Initial patch for VXLAN support.
Fully functional, hopefully, for GuestNetwork - AdvancedZone.
Patch Note:
in cloudstack-server
- Add isolation method VXLAN
- Add VxlanGuestNetworkGuru as plugin for VXLAN isolation
- Modify NetworkServiceImpl to handle extended vNet range for VXLAN isolation
- Add VXLAN isolation option in zoneWizard UI
in cloudstack-agent (kvm)
- Add modifyvxlan.sh script that handle bridge/vxlan interface manipulation script
-- Usage is exactly same to modifyvlan.sh
- BridgeVifDriver will call modifyvxlan.sh instead of modifyvlan.sh when VXLAN is used for isolation
Database changes:
- No change in database structure.
- VXLAN isolation uses same tables that VLAN uses to store vNet allocation status.
Known Issue:
- Some resource still says 'VLAN' in log even if VXLAN is used
- in UI, "Network - GuestNetworks" dosen't display VNI
-- VLAN ID field displays "N/A"
The locking code in implement/shutdown network code was not efficient. Even in order to check the current state of the network lock was getting acquired which is not required. This resulted in delays in deploy VM as can be seen from attached logs where the code waited on the lock just to check if network is implemented.
As part of the fix moved out code that is checking if the network is already implemented or shutdowned outside the lock.
For some scenarios like prepare nic, all network service providers are checked which is not efficient and also introduces unnecessary dependencies.
The check to use only the required providers is already there for implement, shutdown operation on network. Put the same check for all missing cases.
portable IP is trying to insert network id as physical network id
ensuring network id, physical network id, source network id are properly
set for portable ip in user_ip_address and vlan tables
Detail: Accounts can fail in cleanup/gc process due to inconsistent op_networks
table and null pointer in looking up account for event publishing.
BUG-ID: CLOUDSTACK-3957
Signed-off-by: Marcus Sorensen <marcus@betterservers.com> 1375204815 -0600
sourceNAT service on it
if a portable ip is first IP associated with a non-VPC network, then its
being considered as source nat IP. This fix adds exemption for portable
IP not to be considred for source nat.
Tiered Network
When portable IP is transferred across the zones, we emulate portable IP
as provisioned in new zone's physical network carrying public traffic
and logical public network. network Id, and physical network id both
were bieng set to same physical network id resulting in IP association
to fail. This fix ensures both network and physcial network are set
appropriatley.
only on first rule is created on the IP and last rule is revoked on the
IP
Current suboptima logic of IP Assoc
- On associate IP to GuestNetwork there is an IPAssoc command sent to
corresponding network service providers of the network
- On every rule apply on IP associated with the network send IP assoc
to the network service providers
- On every rule deletion on IP associated with a network sernd IP assoc
command to the network service providers
With this fix logic of IP assoc is changed as below which eliminates
executio of unnessary and expensive IpAssocCommand resource command
- On associate IP to GuestNetwork, associate IP only to the network,
Untill any service is associated with the IP dont send IP Assoc
- On creation of first rule on the IP send IPAssoc to corresponding
network service provider. Since IP is used for a service, IPAssoc
need to be sent to correpondign service provider
- On deletion of last rule on the IP send IPAssoc to corresponding
network service provider. When last rule is deleted, IP has no
service associated with it, so send IP assoc to service provider to
remove the IP association
This is in effect a division by 1024, while time in ms should be divided
by 1000. The difference of 24 adds up to about a 381 day difference
today. This confuses anybody checking the timestamps in the logs.
in case of networks with external devices after GC
add an exception for networks that use external networking devices and has
secondary guest IP's allocated. On network GC, when network goes through
implement phase a new vlan is allocated, based on the acquired VLAN id cidr
of the network is decided in case of external networking case. While NIC
uses reservation strategy 'Start' which ensures that new primary ip is
allocated for the NiC from the new CIDR. Secondary IP's have hardcoded
IP's in network rules. So prevent network GC.
NAT does not work
making an exception for portabe IP, so that if the current datacenter with
portable IP is associated is different from destiantion data center
also on transfer on to new zone, transfer the portable ip association to
new data center, physical network id's
It's introduced by:
commit 052c24c4d1
Author: Bharat Kumar <bharat.kumar@citrix.com>
Date: Mon May 13 17:02:27 2013 +0530
CLOUDSTACK-702: Multiple ip ranges in different subnets.
This commit get userdata provider when caller asked for dhcp provider, thus
result in trouble e.g.
ERROR [cloud.async.AsyncJobManagerImpl] (Job-Executor-11:job-10) Unexpected
exception while executing
org.apache.cloudstack.api.command.user.network.DeleteNetworkCmd
java.lang.ClassCastException:
com.cloud.baremetal.networkservice.BaremetalUserdataElement_EnhancerByCloudStack_5dee69d2
cannot be cast to com.cloud.network.element.DhcpServiceProvider
at
com.cloud.network.NetworkManagerImpl.getDhcpServiceProvider(NetworkManagerImpl.java:3309)
...
for number of commands participating in Vm deployment process, as parallel deployment is supported on the hypervisor side.
The behavior is controlled by global config varirables:
"execute.in.sequence.hypervisor.commands" (false by default) sets/resets the synchronization for commands:
=========================
StartCommand
StopCommand
CreateCommand
CopyVolumeCommand
"execute.in.sequence.network.element.commands" (false by default) sets/resets the synchronization for commands:
==========================
DhcpEntryCommand
SavePasswordCommand
UserDataCommand
VmDataCommand
As a part of the fix, increased the global lock timeout to 30 mins in several VR scripts:
===========================
edithosts.sh
savepassword.sh
userdata.sh
to support situations when multiple concurrent calls to the script are being made.
has dedicated resources and the dedicated resources have all been consumed - use.system.public.ips and use.system.guest.vlans
Both configs are configurable at the account level too.
Alex Huang
Toshiaki Hatano
Koushik Das
Bharat Kumar
Prasanna Santhanam
Likitha Shetty
Murali Reddy
Alena Prokharchyk
Marcus Sorensen
Hugo Trippaers
Jayapal
Kishan Kavala
Edison Su
Edison Su
Sheng Yang
Min Chen
Anthony Xu