etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
23,948 Commits 326 Branches 325 Tags 885 MiB
Commit Graph

109 Commits

Author SHA1 Message Date
Daan Hoogland 412016567f Updating pom.xml version numbers for release 4.4.5-SNAPSHOT 
Signed-off-by: Daan Hoogland <daan@onecht.net>
 2015-06-24 21:44:59 +02:00
Daan Hoogland 6f41061e14 Updating pom.xml version numbers for release 4.4.4 
Signed-off-by: Daan Hoogland <daan.hoogland@gmail.com>
 2015-06-18 11:17:09 +02:00
David Bierce 6d469a3935 Always enter chap-secrets as a quoted field. In the event of special characters it creates and deletes the entry properly, in the event there are not special characters there is no change behavior. 
Signed-off-by: Remi Bergsma <apache@remi.nl>

This closes #307
 2015-05-28 15:05:34 +02:00
Daan Hoogland 8b5b5deea8 CLOUDSTACK-7631: Log rotate on VR may fail as /etc/init.d/rsyslog does not anymore support reload option on debian wheezy 
Conflicts:
	systemvm/patches/debian/config/etc/logrotate.d/rsyslog
 2015-05-26 17:22:53 +02:00
Remi Bergsma bec3ceb789 fix typo in rsyslog logrotate script on VR 
This is fixed already in master and 4.5 and did not occur in 4.3 and before.
This fixes it in 4.4 as well.

This closes #182

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-04-20 18:32:15 +02:00
Daan Hoogland 28bcd6aeb7 Updating pom.xml version numbers for release 4.4.4-SNAPSHOT 
Signed-off-by: Daan Hoogland <daan@onecht.net>
 2015-04-19 15:52:25 +02:00
Daan Hoogland e9441d4786 Updating pom.xml version numbers for release 4.4.3 
Signed-off-by: Daan Hoogland <dhoogland@schubergphilis.com>
 2015-04-15 17:00:24 -05:00
Rohit Yadav eed3db8851 systemvm: avoid tcp responses with timestamp 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit f3f47f25ba)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-09 17:13:52 +05:30
Rohit Yadav c19ec86c17 cloud-early-config: load-modules 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-02-06 15:33:24 +05:30
Jayapal f7a4d145a6 CLOUDSTACK-5494: Fixed dns is open to public in VR 
(cherry picked from commit 81994cf443)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	systemvm/patches/debian/config/etc/init.d/cloud-early-config
 2015-02-06 15:32:14 +05:30
Rohit Yadav 0269456152 CLOUDSTACK-8160: use preferable protocols 
(cherry picked from commit debfcdef78)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	client/tomcatconf/server7-nonssl.xml.in
	client/tomcatconf/server7-ssl.xml.in
	plugins/storage/volume/nexenta/src/org/apache/cloudstack/storage/datastore/util/NexentaNmsClient.java
	pom.xml
	services/console-proxy/server/src/com/cloud/consoleproxy/ConsoleProxySecureServerFactoryImpl.java
	utils/src/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java
 2015-01-21 18:11:38 +05:30
Rajesh Battala 73895a5bb6 CLOUDSTACK-5821 systemvmiso is locked by systevmvm in hyperv 
(cherry picked from commit 7ac48934f7)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-12-11 20:51:18 +05:30
Rohit Yadav 90a9e9a809 systemvm: Prefer TLS over SSL in apache, POODLE workaround (CVE­2014­3566) 
Just prefer TLS over SSL in apache configuration in systemvm

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 88acc9bd53)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-12-11 19:58:35 +05:30
Wei Zhou 4a7532ee65 CLOUDSTACK-2823: pass cmdline info to system vms for 30 times 
(cherry picked from commit 4eedfe53fc)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	systemvm/patches/debian/config/etc/init.d/cloud-early-config
 2014-12-11 13:14:01 +05:30
Rohit Yadav 5bc2d06c40 CLOUDSTACK-7974: remove old hostname entry for a VM when adding a VM 
When adding a VM, it adds an entry to /etc/hosts file on the VR but does not
clear up any older entries for the VM with a same name. The fix uncomments the
command that removes any old entries in the VM.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 63298d9b74)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-12-10 18:22:27 +05:30
Remi Bergsma 47754a68ac made iptables for the VPN connection more secure 
Added destination and source definition. Flag -S can be used
to ignore this. It's the new default as it is more secure
and does not impact the way things work (backwords compatible).

(cherry picked from commit ef3b4bb4e3)
 2014-12-09 10:54:44 +01:00
Remi Bergsma 03bf241e3e prevent CloudStack from removing the VPN connection 
If connecting the VPN takes some time, for example because
the other end is not (yet) up, CloudStack will delete
the VPN because the ipsectunnel.sh does not return in time.
The VPN connection then enters the Error state.

This change makes sure ipsectunnel.sh returns in time,
and lets ipsec connect in the background. If it all fails,
the connection enters Disconnected.

(cherry picked from commit 7f33f7c396)
 2014-12-09 10:54:32 +01:00
Remi Bergsma 0d7087a85a add a flag -c whether or not to check the VPN on create 
Changed default to no, as the other side may not be up yet.
If this check fails, the VPN enters Error state and will not
work. It's safe to just let it connect on its own so it will
connect when it can.

(cherry picked from commit f8d718e3e3)
 2014-12-09 10:54:15 +01:00
Remi Bergsma af4d1a635f starting the tunnel will make it keep trying until it connects 
Changed 'auto=add' to 'auto=start' to make sure the tunnel starts.
When both sides are there they will connect. This resolves the
issue that there is only a small time frame in which the VPN
would connect.

(cherry picked from commit b95addd3ef)
 2014-12-09 10:50:31 +01:00
Remi Bergsma 72aa05ab8e renamed $leftgw to $leftnexthop to make clear what it does 
(cherry picked from commit 8b2563a216)
 2014-12-09 10:50:17 +01:00
Remi Bergsma 2df7eb5ba3 remove biglock usage from ipsectunnel.sh 
Biglock breaks creating VPN's when other scripts run at the
same time that also use the same biglock. These other scripts
do nothing that could harm our deployment and even multiple
vpn's can safely be created simultaniously.

(cherry picked from commit 8b412ce194)
 2014-12-09 10:50:04 +01:00
David Bierce 9d7624f6ac Occasionally the while loop can exit with no data (Probably recieving an EOF) before receiveing CMDline data from the certial port. Continue looping until cmdline is populated 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-11-27 16:56:47 +05:30
Daan Hoogland 7e409ea300 Updating pom.xml version numbers for release 4.4.3-SNAPSHOT 
Signed-off-by: Daan Hoogland <daan@onecht.net>
 2014-11-25 15:36:02 +01:00
Daan Hoogland e0420a6fec Updating pom.xml version numbers for release 4.4.2 
Signed-off-by: Daan Hoogland <daan@onecht.net>
 2014-11-21 03:41:26 +01:00
Daan Hoogland b431cd5e09 Logrotate is called from crontab. 
Debian crontab does not include everything in it's path.
 Therefore reference to these bins

 conflict leftovers from 380ecf2253
 2014-11-11 15:56:09 +01:00
Joris van Lieshout 380ecf2253 Logrotate is called from crontab. Debian crontab does not include everything in it's path. Therefore reference to these bins need to be absoluut. 
Signed-off-by: Daan Hoogland <daan@onecht.net>
 2014-11-09 13:10:50 +01:00
Rohit Yadav e274948e7c CLOUDSTACK-7855: NIC3 should set MTU and not NIC1 for storage network nic 
The fix also persists the configuration in /etc/network/interfaces

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-11-06 20:35:13 +05:30
Daan Hoogland b9620c2cbe Updating pom.xml version numbers for release 4.4.2-SNAPSHOT 
Signed-off-by: Daan Hoogland <daan@onecht.net>
 2014-10-19 20:46:15 +02:00
Daan Hoogland 4d065b9a3a CLOUDSTACK-7184: xenheartbeat gets passed timeout and interval 2014-09-16 12:25:07 +02:00
Fred Clift 54e9a92d24 make virtual router /latest/.htaccess file be static - no longer dynamically generate it, remove code that managed the file previously 
Signed-off-by: Sebastien Goasguen <runseb@gmail.com>
 2014-09-04 04:24:16 -04:00
Wido den Hollander 4f494f708b CLOUDSTACK-7405: Make the trailing slash conditional for meta-data requests 
This should fix the cloud-init issues described in this issue.
 2014-08-25 14:31:58 +02:00
Joris van Lieshout c4d1bf7f24 sysctl improvements. 1. ip_nonlocal_bind for smooth transition in case of a keepalived failover. 2. panic settings so that a vm dies in a way that ACS understands it's down. 3. also up the nf_conntrack limits. 
Signed-off-by: Daan Hoogland <daan@onecht.net>
(cherry picked from commit 45deade1df)

Conflicts:
	systemvm/patches/debian/config/etc/sysctl.conf
 2014-08-14 14:00:23 +02:00
Sheng Yang 446899d887 CLOUDSTACK-6989: Add 3 strikes rule for RvR freezing detection 
Sometime in VR ntpd would move time backward to keep sync with NTP server, which
can result in false alarm of keepalived monitering process.

This patch adds 3 strikes for keepalived process dead detection to avoid falsely
shutdown keepalived process due to time adjustment for only once.

(cherry picked from commit a6381f5809)
 2014-07-28 16:02:44 +02:00
Daan Hoogland c9383c441e Updating pom.xml version numbers for release 4.4.1-SNAPSHOT 
Signed-off-by: Daan Hoogland <daan@onecht.net>
 2014-07-23 16:55:31 +02:00
Jayapal 7703b2fab3 CLOUDSTACK-7092: Disabled icmp redirects in VR 
(cherry picked from commit e0d4af5062)
 2014-07-15 22:13:32 +02:00
Jayapal d5a92454fd CLOUDSTACK-7028: Fixed adding route for additional public nic on fail over 
(cherry picked from commit e336796cd5)
 2014-07-01 14:36:27 +02:00
Jayapal d4a903fd6e CLOUDSTACK-6997: Increase proc ip_conntrack_max 
(cherry picked from commit 004d616322)
 2014-06-30 19:52:42 +02:00
Sheng Yang 8db1b21cc8 CLOUDSTACK-3540: Fix edithosts.sh on matching tag 
(cherry picked from commit 46f2b61374)
 2014-06-29 11:15:04 +02:00
Sheng Yang 1369a0dacb CLOUDSTACK-6908: Enable IPv6 in sysctl when only necessary 
This new way would only enable IPv6 when VR is created in IPv6 shared network.
Otherwise IPv6 sysctl options remain disable.

(cherry picked from commit 60e4629323)
 2014-06-14 02:31:55 +02:00
Joris van Lieshout f26b6d0a78 Cosmetic fixed. three in total. 1. Only run hv_kvp_daemon if it exists. 2. add the -f argument to the rm to make is silent if it doesn't exist. 3. by using log_action_msg instead of log_action_begin_msg the screen output looks way better. 
Signed-off-by: Daan Hoogland <daan@onecht.net>
(cherry picked from commit 66816827cb)
 2014-06-12 14:58:24 +02:00
Joris van Lieshout 99aa7a096a xenstore-utils on debian wheezy does not have /usr/sbin/xenstore so these commands file. It does have xenstore-write and xenstore-rm so by adding a - this is fixed easily. 
Signed-off-by: Daan Hoogland <daan@onecht.net>
(cherry picked from commit 2e83baaca2)
(cherry picked from commit ed330d4dcd)
 2014-06-10 16:29:01 +02:00
Joris van Lieshout 8ff5ca0b2f If for some reason dnsmasq.log does not exist anymore logrotate will create it with nobody as owner. This will prevent dnsmasq deamon from logging to that file. 
Signed-off-by: Daan Hoogland <daan@onecht.net>
(cherry picked from commit c54ce3cafb)
(cherry picked from commit 94bb5c29b2)
 2014-06-10 16:28:51 +02:00
Daan Hoogland 4262080ba4 rats 
(cherry picked from commit b85dd956f8)

(cherry picked from commit 5eb0265349)
 2014-06-10 16:28:41 +02:00
Joris van Lieshout 3394d3c4f5 blacklist pcspkr as cosmetic improvement. aesni_intel blacklisting was not working because the include only works if the file ends with .conf. 
Signed-off-by: Daan Hoogland <daan@onecht.net>
(cherry picked from commit 11f532bbec)
(cherry picked from commit f94ff4ad04)
 2014-06-10 16:28:34 +02:00
Jayapal c83e90b008 CLOUDSTACK-6328: added license header and removed white space 2014-05-27 11:26:56 +02:00
Saurav Lahiri d298546ccc CLOUDSTACK-6328: run.sh check if an existing java process is running, before spawining new ones 
Signed-off-by: Jayapal <jayapal@apache.org>
 2014-05-27 10:42:23 +02:00
Joris van Lieshout 8326428bb8 A slightly more reliable way of extracting the device name. Thanks John. 
Signed-off-by: Daan Hoogland <daan@onecht.net>
 2014-05-20 12:33:48 +02:00
Joris van Lieshout 1c88ea51e5 releasing dhcp leases on vpcs failes because the network tier of the tennant aren't behinbd eth0. Here we make interface selection dynamic. 
Signed-off-by: Daan Hoogland <daan@onecht.net>
 2014-05-20 12:33:44 +02:00
Jayapal c4ae789e8b CLOUDSTACK-6714: monitor script echo service command is added with quotes 2014-05-20 10:24:18 +02:00
Jayapal adcc21ef3b Fixed vpc private gateway backend issues 2014-05-15 20:09:26 +02:00