etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
28,318 Commits 324 Branches 325 Tags 838 MiB
Commit Graph

367 Commits

Author SHA1 Message Date
Ian Southam 0496ba7a00 firewallrules (VR) and metworkacl (VPC) did not as I believe they shgould get combined 
in the underlying java code
Have split them out again.
Omce tested this will need some refactorinfg because it is currently PFU
 2015-03-16 11:38:15 +01:00
Ian Southam f924a9755d Adding port forwarding ranges exposes a rather unfortunate typo 2015-03-16 11:38:15 +01:00
Ian Southam 467374c981 This time after running the unittests <blush> 2015-03-16 11:38:14 +01:00
Ian Southam cca4b58d50 A couple of firewall fixes for DomRouter code 2015-03-16 11:38:14 +01:00
wilderrodrigues 099add4fd6 Removing "global" declaration from if block 
In python an "if" block doesn't change the scope. So, global not needed as it was creating an warning.
 2015-03-16 11:38:13 +01:00
wilderrodrigues 185975f6ac Adding [ERROR] tag before error message to ease identification 2015-03-16 11:38:13 +01:00
Hugo Trippaers 67ee33ff8a More pep8 checks and fixes 2015-03-16 11:38:12 +01:00
Hugo Trippaers 5c4d221c34 Let's stick to CamelCase for now 2015-03-16 11:38:12 +01:00
Hugo Trippaers e10545506d Add boilerplates for module unittests 2015-03-16 11:38:12 +01:00
Hugo Trippaers 628af2f973 Get started with some tests on the python code 2015-03-16 11:38:11 +01:00
Ian Southam 6b0c40ed3e iAdd chains before provisioning rules 2015-03-16 11:38:11 +01:00
Ian Southam 50ee12c6e3 Corrected basic firewalling setup 2015-03-16 11:38:10 +01:00
Ian Southam 13b7ca1b3f New code must not run on systemvm 2015-03-16 11:38:10 +01:00
Ian Southam 4cdaada380 Bugger 2015-03-16 11:38:10 +01:00
Ian Southam dce2c9e35a Syntax error 2015-03-16 11:38:10 +01:00
Ian Southam 092c8924c9 Bug corrections 2015-03-16 11:38:09 +01:00
Ian Southam 5249df8799 Splitting router and vpc 2015-03-16 11:38:09 +01:00
Ian Southam 99d7c8f457 Fix syntax error 2015-03-16 11:38:09 +01:00
Ian Southam 945cc0bcfb Aligning router chain names correctly 2015-03-16 11:38:08 +01:00
Hugo Trippaers a2e7f30542 Fix license headers 2015-03-16 11:38:08 +01:00
Hugo Trippaers 18f517a8b1 pep8 2015-03-16 11:38:08 +01:00
Hugo Trippaers 9385f071d7 Fix PEP8 compliance 2015-03-16 11:38:07 +01:00
Hugo Trippaers acaeec9a27 Fix indent 2015-03-16 11:38:07 +01:00
Ian Southam 5dcdf26328 Typo 2015-03-16 11:38:07 +01:00
Ian Southam 54f5c53a20 Decided not at this stage to combine VPC and VR code 2015-03-16 11:38:06 +01:00
Hugo Trippaers 0afe0153a7 Fix tab characters 2015-03-16 11:38:06 +01:00
Ian Southam 2f8352bf96 Daft mistake that left more data getting merged than we would have liked 2015-03-16 11:38:06 +01:00
Hugo Trippaers 76d0669656 Avoid confusion and make sure the file is put in only one location 2015-03-16 11:38:06 +01:00
Hugo Trippaers 01acd3d8ec VR interfaces need the proper network type in ips 2015-03-16 11:38:05 +01:00
Hugo Trippaers 4632936733 We actually don't need all the process stuff 2015-03-16 11:38:05 +01:00
Hugo Trippaers a9c5f91223 Fix indents 2015-03-16 11:35:37 +01:00
Ian Southam ba4684d53d Updated incorrect file. 
This led to the file loading twice
 2015-03-16 11:35:37 +01:00
Ian Southam e30da35879 Interfaces were not coming up on non redundant router 2015-03-16 11:35:37 +01:00
Hugo Trippaers 4cfe2a32c0 Fix a few things introduced by the rebase 2015-03-16 11:35:35 +01:00
Ian Southam 55c008f569 Cockup during the adding of the Apache licence 2015-03-16 11:35:31 +01:00
Ian Southam f0b783bb11 Removed stuff that is moved to CsRedundant 2015-03-16 11:35:30 +01:00
Ian Southam 7b95b78223 backup fault and master implemented 
Some more refactoring to decluter the bin directory
New config class to carry around the log, command line and firewall data
 2015-03-16 11:35:29 +01:00
Ian Southam 8a2391336c Getting redundancy to work via teh configuration files 
Some refactoring to make class loading a little more logical
Removed fw global (does not persist accross modules)
Added first tests
Added command line call to set and disable redundancy
Added command line call to set master
 2015-03-16 11:35:29 +01:00
Ian Southam 093749eaae A start on the redundancy code 
This will not break anything but also will not work
 2015-03-16 11:35:29 +01:00
Ian Southam a01e9082cd New code for ACLs (VPN configuration) failed functional tests 
Some corrections
 2015-03-16 11:35:28 +01:00
Ian Southam f7d0a11a34 Process VPN requests\ 
No tests (yet)
 2015-03-16 11:35:28 +01:00
Ian Southam b95d8257a4 Merge operation for site2site vpn 2015-03-16 11:35:28 +01:00
Ian Southam 725c040d5c Added code to configure netusage for vpc and domR devices 
Removed code from existing scripts that does the same
Fixed some more issues with CsNetfilter
Added rsync for/etc/iptables in rsync
 2015-03-16 11:35:27 +01:00
Ian Southam 3cdaa55462 icmp-type parameter was being skipped 2015-03-16 11:35:27 +01:00
Ian Southam 2765a506dc Moved databag into a separate file 2015-03-16 11:35:26 +01:00
Ian Southam 733bc19eac Include base rule sets in Acls 
Also made some adjustments to the base rule sets to ensure my parsing routine works
 2015-03-16 11:35:26 +01:00
Hugo Trippaers a7338387c1 Sourcenat is handled differently for routers and vpc routers 2015-03-16 11:35:26 +01:00
Hugo Trippaers 576564e744 If a file doesn't exist, create it 2015-03-16 11:35:26 +01:00
Ian Southam 762e05ddee Bug fixed: 
Default drop rul for inbound chain gets dropped by CsNetFilter
This would have been bad (tm)
 2015-03-16 11:35:25 +01:00
Ian Southam 8b38bff962 A lot of corner cases dealt with 
Need now to expand the test data to ensure I have got them all
Also failure to match because bizarrely some strings were unicode and some not
 2015-03-16 11:35:25 +01:00
Ian Southam 5137d7e136 Removed dhcpopts.conf for now as, it is the routing options and they seem to be dealt with dofferently in the new arrangement 
Changed the dhcp tests to avoid handing out the broadcast and gateway addresses :)
 2015-03-16 11:35:25 +01:00
Hugo Trippaers f21b90a73e Add missing sourcenat rule 2015-03-16 11:35:25 +01:00
Hugo Trippaers 6d12d94e0c Add the public source nat rule 2015-03-16 11:35:24 +01:00
Hugo Trippaers 80a149abb7 Add port forwarding and static nat to the convergence infrastructure 2015-03-16 11:35:24 +01:00
Hugo Trippaers 8c5dba31d0 Fix the forwardingrule databag 2015-03-16 11:35:24 +01:00
Ian Southam 7fc3365459 Implemented delete (add : false) for cs_dhcp 
Added some tests to the test_update_config tests for dhcp entries
 2015-03-16 11:35:24 +01:00
Ian Southam e6e47de6ff Stupid stupd bug 
a or b is of course not the same as a | b
 2015-03-16 11:35:23 +01:00
Ian Southam c318bd6337 Corrected bug (I love tests) 
The dhcp server will only start listening after a host has been added
In this condition, HUP is not enough
Changed so that if it is adding a first host it will restart the server
 2015-03-16 11:35:23 +01:00
Ian Southam 0e8c79c7f1 That is the acls. 
Need to check the order stays good
 2015-03-16 11:35:23 +01:00
Hugo Trippaers f273fd4659 Add the static nat rules to the merge procedure 2015-03-16 11:35:23 +01:00
Hugo Trippaers a789e8bf57 Fix a bug that would add updated control ip address instead of replace 2015-03-16 11:35:22 +01:00
Ian Southam 8f4461567d That should be all the dhcp settings correct 
CsGuestNetwork moved out of configure
dnsmasq config all switched to CsDhcp
 2015-03-16 11:35:22 +01:00
Ian Southam b45c71ee31 Acl code linked in 
Dhcp code
Test file for dhcp entry
 2015-03-16 11:35:22 +01:00
Hugo Trippaers 683e660d60 Small (but important) fixes 2015-03-16 11:35:22 +01:00
Ian Southam 574fa2c0a0 Call update_config.py if it is there 2015-03-16 11:35:21 +01:00
Ian Southam 8abf1a22ab Auto create missing chains 
Auto delete superfluous rules
TO DO: Priorities
 2015-03-16 11:35:21 +01:00
Ian Southam 19fd0b4b57 Added logic to create all necessary firewall rules 
TODO:  Auto add chains
TODO:  Delete rules that should not be there
TODO: Deal with precidence
 2015-03-16 11:35:21 +01:00
Ian Southam cd0ad69281 Tidied up main to be in line with the newer classes 
Added a base classs CsDataBag which will autoload a given databag
 2015-03-16 11:35:21 +01:00
Ian Southam c6d99a45a2 First part of some serious refactoring 
The problem is that teh convergence model does not works as it currently is
Firewall rules will get added but not deleted

This builds a table of firewall rules that need to be present
The new CsNetfilter class will then do:
1.  Add rules that are not present
2.  Delete any that were not explicitly in the add list

WIP
 2015-03-16 11:35:21 +01:00
Hugo Trippaers e323d63867 Merge vmmetadata, reuse the code from the existing script to parse it. 2015-03-16 11:35:20 +01:00
Ian Southam 4527519081 Refactored CsHelper into a module 
Introduced CsNetfilter module/class
 2015-03-16 11:35:20 +01:00
Ian Southam 4e63119873 Moved processing the cmd_line databag into update 2015-03-16 11:35:20 +01:00
Ian Southam 3ea63ced68 Added merge for network_acl type message 2015-03-16 11:35:19 +01:00
Ian Southam fff3964332 Add catchall for unknown types 2015-03-16 11:35:19 +01:00
Hugo Trippaers 9ede758e4d Small update to try do deal with the stuck issue 2015-03-16 11:35:19 +01:00
Ian Southam 98a43d184b Fixed bug in which every run of loadQueueFile would append to the json file (merge) 
cloud-early-config now saves its input file to /var/cache/cloud
Execute load cmd_line.json in update_config
Old way of working still in there to stop and possible clash until the base image is made
 2015-03-16 11:35:19 +01:00
Ian Southam 680454dfdf Some bug fixes 
Some more tests
store vmpassword functionally working
Tests for store password
 2015-03-16 11:35:18 +01:00
Ian Southam 9d73879061 Fixed test (assert in guest check was wrong way around) 
Also found condition inw hich apache would be miscobfigured and failed to run (I love tests!!)
Fixed configure.py to cover this case
Added a test to provoke this case!
 2015-03-16 11:35:18 +01:00
Ian Southam 4c5f4a1f9f Added vmpassword type (does nothing yet) 
Fixed tests to use /var/cache/cloud
Added some test files but will remove them when tests are properly completed
Fixed a bug in configure that did not deal well with databags with empty dev sections
 2015-03-16 11:35:17 +01:00
Hugo Trippaers 6a016d5b54 Small fixes 2015-03-16 11:35:17 +01:00
Hugo Trippaers 85434f49b9 Hotfix for lost control interface 2015-03-16 11:35:17 +01:00
Hugo Trippaers 58919dcf50 Change the location for the temporary json files to /var/cache/cloud 2015-03-16 11:35:16 +01:00
Ian Southam ca2ff2946e Added some tests that test stuff 
Specifically checking whether certain ip addresses get added and deleted
Also a rudementary test for the guest network ip
Much more to do!!
 2015-03-16 11:35:16 +01:00
Ian Southam c428d60e6b Stop ignoring eth0 2015-03-16 11:35:15 +01:00
Ian Southam dd6b643ceb Do not use eth0 or eth1 for random tests 
One or other will be the control interface of the box
 2015-03-16 11:35:15 +01:00
Ian Southam cc5d72133e Removed chef as we will definitely not go this way 2015-03-16 11:35:14 +01:00
Ian Southam 6a7a832ef5 iDo not do the post configure steps on a control interface 2015-03-16 11:35:14 +01:00
Ian Southam 2aed586bfc Removed merge_cline - no longer required 
Added the last pieces of vpc guest network
password server and associated FW rules
Added apache2 config and start of server
Corrected a bug in CsFile
Fixed some of the many pyLint bleats
 2015-03-16 11:35:13 +01:00
Leo Simons 295e2caff0 Fix configure::waitForDevice when a device is missing. 
Was using non-existing 'ip' variable.
 2015-03-16 11:35:12 +01:00
Leo Simons cf4cdde291 Fix update_config.py use of subprocess. 2015-03-16 11:35:12 +01:00
Leo Simons 6244265de0 Fancy line editor for Ian 2015-03-16 11:35:11 +01:00
Ian Southam 05702ecd1a Added guest network configuration 
Added iptables config (adds but no deletes yet)
Apache config (VPC GN)
DNSMasq config (VPX GN)
 2015-03-16 11:35:10 +01:00
Ian Southam 666dc16e58 Moved bag location to /et/cloudstack 
Updated test script to also process command line
Added connmark stuff to merge
 2015-03-16 11:35:09 +01:00
Ian Southam 2a94ca69ce Added some lost lines back using Hugo witchcraft 2015-03-16 11:35:09 +01:00
Ian Southam ca4887d9cc Test data for ipassociation 
These files emulate commands coming from cloudstack itself
 2015-03-16 11:35:08 +01:00
Ian Southam c7c1f3202e Plan B 
Replace chef with a python script
configure.py will read the bags and (hopefully) create the desired state
At this stage this is ipassociation
This code should work for both VR and VPCrs

TODO:
iptables
ip route throw (present in VR but not in VPCr
Determine default route
Unit tests
 2015-03-16 11:35:08 +01:00
Ian Southam 3811b8dc90 Split Databag in to separate class as I would now need this 2015-03-16 11:35:06 +01:00
Ian Southam 3077eb925b Include the guestnetwork code 
This takes the guestnetwork object and also creates an ip object
 2015-03-16 11:35:06 +01:00
Ian Southam 9355dd7133 Corrected a hole in my logic 2015-03-16 11:35:05 +01:00
Ian Southam 0bf7d54722 1. Completed provider for ip rules (fwmark) 
2.  Added merge routine for guestnetwork config messages
3.  Updated test script
 2015-03-16 11:35:05 +01:00
Hugo Trippaers 583f177619 Disable cmdline check until it's fixed 2015-03-16 11:35:04 +01:00
Hugo Trippaers 0027db6cd1 Switch ip associations to new model and update the recipes 2015-03-16 11:35:04 +01:00
Ian Southam 0db157e58f Remove debug code 2015-03-16 11:35:04 +01:00
Ian Southam d868b0521b Correct small typo in error message 2015-03-16 11:35:03 +01:00
Ian Southam bcb760e1e2 Can now read the ips out of the cmdline databag (if present) 2015-03-16 11:35:03 +01:00
Ian Southam 0c8f8d945e Only ip_association files for now 2015-03-16 11:35:03 +01:00
Ian Southam bcbefb2833 Changed from camelCase to json_case 2015-03-16 11:35:03 +01:00
Ian Southam 54b21220db Use json naming standards instead of camelCase 2015-03-16 11:35:02 +01:00
Ian Southam 018b56385c Added cs_ip module 
Corrected syntax error in merge.py
 2015-03-16 11:35:02 +01:00
Ian Southam a357e12943 Add the Python bits 2015-03-16 11:35:02 +01:00
Ian Southam 72111c3399 Merged cookbooks from vpc branch 2015-03-16 11:35:01 +01:00
Hugo Trippaers b596be1a82 Add a placeholder for the trigger file 2015-03-16 11:35:00 +01:00
Hugo Trippaers 7afd50d65a This file isn't used, so remove it 2015-03-16 11:34:59 +01:00
Ian Southam 5b82e2059d Cherry-pick of 11c00977f77f45aa7b0c387dc88360eba0819e8a: 
----
Author:    Ian Southam <isoutham@schubergphilis.com>

First commit towards moving systemvm to chef based configuration
In this commit

1.  cmdline json databag is created
2.  ip association data bag is created
3.  Basic chef cookbook to manage ips and routes

Conflicts:
	systemvm/patches/debian/config/etc/init.d/cloud-early-config
	systemvm/patches/debian/config/var/chef/cookbooks/README
	tools/appliance/definitions/systemvm64template/postinstall.sh
----
Because we've refactored the systemvm template the change to
postinstall.sh now gets its own chef.sh file.
 2015-03-16 11:34:59 +01:00
Rohit Yadav 375e998eaf CLOUDSTACK-8272: Python based file-lock free password server implementation 
- VRs are single CPU, so Threading based implementation favoured than Forking based
- Implements a Python based password server that does not use file based locks
- Saving password mechanism is provided by using secure token only to VR (localhost)
- Old serve_password implementation is removed
- Runs with Python 2.6+ with no external dependencies
- Locks used within threads for extra safety

This closes #106

(cherry picked from commit 4b45d25152)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-12 13:57:49 +05:30
René Moser 47de4a12f4 systemvm: correct sftp subsystem path of debian wheezy 
This closes #104

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-10 10:15:05 +05:30
René Moser 37b4d9c308 systemvm: use Debian http redirector for apt repositories 
* No offline mirrors
* No out of date mirrors
* New mirrors are used
* Load-balancing
* Faster downloads (when APT is used, via parallel downloads)
* Great on mobility

Also see http://http.debian.net/ for more information.

This closes #103

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-10 10:11:08 +05:30
Rohit Yadav ebcad34d33 systemvm: avoid tcp responses with timestamp 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit f3f47f25ba)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-09 17:12:22 +05:30
Rohit Yadav 5256b0205a systemvm: have apache2 use secure SSL cipher suite 
Created using Mozilla's ssl config generator:
https://mozilla.github.io/server-side-tls/ssl-config-generator/

Intermediate setting was used, with apache version 2.2.22 and openssl 1.0.1e
Oldest compatible clients:
Firefox 1, Chrome 1, IE 7, Opera 5, Safari 1, Windows XP IE8, Android 2.3, Java 7

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit ab8f367850)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-03-09 12:45:06 +05:30
ramamurtis da1d8f9dce volume upload: fixed the UI after the change to move params to header. 
Signed-off-by: Rajani Karuturi <rajanikaruturi@gmail.com>
 2015-02-27 17:40:06 +05:30
Rajani Karuturi bc997f1acb volume upload: escape $1 in the rewrite rule 2015-02-17 11:34:18 +05:30
Jayapal 8414223a96 CLOUDSTACK-5494: Fixed dns is open to public in VR 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 81994cf443)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-02-06 15:31:13 +05:30
Rajani Karuturi e08522dbaa volume upload: adding the rewrite rules on start of cloud service 2015-01-29 16:55:30 +05:30
Rohit Yadav 664186f483 CLOUDSTACK-8160: use preferable protocols 
(cherry picked from commit debfcdef78)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2015-01-21 18:04:45 +05:30
Rajani Karuturi ebaa4dd38e volume upload: added httpcomponents server and removed nio server 
removing nio server as it is currently handling only https connections
and the parsing logic is also specific to agent communication.

current limitation of httpcomponents server is that the entire file is
read in memory. need figure out how to read it in chunks and send it
through a inputstreamreader to save on secondary storage.
 2015-01-16 17:15:14 +05:30
Rajani Karuturi 631e6e0088 volume upload: doing https redirect as NioServer handles only https 2015-01-13 10:43:21 +05:30
Rajani Karuturi 2c169bc02d volume-upload added a upload url redirect in apache conf 
rewrite engine is on only in the case fo SSVM
 2015-01-09 09:16:00 +05:30
Rohit Yadav aae393dcd5 CLOUDSTACK-7974: remove old hostname entry for a VM when adding a VM 
When adding a VM, it adds an entry to /etc/hosts file on the VR but does not
clear up any older entries for the VM with a same name. The fix uncomments the
command that removes any old entries in the VM.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 63298d9b74)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-12-10 18:25:22 +05:30
Remi Bergsma ef3b4bb4e3 made iptables for the VPN connection more secure 
Added destination and source definition. Flag -S can be used
to ignore this. It's the new default as it is more secure
and does not impact the way things work (backwords compatible).
 2014-12-08 19:06:55 +01:00
Remi Bergsma 7f33f7c396 prevent CloudStack from removing the VPN connection 
If connecting the VPN takes some time, for example because
the other end is not (yet) up, CloudStack will delete
the VPN because the ipsectunnel.sh does not return in time.
The VPN connection then enters the Error state.

This change makes sure ipsectunnel.sh returns in time,
and lets ipsec connect in the background. If it all fails,
the connection enters Disconnected.
 2014-12-08 19:00:59 +01:00
Remi Bergsma f8d718e3e3 add a flag -c whether or not to check the VPN on create 
Changed default to no, as the other side may not be up yet.
If this check fails, the VPN enters Error state and will not
work. It's safe to just let it connect on its own so it will
connect when it can.
 2014-12-08 18:59:16 +01:00
Remi Bergsma b95addd3ef starting the tunnel will make it keep trying until it connects 
Changed 'auto=add' to 'auto=start' to make sure the tunnel starts.
When both sides are there they will connect. This resolves the
issue that there is only a small time frame in which the VPN
would connect.
 2014-12-08 18:55:35 +01:00
Remi Bergsma 8b2563a216 renamed $leftgw to $leftnexthop to make clear what it does 2014-12-08 18:54:27 +01:00
Remi Bergsma 8b412ce194 remove biglock usage from ipsectunnel.sh 
Biglock breaks creating VPN's when other scripts run at the
same time that also use the same biglock. These other scripts
do nothing that could harm our deployment and even multiple
vpn's can safely be created simultaniously.
 2014-12-08 18:53:18 +01:00
Wei Zhou 4eedfe53fc CLOUDSTACK-2823: pass cmdline info to system vms for 30 times 2014-12-08 15:45:29 +01:00
Axel Delahaye f73ad2e8b3 console-proxy add support of AltGr key and FR azerty keyboard 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2014-12-08 18:05:43 +05:30
Rajani Karuturi 4722fa3de9 Merge branch '4.5' 
Conflicts:
	client/WEB-INF/classes/resources/messages_ja_JP.properties
	client/WEB-INF/classes/resources/messages_zh_CN.properties
	engine/orchestration/src/com/cloud/vm/VirtualMachineManagerImpl.java
	engine/schema/src/com/cloud/upgrade/DatabaseUpgradeChecker.java
	engine/schema/src/com/cloud/upgrade/dao/Upgrade442to450.java
	engine/storage/volume/src/org/apache/cloudstack/storage/volume/VolumeServiceImpl.java
	plugins/event-bus/rabbitmq/pom.xml
	plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
	server/src/com/cloud/storage/VolumeApiServiceImpl.java
	server/src/com/cloud/vm/UserVmManagerImpl.java
	setup/db/db/schema-442to450.sql
	test/integration/component/test_persistent_networks.py

This closes #53
 2014-12-08 15:27:53 +05:30
Jayapal 8f8e311110 CLOUDSTACK-8030: Updated router to come up egress default ALLOW 
On default iptables rules are updated to add ACCEPT egress traffic.
    If the network egress default policy is false, CS remove ACCEPT and adds the DROP rule which
    is egress default rule when there are no other egress rules.

    If the CS network egress default policy is true, CS won't configure any default rule for egress because
    router already came up to accept egress traffic. If there are already egress rules for network then the
    egress rules get applied on VR.

    For isolated network with out firewall service, VR default allows egress traffic (guestnetwork --> public network)
 2014-12-08 11:32:01 +05:30
Wei Zhou 18b230db74 Revert "Occasionally the while loop can exit with no data (Probably recieving an EOF) before receiveing CMDline data from the certial port. Continue looping until cmdline is populated" 
This reverts commit 83656a6ea8.

The systemvm/routers will reboot automatically if the systemvm.iso changes.
They will stuck during the startup due to this commit because the virtio-port are empty.
 2014-12-05 15:17:55 +01:00
Sheng Yang 3c9e14e85a CLOUDSTACK-5241: Remove Rot13 usage 2014-12-03 19:38:47 -08:00
Sheng Yang feeafa76a4 CLOUDSTACK-5241: Remove Rot13 cipher 2014-12-03 19:30:31 -08:00
Hugo Trippaers a72f14ea9c Ensure the response is a proper http response. 
Tested that cloud-set-guest-password.sh still works after this change.

Reviewed-by: Daan Hoogland <daan@onecht.net>
 2014-12-02 16:36:49 +01:00
vetrivelc 66e805cba9 Fixes: Hardcoded strings externalized from various JS files. 
Signed-off-by: vetrivelc <vetrivel.chinnasamy@citrix.com>
 2014-11-21 08:02:49 -08:00
David Bierce 83656a6ea8 Occasionally the while loop can exit with no data (Probably recieving an EOF) before receiveing CMDline data from the certial port. Continue looping until cmdline is populated 
Signed-off-by: Edison Su <sudison@gmail.com>
 2014-11-20 11:00:09 -08:00
David Bierce 50d756e87d Occasionally the while loop can exit with no data (Probably recieving an EOF) before receiveing CMDline data from the certial port. Continue looping until cmdline is populated 
Signed-off-by: Edison Su <sudison@gmail.com>
 2014-11-20 10:58:35 -08:00
Sheng Yang 50b262e02a CLOUDSTACK-7944: Ensure ipv6 is enabled in sysctl.conf 
The booting sequence result in change of IPv6 related sysctl options was
overrided by sysctl.conf which is loaded later.

So this patch would patch sysctl.conf in VR as well, ensure IPv6 would be
enabled during booting period otherwise the network setup may not work, result
in IPv6 VM deployment failure.
 2014-11-19 14:50:03 -08:00
Sheng Yang bb352da302 CLOUDSTACK-7944: Ensure ipv6 is enabled in sysctl.conf 
The booting sequence result in change of IPv6 related sysctl options was
overrided by sysctl.conf which is loaded later.

So this patch would patch sysctl.conf in VR as well, ensure IPv6 would be
enabled during booting period otherwise the network setup may not work, result
in IPv6 VM deployment failure.
 2014-11-19 14:49:18 -08:00
Sheng Yang fd03091c81 Revert "CLOUDSTACK-7821: Fix OSX cannot connect to VPN due to wrongly declaim ENCAPSULATION_MODE_UDP_TRANSPORT_RFC" 
This reverts commit e1c788ca3c.

This breaks Windows 7 client.
 2014-11-14 11:44:53 -08:00
Sheng Yang 2d3b3376e3 Revert "CLOUDSTACK-7821: Fix OSX cannot connect to VPN due to wrongly declaim ENCAPSULATION_MODE_UDP_TRANSPORT_RFC" 
This reverts commit e1c788ca3c.

It breaks Windows 7 client.
 2014-11-14 11:43:03 -08:00
Sanjay Tripathi 7f2219bcbb CLOUDSTACK-7904: EN-UK: CentOS 6.5 GUI: Key translation fails for some EN- UK keyboard keys. 2014-11-13 19:16:02 +05:30