1. Create a dummy user, as existing user may already have stale quota
data
2. fix the tests to use the dummy user
3. a boundary condition was revealed and fixed for a new user where
quota service has never run and created bootstrap entries
Quota Marvin: If the quota plugin is not enabled skip tests
Quota Service: Enable quota plugin in zone setup configuration
Quota: Moving test_quota.py the test to test/integration/plugins
In most automated environment this test case will not run as it
requires a mangement server restart to enable the plugin. Due to
this requirement moving it to plugin folder. This condition is
already documented in the test case.
build_asf.sh: fix debian changelog alteringThe script already adds a new entry so we shouldn't replace the
previous one. That is done only in the next version script.
As discussed with @DaanHoogland
* pr/1239:
build_asf.sh: fix debian changelog altering
Signed-off-by: Remi Bergsma <github@remi.nl>
L10N update before 4.7.0 RC1Some sentences (mainly for the new quota plugin) needs to be translated before the 4.7.0 release candidate (planned for 14th december)
https://www.transifex.com/ke4qqq/CloudStack_UI/47xmessagesproperties/
Stats:
German (Germany) 100%
French (France) 100%
Portuguese (Brazil) 98%
Norwegian Bokml (Norway) 98%
Dutch (Netherlands) 98%
Chinese (China) 97%
Japanese (Japan) 97%
Hungarian 96%
(only languages over 90%)
Ping me after adding the L10N strings into transifex, I will update this PR.
Thanks
cc @remibergsma @agneya2001 @DaanHoogland @nvazquez @barunhalder1234 @K0zka
* pr/1217:
Update L10N resource files with 4.7 strings from Transifex (20151211)
Signed-off-by: Remi Bergsma <github@remi.nl>
Quota service while allowing for scalability will make sure that the cloud is
not exploited by attacks, careless use and program errors. To address this
problem, we propose to employ a quota-enforcement service that allows resource
usage within certain bounds as defined by policies and available quotas for
various entities. Quota service extends the functionality of usage server to
provide a measurement for the resources used by the accounts and domains using a
common unit referred to as cloud currency in this document. It can be configured
to ensure that your usage won’t exceed the budget allocated to accounts/domain
in cloud currency. It will let user know how much of the cloud resources he is
using. It will help the cloud admins, if they want, to ensure that a user does
not go beyond his allocated quota. Per usage cycle if a account is found to be
exceeding its quota then it is locked. Locking an account means that it will not
be able to initiat e a new resource allocation request, whether it is more
storage or an additional ip. Needless to say quota service as well as any action
on the account is configurable.
Changes from Github code review:
- Added marvin test for quota plugin API
- removed unused commented code
- debug messages in debug enabled check
- checks for nulls, fixed access to member variables and feature
- changes based on PR comments
- unit tests for UsageTypes
- unit tests for all Cmd classes
- unit tests for all service and manager impls
- try-catch-finally or try-with-resource in dao impls for failsafe db switching
- remove dead code
- add missing quota calculation case (regression fixed)
- replace tabs with spaces in pom.xmls
- quota: though default value for quota_calculated is 0, the usage server
makes it null while entering usage entries. Flipping the condition so
as to acocunt for that.
- quotatypes: fix NPE in quota type
- quota framework test fixes
- made statement period configurable
- changed default email templates to reflect the fact that exhausted quota may not result in a locked account
- added quotaUpdateCmd that refreshes quota balances and sends alerts and statements
- report quotaSummary command returns quota balance, quota usage and state for all account
- made UI framework changes to allow for text area input in edit views
- process usage entries that have greater than 0 usage
- orocess quota entries only if tariff is non zero
- if there are credit entries but no balance entry create a dummy balance entry
- remove any credit entries that are before the last balance entry
when displaying balance statement
- on a rerun the last balance is now getting added
FS: https://cwiki.apache.org/confluence/display/CLOUDSTACK/Quota+Service+-+FS
PR: https://github.com/apache/cloudstack/pull/768
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
CLOUDSTACK-9051: update nic IP address of stopped vmThis provides the feature to change ip address of NIC on a stopped vm by API and UI.
* pr/1086:
CLOUDSTACK-9051: reprogram network as a part of vm nic ip update
CLOUDSTACK-9051: add unit tests for UpdateVmNicIp
CLOUDSTACK-9051: update nic IP address of stopped vm
Signed-off-by: Daan Hoogland <daan@onecht.net>
* 4.6:
CLOUDSTACK-9075 - Uses the same vlan since it should have been already released
CLOUDSTACK-9075 - Adds VPC static routes test
CLOUDSTACK-9075 - Covers Private GW ACL with Redundant VPCs
CLOUDSTACK-9075 - Add method to get list of Physical Networks per zone
CLOUDSTACK-6276 Removing unused parameter in integration test for projects
CLOUDSTACK-6276 Removing unused parameter in integration test
CLOUDSTACK-6276 Fixing affinity groups for projects
CLOUDSTACK-6276 Fixing affinity groups for projectsWith some contributions from @resmo and @ustcweizhou.
This closes https://github.com/apache/cloudstack/pull/508
To test manually (need at least 2 hosts):
Create a project
Create an affinity group in that project
Deploy a vm with that affinity group
Deploy a second vm with that affinity group
They should be on different hosts
Ran old and new tests for affinity groups on the simulator
Test create affinity group as admin in project ... === TestName: test_01_admin_create_aff_grp_for_project | Status : SUCCESS ===
ok
Test create affinity group as domain admin for projects ... === TestName: test_02_doadmin_create_aff_grp_for_project | Status : SUCCESS ===
ok
Test create affinity group as user for projects ... === TestName: test_03_user_create_aff_grp_for_project | Status : SUCCESS ===
ok
Test create affinity group that exists (same name) for projects ... === TestName: test_4_user_create_aff_grp_existing_name_for_project | Status : SUCCESS ===
ok
#Delete Affinity Group by id. ... === TestName: test_01_delete_aff_grp_by_id | Status : SUCCESS ===
ok
#Delete Affinity Group by id should fail for user not in project ... === TestName: test_02_delete_aff_grp_by_id_another_user | Status : SUCCESS ===
ok
test DeployVM in anti-affinity groups ... === TestName: test_01_deploy_vm_anti_affinity_group | Status : SUCCESS ===
ok
test DeployVM in anti-affinity groups with more vms than hosts. ... === TestName: test_02_deploy_vm_anti_affinity_group_fail_on_not_enough_hosts | Status : SUCCESS ===
ok
List affinity group for a vm for projects ... === TestName: test_01_list_aff_grps_for_vm | Status : SUCCESS ===
ok
List multiple affinity groups associated with a vm for projects ... === TestName: test_02_list_multiple_aff_grps_for_vm | Status : SUCCESS ===
ok
List affinity groups by id for projects ... === TestName: test_03_list_aff_grps_by_id | Status : SUCCESS ===
ok
List Affinity Groups by name for projects ... === TestName: test_04_list_aff_grps_by_name | Status : SUCCESS ===
ok
List Affinity Groups by non-existing id for projects ... === TestName: test_05_list_aff_grps_by_non_existing_id | Status : SUCCESS ===
ok
List Affinity Groups by non-existing name for projects ... === TestName: test_06_list_aff_grps_by_non_existing_name | Status : SUCCESS ===
ok
List affinity group should list all for a vms associated with that group for projects ... === TestName: test_07_list_all_vms_in_aff_grp | Status : SUCCESS ===
ok
Update the list of affinityGroups by using affinity groupids ... === TestName: test_01_update_aff_grp_by_ids | Status : SUCCESS ===
ok
----------------------------------------------------------------------
Ran 16 tests in 581.706s
OK
Deploy vm as Admin in Affinity Group belonging to regular user (should fail) ... === TestName: test_01_deploy_vm_another_user | Status : SUCCESS ===
ok
Create Affinity Group as admin for regular user ... === TestName: test_02_create_aff_grp_user | Status : SUCCESS ===
ok
List Affinity Groups as admin for all the users ... === TestName: test_03_list_aff_grp_all_users | Status : SUCCESS ===
ok
List Affinity Groups belonging to admin user ... === TestName: test_04_list_all_admin_aff_grp | Status : SUCCESS ===
ok
List Affinity Groups belonging to regular user passing account id and domain id ... === TestName: test_05_list_all_users_aff_grp | Status : SUCCESS ===
ok
List Affinity Groups belonging to regular user passing group id ... === TestName: test_06_list_all_users_aff_grp_by_id | Status : SUCCESS ===
ok
Delete Affinity Group belonging to regular user ... === TestName: test_07_delete_aff_grp_of_other_user | Status : SUCCESS ===
ok
Test create affinity group as admin ... === TestName: test_01_admin_create_aff_grp | Status : SUCCESS ===
ok
Test create affinity group as domain admin ... === TestName: test_02_doadmin_create_aff_grp | Status : SUCCESS ===
ok
Test create affinity group as user ... === TestName: test_03_user_create_aff_grp | Status : SUCCESS ===
ok
Test create affinity group that exists (same name) ... === TestName: test_04_user_create_aff_grp_existing_name | Status : SUCCESS ===
ok
Test create affinity group with existing name but within different account ... === TestName: test_05_create_aff_grp_same_name_diff_acc | Status : SUCCESS ===
ok
Test create affinity group of non-existing type ... === TestName: test_06_create_aff_grp_nonexisting_type | Status : SUCCESS ===
ok
Delete Affinity Group by name ... === TestName: test_01_delete_aff_grp_by_name | Status : SUCCESS ===
ok
Delete Affinity Group as admin for an account ... === TestName: test_02_delete_aff_grp_for_acc | Status : SUCCESS ===
ok
Delete Affinity Group which has vms in it ... === TestName: test_03_delete_aff_grp_with_vms | Status : SUCCESS ===
ok
Delete Affinity Group with id which does not belong to this user ... === TestName: test_05_delete_aff_grp_id | Status : SUCCESS ===
ok
Delete Affinity Group by name which does not belong to this user ... === TestName: test_06_delete_aff_grp_name | Status : SUCCESS ===
ok
Delete Affinity Group by id. ... === TestName: test_08_delete_aff_grp_by_id | Status : SUCCESS ===
ok
Root admin should be able to delete affinity group of other users ... === TestName: test_09_delete_aff_grp_root_admin | Status : SUCCESS ===
ok
Deploy VM without affinity group ... === TestName: test_01_deploy_vm_without_aff_grp | Status : SUCCESS ===
ok
Deploy VM by aff grp name ... === TestName: test_02_deploy_vm_by_aff_grp_name | Status : SUCCESS ===
ok
Deploy VM by aff grp id ... === TestName: test_03_deploy_vm_by_aff_grp_id | Status : SUCCESS ===
ok
test DeployVM in anti-affinity groups ... === TestName: test_04_deploy_vm_anti_affinity_group | Status : SUCCESS ===
ok
Deploy vms by affinity group id ... === TestName: test_05_deploy_vm_by_id | Status : SUCCESS ===
ok
Deploy vm in affinity group of another user by name ... === TestName: test_06_deploy_vm_aff_grp_of_other_user_by_name | Status : SUCCESS ===
ok
Deploy vm in affinity group of another user by id ... === TestName: test_07_deploy_vm_aff_grp_of_other_user_by_id | Status : SUCCESS ===
ok
Deploy vm in multiple affinity groups ... === TestName: test_08_deploy_vm_multiple_aff_grps | Status : SUCCESS ===
ok
Deploy multiple vms in multiple affinity groups ... === TestName: test_09_deploy_vm_multiple_aff_grps | Status : SUCCESS ===
ok
Deploy VM by aff grp name and id ... === TestName: test_10_deploy_vm_by_aff_grp_name_and_id | Status : SUCCESS ===
ok
List affinity group for a vm ... === TestName: test_01_list_aff_grps_for_vm | Status : SUCCESS ===
ok
List multiple affinity groups associated with a vm ... === TestName: test_02_list_multiple_aff_grps_for_vm | Status : SUCCESS ===
ok
List affinity groups by id ... === TestName: test_03_list_aff_grps_by_id | Status : SUCCESS ===
ok
List Affinity Groups by name ... === TestName: test_04_list_aff_grps_by_name | Status : SUCCESS ===
ok
List Affinity Groups by non-existing id ... === TestName: test_05_list_aff_grps_by_non_existing_id | Status : SUCCESS ===
ok
List Affinity Groups by non-existing name ... === TestName: test_06_list_aff_grps_by_non_existing_name | Status : SUCCESS ===
ok
List affinity group should list all for a vms associated with that group ... === TestName: test_07_list_all_vms_in_aff_grp | Status : SUCCESS ===
ok
Update the list of affinityGroups by using affinity groupids ... === TestName: test_01_update_aff_grp_by_ids | Status : SUCCESS ===
ok
Update the list of affinityGroups by using affinity groupnames ... === TestName: test_02_update_aff_grp_by_names | Status : SUCCESS ===
ok
Update the list of affinityGroups for vm which is not associated ... === TestName: test_03_update_aff_grp_for_vm_with_no_aff_grp | Status : SUCCESS ===
ok
Update the list of Affinity Groups to empty list ... SKIP: Skip - Failing - work in progress
Update the list of Affinity Groups on running vm ... === TestName: test_05_update_aff_grp_on_running_vm | Status : SUCCESS ===
ok
----------------------------------------------------------------------
Ran 42 tests in 976.432s
OK (SKIP=1)
* pr/1134:
CLOUDSTACK-6276 Removing unused parameter in integration test for projects
CLOUDSTACK-6276 Removing unused parameter in integration test
CLOUDSTACK-6276 Fixing affinity groups for projects
Signed-off-by: Remi Bergsma <github@remi.nl>
* 4.6:
Use version for RC branch name instead of branch
make sure all files are updates with new version
Update L10N resource files with 4.6 strings from Transifex (20151129)
Fix secondary storage not working with swift
CLOUDSTACK-9083: Add disk serial to kvm virt xml
CLOUDSTACK-9048: Fix typo for public network description
* pr/1051:
CLOUDSTACK-9048: Fix typo for public network description
Signed-off-by: Remi Bergsma <github@remi.nl>
* 4.6:
more poms didn't get updated with script
implemented upgrade path from 4.6.0 to 4.6.1
checkstyle pom didn't get updated with script
debian: add 4.6.1-snapshot to changelog
Updating pom.xml version numbers for release 4.6.1-SNAPSHOT
Updating pom.xml version numbers for release 4.6.0
squashed commit for dockerfiles part#2 including comments from PR#910This PR replace PR#910 which include fix from comments in PR#910.
This PR simplify download of systemvm templates, work with docker-compose and enable integration-api port and use of localstorage without reconfiguration of cloudstack.
Rebased on Oct28.
* pr/999:
squashed commit for dockerfiles part#2 including comments from PR#910
Signed-off-by: Remi Bergsma <github@remi.nl>
CLOUDSTACK-8925 - Default allow for Egress rules is not being configured properly in VR iptables rulesThis PR fixes the router default policy for egress. When the default is DENY, the router still allows outgoing connections.
The test component/test_routers_network_ops.py was improved to cover that case as well. The results were:
Test redundant router internals ... === TestName: test_01_isolate_network_FW_PF_default_routes_egress_true | Status : SUCCESS ===
ok
Test redundant router internals ... === TestName: test_02_isolate_network_FW_PF_default_routes_egress_false | Status : SUCCESS ===
ok
Test redundant router internals ... === TestName: test_01_RVR_Network_FW_PF_SSH_default_routes_egress_true | Status : SUCCESS ===
ok
Test redundant router internals ... === TestName: test_02_RVR_Network_FW_PF_SSH_default_routes_egress_false | Status : SUCCESS ===
ok
----------------------------------------------------------------------
Ran 4 tests in 3636.656s
OK
/tmp//MarvinLogs/test_routers_network_ops_QDL429/results.txt (END)
* pr/1023:
CLOUDSTACK-8925 - Implement the default egress DENY/ALLOW properly
CLOUDSTACK-8925 - Improve the default egress tests in order to cover newly entered rules
CLOUDSTACK-8925 - Add egress dataset to test_data.py
CLOUDSTACK-8925 - Drop the traffic when default egress is set to false
Signed-off-by: Remi Bergsma <github@remi.nl>
CLOUDSTACK-8960: Remove Citrix Resources from test_data.pyReplace URLs related to templates and ISOs with the ones accessbile to everybody in the community.
I have copied all the templates and ISOs to my webspace at http://people.apache.org/~sanjeev/ so they can be accessible from anywhere.
* pr/939:
CLOUDSTACK-8960: Remove Citrix Resources from test_data.py Replace URLs related to templates and ISOs with the ones accessbile to everybody in the community
Signed-off-by: Remi Bergsma <github@remi.nl>
Add optional fields: iprange and fordisplay to Marvin base.py class method Vpn.create
Add optional field: passive to Marvin base.py class method Vpn.createVpnConnection
CLOUDSTACK-8756:Incorrect guest os mapping in CCP 4.2.1-6 for CentOS 5.9Check the bug 8756 for more details
* pr/728:
CLOUDSTACK-8756:Incorrect guest os mapping in CCP 4.2.1-6 for CentOS 5.9
Signed-off-by: Rajani Karuturi <rajani.karuturi@citrix.com>
- Changing refactored the utils.get_process_status() function
- Adding 2 tests: test_01_single_VPC_iptables_policies and test_02_routervm_iptables_policies
CLOUDSTACK-8716: Verify creation of snapshot from volume when the task is performed repeatedly in zone wide primary StorageOn VMWare with a Zone wide primary storage and more than two clusters verify successful creation of snapshot multiple times.
* pr/665:
CLOUDSTACK-8716: Verify creation of snapshot from volume when the task is performed repeatedly in zone wide primary Storage
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Example of problem:
ATTENTION: Merging pull request #731 from remibergsma/centos7-kvm into 'master' branch in 5 seconds. CTRL+c to abort..
-n 5
-n 4
-n 3
-n 2
-n 1
-n 0
Should be compatible with more environments if printf is used instead.
CLOUDSTACK-8716: Verify creation of snapshot from volume when the task is performed repeatedly in zone wide primary Storage
-Removing redundent code
-Added validate list function for list snapshot operation
CLOUDSTACK-8716: Verify creation of snapshot from volume when the task is performed repeatedly in zone wide primary Storage
Removed duplicate test data related to vm properties.Modified tests dependent on it
Removed duplicte service offerings from test data and modified tests dependent on it
Bug-Id: CLOUDSTACK-8617
This closes#644
- Adding keepalived installation in the right script. I added the change on the buildsystemvm.sh, which is no longer used.
Signed-off-by: wilderrodrigues <wrodrigues@schubergphilis.com>
* Move config options to SAML plugin
This moves all configuration options from Config.java to SAML auth manager. This
allows us to use the config framework.
* Make SAML2UserAuthenticator validate SAML token in httprequest
* Make logout API use ConfigKeys defined in saml auth manager
* Before doing SAML auth, cleanup local states and cookies
* Fix configurations in 4.5.1 to 4.5.2 upgrade path
* Fail if idp has no sso URL defined
* Add a default set of SAML SP cert for testing purposes
Now to enable and use saml, one needs to do a deploydb-saml after doing a deploydb
* UI remembers login selections, IDP server
- CLOUDSTACK-8458:
* On UI show dropdown list of discovered IdPs
* Support SAML Federation, where there may be more than one IdP
- New datastructure to hold metadata of SP or IdP
- Recursive processing of IdP metadata
- Fix login/logout APIs to get new interface and metadata data structure
- Add org/contact information to metadata
- Add new API: listIdps that returns list of all discovered IdPs
- Refactor and cleanup code and tests
- CLOUDSTACK-8459:
* Add HTTP-POST binding to SP metadata
* Authn requests must use either HTTP POST/Artifact binding
- CLOUDSTACK-8461:
* Use unspecified x509 cert as a fallback encryption/signing key
In case a IDP's metadata does not clearly say if their certificates need to be
used as signing or encryption and we don't find that, fallback to use the
unspecified key itself.
- CLOUDSTACK-8462:
* SAML Auth plugin should not do authorization
This removes logic to create user if they don't exist. This strictly now
assumes that users have been already created/imported/authorized by admins.
As per SAML v2.0 spec section 4.1.2, the SP provider should create authn requests using
either HTTP POST or HTTP Artifact binding to transfer the message through a
user agent (browser in our case). The use of HTTP Redirect was one of the reasons
why this plugin failed to work for some IdP servers that enforce this.
* Add new User Source
By reusing the source field, we can find if a user has been SAML enabled or not.
The limitation is that, once say a user is imported by LDAP and then SAML
enabled - they won't be able to use LDAP for authentication
* UI should allow users to pass in domain they want to log into, though it is
optional and needed only when a user has accounts across domains with same
username and authorized IDP server
* SAML users need to be authorized before they can authenticate
- New column entity to track saml entity id for a user
- Reusing source column to check if user is saml enabled or not
- Add new source types, saml2 and saml2disabled
- New table saml_token to solve the issue of multiple users across domains and
to enforce security by tracking authn token and checking the samlresponse for
the tokens
- Implement API: authorizeSamlSso to enable/disable saml authentication for a
user
- Stubs to implement saml token flushing/expiry
- CLOUDSTACK-8463:
* Use username attribute specified in global setting
Use username attribute defined by admin from a global setting
In case of encrypted assertion/attributes:
- Decrypt them
- Check signature if provided to check authenticity of message using IdP's
public key and SP's private key
- Loop through attributes to find the username
- CLOUDSTACK-8538:
* Add new global config for SAML request sig algorithm
- CLOUDSTACK-8539:
* Add metadata refresh timer task and token expiring
- Fix domain path and save it to saml_tokens
- Expire hour old saml tokens
- Refresh metadata based on timer task
- Fix unit tests
This closes#489
(cherry picked from commit 20ce346f3a)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Conflicts:
client/WEB-INF/classes/resources/messages_hu.properties
plugins/hypervisors/xenserver/src/com/cloud/hypervisor/xenserver/resource/wrapper/xenbase/CitrixCheckHealthCommandWrapper.java
plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
ui/scripts/ui-custom/login.js
Revert the fix to throw failed test on exception, will fix that in a separate branch so all the other fixes can be committed already and not raise failure on an old intermittent issue that was hidden
Signed-off-by: Daan Hoogland <daan@onecht.net>
Add urandom as random source in before_script.sh
Remove commented lines in before_script.sh
Remove commented lines in install.sh
Signed-off-by: Daan Hoogland <daan@onecht.net>
host command not present in build env, switch to getent
second phase of dep download turning some error, print failure log
Signed-off-by: Daan Hoogland <daan@onecht.net>
The console-setup service brings a nice font to the console, but why would we want to use it. In most cases it takes a <10 seconds to set it up. When using nested hypervising, I found this takes much longer time that causes tests to time-out. I'd suggest turning off these services. They are not required for the services the systemvm provides.
This commit fixes a chmod issue where extracted vmdk file is not readable by all
users/groups. The other improvement is to use ovftool to build systemvm template
for vmware if it's available. This is based on a dev ML discussion and a suggested
approach by Ilya: http://markmail.org/message/kntsetgxdbppfh22
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
- Removes awsapi db properties usage across codebase
- Removes references from spring xmls, test cases and TransactionLegacy
- Adds sql command to drop database cloudbridge in schema-451to460-cleanup.sql
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
added a new environment variable RUNUNITTESTS
running full build if RUNUNITESTS is true else skipping tests
job1 now runs only unittests
removed some of the test files from job9 and job10 as they are timing
out.
This closes#218
ssl._create_unverified_context is not available for all Python 2.x environment,
the fix would check if the attribute is available before trying to set it
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Starting 4.5, we won't be using 32bit systemvmtemplate. Removing dead code as
it's already far behind in terms of maintenance compared to the 64bit definitions.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
1. provide compatibility with the Big Cloud Fabric (BCF) controller
L2 Connectivity Service in both VPC and non-VPC modes
2. virtual network terminology updates: VNS --> BCF_SEGMENT
3. uses HTTPS with trust-always certificate handling
4. topology sync support with BCF controller
5. support multiple (two) BCF controllers with HA
6. support VM migration
7. support Firewall, Static NAT, and Source NAT with NAT enabled option
8. add VifDriver for Indigo Virtual Switch (IVS)
This closes#151
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
/var/log fills up /var and fails operation of normal services. This fix
restricts /var/log to 100-200M. The fix for CLOUDSTACK-6885 tries to make sure
we don't keep a lot of logs.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
/var/log fills up /var and fails operation of normal services. This fix
restricts /var/log to 100-200M. The fix for CLOUDSTACK-6885 tries to make sure
we don't keep a lot of logs.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
These are failing on my machine with cloud.log lines like
2014-08-07 14:34:09,509 Add dev eth2 table Table_eth2 10.0.2.0/24
2014-08-07 14:34:09,511 Address 10.0.2.106/24 on device eth2 not configured
2014-08-07 14:34:10,513 Device eth2 cannot be configured - device was not found
I think it's correct that they are failing -- this is work in progress.
Any cd command will cause rvm to override the trap handler in the shell
These means that vagrant_destroy will not get called at the end because in the node function it cds
Run the nose tests in a subshell
This approach is instead of serverspec, but filling the same purpose. It's
main advantage is that it uses nose and python, just like the existing
marvin-based integration test suite.
Replace chef with a python script
configure.py will read the bags and (hopefully) create the desired state
At this stage this is ipassociation
This code should work for both VR and VPCrs
TODO:
iptables
ip route throw (present in VR but not in VPCr
Determine default route
Unit tests
----
Author: Ian Southam <isoutham@schubergphilis.com>
First commit towards moving systemvm to chef based configuration
In this commit
1. cmdline json databag is created
2. ip association data bag is created
3. Basic chef cookbook to manage ips and routes
Conflicts:
systemvm/patches/debian/config/etc/init.d/cloud-early-config
systemvm/patches/debian/config/var/chef/cookbooks/README
tools/appliance/definitions/systemvm64template/postinstall.sh
----
Because we've refactored the systemvm template the change to
postinstall.sh now gets its own chef.sh file.
This is a plugin that puts in ovm3 support ranging from 3.3.1 to 3.3.2. Basic
functionality is in here, advanced networking etc..
Snapshots only work when a VM is stopped now due to the semantics of OVM's raw
image implementation (so snapshots should work on a storage level underneath the
hypervisor shrug)
This closes#113
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
added it in the zone block.
CLOUDSTACK-8229
Testing: tested with KVM and zone deployment was fine.
In the config file, zone wide primary storage details looks like this:
"primaryStorages": [
{
"url": "nfs://10.147.28.7/export/home/talluri/primary1",
"XRT_PriStorageType": "NFS",
"name": "XenRT-Zone-0-Pod-0-Cluster-0-Primary-Store-0",
"hypervisor": "KVM",
"scope" : "zone"
}
],
reviewed-by: talluri
Revert "Automation of CCP Objects Verification after external changes made to the original setup Purpose of this code:"
This reverts commit 7461297f3e.
Generate CCP Objects (VMs, Volumes, Snapshots, VPC, etc..) and CCP Use Cases (Networking, Data Content,etc) before an external action on the CCP Setup and verify the integrity of the CCP Objects and the Use Cases after the external action on the CCP Setup. The integrity of the CCP Objects is verified by performing operations that test the Usability of the objects. This validates the intactness of the setup after an external action. The submitted patch covers only few major use cases. It proves that similar code can be added in future to address similar goals in verifying the integrity of CCP objects belonging to different components of the product.
The code format can be followed to verify validity of real time business use cases while any code changes (CCP,hypervisor,external devices code, etc…) happen over a period of time.
The following are the scenarios that the code format can be used for:
1.Upgrade Validity Verification
a. CCP Upgrade
b. Hypervisors Upgrade
c. External Devices Upgrade
d. System VM Template Changes.
2.Patch Validity Verification
Code can be used as one of the primary Components to validity Upgrades. It will facilitate the automation of Upgrade Test Verification completely.
How to use the code:
*Kindly make the corresponding substitutions in the commands listed below.
Execute:
nosetests --with-marvin --marvin-config=$CONFIG $BASEDIR/integration/component/ test_minimal_ug_check.py --load -a tags=preupgrade
After Upgrade or any Changes done to the Setup, Verify that the existing CCP objects are not affected due to the external changes.
Execute:
nosetests --with-marvin --marvin-config=$CONFIG $BASEDIR/integration/component/ test_minimal_ug_check.py --load -a tags=postupgrade
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
edit checkstyle pom on rc creation
xapi release version dep
update debian package changelog on version upgrade
sign release branch instead of release tree
(cherry picked from commit dd508b3b9f)
edit checkstyle pom on rc creation
xapi release version dep
update debian package changelog on version upgrade
sign release branch instead of release tree
Refactored code to use test_data instead of hardcoded NetScaler credentials
Refactored code to remove large scale duplication
Fixed some minor logic error in the existing tests
This patch has not added or removed any of the original test-cases.
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
This reverts commit e921ec6ec7.
CLOUDSTACK-7408: sshClient.py - removing function load_host_keys(). This function is used to load host keys from local host keys file and to save back the host key. It is not needed while running test cases because we are connecting to unknown host anyway and don't want to use any local host key file. We have the AutoAddPolicy for missing host key file, hence whenever ssh connects to a new host, it will save the host key in memory temporarily.
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
Installed flask package and removed the disk expert recipe in
system vm template to keep only one partition
Signed-off-by: Frank Zhang <frank.zhang@citrix.com>
This reverts commit e921ec6ec7.
CLOUDSTACK-7408: sshClient.py - removing function load_host_keys(). This function is used to load host keys from local host keys file and to save back the host key. It is not needed while running test cases because we are connecting to unknown host anyway and don't want to use any local host key file. We have the AutoAddPolicy for missing host key file, hence whenever ssh connects to a new host, it will save the host key in memory temporarily.
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
Test data to deploy new data center and execute test using the deployed zone
Signed-off-by: sanjeev <sanjeev@apache.org>
Incorporated review comments provided in RR 25097
Fixed review comments mentioned in RR25293
Conflicts:
tools/marvin/marvin/config/test_data.py
(cherry picked from commit 9e5da759b3)
Test data to deploy new data center and execute test using the deployed zone
Signed-off-by: sanjeev <sanjeev@apache.org>
Incorporated review comments provided in RR 25097
Fixed review comments mentioned in RR25293
Conflicts:
tools/marvin/marvin/config/test_data.py
It is simpler to expect that rvm setup is done outside of this build.
The buildacloud.org jenkins has rvm installed/enabled by default so
does not invoke rvm.
Running --export creates the .ovf and the .vmdk files referenced
from that .ovf in one go. Guessing/predicting the names of the .vmdk
files is not fool-proof.
The backticks in the Vagrantfile template were getting evaluated by bash.
This caused some harmless but confusing error messages to appear on running
the build. Easy fix is to remove them.
* bundle install needs to run before running the vbox cleaning scripts,
so move prepare step before clean step
* feature branches have / in their name which is a bad character to
put into filenames
Veewee supports exporting vagrant boxes out of virtualbox, out of the box.
However, it assumes that it can export a disk if the shutdown of the vm that
is using that disk has succeeded. This assumption is not strictly always true
(see previous commit). So, we replicate the bit of logic in veewee for making
vagrant boxes.
This has the added side benefit of creating an .ovf export only once, rather
than once for vmware and then again for vagrant.
Having experimented with many edge cases of running multiple build.sh
commands in parallel / against busy virtualbox setups, the only really
reliable way to produce consistent images is to not do these commands
in parallel and to not do them while the machine is doing many other
things.
If virtualbox or the machine that hosts it is very busy, and/or it has
a lot of disks it knows/knew about, and/or its tuesday, behavior may
be a bit different.
Realizing this reality, this commit adds some scripts that try really
hard to set virtualbox back to known/healthy state before building.
In 8e2d06153b3d5ec1540fac1c8fbc97b5d2b58a8e I mistakenly/accidentally
a apt-get update.
As
https://wiki.debian.org/Multiarch/HOWTO
explains, apt-get update is needed after adding a new architecture.
Create a new minimal 'debianbase' definition which is a veewee template
that's a lot like the systemvmtemplate, but does not have any
systemvm-ness in it. Use it to create a new test.sh which tests a few
common invocations of build.sh work as desired.
This is mainly useful for debugging whether the appliance build process
is working / consistent; in order to test a systemvm itself it should
really first be merged with systemvm.iso.
The current build downloads its script from master by fetching a cloudstack
tarball. Besides being an unneeded load on the apache git server, this is a
problem when working on a branch and wanting to inject a different set of
scripts. It also makes it pretty likely that the injected copy of the script
will not match what a production release wants, so there is very little
chance of not needing to overwrite the scripts.
Ideally we would just rsync over some files. However, veewee does not provide
an option to do that. In order to keep a 'cleanly veewee-only' build possible,
and work with any recent veewee version, in this change we restor to using
shar (http://en.wikipedia.org/wiki/Shar) to produce an archive which can
execute as a script, which we feed to veewee to execute.
When working on the systemvm in isolation, or using vagrant or similar tools,
it can be useful to inject a custom SSH key before merging a management server
systemvm.iso into it. This option allows that. It should _not_ have effect
on management-server-managed vms which always get their SSH keys injected.
In particular, this refactoring allows the use of 'set -e' to exit early on
error. Previously the script would continue for a while when encountering a
problem, stuttering sometimes to (almost) completion, producing partial or
no results.
Added a bash on EXIT trap which runs add_on_exit cleanup code in the reverse
order it was specified. Resource cleanup is now co-located with resource
definition.
Added color-coded logging.
Made most of the hypervisor-specific exports optional. This script now
works on Mac OS X.
Added a bunch of possible arguments / environment variables, see the new usage
function for details (or run ./build.sh help).
Creates a new template with a unique name on every invocation, resulting in a
new virtualbox instance with a unique name. This makes it possible to build
multiple boxes at the same time, in parallel (including for example on a
multiuser box), and reduces the chance of failed build results conflicting
with each other.
Inject the version given on the command line (if any) into the created image.
In theory this _could_ have changed behavior (apt coming up with a different
solution, or one of the packages configuring a new apt repository), but in my
testing, the end result is the same.
Had to change various things to make this code re-entrant. In particular,
the sed-based manipulation of /etc/sudoers is gone and replaced with a
simpler, minimal (but compatible) sudoers file.
Remove the sshd_config tuning since sshd_config is overwritten when we
apply the cloud_scripts overlay (from build.sh).
CLOUDSTACK-4840 changed test_data.py to make the lbrule publicport be 22,
instead of 2222. In doing so, this caused the following tests to fail, as they
hit a problem where they tried to use port 22 for both the lbrule and for other
purposes:
integration.smoke.test_network.TestDeleteAccount.test_delete_account
integration.smoke.test_network.TestReleaseIP.test_releaseIP
The reason the change appears to have been made was that in
test_lb_secondary_ip.py, despite setting up the load balancer using lbrule, the
tests then used the SSH port from natrule to try and access the VM. By changing
lbrule to use port 22 (the same as natrule) this avoided the problem.
This patch updates test_lb_secondary_ip.py to use the SSH port in lbrule where
necessary to access the VMs, and reverts the change to test_data.py
This commit modifies insert statements to use the insert on duplicate update
syntax to update configuration table name, values in case primary key already
exists
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
CLOUDSTACK-6992: Incorporated review comments for patch request 23009
CLOUDSTACK-6992: Added portable ip range to services class
Signed-off-by: sanjeevneelarapu <sanjeev.neelarapu@citrix.com>
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
to support creation of service offering upon passing details in the following format
serviceofferingdetails[1].key=pciDevice
serviceofferingdetails[1].value=Group of NVIDIA Corporation GK107GL [GRID K1] GPUs
serviceofferingdetails[2].key=vgpuType
serviceofferingdetails[2].value=GRID K120Q
Fixed to continue adding all hosts, even if any addition fails and remove
unused args from host class.
Signed-off-by: santhosh <santhosh.edukulla@gmail.com>
Signed-off-by: Abhinandan Prateek <aprateek@apache.org>
account and domainid is passed to conform to recent IAM
related changes in 4.4-forward
2. fixed typo passd to passwd in cloudstackTestClient.py
3. added few missing data required for tests in test_data.py
4. removed config.cfg
mend
Conflicts:
tools/marvin/marvin/config/test_data.py
tools/marvin/marvin/lib/base.py
Fixed pep8 issues arising as part of merge
Signed-off-by: root <root@localhost.localdomain>
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
Fixed issues for CLOUDSTACK-6489
Along with fixed few indent issues.
Signed-off-by: Santhosh Edukulla <Santhosh.Edukulla@citrix.com>
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
1. Added pep8 changes, delete dc flag.
2. Now, delete dc works only if flag is set under config.
3. SSH, retries and delay were altered to reduce the time
for ssh connection
Signed-off-by: Santhosh Edukulla <Santhosh.Edukulla@citrix.com>
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
Fixed issues mentioned for CLOUDSTACK-5674.
More changes in the bug
Signed-off-by: Santhosh Edukulla <Santhosh.Edukulla@citrix.com>
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
Fixed issues related to the mentioned bugs.
More information in the bug.
Signed-off-by: Santhosh Edukulla <Santhosh.Edukulla@citrix.com>
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
new syntax changes in marvin code and fix the logFolderPath
Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
Conflicts:
tools/marvin/marvin/configGenerator.py
CLOUDSTACK-4762 : Enabling VGPU support for XenServer.
This feature is to enable the GPU-passthrough and vGPU functionality,
with the help of this feature, admins/users will be able to leverage
the GPU graphics unit power by deploying a virtul machine with GPU or
vGPU support or by changing the service offering of an existing VM
at any later point of time. There GPU/vGPU enabled VMs are able to run
graphical applications.
For now, this feature is only supported with XenServer hypervisor but
can be extended to add the support of other hypervisors.
Removed apiclient.hypervisor references. More details in the bug
Few other changes pending for this related to VirtualMachine.create
need to be cleaned up
Rohit Yadav
Remi Bergsma
Abhinandan Prateek
Milamber
Wilder Rodrigues
Daan Hoogland
Wei Zhou
Patrick Dube
Srikanteswararao Talluri
Rajani Karuturi
Carles Figuerola
Priti Sarap
Mike Tutkowski
shweta agarwal
Pierre-Luc Dion
Miguel Ferreira
Michael Andersen
sanjeev
Sowmya Krishnan
Ian Southam
Rafael da Fonseca
Abhinav Roy
Stefan Magnus Landrø
Gaurav Aradhye
Laszlo Hornyak
Daan Hoogland
Rajani Karuturi
sailajamada
Ian Duffy
KC Wang
prashant kumar mishra
Daan Hoogland
Yitao Jiang
Rene Moser
Leo Simons
Sander Botman
Hugo Trippaers
Funs
Ashutosh K
Pierre-Yves Ritschard
Chandan Purushothama
David Nalley
Chandan Purushothama
vetrivelc
Will Stevens
Sebastien Goasguen
Doug Clark
Edison Su
Harikrishna Patnala
Prashant Kumar Mishra
Sangeetha Hariharan
Santhosh Edukulla
Alex Brett
Ian Duffy
Girish Shilamkar
Joris van Lieshout
John Dilley
Ritu Sabharwal
Suresh Ramamurthy
sanjeevneelarapu
Vania Xu
Koushik Das
Marcus Sorensen
VinayV
Tim Mackey
monism
rayeesn
ynojima
Anish Kumar Bindal
Min Chen
Sachchidanand Vaidya
Santhosh Edukulla
root
unknown
Murali Reddy
Sanjay Tripathi
