commit 7ce45ea108
Author: Koushik Das <koushik.das@citrix.com>
Date: Mon Apr 15 18:36:33 2013 +0530
Fixed indentation and line ending
commit 0232048f90
Merge: 735c4c897911e9
Author: Koushik Das <koushik.das@citrix.com>
Date: Mon Apr 15 17:05:59 2013 +0530
Merge branch 'master' into cisco-vnmc-api-integration
Conflicts:
api/src/org/apache/cloudstack/api/ApiConstants.java
client/tomcatconf/commands.properties.in
setup/db/db/schema-410to420.sql
tools/marvin/marvin/integration/lib/base.py
commit 735c4c8955
Author: Koushik Das <koushik.das@citrix.com>
Date: Mon Apr 15 15:20:37 2013 +0530
Fixed unit tests based on recent changes in the Vnmc resource code
commit f166f2d0bf
Author: Koushik Das <koushik.das@citrix.com>
Date: Mon Apr 15 14:50:25 2013 +0530
added tests to register vnmc and asa appliance in cloudstack
commit f38be4810e
Author: Koushik Das <koushik.das@citrix.com>
Date: Mon Apr 8 18:42:06 2013 +0530
Removed unwanted files
commit 902ce426c1
Author: Koushik Das <koushik.das@citrix.com>
Date: Mon Apr 8 17:59:30 2013 +0530
Fixed auto-wiring of components for Cisco Vnmc
commit 08467ee307
Author: Koushik Das <koushik.das@citrix.com>
Date: Mon Apr 8 16:04:54 2013 +0530
Fixed compilation issues, incorrect merges from last commit
commit 67f11d46ad
Merge: 3422ceec9c68e1
Author: Koushik Das <koushik.das@citrix.com>
Date: Mon Apr 8 15:11:10 2013 +0530
Merge branch 'master' into cisco-vnmc-api-integration
commit 3422ceefb6
Author: Koushik Das <koushik.das@citrix.com>
Date: Mon Apr 8 14:42:32 2013 +0530
Correctly associating nat, acl policy sets to edge security profile in VNMC
commit 9c1e193fca
Author: Koushik Das <koushik.das@citrix.com>
Date: Sun Apr 7 21:22:22 2013 +0530
Passing correct subnet mask while creating edge firewall in VNMC
commit 05e3d04b55
Author: Koushik Das <koushik.das@citrix.com>
Date: Tue Apr 2 17:50:57 2013 +0530
Added changes related to icmp
commit bcecb589de
Author: Koushik Das <koushik.das@citrix.com>
Date: Mon Apr 1 13:57:21 2013 +0530
Some xml file renames
commit 9c1ee93f2e
Author: Koushik Das <koushik.das@citrix.com>
Date: Sat Mar 30 15:54:25 2013 +0530
Fixed PF and static NAT rule creation in VNMC
commit 7e6159fa05
Author: Koushik Das <koushik.das@citrix.com>
Date: Wed Mar 27 18:53:49 2013 +0530
Added more unit tests for Cisco Vnmc element
commit fc0ed9adb6
Author: Koushik Das <koushik.das@citrix.com>
Date: Wed Mar 27 16:48:28 2013 +0530
Cleaning up VNMC config as part of network shutdown
commit 5a427d48e2
Author: Koushik Das <koushik.das@citrix.com>
Date: Wed Mar 27 02:22:54 2013 +0530
Added unit test for Vnmc network element implement() method
commit 48cbf34d3b
Author: Koushik Das <koushik.das@citrix.com>
Date: Wed Mar 27 02:20:45 2013 +0530
Passing correct gateway ip while creating vservice node and guest port profile in Nexus
commit 2c386c61ef
Author: Koushik Das <koushik.das@citrix.com>
Date: Fri Mar 22 13:50:52 2013 +0530
Nexus 1000v fix
commit 4d2168bfa9
Author: Koushik Das <koushik.das@citrix.com>
Date: Fri Mar 22 00:30:01 2013 +0530
Egress firewall rule
commit e81ab3a2f4
Author: Koushik Das <koushik.das@citrix.com>
Date: Thu Mar 21 10:50:29 2013 +0530
More tests for VnmcResource class
commit 9e9c179212
Author: Koushik Das <koushik.das@citrix.com>
Date: Thu Mar 21 00:25:10 2013 +0530
Fixed build issue from master merge
commit f0c1af2b5c
Merge: 4f305c2873ec27
Author: Koushik Das <koushik.das@citrix.com>
Date: Wed Mar 20 16:20:10 2013 +0530
Merge branch 'master' into cisco-vnmc-api-integration
Conflicts:
api/src/com/cloud/network/Network.java
api/src/org/apache/cloudstack/api/ApiConstants.java
client/tomcatconf/components-nonoss.xml.in
client/tomcatconf/nonossComponentContext.xml.in
plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/manager/VmwareManagerImpl.java
plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
setup/db/db/schema-410to420.sql
vmware-base/src/com/cloud/hypervisor/vmware/mo/HypervisorHostHelper.java
commit 4f305c2beb
Author: Koushik Das <koushik.das@citrix.com>
Date: Wed Mar 20 15:09:34 2013 +0530
Initial set of tests, will add more in subsequent commits
commit 50bfcc1f75
Author: Koushik Das <koushik.das@citrix.com>
Date: Wed Mar 20 15:02:14 2013 +0530
Updated pom to copy xmls to target location during build
commit 45bc92b826
Author: Koushik Das <koushik.das@citrix.com>
Date: Wed Mar 20 14:58:59 2013 +0530
Fixed cpmpilation issue as missed out adding this file
commit 2ce7cdc756
Author: Koushik Das <koushik.das@citrix.com>
Date: Sun Mar 17 17:02:25 2013 +0530
Creating vservice node and associating it with port profile in nexus for guest VMs
commit 387545caff
Author: Koushik Das <koushik.das@citrix.com>
Date: Sat Mar 16 11:14:43 2013 +0530
Added license headers to XML files
commit 43e2997421
Author: Koushik Das <koushik.das@citrix.com>
Date: Wed Mar 13 11:51:59 2013 +0530
Changes related to instantiating the dao components
commit 99e88ecbf9
Author: Koushik Das <koushik.das@citrix.com>
Date: Tue Mar 12 23:40:35 2013 +0530
Fix build errors after merge from master
commit 7c20b120c2
Author: Koushik Das <koushik.das@citrix.com>
Date: Tue Mar 12 23:31:46 2013 +0530
Fixing poms and other xmls
commit ee868759a8
Merge: 9c94b6da1b33ca
Author: Koushik Das <koushik.das@citrix.com>
Date: Tue Mar 12 14:44:59 2013 +0530
Merge branch 'master' into cisco-vnmc-api-integration
Conflicts:
api/src/com/cloud/network/Network.java
api/src/org/apache/cloudstack/api/ApiConstants.java
plugins/pom.xml
setup/db/create-schema.sql
commit 9c94b6d231
Author: Koushik Das <koushik.das@citrix.com>
Date: Fri Mar 8 22:20:23 2013 +0530
Fixed XML to create static route in VNMC correctly
commit ef069b3323
Author: Koushik Das <koushik.das@citrix.com>
Date: Fri Mar 8 15:26:26 2013 +0530
Added logic for revoking ACL, PF and Static NAT rules
commit 4c65b70668
Author: Koushik Das <koushik.das@citrix.com>
Date: Fri Mar 8 13:51:37 2013 +0530
Renamed delete-acl-rule -> delete-rule
commit aa94eca516
Author: Koushik Das <koushik.das@citrix.com>
Date: Fri Mar 8 00:38:52 2013 +0530
- Creating static routes in VNMC as part of edge firewall configuration
- Passing order parameter while creating rules so that they are evaluated in a specific order
- Added methods in VnmcResource for listing acl policies and rules belonging to variouos policies. This is used to compute order while creation of various rules in VNMC
commit cc824e8585
Author: Koushik Das <koushik.das@citrix.com>
Date: Thu Mar 7 12:16:29 2013 +0530
Adding appropriate ACL rules for PF and static NAT
commit fb23c50365
Author: Koushik Das <koushik.das@citrix.com>
Date: Fri Mar 1 17:21:45 2013 +0530
Added logic for deleting various VNMC artifacts. Added/updated relevant xmls as well.
commit 970c21a9a3
Author: Koushik Das <koushik.das@citrix.com>
Date: Fri Mar 1 01:54:10 2013 +0530
Added implementation for delete of asa and vnmc apis
commit 22e1455142
Author: Koushik Das <koushik.das@citrix.com>
Date: Fri Mar 1 01:19:43 2013 +0530
List asa api to return guest network if associated. From this it can be inferred if asa is available or not
commit 32223736c9
Author: Koushik Das <koushik.das@citrix.com>
Date: Fri Mar 1 00:50:55 2013 +0530
Added Vmware cluster info along with asa1kv appliance.
This is used to select the correct n1kv vsm for configuring the guest network
commit deed3cc951
Author: Koushik Das <koushik.das@citrix.com>
Date: Mon Feb 25 18:03:59 2013 +0530
Added support for static NAT rules.
- Xmls for creating static nat rules in VNMC
- applyStaticNats implementation in VNMC network element
- handler for static nat in resource class
commit 681f0b7b50
Author: Koushik Das <koushik.das@citrix.com>
Date: Mon Feb 25 10:44:13 2013 +0530
Added implementation for firewall and port forwarding rules in Cisco VNMC element class
commit 66b01a6589
Author: Koushik Das <koushik.das@citrix.com>
Date: Fri Feb 22 19:19:44 2013 +0530
VNMC xml for deleting NAT policy
commit 5d98686768
Author: Koushik Das <koushik.das@citrix.com>
Date: Fri Feb 22 19:16:41 2013 +0530
Added support for PF/DNAT rules.
Created methods in VNMCConnection class to create PF rules. Also moved out common code for PF and source NAT in methods.
Updated the corresponding VNMC resource class.
commit 8db2fbeb8f
Author: Koushik Das <koushik.das@citrix.com>
Date: Fri Feb 22 18:21:45 2013 +0530
Added xml for creating NAT policy set in VNMC
commit f2da0d50ca
Author: Koushik Das <koushik.das@citrix.com>
Date: Fri Feb 22 18:17:53 2013 +0530
Added VNMC XMLs for supporting PF/DNAT rules.
Also moved out some XMLs related to source NAT to common files so that these can be used for both source NAT and DNAT
commit 124a48819d
Author: Koushik Das <koushik.das@citrix.com>
Date: Thu Feb 21 17:53:12 2013 +0530
Separated out creation of ACL policy set and policy in VNMC
commit 1e38515f35
Author: Koushik Das <koushik.das@citrix.com>
Date: Thu Feb 21 11:54:44 2013 +0530
Added changes to create ingress fw rules in VNMC
commit cb2fba9e7c
Author: Koushik Das <koushik.das@citrix.com>
Date: Thu Feb 14 16:23:05 2013 +0530
Source NAT in VNMC
commit 720fe2f908
Author: Koushik Das <koushik.das@citrix.com>
Date: Wed Feb 13 14:16:47 2013 +0530
Fix Vnmc test file
commit d6dbe790c6
Author: Koushik Das <koushik.das@citrix.com>
Date: Wed Feb 13 12:07:03 2013 +0530
Added db. tables for asa1kv devices and their mapping with guest network
commit 3fd7e30f6e
Author: Koushik Das <koushik.das@citrix.com>
Date: Wed Feb 13 11:52:12 2013 +0530
Changes:
- Added implementation for add/list asa1kv APIs
- Added agent command for associating asa1kv appliance with logical edge firewall in VNMC
- Added handler for the above agent command in VNMC resource class
- Updated VNMC element class to support the above
commit d08e2a1faf
Author: Koushik Das <koushik.das@citrix.com>
Date: Wed Feb 13 11:40:58 2013 +0530
Added lifecycle APIs for Cisco Asa 1000v appliance.
Added corresponding Dao and VO classes.
Also added mapping Dao and VO for guest netwok and asa appliance
commit 6b999ec867
Author: Koushik Das <koushik.das@citrix.com>
Date: Tue Feb 12 00:05:39 2013 +0530
Changes:
a. Added handlers for CreateLogicalEdgeFirewall and ConfigureNexusVSMForASA commands
b. Logic for add/list vnmc device API
c. Partial implementation for network element implement()
commit 0656250308
Author: Koushik Das <koushik.das@citrix.com>
Date: Mon Feb 11 23:48:19 2013 +0530
Moved VNMC provider creation to Network.java. The plugin code would have been the ideal place to keep it but current state of the code doesn't allow it.
commit dc402eaa7a
Author: Koushik Das <koushik.das@citrix.com>
Date: Mon Feb 11 23:35:19 2013 +0530
Added new commands for the following:
a. Logical edge firewall creation in VNMC
b. Asa1kv vservice node creation and updating asa1kv inside port profile with guest network vlan id in n1kv VSM
commit d6cdfe35f8
Author: Koushik Das <koushik.das@citrix.com>
Date: Mon Feb 11 23:06:36 2013 +0530
Added helper method to create port profile in n1kv VSM with additional parameters VDC tenant and edge security profile
Added helper method to create a vservice node in n1kv VSM
commit db42da17e9
Author: Koushik Das <koushik.das@citrix.com>
Date: Mon Feb 11 22:44:01 2013 +0530
Added database table for storing VNMC devices
commit f991436335
Author: Koushik Das <koushik.das@citrix.com>
Date: Fri Feb 8 16:00:15 2013 +0530
Added support for network offering creation with VNMC as provider for firewall, port forwarding, source nat
commit 74de210359
Author: Koushik Das <koushik.das@citrix.com>
Date: Fri Feb 8 15:06:11 2013 +0530
Added name attribute for the VNMC lifecycle commands
commit 6ce25ef11d
Author: Chiradeep Vittal <chiradeep@apache.org>
Date: Wed Jan 16 16:44:28 2013 -0800
Fix licensing
commit 392cd8ed63
Author: Chiradeep Vittal <chiradeep@apache.org>
Date: Wed Jan 16 16:38:19 2013 -0800
cisco-vnmc: Fix api to use new conventions
commit 6b142bbaab
Author: Chiradeep Vittal <chiradeep@apache.org>
Date: Wed Jan 16 15:33:33 2013 -0800
WIP: configure ASA port profile
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
commit 1ae21ea49a
Author: Chiradeep Vittal <chiradeep@apache.org>
Date: Wed Jan 16 15:33:01 2013 -0800
WIP rename device to resource to better reflect nature of VNMC
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
commit 84d218f972
Author: Chiradeep Vittal <chiradeep@apache.org>
Date: Wed Jan 16 15:32:54 2013 -0800
WIP: fixes for associating ASA1000v to tenant
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
commit d74c6a9ac2
Author: Chiradeep Vittal <chiradeep@apache.org>
Date: Wed Jan 16 15:32:45 2013 -0800
WIP: fixes for associating ASA1000v to tenant
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
commit 9350d10849
Author: Chiradeep Vittal <chiradeep@apache.org>
Date: Wed Jan 16 15:32:29 2013 -0800
WIP: admin commands for adding / listing VNMC
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
commit a8031a0cfe
Author: Chiradeep Vittal <chiradeep@apache.org>
Date: Wed Jan 16 15:30:41 2013 -0800
WIP ASA 1000v listing"
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
commit f9cc674b9c
Author: Chiradeep Vittal <chiradeep@apache.org>
Date: Wed Jan 16 15:30:36 2013 -0800
WIP : edge firewall
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
commit 6a0964af00
Author: Chiradeep Vittal <chiradeep@apache.org>
Date: Wed Jan 16 15:30:30 2013 -0800
WIP : edge security policy
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
commit e32295e8cf
Author: Chiradeep Vittal <chiradeep@apache.org>
Date: Wed Jan 16 15:30:24 2013 -0800
WIP : dhcp server policy
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
commit 446a9b8491
Author: Chiradeep Vittal <chiradeep@apache.org>
Date: Wed Jan 16 15:30:18 2013 -0800
WIP : dhcp server policy
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
commit e35e0eb59b
Author: Chiradeep Vittal <chiradeep@apache.org>
Date: Wed Jan 16 15:30:14 2013 -0800
Move unit test
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
commit 2b43a3e74e
Author: Chiradeep Vittal <chiradeep@apache.org>
Date: Wed Jan 16 15:30:08 2013 -0800
Move unit test
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
commit 11b804a894
Author: Chiradeep Vittal <chiradeep@apache.org>
Date: Wed Jan 16 15:29:54 2013 -0800
WIP: XML control of VNMC
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
the advanced zone
Squashed commit of the following:
commit 3021cb917b2446f6a04f6cbb01bc56ebc5484bff
Merge: 77c6991886fe01
Author: Murali Reddy <murali.reddy@citrix.com>
Date: Sun Apr 14 17:22:05 2013 +0530
Merge branch 'master' into sharednetworkservices
commit 77c69918be
Author: Murali Reddy <murali.reddy@citrix.com>
Date: Tue Apr 9 17:16:57 2013 +0530
Trying to fit both isolated and shared network life cycle with single state
machine may need addtional work. So set network state for shared network explicitly now.
commit 365ed73a0c
Author: Murali Reddy <murali.reddy@citrix.com>
Date: Tue Apr 2 17:14:11 2013 +0530
- associateIpAddress API to associate a public IP with shared network
- shared network with services to go through the implement and shutwdon
phases
that don't have a domain id set (null).
Tested via: Called "listServiceOfferings" using a simple perl script,
once with an ID, and once without an ID specified.
Signed-off-by: Chip Childers <chip.childers@gmail.com>
Add a flag VmDetailConstants.NESTED_VIRTUALIZATION_FLAG
Add an advanced config uption VmwareEnableNestedVirtualization
Depending on the settings of the flags and the capabilities of the target hypervisor the nested virtualization option will be set on guest VMs. It's a global setting intended only for developers to support cloud-in-a-cloud deployments.
For 'connectivity' network service current set of providers (MidoNet,
NiciraNcp) not necessarily part of OSS builds. So handle the case where
there are no providers for a service
leaving instances in eternal expunged state. This happens when a domain is
deleted while a deleted account is cleaning up. The cleanup looks for the domain
of the account and we hit a null pointer. Adding null pointer check.
Signed-off-by: Marcus Sorensen <marcus@betterservers.com> 1365695448 -0600
QuickCloud: fix license issue
QuickCloud: use a different activation for deploying quickcloud
Otherwise marvin gets invoked during mvn install -Dquickcloud
QuickCloud : configuration moved to applicationContext.xml from componentContext.xml
QuickCloud: default to enabled state for devcloud zone
QuickCloud: environment.properties helps customize location of pid file
For now it replaces ConsoleProxyManagerImpl with StaticConsoleProxyManager
Usage: mvn install -Dquickcloud
QuickCloud: rename deploy profile
QuickCloud: remove cyclic dependency introduced in nonoss build by moving SecondaryStorageDiscoverer into services
However with this fix, developers will be unable to run 'PremiumSecondaryStorageResource' (for VMWare installations) using mvn exec:java.
Instead they will have to use the exploded archive from systemvm.zip
This can be used to avoid starting up a virtual router simply for the purposes of offering dhcp and dns services
With the QuickCloudNoServices offering, no virtual router will be started up and the vm instance will not get a CloudStack-assigned IP address.
Instead, the VM will simply get whatever IP address is offered by an DHCP service that happens to be running in the same network
The DownloadProgress command is used to restart failed or stuck download jobs -- and it would not include the proxy information, unlike the DownloadCommand which always did
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
The DownloadProgress command is used to restart failed or stuck download jobs --
It would not include the proxy information, unlike the DownloadCommand which always did
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
Most recent centos based systems have process limit of 1024. Running this test will result in an OutOfMemory exception with description unable to create native thread.
With commit d79f1f6fdc the AgentMonitor
was replaced with a pluggable service. However the ping timeout in the
original constructor was not passed on anymore, leading to a default
pingTimout of 0. This would fail all agents constantly.
Modified the startMonitor command to take a pingtimeout as an argument
and instruct AgentManagerImpl to pass it along.
- Supports DHCP, Source NAT, Static NAT, Firewall rules, Port Forwarding
- Renamed MidokuraMidonet to MidoNet
- Related Jira ticket is CLOUDSTACK-996
Signed-off-by: Dave Cahill <dcahill@midokura.com>
Signed-off-by: Hugo Trippaers <htrippaers@schubergphilis.com>
Description:
Making SHA256SALT the default encoding algorithm to encode
passwords when creating/updating users.
Introducing a new configurable list to allow admins to
separately configure the order of preference for encoding
and authentication schemes.
Since passwords are now sent by clients as clear text,
fixing the Plain text authenticator to check against the
password passed in rather than its md5 digest.
API discovery plugin will return embedded entities for marvin to
discovery and generate it's API classes.
Signed-off-by: Prasanna Santhanam <tsp@apache.org>
Description:
Changes added for supporting multiple ip address per nic for shared networks
Testing Done:
Tested adding and removing the ip for nic using the APIs
1) Added comments to VPC/VPCService/VPCManager interfaces
2) Moved VPC offering related methods from VpcService to the new interface - VpcProvisioningService
3) Fixed static nat creation in the VPC - used to result in NPE due to invalid method referencing while obtaining VPC VR information
Addition of two new resource types i.e. Primary and Secondary storage space in the existing pool of
resource types.
Added methods to set the limits on these resources using updateResourceLimit
API command and to get a count using updateResourceCount. Also added calls in the
Templates, Volumes, Snapshots life cycle to check these limits and to increment/decrement the new
resource types
Resource Name :: Resource type number
Primary Storage 10
Secondary Storage 11
Also added jUnit Tests for the same.
Reviewed by : nitin mehta<nitin.mehta@citrix.com>
implemenation by default to autowire but only implementation avaialable
is in nonoss plugin. So using autowired required=false for injecting
GslbServiceProvider that will work with both oss and non-oss builds.
temporarily disabling spring injection of GslbServiceProvider as only
implementing class is in non-oss, so oss build fails to launch with no
bean fpund exception
working again.
The newly created package for cloudstack-management was not correctly
installing the service. This prevented cloud-setup-management from being
able to configure the service, and the init script didn't even believe
the service was installed. I also added sudo to the chmod command for
checking script permissions, as most scripts belong to root. It was
trying to configure the agent with cloudstack-setup-agent but the script
was still called cloud-setup-agent, so I renamed it to cloudstack-setup-agent.
Adding code for StatsCollector initialization using spring framework. This was not initialized and hence stats were not colleced on vm, host and storage in CS.
Currently, allPossibleIps return the Ip lists which include the gateway,
so we need to remove gateway ip from this list.
Now, for non-VPC network it works, because NetUtils.getAllIpsFromCidr
return the Ip lists which do not include the first IP of the network
(like 192.168.0.1).
We need too add the first IP into the returned Ip list, because it can
be used for VM if it is not the gateway IP (for example, VPC networks).
The corresponding patch for 4.0.1 has been posted on
https://reviews.apache.org/r/9923/
Signed-off-by: Chip Childers <chip.childers@gmail.com>
Changes:
- Regular plugin/adapter components should usually be loaded at run level RUNLEVEL_COMPONENT(5)
- HypervisorVmPlannerSelector was at level 0, while configurationServer at level 2 - causing config to be not loaded for the HypervisorVmPlannerSelector
string.
This doesn't resolve the bug in question, but does fix the specific
message that was reported as the origin of the bug.
Signed-off-by: Chip Childers <chip.childers@gmail.com>
Changes:
- DeployPlannerSelector was newly introduced for BareMetal feature. It had the planner name hardcoded.
- Change it to decide the planner by referring to the global config vm.allocation.algorithm value
The old packages used to write this data to the configuration
in a postinst file.
That was horrible to track since system administrators had no
idea what was going on.
Removed region_id from user/account and domain tables.
Removed forwarding of api calls to owner region.
Removed api_key and secret_key from region table.
Included related DB upgrade changes.
The BareMetalTemplateAdapter in cloud-server is old and was introduced by recent
branch merges, Frank had separated and moved code to the baremetal plugin so
we will use that.
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
If any API contains '&' i.e. no key value pair or '&<paramter-name>' i.e. a parameter without a value, then we get an NPE as owasp.esapi.StringUtilities.stripControls deosn't handle NPE.
Volumes created from snapshots misses the source template information.Fixed the issue with volumes now getting the template id.
Signed Off by : - Nitin Mehta <nitin.mehta@citrix.com>
This feature will provide the functionality to delete or archive
the Alerts/Events.
Delete or archive alerts APIs are available only for root-admin,
delete or archive events are available for regular users.
Since associateIpRangeToAccount starts and commits a seaparte transaction, commit the transaction started for createVlanAndPublicIpRange before calling associateIpAddressListToAccount.
The default private/public keypairs in .ssh will not be overwritten.
Instead cloudstack will generate a new keypair id_rsa.cloud and
id_rsa.cloud.pub and use those in developer mode.
To use this insert the (name,value)=(develop,true) tuple into
`cloud`.`configuration`
Signed-off-by: Prasanna Santhanam <tsp@apache.org>
Fixed the search filter in PortForwardingRulesDaoImpl.java. Earlier we were
passing a wrong filter parameter "address" in listByDestIpAddr which doesn't
exist. Changed this to the right search criteria that uses dstIp as filter
parameter.
Signed-off-by: Venkata Swamybabu Budumuru <venkataswamybabu.budumuru@citrix.com>
Signed-off-by: Sateesh Chodapuneedi <sateesh@apache.org>
VpcVirtualNetworkApplianceManagerImpl.java fails when the broadcast URI
is not a long
Fixed whitespace issues
Signed-off-by: Hugo Trippaers <htrippaers@schubergphilis.com>
Enhanced baremetal servers support on Cisco UCS
change UcsXxxDao to Spring xml loading
change ListxxxCmd to inherit ListCmd
change API response in line with current API architecture
adding missing db schema to db upgrade schemaOh
Conflicts:
client/pom.xml
plugins/hypervisors/ucs/src/com/cloud/ucs/database/UcsBladeDaoImpl.java
plugins/hypervisors/ucs/src/com/cloud/ucs/database/UcsManagerDaoImpl.java
Some concepts included:
* the replace.properties location used by maven is parameterized to allow
for a build that does not modify the currently git tracked files
* package naming is updated along the lines of what was discussed on the
-dev mailing list and between committers at the Build a Cloud Day in Belgi
* package version pattern is updated (since we redo all package names,
we might as well drop the epoch)
CLOUDSTACK-657 VMware vNetwork Distributed Virtual Switch support in CloudStack
This is 2nd patch for feature 'Support for VMware dvSwitch in CloudStack'.
This patch introduces 2 new global configuration parameters
"vmware.use.dvswitch" - Enable dvswitch functionality.
"vmware.ports.per.dvportgroup" - Default number of ports per Vmware dvPortGroup.
This patch introduces 4 optional parameters to AddCluster API
guestvswitchtype - Type of vSwitch to use for guest traffic
guestvswitchname - Name of vSwitch to use for guest traffic
publicvswitchtype - Type of vSwitch to use for public traffic
publicvswitchname - Name of vSwitch to use for public traffic
Signed-off-by: Sateesh Chodapuneedi <sateesh@apache.org>
CLOUDSTACK-657 VMware vNetwork Distributed Virtual Switch support in CloudStack
This is 5th patch for feature 'Support for VMware dvSwitch in CloudStack'.
This patch contains
1)Changes to addCluster done in vmware discoverer to support vswitch type provided as parameters. Also performing validation of vswitch type parameter provided with addCluster api call. Checks for physical network configuration for vmware cluster is added.
2)Changes to vmware resource to use specified vswitch type while preparing network for guest and public traffic types.
3)Changes to vmware manager to introduce new global parameter vmware.ports.per.dvportgroup. Some cleanup.
Virtual switch type could be chosen at zone level or at cluster level for specific traffic type.
autoExpand of dvPortGroup is available in code but disabled as its breaking because vCenter 4.1 does not support autoExpand feature. Would be enable once vSphere 5.1 SDK support is added to CloudStack.
Signed-off-by: Sateesh Chodapuneedi <sateesh@apache.org>
When calling the listZones API command, you can now supply a name to pull a specific zone by name.
Updated two classes to include name paramater and query data centers/zones by name if suppled:
- server/src/com/cloud/api/query/QueryManagerImpl.java
- api/src/org/apache/cloudstack/api/command/user/zone/ListZonesByCmd.java
Signed-off-by: Prasanna Santhanam <tsp@apache.org>
I made the changes to make sure that:
1. ISO will be deleted from the UI, but it is not deleted from the secondary storage as long as it is attached to a VM.
2. The storage cleanup thread will check whether the iso is attached to any vm, if not, it removes the ISO from the secondary storage.
3. Detach operation is now working which was failing before for the vms having attached iso(deleted).
Updated the patch for template sync during MS restart.
Manually tested the following:
setup: upload ISO1 and ISO 2
Attach ISO1 to VM1 and VM2
Attach ISO2 to VM3
set storage.cleanup.interval to 300
test cases:
1. delete ISO1 from UI, gets deleted
2. In VM Details of VM1 and VM2, can see detach ISO option
3. ISO1 exists in secondary storage
4. detach ISO1 from VM1, successful
5. ISO1 still exists in secondary storage.
6. Restart MS, template sync will not delete ISO1.
7. Detach ISO1 from VM2, successfull detached.
8. Wait for storage cleanup thread to execute, ISO1 gets deleted from Secondary storage.
9. Detach ISO2 from VM3
10.ISO2 exists in secondary storage, Delete ISO2 form UI, get deleted from secondary storage.
CloudStack uses Guest CIDR for dhcp-range for the Guest VMs. The entire
CIDR is used by CloudStack for assigning IPs to Guest VMs. IP Address
Reservation will allow part of address space to be used fornon CloudStack
hosts/physical servers also, by restricting the address space of CloudStack
Guest VMs. Reservation can be configured using update Network API by specifying
guestvmCidr as an additional parameter. Reservation will be applicable for
Isolated Guest Networks including VPC. reservediprange in the response
will return the IP range that can be used for non Cloudstack hosts.
Tested manually the following scenarios:
Applying reservation when there are running VMs inside the
guest_vm_cidr.
Applying reservation when there are running VMs outside the
guest_vm_cidr.(not allowed)
Applying reservation when external device like Netscaler is configured
in the guest_cidr.
Applying reservation in VPC tiers.
Applying reservation outside the range of guest_cidr.(not allowed)
Supporting kickstart in CloudStack baremetal
able to start vm
Conflicts:
client/tomcatconf/componentContext.xml.in
server/src/com/cloud/baremetal/BareMetalTemplateAdapter.java
server/src/com/cloud/baremetal/BareMetalVmManagerImpl.java
server/src/com/cloud/vm/UserVmManagerImpl.java
It's a regression caused by:
commit 69d24545c4
Author: Murali Reddy <murali.reddy@citrix.com>
Date: Fri Feb 8 18:50:18 2013 +0530
CLOUDSTACK-1208: Failed to shutdown guest network
Firewall manager was being used instead of LoadBalancingRules manager
while applying the load balancer rules in shut down network. Changing it
to LoadBalancingRules manager.
The parameter transferre to applyRules() should be lbRules, rather than the lbs
object.
Non-printable characters results in empty pages for all users loading the
corrupted object in the web interface. It also results in the API call results
getting truncated with an error when it encounters the non-printable characters.
Every decoded parameter value is checked for control character using OWASP's
ESAPI library.
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
Changes:
- Use of class variable of type GenericSearchBuilder causes issues when multiple threads invoke this method to findCapacity
- Changing the scope of the variable to be local to these methods.
The issue occur in two conditions
(1) If I use two sessions or browsers to EnableStaticNat on CloudStack
UI. one is successful, the other is failed. However, there is no ip in
database.
(2) If I use API call EnableStaticNat several times The first time
succeed, the second failed, the third succeed. the result is
success-fail-success-fail-success-fail, which it is not correct.
Reported-by: Wei Zhou <w.zhou@leaseweb.com>
Reviewed-by: https://reviews.apache.org/r/9254/
Signed-off-by: Prasanna Santhanam <tsp@apache.org>
Addition of two new resource types i.e. CPU and Memory in the existing pool of
resource types.
Added some methods to set the limits on these resources using updateResourceLimit
API command and to get a count using updateResourceCount. Also added calls in the
Virtual machine life cycle to check these limits and to increment/decrement the new
resource types
Resource Name :: Resource type number
CPU 8
Memory 9
Also added Unit Tests for the same.
Firewall manager was being used instead of LoadBalancingRules manager
while applying the load balancer rules in shut down network. Changing it
to LoadBalancingRules manager.
- Mgmt server impl is a pluggable service, fix it's method
- Fix getCommands() to return all cmd api classes supported by this mgmt server
- For api-discovery, get commands from pluggable services only, don't use reflections
- Don't use reflections in ApiServer, iterate pluggableservices
- Fix api discovery unit test
- The fix was done automatically using following python program along with
following step:
1. Get all apis provided by default mgmt server, all of them are in cloud-api now
cd api/src/org/apache/cloudstack/api/command
find . >> apis
2. For all apis, generate java code that adds the class to the cmdList arraylist:
f = open('apis', 'r')
data = f.read()
f.close()
output = ""
for a in data.split('\n'):
output += "cmdList.add(%s);" % a.split('/')[-1].replace('.java', '.class')
# wrote output to a file, copied content to mgmt server impl's getCommands()
# similarly, fixed import statements using same code, splitting on /
Testing:
Ran apiserver, put breakpoints in ApiServer's init() where classes are processed
Total cmd classes found by reflections (ReflectUtil) = 354
Total cmd classes found by getCommands for all pluggable services = 354
Next, copied the comma separated values for each set to a string in ipython, a & b
set(a).difference(set(b)) returned null.
The above test implies both set of cmd classes found by both methods, i.e. using
reflections and using getCommands() had same set of apis and all were unique.
Conclusion:
The changes are idempotent and don't break api server's cmd class api discovery
processing.
BUG-ID: CLOUDSTACK-1210
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
The new policy is:
1. Generate a random IP.
2. Find the next available IP, start from the generated IP.
3. If we cannot find an available IP after certain times(10000 by default,
network.ipv6.search.retry.max) retry, give up.
- Get rid of boolean decode arg
- Method assumes that OTW params have been already decoded
- Remove redundant code that tries to decode again based on boolean arg
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
The issue happens randomly when hosts in a cluster gets distributed across multiple MS. Host can get split in following scenarios:
a. Add host – MS on which add host is executed takes ownership of the host. So if 2 hosts belonging to same cluster are added from 2 different MS then cluster gets split
b. scanDirectAgentToLoad – This runs every 90 secs. and check if there are any hosts that needs to be reconnected. The current logic of host scan can also lead to a split
The idea is to fix (b) to ensure that hosts in a cluster are managed by same MS. For (a) only the entry in the database is going to be created except in case if the host getting added is first in the cluster (in this case agent creation happens at the same time) and then (b) will take care of connection and agent creation part. Since currently addHost only creates an entry in the db there is a small window where the host state will be shown as 'Alert' till the time (b) is scheduled and picks up the host to make a connection. The MS doing add host will immediately schedule a scan task and also send notification to peers to start the scan task.
following changes
- introduced notion of event bus with publish, subscribe, unsubscribe
semantics
- a plug-in can implement the EventBus abstraction to provide event
bug to CloudStack
- A rabbitMQ based plug-in that can interact with AMQP servers to
provide message broker based event-bug
- stream lines, action events, usage events, alerts publishing in to
convineance classed which are also used to publish corresponding
event on to event bus
- introduced notion of state change event. On a state change, in the
state machine corrsponding to the resource, a state change event is
published on the event bug
- associated a state machined with Snapshot and Network objects
- Virtual Machine, Volume, Snaphost, Network object state changes wil
result in a state change event
This feature provides resetting a SSH key for an existing VM which means,
setting the old ssh key that is assigned to the VM previously with the new ssh
key.
Signed-off-by: Harikrishna Patnala <harikrishna.patnala@citrix.com>
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
Description: Adds API calls updateDefaultNicForVirtualMachine,
addNicToVirtualMachine, and removeNicFromVirtualMachine. These are
intended to allow a user to modify a VM's configuration post
deployment, to adjust the networks to which the VM belongs.
BUG-ID: CLOUDSTACK-645
Submitted-by: Brian Angus <blangus@betterservers.com>
Submitted-by: Ryan Dietrich <ryan@betterservers.com>
Signed-off-by: Marcus Sorensen <marcus@betterservers.com> 1359494800 -0700
When an admin calls this command without the ID parameter do not set the domain's ID
to the ID where the admin is in, this prevents him from doing lookups.
Also ass public_ipv6_address for ipv6 address management.
Extend nics and vlans for ipv6 address.
Add dependency to com.googlecode.ipv6(java-ipv6).
Modify dhcpcommand for ipv6.
- Fixed new join dao impls as spring components
- Fixed component context xml to load api rate limit checker
- Fixed root pom.xml for duplicate plugin
- Fixed list data centers method
- Fixed following conflicts:
api/src/org/apache/cloudstack/api/command/admin/network/CreateNetworkOfferingCmd.java
api/src/org/apache/cloudstack/api/command/user/offering/ListServiceOfferingsCmd.java
api/src/org/apache/cloudstack/api/command/user/template/DeleteTemplateCmd.java
api/src/org/apache/cloudstack/api/command/user/template/ExtractTemplateCmd.java
plugins/api/discovery/src/org/apache/cloudstack/discovery/ApiDiscoveryServiceImpl.java
server/src/com/cloud/api/ApiDBUtils.java
server/src/com/cloud/api/ApiServer.java
server/src/com/cloud/api/query/QueryManagerImpl.java
server/src/com/cloud/configuration/DefaultComponentLibrary.java
server/src/com/cloud/server/ManagementServerImpl.java
server/src/com/cloud/storage/swift/SwiftManagerImpl.java
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
add xenserver support in UI
only XenServer and KVM clusters are allowed in security enabled zone.
only shared security enabled networks are allowed in security enabled zone.
Fix usage in ApiDispatcher. Add two kinds of helpers:
- One that gets list of exclude cmd whose fields are not be included
- One that loops till a base class is asssignable from superclass
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
Corresponding getter/setter is renamed too.
Reason is GenericDao does not update the field unless the method name matches the field name; the setter of this VO was one such case.
Detail: A previous bug in the database schema did not allow the same vlan num
to exist on separate physical networks, even though this is possible and should
be allowed. To fix this, the code was changed to also disallow the same vlan
num on different physical networks, to avoid hitting the database constraint.
The database constraint has now been changed to allow only one of a vlan num
per physical nic per data center, so different physical nics can reuse vlan
numbers. This fix adjusts the code to match by removing the old fix.
BUG-ID: CLOUDSTACK-686
Signed-off-by: Marcus Sorensen <marcus@betterservers.com> 1358881555 -0700
and CloudException in one place, and Introduced ApiErrorCode to handle CloudStack API error
code to standard Http code mapping.
Signed-off-by: Min Chen <min.chen@citrix.com>
Changes:
- Introduction of maven skipped the java code that inserts the admin user. This causes the NPE in management server while trying to find the user and also, admin user cannot login as expected.
- Fixing the insertion of the admin user as part of startup.
Changes:
- Introduction of maven skipped the java code that inserts the admin user. This causes the NPE in management server while trying to find the user and also, admin user cannot login as expected.
- Fixing the insertion of the admin user as part of startup.
Detail: This merges the resizevolume feature branch, which provides the
ability to migrate a disk between disk offerings, thereby changing its
size, or specifying a new size if current disk offering is custom.
BUG-ID: CLOUDSTACK-644
Signed-off-by: Marcus Sorensen <marcus@betterservers.com> 1358358209 -0700
The different MAC address for a pair of redundant router have issues when short
time network outrage happened. When this happened:
1. BACKUP(r-2) cannot receive the broadcast from MASTER(r-1).
2. Then r-2 would announce it's MASTER after 3 seconds, and send gratuitous ARP
to the gateway of public ip(usually a rack router).
3. The gateway of public ip would update it's ARP cache to associate the public
ip of the network to the MAC of r-2.
4. In the meantime, r-1 still sending out VRRP broadcast(due to network issue,
the broadcast never arrived at r-2), and acting as MASTER.
5. After network outrage, r-2 would receive the higher priority VRRP broadcast
from MASTER again, then receded as BACKUP.
6. But the public gateway would still associate public ip with MAC of r-2, thus
caused the issue. r-1 would no longer able to receive any packets from public
network.
And there is no way for r-1 to send gratuitous ARP again, because it's always
consider itself as MASTER, no state changed, and no hook existed for receiving
lower priority broadcast.
So I would revert this change, and introduce another commit to ensure the newly
create redundant router would share the same MAC as the first one.
This reverts commit 9f257aa60b.
Detail: Previously in the code we allowed the configuration to create ssh
keypairs and put them in the configuration table so that systemvms could have
ssh key auth and work properly if the user was 'cloud' or if the developer
configuration item was set to true. It got changed to requiring both the cloud
user and the developer flag (using an || on a negative) somwhere along the way.
This changes it back to && on a negative to allow us to run as non-cloud users
with the dev flag set, and for cloud to deploy properly without the developer
flag.
Signed-off-by: Marcus Sorensen <marcus@betterservers.com> 1358285190 -0700
CS allows to add multiple VLANs and subnets to a shared network, but it doesn't really work, for example , vm on second VLAN or subnet cannot get IP through DHCP
This patch will not allow to add mulitple VLANS or subnets into shared network
CLOUDSTACK-982:Do not allow add multiple VLANs or subnets into shared network
A couple of lines back there is:
if (isSystem != null) {
sc.addAnd("systemUse", SearchCriteria.Op.EQ, isSystem);
}
So it was set redundantly, this can be removed.
Plugin should not be responsible for existence of checking an API, this was wrong.
Throw exception boldly when checkAccess fails.
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
- Makes plugins self contained so they decide their properties file format
- PluggableService creates the contract that implementing entity will return a
properties map which is apiname:rolemask (both are strings)
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
NetworkServiceImpl does not need a cache of system network offerings
Ensure mocks build to new APIs.
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
- remove unused public apis
- remove unused members
- change visibility of methods to protected if they do not implement a method in the interface
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
to the api project, ensure that all methods use interfaces from the api project.
By moving it to the api project, it lessens the dependency of plugins on the server components.
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
NetworkModel is intended as a read-only view on the network model.
This includes Networks, Nics, Ip address, PhysicalNetwork, NetworkOfferings, etc
The code in configure() and start() is used to support queries on the network model which is now the responsibility of the NetworkModel service
Network-refactor: Fix tests so that they get injected with the required NetworkModel mock
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
NetworkManager's exclusive focus is now
- handling plugins during orchestration, and
- to deal with ip address allocation.
Those classes that used to refer to NetworkManager to get access to the datamodel now refer to NetworkModel
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
Author: Likitha Shetty <likitha.shetty@citrix.com>
Date: Wed Jan 9 11:54:25 2013 +0530
CLOUDSTACK-614: ListTemplates API is not returning "Enable SSH Key" attribute for any given template. Update the TemplateResponse by adding 'sshkeyenabled' attribute to it. This attribute is set to the value that the user passes as input for parameter 'sshkeyenabled' while registering the template.
Signed-off-by: Min Chen <min.chen@citrix.com>
- Introduces api/discovery plugin that helps discover apis on the mgmt server
- It's a pluggable service, therefore has it's own api-discovery_commands.properties
where the discovery api, listApi can be blacklisted (by removing it), or it's
role mask can be changed
- By default its response has all the apis
- Changes in other parts of the code to make it work, viz. components.xml, pom.xml,
and in ApiServer where it is used as an adapter to get apiname, cmd mappings
The ApiDiscoveryService interface is a contract that the implementing class will
provide:
1. A means to get all the apis as a list of response, plugin is free to implement
the response class, as long as it extends on the BaseResponse:
ListResponse<? extends BaseResponse> listApis();
2. Provides a map of apiname as the key and cmd class as the value:
Map<String, Class<?>> getApiNameCmdClassMapping();
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
right approach to populate uuid column since it will impact upgrade as
well), and populate UUID column in seed data sql script.
Signed-off-by: Min Chen <min.chen@citrix.com>
WIP : move stuff between network manager and network service.
at this point there is about 700 lines of duplicated code
WIP: Leave creation of default offerings to NetworkManager init
WIP: clean up imports
Signed-off-by: Chiradeep Vittal <chiradeep@apache.org>
Issue seen during system vm template upgrade and restoreVM command
scenarios for vmware. In these cases CS tries to recreate root disk with
same name as the existing one, in case of vmware this results in creation
of vmdk file with same name for both existing and new root volume.
This results in undesired behavior when storage cleanup thread tries to
cleanup old volume. Made the vmdk file name unique by adding the volume
id to it. This will ensure that during volume recreation in the scenarios
mentioned vmdk will get created with a new name and there will be
no undesired side effects of running the storage cleanup thread.
The basic idea behind this is, deploy a fix sized threadpool for updating RvR
status, then using producer/consumer model. There is a global configuration
router.check.poolsize(10 by default) to control the pool size.
Using pool size 100 for 1000 RvR is tested with simulator and works well.
Also we can adjust the global configuration option router.check.interval to e.g.
60s from default 30s to mitigate the issue.
For LB device in inline mode, the ip deployer(the owner of public ip) is the
firewall in front of it, not itself. So check if it's inline or not, if it's
inline, return the firewall as ip deployer
Use SRX firewall filter as SRX firewall. The old security policy mechanism
cannot be used as IP based. This would enable SRX's ability to control traffic
for F5 behind it.
Excluded test as per test author's comment:
"Currently we commented out this test suite since it requires a real MS and Db running"
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
If you update your build to build a version with a name not ending in -SNAPSHOT,
you are required to declare versions on all your depdendencies. There is already
a cs.mysql.version property, this patch makes sure it is used where appropriate.
Signed-off-by: Chip Childers <chip.childers@gmail.com>
I added this in commit bc94948e06 to be able to bind
the VNC on KVM on the Private IP Address of the Hypervisor.
This got (accidentally) reverted in commit 110903a91a breaking
this behaviour with KVM.
By passing the destination host again in StartCommand we are able to bind the VNC to the private
IP address of the hypervisor.
This makes sure the VNC is not open for the world and users don't have to firewall these ports, nor
do they have to change "vnc_listen" in their qemu.conf libvirt settings.
Incorrect params are silently ignored in 4.0 and before. The fix would log the error
in debug log, but will continue processing. In case of an issue with uuid or param
an empty response is sent, for ex. in case of deleted entities as well.
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
- Fix interface to return array of strings, or filenames
- Fix StaticRoleBased ACL adapter to process config files by going through all pluggable services
- Refactor interface names
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
- Allow both uuid and id in param for pre 3.x apis
- Enforce uuid as param for all >= 3.x apis
- Use regex to better match uuid param
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
Entities correlated to the Identity and carry a uuid and those
correlated to InternalIdentity carry an id. Those entities that carry
both will correlated to Identity and InternalIdentity.
This refactors entities wherever possible to ensure the VO only
implements the first class entity.
Signed-off-by: Prasanna Santhanam <tsp@apache.org>
- Renames to @EntityReference as @Entity is too general and used in javax's pkg
- Remove redundant imports
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
- Add new interface method to getId
- Fix method definition in AsyncJob
- Get rid of mechanism to getId using reflect, use Identity interface
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
- Fix jobid serialization issue that broke the UI
- Fix AsyncJob Result and Response
- Get rid of getUuid(), setUuid(), just use getId, setId for uuid...
- All uuids from over the wire are UUIDs
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
In the past, we use same MAC address therefore once MASTER is down, the packet
to the same MAC would go to BACKUP ASAP.
But now we also have arping after BACKUP become MASTER, which should update the
ARP cache of public gateway router quickly. Though it would be a little
delay(likely less than 1 second), it's still fine for different MAC.
And it would solve some cache issue for same mac on vSwitch different ports.
1. Modified create-schema.sql to add version as 4.1.0 instead of 4.0.0
2. Removed schema-40to41.sql amd moved the content to schema-40to410.sql
3. Added to schema-40to410.sql Upgrade40to41.java
Conflicts:
server/src/com/cloud/upgrade/dao/Upgrade40to41.java
setup/db/create-schema.sql
setup/db/db/schema-40to41.sql
setup/db/db/schema-40to410.sql
Signed-off-by: Min Chen <min.chen@citrix.com>
For some apis, the param=-1 is used to evaluate conditionals. Allow -1 to be passed
for now. This is a APITODO/FIXME to fix stuff in service layer and then only get rid of it.
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
1. Modified create-schema.sql to add version as 4.1.0 instead of 4.0.0
2. Removed schema-40to41.sql amd moved the content to schema-40to410.sql
3. Added to schema-40to410.sql Upgrade40to41.java
This is improvement of:
commit 1ca493e4fa
Author: Sheng Yang <sheng.yang@cloud.com>
Date: Wed Feb 29 17:43:50 2012 -0800
bug 14042: Don't set dhcp:router option on DHCP server for non-default
network on CentOS/RHEL
The old solution only works on CentOS/RHEL, this one would enable the ability to more
guest OS, and enable user to choose what policy should be for each guest os
type.
IdentityProxy is only referenced in CreateCmdResponse, which involves
some async job logic change. Since it is not impacting list performance,
will leave it there for now.
Signed-off-by: Min Chen <min.chen@citrix.com>
- Use @Parameter's entityType and type annotation fields
- Use @Entity annotation in Reponse class to get table info for Dao
- Use findByXId to process all entities and translate UUID to ID
- Handle error in reflection method invoking
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
Declare and define findByXId() in GenericDao and EntityManager.
This method would return a VO by UUID and EntityManager's interface would
take in the VO Interface.
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
Author: Min Chen <min.chen@citrix.com>
Date: Mon Dec 17 17:42:30 2012 -0800
Remove IdentityProxy from AlertResponse and AsyncJobResponse.
Signed-off-by: Min Chen <min.chen@citrix.com>
As noted in the bug, several of the API command in question
are async calls. I've added a simple regex-based string cleaning
function, and have the request and response strings running through
it prior to being appended to the audit log.
Unit tests added for the new cleaning function as well.
The call to skip logging the createSSHKeyPair response remains intact
for now, although it should probably be scrubbed similarly to the
password fields.
Signed-off-by: Chip Childers <chip.childers@gmail.com>
Detail: Instead of using LibvirtStorageAdaptor for everything, you can create
your own storage adaptor and use it. We select storage adaptor based on storage
pool type, thus we needed to adjust LibvirtComputingResource to pass pool type
to everything in KVMStoragePoolManager. This in turn required that we pass the
info necessary to LibvirtComputingResource as well, so a few agent Commands were
modified.
Note this patch in and of itself shouldn't change any existing behavior, just
allow for new storage adaptors to be selected based on storage pool type.
Reviewed-by: Edison Su
Signed-off-by: Marcus Sorensen <marcus@betterservers.com> 1355769696 -0700
- All id params are now uuids, basically for documentation
- Use injections and not component locator
- Remove resourceType field checking, it's now called entityType
- Fix indents
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
These unittests do not depend on the componentlocator but instead are
completely dependent on mock objects. This ensures that they can be run
standalone without any requirements on the environment.
Includes some fixes to NiciraNvpGuestNetworkGuru and GuestNetworkGuru
When zoneid is passed an no state is specified listVIrtualMachines does
not return the destroyed vms. This patch fixes the issue.
Signed-off-by: Prasanna Santhanam <tsp@apache.org>
Reverting commit as we don't want the daos to move to cloud-api.
We'll eventually breakout cloud-server and create cloud-api-server for the standalone
api server.
This reverts commit 7597a38f7a.
- Refactor common code to get classname from apiname
- Fix search mechanism within api access checker adapter to:
* check permissions
* get class name for an apiname
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
- Add getCmd api interface in APIAccessChecker adapter to get cmd properties
- Add mechanism in StaticRoleBasedAPIAccessChecker to get config properties
- Add public interface to get the cmd properties for the adapter impl
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
- introduces Capability in the network offering, which
decides when EIP service is enabled, by defualt public IP
should be assigned to the VM or not
- default network offering with EIP/ELB service will still work with old EIP
semantics, i.e) assign a public IP to each VM on start
- Instantiate apiserver by injection, so all its entities are also created and injected
- Make the constructor protected
Thanks to Alex for helping out on this one.
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
- ApiServer instance assumes cloudstartup servlet will initialize it
- Check and log if initialization fails
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
- Moved host related apis to admin pkg
- Change namespace to org.a.cs.api, fix mappings in commands-prop.
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
the advanced zone
Details:
1). Added validation to check the Vlan Id specified in the createNetwork()
does not overlap with any of the vlan's used by isolated networks or
shared networks in the zone.
2). state change for shared network with services to go to 'Setup' state
on network shutdown instead of 'Allocated'
Bug ID:CLOUDSTACK-312 enable L4-L7 network services in the shared network in the advanced zone
network in the advanced zone
Details : ensure that CIDR specified for shared network does not overlap with any
CloudStack generated CIDR's for isaolated guest networks when using
external networking devices
Bug ID:CLOUDSTACK-312 enable L4-L7 network services in the shared network in the advanced zone
Conflicts:
server/src/com/cloud/network/NetworkManagerImpl.java
network in the advanced zone
Summary: change 'shared network' in advanced zone with L4-L7 services to go through network
implement phase. Add ACL checks to associate IP to shared network in the
advanced zone
Bug ID:CLOUDSTACK-312 enable L4-L7 network services in the shared network in the advanced zone
Conflicts:
server/src/com/cloud/network/NetworkManagerImpl.java
Details:
- changed associateIPAddr API to accept shared network Id and account Id. Ip will be owned by tuple (account Id, network Id)
- chaged createNetwork API to accpet CIDR when network offering has external networking device providers
Bug ID:CLOUDSTACK-312 enable L4-L7 network services in the shared
network in the advanced zone
This is part 1 of list API refactoring. Commands covered:
listVmsCmd, listRoutersCmd Response covered:
UserVmResponse, DomainRouterResponse. DB views created:
user_vm_view, domain_router_view.
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
Move ExternalNetworkDeviceManager to cloud-api, as server depends on cloud-api
The api refactoring of one of the api required this interface
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
- Remove a lot of junk
- Fix commands.prop.
- Move apis from cloud-server to cloud-api
- Rename with org.apache.cloudstack namespace
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
- Split register apis across template, iso and ssh pkgs
- Fix refactored apis, mappings in commands*.in
- Fix comments etc.
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
- Refactor VPN and VM APIs to admin and user pkgs
- Names space, org.apache.cloudstack
- Fix refactored apis in commands*.in
- Fix comments etc.
- Expand tabs, remove trailing whitespace
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
Detail: Because of the way most other primary storage types work with cloudstack
(i.e. backing stores) CLVM actually copies the template to a local logical
volume on primary storage, then uses that. This causes all of your primary
storage to be littered with a copy of every template used. Since we're not
using these, dump the template direct to the newly created logical volume.
This is faster as well since the template is sparse; we're not creating a fat
template on primary storage and then copying that to a logical volume when we
deploy from template.
BUG-ID: CLOUDSTACK-508
Bugfix-for: 4.1
Signed-off-by: Marcus Sorensen <marcus@betterservers.com> 1353221260 -0700
* enable SG provider if the zone is SG enabled
* don't create public traffic type for the zone if there is no public network exist in the zone in 2.2.x
The code that would propage userdata to router, when updateVirtualMachine api
is called, was missing. As per the docs [0], userdata should be a base64 encoded
string upto 2KB which is put on domr's html directory adn using HTTP GET the
userdata information can be obtained from the domr.
The updateVirtualMachine api [0] would accept a base64 encoded string
and decoded and put into the domr's /var/www/html/userdata/<uservm ip>/user-data
file. The operation does not require the VM to be in stopped state, though it is
advised to stop and call this api in case the user vm has a script which gets
the userdata information from domr while starting.
For example, this script can be used to fetch the data:
server_ip=$(grep dhcp-server-identifier /var/lib/dhclient-eth0.leases | tail -1 | awk '{print $NF}' | tr '\;' ' ')
wget http://${server_ip}/latest/user-data
This feature can be useful, for example to use into puppet facts [1], or to do
automation and horizontal scaling etc. based on userdata.
[0] http://incubator.apache.org/cloudstack/docs/api/apidocs-4.0.0/domain_admin/updateVirtualMachine.html
[1] http://geek.jasonhancock.com/2011/11/09/cloudstack-userdata-into-puppet-facts/
BUG-ID : CLOUDSTACK-424
Reviewed-by: Rohit Yadav <bhaisaab@apache.org>
Reported-by: Nick Wales
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
within cloud.server.ConfigurationServerImpl.generateDefaultKeystore
Description:
The reason which failed in generation of the certificate is not displayed now.
At that time, IOException which does not include the reason is raised.
In order to solve the problem quickly, the reason should be included in the message.
(Now)
WARN [cloud.server.ConfigurationServerImpl] (main:) Would use fail-safe keystore to continue.
java.io.IOException: Fail to generate certificate!
at com.cloud.server.ConfigurationServerImpl.generateDefaultKeystore(ConfigurationServerImpl.java:490)
(Fix)
WARN [cloud.server.ConfigurationServerImpl] (main:) Would use fail-safe keystore to continue.
java.io.IOException: Fail to generate certificate!: sudo: sorry, you must have a tty to run sudo
at com.cloud.server.ConfigurationServerImpl.generateDefaultKeystore(ConfigurationServerImpl.java:490)
Testing Completed:
mvn clean install
mvn -pl :cloud-client-ui jetty:run
And generation of the certificate was made to fail, checked it.
Signed-off-by: Chip Childers <chip.childers@gmail.com>
* send StartupAnswer right after StartupCommand is recieved
* if post processor going wrong, send out readycommand with error message to agent, then agent will exit
Any forked process that runs from maven surefire plugin gets it own separate
heap which may cause build issues. Patch fixes the issue by explicity args to
the surefire plugin for cloud-server.
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
* attache is not forForward()
* and the Disconnect came through cluster notification event
The fix will prevent delayed AgentDisconnect cluster notification processing.
The authenticators now have an encode function that cloudstack will use to encode the user supplied password before storing it in the database. This makes it easier to add other authenticators with other hashing algorithms. The requires a two step approach to creating the admin account at first start as the authenticators are only present in the management-server component locator.
The SHA256 salted authenticator make use of this new system and adds a hashing algorithm based on SHA256 with a salt. This type of hash is far less susceptible to rainbow table attacks.
To make use of these new features the users password will be sent over the wire just as he typed it and it will be transformed into a hash on the server and compared with the stored password. This means that the hash will not go over the wire anymore.
The default authenticator in components.xml is still set to md5 for backwards compatibility. For new installations the sha256 could be enabled.
If cleanup=true, network elements and resources are shutdown and
reimplemented. Else, shutdown/reimplementation is skipped. Enabled
cleanup checkbox in CS UI.
For both cases, VRs are only deployed for Pods with no running
or starting VRs and Pods having running or starting user vms.
New DAO helpers introduced:
HostPodDao: listByDataCenterIdVMTypeAndStates
DomainRouterDao: listByPodId and listByPodIdAndStates
VMInstanceDao: listByPodId and corrected definition of listByTypeAndState
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
1) Always fail to authenticate system user.
2) DB - always create system user with RANDOM not null password
3) Don't allow modifying (setting api/secretKeys, etc) system user via API
Conflicts:
server/src/com/cloud/user/AccountManagerImpl.java
setup/db/db/schema-305to306.sql
when host is reconnected, CS try to make sure the host can access primary storage,
CS only do this when primary storage is UP, and even host cannot access primary storage,
that is okay, do not throw exception, just print a warning message
Kelven Yang
Prachi Damle
Min Chen
Phong Nguyen
Koushik Das
Murali Reddy
Pascal Borreli
Edison Su
Chiradeep Vittal
Likitha Shetty
Ryan Dietrich
Hugo Trippaers
Bharat Kumar
Mice Xia
Edison Su
Marcus Sorensen
Hugo Trippaers
Jayapal
Vijayendra Bhamidipati
Jessica Wang
Alena Prokharchyk
Brian Spindler
Wido den Hollander
Dave Cahill
Prasanna Santhanam
Sanjay Tripathi
Sheng Yang
Nitin Mehta
Funs Kessen
Vijay venkatachalam
Sateesh Chodapuneedi
Wei Zhou
Kishan Kavala
Rohit Yadav
Anshul Gangwar
Rajesh Battala
Chip Childers
Sanjay Tripathi
Wido den Hollander
Saksham Srivastava
Harikrishna Patnala
Venkata Swamybabu Budumuru
Abhinandan Prateek
Roeland Kuipers
frank
Noa Resare
sateesh
David Grizzanti
frank
Deepti Dohare
Alex Huang
anthony
Anthony Xu
Anthony Xu
joesan
Andrew Bayer
Noa Resare
John Burwell
Isaac Chiang
Simon Waterhouse
Hiroaki Kawai
adefanti
Deepak Garg
Pranav Saxena
Laszlo Hornyak
Satoshi Kobayashi
Edison Xu
Joe Brockmeier
Kelven Yang
Rohit Yadav