PR #8549 replaced RSA with ed25519. unfornately, ed25519 is unsupported in FIPS mode
```
$ ssh-keygen -t ed25519 -m PEM -N '' -f key1
ED25519 keys are not allowed in FIPS mode
$ ssh-keygen -t ecdsa -m PEM -N '' -f key1
Generating public/private ecdsa key pair.
Your identification has been saved in key1
Your public key has been saved in key1.pub
The key fingerprint is:
.........
```
* Introduced a new API checkVolumeAndRepair that allows users or admins to check and repair if any leaks observed.
Currently this is supported only for KVM
* some fixes
* Added unit tests
* addressed review comments
* add repair volume while granting access
* Changed repair parameter to accept both leaks/all
* Introduced new global setting volume.check.and.repair.before.use to do volume check and repair before VM start or volume attach operations
* Added volume check and repair changes only during VM start and volume attach operations
* Refactored the names to look similar across the code
* Some code fixes
* remove unused code
* Renamed repair values
* Fixed unit tests
* changed version
* Address review comments
* Code refactored
* used volume name in logs
* Changed the API to Async and the setting scope to storage pool
* Fixed exit value handling with check volume command
* Fixed storage scope to the setting
* Fix volume format issues
* Refactored the log messages
* Fix formatting
* 4.18:
Storage plugin support to check if volume on datastore requires access for migration (#8655)
CKS: fix /opt/bin/deploy-cloudstack-secret in CKS control nodes (#8697)
* Check if volume on datastore requires access for migration, and grant/revoke volume access if requires
* Updated default implementation for requiresAccessForMigration method in PrimaryDataStoreDriver
* Use free/total instead of free metric to calculate imbalance
* Filter out hosts for condensed while checking imbalance
* Make DRS more configurable
* code refactor
* Add unit tests
* fixup
* Fix validation for drs.imbalance.condensed.skip.threshold
* Add logging and other minor changes for drs
* Add some logging for drs
* Change format for drs imbalance to string
* Show drs imbalance as percentage
* Fixup label for memorytotal in en.json
* linstor: Outline get storagepools from resourcegroup into function
* linstor: move getHostname() to kvm/Pool and reimplement
* linstor: implement CloudStack HA support
* VR: fix issue between VPC VMs and other Public IPs in the same subnet as additional Public IPs
* Update PR8599: move to VpcVirtualNetworkApplianceManagerImpl
This bundles latest cmk release in cloudstack-management package, so
admins won't need to install it for typical first-install use.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
* Enable over provisioning for SharedMountPoint primary storages
* Fix unit tests
* Fix typos and small adjusts
---------
Co-authored-by: Daniel Augusto Veronezi Salvador <gutoveronezi@apache.org>
* linstor: Add util method getBestErrorMessage from main
* linstor: failed remove of allow-two-primaries is no fatal error
* linstor: Fix failure if a Linstor node is down while migrating
If a Linstor node is down while migrating resource, allow-two-primaries
setting will fail because we can't reach the downed node. But it will
still set the property on the other nodes and migration should work.
We now just report an error instead of completely failing.
* Fix bad perms on sub directories for webapp asset files
Updated the spec file such that directories are chmod 0755 rather than 0644 which would prevent the cloud user from reading their contents.
* Fix bad permissions for centos8 UI files, missing WEB-INF
The cloudstack-ui package should have the same files as the bundled webapp in the management package.
* Fix bad perms and missing WEB-INF for centos7 ui rpm
Add the missing WEB-INF directory and do not set directories to 0755.
* Fix missing WEB-INF on CentOS 8 cloudstack-ui rpm
* Fix missing WEB-INF on CentOS 7 cloudstack-ui rpm
* Fix bad perms on sub directories for webapp asset files
Updated the spec file such that directories are chmod 0755 rather than 0644 which would prevent the cloud user from reading their contents.
* Fix bad permissions for centos8 UI files, missing WEB-INF
The cloudstack-ui package should have the same files as the bundled webapp in the management package.
* Fix bad perms and missing WEB-INF for centos7 ui rpm
Add the missing WEB-INF directory and do not set directories to 0755.
* Fix missing WEB-INF on CentOS 8 cloudstack-ui rpm
* Fix missing WEB-INF on CentOS 7 cloudstack-ui rpm
Wei Zhou
Abhishek Kumar
Suresh Kumar Anaparti
Harikrishna
Vishesh
dahn
Harshit Soni
Oleg Chuev
Phsm Qwerty
Henrique Sato
GaOrtiga
Rohit Yadav
Rene Peinthor
Daniel Augusto Veronezi Salvador
slavkap
Leo