8c1700a3a4
VPC : introduce router_proxy.sh, resource should use this as a proxy to call scripts inside domr
...
already did this for ipassoc and getDomRVersion
2012-06-15 14:22:49 -07:00
efe318336a
CS-14955: security_group.py only creates ICMP iptables rules for ICMP type -1
...
Description:
Unindented 3 lines to update logic flow to execute iptables when
passed ICMP type is not -1.
2012-05-27 19:39:56 -04:00
8581d02ee8
CS-14946, check if it is linux bridge before call ovs
2012-05-23 19:06:35 -07:00
c1539e4e42
CS-14902: Removing files needed for SDN feature from XS 5.6FP1
2012-05-21 15:56:42 +01:00
e72b61eccc
CS-14900:
...
CS-14902: Fixing ovs-vif-flows.py for avoiding it kicks in with exp backoff timeouts if ovs is not running
Also removing unnecessary copies of the same script
2012-05-17 16:09:11 +01:00
e9f339cd14
remove another vnc hack
2012-05-08 11:01:52 -07:00
b7f5dd633d
delete vnc hack after upgrade
2012-05-08 10:45:27 -07:00
d913e3bdfb
security group: exactly match bridge name
2012-05-04 13:56:34 -07:00
b6c2c4c506
CS-14605: OVS cleanup
...
pep8 fixes to python scripts
removing superflous/unused code from python scripts
2012-04-25 11:32:01 +01:00
2340ebced3
Now using vnets instead of network id for creating networks
...
Fixed issues with vif scripts on 5.6FP1
Fixed ipv6 issue on 5.6FP1
Plus other various fixes and improvements
Starting to remove debug code
NOTE: Network is configured correctly but instances do not start. Possibly indefinite wait occuring on some commands
2012-04-23 22:33:18 +01:00
b10ab6b2d0
Adding Missing file to source control
2012-04-23 22:32:52 +01:00
3eef46f8a9
Open vSwitch tunnel manager
...
Applying patch with new ovs-tunnel-manager on top of cloudstack oss-master
2012-04-23 22:32:52 +01:00
5568e95d4c
Overwriting ovstunnel
2012-04-23 22:32:52 +01:00
e2cc2c1f6e
Fixing remaining issues with per-VIF flow script and removing version-specific scripts.
...
Now generating XSnetwork names using gre keys
Plus other minor corrections
2012-04-23 22:32:52 +01:00
8987499cda
Now using vnets instead of network id for creating networks
...
Fixed issues with vif scripts on 5.6FP1
Fixed ipv6 issue on 5.6FP1
Plus other various fixes and improvements
Starting to remove debug code
NOTE: Network is configured correctly but instances do not start. Possibly indefinite wait occuring on some commands
2012-04-23 22:32:52 +01:00
8268635846
Adding Missing file to source control
2012-04-23 22:32:16 +01:00
9f321ffeac
Open vSwitch tunnel manager
...
Applying patch with new ovs-tunnel-manager on top of cloudstack oss-master
2012-04-23 22:32:16 +01:00
a1a615e018
Overwriting ovstunnel
2012-04-23 22:32:16 +01:00
6f0890ea3a
bug CS-12812: XCP has get_mtime missing from the utils, added it here
2012-04-20 10:43:01 +05:30
327049b5c5
CS-14546: Fixed bug Unable to view console in System and Guest VMs and Added Upgrade script
2012-04-19 21:15:45 +05:30
88d6562dac
typo in cloud-setup-bonding.sh
2012-04-13 15:19:49 -07:00
537914ffae
Xenserver Secure Console Proxy. Removing vnc hacks when adding xen host
2012-04-11 17:52:24 +05:30
2f634c0913
Switch to Apache license
2012-04-03 04:50:05 -07:00
a6d4a76647
bug 14498: in xenserver 6.0 and openvswitch enabled, reboot xenserver will lost link local bridge; the workaround is if the link local bridge is lost, create a new one; status 14498: resolved fixed; Reviewed-by: frank
2012-03-26 17:15:03 -07:00
edcf95a6f0
Change KVM's delimiter from "," to "%"
...
In order not to confuse with commandline parameters
2012-03-13 15:59:09 -07:00
a560ec3001
removing the minor version number for comparisions for Xenserver 6.0
2012-03-13 11:23:27 +05:30
3a4ee0d486
removed unused files
2012-02-27 13:59:09 -08:00
6d39e10b76
get fsimage from sp2 for XenServer 5.6 GA
2012-02-24 15:03:34 -08:00
9159de57fc
bug 13603: in XenServer 6.0, qemu-dm-wrapper listens on local host by fault
...
status 13603: resolved fixed
reviewed-by: edison
2012-02-22 18:41:46 -08:00
7008e5a46b
bug 13734: allow dhcp requests and responses all the time
2012-02-15 15:34:48 -08:00
3a3d096a5c
it appears xs 6.0 allows iptables rules across the bridge without csp
2012-02-13 15:53:45 -08:00
08636d5802
bug 13060: check for resident vms as xapi will return vms running on other hosts in the cluster
2012-01-17 18:37:59 -08:00
1a3a3f8e0d
use /usr/lib/cloud/management/systemvm_mnt instead of /mnt/cloud/systemvm.
...
We should use home dir of user 'cloud', don't do any assumption of umask of /mnt,
it varies from distribution
2012-01-13 13:28:31 -08:00
af667d26b7
bug 13033: security rule prevents console access
2012-01-12 15:35:25 -08:00
5d54a3aef8
bug 13052: check if ebtables exists in can_bridge_firewall
...
status 13052: resolved fixed
2012-01-12 11:34:31 -08:00
52610ffcb3
add copyright header to shell scripts
2012-01-11 18:41:53 -08:00
12b7fa60f0
fixed typo
2012-01-11 10:30:31 -08:00
f114ddf471
propagate local_link_network
2012-01-10 19:48:55 -08:00
9be635367e
bug 10363 : cleanup vhd in secondary storage if creating private template fails
...
status 10363 : resolved fixed
Conflicts:
core/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
2012-01-10 16:45:07 -08:00
fb8364ad0c
bug 10363 : cleanup vhd in secondary storage if backsnapshot fails
...
Conflicts:
core/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
2012-01-10 15:51:13 -08:00
924953220b
bug 10363 : cleanup vhd in secondary storage if copy_vhd_to_secondarystorage fails
2012-01-10 15:07:49 -08:00
f964c4d227
bug 10363 : cleanup vhd in primary storage if download template to primary storage fails
...
Conflicts:
core/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
scripts/vm/hypervisor/xenserver/vmops
2012-01-10 13:56:29 -08:00
c25cb29f10
remove nfs.py patch
2012-01-10 13:56:29 -08:00
6aa0560d37
bug 12917: security groups - icmp type/code validations.
2012-01-06 19:33:07 +05:30
5aba3913bb
bug 12854: arp requests can also be used to poison arp caches
2012-01-05 18:01:19 -08:00
f138d15efb
bug 12854: arp and ip antispoof independent of the order of vm start
2012-01-05 18:01:10 -08:00
24894e2354
bug 11302: dont allow stuff like BPDUS, don't allow vms to connect to hypervisor
2011-12-29 17:35:24 -08:00
4718f194ef
bug 12772: typo
2011-12-29 16:01:41 -08:00
338aa3e2a8
accidental commit
2011-12-29 16:01:41 -08:00
a51ee064ee
bug 11302: more efficient caching of keyword
2011-12-29 16:01:41 -08:00
c05903b2d0
bug 11302: support new CSP for SP2.
...
conditional check : --match-set vs --set
forgot to merge this in from 2.2.y
2011-12-29 16:01:40 -08:00
363aea4aee
Bug 12731 - Ebtable rules are blocking all traffic going out of VMs in basic zone
...
status 12731: resolved fixed
reviewed-by: edison
2011-12-22 15:04:15 -08:00
c00d663df2
use soft mount for secondary storage
2011-12-21 20:31:40 -08:00
61eab674d2
bug 12328: XenServer 6.0 changes vnc-port path in xenstore
...
status 12328: resolved fixed
2011-12-21 12:00:27 -08:00
5dfa0ed169
remove obsolete file
2011-12-19 10:56:52 -08:00
2278477737
add stronger security to defend against attacks originating in the vm
2011-12-19 10:56:52 -08:00
5393a44c56
bug 12290: improve antispoofing lgic
...
handle reboot within vm correctly
iptables -S missing in csp
2011-12-19 10:56:52 -08:00
331bd6c103
SWIFT: add error handling code
...
add swift plugin for XenServer 6.0
2011-12-14 19:53:56 -08:00
c7766ea6c8
bug 10617: kvm related changes.
2011-12-02 17:07:36 +05:30
0c1e21ab80
bug 10617: vmops related changes.
2011-12-01 19:32:57 +05:30
09905b641b
bug 10617: merge code from branch bug10617.
2011-12-01 14:17:52 +05:30
f1b99f4f07
Revert "bug 10617: merging code from branch bug10617"
...
This reverts commit 8bc33448b9220534ba0ddc6c642ffb1e69d5844e.
Conflicts:
server/src/com/cloud/api/ApiResponseHelper.java
2011-11-11 20:23:26 +05:30
02adbd4bd3
bug 10617: merging code from branch bug10617
2011-11-10 15:23:48 +05:30
91aa145f5d
Upgrade: no error for this statement
2011-11-04 20:39:39 -07:00
de4d5f0397
Upgrade : script fix
2011-11-04 20:39:26 -07:00
548839e3bb
bug 11903: create local link when host is connected
...
status 11903: resolved fixed
2011-11-04 20:39:05 -07:00
245cd32281
upgrade : fix script
2011-11-04 20:38:42 -07:00
f30ee3fc91
Upgrade : eject CD
2011-11-04 20:38:15 -07:00
6841e265d3
bug 10330: finally merge Rommer's CLVM patch
...
status 10330: resolved fixed
2011-11-02 18:03:58 -07:00
1e86b5e1a6
script fix
2011-11-02 17:05:30 -07:00
f41a9e8b23
propagate local link network
2011-11-02 17:05:05 -07:00
f97b3e5c56
bug 11858: fake pv : use version in host parameter instead, fix XCP override
...
status 11858: resolved fixed
commit-by: Kevin Brooks
review-by: Anthony Xu
2011-11-01 19:51:06 -07:00
3067a9d2db
Swift : add two new files
2011-10-21 14:26:20 -07:00
c97010a160
BackupSnapshot to Swift
2011-10-18 18:11:09 -07:00
6710f09ab4
swift is written in python 2.6
...
make swift client work in python 2.4
changes:
1. md5 interface changed
2. urlparse interface changed
3. Queue interface changed
2011-10-13 12:07:09 -07:00
01d38fbb3e
add swift client from 1.4.3
2011-10-13 11:47:41 -07:00
7ba15ce49b
remove old swift client
2011-10-12 12:11:46 -07:00
1c5adc7714
bug 11336: compression to allow number of cidrs to scale beyond 8k
2011-10-06 17:56:59 -07:00
1b3372e1de
bug 11625: separate out error paths to enable fine grained error handling and cleanup
...
status 11625: resolved fixed
2011-10-06 17:55:29 -07:00
61fa7d8675
bug 11420: reduce duration of disruption
2011-10-06 17:55:21 -07:00
89e45bd671
bug 11130: Add GetDomRVersionCmd
2011-09-29 14:50:11 -07:00
9730160e63
typo
2011-09-14 20:39:57 -07:00
3549067d55
bug 11307: Add BumpUpPriorityCommand
2011-09-14 16:22:19 -07:00
d6cbd2b6bc
bug 11275:
...
remove heartbeat entry for this Primary Storage, when put this Primary Storage into maintenance mode
create heartbeat entry for this Primary Storage, when cancal maintenance for this Primary Storage
status 11275: resolved fixed
2011-09-13 22:15:21 -07:00
fae5e84699
if the xenserver host cannot do bridge firewalling do not attempt to retry the security rule updat
...
change some logs to debug level
2011-09-12 18:20:24 -07:00
65fb83035f
Enable monitoring over JMX
...
Add the ability to disable some vms from being scheduled
Add ability to trigger ruleset updates from JMX
added a few more dangerous JMX operations
2011-09-12 18:20:24 -07:00
0aeb45fafc
if sequence number increases but signature does not change, do not reprogram, but rewrite the rule log
2011-09-12 18:20:23 -07:00
d817f3c364
Revert "bug 10617: Added Egress rules to Security groups."
...
revert pending review
This reverts commit a19212703b9734ebd44ebf55cfdd81ebdc9d7fe4.
2011-09-12 14:45:58 -07:00
53970c89dc
Revert "bug 10617: blocking between security groups for egress rules fixed."
...
revert pending review
This reverts commit 7d30dfd79e3c4b01492f606333c26e36bcdc5d13.
2011-09-12 14:45:58 -07:00
e216686029
Revert "bug 10617: Intermediate checking"
...
revert pending review
This reverts commit 561b27565512d438db3d8896df6f97b644b0b498.
2011-09-12 14:45:58 -07:00
f9b0962ad9
bug 10617: Intermediate checking
...
Changes :
- Fixing API doc +response name + errorMessage
- Adding seperate events to Egress rules
- Egress rules Using the same database table as that of ingress with new column type.
Pending Tasks:
- db upgrade
- database table rename from security_ingress_rule to generic name, renaming some of the jave class from ingress to generic name.
- Retesting on kvm
2011-09-09 18:14:19 +05:30
10d2ca8d0a
bug 10617: blocking between security groups for egress rules fixed.
2011-09-02 16:17:08 +05:30
7621dea575
Fix the regression on security group cleanup:
...
In pre-2.2.10, the cleanup doens't work at all.
In 2.2.10, it works but make a mistake to delete all the rules for vmname ending with "-untagged"
2011-08-31 10:45:52 -07:00
854f81962f
bug 10617: Added Egress rules to Security groups.
...
Description :
API's:
- Two new api's authorizeSecurityGroupEgress,revokeSecurityGroupEgressCmd are added. These two API's are similer to ingress rule API's.
- authorizeSecurityGroupEgress :Authorizes a particular egress rule for this security group . Usageof API is very similer to that of authorizeSecurityGroupIngress except that instead of source cidr there will be destination cidr. By default like ingress, all the outgoing flows are blocked.
- revokeSecurityGroupEgress : It is similer to revokeSecurityGroupIngress api, It removes the egress rule.
- listSecurityGroup API's response changed. It include's egress list apart from the existing ingress rules in the output of the API.
Hypervisors :
- It is implemented in Xen and KVM.
Pending Tasks : Blocking using destination security groups.
Previous commits: c9fda641673df7701f44963ef27e1d488f121219 , 24e4e44b8f0712a37147a3777833de3f9e24829e
2011-08-30 16:28:35 +05:30
8a7feb8ec1
Merge branch '2.2.y'
...
Conflicts:
agent/src/com/cloud/agent/resource/computing/LibvirtComputingResource.java
api/src/com/cloud/agent/api/routing/LoadBalancerConfigCommand.java
api/src/com/cloud/agent/api/to/FirewallRuleTO.java
api/src/com/cloud/agent/api/to/IpAddressTO.java
api/src/com/cloud/agent/api/to/PortForwardingRuleTO.java
api/src/com/cloud/api/ApiConstants.java
api/src/com/cloud/api/BaseCmd.java
api/src/com/cloud/api/ResponseGenerator.java
api/src/com/cloud/api/commands/CreateFirewallRuleCmd.java
api/src/com/cloud/api/commands/CreateIpForwardingRuleCmd.java
api/src/com/cloud/api/commands/CreateLoadBalancerRuleCmd.java
api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java
api/src/com/cloud/api/commands/DeleteLoadBalancerRuleCmd.java
api/src/com/cloud/api/commands/ListCapabilitiesCmd.java
api/src/com/cloud/api/commands/UpdateNetworkCmd.java
api/src/com/cloud/api/response/CapabilitiesResponse.java
api/src/com/cloud/network/Network.java
api/src/com/cloud/network/NetworkService.java
api/src/com/cloud/network/firewall/FirewallService.java
api/src/com/cloud/network/lb/LoadBalancingRule.java
api/src/com/cloud/network/lb/LoadBalancingRulesService.java
api/src/com/cloud/network/rules/FirewallRule.java
api/src/com/cloud/network/rules/RulesService.java
api/src/com/cloud/offering/NetworkOffering.java
client/tomcatconf/commands.properties.in
cloud.spec
core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
core/src/com/cloud/hypervisor/xen/resource/CitrixHelper.java
core/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
core/src/com/cloud/storage/template/DownloadManagerImpl.java
core/src/com/cloud/vm/DomainRouterVO.java
debian/cloud-deps.install
patches/systemvm/debian/config/etc/init.d/cloud-early-config
patches/systemvm/debian/config/root/ipassoc.sh
patches/systemvm/debian/config/root/loadbalancer.sh
scripts/vm/hypervisor/kvm/rundomrpre.sh
scripts/vm/hypervisor/xenserver/vmops
server/src/com/cloud/agent/manager/AgentAttache.java
server/src/com/cloud/agent/manager/AgentManagerImpl.java
server/src/com/cloud/agent/manager/AgentMonitor.java
server/src/com/cloud/agent/manager/ClusteredAgentManagerImpl.java
server/src/com/cloud/alert/ClusterAlertAdapter.java
server/src/com/cloud/api/ApiResponseHelper.java
server/src/com/cloud/api/ApiServer.java
server/src/com/cloud/cluster/ClusterManagerImpl.java
server/src/com/cloud/configuration/Config.java
server/src/com/cloud/configuration/ConfigurationManager.java
server/src/com/cloud/configuration/ConfigurationManagerImpl.java
server/src/com/cloud/configuration/DefaultComponentLibrary.java
server/src/com/cloud/deploy/FirstFitPlanner.java
server/src/com/cloud/ha/HighAvailabilityManagerImpl.java
server/src/com/cloud/host/dao/HostDaoImpl.java
server/src/com/cloud/hypervisor/xen/discoverer/XcpServerDiscoverer.java
server/src/com/cloud/network/LoadBalancerVO.java
server/src/com/cloud/network/NetworkManager.java
server/src/com/cloud/network/NetworkManagerImpl.java
server/src/com/cloud/network/dao/FirewallRulesDao.java
server/src/com/cloud/network/dao/FirewallRulesDaoImpl.java
server/src/com/cloud/network/element/DhcpElement.java
server/src/com/cloud/network/element/VirtualRouterElement.java
server/src/com/cloud/network/firewall/FirewallManagerImpl.java
server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java
server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
server/src/com/cloud/network/rules/FirewallManager.java
server/src/com/cloud/network/rules/FirewallRuleVO.java
server/src/com/cloud/network/rules/PortForwardingRuleVO.java
server/src/com/cloud/network/rules/RulesManagerImpl.java
server/src/com/cloud/network/rules/StaticNatRuleImpl.java
server/src/com/cloud/network/security/SecurityGroupListener.java
server/src/com/cloud/network/security/SecurityGroupManagerImpl.java
server/src/com/cloud/offerings/NetworkOfferingVO.java
server/src/com/cloud/server/ConfigurationServerImpl.java
server/src/com/cloud/server/ManagementServerImpl.java
server/src/com/cloud/storage/StorageManager.java
server/src/com/cloud/storage/StorageManagerImpl.java
server/src/com/cloud/storage/dao/VMTemplateHostDaoImpl.java
server/src/com/cloud/storage/download/DownloadMonitorImpl.java
server/src/com/cloud/upgrade/DatabaseUpgradeChecker.java
server/src/com/cloud/upgrade/dao/Upgrade228to229.java
server/src/com/cloud/upgrade/dao/Upgrade229to2210.java
server/src/com/cloud/user/AccountManagerImpl.java
server/src/com/cloud/vm/UserVmManagerImpl.java
server/src/com/cloud/vm/VirtualMachineManagerImpl.java
server/src/com/cloud/vm/dao/DomainRouterDao.java
server/src/com/cloud/vm/dao/DomainRouterDaoImpl.java
setup/db/create-index-fk.sql
setup/db/create-schema.sql
setup/db/db/schema-222to224.sql
setup/db/db/schema-227to228.sql
setup/db/db/schema-228to229.sql
setup/db/db/schema-229to2210.sql
tools/testClient/README
ui/scripts/cloud.core.instance.js
utils/src/com/cloud/utils/SerialVersionUID.java
utils/src/com/cloud/utils/db/ConnectionConcierge.java
utils/src/com/cloud/utils/db/Merovingian2.java
utils/src/com/cloud/utils/db/Transaction.java
utils/src/com/cloud/utils/nio/Link.java
utils/src/com/cloud/utils/nio/NioConnection.java
utils/src/com/cloud/utils/time/InaccurateClock.java
2011-08-22 20:28:30 -07:00
4369b0ba96
bug 1067:
...
- covered basic impelementation for xen, need to test corner cases.
- Not implemneted: kvm, vmware , listing of egress rules.
2011-08-19 11:10:16 +05:30
e4162e5be6
fixed the script
2011-08-16 15:24:34 -07:00
cd57e03e1d
fixed the script
2011-08-16 15:23:53 -07:00
2cea330540
fixed script
2011-08-16 15:19:32 -07:00
3802426ae3
Revert " fixed script"
...
This reverts commit 90ac340d39ead1f31c11449671a1aec4fd6f27e2.
2011-08-16 15:18:20 -07:00
anthony
John Kinsella
Salvatore Orlando
Edison Su
Abhi
Rajesh Battala
frank
Sheng Yang
Chiradeep Vittal
Naredula Janardhana Reddy
Edison Su
Sheng Yang
Edison Su
alena