etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
17,061 Commits 323 Branches 325 Tags 836 MiB
Commit Graph

449 Commits

Author SHA1 Message Date
Sheng Yang aeda3f3a1c bug 11056: Add customized iptables and kernel modules to the system template 
The new kernel module xt_CHECKSUM.ko is based on [1], and back ported to 2.6.32
kernel. New iptables is based on adding a new extension from [2].

[1]https://lwn.net/Articles/396466/
[2]https://git.netfilter.org/cgi-bin/gitweb.cgi?p=iptables.git;a=commit;h=9d1b11102b53103c00b7fddf4658a4d2bdee1338

status 11056: resolved fixed
 2011-12-28 20:20:35 -08:00
Sheng Yang 14d6c85176 bug 12727: Add arping to update the vSwitch cache 
We need to broadcast all our public IP address's ARP, not only the gateway one.

status 12727: resolved fixed
 2011-12-22 17:24:57 -08:00
Sheng Yang 3b2e2b079b bug 12704: Fix multiply public nics with redundant router 
status 12704: resolved fixed
 2011-12-21 16:01:58 -08:00
Chiradeep Vittal 797836723d bug 10804: add default dns provider 2011-12-05 16:56:31 -08:00
Chiradeep Vittal 89f13ad700 bug 10804 virtual router support for per-vm default network 2011-12-05 14:53:42 -08:00
Edison Su 782b4d97b2 bug 11835: don't return error if it's delete firewall rules 
status 11835: resolved fixed
Reviewed-by: frank
 2011-11-10 17:59:01 -08:00
Naredula Janardhana Reddy 00ea2a5995 bug 11590: 
reviewed-by: Abhi

Summary of Changes:
 while adding a primary address to the domR interface, previous primaray addresses(ip) are removed and added as with 32-bit netmask.
   This is to avoid two same ip's with different netmask attached to the interface.
 2011-11-09 16:44:47 +05:30
Naredula Janardhana Reddy 4ae44b4f5f bug 11191: rp_filter changes: correcting display error 2011-11-07 22:29:37 +05:30
Naredula Janardhana Reddy dc804d4ba4 bug 11191: rp_filter changes. 
The following are summary of changes:
   1) when network.disable.rpfilter is set to true, then rp_filter will be disadbled(set to 0) on all the public interfaces and also default setting of the system.
   2) when network.disable.rpfilter is set to false, then rp_filter will be enabled(set to 1) on all the public interfaces and also default setting of the system.
   3) here public public interface means , eth2 ... ethN. default setting means (/proc/sys/net/ipv4/conf/default/rp_filter).
   4) Default setting change will have impact on non-public interface. Due to  these, rp_filter is always enabled on Non-public interfaces(eth0,eth1 and lo).
   5) when  a new public interface is created, new interface will take rp_filter value from the default setting.
 2011-11-07 22:28:25 +05:30
Naredula Janardhana Reddy aab59d0bab bug 11191: rp_filter changes. 
The following are summary of changes:
1) when network.disable.rpfilter is set to true, then rp_filter will be disadbled(set to 0) on all the public interfaces and also default setting of the system.
2) when network.disable.rpfilter is set to false, then rp_filter will be enabled(set to 1) on all the public interfaces and also default setting of the system.
2) here public public interface means , eth2 ... ethN. default setting means (/proc/sys/net/ipv4/conf/default/rp_filter).
3) Default setting change will have impact on non-public interface.if there is no specific setting for other interfaces in /etc/sysctl.conf or otherexplict setting , they will follow this default settings. currently non-public interface like eth0 ,eth1 does not have any specific setting in sysctl.conf, due to this there rp_filters will be changed when ever network.disable.rpfilter setting is changed.
4) default setting is required to changes beacuse when a new public interface is created, new interface will take rp_filter value from the default setting.
 2011-11-07 22:27:42 +05:30
Sheng Yang c44db2557d bug 11772: Add improved version of locking for the scripts in the systemvm 
Because currently the lock in the script is retried every 1 second, and it's a
quite a long time that it's possible for some other active script can be
executed and retain the lock again. So it's possible that the first one request
the lock is always being preemptted by others, then finally got timeout.

To fix this issue, the retry interval is reduced to 0.1 seconds, which would
provide more retry times. And each process want to get the lock would create a
file named lockname-PID.lock, and only the first one(judged by timestamp) would
get the lock. The remaining ones would retry every 0.1 seconds to see if it can
get the lock.

Also timeout time is extended to 30 seconds.

And add testcase for it.

status 11772: resolved fixed
 2011-11-01 19:06:14 -07:00
Edison Su 121850bcb5 bug 11598: secstorage.vm.mtu.size, by default it's 1500. After change this configuration, need to restart mgt server, and restart secondary storage to take effect. 
status 11598: resolved fixed
 2011-10-26 14:48:56 -07:00
Kelven Yang dce4e74b58 bug 11585: using pre-allocated NIC approach to support additional public interfaces for VMware 2011-10-11 15:40:31 -07:00
Sheng Yang fbc19041ab Fix haproxy directory issue in buildsystemvm.sh 2011-09-29 16:14:59 -07:00
Sheng Yang 89e45bd671 bug 11130: Add GetDomRVersionCmd 2011-09-29 14:50:11 -07:00
kishan a4af6d43f8 bug 11547: VMware - Reset iptables counter when a public interface on domR is 
removed
status 11547: resolved fixed
reviewed-by: Ram
 2011-09-28 16:50:57 +05:30
kishan 8ffeddb020 bug 11547: Reset iptables counter when a public interface on domR is removed 2011-09-23 15:43:45 +05:30
frank ae2c5d9a6e Bug 11539 - SSVM stop script doesn't work 
status 11539: resolved fixed
reviewed-by: edison

Conflicts:

	console-proxy/scripts/run.sh
 2011-09-22 17:52:42 -07:00
Sheng Yang 85a164f6ac bug 11518: Return "saved_password" for non-existed password entry in domR 
To solve password file is destroyed along with restartNetwork command issue. If
the password is not set in fact, user can use "ResetPassword" to try again. But
it won't happen mostly, because it's only possible if the restartNetwork
happened between user start up VM and set the new password.

Reviewed-by: Keshav

status 11518: resolved fixed
 2011-09-21 15:50:54 -07:00
Naredula Janardhana Reddy db75bf2072 bug 11455: adding firewall rule chain to the main chain in the case when vpn chain is not present. 2011-09-16 17:30:41 +05:30
Sheng Yang fe838c5528 bug 11233: Update switch's cache using ping 
We would ping the gateway after transit to MASTER, this should speed up the
update of switch's cache.
 2011-09-14 16:26:54 -07:00
Sheng Yang 532de07176 bug 11307: Copy missing scipt to the proper location 2011-09-14 16:26:22 -07:00
Sheng Yang 319c529879 Remove keepalived start up delay 2011-09-14 16:26:15 -07:00
Sheng Yang c47bc3664e Add rrouter lock for edithost.sh and ipassoc.sh 2011-09-14 16:26:09 -07:00
Sheng Yang ba2fc97865 bug 11351: Add monitor process for keepalived 
Then when the process dead, we can know it and prevent two MASTER case happened.
 2011-09-14 16:25:17 -07:00
Sheng Yang 014e19546c bug 11351: move redundant router scripts to ramdisk 
Then it can exempt from storage failure.
 2011-09-14 16:25:10 -07:00
Sheng Yang d3b0f04877 bug 11351: Add checkrouter.sh.templ 
Also modify ipassoc.sh to use checkrouter.sh
 2011-09-14 16:25:03 -07:00
Sheng Yang b007e24e59 bug 11351: Add parameters for binary file/log file 2011-09-14 16:24:50 -07:00
Sheng Yang 4bbfa2513e bug 11307: Add PRIORITY bump up script for redundant virtual routers 2011-09-14 16:18:55 -07:00
Sheng Yang 0553c543a1 bug 11421: Add missing source cmd for ipassoc.sh 
status 11421: resolved fixed
 2011-09-13 11:08:32 -07:00
Sheng Yang 97d788dfc9 Add log for reconfigLB.sh 2011-09-12 17:00:53 -07:00
Sheng Yang abc44ac283 bug 11266: Add lock file for every script in the systemVM 
To prevent them from racy.

status 11266: resolved fixed
 2011-09-09 18:27:33 -07:00
Abhinandan Prateek 5a19056aa2 bug 10824: clearing up older entries in resolv.conf and dnsmasq-resolv.conf before adding so that duplicate entries do not end up in these files. 
status 10842: resolved fixed
 2011-09-07 05:11:33 +05:30
Naredula Janardhana Reddy cbed4c7a44 bug 11253: 
Added New value "link-local"  to  global config network.loadbalancer.haproxy.stats.visibility . With this change it can take new parameter "link-local" value apart from the existing 3 values global,guest-network,disabled.
       global -  stats visible from public network
       guest-network - stats visible only to guestnetwork.
       link-local - stats visible only to link local network
       disabled - stats disabled.
 2011-08-26 15:21:29 +05:30
Sheng Yang c7a887a51c bug 11266: Add lockfile for scripts in system vm 
Otherwise it's easy to trigger the racy issue.

This one just contained fix for reconfigLB.sh
 2011-08-25 19:37:14 -07:00
Naredula Janardhana Reddy 470ffcb652 bug 11191: 
Added global config to enable/disable rp_filter for domR.
   previous commit: d966906374d4a0cb8fa57326a1f7625c871f64fd

   Test Case-1 :
      1) Set network.disable.rpfilter  global config to true
      2) Restart the domR
      3) check the settings reflected in proc filesystem
           - for public interface like eth2,eth3 : /proc/sys/net/ipv4/conf/eth2/rp_filter should have 0 , and rest other interfaces should have value of 1
   Test Case-2 :
      1) set network.disable.rpfilter global config to false
      2) Restart the domR
      3) check the settings reflected in proc filesystem
           - for public interface like eth2,eth3 : /proc/sys/net/ipv4/conf/eth2/rp_filter should have 1 , and rest other interfaces should also have value of 1
 2011-08-24 13:32:07 +05:30
Naredula Janardhana Reddy 145a4aad37 bug 11191: Added global config to disable/enable rp_filter for domR(public interfaces) 2011-08-24 13:30:23 +05:30
alena 8a7feb8ec1 Merge branch '2.2.y' 
Conflicts:
	agent/src/com/cloud/agent/resource/computing/LibvirtComputingResource.java
	api/src/com/cloud/agent/api/routing/LoadBalancerConfigCommand.java
	api/src/com/cloud/agent/api/to/FirewallRuleTO.java
	api/src/com/cloud/agent/api/to/IpAddressTO.java
	api/src/com/cloud/agent/api/to/PortForwardingRuleTO.java
	api/src/com/cloud/api/ApiConstants.java
	api/src/com/cloud/api/BaseCmd.java
	api/src/com/cloud/api/ResponseGenerator.java
	api/src/com/cloud/api/commands/CreateFirewallRuleCmd.java
	api/src/com/cloud/api/commands/CreateIpForwardingRuleCmd.java
	api/src/com/cloud/api/commands/CreateLoadBalancerRuleCmd.java
	api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java
	api/src/com/cloud/api/commands/DeleteLoadBalancerRuleCmd.java
	api/src/com/cloud/api/commands/ListCapabilitiesCmd.java
	api/src/com/cloud/api/commands/UpdateNetworkCmd.java
	api/src/com/cloud/api/response/CapabilitiesResponse.java
	api/src/com/cloud/network/Network.java
	api/src/com/cloud/network/NetworkService.java
	api/src/com/cloud/network/firewall/FirewallService.java
	api/src/com/cloud/network/lb/LoadBalancingRule.java
	api/src/com/cloud/network/lb/LoadBalancingRulesService.java
	api/src/com/cloud/network/rules/FirewallRule.java
	api/src/com/cloud/network/rules/RulesService.java
	api/src/com/cloud/offering/NetworkOffering.java
	client/tomcatconf/commands.properties.in
	cloud.spec
	core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
	core/src/com/cloud/hypervisor/xen/resource/CitrixHelper.java
	core/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
	core/src/com/cloud/storage/template/DownloadManagerImpl.java
	core/src/com/cloud/vm/DomainRouterVO.java
	debian/cloud-deps.install
	patches/systemvm/debian/config/etc/init.d/cloud-early-config
	patches/systemvm/debian/config/root/ipassoc.sh
	patches/systemvm/debian/config/root/loadbalancer.sh
	scripts/vm/hypervisor/kvm/rundomrpre.sh
	scripts/vm/hypervisor/xenserver/vmops
	server/src/com/cloud/agent/manager/AgentAttache.java
	server/src/com/cloud/agent/manager/AgentManagerImpl.java
	server/src/com/cloud/agent/manager/AgentMonitor.java
	server/src/com/cloud/agent/manager/ClusteredAgentManagerImpl.java
	server/src/com/cloud/alert/ClusterAlertAdapter.java
	server/src/com/cloud/api/ApiResponseHelper.java
	server/src/com/cloud/api/ApiServer.java
	server/src/com/cloud/cluster/ClusterManagerImpl.java
	server/src/com/cloud/configuration/Config.java
	server/src/com/cloud/configuration/ConfigurationManager.java
	server/src/com/cloud/configuration/ConfigurationManagerImpl.java
	server/src/com/cloud/configuration/DefaultComponentLibrary.java
	server/src/com/cloud/deploy/FirstFitPlanner.java
	server/src/com/cloud/ha/HighAvailabilityManagerImpl.java
	server/src/com/cloud/host/dao/HostDaoImpl.java
	server/src/com/cloud/hypervisor/xen/discoverer/XcpServerDiscoverer.java
	server/src/com/cloud/network/LoadBalancerVO.java
	server/src/com/cloud/network/NetworkManager.java
	server/src/com/cloud/network/NetworkManagerImpl.java
	server/src/com/cloud/network/dao/FirewallRulesDao.java
	server/src/com/cloud/network/dao/FirewallRulesDaoImpl.java
	server/src/com/cloud/network/element/DhcpElement.java
	server/src/com/cloud/network/element/VirtualRouterElement.java
	server/src/com/cloud/network/firewall/FirewallManagerImpl.java
	server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
	server/src/com/cloud/network/rules/FirewallManager.java
	server/src/com/cloud/network/rules/FirewallRuleVO.java
	server/src/com/cloud/network/rules/PortForwardingRuleVO.java
	server/src/com/cloud/network/rules/RulesManagerImpl.java
	server/src/com/cloud/network/rules/StaticNatRuleImpl.java
	server/src/com/cloud/network/security/SecurityGroupListener.java
	server/src/com/cloud/network/security/SecurityGroupManagerImpl.java
	server/src/com/cloud/offerings/NetworkOfferingVO.java
	server/src/com/cloud/server/ConfigurationServerImpl.java
	server/src/com/cloud/server/ManagementServerImpl.java
	server/src/com/cloud/storage/StorageManager.java
	server/src/com/cloud/storage/StorageManagerImpl.java
	server/src/com/cloud/storage/dao/VMTemplateHostDaoImpl.java
	server/src/com/cloud/storage/download/DownloadMonitorImpl.java
	server/src/com/cloud/upgrade/DatabaseUpgradeChecker.java
	server/src/com/cloud/upgrade/dao/Upgrade228to229.java
	server/src/com/cloud/upgrade/dao/Upgrade229to2210.java
	server/src/com/cloud/user/AccountManagerImpl.java
	server/src/com/cloud/vm/UserVmManagerImpl.java
	server/src/com/cloud/vm/VirtualMachineManagerImpl.java
	server/src/com/cloud/vm/dao/DomainRouterDao.java
	server/src/com/cloud/vm/dao/DomainRouterDaoImpl.java
	setup/db/create-index-fk.sql
	setup/db/create-schema.sql
	setup/db/db/schema-222to224.sql
	setup/db/db/schema-227to228.sql
	setup/db/db/schema-228to229.sql
	setup/db/db/schema-229to2210.sql
	tools/testClient/README
	ui/scripts/cloud.core.instance.js
	utils/src/com/cloud/utils/SerialVersionUID.java
	utils/src/com/cloud/utils/db/ConnectionConcierge.java
	utils/src/com/cloud/utils/db/Merovingian2.java
	utils/src/com/cloud/utils/db/Transaction.java
	utils/src/com/cloud/utils/nio/Link.java
	utils/src/com/cloud/utils/nio/NioConnection.java
	utils/src/com/cloud/utils/time/InaccurateClock.java
 2011-08-22 20:28:30 -07:00
Sheng Yang 7ccc833114 Fix potential redundant router FAULT state by dnsmasq 
This message may show during redundant router start up:

FAULT (Restarting DNS forwarder and DHCP server: dnsmasq failed!)

This caused by edithost.sh is racy with keepalived process. They both want to
restart dnsmasq.

Even in normal condition, it's very hard to reproduce this bug. Add file lock
for edithost.sh should solve it.
 2011-08-19 16:11:48 -07:00
Sheng Yang d9b0188d7e Fix potential redundant router FAULT state by dnsmasq 
This message may show during redundant router start up:

FAULT (Restarting DNS forwarder and DHCP server: dnsmasq failed!)

This caused by edithost.sh is racy with keepalived process. They both want to
restart dnsmasq.

Even in normal condition, it's very hard to reproduce this bug. Add file lock
for edithost.sh should solve it.
 2011-08-19 16:11:33 -07:00
Naredula Janardhana Reddy b9183c0840 bug 10561: merging code from 2.2.10 to master 2011-08-16 14:20:51 +05:30
Chiradeep Vittal 779989ce6b bug 11103: create firewall chains on ipassoc 
status 11103: resolved fixed
bug 11106: this is somehow fixed / cannot reproduced
status 11106: resolved fixed
 2011-08-15 10:18:44 -07:00
Chiradeep Vittal 51f4485143 bug 11084: ensure AH and ESP protocols are allowed in when creating a VPN 2011-08-15 10:18:09 -07:00
Sheng Yang 407b45ee2e Fix ping in cloud-early-config 
The old ping don't have -w option
 2011-08-12 13:47:13 -07:00
Sheng Yang 11dfba635c Fix ping in cloud-early-config 
The old ping don't have -w option
 2011-08-12 13:47:01 -07:00
Sheng Yang 2aa349f769 bug 11083: Fix broadcast address is 0.0.0.0 
The reason is:
1. In redundant router, we won't enable eth2(public network interface) until
keepalived determine the router is MASTER.
2. ipassoc.sh normally kick in before keepalived process running. And it would
set eth2's IP address using "ip addr add $dev $ip"
3. "ip addr add $dev $ip" won't add mask for the device, then there is no way to
update broadcast address for eth2. Then broadcast address is 0.0.0.0.
4. As long as "ip addr add $dev $ip" executed, later executed "ifconfig $dev $ip
netmask $mask" won't calculated the broadcast address from $ip and $mask.

To fix this, we enable and configure eth2 temporaily when cloud-early-config
executed, then disable eth2 interface. By this way, broadcast address of should
be calculated and set correctly.

status 11083: resolved fixed
 2011-08-12 00:11:52 -07:00
Sheng Yang ccdd7ce17f bug 11083: Fix broadcast address is 0.0.0.0 
The reason is:
1. In redundant router, we won't enable eth2(public network interface) until
keepalived determine the router is MASTER.
2. ipassoc.sh normally kick in before keepalived process running. And it would
set eth2's IP address using "ip addr add $dev $ip"
3. "ip addr add $dev $ip" won't add mask for the device, then there is no way to
update broadcast address for eth2. Then broadcast address is 0.0.0.0.
4. As long as "ip addr add $dev $ip" executed, later executed "ifconfig $dev $ip
netmask $mask" won't calculated the broadcast address from $ip and $mask.

To fix this, we enable and configure eth2 temporaily when cloud-early-config
executed, then disable eth2 interface. By this way, broadcast address of should
be calculated and set correctly.

status 11083: resolved fixed
 2011-08-12 00:11:39 -07:00
Sheng Yang 29cc88571f Redundant router script fix, also fix CheckRouterTask 2011-08-11 17:57:12 -07:00
Sheng Yang 23e6b96c98 Redundant router script fix, also fix CheckRouterTask 2011-08-11 17:57:00 -07:00
Sheng Yang 258a1bc451 Ifdown may not bring interface down if ifup not run 
Use ifconfig to bring it down
 2011-08-11 15:01:02 -07:00
Sheng Yang a935e52b62 Ifdown may not bring interface down if ifup not run 
Use ifconfig to bring it down
 2011-08-11 15:00:43 -07:00
Chiradeep Vittal f91d173511 bug 10561: handle icmp (finally\!) 2011-08-11 14:36:41 -07:00
Sheng Yang 7807e29c30 Use ifup/ifdown for redundant router 2011-08-11 14:30:21 -07:00
Sheng Yang 95cc2d6381 Use ifup/ifdown for redundant router 2011-08-11 14:29:49 -07:00
Chiradeep Vittal 88a1c69413 bug 10561: get static nat working 2011-08-11 12:41:21 -07:00
Chiradeep Vittal d1ec7e759b remove cruft 2011-08-11 11:26:45 -07:00
Sheng Yang 4e4a44f2c4 Fix sometime system VM is up but mgmt server can't reach it 2011-08-11 11:01:14 -07:00
Sheng Yang 8b405e477c Fix sometime system VM is up but mgmt server can't reach it 2011-08-11 10:57:05 -07:00
Naredula Janardhana Reddy 7c2395e684 bug 10561: fix: last entry in the firewall rules unable to delete 2011-08-11 19:01:36 +05:30
Naredula Janardhana Reddy 699b197a3c bug 10561: changes to the create/delete firewall rule backend script: 
1) changes to the return value
    2) added a FIXME to one the leak.
 2011-08-11 16:53:18 +05:30
Chiradeep Vittal 35e67bbfdf bug 10561: ensure outgoing connections work 2011-08-10 23:16:04 -07:00
Abhinandan Prateek 16803387c6 bug 10812: changes to dhcp option 15 and 119 2011-08-11 10:23:20 +05:30
Chiradeep Vittal d29b01ca7f bug 10561: backend rules for firewall 2011-08-10 18:39:52 -07:00
Sheng Yang 9f6dc993ab Fix dhcp_entry.sh fail on redundant router 
And don't worry about "chkconfig dnsmasq off", because keepalived script should
take care of it.
 2011-08-10 17:13:45 -07:00
Sheng Yang 02049d4cd4 Fix dhcp_entry.sh fail on redundant router 
And don't worry about "chkconfig dnsmasq off", because keepalived script should
take care of it.
 2011-08-10 17:13:15 -07:00
Sheng Yang 34682b3bb0 Fix ping commandline parameter 2011-08-10 12:07:43 -07:00
Sheng Yang ab4c4de989 Fix redundant router start up 
commit e4fe14a9ce19fbbdb15bbfaad586d80031ca9fbc break redundant router, because
at time of ping, the network is not up for redundant router.

Add timout for ping
 2011-08-10 12:07:37 -07:00
Sheng Yang 5cf6feb2e5 Fix "RTNETLINK answers: No such process" when starting redundant router 
The issue happened quite rare, but indeed can show.

And when the issue happen, the status of redundant router would be "Status:
FAULT".

It's due to ipassoc.sh wasn't executed before the system bring eth2 up and go to
master mode, then eth2 wasn't configured correctly. Then "ip route add default
xx" can't complete.

This commit should fixes the issue.
 2011-08-10 12:06:53 -07:00
Naredula Janardhana Reddy a9eb14c42e bug 10561: backend added for CreateFirewallRule and deleteFirewallRule 2011-08-10 17:06:42 +05:30
Abhinandan Prateek f409a9535f bug 10812: adding the domain serach order to option 15, now the dhcp client is able to set this for search entry 2011-08-10 15:52:47 +05:30
Sheng Yang 738a9b3ad0 Fix "RTNETLINK answers: No such process" when starting redundant router 
The issue happened quite rare, but indeed can show.

And when the issue happen, the status of redundant router would be "Status:
FAULT".

It's due to ipassoc.sh wasn't executed before the system bring eth2 up and go to
master mode, then eth2 wasn't configured correctly. Then "ip route add default
xx" can't complete.

This commit should fixes the issue.
 2011-08-09 22:25:06 -07:00
Sheng Yang 9a0a3f195c Fix ping commandline parameter 2011-08-09 21:41:56 -07:00
Sheng Yang ba2ec7e770 Fix redundant router start up 
commit e4fe14a9ce19fbbdb15bbfaad586d80031ca9fbc break redundant router, because
at time of ping, the network is not up for redundant router.

Add timout for ping
 2011-08-09 21:02:01 -07:00
alena 56d5054e39 Revert "bug 10561: Allowing ICMP traffic through static NAT" 
This reverts commit 5e74e24bb359456967866cb2c6cc0f6f73570f97.

Conflicts:

	server/src/com/cloud/network/rules/RulesManagerImpl.java
 2011-08-09 15:51:57 -07:00
Kelven Yang adfb6a1f03 bug 11017: kick VMware vSwitch by pinging the default gateway to work around mysterous VMware network problem 2011-08-09 15:47:22 -07:00
Kelven Yang 69ca341f1b bug 11017: kick VMware vSwitch by pinging the default gateway to work around mysterous VMware network problem 2011-08-09 15:45:11 -07:00
Sheng Yang 071a67dcb8 Change router to FAULT state if anything goes wrong on fail-over 2011-08-09 11:09:44 -07:00
Sheng Yang 980c4b9120 Change router to FAULT state if anything goes wrong on fail-over 2011-08-09 11:09:20 -07:00
Naredula Janardhana Reddy 536db8a1de loadbalancer.sh changes : 1) Removed source cidrs from iptable script,2) added sudo before iptables 2011-08-09 18:34:16 +05:30
Naredula Janardhana Reddy ad29587e43 bug 10800,10557 : 
Cahnges:
        1) putting back the changes(bug 10800 and 10557) that had been reverted during merging of Elb/nectarine.
        2) 10800 Upgrade from previous release also added: Upgrade from Previous release will leave iptable rules in the INPUT ipchain, this is fixed.
 2011-08-09 16:53:19 +05:30
Chiradeep Vittal 179368ea32 get lb working on advanced mode again 2011-08-09 01:02:58 -07:00
Sheng Yang e62f828e52 bug 11003: Fix HAproxy with new template 
New debian package didn't create directory /var/lib/haproxy, which result in
haproxy fail to work.

status 11003: resolved fixed
 2011-08-08 17:59:25 -07:00
Naredula Janardhana Reddy 12cadca538 Revert "bug 10561: Allowing ICMP traffic through static NAT" 
This reverts commit 5e74e24bb359456967866cb2c6cc0f6f73570f97.
 2011-08-08 17:59:05 -07:00
Chiradeep Vittal 8277584b8a merge ELB / nectarine branch 2011-08-08 15:20:56 -07:00
Sheng Yang 55eb0e4b65 bug 11003: Fix HAproxy with new template 
New debian package didn't create directory /var/lib/haproxy, which result in
haproxy fail to work.

status 11003: resolved fixed
 2011-08-08 13:36:53 -07:00
Sheng Yang 9985df928b Try to workaround "ip route add" fail in redundant router 
It's probably due to the network is not ready, so wait some time for it.
 2011-08-05 16:40:57 -07:00
Sheng Yang 49709d716a Try to workaround "ip route add" fail in redundant router 
It's probably due to the network is not ready, so wait some time for it.
 2011-08-05 16:40:35 -07:00
Chiradeep Vittal 5552b650ff Merge branch 'guru' into 2.2.8.nectarine 2011-08-05 12:27:47 -07:00
Chiradeep Vittal ac8b833fb0 Ensure lb vm enables only those services that are necessary. ensure default route 2011-08-05 12:16:55 -07:00
Abhinandan Prateek dae2f4d958 bug 10748: fixed it when the VM acts as a dhcp server only 
status 10748: resolved fixed
 2011-08-05 12:07:59 +05:30
Abhinandan Prateek 0f2a9b6a69 bug 10748: fixed it when the VM acts as a dhcp server only 
status 10748: resolved fixed
 2011-08-05 12:02:54 +05:30
Abhinandan Prateek c460a1b80b bug 10748: fixed it when the VM acts as a dhcp server only 
status 10748: resolved fixed
 2011-08-05 11:58:48 +05:30
Chiradeep Vittal 0c408d8da5 handle elb vm restart 2011-08-04 22:05:48 -07:00
Chiradeep Vittal 61fd6a79c8 ensure elb vm is managed by elb manager 2011-08-04 17:02:27 -07:00
Chiradeep Vittal e936a52f10 merge changes from parent branch 2011-08-04 12:39:25 -07:00
Naredula Janardhana Reddy 46427fef91 bug 10561: Allowing ICMP traffic through static NAT 2011-08-03 21:15:02 +05:30
Naredula Janardhana Reddy 954d8673c7 bug 10561: Allowing ICMP traffic through static NAT 2011-08-03 18:13:09 +05:30
Abhinandan Prateek f6303c13fb bug 10812: putting key in ZoneConfig and other nomenclature changes 2011-08-03 14:42:29 +05:30
Abhinandan Prateek cd78c5cb9b bug 10812: putting key in ZoneConfig and other nomenclature changes 2011-08-03 14:32:28 +05:30
Abhinandan Prateek 6dd519ddd4 bug 10812: putting key in ZoneConfig and other nomenclature changes 2011-08-03 14:16:08 +05:30
Abhinandan Prateek 7e727be42c bug 10748: use external dnses if set thru global config (dhcp otpion 6) 2011-08-03 12:34:02 +05:30
alena 8d47c53735 Revert "bug 10435: removed vpn feature" 
This reverts commit ea9e1b5d138950e8de49fce7ffdbb12a1c72c560.

Conflicts:

	api/src/com/cloud/api/ResponseGenerator.java
	scripts/vm/hypervisor/xenserver/vmops
	server/src/com/cloud/configuration/Config.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
 2011-08-02 18:12:57 -07:00
Abhinandan Prateek 2f804dd799 bug 10748: use external dns, configurable thru global param 2011-08-02 16:21:55 +05:30
Abhinandan Prateek 9009026eba bug 10748: use external dns 
status 10748: resolved fixed
 2011-08-02 15:35:13 +05:30
Abhinandan Prateek 4f3dec5f1c bug 10812: adding domain suffixes to zone's router conf 2011-08-02 11:34:38 +05:30
Abhinandan Prateek 5cb3882349 bug 10812: adding domain suffixes to zone's router conf 2011-08-02 11:23:33 +05:30
Abhinandan Prateek 46be774ce8 bug 10812: adding domain suffixes to zone's router conf 2011-08-02 11:08:24 +05:30
Chiradeep Vittal 56d7be35f1 WIP 2011-07-29 11:04:54 -07:00
Naredula Janardhana Reddy 15d57cef9f bug 10557: implemented the TODO - opening the stats port using iptable 2011-07-28 17:28:20 +05:30
Naredula Janardhana Reddy d79633b545 bug 10800: iptable rable restore upon failure is changed 2011-07-28 17:27:44 +05:30
Naredula Janardhana Reddy 2fc7be14de bug 10557: implemented the TODO - opening the stats port using iptable 2011-07-28 17:24:10 +05:30
Naredula Janardhana Reddy e19c51e68c bug 10800: iptable rable restore upon failure is changed 2011-07-28 13:43:07 +05:30
Chiradeep Vittal f27116c50e log haproxy changes to system log and auth 2011-07-27 12:00:08 -07:00
Chiradeep Vittal 07c2f6cdc7 differentiate between dhcp server and elb vm 2011-07-27 12:00:07 -07:00
Naredula Janardhana Reddy 296d0af503 bug 10800: Load balancer - deleted settings from UI not removed from the Iptables 2011-07-27 14:57:49 +05:30
Kelven Yang 9761661989 bug 10855: fix a typo when merging git conflicts 2011-07-26 10:50:33 -07:00
Kelven Yang db29f7792c bug 10855: the issue is caused by expanding content that has space inside at sub-shell, use back quote substitution to enforce the correct shell macro expansion 2011-07-26 10:50:10 -07:00
Kelven Yang 3e8fb4add2 bug 10855: fix a typo when merging git conflicts 2011-07-26 10:48:54 -07:00
Kelven Yang db09c6ae47 bug 10855: the issue is caused by expanding content that has space inside at sub-shell, use back quote substitution to enforce the correct shell macro expansion 2011-07-26 10:41:26 -07:00
Naredula Janardhana Reddy 67dc2ec915 bug 10800: Load balancer - deleted settings from UI not removed from the Iptables 2011-07-26 15:28:01 +05:30
Edison Su 30942b77a3 fix meta data returning 404 issue on vmware 2011-07-25 21:20:09 -07:00
Edison Su 3a17b37808 fix meta data returning 404 issue on vmware 2011-07-25 21:17:42 -07:00
Abhinandan Prateek dff712f2a9 bug 10731: sending source cidrs to the required router element, on domR allowing these source cidrs thru iptables 
status 10731: resolved fixed
 2011-07-21 13:48:42 +05:30
Abhinandan Prateek de34d6089d bug 10731: sending source cidrs to the required router element, on domR allowing these source cidrs thru iptables 
status 10731: resolved fixed
 2011-07-21 13:40:06 +05:30
Sheng Yang 04cdca07fa Enforce redundant router command line checking in patchsystemvm.sh 2011-07-19 15:41:14 -07:00
Sheng Yang ed611fa200 Enforce redundant router command line checking in patchsystemvm.sh 2011-07-19 15:40:53 -07:00
Sheng Yang 4bc8686513 bug 10429: Backport redundant virtual router 
Part 1

This backport contained:

commit 52317c718c25111c2535657139b541db0c9d1e1f
    bug 9154: Initial check in for enabling redundant virtual router

commit 54199112055d754371bfb141168fb5538bf6d6ea
    Add host verification for CheckRouterCommand

commit cef978a228c90056ead9be10cbc4de74c2b8de76
    Fix CheckRouterAnswer's isMaster report

commit 4072f0a6991ac3b63601a1764fbe14188965f62f
    Some build fixes and code refactoring for redundant router

commit 4d3350b7cd8ee2706a9bace4437fc194e36c8dd5
    Redundant Router: Fix OVS

commit 6a228830e7c46d819fa0c3317e159e041337e887
    Fix findByNetwork()/findByNetworkAndPod()'s return

commit c627777b3d5bdbcd60db4032cebd349a5b1ecd83
    Redundant Router: Fix isVmAlive()

commit e1275d2514adc41f8744f5107d4069c38be195f1
    Only issue CheckRouterCommand to redundant routers

And all modification to the scripts till
commit 4e3942462ed3fde3a3d7011e95839e2128fba514
logging changes

in the master branch.
 2011-07-18 18:29:56 -07:00
Edison Su a622b48d32 It breaks port forwording. 
Revert "bug 10329: changed - t :"

This reverts commit 16779afa0233e6ff33cdfca12611e6a43bcd0b42.
 2011-07-08 13:52:49 -07:00
Edison Su 399c1addb9 fix meta issue for vmware: create a blank meta data file, even meta data is empty 2011-07-08 13:51:30 -07:00
Edison Su a3613f2762 It breaks port forwording. 
Revert "bug 10329: changed - t :"

This reverts commit 16779afa0233e6ff33cdfca12611e6a43bcd0b42.
 2011-07-07 18:30:42 -07:00
Abhinandan Prateek 73b79deb99 bug 10329: changed - t : 
status 10329: resolved fixed
 2011-07-07 11:52:04 +05:30
Abhinandan Prateek 6b7279598e bug 10329: changing - to : in port range 
status 10329: resolved fixed
 2011-07-07 11:46:17 +05:30
Edison Su 28f413f223 fix meta issue for vmware: create a blank meta data file, even meta data is empty 2011-07-05 16:19:23 -07:00
alena 74f34a0e0c bug 10435: removed vpn feature 
status 10435: resolved fixed
 2011-06-24 09:18:46 -07:00
Sheng Yang dc46ffb0c7 bug 9154: various fix for scripts 2011-06-22 15:30:39 -07:00
Sheng Yang bbb0f41a92 Fix ipassoc.sh with new added nic 
The script should bring the new created interface up.
 2011-06-20 17:21:32 -07:00
Sheng Yang d71ed00148 bug 9154: Add more log in keepalived.log 2011-06-15 15:39:48 -07:00
anthony 0f340c199f align system VM partitions with 4k 2011-06-14 11:47:07 -07:00
Sheng Yang 29c54c42e0 Fix hostname in the generated vm template 
The ssh_host_*_key.pub in /etc/sshd contained generator's own hostname. This
patch fixes it.
 2011-06-14 11:29:12 -07:00
Sheng Yang b1ced0e478 Fix buildsystem.sh script 
And the script can only be used with the machine installed grub-legacy(e.g. grub
0.97) rather than grub2(grub-pc).
 2011-06-13 19:37:21 -07:00
Kelven Yang 1e9efb2f86 bug 10214: merge fixes from 2.2.8/2.2.4 2011-06-10 14:29:01 -07:00
Kelven Yang 5f7f885c6a bug 10214: merge fix from 2.2.4 branch 2011-06-10 12:08:22 -07:00
Sheng Yang 3106df1c72 bug 9495: Fix DomR logging error on boot 
status: resolved fixed
 2011-06-09 15:10:06 -07:00
Sheng Yang e92d00d3bf bug 9495: Fix DomR logging error on boot 
status: resolved fixed
 2011-06-09 15:04:35 -07:00
Kelven Yang dae72c26b0 bug 10093: always create .htaccess in DomR 2011-06-08 16:56:41 -07:00
Sheng Yang 5db86e6c20 Fix CheckRouterAnswer's isMaster report 
If we got invalid/unsuccessed answer from CheckRouterAnswer, set master to
false.

Also add missed scripts.
 2011-06-07 14:47:46 -07:00
Sheng Yang 8542c9ca13 Fix keepalived start up issue 
Sometime when keepalived start up(during system boot up period), it would fail
to(likely due to unable to receive the packet), and think itself is the only
router, then make itself master.

Add 10 seconds delay after start up to work around the issue.
 2011-06-07 14:47:46 -07:00
Sheng Yang 58ade71a5b Enable only vrrp mode of keepalived 2011-06-07 14:47:46 -07:00
Sheng Yang 819e67b189 Add file lock for keepalived scripts 
They are not blocked callings.
 2011-06-07 14:47:46 -07:00
Sheng Yang 2973ab5ef5 Enable multiply public ips for redundant router 
Also solve duplicate mac issue.
 2011-06-07 14:47:46 -07:00
Sheng Yang 62ac899091 bug 9154: Initial check in for enabling redundant virtual router 
This patch enable redundant virtual routers.

1. To enable this feature, db need to be updated using follow SQL by now(we
would get a UI way later):

UPDATE network_offerings SET redundant_router=1 WHERE guest_type="Virtual" AND
system_only=0;

2. System would try to start up two routers at different hosts. But if there is
only one host in the zone, system would start up two routers on it.

3. The failover part is using keepalived, and connection tracking part is using
conntrackd. There would be one master router and one backup router. The status
of router(master or backup) can be query from the database table domain_router
now. Management server would update the status every 30s by default.

4. The routers for the same zone would use same external NIC(same ip and mac).
The script used for fail-over would ensure only one external NIC present in the
network at any time.

5. Currently management server don't got the ability to stop one of router is
both of them reported as master. The feature is in the todo list.

After two routers start up, disconnect anyone of them, the guest network
shouldn't be affected, and established connection(http, ssh, etc.) should still
works. The fail-over on gateway part should be 3~4 seconds.

Currently the patch works with KVM. Would deal with vmware and XenServer soon.
 2011-06-07 14:47:45 -07:00
anthony 37e6ded80c bug 10023: only set ip route for internal DNS 
status 10023: resolved fixed
 2011-05-25 17:39:20 -07:00
Edison Su a13be45f7b bug 8350: 
haproxy tunning:
0. Test case:
   httpd running in 5 user VMs, all of them created on a xenserver host(16 core, 42G memroy, 10G network)
   domR running on an anther host with same hardware configuration.
   test application, ab, running on anther host behind an anther seperate switch
1.haproxy is not a memory intensive app. I can get 4625.96 connection/s with 1G memory. While it's really a CPU intensive app, domR always uses around 100% CPU on the host.
2.By default, you can't get better connection/s rate, because ip_conntrack_max and tw_bucket are too small, you will see the error in domR like:
   "TCP: time wait bucket table overflow" or "nf_conntrack: table full, dropping packet".
  So I increase these numbers to 1000000 from 65536, then I can steadly get around 4600 connection/s when memory is >= 1G.

  Here is the connection per second, tested by "ab -n 1000000 -c 100 http://192.168.170.152:880/test.html"
  domR memory   conn/s
  128M:         3545.55
  256M:         4081.38
  512M:         4318.18
  1G:           4625.96
  7G:           4745.53

3. If I enable notrack for both connections between domr/user vm, and public network, that tell iptable in domR don't track the connection during my test, then I can get better number, around
5800 connections/s. But we can't enable notrack, as iptables is used to track throughput in domR.

4. In a word, with this commit, the connection rate of haproxy can be increased from 1000-2000/s to 4700/s when domR's memory is larger than 1G.

5. How many CPU need to assign to domR to get this number?  Haven't finished yet, as CPU is shared by all the VMs on the host, if other VMs are busy, it will impact the performance of haproxy.
 2011-05-21 21:05:28 -04:00
Chiradeep Vittal 99c8830a2e Update README for building systemvm 2011-05-20 17:52:27 -07:00
Sheng Yang ae1753c997 Revert "Add error check for buildsystemvm.sh" 
This reverts commit a2c7e6f5bf5985d47f9ef25d1569931f28ff4258.
 2011-05-17 14:16:25 -07:00
Sheng Yang 7bdaa210a1 Add error check for buildsystemvm.sh 
set -e can stop the script if something went wrong. set -u can stop on
uninitialized variable reference.
 2011-05-16 13:57:05 -07:00
Abhinandan Prateek 6707048fd5 bug 9869: if several port forwarding rules are deleted in quick succession it makes the router iptables inconsistent 
status 9869: resolved fixed
 2011-05-16 13:49:24 +05:30
Chiradeep Vittal 8ac4605a0f bug 9771: also for vmware 2011-05-12 15:07:16 -07:00
Abhinandan Prateek d8b7f5c19b bug 8115: Source IP filtering in Virtual Router 
status 8115: resolved fixed

Changes to the router firewall.sh patch to add cidrs
 2011-05-12 15:20:00 +05:30
Chiradeep Vittal 515981a436 bug 9544: deal with same ports forwarded from different public ips 
status 9544: resolved fixed
 2011-05-05 16:49:49 -07:00
Frank 3b75abbde7 Fix DomR reply to windows's periodical DNS requirement 2011-04-21 11:23:23 -07:00
Frank 92155522f2 Add license header to files 2011-04-14 11:23:14 -07:00
Kelven Yang 253b8837b4 Fix a problem in userdata.sh to set permissions in .htaccess file, extra quot cause apache internal server error 2011-04-12 14:37:09 -07:00
Chiradeep Vittal 1e6024b83f bug 8959: 1. rp_filter prevents connections that span eth2 and eth3 because of default route 
2. delete before add of default nat rules
status 8959: resolved fixed
 2011-04-04 18:59:40 -07:00
Edison Su 8b3e22e84c enable serial console for system vm, to make debug easier 2011-03-31 19:11:09 -04:00
Edison Su 9854db7dcd bug 8459: acpiphp and pci_hotplug modules need to be auto loaded in domr 
status 8459: resolved fixed
 2011-03-31 19:11:06 -04:00
Murali Reddy 1b251a5fc8 Bug 4061: support for Microsoft Hyper-V changes- part 1 2011-03-30 18:48:51 +05:30
Kelven Yang 342648244d bug 8994: fix issues in userdata.py to support user_data in vmware 2011-03-23 13:34:40 -07:00
alena ec96a9afea Reverted Anthony's checkin for systemVmPatch which he added by mistake. 2011-03-18 18:12:53 -07:00
anthony 2b188b37dd fixed start management server 2011-03-18 16:43:51 -07:00
Chiradeep Vittal 20045b3664 bug 8892: accept nameserver configurations on non-default networks. this is because if dnsmasq sends no nameservers, dhclient deletes all entries from resolv.conf. the MS will send the eth0 ip of the dhcp server / virtual router on the default network as the nameserver on the non-default networks 2011-03-07 17:04:45 -08:00
Chiradeep Vittal a65dd9d9eb Ensure password server is started inside dhcp server system vms 2011-03-02 17:38:38 -08:00
Edison Su 88f3d04eb2 fix dns issue that in direct network mode, user vm can not get domr ip as dns server, then user vm can resolve its hostname, the consequence is that "starting sendmail" is tooo slow 2011-02-15 16:29:57 -05:00
Chiradeep Vittal 10dc1c75d8 bug 8370: pass in original params when calling delete during add 
status 8370: resolved fixed
 2011-02-08 16:41:27 -08:00
Edison Su 99c6d823b0 fix setting port forword rules 2011-02-08 14:50:58 -05:00
Chiradeep Vittal 711c4eeaae bug 8209,8370,8459: cleanup scripting 2011-02-08 12:10:07 -08:00
alena 54236677f3 bug 8419: changed domR password reset script to work with 2.1.x and 2.2 password scripts on userVm side 
status 8419: resolved fixed
 2011-02-07 11:04:55 -08:00
Chiradeep Vittal 6074dcb999 Silence vhd-convert, tell us how long it takes 2011-02-02 12:56:46 -08:00
Chiradeep Vittal d7aa4ef4e2 Add some useful packages to systemvm 2011-02-02 12:56:46 -08:00
alena ff281af035 bug 8253: get_password_from_domr is a part of source code now. It should be located under /usr/bin/ directory on the Management server once cloudstack software is installed 
status 8253: resolved fixed
 2011-02-01 17:40:00 -08:00
Chiradeep Vittal 757bd0b5e4 bug 8254: point save password to right location 2011-01-28 16:01:52 -08:00
Chiradeep Vittal 42f6e21d77 Detect hypervisor more reliably 2011-01-26 15:13:43 -08:00
Kelven Yang 8c77158bb9 fix domR setup issue when interface number is less than 3 2011-01-21 17:42:12 -08:00
Kelven Yang 6fe42d144f remove escapes in awk scripts when it is running inside domR 2011-01-13 14:28:06 -08:00
Chiradeep Vittal 9f9b838c41 Enable daily log of system stats on systemvms 
Fully automate building of systemvm -- no more required to type y to accept sun jre license
install of xenstore utils was broken, fix
 2011-01-13 12:36:38 -08:00
Chiradeep Vittal ffdbab065b bug 7141: rotate standard logs more aggressively 2011-01-13 12:36:38 -08:00
Chiradeep Vittal 1327d6f914 bug 7141: make ppp(vpn) less verbose 2011-01-13 12:36:38 -08:00
Chiradeep Vittal a724d587bf bug 7141: make dnsmasq less verbose 2011-01-13 12:36:38 -08:00
Chiradeep Vittal 8032b2d62a bug 7141: limit apache logs to 5 days 2011-01-13 12:36:38 -08:00
Chiradeep Vittal 17451e1dae bug 7141: cleanup cloudstack logs older than 7 days 2011-01-13 12:36:38 -08:00
Kelven Yang 55f28c3a2b Network Usage for vmware 2011-01-13 11:24:15 -08:00
Chiradeep Vittal b00e2f734e Automate vmware systemvm appliance generation 2011-01-12 17:31:39 -08:00
Chiradeep Vittal 1934e79900 bug 7141: rotate logs 2011-01-12 17:31:39 -08:00
Chiradeep Vittal 6ecbbe0b37 Add logrotate for dnsmasq and haproxy 2011-01-12 17:31:39 -08:00
Chiradeep Vittal ca2d32ad44 initial debian config for logging 2011-01-12 17:31:38 -08:00
nit 6850a0ae9a bug 7519 : Opening eth2 for public traffic on ssvm. Implementing the ip firewall for zone to zone copy in the Apache layer. Disabling directory listing for extract server root. 2011-01-11 20:05:35 +05:30
Chiradeep Vittal adfc5c06a6 Use global for release 2011-01-07 15:55:17 -08:00
Edison Su d33d61b1b4 fix default gw one more time... 2011-01-07 08:40:22 -05:00
Edison Su a0ce28b769 one more fix for router gw, and rhel build 2011-01-07 08:27:24 -05:00
Edison Su 4a409200dc fix build for rhel6 and fix router default gw 2011-01-07 08:02:15 -05:00
Chiradeep Vittal dd3f184d0e bug 7790: do not set default route in some cases 2010-12-30 18:27:18 -08:00
Chiradeep Vittal c9c08a3ff8 bug 7790: do not set default route in some cases 2010-12-30 18:25:39 -08:00
anthony 3ac9397d74 add vhd-util which comes from xen-4.0.0/tools/blktaps/vhd, it doesn't check timestamp 2010-12-22 19:54:36 -08:00
edison b49503064a bug 7518: disable nfs-common for router/console 
status 7518: resovled fixed
 2010-12-15 11:35:52 -08:00
Kelven Yang 1689ed8150 1) Add vmwapre library jars to deps and purposely left vmware-axis.jar behind to use cloud-axis.jar instead, this is to solve the conflict between iControl.jar 
2) Fix issues in setting user_data python implementation for vmware
 2010-12-11 11:08:39 -08:00
Frank Zhang 44ad8d1d67 remove wscript_build from patches/ 2010-12-04 23:03:24 -08:00
abhishek 1aee756184 bug 7345: During the expunge operation, we were not calling the deleteipforwardingrule method, for a rule which was static nat. Adding that logic. Also, making a change in the domr script as we do not need to execute a line on deletion of a rule 
status 7345: resolved fixed
 2010-11-30 10:07:10 -08:00
edison 97efc6671f bug 7294: disable rp_filter for cpvm&ssvm 
status 7294: resolved fixed
 2010-11-22 23:27:25 -08:00
Chiradeep Vittal 8e4f05075b IPSec NETKEY requires no redirects 2010-11-18 18:38:29 -08:00
Chiradeep Vittal c53e165eaa bug 6971: bring back l2tp port 1701 2010-11-18 14:06:01 -08:00
Chiradeep Vittal de49fbad6f 1-1-NAT feature broke regular NAT, fixing 2010-11-18 14:05:03 -08:00
Chiradeep Vittal 796f295194 Log actions to /var/log/cloud.log 2010-11-18 14:05:03 -08:00
Kelven Yang 5490577469 1) Remove forwarding between eth1 and eth2 as it does not solve the problem of asymmetic routing 
2) correct Eclipse project settings
3) If VM is hosted by vmware hypervisor, give the previous host preference to start on to fit VMware's VM-centric model
 2010-11-17 15:55:04 -08:00
Chiradeep Vittal 31e17b907d bug 6971: ensure no conflicts with portforwarding rules for vpn udp ports 
also, do not open up port 1701 -- only used on ppp interface not public interface
also clean up password generator, make it easier to use and more secure
moved some constants to NetUtils
heuristic to determine if an ip is one-to-one nat'ted
 2010-11-17 15:32:50 -08:00
abhishek 1faaba8fb0 fixed a corner case; also changed the commands to be async and changed the method signatures to conform with the master refactor 2010-11-11 13:07:26 -08:00
abhishek 239942bbe1 refactored all the commands to cater to keshav's needs, and added the new apis. the initial set of testing is complete, will now focus on corner cases 2010-11-11 13:07:26 -08:00
Kelven Yang 4e7870aea1 remove a python log statement from userdata.py 2010-11-10 14:51:13 -08:00
Kelven Yang 9b1d0a7054 allow cross-forwarding of traffic between private/public interface in domR 2010-11-08 14:58:23 -08:00
Kelven Yang e02a8c9d9f Support for Chiradeep's new template 2010-11-05 18:37:29 -07:00
Chiradeep Vittal 6ca2f67f8c add vpn scripts into signature determination, make release a variable 2010-11-05 14:28:36 -07:00
Chiradeep Vittal f4e2631dbe bug 6989: prettify 2010-11-04 15:06:09 -07:00
Chiradeep Vittal 75ff09167e bug 6989: always return success inside remove script 2010-11-04 15:06:08 -07:00
Chiradeep Vittal 72799cbbab master converter: raw -> vhd, qcow2, vmdk + compress + generate md5sum 2010-11-03 14:15:11 -07:00
Chiradeep Vittal 5732e42fd1 fix typo, add tdb tool to read ppp database 2010-11-03 14:06:23 -07:00
Chiradeep Vittal e1cb94831f VPN users feature complete 2010-11-03 14:02:13 -07:00
Chiradeep Vittal 1e0eb04442 Add VPN apis, some systemvm changes for vpn 2010-11-01 10:27:49 -07:00
Kelven Yang 1c702a1d69 1) As the lack of dom0 scripting support in vmware hyperviors, domR, and other system VM will fall back to private network interface instead of link local interface, accordingly, 
domR scripting will be running directly inside domR and be driven from management server instead of dom0 host
2) firewall/sshd setting changes for #1
 2010-10-21 21:46:41 -07:00
Chiradeep Vittal 00722aea65 format conversion utilities 2010-10-21 12:25:30 -07:00
Chiradeep Vittal ee818c23e1 apache2 config -- listen interface based on type 2010-10-21 11:41:19 -07:00
Chiradeep Vittal ccd39e88f6 add xs-tools scripts 2010-10-21 11:41:18 -07:00
Chiradeep Vittal 580412fd2a add vpn, monit vmware tools, xenserver tools, refactor 2010-10-21 11:41:18 -07:00
Kelven Yang c5116b5e07 add and modify ipassoc.sh to domR, let it run within domR for vmware support 2010-10-21 10:41:41 -07:00
Kelven Yang 58cc90c10f 1) Modify domain router manager to support vmware 
2) Add python and shell scripts for domr to support vmware
 2010-10-20 18:49:18 -07:00
anthony 121d29211e update new keypair 2010-10-15 15:50:53 -07:00
Kelven Yang f6e0d2dd41 Make system VM work on vmware 2010-10-14 17:23:13 -07:00
edison 3028dab141 fix systemvm template in direct attached mode, guest vm can't get gateway and dns server 2010-10-07 16:32:46 -07:00
edison 139ff273ff fix systemvm template for kvm, using chiradeep's latest debian template 2010-10-05 20:41:39 -07:00
edison e67e7d0e7b remove patches/systemv, and mv tools/systemvm into patches 2010-10-05 20:41:39 -07:00
kishan 46677c9767 Bug 6175: clear rules when pub interface is remove 2010-09-17 12:24:51 +05:30
Alex Huang 7249f168d5 more file changes 2010-09-09 13:27:20 -07:00
Manuel Amador (Rudd-O) b0acdbcf8b Split out build responsibility into per-project wscript_build files. Installation of generic directories like bindir, and creation of systemvms, remain in toplevel wscript_build. Make some waf code useful and reusable in the form of tools. 2010-08-31 20:40:17 -07:00
anthony 56b33b578c bug 5944: add basical vhd file check 
status 5994: resolved fixed
 2010-08-31 19:44:18 -07:00
anthony b57d3e282d bug 6064: doesn't set GATEWAYDEV if eth2 is not set 
status 6064: resolved fixed
 2010-08-31 17:38:26 -07:00
anthony 8c806f6dad if domr serves as dhcpsrvr, consider it as type domr 2010-08-31 15:32:29 -07:00
anthony 7882d2ad59 if eth1 and eth2 in CP/SS VM are in same network, set default gateway on eth2, 2010-08-30 19:43:29 -07:00
Anthony Xu d72e0538da Revert "Revert "use iso to patch systemvm"" 
This reverts commit 145e2e0aaa.
 2010-08-26 16:06:28 -07:00
Anthony Xu 145e2e0aaa Revert "use iso to patch systemvm" 
This reverts commit 3565f8d21b.
 2010-08-26 16:03:34 -07:00
root 3565f8d21b use iso to patch systemvm 
Conflicts:

	core/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
	scripts/vm/hypervisor/xenserver/xenserver56/patch
 2010-08-26 15:56:02 -07:00
Manuel Amador (Rudd-O) 05c020e1f6 Source code committed 2010-08-11 09:13:29 -07:00