etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' into planner_reserve 

Conflicts:
	api/src/org/apache/cloudstack/api/ApiConstants.java
	engine/schema/src/com/cloud/upgrade/dao/Upgrade410to420.java
	server/src/com/cloud/configuration/ConfigurationManagerImpl.java
	server/src/com/cloud/server/ManagementServerImpl.java
	setup/db/db/schema-410to420.sql
This commit is contained in:
Prachi Damle 2013-05-15 14:44:56 -07:00
parent eb39116789 c8af438e64
commit ed8ff40f7f
303 changed files with 56862 additions and 2544 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
agent/pom.xml
View File

@ -36,6 +36,11 @@
<artifactId>cloud-utils</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>commons-daemon</groupId>
<artifactId>commons-daemon</artifactId>
<version>${cs.daemon.version}</version>
</dependency>
</dependencies>
<build>
<defaultGoal>install</defaultGoal>

108
agent/src/com/cloud/agent/AgentShell.java
View File

@ -24,7 +24,6 @@ import java.io.IOException;
import java.io.InputStream;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.net.HttpURLConnection;
import java.util.ArrayList;
import java.util.Collections;
@ -38,6 +37,9 @@ import java.util.UUID;
import javax.naming.ConfigurationException;
import org.apache.commons.daemon.Daemon;
import org.apache.commons.daemon.DaemonContext;
import org.apache.commons.daemon.DaemonInitException;
import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.MultiThreadedHttpConnectionManager;
import org.apache.commons.httpclient.methods.GetMethod;
@ -47,7 +49,6 @@ import org.apache.log4j.xml.DOMConfigurator;
import com.cloud.agent.Agent.ExitStatus;
import com.cloud.agent.dao.StorageComponent;
import com.cloud.agent.dao.impl.PropertiesStorage;
import com.cloud.host.Host;
import com.cloud.resource.ServerResource;
import com.cloud.utils.LogUtils;
import com.cloud.utils.NumbersUtil;
@ -58,7 +59,7 @@ import com.cloud.utils.backoff.impl.ConstantTimeBackoff;
import com.cloud.utils.exception.CloudRuntimeException;
import com.cloud.utils.script.Script;
public class AgentShell implements IAgentShell {
public class AgentShell implements IAgentShell, Daemon {
private static final Logger s_logger = Logger.getLogger(AgentShell.class
.getName());
private static final MultiThreadedHttpConnectionManager s_httpClientManager = new MultiThreadedHttpConnectionManager();
@ -79,7 +80,6 @@ public class AgentShell implements IAgentShell {
private int _nextAgentId = 1;
private volatile boolean _exit = false;
private int _pingRetries;
private Thread _consoleProxyMain = null;
private final List<Agent> _agents = new ArrayList<Agent>();
public AgentShell() {
@ -376,7 +376,17 @@ public class AgentShell implements IAgentShell {
return true;
}
@Override
public void init(DaemonContext dc) throws DaemonInitException {
s_logger.debug("Initializing AgentShell from JSVC");
try {
init(dc.getArguments());
} catch (ConfigurationException ex) {
throw new DaemonInitException("Initialization failed", ex);
}
}
public void init(String[] args) throws ConfigurationException {
// PropertiesUtil is used both in management server and agent packages,
@ -402,11 +412,13 @@ public class AgentShell implements IAgentShell {
loadProperties();
parseCommand(args);
List<String> properties = Collections.list((Enumeration<String>)_properties.propertyNames());
for (String property:properties){
s_logger.debug("Found property: " + property);
if (s_logger.isDebugEnabled()) {
List<String> properties = Collections.list((Enumeration<String>)_properties.propertyNames());
for (String property:properties){
s_logger.debug("Found property: " + property);
}
}
s_logger.info("Defaulting to using properties file for storage");
_storage = new PropertiesStorage();
_storage.configure("Storage", new HashMap<String, Object>());
@ -434,71 +446,6 @@ public class AgentShell implements IAgentShell {
launchAgentFromTypeInfo();
}
private boolean needConsoleProxy() {
for (Agent agent : _agents) {
if (agent.getResource().getType().equals(Host.Type.ConsoleProxy)
|| agent.getResource().getType().equals(Host.Type.Routing))
return true;
}
return false;
}
private int getConsoleProxyPort() {
int port = NumbersUtil.parseInt(
getProperty(null, "consoleproxy.httpListenPort"), 443);
return port;
}
private void openPortWithIptables(int port) {
// TODO
}
private void launchConsoleProxy() throws ConfigurationException {
if (!needConsoleProxy()) {
if (s_logger.isInfoEnabled())
s_logger.info("Storage only agent, no need to start console proxy on it");
return;
}
int port = getConsoleProxyPort();
openPortWithIptables(port);
_consoleProxyMain = new Thread(new Runnable() {
@Override
public void run() {
try {
Class<?> consoleProxyClazz = Class.forName("com.cloud.consoleproxy.ConsoleProxy");
try {
Method method = consoleProxyClazz.getMethod("start",
Properties.class);
method.invoke(null, _properties);
} catch (SecurityException e) {
s_logger.error("Unable to launch console proxy due to SecurityException");
System.exit(ExitStatus.Error.value());
} catch (NoSuchMethodException e) {
s_logger.error("Unable to launch console proxy due to NoSuchMethodException");
System.exit(ExitStatus.Error.value());
} catch (IllegalArgumentException e) {
s_logger.error("Unable to launch console proxy due to IllegalArgumentException");
System.exit(ExitStatus.Error.value());
} catch (IllegalAccessException e) {
s_logger.error("Unable to launch console proxy due to IllegalAccessException");
System.exit(ExitStatus.Error.value());
} catch (InvocationTargetException e) {
s_logger.error("Unable to launch console proxy due to InvocationTargetException");
System.exit(ExitStatus.Error.value());
}
} catch (final ClassNotFoundException e) {
s_logger.error("Unable to launch console proxy due to ClassNotFoundException");
System.exit(ExitStatus.Error.value());
}
}
}, "Console-Proxy-Main");
_consoleProxyMain.setDaemon(true);
_consoleProxyMain.start();
}
private void launchAgentFromClassInfo(String resourceClassNames)
throws ConfigurationException {
String[] names = resourceClassNames.split("\\|");
@ -591,14 +538,6 @@ public class AgentShell implements IAgentShell {
launchAgent();
//
// For both KVM & Xen-Server hypervisor, we have switched to
// VM-based console proxy solution, disable launching
// of console proxy here
//
// launchConsoleProxy();
//
try {
while (!_exit)
Thread.sleep(1000);
@ -618,9 +557,6 @@ public class AgentShell implements IAgentShell {
public void stop() {
_exit = true;
if (_consoleProxyMain != null) {
_consoleProxyMain.interrupt();
}
}
public void destroy() {
@ -629,6 +565,7 @@ public class AgentShell implements IAgentShell {
public static void main(String[] args) {
try {
s_logger.debug("Initializing AgentShell from main");
AgentShell shell = new AgentShell();
shell.init(args);
shell.start();
@ -636,4 +573,5 @@ public class AgentShell implements IAgentShell {
System.out.println(e.getMessage());
}
}
}

53
api/src/com/cloud/agent/api/to/DnsmasqTO.java Normal file
View File

@ -0,0 +1,53 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package com.cloud.agent.api.to;
public class DnsmasqTO {
String routerIp;
String gateway;
String netmask;
public DnsmasqTO(String routerIp, String gateway, String netmask) {
this.routerIp = routerIp;
this.gateway = gateway;
this.netmask =netmask;
}
public void setRouterIp(String routerIp){
this.routerIp = routerIp;
}
public void setGateway(String gateway) {
this.gateway = gateway;
}
public void setNetmask(String netmask) {
this.netmask = netmask ;
}
public String getRouterIp() {
return routerIp;
}
public String getGateway() {
return gateway;
}
public String getNetmask() {
return netmask;
}
}

49
api/src/com/cloud/agent/api/to/NetworkACLTO.java
View File

@ -20,10 +20,10 @@ package com.cloud.agent.api.to;
import java.util.ArrayList;
import java.util.List;
import com.cloud.network.vpc.NetworkACLItem;
import com.cloud.network.vpc.NetworkACLItem.TrafficType;
import org.apache.cloudstack.api.InternalIdentity;
import com.cloud.network.rules.FirewallRule;
import com.cloud.network.rules.FirewallRule.TrafficType;
import com.cloud.utils.net.NetUtils;
@ -37,15 +37,16 @@ public class NetworkACLTO implements InternalIdentity {
private List<String> cidrList;
private Integer icmpType;
private Integer icmpCode;
private FirewallRule.TrafficType trafficType;
private TrafficType trafficType;
String action;
int number;
protected NetworkACLTO() {
}
public NetworkACLTO(long id,String vlanTag, String protocol, Integer portStart, Integer portEnd, boolean revoked,
boolean alreadyAdded, List<String> cidrList, Integer icmpType,Integer icmpCode,TrafficType trafficType) {
boolean alreadyAdded, List<String> cidrList, Integer icmpType,Integer icmpCode,TrafficType trafficType, boolean allow, int number) {
this.vlanTag = vlanTag;
this.protocol = protocol;
@ -70,12 +71,20 @@ public class NetworkACLTO implements InternalIdentity {
this.icmpType = icmpType;
this.icmpCode = icmpCode;
this.trafficType = trafficType;
if(!allow){
this.action = "DROP";
} else {
this.action = "ACCEPT";
}
this.number = number;
}
public NetworkACLTO(FirewallRule rule, String vlanTag, FirewallRule.TrafficType trafficType ) {
public NetworkACLTO(NetworkACLItem rule, String vlanTag, NetworkACLItem.TrafficType trafficType ) {
this(rule.getId(), vlanTag, rule.getProtocol(), rule.getSourcePortStart(), rule.getSourcePortEnd(),
rule.getState() == FirewallRule.State.Revoke, rule.getState() == FirewallRule.State.Active,
rule.getSourceCidrList() ,rule.getIcmpType(), rule.getIcmpCode(),trafficType);
rule.getState() == NetworkACLItem.State.Revoke, rule.getState() == NetworkACLItem.State.Active,
rule.getSourceCidrList() ,rule.getIcmpType(), rule.getIcmpCode(),trafficType, rule.getAction() == NetworkACLItem.Action.Allow, rule.getNumber());
}
public long getId() {
@ -83,7 +92,7 @@ public class NetworkACLTO implements InternalIdentity {
}
public String getSrcVlanTag() {
return vlanTag;
return vlanTag;
}
public String getProtocol() {
@ -95,18 +104,18 @@ public class NetworkACLTO implements InternalIdentity {
}
public Integer getIcmpType(){
return icmpType;
return icmpType;
}
public Integer getIcmpCode(){
return icmpCode;
return icmpCode;
}
public String getStringPortRange() {
if (portRange == null || portRange.length < 2)
return "0:0";
else
return NetUtils.portRangeToString(portRange);
if (portRange == null || portRange.length < 2)
return "0:0";
else
return NetUtils.portRangeToString(portRange);
}
public boolean revoked() {
@ -121,7 +130,15 @@ public class NetworkACLTO implements InternalIdentity {
return alreadyAdded;
}
public FirewallRule.TrafficType getTrafficType() {
public TrafficType getTrafficType() {
return trafficType;
}
public String getAction() {
return action;
}
public int getNumber(){
return number;
}
}

19
api/src/com/cloud/event/EventTypes.java
View File

@ -113,6 +113,10 @@ public class EventTypes {
public static final String EVENT_NIC_CREATE = "NIC.CREATE";
public static final String EVENT_NIC_DELETE = "NIC.DELETE";
public static final String EVENT_NIC_UPDATE = "NIC.UPDATE";
public static final String EVENT_NIC_DETAIL_ADD = "NIC.DETAIL.ADD";
public static final String EVENT_NIC_DETAIL_UPDATE = "NIC.DETAIL.UPDATE";
public static final String EVENT_NIC_DETAIL_REMOVE = "NIC.DETAIL.REMOVE";
// Load Balancers
public static final String EVENT_ASSIGN_TO_LOAD_BALANCER_RULE = "LB.ASSIGN.TO.RULE";
@ -176,6 +180,9 @@ public class EventTypes {
public static final String EVENT_VOLUME_UPLOAD = "VOLUME.UPLOAD";
public static final String EVENT_VOLUME_MIGRATE = "VOLUME.MIGRATE";
public static final String EVENT_VOLUME_RESIZE = "VOLUME.RESIZE";
public static final String EVENT_VOLUME_DETAIL_UPDATE = "VOLUME.DETAIL.UPDATE";
public static final String EVENT_VOLUME_DETAIL_ADD = "VOLUME.DETAIL.ADD";
public static final String EVENT_VOLUME_DETAIL_REMOVE = "VOLUME.DETAIL.REMOVE";
// Domains
public static final String EVENT_DOMAIN_CREATE = "DOMAIN.CREATE";
@ -344,6 +351,14 @@ public class EventTypes {
public static final String EVENT_VPC_DELETE = "VPC.DELETE";
public static final String EVENT_VPC_RESTART = "VPC.RESTART";
// Network ACL
public static final String EVENT_NETWORK_ACL_CREATE = "NETWORK.ACL.CREATE";
public static final String EVENT_NETWORK_ACL_DELETE = "NETWORK.ACL.DELETE";
public static final String EVENT_NETWORK_ACL_REPLACE = "NETWORK.ACL.REPLACE";
public static final String EVENT_NETWORK_ACL_ITEM_CREATE = "NETWORK.ACL.ITEM.CREATE";
public static final String EVENT_NETWORK_ACL_ITEM_UPDATE = "NETWORK.ACL.ITEM.UPDATE";
public static final String EVENT_NETWORK_ACL_ITEM_DELETE = "NETWORK.ACL.ITEM.DELETE";
// VPC offerings
public static final String EVENT_VPC_OFFERING_CREATE = "VPC.OFFERING.CREATE";
public static final String EVENT_VPC_OFFERING_UPDATE = "VPC.OFFERING.UPDATE";
@ -361,6 +376,10 @@ public class EventTypes {
public static final String EVENT_TAGS_CREATE = "CREATE_TAGS";
public static final String EVENT_TAGS_DELETE = "DELETE_TAGS";
// meta data related events
public static final String EVENT_RESOURCE_DETAILS_CREATE = "CREATE_RESOURCE_DETAILS";
public static final String EVENT_RESOURCE_DETAILS_DELETE = "DELETE_RESOURCE_DETAILS";
// vm snapshot events
public static final String EVENT_VM_SNAPSHOT_CREATE = "VMSNAPSHOT.CREATE";
public static final String EVENT_VM_SNAPSHOT_DELETE = "VMSNAPSHOT.DELETE";

25
api/src/com/cloud/exception/MissingParameterValueException.java Normal file
View File

@ -0,0 +1,25 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package com.cloud.exception;
import com.cloud.utils.exception.CloudRuntimeException;
public class MissingParameterValueException extends CloudRuntimeException {
public MissingParameterValueException(String message) {
super(message);
}
}

1
api/src/com/cloud/host/Status.java
View File

@ -147,6 +147,7 @@ public enum Status {
s_fsm.addTransition(Status.Down, Event.Remove, Status.Removed);
s_fsm.addTransition(Status.Down, Event.ManagementServerDown, Status.Down);
s_fsm.addTransition(Status.Down, Event.AgentDisconnected, Status.Down);
s_fsm.addTransition(Status.Down, Event.PingTimeout, Status.Down);
s_fsm.addTransition(Status.Alert, Event.AgentConnected, Status.Connecting);
s_fsm.addTransition(Status.Alert, Event.Ping, Status.Up);
s_fsm.addTransition(Status.Alert, Event.Remove, Status.Removed);

5
api/src/com/cloud/network/Network.java
View File

@ -322,9 +322,14 @@ public interface Network extends ControlledEntity, StateObject<Network.State>, I
boolean getSpecifyIpRanges();
boolean getDisplayNetwork();
/**
* @return
*/
Long getVpcId();
Long getNetworkACLId();
void setNetworkACLId(Long networkACLId);
}

19
api/src/com/cloud/network/NetworkProfile.java
View File

@ -52,6 +52,8 @@ public class NetworkProfile implements Network {
private boolean restartRequired;
private boolean specifyIpRanges;
private Long vpcId;
private boolean displayNetwork;
private Long networkAclId;
public NetworkProfile(Network network) {
this.id = network.getId();
@ -81,6 +83,8 @@ public class NetworkProfile implements Network {
this.restartRequired = network.isRestartRequired();
this.specifyIpRanges = network.getSpecifyIpRanges();
this.vpcId = network.getVpcId();
this.displayNetwork = network.getDisplayNetwork();
this.networkAclId = network.getNetworkACLId();
}
public String getDns1() {
@ -231,11 +235,26 @@ public class NetworkProfile implements Network {
return false;
}
@Override
public boolean getDisplayNetwork() {
return displayNetwork;
}
@Override
public Long getVpcId() {
return vpcId;
}
@Override
public Long getNetworkACLId() {
return networkAclId;
}
@Override
public void setNetworkACLId(Long networkACLId) {
this.networkAclId = networkACLId;
}
@Override
public void setTrafficType(TrafficType type) {
this.trafficType = type;

9
api/src/com/cloud/network/NetworkService.java
View File

@ -21,9 +21,7 @@ import java.util.List;
import org.apache.cloudstack.api.command.admin.network.DedicateGuestVlanRangeCmd;
import org.apache.cloudstack.api.command.admin.network.ListDedicatedGuestVlanRangesCmd;
import org.apache.cloudstack.api.command.admin.usage.ListTrafficTypeImplementorsCmd;
import org.apache.cloudstack.api.command.user.network.RestartNetworkCmd;
import org.apache.cloudstack.api.command.user.network.CreateNetworkCmd;
import org.apache.cloudstack.api.command.user.network.ListNetworksCmd;
import org.apache.cloudstack.api.command.user.network.*;
import org.apache.cloudstack.api.command.user.vm.ListNicsCmd;
import com.cloud.exception.ConcurrentOperationException;
@ -73,7 +71,7 @@ public interface NetworkService {
IpAddress getIp(long id);
Network updateGuestNetwork(long networkId, String name, String displayText, Account callerAccount, User callerUser,
String domainSuffix, Long networkOfferingId, Boolean changeCidr, String guestVmCidr);
String domainSuffix, Long networkOfferingId, Boolean changeCidr, String guestVmCidr, Boolean displayNetwork);
PhysicalNetwork createPhysicalNetwork(Long zoneId, String vnetRange, String networkSpeed,
List<String> isolationMethods, String broadcastDomainRange, Long domainId, List<String> tags, String name);
@ -165,7 +163,7 @@ public interface NetworkService {
* @throws ResourceAllocationException
*/
Network createPrivateNetwork(String networkName, String displayText, long physicalNetworkId, String vlan,
String startIp, String endIP, String gateway, String netmask, long networkOwnerId, Long vpcId, Boolean sourceNat)
String startIp, String endIP, String gateway, String netmask, long networkOwnerId, Long vpcId, Boolean sourceNat)
throws ResourceAllocationException, ConcurrentOperationException, InsufficientCapacityException;
/* Requests an IP address for the guest nic */
@ -176,4 +174,5 @@ public interface NetworkService {
/* lists the nic informaton */
List<? extends Nic> listNics(ListNicsCmd listNicsCmd);
}

2
api/src/com/cloud/network/element/DhcpServiceProvider.java
View File

@ -28,4 +28,6 @@ import com.cloud.vm.VirtualMachineProfile;
public interface DhcpServiceProvider extends NetworkElement {
boolean addDhcpEntry(Network network, NicProfile nic, VirtualMachineProfile<? extends VirtualMachine> vm, DeployDestination dest, ReservationContext context) throws ConcurrentOperationException, InsufficientCapacityException, ResourceUnavailableException;
boolean configDhcpSupportForSubnet(Network network, NicProfile nic, VirtualMachineProfile<? extends VirtualMachine> vm, DeployDestination dest, ReservationContext context) throws ConcurrentOperationException, InsufficientCapacityException, ResourceUnavailableException;
boolean removeDhcpSupportForSubnet(Network network);
}

3
api/src/com/cloud/network/element/NetworkACLServiceProvider.java
View File

@ -21,6 +21,7 @@ import java.util.List;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.Network;
import com.cloud.network.rules.FirewallRule;
import com.cloud.network.vpc.NetworkACLItem;
public interface NetworkACLServiceProvider extends NetworkElement{
@ -30,6 +31,6 @@ public interface NetworkACLServiceProvider extends NetworkElement{
* @return
* @throws ResourceUnavailableException
*/
boolean applyNetworkACLs(Network config, List<? extends FirewallRule> rules) throws ResourceUnavailableException;
boolean applyNetworkACLs(Network config, List<? extends NetworkACLItem> rules) throws ResourceUnavailableException;
}

2
api/src/com/cloud/network/element/VpcProvider.java
View File

@ -52,4 +52,6 @@ public interface VpcProvider extends NetworkElement{
boolean deletePrivateGateway(PrivateGateway privateGateway) throws ConcurrentOperationException, ResourceUnavailableException;
boolean applyStaticRoutes(Vpc vpc, List<StaticRouteProfile> routes) throws ResourceUnavailableException;
boolean applyACLItemsToPrivateGw(PrivateGateway gateway) throws ResourceUnavailableException;
}

51
api/src/com/cloud/network/firewall/NetworkACLService.java
View File

@ -1,51 +0,0 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package com.cloud.network.firewall;
import java.util.List;
import org.apache.cloudstack.api.command.user.network.ListNetworkACLsCmd;
import com.cloud.exception.NetworkRuleConflictException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.rules.FirewallRule;
import com.cloud.user.Account;
import com.cloud.utils.Pair;
public interface NetworkACLService {
FirewallRule getNetworkACL(long ruleId);
boolean applyNetworkACLs(long networkId, Account caller) throws ResourceUnavailableException;
/**
* @param createNetworkACLCmd
* @return
*/
FirewallRule createNetworkACL(FirewallRule acl) throws NetworkRuleConflictException;
/**
* @param ruleId
* @param apply
* @return
*/
boolean revokeNetworkACL(long ruleId, boolean apply);
/**
* @param listNetworkACLsCmd
* @return
*/
Pair<List<? extends FirewallRule>, Integer> listNetworkACLs(ListNetworkACLsCmd cmd);
}

36
api/src/com/cloud/network/vpc/NetworkACL.java Normal file
View File

@ -0,0 +1,36 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package com.cloud.network.vpc;
import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.InternalIdentity;
public interface NetworkACL extends InternalIdentity{
public static final long DEFAULT_DENY = 1;
public static final long DEFAULT_ALLOW = 2;
String getDescription();
String getUuid();
Long getVpcId();
long getId();
String getName();
}

80
api/src/com/cloud/network/vpc/NetworkACLItem.java Normal file
View File

@ -0,0 +1,80 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package com.cloud.network.vpc;
import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
import java.util.List;
public interface NetworkACLItem extends InternalIdentity {
String getUuid();
Action getAction();
int getNumber();
enum State {
Staged, // Rule been created but has never got through network rule conflict detection. Rules in this state can not be sent to network elements.
Add, // Add means the rule has been created and has gone through network rule conflict detection.
Active, // Rule has been sent to the network elements and reported to be active.
Revoke // Revoke means this rule has been revoked. If this rule has been sent to the network elements, the rule will be deleted from database.
}
enum TrafficType {
Ingress,
Egress
}
enum Action {
Allow,
Deny
}
/**
* @return first port of the source port range.
*/
Integer getSourcePortStart();
/**
* @return last port of the source prot range. If this is null, that means only one port is mapped.
*/
Integer getSourcePortEnd();
/**
* @return protocol to open these ports for.
*/
String getProtocol();
State getState();
long getAclId();
Integer getIcmpCode();
Integer getIcmpType();
List<String> getSourceCidrList();
/**
* @return
*/
TrafficType getTrafficType();
}

135
api/src/com/cloud/network/vpc/NetworkACLService.java Normal file
View File

@ -0,0 +1,135 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package com.cloud.network.vpc;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.utils.Pair;
import org.apache.cloudstack.api.command.user.network.CreateNetworkACLCmd;
import org.apache.cloudstack.api.command.user.network.ListNetworkACLsCmd;
import java.util.List;
public interface NetworkACLService {
/**
* Creates Network ACL for the specified VPC
* @param name
* @param description
* @param vpcId
* @return
*/
NetworkACL createNetworkACL(String name, String description, long vpcId);
/**
* Get Network ACL with specified Id
* @param id
* @return
*/
NetworkACL getNetworkACL(long id);
/**
* List NetworkACLs by Id/Name/Network or Vpc it belongs to
* @param id
* @param name
* @param networkId
* @param vpcId
* @return
*/
Pair<List<? extends NetworkACL>,Integer> listNetworkACLs(Long id, String name, Long networkId, Long vpcId);
/**
* Delete specified network ACL. Deletion fails if the list is not empty
* @param id
* @return
*/
boolean deleteNetworkACL(long id);
/**
* Associates ACL with specified Network
* @param aclId
* @param networkId
* @return
* @throws ResourceUnavailableException
*/
boolean replaceNetworkACL(long aclId, long networkId) throws ResourceUnavailableException;
/**
* Applied ACL to associated networks
* @param aclId
* @return
* @throws ResourceUnavailableException
*/
boolean applyNetworkACL(long aclId) throws ResourceUnavailableException;
/**
* Creates a Network ACL Item within an ACL and applies the ACL to associated networks
* @param createNetworkACLCmd
* @return
*/
NetworkACLItem createNetworkACLItem(CreateNetworkACLCmd aclItemCmd);
/**
* Return ACL item with specified Id
* @param ruleId
* @return
*/
NetworkACLItem getNetworkACLItem(long ruleId);
/**
* Lists Network ACL Items by Id, Network, ACLId, Traffic Type, protocol
* @param listNetworkACLsCmd
* @return
*/
Pair<List<? extends NetworkACLItem>, Integer> listNetworkACLItems(ListNetworkACLsCmd cmd);
/**
* Revoked ACL Item with specified Id
* @param ruleId
* @param apply
* @return
*/
boolean revokeNetworkACLItem(long ruleId);
/**
* Updates existing aclItem applies to associated networks
* @param id
* @param protocol
* @param sourceCidrList
* @param trafficType
* @param action
* @param number
* @param sourcePortStart
* @param sourcePortEnd
* @param icmpCode
* @param icmpType
* @return
* @throws ResourceUnavailableException
*/
NetworkACLItem updateNetworkACLItem(Long id, String protocol, List<String> sourceCidrList, NetworkACLItem.TrafficType trafficType,
String action, Integer number, Integer sourcePortStart, Integer sourcePortEnd,
Integer icmpCode, Integer icmpType) throws ResourceUnavailableException;
/**
* Associates ACL with specified Network
* @param aclId
* @param privateGatewayId
* @return
* @throws ResourceUnavailableException
*/
boolean replaceNetworkACLonPrivateGw(long aclId, long privateGatewayId) throws ResourceUnavailableException;
}

5
api/src/com/cloud/network/vpc/VpcGateway.java
View File

@ -81,4 +81,9 @@ public interface VpcGateway extends Identity, ControlledEntity, InternalIdentity
* @return
*/
boolean getSourceNat();
/**
* @return
*/
long getNetworkACLId();
}

3
api/src/com/cloud/network/vpc/VpcService.java
View File

@ -172,13 +172,14 @@ public interface VpcService {
* @param netmask
* @param gatewayOwnerId
* @param isSourceNat
* @param aclId
* @return
* @throws InsufficientCapacityException
* @throws ConcurrentOperationException
* @throws ResourceAllocationException
*/
public PrivateGateway createVpcPrivateGateway(long vpcId, Long physicalNetworkId, String vlan, String ipAddress,
String gateway, String netmask, long gatewayOwnerId, Boolean isSourceNat) throws ResourceAllocationException,
String gateway, String netmask, long gatewayOwnerId, Boolean isSoruceNat, Long aclId) throws ResourceAllocationException,
ConcurrentOperationException, InsufficientCapacityException;
/**

47
api/src/com/cloud/server/ResourceMetaDataService.java Normal file
View File

@ -0,0 +1,47 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.package com.cloud.server;
package com.cloud.server;
import java.util.List;
import java.util.Map;
import com.cloud.server.ResourceTag.TaggedResourceType;
public interface ResourceMetaDataService {
TaggedResourceType getResourceType (String resourceTypeStr);
/**
* @param resourceId TODO
* @param resourceType
* @param details
* @return
*/
boolean addResourceMetaData(String resourceId, TaggedResourceType resourceType, Map<String, String> details);
/**
*
* @param resourceId
* @param resourceType
* @param key
* @return
*/
public boolean deleteResourceMetaData(String resourceId, TaggedResourceType resourceType, String key);
}

1
api/src/com/cloud/server/ResourceTag.java
View File

@ -29,6 +29,7 @@ public interface ResourceTag extends ControlledEntity, Identity, InternalIdentit
Volume,
Snapshot,
Network,
Nic,
LoadBalancer,
PortForwardingRule,
FirewallRule,

5
api/src/com/cloud/server/TaggedResourceService.java
View File

@ -51,4 +51,7 @@ public interface TaggedResourceService {
boolean deleteTags(List<String> resourceIds, TaggedResourceType resourceType, Map<String, String> tags);
List<? extends ResourceTag> listByResourceTypeAndId(TaggedResourceType type, long resourceId);
}
public Long getResourceId(String resourceId, TaggedResourceType resourceType);
}

9
api/src/com/cloud/storage/VolumeApiService.java
View File

@ -18,12 +18,7 @@
*/
package com.cloud.storage;
import org.apache.cloudstack.api.command.user.volume.AttachVolumeCmd;
import org.apache.cloudstack.api.command.user.volume.CreateVolumeCmd;
import org.apache.cloudstack.api.command.user.volume.DetachVolumeCmd;
import org.apache.cloudstack.api.command.user.volume.MigrateVolumeCmd;
import org.apache.cloudstack.api.command.user.volume.ResizeVolumeCmd;
import org.apache.cloudstack.api.command.user.volume.UploadVolumeCmd;
import org.apache.cloudstack.api.command.user.volume.*;
import com.cloud.exception.ConcurrentOperationException;
import com.cloud.exception.PermissionDeniedException;
@ -79,4 +74,6 @@ public interface VolumeApiService {
Volume attachVolumeToVM(AttachVolumeCmd command);
Volume detachVolumeFromVM(DetachVolumeCmd cmmd);
Volume updateVolume(UpdateVolumeCmd updateVolumeCmd);
}

45
api/src/com/cloud/vm/NicIpAlias.java Normal file
View File

@ -0,0 +1,45 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package com.cloud.vm;
import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.api.Identity;
import org.apache.cloudstack.api.InternalIdentity;
/** Each entry represents the alis ip of a perticular nic.
*
*/
public interface NicIpAlias extends ControlledEntity, Identity, InternalIdentity{
/**
* @return id in the CloudStack database
*/
enum state {
active,
revoked,
}
long getId();
long getNicId();
String getIp4Address();
String getIp6Address();
long getNetworkId();
long getVmId();
Long getAliasCount();
String getNetmask();
String getGateway();
}

22
api/src/com/cloud/vm/UserVmService.java
View File

@ -177,7 +177,10 @@ public interface UserVmService {
* TODO
* @param defaultIp
* TODO
* @param displayVm
* - Boolean flag whether to the display the vm to the end user or not
* @param affinityGroupIdList
*
* @param accountName
* - an optional account for the virtual machine. Must be used
* with domainId
@ -197,9 +200,9 @@ public interface UserVmService {
* @throws InsufficientResourcesException
*/
UserVm createBasicSecurityGroupVirtualMachine(DataCenter zone, ServiceOffering serviceOffering, VirtualMachineTemplate template, List<Long> securityGroupIdList, Account owner, String hostName,
String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor,
String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor,
HTTPMethod httpmethod, String userData, String sshKeyPair, Map<Long, IpAddresses> requestedIps,
IpAddresses defaultIp, String keyboard, List<Long> affinityGroupIdList)
IpAddresses defaultIp, Boolean displayVm, String keyboard, List<Long> affinityGroupIdList)
throws InsufficientCapacityException, ConcurrentOperationException, ResourceUnavailableException, StorageUnavailableException, ResourceAllocationException;
/**
@ -250,7 +253,10 @@ public interface UserVmService {
* TODO
* @param defaultIps
* TODO
* @param displayVm
* - Boolean flag whether to the display the vm to the end user or not
* @param affinityGroupIdList
*
* @param accountName
* - an optional account for the virtual machine. Must be used
* with domainId
@ -270,8 +276,8 @@ public interface UserVmService {
* @throws InsufficientResourcesException
*/
UserVm createAdvancedSecurityGroupVirtualMachine(DataCenter zone, ServiceOffering serviceOffering, VirtualMachineTemplate template, List<Long> networkIdList, List<Long> securityGroupIdList,
Account owner, String hostName, String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor, HTTPMethod httpmethod, String userData, String sshKeyPair,
Map<Long, IpAddresses> requestedIps, IpAddresses defaultIps, String keyboard, List<Long> affinityGroupIdList)
Account owner, String hostName, String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor, HTTPMethod httpmethod, String userData, String sshKeyPair,
Map<Long, IpAddresses> requestedIps, IpAddresses defaultIps, Boolean displayVm, String keyboard, List<Long> affinityGroupIdList)
throws InsufficientCapacityException, ConcurrentOperationException, ResourceUnavailableException, StorageUnavailableException, ResourceAllocationException;
/**
@ -319,7 +325,10 @@ public interface UserVmService {
* TODO
* @param defaultIps
* TODO
* @param displayVm
* - Boolean flag whether to the display the vm to the end user or not
* @param affinityGroupIdList
*
* @param accountName
* - an optional account for the virtual machine. Must be used
* with domainId
@ -340,8 +349,9 @@ public interface UserVmService {
*/
UserVm createAdvancedVirtualMachine(DataCenter zone, ServiceOffering serviceOffering, VirtualMachineTemplate template, List<Long> networkIdList, Account owner, String hostName,
String displayName, Long diskOfferingId, Long diskSize, String group, HypervisorType hypervisor,
HTTPMethod httpmethod, String userData, String sshKeyPair, Map<Long, IpAddresses> requestedIps,
IpAddresses defaultIps, String keyboard, List<Long> affinityGroupIdList)
HTTPMethod httpmethod, String userData, String sshKeyPair, Map<Long, IpAddresses> requestedIps,
IpAddresses defaultIps, Boolean displayVm, String keyboard, List<Long> affinityGroupIdList)
throws InsufficientCapacityException, ConcurrentOperationException, ResourceUnavailableException, StorageUnavailableException, ResourceAllocationException;
/**

7
api/src/org/apache/cloudstack/api/ApiConstants.java
View File

@ -56,7 +56,12 @@ public class ApiConstants {
public static final String DISK_OFFERING_ID = "diskofferingid";
public static final String DISK_SIZE = "disksize";
public static final String DISPLAY_NAME = "displayname";
public static final String DISPLAY_NETWORK = "displaynetwork";
public static final String DISPLAY_NIC = "displaynic";
public static final String DISPLAY_TEXT = "displaytext";
public static final String DISPLAY_VM = "displayvm";
public static final String DISPLAY_OFFERING = "displayoffering";
public static final String DISPLAY_VOLUME = "displayvolume";
public static final String DNS1 = "dns1";
public static final String DNS2 = "dns2";
public static final String IP6_DNS1 = "ip6dns1";
@ -491,6 +496,8 @@ public class ApiConstants {
public static final String ASA_INSIDE_PORT_PROFILE = "insideportprofile";
public static final String AFFINITY_GROUP_ID = "affinitygroupid";
public static final String DEPLOYMENT_PLANNER = "deploymentplanner";
public static final String ACL_ID = "aclid";
public static final String NUMBER = "number";
public enum HostDetails {
all, capacity, events, stats, min;

4
api/src/org/apache/cloudstack/api/BaseCmd.java
View File

@ -28,6 +28,7 @@ import java.util.regex.Pattern;
import javax.inject.Inject;
import org.apache.cloudstack.affinity.AffinityGroupService;
import com.cloud.server.ResourceMetaDataService;
import org.apache.cloudstack.network.element.InternalLoadBalancerElementService;
import org.apache.cloudstack.network.lb.ApplicationLoadBalancerService;
import org.apache.cloudstack.network.lb.InternalLoadBalancerVMService;
@ -52,7 +53,7 @@ import com.cloud.network.StorageNetworkService;
import com.cloud.network.VpcVirtualNetworkApplianceService;
import com.cloud.network.as.AutoScaleService;
import com.cloud.network.firewall.FirewallService;
import com.cloud.network.firewall.NetworkACLService;
import com.cloud.network.vpc.NetworkACLService;
import com.cloud.network.lb.LoadBalancingRulesService;
import com.cloud.network.rules.RulesService;
import com.cloud.network.security.SecurityGroupService;
@ -132,6 +133,7 @@ public abstract class BaseCmd {
@Inject public IdentityService _identityService;
@Inject public StorageNetworkService _storageNetworkService;
@Inject public TaggedResourceService _taggedResourceService;
@Inject public ResourceMetaDataService _resourceMetaDataService;
@Inject public VpcService _vpcService;
@Inject public NetworkACLService _networkACLService;
@Inject public Site2SiteVpnService _s2sVpnService;

20
api/src/org/apache/cloudstack/api/ResponseGenerator.java
View File

@ -21,8 +21,15 @@ import java.util.EnumSet;
import java.util.List;
import java.util.Map;
import com.cloud.vm.NicSecondaryIp;
import org.apache.cloudstack.affinity.AffinityGroup;
import org.apache.cloudstack.affinity.AffinityGroupResponse;
import com.cloud.network.vpc.NetworkACL;
import com.cloud.network.vpc.NetworkACLItem;
import com.cloud.network.vpc.PrivateGateway;
import com.cloud.network.vpc.StaticRoute;
import com.cloud.network.vpc.Vpc;
import com.cloud.network.vpc.VpcOffering;
import org.apache.cloudstack.api.ApiConstants.HostDetails;
import org.apache.cloudstack.api.ApiConstants.VMDetails;
import org.apache.cloudstack.api.command.user.job.QueryAsyncJobResultCmd;
@ -109,6 +116,7 @@ import org.apache.cloudstack.api.response.VpcOfferingResponse;
import org.apache.cloudstack.api.response.VpcResponse;
import org.apache.cloudstack.api.response.VpnUsersResponse;
import org.apache.cloudstack.api.response.ZoneResponse;
import org.apache.cloudstack.api.response.*;
import org.apache.cloudstack.network.lb.ApplicationLoadBalancerRule;
import org.apache.cloudstack.region.Region;
import org.apache.cloudstack.usage.Usage;
@ -154,10 +162,6 @@ import com.cloud.network.rules.StaticNatRule;
import com.cloud.network.rules.StickinessPolicy;
import com.cloud.network.security.SecurityGroup;
import com.cloud.network.security.SecurityRule;
import com.cloud.network.vpc.PrivateGateway;
import com.cloud.network.vpc.StaticRoute;
import com.cloud.network.vpc.Vpc;
import com.cloud.network.vpc.VpcOffering;
import com.cloud.offering.DiskOffering;
import com.cloud.offering.NetworkOffering;
import com.cloud.offering.ServiceOffering;
@ -381,11 +385,17 @@ public interface ResponseGenerator {
*/
VpcResponse createVpcResponse(Vpc vpc);
/**
* @param networkACLItem
* @return
*/
NetworkACLItemResponse createNetworkACLItemResponse(NetworkACLItem networkACLItem);
/**
* @param networkACL
* @return
*/
NetworkACLResponse createNetworkACLResponse(FirewallRule networkACL);
NetworkACLResponse createNetworkACLResponse(NetworkACL networkACL);
/**
* @param result

9
api/src/org/apache/cloudstack/api/command/admin/offering/CreateDiskOfferingCmd.java
View File

@ -62,7 +62,10 @@ public class CreateDiskOfferingCmd extends BaseCmd {
@Parameter(name=ApiConstants.STORAGE_TYPE, type=CommandType.STRING, description="the storage type of the disk offering. Values are local and shared.")
private String storageType = ServiceOffering.StorageType.shared.toString();
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.DISPLAY_OFFERING, type=CommandType.BOOLEAN, description="an optional field, whether to display the offering to the end user or not.")
private Boolean displayOffering;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
@ -94,6 +97,10 @@ public class CreateDiskOfferingCmd extends BaseCmd {
return storageType;
}
public Boolean getDisplayOffering() {
return displayOffering;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////

15
api/src/org/apache/cloudstack/api/command/admin/vpc/CreatePrivateGatewayCmd.java
View File

@ -23,6 +23,7 @@ import org.apache.cloudstack.api.BaseAsyncCmd;
import org.apache.cloudstack.api.BaseAsyncCreateCmd;
import org.apache.cloudstack.api.Parameter;
import org.apache.cloudstack.api.ServerApiException;
import org.apache.cloudstack.api.response.NetworkACLResponse;
import org.apache.cloudstack.api.response.PhysicalNetworkResponse;
import org.apache.cloudstack.api.response.PrivateGatewayResponse;
import org.apache.cloudstack.api.response.VpcResponse;
@ -74,6 +75,11 @@ public class CreatePrivateGatewayCmd extends BaseAsyncCreateCmd {
" 'false': sourcenat is not supported")
private Boolean isSourceNat;
@Parameter(name=ApiConstants.ACL_ID, type=CommandType.UUID, entityType = NetworkACLResponse.class,
required=false, description="the ID of the network ACL")
private Long aclId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
@ -106,9 +112,14 @@ public class CreatePrivateGatewayCmd extends BaseAsyncCreateCmd {
if (isSourceNat == null) {
return false;
}
return true;
return isSourceNat;
}
public Long getAclId() {
return aclId;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@ -123,7 +134,7 @@ public class CreatePrivateGatewayCmd extends BaseAsyncCreateCmd {
PrivateGateway result = null;
try {
result = _vpcService.createVpcPrivateGateway(getVpcId(), getPhysicalNetworkId(),
getVlan(), getStartIp(), getGateway(), getNetmask(), getEntityOwnerId(), getIsSourceNat());
getVlan(), getStartIp(), getGateway(), getNetmask(), getEntityOwnerId(), getIsSourceNat(), getAclId());
} catch (InsufficientCapacityException ex){
s_logger.info(ex);
s_logger.trace(ex);

1
api/src/org/apache/cloudstack/api/command/user/event/DeleteEventsCmd.java
View File

@ -25,7 +25,6 @@ import org.apache.cloudstack.api.ApiErrorCode;
import org.apache.cloudstack.api.BaseCmd;
import org.apache.cloudstack.api.Parameter;
import org.apache.cloudstack.api.ServerApiException;
import org.apache.cloudstack.api.response.AlertResponse;
import org.apache.cloudstack.api.response.EventResponse;
import org.apache.cloudstack.api.response.SuccessResponse;
import org.apache.log4j.Logger;

222
api/src/org/apache/cloudstack/api/command/user/network/CreateNetworkACLCmd.java
View File

@ -19,6 +19,8 @@ package org.apache.cloudstack.api.command.user.network;
import java.util.ArrayList;
import java.util.List;
import com.cloud.network.vpc.NetworkACL;
import com.cloud.network.vpc.NetworkACLItem;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.ApiErrorCode;
@ -26,6 +28,7 @@ import org.apache.cloudstack.api.BaseAsyncCmd;
import org.apache.cloudstack.api.BaseAsyncCreateCmd;
import org.apache.cloudstack.api.Parameter;
import org.apache.cloudstack.api.ServerApiException;
import org.apache.cloudstack.api.response.NetworkACLItemResponse;
import org.apache.cloudstack.api.response.NetworkACLResponse;
import org.apache.cloudstack.api.response.NetworkResponse;
import org.apache.log4j.Logger;
@ -36,15 +39,14 @@ import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.NetworkRuleConflictException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.Network;
import com.cloud.network.rules.FirewallRule;
import com.cloud.network.vpc.Vpc;
import com.cloud.user.Account;
import com.cloud.user.UserContext;
import com.cloud.utils.net.NetUtils;
@APICommand(name = "createNetworkACL", description = "Creates a ACL rule the given network (the network has to belong to VPC)",
responseObject = NetworkACLResponse.class)
public class CreateNetworkACLCmd extends BaseAsyncCreateCmd implements FirewallRule {
@APICommand(name = "createNetworkACL", description = "Creates a ACL rule in the given network (the network has to belong to VPC)",
responseObject = NetworkACLItemResponse.class)
public class CreateNetworkACLCmd extends BaseAsyncCreateCmd {
public static final Logger s_logger = Logger.getLogger(CreateNetworkACLCmd.class.getName());
private static final String s_name = "createnetworkaclresponse";
@ -54,7 +56,7 @@ public class CreateNetworkACLCmd extends BaseAsyncCreateCmd implements FirewallR
// ///////////////////////////////////////////////////
@Parameter(name = ApiConstants.PROTOCOL, type = CommandType.STRING, required = true, description =
"the protocol for the ACL rule. Valid values are TCP/UDP/ICMP.")
"the protocol for the ACL rule. Valid values are TCP/UDP/ICMP/ALL or valid protocol number")
private String protocol;
@Parameter(name = ApiConstants.START_PORT, type = CommandType.INTEGER, description = "the starting port of ACL")
@ -74,23 +76,27 @@ public class CreateNetworkACLCmd extends BaseAsyncCreateCmd implements FirewallR
private Integer icmpCode;
@Parameter(name=ApiConstants.NETWORK_ID, type=CommandType.UUID, entityType = NetworkResponse.class,
required=true,
description="The network of the vm the ACL will be created for")
private Long networkId;
@Parameter(name=ApiConstants.ACL_ID, type=CommandType.UUID, entityType = NetworkACLResponse.class,
description="The network of the vm the ACL will be created for")
private Long aclId;
@Parameter(name=ApiConstants.TRAFFIC_TYPE, type=CommandType.STRING, description="the traffic type for the ACL," +
"can be Ingress or Egress, defaulted to Ingress if not specified")
private String trafficType;
@Parameter(name=ApiConstants.NUMBER, type=CommandType.INTEGER, description="The network of the vm the ACL will be created for")
private Integer number;
@Parameter(name=ApiConstants.ACTION, type=CommandType.STRING, description="scl entry action, allow or deny")
private String action;
// ///////////////////////////////////////////////////
// ///////////////// Accessors ///////////////////////
// ///////////////////////////////////////////////////
public Long getIpAddressId() {
return null;
}
@Override
public String getProtocol() {
return protocol.trim();
}
@ -105,26 +111,11 @@ public class CreateNetworkACLCmd extends BaseAsyncCreateCmd implements FirewallR
}
}
public long getVpcId() {
Network network = _networkService.getNetwork(getNetworkId());
if (network == null) {
throw new InvalidParameterValueException("Invalid networkId is given");
}
Long vpcId = network.getVpcId();
if (vpcId == null) {
throw new InvalidParameterValueException("Can create network ACL only for the network belonging to the VPC");
}
return vpcId;
}
@Override
public FirewallRule.TrafficType getTrafficType() {
public NetworkACLItem.TrafficType getTrafficType() {
if (trafficType == null) {
return FirewallRule.TrafficType.Ingress;
return NetworkACLItem.TrafficType.Ingress;
}
for (FirewallRule.TrafficType type : FirewallRule.TrafficType.values()) {
for (NetworkACLItem.TrafficType type : NetworkACLItem.TrafficType.values()) {
if (type.toString().equalsIgnoreCase(trafficType)) {
return type;
}
@ -141,192 +132,103 @@ public class CreateNetworkACLCmd extends BaseAsyncCreateCmd implements FirewallR
return s_name;
}
public void setSourceCidrList(List<String> cidrs){
cidrlist = cidrs;
public String getAction() {
return action;
}
@Override
public void execute() throws ResourceUnavailableException {
UserContext callerContext = UserContext.current();
boolean success = false;
FirewallRule rule = _networkACLService.getNetworkACL(getEntityId());
try {
UserContext.current().setEventDetails("Rule Id: " + getEntityId());
success = _networkACLService.applyNetworkACLs(rule.getNetworkId(), callerContext.getCaller());
// State is different after the rule is applied, so get new object here
NetworkACLResponse aclResponse = new NetworkACLResponse();
if (rule != null) {
aclResponse = _responseGenerator.createNetworkACLResponse(rule);
setResponseObject(aclResponse);
}
aclResponse.setResponseName(getCommandName());
} finally {
if (!success || rule == null) {
_networkACLService.revokeNetworkACL(getEntityId(), true);
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create network ACL");
}
}
public Integer getNumber() {
return number;
}
@Override
public long getId() {
throw new UnsupportedOperationException("database id can only provided by VO objects");
}
@Override
public String getXid() {
// FIXME: We should allow for end user to specify Xid.
return null;
}
@Override
public String getUuid() {
// TODO Auto-generated method stub
return null;
}
@Override
public Long getSourceIpAddressId() {
return null;
}
@Override
public Integer getSourcePortStart() {
if (publicStartPort != null) {
return publicStartPort.intValue();
}
return null;
return publicStartPort;
}
@Override
public Integer getSourcePortEnd() {
if (publicEndPort == null) {
if (publicStartPort != null) {
return publicStartPort.intValue();
return publicStartPort;
}
} else {
return publicEndPort.intValue();
return publicEndPort;
}
return null;
}
@Override
public Purpose getPurpose() {
return Purpose.Firewall;
}
@Override
public State getState() {
throw new UnsupportedOperationException("Should never call me to find the state");
}
@Override
public long getNetworkId() {
public Long getNetworkId() {
return networkId;
}
@Override
public long getEntityOwnerId() {
Vpc vpc = _vpcService.getVpc(getVpcId());
if (vpc == null) {
throw new InvalidParameterValueException("Invalid vpcId is given");
}
Account account = _accountService.getAccount(vpc.getAccountId());
return account.getId();
}
@Override
public long getDomainId() {
Vpc vpc = _vpcService.getVpc(getVpcId());
return vpc.getDomainId();
}
@Override
public void create() {
if (getSourceCidrList() != null) {
for (String cidr: getSourceCidrList()){
if (!NetUtils.isValidCIDR(cidr)){
throw new ServerApiException(ApiErrorCode.PARAM_ERROR, "Source cidrs formatting error " + cidr);
}
}
}
try {
FirewallRule result = _networkACLService.createNetworkACL(this);
setEntityId(result.getId());
setEntityUuid(result.getUuid());
} catch (NetworkRuleConflictException ex) {
s_logger.info("Network rule conflict: " + ex.getMessage());
s_logger.trace("Network Rule Conflict: ", ex);
throw new ServerApiException(ApiErrorCode.NETWORK_RULE_CONFLICT_ERROR, ex.getMessage());
}
Account caller = UserContext.current().getCaller();
return caller.getAccountId();
}
@Override
public String getEventType() {
return EventTypes.EVENT_FIREWALL_OPEN;
return EventTypes.EVENT_NETWORK_ACL_ITEM_CREATE;
}
@Override
public String getEventDescription() {
Network network = _networkService.getNetwork(networkId);
return ("Createing Network ACL for Netowrk: " + network + " for protocol:" + this.getProtocol());
return "Creating Network ACL Item";
}
@Override
public long getAccountId() {
Vpc vpc = _vpcService.getVpc(getVpcId());
return vpc.getAccountId();
}
@Override
public String getSyncObjType() {
return BaseAsyncCmd.networkSyncObject;
}
@Override
public Long getSyncObjId() {
return getNetworkId();
}
@Override
public Integer getIcmpCode() {
if (icmpCode != null) {
return icmpCode;
} else if (protocol.equalsIgnoreCase(NetUtils.ICMP_PROTO)) {
} else if (getProtocol().equalsIgnoreCase(NetUtils.ICMP_PROTO)) {
return -1;
}
return null;
}
@Override
public Integer getIcmpType() {
if (icmpType != null) {
return icmpType;
} else if (protocol.equalsIgnoreCase(NetUtils.ICMP_PROTO)) {
} else if (getProtocol().equalsIgnoreCase(NetUtils.ICMP_PROTO)) {
return -1;
}
return null;
}
@Override
public Long getRelated() {
return null;
public Long getACLId() {
return aclId;
}
@Override
public FirewallRuleType getType() {
return FirewallRuleType.User;
public void create() {
NetworkACLItem result = _networkACLService.createNetworkACLItem(this);
setEntityId(result.getId());
setEntityUuid(result.getUuid());
}
@Override
public AsyncJob.Type getInstanceType() {
return AsyncJob.Type.FirewallRule;
public void execute() throws ResourceUnavailableException {
boolean success = false;
NetworkACLItem rule = _networkACLService.getNetworkACLItem(getEntityId());
try {
UserContext.current().setEventDetails("Rule Id: " + getEntityId());
success = _networkACLService.applyNetworkACL(rule.getAclId());
// State is different after the rule is applied, so get new object here
rule = _networkACLService.getNetworkACLItem(getEntityId());
NetworkACLItemResponse aclResponse = new NetworkACLItemResponse();
if (rule != null) {
aclResponse = _responseGenerator.createNetworkACLItemResponse(rule);
setResponseObject(aclResponse);
}
aclResponse.setResponseName(getCommandName());
} finally {
if (!success || rule == null) {
_networkACLService.revokeNetworkACLItem(getEntityId());
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create network ACL Item");
}
}
}
}

120
api/src/org/apache/cloudstack/api/command/user/network/CreateNetworkACLListCmd.java Normal file
View File

@ -0,0 +1,120 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.cloudstack.api.command.user.network;
import com.cloud.event.EventTypes;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.vpc.NetworkACL;
import com.cloud.network.vpc.Vpc;
import com.cloud.user.Account;
import com.cloud.user.UserContext;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.ApiErrorCode;
import org.apache.cloudstack.api.BaseAsyncCreateCmd;
import org.apache.cloudstack.api.Parameter;
import org.apache.cloudstack.api.ServerApiException;
import org.apache.cloudstack.api.response.NetworkACLResponse;
import org.apache.cloudstack.api.response.VpcResponse;
import org.apache.log4j.Logger;
@APICommand(name = "createNetworkACLList", description = "Creates a Network ACL for the given VPC",
responseObject = NetworkACLResponse.class)
public class CreateNetworkACLListCmd extends BaseAsyncCreateCmd {
public static final Logger s_logger = Logger.getLogger(CreateNetworkACLListCmd.class.getName());
private static final String s_name = "createnetworkacllistresponse";
// ///////////////////////////////////////////////////
// ////////////// API parameters /////////////////////
// ///////////////////////////////////////////////////
@Parameter(name = ApiConstants.NAME, type = CommandType.STRING, required = true, description = "Name of the network ACL List")
private String name;
@Parameter(name = ApiConstants.DESCRIPTION, type = CommandType.STRING, description = "Description of the network ACL List")
private String description;
@Parameter(name = ApiConstants.VPC_ID, type = CommandType.UUID, required = true, entityType = VpcResponse.class, description = "Id of the VPC associated with this network ACL List")
private Long vpcId;
// ///////////////////////////////////////////////////
// ///////////////// Accessors ///////////////////////
// ///////////////////////////////////////////////////
public String getName() {
return name;
}
public String getDescription() {
return description;
}
public Long getVpcId() {
return vpcId;
}
// ///////////////////////////////////////////////////
// ///////////// API Implementation///////////////////
// ///////////////////////////////////////////////////
@Override
public String getCommandName() {
return s_name;
}
@Override
public void create() {
NetworkACL result = _networkACLService.createNetworkACL(getName(), getDescription(), getVpcId());
setEntityId(result.getId());
setEntityUuid(result.getUuid());
}
@Override
public void execute() throws ResourceUnavailableException {
NetworkACL acl = _networkACLService.getNetworkACL(getEntityId());
if(acl != null){
NetworkACLResponse aclResponse = _responseGenerator.createNetworkACLResponse(acl);
setResponseObject(aclResponse);
aclResponse.setResponseName(getCommandName());
} else {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to create network ACL");
}
}
@Override
public long getEntityOwnerId() {
Vpc vpc = _vpcService.getVpc(getVpcId());
if (vpc == null) {
throw new InvalidParameterValueException("Invalid vpcId is given");
}
Account account = _accountService.getAccount(vpc.getAccountId());
return account.getId();
}
@Override
public String getEventType() {
return EventTypes.EVENT_NETWORK_ACL_CREATE;
}
@Override
public String getEventDescription() {
return "Creating Network ACL with id: "+getEntityUuid();
}
}

22
api/src/org/apache/cloudstack/api/command/user/network/CreateNetworkCmd.java
View File

@ -22,13 +22,7 @@ import org.apache.cloudstack.api.ApiErrorCode;
import org.apache.cloudstack.api.BaseCmd;
import org.apache.cloudstack.api.Parameter;
import org.apache.cloudstack.api.ServerApiException;
import org.apache.cloudstack.api.response.DomainResponse;
import org.apache.cloudstack.api.response.NetworkOfferingResponse;
import org.apache.cloudstack.api.response.NetworkResponse;
import org.apache.cloudstack.api.response.PhysicalNetworkResponse;
import org.apache.cloudstack.api.response.ProjectResponse;
import org.apache.cloudstack.api.response.VpcResponse;
import org.apache.cloudstack.api.response.ZoneResponse;
import org.apache.cloudstack.api.response.*;
import org.apache.log4j.Logger;
import com.cloud.exception.ConcurrentOperationException;
@ -126,6 +120,12 @@ public class CreateNetworkCmd extends BaseCmd {
@Parameter(name=ApiConstants.IP6_CIDR, type=CommandType.STRING, description="the CIDR of IPv6 network, must be at least /64")
private String ip6Cidr;
@Parameter(name=ApiConstants.DISPLAY_NETWORK, type=CommandType.BOOLEAN, description="an optional field, whether to the display the network to the end user or not.")
private Boolean displayNetwork;
@Parameter(name=ApiConstants.ACL_ID, type=CommandType.UUID, entityType = NetworkACLResponse.class,
description="Network ACL Id associated for the network")
private Long aclId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
@ -189,6 +189,10 @@ public class CreateNetworkCmd extends BaseCmd {
return vpcId;
}
public Boolean getDisplayNetwork() {
return displayNetwork;
}
public Long getZoneId() {
Long physicalNetworkId = getPhysicalNetworkId();
@ -247,6 +251,10 @@ public class CreateNetworkCmd extends BaseCmd {
return ip6Cidr.toLowerCase();
}
public Long getAclId() {
return aclId;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////

43
api/src/org/apache/cloudstack/api/command/user/network/DeleteNetworkACLCmd.java
View File

@ -16,6 +16,8 @@
// under the License.
package org.apache.cloudstack.api.command.user.network;
import com.cloud.network.vpc.NetworkACLItem;
import com.cloud.user.Account;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.ApiErrorCode;
@ -24,6 +26,7 @@ import org.apache.cloudstack.api.Parameter;
import org.apache.cloudstack.api.ServerApiException;
import org.apache.cloudstack.api.response.AccountResponse;
import org.apache.cloudstack.api.response.FirewallRuleResponse;
import org.apache.cloudstack.api.response.NetworkACLItemResponse;
import org.apache.cloudstack.api.response.SuccessResponse;
import org.apache.log4j.Logger;
@ -43,14 +46,10 @@ public class DeleteNetworkACLCmd extends BaseAsyncCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.ID, type=CommandType.UUID, entityType = FirewallRuleResponse.class,
@Parameter(name=ApiConstants.ID, type=CommandType.UUID, entityType = NetworkACLItemResponse.class,
required=true, description="the ID of the network ACL")
private Long id;
// unexposed parameter needed for events logging
@Parameter(name=ApiConstants.ACCOUNT_ID, type=CommandType.UUID, entityType = AccountResponse.class,
expose=false)
private Long ownerId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
@ -69,7 +68,7 @@ public class DeleteNetworkACLCmd extends BaseAsyncCmd {
@Override
public String getEventType() {
return EventTypes.EVENT_FIREWALL_CLOSE;
return EventTypes.EVENT_NETWORK_ACL_ITEM_DELETE;
}
@Override
@ -79,44 +78,22 @@ public class DeleteNetworkACLCmd extends BaseAsyncCmd {
@Override
public long getEntityOwnerId() {
if (ownerId == null) {
FirewallRule rule = _networkACLService.getNetworkACL(id);
if (rule == null) {
throw new InvalidParameterValueException("Unable to find network ACL by id=" + id);
} else {
ownerId = rule.getAccountId();
}
}
return ownerId;
Account caller = UserContext.current().getCaller();
return caller.getAccountId();
}
@Override
public void execute() throws ResourceUnavailableException {
UserContext.current().setEventDetails("Network ACL Id: " + id);
boolean result = _networkACLService.revokeNetworkACL(id, true);
UserContext.current().setEventDetails("Network ACL Item Id: " + id);
boolean result = _networkACLService.revokeNetworkACLItem(id);
if (result) {
SuccessResponse response = new SuccessResponse(getCommandName());
this.setResponseObject(response);
} else {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to delete network ACL");
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to delete network ACL Item");
}
}
@Override
public String getSyncObjType() {
return BaseAsyncCmd.networkSyncObject;
}
@Override
public Long getSyncObjId() {
return _firewallService.getFirewallRule(id).getNetworkId();
}
@Override
public AsyncJob.Type getInstanceType() {
return AsyncJob.Type.FirewallRule;
}
}

93
api/src/org/apache/cloudstack/api/command/user/network/DeleteNetworkACLListCmd.java Normal file
View File

@ -0,0 +1,93 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.cloudstack.api.command.user.network;
import com.cloud.async.AsyncJob;
import com.cloud.event.EventTypes;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.rules.FirewallRule;
import com.cloud.network.vpc.NetworkACL;
import com.cloud.network.vpc.Vpc;
import com.cloud.user.Account;
import com.cloud.user.UserContext;
import org.apache.cloudstack.api.*;
import org.apache.cloudstack.api.response.AccountResponse;
import org.apache.cloudstack.api.response.FirewallRuleResponse;
import org.apache.cloudstack.api.response.NetworkACLResponse;
import org.apache.cloudstack.api.response.SuccessResponse;
import org.apache.log4j.Logger;
@APICommand(name = "deleteNetworkACLList", description="Deletes a Network ACL", responseObject=SuccessResponse.class)
public class DeleteNetworkACLListCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(DeleteNetworkACLListCmd.class.getName());
private static final String s_name = "deletenetworkacllistresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.ID, type=CommandType.UUID, entityType = NetworkACLResponse.class,
required=true, description="the ID of the network ACL")
private Long id;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public long getId() {
return id;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@Override
public String getCommandName() {
return s_name;
}
@Override
public String getEventType() {
return EventTypes.EVENT_NETWORK_ACL_DELETE;
}
@Override
public String getEventDescription() {
return ("Deleting Network ACL id=" + id);
}
@Override
public long getEntityOwnerId() {
Account caller = UserContext.current().getCaller();
return caller.getAccountId();
}
@Override
public void execute() throws ResourceUnavailableException {
UserContext.current().setEventDetails("Network ACL Id: " + id);
boolean result = _networkACLService.deleteNetworkACL(id);
if (result) {
SuccessResponse response = new SuccessResponse(getCommandName());
this.setResponseObject(response);
} else {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to delete network ACL");
}
}
}

102
api/src/org/apache/cloudstack/api/command/user/network/ListNetworkACLListsCmd.java Normal file
View File

@ -0,0 +1,102 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.cloudstack.api.command.user.network;
import com.cloud.network.vpc.NetworkACL;
import com.cloud.utils.Pair;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.BaseListCmd;
import org.apache.cloudstack.api.Parameter;
import org.apache.cloudstack.api.response.ListResponse;
import org.apache.cloudstack.api.response.NetworkACLResponse;
import org.apache.cloudstack.api.response.NetworkResponse;
import org.apache.cloudstack.api.response.VpcResponse;
import org.apache.log4j.Logger;
import java.util.ArrayList;
import java.util.List;
@APICommand(name = "listNetworkACLLists", description="Lists all network ACLs", responseObject=NetworkACLResponse.class)
public class ListNetworkACLListsCmd extends BaseListCmd {
public static final Logger s_logger = Logger.getLogger(ListNetworkACLListsCmd.class.getName());
private static final String s_name = "listnetworkacllistsresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.ID, type=CommandType.UUID, entityType = NetworkACLResponse.class,
description="Lists network ACL with the specified ID.")
private Long id;
@Parameter(name=ApiConstants.NETWORK_ID, type=CommandType.UUID, entityType = NetworkResponse.class,
description="list network ACLs by network Id")
private Long networkId;
@Parameter(name=ApiConstants.VPC_ID, type=CommandType.UUID, entityType = VpcResponse.class,
description="list network ACLs by Vpc Id")
private Long vpcId;
@Parameter(name=ApiConstants.NAME, type=CommandType.STRING, description="list network ACLs by specified name")
private String name;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public Long getNetworkId() {
return networkId;
}
public Long getId() {
return id;
}
public Long getVpcId() {
return vpcId;
}
public String getName(){
return name;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@Override
public String getCommandName() {
return s_name;
}
@Override
public void execute(){
Pair<List<? extends NetworkACL>,Integer> result = _networkACLService.listNetworkACLs(getId(), getName(), getNetworkId(), getVpcId());
ListResponse<NetworkACLResponse> response = new ListResponse<NetworkACLResponse>();
List<NetworkACLResponse> aclResponses = new ArrayList<NetworkACLResponse>();
for (NetworkACL acl : result.first()) {
NetworkACLResponse aclResponse = _responseGenerator.createNetworkACLResponse(acl);
aclResponses.add(aclResponse);
}
response.setResponses(aclResponses, result.second());
response.setResponseName(getCommandName());
this.setResponseObject(response);
}
}

46
api/src/org/apache/cloudstack/api/command/user/network/ListNetworkACLsCmd.java
View File

@ -19,20 +19,18 @@ package org.apache.cloudstack.api.command.user.network;
import java.util.ArrayList;
import java.util.List;
import com.cloud.network.vpc.NetworkACLItem;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.BaseListTaggedResourcesCmd;
import org.apache.cloudstack.api.Parameter;
import org.apache.cloudstack.api.response.FirewallRuleResponse;
import org.apache.cloudstack.api.response.ListResponse;
import org.apache.cloudstack.api.response.NetworkACLResponse;
import org.apache.cloudstack.api.response.NetworkResponse;
import org.apache.cloudstack.api.response.*;
import org.apache.log4j.Logger;
import com.cloud.network.rules.FirewallRule;
import com.cloud.utils.Pair;
@APICommand(name = "listNetworkACLs", description="Lists all network ACLs", responseObject=NetworkACLResponse.class)
@APICommand(name = "listNetworkACLs", description="Lists all network ACL items", responseObject=NetworkACLItemResponse.class)
public class ListNetworkACLsCmd extends BaseListTaggedResourcesCmd {
public static final Logger s_logger = Logger.getLogger(ListNetworkACLsCmd.class.getName());
@ -42,16 +40,26 @@ public class ListNetworkACLsCmd extends BaseListTaggedResourcesCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.ID, type=CommandType.UUID, entityType = FirewallRuleResponse.class,
description="Lists network ACL with the specified ID.")
description="Lists network ACL Item with the specified ID")
private Long id;
@Parameter(name=ApiConstants.NETWORK_ID, type=CommandType.UUID, entityType = NetworkResponse.class,
description="list network ACLs by network Id")
description="list network ACL Items by network Id")
private Long networkId;
@Parameter(name=ApiConstants.TRAFFIC_TYPE, type=CommandType.STRING, description="list network ACLs by traffic type - Ingress or Egress")
@Parameter(name=ApiConstants.TRAFFIC_TYPE, type=CommandType.STRING, description="list network ACL Items by traffic type - Ingress or Egress")
private String trafficType;
@Parameter(name=ApiConstants.ACL_ID, type=CommandType.UUID, entityType = NetworkACLResponse.class,
description="list network ACL Items by ACL Id")
private Long aclId;
@Parameter(name=ApiConstants.PROTOCOL, type=CommandType.STRING, description="list network ACL Items by Protocol")
private String protocol;
@Parameter(name=ApiConstants.ACTION, type=CommandType.STRING, description="list network ACL Items by Action")
private String action;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
@ -68,6 +76,18 @@ public class ListNetworkACLsCmd extends BaseListTaggedResourcesCmd {
return trafficType;
}
public Long getAclId(){
return aclId;
}
public String getProtocol() {
return protocol;
}
public String getAction() {
return action;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@ -79,12 +99,12 @@ public class ListNetworkACLsCmd extends BaseListTaggedResourcesCmd {
@Override
public void execute(){
Pair<List<? extends FirewallRule>,Integer> result = _networkACLService.listNetworkACLs(this);
ListResponse<NetworkACLResponse> response = new ListResponse<NetworkACLResponse>();
List<NetworkACLResponse> aclResponses = new ArrayList<NetworkACLResponse>();
Pair<List<? extends NetworkACLItem>,Integer> result = _networkACLService.listNetworkACLItems(this);
ListResponse<NetworkACLItemResponse> response = new ListResponse<NetworkACLItemResponse>();
List<NetworkACLItemResponse> aclResponses = new ArrayList<NetworkACLItemResponse>();
for (FirewallRule acl : result.first()) {
NetworkACLResponse ruleData = _responseGenerator.createNetworkACLResponse(acl);
for (NetworkACLItem acl : result.first()) {
NetworkACLItemResponse ruleData = _responseGenerator.createNetworkACLItemResponse(acl);
aclResponses.add(ruleData);
}
response.setResponses(aclResponses, result.second());

120
api/src/org/apache/cloudstack/api/command/user/network/ReplaceNetworkACLListCmd.java Normal file
View File

@ -0,0 +1,120 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.cloudstack.api.command.user.network;
import com.cloud.event.EventTypes;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.vpc.NetworkACL;
import com.cloud.network.vpc.Vpc;
import com.cloud.user.Account;
import com.cloud.user.UserContext;
import org.apache.cloudstack.api.*;
import org.apache.cloudstack.api.response.NetworkACLResponse;
import org.apache.cloudstack.api.response.NetworkResponse;
import org.apache.cloudstack.api.response.PrivateGatewayResponse;
import org.apache.cloudstack.api.response.SuccessResponse;
import org.apache.log4j.Logger;
@APICommand(name = "replaceNetworkACLList", description="Replaces ACL associated with a Network or private gateway", responseObject=SuccessResponse.class)
public class ReplaceNetworkACLListCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(ReplaceNetworkACLListCmd.class.getName());
private static final String s_name = "replacenetworkacllistresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.ACL_ID, type=CommandType.UUID, entityType = NetworkACLResponse.class,
required=true, description="the ID of the network ACL")
private long aclId;
@Parameter(name=ApiConstants.NETWORK_ID, type=CommandType.UUID, entityType = NetworkResponse.class,
description="the ID of the network")
private Long networkId;
@Parameter(name=ApiConstants.GATEWAY_ID, type=CommandType.UUID, entityType = PrivateGatewayResponse.class,
description="the ID of the private gateway")
private Long privateGatewayId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public long getAclId() {
return aclId;
}
public Long getNetworkId(){
return networkId;
}
public Long getPrivateGatewayId() {
return privateGatewayId;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@Override
public String getCommandName() {
return s_name;
}
@Override
public String getEventType() {
return EventTypes.EVENT_NETWORK_ACL_REPLACE;
}
@Override
public String getEventDescription() {
return ("Associating Network ACL id=" + aclId+ " with Network id="+ networkId);
}
@Override
public long getEntityOwnerId() {
Account caller = UserContext.current().getCaller();
return caller.getAccountId();
}
@Override
public void execute() throws ResourceUnavailableException {
if (getNetworkId() == null && getPrivateGatewayId() == null) {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Network id and private gateway can't be null at the same time");
}
if (getNetworkId() != null && getPrivateGatewayId() != null) {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Network id and private gateway can't be passed at the same time");
}
UserContext.current().setEventDetails("Network ACL Id: " + aclId);
boolean result = false;
if (getPrivateGatewayId() != null) {
result = _networkACLService.replaceNetworkACLonPrivateGw(aclId, privateGatewayId);
} else {
result = _networkACLService.replaceNetworkACL(aclId, networkId);
}
if (result) {
SuccessResponse response = new SuccessResponse(getCommandName());
this.setResponseObject(response);
} else {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to replace network ACL");
}
}
}

173
api/src/org/apache/cloudstack/api/command/user/network/UpdateNetworkACLItemCmd.java Normal file
View File

@ -0,0 +1,173 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.cloudstack.api.command.user.network;
import com.cloud.event.EventTypes;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.vpc.NetworkACLItem;
import com.cloud.user.Account;
import com.cloud.user.UserContext;
import com.cloud.utils.net.NetUtils;
import org.apache.cloudstack.api.*;
import org.apache.cloudstack.api.response.NetworkACLItemResponse;
import org.apache.cloudstack.api.response.NetworkACLResponse;
import org.apache.cloudstack.api.response.NetworkResponse;
import org.apache.log4j.Logger;
import java.util.ArrayList;
import java.util.List;
@APICommand(name = "updateNetworkACLItem", description = "Updates ACL Item with specified Id",
responseObject = NetworkACLItemResponse.class)
public class UpdateNetworkACLItemCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(UpdateNetworkACLItemCmd.class.getName());
private static final String s_name = "createnetworkaclresponse";
// ///////////////////////////////////////////////////
// ////////////// API parameters /////////////////////
// ///////////////////////////////////////////////////
@Parameter(name=ApiConstants.ID, type=CommandType.UUID, entityType = NetworkACLItemResponse.class,
required=true, description="the ID of the network ACL Item")
private Long id;
@Parameter(name = ApiConstants.PROTOCOL, type = CommandType.STRING, description =
"the protocol for the ACL rule. Valid values are TCP/UDP/ICMP/ALL or valid protocol number")
private String protocol;
@Parameter(name = ApiConstants.START_PORT, type = CommandType.INTEGER, description = "the starting port of ACL")
private Integer publicStartPort;
@Parameter(name = ApiConstants.END_PORT, type = CommandType.INTEGER, description = "the ending port of ACL")
private Integer publicEndPort;
@Parameter(name = ApiConstants.CIDR_LIST, type = CommandType.LIST, collectionType = CommandType.STRING,
description = "the cidr list to allow traffic from/to")
private List<String> cidrlist;
@Parameter(name = ApiConstants.ICMP_TYPE, type = CommandType.INTEGER, description = "type of the icmp message being sent")
private Integer icmpType;
@Parameter(name = ApiConstants.ICMP_CODE, type = CommandType.INTEGER, description = "error code for this icmp message")
private Integer icmpCode;
@Parameter(name=ApiConstants.TRAFFIC_TYPE, type=CommandType.STRING, description="the traffic type for the ACL," +
"can be Ingress or Egress, defaulted to Ingress if not specified")
private String trafficType;
@Parameter(name=ApiConstants.NUMBER, type=CommandType.INTEGER, description="The network of the vm the ACL will be created for")
private Integer number;
@Parameter(name=ApiConstants.ACTION, type=CommandType.STRING, description="scl entry action, allow or deny")
private String action;
// ///////////////////////////////////////////////////
// ///////////////// Accessors ///////////////////////
// ///////////////////////////////////////////////////
public Long getId() {
return id;
}
public String getProtocol() {
if(protocol != null){
return protocol.trim();
} else
return null;
}
public List<String> getSourceCidrList() {
return cidrlist;
}
public NetworkACLItem.TrafficType getTrafficType() {
if (trafficType != null) {
for (NetworkACLItem.TrafficType type : NetworkACLItem.TrafficType.values()) {
if (type.toString().equalsIgnoreCase(trafficType)) {
return type;
}
}
}
return null;
}
// ///////////////////////////////////////////////////
// ///////////// API Implementation///////////////////
// ///////////////////////////////////////////////////
@Override
public String getCommandName() {
return s_name;
}
public String getAction() {
return action;
}
public Integer getNumber() {
return number;
}
public Integer getSourcePortStart() {
return publicStartPort;
}
public Integer getSourcePortEnd() {
return publicEndPort;
}
@Override
public long getEntityOwnerId() {
Account caller = UserContext.current().getCaller();
return caller.getAccountId();
}
@Override
public String getEventType() {
return EventTypes.EVENT_NETWORK_ACL_ITEM_UPDATE;
}
@Override
public String getEventDescription() {
return "Updating Network ACL Item";
}
public Integer getIcmpCode() {
return icmpCode;
}
public Integer getIcmpType() {
return icmpType;
}
@Override
public void execute() throws ResourceUnavailableException {
UserContext.current().setEventDetails("Rule Id: " + getId());
NetworkACLItem aclItem = _networkACLService.updateNetworkACLItem(getId(), getProtocol(), getSourceCidrList(), getTrafficType(),
getAction(), getNumber(), getSourcePortStart(), getSourcePortEnd(), getIcmpCode(), getIcmpType());
if (aclItem == null) {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to update network ACL Item");
}
NetworkACLItemResponse aclResponse = _responseGenerator.createNetworkACLItemResponse(aclItem);
setResponseObject(aclResponse);
aclResponse.setResponseName(getCommandName());
}
}

9
api/src/org/apache/cloudstack/api/command/user/network/UpdateNetworkCmd.java
View File

@ -67,6 +67,9 @@ public class UpdateNetworkCmd extends BaseAsyncCmd {
@Parameter(name=ApiConstants.GUEST_VM_CIDR, type=CommandType.STRING, description="CIDR for Guest VMs,Cloudstack allocates IPs to Guest VMs only from this CIDR")
private String guestVmCidr;
@Parameter(name=ApiConstants.DISPLAY_NETWORK, type=CommandType.BOOLEAN, description="an optional field, whether to the display the network to the end user or not.")
private Boolean displayNetwork;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
@ -101,6 +104,10 @@ public class UpdateNetworkCmd extends BaseAsyncCmd {
private String getGuestVmCidr() {
return guestVmCidr;
}
public Boolean getDisplayNetwork() {
return displayNetwork;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@ -130,7 +137,7 @@ public class UpdateNetworkCmd extends BaseAsyncCmd {
}
Network result = _networkService.updateGuestNetwork(getId(), getNetworkName(), getDisplayText(), callerAccount,
callerUser, getNetworkDomain(), getNetworkOfferingId(), getChangeCidr(), getGuestVmCidr());
callerUser, getNetworkDomain(), getNetworkOfferingId(), getChangeCidr(), getGuestVmCidr(), getDisplayNetwork());
if (result != null) {

14
api/src/org/apache/cloudstack/api/command/user/vm/DeployVMCmd.java
View File

@ -183,6 +183,8 @@ public class DeployVMCmd extends BaseAsyncCreateCmd {
+ "Mutually exclusive with affinitygroupids parameter")
private List<String> affinityGroupNameList;
@Parameter(name=ApiConstants.DISPLAY_VM, type=CommandType.BOOLEAN, since="4.2", description="an optional field, whether to the display the vm to the end user or not.")
private Boolean displayVm;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
@ -219,6 +221,10 @@ public class DeployVMCmd extends BaseAsyncCreateCmd {
return HypervisorType.getType(hypervisor);
}
public Boolean getDisplayVm() {
return displayVm;
}
public List<Long> getSecurityGroupIdList() {
if (securityGroupNameList != null && securityGroupIdList != null) {
throw new InvalidParameterValueException("securitygroupids parameter is mutually exclusive with securitygroupnames parameter");
@ -481,18 +487,20 @@ public class DeployVMCmd extends BaseAsyncCreateCmd {
throw new InvalidParameterValueException("Can't specify network Ids in Basic zone");
} else {
vm = _userVmService.createBasicSecurityGroupVirtualMachine(zone, serviceOffering, template, getSecurityGroupIdList(), owner, name,
displayName, diskOfferingId, size, group, getHypervisor(), this.getHttpMethod(), userData, sshKeyPairName, getIpToNetworkMap(), addrs, keyboard, getAffinityGroupIdList());
displayName, diskOfferingId, size, group, getHypervisor(), this.getHttpMethod(), userData, sshKeyPairName, getIpToNetworkMap(), addrs, displayVm, keyboard, getAffinityGroupIdList());
}
} else {
if (zone.isSecurityGroupEnabled()) {
vm = _userVmService.createAdvancedSecurityGroupVirtualMachine(zone, serviceOffering, template, getNetworkIds(), getSecurityGroupIdList(),
owner, name, displayName, diskOfferingId, size, group, getHypervisor(), this.getHttpMethod(), userData, sshKeyPairName, getIpToNetworkMap(), addrs, keyboard, getAffinityGroupIdList());
owner, name, displayName, diskOfferingId, size, group, getHypervisor(), this.getHttpMethod(), userData, sshKeyPairName, getIpToNetworkMap(), addrs, displayVm, keyboard, getAffinityGroupIdList());
} else {
if (getSecurityGroupIdList() != null && !getSecurityGroupIdList().isEmpty()) {
throw new InvalidParameterValueException("Can't create vm with security groups; security group feature is not enabled per zone");
}
vm = _userVmService.createAdvancedVirtualMachine(zone, serviceOffering, template, getNetworkIds(), owner, name, displayName,
diskOfferingId, size, group, getHypervisor(), this.getHttpMethod(), userData, sshKeyPairName, getIpToNetworkMap(), addrs, keyboard, getAffinityGroupIdList());
diskOfferingId, size, group, getHypervisor(), this.getHttpMethod(), userData, sshKeyPairName, getIpToNetworkMap(), addrs, displayVm, keyboard, getAffinityGroupIdList());
}
}

7
api/src/org/apache/cloudstack/api/command/user/vm/UpdateVMCmd.java
View File

@ -64,6 +64,8 @@ public class UpdateVMCmd extends BaseCmd{
@Parameter(name=ApiConstants.USER_DATA, type=CommandType.STRING, description="an optional binary data that can be sent to the virtual machine upon a successful deployment. This binary data must be base64 encoded before adding it to the request. Using HTTP GET (via querystring), you can send up to 2KB of data after base64 encoding. Using HTTP POST(via POST body), you can send up to 32K of data after base64 encoding.", length=32768)
private String userData;
@Parameter(name=ApiConstants.DISPLAY_VM, type=CommandType.BOOLEAN, description="an optional field, whether to the display the vm to the end user or not.")
private Boolean displayVm;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
@ -89,6 +91,10 @@ public class UpdateVMCmd extends BaseCmd{
return userData;
}
public Boolean getDisplayVm() {
return displayVm;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@ -107,6 +113,7 @@ public class UpdateVMCmd extends BaseCmd{
}
@Override
public long getEntityOwnerId() {
UserVm userVm = _entityMgr.findById(UserVm.class, getId());
if (userVm != null) {

116
api/src/org/apache/cloudstack/api/command/user/volume/AddResourceDetailCmd.java Normal file
View File

@ -0,0 +1,116 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.cloudstack.api.command.user.volume;
import com.cloud.server.ResourceTag;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.ApiErrorCode;
import org.apache.cloudstack.api.BaseAsyncCmd;
import org.apache.cloudstack.api.Parameter;
import org.apache.cloudstack.api.ServerApiException;
import org.apache.cloudstack.api.response.SuccessResponse;
import org.apache.cloudstack.api.response.UserVmResponse;
import org.apache.cloudstack.api.response.VolumeResponse;
import org.apache.log4j.Logger;
import com.cloud.async.AsyncJob;
import com.cloud.event.EventTypes;
import com.cloud.storage.Volume;
import com.cloud.user.Account;
import com.cloud.user.UserContext;
import java.util.*;
@APICommand(name = "addResourceDetail", description="Adds detail for the Resource.", responseObject=SuccessResponse.class)
public class AddResourceDetailCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(AddResourceDetailCmd.class.getName());
private static final String s_name = "addResourceDetailresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name = ApiConstants.DETAILS, type = CommandType.MAP, required=true, description = "Map of (key/value pairs)")
private Map details;
@Parameter(name=ApiConstants.RESOURCE_TYPE, type=CommandType.STRING, required=true, description="type of the resource")
private String resourceType;
@Parameter(name=ApiConstants.RESOURCE_ID, type=CommandType.STRING, required=true,
collectionType=CommandType.STRING, description="resource id to create the details for")
private String resourceId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public Map getDetails() {
Map<String, String> detailsMap = null;
if (!details.isEmpty()) {
detailsMap = new HashMap<String, String>();
Collection<?> servicesCollection = details.values();
Iterator<?> iter = servicesCollection.iterator();
while (iter.hasNext()) {
HashMap<String, String> services = (HashMap<String, String>) iter.next();
String key = services.get("key");
String value = services.get("value");
detailsMap.put(key, value);
}
}
return detailsMap;
}
public ResourceTag.TaggedResourceType getResourceType() {
return _taggedResourceService.getResourceType(resourceType);
}
public String getResourceId() {
return resourceId;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@Override
public String getCommandName() {
return s_name;
}
@Override
public long getEntityOwnerId() {
//FIXME - validate the owner here
return 1;
}
@Override
public String getEventType() {
return EventTypes.EVENT_RESOURCE_DETAILS_CREATE;
}
@Override
public String getEventDescription() {
return "adding details to the resource ";
}
@Override
public void execute(){
_resourceMetaDataService.addResourceMetaData(getResourceId(), getResourceType(), getDetails());
this.setResponseObject(new SuccessResponse(getCommandName()));
}
}

8
api/src/org/apache/cloudstack/api/command/user/volume/CreateVolumeCmd.java
View File

@ -76,8 +76,10 @@ public class CreateVolumeCmd extends BaseAsyncCreateCmd {
description="the ID of the availability zone")
private Long zoneId;
@Parameter(name=ApiConstants.DISPLAY_VOLUME, type=CommandType.BOOLEAN, description="an optional field, whether to display the volume to the end user or not.")
private Boolean displayVolume;
/////////////////////////////////////////////////////
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
@ -114,6 +116,10 @@ public class CreateVolumeCmd extends BaseAsyncCreateCmd {
return projectId;
}
public Boolean getDisplayVolume() {
return displayVolume;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////

75
api/src/org/apache/cloudstack/api/command/user/volume/ListResourceDetailsCmd.java Normal file
View File

@ -0,0 +1,75 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.cloudstack.api.command.user.volume;
import com.cloud.server.ResourceTag;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.BaseListProjectAndAccountResourcesCmd;
import org.apache.cloudstack.api.Parameter;
import org.apache.cloudstack.api.response.ListResponse;
import org.apache.cloudstack.api.response.ResourceDetailResponse;
import org.apache.cloudstack.api.response.ResourceTagResponse;
import java.util.List;
@APICommand(name = "listResourceDetails", description = "List resource detail(s)", responseObject = ResourceTagResponse.class, since = "4.2")
public class ListResourceDetailsCmd extends BaseListProjectAndAccountResourcesCmd{
private static final String s_name = "listresourcedetailsresponse";
@Parameter(name=ApiConstants.RESOURCE_TYPE, type=CommandType.STRING, description="list by resource type")
private String resourceType;
@Parameter(name=ApiConstants.RESOURCE_ID, type=CommandType.STRING, description="list by resource id")
private String resourceId;
@Parameter(name=ApiConstants.KEY, type=CommandType.STRING, description="list by key")
private String key;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
@Override
public void execute() {
ListResponse<ResourceDetailResponse> response = new ListResponse<ResourceDetailResponse>();
List<ResourceDetailResponse> resourceDetailResponse = _queryService.listResource(this);
response.setResponses(resourceDetailResponse);
response.setResponseName(getCommandName());
this.setResponseObject(response);
}
public ResourceTag.TaggedResourceType getResourceType() {
return _taggedResourceService.getResourceType(resourceType);
}
public String getResourceId() {
return resourceId;
}
public String getKey() {
return key;
}
@Override
public String getCommandName() {
return s_name;
}
}

110
api/src/org/apache/cloudstack/api/command/user/volume/RemoveResourceDetailCmd.java Normal file
View File

@ -0,0 +1,110 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for Removeitional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.cloudstack.api.command.user.volume;
import com.cloud.server.ResourceTag;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.ApiErrorCode;
import org.apache.cloudstack.api.BaseAsyncCmd;
import org.apache.cloudstack.api.Parameter;
import org.apache.cloudstack.api.ServerApiException;
import org.apache.cloudstack.api.response.SuccessResponse;
import org.apache.cloudstack.api.response.UserVmResponse;
import org.apache.cloudstack.api.response.VolumeResponse;
import org.apache.log4j.Logger;
import com.cloud.async.AsyncJob;
import com.cloud.event.EventTypes;
import com.cloud.storage.Volume;
import com.cloud.user.Account;
import com.cloud.user.UserContext;
import java.util.*;
@APICommand(name = "removeResourceDetail", description="Removes detail for the Resource.", responseObject=SuccessResponse.class)
public class RemoveResourceDetailCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(RemoveResourceDetailCmd.class.getName());
private static final String s_name = "RemoveResourceDetailresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name = ApiConstants.KEY, type = CommandType.STRING, description = "Delete details matching key/value pairs")
private String key;
@Parameter(name=ApiConstants.RESOURCE_TYPE, type=CommandType.STRING, required=true, description="Delete detail by resource type")
private String resourceType;
@Parameter(name=ApiConstants.RESOURCE_ID, type=CommandType.STRING, required=true,
collectionType=CommandType.STRING, description="Delete details for resource id")
private String resourceId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public ResourceTag.TaggedResourceType getResourceType(){
return _taggedResourceService.getResourceType(resourceType);
}
public String getKey() {
return key;
}
public String getResourceId() {
return resourceId;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@Override
public String getCommandName() {
return s_name;
}
public AsyncJob.Type getInstanceType() {
return AsyncJob.Type.Volume;
}
@Override
public long getEntityOwnerId() {
//FIXME - validate the owner here
return 1;
}
@Override
public String getEventType() {
return EventTypes.EVENT_RESOURCE_DETAILS_DELETE;
}
@Override
public String getEventDescription() {
return "Removing detail to the volume ";
}
@Override
public void execute(){
_resourceMetaDataService.deleteResourceMetaData(getResourceId(), getResourceType(), getKey());
this.setResponseObject(new SuccessResponse(getCommandName()));
}
}

112
api/src/org/apache/cloudstack/api/command/user/volume/UpdateVolumeCmd.java Normal file
View File

@ -0,0 +1,112 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.cloudstack.api.command.user.volume;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.ApiErrorCode;
import org.apache.cloudstack.api.BaseAsyncCmd;
import org.apache.cloudstack.api.Parameter;
import org.apache.cloudstack.api.ServerApiException;
import org.apache.cloudstack.api.response.UserVmResponse;
import org.apache.cloudstack.api.response.VolumeResponse;
import org.apache.log4j.Logger;
import com.cloud.async.AsyncJob;
import com.cloud.event.EventTypes;
import com.cloud.storage.Volume;
import com.cloud.user.Account;
import com.cloud.user.UserContext;
@APICommand(name = "updateVolume", description="Updates the volume.", responseObject=VolumeResponse.class)
public class UpdateVolumeCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(UpdateVolumeCmd.class.getName());
private static final String s_name = "addVolumeresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.ID, type=CommandType.UUID, entityType=VolumeResponse.class,
required=true, description="the ID of the disk volume")
private Long id;
@Parameter(name=ApiConstants.PATH, type=CommandType.STRING,
required=true, description="the path of the volume")
private String path;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public String getPath() {
return path;
}
public Long getId() {
return id;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@Override
public String getCommandName() {
return s_name;
}
public AsyncJob.Type getInstanceType() {
return AsyncJob.Type.Volume;
}
public Long getInstanceId() {
return getId();
}
@Override
public long getEntityOwnerId() {
Volume volume = _responseGenerator.findVolumeById(getId());
if (volume == null) {
return Account.ACCOUNT_ID_SYSTEM; // bad id given, parent this command to SYSTEM so ERROR events are tracked
}
return volume.getAccountId();
}
@Override
public String getEventType() {
return EventTypes.EVENT_VOLUME_ATTACH;
}
@Override
public String getEventDescription() {
return "adding detail to the volume: " + getId();
}
@Override
public void execute(){
UserContext.current().setEventDetails("Volume Id: "+getId());
Volume result = _volumeService.updateVolume(this);
if (result != null) {
VolumeResponse response = _responseGenerator.createVolumeResponse(result);
response.setResponseName(getCommandName());
this.setResponseObject(response);
} else {
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to update volume");
}
}
}

12
api/src/org/apache/cloudstack/api/response/DiskOfferingResponse.java
View File

@ -58,8 +58,20 @@ public class DiskOfferingResponse extends BaseResponse {
@SerializedName("storagetype") @Param(description="the storage type for this disk offering")
private String storageType;
@SerializedName("displayoffering") @Param(description="whether to display the offering to the end user or not.")
private Boolean displayOffering;
public Boolean getDisplayOffering() {
return displayOffering;
}
public void setDisplayOffering(Boolean displayOffering) {
this.displayOffering = displayOffering;
}
public String getId() {
return id;
}
public void setId(String id) {

122
api/src/org/apache/cloudstack/api/response/NetworkACLItemResponse.java Normal file
View File

@ -0,0 +1,122 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.cloudstack.api.response;
import java.util.List;
import com.cloud.network.vpc.NetworkACLItem;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.BaseResponse;
import com.cloud.serializer.Param;
import com.google.gson.annotations.SerializedName;
import org.apache.cloudstack.api.EntityReference;
@EntityReference(value = NetworkACLItem.class)
public class NetworkACLItemResponse extends BaseResponse {
@SerializedName(ApiConstants.ID) @Param(description="the ID of the ACL Item")
private String id;
@SerializedName(ApiConstants.PROTOCOL) @Param(description="the protocol of the ACL")
private String protocol;
@SerializedName(ApiConstants.START_PORT) @Param(description="the starting port of ACL's port range")
private String startPort;
@SerializedName(ApiConstants.END_PORT) @Param(description = "the ending port of ACL's port range")
private String endPort;
@SerializedName(ApiConstants.TRAFFIC_TYPE) @Param(description="the traffic type for the ACL")
private String trafficType;
@SerializedName(ApiConstants.STATE) @Param(description="the state of the rule")
private String state;
@SerializedName(ApiConstants.CIDR_LIST) @Param(description="the cidr list to forward traffic from")
private String cidrList;
@SerializedName(ApiConstants.ICMP_TYPE) @Param(description= "type of the icmp message being sent")
private Integer icmpType;
@SerializedName(ApiConstants.ICMP_CODE) @Param(description = "error code for this icmp message")
private Integer icmpCode;
@SerializedName(ApiConstants.TAGS) @Param(description="the list of resource tags associated with the network ACLs",
responseObject = ResourceTagResponse.class)
private List<ResourceTagResponse> tags;
@SerializedName(ApiConstants.ACL_ID) @Param(description="the ID of the ACL this item belongs to")
private String aclId;
@SerializedName(ApiConstants.NUMBER) @Param(description= "Number of the ACL Item")
private Integer number;
@SerializedName(ApiConstants.ACTION) @Param(description="Action of ACL Item. Allow/Deny")
private String action;
public void setId(String id) {
this.id = id;
}
public void setProtocol(String protocol) {
this.protocol = protocol;
}
public void setStartPort(String startPort) {
this.startPort = startPort;
}
public void setEndPort(String endPort) {
this.endPort = endPort;
}
public void setState(String state) {
this.state = state;
}
public void setCidrList(String cidrList) {
this.cidrList = cidrList;
}
public void setIcmpType(Integer icmpType) {
this.icmpType = icmpType;
}
public void setIcmpCode(Integer icmpCode) {
this.icmpCode = icmpCode;
}
public void setTrafficType(String trafficType) {
this.trafficType = trafficType;
}
public void setTags(List<ResourceTagResponse> tags) {
this.tags = tags;
}
public void setAclId(String aclId) {
this.aclId = aclId;
}
public void setNumber(Integer number) {
this.number = number;
}
public void setAction(String action) {
this.action = action;
}
}

80
api/src/org/apache/cloudstack/api/response/NetworkACLResponse.java
View File

@ -16,84 +16,42 @@
// under the License.
package org.apache.cloudstack.api.response;
import java.util.List;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.BaseResponse;
import com.cloud.network.vpc.NetworkACL;
import com.cloud.serializer.Param;
import com.google.gson.annotations.SerializedName;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.BaseResponse;
import org.apache.cloudstack.api.EntityReference;
@SuppressWarnings("unused")
import java.util.List;
@EntityReference(value = NetworkACL.class)
public class NetworkACLResponse extends BaseResponse {
@SerializedName(ApiConstants.ID) @Param(description="the ID of the ACL")
private String id;
@SerializedName(ApiConstants.PROTOCOL) @Param(description="the protocol of the ACL")
private String protocol;
@SerializedName(ApiConstants.NAME) @Param(description="the Name of the ACL")
private String name;
@SerializedName(ApiConstants.START_PORT) @Param(description="the starting port of ACL's port range")
private String startPort;
@SerializedName(ApiConstants.DESCRIPTION) @Param(description="Description of the ACL")
private String description;
@SerializedName(ApiConstants.END_PORT) @Param(description = "the ending port of ACL's port range")
private String endPort;
@SerializedName(ApiConstants.TRAFFIC_TYPE) @Param(description="the traffic type for the ACL")
private String trafficType;
@SerializedName(ApiConstants.STATE) @Param(description="the state of the rule")
private String state;
@SerializedName(ApiConstants.CIDR_LIST) @Param(description="the cidr list to forward traffic from")
private String cidrList;
@SerializedName(ApiConstants.ICMP_TYPE) @Param(description= "type of the icmp message being sent")
private Integer icmpType;
@SerializedName(ApiConstants.ICMP_CODE) @Param(description = "error code for this icmp message")
private Integer icmpCode;
@SerializedName(ApiConstants.TAGS) @Param(description="the list of resource tags associated with the network ACLs",
responseObject = ResourceTagResponse.class)
private List<ResourceTagResponse> tags;
@SerializedName(ApiConstants.VPC_ID) @Param(description="Id of the VPC this ACL is associated with")
private String vpcId;
public void setId(String id) {
this.id = id;
}
public void setProtocol(String protocol) {
this.protocol = protocol;
public void setName(String name) {
this.name = name;
}
public void setStartPort(String startPort) {
this.startPort = startPort;
public void setDescription(String description) {
this.description = description;
}
public void setEndPort(String endPort) {
this.endPort = endPort;
}
public void setState(String state) {
this.state = state;
}
public void setCidrList(String cidrList) {
this.cidrList = cidrList;
}
public void setIcmpType(Integer icmpType) {
this.icmpType = icmpType;
}
public void setIcmpCode(Integer icmpCode) {
this.icmpCode = icmpCode;
}
public void setTrafficType(String trafficType) {
this.trafficType = trafficType;
}
public void setTags(List<ResourceTagResponse> tags) {
this.tags = tags;
public void setVpcId(String vpcId) {
this.vpcId = vpcId;
}
}

13
api/src/org/apache/cloudstack/api/response/NetworkResponse.java
View File

@ -162,7 +162,18 @@ public class NetworkResponse extends BaseResponse implements ControlledEntityRes
@SerializedName(ApiConstants.IP6_CIDR) @Param(description="the cidr of IPv6 network")
private String ip6Cidr;
@SerializedName(ApiConstants.DISPLAY_NETWORK) @Param(description="an optional field, whether to the display the network to the end user or not.")
private Boolean displayNetwork;
public Boolean getDisplayNetwork() {
return displayNetwork;
}
public void setDisplayNetwork(Boolean displayNetwork) {
this.displayNetwork = displayNetwork;
}
public void setId(String id) {
this.id = id;
}

81
api/src/org/apache/cloudstack/api/response/NicDetailResponse.java Normal file
View File

@ -0,0 +1,81 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.cloudstack.api.response;
import java.util.Date;
import java.util.HashSet;
import java.util.LinkedHashSet;
import java.util.Set;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.BaseResponse;
import org.apache.cloudstack.api.EntityReference;
import com.cloud.serializer.Param;
import com.google.gson.annotations.SerializedName;
@SuppressWarnings("unused")
public class NicDetailResponse extends BaseResponse{
@SerializedName(ApiConstants.ID)
@Param(description = "ID of the nic")
private String id;
@SerializedName(ApiConstants.NAME)
@Param(description = "name of the nic detail")
private String name;
@SerializedName(ApiConstants.VALUE)
@Param(description = "value of the nic detail")
private String value;
@SerializedName(ApiConstants.DISPLAY_NIC) @Param(description="an optional field whether to the display the nic to the end user or not.")
private Boolean displayNic;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getValue() {
return value;
}
public void setValue(String value) {
this.value = value;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Boolean getDisplayNic() {
return displayNic;
}
public void setDisplayNic(Boolean displayNic) {
this.displayNic = displayNic;
}
}

9
api/src/org/apache/cloudstack/api/response/PrivateGatewayResponse.java
View File

@ -80,6 +80,10 @@ public class PrivateGatewayResponse extends BaseResponse implements ControlledEn
private Boolean sourceNat;
@SerializedName(ApiConstants.ACL_ID) @Param(description = "ACL Id set for private gateway")
private String aclId;
@Override
public String getObjectId() {
return this.id;
@ -154,6 +158,11 @@ public class PrivateGatewayResponse extends BaseResponse implements ControlledEn
this.sourceNat = sourceNat;
}
public void setAclId(String aclId) {
this.aclId = aclId;
}
}

81
api/src/org/apache/cloudstack/api/response/ResourceDetailResponse.java Normal file
View File

@ -0,0 +1,81 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.cloudstack.api.response;
import java.util.Date;
import java.util.HashSet;
import java.util.LinkedHashSet;
import java.util.Set;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.BaseResponse;
import org.apache.cloudstack.api.EntityReference;
import com.cloud.serializer.Param;
import com.google.gson.annotations.SerializedName;
@SuppressWarnings("unused")
public class ResourceDetailResponse extends BaseResponse{
@SerializedName(ApiConstants.RESOURCE_ID)
@Param(description = "ID of the resource")
private String resourceId;
@SerializedName(ApiConstants.RESOURCE_TYPE)
@Param(description = "ID of the resource")
private String resourceType;
@SerializedName(ApiConstants.KEY)
@Param(description = "key of the resource detail")
private String name;
@SerializedName(ApiConstants.VALUE)
@Param(description = "value of the resource detail")
private String value;
public String getResourceId() {
return resourceId;
}
public void setResourceId(String resourceId) {
this.resourceId = resourceId;
}
public String getResourceType() {
return resourceType;
}
public void setResourceType(String resourceType) {
this.resourceType = resourceType;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getValue() {
return value;
}
public void setValue(String value) {
this.value = value;
}
}

9
api/src/org/apache/cloudstack/api/response/UserVmResponse.java
View File

@ -177,6 +177,9 @@ public class UserVmResponse extends BaseResponse implements ControlledEntityResp
@Param(description = "list of affinity groups associated with the virtual machine", responseObject = AffinityGroupResponse.class)
private Set<AffinityGroupResponse> affinityGroupList;
@SerializedName(ApiConstants.DISPLAY_VM) @Param(description="an optional field whether to the display the vm to the end user or not.")
private Boolean displayVm;
public UserVmResponse(){
securityGroupList = new LinkedHashSet<SecurityGroupResponse>();
nics = new LinkedHashSet<NicResponse>();
@ -196,7 +199,13 @@ public class UserVmResponse extends BaseResponse implements ControlledEntityResp
return this.id;
}
public Boolean getDisplayVm() {
return displayVm;
}
public void setDisplayVm(Boolean displayVm) {
this.displayVm = displayVm;
}
@Override
public String getObjectId() {

82
api/src/org/apache/cloudstack/api/response/VolumeDetailResponse.java Normal file
View File

@ -0,0 +1,82 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.cloudstack.api.response;
import java.util.Date;
import java.util.HashSet;
import java.util.LinkedHashSet;
import java.util.Set;
import org.apache.cloudstack.api.ApiConstants;
import org.apache.cloudstack.api.BaseResponse;
import org.apache.cloudstack.api.EntityReference;
import com.cloud.serializer.Param;
import com.cloud.storage.Volume;
import com.google.gson.annotations.SerializedName;
@SuppressWarnings("unused")
public class VolumeDetailResponse extends BaseResponse{
@SerializedName(ApiConstants.ID)
@Param(description = "ID of the volume")
private String id;
@SerializedName(ApiConstants.NAME)
@Param(description = "name of the volume detail")
private String name;
@SerializedName(ApiConstants.VALUE)
@Param(description = "value of the volume detail")
private String value;
@SerializedName(ApiConstants.DISPLAY_VOLUME) @Param(description="an optional field whether to the display the volume to the end user or not.")
private Boolean displayVm;
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getValue() {
return value;
}
public void setValue(String value) {
this.value = value;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public Boolean getDisplayVm() {
return displayVm;
}
public void setDisplayVm(Boolean displayVm) {
this.displayVm = displayVm;
}
}

12
api/src/org/apache/cloudstack/api/response/VolumeResponse.java
View File

@ -165,6 +165,9 @@ public class VolumeResponse extends BaseResponse implements ControlledViewEntity
@SerializedName(ApiConstants.TAGS) @Param(description="the list of resource tags associated with volume", responseObject = ResourceTagResponse.class)
private Set<ResourceTagResponse> tags;
@SerializedName(ApiConstants.DISPLAY_VOLUME) @Param(description="an optional field whether to the display the volume to the end user or not.")
private Boolean displayVm;
public VolumeResponse(){
tags = new LinkedHashSet<ResourceTagResponse>();
}
@ -324,4 +327,13 @@ public class VolumeResponse extends BaseResponse implements ControlledViewEntity
public void addTag(ResourceTagResponse tag){
this.tags.add(tag);
}
public Boolean getDisplayVm() {
return displayVm;
}
public void setDisplayVm(Boolean displayVm) {
this.displayVm = displayVm;
}
}

26
api/src/org/apache/cloudstack/query/QueryService.java
View File

@ -34,30 +34,15 @@ import org.apache.cloudstack.api.command.user.securitygroup.ListSecurityGroupsCm
import org.apache.cloudstack.api.command.user.tag.ListTagsCmd;
import org.apache.cloudstack.api.command.user.vm.ListVMsCmd;
import org.apache.cloudstack.api.command.user.vmgroup.ListVMGroupsCmd;
import org.apache.cloudstack.api.command.user.volume.ListResourceDetailsCmd;
import org.apache.cloudstack.api.command.user.volume.ListVolumesCmd;
import org.apache.cloudstack.api.command.user.zone.ListZonesByCmd;
import org.apache.cloudstack.api.response.AccountResponse;
import org.apache.cloudstack.api.response.AsyncJobResponse;
import org.apache.cloudstack.api.response.DiskOfferingResponse;
import org.apache.cloudstack.api.response.DomainRouterResponse;
import org.apache.cloudstack.api.response.EventResponse;
import org.apache.cloudstack.api.response.HostResponse;
import org.apache.cloudstack.api.response.InstanceGroupResponse;
import org.apache.cloudstack.api.response.ListResponse;
import org.apache.cloudstack.api.response.ProjectAccountResponse;
import org.apache.cloudstack.api.response.ProjectInvitationResponse;
import org.apache.cloudstack.api.response.ProjectResponse;
import org.apache.cloudstack.api.response.ResourceTagResponse;
import org.apache.cloudstack.api.response.SecurityGroupResponse;
import org.apache.cloudstack.api.response.ServiceOfferingResponse;
import org.apache.cloudstack.api.response.StoragePoolResponse;
import org.apache.cloudstack.api.response.UserResponse;
import org.apache.cloudstack.api.response.UserVmResponse;
import org.apache.cloudstack.api.response.VolumeResponse;
import org.apache.cloudstack.api.response.ZoneResponse;
import org.apache.cloudstack.api.response.*;
import com.cloud.exception.PermissionDeniedException;
import java.util.List;
/**
* Service used for list api query.
*
@ -103,5 +88,8 @@ public interface QueryService {
public ListResponse<AffinityGroupResponse> listAffinityGroups(Long affinityGroupId, String affinityGroupName,
String affinityGroupType, Long vmId, Long startIndex, Long pageSize);
public List<ResourceDetailResponse> listResource(ListResourceDetailsCmd cmd);
ListResponse<DomainRouterResponse> searchForInternalLbVms(ListInternalLBVMsCmd cmd);
}

7
client/tomcatconf/applicationContext.xml.in
View File

@ -246,6 +246,8 @@
<bean id="mockVMDaoImpl" class="com.cloud.simulator.dao.MockVMDaoImpl" />
<bean id="mockVolumeDaoImpl" class="com.cloud.simulator.dao.MockVolumeDaoImpl" />
<bean id="networkAccountDaoImpl" class="com.cloud.network.dao.NetworkAccountDaoImpl" />
<bean id="networkACLDaoImpl" class="com.cloud.network.vpc.dao.NetworkACLDaoImpl" />
<bean id="networkACLItemDaoImpl" class="com.cloud.network.vpc.dao.NetworkACLItemDaoImpl" />
<bean id="networkDaoImpl" class="com.cloud.network.dao.NetworkDaoImpl" />
<bean id="networkDomainDaoImpl" class="com.cloud.network.dao.NetworkDomainDaoImpl" />
<bean id="networkExternalFirewallDaoImpl" class="com.cloud.network.dao.NetworkExternalFirewallDaoImpl" />
@ -256,7 +258,9 @@
<bean id="networkRuleConfigDaoImpl" class="com.cloud.network.dao.NetworkRuleConfigDaoImpl" />
<bean id="networkServiceMapDaoImpl" class="com.cloud.network.dao.NetworkServiceMapDaoImpl" />
<bean id="nicDaoImpl" class="com.cloud.vm.dao.NicDaoImpl" />
<bean id="nicDetailDaoImpl" class="com.cloud.vm.dao.NicDetailDaoImpl" />
<bean id="nicSecondaryIpDaoImpl" class="com.cloud.vm.dao.NicSecondaryIpDaoImpl" />
<bean id="nicIpAliasDaoImpl" class="com.cloud.vm.dao.NicIpAliasDaoImpl" />
<bean id="objectInDataStoreDaoImpl" class="org.apache.cloudstack.storage.db.ObjectInDataStoreDaoImpl" />
<bean id="ovsTunnelInterfaceDaoImpl" class="com.cloud.network.ovs.dao.OvsTunnelInterfaceDaoImpl" />
<bean id="ovsTunnelNetworkDaoImpl" class="com.cloud.network.ovs.dao.OvsTunnelNetworkDaoImpl" />
@ -354,6 +358,7 @@
<bean id="vmRulesetLogDaoImpl" class="com.cloud.network.security.dao.VmRulesetLogDaoImpl" />
<bean id="volumeDao2Impl" class="org.apache.cloudstack.storage.volume.db.VolumeDao2Impl" />
<bean id="volumeDaoImpl" class="com.cloud.storage.dao.VolumeDaoImpl" />
<bean id="volumeDetailsDaoImpl" class="com.cloud.storage.dao.VolumeDetailsDaoImpl" />
<bean id="volumeHostDaoImpl" class="com.cloud.storage.dao.VolumeHostDaoImpl" />
<bean id="volumeJoinDaoImpl" class="com.cloud.api.query.dao.VolumeJoinDaoImpl" />
<bean id="volumeReservationDaoImpl" class="org.apache.cloudstack.engine.cloud.entity.api.db.dao.VolumeReservationDaoImpl" />
@ -679,6 +684,7 @@
<bean id="keystoreManagerImpl" class="com.cloud.keystore.KeystoreManagerImpl" />
<bean id="loadBalancingRulesManagerImpl" class="com.cloud.network.lb.LoadBalancingRulesManagerImpl" />
<bean id="networkACLManagerImpl" class="com.cloud.network.vpc.NetworkACLManagerImpl" />
<bean id="networkACLServiceImpl" class="com.cloud.network.vpc.NetworkACLServiceImpl" />
<bean id="networkServiceImpl" class="com.cloud.network.NetworkServiceImpl" />
<bean id="networkUsageManagerImpl" class="com.cloud.network.NetworkUsageManagerImpl" />
<bean id="oCFS2ManagerImpl" class="com.cloud.storage.OCFS2ManagerImpl" />
@ -698,6 +704,7 @@
<bean id="swiftManagerImpl" class="com.cloud.storage.swift.SwiftManagerImpl" />
<bean id="syncQueueManagerImpl" class="com.cloud.async.SyncQueueManagerImpl" />
<bean id="taggedResourceManagerImpl" class="com.cloud.tags.TaggedResourceManagerImpl" />
<bean id="resourceMetaDataManagerImpl" class="com.cloud.metadata.ResourceMetaDataManagerImpl" />
<bean id="templateManagerImpl" class="com.cloud.template.TemplateManagerImpl" />
<bean id="uploadMonitorImpl" class="com.cloud.storage.upload.UploadMonitorImpl" />
<bean id="usageServiceImpl" class="com.cloud.usage.UsageServiceImpl" />

28
client/tomcatconf/commands.properties.in
View File

@ -67,7 +67,7 @@ getVMPassword=15
restoreVirtualMachine=15
changeServiceForVirtualMachine=15
scaleVirtualMachine=15
assignVirtualMachine=1
assignVirtualMachine=7
migrateVirtualMachine=1
migrateVirtualMachineWithVolume=1
recoverVirtualMachine=7
@ -274,6 +274,11 @@ listVolumes=15
extractVolume=15
migrateVolume=15
resizeVolume=15
updateVolume=1
addVolumeDetail=1
updateVolumeDetail=1
removeVolumeDetail=1
listVolumeDetails=1
#### registration command: FIXME -- this really should be something in management server that
#### generates a new key for the user and they just have to
@ -344,6 +349,10 @@ updateNetwork=15
addNicToVirtualMachine=15
removeNicFromVirtualMachine=15
updateDefaultNicForVirtualMachine=15
addNicDetail=1
updateNicDetail=1
removeNicDetail=1
listNicDetails=1
####
addIpToNic=15
@ -435,8 +444,14 @@ deletePrivateGateway=1
#### Network ACL commands
createNetworkACL=15
updateNetworkACLItem=15
deleteNetworkACL=15
listNetworkACLs=15
createNetworkACLList=15
deleteNetworkACLList=15
replaceNetworkACLList=15
listNetworkACLLists=15
#### Static route commands
createStaticRoute=15
@ -448,6 +463,11 @@ createTags=15
deleteTags=15
listTags=15
#### Meta Data commands
addResourceDetail=1
removeResourceDetail=1
listResourceDetails=1
### Site-to-site VPN commands
createVpnCustomerGateway=15
createVpnGateway=15
@ -585,9 +605,9 @@ listLoadBalancers=15
deleteLoadBalancer=15
#Internal Load Balancer Element commands
configureInternalLoadBalancerElement=1
createInternalLoadBalancerElement=1
listInternalLoadBalancerElements=1
configureInternalLoadBalancerElement=7
createInternalLoadBalancerElement=7
listInternalLoadBalancerElements=7
#### Affinity group commands

36
core/src/com/cloud/agent/api/routing/CreateIpAliasCommand.java Normal file
View File

@ -0,0 +1,36 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package com.cloud.agent.api.routing;
import java.util.List;
public class CreateIpAliasCommand extends NetworkElementCommand {
String routerip;
List<IpAliasTO> ipAliasTOs;
public CreateIpAliasCommand(String routerip, List<IpAliasTO> ipAliasTOs){
this.routerip = routerip;
this.ipAliasTOs = ipAliasTOs;
}
public String getRouterip (){
return routerip;
}
public List<IpAliasTO> getIpAliasList() {
return ipAliasTOs;
}
}

50
core/src/com/cloud/agent/api/routing/DeleteIpAliasCommand.java Normal file
View File

@ -0,0 +1,50 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package com.cloud.agent.api.routing;
import java.util.List;
public class DeleteIpAliasCommand extends NetworkElementCommand {
String routerip;
List<IpAliasTO> deleteIpAliasTOs;
List<IpAliasTO> createIpAliasTos;
public DeleteIpAliasCommand( String routerip, List<IpAliasTO> deleteIpAliasTOs, List<IpAliasTO> createIpAliasTos){
this.routerip = routerip;
this.deleteIpAliasTOs = deleteIpAliasTOs;
this.createIpAliasTos = createIpAliasTos;
}
public String getRouterip (){
return routerip;
}
public List<IpAliasTO> getDeleteIpAliasTos() {
return deleteIpAliasTOs;
}
public List<IpAliasTO> getCreateIpAliasTos() {
return createIpAliasTos;
}
}

65
core/src/com/cloud/agent/api/routing/DnsMasqConfigCommand.java Normal file
View File

@ -0,0 +1,65 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package com.cloud.agent.api.routing;
import com.cloud.agent.api.to.DnsmasqTO;
import java.util.List;
public class DnsMasqConfigCommand extends NetworkElementCommand {
String domain;
String dns1;
String dns2;
String internal_dns1;
String internal_dns2;
List<DnsmasqTO> dnsmasqTOs;
public DnsMasqConfigCommand(String domain, List<DnsmasqTO> dnsmasqTOs, String dns1, String dns2, String internal_dns1, String internal_dns2) {
this.domain = domain;
this.dnsmasqTOs = dnsmasqTOs;
this.dns1= dns1;
this.dns2= dns2;
this.internal_dns1 = internal_dns1;
this.internal_dns2 = internal_dns2;
}
public List<DnsmasqTO> getIps() {
return dnsmasqTOs;
}
public String getDomain() {
return domain;
}
public String getDns1() {
return dns1;
}
public String getDns2() {
return dns2;
}
public String getInternal_dns1() {
return internal_dns1;
}
public String getInternal_dns2() {
return internal_dns2;
}
}

42
core/src/com/cloud/agent/api/routing/IpAliasTO.java Normal file
View File

@ -0,0 +1,42 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package com.cloud.agent.api.routing;
public class IpAliasTO {
String routerip;
String netmask;
String alias_count;
public IpAliasTO(String routerip, String netmask, String alias_count) {
this.routerip = routerip;
this.netmask = netmask;
this.alias_count = alias_count;
}
public String getRouterip() {
return routerip;
}
public String getNetmask() {
return netmask;
}
public String getAlias_count() {
return alias_count;
}
}

2
core/src/com/cloud/agent/api/routing/NetworkElementCommand.java
View File

@ -32,6 +32,8 @@ public abstract class NetworkElementCommand extends Command {
public static final String ROUTER_GUEST_IP = "router.guest.ip";
public static final String ZONE_NETWORK_TYPE = "zone.network.type";
public static final String GUEST_BRIDGE = "guest.bridge";
public static final String VPC_PRIVATE_GATEWAY = "vpc.gateway.private";
protected NetworkElementCommand() {
super();

19
core/src/com/cloud/agent/api/routing/SetNetworkACLCommand.java
View File

@ -17,6 +17,9 @@
package com.cloud.agent.api.routing;
import java.util.Arrays;
import java.util.Collections;
import java.util.Comparator;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
@ -42,11 +45,17 @@ public class SetNetworkACLCommand extends NetworkElementCommand{
public String[][] generateFwRules() {
String [][] result = new String [2][];
Set<String> toAdd = new HashSet<String>();
List<NetworkACLTO> aclList = Arrays.asList(rules);
Collections.sort(aclList, new Comparator<NetworkACLTO>() {
@Override
public int compare(NetworkACLTO acl1, NetworkACLTO acl2) {
return acl1.getNumber() > acl2.getNumber() ? 1 : -1;
}
});
for (NetworkACLTO aclTO: rules) {
/* example : Ingress:tcp:80:80:0.0.0.0/0:,Egress:tcp:220:220:0.0.0.0/0:,
* each entry format Ingress/Egress:protocol:start port: end port:scidrs:
for (NetworkACLTO aclTO: aclList) {
/* example : Ingress:tcp:80:80:0.0.0.0/0:ACCEPT:,Egress:tcp:220:220:0.0.0.0/0:DROP:,
* each entry format Ingress/Egress:protocol:start port: end port:scidrs:action:
* reverted entry format Ingress/Egress:reverted:0:0:0:
*/
if (aclTO.revoked() == true)
@ -80,7 +89,7 @@ public class SetNetworkACLCommand extends NetworkElementCommand{
firstEntry = false;
}
}
sb.append(":");
sb.append(":").append(aclTO.getAction()).append(":");
String aclRuleEntry = sb.toString();
toAdd.add(aclRuleEntry);

132
core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
View File

@ -16,28 +16,6 @@
// under the License.
package com.cloud.agent.resource.virtualnetwork;
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.net.InetSocketAddress;
import java.net.URL;
import java.net.URLConnection;
import java.nio.channels.SocketChannel;
import java.util.List;
import java.util.Map;
import javax.ejb.Local;
import javax.naming.ConfigurationException;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
import com.cloud.agent.api.Answer;
import com.cloud.agent.api.BumpUpPriorityCommand;
import com.cloud.agent.api.CheckRouterAnswer;
@ -50,7 +28,11 @@ import com.cloud.agent.api.GetDomRVersionCmd;
import com.cloud.agent.api.proxy.CheckConsoleProxyLoadCommand;
import com.cloud.agent.api.proxy.ConsoleProxyLoadAnswer;
import com.cloud.agent.api.proxy.WatchConsoleProxyLoadCommand;
import com.cloud.agent.api.routing.CreateIpAliasCommand;
import com.cloud.agent.api.routing.DeleteIpAliasCommand;
import com.cloud.agent.api.routing.DhcpEntryCommand;
import com.cloud.agent.api.routing.DnsMasqConfigCommand;
import com.cloud.agent.api.routing.IpAliasTO;
import com.cloud.agent.api.routing.IpAssocAnswer;
import com.cloud.agent.api.routing.IpAssocCommand;
import com.cloud.agent.api.routing.LoadBalancerConfigCommand;
@ -74,6 +56,7 @@ import com.cloud.agent.api.to.IpAddressTO;
import com.cloud.agent.api.to.PortForwardingRuleTO;
import com.cloud.agent.api.to.StaticNatRuleTO;
import com.cloud.exception.InternalErrorException;
import com.cloud.network.DnsMasqConfigurator;
import com.cloud.network.HAProxyConfigurator;
import com.cloud.network.LoadBalancerConfigurator;
import com.cloud.network.rules.FirewallRule;
@ -84,6 +67,26 @@ import com.cloud.utils.net.NetUtils;
import com.cloud.utils.script.OutputInterpreter;
import com.cloud.utils.script.Script;
import com.cloud.utils.ssh.SshHelper;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
import javax.ejb.Local;
import javax.naming.ConfigurationException;
import java.io.BufferedReader;
import java.io.BufferedWriter;
import java.io.File;
import java.io.FileOutputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.io.PrintWriter;
import java.net.InetSocketAddress;
import java.net.URL;
import java.net.URLConnection;
import java.nio.channels.SocketChannel;
import java.util.List;
import java.util.Map;
/**
* VirtualNetworkResource controls and configures virtual networking
@ -106,6 +109,9 @@ public class VirtualRoutingResource implements Manager {
private String _privateEthIf;
private String _bumpUpPriorityPath;
private String _routerProxyPath;
private String _createIpAliasPath;
private String _deleteIpAliasPath;
private String _configDhcpPath;
private int _timeout;
private int _startTimeout;
@ -137,6 +143,12 @@ public class VirtualRoutingResource implements Manager {
return execute((SavePasswordCommand)cmd);
} else if (cmd instanceof DhcpEntryCommand) {
return execute((DhcpEntryCommand)cmd);
} else if (cmd instanceof CreateIpAliasCommand) {
return execute((CreateIpAliasCommand) cmd);
} else if (cmd instanceof DnsMasqConfigCommand) {
return execute((DnsMasqConfigCommand) cmd);
} else if (cmd instanceof DeleteIpAliasCommand) {
return execute((DeleteIpAliasCommand) cmd);
} else if (cmd instanceof VmDataCommand) {
return execute ((VmDataCommand)cmd);
} else if (cmd instanceof CheckRouterCommand) {
@ -609,6 +621,67 @@ public class VirtualRoutingResource implements Manager {
return new Answer(cmd, result==null, result);
}
protected Answer execute(final CreateIpAliasCommand cmd) {
String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
final Script command = new Script(_createIpAliasPath, _timeout, s_logger);
List<IpAliasTO> ipAliasTOs = cmd.getIpAliasList();
String args=routerIp+" ";
for (IpAliasTO ipaliasto : ipAliasTOs) {
args = args + ipaliasto.getAlias_count()+":"+ipaliasto.getRouterip()+":"+ipaliasto.getNetmask()+"-";
}
command.add(args);
final String result = command.execute();
return new Answer(cmd, result==null, result);
}
protected Answer execute(final DeleteIpAliasCommand cmd) {
final Script command = new Script(_deleteIpAliasPath, _timeout, s_logger);
String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
String args = "";
List<IpAliasTO> revokedIpAliasTOs = cmd.getDeleteIpAliasTos();
for (IpAliasTO ipAliasTO : revokedIpAliasTOs) {
args = args + ipAliasTO.getAlias_count()+":"+ipAliasTO.getRouterip()+":"+ipAliasTO.getNetmask()+"-";
}
args = args + " " ;
List<IpAliasTO> activeIpAliasTOs = cmd.getCreateIpAliasTos();
for (IpAliasTO ipAliasTO : activeIpAliasTOs) {
args = args + ipAliasTO.getAlias_count()+":"+ipAliasTO.getRouterip()+":"+ipAliasTO.getNetmask()+"-";
}
command.add(args);
final String result = command.execute();
return new Answer(cmd, result==null, result);
}
protected Answer execute(final DnsMasqConfigCommand cmd) {
final Script command = new Script(_configDhcpPath, _timeout, s_logger);
String routerIp = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
DnsMasqConfigurator configurator = new DnsMasqConfigurator();
String [] config = configurator.generateConfiguration(cmd);
File tmpCfgFile = null;
try {
String cfgFilePath = "";
if (routerIp != null) {
tmpCfgFile = File.createTempFile(routerIp.replace('.', '_'), "cfg");
final PrintWriter out
= new PrintWriter(new BufferedWriter(new FileWriter(tmpCfgFile)));
for (int i=0; i < config.length; i++) {
out.println(config[i]);
}
out.close();
cfgFilePath = tmpCfgFile.getAbsolutePath();
}
command.add(cfgFilePath);
final String result = command.execute();
return new Answer(cmd, result == null, result);
} catch (final IOException e) {
return new Answer(cmd, false, e.getMessage());
} finally {
if (tmpCfgFile != null) {
tmpCfgFile.delete();
}
}
}
public String getRouterStatus(String routerIP) {
return routerProxyWithParser("checkrouter.sh", routerIP, null);
}
@ -819,12 +892,17 @@ public class VirtualRoutingResource implements Manager {
}
public String assignNetworkACL(final String routerIP, final String dev,
final String routerGIP, final String netmask, final String rule){
final String routerGIP, final String netmask, final String rule, String privateGw){
String args = " -d " + dev;
args += " -i " + routerGIP;
args += " -m " + netmask;
args += " -a " + rule;
return routerProxy("vpc_acl.sh", routerIP, args);
if (privateGw != null) {
args += " -a " + rule;
return routerProxy("vpc_privategw_acl.sh", routerIP, args);
} else {
args += " -i " + routerGIP;
args += " -m " + netmask;
args += " -a " + rule;
return routerProxy("vpc_acl.sh", routerIP, args);
}
}
public String assignSourceNat(final String routerIP, final String pubIP, final String dev) {

118
core/src/com/cloud/network/DnsMasqConfigurator.java Normal file
View File

@ -0,0 +1,118 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package com.cloud.network;
import com.cloud.agent.api.routing.DnsMasqConfigCommand;
import com.cloud.agent.api.to.DnsmasqTO;
import org.apache.log4j.Logger;
import java.util.Arrays;
import java.util.List;
public class DnsMasqConfigurator {
private static final Logger s_logger = Logger.getLogger(DnsMasqConfigurator.class);
private static String[] Dnsmasq_config = {"# Never forward plain names (without a dot or domain part) \ndomain-needed\n",
"# Never forward addresses in the non-routed address spaces. \nbogus-priv\n",
"# Uncomment this to filter useless windows-originated DNS requests # which can trigger dial-on-demand links needlessly. \n # Note that (amongst other things) this blocks all SRV requests, # so don't use it if you use eg Kerberos, SIP, XMMP or Google-talk.# This option only affects forwarding, SRV records originating for # dnsmasq (via srv-host= lines) are not suppressed by it. \nfilterwin2k\n",
"# Change this line if you want dns to get its upstream servers from# somewhere other that /etc/resolv.conf \nresolv-file=/etc/dnsmasq-resolv.conf\n",
"# Add local-only domains here, queries in these domains are answered\n # from /etc/hosts or DHCP only.\n local=/cs1cloud.internal/",
"# If you want dnsmasq to listen for DHCP and DNS requests only on\n #specified interfaces (and the loopback) give the name of the\n# interface (eg eth0) here.\n# Repeat the line for more than one interface.\ninterface=eth0\n",
"# Or you can specify which interface _not_ to listen on\nexcept-interface=eth1\nexcept-interface=eth2\nexcept-interface=lo\n",
"# Or which to listen on by address (remember to include 127.0.0.1 if\n# you use this.)\n#listen-address=?\n",
"# If you want dnsmasq to provide only DNS service on an interface,\n# configure it as shown above, and then use the following line to\n#disable DHCP and TFTP on it.\nno-dhcp-interface=eth1\nno-dhcp-interface=eth2\n",
"# On systems which support it, dnsmasq binds the wildcard address,\n" +
"# even when it is listening on only some interfaces. It then discards\n" +
"# requests that it shouldn't reply to. This has the advantage of\n" +
"# working even when interfaces come and go and change address. If you\n" +
"# want dnsmasq to really bind only the interfaces it is listening on,\n" +
"# uncomment this option. About the only time you may need this is when\n" +
"# running another nameserver on the same machine.\n" +
"bind-interfaces\n",
"# Set this (and domain: see below) if you want to have a domain\n" +
"# automatically added to simple names in a hosts-file.\n" +
"expand-hosts\n",
"# Set the domain for dnsmasq. this is optional, but if it is set, it\n" +
"# does the following things.\n" +
"# 1) Allows DHCP hosts to have fully qualified domain names, as long\n" +
"# as the domain part matches this setting.\n" +
"# 2) Sets the \"domain\" DHCP option thereby potentially setting the\n" +
"# domain of all systems configured by DHCP\n" +
"# 3) Provides the domain part for \"expand-hosts\"\n",
"domain=cs1cloud.internal\n",
"# Set a different domain for a particular subnet\n",
"domain=cs1cloud.internal\n",
"# Same idea, but range rather then subnet\n",
"domain=cs1cloud.internal\n",
"# Uncomment this to enable the integrated DHCP server, you need\n" +
"# to supply the range of addresses available for lease and optionally\n" +
"# a lease time. If you have more than one network, you will need to\n" +
"# repeat this for each network on which you want to supply DHCP\n" +
"# service.\n",
"dhcp-range=set:net1,ipaddress,static\n",
"dhcp-hostsfile=/etc/dhcphosts.txt\n",
"log-facility=/var/log/dnsmasq.log\n",
"conf-dir=/etc/dnsmasq.d\n",
"dhcp-option=tag:net1,3,ipaddress\n",
"dhcp-option=tag:net1,1,netmask\n",
"dhcp-option=6,10.147.28.149,8.8.8.8\n",
"dhcp-optsfile=/etc/dhcpopts.txt\n",
};
public String[] generateConfiguration(DnsMasqConfigCommand dnsMasqconfigcmd) {
List<DnsmasqTO> dnsmasqTOs = dnsMasqconfigcmd.getIps();
List <String> dnsMasqconf = Arrays.asList(Dnsmasq_config);
String range="";
String gateway="";
String netmask="";
String domain= dnsMasqconfigcmd.getDomain();
String dnsServers="";
int i=0;
for (; i< dnsmasqTOs.size(); i++) {
range=range + "dhcp-range=set:range"+i+","+dnsmasqTOs.get(i).getRouterIp()+",static\n";
gateway=gateway +"dhcp-option=tag:range"+i+",3,"+dnsmasqTOs.get(i).getGateway()+"\n";
netmask=netmask +"dhcp-option=tag:range"+i+",1,"+dnsmasqTOs.get(i).getNetmask()+"\n";
}
dnsMasqconf.set(12, "domain="+domain+"\n");
dnsMasqconf.set(14, "domain="+domain+"\n");
dnsMasqconf.set(16,"domain="+domain+"\n");
dnsMasqconf.set(18, range);
dnsMasqconf.set(22, gateway);
dnsMasqconf.set(23, netmask);
if (dnsMasqconfigcmd.getInternal_dns1() != null) {
dnsServers = dnsServers+dnsMasqconfigcmd.getInternal_dns1()+",";
}
if (dnsMasqconfigcmd.getInternal_dns2() != null) {
dnsServers = dnsServers+dnsMasqconfigcmd.getInternal_dns2()+",";
}
if (dnsMasqconfigcmd.getDns1() != null) {
dnsServers = dnsServers+dnsMasqconfigcmd.getDns1()+",";
}
if (dnsMasqconfigcmd.getDns2() != null) {
dnsServers = dnsServers+dnsMasqconfigcmd.getDns2()+",";
}
dnsServers = dnsServers +"*";
dnsServers = dnsServers.replace(";*", "");
dnsMasqconf.set(24,"dhcp-option=6,"+dnsServers);
return dnsMasqconf.toArray( new String[dnsMasqconf.size()]);
}
}

85
core/src/com/cloud/storage/VolumeDetailVO.java Normal file
View File

@ -0,0 +1,85 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package com.cloud.storage;
import org.apache.cloudstack.api.InternalIdentity;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
@Entity
@Table(name="volume_details")
public class VolumeDetailVO implements InternalIdentity {
@Id
@GeneratedValue(strategy=GenerationType.IDENTITY)
@Column(name="id")
private long id;
@Column(name="volume_id")
private long volumeId;
@Column(name="name")
private String name;
@Column(name="value", length=1024)
private String value;
public VolumeDetailVO() {}
public VolumeDetailVO(long volumeId, String name, String value) {
this.volumeId = volumeId;
this.name = name;
this.value = value;
}
public long getId() {
return id;
}
public long getVolumeId() {
return volumeId;
}
public String getName() {
return name;
}
public String getValue() {
return value;
}
public void setId(long id) {
this.id = id;
}
public void setVolumeId(long volumeId) {
this.volumeId = volumeId;
}
public void setName(String name) {
this.name = name;
}
public void setValue(String value) {
this.value = value;
}
}

6
debian/changelog vendored
View File

@ -1,3 +1,9 @@
cloudstack (4.2.0) unstable; urgency=low
* Update the version to 4.2.0 to be in sync with Maven (again)
-- Wido den Hollander <wido@widodh.nl> Tue, 14 May 2013 15:56:42 +0200
cloudstack (4.2.0-incubating-0.0.snapshot) unstable; urgency=low
* Update the version to 4.2.0 to be in sync with Maven

2
debian/rules vendored
View File

@ -157,7 +157,7 @@ install:
install -D awsapi-setup/setup/cloud-setup-bridge $(DESTDIR)/usr/bin/cloudstack-setup-bridge
install -D awsapi-setup/setup/cloudstack-aws-api-register $(DESTDIR)/usr/bin/cloudstack-aws-api-register
cp -r awsapi-setup/db/mysql/* $(DESTDIR)/usr/share/$(PACKAGE)-bridge/setup
for i in applicationContext.xml cloud-bridge.properties commons-logging.properties crypto.properties xes.keystore ec2-service.properties; do \
for i in cloud-bridge.properties commons-logging.properties crypto.properties xes.keystore ec2-service.properties; do \
mv $(DESTDIR)/usr/share/$(PACKAGE)-bridge/webapps/awsapi/WEB-INF/classes/$$i $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/management/; \
done
rm $(DESTDIR)/usr/share/$(PACKAGE)-bridge/webapps/awsapi/WEB-INF/classes/log4j-vmops.xml

1
docs/en-US/Installation_Guide.xml
View File

@ -55,6 +55,7 @@
<xi:include href="choosing-a-hypervisor.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="aws-interface-compatibility.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="network-setup.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="storage-setup.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="networks.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="best-practices.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="Revision_History_Install_Guide.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>

12
docs/en-US/Release_Notes.xml
View File

@ -5113,7 +5113,7 @@ service cloudstack-agent start
<listitem>
<para>Start the first Management Server. Do not start any other Management Server nodes
yet.</para>
<programlisting language="Bash"><prompt>#</prompt> service cloud-management start</programlisting>
<programlisting language="Bash"><prompt>#</prompt> service cloudstack-management start</programlisting>
<para>Wait until the databases are upgraded. Ensure that the database upgrade is complete.
After confirmation, start the other Management Servers one at a time by running the same
command on each node.</para>
@ -5126,7 +5126,7 @@ service cloudstack-agent start
<listitem>
<para>Start all Usage Servers (if they were running on your previous version). Perform
this on each Usage Server host.</para>
<para><command># service cloud-usage start</command></para>
<para><command># service cloudstack-usage start</command></para>
</listitem>
<listitem>
<note>
@ -5152,7 +5152,7 @@ service cloudstack-agent start
</listitem>
<listitem>
<para>Start the agent.</para>
<programlisting># service cloud-agent start</programlisting>
<programlisting># service cloudstack-agent start</programlisting>
</listitem>
<listitem>
<para>Edit <filename>/etc/cloud/agent/agent.properties</filename> to change the
@ -5742,7 +5742,7 @@ service cloudstack-agent start
<listitem>
<para>Start the first Management Server. Do not start any other Management Server nodes
yet.</para>
<programlisting language="Bash"><prompt>#</prompt> service cloud-management start</programlisting>
<programlisting language="Bash"><prompt>#</prompt> service cloudstack-management start</programlisting>
<para>Wait until the databases are upgraded. Ensure that the database upgrade is complete.
You should see a message like "Complete! Done." After confirmation, start the other
Management Servers one at a time by running the same command on each node.</para>
@ -5750,7 +5750,7 @@ service cloudstack-agent start
<listitem>
<para>Start all Usage Servers (if they were running on your previous version). Perform
this on each Usage Server host.</para>
<programlisting language="Bash"><prompt>#</prompt> service cloud-usage start</programlisting>
<programlisting language="Bash"><prompt>#</prompt> service cloudstack-usage start</programlisting>
</listitem>
<listitem>
<para>(KVM only) Additional steps are required for each KVM host. These steps will not
@ -5776,7 +5776,7 @@ service cloudstack-agent start
</listitem>
<listitem>
<para>Start the agent.</para>
<programlisting># service cloud-agent start</programlisting>
<programlisting># service cloudstack-agent start</programlisting>
</listitem>
<listitem>
<para> Copy the contents of the <filename>agent.properties</filename> file to the new

33
docs/en-US/added-API-commands-4.2.xml
View File

@ -91,20 +91,31 @@
</listitem>
<listitem>
<para>listGlobalLoadBalancerRule</para>
<para>Lists load balancer rules. account (lists resources by account. Use with the domainId
parameter); domainid (lists only resources belonging to the domain specified) id (the unique
ID of the global load balancer rule) isrecursive (defaults to false, but if true, lists all
resources from the parent specified by the domainId till leaves); keyword (List by keyword);
listall (if set to false, list only resources belonging to the command's caller; if set to
true - list resources that the caller is authorized to see. Default value is false); page;
pagesize; projectid (lists objects by project); regionid (region ID); tags (lists resources
by tags: key/value pairs). </para>
<para>Lists load balancer rules.</para>
<para>The request parameters are: account (lists resources by account. Use with the domainid
parameter); domainid (lists only resources belonging to the domain specified); id (the
unique ID of the global load balancer rule); isrecursive (defaults to false; but if true,
lists all the resources from the parent specified by the domainid); keyword (lists by
keyword); listall (if set to false, lists only resources belonging to the command's caller;
if set to true, lists resources that the caller is authorized to see. Default value is
false); page; pagesize; projectid (lists objects by project); regionid ; tags (lists
resources by tags: key/value pairs). </para>
</listitem>
<listitem>
<para>updateGlobalLoadBalancerRule</para>
<para>Archives the specified events. The request parameters are: ids (allowed to pass one or
more IDs separated by comma); type (string); olderthan (yyyy-mm-dd format).</para>
<para>The response parameters are: true, false </para>
<para>Updates global load balancer rules.</para>
<para>The request parameters are: id (the unique ID of the global load balancer rule); account
(lists resources by account. Use with the domainid parameter); description (the description
of the load balancer rule); domainid (lists only resources belonging to the domain
specified); gslblbmethod (the load balancer algorithm that is used to distributed traffic
across the zones participating in global server load balancing, if not specified defaults to
round robin); gslbstickysessionmethodname (the session sticky method; if not specified
defaults to sourceip); isrecursive (defaults to false, but if true, lists all resources from
the parent specified by the domainid till leaves); keyword (lists by keyword); listall (if
set to false, list only those resources belonging to the command's caller; if set to true,
lists resources that the caller is authorized to see. Default value is false); page;
pagesize; projectid (lists objects by project); regionid; tags (lists resources by tags:
key/value pairs)</para>
</listitem>
</itemizedlist>
</section>

2
docs/en-US/aws-ec2-configuration.xml
View File

@ -35,7 +35,7 @@
<warning><para>Be sure you have included the Amazon default service offering, m1.small. As well as any EC2 instance types that you will use.</para></warning>
</listitem>
<listitem><para>If you did not already do so when you set the configuration parameter in step <xref linkend="set-global-config"/>, restart the Management Server.</para>
<programlisting># service cloud-management restart</programlisting>
<programlisting># service cloudstack-management restart</programlisting>
</listitem>
</orderedlist>
<para>The following sections provides details to perform these steps</para>

2
docs/en-US/build-rpm.xml
View File

@ -26,7 +26,7 @@ under the License.
<title>Building RPMs from Source</title>
<para>As mentioned previously in <xref linkend="sect-source-prereq" />, you will need to install several prerequisites before you can build packages for &PRODUCT;. Here we'll assume you're working with a 64-bit build of CentOS or Red Hat Enterprise Linux.</para>
<para><programlisting># yum groupinstall "Development Tools"</programlisting></para>
<para><programlisting># yum install java-1.6.0-openjdk-devel.x86_64 genisoimage mysql mysql-server ws-common-utils MySQL-python tomcat6 createrepo</programlisting></para>
<para><programlisting># yum install java-1.6.0-openjdk-devel.x86_64 genisoimage mysql mysql-server ws-commons-util MySQL-python tomcat6 createrepo</programlisting></para>
<para>Next, you'll need to install build-time dependencies for CloudStack with
Maven. We're using Maven 3, so you'll want to
<ulink url="http://maven.apache.org/download.cgi">grab a Maven 3 tarball</ulink>

6
docs/en-US/change-database-password.xml
View File

@ -29,8 +29,8 @@
<listitem>
<para>Before changing the password, you'll need to stop CloudStack's management server and the usage engine if you've deployed that component.</para>
<screen>
<command># service cloud-management stop</command>
<command># service cloud-usage stop</command>
<command># service cloudstack-management stop</command>
<command># service cloudstack-usage stop</command>
</screen>
</listitem>
<listitem>
@ -68,7 +68,7 @@ db.usage.password=ENC(encrypted_password_from_above)
<listitem>
<para>After copying the new password over, you can now start CloudStack (and the usage engine, if necessary).</para>
<screen>
<command># service cloud-management start</command>
<command># service cloudstack-management start</command>
<command># service cloud-usage start</command>
</screen>
</listitem>

2
docs/en-US/citrix-xenserver-installation.xml
View File

@ -610,7 +610,7 @@ master-password=[your password]</programlisting>
<listitem>
<para>Restart the Management Server and Usage Server. You only need to do this once for
all clusters.</para>
<programlisting># service cloud-management start
<programlisting># service cloudstack-management start
# service cloud-usage start</programlisting>
</listitem>
</orderedlist>

4
docs/en-US/configure-usage-server.xml
View File

@ -32,8 +32,8 @@
<listitem><para>In Actions, click the Edit icon.</para></listitem>
<listitem><para>Type the desired value and click the Save icon.</para></listitem>
<listitem><para>Restart the Management Server (as usual with any global configuration change) and also the Usage Server:</para>
<programlisting># service cloud-management restart
# service cloud-usage restart
<programlisting language="Bash"># service cloudstack-management restart
# service cloudstack-usage restart
</programlisting></listitem>
</orderedlist>
<para>The following table shows the global configuration settings that control the behavior of the Usage Server.</para>

2
docs/en-US/creating-network-offerings.xml
View File

@ -253,7 +253,7 @@
mode. In this mode, network resources are allocated only when the first virtual machine
starts in the network. When conservative mode is off, the public IP can only be used for
a single service. For example, a public IP used for a port forwarding rule cannot be
used for defining other services, such as SaticNAT or load balancing. When the conserve
used for defining other services, such as StaticNAT or load balancing. When the conserve
mode is on, you can define more than one service on the same public IP.</para>
<note>
<para>If StaticNAT is enabled, irrespective of the status of the conserve mode, no port

6
docs/en-US/database-replication.xml
View File

@ -121,14 +121,14 @@ mysql> start slave;
<title>Failover</title>
<para>This will provide for a replicated database that can be used to implement manual failover for the Management Servers. &PRODUCT; failover from one MySQL instance to another is performed by the administrator. In the event of a database failure you should:</para>
<orderedlist>
<listitem><para>Stop the Management Servers (via service cloud-management stop).</para></listitem>
<listitem><para>Stop the Management Servers (via service cloudstack-management stop).</para></listitem>
<listitem><para>Change the replica's configuration to be a master and restart it.</para></listitem>
<listitem><para>Ensure that the replica's port 3306 is open to the Management Servers.</para></listitem>
<listitem><para>Make a change so that the Management Server uses the new database. The simplest process here is to put the IP address of the new database server into each Management Server's /etc/cloud/management/db.properties.</para></listitem>
<listitem><para>Make a change so that the Management Server uses the new database. The simplest process here is to put the IP address of the new database server into each Management Server's /etc/cloudstack/management/db.properties.</para></listitem>
<listitem>
<para>Restart the Management Servers:</para>
<programlisting>
# service cloud-management start
# service cloudstack-management start
</programlisting>
</listitem>
</orderedlist>

5
docs/en-US/delete-event-alerts.xml
View File

@ -27,7 +27,10 @@
<para>You can delete or archive individual alerts or events either directly by using the Quickview
or by using the Details page. If you want to delete multiple alerts or events at the same time,
you can use the respective context menu. You can delete alerts or events by category for a time
period.</para>
period. For example, you can select categories such as <emphasis role="bold"
>USER.LOGOUT</emphasis>, <emphasis role="bold">VM.DESTROY</emphasis>, <emphasis role="bold"
>VM.AG.UPDATE</emphasis>, <emphasis role="bold">CONFIGURATION.VALUE.EDI</emphasis>, and so on.
You can also view the number of events or alerts archived or deleted.</para>
<para>In order to support the delete or archive alerts, the following global parameters have been
added:</para>
<itemizedlist>

1
docs/en-US/external-firewalls-and-load-balancers.xml
View File

@ -29,5 +29,6 @@
xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="ongoing-config-of-external-firewalls-lb.xml"
xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="load-balancer-rules.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="autoscale.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
</section>

610
docs/en-US/gslb.xml
View File

@ -26,7 +26,7 @@
achieve this by extending its functionality of integrating with NetScaler Application Delivery
Controller (ADC), which also provides various GSLB capabilities, such as disaster recovery and
load balancing. The DNS redirection technique is used to achieve GSLB in &PRODUCT;. </para>
<para>In order to support his functionality, region level services and service provider are
<para>In order to support this functionality, region level services and service provider are
introduced. A new service 'GSLB' is introduced as a region level service. The GSLB service
provider is introduced that will provider the GSLB service. Currently, NetScaler is the
supported GSLB provider in &PRODUCT;. GSLB functionality works in an Active-Active data center
@ -40,194 +40,446 @@
multiple data centers situated at geographically separated locations. GSLB can also provide an
alternate location for accessing a resource in the event of a failure, or to provide a means
of shifting traffic easily to simplify maintenance, or both.</para>
<section id="gslb-comp">
<title>Components of GSLB</title>
<para>A typical GSLB environment is comprised of the following components:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">GSLB Site</emphasis>: In &PRODUCT;terminology, GSLB sites are
represented by zones that are mapped to data centers, each of which has various network
appliances. Each GSLB site is managed by a NetScaler appliance that is local to that
site. Each of these appliances treats its own site as the local site and all other
sites, managed by other appliances, as remote sites. It is the central entity in a GSLB
deployment, and is represented by a name and an IP address.</para>
</listitem>
<listitem>
<para><emphasis role="bold">GSLB Services</emphasis>: A GSLB service is typically
represented by a load balancing or content switching virtual server. In a GSLB
environment, you can have a local as well as remote GSLB services. A local GSLB service
represents a local load balancing or content switching virtual server. A remote GSLB
service is the one configured at one of the other sites in the GSLB setup. At each site
in the GSLB setup, you can create one local GSLB service and any number of remote GSLB
services.</para>
</listitem>
<listitem>
<para><emphasis role="bold">GSLB Virtual Servers</emphasis>: A GSLB virtual server refers
to one or more GSLB services and balances traffic between traffic across the VMs in
multiple zones by using the &PRODUCT; functionality. It evaluates the configured GSLB
methods or algorithms to select a GSLB service to which to send the client requests. One
or more virtual servers from different zones are bound to the GSLB virtual server. GSLB
virtual server does not have a public IP associated with it, instead it will have a FQDN
DNS name.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Load Balancing or Content Switching Virtual
Servers</emphasis>: According to Citrix NetScaler terminology, a load balancing or
content switching virtual server represents one or many servers on the local network.
Clients send their requests to the load balancing or content switching virtual servers
virtual IP (VIP) address, and the virtual server balances the load across the local
servers. After a GSLB virtual server selects a GSLB service representing either a local
or a remote load balancing or content switching virtual server, the client sends the
request to that virtual servers VIP address.</para>
</listitem>
<listitem>
<para><emphasis role="bold">DNS VIPs</emphasis>: DNS virtual IP represents a load
balancing DNS virtual server on the GSLB service provider. The DNS requests for domains
for which the GSLB service provider is authoritative can be sent to a DNS VIP.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Authoritative DNS</emphasis>: ADNS (Authoritative Domain Name
Server) is a service that provides actual answer to DNS queries, such as web site IP
address. In a GSLB environment, an ADNS service responds only to DNS requests for
domains for which the GSLB service provider is authoritative. When an ADNS service is
configured, the service provider owns that IP address and advertises it. When you create
an ADNS service, the NetScaler responds to DNS queries on the configured ADNS service IP
and port.</para>
</listitem>
</itemizedlist>
</section>
<section id="concept-gslb">
<title>How Does GSLB Works in &PRODUCT;?</title>
<para>Global server load balancing is used to manage the traffic flow to a web site hosted on
two separate zones that ideally are in different geographic locations. The following is an
illustration of how GLSB functionality is provided in &PRODUCT;: An organization, xyztelco,
has set up a public cloud that spans two zones, Zone-1 and Zone-2, across geographically
separated data centers that are managed by &PRODUCT;. Tenant-A of the cloud launches a
highly available solution by using xyztelco cloud. For that purpose, they launch two
instances each in both the zones: VM1 and VM2 in Zone-1 and VM5 and VM6 in Zone-2. Tenant-A
acquires a public IP, IP-1 in Zone-1, and configures a load balancer rule to load balance
the traffic between VM1 and VM2 instances. &PRODUCT; orchestrates setting up a virtual
server on the LB service provider in Zone-1. Virtual server 1 that is set up on the LB
service provider in Zone-1 represents a publicly accessible virtual server that client
reaches at IP-1. The client traffic to virtual server 1 at IP-1 will be load balanced across
VM1 and VM2 instances. </para>
<para>Tenant-A acquires another public IP, IP-2 in Zone-2 and sets up a load balancer rule to
load balance the traffic between VM5 and VM6 instances. Similarly in Zone-2, &PRODUCT;
orchestrates setting up a virtual server on the LB service provider. Virtual server 2 that
is setup on the LB service provider in Zone-2 represents a publicly accessible virtual
server that client reaches at IP-2. The client traffic that reaches virtual server 2 at IP-2
is load balanced across VM5 and VM6 instances. At this point Tenant-A has the service
enabled in both the zones, but has no means to set up a disaster recovery plan if one of the
zone fails. Additionally, there is no way for Tenant-A to load balance the traffic
intelligently to one of the zones based on load, proximity and so on. The cloud
administrator of xyztelco provisions a GSLB service provider to both the zones. A GSLB
provider is typically an ADC that has the ability to act as an ADNS (Authoritative Domain
Name Server) and has the mechanism to monitor health of virtual servers both at local and
remote sites. The cloud admin enables GSLB as a service to the tenants that use zones 1 and
2. </para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/gslb.png"/>
</imageobject>
<textobject>
<phrase>gslb.png: GSLB architecture</phrase>
</textobject>
</mediaobject>
<para>Tenant-A wishes to leverage the GSLB service provided by the xyztelco cloud. Tenant-A
configures a GSLB rule to load balance traffic across virtual server 1 at Zone-1 and virtual
server 2 at Zone-2. The domain name is provided as A.xyztelco.com. &PRODUCT; orchestrates
setting up GSLB virtual server 1 on the GSLB service provider at Zone-1. &PRODUCT; binds
virtual server 1 of Zone-1 and virtual server 2 of Zone-2 to GLSB virtual server 1. GSLB
virtual server 1 is configured to start monitoring the health of virtual server 1 and 2 in
Zone-1. &PRODUCT; will also orchestrate setting up GSLB virtual server 2 on GSLB service
provider at Zone-2. &PRODUCT; will bind virtual server 1 of Zone-1 and virtual server 2 of
Zone-2 to GLSB virtual server 2. GSLB virtual server 2 is configured to start monitoring the
health of virtual server 1 and 2. &PRODUCT; will bind the domain A.xyztelco.com to both the
GSLB virtual server 1 and 2. At this point, Tenant-A service will be globally reachable at
A.xyztelco.com. The private DNS server for the domain xyztelcom.com is configured by the
admin out-of-band to resolve the domain A.xyztelco.com to the GSLB providers at both the
zones, which are configured as ADNS for the domain A.xyztelco.com. A client when sends a DNS
request to resolve A.xyztelcom.com, will eventually get DNS delegation to the address of
GSLB providers at zone 1 and 2. A client DNS request will be received by the GSLB provider.
The GSLB provider, depending on the domain for which it needs to resolve, will pick up the
GSLB virtual server associated with the domain. Depending on the health of the virtual
servers being load balanced, DNS request for the domain will be resolved to the public IP
associated with the selected virtual server.</para>
</section>
</section>
<section id="prereq-gslb">
<title>Prerequisites and Guidelines</title>
<itemizedlist>
<listitem>
<para>The GSLB functionality is supported both Basic and Advanced zones.</para>
</listitem>
<listitem>
<para>GSLB is added as a new network service.</para>
</listitem>
<listitem>
<para>GSLB service provider can be added to a physical network in a zone.</para>
</listitem>
<listitem>
<para>The admin is allowed to enable or disable GSLB functionality at region level.</para>
</listitem>
<listitem>
<para>The admin is allowed to configure a zone as GSLB capable or enabled. </para>
<para>A zone shall be considered as GSLB capable only if a GSLB service provider is
provisioned in the zone.</para>
</listitem>
<listitem>
<para>When users have VMs deployed in multiple availability zones which are GSLB enabled,
user is allowed to use the GSLB functionality to load balance traffic across the VMs in
multiple zones.</para>
</listitem>
<listitem>
<para>The users are allowed to use GSLB to load balance across the VMs across zones in a
region only if the admin has enabled GSLB in that region. </para>
</listitem>
<listitem>
<para>The users are allowed to load balance traffic across the availability zones in the
same region or different regions.</para>
</listitem>
<listitem>
<para>The admin is allowed to configure DNS name for the entire cloud.</para>
</listitem>
<listitem>
<para>The users can specify an unique name, across the cloud, for a globally load balanced
service. The provided name will be used as the domain under the DNS name associated with
the cloud.</para>
<para>The user-provided name along with the admin-provided DNS name is used to produce a
globally resolvable FQDN for the globally load balanced service of the user. For example,
if the admin has configured xyztelco.com as the DNS name for the cloud, and user specifies
'foo' for the GSLB virtual service, then the FQDN name of the GSLB virtual service is
foo.xyztelco.com.</para>
</listitem>
<listitem>
<para>While setting up GSLB, users can select a load balancing method, such as round robin
or least RTT, that would be the load balance traffic used across the zones that are part
of GSLB.</para>
</listitem>
<listitem>
<para>The user shall be able to set weight to zone-level virtual server. Weight shall be
considered by the load balancing method is distributing the traffic.</para>
</listitem>
<listitem>
<para>The GSLB functionality shall support session persistence, where series of client
requests for particular domain name is sent to a virtual server on the same zone. </para>
<para>Statistics is collected from each GSLB virtual server.</para>
</listitem>
</itemizedlist>
</section>
<section id="gslb-add">
<title>Adding a GSLB Rule</title>
<section id="gslb-workflow">
<title>Configuring GSLB</title>
<para>To configure a GSLB deployment, you must first configure a standard load balancing setup
for each zone. This enables you to balance load across the different servers in each zone in
the region. Then on the NetScaler side, configure both NetScaler appliances that you plan to
add to each zone as authoritative DNS (ADNS) servers. Next, create a GSLB site for each zone,
configure GSLB virtual servers for each site, create GLSB services, and bind the GSLB services
to the GSLB virtual servers. Finally, bind the domain to the GSLB virtual servers. The GSLB
configurations on the two appliances at the two different zones are identical, although each
sites load-balancing configuration is specific to that site.</para>
<para>Perform the following as a cloud administrator. As per the example given above, the
administrator of xyztelco is the one who sets up GSLB:</para>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as administrator.</para>
<para>In the cloud.dns.name global parameter, specify the DNS name of your tenant's cloud
that make use of the GSLB service.</para>
</listitem>
<listitem>
<para>In the left navigation pane, click Region.</para>
<para>On the NetScaler side, configure GSLB as given in <ulink
url="http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-config-con.html"
>Configuring Global Server Load Balancing (GSLB)</ulink>:</para>
<orderedlist>
<listitem>
<para>Configuring a standard load balancing setup.</para>
</listitem>
<listitem>
<para>Configure Authoritative DNS, as explained in <ulink
url="http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-config-adns-svc-tsk.html"
>Configuring an Authoritative DNS Service</ulink>.</para>
</listitem>
<listitem>
<para>Configure a GSLB site with site name formed from the domain name details.</para>
<para>Configure a GSLB site with the site name formed from the domain name.</para>
<para>As per the example given above, the site names are A.xyztelco.com and
B.xyztelco.com.</para>
<para>For more information, see <ulink
url="http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-config-basic-site-tsk.html"
>Configuring a Basic GSLB Site</ulink>.</para>
</listitem>
<listitem>
<para>Configure a GSLB virtual server.</para>
<para>For more information, see <ulink
url="http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-config-vsvr-tsk.html"
>Configuring a GSLB Virtual Server</ulink>.</para>
</listitem>
<listitem>
<para>Configure a GSLB service for each virtual server.</para>
<para>For more information, see <ulink
url="http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-config-svc-tsk.html"
>Configuring a GSLB Service</ulink>.</para>
</listitem>
<listitem>
<para>Bind the GSLB services to the GSLB virtual server.</para>
<para>For more information, see <ulink
url="http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-bind-svc-vsvr-tsk.html"
>Binding GSLB Services to a GSLB Virtual Server</ulink>.</para>
</listitem>
<listitem>
<para>Bind domain name to GSLB virtual server. Domain name is obtained from the domain
details.</para>
<para>For more information, see <ulink
url="http://support.citrix.com/proddocs/topic/netscaler-traffic-management-10-map/ns-gslb-bind-dom-vsvr-tsk.html"
>Binding a Domain to a GSLB Virtual Server</ulink>.</para>
</listitem>
</orderedlist>
</listitem>
<listitem>
<para>Select the region for which you want to create a GSLB rule.</para>
</listitem>
<listitem>
<para>In the Details tab, click View GSLB.</para>
</listitem>
<listitem>
<para>Click Add GSLB.</para>
<para>The Add GSLB page is displayed as follows:</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/add-gslb.png"/>
</imageobject>
<textobject>
<phrase>gslb-add.png: adding a gslb rule</phrase>
</textobject>
</mediaobject>
</listitem>
<listitem>
<para>Specify the following:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Name</emphasis>: Name for the GSLB rule.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Description</emphasis>: (Optional) A short description of
the GSLB rule that can be displayed to users.</para>
</listitem>
<listitem>
<para><emphasis role="bold">GSLB Domain Name</emphasis>: A preferred domain name for the
service.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Algorithm</emphasis>: (Optional) The algorithm to use to
load balance the traffic across the zones. The options are Round Robin, Least
Connection, and Proximity.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Service Type</emphasis>: The transport protocol to use for
GSLB. The options are TCP and UDP.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Domain</emphasis>: (Optional) The domain for which you want
to create the GSLB rule.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Account</emphasis>: (Optional) The account on which you want
to apply the GSLB rule.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Click OK to confirm.</para>
<para>In each zone that are participating in GSLB, add GSLB-enabled NetScaler device.</para>
<para>For more information, see <xref linkend="enable-glsb-ns"/>.</para>
</listitem>
</orderedlist>
<para>As a domain administrator/ user perform the following:</para>
<orderedlist>
<listitem>
<para>Add a GSLB rule on both the sites.</para>
<para>See <xref linkend="gslb-add"/>.</para>
</listitem>
<listitem>
<para>Assign load balancer rules.</para>
<para>See <xref linkend="assign-lb-gslb"/>.</para>
</listitem>
</orderedlist>
<section id="prereq-gslb">
<title>Prerequisites and Guidelines</title>
<itemizedlist>
<listitem>
<para>The GSLB functionality is supported both Basic and Advanced zones.</para>
</listitem>
<listitem>
<para>GSLB is added as a new network service.</para>
</listitem>
<listitem>
<para>GSLB service provider can be added to a physical network in a zone.</para>
</listitem>
<listitem>
<para>The admin is allowed to enable or disable GSLB functionality at region level.</para>
</listitem>
<listitem>
<para>The admin is allowed to configure a zone as GSLB capable or enabled. </para>
<para>A zone shall be considered as GSLB capable only if a GSLB service provider is
provisioned in the zone.</para>
</listitem>
<listitem>
<para>When users have VMs deployed in multiple availability zones which are GSLB enabled,
they can use the GSLB functionality to load balance traffic across the VMs in multiple
zones.</para>
</listitem>
<listitem>
<para>The users can use GSLB to load balance across the VMs across zones in a region only
if the admin has enabled GSLB in that region. </para>
</listitem>
<listitem>
<para>The users can load balance traffic across the availability zones in the same region
or different regions.</para>
</listitem>
<listitem>
<para>The admin can configure DNS name for the entire cloud.</para>
</listitem>
<listitem>
<para>The users can specify an unique name across the cloud for a globally load balanced
service. The provided name is used as the domain name under the DNS name associated with
the cloud.</para>
<para>The user-provided name along with the admin-provided DNS name is used to produce a
globally resolvable FQDN for the globally load balanced service of the user. For
example, if the admin has configured xyztelco.com as the DNS name for the cloud, and
user specifies 'foo' for the GSLB virtual service, then the FQDN name of the GSLB
virtual service is foo.xyztelco.com.</para>
</listitem>
<listitem>
<para>While setting up GSLB, users can select a load balancing method, such as round
robin, for using across the zones that are part of GSLB.</para>
</listitem>
<listitem>
<para>The user shall be able to set weight to zone-level virtual server. Weight shall be
considered by the load balancing method for distributing the traffic.</para>
</listitem>
<listitem>
<para>The GSLB functionality shall support session persistence, where series of client
requests for particular domain name is sent to a virtual server on the same zone. </para>
<para>Statistics is collected from each GSLB virtual server.</para>
</listitem>
</itemizedlist>
</section>
<section id="enable-glsb-ns">
<title>Enabling GSLB in NetScaler</title>
<para>In each zone, add GSLB-enabled NetScaler device for load balancing.</para>
<orderedlist>
<listitem>
<para>Log in as administrator to the &PRODUCT; UI.</para>
</listitem>
<listitem>
<para>In the left navigation bar, click Infrastructure.</para>
</listitem>
<listitem>
<para>In Zones, click View More.</para>
</listitem>
<listitem>
<para>Choose the zone you want to work with.</para>
</listitem>
<listitem>
<para>Click the Physical Network tab, then click the name of the physical network. </para>
</listitem>
<listitem>
<para>In the Network Service Providers node of the diagram, click Configure. </para>
<para>You might have to scroll down to see this.</para>
</listitem>
<listitem>
<para>Click NetScaler.</para>
</listitem>
<listitem>
<para>Click Add NetScaler device and provide the following:</para>
<para>For NetScaler:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">IP Address</emphasis>: The IP address of the SRX.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Username/Password</emphasis>: The authentication
credentials to access the device. &PRODUCT; uses these credentials to access the
device.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Type</emphasis>: The type of device that is being added.
It could be F5 Big Ip Load Balancer, NetScaler VPX, NetScaler MPX, or NetScaler SDX.
For a comparison of the NetScaler types, see the &PRODUCT; Administration
Guide.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Public interface</emphasis>: Interface of device that is
configured to be part of the public network.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Private interface</emphasis>: Interface of device that is
configured to be part of the private network.</para>
</listitem>
<listitem>
<para><emphasis role="bold">GSLB service</emphasis>: Select this option.</para>
</listitem>
<listitem>
<para><emphasis role="bold">GSLB service Public IP</emphasis>: The public IP address
of the NAT translator for a GSLB service that is on a private network.</para>
</listitem>
<listitem>
<para><emphasis role="bold">GSLB service Private IP</emphasis>: The private IP of the
GSLB service.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Number of Retries</emphasis>. Number of times to attempt a
command on the device before considering the operation failed. Default is 2.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Capacity</emphasis>: The number of networks the device can
handle.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Dedicated</emphasis>: When marked as dedicated, this
device will be dedicated to a single account. When Dedicated is checked, the value
in the Capacity field has no significance implicitly, its value is 1.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Click OK.</para>
</listitem>
</orderedlist>
</section>
<section id="gslb-add">
<title>Adding a GSLB Rule</title>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as a domain administrator or user.</para>
</listitem>
<listitem>
<para>In the left navigation pane, click Region.</para>
</listitem>
<listitem>
<para>Select the region for which you want to create a GSLB rule.</para>
</listitem>
<listitem>
<para>In the Details tab, click View GSLB.</para>
</listitem>
<listitem>
<para>Click Add GSLB.</para>
<para>The Add GSLB page is displayed as follows:</para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/add-gslb.png"/>
</imageobject>
<textobject>
<phrase>gslb-add.png: adding a gslb rule</phrase>
</textobject>
</mediaobject>
</listitem>
<listitem>
<para>Specify the following:</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Name</emphasis>: Name for the GSLB rule.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Description</emphasis>: (Optional) A short description of
the GSLB rule that can be displayed to users.</para>
</listitem>
<listitem>
<para><emphasis role="bold">GSLB Domain Name</emphasis>: A preferred domain name for
the service.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Algorithm</emphasis>: (Optional) The algorithm to use to
load balance the traffic across the zones. The options are Round Robin, Least
Connection, and Proximity.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Service Type</emphasis>: The transport protocol to use for
GSLB. The options are TCP and UDP.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Domain</emphasis>: (Optional) The domain for which you
want to create the GSLB rule.</para>
</listitem>
<listitem>
<para><emphasis role="bold">Account</emphasis>: (Optional) The account on which you
want to apply the GSLB rule.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Click OK to confirm.</para>
</listitem>
</orderedlist>
</section>
<section id="assign-lb-gslb">
<title>Assigning Load Balancing Rules to GSLB</title>
<orderedlist>
<listitem>
<para>Log in to the &PRODUCT; UI as a domain administrator or user.</para>
</listitem>
<listitem>
<para>In the left navigation pane, click Region.</para>
</listitem>
<listitem>
<para>Select the region for which you want to create a GSLB rule.</para>
</listitem>
<listitem>
<para>In the Details tab, click View GSLB.</para>
</listitem>
<listitem>
<para>Select the desired GSLB.</para>
</listitem>
<listitem>
<para>Click view assigned load balancing.</para>
</listitem>
<listitem>
<para>Click assign more load balancing.</para>
</listitem>
<listitem>
<para>Select the load balancing rule you have created for the zone.</para>
</listitem>
<listitem>
<para>Click OK to confirm.</para>
</listitem>
</orderedlist>
</section>
</section>
<section id="assign-lb-gslb">
<title>Assigning Load Balancing Rules to GSLB</title>
<para/>
</section>
<section id="concept-gslb">
<title>How Does GSLB Works in &PRODUCT;?</title>
<para>The following is an illustrated conceptual model of how GLSB functionality is provided in
&PRODUCT;: An organization, xyztelco, has set up a public cloud that spans two zones, Zone-1
and Zone-2, across geographically separated data centers that are managed by &PRODUCT;.
Tenant-A of the cloud launches a highly available solution by using xyztelco cloud. For that
purpose, they launch two instances each in both the zones: VM1 and VM2 in Zone-1 and VM5 and
VM6 in Zone-2. Tenant-A acquires a public IP, IP-1 in Zone-1, and configures a load balancer
rule to load balance the traffic between VM1 and VM2 instances. &PRODUCT; orchestrates setting
up a virtual server on the LB service provider in Zone-1. Virtual server 1 that is set up on
the LB service provider in Zone-1 represents a publicly accessible virtual server that client
reaches at IP-1. The client traffic to virtual server 1 at IP-1 will be load balanced across
VM1 and VM2 instances. </para>
<para>Tenant-A acquires another public IP, IP-2 in Zone-2 and sets up a load balancer rule to
load balance the traffic between VM5 and VM6 instances. Similarly in Zone-2, &PRODUCT;
orchestrates setting up a virtual server on the LB service provider. Virtual server 2 that is
setup on the LB service provider in Zone-2 represents a publicly accessible virtual server
that client reaches at IP-2. The client traffic that reaches virtual server 2 at IP-2 is load
balanced across VM5 and VM6 instances. At this point Tenant-A has the service enabled in both
the zones, but has no means to set up a disaster recovery plan if one of the zone fails.
Additionally, there is no way for Tenant-A to load balance the traffic intelligently to one of
the zones based on load, proximity and so on. The cloud administrator of xyztelco provisions a
GSLB service provider to both the zones. A GSLB provider is typically an ADC that has the
ability to act as an ADNS (Authoritative Domain Name Server) and has the mechanism to monitor
health of virtual servers both at local and remote sites. The cloud admin enables GSLB as a
service to the tenants that use zones 1 and 2. </para>
<mediaobject>
<imageobject>
<imagedata fileref="./images/gslb.png"/>
</imageobject>
<textobject>
<phrase>gslb.png: GSLB architecture</phrase>
</textobject>
</mediaobject>
<para>Tenant-A wishes to leverage the GSLB service provided by the xyztelco cloud. Tenant-A
configures a GSLB rule to load balance traffic across virtual server 1 at Zone-1 and virtual
server 2 at Zone-2. The domain name is provided as A.xyztelco.com. &PRODUCT; orchestrates
setting up GSLB virtual server 1 on the GSLB service provider at Zone-1. &PRODUCT; binds
virtual server 1 of Zone-1 and virtual server 2 of Zone-2 to GLSB virtual server 1. GSLB
virtual server 1 is configured to start monitoring the health of virtual server 1 and 2 in
Zone-1. &PRODUCT; will also orchestrate setting up GSLB virtual server 2 on GSLB service
provider at Zone-2. &PRODUCT; will bind virtual server 1 of Zone-1 and virtual server 2 of
Zone-2 to GLSB virtual server 2. GSLB virtual server 2 is configured to start monitoring the
health of virtual server 1 and 2. &PRODUCT; will bind the domain A.xyztelco.com to both the
GSLB virtual server 1 and 2. At this point, Tenant-A service will be globally reachable at
A.xyztelco.com. The private DNS server for the domain xyztelcom.com is configured by the admin
out-of-band to resolve the domain A.xyztelco.com to the GSLB providers at both the zones,
which are configured as ADNS for the domain A.xyztelco.com. A client when sends a DNS request
to resolve A.xyztelcom.com, will eventually get DNS delegation to the address of GSLB
providers at Zone 1 and 2. A client DNS request will be received by the GSLB provider. The
GSLB provider, depending on the domain for which it needs to resolve, will pick up the GSLB
virtual server associated with the domain. Depending on the health of the virtual servers
being load balanced, DNS request for the domain will be resolved to the public IP associated
with the selected virtual server.</para>
</section>
<section id="limitation-gslb">
<section>
<title>Known Limitation</title>
<para>Currently, &PRODUCT; does not support orchestration of services across the zones. The
notion of services and service providers in region are to be introduced.</para>

4
docs/en-US/host-add-xenserver-kvm-ovm.xml
View File

@ -98,7 +98,7 @@
</section>
<section>
<title>Adding a XenServer or KVM Host</title>
<itemizedlist>
<orderedlist>
<listitem>
<para>If you have not already done so, install the hypervisor software on the host. You will
need to know which version of the hypervisor software version is supported by &PRODUCT;
@ -152,6 +152,6 @@
<listitem>
<para>Repeat for additional hosts. </para>
</listitem>
</itemizedlist>
</orderedlist>
</section>
</section>

6
docs/en-US/hypervisor-host-install-agent.xml
View File

@ -27,8 +27,8 @@
<para>To manage KVM instances on the host &PRODUCT; uses a Agent. This Agent communicates with the Management server and controls all the instances on the host.</para>
<para>First we start by installing the agent:</para>
<para>In RHEL or CentOS:</para>
<programlisting language="Bash"><command>$ yum install cloud-agent</command></programlisting>
<programlisting language="Bash"><command>$ yum install cloudstack-agent</command></programlisting>
<para>In Ubuntu:</para>
<programlisting language="Bash"><command>$ apt-get install cloud-agent</command></programlisting>
<programlisting language="Bash"><command>$ apt-get install cloudstack-agent</command></programlisting>
<para>The host is now ready to be added to a cluster. This is covered in a later section, see <xref linkend="host-add" />. It is recommended that you continue to read the documentation before adding the host!</para>
</section>
</section>

2
docs/en-US/hypervisor-host-install-libvirt.xml
View File

@ -24,7 +24,7 @@
<section id="hypervisor-host-install-libvirt">
<title>Install and Configure libvirt</title>
<para>&PRODUCT; uses libvirt for managing virtual machines. Therefore it is vital that libvirt is configured correctly. Libvirt is a dependency of cloud-agent and should already be installed.</para>
<para>&PRODUCT; uses libvirt for managing virtual machines. Therefore it is vital that libvirt is configured correctly. Libvirt is a dependency of cloudstack-agent and should already be installed.</para>
<orderedlist>
<listitem>
<para>In order to have live migration working libvirt has to listen for unsecured TCP connections. We also need to turn off libvirts attempt to use Multicast DNS advertising. Both of these settings are in <filename>/etc/libvirt/libvirtd.conf</filename></para>

BIN
docs/en-US/images/gslb.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 180 KiB

After

Width:  |  Height:  |  Size: 59 KiB

2
docs/en-US/increase-management-server-max-memory.xml
View File

@ -28,7 +28,7 @@
<orderedlist>
<listitem><para>Edit the Tomcat configuration file:</para><programlisting>/etc/cloud/management/tomcat6.conf</programlisting></listitem>
<listitem><para>Change the command-line parameter -XmxNNNm to a higher value of N.</para><para>For example, if the current value is -Xmx128m, change it to -Xmx1024m or higher.</para></listitem>
<listitem><para>To put the new setting into effect, restart the Management Server.</para><programlisting># service cloud-management restart</programlisting></listitem>
<listitem><para>To put the new setting into effect, restart the Management Server.</para><programlisting># service cloudstack-management restart</programlisting></listitem>
</orderedlist>
<para>For more information about memory issues, see "FAQ: Memory" at <ulink url="http://wiki.apache.org/tomcat/FAQ/Memory">Tomcat Wiki.</ulink></para>
</section>

2
docs/en-US/install-usage-server.xml
View File

@ -52,7 +52,7 @@
<listitem>
<para>Once installed, start the Usage Server with the following command.</para>
<programlisting>
# service cloud-usage start
# service cloudstack-usage start
</programlisting>
</listitem>
</orderedlist>

4
docs/en-US/lxc-install.xml
View File

@ -74,9 +74,9 @@
<para>To manage LXC instances on the host &PRODUCT; uses a Agent. This Agent communicates with the Management server and controls all the instances on the host.</para>
<para>First we start by installing the agent:</para>
<para>In RHEL or CentOS:</para>
<programlisting language="Bash"><command>$ yum install cloud-agent</command></programlisting>
<programlisting language="Bash"><command>$ yum install cloudstack-agent</command></programlisting>
<para>In Ubuntu:</para>
<programlisting language="Bash"><command>$ apt-get install cloud-agent</command></programlisting>
<programlisting language="Bash"><command>$ apt-get install cloudstack-agent</command></programlisting>
<para>Next step is to update the Agent configuration setttings. The settings are in <filename>/etc/cloudstack/agent/agent.properties</filename></para>
<orderedlist>
<listitem>

3
docs/en-US/networks.xml
View File

@ -36,7 +36,8 @@
<xi:include href="security-groups.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="external-firewalls-and-load-balancers.xml"
xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="load-balancer-rules.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="gslb.xml"
xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="guest-ip-ranges.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="acquire-new-ip-address.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>
<xi:include href="release-ip-address.xml" xmlns:xi="http://www.w3.org/2001/XInclude"/>

2
docs/en-US/set-database-buffer-pool-size.xml
View File

@ -26,7 +26,7 @@
<title>Set Database Buffer Pool Size</title>
<para>It is important to provide enough memory space for the MySQL database to cache data and indexes:</para>
<orderedlist>
<listitem><para>Edit the Tomcat configuration file:</para><programlisting>/etc/my.cnf</programlisting></listitem>
<listitem><para>Edit the MySQL configuration file:</para><programlisting>/etc/my.cnf</programlisting></listitem>
<listitem><para>Insert the following line in the [mysqld] section, below the datadir line. Use a value that is appropriate for your situation. We recommend setting the buffer pool at 40% of RAM if MySQL is on the same server as the management server or 70% of RAM if MySQL has a dedicated server. The following example assumes a dedicated server with 1024M of RAM.</para>
<programlisting>innodb_buffer_pool_size=700M</programlisting></listitem>
<listitem><para>Restart the MySQL service.</para><programlisting># service mysqld restart</programlisting></listitem>

2
docs/en-US/set-global-project-resource-limits.xml
View File

@ -76,7 +76,7 @@
</listitem>
<listitem>
<para>Restart the Management Server.</para>
<programlisting># service cloud-management restart</programlisting>
<programlisting># service cloudstack-management restart</programlisting>
</listitem>
</orderedlist>
</section>

2
docs/en-US/set-projects-creator-permissions.xml
View File

@ -56,7 +56,7 @@
</listitem>
<listitem>
<para>Restart the Management Server.</para>
<programlisting># service cloud-management restart</programlisting>
<programlisting># service cloudstack-management restart</programlisting>
</listitem>
</orderedlist>
</section>

2
docs/en-US/set-up-invitations.xml
View File

@ -89,7 +89,7 @@
</informaltable>
</listitem>
<listitem><para>Restart the Management Server:</para>
<programlisting>service cloud-management restart</programlisting></listitem>
<programlisting>service cloudstack-management restart</programlisting></listitem>
</orderedlist>
</section>

6
docs/en-US/stop-restart-management-server.xml
View File

@ -26,9 +26,9 @@
<para>The root administrator will need to stop and restart the Management Server from time to time.</para>
<para>For example, after changing a global configuration parameter, a restart is required. If you have multiple Management Server nodes, restart all of them to put the new parameter value into effect consistently throughout the cloud..</para>
<para>To stop the Management Server, issue the following command at the operating system prompt on the Management Server node:</para>
<programlisting># service cloud-management stop</programlisting>
<programlisting># service cloudstack-management stop</programlisting>
<para>To start the Management Server:</para>
<programlisting># service cloud-management start</programlisting>
<programlisting># service cloudstack-management start</programlisting>
<para>To stop the Management Server:</para>
<programlisting># service cloud-management stop</programlisting>
<programlisting># service cloudstack-management stop</programlisting>
</section>

192
docs/en-US/storage-setup.xml Normal file
View File

@ -0,0 +1,192 @@
<?xml version='1.0' encoding='utf-8' ?>
<!DOCTYPE chapter PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % BOOK_ENTITIES SYSTEM "cloudstack.ent">
%BOOK_ENTITIES;
]>
<!-- Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
distributed with this work for additional information
regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
-->
<chapter id="storage-setup">
<title>Storage Setup</title>
<para>&PRODUCT; is designed to work with a wide variety of commodity and enterprise-grade storage. Local disk may be used as well, if supported by the selected hypervisor. Storage type support for guest virtual disks differs based on hypervisor selection.</para>
<informaltable>
<tgroup cols="4" align="left" colsep="1" rowsep="1">
<thead>
<row>
<entry><para></para></entry>
<entry><para>XenServer</para></entry>
<entry><para>vSphere</para></entry>
<entry><para>KVM</para></entry>
</row>
</thead>
<tbody>
<row>
<entry><para>NFS</para></entry>
<entry><para>Supported</para></entry>
<entry><para>Supported</para></entry>
<entry><para>Supported</para></entry>
</row>
<row>
<entry><para>iSCSI</para></entry>
<entry><para>Supported</para></entry>
<entry><para>Supported via VMFS</para></entry>
<entry><para>Supported via Clustered Filesystems</para></entry>
</row>
<row>
<entry><para>Fiber Channel</para></entry>
<entry><para>Supported via Pre-existing SR</para></entry>
<entry><para>Supported</para></entry>
<entry><para>Supported via Clustered Filesystems</para></entry>
</row>
<row>
<entry><para>Local Disk</para></entry>
<entry><para>Supported</para></entry>
<entry><para>Supported</para></entry>
<entry><para>Supported</para></entry>
</row>
</tbody>
</tgroup>
</informaltable>
<para>The use of the Cluster Logical Volume Manager (CLVM) for KVM is not officially supported with &PRODUCT;.</para>
<section id="storage-set-small-scale">
<title>Small-Scale Setup</title>
<para>In a small-scale setup, a single NFS server can function as both primary and secondary storage. The NFS server just needs to export two separate shares, one for primary storage and the other for secondary storage.</para>
</section>
<section id="storage-set-secondary">
<title>Secondary Storage</title>
<para>&PRODUCT; is designed to work with any scalable secondary storage system. The only requirement is the secondary storage system supports the NFS protocol.</para>
<note>
<para>The storage server should be a machine with a large number of disks. The disks should ideally be managed by a hardware RAID controller. Modern hardware RAID controllers support hot plug functionality independent of the operating system so you can replace faulty disks without impacting the running operating system.</para>
</note>
</section>
<section id="storage-set-example-config">
<title>Example Configurations</title>
<para>In this section we go through a few examples of how to set up storage to work properly on a few types of NFS and iSCSI storage systems.</para>
<section id="storage-set-example-config-local-das">
<title>Linux NFS on Local Disks and DAS</title>
<para>This section describes how to configure an NFS export on a standard Linux installation. The exact commands might vary depending on the operating system version.</para>
<orderedlist>
<listitem><para>Install the RHEL/CentOS distribution on the storage server.</para></listitem>
<listitem><para>If the root volume is more than 2 TB in size, create a smaller boot volume to install RHEL/CentOS. A root volume of 20 GB should be sufficient.</para></listitem>
<listitem><para>After the system is installed, create a directory called /export. This can each be a directory in the root partition itself or a mount point for a large disk volume.</para></listitem>
<listitem><para>If you have more than 16TB of storage on one host, create multiple EXT3 file systems and multiple NFS exports. Individual EXT3 file systems cannot exceed 16TB.</para></listitem>
<listitem>
<para>After /export directory is created, run the following command to configure it as an NFS export.</para>
<programlisting># echo "/export &lt;CIDR&gt;(rw,async,no_root_squash)" >> /etc/exports</programlisting>
<para>Adjust the above command to suit your deployment needs.</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Limiting NFS export.</emphasis> It is highly recommended that you limit the NFS export to a particular subnet by specifying a subnet mask (e.g.,”192.168.1.0/24”). By allowing access from only within the expected cluster, you avoid having non-pool member mount the storage. The limit you place must include the management network(s) and the storage network(s). If the two are the same network then one CIDR is sufficient. If you have a separate storage network you must provide separate CIDRs for both or one CIDR that is broad enough to span both.</para>
<para>The following is an example with separate CIDRs:</para>
<programlisting>/export 192.168.1.0/24(rw,async,no_root_squash) 10.50.1.0/24(rw,async,no_root_squash)</programlisting>
</listitem>
<listitem>
<para><emphasis role="bold">Removing the async flag.</emphasis> The async flag improves performance by allowing the NFS server to respond before writes are committed to the disk. Remove the async flag in your mission critical production deployment.</para>
</listitem>
</itemizedlist>
</listitem>
<listitem>
<para>Run the following command to enable NFS service.</para>
<programlisting># chkconfig nfs on</programlisting>
</listitem>
<listitem>
<para>Edit the /etc/sysconfig/nfs file and uncomment the following lines.</para>
<programlisting>LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
MOUNTD_PORT=892
RQUOTAD_PORT=875
STATD_PORT=662
STATD_OUTGOING_PORT=2020</programlisting>
</listitem>
<listitem>
<para>Edit the /etc/sysconfig/iptables file and add the following lines at the beginning of the INPUT chain.</para>
<programlisting>
-A INPUT -m state --state NEW -p udp --dport 111 -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 111 -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 2049 -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 32803 -j ACCEPT
-A INPUT -m state --state NEW -p udp --dport 32769 -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 892 -j ACCEPT
-A INPUT -m state --state NEW -p udp --dport 892 -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 875 -j ACCEPT
-A INPUT -m state --state NEW -p udp --dport 875 -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 662 -j ACCEPT
-A INPUT -m state --state NEW -p udp --dport 662 -j ACCEPT
</programlisting>
</listitem>
<listitem>
<para>Reboot the server.</para>
<para>An NFS share called /export is now set up.</para>
</listitem>
</orderedlist>
<note><para>When copying and pasting a command, be sure the command has pasted as a single line before executing. Some document viewers may introduce unwanted line breaks in copied text.</para></note>
</section>
<section id="storage-set-example-config-iscsi">
<title>Linux NFS on iSCSI</title>
<para>Use the following steps to set up a Linux NFS server export on an iSCSI volume. These steps apply to RHEL/CentOS 5 distributions.</para>
<orderedlist>
<listitem>
<para>Install iscsiadm.</para>
<programlisting>
# yum install iscsi-initiator-utils
# service iscsi start
# chkconfig --add iscsi
# chkconfig iscsi on
</programlisting>
</listitem>
<listitem>
<para>Discover the iSCSI target.</para>
<programlisting># iscsiadm -m discovery -t st -p &lt;iSCSI Server IP address&gt;:3260</programlisting>
<para>For example:</para>
<programlisting># iscsiadm -m discovery -t st -p 172.23.10.240:3260
172.23.10.240:3260,1 iqn.2001-05.com.equallogic:0-8a0906-83bcb3401-16e0002fd0a46f3d-rhel5-test </programlisting>
</listitem>
<listitem>
<para>Log in.</para>
<programlisting># iscsiadm -m node -T &lt;Complete Target Name&gt; -l -p &lt;Group IP&gt;:3260</programlisting>
<para>For example:</para>
<programlisting># iscsiadm -m node -l -T iqn.2001-05.com.equallogic:83bcb3401-16e0002fd0a46f3d-rhel5-test -p 172.23.10.240:3260 </programlisting>
</listitem>
<listitem>
<para>Discover the SCSI disk. For example:</para>
<programlisting>
# iscsiadm -m session -P3 | grep Attached
Attached scsi disk sdb State: running
</programlisting>
</listitem>
<listitem>
<para>Format the disk as ext3 and mount the volume.</para>
<programlisting># mkfs.ext3 /dev/sdb
# mkdir -p /export
# mount /dev/sdb /export
</programlisting>
</listitem>
<listitem>
<para>Add the disk to /etc/fstab to make sure it gets mounted on boot.</para>
<programlisting>/dev/sdb /export ext3 _netdev 0 0</programlisting>
</listitem>
</orderedlist>
<para>Now you can set up /export as an NFS share.</para>
<itemizedlist>
<listitem>
<para><emphasis role="bold">Limiting NFS export.</emphasis> In order to avoid data loss, it is highly recommended that you limit the NFS export to a particular subnet by specifying a subnet mask (e.g.,”192.168.1.0/24”). By allowing access from only within the expected cluster, you avoid having non-pool member mount the storage and inadvertently delete all its data. The limit you place must include the management network(s) and the storage network(s). If the two are the same network then one CIDR is sufficient. If you have a separate storage network you must provide separate CIDRs for both or one CIDR that is broad enough to span both. </para>
<para>The following is an example with separate CIDRs:</para>
<programlisting>/export 192.168.1.0/24(rw,async,no_root_squash) 10.50.1.0/24(rw,async,no_root_squash)</programlisting>
</listitem>
<listitem><para><emphasis role="bold">Removing the async flag.</emphasis> The async flag improves performance by allowing the NFS server to respond before writes are committed to the disk. Remove the async flag in your mission critical production deployment.</para></listitem>
</itemizedlist>
</section>
</section>
</chapter>

2
docs/en-US/sys-offering-sysvm.xml
View File

@ -65,7 +65,7 @@
<listitem>
<para>Restart &PRODUCT; Management Server. Restarting is required because the default
offerings are loaded into the memory at startup.</para>
<programlisting>service cloud-management restart</programlisting>
<programlisting>service cloudstack-management restart</programlisting>
</listitem>
<listitem>
<para>Destroy the existing CPVM or SSVM offerings and wait for them to be recreated. The new

Some files were not shown because too many files have changed in this diff Show More