etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
20,352 Commits 335 Branches 327 Tags 851 MiB
Commit Graph

108 Commits

Author SHA1 Message Date
Sheng Yang 84a1a311f9 S2S VPN: CS-15511: Add PFS support for VPN connection 2012-08-06 15:27:13 -07:00
Sheng Yang 1b5103c501 S2S VPN: CS-15472: Separate IKE lifetime and ESP lifetime 2012-08-06 15:19:26 -07:00
anthony 9b43753399 VPC : handle Revoke rules for staticroute 2012-08-02 18:59:49 -07:00
anthony 0c9d5f5eb1 VPC : typo 2012-08-02 18:59:48 -07:00
anthony f763f53c2d CS-15680 : set broadcast IP 2012-07-30 13:24:33 -07:00
anthony 3aae979967 CS-15708 : fix network cleanup 2012-07-30 13:24:10 -07:00
Sheng Yang dd50bdf38e CS-15731: Make S2S VPN no-nat rule the top of POSTROUTING 2012-07-27 18:49:25 -07:00
Sheng Yang 8eee8f342e S2S VPN: CS-15650: Add connection status update to s2s vpn 2012-07-27 16:28:06 -07:00
anthony 59937838e5 VPC : create/destroy static nat 2012-07-27 15:04:42 -07:00
anthony ae579c4cdd VPC : create/destroy static route 2012-07-27 15:04:42 -07:00
anthony 0d52ac205b VPC : create/destroy source NAT 2012-07-27 15:04:42 -07:00
anthony 9910176d76 VPC : create/destroy private Gateway 2012-07-27 15:04:41 -07:00
anthony f7da1772b0 VPC : portforwarding script 2012-07-27 15:04:41 -07:00
anthony 952da87e19 VPC : basic network usage per guest network 2012-07-27 15:04:41 -07:00
anthony 744bfdce5f VPC : vpc loadbalancer script 2012-07-27 15:04:41 -07:00
anthony 7dc4231ea6 VPC : vpc ip assocate fix 2012-07-27 15:04:41 -07:00
anthony 165a21c62a VPC : vpc_acl.sh is for VPC access control list 2012-07-27 15:04:40 -07:00
anthony 05dc92c02c VPC : remove all rules for a plugged nic device 2012-07-27 15:04:40 -07:00
anthony 599dcb49d5 VPC : add vpc_func.sh 2012-07-27 15:04:40 -07:00
anthony 5edb646be2 VPC : ipassoc.sh typo fix 2012-07-27 15:04:40 -07:00
anthony 7fd73fc5ab VPC : add vpc_guestnw.sh 2012-07-27 15:04:40 -07:00
Sheng Yang 4d42845853 S2S VPN: Add back pfs=no for ipsec.conf 
According to ipsec.conf manual:

pfs

whether Perfect Forward Secrecy of keys is desired on the connection's keying
channel (with PFS, penetration of the key-exchange protocol does not compromise
keys negotiated earlier); Since there is no reason to ever refuse PFS, Openswan
will allow a connection defined with pfs=no to use PFS anyway. Acceptable values
are yes (the default) and no.

Found removing the option would make it impossible to work with no PFS setting
router. It may related to CS-15511.
 2012-07-23 19:35:08 -07:00
Sheng Yang 27d82f683b S2S VPN: Support for multiply VPN connections per VPC/VPN gateway 2012-07-23 19:03:29 -07:00
Sheng Yang f1e2be7157 CS-15511: Fix parameter transfer in bash 
[Dropped Vmware support in this commit, due to lack of VMware support in VPC now]

Conflicts:

	plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
 2012-07-23 14:51:40 -07:00
Sheng Yang d855dff7c2 CS-6840: Fix wrong path of check s2s vpn script 2012-07-23 14:35:32 -07:00
Sheng Yang a1333649db CS-15536: Insert VPN mangle policy to FORWARD and OUTPUT 
In order to get traffic tagged while ACL chain involved in PREROUTING chain.

Also using more generic tag checking in nat table.
 2012-07-17 17:23:11 -07:00
Sheng Yang 1d97af3abf CS-6840: Add status checking for site 2 site VPN 2012-07-02 16:29:23 -07:00
Sheng Yang cd9854336a CS-6840: Update ipsectunnel.sh 2012-07-02 16:27:38 -07:00
Clayton Weise df062f1fe8 CS-6840: Add ipsectunnel script 2012-07-02 16:27:35 -07:00
anthony 10a578db46 VPC : fix nic hot plug script 2012-06-15 14:32:31 -07:00
anthony d51e3443cb VPC : add nic hot plug script 2012-06-15 14:32:10 -07:00
anthony a7462bb232 VPC : vpc_ipassosc.sh 2012-06-15 14:30:50 -07:00
anthony d80476b93e VPC : add new ipassoc.sh for vpc 2012-06-15 14:30:07 -07:00
anthony 0f5775d446 VPC : revert changes in ipassoc.sh 2012-06-15 14:29:56 -07:00
anthony 95faedc09f VPC : bug fix 2012-06-15 14:29:47 -07:00
anthony f1883e991c VPC : bug fix 2012-06-15 14:26:50 -07:00
anthony edbf4a0ba7 VPC : many debug fix 2012-06-15 14:26:41 -07:00
anthony c75fe80125 VPC : use routerProxy to call networkUsage.sh 
Conflicts:

	core/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
 2012-06-15 14:25:21 -07:00
anthony a08c9e7890 VPC : move acl.sh ipassoc.sh to /opt/cloud/bin/ 2012-06-15 14:24:09 -07:00
Sheng Yang 5fda83b735 Fix keepalived process not started issue 2012-05-01 16:20:08 -07:00
frank 2f634c0913 Switch to Apache license 2012-04-03 04:50:05 -07:00
Sheng Yang be5b430a96 bug 14558: Add log for passwd_server 
In case something goes wrong.

Log located at /var/log/cloud.log
 2012-03-30 14:20:11 -07:00
frank 52610ffcb3 add copyright header to shell scripts 2012-01-11 18:41:53 -08:00
Sheng Yang 89e45bd671 bug 11130: Add GetDomRVersionCmd 2011-09-29 14:50:11 -07:00
Sheng Yang 85a164f6ac bug 11518: Return "saved_password" for non-existed password entry in domR 
To solve password file is destroyed along with restartNetwork command issue. If
the password is not set in fact, user can use "ResetPassword" to try again. But
it won't happen mostly, because it's only possible if the restartNetwork
happened between user start up VM and set the new password.

Reviewed-by: Keshav

status 11518: resolved fixed
 2011-09-21 15:50:54 -07:00
Sheng Yang 78f88d3985 Fix dhcp_entry.sh fail on redundant router 
And don't worry about "chkconfig dnsmasq off", because keepalived script should
take care of it.
 2011-08-10 17:13:34 -07:00
Chiradeep Vittal 8277584b8a merge ELB / nectarine branch 2011-08-08 15:20:56 -07:00
Chiradeep Vittal ac8b833fb0 Ensure lb vm enables only those services that are necessary. ensure default route 2011-08-05 12:16:55 -07:00
Sheng Yang ed611fa200 Enforce redundant router command line checking in patchsystemvm.sh 2011-07-19 15:40:53 -07:00
Sheng Yang 4bc8686513 bug 10429: Backport redundant virtual router 
Part 1

This backport contained:

commit 52317c718c25111c2535657139b541db0c9d1e1f
    bug 9154: Initial check in for enabling redundant virtual router

commit 54199112055d754371bfb141168fb5538bf6d6ea
    Add host verification for CheckRouterCommand

commit cef978a228c90056ead9be10cbc4de74c2b8de76
    Fix CheckRouterAnswer's isMaster report

commit 4072f0a6991ac3b63601a1764fbe14188965f62f
    Some build fixes and code refactoring for redundant router

commit 4d3350b7cd8ee2706a9bace4437fc194e36c8dd5
    Redundant Router: Fix OVS

commit 6a228830e7c46d819fa0c3317e159e041337e887
    Fix findByNetwork()/findByNetworkAndPod()'s return

commit c627777b3d5bdbcd60db4032cebd349a5b1ecd83
    Redundant Router: Fix isVmAlive()

commit e1275d2514adc41f8744f5107d4069c38be195f1
    Only issue CheckRouterCommand to redundant routers

And all modification to the scripts till
commit 4e3942462ed3fde3a3d7011e95839e2128fba514
logging changes

in the master branch.
 2011-07-18 18:29:56 -07:00
Frank 92155522f2 Add license header to files 2011-04-14 11:23:14 -07:00
Edison Su 8b3e22e84c enable serial console for system vm, to make debug easier 2011-03-31 19:11:09 -04:00
Edison Su 9854db7dcd bug 8459: acpiphp and pci_hotplug modules need to be auto loaded in domr 
status 8459: resolved fixed
 2011-03-31 19:11:06 -04:00
Chiradeep Vittal a65dd9d9eb Ensure password server is started inside dhcp server system vms 2011-03-02 17:38:38 -08:00
alena 54236677f3 bug 8419: changed domR password reset script to work with 2.1.x and 2.2 password scripts on userVm side 
status 8419: resolved fixed
 2011-02-07 11:04:55 -08:00
alena ff281af035 bug 8253: get_password_from_domr is a part of source code now. It should be located under /usr/bin/ directory on the Management server once cloudstack software is installed 
status 8253: resolved fixed
 2011-02-01 17:40:00 -08:00
edison 139ff273ff fix systemvm template for kvm, using chiradeep's latest debian template 2010-10-05 20:41:39 -07:00
edison e67e7d0e7b remove patches/systemv, and mv tools/systemvm into patches 2010-10-05 20:41:39 -07:00