vxlan code. Users can set a physical network to isolation type 'vxlan',
put public traffic on that physical network, and it will still attempt
to use 'vlan' isolation on the KVM hosts. This is going to be an issue
for other isolation types as well, but I'm not familiar with them, so
I'm just fixing vxlan for now.
The things is, VR would take time to execute the commands, say it would need
time t1(which is greater than 0).
And the interval between parallel deployment is t2(which can be almost 0). In
any case, VR need to handle commands in sequence internally, so if t1 > t2, then
the new task in the VR would wait longer and longer to execute, then some
commands result in timeout ultimately. No matter how long the timeout is, if
there are enough big number of queued task for VR, the last ones can timeout.
Currently VR has a robust mechanism to sequence the jobs internal and I
confirmed in this case, it works well. But there is no way to fix this issue if
VR is already 100% load at all time.
Probably we can improve the speed of VR internal executing, but seems the
ultimate answer is: set execute.in.sequence.network.element.commands to true. VR
doesn’t know how long it would take for mgmt. server to timeout, only mgmt.
server knows that.
By setting sequence execution in VR to "true", mgmt server would handle the
commands in a queue, make sure that VR won't be overload and report unexpected
failure just because it's overload.
listAlerts: introduced new parameter "name" to the alertResponse
Added new Admin API - generateAlert. Available to ROOT admin only
listAlerts: implemented search by alert name
This patch adds a network plugin to support Palo Alto Networks firewall (their appliance and their VM series firewall).
More information in the FS: https://cwiki.apache.org/confluence/display/CLOUDSTACK/Palo+Alto+Firewall+Integration
Features supported are:
- List/Add/Delete Palo Alto service provider
- List/Add/Delete Palo Alto network service offering
- List/Add/Delete Palo Alto network with above service offering
- Add instance to the new network (creates the public IP and private gateway/cidr on the PA as well as the source nat rule)
- List/Add/Delete Ingress Firewall rule
- List/Add/Delete Egress Firewall rule
- List/Add/Delete Port Forwarding rule
- List/Add/Delete Static Nat rule
- Supports Palo Alto Networks 'Log Forwarding' profile globally per device (additional docs to come)
- Supports Palo Alto Networks 'Security Profile Groups' functionality globally per device (additional docs to come)
Knowns limitations:
- Only supports one public IP range in CloudStack.
- Currently not verifying SSL certificates when creating a connection between CloudStack and the Palo Alto Networks firewall.
- Currently not tracking usage on Public IPs.
Signed-off-by: Sheng Yang <sheng.yang@citrix.com>
1) Added support for Zone resource details
2) Renamed DcDetailsDao to DataCenterDetailsDao to follow the CS name convention for DataCenter related classes
xs 6.1/6.2 introduce the new virtual platform, so there are two virtual platforms, windows PV driver version must match virtual platforms,
this patch tracks PV driver versions in vm details and template details.
Anthony
public range to see whether the same VLAN exists in portable IP range.
added check to enusre a VLAN id used for a public IP range is not used
for portable ip range
Conflicts:
server/src/com/cloud/configuration/ConfigurationManagerImpl.java
defined in different VLANs across public and portable ranges
added checks to restric same ip range to be configure as both public ip
range and portable ip range
Introduction of a new Transaction API that is more consistent with the style
of Spring's transaction managment. The existing Transaction class was renamed
to TransactionLegacy. All of the non-DAO code in the management server has been
updated to use the new Transaction API.
fix listDiskOffering to not display offerings to the normal users with forDisplay=false. But display them to ROOT Admin irrespective of the flag.
Added display flag in the updateVolume/offeirng commands
Signed off by : nitin mehta<nitin.mehta@citrix.com>
Various classes are using member injection to inject extensible objects.
Really those object should come from an AdapterList that is injected in.
This patch switches the code to use setter injection that will later allow
spring to inject an AdapterList or something similar to allow
extensibility.
Sheng Yang
Marcus Sorensen
Alena Prokharchyk
Daan Hoogland
Devdeep Singh
Daan Hoogland
Harikrishna Patnala
edison
Bharat Kumar
Will Stevens
Frank.Zhang
Anshul Gangwar
Likitha Shetty
fjkdf
Koushik Das
Nitin Mehta
Rajesh Battala
Hugo Trippaers
Mike Tutkowski
Rajani Karuturi
Darren Shepherd
Anthony Xu
dhoogland
alex@alexhitchins.com
Murali Reddy
Damodar Reddy
Min Chen
Abhinandan Prateek