service and not used for LB
Fix adds a boolean flag to addNetscalerLoadBalancer api, which
will mark added NetScaler for exclusive GSLB service. A netscaler marked
as exclusive gslb service provider is not picked for any guest network's
lb provider.
Conflicts:
engine/schema/src/com/cloud/network/dao/ExternalLoadBalancerDeviceVO.java
plugins/network-elements/f5/src/com/cloud/network/element/F5ExternalLoadBalancerElement.java
plugins/network-elements/netscaler/src/com/cloud/api/commands/AddNetscalerLoadBalancerCmd.java
plugins/network-elements/netscaler/src/com/cloud/api/response/NetscalerLoadBalancerResponse.java
plugins/network-elements/netscaler/src/com/cloud/network/element/NetscalerElement.java
server/src/com/cloud/network/ExternalLoadBalancerDeviceManager.java
server/src/com/cloud/network/ExternalLoadBalancerDeviceManagerImpl.java
setup/db/db/schema-421to430.sql
1. Egress default policy rules is send to the firewall provider. It is up to the
provider to configure the rules.
2. The default policy rules are send for both allow and deny default policy.
3. On network shutdown rules for delete are send.
4. For VR and SRX, by default deny the traffic. So no default rule to deny traffic is required.
scaling up vms was not considering parameter cluster.(memory/cpu).allocated.capacity.disablethreshold. Fixed it
Also added overprovisioning factor retrieval at the cluster level for host capacity check
scaling up vms was not considering parameter cluster.(memory/cpu).allocated.capacity.disablethreshold. Fixed it
Also added overprovisioning factor retrieval at the cluster level for host capacity check
Changes:
- We need to reset the avoid set to its original state while calling the storage pool allocators for each volume.
- This will prevent affecting allocation of the disks due to the avoid set output of the prior disk allocations.
Changes:
- Added 'virtualmachineid' parameter to the createVolume API to specify a VM for the volume. The Vm should be in 'Running' or 'Stopped' state.
- This parameter is used only when createVolume API is called using snapshotid parameter
- When this parameter is set, the volume is created from the snapshot in the pod/cluster of the VM. Also the volume is then attached to the VM in the same request
- If attach Volume fails but create has succeeded, the API errors out but the Volume created remains available. User may attach the same volume later
- When Vm is provided, but if no storage pool is available in the VM's pod/cluster then the volume is not created and API fails.
Changes:
- Do not do the stoarge capacity check for a VM having READY Volumes that are already present on the storagepool.
Conflicts:
server/src/com/cloud/deploy/DeploymentPlanningManagerImpl.java
Conflicts:
server/src/com/cloud/deploy/DeploymentPlanningManagerImpl.java
listAlerts: introduced new parameter "name" to the alertResponse
Added new Admin API - generateAlert. Available to ROOT admin only
listAlerts: implemented search by alert name
And also add a new table: snapshotdetails
Conflicts:
plugins/storage/volume/default/src/org/apache/cloudstack/storage/datastore/driver/CloudStackPrimaryDataStoreDriverImpl.java
Tests:
- all tests are @Test rather than having one test to call them, so they can be run one by one
- tests that expect exception from a method fail if there is none
- no longer extends TestCase so that the original method names could be kept as test
Implementation:
- include root cause in exceptions when possible - helps at troubleshuting
- close readers
Signed-off-by: Laszlo Hornyak <laszlo.hornyak@gmail.com>
ResourceUnavailableException won't be catched by VirtualNetworkApplianceManager
after Alex's refactor, because VirtualMachineManager.start() would cover the
exceptions as well. So changed the calling to advanceStart() instead.
Added a field to the command for serviceOfferingId and changed the internal interface to accept the service offering as parameter
Applied automated code cleanup
This patch adds a network plugin to support Palo Alto Networks firewall (their appliance and their VM series firewall).
More information in the FS: https://cwiki.apache.org/confluence/display/CLOUDSTACK/Palo+Alto+Firewall+Integration
Features supported are:
- List/Add/Delete Palo Alto service provider
- List/Add/Delete Palo Alto network service offering
- List/Add/Delete Palo Alto network with above service offering
- Add instance to the new network (creates the public IP and private gateway/cidr on the PA as well as the source nat rule)
- List/Add/Delete Ingress Firewall rule
- List/Add/Delete Egress Firewall rule
- List/Add/Delete Port Forwarding rule
- List/Add/Delete Static Nat rule
- Supports Palo Alto Networks 'Log Forwarding' profile globally per device (additional docs to come)
- Supports Palo Alto Networks 'Security Profile Groups' functionality globally per device (additional docs to come)
Knowns limitations:
- Only supports one public IP range in CloudStack.
- Currently not verifying SSL certificates when creating a connection between CloudStack and the Palo Alto Networks firewall.
- Currently not tracking usage on Public IPs.
Signed-off-by: Sheng Yang <sheng.yang@citrix.com>
Fix is use the storage overprovisioning factor (global configuration parameter "storage.overprovisioning.factor") to calculate total provisioning capacity for storage space allocation over VMFS based storage pools as well.
There are two level of thin provisioning provided in VMware, storage level and file-level (VMDK) thin provisioning. in CloudStack, all volumes are provisioned with thin VMDK format, so at hypervisor level, we ALWAYS do thin provisioning. If storage vendor has the ability to provide storage level thin provisioning in addition to VMDK thin provisioning, it is also allowed since it is transparent to Cloudstack.
Signed-off-by: Sateesh Chodapuneedi <sateesh@apache.org>
Changes:
- Set total capacity of a host if it has changed in the CapacityChecker thread
- Fix bug while setting the reserved/used cpu/mem capacity - only one of them used to get set
Changes:
- Consider if VM requires the local storage or shared storage or both for its disks.
- Accordingly all pools in the cluster should consider local or shared or both pools
Conflicts:
server/src/com/cloud/agent/manager/allocator/HostAllocator.java
architecture allows additional functionality to be easily added. Incorporating the plugin in CloudStack will allow
the community to participate in improving the features available with Hyper-V. The plugin uses a Director Connect
Agent architecture described here: https://cwiki.apache.org/confluence/display/CLOUDSTACK/Progress
Add ability to pass kvp data via the key cloudstack-vm-userdata
Rearrange code to make it clearer what .NET objects are being used.
Test failures are easier to deal with if test key is not deleted.
Acquire management/pod ip for control ip when VR deploys in HyperV
Fixed deletion on VM's on hyperv host when mgmt server gets restarted due to HA
Implementation for attach iso command. Attaches an iso to a given vm.
Now VPN connection can be created as "passive", which would enable the ability
of remote peer initiate the connection. So it's possible for VPC VR to
establish the connection to another VPC VR of CloudStack.
Test case also included.
The test case would create 2 vpcs and using VPN to connect them.
1) vxlan will use bridge scheme 'brvx-<vni>'. Multiple physical networks can host guest
traffic type with vxlan isolation, so long as they don't use the same VNI range.
2) Guest traffic labels can be physical interface if bridge by given name is not found.
Normally we take traffic label name, find the matching bridge, then resolve that to a
physical interface. Then we create guest bridges on that interface. Now we can just
specify the interface.
TODO:
1. error handling of no domains present, nested hierarchy
2. handling the case when the api call fails for a specific user/users
3. test cases for LdapUserManager
Signed-off-by: Ian Duffy <ian@ianduffy.ie>
In case of VMware, once the state of the old root volume has been updated to destroyed force expunge it from primary storage to avoid the garbage collector from trying to delete the new root volume
1) added createDetail to ResourceDetailDao interface to provide generic way of creating resourceDetail DB objects
2) added resource details support for firewall rules
The following types were not setup to discover extensions
com.cloud.network.element.FirewallServiceProvider
com.cloud.network.element.PortForwardingServiceProvider
com.cloud.network.element.StaticNatServiceProvider
com.cloud.network.element.NetworkACLServiceProvider
com.cloud.network.element.LoadBalancingServiceProvider
com.cloud.network.element.Site2SiteVpnServiceProvider
1) Added support for Zone resource details
2) Renamed DcDetailsDao to DataCenterDetailsDao to follow the CS name convention for DataCenter related classes
Min Chen
Harikrishna Patnala
Murali Reddy
Jayapal
Will Stevens
Alena Prokharchyk
Nitin Mehta
Frank.Zhang
Prachi Damle
Kishan Kavala
Kelven Yang
Fang Wang
Devdeep Singh
Anthony Xu
Likitha Shetty
Darren Shepherd
edison su
Bharat Kumar
Wei Zhou
Anshul Gangwar
Hugo Trippaers
Kelven Yang
Syed Ahmed
fjkdf
Koushik Das
Laszlo Hornyak
Mike Tutkowski
Sheng Yang
Rajesh Battala
Sateesh Chodapuneedi
Donal Lafferty
Rajani Karuturi
ynojima
Marcus Sorensen