etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,759 Commits 330 Branches 325 Tags 855 MiB
Commit Graph

936 Commits

Author SHA1 Message Date
keshav 2e87fcb06d Support for inline SRX/F5. 2011-09-07 14:15:27 -07:00
Chiradeep Vittal fbfb1b8f5b move interval to listener -- allows it to be configurable if needed 2011-09-07 13:58:49 -07:00
Chiradeep Vittal 3f9922ca01 Add more detail when unable to schedule cleanup 2011-09-07 13:58:49 -07:00
Chiradeep Vittal 9b75fab343 Retry only a few times 2011-09-07 13:58:49 -07:00
Chiradeep Vittal 3403ccdaf1 change some logs to debug level 2011-09-07 13:58:49 -07:00
Chiradeep Vittal 13f416698a fix merge problem 2011-09-07 13:58:49 -07:00
Chiradeep Vittal 2027049fd6 if the xenserver host cannot do bridge firewalling do not attempt to retry the security rule updat 2011-09-07 13:58:49 -07:00
Chiradeep Vittal cdbfb5fb0b added a few more dangerous JMX operations 2011-09-07 13:58:48 -07:00
Chiradeep Vittal 549749a2d7 Add ability to trigger ruleset updates from JMX 2011-09-07 13:58:48 -07:00
Chiradeep Vittal 65414903b7 Add the ability to disable some vms from being scheduled 2011-09-07 13:58:48 -07:00
Chiradeep Vittal 1ddda37e13 enable logging of the management server id 2011-09-07 13:58:48 -07:00
Chiradeep Vittal 78ded9c78e jconsole doesn't understand Ternary 2011-09-07 13:58:48 -07:00
Chiradeep Vittal 3c5becbd95 Enable monitoring over JMX 2011-09-07 13:58:48 -07:00
Chiradeep Vittal d531f3af29 Dequeue the vm with the largest id first -- this ensures that newly started vms get updated early 2011-09-07 13:58:48 -07:00
Chiradeep Vittal b0be029cb2 Retry 3 times on deadlock: if not updated, then throw a runtime exception to roll back the vm start 2011-09-07 13:58:48 -07:00
Chiradeep Vittal b7c1296534 make signature calculation consistent across management servers 2011-09-07 13:58:48 -07:00
Chiradeep Vittal 4b11e5e508 retry a transaction if it deadlocks 2011-09-07 13:58:48 -07:00
Chiradeep Vittal c504ce1aaf if true, this could lead to the dog chasing its own tail 2011-09-07 13:58:47 -07:00
Chiradeep Vittal 8006ed159b only update sequence number when asked to. full sync SHOULD NOT request sequence number updates since this will lead to the dog chasing its own tail 2011-09-07 13:58:47 -07:00
Chiradeep Vittal ed666cb01a Avoid going back to the nics table for information we already have 2011-09-07 13:58:47 -07:00
Chiradeep Vittal 2611d1d61f thread.yield() to attempt to induce deadlocks only 2011-09-07 13:58:47 -07:00
Chiradeep Vittal 46200d122e try using multi inserts to overcome deadlock during batch update 2011-09-07 13:58:47 -07:00
Chiradeep Vittal 3c45a7a195 Reduce batch size to 16 to avoid sql errors 2011-09-07 13:58:47 -07:00
Chiradeep Vittal d6448d9fb8 useful logging 2011-09-07 13:58:47 -07:00
Chiradeep Vittal c5fea7a03c use the new implementation of SG manager 2011-09-07 13:58:47 -07:00
Chiradeep Vittal 8c6fe3a9af Use hashset since it is 50% faster. we can use treeset when we support priority 2011-09-07 13:58:47 -07:00
Chiradeep Vittal ed867d0799 unnecessary statement 2011-09-07 13:58:46 -07:00
Chiradeep Vittal 0cc3a1e3f8 WIP: implement a queue where inserting a job for an existing vm does not create a new job 2011-09-07 13:58:46 -07:00
Chiradeep Vittal 6465ccff1b WIP : memory based queueing 2011-09-07 13:58:46 -07:00
Chiradeep Vittal fc274739f0 bug 10997: unnecessary database operation 2011-09-07 13:58:46 -07:00
Chiradeep Vittal 5172272d99 bug 10997: No need to go further when we don't have a proper job to process 2011-09-07 13:58:46 -07:00
Alex Huang 3a087c2e62 schedule the work after transaction 2011-09-07 13:58:46 -07:00
Alex Huang 47957c85d9 missed one file 2011-09-07 13:58:46 -07:00
Alex Huang 0900b232fc one big transaction to see if it's any faster 2011-09-07 13:58:45 -07:00
kishan 3a6c226bc9 bug 11345: Compare current and previous network stats before updating. Ignore stats if the current stats are not same as the prev stats. Set NetworkUsageAnswer log level to debug 2011-09-07 13:16:11 +05:30
alena 03958369e0 bug 11331: allow extending vnet range as a part of updateZone call 
status 11331: resolved fixed
 2011-09-06 17:41:38 -07:00
Sheng Yang 5e450e9852 bug 11305: Stop disconnected redundant virtual router if we can process with the connected one 
When we apply rules or start new VM, we may encounter some running routers that
we can't program. That can due to network issue or host is down or vCenter is
disconnected, etc. To keep the synchronization, we would stop them, but only
when there is the other router we've successfully updated. If both routers are
unable to communicate with, we simply give up and report it user.
 2011-08-31 19:15:38 -07:00
alena 60ce12b892 Fixed multipe problems in account cleanup process: 
* don't try to delete the template when it's already removed
* no need to perform permission check when deleteFirewallRule is called by System (as a part of cleanupAccount process for instance)
 2011-08-30 11:22:56 -07:00
alena 5e28e5e3f1 Fixed the bug when networkRate for the domR's guest network wasn't taken from the service offering 2011-08-30 10:40:54 -07:00
Naredula Janardhana Reddy 701ddbfc1d bug 11253: 
Added New value "link-local"  to  global config network.loadbalancer.haproxy.stats.visibility . With this change it can take new parameter "link-local" value apart from the existing 3 values global,guest-network,disabled.
       global -  stats visible from public network
       guest-network - stats visible only to guestnetwork.
       link-local - stats visible only to link local network
       disabled - stats disabled.
 2011-08-26 15:25:45 +05:30
alena 1ea383e96f bug 11260: Take networkRate for domR's guest and public interface from the corresponding system service offering 2011-08-25 14:13:23 -07:00
alena e902599847 bug 11185: support multiple CIDR on overlapping port ranges for firewall rules 
status 11185: resolved fixed

Conflicts:

	server/src/com/cloud/network/firewall/FirewallManagerImpl.java
 2011-08-25 12:06:28 -07:00
alena 488b995299 bug 11236: domainAdmin/regularUser can edit/delete/copy/extract Public template/iso only if it was created by them. They still can use/see public template/iso when execute list/deploy/attachIso commands. Root admin can operate with other people templates w/o any restrictions. 
status 11236: resolved fixed
 2011-08-24 14:48:22 -07:00
alena 524ed0b15c bug 11060: use lockTable instead of rowLock when createDomR/createDhcp 
status 11060: resolved fixed
 2011-08-24 11:01:02 -07:00
Naredula Janardhana Reddy 0e4de58d4e bug 11191: 
Added global config to enable/disable rp_filter for domR.
   previous commit: d966906374d4a0cb8fa57326a1f7625c871f64fd

   Test Case-1 :
      1) Set network.disable.rpfilter  global config to true
      2) Restart the domR
      3) check the settings reflected in proc filesystem
           - for public interface like eth2,eth3 : /proc/sys/net/ipv4/conf/eth2/rp_filter should have 0 , and rest other interfaces should have value of 1
   Test Case-2 :
      1) set network.disable.rpfilter global config to false
      2) Restart the domR
      3) check the settings reflected in proc filesystem
           - for public interface like eth2,eth3 : /proc/sys/net/ipv4/conf/eth2/rp_filter should have 1 , and rest other interfaces should also have value of 1
 2011-08-24 13:36:43 +05:30
Naredula Janardhana Reddy b78f66f597 bug 11191: Added global config to disable/enable rp_filter for domR(public interfaces) 2011-08-24 13:36:16 +05:30
frank ca7fb65ca2 full opensource 2011-08-23 19:23:49 -07:00
Sheng Yang f5e939b4a5 bug 11214: Don't try to start the running router again 
It's very like caused by StartRouterCmd sent to the running router. I can
reproduce it by issue a StartRouterCmd to a running redundant router. And this
patch should the following exception:

Exception: com.cloud.exception.ResourceUnavailableException: Resource
[VirtualNetworkApplianceManagerImpl$$EnhancerByCGLIB$$565b4d45:0] is
unreachable: There are already two redundant routers with IP 10.91.32.126, they
are r-5-VM(5) and r-4-VM(4)

status 11214: resolved fixed
 2011-08-23 18:20:28 -07:00
Sheng Yang 4bdd56a63e Add more debug info 2011-08-23 17:59:38 -07:00
alena ac47c87c40 bug 11204: when search for domR/dhcp, include Role to the corresponding search to eliminate getting "LB" network element in the response 
status 11204: resolved fixed
 2011-08-23 12:00:50 -07:00
alena eb2351fd5d Fixed listNetwork by id 2011-08-23 01:06:06 -07:00
alena 20a518f3ac Fixed security issue in listNetworks 2011-08-22 10:50:30 -07:00
frank 18f87c2108 Merge branch 'cvm' into 2.2.y 
Conflicts:
	api/src/com/cloud/api/BaseCmd.java
	cloud.spec
	core/src/com/cloud/storage/template/DownloadManagerImpl.java
	server/src/com/cloud/agent/manager/AgentManagerImpl.java
	server/src/com/cloud/configuration/DefaultComponentLibrary.java
	server/src/com/cloud/deploy/FirstFitPlanner.java
	server/src/com/cloud/host/dao/HostDao.java
	server/src/com/cloud/network/security/SecurityGroupListener.java
	server/src/com/cloud/storage/StorageManagerImpl.java
	server/src/com/cloud/storage/listener/StoragePoolMonitor.java
	server/src/com/cloud/vm/UserVmManagerImpl.java
	server/src/com/cloud/vm/VirtualMachineManagerImpl.java
	utils/src/com/cloud/utils/SerialVersionUID.java
 2011-08-19 16:08:35 -07:00
Sheng Yang a961dd913f Update redundant router status even router is down 
We need to update the status to UNKNOWN if router is down(also ensure we can't
contact the router if the state is Stopped in our database).
 2011-08-18 22:51:13 -07:00
alena 0cdb67fdc7 bug 11167: no need to lock account when create security group to ensure that the group name is unique for account. If group already exists in the db, and we try to persist it again, mysql constraint (groupName, accountId) will fail and exception will be thrown. 
status 11167: resolved fixed
 2011-08-18 10:16:20 -07:00
alena c82a373327 Defined missing length field for VO classes 2011-08-17 15:10:07 -07:00
Sheng Yang b10f560be5 Fix NPE when a router is fail to start 
Also enforce the check for restartNetworkCommand
 2011-08-16 11:43:36 -07:00
alena 5fd0ff5610 Added missing license headers 2011-08-15 14:24:28 -07:00
alena 8f3e83d2bc bug 10567: In Basic zone, throw an exception with Pod scope when vm failed to be added to the network - so we retry to start it in a different pod 2011-08-15 11:20:45 -07:00
Sheng Yang d1721669ea bug 11122: Fix router startup 
The new created router got hostId = 0.

status 11122: resolved fixed
 2011-08-15 10:21:20 -07:00
Sheng Yang 23674a5386 bug 11105: Fix router with disconnected host 
We keep the stopped router there, but continue with the ones we can use.

status bug 11105: resolved fixed
 2011-08-15 10:20:34 -07:00
alena 05713a20e8 bug 11114: when release static nat as a part of vm expunge, do searchIncludingRemoved in nics table as the nics are marked as Removed before static nat is released 
status 11114: resolved fixed
 2011-08-15 10:18:45 -07:00
alena 47e8d2b29c Fixed error message 2011-08-15 10:18:44 -07:00
alena d8a9612ef7 Remove firewall rule along with pf/staticNat/lb rule if the pf/staticNat/lb failed to create due to network rule conflict 2011-08-15 10:18:44 -07:00
alena 891f02f4d4 Resend firewall rules on domR restart 2011-08-15 10:18:10 -07:00
Naredula Janardhana Reddy c63f9fbca2 bug 10561: allowing to create a firewall rule with sameport range but different protocols 2011-08-15 10:18:10 -07:00
alena 803255b0ba bug 11029: db upgrade from 2.2.9 to 2.2.10 includes firewall_rule upgrade now 
status 11029: resolved fixed

Commit also includes the following:

* map firewall rule to pf/lb/staticNat/vpn when the firewall rule is created as a part of pf/lb/staticNat/vpn rule creation
* when delete firewall rules, also delete related firewall rule
 2011-08-15 10:18:09 -07:00
Sheng Yang 08a2f30785 bug 11122: Fix router startup 
The new created router got hostId = 0.

status 11122: resolved fixed
 2011-08-13 00:15:53 -07:00
Sheng Yang ee90c51a77 bug 11105: Fix router with disconnected host 
We keep the stopped router there, but continue with the ones we can use.

status bug 11105: resolved fixed
 2011-08-12 19:15:52 -07:00
Sheng Yang 932f8a7144 Add alert and log for redundant router state change 2011-08-11 23:37:01 -07:00
Sheng Yang 23e6b96c98 Redundant router script fix, also fix CheckRouterTask 2011-08-11 17:57:00 -07:00
Chiradeep Vittal d7f332d16b do not release ip for advanced networking / regular LB usage 2011-08-11 17:42:50 -07:00
Chiradeep Vittal 51af0db682 mass merge 2.2.10 2011-08-11 16:41:52 -07:00
alena 5080e8ba33 No need to apply static nat for ip which is not static nat enabled 2011-08-11 16:00:16 -07:00
Sheng Yang b63b3fcf05 Skip the null Host for CheckRouterTask 2011-08-11 14:29:49 -07:00
alena 10034bc196 Fixed rule validation for static nat rules 2011-08-11 14:03:49 -07:00
Sheng Yang d6e99567ce Skip the null Host for CheckRouterTask 2011-08-11 13:22:31 -07:00
Sheng Yang 0f0d705ae0 Fix redundant router switch back to single router 
The existed redundant router network didn't change.
 2011-08-11 12:49:26 -07:00
Sheng Yang f28291cedb Fix redundant router switch back to single router 
The existed redundant router network didn't change.
 2011-08-11 12:48:56 -07:00
alena 477e5d6389 bug 10561: reapply static nat on the backend as a part of domR restart and network restart 2011-08-11 11:19:09 -07:00
alena 278f2a401f bug 10561: intermediate checkin for enable/disableStaticNat. 
1) On enableStaticNat command we actually send the command to the backend (we used to just upgrade the DB in the past). The backend command carries sourceIp and destIp, and creates IP to IP mapping on the domR.
2) On disableStaticNat for the Ip address in addition to cleaning up port ranges, we also delete IP to IP mapping on the domR.
 2011-08-11 10:19:22 -07:00
Chiradeep Vittal 17a8234140 should be able to apply firewall rules to static natted ips 2011-08-10 22:53:07 -07:00
Chiradeep Vittal b33f08053c bug 11072: one more 2011-08-10 22:04:21 -07:00
Chiradeep Vittal 375da4da1a bug 11072: icky icky icky 2011-08-10 20:40:13 -07:00
alena e874109839 bug 11071: when elb service is enabled, don't check supported protocols as the provider is NULL in data_center table 
status 11071: resolved fixed
 2011-08-10 19:25:04 -07:00
alena 0805dbd3fb Fixed rule validation for ICMP protocol 2011-08-10 19:11:26 -07:00
alena 13a9c1d589 Fixed capability check in rule validation 2011-08-10 18:23:13 -07:00
Sheng Yang 81a6de4eb7 Fix existed single router network after enable redundant router feature 2011-08-10 18:08:05 -07:00
Sheng Yang 8c70e06572 Fix existed single router network after enable redundant router feature 2011-08-10 18:07:42 -07:00
alena 3c29f00de1 bug 11013: Basic zone setup - pass domRs from other pods to addVirtualMachineToNetwork() method only when network.dns.basiczone.updates is set to "all" 
status 11013: resolved fixed
 2011-08-10 16:03:48 -07:00
Sheng Yang a9fd65b9c3 Clean up restart Network 2011-08-10 15:02:48 -07:00
Sheng Yang 18f2df44a1 Clean up restart Network 2011-08-10 15:02:08 -07:00
Sheng Yang 16119d5cac Clean up VirtualRouterElement.restart() 2011-08-10 13:23:52 -07:00
Sheng Yang bcf5058eda Clean up VirtualRouterElement.restart() 2011-08-10 13:23:30 -07:00
alena 956445960a Throw ResourceUnavailableException when rules/ips fail to apply on the backend 2011-08-10 12:56:25 -07:00
alena fe3dd44bec ICMP protocol is supported in createFirewallRule command only; throw an error if specified in createPF/StaticNat/LB rule 2011-08-10 12:56:25 -07:00
Sheng Yang e1de9f5bec bug 11021: Add ReservationStrategy.Managed to prevent sourceNat from release 
status 11021: resolved fixed
 2011-08-10 12:52:19 -07:00
Sheng Yang 58a13c0d5a bug 11021: Add ReservationStrategy.Managed to prevent sourceNat from release 
status 11021: resolved fixed
 2011-08-10 12:51:43 -07:00
Sheng Yang 87041202c0 bug 11045: Fix exception exit of CheckRouterTask 
Catch all the exception and come back to work.

status 11045: resolved fixed
 2011-08-10 12:05:44 -07:00
Sheng Yang 6e0eeb132e bug 11045: Fix exception exit of CheckRouterTask 
Catch all the exception and come back to work.

status 11045: resolved fixed
 2011-08-10 12:05:22 -07:00