Also:
1. Discard VPN related change.
2. Add network.dns.basiczone.updates in Config.java
3. Add findByNetworkOutsideThePod() for DomainRouterVO
Tested with VLAN and basic mode, works.
Disable redundant virtual router temporaily, would enable it after more testing.
Part 1
This backport contained:
commit 52317c718c25111c2535657139b541db0c9d1e1f
bug 9154: Initial check in for enabling redundant virtual router
commit 54199112055d754371bfb141168fb5538bf6d6ea
Add host verification for CheckRouterCommand
commit cef978a228c90056ead9be10cbc4de74c2b8de76
Fix CheckRouterAnswer's isMaster report
commit 4072f0a6991ac3b63601a1764fbe14188965f62f
Some build fixes and code refactoring for redundant router
commit 4d3350b7cd8ee2706a9bace4437fc194e36c8dd5
Redundant Router: Fix OVS
commit 6a228830e7c46d819fa0c3317e159e041337e887
Fix findByNetwork()/findByNetworkAndPod()'s return
commit c627777b3d5bdbcd60db4032cebd349a5b1ecd83
Redundant Router: Fix isVmAlive()
commit e1275d2514adc41f8744f5107d4069c38be195f1
Only issue CheckRouterCommand to redundant routers
And all modification to the scripts till
commit 4e3942462ed3fde3a3d7011e95839e2128fba514
logging changes
in the master branch.
Block update only in these cases:
* when DNS capability AllowDnsSuffixModification is false for the network
* when target network has running network elements (dhcps or domRs)
Conflicts:
server/src/com/cloud/vm/dao/DomainRouterDao.java
server/src/com/cloud/vm/dao/DomainRouterDaoImpl.java
Block update only in these cases:
* when DNS capability AllowDnsSuffixModification is false for the network
* when target network has running network elements (dhcps or domRs)
This patch enable redundant virtual routers.
1. To enable this feature, db need to be updated using follow SQL by now(we
would get a UI way later):
UPDATE network_offerings SET redundant_router=1 WHERE guest_type="Virtual" AND
system_only=0;
2. System would try to start up two routers at different hosts. But if there is
only one host in the zone, system would start up two routers on it.
3. The failover part is using keepalived, and connection tracking part is using
conntrackd. There would be one master router and one backup router. The status
of router(master or backup) can be query from the database table domain_router
now. Management server would update the status every 30s by default.
4. The routers for the same zone would use same external NIC(same ip and mac).
The script used for fail-over would ensure only one external NIC present in the
network at any time.
5. Currently management server don't got the ability to stop one of router is
both of them reported as master. The feature is in the todo list.
After two routers start up, disconnect anyone of them, the guest network
shouldn't be affected, and established connection(http, ssh, etc.) should still
works. The fail-over on gateway part should be 3~4 seconds.
Currently the patch works with KVM. Would deal with vmware and XenServer soon.
Following was done as a part of checkin:
1) NetworkOffering/Network:
* add PF service support for default Guest network offering.
* Add one more additional network - Public.
* Allow to enable external firewall in Basic zone.
2) Don't allow to deployVm in Public Network.
3) Allow to add vlan ip ranges to Public networks in Basic zone.
4) Associate IP - allow to associate with Direct vms.
5) Allow to create PF/Static nat rules. Rules are being sent to External Firewall Rule only.
6) Add PF support to External Firewall element.
* API requires network id to be passed in (it was optional before)
* restartNetwork calls restart() method of all network elements in the system, and it's up to the element to decide which actions to take on the restart (for example, for Virtual Router it's IPAssoc/applyPF/applyLBRules).
status 6689: resolved fixed
Changes to destroyNetwork process. Here are the steps:
* shutdown network - shutdowns all network elements (domRs/Dhcps)
* delete network - destroy all network elements, cleanup network's resources (vlans, ip ranges), mark network with Destroyed state and set Removed field
status 7863: resolved fixed
Router cleanp thread is fixed, here is functionality description:
* Runs every "router.cleanup.interval" period of time (1 day by default)
* Stops only domRs running in Advance zone
* Thread Flow:
- gets all Running domRs/dhcps, get their networks, select network that
has to be checked (see criteria below):
- checks that there is only one nic in the op_networks table for the
network, and this nic belongs to domR/dhcp
- Stops domR/dhcp
* Criteria to choose the network:
- Network has to be non-system.
- Network should be one of the following: Guest Virtual (TrafficType=Guest; GuestType=Virtual); Direct Tagged (TrafficType=Public; GuestType=Direct)
Couple of other fixes:
* Added isShared parameter to listNetworks command
* Moved guestType from NetworkOffering to Network
status 7348: resolved fixed
More fixes:
* Update user_statistics on each domR stop/reboot
* Reset dhcpData/userData as a part of domR stop/reboot
* More logging for domR commands
status 7603: resolved fixed
Couple of other fixes:
* Set correct user_id for createVolume event instead of hardcoding it to System (1)
* Deploy dhcp vm when Zone's gateway provider is External Firewall and network is Virtual
Chiradeep Vittal
Sheng Yang
alena
kishan
Frank
Alex Huang
Kelven Yang