mirror of https://github.com/apache/cloudstack.git
39 Commits
| Author | SHA1 | Message | Date |
|---|---|---|---|
Daan Hoogland
|
75db42bca6 | Merge branch '4.20' into 4.22 | |
Pearl Dsilva
|
ca5232778d
|
CKS: Use Zone MTUs when network is created at the time of CKS cluster creation (#12228) | |
Abhisar Sinha
|
a87c5c2b3a
|
Create new Instance from VM backup (#10140)
This feature adds the ability to create a new instance from a VM backup for dummy, NAS and Veeam backup providers. It works even if the original instance used to create the backup was expunged or unmanaged. There are two parts to this functionality: Saving all configuration details that the VM had at the time of taking the backup. And using them to create an instance from backup. Enabling a user to expunge/unmanage an instance that has backups. |
|
Harikrishna
|
cca8b2fef9
|
Extensions Framework & Orchestrate Anything (#9752)
The Extensions Framework in Apache CloudStack is designed to provide a flexible and standardised mechanism for integrating external systems and custom workflows into CloudStack’s orchestration process. By defining structured hook points during key operations—such as virtual machine deployment, resource preparation, and lifecycle events—the framework allows administrators and developers to extend CloudStack’s behaviour without modifying its core codebase. |
|
Nicolas Vazquez
|
6adfda2818
|
CKS Enhancements (#9102)
CKS Enhancements: * Ability to specify different compute or service offerings for different types of CKS cluster nodes – worker, master or etcd * Ability to use CKS ready custom templates for CKS cluster nodes * Add and Remove external nodes to and from a kubernetes cluster Co-authored-by: nvazquez <nicovazquez90@gmail.com> * Update remove node timeout global setting * CKS/NSX : Missing variables in worker nodes * CKS: Fix ISO attach logic * CKS: Fix ISO attach logic * address comment * Fix Port - Node mapping when cluster is scaled in the presence of external node(s) * CKS: Externalize control and worker node setup wait time and installation attempts * Fix logger * Add missing headers and fix end of line on files * CKS Mark Nodes for Manual Upgrade and Filter Nodes to add to CKS cluster from the same network * Add support to deploy CKS cluster nodes on hosts dedicated to a domain --------- Co-authored-by: Pearl Dsilva <pearl1594@gmail.com> * Support unstacked ETCD --------- Co-authored-by: nvazquez <nicovazquez90@gmail.com> * Fix CKS cluster scaling and minor UI improvement * Reuse k8s cluster public IP for etcd nodes and rename etcd nodes * Fix DNS resolver issue * Update UDP active monitor to ICMP * Add hypervisor type to CKS cluster creation to fix CKS cluster creation when External hosts added * Fix build * Fix logger * Modify hypervisor param description in the create CKS cluster API * CKS delete fails when external nodes are present * CKS delete fails when external nodes are present * address comment * Improve network rules cleanup on failure adding external nodes to CKS cluster * UI: Fix etcd template was not honoured * UI: Fix etcd template was not honoured * Refactor * CKS: Exclude etcd nodes when calculating port numbers * Fix network cleanup in case of CKS cluster failure * Externalize retries and inverval for NSX segment deletion * Fix CKS scaling when external node(s) present in the cluster * CKS: Fix port numbers displayed against ETCD nodes * Add node version details to every node of k8s cluster - as we now support manual upgrade * Add node version details to every node of k8s cluster - as we now support manual upgrade * update column name * CKS: Exclude etcd nodes when calculating port numbers * update param name * update param * UI: Fix CKS cluster creation templates listing for non admins * CKS: Prevent etcd node start port number to coincide with k8s cluster start port numbers * CKS: Set default kubernetes cluster node version to the kubernetes cluster version on upgrade * CKS: Set default kubernetes cluster node version to the kubernetes cluster version on upgrade * consolidate query * Fix upgrade logic --------- Co-authored-by: nvazquez <nicovazquez90@gmail.com> * Fix CKS cluster version upgrade * CKS: Fix etcd port numbers being skipped * Fix CKS cluster with etcd nodes on VPC * Move schema and upgrade for 4.20 * Fix logger * Fix after rebasing * Add support for using different CNI plugins with CKS * Add support for using different CNI plugins with CKS * remove unused import * Add UI support and list cni config API * necessary UI changes * add license * changes to support external cni * UI changes * Fix NPE on restarting VPC with additional public IPs * fix merge conflict * add asnumber to create k8s svc layer * support cni framework to use as-numbers * update code * condition to ignore undefined jinja template variables * CKS: Do not pass AS number when network ID is passed * Fix deletion of Userdata / CNI Configuration in projects * CKS: Add CNI configuration details to the response and UI * Explicit events for registering cni configuration * Add Delete cni configuration API * Fix CKS deployment when using VPC tiers with custom ACLs * Fix DNS list on VR * CKS: Use Network offering of the network passed during CKS cluster creation to get the AS number * CKS cluster with guest IP * Fix: Use control node guest IP as join IP for external nodes addition * Fix DNS resolver issue * Improve etcd indexing - start from 1 * CKS: Add external node to a CKS cluster deployed with etcd node(s) successfully * CKS: Add external node to a CKS cluster deployed with etcd node(s) successfully * simplify logic * Tweak setup-kube-system script for baremetal external nodes * Consider cordoned nodes while getting ready nodes * Fix CKS cluster scale calculations * Set token TTL to 0 (no expire) for external etcd * Fix missing quotes * Fix build * Revert PR 9133 * Add calico commands for ens35 interface * Address review comments: plan CKS cluster deployment based on the node type * Add qemu-guest-agent dependency for kvm based templates * Add marvin test for CKS clusters with different offerings per node type * Remove test tag * Add marvin test and fix update template for cks and since annotations * Fix marvin test for adding and removing external nodes * Fix since version on API params * Address review comments * Fix unit test * Address review comments * UI: Make CKS public templates visible to non-admins on CKS cluster creation * Fix linter * Fix merge error * Fix positional parameters on the create kubernetes ISO script and make the ETCD version optional * fix etcd port displayed * Further improvements to CKS (#118) * Multiple nics support on Ubuntu template * Multiple nics support on Ubuntu template * supports allocating IP to the nic when VM is added to another network - no delay * Add option to select DNS or VR IP as resolver on VPC creation * Add API param and UI to select option * Add column on vpc and pass the value on the databags for CsDhcp.py to fix accordingly * Externalize the CKS Configuration, so that end users can tweak the configuration before deploying the cluster * Add new directory to c8 packaging for CKS config * Remove k8s configuration from resources and make it configurable * Revert "Remove k8s configuration from resources and make it configurable" This reverts commit d5997033ebe4ba559e6478a64578b894f8e7d3db. * copy conf to mgmt server and consume them from there * Remove node from cluster * Add missing /opt/bin directory requrired by external nodes * Login to a specific Project view * add indents * Fix CKS HA clusters * Fix build --------- Co-authored-by: Nicolas Vazquez <nicovazquez90@gmail.com> * Add missing headers * Fix linter * Address more review comments * Fix unit test * Fix scaling case for the same offering * Revert "Login to a specific Project view" This reverts commit |
|
Wei Zhou
|
679ce1a639
|
feature: Dynamic and Static Routing (#9470)
This PR contains 3 features - IPv4 Static Routing (Routed mode) #9346 Design document: https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=306153967 - AS Numbers Management #9410 Design Document: https://cwiki.apache.org/confluence/display/CLOUDSTACK/BGP+AS+Numbers+Management - Dynamic routing Design Document: https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=315492858 - Document: https://github.com/apache/cloudstack-documentation/pull/419 Rename nsx mode to routing mode by ``` git grep -l nsx_mode |xargs sed -i "s/nsx_mode/routing_mode/g" git grep -l nsxmode |xargs sed -i "s/nsxmode/routingmode/g" git grep -l nsxMode |xargs sed -i "s/nsxMode/routingMode/g" git grep -l NsxMode |xargs sed -i "s/NsxMode/RoutingMode/g" ``` - re-organize sql changes - fix NPE as rules do not have public ip - fix missing destination cidr in ingress rules - disable network usage for routed network - fix DB exception as network_id is -1 during network creation - apply ingress/egress routing rules - VR changes to configure nft rules for isolated network - VR: setup nft rule for control network - VR: flush all iptables rules - fix NPE which is because ingress rules do not have public ip associated - fix dest cidr is missing in nft tables - add ip4 routing and ip4 routes to list network and list vpc response - fix ingress rule is missing when vr is restarted - fix icmp types in nft rules - add tab to manage routing firewall rules - fix ingress rules are not applied when VR is restarted - add default rules in FORWARD chain - fix create vpc offerings - fix public ip is not assigned to vpc - fix network offering is not listed when create vpc tier - add is_routing to boot args of vpc vr - remove table ip4_firewall in vpc vr - release or remove subnet when remove a network - implemenent fw_vpcrouter_routing - fix wrong ip familty when flush ipv4 rules - fix acl rules are not applied due to wrong version (should be 6 which means ip6 rules are removed) - add default rules for vpc tiers so that tcp connections (e.g. ssh) work - append policy rules after default rules - remove /usr/local/cloud/systemvm/ in routers - throw an exception when allocate subnet with cidrsize - fix some TODOs - add new parameters to update API - return type Ipv4GuestSubnetNetworkMap when get or create subnet - fix firewall rules are broken - add domain_id and account_id to db - add domain/account/project to ipv4 subnet response - create ipv4 subnet for domain/account/project - check conflict when update ipv4 subnet - ui changes - add parent subnet to response - add list for ipv4 subnet - implement some methods - fix list subnets for guest networks by zoneid - UI changes - fix delete ipv4 subnet for network - fix ipv4 subnet is set to zone guest network cidr if cidrsize is specified - add zone info to response if parent subnet is null but network is not - fix gateway/cidr is not set when create network with cidrsize - fix order of nft rules in the VRs * Routed v24 - add classes in marvin base.py * Routed v25 - add test_01_subnet_zone - fix dedicate to domain/account failure - list subnets for network by keyword and subnet * Routed v26: implement subnet auto-allocation - add utils for split ip ranges into small subnets - add utils to get start/end ip of a cidr - implement subnet auto-generation - add global settings * Routed 27: add subnet for VPC - add db column for vpc_id - add db record for vpc - remove db record when delete a vpc - add checkConflicts methods - remove duplicated settings - check ipv4 cidr when create subnet * Routed v28: update smoke tests - update test_ipv4_routing.py - search subnets by networkid * Routed 29: fix vpc and add more tests - fix createnetwork in vpc - add vpc id/name to response - fix zone id/name are not displayed in some cases - add smoke test for vpc - add smoke tests for failed cases - add smoke test for connectivity checks - marvin: add "-q" to ssh command * Routed 31: ui and smoke tests - UI: add link to network in list view - add nftables rules check in VRs * Routed 32: add chain OUTPUT and more rules - fix the issue 80/443/8080 is not reachable from VR itself ``` 2024-06-27 10:21:52,121 INFO Executing: systemctl start cloud-password-server@172.31.1.1 2024-06-27 10:21:52,128 INFO Service cloud-password-server@172.31.1.1 start 2024-06-27 10:21:52,129 INFO Executing: ps aux 2024-06-27 10:24:02,175 ERROR Failed to update password server due to: <urlopen error [Errno 110] Connection timed out> ``` * Routed: fix dns search from VMs in Isolated networks * Routed: fix VPC dns issue due to gateway IP is missing in cloud.conf This is caused by NSX integration, and fixed by https://github.com/apache/cloudstack/pull/9102/ * Routed: rename routing_mode to network_mode * Routed: replace centos5.5 template in smoke test as dhclient does not work in the vms // this does not work refer to https://dominikrys.com/posts/disable-udp-checksum-validation/#ignoring-udp-checksums-with-nftables and https://forum.openwrt.org/t/udp-checksum-with-nftables/161522/11 the vm should have checksum offloading disabled * Routed: fix smoke test due to wrong cidrlist of egress rules and missing ingress rule from VR * PR 9346: fix lint error schema-41910to42000.sql * PR 9346: ui polish v1 * PR 9346: create VPC with cidrsize * Routed: fix test failures with test_network_ipv6 and test_vpc_ipv6 due to 'ssh -q' * Routed: fix /usr/local/cloud/systemvm/ are removed after SSVM/CPVM reboot * Routed: fix IP of additional nics of VPC VR is not gateway * PR 9346: fix cidrsize check when create VPC with cidrsize * Routed: fix test/integration/smoke/test_ipv4_routing.py:279:16: E713 test for membership should be 'not in' * PR9346: fix/Update api * PR 9346: set response object name * PR9346: UI refactor and small fixes * PR9346: change return type of getNetworkMode * PR9346: move IPv4 subnet to seperated tab * PR9346: revert IpRangesTabGuest.vue back to original * PR9346: fix remove ipv4 subnet on UI * PR9346: fix test_ipv4_routing.py * AS Number Range Management * Create AS Number Range for a Zone * Fix build * Add ListASNRange and fix create ASN range * Add List AS numbers * Add UI for AS Numbers * Fix UI and filter AS Numbers * Add AS Number on Isolated network creation and refactor UI and response * Release AS Number * Add network offering new columns * Add UI support to view and add AS number and configure network offering * Automatically assign AS Number if not specify AS number * update variable name * Fix routing mode check * UI: Only allow selecting AS number when routing mode is Dynamic and specifyAsNumber is true * UI: Only pass AS number when supported by the network offering * Release AS number on network deletion * Add deleteASNRange command (#81) * API: List ASNumbers by asnumber (#83) --------- Co-authored-by: Pearl Dsilva <pearl1594@gmail.com> * AS number management extensions * Support AS number on VPC tier creation based on the offering * Fix delete AS Range * Fix UI values * UI: Minor fix for releasing AS number * UI: Move management of AS Range to Zone details view * Fix specify_as_number column in network_offering table to set the default false * Add events for AS number operations * Allow users to list AS Numbers and fix network form for Normal users * Add AS number details to list networks response * Fix Allocated time format * Fix Allocated time format * support in details view too * Fix: Do not release AS number if acquired network requires AS number * Fix: Do not release AS number if acquired network requires AS number * Fix typo * Fix allocated release * Fix event type * UI: Add Routing mode and Specify AS to the network offering details * UI: Add Routing mode and Specify AS to the network offering details * Address comment * Fix release AS number of network deletion * Fix release AS number of network deletion * Fix * Restore release to its place based on the boolean * Rename boolean * API: Add networkId as listASNumber parameter * Add Network name to the search view filter for AS numbers * Present allocated time in human readable format - Pubilc IP / AS Numbers * Add account / domain filter for AS numbers * Add support for AS numbers on VPC offerings * Refactor AS number allocation to VPC and non VPC isolated networks * Checkstyle * Add support for AS numbers on VPC offerings * extend vpc offering view and vpcoffering response * merge https://github.com/shapeblue/cloudstack-playtika/pull/115 and change network_id of as_numbers to include vpc_id * Display AS number of VPC tiers as the AS number of the VPC * extend asnumber response and ui support * improve UI and as number response to view VPC details * List only dynamic offerings for vpc tiers with specify as numbers * Fix release AS number * Fix AS number displayed as 0 when no AS number assigned * Fix VPC offering creation without specify AS --------- Co-authored-by: nvazquez <nicovazquez90@gmail.com> * Fix release AS number on VPC deletion * Update server/src/main/java/com/cloud/dc/BGPServiceImpl.java * Update server/src/main/java/com/cloud/dc/BGPServiceImpl.java * Fix missing column on asnumber table * Fix listASNumbers API to support vpcid and obtain AS number from vpc for tiers * Prevent listing 0 AS number for VPC * Fix create Isolated Network form * Update server/src/main/java/com/cloud/network/vpc/VpcManagerImpl.java * Update server/src/main/java/com/cloud/network/vpc/VpcManagerImpl.java * Dynamic: move routingmode/specifyasn after networkmode in AddNetworkOffering.vue on UI * Dynamic: fix ip4routing in network response * Dynamic/systemvm: add FRR to systemvm template * Dynamic: BGP peers (DB,VO,Dao) * Dynamic: BGP peers (VR/server) * Dynamic: v3 - remove BgpPeer class - fix vpc vr has bgp peers of only 1 tier - rename ip4_cidr to guest_ip4_cidr - rename ip6_cidr to guest_ip6_cidr - generate /etc/frr/frr.conf - apply BGP peers on Dynamic-Routed network even if there is no BGP peers * Dynamic v4: fix vpc vr - fix duplicated guest cidr in frr.conf in vpc vr todo - restart frr / reload frr (reload will cause bgp session to Policy state) - apis for bgp peers - assign/release bgp peer from/to network * Dynamic v5: add apis for bgp peers * Dynamic v6: fix bugs - set response object name - remove required as number when update - fix checks when update - allow regular users to list bgp peers * Dynamic v7: move apis to bgp sub-dir * Dynamic v8: add tab for manage BGP peers on UI * Dynamic v9: fix update bgp with same config * Dynamiv v10: add changeBgpPeersForNetworkCmd * Dynamic v11: create network with bgppeerids - create network with bgppeerids - add marvin classes - add smoke tests - remove uuid from bgp_peer_network_map - fix created/removed in bgp_peer_network_map - remove bgppeers when remove a network - UI: fix delete bgp peer * Dynamic v12: add test for vpc tiers * Dynamic v13: bug fixes - fix change BGP peers for network in Allocated state - fix listing network returns removed record - fix all vpc tiers have the same settings - remove BGP peers as part of network removal - remove FRR settings for vpc tiers without any BGP peers - UI: fix no error msg when change BGP peers * Dynamic v14: assign BGP Peers for VPC instead of VPC tiers - create vpc with bgppeerids - do not allow create/update vpc tier with bgppeerids - apply all bgp peers when create/delete a vpc tier - UI: change bgp peers for vpc - test: update tests on vpc * Dynamic: fix build errors after merging as number PR * Dynamic: fix TODOs * Dynamic: fix smoke test on VPC * Allow creation of networks by users with as numbers * Address review comments * Move BGPService to bgp package and inject it on BaseCmd * Revert changes for CKS and address more comments * Display left side menu option for AS number only for root admin * Dynamic: create/update BGP peer with details refer to https://docs.frrouting.org/en/latest/bgp.html * Dynamic: fix build error and remove access to ListBgpPeers cmd for regular users * Dynamic: assign all zone BGP peers to user networks * Dynamic: show BGP peer info of networks only for root admin * AS number: disable specifyasnumber for non-NSX offerings * Dynamic: pass bgppeer details to command and fix typo with ip6 addr * Dynamic: list BGP peers by isdedicated, and fix change bgppeers for network/vpc * Dynamic: add UI labels * Dynamic: add bgp peers to vpc response * Dynamic: list bgp peers by keyword, fix list by asnumber * Dynamic: fix list bgppeers by keyword and db schema * Dynamic: fix list bgppeers do not return dedicated peers * Dynamic: update UI when create network/vpc offering * Update server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java Co-authored-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * Update tools/marvin/setup.py * Dynamic: network mode must be same when update a network with new offering * Dynamic: add method networkModel.isAnyServiceSupportedInNetwork * Dynamic: rename APIs and classes * Dynamic: fix unit tests due to previous changes * Dynamic: validateNetworkCidrSize when auto-create subnet * Dynamic: check AS number overlap * Dynamic: add ActionEvent * Dynamic: small code optimization * Dynamic: fix ui bugs after api rename * Dynamic: add marvin and test for ASN ranges and AS numbers * Dynamic: add account setting use.system.bgp.peers also - change the default value of routed.ipv4.vpc.max.cidr.size and routed.ipv4.vpc.min.cidr.size - change the category of settings * static: fix ui error when delete zone ipv4 subnets * static: small UI polish * Dynamic: throw exception when as number is required but not passed * Dynamic: fix typo when create FRR directory which causes network deletion failures * Dynamic: connect to ALL (or ALL dedicated) BGP peers if no BGP peer mapping for the network/vpc * Dynamic: throw exception when as number is required for VPC but not passed * Dynamic: list bgp peers by useSystemBgpPeers * Dynamic: fix frr config in VPC VR when change bgp peers * Dynamic: create frr config even if there is no VPC tiers * Dynamic: list bgp peers by zoneid (required for account) and account * Dynamic: only apply FRR config for vpc tiers with dynamic routing * Dynamic: donot send commands to router if commands size is 0 * Dynamic: fix 'new IPv6 address is not valid' when update bgp peer without IPv6 * Dynamic: throw exception if fail to allocate AS number when create network/vpc with dynamic routing * Dynamic: enable ipv6 unicast and 'ip nht resolve-via-default' * Dynamic: delete network/vpc if fail to allocate AS number when create network/vpc with dynamic routing * test: add unit tests for ASN APIs * test: add unit tests for core module * test: add unit tests for API responses * test: add unit tests for BgpPeerTO * test: add minor changes * test: add tests for create/delete/update/list RoutingFirewallRuleCmd * Static: show ip4 routes for vpc tiers * test: fix smoke test failure caused by type change of as number * test: add test for Ipv4SubnetForZoneCmd * test: add test for Ipv4SubnetForGuestNetworkCmd and BgpPeerCmd * UI: do not show redundant router when network mode is ROUTED as RVR is not supported * UI: hide 'Conserve mode' when networkmode is ROUTED * test: add unit tests for ListASNumbersCmdTest * Static: remove allocated IPv4 subnet when delete a network or vpc * test: add unit tests for BgpPeersRules * Dynamic: set ipv4routing from network offering * server: list as numbers and ipv4 subnets by keyword * server: remove dedicated bgp peers and ipv4 subnets when delete an account or domain * server: fix dedicated ipv4 subnet is allocated to other accounts * UI: fix allocated time format * server: ignore project is projectid is -1 so bgppeers/ipv4subnets works in project view * UI: add project column to bgp peers and ipv4 subnets * server: fix list AS numbers by domain admin or normal user * server: fix network creation when ipv4 subnet is dedicated * UI: polish network.js * Dynamic: fix frr config for ipv6 routing * Static routing: support cks cluster * Static: get/create IPv4 subnet from dedicated subnets at first * Dynamic: add BGP peers tab * Static: remove redundant loops * api: add since to api and response * server: add unit tests --------- Co-authored-by: Nicolas Vazquez <nicovazquez90@gmail.com> Co-authored-by: Pearl Dsilva <pearl1594@gmail.com> Co-authored-by: Harikrishna Patnala <harikrishna.patnala@gmail.com> Co-authored-by: Abhishek Kumar <abhishek.mrt22@gmail.com> Co-authored-by: Rohit Yadav <rohit.yadav@shapeblue.com> |
|
Vishesh
|
bc28665679
|
Add support for network data in Config Drive (#9329) | |
Abhishek Kumar
|
3e6900ac1a
|
api,server: purge expunged resources (#8999)
This PR introduces the functionality of purging removed DB entries for CloudStack entities (currently only for VirtualMachine). There would be three mechanisms for purging removed resources:
Background task - CloudStack will run a background task which runs at a defined interval. Other parameters for this task can be controlled with new global settings.
API - New admin-only API purgeExpungedResources. It will allow passing the following parameters - resourcetype, batchsize, startdate, enddate. Currently, API is not supported in the UI.
Config for service offering. Service offerings can be created with purgeresources parameter which would allow purging resources immediately on expunge.
Following new global settings have been added:
expunged.resources.purge.enabled: Default: false. Whether to run a background task to purge the expunged resources
expunged.resources.purge.resources: Default: (empty). A comma-separated list of resource types that will be considered by the background task to purge the expunged resources. Currently only VirtualMachine is supported. An empty "value will result in considering all resource types for purging
expunged.resources.purge.interval: Default: 86400. Interval (in seconds) for the background task to purge the expunged resources
expunged.resources.purge.delay: Default: 300. Initial delay (in seconds) to start the background task to purge the expunged resources task.
expunged.resources.purge.batch.size: Default: 50. Batch size to be used during expunged resources purging.
expunged.resources.purge.start.time: Default: (empty). Start time to be used by the background task to purge the expunged resources. Use format yyyy-MM-dd or yyyy-MM-dd HH:mm:ss.
expunged.resources.purge.keep.past.days: Default: 30. The number of days in the past from the execution time of the background task to purge the expunged resources for which the expunged resources must not be purged. To enable purging expunged resource till the execution of the background task, set the value to zero.
expunged.resource.purge.job.delay: Default: 180. Delay (in seconds) to execute the purging of an expunged resource initiated by the configuration in the offering. Minimum value should be 180 seconds and if a lower value is set then the minimum value will be used.
Documentation PR: apache/cloudstack-documentation#397
Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
Co-authored-by: Wei Zhou <weizhou@apache.org>
Co-authored-by: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
|
|
Daan Hoogland
|
cb9b3134f7 | Merge branch '4.19' | |
|
Abhishek Kumar
|
ce9b2c52f3
|
cks: fix events (#9070)
Fixes #8043 Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> |
|
|
Pearl Dsilva
|
6dc3d06037
|
NSX integration (#7919)
* NSX integration - skeletal code * Fix module not loading on startup * add upgrade path and daos \n add nsx controller command * add support for adding and listing nsx provider to a zone * add license * add default VPC offering and update upgrade path * add global setting to enable nsx plugin * add delete nsx controller operation * add nsxresource * add NSX resource , api client, create tier1 gw * update db * update response and add license * Add support to create and delete nsx tier-1 gateway * add license * cleanup and add skeletal code for network creation * add create/delete segment and UI integration * add license * address code smells - part 1 * fix test / build failure * NSX integration - skeletal code * Fix module not loading on startup * add upgrade path and daos \n add nsx controller command * add support for adding and listing nsx provider to a zone * add license * add default VPC offering and update upgrade path * add global setting to enable nsx plugin * add delete nsx controller operation * add nsxresource * add NSX resource , api client, create tier1 gw * update db * update response and add license * Add support to create and delete nsx tier-1 gateway * add license * cleanup and add skeletal code for network creation * add create/delete segment and UI integration * add license * address code smells - part 1 * fix test / build failure * add ui changes + update nsx_provider table transport zones + use NSX broadcast domain for add nics to router * ui: fix password field, and backend changes * add route advertisement * update offering * update offering * add sleep before deletion of vpc / tier g/w for ports to be removed * move creation of segments to design phase * change provider to VPC router for Dhcp & dns service in an nsx offering * Add public nic for NSX * reserve first IP (after g/w) of subnet for router nic - NSX * revert reserving 1st IP in vpc segments * [NSX] Create a DHCP relay and add it to a VPC tier segment (#107) * Create DHCP relay command and execute request * In progress integrate with networking * Create DHCP relay config on the network VR allocation * Revert domain router dao changes * Create DHCP relay con VR nic plug to NSX network * Link DHCP relay config to segment after creation * [NSX] Cleanup DHCP Relay config on segment deletion (#108) * Cleanup DHCP Relay config on segment deletion * update segment & relay name generators and call delete dhcprelay after deletion of segment * address comment * [NSX] Fix DHCP relay config deletion was missing zone name (#8068) * [NSX] Refactor API wrapper operations (#8059) * [NSX] Refactor API wrapper operations * Big refactor * Address review comment * change network cidr to cidr to prevent NPE * add domain and zone names to the various networks - vpc & tier --------- Co-authored-by: Pearl Dsilva <pearl1594@gmail.com> * Nsx unit tests (#8090) * Add tests * add test for NsxGuestNetworkGuru * add unit tests for NsxResource * add unti tests for NsxElement * cleanup * [NSX] Refactor API wrapper operations * update tests * update tests - add nsxProviderServiceImpl test * add unit test - NsxServiceImpl * add license * Big refactor * Address review comment * change network cidr to cidr to prevent NPE * add domain and zone names to the various networks - vpc & tier * fix tests --------- Co-authored-by: nvazquez <nicovazquez90@gmail.com> * modify NSX resource naming convention (#8095) * modify NSX resource naming convention * remove unused imports * add a setup phase between desgin and implementation of a network for intermediary steps * add method to all classes * NSX: Refactor Network & VPC offering (#8110) * [NSX] Refactor API wrapper operations * Network offering changes for NSX * fix services and provider combination * address comments: rename param * update nsx_mode parameter --------- Co-authored-by: nvazquez <nicovazquez90@gmail.com> * fix test * [NSX] Allow NSX isolated networks (#8132) * Add network offerings for NSX on isolated networks * Fix offerings creation * In progress NSX isolated network * Fixes * Fix NIC allocation to router * NSX: Add Step for Adding Public traffic network for NSX During zone creation (#8126) * NSX: Add Step for Adding Public traffic network for NSX * address comments and cleanup * address comment * remove indent * NSX: Create and Delete static NAT & Port forward rules (#8131) * NSX: Create and delete NSX Static Nat rules * fix issues with static nat * add static nat * Support to add and delete Port forward rules * add license * fix adding multiple pf rules * cleanup * fix lint check * fix smoke tests * fix smoke tests * Nsx add lb rule (#8161) * NSX: Create and delete NSX Static Nat rules * fix issues with static nat * add static nat * Support to add and delete Port forward rules * add license * fix adding multiple pf rules * cleanup * NSX: Add support to create and delete Load balancer rules * fix deletion of lb rules * add header file and update protocol detail * build failure fix * [NSX] Add SNAT support (#8100) * In progress add source NAT * Fix after merge * Fix tests * Fix NPE on isolated network deletion * Reserve source NAT IP when its not passed for NSX VPC * Create source NAT rule on VR NIC allocation * Fix update VPC and remove VPC to update and remove SNAT rule * Fix packaging * Address review comment * Fix build * fix build - unused import * Add defensive checks * Add missing design to NSX public guru --------- Co-authored-by: Pearl Dsilva <pearl1594@gmail.com> * NSX: Fix VR public NIC allocation (#8166) * NSX: fix LB member addition and deletion and add defensive checks (#8167) * Fix public NIC NPE on broadcast URI * NSX: Router Public nic to get IP from systemVM Ip range (#8172) * NSX: Router Public nic to get IP from systemVM Ip range * Fix VR IP address and setSourceNatIp command * NSX: hide systemVM reserved IP range SourceNAT * fix test --------- Co-authored-by: nvazquez <nicovazquez90@gmail.com> * fix test failure * test failure fix * [NSX] Fix update source NAT IP (#8176) * [NSX] Fix update source NAT IP * Fix startup * Fix API result * NSX - add LB route Advertizement (#8192) * [NSX] Add ACL types support (#8224) * NSX: Create segment group on segment creation * Add unit tests * Remove group for segment before removing segment * Create Distributed Firewall rules * Remove distributed firewall policy on segment deletion * Fix policy rule ID and add more unit tests * Fix DROP action rules and transform tests * Add new ACL rules * Fixes * associate security policies with groups and not to DFW and add deletion of rules * Fix name convention --------- Co-authored-by: Pearl Dsilva <pearl1594@gmail.com> * NSX: Fix creation of VPCs (#8320) * Fix ACL rules creation (#8323) * [NSX] Fix database views (#8325) * NSX: Add CKS Support & Firewall rules for Isolated Networks (#8189) * NSX: Add ALL LB IP to the list of route advertisements in tier1 * NSX: Support Source NAT on NSX Isolated networks * NSX: Cks Support * NSX: Create segment group on segment creation * Add unit tests * Remove group for segment before removing segment * Create Distributed Firewall rules * Remove distributed firewall policy on segment deletion * Fix policy rule ID and add more unit tests * Add support for routed NSX Isolated networks \n and non RFC 1918 compliant IPs * Add support for routed NSX Isolated networks \n and non RFC 1918 compliant IPs * Add Firewall rules * build failure - fix unit test * fix npes * Add support to delete firewall rules * update nsx cks offering * add license * update order of ports in PF & FW rules * fix filter for getting transport zones * CKS support changed - MTU updated, etc * add LB for CKS on VPC * address comments * adapt upstream cks logic for vpc * rever mtu hack * update UI changes as per upstream fix * change display test for CKS n/w offerings for isolated and VPC tiers * add extra line for linter * address comment * revert list change --------- Co-authored-by: nvazquez <nicovazquez90@gmail.com> * fix ui build failure * [NSX] Address SonarCloud Bugs (#8341) * [NSX] Address SonarCloud Bugs * Fix NSX API connection issues * NSX: Add unit tests to increase coverage (#8355) * NSX: Add unit tests * cleanup unused imports * add more unit tests * add tests for publicnsxnetworkguru * add license * fix build failures * address sonar comment * fix security hotspots * NSX: Add more unit tests (#8381) * NSX : Unit tests * remove unused imports * remove unused import causing build failure * fix build failures due to unused imports * fix build failure * fix test assertion * remove unused imports * remove unused import * Nsx UI zone bug (#8398) * NSX: Attempt to fix NSX Zone creation bug for public networks * fix zone wizard public traffic issue * add proper filtering of offerings based on VPC nsx mode * clean up console logs * NSX: Fix code smells and reported bugs (#8409) * NSX: Fix code smells and reported bugs * fox override issue * remove unused imports * fix test * refactor code to reduce complexity * add lisence * cleanup * fix build failure * fix build failure * address comments * test - add config to ignore certain files from test coverage * test exclusion of classes from test cov * rever pom changes * [NSX] Add more unit tests (#8431) * [NSX] Add more unit tests * More tests * Fix build errors * NSX: Prevent creation of L2 and Shared networks for NSX (#8463) * NSX: Prevent creation of L2 and Shared networks for NSX * add checks to backend to prevent creation of l2 and shared networks in nsx zones and filter only nsx offerings when creating isolated networks * cleanup * NSX: Fix code smells (#8436) * NSX: Fix code smells * Add changes to service creation logic * CKS: Add action to during firewall rule creation (#8498) * NSX,UI: Deduplicate network list when creating kubernetes clusters (#8513) * NSX: Make LB service selectable in network offering (#8512) * NSX: Make LB service selectable in network offering * fix label * address comments * address comments * NSX: Add appropriate error message when icmp type is set to -1 for NSX (#8504) * NSX: Add appropriate error message when icmp type is set to -1 for NSX * address comments * update text * fix test * fix test - build failure * fix test - build failure * NSX: Cleanup NSX resources during k8s cluster cleanup (#8528) * fix test failure * NSX: Improve segment deletion process (#8538) * NSX: Add passive monitor for NSX LB to test whether a server is available (#8533) * NSX: Add passive monitor for NSX LB to test whether a server is available * Add active monitors too * fix build failure * NSX: Add check for ICMP code / type for NSX zones (#8542) * NSX: Fix Routed Mode for Isolated and VPC networks (#8534) * NSX: Fix Routed Mode for Isolated and VPC networks * NSX: Fix Routed mode - add checks for ports added for FW rules * clean up code * fix build failure * NSX: Add retry logic with sleep to delete segments (#8554) * NSX: Add retry logic with sleep to delete segments * add logs * NSX: Fix custom ACL check (#2) * NSX: Fix custom ACL check * NSX: Fix custom ACL check * Nsx vpc routed mode (#5) * NSX: Fix VPC routed mode * NSX: VPC route mode * remove unnecessary changes * Nsx: Support internal LB (#4) * NSX: Support internal LB service in NSX * add lb removal logic * Fix UI issue hiding internal LB tab * Refactor method name --------- Co-authored-by: nvazquez <nicovazquez90@gmail.com> * NSX: Improve NSX resource cleanup process (#3) * Fix unit test * NSX: Add SourceNAT service to the default Routed offering for VPC (#13) * Fix VPC restart with cleanup (#12) * NSX: Fix ACL rule removal on replacement and fix rule order (#11) * NSX: fix smoke test failure for ACLs (#9) * Fix unit tests * Fix NSX plugin pom XML * NSX: Add support to re-order ACL rules (NSX FW rules) (#14) * [WIP] NSX: Add support to re-order ACL rules (NSX FW rules) * fix reordering of acl rules on all networks that it is associated to * clean up and attempt test fix * Fix tests * Remove unused import * tweak reorder logic --------- Co-authored-by: nvazquez <nicovazquez90@gmail.com> * Fix zone creation issue for internal load balancer * Fix * Fix unit test * fix logger * fix logger * fix logger * NSX: Fix VPC form to ignore source NAT IP when creating VPCs and fix label * Move SQL changes to the newest schema file * NSX: Last Fixes * Fix build --------- Co-authored-by: nvazquez <nicovazquez90@gmail.com> |
|
João Jandre
|
49cecaed06
|
Normalize loggers and upgrade log4j 1.2 to log4j 2.19 (#7131)
* Normalize logs All classes that could have their loggers inherited from their fathers had their own loggers deleted; Most loggers didn't have to be static, so most of them were normalized so that they wouldn't be; All loggers are protected now; Static logger's name are now 'LOGGER'; Non-static logger's name are now 'logger'; New class DbUpgradeAbstractImpl created so that all Upgraders extend it and inherit its logger * Upgrade log4j * fix errors caused by the merge * Refactor cglibThrowableRenderer functionality to log4j2 and upgrade the last configuration files * fix sonarcloud bug * Fix errors caused by merge, remove some unused loggers, and rename a variable that was mistakenly renamed on the normalization commit * Readd snmpTrapAppender, remove TestAppender * Regenerate changes * regenerate changes * refactor last custom appender * fix systemvm configuration xml * Regenerate changes * Regenerate changes * regenerate changes * Regenerate changes * regenerate changes * regenerate changes * regenerate changes * Fix utils pom * fix some tests * regenerate changes * Fix jar being printed on exception * fix logging in system VMs, fix commands not having log4j2 classpath. * regenerate changes * Fix some unwanted renomeations * fix end of file * regenerate changes * regenerate changes * fix merge error * regenerate changes * fix tests * regenerate changes * regenerate changes * regenerate changes * regenerate changes * regenerate changes * regenerate changes * regenerate changes * readd reload4j to tungsten as juniper depends on it * Regenerate changes * regenerate changes * regenerate changes * regenerate changes * regenerate changes * re-add reload4j dependency to network-contrail, as juniper depends on it * regenerate changes * regenerate changes * regenerate changes * fix typo * regenerate changes * regenerate changes * Fix end of files * regenerate changes * add logj42 to cloud-utils-SHADED.jar * regenerate changes * regenerate changes * regenerate changes * regenerate changes * regenerate changes * regenerate changes * regenerate changes * regenerate changes * Regenerate changes * Regenerate changes * Regenerate changes * regenerate changes * Regenerate changes * regenerate changes * Regenerate changes * Regenerate changes * Regenerate changes * regenerate changes * Regenerate changes * Regenerate changes * fix some tests * Regenerate changes * Regenerate changes * fix test * Regenerate changes * Regenerate changes |
|
kishankavala
|
80bbb29abf
|
CleanUp Async Jobs after mgmt server maintenance (#8394)
This PR fixes moves resources stuck in transition state during async job cleanup Problem: During maintenance of the management server, other servers in the cluster or the same server after a restart initiate async job cleanup. However, this process leaves resources in a transitional state. The only recovery option currently available is to make direct database changes. Solution: This PR introduces a resolution by changing Volume, Virtual Machine, and Network resources from their transitional states. This adjustment enables the reattempt of failed operations without the need for manual database modifications. |
|
|
Nicolas Vazquez
|
b8d3e342be
|
Fix KVM import unmanaged instances on basic zone (#8465)
This PR fixes import unmanaged instances on KVM basic zones, on top of #8433 Fixes: #8439: point 1 |
|
|
Abhisar Sinha
|
5c7e4b7edc
|
api: add ipaddress argument to disassociateIPAddress (#8222)
This PR adds argument 'ipadress' to the disassociateIpAddress api. IP address can be disassociated by directly giving the address instead of ID. Fixes: #8125 |
|
Bryan Lima
|
1f29f6f040
|
Public IP quarantine feature (#7378) | |
|
Vishesh
|
e721f3b379
|
Remove powermock from server (#7986) | |
Stephan Krug
|
26eaae7872
|
Allow VPC offering creation only with active VR service offerings (#6957) | |
|
Pearl Dsilva
|
3044d63a8b
|
Configurable MTU for VR (#6426)
Co-authored-by: Abhishek Kumar <abhishek.mrt22@gmail.com> |
|
|
Abhishek Kumar
|
78b68fd7e6
|
api,server: custom dns for guest network (#6425)
Adds option to provide custom DNS servers for isolated network, shared network and VPC tier. New API parameters added in createNetwork API along with the corresponding response parameters. Doc PR: apache/cloudstack-documentation#276 |
|
Abhishek Kumar
|
4a914aa88d
|
network: ipv6 static routes (#5786)
* wip Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * IPv6: configure VR of isolated networks * IPv6: add default IPv6 route in VR of isolated networks * Reformat server/src/main/java/com/cloud/network/NetworkServiceImpl.java * IPv6: update network to offering which support IPv6 * IPv6: update vm nic ipv6 address when update network to new offering * IPv6: configure VPC VR to support multiple tiers with IPv6 * IPv6: add RDNSS in radvd.conf * IPv6/UI: support ipv6 protocols in Network ACL * wip Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * changes for diagnostics Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * more import fromo #5594 Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * IPv6: fix wrong public ipv6 in VPC VR * changes Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * Update server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java Co-authored-by: dahn <daan.hoogland@gmail.com> * ui: fix add ipv6 prefix labels, message Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * ui: label fix Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * logging fix Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * test fix Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * changes Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * minor ui refactor Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * ip6 events Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * ip6 usage Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * unused Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * slaac based public ip Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * remove unused Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * diagnostics fix for vr Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * firewall changes Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * alert and show ipv6 usage Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * change for network response Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * ipv6 network test Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * changes Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * ui: fix ipaddress listing Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * wip Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix simulator Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * changes Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * changes Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * test fix Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * test and fixes Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * test temp change revert Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fixes Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * use uuid Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * event syntax fix Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * wip Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * review comments Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * assign vlan public IP for dualstack only if both protocols present on same vlan Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * internetprotocol in networkofferingresponse Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * add tcp, udp Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * support vpc with ipv6 only on same vlan - adds new internet protocol param to createVpcOffering API - When DualStack internet protocol is selected for the VPC offering, tiers with network with or without IPv6 support can be deployed. - When IPv4 internet protocol is used for the VPC offering, tiers with network with only IPv4 support can be deployed Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * change and fix allow VPC with IPv4 protocol to deploy tiers with IPv6 Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * test fix Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * ui fixes Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix multiple routes, network guest ipv6 gateway Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * address review comments Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * stop radvd on backup VR Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix router redundant status with ipv6 Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * disable radvd for backup vr Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * correctly set ipv6 in redundant router case Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * remove unused code Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix connection Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * ui: don't show all protocol for egress Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix guest ipv6 for redundant VRs Redundant VRs will not be assigned an IPv6 by ACS and guest netwrok gateway will be added as IPv6 for guest interface by systemvm scripts during setting redundant state of the VR. Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix missing ipv6 on redundant vr Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix syntax Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * ui: fix vpc tier redirect to show details When redirecting to VPC tier, details tab should be active by default Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * restart radvd on primary redundant vr Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * check for ipv6 values Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * remove old ui change Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix condition Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * remove gateway from backup vr Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * network upgrade fail early when IPv6 network cannot be allocated fail before shutting down the network Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix radvd not running on RVR Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * prepare radvd.conf once Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix job polling Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix RVR for vpc with ipv6 Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix ipv6 network acls Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * Update CsConfig.py * add check Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * test: vpc offering test Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * test: add negative tests for guest prefix, public range Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * add default ipv6 route for primary Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix dadfailed on vpc rvr Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * ui: fix add iprange form, dedicate action visibility Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix adding, deleting ipv6 range Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix failing test Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix missing destination cidr in ipv6 firewall Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix ipv6 nftables rules Allow storing linger IPv6 CIDRs in DB Specify all port range for TC{, UDP protocol rules withot ports Fix adding nft rules by creating chains first Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix icmpv6 type, code Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix icmp type, code Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * test: add more for ipv6 network Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * add warning message for egress policy in ipv6 fw rule Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * ui,server: update ipv6 vlan range Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * subnet operations inside transaction Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * server: persistent public IPv6 for network Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * ui: fix action alignment Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix vpc acl for tiers Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix removing network placeholder nic Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix acl rules for ip version Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix placeholder nic and nd-neighbor block issue Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * test for redundant nw Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * fix ping Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> * systemvm: uprgade to debian 11.3.0 * ipv6: enable ipv6 in sysctl config in bootstrap.sh * VR: fix KeyError: 'nic_ip6_cidr' * build fix for latest event changes Signed-off-by: Abhishek Kumar <abhishek.kumar@shapeblue.com> Co-authored-by: Wei Zhou <weizhou@apache.org> Co-authored-by: dahn <daan.hoogland@gmail.com> |
|
|
Pearl Dsilva
|
830f3061bc
|
SystemVM optimizations (#5831)
* Support for live patching systemVMs and deprecating systemVM.iso. Includes: - fix systemVM template version - Include agent.zip, cloud-scripts.tgz to the commons package - Support for live-patching systemVMs - CPVM, SSVM, Routers - Fix Unit test - Remove systemvm.iso dependency * The following commit: - refactors logic added to support SystemVM deployment on KVM - Adds support to copy specific files (required for patching) to the hosts on Xenserver - Modifies vmops method - createFileInDomr to take cleanup param - Adds configuratble sleep param to CitrixResourceBase::connect() used to verify if telnet to specifc port is possible (if sleep is 0, then default to _sleep = 10000ms) - Adds Command/Answer for patch systemVMs on XenServer/Xcp * - Support to patch SystemVMs - VMWare - Remove attaching systemvm.iso to systemVMs - Modify / Refactor VMware start command to copy patch related files to the systemvms - cleanup * Commit comprises of: - remove docker from systemvm template - use containerd as container runtime - update create-k8s-binaries script to use ctr for all docker operations - Update userdata sent to the k8s nodes - update cksnode script, run during patching of the cks/k8s nodes * Add ssh to k8s nodes details in the Access tab on the UI * test * Refactor ca/cert patching logic * Commit comprises of the following changes: - Use restart network/VPC API to patch routers - use livePatch API support patching of only cpvm/ssvm - add timeout to the keystore setup/import script * remove all references of systemvm.iso * Fix keystore-cert-import invocation + refactor cert timeout in CP/SS VMs * fix script timeout * Refactor cert patching for systemVMs + update keystore-cert-import script + patch-sysvms script + remove patchSysvmCommand from networkelementcommand * remove commented code + change core user to cloud for cks nodes * Update ownership of ssh directory * NEED TO DISCUSS - add on the fly template conversion as an ExecStartPre action (systemd) * Add UI changes + move changes from patch file to runcmd * test: validate performance for template modification during seeding * create vms folder in cloudstack-commons directory - debian rules * remove logic for on the fly template convert + update k8s test * fix syntax issue - causing issue with shared network tests * Code cleanup * refactor patching logic - certs * move logic of fixing rootdiskcontroller from upgrade to kubernetes service * add livepatch option to restart network & vpc * smooth upgrade of cks clusters * Support for live patching systemVMs and deprecating systemVM.iso. Includes: - fix systemVM template version - Include agent.zip, cloud-scripts.tgz to the commons package - Support for live-patching systemVMs - CPVM, SSVM, Routers - Fix Unit test - Remove systemvm.iso dependency * The following commit: - refactors logic added to support SystemVM deployment on KVM - Adds support to copy specific files (required for patching) to the hosts on Xenserver - Modifies vmops method - createFileInDomr to take cleanup param - Adds configuratble sleep param to CitrixResourceBase::connect() used to verify if telnet to specifc port is possible (if sleep is 0, then default to _sleep = 10000ms) - Adds Command/Answer for patch systemVMs on XenServer/Xcp * - Support to patch SystemVMs - VMWare - Remove attaching systemvm.iso to systemVMs - Modify / Refactor VMware start command to copy patch related files to the systemvms - cleanup * Commit comprises of: - remove docker from systemvm template - use containerd as container runtime - update create-k8s-binaries script to use ctr for all docker operations - Update userdata sent to the k8s nodes - update cksnode script, run during patching of the cks/k8s nodes * Add ssh to k8s nodes details in the Access tab on the UI * test * Refactor ca/cert patching logic * Commit comprises of the following changes: - Use restart network/VPC API to patch routers - use livePatch API support patching of only cpvm/ssvm - add timeout to the keystore setup/import script * remove all references of systemvm.iso * Fix keystore-cert-import invocation + refactor cert timeout in CP/SS VMs * fix script timeout * Refactor cert patching for systemVMs + update keystore-cert-import script + patch-sysvms script + remove patchSysvmCommand from networkelementcommand * remove commented code + change core user to cloud for cks nodes * Update ownership of ssh directory * NEED TO DISCUSS - add on the fly template conversion as an ExecStartPre action (systemd) * Add UI changes + move changes from patch file to runcmd * test: validate performance for template modification during seeding * create vms folder in cloudstack-commons directory - debian rules * remove logic for on the fly template convert + update k8s test * fix syntax issue - causing issue with shared network tests * Code cleanup * add cgroup config for containerd * add systemd config for kubelet * add additional info during image registry config * address comments * add temp links of download.cloudstack.org * address part of the comments * address comments * update containerd config - as version has upgraded to 1.5 from 1.4.12 in 4.17.0 * address comments - simplify * fix vue3 related icon changes * allow network commands when router template version is lower but is patched * add internal LB to the list of routers to be patched on network restart with live patch * add unit tests for API param validations and new helper utilities - file scp & checksum validations * perform patching only for non-user i.e., system VMs * add test to validate params * remove unused import * add column to domain_router to display software version and support networkrestart with livePatch from router view * Requires upgrade column to consider package (cloud-scripts) checksum to identify if true/false * use router software version instead of checksum * show N/A if no software version reported i.e., in upgraded envs * fix deb failure * update pom to official links of systemVM template |
|
|
Wei Zhou
|
a5014a28a6
|
New feature: give access permission of networks to other accounts in same domain (#5769)
* Enhancement: create Shared networks and VPC private gateways by users * UI bug fix: pass correct domainid in CreateSharedNetworkForm * Update #5730: fix test failure with test_guest_vlan_range.py * Update #5730: fix test failure with test_persistent_network.py * Update #5730: Add since to new API commands and API parameters * Update #5730: Get first physical network for VPC private gateway if other ways do not work * Update #5730: code optimization (return !offering.isSpecifyVlan()) * Update #5730: fix hard-coded network offering id in test_pvlan.py * Update #5730: skip access check on the network owner if the owner is ROOT/system * Update #5730: overlap check on cidr/startip/endip * Update #5730: add methods to get accountid/domainid of shared networks * Update #5730: improve integration tests * Update #5730: update as per GutoVeronezi's comments * Network Sharing: give network access permission to other accounts within a domain * network: update ip in lb/pf/dnat tables when update vm nic ip * Update #5757: create 3 separated methods for DNAT/LB/PF update * travis: install python3-setuptools * Network Sharing: update integration test * Update #5769: Remove NetworkPermission.Ops * Update #5769: Update as per Daan's comments * Update #5769: Update as per Suresh's comments * Update #5769: fix UI bug that accounts/projects are not listed * Update #5769: fix domain admin can deploy vm on L2 network of other users * Update #5769: Remove method listPermittedNetworkIdsByDomains in NetworkPermissionDao * Update #5769: Skip network operation permissions check for root admin * UI: fix create Isolated/L2 network form * Update #5730: fix create Shared network form * Update #5769: fix domain admin can deploy vm on L2 network of other users * test: fix test_storage_policy.py * Update #5769: fix remove_nic in test_network_permissions.py * Update #5769: extract some codes to a method * Update #5769: fix add/remove nic by domain admin * Update #5769: allow domain admin to enable/disable static nat and create port forwarding rules * Update #5769: update integration test * Update #5769: fix unit test AssignLoadBalancerTest.java * Update #5769: allow normal users to share network permission to other users on UI * Update #5769: fix small UI bug with label * Update #5769: Support L2 network as associated network * test: sleep 30s after restarting mgt server in test_kubernetes_supported_versions.py to fix test failures with test_secondary_storage.py * Update #5784: revert part of changes in #2420 * Update #5757: invert if condition to reduce code indentation * Update #5769: fix regular user cannot create L2 network * Update #5769: Add associated nework id and name in private gateway response * Update #5769: list networks by networkfilter=Account on UI * Update #5769: fix ui issue when list private gateways or create shared network if no isolated networks * Update #5769: fix vue ui warnings * Update #5679: add BaseResponseWithAssociatedNetwork and extract method setResponseAssociatedNetworkInformation * Update #5679: extract some methods in VpcManagerImpl.java * Update #5679: Update smoke tests as per Daan's comments * Update #5769: fix vpc with private gateways cannot be removed when remove an acount * Update #5769: fix unit test failures after merging latest main * Update #5769: fix schema-41610to41700.sql * Update #5769: fix Request failed due to empty network offering list on UI * Update #5769: Throw exception when account is not found by name * Update #5769: display a warning message if network offering list is empty * Update #5769: fix an UI bug caused by previous commit |
|
|
Wei Zhou
|
6a53517d37
|
New feature: Reserve and release Public IPs (#6046)
* Reserve and release a public IP * Update #6046: show orange color for Reserved public ip * Update #6046 reserve IP: fix ui conflicts * Update #6046: fix resource count * Update #6046: associate Reserved public IP to network * Update #6046: fix unit tests * Update #6046: fix ui bugs * Update #6046: make api/ui available for domain admin and users |
|
|
Pearl Dsilva
|
aa01580381
|
network: Specify IP for VR in shared networks (#4503)
This PR enables admins to specify IP for a VR in a shared network. |
|
Daan Hoogland
|
b6b778f003 |
Merge release branch 4.14 to 4.15
* 4.14: server: select root disk based on user input during vm import (#4591) kvm: Use Q35 chipset for UEFI x86_64 (#4576) server: fix wrong error message when create isolated network without SourceNat (#4624) server: add possibility to scale vm to current customer offerings (#4622) server: keep networks order and ips while move a vm with multiple networks (#4602) server: throw exception when update vm nic on L2 network (#4625) doc: fix typo in install notes (#4633) |
|
Wei Zhou
|
1913c6854e
|
server: keep networks order and ips while move a vm with multiple networks (#4602)
This PR fixes an issue when move a vm from an account to another account. Steps to reproduce the issue (1) create a vm with multiple shared networks (in advanced zone, or advanced zone with security groups) (2) create another account (in same domain who can also access the shared networks) (3) move vm to new account, with a list of networkid expected result: the vm has nics on the networks in same order as specified in API request, and nics have the same ips as before actual result: network order is not same as specified, ips are changed. |
|
|
Pearl Dsilva
|
a73712ec4e
|
server: Enable sending hypervior host name via metadata - VR and Config Drive (#3976)
Enable sending hypervisor host details via metadata for VR and Config Drive providers Co-authored-by: Pearl Dsilva <pearl.dsilva@shapeblue.com> |
|
|
Nicolas Vazquez
|
8c1d749360
|
[VMware] Enable unmanaging guest VMs (#4103)
* Enable unmanaging guest VMs * Minor fixes * Fix stop usage event only if VM is not stopped when unmanaging * Rename unmanaged VMs manager * Generate netofferingremove usage event if VM is not stopped * Generate usage event VM snapshot primary off when unmanaging |
|
|
Wei Zhou
|
ce894238d9
|
vpc: add bypassvlanoverlapcheck parameter when create private g… (#3899) | |
|
Nicolas Vazquez
|
ce896a477d
|
[Vmware] Enable PVLAN support on L2 networks (#3732)
* Enable PVLAN support on L2 networks * Fix prevent null pointer on details * Add marvin tests * Fixes from comments * Fix: missing pvlan type on plugniccommand * Fix checks on network creation for vlans overlap * Fix remove prefix from secondary vlan id * Improve checks on physical network for pvlans * Fix compatibility with previous pvlan creation * Fix shared networks backwards pvlan compatibility * Add ui fix for pvlan type not passed to api * Add check for isolated vlan id overlap * Include check for dynamic vlan reserved for secondary vlan * Fix marvin tests errors * Fix redundant imports * Skip marvin test for pvlan if dvswitch is not present * spelling Co-authored-by: Andrija Panic <45762285+andrijapanicsb@users.noreply.github.com> |
|
|
Abhishek Kumar
|
0f5b0e67f8
|
VM ingestion (#3606)
The VM ingestion feature allows CloudStack to discover, on-board, import existing VMs in an infra. The feature currently works only for VMware, with a hypervisor agnostic framework which may be extended for KVM and XenServer in future. |
|
Anurag Awasthi
|
c0abfce8fa
|
Health check feature for virtual router (#3575) | |
Rakesh
|
482e7ebf9a |
New feature: Acquire specific public IP for network (#3775)
Currently in cloudstack, when we click on "Acquire New Ip", it will randomly acquire IP from the pool. With this enhancement, it is possible to select the IP from the drop down IP list of that network. Same thing applies for a VPC as well. |
|
Rohit Yadav
|
0e87040eb2
|
network: allow ability to specify if network's ipaddress usage need to be hidden (#3235)
Problem: Admins don’t want to charge for IP address usage on certain (shared) networks. Root Cause: There is no flag or detail for admins to provide using UI or API when creating networks to specify if they want IP address usage of the network hidden. Solution: A new boolean hideipaddressusage flag is added to the createNetwork API and a checkbox in the ‘Add guest network’ UI for the root admins to specify if they want the shared network’s IP address usage to be hidden in the listUsageRecords API response. The provided flag is saved as the ‘hideIpAddressUsage’ detail in the cloud.network_details table for the network. For existing (shared) networks, root admins can also specify the same boolean API parameter hideipaddressusage with the updateNetwork API request to configure the behaviour for an existing network. When the detail/flag is true, the IP address usage for the (shared) network is not exported in the listUsageRecords API response. The listNetworks API response will include the details of a network for root admin only. (note usage is still recorded in the usage database but not return by the listUsageRecords API) The API flag works for any kind of network via the API, but the checkbox is only shown while creating shared networks in the UI. Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com> |
|
|
Rohit Yadav
|
b2b99ca63e |
Merge remote-tracking branch 'origin/4.11' into 4.12
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com> |
|
Gabriel Beims Bräscher
|
fbf488497f |
Support IPv6 address in addIpToNic (#2773)
The admin will manually need to add the address to the Instance, but the Security Grouping should allow it. |
|
|
Rohit Yadav
|
65511c4335 |
Merge branch '4.11': Reduce VR downtime during network restart (#2508)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com> |
|
Marc-Aurèle Brothier
|
893a88d225 |
CLOUDSTACK-10105: Use maven standard project structure in all projects (#2283)
Remove maven standard module (which only a few were using) and get ride of maven customization for the projects structure. - moved all directories to src/main/java, src/main/resources, src/main/scripts, src/test/java, src/test/resources - grep scan to search for src/com and src/org left over - grep for <project>/scripts to fix pom.xml configuration - remove custom <build> configuration in pom.xml Signed-off-by: Marc-Aurèle Brothier <m@brothier.org> |