": "Slett ACL liste",
 "label.delete.affinity.group": "Slett affinitetsgruppe",
 "label.delete.alerts": "Slette varsler",
 "label.delete.bigswitchbcf": "Fjern BigSwitch BCF-kontroller",
@@ -419,7 +419,7 @@
 "label.dpd": "D\u00f8d endepunkt-deteksjon",
 "label.driver": "Driver",
 "label.edit": "Editer",
-"label.edit.acl.list": "Edit ACL List",
+"label.edit.acl": "Edit ACL",
 "label.edit.acl.rule": "Endre ACL regel",
 "label.edit.project.details": "Editer prosjektdetaljer",
 "label.edit.role": "Edit Role",
@@ -924,7 +924,6 @@
 "label.remove.vpc.offering": "Fjern VPC tilbud",
 "label.removing": "Fjerner",
 "label.replace.acl": "Erstatt ACL",
-"label.replace.acl.list": "Erstatt ACL Liste",
 "label.required": "P\u00e5krevd",
 "label.requireshvm": "HVM",
 "label.requiresupgrade": "Krever oppgradering",
@@ -1150,8 +1149,7 @@
 "label.usehttps": "Bruk HTTPS",
 "label.usenewdiskoffering": "Replace disk offering?",
 "label.user": "Bruker",
-"label.userdata": "Brukerdata",
-"label.userdatal2": "Brukerdata",
+"label.user.data": "Brukerdata",
 "label.username": "Brukernavn",
 "label.users": "Brukere",
 "label.utilization": "Utilisation",
@@ -1329,7 +1327,7 @@
 "message.confirm.archive.selected.alerts": "Vennligst bekreft at du \u00f8nsker \u00e5 arkivere valgte varsler",
 "message.confirm.archive.selected.events": "Vennligst bekreft at du vil arkivere valgte hendelser",
 "message.confirm.attach.disk": "Er du sikker p\u00e5 at du vil tildele disk?",
-"message.confirm.delete.acl.list": "Er du sikker p\u00e5 at du \u00f8nsker \u00e5 slette denne ACL listen?",
+"message.confirm.delete.acl": "Er du sikker p\u00e5 at du \u00f8nsker \u00e5 slette denne ACL listen?",
 "message.confirm.delete.bigswitchbcf": "Vennligst bekreft at du \u00f8nsker \u00e5 slette denne BigSwitch BCF Controlleren?",
 "message.confirm.delete.brocadevcs": "Vennligst bekreft at du vil slette denne Brocade Vcs svitsjen",
 "message.confirm.delete.ciscoasa1000v": "Vennligst bekreft at du vil slette CiscoASA1000v",
diff --git a/ui/public/locales/nl_NL.json b/ui/public/locales/nl_NL.json
index 6bd1bf67159..15b1bbb1394 100644
--- a/ui/public/locales/nl_NL.json
+++ b/ui/public/locales/nl_NL.json
@@ -14,12 +14,12 @@
 "label.account.specific": "Account-specifiek",
 "label.accounts": "Accounts",
 "label.accounttype": "Account type",
-"label.acl.export": "Export ACLs",
+"label.acl.export": "Export ACL rules",
 "label.acl.id": "ACL ID",
-"label.acl.list.rules": "ACL lijst regels",
+"label.acl.rules": "ACL lijst regels",
 "label.acl.reason.description": "Enter the reason behind an ACL rule.",
 "label.aclid": "ACL",
-"label.aclname": "ACL naam",
+"label.acl.rule.name": "ACL naam",
 "label.acquire.new.ip": "Bemachtig nieuw IP",
 "label.acquire.new.secondary.ip": "Verkrijg nieuw secundair IP",
 "label.action": "Actie",
@@ -119,8 +119,8 @@
 "label.activeviewersessions": "Actieve Sessies",
 "label.add": "Voeg toe",
 "label.add.account": "Voeg Account toe",
-"label.add.acl": "Voeg ACL toe",
-"label.add.acl.list": "voeg een ACL lijst toe",
+"label.add.acl.rule": "Voeg ACL toe",
+"label.add.acl": "voeg een ACL lijst toe",
 "label.add.affinity.group": "Nieuwe affinity groep toevoegen",
 "label.add.baremetal.dhcp.device": "Voeg Baremetal DHCP Apparaat toe",
 "label.add.bigswitchbcf.device": "Voeg eenBigSwitch BCF controller toe",
@@ -142,12 +142,12 @@
 "label.add.ip.range": "Voeg IP range toe",
 "label.add.isolated.network": "Geisoleerd Netwerk Toevoegen",
 "label.add.ldap.account": "Voeg LDAP account toe",
-"label.add.list.name": "ACL lijst naam",
+"label.add.acl.name": "ACL lijst naam",
 "label.add.more": "Voeg meer toe",
 "label.add.netscaler.device": "Voeg Netscaler apparaat toe",
 "label.add.network": "Voeg Netwerk toe",
 "label.add.network.acl": "Voeg netwerk ACL toe",
-"label.add.network.acl.list": "voeg netwerk ACL lijst toe",
+"label.add.network.acl": "voeg netwerk ACL lijst toe",
 "label.add.network.offering": "Voeg netwerk aanbieding toe",
 "label.add.new.gateway": "Voeg nieuwe gateway toe",
 "label.add.new.tier": "Voeg nieuwe Tier toe",
@@ -334,7 +334,7 @@
 "label.default.use": "Standaard Gebruik",
 "label.default.view": "Standaard Weergave",
 "label.delete": "Verwijder",
-"label.delete.acl.list": "verwijder ACL lijst",
+"label.delete.acl": "verwijder ACL lijst",
 "label.delete.affinity.group": "Verwijder Affinity Groep",
 "label.delete.alerts": "Verwijder waarschuwingen",
 "label.delete.bigswitchbcf": "Verwijder BigSwitch BCF Controller",
@@ -420,7 +420,7 @@
 "label.driver": "Driver",
 "label.dynamicscalingenabled": "Dynamisch schalen ingeschakeld\n",
 "label.edit": "Wijzig",
-"label.edit.acl.list": "Verander een ACL lijst",
+"label.edit.acl": "Verander een ACL lijst",
 "label.edit.acl.rule": "wijzig ACL regel",
 "label.edit.project.details": "Wijzig project details",
 "label.edit.role": "Edit Role",
@@ -925,7 +925,6 @@
 "label.remove.vpc.offering": "VPC aanbieding verwijderen",
 "label.removing": "Verwijderen",
 "label.replace.acl": "vervang ACL",
-"label.replace.acl.list": "vervang ACL lijst",
 "label.required": "Vereist",
 "label.requireshvm": "HVM",
 "label.requiresupgrade": "Upgrade Benodigd",
@@ -1151,8 +1150,7 @@
 "label.usehttps": "Gebruik HTTPS",
 "label.usenewdiskoffering": "Replace disk offering?",
 "label.user": "Gebruiker",
-"label.userdata": "Gebruikers gegevens",
-"label.userdatal2": "Gebruiker Data",
+"label.user.data": "Gebruiker Data",
 "label.username": "Gebruikersnaam",
 "label.users": "Gebruikers",
 "label.utilization": "Utilisation",
@@ -1330,7 +1328,7 @@
 "message.confirm.archive.selected.alerts": "bevestig dat u de geselecteerde meldingen wilt archiveren, alstublieft",
 "message.confirm.archive.selected.events": "bevestig dat u de geselecteerde gebeurtenissen wilt archiveren, alstublieft",
 "message.confirm.attach.disk": "Weet U zeker dat U een disk wilt koppelen?",
-"message.confirm.delete.acl.list": "Weet U zeker dat U dit ACL wilt verwijderen?",
+"message.confirm.delete.acl": "Weet U zeker dat U dit ACL wilt verwijderen?",
 "message.confirm.delete.bigswitchbcf": "bevestig dat u deze BigSwitch BCF Controller wilt verwijderen, alstublieft",
 "message.confirm.delete.brocadevcs": "bevestigd dat Brocade Vcs Switch wilt verwijderen, altublieft",
 "message.confirm.delete.ciscoasa1000v": "bevestig dat u CiscoASA100v wilt verwijderen, alstublieft",
diff --git a/ui/public/locales/pl.json b/ui/public/locales/pl.json
index 6077da5928e..fbbbf612bc1 100644
--- a/ui/public/locales/pl.json
+++ b/ui/public/locales/pl.json
@@ -14,12 +14,12 @@
 "label.account.specific": "Account-Specific",
 "label.accounts": "Konta",
 "label.accounttype": "Account Type",
-"label.acl.export": "Export ACLs",
+"label.acl.export": "Export ACL rules",
 "label.acl.id": "ACL ID",
-"label.acl.list.rules": "ACL List Rules",
+"label.acl.rules": "ACL Rules",
 "label.acl.reason.description": "Enter the reason behind an ACL rule.",
 "label.aclid": "ACL",
-"label.aclname": "ACL Name",
+"label.acl.rule.name": "ACL Name",
 "label.acquire.new.ip": "Acquire New IP",
 "label.acquire.new.secondary.ip": "Acquire new secondary IP",
 "label.action": "Action",
@@ -119,8 +119,8 @@
 "label.activeviewersessions": "Active Sessions",
 "label.add": "Dodaj",
 "label.add.account": "Dodaj konto",
-"label.add.acl": "Dodaj ACL",
-"label.add.acl.list": "Add ACL List",
+"label.add.acl.rule": "Dodaj ACL",
+"label.add.acl": "Add ACL rule List",
 "label.add.affinity.group": "Add new affinity group",
 "label.add.baremetal.dhcp.device": "Add Baremetal DHCP Device",
 "label.add.bigswitchbcf.device": "Add BigSwitch BCF Controller",
@@ -142,12 +142,12 @@
 "label.add.ip.range": "Add IP Range",
 "label.add.isolated.network": "Add Isolated Network",
 "label.add.ldap.account": "Add LDAP account",
-"label.add.list.name": "ACL List Name",
+"label.add.acl.name": "ACL Name",
 "label.add.more": "Dodaj wi\u0119cej",
 "label.add.netscaler.device": "Add Netscaler device",
 "label.add.network": "Dodaj sie\u0107",
 "label.add.network.acl": "Add network ACL",
-"label.add.network.acl.list": "Add Network ACL List",
+"label.add.network.acl": "Add Network ACL",
 "label.add.network.offering": "Add network offering",
 "label.add.new.gateway": "Add new gateway",
 "label.add.new.tier": "Add new tier",
@@ -334,7 +334,7 @@
 "label.default.use": "Default Use",
 "label.default.view": "Widok domy\u015blny",
 "label.delete": "Usu\u0144",
-"label.delete.acl.list": "Delete ACL List",
+"label.delete.acl": "Delete ACL",
 "label.delete.affinity.group": "Delete Affinity Group",
 "label.delete.alerts": "Delete alerts",
 "label.delete.bigswitchbcf": "Remove BigSwitch BCF Controller",
@@ -419,7 +419,7 @@
 "label.dpd": "Dead Peer Detection",
 "label.driver": "Driver",
 "label.edit": "Edytuj",
-"label.edit.acl.list": "Edit ACL List",
+"label.edit.acl": "Edit ACL",
 "label.edit.acl.rule": "Edit ACL rule",
 "label.edit.project.details": "Zmie\u0144 szczeg\u00f3\u0142y projektu",
 "label.edit.role": "Edit Role",
@@ -924,7 +924,6 @@
 "label.remove.vpc.offering": "Remove VPC offering",
 "label.removing": "Usuwanie",
 "label.replace.acl": "Replace ACL",
-"label.replace.acl.list": "Replace ACL List",
 "label.required": "Wymagane",
 "label.requireshvm": "HVM",
 "label.requiresupgrade": "Requires Upgrade",
@@ -1150,8 +1149,7 @@
 "label.usehttps": "Use HTTPS",
 "label.usenewdiskoffering": "Replace disk offering?",
 "label.user": "U\u017cytkowni",
-"label.userdata": "Userdata",
-"label.userdatal2": "User Data",
+"label.user.data": "User Data",
 "label.username": "Nazwa u\u017cytkownika",
 "label.users": "U\u017cytkownicy",
 "label.utilization": "Utilisation",
@@ -1329,7 +1327,7 @@
 "message.confirm.archive.selected.alerts": "Please confirm you would like to archive the selected alerts",
 "message.confirm.archive.selected.events": "Please confirm you would like to archive the selected events",
 "message.confirm.attach.disk": "Are you sure you want to attach disk?",
-"message.confirm.delete.acl.list": "Are you sure you want to delete this ACL list?",
+"message.confirm.delete.acl": "Are you sure you want to delete this ACL?",
 "message.confirm.delete.bigswitchbcf": "Please confirm that you would like to delete this BigSwitch BCF Controller",
 "message.confirm.delete.brocadevcs": "Please confirm that you would like to delete Brocade Vcs Switch",
 "message.confirm.delete.ciscoasa1000v": "Please confirm you want to delete CiscoASA1000v",
diff --git a/ui/public/locales/pt_BR.json b/ui/public/locales/pt_BR.json
index 307c7e8a1ae..4d95b341ab4 100644
--- a/ui/public/locales/pt_BR.json
+++ b/ui/public/locales/pt_BR.json
@@ -33,10 +33,10 @@
 "label.accounttype": "Tipo de conta",
 "label.acl.export": "Exportar ACLs",
 "label.acl.id": "ACL ID",
-"label.acl.list.rules": "Lista de regras de ACL",
+"label.acl.rules": "Lista de regras de ACL",
 "label.acl.reason.description": "Motivo para se utilizar a regra.",
 "label.aclid": "ACL",
-"label.aclname": "Nome da ACL",
+"label.acl.rule.name": "Nome da ACL",
 "label.acquire.new.ip": "Adquirir novo IP",
 "label.acquire.new.secondary.ip": "Adquira um novo IP secund\u00e1rio",
 "label.acquiring.ip": "Obtendo IP",
@@ -168,8 +168,8 @@
 "label.activeviewersessions": "Sess\u00f5es ativas",
 "label.add": "Adicionar",
 "label.add.account": "Adicionar conta",
-"label.add.acl": "Adicionar ACL",
-"label.add.acl.list": "Adiciona lista ACL",
+"label.add.acl.rule": "Adicionar ACL",
+"label.add.acl": "Adiciona lista ACL",
 "label.add.affinity.group": "Adicionar um grupo de afinidade",
 "label.add.baremetal.dhcp.device": "Adicionar dispositivo DHCP baremetal",
 "label.add.bigswitchbcf.device": "Adicionar controlador BigSwitch BCF",
@@ -193,12 +193,12 @@
 "label.add.isolated.network": "Adiciona rede isolada",
 "label.add.kubernetes.cluster": "Adicionar cluster Kubernetes",
 "label.add.ldap.account": "Adicionar conta LDAP",
-"label.add.list.name": "Nome da lista ACL",
+"label.add.acl.name": "Nome da lista ACL",
 "label.add.more": "Adicionar mais",
 "label.add.netscaler.device": "Adicionar dispositivo Netscaler",
 "label.add.network": "Adicionar rede",
 "label.add.network.acl": "Adicione ACL de rede",
-"label.add.network.acl.list": "Adicionar lista de ACL de rede",
+"label.add.network.acl": "Adicionar lista de ACL de rede",
 "label.add.network.offering": "Adicionar oferta de rede",
 "label.add.new.gateway": "Adicionar novo gateway",
 "label.add.new.tier": "Adicionar nova camada",
@@ -480,7 +480,7 @@
 "label.default.view": "Visualiza\u00e7\u00e3o padr\u00e3o",
 "label.defaultnetwork": "Rede padr\u00e3o",
 "label.delete": "Remover",
-"label.delete.acl.list": "Apagar lista ACL",
+"label.delete.acl": "Apagar lista ACL",
 "label.delete.affinity.group": "Apagar grupo de afinidade",
 "label.delete.alerts": "Remover alertas",
 "label.delete.backup": "Apagar backup",
@@ -607,7 +607,7 @@
 "label.dynamicscalingenabled": "Escalonamento din\u00e2mico habilitado",
 "label.dynamicscalingenabled.tooltip": "VM s\u00f3 pode ser dinamicamente escalonada quando o escalonamento din\u00e2mico estiver habilitado no template, oferta de computa\u00e7\u00e3o e nas configura\u00e7\u00e3oes globais",
 "label.edit": "Editar",
-"label.edit.acl.list": "Editar lista ACL",
+"label.edit.acl": "Editar lista ACL",
 "label.edit.acl.rule": "Editar regra ACL",
 "label.edit.project.details": "Editar detalhes do projeto",
 "label.edit.project.role": "Editar fun\u00e7\u00e3o do projeto",
@@ -1064,7 +1064,7 @@
 "label.netscaler.vpx": "NetScaler VPX LoadBalancer",
 "label.network": "Rede",
 "label.network.acl": "ACL de rede",
-"label.network.acl.lists": "Lista de redes ACL",
+"label.network.acls": "Lista de redes ACL",
 "label.network.addvm": "Adicionar rede para VM",
 "label.network.desc": "Descri\u00e7\u00e3o de rede",
 "label.network.domain": "Dom\u00ednio de rede",
@@ -1352,7 +1352,6 @@
 "label.removed": "Removido",
 "label.removing": "Removendo",
 "label.replace.acl": "Substituir ACL",
-"label.replace.acl.list": "Substituir lista ACL",
 "label.report.bug": "Reportar um problema",
 "label.required": "Obrigat\u00f3rio",
 "label.requireshvm": "HVM",
@@ -1697,8 +1696,7 @@
 "label.usenewdiskoffering": "Substituir a oferta de disco?",
 "label.user": "Usu\u00e1rio",
 "label.user.conflict": "Conflito",
-"label.userdata": "Dados de usu\u00e1rio",
-"label.userdatal2": "Dados de usu\u00e1rio",
+"label.user.data": "Dados de usu\u00e1rio",
 "label.username": "Nome de usu\u00e1rio",
 "label.users": "Usu\u00e1rios",
 "label.usersource": "Tipo de usu\u00e1rio",
@@ -1974,7 +1972,7 @@
 "message.confirm.archive.selected.events": "Por favor confirme que voc\u00ea deseja arquivar os eventos selecionados",
 "message.confirm.attach.disk": "Voc\u00ea tem certeza que deseja conectar este disco?",
 "message.confirm.configure.ovs": "Voc\u00ea tem certeza de que quer configurar os Ovs?",
-"message.confirm.delete.acl.list": "Voc\u00ea tem certeza que deseja apagar esta lista ACL?",
+"message.confirm.delete.acl": "Voc\u00ea tem certeza que deseja apagar esta lista ACL?",
 "message.confirm.delete.bigswitchbcf": "Por favor, confirme que voc\u00ea deseja deletar este controlador BigSwitch BCF",
 "message.confirm.delete.brocadevcs": "Por favor confirme que voc\u00ea deseja remover o switch Brocade Vcs",
 "message.confirm.delete.ciscoasa1000v": "Favor confirmar que voc\u00ea deseja apagar este CiscoASA1000v",
diff --git a/ui/public/locales/ru_RU.json b/ui/public/locales/ru_RU.json
index 46d70081f1b..4fb3788bc51 100644
--- a/ui/public/locales/ru_RU.json
+++ b/ui/public/locales/ru_RU.json
@@ -14,12 +14,12 @@
 "label.account.specific": "\u0421\u043f\u0435\u0446\u0438\u0444\u0438\u043a\u0430 \u0430\u043a\u043a\u0430\u0443\u043d\u043d\u0442\u0430",
 "label.accounts": "\u0423\u0447\u0451\u0442\u043d\u044b\u0435 \u0437\u0430\u043f\u0438\u0441\u0438",
 "label.accounttype": "Account Type",
-"label.acl.export": "Export ACLs",
+"label.acl.export": "Export ACL rules",
 "label.acl.id": "ACL ID",
-"label.acl.list.rules": "ACL List Rules",
+"label.acl.rules": "ACL Rules",
 "label.acl.reason.description": "Enter the reason behind an ACL rule.",
 "label.aclid": "ACL",
-"label.aclname": "ACL Name",
+"label.acl.rule.name": "ACL Name",
 "label.acquire.new.ip": "\u041f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u0439 IP",
 "label.acquire.new.secondary.ip": "\u0417\u0430\u043f\u0440\u043e\u0441\u0438\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 IP-\u0430\u0434\u0440\u0435\u0441",
 "label.action": "\u0414\u0435\u0439\u0441\u0442\u0432\u0438\u044f",
@@ -119,8 +119,8 @@
 "label.activeviewersessions": "\u0410\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u0441\u0435\u0441\u0441\u0438\u0438",
 "label.add": "\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c",
 "label.add.account": "\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c",
-"label.add.acl": "\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c ACL",
-"label.add.acl.list": "Add ACL List",
+"label.add.acl.rule": "\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c ACL",
+"label.add.acl": "Add ACL",
 "label.add.affinity.group": "\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043d\u043e\u0432\u0443\u044e affinity group",
 "label.add.baremetal.dhcp.device": "Add Baremetal DHCP Device",
 "label.add.bigswitchbcf.device": "Add BigSwitch BCF Controller",
@@ -142,12 +142,12 @@
 "label.add.ip.range": "\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d \u0430\u0434\u0440\u0435\u0441\u043e\u0432",
 "label.add.isolated.network": "\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0438\u0437\u043e\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0441\u0435\u0442\u044c",
 "label.add.ldap.account": "\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c LDAP \u0430\u043a\u043a\u0430\u0443\u043d\u0442",
-"label.add.list.name": "ACL List Name",
+"label.add.acl.name": "ACL Name",
 "label.add.more": "\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0447\u0442\u043e-\u0442\u043e \u0435\u0449\u0435",
 "label.add.netscaler.device": "\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c Netscaler \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e",
 "label.add.network": "\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0441\u0435\u0442\u044c",
 "label.add.network.acl": "\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u0443\u044e ACL",
-"label.add.network.acl.list": "Add Network ACL List",
+"label.add.network.acl": "Add Network ACL",
 "label.add.network.offering": "\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0440\u0435\u0441\u0443\u0440\u0441\u044b",
 "label.add.new.gateway": "\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u0439 \u0448\u043b\u044e\u0437",
 "label.add.new.tier": "\u0414\u043e\u0431\u0430\u0432\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u0439 Tier",
@@ -334,7 +334,7 @@
 "label.default.use": "\u041f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e",
 "label.default.view": "\u0421\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0439 \u0432\u0438\u0434",
 "label.delete": "\u0423\u0434\u0430\u043b\u0438\u0442\u044c",
-"label.delete.acl.list": "Delete ACL List",
+"label.delete.acl": "Delete ACL",
 "label.delete.affinity.group": "\u0423\u0434\u0430\u043b\u0438\u0442\u044c affinity group",
 "label.delete.alerts": "\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0442\u0440\u0435\u0432\u043e\u0433\u0438",
 "label.delete.bigswitchbcf": "Remove BigSwitch BCF Controller",
@@ -418,7 +418,7 @@
 "label.dpd": "Dead Peer Detection",
 "label.driver": "Driver",
 "label.edit": "\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c",
-"label.edit.acl.list": "Edit ACL List",
+"label.edit.acl": "Edit ACL",
 "label.edit.acl.rule": "Edit ACL rule",
 "label.edit.project.details": "\u0420\u0435\u0434\u0430\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u0435\u0442\u0430\u043b\u0438 \u043f\u0440\u043e\u0435\u043a\u0442\u0430",
 "label.edit.role": "Edit Role",
@@ -923,7 +923,6 @@
 "label.remove.vpc.offering": "\u0423\u0434\u0430\u043b\u0438\u0442\u044c \u0443\u0441\u043b\u0443\u0433\u0443 VPC",
 "label.removing": "\u0423\u0434\u0430\u043b\u0435\u043d\u0438\u0435",
 "label.replace.acl": "Replace ACL",
-"label.replace.acl.list": "Replace ACL List",
 "label.required": "\u0422\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f",
 "label.requireshvm": "HVM",
 "label.requiresupgrade": "Requires Upgrade",
@@ -1149,8 +1148,7 @@
 "label.usehttps": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0439\u0442\u0435 HTTPS",
 "label.usenewdiskoffering": "Replace disk offering?",
 "label.user": "\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c",
-"label.userdata": "Userdata",
-"label.userdatal2": "User Data",
+"label.user.data": "User Data",
 "label.username": "\u0418\u043c\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f",
 "label.users": "\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438",
 "label.utilization": "Utilisation",
@@ -1328,7 +1326,7 @@
 "message.confirm.archive.selected.alerts": "Please confirm you would like to archive the selected alerts",
 "message.confirm.archive.selected.events": "Please confirm you would like to archive the selected events",
 "message.confirm.attach.disk": "Are you sure you want to attach disk?",
-"message.confirm.delete.acl.list": "Are you sure you want to delete this ACL list?",
+"message.confirm.delete.acl": "Are you sure you want to delete this ACL?",
 "message.confirm.delete.bigswitchbcf": "Please confirm that you would like to delete this BigSwitch BCF Controller",
 "message.confirm.delete.brocadevcs": "Please confirm that you would like to delete Brocade Vcs Switch",
 "message.confirm.delete.ciscoasa1000v": "Please confirm you want to delete CiscoASA1000v",
diff --git a/ui/public/locales/zh_CN.json b/ui/public/locales/zh_CN.json
index fc3a456a8fb..d09f960edf5 100644
--- a/ui/public/locales/zh_CN.json
+++ b/ui/public/locales/zh_CN.json
@@ -66,12 +66,12 @@
 
   "label.acl.export": "\u5BFC\u51FA ACL \u89C4\u5219",
   "label.acl.id": "ACL \u6807\u8BC6\u7801",
-  "label.acl.list.rules": "ACL\u5217\u8868\u7B56\u7565",
+  "label.acl.rules": "ACL\u5217\u8868\u7B56\u7565",
   "label.acl.reason.description": "\u8F93\u5165\u5B9A\u4E49 ACL \u7B56\u7565\u7684\u539F\u56E0\u3002",
   "label.acl.replaced": "ACL \u5DF2\u66FF\u6362",
 
   "label.aclid": "\u8BBF\u95EE\u63A7\u5236\uFF08ACL\uFF09",
-  "label.aclname": "ACL \u540D\u79F0",
+  "label.acl.rule.name": "ACL \u540D\u79F0",
   "label.acltotal": "\u7F51\u7EDC ACL \u603B\u6570",
   "label.acquire.new.ip": "\u83B7\u53D6\u65B0 IP \u5730\u5740",
   "label.acquire.new.secondary.ip": "\u83B7\u53D6\u65B0\u4E8C\u7EA7 IP \u5730\u5740",
@@ -336,8 +336,8 @@
   "label.add.account": "\u6DFB\u52A0\u5E10\u6237",
   "label.add.accounts": "\u6DFB\u52A0\u5E10\u6237",
   "label.add.accounts.to": "\u6DFB\u52A0\u5E10\u6237\u81F3",
-  "label.add.acl": "\u6DFB\u52A0 ACL",
-  "label.add.acl.list": "\u6DFB\u52A0 ACL \u5217\u8868",
+  "label.add.acl.rule": "\u6DFB\u52A0 ACL",
+  "label.add.acl": "\u6DFB\u52A0 ACL \u5217\u8868",
   "label.add.affinity.group": "\u6DFB\u52A0\u65B0\u5173\u8054\u6027\u7EC4",
 
   "label.add.baremetal.dhcp.device": "\u6DFB\u52A0\u88F8\u673A DHCP \u8BBE\u5907",
@@ -381,7 +381,7 @@
     "label.add.l2.guest.network": "\u6DFB\u52A0 L2 \u6765\u5BBE\u7F51\u7EDC",
   "label.add.ldap.account": "\u6DFB\u52A0 LDAP \u8D26\u6237",
   "label.add.ldap.list.users": "\u5217\u51FA LDAP \u7528\u6237",
-  "label.add.list.name": "ACL \u5217\u8868\u540D\u79F0",
+  "label.add.acl.name": "ACL \u5217\u8868\u540D\u79F0",
   "label.add.load.balancer": "\u6DFB\u52A0\u8D1F\u8F7D\u5747\u8861\u5668",
 
   "label.add.management.ip.range": "\u6DFB\u52A0\u7BA1\u7406 IP \u5730\u5740\u8303\u56F4",
@@ -389,7 +389,7 @@
   "label.add.netscaler.device": "\u6DFB\u52A0 Netscaler \u8BBE\u5907",
   "label.add.network": "\u6DFB\u52A0\u7F51\u7EDC",
   "label.add.network.acl": "\u6DFB\u52A0\u7F51\u7EDC ACL",
-  "label.add.network.acl.list": "\u6DFB\u52A0\u7F51\u7EDC ACL \u5217\u8868",
+  "label.add.network.acl": "\u6DFB\u52A0\u7F51\u7EDC ACL \u5217\u8868",
   "label.add.network.device": "\u6DFB\u52A0\u7F51\u7EDC\u8BBE\u5907",
   "label.add.network.offering": "\u6DFB\u52A0\u7F51\u7EDC\u65B9\u6848",
 
@@ -829,7 +829,7 @@
   "label.defaultnetwork": "\u9ED8\u8BA4\u7F51\u7EDC",
 
   "label.delete": "\u5220\u9664",
-  "label.delete.acl.list": "\u5220\u9664 ACL \u5217\u8868",
+  "label.delete.acl": "\u5220\u9664 ACL \u5217\u8868",
   "label.delete.affinity.group": "\u5220\u9664\u5173\u8054\u6027\u7EC4",
   "label.delete.alerts": "\u5220\u9664\u8B66\u62A5",
   "label.delete.backup": "\u5220\u9664\u5907\u4EFD",
@@ -1007,7 +1007,7 @@
   "label.computeonly.offering.tooltip": "\u5728\u8BA1\u7B97\u65B9\u6848\u4E2D\u6307\u5B9A\u4E0E\u6839\u78C1\u76D8\u76F8\u5173\u7684\u4FE1\u606F\u6216\u5C06\u78C1\u76D8\u65B9\u6848\u76F4\u63A5\u94FE\u63A5\u5230\u8BA1\u7B97\u65B9\u6848\u7684\u9009\u9879",
 
   "label.edit": "\u7F16\u8F91",
-  "label.edit.acl.list": "\u7F16\u8F91 ACL \u5217\u8868",
+  "label.edit.acl": "\u7F16\u8F91 ACL \u5217\u8868",
   "label.edit.acl.rule": "\u7F16\u8F91 ACL \u89C4\u5219",
   "label.edit.affinity.group": "\u7F16\u8F91\u5173\u8054\u6027\u7EC4",
   "label.edit.lb.rule": "\u7F16\u8F91\u8D1F\u8F7D\u5747\u8861\u5668\u89C4\u5219",
@@ -1717,7 +1717,7 @@
   "label.netscaler.vpx": "NetScaler VPX \u8D1F\u8F7D\u5747\u8861\u5668",
   "label.network": "\u7F51\u7EDC",
   "label.network.acl": "\u7F51\u7EDC ACL",
-  "label.network.acl.lists": "\u7F51\u7EDC ACL \u5217\u8868",
+  "label.network.acls": "\u7F51\u7EDC ACL \u5217\u8868",
   "label.network.acls": "\u7F51\u7EDC ACL",
   "label.network.addvm": "\u5C06\u7F51\u7EDC\u6DFB\u52A0\u5230\u865A\u62DF\u673A",
   "label.network.desc": "\u7F51\u7EDC\u63CF\u8FF0",
@@ -2136,7 +2136,6 @@
   "label.removing.user": "\u6B63\u5728\u5220\u9664\u7528\u6237",
 
   "label.replace.acl": "\u66FF\u6362 ACL",
-  "label.replace.acl.list": "\u66FF\u6362 ACL \u5217\u8868",
   "label.report.bug": "\u62A5\u544A\u95EE\u9898",
 
   "label.required": "\u5FC5\u586B\u9879",
@@ -2666,8 +2665,7 @@
   "label.user.details": "\u7528\u6237\u8BE6\u60C5",
   "label.user.source": "\u6765\u6E90",
   "label.user.vm": "\u7528\u6237\u865A\u62DF\u673A",
-  "label.userdata": "\u7528\u6237\u6570\u636E",
-  "label.userdatal2": "\u7528\u6237\u6570\u636E",
+  "label.user.data": "\u7528\u6237\u6570\u636E",
   "label.username": "\u7528\u6237\u540D",
   "label.users": "\u7528\u6237",
   "label.usersource": "\u7528\u6237\u7C7B\u578B",
@@ -3129,7 +3127,7 @@
   "message.confirm.dedicate.pod.domain.account": "\u662F\u5426\u786E\u5B9E\u8981\u5C06\u6B64\u63D0\u4F9B\u70B9\u4E13\u7528\u4E8E\u57DF/\u5E10\u6237\uFF1F",
   "message.confirm.dedicate.zone": "\u662F\u5426\u8981\u5C06\u6B64\u8D44\u6E90\u57DF\u4E13\u7528\u4E8E\u57DF/\u5E10\u6237\uFF1F",
 
-  "message.confirm.delete.acl.list": "\u662F\u5426\u786E\u5B9E\u8981\u5220\u9664\u6B64 ACL \u5217\u8868\uFF1F",
+  "message.confirm.delete.acl": "\u662F\u5426\u786E\u5B9E\u8981\u5220\u9664\u6B64 ACL \u5217\u8868\uFF1F",
   "message.confirm.delete.alert": "\u662F\u5426\u786E\u5B9E\u8981\u5220\u9664\u6B64\u8B66\u62A5\uFF1F",
   "message.confirm.delete.baremetal.rack.configuration": "\u8BF7\u786E\u8BA4\u60A8\u786E\u5B9E\u8981\u5220\u9664 Baremetal Rack \u914D\u7F6E",
   "message.confirm.delete.bigswitchbcf": "\u8BF7\u786E\u8BA4\u60A8\u786E\u5B9E\u8981\u5220\u9664\u6B64 BigSwitch BCF \u63A7\u5236\u5668",
diff --git a/ui/src/components/view/InfoCard.vue b/ui/src/components/view/InfoCard.vue
index d467665ed5f..1769d1329bb 100644
--- a/ui/src/components/view/InfoCard.vue
+++ b/ui/src/components/view/InfoCard.vue
@@ -666,7 +666,7 @@
               </div>
             </div>
             <div class="resource-detail-item" v-if="resource.userdataname">
-              <div class="resource-detail-item__label">{{ $t('label.userdata') }}</div>
+              <div class="resource-detail-item__label">{{ $t('label.user.data') }}</div>
               <div class="resource-detail-item__details">
                 <solution-outlined />
                 <router-link v-if="!isStatic && $router.resolve('/userdata/' + resource.userdataid).matched[0].redirect !== '/exception/404'" :to="{ path: '/userdata/' + resource.userdataid }">{{ resource.userdataname || resource.userdataid }}</router-link>
diff --git a/ui/src/config/section/account.js b/ui/src/config/section/account.js
index 86dd909a0e3..63c802281b9 100644
--- a/ui/src/config/section/account.js
+++ b/ui/src/config/section/account.js
@@ -55,7 +55,7 @@ export default {
     param: 'account'
   }, {
     name: 'userdata',
-    title: 'label.userdata',
+    title: 'label.user.data',
     param: 'account'
   }, {
     name: 'template',
diff --git a/ui/src/config/section/compute.js b/ui/src/config/section/compute.js
index b6a72b82f91..3b483c19b74 100644
--- a/ui/src/config/section/compute.js
+++ b/ui/src/config/section/compute.js
@@ -397,7 +397,7 @@ export default {
         {
           api: 'resetUserDataForVirtualMachine',
           icon: 'solution-outlined',
-          label: 'label.reset.userdata.on.vm',
+          label: 'label.reset.user.data.on.vm',
           message: 'message.desc.reset.userdata',
           docHelp: 'adminguide/virtual_machines.html#resetting-userdata',
           dataView: true,
@@ -909,7 +909,7 @@ export default {
     },
     {
       name: 'userdata',
-      title: 'label.user.data',
+      title: 'label.user.data.library',
       icon: 'solution-outlined',
       docHelp: 'adminguide/virtual_machines.html#user-data-and-meta-data',
       permission: ['listUserData'],
@@ -948,7 +948,7 @@ export default {
           api: 'registerUserData',
           icon: 'plus-outlined',
           label: 'label.register.user.data',
-          docHelp: 'adminguide/virtual_machines.html#creating-the-ssh-keypair',
+          docHelp: 'adminguide/virtual_machines.html#user-data-and-meta-data',
           listView: true,
           popup: true,
           component: shallowRef(defineAsyncComponent(() => import('@/views/compute/RegisterUserData.vue')))
diff --git a/ui/src/config/section/network.js b/ui/src/config/section/network.js
index 4e58c7a4cd8..30aae3a8deb 100644
--- a/ui/src/config/section/network.js
+++ b/ui/src/config/section/network.js
@@ -182,7 +182,7 @@ export default {
         {
           api: 'replaceNetworkACLList',
           icon: 'swap-outlined',
-          label: 'label.replace.acl.list',
+          label: 'label.replace.acl',
           message: 'message.confirm.replace.acl.new.one',
           docHelp: 'adminguide/networking_and_traffic.html#configuring-network-access-control-list',
           dataView: true,
@@ -698,7 +698,7 @@ export default {
         {
           api: 'resetUserDataForVirtualMachine',
           icon: 'solution-outlined',
-          label: 'label.reset.userdata.on.vm',
+          label: 'label.reset.user.data.on.vm',
           message: 'message.desc.reset.userdata',
           docHelp: 'adminguide/virtual_machines.html#resetting-userdata',
           dataView: true,
@@ -965,7 +965,7 @@ export default {
         {
           api: 'replaceNetworkACLList',
           icon: 'swap-outlined',
-          label: 'label.replace.acl.list',
+          label: 'label.replace.acl',
           message: 'message.confirm.replace.acl.new.one',
           docHelp: 'adminguide/networking_and_traffic.html#acl-on-private-gateway',
           dataView: true,
@@ -1062,10 +1062,9 @@ export default {
     },
     {
       name: 'acllist',
-      title: 'label.network.acl.lists',
+      title: 'label.network.acls',
       icon: 'bars-outlined',
       docHelp: 'adminguide/networking_and_traffic.html#configuring-network-access-control-list',
-      hidden: true,
       permission: ['listNetworkACLLists'],
       columns: ['name', 'description', 'id'],
       details: ['name', 'description', 'id'],
@@ -1073,15 +1072,15 @@ export default {
         name: 'details',
         component: shallowRef(defineAsyncComponent(() => import('@/components/view/DetailsTab.vue')))
       }, {
-        name: 'acl.list.rules',
-        component: shallowRef(defineAsyncComponent(() => import('@/views/network/AclListRulesTab.vue'))),
+        name: 'acl.rules',
+        component: shallowRef(defineAsyncComponent(() => import('@/views/network/AclRulesTab.vue'))),
         show: () => true
       }],
       actions: [
         {
           api: 'createNetworkACLList',
           icon: 'plus-outlined',
-          label: 'label.add.acl.list',
+          label: 'label.add.acl',
           docHelp: 'adminguide/networking_and_traffic.html#creating-acl-lists',
           listView: true,
           args: ['name', 'description', 'vpcid']
@@ -1089,15 +1088,15 @@ export default {
         {
           api: 'updateNetworkACLList',
           icon: 'edit-outlined',
-          label: 'label.edit.acl.list',
+          label: 'label.edit.acl',
           dataView: true,
           args: ['name', 'description']
         },
         {
           api: 'deleteNetworkACLList',
           icon: 'delete-outlined',
-          label: 'label.delete.acl.list',
-          message: 'message.confirm.delete.acl.list',
+          label: 'label.delete.acl',
+          message: 'message.confirm.delete.acl',
           dataView: true
         }
       ]
diff --git a/ui/src/views/compute/AutoScaleVmProfile.vue b/ui/src/views/compute/AutoScaleVmProfile.vue
index 208fa6a881e..20a87065cf4 100644
--- a/ui/src/views/compute/AutoScaleVmProfile.vue
+++ b/ui/src/views/compute/AutoScaleVmProfile.vue
@@ -76,7 +76,7 @@
       <div class="form" v-if="userdataid">
         <div class="form__item">
           <div class="form__label">
-            <tooltip-label :title="$t('label.userdataid')"/>
+            <tooltip-label :title="$t('label.user.data.id')"/>
           </div>
           {{ userdataid }}
         </div>
@@ -84,7 +84,7 @@
       <div class="form" v-if="userdataname">
         <div class="form__item">
           <div class="form__label">
-            <tooltip-label :title="$t('label.userdataname')"/>
+            <tooltip-label :title="$t('label.user.data.name')"/>
           </div>
           {{ userdataname }}
         </div>
@@ -92,7 +92,7 @@
       <div class="form" v-if="userdatadetails">
         <div class="form__item">
           <div class="form__label">
-            <tooltip-label :title="$t('label.userdatadetails')"/>
+            <tooltip-label :title="$t('label.user.data.details')"/>
           </div>
           {{ userdatadetails }}
         </div>
@@ -100,7 +100,7 @@
       <div class="form" v-if="userdatapolicy">
         <div class="form__item">
           <div class="form__label">
-            <tooltip-label :title="$t('label.userdatapolicy')"/>
+            <tooltip-label :title="$t('label.user.data.policy')"/>
           </div>
           {{ userdatapolicy }}
         </div>
@@ -108,7 +108,7 @@
       <div class="form">
         <div class="form__item">
           <div class="form__label">
-            <tooltip-label :title="$t('label.userdata')" :tooltip="createAutoScaleVmProfileApiParams.userdata.description"/>
+            <tooltip-label :title="$t('label.user.data')" :tooltip="createAutoScaleVmProfileApiParams.userdata.description"/>
           </div>
           <a-textarea v-model:value="userdata" rows="5" :disabled="true">
           </a-textarea>
@@ -124,7 +124,7 @@
         <div class="form__item">
           <a-button ref="submit" :disabled="!('updateAutoScaleVmProfile' in $store.getters.apis) || resource.state !== 'DISABLED'" type="primary" @click="showUpdateUserDataForm = true">
             <template #icon><solution-outlined /></template>
-            {{ $t('label.reset.userdata.on.autoscale.vm.group') }}
+            {{ $t('label.reset.user.data.on.autoscale.vm.group') }}
           </a-button>
         </div>
       </div>
@@ -291,7 +291,7 @@
 
     <a-modal
       :visible="showUpdateUserDataForm"
-      :title="$t('label.reset.userdata.on.autoscale.vm.group')"
+      :title="$t('label.reset.user.data.on.autoscale.vm.group')"
       :closable="true"
       :maskClosable="false"
       :footer="null"
diff --git a/ui/src/views/compute/CreateAutoScaleVmGroup.vue b/ui/src/views/compute/CreateAutoScaleVmGroup.vue
index 4113c118dce..47fd3f0ed45 100644
--- a/ui/src/views/compute/CreateAutoScaleVmGroup.vue
+++ b/ui/src/views/compute/CreateAutoScaleVmGroup.vue
@@ -764,7 +764,7 @@
                     </a-form-item>
                     <a-form-item>
                       <template #label>
-                        <tooltip-label :title="$t('label.userdata')" :tooltip="createAutoScaleVmProfileApiParams.userdata.description"/>
+                        <tooltip-label :title="$t('label.user.data')" :tooltip="createAutoScaleVmProfileApiParams.userdata.description"/>
                       </template>
                       <a-card>
                         <div v-if="this.template && this.template.userdataid">
@@ -792,11 +792,11 @@
                         </div><br/><br/>
                         <div v-if="userdataDefaultOverridePolicy === 'ALLOWOVERRIDE' || userdataDefaultOverridePolicy === 'APPEND' || !userdataDefaultOverridePolicy">
                           <span v-if="userdataDefaultOverridePolicy === 'ALLOWOVERRIDE'" >
-                            {{ $t('label.userdata.do.override') }}
+                            {{ $t('label.user.data.do.override') }}
                             <a-switch v-model:checked="doUserdataOverride" style="margin-left: 10px"/>
                           </span>
                           <span v-if="userdataDefaultOverridePolicy === 'APPEND'">
-                            {{ $t('label.userdata.do.append') }}
+                            {{ $t('label.user.data.do.append') }}
                             <a-switch v-model:checked="doUserdataAppend" style="margin-left: 10px"/>
                           </span>
                           <a-step
@@ -1248,11 +1248,11 @@ export default {
       userDataValues: {},
       templateUserDataCols: [
         {
-          title: this.$t('label.userdata'),
+          title: this.$t('label.user.data'),
           dataIndex: 'userdata'
         },
         {
-          title: this.$t('label.userdatapolicy'),
+          title: this.$t('label.user.data.policy'),
           dataIndex: 'userdataoverridepolicy'
         }
       ],
@@ -1434,11 +1434,11 @@ export default {
       let tabList = []
       tabList = [{
         key: 'userdataregistered',
-        tab: this.$t('label.userdata.registered')
+        tab: this.$t('label.user.data.registered')
       },
       {
         key: 'userdatatext',
-        tab: this.$t('label.userdata.text')
+        tab: this.$t('label.user.data.text')
       }]
       return tabList
     },
diff --git a/ui/src/views/compute/DeployVM.vue b/ui/src/views/compute/DeployVM.vue
index d61c9e08ea9..1420a648255 100644
--- a/ui/src/views/compute/DeployVM.vue
+++ b/ui/src/views/compute/DeployVM.vue
@@ -603,7 +603,7 @@
                           @change="val => { dynamicscalingenabled = val }"/>
                       </a-form-item>
                     </a-form-item>
-                    <a-form-item :label="$t('label.userdata')">
+                    <a-form-item :label="$t('label.user.data')">
                       <a-card>
                         <div v-if="this.template && this.template.userdataid">
                           <a-text type="primary">
@@ -657,11 +657,11 @@
                         </div><br/><br/>
                         <div v-if="userdataDefaultOverridePolicy === 'ALLOWOVERRIDE' || userdataDefaultOverridePolicy === 'APPEND' || !userdataDefaultOverridePolicy">
                           <span v-if="userdataDefaultOverridePolicy === 'ALLOWOVERRIDE'" >
-                            {{ $t('label.userdata.do.override') }}
+                            {{ $t('label.user.data.do.override') }}
                             <a-switch v-model:checked="doUserdataOverride" style="margin-left: 10px"/>
                           </span>
                           <span v-if="userdataDefaultOverridePolicy === 'APPEND'">
-                            {{ $t('label.userdata.do.append') }}
+                            {{ $t('label.user.data.do.append') }}
                             <a-switch v-model:checked="doUserdataAppend" style="margin-left: 10px"/>
                           </span>
                           <a-step
@@ -1040,11 +1040,11 @@ export default {
       userDataValues: {},
       templateUserDataCols: [
         {
-          title: this.$t('label.userdata'),
+          title: this.$t('label.user.data'),
           dataIndex: 'userdata'
         },
         {
-          title: this.$t('label.userdatapolicy'),
+          title: this.$t('label.user.data.policy'),
           dataIndex: 'userdataoverridepolicy'
         }
       ],
@@ -1393,11 +1393,11 @@ export default {
       let tabList = []
       tabList = [{
         key: 'userdataregistered',
-        tab: this.$t('label.userdata.registered')
+        tab: this.$t('label.user.data.registered')
       },
       {
         key: 'userdatatext',
-        tab: this.$t('label.userdata.text')
+        tab: this.$t('label.user.data.text')
       }]
 
       return tabList
diff --git a/ui/src/views/compute/DeployVnfAppliance.vue b/ui/src/views/compute/DeployVnfAppliance.vue
index b7e797ee57c..5e447131bc9 100644
--- a/ui/src/views/compute/DeployVnfAppliance.vue
+++ b/ui/src/views/compute/DeployVnfAppliance.vue
@@ -564,7 +564,7 @@
                           @change="val => { dynamicscalingenabled = val }"/>
                       </a-form-item>
                     </a-form-item>
-                    <a-form-item :label="$t('label.userdata')">
+                    <a-form-item :label="$t('label.user.data')">
                       <a-card>
                         <div v-if="this.template && this.template.userdataid">
                           <a-text type="primary">
@@ -618,11 +618,11 @@
                         </div><br/><br/>
                         <div v-if="userdataDefaultOverridePolicy === 'ALLOWOVERRIDE' || userdataDefaultOverridePolicy === 'APPEND' || !userdataDefaultOverridePolicy">
                           <span v-if="userdataDefaultOverridePolicy === 'ALLOWOVERRIDE'" >
-                            {{ $t('label.userdata.do.override') }}
+                            {{ $t('label.user.data.do.override') }}
                             <a-switch v-model:checked="doUserdataOverride" style="margin-left: 10px"/>
                           </span>
                           <span v-if="userdataDefaultOverridePolicy === 'APPEND'">
-                            {{ $t('label.userdata.do.append') }}
+                            {{ $t('label.user.data.do.append') }}
                             <a-switch v-model:checked="doUserdataAppend" style="margin-left: 10px"/>
                           </span>
                           <a-step
@@ -1015,11 +1015,11 @@ export default {
       userDataValues: {},
       templateUserDataCols: [
         {
-          title: this.$t('label.userdata'),
+          title: this.$t('label.user.data'),
           dataIndex: 'userdata'
         },
         {
-          title: this.$t('label.userdatapolicy'),
+          title: this.$t('label.user.data.policy'),
           dataIndex: 'userdataoverridepolicy'
         }
       ],
@@ -1291,11 +1291,11 @@ export default {
       let tabList = []
       tabList = [{
         key: 'userdataregistered',
-        tab: this.$t('label.userdata.registered')
+        tab: this.$t('label.user.data.registered')
       },
       {
         key: 'userdatatext',
-        tab: this.$t('label.userdata.text')
+        tab: this.$t('label.user.data.text')
       }]
 
       return tabList
diff --git a/ui/src/views/compute/EditVM.vue b/ui/src/views/compute/EditVM.vue
index 834e11c3773..b534045f4bf 100644
--- a/ui/src/views/compute/EditVM.vue
+++ b/ui/src/views/compute/EditVM.vue
@@ -86,7 +86,7 @@
       </a-form-item>
       <a-form-item v-if="userDataEnabled">
         <template #label>
-          <tooltip-label :title="$t('label.userdata')" :tooltip="apiParams.userdata.description"/>
+          <tooltip-label :title="$t('label.user.data')" :tooltip="apiParams.userdata.description"/>
         </template>
         <a-textarea v-model:value="form.userdata">
         </a-textarea>
diff --git a/ui/src/views/compute/RegisterUserData.vue b/ui/src/views/compute/RegisterUserData.vue
index 8e6311fdf9a..3fb54962f2b 100644
--- a/ui/src/views/compute/RegisterUserData.vue
+++ b/ui/src/views/compute/RegisterUserData.vue
@@ -37,18 +37,18 @@
         </a-form-item>
         <a-form-item name="userdata" ref="userdata">
           <template #label>
-            <tooltip-label :title="$t('label.userdata')" :tooltip="apiParams.userdata.description"/>
+            <tooltip-label :title="$t('label.user.data')" :tooltip="$t('label.register.user.data.details')"/>
           </template>
           <a-textarea
             v-model:value="form.userdata"
-            :placeholder="apiParams.userdata.description"/>
+            :placeholder="$t('label.register.user.data.details')"/>
         </a-form-item>
         <a-form-item name="isbase64" ref="isbase64" :label="$t('label.is.base64.encoded')">
           <a-checkbox v-model:checked="form.isbase64"></a-checkbox>
         </a-form-item>
         <a-form-item name="params" ref="params">
           <template #label>
-            <tooltip-label :title="$t('label.userdataparams')" :tooltip="apiParams.params.description"/>
+            <tooltip-label :title="$t('label.user.data.params')" :tooltip="apiParams.params.description"/>
           </template>
           <a-select
             mode="tags"
@@ -155,7 +155,7 @@ export default {
       })
       this.rules = reactive({
         name: [{ required: true, message: this.$t('message.error.name') }],
-        userdata: [{ required: true, message: this.$t('message.error.userdata') }]
+        userdata: [{ required: true, message: this.$t('message.error.user.data') }]
       })
     },
     fetchData () {
diff --git a/ui/src/views/compute/ResetUserData.vue b/ui/src/views/compute/ResetUserData.vue
index 6c57d13dc21..8849db5dcca 100644
--- a/ui/src/views/compute/ResetUserData.vue
+++ b/ui/src/views/compute/ResetUserData.vue
@@ -52,11 +52,11 @@
       </div>
       <div v-if="userdataDefaultOverridePolicy === 'ALLOWOVERRIDE' || userdataDefaultOverridePolicy === 'APPEND' || !userdataDefaultOverridePolicy">
         <span v-if="userdataDefaultOverridePolicy === 'ALLOWOVERRIDE'" >
-          {{ $t('label.userdata.do.override') }}
+          {{ $t('label.user.data.do.override') }}
           <a-switch v-model:checked="doUserdataOverride" style="margin-left: 10px"/>
         </span>
         <span v-if="userdataDefaultOverridePolicy === 'APPEND'">
-          {{ $t('label.userdata.do.append') }}
+          {{ $t('label.user.data.do.append') }}
           <a-switch v-model:checked="doUserdataAppend" style="margin-left: 10px"/>
         </span>
         <a-step>
@@ -198,11 +198,11 @@ export default {
       userDataValues: {},
       templateUserDataCols: [
         {
-          title: this.$t('label.userdata'),
+          title: this.$t('label.user.data'),
           dataIndex: 'userdata'
         },
         {
-          title: this.$t('label.userdatapolicy'),
+          title: this.$t('label.user.data.policy'),
           dataIndex: 'userdataoverridepolicy'
         }
       ],
@@ -282,11 +282,11 @@ export default {
     loadUserdataTabList () {
       this.userdataTabList = [{
         key: 'userdataregistered',
-        tab: this.$t('label.userdata.registered')
+        tab: this.$t('label.user.data.registered')
       },
       {
         key: 'userdatatext',
-        tab: this.$t('label.userdata.text')
+        tab: this.$t('label.user.data.text')
       }]
     },
     onUserdataTabChange (key, type) {
@@ -368,7 +368,7 @@ export default {
 
       api(resetUserDataApiName, args, httpMethod, data).then(json => {
         this.$message.success({
-          content: `${this.$t('label.action.userdata.reset')} - ${this.$t('label.success')}`,
+          content: `${this.$t('label.action.user.data.reset')} - ${this.$t('label.success')}`,
           duration: 2
         })
         this.$emit('refresh-data')
diff --git a/ui/src/views/compute/wizard/UserDataSelection.vue b/ui/src/views/compute/wizard/UserDataSelection.vue
index 74e3a3be400..0b8fdc06952 100644
--- a/ui/src/views/compute/wizard/UserDataSelection.vue
+++ b/ui/src/views/compute/wizard/UserDataSelection.vue
@@ -33,7 +33,7 @@
       :scroll="{ y: 225 }"
     >
       <template #headerCell="{ column }">
-        <template v-if="column.key === 'name'"><solution-outlined /> {{ $t('label.userdata') }}</template>
+        <template v-if="column.key === 'name'"><solution-outlined /> {{ $t('label.user.data') }}</template>
         <template v-if="column.key === 'account'"><user-outlined /> {{ $t('label.account') }}</template>
         <template v-if="column.key === 'domain'"><block-outlined /> {{ $t('label.domain') }}</template>
       </template>
@@ -81,7 +81,7 @@ export default {
         {
           key: 'name',
           dataIndex: 'name',
-          title: this.$t('label.userdata'),
+          title: this.$t('label.user.data'),
           width: '40%'
         },
         {
diff --git a/ui/src/views/image/RegisterOrUploadIso.vue b/ui/src/views/image/RegisterOrUploadIso.vue
index 6c26f08b581..871a8482e99 100644
--- a/ui/src/views/image/RegisterOrUploadIso.vue
+++ b/ui/src/views/image/RegisterOrUploadIso.vue
@@ -218,7 +218,7 @@
               name="userdataid"
               ref="userdataid">
               <template #label>
-                <tooltip-label :title="$t('label.userdata')" :tooltip="linkUserDataParams.userdataid.description"/>
+                <tooltip-label :title="$t('label.user.data')" :tooltip="linkUserDataParams.userdataid.description"/>
               </template>
               <a-select
                 showSearch
@@ -238,7 +238,7 @@
           <a-col :md="24" :lg="12">
             <a-form-item ref="userdatapolicy" name="userdatapolicy">
               <template #label>
-                <tooltip-label :title="$t('label.userdatapolicy')" :tooltip="linkUserDataParams.userdatapolicy.description"/>
+                <tooltip-label :title="$t('label.user.data.policy')" :tooltip="linkUserDataParams.userdatapolicy.description"/>
               </template>
               <a-select
                 showSearch
diff --git a/ui/src/views/image/RegisterOrUploadTemplate.vue b/ui/src/views/image/RegisterOrUploadTemplate.vue
index 74ad9270721..c3f812773be 100644
--- a/ui/src/views/image/RegisterOrUploadTemplate.vue
+++ b/ui/src/views/image/RegisterOrUploadTemplate.vue
@@ -377,7 +377,7 @@
               name="userdataid"
               ref="userdataid">
               <template #label>
-                <tooltip-label :title="$t('label.userdata')" :tooltip="linkUserDataParams.userdataid.description"/>
+                <tooltip-label :title="$t('label.user.data')" :tooltip="linkUserDataParams.userdataid.description"/>
               </template>
               <a-select
                 showSearch
@@ -397,7 +397,7 @@
           <a-col :md="24" :lg="12">
             <a-form-item ref="userdatapolicy" name="userdatapolicy">
               <template #label>
-                <tooltip-label :title="$t('label.userdatapolicy')" :tooltip="linkUserDataParams.userdatapolicy.description"/>
+                <tooltip-label :title="$t('label.user.data.policy')" :tooltip="linkUserDataParams.userdatapolicy.description"/>
               </template>
               <a-select
                 showSearch
diff --git a/ui/src/views/image/UpdateISO.vue b/ui/src/views/image/UpdateISO.vue
index 00e1cc536c2..5d198331dfc 100644
--- a/ui/src/views/image/UpdateISO.vue
+++ b/ui/src/views/image/UpdateISO.vue
@@ -79,7 +79,7 @@
             <a-form-item
               name="userdataid"
               ref="userdataid"
-              :label="$t('label.userdata')">
+              :label="$t('label.user.data')">
               <a-select
                 showSearch
                 optionFilterProp="label"
@@ -98,7 +98,7 @@
           <a-col :md="24" :lg="12">
             <a-form-item ref="userdatapolicy" name="userdatapolicy">
               <template #label>
-                <tooltip-label :title="$t('label.userdatapolicy')" :tooltip="$t('label.userdatapolicy.tooltip')"/>
+                <tooltip-label :title="$t('label.user.data.policy')" :tooltip="$t('label.user.data.policy.tooltip')"/>
               </template>
               <a-select
                 showSearch
diff --git a/ui/src/views/image/UpdateTemplate.vue b/ui/src/views/image/UpdateTemplate.vue
index 3a7a5a3f640..7db402cdd5b 100644
--- a/ui/src/views/image/UpdateTemplate.vue
+++ b/ui/src/views/image/UpdateTemplate.vue
@@ -109,7 +109,7 @@
             <a-form-item
               name="userdataid"
               ref="userdataid"
-              :label="$t('label.userdata')">
+              :label="$t('label.user.data')">
               <a-select
                 showSearch
                 optionFilterProp="label"
@@ -128,7 +128,7 @@
           <a-col :md="24" :lg="12">
             <a-form-item ref="userdatapolicy" name="userdatapolicy">
               <template #label>
-                <tooltip-label :title="$t('label.userdatapolicy')" :tooltip="$t('label.userdatapolicy.tooltip')"/>
+                <tooltip-label :title="$t('label.user.data.policy')" :tooltip="$t('label.user.data.policy.tooltip')"/>
               </template>
               <a-select
                 showSearch
diff --git a/ui/src/views/network/AclListRulesTab.vue b/ui/src/views/network/AclRulesTab.vue
similarity index 99%
rename from ui/src/views/network/AclListRulesTab.vue
rename to ui/src/views/network/AclRulesTab.vue
index e01e61289e5..c77a928370e 100644
--- a/ui/src/views/network/AclListRulesTab.vue
+++ b/ui/src/views/network/AclRulesTab.vue
@@ -25,7 +25,7 @@
         :disabled="!('createNetworkACL' in $store.getters.apis)"
         @click="openAddRuleModal">
         <template #icon><plus-outlined /></template>
-        {{ $t('label.add') }} {{ $t('label.aclid') }}
+        {{ $t('label.add.acl.rule') }}
       </a-button>
 
       <a-button type="dashed" @click="exportAclList" style="width: 100%">
diff --git a/ui/src/views/network/VpcTab.vue b/ui/src/views/network/VpcTab.vue
index 5c0838ff7e0..e4a1513adbd 100644
--- a/ui/src/views/network/VpcTab.vue
+++ b/ui/src/views/network/VpcTab.vue
@@ -34,14 +34,14 @@
       <a-tab-pane :tab="$t('label.public.ips')" key="ip" v-if="'listPublicIpAddresses' in $store.getters.apis">
         <IpAddressesTab :resource="resource" :loading="loading" />
       </a-tab-pane>
-      <a-tab-pane :tab="$t('label.network.acl.lists')" key="acl" v-if="'listNetworkACLLists' in $store.getters.apis">
+      <a-tab-pane :tab="$t('label.network.acls')" key="acl" v-if="'listNetworkACLLists' in $store.getters.apis">
         <a-button
           type="dashed"
           style="width: 100%"
           :disabled="!('createNetworkACLList' in $store.getters.apis)"
           @click="() => handleOpenModals('networkAcl')">
           <template #icon><plus-circle-outlined /></template>
-          {{ $t('label.add.network.acl.list') }}
+          {{ $t('label.add.network.acl') }}
         </a-button>
         <a-table
           class="table"
@@ -76,7 +76,7 @@
         </a-pagination>
         <a-modal
           :visible="modals.networkAcl"
-          :title="$t('label.add.acl.list')"
+          :title="$t('label.add.acl')"
           :footer="null"
           :maskClosable="false"
           :closable="true"
@@ -89,7 +89,7 @@
             @finish="handleNetworkAclFormSubmit"
             v-ctrl-enter="handleNetworkAclFormSubmit"
            >
-            <a-form-item :label="$t('label.add.list.name')" ref="name" name="name">
+            <a-form-item :label="$t('label.add.acl.name')" ref="name" name="name">
               <a-input
                 v-model:value="form.name"
                 v-focus="true"></a-input>
diff --git a/ui/src/views/offering/AddNetworkOffering.vue b/ui/src/views/offering/AddNetworkOffering.vue
index 2ee2f61cf0d..fcdd4f3d176 100644
--- a/ui/src/views/offering/AddNetworkOffering.vue
+++ b/ui/src/views/offering/AddNetworkOffering.vue
@@ -190,7 +190,7 @@
             </a-form-item>
           </a-col>
         </a-row>
-        <a-form-item name="userdatal2" ref="userdatal2" :label="$t('label.userdatal2')" v-if="guestType === 'l2'">
+        <a-form-item name="userdatal2" ref="userdatal2" :label="$t('label.user.data')" v-if="guestType === 'l2'">
           <a-switch v-model:checked="form.userdatal2" />
         </a-form-item>
         <a-row :gutter="12">

From a51a04efc2bff6e6842efd3e46e60cd7abb95ab9 Mon Sep 17 00:00:00 2001
From: Nicolas Vazquez <nicovazquez90@gmail.com>
Date: Fri, 25 Jul 2025 04:00:42 -0300
Subject: [PATCH 35/83] [Vmware to KVM Migration] Preserve boot type and boot
 mode of instances to be migrated (#10975)

* [Vmware to KVM Migration] Preserve boot type and boot mode of instances to be migrated

* Restore end of line

* Extract lines to new method

* Address review comments
---
 .../cloudstack/vm/UnmanagedVMsManagerImpl.java       |  8 ++++++++
 ui/src/components/view/InfoCard.vue                  | 12 ++++++++++++
 2 files changed, 20 insertions(+)

diff --git a/server/src/main/java/org/apache/cloudstack/vm/UnmanagedVMsManagerImpl.java b/server/src/main/java/org/apache/cloudstack/vm/UnmanagedVMsManagerImpl.java
index 03c0ad06dc9..4de494bb554 100644
--- a/server/src/main/java/org/apache/cloudstack/vm/UnmanagedVMsManagerImpl.java
+++ b/server/src/main/java/org/apache/cloudstack/vm/UnmanagedVMsManagerImpl.java
@@ -1188,6 +1188,8 @@ public class UnmanagedVMsManagerImpl implements UnmanagedVMsManager {
             allDetails.put(VmDetailConstants.KVM_VNC_PASSWORD, unmanagedInstance.getVncPassword());
         }
 
+        addImportingVMBootTypeAndModeDetails(unmanagedInstance.getBootType(), unmanagedInstance.getBootMode(), allDetails);
+
         VirtualMachine.PowerState powerState = VirtualMachine.PowerState.PowerOff;
         if (unmanagedInstance.getPowerState().equals(UnmanagedInstanceTO.PowerState.PowerOn)) {
             powerState = VirtualMachine.PowerState.PowerOn;
@@ -1259,6 +1261,12 @@ public class UnmanagedVMsManagerImpl implements UnmanagedVMsManager {
         return userVm;
     }
 
+    private void addImportingVMBootTypeAndModeDetails(String bootType, String bootMode, Map<String, String> allDetails) {
+        if (StringUtils.isNotBlank(bootType) && bootType.equalsIgnoreCase("uefi") && StringUtils.isNotBlank(bootMode)) {
+            allDetails.put("UEFI", bootMode);
+        }
+    }
+
     private HashMap<String, UnmanagedInstanceTO> getUnmanagedInstancesForHost(HostVO host, String instanceName, List<String> managedVms) {
         HashMap<String, UnmanagedInstanceTO> unmanagedInstances = new HashMap<>();
         if (host.isInMaintenanceStates()) {
diff --git a/ui/src/components/view/InfoCard.vue b/ui/src/components/view/InfoCard.vue
index 1769d1329bb..fc8f59f71a3 100644
--- a/ui/src/components/view/InfoCard.vue
+++ b/ui/src/components/view/InfoCard.vue
@@ -732,6 +732,18 @@
                 <span v-else>{{ resource.webhookname || resource.webhookid }}</span>
               </div>
             </div>
+            <div class="resource-detail-item" v-if="resource.boottype">
+              <div class="resource-detail-item__label">{{ $t('label.boottype') }}</div>
+              <div class="resource-detail-item__details">
+                <span>{{ resource.boottype }}</span>
+              </div>
+            </div>
+            <div class="resource-detail-item" v-if="resource.bootmode">
+              <div class="resource-detail-item__label">{{ $t('label.bootmode') }}</div>
+              <div class="resource-detail-item__details">
+                <span>{{ resource.bootmode }}</span>
+              </div>
+            </div>
             <div class="resource-detail-item" v-if="resource.managementserverid">
               <div class="resource-detail-item__label">{{ $t('label.management.servers') }}</div>
               <div class="resource-detail-item__details">

From 75a2b3cc54cf6fadda3e137c2cd7f5b8a502803e Mon Sep 17 00:00:00 2001
From: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
Date: Fri, 25 Jul 2025 14:47:14 +0530
Subject: [PATCH 36/83] Validate qcow2 file during import operation (#11264)

---
 .../cloud/agent/api/CheckVolumeAnswer.java    | 15 +++-
 .../agent/api/CopyRemoteVolumeAnswer.java     | 15 +++-
 .../LibvirtCheckVolumeCommandWrapper.java     | 79 +++++++++++++++----
 ...LibvirtCopyRemoteVolumeCommandWrapper.java | 76 +++++++++++++++---
 ...virtGetVolumesOnStorageCommandWrapper.java | 66 ++++++++++------
 .../LibvirtResizeVolumeCommandWrapper.java    | 19 +----
 .../kvm/storage/KVMPhysicalDisk.java          | 33 ++++++++
 .../vm/UnmanagedVMsManagerImpl.java           | 37 ++++++++-
 8 files changed, 265 insertions(+), 75 deletions(-)

diff --git a/core/src/main/java/com/cloud/agent/api/CheckVolumeAnswer.java b/core/src/main/java/com/cloud/agent/api/CheckVolumeAnswer.java
index 5a32ab59a7a..07b7e102df9 100644
--- a/core/src/main/java/com/cloud/agent/api/CheckVolumeAnswer.java
+++ b/core/src/main/java/com/cloud/agent/api/CheckVolumeAnswer.java
@@ -17,22 +17,33 @@
 
 package com.cloud.agent.api;
 
+import org.apache.cloudstack.storage.volume.VolumeOnStorageTO;
+
+import java.util.Map;
+
 public class CheckVolumeAnswer extends Answer {
 
     private long size;
+    private Map<VolumeOnStorageTO.Detail, String> volumeDetails;
 
     CheckVolumeAnswer() {
     }
 
-    public CheckVolumeAnswer(CheckVolumeCommand cmd, String details, long size) {
-        super(cmd, true, details);
+    public CheckVolumeAnswer(CheckVolumeCommand cmd, final boolean success, String details, long size,
+                             Map<VolumeOnStorageTO.Detail, String> volumeDetails) {
+        super(cmd, success, details);
         this.size = size;
+        this.volumeDetails = volumeDetails;
     }
 
     public long getSize() {
         return size;
     }
 
+    public Map<VolumeOnStorageTO.Detail, String> getVolumeDetails() {
+        return volumeDetails;
+    }
+
     public String getString() {
         return "CheckVolumeAnswer [size=" + size + "]";
     }
diff --git a/core/src/main/java/com/cloud/agent/api/CopyRemoteVolumeAnswer.java b/core/src/main/java/com/cloud/agent/api/CopyRemoteVolumeAnswer.java
index e79005be71b..4aec0b26581 100644
--- a/core/src/main/java/com/cloud/agent/api/CopyRemoteVolumeAnswer.java
+++ b/core/src/main/java/com/cloud/agent/api/CopyRemoteVolumeAnswer.java
@@ -17,21 +17,28 @@
 
 package com.cloud.agent.api;
 
+import org.apache.cloudstack.storage.volume.VolumeOnStorageTO;
+
+import java.util.Map;
+
 public class CopyRemoteVolumeAnswer extends Answer {
 
     private String remoteIp;
     private String filename;
 
     private long size;
+    private Map<VolumeOnStorageTO.Detail, String> volumeDetails;
 
     CopyRemoteVolumeAnswer() {
     }
 
-    public CopyRemoteVolumeAnswer(CopyRemoteVolumeCommand cmd, String details, String filename, long size) {
-        super(cmd, true, details);
+    public CopyRemoteVolumeAnswer(CopyRemoteVolumeCommand cmd, final boolean success, String details, String filename, long size,
+                                  Map<VolumeOnStorageTO.Detail, String> volumeDetails) {
+        super(cmd, success, details);
         this.remoteIp = cmd.getRemoteIp();
         this.filename = filename;
         this.size = size;
+        this.volumeDetails = volumeDetails;
     }
 
     public String getRemoteIp() {
@@ -54,6 +61,10 @@ public class CopyRemoteVolumeAnswer extends Answer {
         return size;
     }
 
+    public Map<VolumeOnStorageTO.Detail, String> getVolumeDetails() {
+        return volumeDetails;
+    }
+
     public String getString() {
         return "CopyRemoteVolumeAnswer [remoteIp=" + remoteIp + "]";
     }
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtCheckVolumeCommandWrapper.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtCheckVolumeCommandWrapper.java
index 8b0a5aab461..2caf8da2914 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtCheckVolumeCommandWrapper.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtCheckVolumeCommandWrapper.java
@@ -31,18 +31,25 @@ import com.cloud.resource.CommandWrapper;
 import com.cloud.resource.ResourceWrapper;
 import com.cloud.storage.Storage;
 import com.cloud.utils.exception.CloudRuntimeException;
+import org.apache.cloudstack.storage.volume.VolumeOnStorageTO;
 import org.apache.cloudstack.utils.qemu.QemuImg;
 import org.apache.cloudstack.utils.qemu.QemuImgException;
 import org.apache.cloudstack.utils.qemu.QemuImgFile;
+import org.apache.commons.collections.MapUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.log4j.Logger;
 import org.libvirt.LibvirtException;
 
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 
 @ResourceWrapper(handles = CheckVolumeCommand.class)
 public final class LibvirtCheckVolumeCommandWrapper extends CommandWrapper<CheckVolumeCommand, Answer, LibvirtComputingResource> {
 
     private static final Logger s_logger = Logger.getLogger(LibvirtCheckVolumeCommandWrapper.class);
+    private static final List<Storage.StoragePoolType> STORAGE_POOL_TYPES_SUPPORTED = Arrays.asList(Storage.StoragePoolType.Filesystem, Storage.StoragePoolType.NetworkFilesystem);
 
     @Override
     public Answer execute(final CheckVolumeCommand command, final LibvirtComputingResource libvirtComputingResource) {
@@ -53,34 +60,76 @@ public final class LibvirtCheckVolumeCommandWrapper extends CommandWrapper<Check
         KVMStoragePool pool = poolMgr.getStoragePool(storageFilerTO.getType(), storageFilerTO.getUuid());
 
         try {
-            if (storageFilerTO.getType() == Storage.StoragePoolType.Filesystem ||
-                    storageFilerTO.getType() == Storage.StoragePoolType.NetworkFilesystem) {
+            if (STORAGE_POOL_TYPES_SUPPORTED.contains(storageFilerTO.getType())) {
                 final KVMPhysicalDisk vol = pool.getPhysicalDisk(srcFile);
                 final String path = vol.getPath();
-                long size = getVirtualSizeFromFile(path);
-                return  new CheckVolumeAnswer(command, "", size);
+                try {
+                    KVMPhysicalDisk.checkQcow2File(path);
+                } catch (final CloudRuntimeException e) {
+                    return new CheckVolumeAnswer(command, false, "", 0, getVolumeDetails(pool, vol));
+                }
+
+                long size = KVMPhysicalDisk.getVirtualSizeFromFile(path);
+                return new CheckVolumeAnswer(command, true, "", size, getVolumeDetails(pool, vol));
             } else {
                 return new Answer(command, false, "Unsupported Storage Pool");
             }
-
         } catch (final Exception e) {
-            s_logger.error("Error while locating disk: "+ e.getMessage());
+            s_logger.error("Error while checking the disk: " + e.getMessage());
             return new Answer(command, false, result);
         }
     }
 
-    private long getVirtualSizeFromFile(String path) {
+    private Map<VolumeOnStorageTO.Detail, String> getVolumeDetails(KVMStoragePool pool, KVMPhysicalDisk disk) {
+        Map<String, String> info = getDiskFileInfo(pool, disk, true);
+        if (MapUtils.isEmpty(info)) {
+            return null;
+        }
+
+        Map<VolumeOnStorageTO.Detail, String> volumeDetails = new HashMap<>();
+
+        String backingFilePath = info.get(QemuImg.BACKING_FILE);
+        if (StringUtils.isNotBlank(backingFilePath)) {
+            volumeDetails.put(VolumeOnStorageTO.Detail.BACKING_FILE, backingFilePath);
+        }
+        String backingFileFormat = info.get(QemuImg.BACKING_FILE_FORMAT);
+        if (StringUtils.isNotBlank(backingFileFormat)) {
+            volumeDetails.put(VolumeOnStorageTO.Detail.BACKING_FILE_FORMAT, backingFileFormat);
+        }
+        String clusterSize = info.get(QemuImg.CLUSTER_SIZE);
+        if (StringUtils.isNotBlank(clusterSize)) {
+            volumeDetails.put(VolumeOnStorageTO.Detail.CLUSTER_SIZE, clusterSize);
+        }
+        String fileFormat = info.get(QemuImg.FILE_FORMAT);
+        if (StringUtils.isNotBlank(fileFormat)) {
+            volumeDetails.put(VolumeOnStorageTO.Detail.FILE_FORMAT, fileFormat);
+        }
+        String encrypted = info.get(QemuImg.ENCRYPTED);
+        if (StringUtils.isNotBlank(encrypted) && encrypted.equalsIgnoreCase("yes")) {
+            volumeDetails.put(VolumeOnStorageTO.Detail.IS_ENCRYPTED, String.valueOf(Boolean.TRUE));
+        }
+        Boolean isLocked = isDiskFileLocked(pool, disk);
+        volumeDetails.put(VolumeOnStorageTO.Detail.IS_LOCKED, String.valueOf(isLocked));
+
+        return volumeDetails;
+    }
+
+    private Map<String, String> getDiskFileInfo(KVMStoragePool pool, KVMPhysicalDisk disk, boolean secure) {
+        if (!STORAGE_POOL_TYPES_SUPPORTED.contains(pool.getType())) {
+            return new HashMap<>(); // unknown
+        }
         try {
             QemuImg qemu = new QemuImg(0);
-            QemuImgFile qemuFile = new QemuImgFile(path);
-            Map<String, String> info = qemu.info(qemuFile);
-            if (info.containsKey(QemuImg.VIRTUAL_SIZE)) {
-                return Long.parseLong(info.get(QemuImg.VIRTUAL_SIZE));
-            } else {
-                throw new CloudRuntimeException("Unable to determine virtual size of volume at path " + path);
-            }
+            QemuImgFile qemuFile = new QemuImgFile(disk.getPath(), disk.getFormat());
+            return qemu.info(qemuFile, secure);
         } catch (QemuImgException | LibvirtException ex) {
-            throw new CloudRuntimeException("Error when inspecting volume at path " + path, ex);
+            logger.error("Failed to get info of disk file: " + ex.getMessage());
+            return null;
         }
     }
+
+    private boolean isDiskFileLocked(KVMStoragePool pool, KVMPhysicalDisk disk) {
+        Map<String, String> info = getDiskFileInfo(pool, disk, false);
+        return info == null;
+    }
 }
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtCopyRemoteVolumeCommandWrapper.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtCopyRemoteVolumeCommandWrapper.java
index a5e1716da2e..6edf5cbd906 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtCopyRemoteVolumeCommandWrapper.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtCopyRemoteVolumeCommandWrapper.java
@@ -31,18 +31,25 @@ import com.cloud.resource.CommandWrapper;
 import com.cloud.resource.ResourceWrapper;
 import com.cloud.storage.Storage;
 import com.cloud.utils.exception.CloudRuntimeException;
+import org.apache.cloudstack.storage.volume.VolumeOnStorageTO;
 import org.apache.cloudstack.utils.qemu.QemuImg;
 import org.apache.cloudstack.utils.qemu.QemuImgException;
 import org.apache.cloudstack.utils.qemu.QemuImgFile;
+import org.apache.commons.collections.MapUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.apache.log4j.Logger;
 import org.libvirt.LibvirtException;
 
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 
 @ResourceWrapper(handles = CopyRemoteVolumeCommand.class)
 public final class LibvirtCopyRemoteVolumeCommandWrapper extends CommandWrapper<CopyRemoteVolumeCommand, Answer, LibvirtComputingResource> {
 
     private static final Logger s_logger = Logger.getLogger(LibvirtCopyRemoteVolumeCommandWrapper.class);
+    private static final List<Storage.StoragePoolType> STORAGE_POOL_TYPES_SUPPORTED = Arrays.asList(Storage.StoragePoolType.Filesystem, Storage.StoragePoolType.NetworkFilesystem);
 
     @Override
     public Answer execute(final CopyRemoteVolumeCommand command, final LibvirtComputingResource libvirtComputingResource) {
@@ -58,14 +65,19 @@ public final class LibvirtCopyRemoteVolumeCommandWrapper extends CommandWrapper<
         int timeoutInSecs = command.getWait();
 
         try {
-            if (storageFilerTO.getType() == Storage.StoragePoolType.Filesystem ||
-                    storageFilerTO.getType() == Storage.StoragePoolType.NetworkFilesystem) {
+            if (STORAGE_POOL_TYPES_SUPPORTED.contains(storageFilerTO.getType())) {
                 String filename = libvirtComputingResource.copyVolume(srcIp, username, password, dstPath, srcFile, tmpPath, timeoutInSecs);
                 s_logger.debug("Volume " + srcFile + " copy successful, copied to file: " + filename);
                 final KVMPhysicalDisk vol = pool.getPhysicalDisk(filename);
                 final String path = vol.getPath();
-                long size = getVirtualSizeFromFile(path);
-                return new CopyRemoteVolumeAnswer(command, "", filename, size);
+                try {
+                    KVMPhysicalDisk.checkQcow2File(path);
+                } catch (final CloudRuntimeException e) {
+                    return new CopyRemoteVolumeAnswer(command, false, "", filename, 0, getVolumeDetails(pool, vol));
+                }
+
+                long size = KVMPhysicalDisk.getVirtualSizeFromFile(path);
+                return new CopyRemoteVolumeAnswer(command, true, "", filename, size, getVolumeDetails(pool, vol));
             } else {
                 String msg = "Unsupported storage pool type: " + storageFilerTO.getType().toString() + ", only local and NFS pools are supported";
                 return new Answer(command, false, msg);
@@ -77,18 +89,56 @@ public final class LibvirtCopyRemoteVolumeCommandWrapper extends CommandWrapper<
         }
     }
 
-    private long getVirtualSizeFromFile(String path) {
+    private Map<VolumeOnStorageTO.Detail, String> getVolumeDetails(KVMStoragePool pool, KVMPhysicalDisk disk) {
+        Map<String, String> info = getDiskFileInfo(pool, disk, true);
+        if (MapUtils.isEmpty(info)) {
+            return null;
+        }
+
+        Map<VolumeOnStorageTO.Detail, String> volumeDetails = new HashMap<>();
+
+        String backingFilePath = info.get(QemuImg.BACKING_FILE);
+        if (StringUtils.isNotBlank(backingFilePath)) {
+            volumeDetails.put(VolumeOnStorageTO.Detail.BACKING_FILE, backingFilePath);
+        }
+        String backingFileFormat = info.get(QemuImg.BACKING_FILE_FORMAT);
+        if (StringUtils.isNotBlank(backingFileFormat)) {
+            volumeDetails.put(VolumeOnStorageTO.Detail.BACKING_FILE_FORMAT, backingFileFormat);
+        }
+        String clusterSize = info.get(QemuImg.CLUSTER_SIZE);
+        if (StringUtils.isNotBlank(clusterSize)) {
+            volumeDetails.put(VolumeOnStorageTO.Detail.CLUSTER_SIZE, clusterSize);
+        }
+        String fileFormat = info.get(QemuImg.FILE_FORMAT);
+        if (StringUtils.isNotBlank(fileFormat)) {
+            volumeDetails.put(VolumeOnStorageTO.Detail.FILE_FORMAT, fileFormat);
+        }
+        String encrypted = info.get(QemuImg.ENCRYPTED);
+        if (StringUtils.isNotBlank(encrypted) && encrypted.equalsIgnoreCase("yes")) {
+            volumeDetails.put(VolumeOnStorageTO.Detail.IS_ENCRYPTED, String.valueOf(Boolean.TRUE));
+        }
+        Boolean isLocked = isDiskFileLocked(pool, disk);
+        volumeDetails.put(VolumeOnStorageTO.Detail.IS_LOCKED, String.valueOf(isLocked));
+
+        return volumeDetails;
+    }
+
+    private Map<String, String> getDiskFileInfo(KVMStoragePool pool, KVMPhysicalDisk disk, boolean secure) {
+        if (!STORAGE_POOL_TYPES_SUPPORTED.contains(pool.getType())) {
+            return new HashMap<>(); // unknown
+        }
         try {
             QemuImg qemu = new QemuImg(0);
-            QemuImgFile qemuFile = new QemuImgFile(path);
-            Map<String, String> info = qemu.info(qemuFile);
-            if (info.containsKey(QemuImg.VIRTUAL_SIZE)) {
-                return Long.parseLong(info.get(QemuImg.VIRTUAL_SIZE));
-            } else {
-                throw new CloudRuntimeException("Unable to determine virtual size of volume at path " + path);
-            }
+            QemuImgFile qemuFile = new QemuImgFile(disk.getPath(), disk.getFormat());
+            return qemu.info(qemuFile, secure);
         } catch (QemuImgException | LibvirtException ex) {
-            throw new CloudRuntimeException("Error when inspecting volume at path " + path, ex);
+            logger.error("Failed to get info of disk file: " + ex.getMessage());
+            return null;
         }
     }
+
+    private boolean isDiskFileLocked(KVMStoragePool pool, KVMPhysicalDisk disk) {
+        Map<String, String> info = getDiskFileInfo(pool, disk, false);
+        return info == null;
+    }
 }
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtGetVolumesOnStorageCommandWrapper.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtGetVolumesOnStorageCommandWrapper.java
index 821a80f5cca..6facf169602 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtGetVolumesOnStorageCommandWrapper.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtGetVolumesOnStorageCommandWrapper.java
@@ -36,6 +36,7 @@ import org.apache.cloudstack.utils.qemu.QemuImg;
 import org.apache.cloudstack.utils.qemu.QemuImg.PhysicalDiskFormat;
 import org.apache.cloudstack.utils.qemu.QemuImgException;
 import org.apache.cloudstack.utils.qemu.QemuImgFile;
+import org.apache.commons.collections.MapUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.libvirt.LibvirtException;
 
@@ -91,37 +92,46 @@ public final class LibvirtGetVolumesOnStorageCommandWrapper extends CommandWrapp
             if (disk.getQemuEncryptFormat() != null) {
                 volumeOnStorageTO.setQemuEncryptFormat(disk.getQemuEncryptFormat().toString());
             }
-            String backingFilePath = info.get(QemuImg.BACKING_FILE);
-            if (StringUtils.isNotBlank(backingFilePath)) {
-                volumeOnStorageTO.addDetail(VolumeOnStorageTO.Detail.BACKING_FILE, backingFilePath);
-            }
-            String backingFileFormat = info.get(QemuImg.BACKING_FILE_FORMAT);
-            if (StringUtils.isNotBlank(backingFileFormat)) {
-                volumeOnStorageTO.addDetail(VolumeOnStorageTO.Detail.BACKING_FILE_FORMAT, backingFileFormat);
-            }
-            String clusterSize = info.get(QemuImg.CLUSTER_SIZE);
-            if (StringUtils.isNotBlank(clusterSize)) {
-                volumeOnStorageTO.addDetail(VolumeOnStorageTO.Detail.CLUSTER_SIZE, clusterSize);
-            }
             String fileFormat = info.get(QemuImg.FILE_FORMAT);
-            if (StringUtils.isNotBlank(fileFormat)) {
-                if (!fileFormat.equalsIgnoreCase(disk.getFormat().toString())) {
-                    return new GetVolumesOnStorageAnswer(command, false, String.format("The file format is %s, but expected to be %s", fileFormat, disk.getFormat()));
-                }
-                volumeOnStorageTO.addDetail(VolumeOnStorageTO.Detail.FILE_FORMAT, fileFormat);
+            if (StringUtils.isNotBlank(fileFormat) && !fileFormat.equalsIgnoreCase(disk.getFormat().toString())) {
+                return new GetVolumesOnStorageAnswer(command, false, String.format("The file format is %s, but expected to be %s", fileFormat, disk.getFormat()));
             }
-            String encrypted = info.get(QemuImg.ENCRYPTED);
-            if (StringUtils.isNotBlank(encrypted) && encrypted.equalsIgnoreCase("yes")) {
-                volumeOnStorageTO.addDetail(VolumeOnStorageTO.Detail.IS_ENCRYPTED, String.valueOf(Boolean.TRUE));
-            }
-            Boolean isLocked = isDiskFileLocked(storagePool, disk);
-            volumeOnStorageTO.addDetail(VolumeOnStorageTO.Detail.IS_LOCKED, String.valueOf(isLocked));
+            addDetailsToVolumeOnStorageTO(volumeOnStorageTO, info, storagePool, disk);
 
             volumes.add(volumeOnStorageTO);
         }
         return new GetVolumesOnStorageAnswer(command, volumes);
     }
 
+    private void addDetailsToVolumeOnStorageTO(VolumeOnStorageTO volumeOnStorageTO, final Map<String, String> info, final KVMStoragePool storagePool, final KVMPhysicalDisk disk) {
+        if (MapUtils.isEmpty(info)) {
+            return;
+        }
+
+        String backingFilePath = info.get(QemuImg.BACKING_FILE);
+        if (StringUtils.isNotBlank(backingFilePath)) {
+            volumeOnStorageTO.addDetail(VolumeOnStorageTO.Detail.BACKING_FILE, backingFilePath);
+        }
+        String backingFileFormat = info.get(QemuImg.BACKING_FILE_FORMAT);
+        if (StringUtils.isNotBlank(backingFileFormat)) {
+            volumeOnStorageTO.addDetail(VolumeOnStorageTO.Detail.BACKING_FILE_FORMAT, backingFileFormat);
+        }
+        String clusterSize = info.get(QemuImg.CLUSTER_SIZE);
+        if (StringUtils.isNotBlank(clusterSize)) {
+            volumeOnStorageTO.addDetail(VolumeOnStorageTO.Detail.CLUSTER_SIZE, clusterSize);
+        }
+        String fileFormat = info.get(QemuImg.FILE_FORMAT);
+        if (StringUtils.isNotBlank(fileFormat)) {
+            volumeOnStorageTO.addDetail(VolumeOnStorageTO.Detail.FILE_FORMAT, fileFormat);
+        }
+        String encrypted = info.get(QemuImg.ENCRYPTED);
+        if (StringUtils.isNotBlank(encrypted) && encrypted.equalsIgnoreCase("yes")) {
+            volumeOnStorageTO.addDetail(VolumeOnStorageTO.Detail.IS_ENCRYPTED, String.valueOf(Boolean.TRUE));
+        }
+        Boolean isLocked = isDiskFileLocked(storagePool, disk);
+        volumeOnStorageTO.addDetail(VolumeOnStorageTO.Detail.IS_LOCKED, String.valueOf(isLocked));
+    }
+
     private GetVolumesOnStorageAnswer addAllVolumes(final GetVolumesOnStorageCommand command, final KVMStoragePool storagePool, String keyword) {
         List<VolumeOnStorageTO> volumes = new ArrayList<>();
 
@@ -134,11 +144,21 @@ public final class LibvirtGetVolumesOnStorageCommandWrapper extends CommandWrapp
             if (!isDiskFormatSupported(disk)) {
                 continue;
             }
+            Map<String, String> info = getDiskFileInfo(storagePool, disk, true);
+            if (info == null) {
+                continue;
+            }
             VolumeOnStorageTO volumeOnStorageTO = new VolumeOnStorageTO(Hypervisor.HypervisorType.KVM, disk.getName(), disk.getName(), disk.getPath(),
                     disk.getFormat().toString(), disk.getSize(), disk.getVirtualSize());
             if (disk.getQemuEncryptFormat() != null) {
                 volumeOnStorageTO.setQemuEncryptFormat(disk.getQemuEncryptFormat().toString());
             }
+            String fileFormat = info.get(QemuImg.FILE_FORMAT);
+            if (StringUtils.isNotBlank(fileFormat) && !fileFormat.equalsIgnoreCase(disk.getFormat().toString())) {
+                continue;
+            }
+            addDetailsToVolumeOnStorageTO(volumeOnStorageTO, info, storagePool, disk);
+
             volumes.add(volumeOnStorageTO);
         }
         return new GetVolumesOnStorageAnswer(command, volumes);
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtResizeVolumeCommandWrapper.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtResizeVolumeCommandWrapper.java
index 4f1ad728b5d..aa1a0f41f1b 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtResizeVolumeCommandWrapper.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtResizeVolumeCommandWrapper.java
@@ -25,7 +25,6 @@ import java.io.IOException;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
-import java.util.Map;
 
 import com.cloud.hypervisor.kvm.storage.ScaleIOStorageAdaptor;
 import org.apache.cloudstack.utils.cryptsetup.KeyFile;
@@ -33,7 +32,6 @@ import org.apache.cloudstack.utils.qemu.QemuImageOptions;
 import org.apache.cloudstack.utils.qemu.QemuImg;
 import org.apache.cloudstack.utils.qemu.QemuImg.PhysicalDiskFormat;
 import org.apache.cloudstack.utils.qemu.QemuImgException;
-import org.apache.cloudstack.utils.qemu.QemuImgFile;
 import org.apache.cloudstack.utils.qemu.QemuObject;
 import org.apache.log4j.Logger;
 import org.libvirt.Connect;
@@ -102,7 +100,7 @@ public final class LibvirtResizeVolumeCommandWrapper extends CommandWrapper<Resi
                 newSize = ScaleIOStorageAdaptor.getUsableBytesFromRawBytes(newSize);
             } else if (spool.getType().equals(StoragePoolType.PowerFlex)) {
                 // PowerFlex RAW/LUKS is already resized, we just notify the domain based on new size (considering LUKS overhead)
-                newSize = getVirtualSizeFromFile(path);
+                newSize = KVMPhysicalDisk.getVirtualSizeFromFile(path);
             }
 
             if (pool.getType() != StoragePoolType.RBD && pool.getType() != StoragePoolType.Linstor && pool.getType() != StoragePoolType.PowerFlex) {
@@ -216,21 +214,6 @@ public final class LibvirtResizeVolumeCommandWrapper extends CommandWrapper<Resi
         }
     }
 
-    private long getVirtualSizeFromFile(String path) {
-        try {
-            QemuImg qemu = new QemuImg(0);
-            QemuImgFile qemuFile = new QemuImgFile(path);
-            Map<String, String> info = qemu.info(qemuFile);
-            if (info.containsKey(QemuImg.VIRTUAL_SIZE)) {
-                return Long.parseLong(info.get(QemuImg.VIRTUAL_SIZE));
-            } else {
-                throw new CloudRuntimeException("Unable to determine virtual size of volume at path " + path);
-            }
-        } catch (QemuImgException | LibvirtException ex) {
-            throw new CloudRuntimeException("Error when inspecting volume at path " + path, ex);
-        }
-    }
-
     private Answer handleMultipathSCSIResize(ResizeVolumeCommand command, KVMStoragePool pool) {
         ((MultipathSCSIPool)pool).resize(command.getPath(), command.getInstanceName(), command.getNewSize());
         return new ResizeVolumeAnswer(command, true, "");
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/KVMPhysicalDisk.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/KVMPhysicalDisk.java
index 9d9a6415e27..c43f5101fbe 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/KVMPhysicalDisk.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/KVMPhysicalDisk.java
@@ -16,13 +16,21 @@
 // under the License.
 package com.cloud.hypervisor.kvm.storage;
 
+import com.cloud.utils.exception.CloudRuntimeException;
+import org.apache.cloudstack.storage.formatinspector.Qcow2Inspector;
+import org.apache.cloudstack.utils.imagestore.ImageStoreUtil;
+import org.apache.cloudstack.utils.qemu.QemuImg;
 import org.apache.cloudstack.utils.qemu.QemuImg.PhysicalDiskFormat;
+import org.apache.cloudstack.utils.qemu.QemuImgException;
+import org.apache.cloudstack.utils.qemu.QemuImgFile;
 import org.apache.cloudstack.utils.qemu.QemuObject;
 import org.apache.cloudstack.utils.reflectiontostringbuilderutils.ReflectionToStringBuilderUtils;
 import org.apache.commons.lang3.StringUtils;
+import org.libvirt.LibvirtException;
 
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Map;
 
 public class KVMPhysicalDisk {
     private String path;
@@ -71,6 +79,31 @@ public class KVMPhysicalDisk {
         return hostIp;
     }
 
+    public static long getVirtualSizeFromFile(String path) {
+        try {
+            QemuImg qemu = new QemuImg(0);
+            QemuImgFile qemuFile = new QemuImgFile(path);
+            Map<String, String> info = qemu.info(qemuFile);
+            if (info.containsKey(QemuImg.VIRTUAL_SIZE)) {
+                return Long.parseLong(info.get(QemuImg.VIRTUAL_SIZE));
+            } else {
+                throw new CloudRuntimeException("Unable to determine virtual size of volume at path " + path);
+            }
+        } catch (QemuImgException | LibvirtException ex) {
+            throw new CloudRuntimeException("Error when inspecting volume at path " + path, ex);
+        }
+    }
+
+    public static void checkQcow2File(String path) {
+        if (ImageStoreUtil.isCorrectExtension(path, "qcow2")) {
+            try {
+                Qcow2Inspector.validateQcow2File(path);
+            } catch (RuntimeException e) {
+                throw new CloudRuntimeException("The volume file at path " + path + " is not a valid QCOW2. Error: " + e.getMessage());
+            }
+        }
+    }
+
     private PhysicalDiskFormat format;
     private long size;
     private long virtualSize;
diff --git a/server/src/main/java/org/apache/cloudstack/vm/UnmanagedVMsManagerImpl.java b/server/src/main/java/org/apache/cloudstack/vm/UnmanagedVMsManagerImpl.java
index abb0e6b63c5..df87aff276d 100644
--- a/server/src/main/java/org/apache/cloudstack/vm/UnmanagedVMsManagerImpl.java
+++ b/server/src/main/java/org/apache/cloudstack/vm/UnmanagedVMsManagerImpl.java
@@ -170,6 +170,7 @@ import org.apache.cloudstack.storage.datastore.db.ImageStoreDao;
 import org.apache.cloudstack.storage.datastore.db.ImageStoreVO;
 import org.apache.cloudstack.storage.datastore.db.PrimaryDataStoreDao;
 import org.apache.cloudstack.storage.datastore.db.StoragePoolVO;
+import org.apache.cloudstack.storage.volume.VolumeOnStorageTO;
 import org.apache.cloudstack.utils.volume.VirtualMachineDiskInfo;
 import org.apache.commons.collections.CollectionUtils;
 import org.apache.commons.collections.MapUtils;
@@ -812,7 +813,8 @@ public class UnmanagedVMsManagerImpl implements UnmanagedVMsManager {
             throw new CloudRuntimeException("Error while copying volume of remote instance: " + answer.getDetails());
         }
         CopyRemoteVolumeAnswer copyRemoteVolumeAnswer = (CopyRemoteVolumeAnswer) answer;
-        if(!copyRemoteVolumeAnswer.getResult()) {
+        checkVolume(copyRemoteVolumeAnswer.getVolumeDetails());
+        if (!copyRemoteVolumeAnswer.getResult()) {
             throw new CloudRuntimeException("Unable to copy volume of remote instance");
         }
         diskProfile.setSize(copyRemoteVolumeAnswer.getSize());
@@ -2653,7 +2655,13 @@ public class UnmanagedVMsManagerImpl implements UnmanagedVMsManager {
             throw new CloudRuntimeException("Disk not found or is invalid");
         }
         CheckVolumeAnswer checkVolumeAnswer = (CheckVolumeAnswer) answer;
-        if(!checkVolumeAnswer.getResult()) {
+        try {
+            checkVolume(checkVolumeAnswer.getVolumeDetails());
+        } catch (CloudRuntimeException e) {
+            cleanupFailedImportVM(userVm);
+            throw e;
+        }
+        if (!checkVolumeAnswer.getResult()) {
             cleanupFailedImportVM(userVm);
             throw new CloudRuntimeException("Disk not found or is invalid");
         }
@@ -2679,6 +2687,31 @@ public class UnmanagedVMsManagerImpl implements UnmanagedVMsManager {
         return userVm;
     }
 
+    private void checkVolume(Map<VolumeOnStorageTO.Detail, String> volumeDetails) {
+        if (MapUtils.isEmpty(volumeDetails)) {
+            return;
+        }
+
+        if (volumeDetails.containsKey(VolumeOnStorageTO.Detail.IS_LOCKED)) {
+            String isLocked = volumeDetails.get(VolumeOnStorageTO.Detail.IS_LOCKED);
+            if (Boolean.parseBoolean(isLocked)) {
+                logFailureAndThrowException("Locked volume cannot be imported or unmanaged.");
+            }
+        }
+        if (volumeDetails.containsKey(VolumeOnStorageTO.Detail.IS_ENCRYPTED)) {
+            String isEncrypted = volumeDetails.get(VolumeOnStorageTO.Detail.IS_ENCRYPTED);
+            if (Boolean.parseBoolean(isEncrypted)) {
+                logFailureAndThrowException("Encrypted volume cannot be imported or unmanaged.");
+            }
+        }
+        if (volumeDetails.containsKey(VolumeOnStorageTO.Detail.BACKING_FILE)) {
+            String backingFile = volumeDetails.get(VolumeOnStorageTO.Detail.BACKING_FILE);
+            if (StringUtils.isNotBlank(backingFile)) {
+                logFailureAndThrowException("Volume with backing file cannot be imported or unmanaged.");
+            }
+        }
+    }
+
     private NetworkVO getDefaultNetwork(DataCenter zone, Account owner, boolean selectAny) throws InsufficientCapacityException, ResourceAllocationException {
         NetworkVO defaultNetwork = null;
 

From a4263da8aea93fd12ead37c61489b9e529c0cdbc Mon Sep 17 00:00:00 2001
From: ghernadi <gabor.hernadi@linbit.com>
Date: Fri, 25 Jul 2025 13:51:11 +0200
Subject: [PATCH 37/83] linstor: Use template's uuid if pool's downloadPath is
 null as resource-name (#11053)

Also added an integration test for templates from snapshots
---
 plugins/storage/volume/linstor/CHANGELOG.md   |  6 ++
 .../kvm/storage/LinstorStorageAdaptor.java    |  2 +-
 .../LinstorPrimaryDataStoreDriverImpl.java    | 12 ++-
 .../plugins/linstor/test_linstor_volumes.py   | 73 +++++++++++++++++--
 4 files changed, 86 insertions(+), 7 deletions(-)

diff --git a/plugins/storage/volume/linstor/CHANGELOG.md b/plugins/storage/volume/linstor/CHANGELOG.md
index 2abda3ebc50..a96b7c75b2b 100644
--- a/plugins/storage/volume/linstor/CHANGELOG.md
+++ b/plugins/storage/volume/linstor/CHANGELOG.md
@@ -5,6 +5,12 @@ All notable changes to Linstor CloudStack plugin will be documented in this file
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2025-07-01]
+
+### Fixed
+
+- Regression in 4.19.3 and 4.21.0 with templates from snapshots
+
 ## [2025-05-07]
 
 ### Added
diff --git a/plugins/storage/volume/linstor/src/main/java/com/cloud/hypervisor/kvm/storage/LinstorStorageAdaptor.java b/plugins/storage/volume/linstor/src/main/java/com/cloud/hypervisor/kvm/storage/LinstorStorageAdaptor.java
index 9de2479b20b..4210008f1c0 100644
--- a/plugins/storage/volume/linstor/src/main/java/com/cloud/hypervisor/kvm/storage/LinstorStorageAdaptor.java
+++ b/plugins/storage/volume/linstor/src/main/java/com/cloud/hypervisor/kvm/storage/LinstorStorageAdaptor.java
@@ -619,7 +619,7 @@ public class LinstorStorageAdaptor implements StorageAdaptor {
             try {
                 templateProps.load(new FileInputStream(propFile.toFile()));
                 String desc = templateProps.getProperty("description");
-                if (desc.startsWith("SystemVM Template")) {
+                if (desc != null && desc.startsWith("SystemVM Template")) {
                     return true;
                 }
             } catch (IOException e) {
diff --git a/plugins/storage/volume/linstor/src/main/java/org/apache/cloudstack/storage/datastore/driver/LinstorPrimaryDataStoreDriverImpl.java b/plugins/storage/volume/linstor/src/main/java/org/apache/cloudstack/storage/datastore/driver/LinstorPrimaryDataStoreDriverImpl.java
index 3b384831518..71e1b528506 100644
--- a/plugins/storage/volume/linstor/src/main/java/org/apache/cloudstack/storage/datastore/driver/LinstorPrimaryDataStoreDriverImpl.java
+++ b/plugins/storage/volume/linstor/src/main/java/org/apache/cloudstack/storage/datastore/driver/LinstorPrimaryDataStoreDriverImpl.java
@@ -74,12 +74,14 @@ import com.cloud.storage.StorageManager;
 import com.cloud.storage.StoragePool;
 import com.cloud.storage.VMTemplateStoragePoolVO;
 import com.cloud.storage.VMTemplateStorageResourceAssoc;
+import com.cloud.storage.VMTemplateVO;
 import com.cloud.storage.Volume;
 import com.cloud.storage.VolumeDetailVO;
 import com.cloud.storage.VolumeVO;
 import com.cloud.storage.dao.SnapshotDao;
 import com.cloud.storage.dao.SnapshotDetailsDao;
 import com.cloud.storage.dao.SnapshotDetailsVO;
+import com.cloud.storage.dao.VMTemplateDao;
 import com.cloud.storage.dao.VMTemplatePoolDao;
 import com.cloud.storage.dao.VolumeDao;
 import com.cloud.storage.dao.VolumeDetailsDao;
@@ -131,6 +133,7 @@ public class LinstorPrimaryDataStoreDriverImpl implements PrimaryDataStoreDriver
     ConfigurationDao _configDao;
     @Inject
     private HostDao _hostDao;
+    @Inject private VMTemplateDao _vmTemplateDao;
 
     private long volumeStatsLastUpdate = 0L;
     private final Map<String, Pair<Long, Long>> volumeStats = new HashMap<>();
@@ -668,8 +671,15 @@ public class LinstorPrimaryDataStoreDriverImpl implements PrimaryDataStoreDriver
             storagePoolVO.getId(), csCloneId, null);
 
         if (tmplPoolRef != null) {
-            final String templateRscName = LinstorUtil.RSC_PREFIX + tmplPoolRef.getLocalDownloadPath();
+            final String templateRscName;
+            if (tmplPoolRef.getLocalDownloadPath() == null) {
+                VMTemplateVO vmTemplateVO = _vmTemplateDao.findById(tmplPoolRef.getTemplateId());
+                templateRscName = LinstorUtil.RSC_PREFIX + vmTemplateVO.getUuid();
+            } else {
+                templateRscName = LinstorUtil.RSC_PREFIX + tmplPoolRef.getLocalDownloadPath();
+            }
             final String rscName = LinstorUtil.RSC_PREFIX + volumeInfo.getUuid();
+
             final DevelopersApi linstorApi = LinstorUtil.getLinstorAPI(storagePoolVO.getHostAddress());
 
             try {
diff --git a/test/integration/plugins/linstor/test_linstor_volumes.py b/test/integration/plugins/linstor/test_linstor_volumes.py
index a2c7978d801..e0ba15a0499 100644
--- a/test/integration/plugins/linstor/test_linstor_volumes.py
+++ b/test/integration/plugins/linstor/test_linstor_volumes.py
@@ -953,9 +953,72 @@ class TestLinstorVolumes(cloudstackTestCase):
 
         snapshot.delete(self.apiClient)
 
+    @attr(tags=['basic'], required_hardware=False)
+    def test_10_create_template_from_snapshot(self):
+        """
+        Create a template from a snapshot and start an instance from it
+        """
+        self.virtual_machine.stop(self.apiClient)
+
+        volume = list_volumes(
+            self.apiClient,
+            virtualmachineid = self.virtual_machine.id,
+            type = "ROOT",
+            listall = True,
+        )
+        snapshot = Snapshot.create(
+            self.apiClient,
+            volume_id=volume[0].id,
+            account=self.account.name,
+            domainid=self.domain.id,
+        )
+        self.cleanup.append(snapshot)
+
+        self.assertIsNotNone(snapshot, "Could not create snapshot")
+
+        services = {
+            "displaytext": "IntegrationTestTemplate",
+            "name": "int-test-template",
+            "ostypeid": self.template.ostypeid,
+            "ispublic": "true"
+        }
+
+        custom_template = Template.create_from_snapshot(
+            self.apiClient,
+            snapshot,
+            services,
+        )
+        self.cleanup.append(custom_template)
+
+        # create VM from custom template
+        test_virtual_machine = VirtualMachine.create(
+            self.apiClient,
+            self.testdata[TestData.virtualMachine2],
+            accountid=self.account.name,
+            zoneid=self.zone.id,
+            serviceofferingid=self.compute_offering.id,
+            templateid=custom_template.id,
+            domainid=self.domain.id,
+            startvm=False,
+            mode='basic',
+        )
+        self.cleanup.append(test_virtual_machine)
+
+        TestLinstorVolumes._start_vm(test_virtual_machine)
+
+        test_virtual_machine.stop(self.apiClient)
+
+        test_virtual_machine.delete(self.apiClient, True)
+        self.cleanup.remove(test_virtual_machine)
+
+        custom_template.delete(self.apiClient)
+        self.cleanup.remove(custom_template)
+        snapshot.delete(self.apiClient)
+        self.cleanup.remove(snapshot)
+
 
     @attr(tags=['advanced', 'migration'], required_hardware=False)
-    def test_10_migrate_volume_to_same_instance_pool(self):
+    def test_11_migrate_volume_to_same_instance_pool(self):
         """Migrate volume to the same instance pool"""
 
         if not self.testdata[TestData.migrationTests]:
@@ -1088,7 +1151,7 @@ class TestLinstorVolumes(cloudstackTestCase):
         test_virtual_machine.delete(self.apiClient, True)
 
     @attr(tags=['advanced', 'migration'], required_hardware=False)
-    def test_11_migrate_volume_to_distinct_instance_pool(self):
+    def test_12_migrate_volume_to_distinct_instance_pool(self):
         """Migrate volume to distinct instance pool"""
 
         if not self.testdata[TestData.migrationTests]:
@@ -1221,7 +1284,7 @@ class TestLinstorVolumes(cloudstackTestCase):
         test_virtual_machine.delete(self.apiClient, True)
 
     @attr(tags=["basic"], required_hardware=False)
-    def test_12_create_vm_snapshots(self):
+    def test_13_create_vm_snapshots(self):
         """Test to create VM snapshots
         """
         vm = TestLinstorVolumes._start_vm(self.virtual_machine)
@@ -1251,7 +1314,7 @@ class TestLinstorVolumes(cloudstackTestCase):
         )
 
     @attr(tags=["basic"], required_hardware=False)
-    def test_13_revert_vm_snapshots(self):
+    def test_14_revert_vm_snapshots(self):
         """Test to revert VM snapshots
         """
 
@@ -1313,7 +1376,7 @@ class TestLinstorVolumes(cloudstackTestCase):
         )
 
     @attr(tags=["basic"], required_hardware=False)
-    def test_14_delete_vm_snapshots(self):
+    def test_15_delete_vm_snapshots(self):
         """Test to delete vm snapshots
         """
 

From 890386e9499f0e8582cb0af15db66ab709731457 Mon Sep 17 00:00:00 2001
From: Pearl Dsilva <pearl1594@gmail.com>
Date: Fri, 25 Jul 2025 09:21:06 -0400
Subject: [PATCH 38/83] Allow custom NTP servers for CPVM (#11210)

---
 .../api/src/main/java/com/cloud/vm/VirtualMachineGuru.java  | 4 ++++
 .../com/cloud/consoleproxy/ConsoleProxyManagerImpl.java     | 6 +++++-
 .../secondarystorage/SecondaryStorageManagerImpl.java       | 5 +----
 systemvm/debian/opt/cloud/bin/setup/common.sh               | 6 +++---
 systemvm/debian/opt/cloud/bin/setup/consoleproxy.sh         | 4 ++++
 systemvm/debian/opt/cloud/bin/setup/secstorage.sh           | 1 +
 6 files changed, 18 insertions(+), 8 deletions(-)

diff --git a/engine/api/src/main/java/com/cloud/vm/VirtualMachineGuru.java b/engine/api/src/main/java/com/cloud/vm/VirtualMachineGuru.java
index f8032bf4b0e..76f0830f369 100644
--- a/engine/api/src/main/java/com/cloud/vm/VirtualMachineGuru.java
+++ b/engine/api/src/main/java/com/cloud/vm/VirtualMachineGuru.java
@@ -24,6 +24,7 @@ import com.cloud.utils.PasswordGenerator;
 import com.cloud.utils.exception.CloudRuntimeException;
 import org.apache.cloudstack.ca.CAManager;
 import org.apache.cloudstack.framework.ca.Certificate;
+import org.apache.cloudstack.framework.config.ConfigKey;
 import org.apache.cloudstack.utils.security.CertUtils;
 import org.apache.cloudstack.utils.security.KeyStoreUtils;
 
@@ -37,6 +38,9 @@ import java.util.Base64;
  */
 public interface VirtualMachineGuru {
 
+    static final ConfigKey<String> NTPServerConfig = new ConfigKey<String>(String.class, "ntp.server.list", "Advanced", null,
+            "Comma separated list of NTP servers to configure in System VMs", true, ConfigKey.Scope.Global, null, null, null, null, null, ConfigKey.Kind.CSV, null);
+
     boolean finalizeVirtualMachineProfile(VirtualMachineProfile profile, DeployDestination dest, ReservationContext context);
 
     /**
diff --git a/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java b/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
index 5baed2643c9..22cfe785edf 100644
--- a/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
+++ b/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
@@ -1276,6 +1276,10 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
             buf.append(" vmpassword=").append(configurationDao.getValue("system.vm.password"));
         }
 
+        if (StringUtils.isNotEmpty(NTPServerConfig.value())) {
+            buf.append(" ntpserverlist=").append(NTPServerConfig.value().replaceAll("\\s+",""));
+        }
+
         for (NicProfile nic : profile.getNics()) {
             int deviceId = nic.getDeviceId();
             if (nic.getIPv4Address() == null) {
@@ -1506,7 +1510,7 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
     public Long[] getScannablePools() {
         List<Long> zoneIds = dataCenterDao.listEnabledNonEdgeZoneIds();
         if (logger.isDebugEnabled()) {
-            logger.debug(String.format("Enabled non-edge zones available for scan: %s", org.apache.commons.lang3.StringUtils.join(zoneIds, ",")));
+            logger.debug(String.format("Enabled non-edge zones available for scan: %s", StringUtils.join(zoneIds, ",")));
         }
         return zoneIds.toArray(Long[]::new);
     }
diff --git a/services/secondary-storage/controller/src/main/java/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java b/services/secondary-storage/controller/src/main/java/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
index 25d43388b65..1c732de6a55 100644
--- a/services/secondary-storage/controller/src/main/java/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
+++ b/services/secondary-storage/controller/src/main/java/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
@@ -268,9 +268,6 @@ public class SecondaryStorageManagerImpl extends ManagerBase implements Secondar
 
     private final GlobalLock _allocLock = GlobalLock.getInternLock(getAllocLockName());
 
-    static final ConfigKey<String> NTPServerConfig = new ConfigKey<String>(String.class, "ntp.server.list", "Advanced", null,
-            "Comma separated list of NTP servers to configure in Secondary storage VM", true, ConfigKey.Scope.Global, null, null, null, null, null, ConfigKey.Kind.CSV, null);
-
     static final ConfigKey<Integer> MaxNumberOfSsvmsForMigration = new ConfigKey<Integer>("Advanced", Integer.class, "max.ssvm.count", "5",
             "Number of additional SSVMs to handle migration of data objects concurrently", true, ConfigKey.Scope.Global);
 
@@ -1178,7 +1175,7 @@ public class SecondaryStorageManagerImpl extends ManagerBase implements Secondar
             buf.append(" vmpassword=").append(_configDao.getValue("system.vm.password"));
         }
 
-        if (NTPServerConfig.value() != null) {
+        if (StringUtils.isNotEmpty(NTPServerConfig.value())) {
             buf.append(" ntpserverlist=").append(NTPServerConfig.value().replaceAll("\\s+",""));
         }
 
diff --git a/systemvm/debian/opt/cloud/bin/setup/common.sh b/systemvm/debian/opt/cloud/bin/setup/common.sh
index 5156d77a6a6..85b78ee16ae 100755
--- a/systemvm/debian/opt/cloud/bin/setup/common.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/common.sh
@@ -683,7 +683,7 @@ getPublicIp() {
 
 setup_ntp() {
     log_it "Setting up NTP"
-    NTP_CONF_FILE="/etc/ntp.conf"
+    NTP_CONF_FILE="/etc/ntpsec/ntp.conf"
     if [ -f $NTP_CONF_FILE ]
     then
         IFS=',' read -a server_list <<< "$NTP_SERVER_LIST"
@@ -692,9 +692,9 @@ setup_ntp() {
         do
             server=$(echo ${server_list[iterator]} | tr -d '\r')
             PATTERN="server $server"
-            sed -i "0,/^#server/s//$PATTERN\n#server/" $NTP_CONF_FILE
+            sed -i "0,/^# server/s//$PATTERN\n# server/" $NTP_CONF_FILE
         done
-        systemctl enable ntp
+        systemctl enable --now --no-block ntp
     else
         log_it "NTP configuration file not found"
     fi
diff --git a/systemvm/debian/opt/cloud/bin/setup/consoleproxy.sh b/systemvm/debian/opt/cloud/bin/setup/consoleproxy.sh
index 596ad50ab50..d35ac260712 100755
--- a/systemvm/debian/opt/cloud/bin/setup/consoleproxy.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/consoleproxy.sh
@@ -40,6 +40,10 @@ setup_console_proxy() {
   disable_rpfilter
   enable_fwding 0
   enable_irqbalance 0
+  if [[ -n "$NTP_SERVER_LIST" ]]; then
+    setup_ntp
+    systemctl restart ntp
+  fi
   rm -f /etc/logrotate.d/cloud
 
 }
diff --git a/systemvm/debian/opt/cloud/bin/setup/secstorage.sh b/systemvm/debian/opt/cloud/bin/setup/secstorage.sh
index c60f70c3cef..b8ed7b54311 100755
--- a/systemvm/debian/opt/cloud/bin/setup/secstorage.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/secstorage.sh
@@ -82,6 +82,7 @@ HTTP
   enable_fwding 0
   enable_irqbalance 0
   setup_ntp
+  systemctl restart ntp
 
   rm -f /etc/logrotate.d/cloud
 }

From ed6ee6b704ff84eb0efcec92fbcec518a90d30d0 Mon Sep 17 00:00:00 2001
From: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
Date: Fri, 25 Jul 2025 19:31:43 +0530
Subject: [PATCH 39/83] Mark LDAP user query timeout as incorrect login instead
 of disabling user immediately (#11220)

* Mark LDAP user query timeout as incorrect login instead of disabling user immediately

* code improvements
---
 .../api/command/LdapListUsersCmd.java         |  5 +-
 .../cloudstack/ldap/LdapAuthenticator.java    | 58 ++++++++++++-------
 .../cloudstack/ldap/LdapManagerImpl.java      | 22 +++----
 3 files changed, 50 insertions(+), 35 deletions(-)

diff --git a/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/command/LdapListUsersCmd.java b/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/command/LdapListUsersCmd.java
index e5d434d3810..6bfc70ea139 100644
--- a/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/command/LdapListUsersCmd.java
+++ b/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/api/command/LdapListUsersCmd.java
@@ -140,10 +140,11 @@ public class LdapListUsersCmd extends BaseListCmd {
         try {
             final List<LdapUser> users = _ldapManager.getUsers(domainId);
             ldapResponses = createLdapUserResponse(users);
-//            now filter and annotate
+            // now filter and annotate
             ldapResponses = applyUserFilter(ldapResponses);
         } catch (final NoLdapUserMatchingQueryException ex) {
-            // ok, we'll make do with the empty list ldapResponses = new ArrayList<LdapUserResponse>();
+            logger.debug(ex.getMessage());
+            // ok, we'll make do with the empty list
         } finally {
             response.setResponses(ldapResponses);
             response.setResponseName(getCommandName());
diff --git a/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapAuthenticator.java b/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapAuthenticator.java
index b8509881594..36c663566cb 100644
--- a/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapAuthenticator.java
+++ b/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapAuthenticator.java
@@ -45,6 +45,8 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
     @Inject
     private AccountManager _accountManager;
 
+    private static final String LDAP_READ_TIMED_OUT_MESSAGE = "LDAP response read timed out";
+
     public LdapAuthenticator() {
         super();
     }
@@ -74,8 +76,8 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
                     return rc;
                 }
                 List<LdapTrustMapVO> ldapTrustMapVOs = getLdapTrustMapVOS(domainId);
-                if(ldapTrustMapVOs != null && ldapTrustMapVOs.size() > 0) {
-                    if(ldapTrustMapVOs.size() == 1 && ldapTrustMapVOs.get(0).getAccountId() == 0) {
+                if (ldapTrustMapVOs != null && ldapTrustMapVOs.size() > 0) {
+                    if (ldapTrustMapVOs.size() == 1 && ldapTrustMapVOs.get(0).getAccountId() == 0) {
                         if (logger.isTraceEnabled()) {
                             logger.trace("We have a single mapping of a domain to an ldap group or ou");
                         }
@@ -125,11 +127,11 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
             mappedGroups.retainAll(memberships);
             tracelist("actual groups for " + username, mappedGroups);
             // check membership, there must be only one match in this domain
-            if(ldapUser.isDisabled()) {
+            if (ldapUser.isDisabled()) {
                 logAndDisable(userAccount, "attempt to log on using disabled ldap user " + userAccount.getUsername(), false);
-            } else if(mappedGroups.size() > 1) {
+            } else if (mappedGroups.size() > 1) {
                 logAndDisable(userAccount, "user '" + username + "' is mapped to more then one account in domain and will be disabled.", false);
-            } else if(mappedGroups.size() < 1) {
+            } else if (mappedGroups.size() < 1) {
                 logAndDisable(userAccount, "user '" + username + "' is not mapped to an account in domain and will be removed.", true);
             } else {
                 // a valid ldap configured user exists
@@ -137,12 +139,12 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
                 // we could now assert that ldapTrustMapVOs.contains(mapping);
                 // createUser in Account can only be done by account name not by account id;
                 Account account = _accountManager.getAccount(mapping.getAccountId());
-                if(null == account) {
+                if (null == account) {
                     throw new CloudRuntimeException(String.format("account for user (%s) not found by id %d", username, mapping.getAccountId()));
                 }
                 String accountName = account.getAccountName();
                 rc.first(_ldapManager.canAuthenticate(ldapUser.getPrincipal(), password, domainId));
-                if (! rc.first()) {
+                if (!rc.first()) {
                     rc.second(ActionOnFailedAuthentication.INCREMENT_INCORRECT_LOGIN_ATTEMPT_COUNT);
                 }
                 // for security reasons we keep processing on faulty login attempt to not give a way information on userid existence
@@ -162,7 +164,7 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
                     userAccount = _accountManager.getUserAccountById(user.getId());
                 } else {
                     // not a new user, check if mapped group has changed
-                    if(userAccount.getAccountId() != mapping.getAccountId()) {
+                    if (userAccount.getAccountId() != mapping.getAccountId()) {
                         final Account mappedAccount = _accountManager.getAccount(mapping.getAccountId());
                         if (mappedAccount == null || mappedAccount.getRemoved() != null) {
                             throw new CloudRuntimeException("Mapped account for users does not exist. Please contact your administrator.");
@@ -174,12 +176,21 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
             }
         } catch (NoLdapUserMatchingQueryException e) {
             logger.debug(e.getMessage());
-            disableUserInCloudStack(userAccount);
+            processLdapUserErrorMessage(userAccount, e.getMessage(), rc);
         }
 
         return rc;
     }
 
+    private void processLdapUserErrorMessage(UserAccount user, String errorMessage, Pair<Boolean, ActionOnFailedAuthentication> rc) {
+        if (StringUtils.isNotEmpty(errorMessage) && errorMessage.contains(LDAP_READ_TIMED_OUT_MESSAGE) && !rc.first()) {
+            rc.second(ActionOnFailedAuthentication.INCREMENT_INCORRECT_LOGIN_ATTEMPT_COUNT);
+        } else {
+            // no user in ldap ==>> disable user in cloudstack
+            disableUserInCloudStack(user);
+        }
+    }
+
     private void tracelist(String msg, List<String> listToTrace) {
         if (logger.isTraceEnabled()) {
             StringBuilder logMsg = new StringBuilder();
@@ -197,7 +208,7 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
         if (logger.isInfoEnabled()) {
             logger.info(msg);
         }
-        if(remove) {
+        if (remove) {
             removeUserInCloudStack(userAccount);
         } else {
             disableUserInCloudStack(userAccount);
@@ -229,23 +240,22 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
             processLdapUser(password, domainId, user, rc, ldapUser, accountType);
         } catch (NoLdapUserMatchingQueryException e) {
             logger.debug(e.getMessage());
-            // no user in ldap ==>> disable user in cloudstack
-            disableUserInCloudStack(user);
+            processLdapUserErrorMessage(user, e.getMessage(), rc);
         }
         return rc;
     }
 
     private void processLdapUser(String password, Long domainId, UserAccount user, Pair<Boolean, ActionOnFailedAuthentication> rc, LdapUser ldapUser, Account.Type accountType) {
-        if(!ldapUser.isDisabled()) {
+        if (!ldapUser.isDisabled()) {
             rc.first(_ldapManager.canAuthenticate(ldapUser.getPrincipal(), password, domainId));
-            if(rc.first()) {
-                if(user == null) {
+            if (rc.first()) {
+                if (user == null) {
                     // import user to cloudstack
                     createCloudStackUserAccount(ldapUser, domainId, accountType);
                 } else {
                     enableUserInCloudStack(user);
                 }
-            } else if(user != null) {
+            } else if (user != null) {
                 rc.second(ActionOnFailedAuthentication.INCREMENT_INCORRECT_LOGIN_ATTEMPT_COUNT);
             }
         } else {
@@ -264,30 +274,34 @@ public class LdapAuthenticator extends AdapterBase implements UserAuthenticator
      */
     Pair<Boolean, ActionOnFailedAuthentication> authenticate(String username, String password, Long domainId, UserAccount user) {
         boolean result = false;
+        boolean timedOut = false;
 
-        if(user != null ) {
+        if (user != null ) {
             try {
                 LdapUser ldapUser = _ldapManager.getUser(username, domainId);
-                if(!ldapUser.isDisabled()) {
+                if (!ldapUser.isDisabled()) {
                     result = _ldapManager.canAuthenticate(ldapUser.getPrincipal(), password, domainId);
                 } else {
                     logger.debug("user with principal "+ ldapUser.getPrincipal() + " is disabled in ldap");
                 }
             } catch (NoLdapUserMatchingQueryException e) {
                 logger.debug(e.getMessage());
+                if (e.getMessage().contains(LDAP_READ_TIMED_OUT_MESSAGE)) {
+                    timedOut = true;
+                }
             }
         }
-        return processResultAndAction(user, result);
+        return processResultAndAction(user, result, timedOut);
     }
 
-    private Pair<Boolean, ActionOnFailedAuthentication> processResultAndAction(UserAccount user, boolean result) {
-        return (!result && user != null) ?
+    private Pair<Boolean, ActionOnFailedAuthentication> processResultAndAction(UserAccount user, boolean result, boolean timedOut) {
+        return (!result && (user != null || timedOut)) ?
                 new Pair<Boolean, ActionOnFailedAuthentication>(result, ActionOnFailedAuthentication.INCREMENT_INCORRECT_LOGIN_ATTEMPT_COUNT):
                 new Pair<Boolean, ActionOnFailedAuthentication>(result, null);
     }
 
     private void enableUserInCloudStack(UserAccount user) {
-        if(user != null && (user.getState().equalsIgnoreCase(Account.State.DISABLED.toString()))) {
+        if (user != null && (user.getState().equalsIgnoreCase(Account.State.DISABLED.toString()))) {
             _accountManager.enableUser(user.getId());
         }
     }
diff --git a/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapManagerImpl.java b/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapManagerImpl.java
index 2394c0b3d1e..05b8578bb42 100644
--- a/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapManagerImpl.java
+++ b/plugins/user-authenticators/ldap/src/main/java/org/apache/cloudstack/ldap/LdapManagerImpl.java
@@ -166,7 +166,7 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
 
     private LdapConfigurationResponse addConfigurationInternal(final String hostname, int port, final Long domainId) throws InvalidParameterValueException {
         // TODO evaluate what the right default should be
-        if(port <= 0) {
+        if (port <= 0) {
             port = 389;
         }
 
@@ -210,7 +210,7 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
             // TODO return the right account for this user
             final LdapContext context = _ldapContextFactory.createUserContext(principal, password, domainId);
             closeContext(context);
-            if(logger.isTraceEnabled()) {
+            if (logger.isTraceEnabled()) {
                 logger.trace(String.format("User(%s) authenticated for domain(%s)", principal, domainId));
             }
             return true;
@@ -234,7 +234,7 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
     @Override
     public LdapConfigurationResponse createLdapConfigurationResponse(final LdapConfigurationVO configuration) {
         String domainUuid = null;
-        if(configuration.getDomainId() != null) {
+        if (configuration.getDomainId() != null) {
             DomainVO domain = domainDao.findById(configuration.getDomainId());
             if (domain != null) {
                 domainUuid = domain.getUuid();
@@ -303,8 +303,8 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
             return _ldapUserManagerFactory.getInstance(_ldapConfiguration.getLdapProvider(null)).getUser(escapedUsername, context, domainId);
 
         } catch (NamingException | IOException e) {
-            logger.debug("ldap Exception: ",e);
-            throw new NoLdapUserMatchingQueryException("No Ldap User found for username: "+username);
+            logger.debug("LDAP Exception: ", e);
+            throw new NoLdapUserMatchingQueryException("Unable to find LDAP User for username: " + username + ", due to " + e.getMessage());
         } finally {
             closeContext(context);
         }
@@ -324,8 +324,8 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
             LdapUserManager userManagerFactory = _ldapUserManagerFactory.getInstance(ldapProvider);
             return userManagerFactory.getUser(escapedUsername, type, name, context, domainId);
         } catch (NamingException | IOException e) {
-            logger.debug("ldap Exception: ",e);
-            throw new NoLdapUserMatchingQueryException("No Ldap User found for username: "+username + " in group: " + name + " of type: " + type);
+            logger.debug("LDAP Exception: ", e);
+            throw new NoLdapUserMatchingQueryException("Unable to find LDAP User for username: " + username + " in group: " + name + " of type: " + type + ", due to " + e.getMessage());
         } finally {
             closeContext(context);
         }
@@ -338,7 +338,7 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
             context = _ldapContextFactory.createBindContext(domainId);
             return _ldapUserManagerFactory.getInstance(_ldapConfiguration.getLdapProvider(domainId)).getUsers(context, domainId);
         } catch (NamingException | IOException e) {
-            logger.debug("ldap Exception: ",e);
+            logger.debug("LDAP Exception: ", e);
             throw new NoLdapUserMatchingQueryException("*");
         } finally {
             closeContext(context);
@@ -352,7 +352,7 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
             context = _ldapContextFactory.createBindContext(domainId);
             return _ldapUserManagerFactory.getInstance(_ldapConfiguration.getLdapProvider(domainId)).getUsersInGroup(groupName, context, domainId);
         } catch (NamingException | IOException e) {
-            logger.debug("ldap NamingException: ",e);
+            logger.debug("LDAP Exception: ", e);
             throw new NoLdapUserMatchingQueryException("groupName=" + groupName);
         } finally {
             closeContext(context);
@@ -390,7 +390,7 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
             final String escapedUsername = LdapUtils.escapeLDAPSearchFilter(username);
             return _ldapUserManagerFactory.getInstance(_ldapConfiguration.getLdapProvider(null)).getUsers("*" + escapedUsername + "*", context, null);
         } catch (NamingException | IOException e) {
-            logger.debug("ldap Exception: ",e);
+            logger.debug("LDAP Exception: ",e);
             throw new NoLdapUserMatchingQueryException(username);
         } finally {
             closeContext(context);
@@ -481,7 +481,7 @@ public class LdapManagerImpl extends ComponentLifecycleBase implements LdapManag
     private void clearOldAccountMapping(LinkAccountToLdapCmd cmd) {
         //        first find if exists log warning and update
         LdapTrustMapVO oldVo = _ldapTrustMapDao.findGroupInDomain(cmd.getDomainId(), cmd.getLdapDomain());
-        if(oldVo != null) {
+        if (oldVo != null) {
             // deal with edge cases, i.e. check if the old account is indeed deleted etc.
             if (oldVo.getAccountId() != 0l) {
                 AccountVO oldAcount = accountDao.findByIdIncludingRemoved(oldVo.getAccountId());

From 40035f54d0fc7e33b8a19932b63751f97e5ab7ae Mon Sep 17 00:00:00 2001
From: Nicolas Vazquez <nicovazquez90@gmail.com>
Date: Sat, 26 Jul 2025 04:06:47 -0300
Subject: [PATCH 40/83] [UI] Add dedicated account field dropdown on zone
 creation (#11195)

---
 ui/public/locales/en.json                     |  1 +
 .../infra/zone/ZoneWizardZoneDetailsStep.vue  | 32 +++++++++++++++++--
 2 files changed, 30 insertions(+), 3 deletions(-)

diff --git a/ui/public/locales/en.json b/ui/public/locales/en.json
index c36b96cc961..79ea9bb9d8f 100644
--- a/ui/public/locales/en.json
+++ b/ui/public/locales/en.json
@@ -3168,6 +3168,7 @@
 "message.error.sbdomain.username": "Please enter SMB domain username.",
 "message.error.secret.key": "Please enter secret key.",
 "message.error.select": "Please select option.",
+"message.error.select.account.to.dedicate": "Please select an account to dedicate to.",
 "message.error.select.domain.to.dedicate": "Please select domain to dedicate to.",
 "message.error.select.zone.type": "Please select Zone type below.",
 "message.error.server": "Please enter server.",
diff --git a/ui/src/views/infra/zone/ZoneWizardZoneDetailsStep.vue b/ui/src/views/infra/zone/ZoneWizardZoneDetailsStep.vue
index 05c5adc1bd2..584cbe6d1ba 100644
--- a/ui/src/views/infra/zone/ZoneWizardZoneDetailsStep.vue
+++ b/ui/src/views/infra/zone/ZoneWizardZoneDetailsStep.vue
@@ -195,7 +195,8 @@
           optionFilterProp="label"
           :filterOption="(input, option) => {
             return option.label.toLowerCase().indexOf(input.toLowerCase()) >= 0
-          }" >
+          }"
+          @change="val => { fetchDomainAccounts(val) }">
           <a-select-option v-for="dom in domains" :key="dom.id" :label="dom.path">
             {{ dom.path }}
           </a-select-option>
@@ -213,7 +214,20 @@
           :label="$t('label.account')"
           v-bind="formItemLayout"
           v-if="isDedicated">
-          <a-input v-model:value="form.account" />
+          <a-select
+            v-model:value="form.account"
+            v-focus="true"
+            showSearch
+            optionFilterProp="value"
+            :filterOption="(input, option) => {
+              return option.value.toLowerCase().indexOf(input.toLowerCase()) >= 0
+            }"
+            :placeholder="$t('message.error.select.account.to.dedicate')"
+            >
+            <a-select-option v-for="(acc, index) in selectedDomainAccounts" :value="acc.name" :key="index">
+              {{ acc.name }}
+            </a-select-option>
+          </a-select>
         </a-form-item>
         <a-form-item
           name="localstorageenabled"
@@ -276,7 +290,8 @@ export default {
     availableNetworkOfferings: null,
     ipV4Regex: /^(25[0-5]|2[0-4]\d|[01]?\d\d?)\.(25[0-5]|2[0-4]\d|[01]?\d\d?)\.(25[0-5]|2[0-4]\d|[01]?\d\d?)\.(25[0-5]|2[0-4]\d|[01]?\d\d?)$/i,
     ipV6Regex: /^((([0-9A-Fa-f]{1,4}:){7}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}:[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){5}:([0-9A-Fa-f]{1,4}:)?[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){4}:([0-9A-Fa-f]{1,4}:){0,2}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){3}:([0-9A-Fa-f]{1,4}:){0,3}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){2}:([0-9A-Fa-f]{1,4}:){0,4}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){6}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(([0-9A-Fa-f]{1,4}:){0,5}:((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|(::([0-9A-Fa-f]{1,4}:){0,5}((\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b)\.){3}(\b((25[0-5])|(1\d{2})|(2[0-4]\d)|(\d{1,2}))\b))|([0-9A-Fa-f]{1,4}::([0-9A-Fa-f]{1,4}:){0,5}[0-9A-Fa-f]{1,4})|(::([0-9A-Fa-f]{1,4}:){0,6}[0-9A-Fa-f]{1,4})|(([0-9A-Fa-f]{1,4}:){1,7}:))$/i,
-    formModel: {}
+    formModel: {},
+    selectedDomainAccounts: []
   }),
   created () {
     this.hypervisors = this.prefillContent?.hypervisors || null
@@ -454,6 +469,17 @@ export default {
         hypervisor: [{ required: true, message: this.$t('message.error.hypervisor.type') }]
       })
     },
+    fetchDomainAccounts (domainid) {
+      api('listAccounts', {
+        domainid: domainid
+      }).then(response => {
+        // Clean up the selected account from a previous domain
+        this.form.account = null
+        this.selectedDomainAccounts = response.listaccountsresponse.account || []
+      }).catch(error => {
+        this.$notifyError(error)
+      })
+    },
     fetchData () {
       api('listHypervisors').then(json => {
         this.hypervisors = json.listhypervisorsresponse.hypervisor

From ca6d2dc57ecca52d3a0847038bc9c6e8c7a0c00a Mon Sep 17 00:00:00 2001
From: Pearl Dsilva <pearl1594@gmail.com>
Date: Mon, 28 Jul 2025 05:20:42 -0400
Subject: [PATCH 41/83] Prevent multi-select dropdown menu from floating on
 scrolling through the form (#11237)

---
 ui/src/views/offering/AddComputeOffering.vue | 9 +++++++++
 ui/src/views/offering/AddDiskOffering.vue    | 4 ++++
 ui/src/views/offering/AddNetworkOffering.vue | 3 +++
 ui/src/views/offering/AddVpcOffering.vue     | 3 +++
 4 files changed, 19 insertions(+)

diff --git a/ui/src/views/offering/AddComputeOffering.vue b/ui/src/views/offering/AddComputeOffering.vue
index 80d200f1f25..ddf000d6f00 100644
--- a/ui/src/views/offering/AddComputeOffering.vue
+++ b/ui/src/views/offering/AddComputeOffering.vue
@@ -47,6 +47,7 @@
             <tooltip-label :title="$t('label.systemvmtype')" :tooltip="apiParams.systemvmtype.description"/>
           </template>
           <a-select
+            :getPopupContainer="(trigger) => trigger.parentNode"
             v-model:value="form.systemvmtype"
             showSearch
             optionFilterProp="label"
@@ -214,6 +215,7 @@
             <tooltip-label :title="$t('label.deploymentplanner')" :tooltip="apiParams.deploymentplanner.description"/>
           </template>
           <a-select
+            :getPopupContainer="(trigger) => trigger.parentNode"
             v-model:value="form.deploymentplanner"
             showSearch
             optionFilterProp="label"
@@ -245,6 +247,7 @@
         </a-form-item>
         <a-form-item name="pcidevice" ref="pcidevice" :label="$t('label.gpu')" v-if="!isSystem">
           <a-select
+            :getPopupContainer="(trigger) => trigger.parentNode"
             v-model:value="form.pcidevice"
             showSearch
             optionFilterProp="label"
@@ -260,6 +263,7 @@
         </a-form-item>
         <a-form-item name="vgputype" ref="vgputype" :label="$t('label.vgputype')" v-if="vGpuVisible">
           <a-select
+            :getPopupContainer="(trigger) => trigger.parentNode"
             v-model:value="form.vgputype"
             showSearch
             optionFilterProp="label"
@@ -281,6 +285,7 @@
           </template>
           <a-select
             mode="multiple"
+            :getPopupContainer="(trigger) => trigger.parentNode"
             v-model:value="form.domainid"
             showSearch
             optionFilterProp="label"
@@ -305,6 +310,7 @@
           <a-select
             id="zone-selection"
             mode="multiple"
+            :getPopupContainer="(trigger) => trigger.parentNode"
             v-model:value="form.zoneid"
             showSearch
             optionFilterProp="label"
@@ -331,6 +337,7 @@
             <tooltip-label :title="$t('label.vmware.storage.policy')" :tooltip="apiParams.storagepolicy.description"/>
           </template>
           <a-select
+            :getPopupContainer="(trigger) => trigger.parentNode"
             v-model:value="form.storagepolicy"
             :placeholder="apiParams.storagepolicy.description"
             showSearch
@@ -519,6 +526,7 @@
                   </template>
                   <a-select
                     mode="tags"
+                    :getPopupContainer="(trigger) => trigger.parentNode"
                     v-model:value="form.storagetags"
                     showSearch
                     optionFilterProp="value"
@@ -558,6 +566,7 @@
               <br /><br />
               <a-form-item :label="$t('label.disk.offerings')" name="diskofferingid" ref="diskofferingid">
                 <a-select
+                  :getPopupContainer="(trigger) => trigger.parentNode"
                   v-model:value="form.diskofferingid"
                   :loading="loading"
                   :placeholder="$t('label.diskoffering')">
diff --git a/ui/src/views/offering/AddDiskOffering.vue b/ui/src/views/offering/AddDiskOffering.vue
index 576721d48cc..700e90f1766 100644
--- a/ui/src/views/offering/AddDiskOffering.vue
+++ b/ui/src/views/offering/AddDiskOffering.vue
@@ -202,6 +202,7 @@
             <tooltip-label :title="$t('label.storagetags')" :tooltip="apiParams.tags.description"/>
           </template>
           <a-select
+            :getPopupContainer="(trigger) => trigger.parentNode"
             mode="tags"
             v-model:value="form.tags"
             showSearch
@@ -226,6 +227,7 @@
           </template>
           <a-select
             mode="multiple"
+            :getPopupContainer="(trigger) => trigger.parentNode"
             v-model:value="form.domainid"
             showSearch
             optionFilterProp="label"
@@ -250,6 +252,7 @@
           <a-select
             id="zone-selection"
             mode="multiple"
+            :getPopupContainer="(trigger) => trigger.parentNode"
             v-model:value="form.zoneid"
             showSearch
             optionFilterProp="label"
@@ -273,6 +276,7 @@
             <tooltip-label :title="$t('label.vmware.storage.policy')" :tooltip="apiParams.storagepolicy.description"/>
           </template>
           <a-select
+            :getPopupContainer="(trigger) => trigger.parentNode"
             v-model:value="form.storagepolicy"
             :placeholder="apiParams.storagepolicy.description"
             showSearch
diff --git a/ui/src/views/offering/AddNetworkOffering.vue b/ui/src/views/offering/AddNetworkOffering.vue
index 17359e4e0c0..435952413cd 100644
--- a/ui/src/views/offering/AddNetworkOffering.vue
+++ b/ui/src/views/offering/AddNetworkOffering.vue
@@ -248,6 +248,7 @@
             <tooltip-label :title="$t('label.serviceofferingid')" :tooltip="apiParams.serviceofferingid.description"/>
           </template>
           <a-select
+            :getPopupContainer="(trigger) => trigger.parentNode"
             showSearch
             optionFilterProp="label"
             v-model:value="form.serviceofferingid"
@@ -430,6 +431,7 @@
           </template>
           <a-select
             mode="multiple"
+            :getPopupContainer="(trigger) => trigger.parentNode"
             v-model:value="form.domainid"
             showSearch
             optionFilterProp="label"
@@ -454,6 +456,7 @@
           <a-select
             id="zone-selection"
             mode="multiple"
+            :getPopupContainer="(trigger) => trigger.parentNode"
             v-model:value="form.zoneid"
             showSearch
             optionFilterProp="label"
diff --git a/ui/src/views/offering/AddVpcOffering.vue b/ui/src/views/offering/AddVpcOffering.vue
index 738a03a9b2e..94a5f8a60b1 100644
--- a/ui/src/views/offering/AddVpcOffering.vue
+++ b/ui/src/views/offering/AddVpcOffering.vue
@@ -104,6 +104,7 @@
             <tooltip-label :title="$t('label.serviceofferingid')" :tooltip="apiParams.serviceofferingid.description"/>
           </template>
           <a-select
+            :getPopupContainer="(trigger) => trigger.parentNode"
             showSearch
             optionFilterProp="label"
             v-model:value="form.serviceofferingid"
@@ -126,6 +127,7 @@
           </template>
           <a-select
             mode="multiple"
+            :getPopupContainer="(trigger) => trigger.parentNode"
             v-model:value="form.domainid"
             showSearch
             optionFilterProp="label"
@@ -150,6 +152,7 @@
           <a-select
             id="zone-selection"
             mode="multiple"
+            :getPopupContainer="(trigger) => trigger.parentNode"
             v-model:value="form.zoneid"
             showSearch
             optionFilterProp="label"

From 82396b621ed9fbb5a7c07a540a46d55c2581cd4f Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Mon, 28 Jul 2025 15:21:55 +0530
Subject: [PATCH 42/83] appliance: bump systemvmtemplate version to 4.20.2

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../systemvmtemplate/scripts/configure_systemvm_services.sh     | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/appliance/systemvmtemplate/scripts/configure_systemvm_services.sh b/tools/appliance/systemvmtemplate/scripts/configure_systemvm_services.sh
index 2629eba92e9..626f7cd6de8 100644
--- a/tools/appliance/systemvmtemplate/scripts/configure_systemvm_services.sh
+++ b/tools/appliance/systemvmtemplate/scripts/configure_systemvm_services.sh
@@ -19,7 +19,7 @@
 set -e
 set -x
 
-CLOUDSTACK_RELEASE=4.20.1
+CLOUDSTACK_RELEASE=4.20.2
 
 function configure_apache2() {
    # Enable ssl, rewrite and auth

From a32738c52ed6ac98fadb6a3702db7a3c779999e9 Mon Sep 17 00:00:00 2001
From: Manoj Kumar <manojkr.itbhu@gmail.com>
Date: Tue, 29 Jul 2025 11:41:30 +0530
Subject: [PATCH 43/83] Prevent infinite autoscaling (#11244)

* Prevent infinite autoscaling

* Update server/src/main/java/com/cloud/network/as/AutoScaleManagerImpl.java

Co-authored-by: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
---
 .../cloud/network/as/dao/AutoScaleVmGroupVmMapDao.java   | 2 ++
 .../network/as/dao/AutoScaleVmGroupVmMapDaoImpl.java     | 9 +++++++++
 .../cloud/configuration/ConfigurationManagerImpl.java    | 2 ++
 .../main/java/com/cloud/network/as/AutoScaleManager.java | 6 ++++++
 .../java/com/cloud/network/as/AutoScaleManagerImpl.java  | 8 +++++++-
 5 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/engine/schema/src/main/java/com/cloud/network/as/dao/AutoScaleVmGroupVmMapDao.java b/engine/schema/src/main/java/com/cloud/network/as/dao/AutoScaleVmGroupVmMapDao.java
index 4b25c63403e..409042e7e33 100644
--- a/engine/schema/src/main/java/com/cloud/network/as/dao/AutoScaleVmGroupVmMapDao.java
+++ b/engine/schema/src/main/java/com/cloud/network/as/dao/AutoScaleVmGroupVmMapDao.java
@@ -35,4 +35,6 @@ public interface AutoScaleVmGroupVmMapDao extends GenericDao<AutoScaleVmGroupVmM
     public boolean removeByVm(long vmId);
 
     public boolean removeByGroup(long vmGroupId);
+
+    int getErroredInstanceCount(long vmGroupId);
 }
diff --git a/engine/schema/src/main/java/com/cloud/network/as/dao/AutoScaleVmGroupVmMapDaoImpl.java b/engine/schema/src/main/java/com/cloud/network/as/dao/AutoScaleVmGroupVmMapDaoImpl.java
index 8fca4c26f9a..6e47cfec577 100644
--- a/engine/schema/src/main/java/com/cloud/network/as/dao/AutoScaleVmGroupVmMapDaoImpl.java
+++ b/engine/schema/src/main/java/com/cloud/network/as/dao/AutoScaleVmGroupVmMapDaoImpl.java
@@ -115,4 +115,13 @@ public class AutoScaleVmGroupVmMapDaoImpl extends GenericDaoBase<AutoScaleVmGrou
         sc.setParameters("vmGroupId", vmGroupId);
         return remove(sc) >= 0;
     }
+
+    @Override
+    public int getErroredInstanceCount(long vmGroupId) {
+        SearchCriteria<Integer> sc = CountBy.create();
+        sc.setParameters("vmGroupId", vmGroupId);
+        sc.setJoinParameters("vmSearch", "states", State.Error);
+        final List<Integer> results = customSearch(sc, null);
+        return results.get(0);
+    }
 }
diff --git a/server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java b/server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java
index 4c03122e463..b10b6950340 100644
--- a/server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java
+++ b/server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java
@@ -47,6 +47,7 @@ import javax.naming.ConfigurationException;
 
 
 import com.cloud.hypervisor.HypervisorGuru;
+import com.cloud.network.as.AutoScaleManager;
 import com.cloud.user.AccountManagerImpl;
 import com.cloud.utils.crypt.DBEncryptionUtil;
 import com.cloud.host.HostTagVO;
@@ -570,6 +571,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
         configValuesForValidation.add(UserDataManager.VM_USERDATA_MAX_LENGTH_STRING);
         configValuesForValidation.add(UnmanagedVMsManager.RemoteKvmInstanceDisksCopyTimeout.key());
         configValuesForValidation.add(UnmanagedVMsManager.ConvertVmwareInstanceToKvmTimeout.key());
+        configValuesForValidation.add(AutoScaleManager.AutoScaleErroredInstanceThreshold.key());
     }
 
     private void weightBasedParametersForValidation() {
diff --git a/server/src/main/java/com/cloud/network/as/AutoScaleManager.java b/server/src/main/java/com/cloud/network/as/AutoScaleManager.java
index cf6aab6a7bb..26598879a51 100644
--- a/server/src/main/java/com/cloud/network/as/AutoScaleManager.java
+++ b/server/src/main/java/com/cloud/network/as/AutoScaleManager.java
@@ -38,6 +38,12 @@ public interface AutoScaleManager extends AutoScaleService {
             "The Number of worker threads to scan the autoscale vm groups.",
             false);
 
+    ConfigKey<Integer> AutoScaleErroredInstanceThreshold = new ConfigKey<>(ConfigKey.CATEGORY_ADVANCED, Integer.class,
+            "autoscale.errored.instance.threshold",
+            "10",
+            "The number of Error Instances allowed in autoscale vm groups for scale up.",
+            true);
+
     void checkAutoScaleUser(Long autoscaleUserId, long accountId);
 
     boolean deleteAutoScaleVmGroupsByAccount(Long accountId);
diff --git a/server/src/main/java/com/cloud/network/as/AutoScaleManagerImpl.java b/server/src/main/java/com/cloud/network/as/AutoScaleManagerImpl.java
index 5bbd85c2415..8e6b7222da2 100644
--- a/server/src/main/java/com/cloud/network/as/AutoScaleManagerImpl.java
+++ b/server/src/main/java/com/cloud/network/as/AutoScaleManagerImpl.java
@@ -1716,6 +1716,11 @@ public class AutoScaleManagerImpl extends ManagerBase implements AutoScaleManage
             s_logger.warn("number of VM will greater than the maximum in this group if scaling up, so do nothing more");
             return false;
         }
+        int erroredInstanceCount = autoScaleVmGroupVmMapDao.getErroredInstanceCount(asGroup.getId());
+        if (erroredInstanceCount > AutoScaleManager.AutoScaleErroredInstanceThreshold.value()) {
+            s_logger.warn("Number of Errored Instances are greater than the threshold in this group for scaling up, so do nothing more");
+            return false;
+        }
         return true;
     }
 
@@ -2202,7 +2207,8 @@ public class AutoScaleManagerImpl extends ManagerBase implements AutoScaleManage
         return new ConfigKey<?>[] {
                 AutoScaleStatsInterval,
                 AutoScaleStatsCleanupDelay,
-                AutoScaleStatsWorker
+                AutoScaleStatsWorker,
+                AutoScaleErroredInstanceThreshold
         };
     }
 

From 8756be5c18796469f6d480d3bebdde983e6a2a53 Mon Sep 17 00:00:00 2001
From: Nicolas Vazquez <nicovazquez90@gmail.com>
Date: Tue, 29 Jul 2025 06:41:43 -0300
Subject: [PATCH 44/83] [Multi-Arch] Select Template Arch when creating
 template from volume (#11068)

Co-authored-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
Co-authored-by: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
Co-authored-by: Vishesh <vishesh92@gmail.com>
---
 .../user/template/CreateTemplateCmd.java      | 10 ++++++++
 .../cloud/template/TemplateManagerImpl.java   |  2 +-
 ui/src/views/storage/CreateTemplate.vue       | 25 +++++++++++++++++--
 3 files changed, 34 insertions(+), 3 deletions(-)

diff --git a/api/src/main/java/org/apache/cloudstack/api/command/user/template/CreateTemplateCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/user/template/CreateTemplateCmd.java
index 0a7bf291843..5f09ac6698d 100644
--- a/api/src/main/java/org/apache/cloudstack/api/command/user/template/CreateTemplateCmd.java
+++ b/api/src/main/java/org/apache/cloudstack/api/command/user/template/CreateTemplateCmd.java
@@ -20,6 +20,7 @@ import java.util.Collection;
 import java.util.List;
 import java.util.Map;
 
+import com.cloud.cpu.CPU;
 import org.apache.cloudstack.acl.SecurityChecker;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiCommandResourceType;
@@ -148,6 +149,11 @@ public class CreateTemplateCmd extends BaseAsyncCreateCmd implements UserCmd {
           since = "4.19.0")
     private String accountName;
 
+    @Parameter(name = ApiConstants.ARCH, type = CommandType.STRING,
+            description = "the CPU arch of the template. Valid options are: x86_64, aarch64. Defaults to x86_64",
+            since = "4.20.2")
+    private String arch;
+
     // ///////////////////////////////////////////////////
     // ///////////////// Accessors ///////////////////////
     // ///////////////////////////////////////////////////
@@ -234,6 +240,10 @@ public class CreateTemplateCmd extends BaseAsyncCreateCmd implements UserCmd {
         return accountName;
     }
 
+    public CPU.CPUArch getArch() {
+        return CPU.CPUArch.fromType(arch);
+    }
+
     // ///////////////////////////////////////////////////
     // ///////////// API Implementation///////////////////
     // ///////////////////////////////////////////////////
diff --git a/server/src/main/java/com/cloud/template/TemplateManagerImpl.java b/server/src/main/java/com/cloud/template/TemplateManagerImpl.java
index 9f23bdef142..cf88ccec919 100755
--- a/server/src/main/java/com/cloud/template/TemplateManagerImpl.java
+++ b/server/src/main/java/com/cloud/template/TemplateManagerImpl.java
@@ -1831,6 +1831,7 @@ public class TemplateManagerImpl extends ManagerBase implements TemplateManager,
             throw new InvalidParameterValueException("Failed to create private template record, please specify only one of volume ID (" + volumeId +
                     ") and snapshot ID (" + snapshotId + ")");
         }
+        CPU.CPUArch arch = cmd.getArch();
 
         HypervisorType hyperType;
         VolumeVO volume = null;
@@ -1923,7 +1924,6 @@ public class TemplateManagerImpl extends ManagerBase implements TemplateManager,
         String description = cmd.getDisplayText();
         boolean isExtractable = false;
         Long sourceTemplateId = null;
-        CPU.CPUArch arch = CPU.CPUArch.amd64;
         if (volume != null) {
             VMTemplateVO template = ApiDBUtils.findTemplateById(volume.getTemplateId());
             isExtractable = template != null && template.isExtractable() && template.getTemplateType() != Storage.TemplateType.SYSTEM;
diff --git a/ui/src/views/storage/CreateTemplate.vue b/ui/src/views/storage/CreateTemplate.vue
index 65941d39a9d..d974092a5f8 100644
--- a/ui/src/views/storage/CreateTemplate.vue
+++ b/ui/src/views/storage/CreateTemplate.vue
@@ -129,6 +129,25 @@
           </a-select-option>
           </a-select>
       </a-form-item>
+      <a-form-item
+        name="arch"
+        ref="arch">
+        <template #label>
+          <tooltip-label :title="$t('label.arch')" :tooltip="apiParams.arch.description"/>
+        </template>
+        <a-select
+          showSearch
+          optionFilterProp="label"
+          :filterOption="(input, option) => {
+            return option.children[0].children.toLowerCase().indexOf(input.toLowerCase()) >= 0
+          }"
+          v-model:value="form.arch"
+          :placeholder="apiParams.arch.description">
+          <a-select-option v-for="opt in architectureTypes.opts" :key="opt.id">
+            {{ opt.name || opt.description }}
+          </a-select-option>
+        </a-select>
+      </a-form-item>
       <a-row :gutter="12">
         <a-col :md="24" :lg="12">
           <a-form-item ref="isdynamicallyscalable" name="isdynamicallyscalable">
@@ -163,7 +182,7 @@
                 <tooltip-label :title="$t('label.isfeatured')" :tooltip="apiParams.isfeatured.description"/>
               </template>
               <a-switch v-model:checked="form.isfeatured" />
-            </a-form-item>
+          </a-form-item>
         </a-col>
       </a-row>
       <div :span="24" class="action-button">
@@ -204,7 +223,8 @@ export default {
       accounts: [],
       domainLoading: false,
       domainid: null,
-      account: null
+      account: null,
+      architectureTypes: {}
     }
   },
   computed: {
@@ -239,6 +259,7 @@ export default {
       if ('listDomains' in this.$store.getters.apis) {
         this.fetchDomains()
       }
+      this.architectureTypes.opts = this.$fetchCpuArchitectureTypes()
     },
     fetchOsTypes () {
       this.osTypes.opts = []

From e9918ba15de6e115ec4aa3528519b9b43daa26a3 Mon Sep 17 00:00:00 2001
From: Abhishek Kumar <abhishek.mrt22@gmail.com>
Date: Tue, 29 Jul 2025 17:12:31 +0530
Subject: [PATCH 45/83] ui: fix volume size not showing (#11328)

Fixes #11321

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
---
 ui/src/config/section/storage.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ui/src/config/section/storage.js b/ui/src/config/section/storage.js
index a86650874ba..12d1d547a90 100644
--- a/ui/src/config/section/storage.js
+++ b/ui/src/config/section/storage.js
@@ -39,7 +39,7 @@ export default {
         }
       },
       columns: () => {
-        const fields = ['name', 'state', 'sizegb', 'type', 'vmname']
+        const fields = ['name', 'state', 'size', 'type', 'vmname']
         const metricsFields = ['diskkbsread', 'diskkbswrite', 'diskiopstotal']
 
         if (store.getters.userInfo.roletype === 'Admin') {

From 4b1a605e597316f30a99528ffd368ddd4915f14b Mon Sep 17 00:00:00 2001
From: Abhishek Kumar <abhishek.mrt22@gmail.com>
Date: Tue, 29 Jul 2025 18:33:05 +0530
Subject: [PATCH 46/83] server: fix IllegalMonitorStateException on cluster
 managedstate change (#11310)

* server: fix IllegalMonitorStateException on cluster managedstate change

Fixes #11293

* Update server/src/main/java/com/cloud/resource/ResourceManagerImpl.java

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
Co-authored-by: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
---
 .../src/main/java/com/cloud/resource/ResourceManagerImpl.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/server/src/main/java/com/cloud/resource/ResourceManagerImpl.java b/server/src/main/java/com/cloud/resource/ResourceManagerImpl.java
index c05776ee6e1..e0cefc7b4bf 100755
--- a/server/src/main/java/com/cloud/resource/ResourceManagerImpl.java
+++ b/server/src/main/java/com/cloud/resource/ResourceManagerImpl.java
@@ -1217,9 +1217,9 @@ public class ResourceManagerImpl extends ManagerBase implements ResourceManager,
                     for (int i = 0; i < retry; i++) {
                         lsuccess = true;
                         try {
-                            Thread.currentThread().wait(5 * 1000);
+                            Thread.sleep(5 * 1000);
                         } catch (final InterruptedException e) {
-                            s_logger.debug("thread unexpectedly interupted during wait, while updating cluster");
+                            s_logger.debug("thread unexpectedly interrupted during wait, while updating cluster");
                         }
                         hosts = listAllUpAndEnabledHosts(Host.Type.Routing, cluster.getId(), cluster.getPodId(), cluster.getDataCenterId());
                         for (final HostVO host : hosts) {

From fd4223295a05878fbfeef7a9c1a00dd380de351b Mon Sep 17 00:00:00 2001
From: Abhishek Kumar <abhishek.mrt22@gmail.com>
Date: Wed, 30 Jul 2025 10:56:33 +0530
Subject: [PATCH 47/83] ui: fix advance setting behaviour in autoscale form
 (#11306)

Fixes #11269

The current dysfunctional behaviour was introduced in #6571. In advanced
settings interface for ssh keypairs, userdata, affinity group, etc are
show but the toggle to show/hide them was not working correctly.

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
---
 ui/src/views/compute/CreateAutoScaleVmGroup.vue | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ui/src/views/compute/CreateAutoScaleVmGroup.vue b/ui/src/views/compute/CreateAutoScaleVmGroup.vue
index 981c2b0ab18..ae295e7f94f 100644
--- a/ui/src/views/compute/CreateAutoScaleVmGroup.vue
+++ b/ui/src/views/compute/CreateAutoScaleVmGroup.vue
@@ -738,7 +738,7 @@
                     {{ $t('label.isadvanced') }}
                     <a-switch v-model:checked="showDetails" style="margin-left: 10px"/>
                   </span>
-                  <div style="margin-top: 15px" v-show="showDetails">
+                  <div style="margin-top: 15px" v-if="showDetails">
                     <a-form-item :label="$t('label.sshkeypairs')">
                       <ssh-key-pair-selection
                         :items="options.sshKeyPairs"

From 7506a547afc9079dc08853138d399c716d791cf8 Mon Sep 17 00:00:00 2001
From: Abhishek Kumar <abhishek.mrt22@gmail.com>
Date: Wed, 30 Jul 2025 11:04:58 +0530
Subject: [PATCH 48/83] kvm, ui: fix interface when using vlan subnet for
 storage traffic type (#11245)

* kvm, ui: fix interface when using vlan subnet for storage traffic type

Fixes #7816

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
---
 .../cloud/hypervisor/kvm/resource/BridgeVifDriver.java   | 9 +++++++++
 ui/src/views/infra/network/IpRangesTabStorage.vue        | 2 +-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java
index 39ecc9182f0..67f093a933a 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java
@@ -252,6 +252,15 @@ public class BridgeVifDriver extends VifDriverBase {
             intf.defBridgeNet(_bridges.get("private"), null, nic.getMac(), getGuestNicModel(guestOsType, nicAdapter));
         } else if (nic.getType() == Networks.TrafficType.Storage) {
             String storageBrName = nic.getName() == null ? _bridges.get("private") : nic.getName();
+            if (nic.getBroadcastType() == Networks.BroadcastDomainType.Storage) {
+                vNetId = Networks.BroadcastDomainType.getValue(nic.getBroadcastUri());
+                protocol = Networks.BroadcastDomainType.Vlan.scheme();
+            }
+            if (isValidProtocolAndVnetId(vNetId, protocol))  {
+                s_logger.debug(String.format("creating a vNet dev and bridge for %s traffic per traffic label %s",
+                        Networks.TrafficType.Storage.name(), trafficLabel));
+                storageBrName = createVnetBr(vNetId, storageBrName, protocol);
+            }
             intf.defBridgeNet(storageBrName, null, nic.getMac(), getGuestNicModel(guestOsType, nicAdapter));
         }
         if (nic.getPxeDisable()) {
diff --git a/ui/src/views/infra/network/IpRangesTabStorage.vue b/ui/src/views/infra/network/IpRangesTabStorage.vue
index c8665d6d9b5..881f9ceadea 100644
--- a/ui/src/views/infra/network/IpRangesTabStorage.vue
+++ b/ui/src/views/infra/network/IpRangesTabStorage.vue
@@ -166,7 +166,7 @@ export default {
         },
         {
           title: this.$t('label.vlan'),
-          dataIndex: 'vlanid'
+          dataIndex: 'vlan'
         },
         {
           title: this.$t('label.startip'),

From 4d2beea7773d739e7946d75472e4ccfc57a05d69 Mon Sep 17 00:00:00 2001
From: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
Date: Wed, 30 Jul 2025 14:50:41 +0530
Subject: [PATCH 49/83] logger fix

---
 .../java/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java
index 2c4aafd4c8c..0602fd6322f 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java
@@ -255,7 +255,7 @@ public class BridgeVifDriver extends VifDriverBase {
                 protocol = Networks.BroadcastDomainType.Vlan.scheme();
             }
             if (isValidProtocolAndVnetId(vNetId, protocol))  {
-                s_logger.debug(String.format("creating a vNet dev and bridge for %s traffic per traffic label %s",
+                logger.debug(String.format("creating a vNet dev and bridge for %s traffic per traffic label %s",
                         Networks.TrafficType.Storage.name(), trafficLabel));
                 storageBrName = createVnetBr(vNetId, storageBrName, protocol);
             }

From 2d025bd0749026afc4a7f71b161383a17fc59a8b Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Wed, 30 Jul 2025 17:03:10 +0530
Subject: [PATCH 50/83] kvm: fix regression
 5a52ca78ae5e165211c618525613c3d62cfd1b28 (#11342)

Somehow the commit 5a52ca78ae5e165211c618525613c3d62cfd1b28 was reverted
so cloud-init templates don't work on arm64 anymore :(

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 .../java/com/cloud/hypervisor/kvm/resource/LibvirtVMDef.java  | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/LibvirtVMDef.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/LibvirtVMDef.java
index 93ad084b437..1383190933d 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/LibvirtVMDef.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/LibvirtVMDef.java
@@ -249,9 +249,7 @@ public class LibvirtVMDef {
                         guestDef.append("<boot dev='" + bo + "'/>\n");
                     }
                 }
-                if (_arch == null || !_arch.equals("aarch64")) {
-                    guestDef.append("<smbios mode='sysinfo'/>\n");
-                }
+                guestDef.append("<smbios mode='sysinfo'/>\n");
                 guestDef.append("</os>\n");
                 if (iothreads) {
                     guestDef.append(String.format("<iothreads>%s</iothreads>", NUMBER_OF_IOTHREADS));

From 294aef5ecff1356976eff819cc3028f3439faa24 Mon Sep 17 00:00:00 2001
From: Abhisar Sinha <63767682+abh1sar@users.noreply.github.com>
Date: Wed, 30 Jul 2025 17:35:03 +0530
Subject: [PATCH 51/83] Fix listCapacity sort by usage (#11316)

---
 .../api/command/admin/resource/ListCapacityCmd.java         | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/api/src/main/java/org/apache/cloudstack/api/command/admin/resource/ListCapacityCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/admin/resource/ListCapacityCmd.java
index 253677616f0..fdc1087377f 100644
--- a/api/src/main/java/org/apache/cloudstack/api/command/admin/resource/ListCapacityCmd.java
+++ b/api/src/main/java/org/apache/cloudstack/api/command/admin/resource/ListCapacityCmd.java
@@ -127,14 +127,16 @@ public class ListCapacityCmd extends BaseListCmd {
         Collections.sort(capacityResponses, new Comparator<CapacityResponse>() {
             public int compare(CapacityResponse resp1, CapacityResponse resp2) {
                 int res = resp1.getZoneName().compareTo(resp2.getZoneName());
+                // Group by zone
                 if (res != 0) {
                     return res;
-                } else {
-                    return resp1.getCapacityType().compareTo(resp2.getCapacityType());
                 }
+                // Sort by capacity type only if not already sorted by usage
+                return (getSortBy() != null) ? 0 : resp1.getCapacityType().compareTo(resp2.getCapacityType());
             }
         });
 
+
         response.setResponses(capacityResponses);
         response.setResponseName(getCommandName());
         this.setResponseObject(response);

From 1dc134a3ecf645b743334213aeb35530b8e9c2de Mon Sep 17 00:00:00 2001
From: Pearl Dsilva <pearl1594@gmail.com>
Date: Wed, 30 Jul 2025 08:11:13 -0400
Subject: [PATCH 52/83] UI: Display NSX Provider only when NSX is the selected
 Isolation method (#11142)

---
 .../com/cloud/network/NetworkServiceImpl.java    |  1 -
 ui/src/views/infra/zone/ZoneWizardLaunchZone.vue | 16 ++++++++++++++--
 2 files changed, 14 insertions(+), 3 deletions(-)

diff --git a/server/src/main/java/com/cloud/network/NetworkServiceImpl.java b/server/src/main/java/com/cloud/network/NetworkServiceImpl.java
index ccafc2da258..254c03c9317 100644
--- a/server/src/main/java/com/cloud/network/NetworkServiceImpl.java
+++ b/server/src/main/java/com/cloud/network/NetworkServiceImpl.java
@@ -5658,7 +5658,6 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService, C
             }
 
             addProviderToPhysicalNetwork(physicalNetworkId, Provider.Nsx.getName(), null, null);
-            enableProvider(Provider.Nsx.getName());
         }
         return null;
     }
diff --git a/ui/src/views/infra/zone/ZoneWizardLaunchZone.vue b/ui/src/views/infra/zone/ZoneWizardLaunchZone.vue
index e479246777f..31e3fadc9f6 100644
--- a/ui/src/views/infra/zone/ZoneWizardLaunchZone.vue
+++ b/ui/src/views/infra/zone/ZoneWizardLaunchZone.vue
@@ -487,7 +487,6 @@ export default {
               if (physicalNetwork.isolationMethod === 'NSX' &&
                 physicalNetwork.traffics.findIndex(traffic => traffic.type === 'public' || traffic.type === 'guest') > -1) {
                 this.stepData.isNsxZone = true
-                this.stepData.tungstenPhysicalNetworkId = physicalNetworkReturned.id
               }
             } else {
               this.stepData.physicalNetworkReturned = this.stepData.physicalNetworkItem['createPhysicalNetwork' + index]
@@ -980,7 +979,7 @@ export default {
           return
         }
 
-        if (idx === 0) {
+        if (idx === 0 && this.stepData.isNsxZone) {
           await this.stepConfigurePublicTraffic('message.configuring.nsx.public.traffic', 'nsxPublicTraffic', 1)
         } else {
           if (this.stepData.isTungstenZone) {
@@ -1080,6 +1079,7 @@ export default {
           providerParams.transportzone = this.prefillContent?.transportZone || ''
 
           await this.addNsxController(providerParams)
+          await this.updateNsxServiceProviderStatus()
           this.stepData.stepMove.push('addNsxController')
         }
         this.stepData.stepMove.push('nsx')
@@ -1090,6 +1090,18 @@ export default {
         this.setStepStatus(STATUS_FAILED)
       }
     },
+    async updateNsxServiceProviderStatus () {
+      const listParams = {}
+      listParams.name = 'Nsx'
+      const nsxPhysicalNetwork = this.stepData.physicalNetworksReturned.find(net => net.isolationmethods.trim().toUpperCase() === 'NSX')
+      const nsxPhysicalNetworkId = nsxPhysicalNetwork?.id || null
+      listParams.physicalNetworkId = nsxPhysicalNetworkId
+      const nsxProviderId = await this.listNetworkServiceProviders(listParams, 'nsxProvider')
+      console.log(nsxProviderId)
+      if (nsxProviderId !== null) {
+        await this.updateNetworkServiceProvider(nsxProviderId)
+      }
+    },
     async stepConfigureStorageTraffic () {
       let targetNetwork = false
       this.prefillContent.physicalNetworks.forEach(physicalNetwork => {

From 2944bd1eda1fd587dc8301a15c0ea70a6919931a Mon Sep 17 00:00:00 2001
From: Pearl Dsilva <pearl1594@gmail.com>
Date: Thu, 31 Jul 2025 01:41:40 -0400
Subject: [PATCH 53/83] API: Set Object name when expunging VM (#11352)

---
 .../apache/cloudstack/api/command/user/vm/DestroyVMCmd.java    | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/api/src/main/java/org/apache/cloudstack/api/command/user/vm/DestroyVMCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/user/vm/DestroyVMCmd.java
index aa121162cb4..18a9d2058a6 100644
--- a/api/src/main/java/org/apache/cloudstack/api/command/user/vm/DestroyVMCmd.java
+++ b/api/src/main/java/org/apache/cloudstack/api/command/user/vm/DestroyVMCmd.java
@@ -140,7 +140,8 @@ public class DestroyVMCmd extends BaseAsyncCmd implements UserCmd {
             if (responses != null && !responses.isEmpty()) {
                 response = responses.get(0);
             }
-            response.setResponseName("virtualmachine");
+            response.setResponseName(getCommandName());
+            response.setObjectName("virtualmachine");
             setResponseObject(response);
         } else {
             throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to destroy vm");

From 3850445b505b76957f790f1b18a9888c9b0b9616 Mon Sep 17 00:00:00 2001
From: Abhishek Kumar <abhishek.mrt22@gmail.com>
Date: Thu, 31 Jul 2025 15:17:01 +0530
Subject: [PATCH 54/83] ui: fix delete traffic type (#11337)

Currently wrong parameter - 'itemd' is passed to the `deleteTrafficType` method.

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
---
 ui/src/views/infra/network/TrafficTypesTab.vue | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ui/src/views/infra/network/TrafficTypesTab.vue b/ui/src/views/infra/network/TrafficTypesTab.vue
index 41da48d993c..a4bc20e4dbe 100644
--- a/ui/src/views/infra/network/TrafficTypesTab.vue
+++ b/ui/src/views/infra/network/TrafficTypesTab.vue
@@ -21,7 +21,7 @@
       <a-tab-pane v-for="(item, index) in traffictypes" :tab="item.traffictype" :key="index">
         <a-popconfirm
           :title="$t('message.confirm.delete.traffic.type')"
-          @confirm="deleteTrafficType(itemd)"
+          @confirm="deleteTrafficType(item)"
           :okText="$t('label.yes')"
           :cancelText="$t('label.no')" >
           <a-button

From ed0d606e983cd5ae2e4cd5b7428d054b9768b6ca Mon Sep 17 00:00:00 2001
From: Nicolas Vazquez <nicovazquez90@gmail.com>
Date: Thu, 31 Jul 2025 08:12:47 -0300
Subject: [PATCH 55/83] Find system VM templates for CKS clusters and SharedFS
 honouring the preferred architecture (#10946)

* Find system VM templates for CKS cluster honouring the preferred architecture

* Fix unit tests

* Fix checkstyle

* Sort instead of filtering by preferred arch

* Remove unnecesary stubs

* Restore java version

* Address review comments

* Fail and display error message in case the CKS ISO arch doesnt match the selected template arch

* Prefer CKS ISO arch instead of the system VM setting
---
 .../com/cloud/storage/dao/VMTemplateDao.java  |  2 +-
 .../cloud/storage/dao/VMTemplateDaoImpl.java  | 11 +++++-
 .../storage/dao/VMTemplateDaoImplTest.java    | 21 ++++++++++
 .../cluster/KubernetesClusterManagerImpl.java | 38 +++++++++++++++++--
 .../KubernetesClusterActionWorker.java        |  4 +-
 ...esClusterResourceModifierActionWorker.java |  2 +-
 .../KubernetesClusterManagerImplTest.java     | 19 ++++++++++
 .../lifecycle/StorageVmSharedFSLifeCycle.java |  3 +-
 .../StorageVmSharedFSLifeCycleTest.java       |  3 +-
 9 files changed, 93 insertions(+), 10 deletions(-)

diff --git a/engine/schema/src/main/java/com/cloud/storage/dao/VMTemplateDao.java b/engine/schema/src/main/java/com/cloud/storage/dao/VMTemplateDao.java
index 0b40366a866..c751f81f927 100644
--- a/engine/schema/src/main/java/com/cloud/storage/dao/VMTemplateDao.java
+++ b/engine/schema/src/main/java/com/cloud/storage/dao/VMTemplateDao.java
@@ -72,7 +72,7 @@ public interface VMTemplateDao extends GenericDao<VMTemplateVO, Long>, StateDao<
 
     VMTemplateVO findSystemVMTemplate(long zoneId);
 
-    VMTemplateVO findSystemVMReadyTemplate(long zoneId, HypervisorType hypervisorType);
+    VMTemplateVO findSystemVMReadyTemplate(long zoneId, HypervisorType hypervisorType, String preferredArch);
 
     List<VMTemplateVO> findSystemVMReadyTemplates(long zoneId, HypervisorType hypervisorType, String preferredArch);
 
diff --git a/engine/schema/src/main/java/com/cloud/storage/dao/VMTemplateDaoImpl.java b/engine/schema/src/main/java/com/cloud/storage/dao/VMTemplateDaoImpl.java
index 12c00a3209a..b6796cf8f9d 100644
--- a/engine/schema/src/main/java/com/cloud/storage/dao/VMTemplateDaoImpl.java
+++ b/engine/schema/src/main/java/com/cloud/storage/dao/VMTemplateDaoImpl.java
@@ -23,6 +23,7 @@ import java.util.Date;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.stream.Collectors;
 
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
@@ -578,11 +579,19 @@ public class VMTemplateDaoImpl extends GenericDaoBase<VMTemplateVO, Long> implem
     }
 
     @Override
-    public VMTemplateVO findSystemVMReadyTemplate(long zoneId, HypervisorType hypervisorType) {
+    public VMTemplateVO findSystemVMReadyTemplate(long zoneId, HypervisorType hypervisorType, String preferredArch) {
         List<VMTemplateVO> templates = listAllReadySystemVMTemplates(zoneId);
         if (CollectionUtils.isEmpty(templates)) {
             return null;
         }
+        if (StringUtils.isNotBlank(preferredArch)) {
+            // Sort the templates by preferred architecture first
+            templates = templates.stream()
+                    .sorted(Comparator.comparing(
+                            x -> !x.getArch().getType().equalsIgnoreCase(preferredArch)
+                    ))
+                    .collect(Collectors.toList());
+        }
         if (hypervisorType == HypervisorType.Any) {
             return templates.get(0);
         }
diff --git a/engine/schema/src/test/java/com/cloud/storage/dao/VMTemplateDaoImplTest.java b/engine/schema/src/test/java/com/cloud/storage/dao/VMTemplateDaoImplTest.java
index df0b36ebdbf..e97a887cc47 100644
--- a/engine/schema/src/test/java/com/cloud/storage/dao/VMTemplateDaoImplTest.java
+++ b/engine/schema/src/test/java/com/cloud/storage/dao/VMTemplateDaoImplTest.java
@@ -31,6 +31,7 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
+import org.junit.Assert;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.mockito.InjectMocks;
@@ -186,4 +187,24 @@ public class VMTemplateDaoImplTest {
         VMTemplateVO result = templateDao.findLatestTemplateByTypeAndHypervisorAndArch(hypervisorType, arch, type);
         assertNull(result);
     }
+
+    @Test
+    public void testFindSystemVMReadyTemplate() {
+        Long zoneId = 1L;
+        VMTemplateVO systemVmTemplate1 = mock(VMTemplateVO.class);
+        Mockito.when(systemVmTemplate1.getArch()).thenReturn(CPU.CPUArch.x86);
+        VMTemplateVO systemVmTemplate2 = mock(VMTemplateVO.class);
+        Mockito.when(systemVmTemplate2.getArch()).thenReturn(CPU.CPUArch.x86);
+        VMTemplateVO systemVmTemplate3 = mock(VMTemplateVO.class);
+        Mockito.when(systemVmTemplate3.getArch()).thenReturn(CPU.CPUArch.arm64);
+        Mockito.when(systemVmTemplate3.getHypervisorType()).thenReturn(Hypervisor.HypervisorType.KVM);
+        List<VMTemplateVO> templates = Arrays.asList(systemVmTemplate1, systemVmTemplate2, systemVmTemplate3);
+        Mockito.when(hostDao.listDistinctHypervisorTypes(zoneId)).thenReturn(Arrays.asList(Hypervisor.HypervisorType.KVM));
+        SearchBuilder<VMTemplateVO> sb = mock(SearchBuilder.class);
+        templateDao.readySystemTemplateSearch = sb;
+        when(sb.create()).thenReturn(mock(SearchCriteria.class));
+        doReturn(templates).when(templateDao).listBy(any(SearchCriteria.class), any(Filter.class));
+        VMTemplateVO readyTemplate = templateDao.findSystemVMReadyTemplate(zoneId, Hypervisor.HypervisorType.KVM, CPU.CPUArch.arm64.getType());
+        Assert.assertEquals(CPU.CPUArch.arm64, readyTemplate.getArch());
+    }
 }
diff --git a/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/KubernetesClusterManagerImpl.java b/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/KubernetesClusterManagerImpl.java
index 411e6af883e..d1babb547f8 100644
--- a/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/KubernetesClusterManagerImpl.java
+++ b/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/KubernetesClusterManagerImpl.java
@@ -433,8 +433,14 @@ public class KubernetesClusterManagerImpl extends ManagerBase implements Kuberne
         return null;
     }
 
-    public VMTemplateVO getKubernetesServiceTemplate(DataCenter dataCenter, Hypervisor.HypervisorType hypervisorType) {
-        VMTemplateVO template = templateDao.findSystemVMReadyTemplate(dataCenter.getId(), hypervisorType);
+    public VMTemplateVO getKubernetesServiceTemplate(DataCenter dataCenter, Hypervisor.HypervisorType hypervisorType,
+                                                     KubernetesSupportedVersion clusterKubernetesVersion) {
+        String systemVMPreferredArchitecture = ResourceManager.SystemVmPreferredArchitecture.valueIn(dataCenter.getId());
+        VMTemplateVO cksIso = clusterKubernetesVersion != null ?
+                templateDao.findById(clusterKubernetesVersion.getIsoId()) :
+                null;
+        String preferredArchitecture = getCksClusterPreferredArch(systemVMPreferredArchitecture, cksIso);
+        VMTemplateVO template = templateDao.findSystemVMReadyTemplate(dataCenter.getId(), hypervisorType, preferredArchitecture);
         if (DataCenter.Type.Edge.equals(dataCenter.getType()) && template != null && !template.isDirectDownload()) {
             logger.debug(String.format("Template %s can not be used for edge zone %s", template, dataCenter));
             template = templateDao.findRoutingTemplate(hypervisorType, networkHelper.getHypervisorRouterTemplateConfigMap().get(hypervisorType).valueIn(dataCenter.getId()));
@@ -445,6 +451,14 @@ public class KubernetesClusterManagerImpl extends ManagerBase implements Kuberne
         return  template;
     }
 
+    protected String getCksClusterPreferredArch(String systemVMPreferredArchitecture, VMTemplateVO cksIso) {
+        if (cksIso == null) {
+            return systemVMPreferredArchitecture;
+        }
+        String cksIsoArchName = cksIso.getArch().name();
+        return cksIsoArchName.equals(systemVMPreferredArchitecture) ? systemVMPreferredArchitecture : cksIsoArchName;
+    }
+
     protected void validateIsolatedNetworkIpRules(long ipId, FirewallRule.Purpose purpose, Network network, int clusterTotalNodeCount) {
         List<FirewallRuleVO> rules = firewallRulesDao.listByIpAndPurposeAndNotRevoked(ipId, purpose);
         for (FirewallRuleVO rule : rules) {
@@ -1302,7 +1316,10 @@ public class KubernetesClusterManagerImpl extends ManagerBase implements Kuberne
         }
 
         final Network defaultNetwork = getKubernetesClusterNetworkIfMissing(cmd.getName(), zone, owner, (int)controlNodeCount, (int)clusterSize, cmd.getExternalLoadBalancerIpAddress(), cmd.getNetworkId());
-        final VMTemplateVO finalTemplate = getKubernetesServiceTemplate(zone, deployDestination.getCluster().getHypervisorType());
+        final VMTemplateVO finalTemplate = getKubernetesServiceTemplate(zone, deployDestination.getCluster().getHypervisorType(), clusterKubernetesVersion);
+
+        compareKubernetesIsoArchToSelectedTemplateArch(clusterKubernetesVersion, finalTemplate);
+
         final long cores = serviceOffering.getCpu() * (controlNodeCount + clusterSize);
         final long memory = serviceOffering.getRamSize() * (controlNodeCount + clusterSize);
 
@@ -1331,6 +1348,21 @@ public class KubernetesClusterManagerImpl extends ManagerBase implements Kuberne
         return cluster;
     }
 
+    private void compareKubernetesIsoArchToSelectedTemplateArch(KubernetesSupportedVersion clusterKubernetesVersion, VMTemplateVO finalTemplate) {
+        VMTemplateVO cksIso = templateDao.findById(clusterKubernetesVersion.getIsoId());
+        if (cksIso == null) {
+            String err = String.format("Cannot find Kubernetes ISO associated to the Kubernetes version %s (id=%s)",
+                    clusterKubernetesVersion.getName(), clusterKubernetesVersion.getUuid());
+            throw new CloudRuntimeException(err);
+        }
+        if (!cksIso.getArch().equals(finalTemplate.getArch())) {
+            String err = String.format("The selected Kubernetes ISO %s arch (%s) doesn't match the template %s arch (%s) " +
+                            "to deploy the Kubernetes cluster",
+                    clusterKubernetesVersion.getName(), cksIso.getArch(), finalTemplate.getName(), finalTemplate.getArch());
+            throw new CloudRuntimeException(err);
+        }
+    }
+
     private SecurityGroup getOrCreateSecurityGroupForAccount(Account owner) {
         String securityGroupName = String.format("%s-%s", KubernetesClusterActionWorker.CKS_CLUSTER_SECURITY_GROUP_NAME, owner.getUuid());
         String securityGroupDesc = String.format("%s and account %s", KubernetesClusterActionWorker.CKS_SECURITY_GROUP_DESCRIPTION, owner.getName());
diff --git a/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterActionWorker.java b/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterActionWorker.java
index 29ecde477a4..99c4d4c9c96 100644
--- a/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterActionWorker.java
+++ b/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterActionWorker.java
@@ -29,6 +29,7 @@ import java.util.stream.Collectors;
 
 import javax.inject.Inject;
 
+import com.cloud.kubernetes.version.KubernetesSupportedVersionVO;
 import org.apache.logging.log4j.Level;
 import org.apache.logging.log4j.Logger;
 import org.apache.logging.log4j.LogManager;
@@ -194,7 +195,8 @@ public class KubernetesClusterActionWorker {
         DataCenterVO dataCenterVO = dataCenterDao.findById(zoneId);
         VMTemplateVO template = templateDao.findById(templateId);
         Hypervisor.HypervisorType type = template.getHypervisorType();
-        this.clusterTemplate = manager.getKubernetesServiceTemplate(dataCenterVO, type);
+        KubernetesSupportedVersionVO kubernetesSupportedVersion = kubernetesSupportedVersionDao.findById(this.kubernetesCluster.getKubernetesVersionId());
+        this.clusterTemplate = manager.getKubernetesServiceTemplate(dataCenterVO, type, kubernetesSupportedVersion);
         this.sshKeyFile = getManagementServerSshPublicKeyFile();
     }
 
diff --git a/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterResourceModifierActionWorker.java b/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterResourceModifierActionWorker.java
index 5dfab87dd71..d92d0692ca1 100644
--- a/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterResourceModifierActionWorker.java
+++ b/plugins/integrations/kubernetes-service/src/main/java/com/cloud/kubernetes/cluster/actionworkers/KubernetesClusterResourceModifierActionWorker.java
@@ -250,7 +250,7 @@ public class KubernetesClusterResourceModifierActionWorker extends KubernetesClu
             for (Map.Entry<String, Pair<HostVO, Integer>> hostEntry : hosts_with_resevered_capacity.entrySet()) {
                 Pair<HostVO, Integer> hp = hostEntry.getValue();
                 HostVO h = hp.first();
-                if (!h.getHypervisorType().equals(clusterTemplate.getHypervisorType())) {
+                if (!h.getHypervisorType().equals(clusterTemplate.getHypervisorType()) || !h.getArch().equals(clusterTemplate.getArch())) {
                     continue;
                 }
                 hostDao.loadHostTags(h);
diff --git a/plugins/integrations/kubernetes-service/src/test/java/com/cloud/kubernetes/cluster/KubernetesClusterManagerImplTest.java b/plugins/integrations/kubernetes-service/src/test/java/com/cloud/kubernetes/cluster/KubernetesClusterManagerImplTest.java
index a6d46ffc9aa..287e045a18e 100644
--- a/plugins/integrations/kubernetes-service/src/test/java/com/cloud/kubernetes/cluster/KubernetesClusterManagerImplTest.java
+++ b/plugins/integrations/kubernetes-service/src/test/java/com/cloud/kubernetes/cluster/KubernetesClusterManagerImplTest.java
@@ -21,6 +21,7 @@ package com.cloud.kubernetes.cluster;
 
 import com.cloud.api.query.dao.TemplateJoinDao;
 import com.cloud.api.query.vo.TemplateJoinVO;
+import com.cloud.cpu.CPU;
 import com.cloud.dc.DataCenter;
 import com.cloud.exception.InvalidParameterValueException;
 import com.cloud.exception.PermissionDeniedException;
@@ -292,4 +293,22 @@ public class KubernetesClusterManagerImplTest {
         Mockito.when(kubernetesClusterDao.findById(Mockito.anyLong())).thenReturn(cluster);
         Assert.assertTrue(kubernetesClusterManager.removeVmsFromCluster(cmd).size() > 0);
     }
+
+    @Test
+    public void testGetCksClusterPreferredArchDifferentArchsPreferCKSIsoArch() {
+        String systemVMArch = "x86_64";
+        VMTemplateVO cksIso = Mockito.mock(VMTemplateVO.class);
+        Mockito.when(cksIso.getArch()).thenReturn(CPU.CPUArch.arm64);
+        String cksClusterPreferredArch = kubernetesClusterManager.getCksClusterPreferredArch(systemVMArch, cksIso);
+        Assert.assertEquals(CPU.CPUArch.arm64.name(), cksClusterPreferredArch);
+    }
+
+    @Test
+    public void testGetCksClusterPreferredArchSameArch() {
+        String systemVMArch = "x86_64";
+        VMTemplateVO cksIso = Mockito.mock(VMTemplateVO.class);
+        Mockito.when(cksIso.getArch()).thenReturn(CPU.CPUArch.amd64);
+        String cksClusterPreferredArch = kubernetesClusterManager.getCksClusterPreferredArch(systemVMArch, cksIso);
+        Assert.assertEquals(CPU.CPUArch.amd64.name(), cksClusterPreferredArch);
+    }
 }
diff --git a/plugins/storage/sharedfs/storagevm/src/main/java/org/apache/cloudstack/storage/sharedfs/lifecycle/StorageVmSharedFSLifeCycle.java b/plugins/storage/sharedfs/storagevm/src/main/java/org/apache/cloudstack/storage/sharedfs/lifecycle/StorageVmSharedFSLifeCycle.java
index ed26963cf81..1850c3c218b 100644
--- a/plugins/storage/sharedfs/storagevm/src/main/java/org/apache/cloudstack/storage/sharedfs/lifecycle/StorageVmSharedFSLifeCycle.java
+++ b/plugins/storage/sharedfs/storagevm/src/main/java/org/apache/cloudstack/storage/sharedfs/lifecycle/StorageVmSharedFSLifeCycle.java
@@ -179,10 +179,11 @@ public class StorageVmSharedFSLifeCycle implements SharedFSLifeCycle {
             customParameterMap.put("maxIopsDo", maxIops.toString());
         }
         List<String> keypairs = new ArrayList<String>();
+        String preferredArchitecture = ResourceManager.SystemVmPreferredArchitecture.valueIn(zoneId);
 
         for (final Iterator<Hypervisor.HypervisorType> iter = hypervisors.iterator(); iter.hasNext();) {
             final Hypervisor.HypervisorType hypervisor = iter.next();
-            VMTemplateVO template = templateDao.findSystemVMReadyTemplate(zoneId, hypervisor);
+            VMTemplateVO template = templateDao.findSystemVMReadyTemplate(zoneId, hypervisor, preferredArchitecture);
             if (template == null && !iter.hasNext()) {
                 throw new CloudRuntimeException(String.format("Unable to find the systemvm template for %s or it was not downloaded in %s.", hypervisor.toString(), zone.toString()));
             }
diff --git a/plugins/storage/sharedfs/storagevm/src/test/java/org/apache/cloudstack/storage/sharedfs/lifecycle/StorageVmSharedFSLifeCycleTest.java b/plugins/storage/sharedfs/storagevm/src/test/java/org/apache/cloudstack/storage/sharedfs/lifecycle/StorageVmSharedFSLifeCycleTest.java
index 2cc909ce0d7..bcd9d509a9a 100644
--- a/plugins/storage/sharedfs/storagevm/src/test/java/org/apache/cloudstack/storage/sharedfs/lifecycle/StorageVmSharedFSLifeCycleTest.java
+++ b/plugins/storage/sharedfs/storagevm/src/test/java/org/apache/cloudstack/storage/sharedfs/lifecycle/StorageVmSharedFSLifeCycleTest.java
@@ -236,7 +236,7 @@ public class StorageVmSharedFSLifeCycleTest {
         when(serviceOfferingDao.findById(s_serviceOfferingId)).thenReturn(serviceOffering);
 
         VMTemplateVO template = mock(VMTemplateVO.class);
-        when(templateDao.findSystemVMReadyTemplate(s_zoneId, Hypervisor.HypervisorType.KVM)).thenReturn(template);
+        when(templateDao.findSystemVMReadyTemplate(s_zoneId, Hypervisor.HypervisorType.KVM, ResourceManager.SystemVmPreferredArchitecture.defaultValue())).thenReturn(template);
         when(template.getId()).thenReturn(s_templateId);
 
         return sharedFS;
@@ -303,7 +303,6 @@ public class StorageVmSharedFSLifeCycleTest {
         when(dataCenterDao.findById(s_zoneId)).thenReturn(zone);
         when(resourceMgr.getSupportedHypervisorTypes(s_zoneId, false, null)).thenReturn(List.of(Hypervisor.HypervisorType.KVM));
 
-        when(templateDao.findSystemVMReadyTemplate(s_zoneId, Hypervisor.HypervisorType.KVM)).thenReturn(null);
         lifeCycle.deploySharedFS(sharedFS, s_networkId, s_diskOfferingId, s_size, s_minIops, s_maxIops);
     }
 

From 742e131283a13e68f3c9c9b074f62c43242a0473 Mon Sep 17 00:00:00 2001
From: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
Date: Fri, 1 Aug 2025 17:20:35 +0530
Subject: [PATCH 56/83] Update System VM template Guest OS version (#11291)

---
 .../upgrade/SystemVmTemplateRegistration.java | 63 +++++++++++++++----
 .../SystemVmTemplateRegistrationTest.java     | 10 +--
 engine/schema/templateConfig.sh               | 12 +++-
 3 files changed, 66 insertions(+), 19 deletions(-)

diff --git a/engine/schema/src/main/java/com/cloud/upgrade/SystemVmTemplateRegistration.java b/engine/schema/src/main/java/com/cloud/upgrade/SystemVmTemplateRegistration.java
index e711c564015..26b033c8d79 100644
--- a/engine/schema/src/main/java/com/cloud/upgrade/SystemVmTemplateRegistration.java
+++ b/engine/schema/src/main/java/com/cloud/upgrade/SystemVmTemplateRegistration.java
@@ -64,11 +64,14 @@ import com.cloud.dc.dao.DataCenterDao;
 import com.cloud.dc.dao.DataCenterDaoImpl;
 import com.cloud.hypervisor.Hypervisor;
 import com.cloud.storage.DataStoreRole;
+import com.cloud.storage.GuestOSVO;
 import com.cloud.storage.Storage;
 import com.cloud.storage.Storage.ImageFormat;
 import com.cloud.storage.VMTemplateStorageResourceAssoc;
 import com.cloud.storage.VMTemplateVO;
 import com.cloud.storage.VMTemplateZoneVO;
+import com.cloud.storage.dao.GuestOSDao;
+import com.cloud.storage.dao.GuestOSDaoImpl;
 import com.cloud.storage.dao.VMTemplateDao;
 import com.cloud.storage.dao.VMTemplateDaoImpl;
 import com.cloud.storage.dao.VMTemplateZoneDao;
@@ -102,15 +105,13 @@ public class SystemVmTemplateRegistration {
     private static final String PARTIAL_TEMPLATE_FOLDER = String.format("/template/tmpl/%d/", Account.ACCOUNT_ID_SYSTEM);
     private static final String storageScriptsDir = "scripts/storage/secondary";
     private static final Integer OTHER_LINUX_ID = 99;
-    private static final Integer LINUX_5_ID = 15;
-    private static final Integer LINUX_7_ID = 183;
+    private static Integer LINUX_12_ID = 363;
     private static final Integer SCRIPT_TIMEOUT = 1800000;
     private static final Integer LOCK_WAIT_TIMEOUT = 1200;
     protected static final List<CPU.CPUArch> DOWNLOADABLE_TEMPLATE_ARCH_TYPES = Arrays.asList(
             CPU.CPUArch.arm64
     );
 
-
     public static String CS_MAJOR_VERSION = null;
     public static String CS_TINY_VERSION = null;
 
@@ -132,6 +133,8 @@ public class SystemVmTemplateRegistration {
     ClusterDao clusterDao;
     @Inject
     ConfigurationDao configurationDao;
+    @Inject
+    private GuestOSDao guestOSDao;
 
     private String systemVmTemplateVersion;
 
@@ -147,6 +150,7 @@ public class SystemVmTemplateRegistration {
         imageStoreDetailsDao = new ImageStoreDetailsDaoImpl();
         clusterDao = new ClusterDaoImpl();
         configurationDao = new ConfigurationDaoImpl();
+        guestOSDao = new GuestOSDaoImpl();
         tempDownloadDir = new File(System.getProperty("java.io.tmpdir"));
     }
 
@@ -320,7 +324,7 @@ public class SystemVmTemplateRegistration {
 
     public static final Map<String, MetadataTemplateDetails> NewTemplateMap = new HashMap<>();
 
-    public static final Map<Hypervisor.HypervisorType, String> RouterTemplateConfigurationNames = new HashMap<Hypervisor.HypervisorType, String>() {
+    public static final Map<Hypervisor.HypervisorType, String> RouterTemplateConfigurationNames = new HashMap<>() {
         {
             put(Hypervisor.HypervisorType.KVM, "router.template.kvm");
             put(Hypervisor.HypervisorType.VMware, "router.template.vmware");
@@ -331,14 +335,14 @@ public class SystemVmTemplateRegistration {
         }
     };
 
-    public static final Map<Hypervisor.HypervisorType, Integer> hypervisorGuestOsMap = new HashMap<Hypervisor.HypervisorType, Integer>() {
+    public static Map<Hypervisor.HypervisorType, Integer> hypervisorGuestOsMap = new HashMap<>() {
         {
-            put(Hypervisor.HypervisorType.KVM, LINUX_5_ID);
+            put(Hypervisor.HypervisorType.KVM, LINUX_12_ID);
             put(Hypervisor.HypervisorType.XenServer, OTHER_LINUX_ID);
             put(Hypervisor.HypervisorType.VMware, OTHER_LINUX_ID);
-            put(Hypervisor.HypervisorType.Hyperv, LINUX_5_ID);
-            put(Hypervisor.HypervisorType.LXC, LINUX_5_ID);
-            put(Hypervisor.HypervisorType.Ovm3, LINUX_7_ID);
+            put(Hypervisor.HypervisorType.Hyperv, LINUX_12_ID);
+            put(Hypervisor.HypervisorType.LXC, LINUX_12_ID);
+            put(Hypervisor.HypervisorType.Ovm3, LINUX_12_ID);
         }
     };
 
@@ -595,6 +599,23 @@ public class SystemVmTemplateRegistration {
         vmInstanceDao.updateSystemVmTemplateId(templateId, hypervisorType);
     }
 
+    private void updateSystemVmTemplateGuestOsId() {
+        String systemVmGuestOsName = "Debian GNU/Linux 12 (64-bit)"; // default
+        try {
+            GuestOSVO guestOS = guestOSDao.findOneByDisplayName(systemVmGuestOsName);
+            if (guestOS != null) {
+                LOGGER.debug("Updating SystemVM Template Guest OS [{}] id", systemVmGuestOsName);
+                SystemVmTemplateRegistration.LINUX_12_ID = Math.toIntExact(guestOS.getId());
+                hypervisorGuestOsMap.put(Hypervisor.HypervisorType.KVM, LINUX_12_ID);
+                hypervisorGuestOsMap.put(Hypervisor.HypervisorType.Hyperv, LINUX_12_ID);
+                hypervisorGuestOsMap.put(Hypervisor.HypervisorType.LXC, LINUX_12_ID);
+                hypervisorGuestOsMap.put(Hypervisor.HypervisorType.Ovm3, LINUX_12_ID);
+            }
+        } catch (Exception e) {
+            LOGGER.warn("Couldn't update SystemVM Template Guest OS id, due to {}", e.getMessage());
+        }
+    }
+
     public void updateConfigurationParams(Map<String, String> configParams) {
         for (Map.Entry<String, String> config : configParams.entrySet()) {
             boolean updated = configurationDao.update(config.getKey(), config.getValue());
@@ -813,7 +834,8 @@ public class SystemVmTemplateRegistration {
                     section.get("filename"),
                     section.get("downloadurl"),
                     section.get("checksum"),
-                    hypervisorType.second()));
+                    hypervisorType.second(),
+                    section.get("guestos")));
         }
         Ini.Section defaultSection = ini.get("default");
         return defaultSection.get("version").trim();
@@ -965,6 +987,10 @@ public class SystemVmTemplateRegistration {
     private void updateRegisteredTemplateDetails(Long templateId, MetadataTemplateDetails templateDetails) {
         VMTemplateVO templateVO = vmTemplateDao.findById(templateId);
         templateVO.setTemplateType(Storage.TemplateType.SYSTEM);
+        GuestOSVO guestOS = guestOSDao.findOneByDisplayName(templateDetails.getGuestOs());
+        if (guestOS != null) {
+            templateVO.setGuestOSId(guestOS.getId());
+        }
         boolean updated = vmTemplateDao.update(templateVO.getId(), templateVO);
         if (!updated) {
             String errMsg = String.format("updateSystemVmTemplates:Exception while updating template with id %s to be marked as 'system'", templateId);
@@ -980,9 +1006,13 @@ public class SystemVmTemplateRegistration {
         updateConfigurationParams(configParams);
     }
 
-    private void updateTemplateUrlAndChecksum(VMTemplateVO templateVO, MetadataTemplateDetails templateDetails) {
+    private void updateTemplateUrlChecksumAndGuestOsId(VMTemplateVO templateVO, MetadataTemplateDetails templateDetails) {
         templateVO.setUrl(templateDetails.getUrl());
         templateVO.setChecksum(templateDetails.getChecksum());
+        GuestOSVO guestOS = guestOSDao.findOneByDisplayName(templateDetails.getGuestOs());
+        if (guestOS != null) {
+            templateVO.setGuestOSId(guestOS.getId());
+        }
         boolean updated = vmTemplateDao.update(templateVO.getId(), templateVO);
         if (!updated) {
             String errMsg = String.format("updateSystemVmTemplates:Exception while updating 'url' and 'checksum' for hypervisor type %s", templateDetails.getHypervisorType());
@@ -1020,7 +1050,7 @@ public class SystemVmTemplateRegistration {
                 VMTemplateVO templateVO = vmTemplateDao.findLatestTemplateByTypeAndHypervisorAndArch(
                         templateDetails.getHypervisorType(), templateDetails.getArch(), Storage.TemplateType.SYSTEM);
                 if (templateVO != null) {
-                    updateTemplateUrlAndChecksum(templateVO, templateDetails);
+                    updateTemplateUrlChecksumAndGuestOsId(templateVO, templateDetails);
                 }
             }
         }
@@ -1029,6 +1059,7 @@ public class SystemVmTemplateRegistration {
 
     public void updateSystemVmTemplates(final Connection conn) {
         LOGGER.debug("Updating System Vm template IDs");
+        updateSystemVmTemplateGuestOsId();
         Transaction.execute(new TransactionCallbackNoReturn() {
             @Override
             public void doInTransactionWithoutResult(final TransactionStatus status) {
@@ -1076,15 +1107,17 @@ public class SystemVmTemplateRegistration {
         private final String checksum;
         private final CPU.CPUArch arch;
         private String downloadedFilePath;
+        private final String guestOs;
 
         MetadataTemplateDetails(Hypervisor.HypervisorType hypervisorType, String name, String filename, String url,
-                                String checksum, CPU.CPUArch arch) {
+                                String checksum, CPU.CPUArch arch, String guestOs) {
             this.hypervisorType = hypervisorType;
             this.name = name;
             this.filename = filename;
             this.url = url;
             this.checksum = checksum;
             this.arch = arch;
+            this.guestOs = guestOs;
         }
 
         public Hypervisor.HypervisorType getHypervisorType() {
@@ -1111,6 +1144,10 @@ public class SystemVmTemplateRegistration {
             return arch;
         }
 
+        public String getGuestOs() {
+            return guestOs;
+        }
+
         public String getDownloadedFilePath() {
             return downloadedFilePath;
         }
diff --git a/engine/schema/src/test/java/com/cloud/upgrade/SystemVmTemplateRegistrationTest.java b/engine/schema/src/test/java/com/cloud/upgrade/SystemVmTemplateRegistrationTest.java
index 27656fd33b0..6573a5565f3 100644
--- a/engine/schema/src/test/java/com/cloud/upgrade/SystemVmTemplateRegistrationTest.java
+++ b/engine/schema/src/test/java/com/cloud/upgrade/SystemVmTemplateRegistrationTest.java
@@ -192,7 +192,7 @@ public class SystemVmTemplateRegistrationTest {
     public void testValidateTemplateFile_fileNotFound() {
         SystemVmTemplateRegistration.MetadataTemplateDetails details =
                 new SystemVmTemplateRegistration.MetadataTemplateDetails(Hypervisor.HypervisorType.KVM,
-                        "name", "file", "url", "checksum", CPU.CPUArch.amd64);
+                        "name", "file", "url", "checksum", CPU.CPUArch.amd64, "guestos");
         SystemVmTemplateRegistration.NewTemplateMap.put(SystemVmTemplateRegistration.getHypervisorArchKey(
                 details.getHypervisorType(), details.getArch()), details);
         doReturn(null).when(systemVmTemplateRegistration).getTemplateFile(details);
@@ -209,7 +209,7 @@ public class SystemVmTemplateRegistrationTest {
     public void testValidateTemplateFile_checksumMismatch() {
         SystemVmTemplateRegistration.MetadataTemplateDetails details =
                 new SystemVmTemplateRegistration.MetadataTemplateDetails(Hypervisor.HypervisorType.KVM,
-                        "name", "file", "url", "checksum", CPU.CPUArch.amd64);
+                        "name", "file", "url", "checksum", CPU.CPUArch.amd64, "guestos");
         File dummyFile = new File("dummy.txt");
         SystemVmTemplateRegistration.NewTemplateMap.put(SystemVmTemplateRegistration.getHypervisorArchKey(
                 details.getHypervisorType(), details.getArch()), details);
@@ -228,7 +228,7 @@ public class SystemVmTemplateRegistrationTest {
     public void testValidateTemplateFile_success() {
         SystemVmTemplateRegistration.MetadataTemplateDetails details =
                 new SystemVmTemplateRegistration.MetadataTemplateDetails(Hypervisor.HypervisorType.KVM,
-                        "name", "file", "url", "checksum", CPU.CPUArch.amd64);
+                        "name", "file", "url", "checksum", CPU.CPUArch.amd64, "guestos");
         File dummyFile = new File("dummy.txt");
         SystemVmTemplateRegistration.NewTemplateMap.put(SystemVmTemplateRegistration.getHypervisorArchKey(
                 details.getHypervisorType(), details.getArch()), details);
@@ -285,7 +285,7 @@ public class SystemVmTemplateRegistrationTest {
         SystemVmTemplateRegistration.MetadataTemplateDetails details =
                 new SystemVmTemplateRegistration.MetadataTemplateDetails(Hypervisor.HypervisorType.KVM,
                         "name", "nonexistent.qcow2", "http://example.com/file.qcow2",
-                        "", CPU.CPUArch.arm64);
+                        "", CPU.CPUArch.arm64, "guestos");
         try (MockedStatic<Files> filesMock = Mockito.mockStatic(Files.class);
              MockedStatic<HttpUtils> httpMock = Mockito.mockStatic(HttpUtils.class)) {
             filesMock.when(() -> Files.isWritable(any(Path.class))).thenReturn(true);
@@ -301,7 +301,7 @@ public class SystemVmTemplateRegistrationTest {
         SystemVmTemplateRegistration.MetadataTemplateDetails details =
                 new SystemVmTemplateRegistration.MetadataTemplateDetails(Hypervisor.HypervisorType.KVM,
                         "name", "file.qcow2", "http://example.com/file.qcow2",
-                        "", CPU.CPUArch.arm64);
+                        "", CPU.CPUArch.arm64, "guestos");
         try (MockedStatic<Files> filesMock = Mockito.mockStatic(Files.class);
              MockedStatic<HttpUtils> httpMock = Mockito.mockStatic(HttpUtils.class)) {
             filesMock.when(() -> Files.isWritable(any(Path.class))).thenReturn(false);
diff --git a/engine/schema/templateConfig.sh b/engine/schema/templateConfig.sh
index bed51a48a8f..d10b8668b12 100644
--- a/engine/schema/templateConfig.sh
+++ b/engine/schema/templateConfig.sh
@@ -42,6 +42,15 @@ function getGenericName() {
   fi
 }
 
+function getGuestOS() {
+  hypervisor=$(echo "$1" | tr "[:upper:]" "[:lower:]")
+  if [[ "$hypervisor" == "vmware" || "$hypervisor" == "xenserver" ]]; then
+    echo "Other Linux (64-bit)"
+  else
+    echo "Debian GNU/Linux 12 (64-bit)"
+  fi
+}
+
 function getChecksum() {
   local fileData="$1"
   local hvName=$2
@@ -60,13 +69,14 @@ function createMetadataFile() {
     section="${template%%:*}"
     sectionHv="${section%%-*}"
     hvName=$(getGenericName $sectionHv)
+    guestos=$(getGuestOS $sectionHv)
 
     downloadurl="${template#*:}"
     arch=$(echo ${downloadurl#*"/systemvmtemplate-$VERSION-"} | cut -d'-' -f 1)
     templatename="systemvm-${sectionHv%.*}-${VERSION}-${arch}"
     checksum=$(getChecksum "$fileData" "$VERSION-${arch}-$hvName")
     filename=$(echo ${downloadurl##*'/'})
-    echo -e "["$section"]\ntemplatename = $templatename\nchecksum = $checksum\ndownloadurl = $downloadurl\nfilename = $filename\narch = $arch\n" >> $METADATAFILE
+    echo -e "["$section"]\ntemplatename = $templatename\nchecksum = $checksum\ndownloadurl = $downloadurl\nfilename = $filename\narch = $arch\nguestos = $guestos\n" >> $METADATAFILE
   done
 }
 

From 1bfebd550ce9e20fc5c7823c230f1c1ef3a6b118 Mon Sep 17 00:00:00 2001
From: Abhishek Kumar <abhishek.mrt22@gmail.com>
Date: Fri, 1 Aug 2025 17:41:02 +0530
Subject: [PATCH 57/83] ui: update project menu on projects change (#11369)

Fixes #11357

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
---
 ui/src/components/header/ProjectMenu.vue | 10 ++++++++--
 ui/src/views/AutogenView.vue             |  3 +++
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/ui/src/components/header/ProjectMenu.vue b/ui/src/components/header/ProjectMenu.vue
index 590a8a2fbd0..32a77723825 100644
--- a/ui/src/components/header/ProjectMenu.vue
+++ b/ui/src/components/header/ProjectMenu.vue
@@ -33,6 +33,7 @@
 
 <script>
 import InfiniteScrollSelect from '@/components/widgets/InfiniteScrollSelect'
+import eventBus from '@/config/eventBus'
 
 export default {
   name: 'ProjectMenu',
@@ -42,7 +43,8 @@ export default {
   data () {
     return {
       selectedProjectId: null,
-      loading: false
+      loading: false,
+      timestamp: new Date().getTime()
     }
   },
   created () {
@@ -59,7 +61,8 @@ export default {
     projectsApiParams () {
       return {
         details: 'min',
-        listall: true
+        listall: true,
+        timestamp: this.timestamp
       }
     }
   },
@@ -70,6 +73,9 @@ export default {
         this.selectedProjectId = newId
       }
     )
+    eventBus.on('projects-updated', (args) => {
+      this.timestamp = new Date().getTime()
+    })
   },
   beforeUnmount () {
     if (this.unwatchProject) {
diff --git a/ui/src/views/AutogenView.vue b/ui/src/views/AutogenView.vue
index 74fae8cada4..4c9983013b7 100644
--- a/ui/src/views/AutogenView.vue
+++ b/ui/src/views/AutogenView.vue
@@ -1372,6 +1372,9 @@ export default {
             if ('successMethod' in action) {
               action.successMethod(this, result)
             }
+            if (['createProject', 'updateProject', 'deleteProject'].includes(action.api)) {
+              eventBus.emit('projects-updated', { action: action.api, project: this.resource })
+            }
             resolve(true)
           },
           errorMethod: () => {

From 58484fb44dd1a1d0c1abb94fabb35531d83d888b Mon Sep 17 00:00:00 2001
From: Rohit Yadav <rohit.yadav@shapeblue.com>
Date: Sat, 2 Aug 2025 22:37:03 +0530
Subject: [PATCH 58/83] cloud.spec: provide option between tzdata-java and
 timezone-java (#11372)

This fixes packaging issue where CloudStack rpms cannot find tzdata-java
on openSUSE/SLES platforms.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
---
 packaging/el8/cloud.spec | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packaging/el8/cloud.spec b/packaging/el8/cloud.spec
index 22fede6fb85..1e862ba0dc0 100644
--- a/packaging/el8/cloud.spec
+++ b/packaging/el8/cloud.spec
@@ -102,7 +102,7 @@ The Apache CloudStack files shared between agent and management server
 Summary: CloudStack Agent for KVM hypervisors
 Requires: (openssh-clients or openssh)
 Requires: java-17-openjdk
-Requires: tzdata-java
+Requires: (tzdata-java or timezone-java)
 Requires: %{name}-common = %{_ver}
 Requires: libvirt
 Requires: libvirt-daemon-driver-storage-rbd
@@ -143,7 +143,7 @@ The CloudStack baremetal agent
 %package usage
 Summary: CloudStack Usage calculation server
 Requires: java-17-openjdk
-Requires: tzdata-java
+Requires: (tzdata-java or timezone-java)
 Group: System Environment/Libraries
 %description usage
 The CloudStack usage calculation service

From 3134efb971da306bab87f2bee3686e308454c534 Mon Sep 17 00:00:00 2001
From: Abhishek Kumar <abhishek.mrt22@gmail.com>
Date: Mon, 4 Aug 2025 16:21:20 +0530
Subject: [PATCH 59/83] plugin-swift: handle null cache store (#11380)

Fixes https://github.com/apache/cloudstack/pull/11315#pullrequestreview-3074036751

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
---
 .../driver/SwiftImageStoreDriverImpl.java       | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/plugins/storage/image/swift/src/main/java/org/apache/cloudstack/storage/datastore/driver/SwiftImageStoreDriverImpl.java b/plugins/storage/image/swift/src/main/java/org/apache/cloudstack/storage/datastore/driver/SwiftImageStoreDriverImpl.java
index 7e1486214bc..44f321f9543 100644
--- a/plugins/storage/image/swift/src/main/java/org/apache/cloudstack/storage/datastore/driver/SwiftImageStoreDriverImpl.java
+++ b/plugins/storage/image/swift/src/main/java/org/apache/cloudstack/storage/datastore/driver/SwiftImageStoreDriverImpl.java
@@ -24,11 +24,6 @@ import java.util.UUID;
 
 import javax.inject.Inject;
 
-import com.cloud.configuration.Config;
-import com.cloud.utils.SwiftUtil;
-import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
-import org.apache.log4j.Logger;
-
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.engine.subsystem.api.storage.CreateCmdResult;
 import org.apache.cloudstack.engine.subsystem.api.storage.DataObject;
@@ -38,18 +33,21 @@ import org.apache.cloudstack.engine.subsystem.api.storage.EndPointSelector;
 import org.apache.cloudstack.engine.subsystem.api.storage.StorageCacheManager;
 import org.apache.cloudstack.framework.async.AsyncCallbackDispatcher;
 import org.apache.cloudstack.framework.async.AsyncCompletionCallback;
+import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
 import org.apache.cloudstack.storage.command.DownloadCommand;
 import org.apache.cloudstack.storage.datastore.db.ImageStoreDetailsDao;
 import org.apache.cloudstack.storage.image.BaseImageStoreDriverImpl;
 import org.apache.cloudstack.storage.image.store.ImageStoreImpl;
 import org.apache.cloudstack.storage.to.TemplateObjectTO;
+import org.apache.log4j.Logger;
 
 import com.cloud.agent.api.storage.DownloadAnswer;
 import com.cloud.agent.api.to.DataObjectType;
 import com.cloud.agent.api.to.DataStoreTO;
 import com.cloud.agent.api.to.SwiftTO;
+import com.cloud.configuration.Config;
 import com.cloud.storage.Storage.ImageFormat;
-import com.cloud.template.VirtualMachineTemplate;
+import com.cloud.utils.SwiftUtil;
 import com.cloud.utils.exception.CloudRuntimeException;
 
 public class SwiftImageStoreDriverImpl extends BaseImageStoreDriverImpl {
@@ -101,8 +99,13 @@ public class SwiftImageStoreDriverImpl extends BaseImageStoreDriverImpl {
     @Override
     public void createAsync(DataStore dataStore, DataObject data, AsyncCompletionCallback<CreateCmdResult> callback) {
         Long maxTemplateSizeInBytes = getMaxTemplateSizeInBytes();
-        VirtualMachineTemplate tmpl = _templateDao.findById(data.getId());
         DataStore cacheStore = cacheManager.getCacheStorage(dataStore.getScope());
+        if (cacheStore == null) {
+            String errMsg = String.format("No cache store found for scope: %s",
+                    dataStore.getScope().getScopeType().name());
+            s_logger.error(errMsg);
+            throw new CloudRuntimeException(errMsg);
+        }
         DownloadCommand dcmd = new DownloadCommand((TemplateObjectTO)(data.getTO()), maxTemplateSizeInBytes);
         dcmd.setCacheStore(cacheStore.getTO());
         dcmd.setProxy(getHttpProxy());

From a0fd37f4955795742110a1015dfc3b0cf01694d1 Mon Sep 17 00:00:00 2001
From: Abhishek Kumar <abhishek.mrt22@gmail.com>
Date: Mon, 4 Aug 2025 16:21:58 +0530
Subject: [PATCH 60/83] ui: pass validated storagepolicy for swift store
 (#11315)

Fixes #9789

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
---
 ui/src/views/infra/AddSecondaryStorage.vue | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/ui/src/views/infra/AddSecondaryStorage.vue b/ui/src/views/infra/AddSecondaryStorage.vue
index 4adc4e9a1d6..746af5b959d 100644
--- a/ui/src/views/infra/AddSecondaryStorage.vue
+++ b/ui/src/views/infra/AddSecondaryStorage.vue
@@ -295,8 +295,10 @@ export default {
           const swiftParams = {
             account: values.account,
             username: values.username,
-            key: values.key,
-            storagepolicy: values.storagepolicy
+            key: values.key
+          }
+          if (values.storagepolicy) {
+            swiftParams.storagepolicy = values.storagepolicy
           }
           Object.keys(swiftParams).forEach((key, index) => {
             data['details[' + index.toString() + '].key'] = key

From 626f3de69ad332bb89c21b0bc2a220d975a1dcba Mon Sep 17 00:00:00 2001
From: Abhisar Sinha <63767682+abh1sar@users.noreply.github.com>
Date: Mon, 4 Aug 2025 16:26:37 +0530
Subject: [PATCH 61/83] Handle project delete in detailsview. (#11197)

---
 .../admin/acl/project/ListProjectRolesCmd.java       |  2 +-
 ui/src/views/project/AccountsTab.vue                 | 12 +-----------
 ui/src/views/project/iam/ProjectRoleTab.vue          | 12 +-----------
 3 files changed, 3 insertions(+), 23 deletions(-)

diff --git a/api/src/main/java/org/apache/cloudstack/api/command/admin/acl/project/ListProjectRolesCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/admin/acl/project/ListProjectRolesCmd.java
index e876dbc9b58..dedbb410ea5 100644
--- a/api/src/main/java/org/apache/cloudstack/api/command/admin/acl/project/ListProjectRolesCmd.java
+++ b/api/src/main/java/org/apache/cloudstack/api/command/admin/acl/project/ListProjectRolesCmd.java
@@ -72,7 +72,7 @@ public class ListProjectRolesCmd extends BaseListCmd {
 
     @Override
     public void execute() {
-        List<ProjectRole> projectRoles;
+        List<ProjectRole> projectRoles = new ArrayList<>();
         if (getProjectId() != null && getProjectRoleId() != null) {
             projectRoles = Collections.singletonList(projRoleService.findProjectRole(getProjectRoleId(), getProjectId()));
         } else if (StringUtils.isNotBlank(getRoleName())) {
diff --git a/ui/src/views/project/AccountsTab.vue b/ui/src/views/project/AccountsTab.vue
index 8c7282b988b..ca56b8977ae 100644
--- a/ui/src/views/project/AccountsTab.vue
+++ b/ui/src/views/project/AccountsTab.vue
@@ -157,17 +157,6 @@ export default {
     this.fetchData()
   },
   inject: ['parentFetchData'],
-  watch: {
-    resource: {
-      deep: true,
-      handler (newItem) {
-        if (!newItem || !newItem.id) {
-          return
-        }
-        this.fetchData()
-      }
-    }
-  },
   methods: {
     fetchData () {
       const params = {}
@@ -175,6 +164,7 @@ export default {
       params.page = this.page
       params.pageSize = this.pageSize
       this.updateProjectApi = this.$store.getters.apis.updateProject
+      if (!this.resource.id) return
       this.fetchUsers()
       this.fetchProjectAccounts(params)
       if (this.isProjectRolesSupported()) {
diff --git a/ui/src/views/project/iam/ProjectRoleTab.vue b/ui/src/views/project/iam/ProjectRoleTab.vue
index a0768db3164..98d542f88a2 100644
--- a/ui/src/views/project/iam/ProjectRoleTab.vue
+++ b/ui/src/views/project/iam/ProjectRoleTab.vue
@@ -173,17 +173,6 @@ export default {
   mounted () {
     this.fetchData()
   },
-  watch: {
-    resource: {
-      deep: true,
-      handler (newItem) {
-        if (!newItem || !newItem.id) {
-          return
-        }
-        this.fetchData()
-      }
-    }
-  },
   methods: {
     initForm () {
       this.formRef = ref()
@@ -192,6 +181,7 @@ export default {
     },
     fetchData () {
       this.loading = true
+      if (!this.resource.id) return
       api('listProjectRoles', { projectid: this.resource.id }).then(json => {
         const projectRoles = json.listprojectrolesresponse.projectrole
         if (!projectRoles || projectRoles.length === 0) {

From de5188e50c8cbeb66a3ddada0c709412a566de4f Mon Sep 17 00:00:00 2001
From: Eduardo Vieira <eduardovra@gmail.com>
Date: Mon, 4 Aug 2025 08:03:30 -0300
Subject: [PATCH 62/83] fix storage pool capacity threshold flag (#11366)

---
 .../java/org/apache/cloudstack/metrics/MetricsServiceImpl.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugins/metrics/src/main/java/org/apache/cloudstack/metrics/MetricsServiceImpl.java b/plugins/metrics/src/main/java/org/apache/cloudstack/metrics/MetricsServiceImpl.java
index 86bf2e3e351..42a2fa815e9 100644
--- a/plugins/metrics/src/main/java/org/apache/cloudstack/metrics/MetricsServiceImpl.java
+++ b/plugins/metrics/src/main/java/org/apache/cloudstack/metrics/MetricsServiceImpl.java
@@ -657,7 +657,7 @@ public class MetricsServiceImpl extends MutualExclusiveIdsManagerBase implements
             metricsResponse.setStorageUsedThreshold(poolResponse.getDiskSizeTotal(), poolResponse.getDiskSizeUsed(), poolResponse.getOverProvisionFactor(), storageThreshold);
             metricsResponse.setStorageUsedDisableThreshold(poolResponse.getDiskSizeTotal(), poolResponse.getDiskSizeUsed(), poolResponse.getOverProvisionFactor(), storageDisableThreshold);
             metricsResponse.setStorageAllocatedThreshold(poolResponse.getDiskSizeTotal(), poolResponse.getDiskSizeAllocated(), poolResponse.getOverProvisionFactor(), storageThreshold);
-            metricsResponse.setStorageAllocatedDisableThreshold(poolResponse.getDiskSizeTotal(), poolResponse.getDiskSizeUsed(), poolResponse.getOverProvisionFactor(), storageDisableThreshold);
+            metricsResponse.setStorageAllocatedDisableThreshold(poolResponse.getDiskSizeTotal(), poolResponse.getDiskSizeAllocated(), poolResponse.getOverProvisionFactor(), storageDisableThreshold);
             metricsResponses.add(metricsResponse);
         }
         return metricsResponses;

From cda3640be1590da60ecd3e1bd11a9899ca655416 Mon Sep 17 00:00:00 2001
From: Abhishek Kumar <abhishek.mrt22@gmail.com>
Date: Mon, 4 Aug 2025 16:37:32 +0530
Subject: [PATCH 63/83] juniper-contrail: publish events only for the module
 (#11373)

* juniper-contrail: publish events only for the module

This plugin has an ActionEventInterceptor of its own and currently it
intercepts all action events which is incorrect as all action events are
already handled by com.cloud.event.ActionEventInterceptor.
This PR limits publishing events on event bus by plugin's interceptor
only in case the event is from the same module.

Existing behaviour was causing warnings in Webhook service as event
account was missing.

2025-07-31 19:18:59,391 WARN  [o.a.c.m.w.WebhookServiceImpl] ... to any webhook as account ID is missing

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
---
 .../network/contrail/management/EventUtils.java       | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/plugins/network-elements/juniper-contrail/src/main/java/org/apache/cloudstack/network/contrail/management/EventUtils.java b/plugins/network-elements/juniper-contrail/src/main/java/org/apache/cloudstack/network/contrail/management/EventUtils.java
index d47bf6eceeb..338caca1fbe 100644
--- a/plugins/network-elements/juniper-contrail/src/main/java/org/apache/cloudstack/network/contrail/management/EventUtils.java
+++ b/plugins/network-elements/juniper-contrail/src/main/java/org/apache/cloudstack/network/contrail/management/EventUtils.java
@@ -48,6 +48,10 @@ public class EventUtils {
 
     private static EventDistributor eventDistributor;
 
+    private static final String MODULE_TOP_LEVEL_PACKAGE =
+            EventUtils.class.getPackage().getName().substring(0,
+                    EventUtils.class.getPackage().getName().lastIndexOf('.'));
+
     public EventUtils() {
     }
 
@@ -143,6 +147,13 @@ public class EventUtils {
         @Override
         public void interceptComplete(Method method, Object target, Object event) {
             ActionEvent actionEvent = method.getAnnotation(ActionEvent.class);
+            boolean sameModule = false;
+            if (target != null && target.getClass().getPackage() != null) {
+                sameModule = target.getClass().getPackage().getName().startsWith(MODULE_TOP_LEVEL_PACKAGE);
+            }
+            if (!sameModule) {
+                return;
+            }
             if (actionEvent != null) {
                 CallContext ctx = CallContext.current();
                 if (!actionEvent.create()) {

From a2d35c8ac21083c7990273e38f3d2c9fcf10298c Mon Sep 17 00:00:00 2001
From: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
Date: Mon, 4 Aug 2025 17:49:38 +0530
Subject: [PATCH 64/83] Fix imports

---
 .../storage/datastore/driver/SwiftImageStoreDriverImpl.java   | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/plugins/storage/image/swift/src/main/java/org/apache/cloudstack/storage/datastore/driver/SwiftImageStoreDriverImpl.java b/plugins/storage/image/swift/src/main/java/org/apache/cloudstack/storage/datastore/driver/SwiftImageStoreDriverImpl.java
index 4bed0780e20..61ff57fd058 100644
--- a/plugins/storage/image/swift/src/main/java/org/apache/cloudstack/storage/datastore/driver/SwiftImageStoreDriverImpl.java
+++ b/plugins/storage/image/swift/src/main/java/org/apache/cloudstack/storage/datastore/driver/SwiftImageStoreDriverImpl.java
@@ -24,9 +24,6 @@ import java.util.UUID;
 
 import javax.inject.Inject;
 
-import com.cloud.configuration.Config;
-import com.cloud.utils.SwiftUtil;
-
 import org.apache.cloudstack.api.ApiConstants;
 import org.apache.cloudstack.engine.subsystem.api.storage.CreateCmdResult;
 import org.apache.cloudstack.engine.subsystem.api.storage.DataObject;
@@ -42,7 +39,6 @@ import org.apache.cloudstack.storage.datastore.db.ImageStoreDetailsDao;
 import org.apache.cloudstack.storage.image.BaseImageStoreDriverImpl;
 import org.apache.cloudstack.storage.image.store.ImageStoreImpl;
 import org.apache.cloudstack.storage.to.TemplateObjectTO;
-import org.apache.log4j.Logger;
 
 import com.cloud.agent.api.storage.DownloadAnswer;
 import com.cloud.agent.api.to.DataObjectType;

From 53bc435bdb1410e1780a4942f40ca6d9833c2751 Mon Sep 17 00:00:00 2001
From: Harikrishna <harikrishna.patnala@gmail.com>
Date: Mon, 4 Aug 2025 18:11:47 +0530
Subject: [PATCH 65/83] Fix create statement for safer upgrades (#11388)

---
 .../src/main/resources/META-INF/db/schema-41910to42000.sql      | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/engine/schema/src/main/resources/META-INF/db/schema-41910to42000.sql b/engine/schema/src/main/resources/META-INF/db/schema-41910to42000.sql
index c36b71c2f25..eec4ac3f028 100644
--- a/engine/schema/src/main/resources/META-INF/db/schema-41910to42000.sql
+++ b/engine/schema/src/main/resources/META-INF/db/schema-41910to42000.sql
@@ -55,7 +55,7 @@ UPDATE `cloud`.`service_offering` SET ram_size = 512 WHERE unique_name IN ("Clou
                                                        AND system_use = 1 AND ram_size < 512;
 
 -- NSX Plugin --
-CREATE TABLE `cloud`.`nsx_providers` (
+CREATE TABLE IF NOT EXISTS `cloud`.`nsx_providers` (
                                          `id` bigint unsigned NOT NULL auto_increment COMMENT 'id',
                                          `uuid` varchar(40),
                                          `zone_id` bigint unsigned NOT NULL COMMENT 'Zone ID',

From b9864cb1e1c879e7ff98f71f7dd4a473bed1513f Mon Sep 17 00:00:00 2001
From: Wei Zhou <weizhou@apache.org>
Date: Wed, 6 Aug 2025 05:14:40 +0200
Subject: [PATCH 66/83] server: fix vm deployment without networkid in a zone
 with shared networks (#11242)

---
 server/src/main/java/com/cloud/network/NetworkModelImpl.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server/src/main/java/com/cloud/network/NetworkModelImpl.java b/server/src/main/java/com/cloud/network/NetworkModelImpl.java
index 2f904a3275f..f2fc95a0998 100644
--- a/server/src/main/java/com/cloud/network/NetworkModelImpl.java
+++ b/server/src/main/java/com/cloud/network/NetworkModelImpl.java
@@ -797,7 +797,7 @@ public class NetworkModelImpl extends ManagerBase implements NetworkModel, Confi
         NetworkVO ret_network = null;
         for (NetworkVO nw : networks) {
             try {
-                checkAccountNetworkPermissions(account, nw);
+                checkNetworkPermissions(account, nw);
             } catch (PermissionDeniedException e) {
                 continue;
             }

From 78e146278b332bf1ac11d3b2324e0e65debc1e18 Mon Sep 17 00:00:00 2001
From: Wei Zhou <weizhou@apache.org>
Date: Fri, 8 Aug 2025 12:36:18 +0200
Subject: [PATCH 67/83] api: fix scale or upgrade systemvm (#11062)

---
 .../cloudstack/api/command/admin/systemvm/ScaleSystemVMCmd.java | 2 +-
 .../api/command/admin/systemvm/UpgradeSystemVMCmd.java          | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/api/src/main/java/org/apache/cloudstack/api/command/admin/systemvm/ScaleSystemVMCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/admin/systemvm/ScaleSystemVMCmd.java
index f694988efa0..264806f0350 100644
--- a/api/src/main/java/org/apache/cloudstack/api/command/admin/systemvm/ScaleSystemVMCmd.java
+++ b/api/src/main/java/org/apache/cloudstack/api/command/admin/systemvm/ScaleSystemVMCmd.java
@@ -76,7 +76,7 @@ public class ScaleSystemVMCmd extends BaseAsyncCmd {
     }
 
     public Map<String, String> getDetails() {
-        return details;
+        return convertDetailsToMap(details);
     }
 
     /////////////////////////////////////////////////////
diff --git a/api/src/main/java/org/apache/cloudstack/api/command/admin/systemvm/UpgradeSystemVMCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/admin/systemvm/UpgradeSystemVMCmd.java
index 12f80f32b06..95d9ab562bf 100644
--- a/api/src/main/java/org/apache/cloudstack/api/command/admin/systemvm/UpgradeSystemVMCmd.java
+++ b/api/src/main/java/org/apache/cloudstack/api/command/admin/systemvm/UpgradeSystemVMCmd.java
@@ -70,7 +70,7 @@ public class UpgradeSystemVMCmd extends BaseCmd {
     }
 
     public Map<String, String> getDetails() {
-        return details;
+        return convertDetailsToMap(details);
     }
 
     /////////////////////////////////////////////////////

From f5b4858012b41993f97b3a762397b5b7e6e0de3e Mon Sep 17 00:00:00 2001
From: Abhishek Kumar <abhishek.mrt22@gmail.com>
Date: Mon, 11 Aug 2025 20:41:57 +0530
Subject: [PATCH 68/83] ui: make vpc cidr required when not showing cidrsize
 (#11393)

Fixes #11391

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
---
 ui/src/views/network/CreateVpc.vue | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/ui/src/views/network/CreateVpc.vue b/ui/src/views/network/CreateVpc.vue
index d239d04e143..272d989124e 100644
--- a/ui/src/views/network/CreateVpc.vue
+++ b/ui/src/views/network/CreateVpc.vue
@@ -72,7 +72,7 @@
             :placeholder="apiParams.cidr.description"/>
         </a-form-item>
         <a-form-item
-          v-if="selectedVpcOffering && selectedVpcOffering.networkmode === 'ROUTED'"
+          v-if="selectedVpcOfferingHavingRoutedNetworkMode"
           ref="cidrsize"
           name="cidrsize">
           <template #label>
@@ -267,6 +267,9 @@ export default {
         return sourcenatService && sourcenatService.length === 1
       }
       return false
+    },
+    selectedVpcOfferingHavingRoutedNetworkMode () {
+      return this.selectedVpcOffering && this.selectedVpcOffering.networkmode === 'ROUTED'
     }
   },
   methods: {
@@ -388,6 +391,7 @@ export default {
     handleVpcOfferingChange (value) {
       this.selectedVpcOffering = {}
       if (!value) {
+        this.updateCidrRule()
         return
       }
       for (var offering of this.vpcOfferings) {
@@ -397,9 +401,17 @@ export default {
           if (this.isASNumberRequired()) {
             this.fetchZoneASNumbers()
           }
-          return
+          break
         }
       }
+      this.updateCidrRule()
+    },
+    updateCidrRule () {
+      if (!this.selectedVpcOfferingHavingRoutedNetworkMode) {
+        this.rules.cidr = [{ required: true, message: this.$t('message.error.required.input') }]
+      } else {
+        delete this.rules.cidr
+      }
     },
     handleASNumberChange (selectedIndex) {
       this.selectedAsNumber = this.asNumbersZone[selectedIndex].asnumber

From d4bd5872313a795d4f97113dcc91a6cc732ebac3 Mon Sep 17 00:00:00 2001
From: Wei Zhou <weizhou@apache.org>
Date: Fri, 15 Aug 2025 12:55:15 +0200
Subject: [PATCH 69/83] UI: fix addHost in zone wizard (#11401)

---
 ui/src/views/infra/zone/ZoneWizardLaunchZone.vue | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/ui/src/views/infra/zone/ZoneWizardLaunchZone.vue b/ui/src/views/infra/zone/ZoneWizardLaunchZone.vue
index 2467c52be38..83f116c2051 100644
--- a/ui/src/views/infra/zone/ZoneWizardLaunchZone.vue
+++ b/ui/src/views/infra/zone/ZoneWizardLaunchZone.vue
@@ -2082,7 +2082,11 @@ export default {
           resolve(result)
         }).catch(error => {
           message = error.response.headers['x-description']
-          reject(message)
+          if (message.includes('is already in the database')) {
+            resolve()
+          } else {
+            reject(message)
+          }
         })
       })
     },
@@ -2094,11 +2098,7 @@ export default {
           resolve()
         }).catch(error => {
           message = error.response.headers['x-description']
-          if (message.includes('is already in the database')) {
-            resolve()
-          } else {
-            reject(message)
-          }
+          reject(message)
         })
       })
     },

From 25f93b1d6b83acbdd14ba942c2f4086e9fdfd888 Mon Sep 17 00:00:00 2001
From: Rene Peinthor <rene.peinthor@linbit.com>
Date: Fri, 15 Aug 2025 15:50:39 +0200
Subject: [PATCH 70/83] linstor: fix getVolumeStats if multiple Linstor primary
 storages are used (#11397)

We didn't account for caching the volume stats for each used Linstor
cluster, so the first asked Linstor cluster would prevent caching
for all the others and so null was returned.

Now we have invalidate counters for each Linstor cluster and
also store the cache result with the Linstor cluster address prefixed.
---
 plugins/storage/volume/linstor/CHANGELOG.md   |  6 ++++
 .../LinstorPrimaryDataStoreDriverImpl.java    | 30 +++++++++++--------
 2 files changed, 24 insertions(+), 12 deletions(-)

diff --git a/plugins/storage/volume/linstor/CHANGELOG.md b/plugins/storage/volume/linstor/CHANGELOG.md
index a96b7c75b2b..c0991a9aa2b 100644
--- a/plugins/storage/volume/linstor/CHANGELOG.md
+++ b/plugins/storage/volume/linstor/CHANGELOG.md
@@ -5,6 +5,12 @@ All notable changes to Linstor CloudStack plugin will be documented in this file
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2025-08-05]
+
+### Fixed
+
+- getVolumeStats wasn't correctly working if multiple Linstor clusters/primary storages are used.
+
 ## [2025-07-01]
 
 ### Fixed
diff --git a/plugins/storage/volume/linstor/src/main/java/org/apache/cloudstack/storage/datastore/driver/LinstorPrimaryDataStoreDriverImpl.java b/plugins/storage/volume/linstor/src/main/java/org/apache/cloudstack/storage/datastore/driver/LinstorPrimaryDataStoreDriverImpl.java
index 71e1b528506..0eefe0bcf9b 100644
--- a/plugins/storage/volume/linstor/src/main/java/org/apache/cloudstack/storage/datastore/driver/LinstorPrimaryDataStoreDriverImpl.java
+++ b/plugins/storage/volume/linstor/src/main/java/org/apache/cloudstack/storage/datastore/driver/LinstorPrimaryDataStoreDriverImpl.java
@@ -135,7 +135,7 @@ public class LinstorPrimaryDataStoreDriverImpl implements PrimaryDataStoreDriver
     private HostDao _hostDao;
     @Inject private VMTemplateDao _vmTemplateDao;
 
-    private long volumeStatsLastUpdate = 0L;
+    private final Map<String, Long> volumeStatsLastUpdate = new HashMap<>();
     private final Map<String, Pair<Long, Long>> volumeStats = new HashMap<>();
 
     public LinstorPrimaryDataStoreDriverImpl()
@@ -1533,11 +1533,12 @@ public class LinstorPrimaryDataStoreDriverImpl implements PrimaryDataStoreDriver
 
     /**
      * Updates the cache map containing current allocated size data.
-     * @param api Linstor Developers api object
+     * @param linstorAddr Linstor cluster api address
      */
-    private void fillVolumeStatsCache(DevelopersApi api) {
+    private void fillVolumeStatsCache(String linstorAddr) {
+        final DevelopersApi api = LinstorUtil.getLinstorAPI(linstorAddr);
         try {
-            s_logger.trace("Start volume stats cache update");
+            s_logger.trace("Start volume stats cache update for " + linstorAddr);
             List<ResourceWithVolumes> resources = api.viewResources(
                     Collections.emptyList(),
                     Collections.emptyList(),
@@ -1564,14 +1565,14 @@ public class LinstorPrimaryDataStoreDriverImpl implements PrimaryDataStoreDriver
                 }
             }
 
-            volumeStats.clear();
+            volumeStats.keySet().removeIf(key -> key.startsWith(linstorAddr));
             for (Map.Entry<String, Long> entry : allocSizeMap.entrySet()) {
                 Long reserved = resSizeMap.getOrDefault(entry.getKey(), 0L);
                 Pair<Long, Long> volStat = new Pair<>(entry.getValue(), reserved);
-                volumeStats.put(entry.getKey(), volStat);
+                volumeStats.put(linstorAddr + "/" + entry.getKey(), volStat);
             }
-            volumeStatsLastUpdate = System.currentTimeMillis();
-            s_logger.trace("Done volume stats cache update: " + volumeStats.size());
+            volumeStatsLastUpdate.put(linstorAddr, System.currentTimeMillis());
+            s_logger.debug(String.format("Done volume stats cache update for %s: %d", linstorAddr, volumeStats.size()));
         } catch (ApiException e) {
             s_logger.error("Unable to fetch Linstor resources: " + e.getBestMessage());
         }
@@ -1579,14 +1580,19 @@ public class LinstorPrimaryDataStoreDriverImpl implements PrimaryDataStoreDriver
 
     @Override
     public Pair<Long, Long> getVolumeStats(StoragePool storagePool, String volumeId) {
-        final DevelopersApi api = LinstorUtil.getLinstorAPI(storagePool.getHostAddress());
+        String linstorAddr = storagePool.getHostAddress();
         synchronized (volumeStats) {
-            long invalidateCacheTime = volumeStatsLastUpdate +
+            long invalidateCacheTime = volumeStatsLastUpdate.getOrDefault(storagePool.getHostAddress(), 0L) +
                     LinstorConfigurationManager.VolumeStatsCacheTime.value() * 1000;
             if (invalidateCacheTime < System.currentTimeMillis()) {
-                fillVolumeStatsCache(api);
+                fillVolumeStatsCache(storagePool.getHostAddress());
             }
-            return volumeStats.get(LinstorUtil.RSC_PREFIX + volumeId);
+            String volumeKey = linstorAddr + "/" + LinstorUtil.RSC_PREFIX + volumeId;
+            Pair<Long, Long> sizePair = volumeStats.get(volumeKey);
+            if (sizePair == null) {
+                s_logger.warn(String.format("Volumestats for %s not found in cache", volumeKey));
+            }
+            return sizePair;
         }
     }
 

From c6daeb4f78d5cd7c8865657aa49cce9bee6609aa Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jo=C3=A3o=20Jandre?=
 <48719461+JoaoJandre@users.noreply.github.com>
Date: Fri, 15 Aug 2025 11:22:50 -0300
Subject: [PATCH 71/83] fix snapshot physical size for primary storage (#11448)

---
 .../cloudstack/storage/snapshot/SnapshotObject.java   | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/engine/storage/snapshot/src/main/java/org/apache/cloudstack/storage/snapshot/SnapshotObject.java b/engine/storage/snapshot/src/main/java/org/apache/cloudstack/storage/snapshot/SnapshotObject.java
index a3964bd461e..7602a142f88 100644
--- a/engine/storage/snapshot/src/main/java/org/apache/cloudstack/storage/snapshot/SnapshotObject.java
+++ b/engine/storage/snapshot/src/main/java/org/apache/cloudstack/storage/snapshot/SnapshotObject.java
@@ -172,10 +172,15 @@ public class SnapshotObject implements SnapshotInfo {
     @Override
     public long getPhysicalSize() {
         long physicalSize = 0;
-        SnapshotDataStoreVO snapshotStore = snapshotStoreDao.findByStoreSnapshot(DataStoreRole.Image, store.getId(), snapshot.getId());
-        if (snapshotStore != null) {
-            physicalSize = snapshotStore.getPhysicalSize();
+        for (DataStoreRole role : List.of(DataStoreRole.Image, DataStoreRole.Primary)) {
+            logger.trace("Retrieving snapshot [{}] size from {} storage.", snapshot.getUuid(), role);
+            SnapshotDataStoreVO snapshotStore = snapshotStoreDao.findByStoreSnapshot(role, store.getId(), snapshot.getId());
+            if (snapshotStore != null) {
+                return snapshotStore.getPhysicalSize();
+            }
+            logger.trace("Snapshot [{}] size not found on {} storage.", snapshot.getUuid(), role);
         }
+        logger.warn("Snapshot [{}] reference not found in any storage. There may be an inconsistency on the database.", snapshot.getUuid());
         return physicalSize;
     }
 

From df5efa5d0dc911e76731cfb5683e2273fb6fc7d1 Mon Sep 17 00:00:00 2001
From: Pearl Dsilva <pearl1594@gmail.com>
Date: Thu, 21 Aug 2025 08:25:10 -0400
Subject: [PATCH 72/83] Remove non-existant network service provider from UI
 (#11463)

---
 .../infra/network/ServiceProvidersTab.vue     | 59 -------------------
 1 file changed, 59 deletions(-)

diff --git a/ui/src/views/infra/network/ServiceProvidersTab.vue b/ui/src/views/infra/network/ServiceProvidersTab.vue
index beb3fe0d9dc..d6833051559 100644
--- a/ui/src/views/infra/network/ServiceProvidersTab.vue
+++ b/ui/src/views/infra/network/ServiceProvidersTab.vue
@@ -535,65 +535,6 @@ export default {
           ],
           details: ['name', 'state', 'id', 'servicelist', 'physicalnetworkid']
         },
-        {
-          title: 'F5BigIp',
-          actions: [
-            {
-              api: 'addF5LoadBalancer',
-              listView: true,
-              icon: 'plus-outlined',
-              label: 'label.add.f5.device',
-              component: shallowRef(defineAsyncComponent(() => import('@/views/infra/network/providers/AddF5LoadBalancer.vue')))
-            },
-            {
-              api: 'updateNetworkServiceProvider',
-              icon: 'stop-outlined',
-              listView: true,
-              label: 'label.disable.provider',
-              confirm: 'message.confirm.disable.provider',
-              show: (record) => { return record && record.id && record.state === 'Enabled' },
-              mapping: {
-                state: {
-                  value: (record) => { return 'Disabled' }
-                }
-              }
-            },
-            {
-              api: 'updateNetworkServiceProvider',
-              icon: 'play-circle-outlined',
-              listView: true,
-              label: 'label.enable.provider',
-              confirm: 'message.confirm.enable.provider',
-              show: (record) => { return record && record.id && record.state === 'Disabled' },
-              mapping: {
-                state: {
-                  value: (record) => { return 'Enabled' }
-                }
-              }
-            },
-            {
-              api: 'deleteNetworkServiceProvider',
-              listView: true,
-              icon: 'poweroff-outlined',
-              label: 'label.shutdown.provider',
-              confirm: 'message.confirm.delete.provider',
-              show: (record) => { return record && record.id }
-            }
-          ],
-          details: ['name', 'state', 'id', 'servicelist'],
-          lists: [
-            {
-              title: 'label.devices',
-              api: 'listF5LoadBalancers',
-              mapping: {
-                physicalnetworkid: {
-                  value: (record) => { return record.physicalnetworkid }
-                }
-              },
-              columns: ['ipaddress', 'lbdevicestate', 'actions']
-            }
-          ]
-        },
         {
           title: 'GloboDns',
           actions: [

From 6e59f4f4cc2f70edd205dadcb0bd38f5027c2e6d Mon Sep 17 00:00:00 2001
From: Pearl Dsilva <pearl1594@gmail.com>
Date: Thu, 21 Aug 2025 09:02:01 -0400
Subject: [PATCH 73/83] Fix deployment of CKS clusters in Basic zone (#11457)

---
 .../cloudstack/engine/orchestration/NetworkOrchestrator.java    | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/engine/orchestration/src/main/java/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java b/engine/orchestration/src/main/java/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
index e758d0b6832..a9c15afc2cf 100644
--- a/engine/orchestration/src/main/java/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
+++ b/engine/orchestration/src/main/java/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
@@ -21,6 +21,7 @@ import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.Comparator;
+import java.util.Date;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.LinkedHashMap;
@@ -1292,6 +1293,7 @@ public class NetworkOrchestrator extends ManagerBase implements NetworkOrchestra
             IPAddressVO lockedIpVO = _ipAddressDao.acquireInLockTable(ipVO.getId());
             validateLockedRequestedIp(ipVO, lockedIpVO);
             lockedIpVO.setState(IPAddressVO.State.Allocated);
+            lockedIpVO.setAllocatedTime(new Date());
             _ipAddressDao.update(lockedIpVO.getId(), lockedIpVO);
         } finally {
             _ipAddressDao.releaseFromLockTable(ipVO.getId());

From 0f0155c65306059f9b1f54aa6f86150b15c3aa98 Mon Sep 17 00:00:00 2001
From: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
Date: Thu, 28 Aug 2025 10:27:30 +0530
Subject: [PATCH 74/83] Fix live migration of VM with config drive on KVM
 (#11516)

---
 .../kvm/resource/LibvirtComputingResource.java |  7 +++----
 .../wrapper/LibvirtMigrateCommandWrapper.java  |  2 +-
 .../kvm/storage/KVMStoragePoolManager.java     | 18 ++++++++++--------
 .../kvm/storage/LibvirtStorageAdaptor.java     |  7 +++----
 4 files changed, 17 insertions(+), 17 deletions(-)

diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
index 5694c23a216..19c6e7145a6 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
@@ -3506,10 +3506,10 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv
     public synchronized String attachOrDetachISO(final Connect conn, final String vmName, String isoPath, final boolean isAttach, final Integer diskSeq) throws LibvirtException, URISyntaxException,
             InternalErrorException {
         final DiskDef iso = new DiskDef();
-        if (isAttach && StringUtils.isNotBlank(isoPath) && isoPath.lastIndexOf("/") > 0) {
-            if (isoPath.startsWith(getConfigPath() + "/" + ConfigDrive.CONFIGDRIVEDIR) && isoPath.contains(vmName)) {
+        if (isAttach && StringUtils.isNotBlank(isoPath)) {
+            if (isoPath.startsWith(getConfigPath() + "/" + ConfigDrive.CONFIGDRIVEDIR) || isoPath.contains(vmName)) {
                 iso.defISODisk(isoPath, diskSeq, DiskDef.DiskType.FILE);
-            } else {
+            } else if (isoPath.lastIndexOf("/") > 0) {
                 final int index = isoPath.lastIndexOf("/");
                 final String path = isoPath.substring(0, index);
                 final String name = isoPath.substring(index + 1);
@@ -3533,7 +3533,6 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv
                     cleanupDisk(disk);
                 }
             }
-
         }
         return result;
     }
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtMigrateCommandWrapper.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtMigrateCommandWrapper.java
index e15a3287692..2d3b58a809e 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtMigrateCommandWrapper.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtMigrateCommandWrapper.java
@@ -899,7 +899,7 @@ public final class LibvirtMigrateCommandWrapper extends CommandWrapper<MigrateCo
                 Node sourceNode = diskChildNode;
                 NamedNodeMap sourceNodeAttributes = sourceNode.getAttributes();
                 Node sourceNodeAttribute = sourceNodeAttributes.getNamedItem("file");
-                if ( sourceNodeAttribute.getNodeValue().contains(vmName)) {
+                if (sourceNodeAttribute != null && sourceNodeAttribute.getNodeValue().contains(vmName)) {
                     diskNode.removeChild(diskChildNode);
                     Element newChildSourceNode = doc.createElement("source");
                     newChildSourceNode.setAttribute("file", isoPath);
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/KVMStoragePoolManager.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/KVMStoragePoolManager.java
index e27547acbb2..710662a3138 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/KVMStoragePoolManager.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/KVMStoragePoolManager.java
@@ -325,17 +325,19 @@ public class KVMStoragePoolManager {
         String uuid = null;
         String sourceHost = "";
         StoragePoolType protocol = null;
-        final String scheme = (storageUri.getScheme() != null) ? storageUri.getScheme().toLowerCase() : "";
         List<String> acceptedSchemes = List.of("nfs", "networkfilesystem", "filesystem");
-        if (acceptedSchemes.contains(scheme)) {
-            sourcePath = storageUri.getPath();
-            sourcePath = sourcePath.replace("//", "/");
-            sourceHost = storageUri.getHost();
-            uuid = UUID.nameUUIDFromBytes(new String(sourceHost + sourcePath).getBytes()).toString();
-            protocol = scheme.equals("filesystem") ? StoragePoolType.Filesystem: StoragePoolType.NetworkFilesystem;
+        if (storageUri.getScheme() == null || !acceptedSchemes.contains(storageUri.getScheme().toLowerCase())) {
+            throw new CloudRuntimeException("Empty or unsupported storage pool uri scheme");
         }
 
-        // secondary storage registers itself through here
+        final String scheme = storageUri.getScheme().toLowerCase();
+        sourcePath = storageUri.getPath();
+        sourcePath = sourcePath.replace("//", "/");
+        sourceHost = storageUri.getHost();
+        uuid = UUID.nameUUIDFromBytes(new String(sourceHost + sourcePath).getBytes()).toString();
+        protocol = scheme.equals("filesystem") ? StoragePoolType.Filesystem: StoragePoolType.NetworkFilesystem;
+
+        // storage registers itself through here
         return createStoragePool(uuid, sourceHost, 0, sourcePath, "", protocol, null, false);
     }
 
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
index f3731459f89..8be5e9658fa 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
@@ -733,10 +733,9 @@ public class LibvirtStorageAdaptor implements StorageAdaptor {
 
     @Override
     public KVMStoragePool createStoragePool(String name, String host, int port, String path, String userInfo, StoragePoolType type, Map<String, String> details, boolean isPrimaryStorage) {
-        logger.info("Attempting to create storage pool " + name + " (" + type.toString() + ") in libvirt");
-
-        StoragePool sp = null;
-        Connect conn = null;
+        logger.info("Attempting to create storage pool {} ({}) in libvirt", name, type);
+        StoragePool sp;
+        Connect conn;
         try {
             conn = LibvirtConnection.getConnection();
         } catch (LibvirtException e) {

From f80a9ca482367a2334794cd2743849c78e1c94e3 Mon Sep 17 00:00:00 2001
From: Pearl Dsilva <pearl1594@gmail.com>
Date: Fri, 29 Aug 2025 03:06:03 -0400
Subject: [PATCH 75/83] UI: Prevent restriction of changeOfferingForVolume API
 to Admin role (#11466)

---
 ui/src/config/section/storage.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ui/src/config/section/storage.js b/ui/src/config/section/storage.js
index a869dfb6e80..5c2a6868646 100644
--- a/ui/src/config/section/storage.js
+++ b/ui/src/config/section/storage.js
@@ -226,7 +226,7 @@ export default {
           label: 'label.change.offering.for.volume',
           args: ['id', 'diskofferingid', 'size', 'miniops', 'maxiops', 'automigrate'],
           dataView: true,
-          show: (record, store) => { return ['Allocated', 'Ready'].includes(record.state) && ['Admin'].includes(store.userInfo.roletype) },
+          show: (record, store) => { return ['Allocated', 'Ready'].includes(record.state) },
           popup: true,
           component: shallowRef(defineAsyncComponent(() => import('@/views/storage/ChangeOfferingForVolume.vue')))
         },

From 05e7a257ca5eb3bfb15225948f270288b857fdba Mon Sep 17 00:00:00 2001
From: Wei Zhou <weizhou@apache.org>
Date: Fri, 29 Aug 2025 09:21:33 +0200
Subject: [PATCH 76/83] VPC VR: return UNKNOWN redundant state if no guest nics
 (#11518)

* VPC VR: return UNKNOWN redundant state if no guest nics
---
 systemvm/debian/opt/cloud/bin/checkrouter.sh | 22 +++++++++++++++++++-
 1 file changed, 21 insertions(+), 1 deletion(-)

diff --git a/systemvm/debian/opt/cloud/bin/checkrouter.sh b/systemvm/debian/opt/cloud/bin/checkrouter.sh
index c3a73e9e5e3..f127187ceb4 100755
--- a/systemvm/debian/opt/cloud/bin/checkrouter.sh
+++ b/systemvm/debian/opt/cloud/bin/checkrouter.sh
@@ -18,13 +18,33 @@
 
 STATUS=UNKNOWN
 
+get_guest_nics() {
+  python3 -c "
+import json
+data = json.load(open('/etc/cloudstack/ips.json'))
+for nic, objs in data.items():
+  if isinstance(objs, list):
+      for obj in objs:
+          if obj.get('nw_type') == 'guest' and obj.get('add'):
+              print(nic)
+                    "
+}
+
+ROUTER_TYPE=$(cat /etc/cloudstack/cmdline.json | grep type | awk '{print $2;}' | sed -e 's/[,\"]//g')
+if [ "$ROUTER_TYPE" = "vpcrouter" ];then
+    GUEST_NICS=$(get_guest_nics)
+    if [ "$GUEST_NICS" = "" ];then
+        echo "Status: ${STATUS}"
+        exit
+    fi
+fi
+
 if [ "$(systemctl is-active keepalived)" != "active" ]
 then
     echo "Status: FAULT"
     exit
 fi
 
-ROUTER_TYPE=$(cat /etc/cloudstack/cmdline.json | grep type | awk '{print $2;}' | sed -e 's/[,\"]//g')
 if [ "$ROUTER_TYPE" = "router" ]
 then
 	ROUTER_STATE=$(ip -4 addr show dev eth0 | grep inet | wc -l | xargs bash -c  'if [ $0 == 2 ]; then echo "PRIMARY"; else echo "BACKUP"; fi')

From ba7ec8865049794dc5a0c8beddfcd43de497c7bc Mon Sep 17 00:00:00 2001
From: Wei Zhou <weizhou@apache.org>
Date: Fri, 29 Aug 2025 11:39:50 +0200
Subject: [PATCH 77/83] SG: Apply rules for both ipv4/ipv6 of VMs with
 associated account/SG (#11243)

---
 .../com/cloud/network/security/SecurityGroupVMMapVO.java   | 7 +++++++
 .../cloud/network/security/SecurityGroupManagerImpl.java   | 3 +++
 .../cloud/network/security/SecurityGroupManagerImpl2.java  | 3 +++
 3 files changed, 13 insertions(+)

diff --git a/engine/schema/src/main/java/com/cloud/network/security/SecurityGroupVMMapVO.java b/engine/schema/src/main/java/com/cloud/network/security/SecurityGroupVMMapVO.java
index d12b9f9443f..59699cba1d4 100644
--- a/engine/schema/src/main/java/com/cloud/network/security/SecurityGroupVMMapVO.java
+++ b/engine/schema/src/main/java/com/cloud/network/security/SecurityGroupVMMapVO.java
@@ -50,6 +50,9 @@ public class SecurityGroupVMMapVO implements InternalIdentity {
     @Column(name = "ip4_address", table = "nics", insertable = false, updatable = false)
     private String guestIpAddress;
 
+    @Column(name = "ip6_address", table = "nics", insertable = false, updatable = false)
+    private String guestIpv6Address;
+
     @Column(name = "state", table = "vm_instance", insertable = false, updatable = false)
     private State vmState;
 
@@ -77,6 +80,10 @@ public class SecurityGroupVMMapVO implements InternalIdentity {
         return guestIpAddress;
     }
 
+    public String getGuestIpv6Address() {
+        return guestIpv6Address;
+    }
+
     public long getInstanceId() {
         return instanceId;
     }
diff --git a/server/src/main/java/com/cloud/network/security/SecurityGroupManagerImpl.java b/server/src/main/java/com/cloud/network/security/SecurityGroupManagerImpl.java
index 5d4b4737cbe..585975e7898 100644
--- a/server/src/main/java/com/cloud/network/security/SecurityGroupManagerImpl.java
+++ b/server/src/main/java/com/cloud/network/security/SecurityGroupManagerImpl.java
@@ -354,6 +354,9 @@ public class SecurityGroupManagerImpl extends ManagerBase implements SecurityGro
                             String cidr = defaultNic.getIPv4Address();
                             cidr = cidr + "/32";
                             cidrs.add(cidr);
+                            if (defaultNic.getIPv6Address() != null) {
+                                cidrs.add(defaultNic.getIPv6Address() + "/64");
+                            }
                         }
                     }
                 } else if (rule.getAllowedSourceIpCidr() != null) {
diff --git a/server/src/main/java/com/cloud/network/security/SecurityGroupManagerImpl2.java b/server/src/main/java/com/cloud/network/security/SecurityGroupManagerImpl2.java
index b75c39560cf..b8be55c4048 100644
--- a/server/src/main/java/com/cloud/network/security/SecurityGroupManagerImpl2.java
+++ b/server/src/main/java/com/cloud/network/security/SecurityGroupManagerImpl2.java
@@ -250,6 +250,9 @@ public class SecurityGroupManagerImpl2 extends SecurityGroupManagerImpl {
                         //did a join with the nics table
                         String cidr = ngmapVO.getGuestIpAddress() + "/32";
                         cidrs.add(cidr);
+                        if (ngmapVO.getGuestIpv6Address() != null) {
+                            cidrs.add(ngmapVO.getGuestIpv6Address() + "/64");
+                        }
                     }
                 } else if (rule.getAllowedSourceIpCidr() != null) {
                     cidrs.add(rule.getAllowedSourceIpCidr());

From 3109e0080e5a551635669eff58bcfe650a2635dc Mon Sep 17 00:00:00 2001
From: Pearl Dsilva <pearl1594@gmail.com>
Date: Fri, 29 Aug 2025 05:47:09 -0400
Subject: [PATCH 78/83] Add response object required by go SDK for parsing
 response (#10152)

---
 .../org/apache/cloudstack/response/VmMetricsStatsResponse.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugins/metrics/src/main/java/org/apache/cloudstack/response/VmMetricsStatsResponse.java b/plugins/metrics/src/main/java/org/apache/cloudstack/response/VmMetricsStatsResponse.java
index 33dc51de870..0205ddc686a 100644
--- a/plugins/metrics/src/main/java/org/apache/cloudstack/response/VmMetricsStatsResponse.java
+++ b/plugins/metrics/src/main/java/org/apache/cloudstack/response/VmMetricsStatsResponse.java
@@ -40,7 +40,7 @@ public class VmMetricsStatsResponse extends BaseResponse {
     private String displayName;
 
     @SerializedName("stats")
-    @Param(description = "the list of VM stats")
+    @Param(description = "the list of VM stats", responseObject = StatsResponse.class)
     private List<StatsResponse> stats;
 
     public void setId(String id) {

From 762f75c041d7c14c9d4846bf095381778735a171 Mon Sep 17 00:00:00 2001
From: Abhishek Kumar <abhishek.mrt22@gmail.com>
Date: Fri, 29 Aug 2025 18:42:59 +0530
Subject: [PATCH 79/83] kvm: fix vm deployment with direct-download iso
 (#11532)

---
 .../cloud/hypervisor/kvm/storage/KVMStorageProcessor.java  | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/KVMStorageProcessor.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/KVMStorageProcessor.java
index cdb523a50fd..4ea8d1e80fb 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/KVMStorageProcessor.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/storage/KVMStorageProcessor.java
@@ -84,9 +84,8 @@ import org.apache.commons.lang3.BooleanUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.lang3.builder.ToStringBuilder;
 import org.apache.commons.lang3.builder.ToStringStyle;
-import org.apache.logging.log4j.Logger;
 import org.apache.logging.log4j.LogManager;
-
+import org.apache.logging.log4j.Logger;
 import org.libvirt.Connect;
 import org.libvirt.Domain;
 import org.libvirt.DomainInfo;
@@ -2476,7 +2475,9 @@ public class KVMStorageProcessor implements StorageProcessor {
             if (template != null) {
                 templatePath = template.getPath();
             }
-            if (StringUtils.isEmpty(templatePath)) {
+            if (ImageFormat.ISO.equals(cmd.getFormat())) {
+                logger.debug("Skipping template validations as image format is {}", cmd.getFormat());
+            } else if (StringUtils.isEmpty(templatePath)) {
                 logger.warn("Skipped validation whether downloaded file is QCOW2 for template {}, due to downloaded template path is empty", template.getName());
             } else if (!new File(templatePath).exists()) {
                 logger.warn("Skipped validation whether downloaded file is QCOW2 for template {}, due to downloaded template path is not valid: {}", template.getName(), templatePath);

From d161dc76699535d460950ad16dcac1bd8abf7c19 Mon Sep 17 00:00:00 2001
From: Wei Zhou <weizhou@apache.org>
Date: Fri, 29 Aug 2025 18:36:30 +0200
Subject: [PATCH 80/83] api: use single quote instead of double quote in
 StatsResponse (#11537)

---
 .../java/org/apache/cloudstack/api/response/StatsResponse.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/src/main/java/org/apache/cloudstack/api/response/StatsResponse.java b/api/src/main/java/org/apache/cloudstack/api/response/StatsResponse.java
index 5dd76fa5eef..287d78bb612 100644
--- a/api/src/main/java/org/apache/cloudstack/api/response/StatsResponse.java
+++ b/api/src/main/java/org/apache/cloudstack/api/response/StatsResponse.java
@@ -27,7 +27,7 @@ import com.google.gson.annotations.SerializedName;
 public class StatsResponse extends BaseResponse {
 
     @SerializedName("timestamp")
-    @Param(description = "the time when the VM stats were collected. The format is \"yyyy-MM-dd hh:mm:ss\"")
+    @Param(description = "the time when the VM stats were collected. The format is 'yyyy-MM-dd hh:mm:ss'")
     private Date timestamp;
 
     @SerializedName("cpuused")

From 92e75932967218240ceadd179996176fbca04694 Mon Sep 17 00:00:00 2001
From: Harikrishna <harikrishna.patnala@gmail.com>
Date: Tue, 2 Sep 2025 11:25:32 +0530
Subject: [PATCH 81/83] Use update offering APIs to disable compute and disk
 offerings (#11550)

---
 ui/src/config/section/offering.js | 21 ++++++++++++++++++---
 1 file changed, 18 insertions(+), 3 deletions(-)

diff --git a/ui/src/config/section/offering.js b/ui/src/config/section/offering.js
index 09a0919d860..2cef270ec3e 100644
--- a/ui/src/config/section/offering.js
+++ b/ui/src/config/section/offering.js
@@ -122,7 +122,7 @@ export default {
         show: (record) => { return record.state !== 'Active' },
         groupMap: (selection) => { return selection.map(x => { return { id: x, state: 'Active' } }) }
       }, {
-        api: 'deleteServiceOffering',
+        api: 'updateServiceOffering',
         icon: 'pause-circle-outlined',
         label: 'label.action.disable.service.offering',
         message: 'message.action.disable.service.offering',
@@ -130,6 +130,11 @@ export default {
         dataView: true,
         groupAction: true,
         popup: true,
+        mapping: {
+          state: {
+            value: (record) => { return 'Inactive' }
+          }
+        },
         show: (record) => { return record.state === 'Active' },
         groupMap: (selection) => { return selection.map(x => { return { id: x } }) }
       }]
@@ -198,7 +203,7 @@ export default {
         show: (record) => { return record.state !== 'Active' },
         groupMap: (selection) => { return selection.map(x => { return { id: x, state: 'Active' } }) }
       }, {
-        api: 'deleteServiceOffering',
+        api: 'updateServiceOffering',
         icon: 'pause-circle-outlined',
         label: 'label.action.disable.system.service.offering',
         message: 'message.action.disable.system.service.offering',
@@ -207,6 +212,11 @@ export default {
         params: { issystem: 'true' },
         groupAction: true,
         popup: true,
+        mapping: {
+          state: {
+            value: (record) => { return 'Inactive' }
+          }
+        },
         show: (record) => { return record.state === 'Active' },
         groupMap: (selection) => { return selection.map(x => { return { id: x } }) }
       }]
@@ -301,7 +311,7 @@ export default {
         show: (record) => { return record.state !== 'Active' },
         groupMap: (selection) => { return selection.map(x => { return { id: x, state: 'Active' } }) }
       }, {
-        api: 'deleteDiskOffering',
+        api: 'updateDiskOffering',
         icon: 'pause-circle-outlined',
         label: 'label.action.disable.disk.offering',
         message: 'message.action.disable.disk.offering',
@@ -309,6 +319,11 @@ export default {
         dataView: true,
         groupAction: true,
         popup: true,
+        mapping: {
+          state: {
+            value: (record) => { return 'Inactive' }
+          }
+        },
         show: (record) => { return record.state === 'Active' },
         groupMap: (selection) => { return selection.map(x => { return { id: x } }) }
       }]

From 48648d4c45bf83baa5133e56edebeece1ee5bf93 Mon Sep 17 00:00:00 2001
From: Wei Zhou <weizhou@apache.org>
Date: Tue, 2 Sep 2025 08:08:10 +0200
Subject: [PATCH 82/83] test: fix test_04_rvpc_network_garbage_collector_nics
 failure (#11542)

* test: fix test_04_rvpc_network_garbage_collector_nics failure

* test: check backup VR as well
---
 test/integration/smoke/test_vpc_redundant.py | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/test/integration/smoke/test_vpc_redundant.py b/test/integration/smoke/test_vpc_redundant.py
index 37dd87a499c..722b7127244 100644
--- a/test/integration/smoke/test_vpc_redundant.py
+++ b/test/integration/smoke/test_vpc_redundant.py
@@ -612,10 +612,13 @@ class TestVPCRedundancy(cloudstackTestCase):
 
         time.sleep(total_sleep)
 
-        # Router will be in FAULT state, i.e. keepalived is stopped
-        self.check_routers_state(status_to_check="FAULT", expected_count=2)
+        # Router will be in UNKNOWN state, i.e. keepalived is stopped
+        self.check_routers_state(status_to_check="UNKNOWN", expected_count=2)
+
         self.start_vm()
+        # Routers will be in PRIMARY/BACKUP state
         self.check_routers_state(status_to_check="PRIMARY")
+        self.check_routers_state(status_to_check="BACKUP")
 
     @attr(tags=["advanced", "intervlan"], required_hardware="true")
     def test_05_rvpc_multi_tiers(self):

From f24b1757a0b920d88470033bdf4bd658717a8d20 Mon Sep 17 00:00:00 2001
From: Abhishek Kumar <abhishek.mrt22@gmail.com>
Date: Wed, 3 Sep 2025 15:16:10 +0530
Subject: [PATCH 83/83] ui: donot filter edge zones while registering
 directdownload iso (#10865)

Fixes #10766

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
---
 ui/src/views/image/RegisterOrUploadIso.vue | 45 +++++++++++++++-------
 1 file changed, 31 insertions(+), 14 deletions(-)

diff --git a/ui/src/views/image/RegisterOrUploadIso.vue b/ui/src/views/image/RegisterOrUploadIso.vue
index 871a8482e99..37ae369727f 100644
--- a/ui/src/views/image/RegisterOrUploadIso.vue
+++ b/ui/src/views/image/RegisterOrUploadIso.vue
@@ -85,7 +85,7 @@
           <template #label>
             <tooltip-label :title="$t('label.directdownload')" :tooltip="apiParams.directdownload.description"/>
           </template>
-          <a-switch v-model:checked="form.directdownload"/>
+          <a-switch v-model:checked="form.directdownload" @change="handleDirectDownloadChange"/>
         </a-form-item>
 
         <a-form-item ref="checksum" name="checksum">
@@ -110,7 +110,7 @@
             }"
             :loading="zoneLoading"
             :placeholder="apiParams.zoneid.description">
-            <a-select-option :value="opt.id" v-for="opt in zones" :key="opt.id" :label="opt.name || opt.description">
+            <a-select-option :value="opt.id" v-for="opt in zoneList" :key="opt.id" :label="opt.name || opt.description">
               <span>
                 <resource-icon v-if="opt.icon" :image="opt.icon.base64image" size="1x" style="margin-right: 5px"/>
                 <global-outlined v-else style="margin-right: 5px" />
@@ -361,17 +361,18 @@ export default {
   },
   created () {
     this.initForm()
-    this.zones = []
-    if (this.$store.getters.userInfo.roletype === 'Admin' && this.currentForm === 'Create') {
-      this.zones = [
-        {
-          id: '-1',
-          name: this.$t('label.all.zone')
-        }
-      ]
-    }
+    this.initZones()
     this.fetchData()
   },
+  computed: {
+    zoneList () {
+      let filteredZones = this.zones
+      if (!this.form.directdownload) {
+        filteredZones = this.zones.filter(zone => zone.type !== 'Edge')
+      }
+      return filteredZones
+    }
+  },
   methods: {
     initForm () {
       this.formRef = ref()
@@ -390,6 +391,17 @@ export default {
         ostypeid: [{ required: true, message: this.$t('message.error.select') }]
       })
     },
+    initZones () {
+      this.zones = []
+      if (this.$store.getters.userInfo.roletype === 'Admin' && this.currentForm === 'Create') {
+        this.zones = [
+          {
+            id: '-1',
+            name: this.$t('label.all.zone')
+          }
+        ]
+      }
+    },
     fetchData () {
       this.fetchZoneData()
       this.fetchOsType()
@@ -412,11 +424,10 @@ export default {
         const listZones = json.listzonesresponse.zone
         if (listZones) {
           this.zones = this.zones.concat(listZones)
-          this.zones = this.zones.filter(zone => zone.type !== 'Edge')
         }
       }).finally(() => {
         this.zoneLoading = false
-        this.form.zoneid = (this.zones[0].id ? this.zones[0].id : '')
+        this.form.zoneid = this.zoneList?.[0]?.id || ''
       })
     },
     fetchOsType () {
@@ -467,6 +478,12 @@ export default {
       this.fileList = newFileList
       this.form.file = undefined
     },
+    handleDirectDownloadChange () {
+      if (this.form.zoneid && this.zoneList.find(entry => entry.id === this.form.zoneid)) {
+        return
+      }
+      this.form.zoneid = this.zoneList?.[0]?.id || ''
+    },
     beforeUpload (file) {
       this.fileList = [file]
       this.form.file = file
@@ -531,7 +548,7 @@ export default {
           }
           switch (key) {
             case 'zoneid':
-              var zone = this.zones.filter(zone => zone.id === input)
+              var zone = this.zoneList.filter(zone => zone.id === input)
               params[key] = zone[0].id
               break
             case 'ostypeid':