etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
26,975 Commits 324 Branches 325 Tags 883 MiB
Commit Graph

84 Commits

Author SHA1 Message Date
Rajani Karuturi 0b8355920e Merge branch 'volume-upload' into master 
This closes #206
 2015-04-29 11:12:53 +05:30
wilderrodrigues 2fad87d3f3 Make the routers persistent 
- After configuration save the ipdated in files
    * /etc/iptables/router_rules.v4 and /etc/iptables/router_rules.v6
    * Reload the configuration on reboot via the /etc/rc.local using iptables-restore
 2015-04-14 15:09:47 +02:00
Rene Moser 0ada08aa85 CLOUDSTACK-6885: fix logrotate on VR to depend on size 
In 6ac06e5e5e logrotate was changed to run hourly.
Some logrotate configs still have set `daily` only which results in logs not
rotated hourly. The only way to ensure the log is rotated is to use size.

This closes #162

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-04-14 00:49:28 +05:30
Rohit Yadav 0540ba1b30 systemvm: fix socat usage 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 888f67f0bd)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-30 13:50:39 +05:30
Abhinandan Prateek 6ac06e5e5e CLOUDSTACK-6885: rotate logs hourly on VR 2015-03-30 13:49:23 +05:30
Rohit Yadav b011c9bad4 Add missing license headers from recent branch merge 3c429ee 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-18 11:03:54 +05:30
Ian Southam 13b7ca1b3f New code must not run on systemvm 2015-03-16 11:38:10 +01:00
Hugo Trippaers 76d0669656 Avoid confusion and make sure the file is put in only one location 2015-03-16 11:38:06 +01:00
Ian Southam f0b783bb11 Removed stuff that is moved to CsRedundant 2015-03-16 11:35:30 +01:00
Ian Southam 093749eaae A start on the redundancy code 
This will not break anything but also will not work
 2015-03-16 11:35:29 +01:00
Ian Southam 733bc19eac Include base rule sets in Acls 
Also made some adjustments to the base rule sets to ensure my parsing routine works
 2015-03-16 11:35:26 +01:00
Ian Southam 574fa2c0a0 Call update_config.py if it is there 2015-03-16 11:35:21 +01:00
Ian Southam 98a43d184b Fixed bug in which every run of loadQueueFile would append to the json file (merge) 
cloud-early-config now saves its input file to /var/cache/cloud
Execute load cmd_line.json in update_config
Old way of working still in there to stop and possible clash until the base image is made
 2015-03-16 11:35:19 +01:00
Ian Southam 666dc16e58 Moved bag location to /et/cloudstack 
Updated test script to also process command line
Added connmark stuff to merge
 2015-03-16 11:35:09 +01:00
Ian Southam 2a94ca69ce Added some lost lines back using Hugo witchcraft 2015-03-16 11:35:09 +01:00
Ian Southam bcbefb2833 Changed from camelCase to json_case 2015-03-16 11:35:03 +01:00
Ian Southam 5b82e2059d Cherry-pick of 11c00977f77f45aa7b0c387dc88360eba0819e8a: 
----
Author:    Ian Southam <isoutham@schubergphilis.com>

First commit towards moving systemvm to chef based configuration
In this commit

1.  cmdline json databag is created
2.  ip association data bag is created
3.  Basic chef cookbook to manage ips and routes

Conflicts:
	systemvm/patches/debian/config/etc/init.d/cloud-early-config
	systemvm/patches/debian/config/var/chef/cookbooks/README
	tools/appliance/definitions/systemvm64template/postinstall.sh
----
Because we've refactored the systemvm template the change to
postinstall.sh now gets its own chef.sh file.
 2015-03-16 11:34:59 +01:00
René Moser 47de4a12f4 systemvm: correct sftp subsystem path of debian wheezy 
This closes #104

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-10 10:15:05 +05:30
Rohit Yadav ebcad34d33 systemvm: avoid tcp responses with timestamp 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit f3f47f25ba)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-09 17:12:22 +05:30
Rohit Yadav 5256b0205a systemvm: have apache2 use secure SSL cipher suite 
Created using Mozilla's ssl config generator:
https://mozilla.github.io/server-side-tls/ssl-config-generator/

Intermediate setting was used, with apache version 2.2.22 and openssl 1.0.1e
Oldest compatible clients:
Firefox 1, Chrome 1, IE 7, Opera 5, Safari 1, Windows XP IE8, Android 2.3, Java 7

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit ab8f367850)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-09 12:45:06 +05:30
ramamurtis da1d8f9dce volume upload: fixed the UI after the change to move params to header. 
Signed-off-by: Rajani Karuturi <rajanikaruturi@gmail.com>
 2015-02-27 17:40:06 +05:30
Rajani Karuturi bc997f1acb volume upload: escape $1 in the rewrite rule 2015-02-17 11:34:18 +05:30
Jayapal 8414223a96 CLOUDSTACK-5494: Fixed dns is open to public in VR 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 81994cf443)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-02-06 15:31:13 +05:30
Rajani Karuturi e08522dbaa volume upload: adding the rewrite rules on start of cloud service 2015-01-29 16:55:30 +05:30
Rohit Yadav 664186f483 CLOUDSTACK-8160: use preferable protocols 
(cherry picked from commit debfcdef78)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-21 18:04:45 +05:30
Rajani Karuturi ebaa4dd38e volume upload: added httpcomponents server and removed nio server 
removing nio server as it is currently handling only https connections
and the parsing logic is also specific to agent communication.

current limitation of httpcomponents server is that the entire file is
read in memory. need figure out how to read it in chunks and send it
through a inputstreamreader to save on secondary storage.
 2015-01-16 17:15:14 +05:30
Rajani Karuturi 631e6e0088 volume upload: doing https redirect as NioServer handles only https 2015-01-13 10:43:21 +05:30
Rajani Karuturi 2c169bc02d volume-upload added a upload url redirect in apache conf 
rewrite engine is on only in the case fo SSVM
 2015-01-09 09:16:00 +05:30
Wei Zhou 4eedfe53fc CLOUDSTACK-2823: pass cmdline info to system vms for 30 times 2014-12-08 15:45:29 +01:00
Rajani Karuturi 4722fa3de9 Merge branch '4.5' 
Conflicts:
	client/WEB-INF/classes/resources/messages_ja_JP.properties
	client/WEB-INF/classes/resources/messages_zh_CN.properties
	engine/orchestration/src/com/cloud/vm/VirtualMachineManagerImpl.java
	engine/schema/src/com/cloud/upgrade/DatabaseUpgradeChecker.java
	engine/schema/src/com/cloud/upgrade/dao/Upgrade442to450.java
	engine/storage/volume/src/org/apache/cloudstack/storage/volume/VolumeServiceImpl.java
	plugins/event-bus/rabbitmq/pom.xml
	plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
	server/src/com/cloud/storage/VolumeApiServiceImpl.java
	server/src/com/cloud/vm/UserVmManagerImpl.java
	setup/db/db/schema-442to450.sql
	test/integration/component/test_persistent_networks.py

This closes #53
 2014-12-08 15:27:53 +05:30
Jayapal 8f8e311110 CLOUDSTACK-8030: Updated router to come up egress default ALLOW 
On default iptables rules are updated to add ACCEPT egress traffic.
    If the network egress default policy is false, CS remove ACCEPT and adds the DROP rule which
    is egress default rule when there are no other egress rules.

    If the CS network egress default policy is true, CS won't configure any default rule for egress because
    router already came up to accept egress traffic. If there are already egress rules for network then the
    egress rules get applied on VR.

    For isolated network with out firewall service, VR default allows egress traffic (guestnetwork --> public network)
 2014-12-08 11:32:01 +05:30
Wei Zhou 18b230db74 Revert "Occasionally the while loop can exit with no data (Probably recieving an EOF) before receiveing CMDline data from the certial port. Continue looping until cmdline is populated" 
This reverts commit 83656a6ea8.

The systemvm/routers will reboot automatically if the systemvm.iso changes.
They will stuck during the startup due to this commit because the virtio-port are empty.
 2014-12-05 15:17:55 +01:00
David Bierce 83656a6ea8 Occasionally the while loop can exit with no data (Probably recieving an EOF) before receiveing CMDline data from the certial port. Continue looping until cmdline is populated 
Signed-off-by: Edison Su <sudison@gmail.com>
 2014-11-20 11:00:09 -08:00
David Bierce 50d756e87d Occasionally the while loop can exit with no data (Probably recieving an EOF) before receiveing CMDline data from the certial port. Continue looping until cmdline is populated 
Signed-off-by: Edison Su <sudison@gmail.com>
 2014-11-20 10:58:35 -08:00
Sheng Yang 50b262e02a CLOUDSTACK-7944: Ensure ipv6 is enabled in sysctl.conf 
The booting sequence result in change of IPv6 related sysctl options was
overrided by sysctl.conf which is loaded later.

So this patch would patch sysctl.conf in VR as well, ensure IPv6 would be
enabled during booting period otherwise the network setup may not work, result
in IPv6 VM deployment failure.
 2014-11-19 14:50:03 -08:00
Sheng Yang bb352da302 CLOUDSTACK-7944: Ensure ipv6 is enabled in sysctl.conf 
The booting sequence result in change of IPv6 related sysctl options was
overrided by sysctl.conf which is loaded later.

So this patch would patch sysctl.conf in VR as well, ensure IPv6 would be
enabled during booting period otherwise the network setup may not work, result
in IPv6 VM deployment failure.
 2014-11-19 14:49:18 -08:00
Joris van Lieshout 1cc733bfd5 Logrotate is called from crontab. Debian crontab does not include everything in it's path. Therefore reference to these bins need to be absoluut. 
Signed-off-by: Daan Hoogland <daan@onecht.net>
 2014-11-09 13:18:08 +01:00
Joris van Lieshout 1e1cc11d9a Logrotate is called from crontab. Debian crontab does not include everything in it's path. Therefore reference to these bins need to be absoluut. 
Signed-off-by: Daan Hoogland <daan@onecht.net>
 2014-11-09 13:13:56 +01:00
Rohit Yadav a014617085 CLOUDSTACK-7855: NIC3 should set MTU and not NIC1 for storage network nic 
The fix also persists the configuration in /etc/network/interfaces

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-11-06 18:21:32 +05:30
Rohit Yadav c8ad4d15fd CLOUDSTACK-7855: NIC3 should set MTU and not NIC1 for storage network nic 
The fix also persists the configuration in /etc/network/interfaces

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-11-06 18:19:11 +05:30
Rohit Yadav 84e44a4dba systemvm: Prefer TLS over SSL in apache, POODLE workaround (CVE­2014­3566) 
Just prefer TLS over SSL in apache configuration in systemvm

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 88acc9bd53)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-11-04 01:50:06 +05:30
Rohit Yadav 88acc9bd53 systemvm: Prefer TLS over SSL in apache, POODLE workaround (CVE­2014­3566) 
Just prefer TLS over SSL in apache configuration in systemvm

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-11-04 01:43:55 +05:30
Edison Su 9d5b7b73a2 MTU should be put on storage network: eth3, instead of eth1 Reviewed-by: Frank 2014-10-30 02:45:46 -07:00
Daan Hoogland 1de0cb7094 restore barematel work after merge 2014-10-17 10:24:01 +02:00
Daan Hoogland 148efbb73f Merge remote-tracking branch 'origin/4.5' into merge-master 
Conflicts:
	engine/schema/src/com/cloud/upgrade/dao/Upgrade441to450.java
	plugins/hypervisors/baremetal/src/com/cloud/baremetal/manager/BaremetalManagerImpl.java
	plugins/hypervisors/baremetal/src/com/cloud/baremetal/manager/BaremetalVlanManager.java
	plugins/hypervisors/baremetal/src/com/cloud/baremetal/manager/BaremetalVlanManagerImpl.java
	plugins/hypervisors/baremetal/src/com/cloud/baremetal/networkservice/BaremetalKickStartServiceImpl.java
	plugins/hypervisors/vmware/src/com/cloud/storage/resource/VmwareStorageProcessor.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
	server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java
	setup/db/db/schema-441to450.sql
	test/integration/component/test_deploy_vgpu_vm.py
	tools/marvin/marvin/config/test_data.py
 2014-10-16 12:29:37 +02:00
Saksham Srivastava b29d075108 CLOUDSTACK-7657: cloud.log is being rotated by multiple rotation policies on SSVM and CPVM 
(cherry picked from commit 3e02bfa74f)
 2014-10-13 00:13:25 -04:00
Saksham Srivastava cd3df842f2 CLOUDSTACK-7631: Log rotate on VR may fail as /etc/init.d/rsyslog does not anymore support reload option on debian wheezy 
(cherry picked from commit 3a8c450890)
 2014-10-12 23:55:42 -04:00
David Nalley ac48aa8e0c cleaning up some from a revert 2014-10-12 23:30:04 -04:00
Frank Zhang 01dada100a CLOUDSTACK-6278 
Baremetal Advanced Networking support
 2014-10-06 16:03:19 -07:00
Saksham Srivastava 3e02bfa74f CLOUDSTACK-7657: cloud.log is being rotated by multiple rotation policies on SSVM and CPVM 2014-10-01 13:39:09 +05:30