dnsmasq.conf need to contain /etc/dhcpopts.txt from the beginning, otherwise
SIGHUP won't make dnsmasq reload the dhcpopts.txt, thus result in multiple nics
user VM get router information from all DHCP offers.
When master router down, the back up router is entered into FAIL state
but it supposed to enter into master.
This issue is happening because the the enable_pubip.sh script triying to
ifdown and ifup the eth2 interface. Which is failed. So master.sh script got
failed. Fixed by doing ifdown force
Introducing the option dhcp-client-update fails if the dnsmasq version is less than 2.6 (like in older templates).
Added a check for the version in cloud-early-config. will add dhcp-client-update option in the config file only
if the dnsmasq version is 2.6 and above.
Signed-off-by: Jayapal <jayapal@apache.org>
Previous patch to this only did so for system vms with a $3 interface, usually
eth2. System VMs that only provide DNS wouldn't get a gateway, for example.
BUG-ID: CLOUDSTACK-1565
Signed-off-by: Marcus Sorensen <marcus@betterservers.com> 1365617851 -0600
auto start like we should. cloud-early-config sets 'auto lo $1', but we don't
pass $1 in vpc router scenario like we do in others for some reason. eth0 is
always link local in vpc router, so setting it to that.
Signed-off-by: Marcus Sorensen <marcus@betterservers.com> 1365546368 -0600
This is an encryption optimization for VPN/SSL, with upto 10x advertised speed.
The patch check for the aesni_intel module if aes is available on the cpu, this
will be true for HVMs.
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
Detail: This gets rid of the patchdisk method of passing cmdline and
authorized_keys to KVM system VMs. It instead passes them to a virtio socket,
which the KVM guest reads from the character device /dev/vport0p1 during
cloud-early-config. Tested to work on CentOS 6.3 and Ubuntu 12.04. Should
work with even older versions of libvirt.
Signed-off-by: Marcus Sorensen <marcus@betterservers.com> 1362691685 -0700
Detail: VPC router was being treated like normal VR, which was an issue because
normally the VR has an eth0,1,2 which are isolated, linklocal, and public
networks respectively. rp_filter is turned on for eth0,1 and off for 2
(hardcoded). VPC however comes up with eth0,1 as public, linklocal, and no other
interfaces until new isolated networks are added, so the process doesn't work.
This change turns on rp_filter as new isolated networks are added to the VR.
BUG-ID: CLOUDSTACK-938
Bugfix-for: 4.0.2
Signed-off-by: Marcus Sorensen <marcus@betterservers.com> 1358451991 -0700
Detail: This adjusts cloud-early-config to properly set the host entry for a
vpc router. We were previously using the hostname command prior to the actual
hostname being set, now we use the NAME variable passed to us.
BUG-ID: CLOUDSTACK-502
Bugfix-for: 4.0.1
Signed-off-by: Marcus Sorensen <marcus@betterservers.com> 1353083661 -0700
Detail: Make change in 95df86e1e0 be specific
to VPC.
BUG-ID : NONE
Reviewed-by: Marcus Sorensen
Reported-by: Marcus Sorensen
Signed-off-by: Marcus Sorensen <marcus@betterservers.com> 1351695701 -0600
Detail: Several virtual router configuration commands, such as iptables
commands, run slowly due to attempting to do a name lookup on the virtual
router's hostname and having to time out. This is seen in the agent logs when
a virtual router command is run, as "unable to resolve host r-410-VM" or
similar. This can make for very slow router configuration, especially as the
number of network rules grows. This change simply sets the router's name to
the localhost IP in /etc/hosts
BUG-ID : NONE
Reviewed-by: Marcus Sorensen
Reported-by: Marcus Sorensen
Signed-off-by: Marcus Sorensen <shadowsor@gmail.com> 1351659441 -0600
By default do not enable port 8080 in iptables-router. Since, the socat
server which serves the password is in an infinite loop, any incorrect
attempt is returned bad_request and passwd-srvr won't break.
When /etc/init.d/cloud-passwd-srvr is started:
- It finds and removes any old rules on port 8080, eth0
- It applies iptables rule that accepts only traffic from private cidr.
When cloud-passwd-srvr is stopped:
- It removes iptables rules on port 8080, eth0
Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
Sheng Yang
Kelven Yang
Jayapal
Bharat Kumar
Abhinandan Prateek
Saksham Srivastava
Wei Zhou
Hiroaki KAWAI
Anthony Xu
Jayapal
Chiradeep Vittal
Nitin Mehta
Edison Su
Marcus Sorensen
Rohit Yadav
anthony
ilya musayev
Wido den Hollander
marcus