Commit Graph

25586 Commits

Author SHA1 Message Date
Rohit Yadav 860267fee0 Merge pull request #19 from shapeblue/kvm-host-without-storage
APPLE-272: Host Connects Without Storage
2016-10-25 10:41:42 +05:30
Rohit Yadav a4848c1435 APPLE-272: Host Connects Without Storage
KVM hosts on shared storage failure was accepted by mgmt server with the
host state as Up, even though there was no primary/shared storage available on
it. This patch offers a quick fix by throwing an exception in the storage monitor
which connects storage pool on host. The failure is trapped by agent manager
that disconnects the agent without any investigation.

Based on Lab tests, KVM agent may take upto 2 minutes to attempt NFS mount when
the storage is inaccessible (firewalled, or shutdown) before returning back with
an error. It is safe to assume that this won't add pressure on mgmt server due to
several reconnection attempts, and KVM agent would retry reconnection every 2
minutes.

For such KVM hosts, where failure happens due to storage issues; they will be
briefly put in Alert state but will be mostly be in Connecting state during which
the KVM host attempts to mount/reconfigure NFS storage pool.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-06-08 09:19:57 +09:00
Rohit Yadav 033f87deda CLOUDSTACK-9348: Make NioConnection selector blocking by timeout
Uses timeout based selector blocking. This makes connection handling
aggressive safely.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-05-19 16:17:28 +05:30
Rohit Yadav c8e0fc74ae dynamic-roles: remove order by ID
Removes order by id which is not necessary as we already do order by
sort_order. An additional order by seems to have caused mysql errors
in some environment, though it was not reproducible with MySQL 5.5/5.6/5.7
but this can be safely removed as it's not necessary.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-05-19 11:15:36 +05:30
Rohit Yadav 5415c06f30 packaging: backup commands.properties when upgrade to dynamic-roles
In case of rpms, the commands.properties file is bundled at
/usr/share/cloudstack-management/webapps/client/WEB-INF/classes/commands.properties

In case of a rpm upgrade, new rpms won't ship with commands.properties file. For
existing installations this copies the commands.properties file to
/etc/cloudstack/management

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-05-19 11:14:29 +05:30
Rohit Yadav f12254ef92 Merge pull request #18 from shapeblue/nio-fix-cpu
utils: Fix NioConnection aggressive usage
2016-05-16 08:51:14 +05:30
Rohit Yadav e35e7e4441 utils: Fix NioConnection aggressive usage
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-05-16 08:49:46 +05:30
Rohit Yadav 0a6f930a31 Merge pull request #17 from shapeblue/outofbandmanagement-4.5
CLOUDSTACK-9299: Sync changes from upstream oobm PR
2016-05-13 08:36:29 +05:30
Rohit Yadav 0b6f314f6e CLOUDSTACK-9299: Sync changes from upstream oobm PR
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-05-12 11:44:30 +05:30
John Burwell 328dbebd96 Merge pull request #8 from shapeblue/cancel-maint
CLOUDSTACK-9323:  Cancelling maintenance when prepare for maintenance…
2016-05-10 08:55:58 -04:00
Rohit Yadav 067022edd3 Merge pull request #16 from shapeblue/outofbandmanagement-4.5
CLOUDSTACK-9299: Incorporate out-of-band management PR changes
2016-05-10 14:24:45 +05:30
Rohit Yadav bb0282dfa1 CLOUDSTACK-9299: Incorporate out-of-band management PR changes
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-05-10 14:12:10 +05:30
Rohit Yadav 0f8d63989f Merge pull request #6 from shapeblue/outofbandmanagement-4.5
oobm: Out-of-band Management support in CloudStack
2016-05-10 13:17:49 +05:30
Rohit Yadav a5de2714e9 CLOUDSTACK-9299: Out-of-band Management for CloudStack
Support access to a host’s out-of-band management interface (e.g. IPMI, iLO,
DRAC, etc.) to manage host power operations (on/off etc.) and querying current
power state in CloudStack.

Given the wide range of out-of-band management interfaces such as iLO and iDRA,
the service implementation allows for development of separate drivers as plugins.
This feature comes with a ipmitool based driver that uses the
ipmitool (http://linux.die.net/man/1/ipmitool) to communicate with any
out-of-band management interface that support IPMI 2.0.

This feature allows following common use-cases:
- Restarting stalled/failed hosts
- Powering off under-utilised hosts
- Powering on hosts for provisioning or to increase capacity
- Allowing system administrators to see the current power state of the host

For testing this feature `ipmisim` can be used:
https://pypi.python.org/pypi/ipmisim

FS:
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Out-of-band+Management+for+CloudStack

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-05-10 13:16:03 +05:30
Rohit Yadav 7ba881b152 Merge pull request #15 from shapeblue/dynamicrbac-4.5
CLOUDSTACK-8562: Make role permissions orderable
2016-05-09 11:02:32 +05:30
Rohit Yadav 6f1e834753 CLOUDSTACK-8562: Make role permissions orderable
- Makes role permissions orderable in UI/backend
- Role permissions evaluated by fixed order
- Rules draggable in UI
- Migration script adds a default order

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-05-09 10:53:45 +05:30
Abhinandan Prateek e37856627e CLOUDSTACK-9323: Cancelling maintenance when prepare for maintenance is not yet complete throws exception as VMs are still in migration. There is no point in throwing exception, instead cancel all the pending migration tasks and then cancel maintance. The current migration will complete as normal migration jobs. 2016-05-07 09:41:45 +05:30
John Burwell 50355907a3 Merge pull request #14 from shapeblue/dynamicrbac-4.5
Make role permissions orderable
2016-05-06 13:09:40 -04:00
John Burwell 97089e1b9d Merge pull request #10 from shapeblue/kvm-ha
CLOUDSTACK-9350: KVM-HA- Fix CheckOnHost for Local storage
2016-05-06 13:04:35 -04:00
John Burwell fe03b91bb8 Merge pull request #11 from shapeblue/nio-fix-4.5
CLOUDSTACK-9348: Use non-blocking SSL handshake
2016-05-06 12:57:37 -04:00
Rohit Yadav ff2729d411 CLOUDSTACK-9348: Optimize NioTest and NioConnection main loop
- Reduces SSL handshake timeout to 15s, previously this was only 10s in
  commit debfcdef78
- Adds an aggresive explicit wakeup to save the Nio main IO loop/handler from
  getting blocked
- Fix NioTest to fail/succeed in about 60s, previously this was 300s
- Due to aggresive wakeup usage, NioTest should complete in less than 5s on most
  systems. On virtualized environment this may slightly increase due to thread,
  CPU burst/scheduling delays.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-05-06 10:15:00 +05:30
Rohit Yadav e51f524039 CLOUDSTACK-9348: Use non-blocking SSL handshake
- Uses non-blocking SSL handshake and non-blocking connections
- Uses 60s as timeout for both client/server to guard against indefinitely
  blocking clients
- Unit test to prove fix, client and malicious clients trying to connect to server

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-05-06 10:07:47 +05:30
Rohit Yadav 9d8b1fd7e5 CLOUDSTACK-8562: Make role permissions orderable
- Makes role permissions orderable in UI/backend
- Role permissions evaluated by fixed order
- Rules draggable in UI
- Migration script adds a default order

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-05-03 23:00:46 +05:30
Rohit Yadav 460a56fdbf Merge pull request #12 from apple/dynamicrbac-4.5 into apple-base-4.5 2016-04-26 13:29:07 +05:30
Rohit Yadav ff9db9cadc dynamic roles: fix role_id for default system users
In case of new deployments, roleid will be set to NULL for system/admin accounts
causing admin accounts to be not able to log in.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-04-26 13:11:59 +05:30
Rohit Yadav 0856820802 client: remove commands.properties file
We don't need commands.properties file now, remove it

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-04-26 13:11:51 +05:30
John Burwell f1040024af Merge pull request #7 from shapeblue/dynamicrbac-4.5
Dynamic RBAC roles for CloudStack
2016-04-25 14:02:28 -04:00
Rohit Yadav 16323f83f3 engine: fix upgrade path to work with mysql 5.7
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-04-25 14:52:08 +05:30
Rohit Yadav f30c52a16c CLOUDSTACK-8562: DB-Backed Dynamic Role Based API Access Checker
This feature allows root administrators to define new roles and associate API
permissions to them.

A limited form of role-based access control for the CloudStack management server
API is provided through a properties file, commands.properties, embedded in the
WAR distribution. Therefore, customizing API permissions requires unpacking the
distribution and modifying this file consistently on all servers. The old system
also does not permit the specification of additional roles.

FS:
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Dynamic+Role+Based+API+Access+Checker+for+CloudStack

DB-Backed Dynamic Role Based API Access Checker for CloudStack brings following
changes, features and use-cases:
- Moves the API access definitions from commands.properties to the mgmt server DB
- Allows defining custom roles (such as a read-only ROOT admin) beyond the
  current set of four (4) roles
- All roles will resolve to one of the four known roles types (Admin, Resource
  Admin, Domain Admin and User) which maintains this association by requiring
  all new defined roles to specify a role type.
- Allows changes to roles and API permissions per role at runtime including additions or
  removal of roles and/or modifications of permissions, without the need
  of restarting management server(s)

Upgrade/installation notes:
- The feature will be enabled by default for new installations, existing
  deployments will continue to use the older static role based api access checker
  with an option to enable this feature
- During fresh installation or upgrade, the upgrade paths will add four default
  roles based on the four default role types
- For ease of migration, at the time of upgrade commands.properties will be used
  to add existing set of permissions to the default roles. cloud.account
  will have a new role_id column which will be populated based on default roles
  as well

Dynamic-roles migration tool: scripts/util/migrate-dynamicroles.py
- Allows admins to migrate to the dynamic role based checker at a future date
- Performs a harder one-way migrate and update
- Migrates rules from existing commands.properties file into db and deprecates it
- Enables an internal hidden switch to enable dynamic role based checker feature

Deprecate commands.properties

- Fixes apidocs and marvin to be independent of commands.properties usage
- Removes bundling of commands.properties in deb/rpm packaging
- Removes file references across codebase

Reviewed-by: John Burwell <john.burwell@shapeblue.com>
QA-by: Boris Stoyanov <boris.stoyanov@shapeblue.com>

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-04-25 14:52:02 +05:30
Abhinandan Prateek 894fb5424e CLOUDSTACK-9350: KVM-HA- Fix CheckOnHost for Local storage
- Also skip HA on VMs that are using local storage
2016-04-25 13:22:25 +05:30
Rohit Yadav d0416e3524 metrics: Fix issues, implement search feature
- Fix threshold calculations for host and storage metric views
- Implement advance search box for all metrics views
- Save and pass context through navigation
- Add complex nav support, fix context usage

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-01-20 12:58:59 +01:00
Rohit Yadav c164ffee3b metrics: Increase UI width, fix metrics ui issues
- Add instances count in host view, ip address in instances view
- Add ipaddress in instances view
- Increase UI container width by 200px
- Allow all users to see resource metrics
- Fix instance count issue on host metrics view
- Fix sorting issue in metrics tables
- Fix instances null check regression from 2f250e2

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-01-20 12:57:09 +01:00
Rohit Yadav 938f1d2a7d CLOUDSTACK-9020: Metrics views for CloudStack UI
Implements following:
- A metrics table widget that is:
  - vertically and horizontally scrollable with pagination/infinite scrolling
  - sortable columns (client side)
  - groupable/collapsible columns
  - alternate row coloring
  - refresh button to refresh views
  - threshold table cell coloring
  - panel/breadcrumb navigation
  - quick view action column
  - translatable labels
- Sortable column for all CloudStack tables (client side)
- Configurable UI pagesize for list API calls, 'default.ui.page.size'
- Metrics views: Zones, Clusters, Hosts, Instances, Storage pools, Volumes
- Resource filtering/navigation: Zones->Clusters->Hosts->Instances->Volumes, Storage Pool->Volumes

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-01-20 12:54:06 +01:00
ramamurtis 173e2462b3 CLOUDSTACK-9006 - ListTemplates API returns result in inconsistent order when called concurrently
Adding filter test to verify addOrderBy method.

(cherry picked from commit 9d1a469ae5)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-01-20 12:54:06 +01:00
ramamurtis d82a373604 CLOUDSTACK-9006 - ListTemplates API returns result in inconsistent order when called concurrently
(cherry picked from commit c90723f491)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-01-20 12:54:05 +01:00
Rohit Yadav 88e1645d0b CLOUDSTACK-9019: Add storage network offering in ssvm only if storage network is defined
During creation of SSVM, checks and adds NetworkOffering.SystemStorageNetwork to
offerings only if storage network exists for the target datacenter

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-01-20 12:54:05 +01:00
Nitin Kumar Maharana 3a6054e549 CLOUDSTACK-8913: Search box in Templates tab out of alignment
Increased the margin and padding to accomodate all the boxes inside toolbar.

(cherry picked from commit febaeb2a15)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-01-20 12:54:05 +01:00
Rohit Yadav 847d69edfd CLOUDSTACK-9000: logrotate cloudstack-agent out and err logs
Adds logrotate rules for cloudstack-agent.{err,out} log files

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-01-20 12:54:04 +01:00
Rohit Yadav 8348a237b8 CLOUDSTACK-9000: logrotate cloudstack-agent out and err logs
Adds logrotate rules for cloudstack-agent.{err,out} log files

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-01-20 12:54:04 +01:00
Daan Hoogland 84e9ff746b CLOUDSTACK-8848: added null pointer guard to new public method 2016-01-20 12:54:04 +01:00
Rene Moser f7e1029cfc CLOUDSTACK-8848: ensure power state is up to date when handling missing VMs in powerReport
There 2 things which has been changed.

* We look on power_state_update_time instead of update_time. Didn't make sense to me at all to look at update_time.
* Due DB update optimisation, powerState will only be updated if < MAX_CONSECUTIVE_SAME_STATE_UPDATE_COUNT. That is why we can not rely on these information unless we make sure these are up to date.
2016-01-20 12:54:03 +01:00
Pierre-Luc Dion 6902dac319 Fix dockerbuild because hardcoded filename for marvin
Signed-off-by: Pierre-Luc Dion <pdion891@apache.org>
2016-01-20 12:54:03 +01:00
Boris Schrijver db771cd0a4 Added Unit Tests for QCOW2Utils. 2016-01-20 12:54:03 +01:00
Boris Schrijver 8a5aa0faaa Fixed Findbugs issue introduced by 1c6378ec00 PR #795. 2016-01-20 12:54:02 +01:00
Boris Schrijver decaef6cb4 Added QCOW2 virtual size checking for S3.
- Cleaned up S3TemplateDownloader
- Created static QCOW2 utils class.
- Reformatted some parts of DownloadManagerImpl
2016-01-20 12:54:02 +01:00
Rohit Yadav 11abfb8766 tools/appliance: update Debian 7 iso URLs based on 615261
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2015-09-16 12:56:25 +05:30
Suresh Kumar Anaparti 52e23996b8 CLOUDSTACK-8820: Updated the code for vCenter6 data center support.
(cherry picked from commit 1d73418c2c)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2015-09-16 12:52:46 +05:30
Suresh Kumar Anaparti 5f95f1688e CLOUDSTACK-8820: Showing error when try to add advance zone using VMWare ESXi 6.0 host
Summary: In vCenter 6.0, response headers need to be fetched after service login for server cookie unlike previous versions of vCenter.

(cherry picked from commit 4a6e2cdeee)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2015-09-16 12:52:18 +05:30
Rohit Yadav 17166eb631 schema: add 4.5.2 to 4.5.3 upgrade path stubs
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2015-09-15 09:57:48 +05:30
Rohit Yadav 284ce1fb88 engine/schema: add 4.5.2 to 4.5.3 upgrade path
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2015-09-15 09:57:12 +05:30