f748a552e9
Disable IAM feature from 4.4 release.
2014-05-19 16:27:50 -07:00
a3e9d0ff12
CLOUDSTACK-5501: Allow one vpn customer gateway with multiple connections
...
This restriction was purposely avoid confusion of VPN setup, but later found too
strictly and cause troubles for deployment. Removed after testing one customer
gateway with multiple connections.
2014-05-12 18:26:53 -07:00
a7dd5aae55
CLOUDSTACK-6628:[Automation] Create PF rulw API failing with error
...
"database id can only provided by VO objects".
2014-05-09 18:24:54 -07:00
550493cec3
Added fix for CLOUDSTACK-6548
...
Signed-off-by: santhosh <santhosh.edukulla@gmail.com>
Signed-off-by: Daan Hoogland <daan@onecht.net>
2014-05-09 17:03:52 +02:00
52257bc418
CLOUDSTACK-6608:OVS distributed firewall: default ACL rule is not
...
getting applied when a tier in VPC is created.
fix ensures, VpcRoutingPolicyUpdate is send when network rules are
programmed when network tier in VPC is created
2014-05-08 15:50:21 +05:30
0ca013e647
Revert "CLOUDSTACK-6485: private gateway network should not be associated with vpc"
...
This reverts commit 69add34ad0
2014-05-08 11:33:37 +02:00
cadefb1aeb
CLOUDSTACK-6601: added "forDisplay" parameter to listLoadBalancerRules API
2014-05-07 17:12:58 -07:00
515fa261ba
CLOUDSTACK-6596: UUID and display flag update support for LBStickinessPolicy and LBHealthCheckPolicy
2014-05-07 15:38:17 -07:00
99f75db1eb
Fixed vpc private gateway backend issues
2014-05-07 16:17:22 +05:30
eb28f77d1a
CLOUDSTACK-6581: IAM - Shared Network -Root Admin user is allowed to deploy VM in a shared network that is scoped for a specific domain/account.
...
Changes:
- Strict access check in NetworkModel is needed as CS 4.3
- We cannot go through accountMgr since accountMgr is relaxed for rootAdmin
2014-05-06 17:21:05 -07:00
a708d5c498
CLOUDSTACK-6577: Disable service monitoring in RVR
2014-05-06 19:35:34 +05:30
758f7f2f16
CLOUDSTACK-6578: Fixed issue in delete remote access vpn command
2014-05-06 19:35:34 +05:30
645516ee78
CLOUDSTACK-6531: stopping the router in case of command failures. Also added alerts for failures.
...
Signed-off-by: Jayapal <jayapal@apache.org>
2014-05-06 19:35:34 +05:30
03f6188c1c
CLOUDSTACK-6569: IAM - Regular user is able to listNetworks of another
...
user in the same domain , by passing account and domainId.
2014-05-02 14:53:44 -07:00
4e7498bc08
LOUDSTACK-6475: cleanupVPC task - removed the transaction wrapping up multiple VPC destroy as the destroy operation has external calls, to prevent long-locked transaction.
...
Reviewed-by: Prachi Damle
2014-05-02 14:20:27 -07:00
e89c628843
CLOUDSTACK-6558 IAM - Admin user is able to deploy VM in a regular user's Security Group.
...
Changes:
- Even for SecurityGroup, go through IAM to do permission checks for all type of accounts
2014-05-01 16:07:50 -07:00
69add34ad0
CLOUDSTACK-6485: private gateway network should not be associated with vpc
...
Signed-off-by: Daan Hoogland <daan@onecht.net>
2014-04-28 14:55:06 +02:00
092b4be8d9
CLOUDSTACK-6512:IAM - Not able to list shared networks in the Vm
...
deployment flow. This commit is to revert
ec5ee761d9
2014-04-25 14:35:38 -07:00
dcb0db6084
CLOUDSTACK-6434: Make RvR advert_int configurable
...
In some network environment, 1*3 seconds by default make RvR setup too
sensitive. A configurable parameter would be better for fitting different
network environments.
2014-04-16 20:15:56 -07:00
94a146a43e
CLOUDSTACK-6432: Blocking DHCP server to service DNS outside network
...
This would cover only DHCP only network since in basic and shared network, the
private IP used by VR and network may expose to outside.
2014-04-16 19:12:59 -07:00
d27c797abc
CLOUDSTACK-6433: Don't return success if only one of RvR successfully created
...
Conflicts:
server/src/com/cloud/network/element/VirtualRouterElement.java
2014-04-16 18:00:35 -07:00
48c9b46328
CLOUDSTACK-6349: IAM - No error message presented to the user , when invalid password is provided.
...
- AccountManager now works using accountId instead of accountType in following methods too:
- isResourceDomainAdmin()
- isAdmin()
2014-04-16 11:26:57 -07:00
6094e00797
CLOUDSTACK-6376: Return empty list when network tier has no ACL list associated.
2014-04-10 15:29:01 +05:30
635b69676a
CLOUDSTACK-6374: Remove entries from lb vm map when lb rule apply fails
2014-04-10 15:28:55 +05:30
68c80e28c0
CLOUDSTACK-6253: Optimizing VR alerts getting algorithm In addition to this a new configuration parameter is added router.alerts.check.interval defaulted to 30minutes to check for alerts in Virtual Router
2014-04-09 18:11:24 +05:30
a9accd331a
CLOUDSTACK-6364 Added ip address validation
...
Also updated to assign vm primary ip to lb rule when vmid is passed virtualmachineid
and vm id ip details in vmidipmap
2014-04-09 17:42:16 +05:30
bea7305bb0
CLOUDSTACK-6353 Fixed listing vm ip details for lb rule
2014-04-08 12:54:07 +05:30
83c13ce1b9
CLOUDSTACK-6327 updated uuid to id mapping
2014-04-07 16:30:11 +05:30
00f0d9b3c8
internal lb support for contrail vpc
...
Signed-off-by: Alena Prokharchyk <alena.prokharchyk@citrix.com>
2014-04-04 15:35:58 -07:00
936de7e1c5
CLOUDSTACK-6327: Updated the removeFromLoadBalancerRule and listLoadBalancerRuleInstances API
...
Updated these APIs to use VM primary/secondary details on LB rule.
listLoadBalancerRuleInstances API lists the vm ips which are assigned to lb rule when passed
listlbvmips
removeFromLoadBalancerRule is updated to remove the spcific vm ip entry assinged to LB rule.
Added new param vmidipmap to this API
2014-04-04 18:32:43 +05:30
c89eb73304
Remove usage of sameOwner checkAccess invocation, and convert to
...
OperateEntry IAM check.
2014-04-01 17:31:56 -07:00
9188223f3d
CLOUDSTACK-6245: the security group rule is lagging behind the rules in DB, due to there is a worker thread launched inside a transaction Reviewed-by: Alex
...
(cherry picked from commit d4fdc184fe
2014-03-27 17:38:37 -07:00
a5b9814f7a
Fixes to ensure Network entity checkAccess invokes the IAM service
2014-03-24 17:09:43 -07:00
dd237a8d53
CLOUDSTACK-6250 Review comments fixes for CLOUDSTACK-2692
2014-03-20 17:21:47 +05:30
e35d729283
fix scripts that handle setting up bridge for tunnel network and for
...
distributed routing. Fix ensures there is approproate flag in other
config of the network to indicate the bridge type.
2014-03-20 16:24:31 +05:30
7ff49cb887
CLOUDSTACK-6240 Fixed updating advanced SG rules for vm nic secondary ip
2014-03-19 16:03:56 +05:30
ec5ee761d9
Refactor listNetworks logic to use new IAM model.
2014-03-18 16:47:08 -07:00
4723fbb83f
CLOUDSTACK-6247: Usage Events - hide them when display flag is off in the context of "Ability to have better control over first class objects in CS" feature
...
Work done for network offering.
2014-03-18 13:54:25 -07:00
df3a2083d6
Fix a regression caused by IAM search criteria refactor on VPC.
2014-03-18 10:10:22 -07:00
ae6b9a0829
Remove IAMEntityType to use existing VO interface class to annotate
...
entityType.
2014-03-17 16:59:19 -07:00
14a4dd116f
CLOUDSTACK-2692 Assigning LB rule for vm nic secondary ips
...
Conflicts:
setup/db/db/schema-430to440.sql
2014-03-14 22:48:51 +05:30
7a929d1a0e
region level VPC support
...
introduce 'RegionLevelVpc' as capability of 'Connectivity' service. Add
support for CreateVPCOffering to take the 'regionlevelvpc' as capability
of service 'connectivity'.
introduces new capability 'StretchedL2Subnet' for 'Connectivity'
service. Also add support to createNetworkOffering api to allow
StretchedL2Subnet capablity for the connectivity service.
adds check to ensure 'Connectivity' service provider supports
'StretchedL2Subnet' and 'RegionLevelVpc' capabilities when specified in
createNetworkOffering and createVpcOffering respectivley
enable ovs plug-in to support both StretchedL2Subnet and RegionLevelVpc
capabilities
make zone id optional parameter in createVpc, zone id can be null only
if vpc offfering supports region level VPC
in region level vpc, let the network/tier to be created in any zone of
the region
keep zoneid as required param for createVpc
skip external guest network guru if 'Connectivy' service is present in
network offering
fix build break in contrail manager
permit VM's to be created in different zone that in which network is
created if the network support streched L2 subnet
add integration tests for region level VPC
rebase to master
Conflicts:
setup/db/db/schema-430to440.sql
2014-03-14 21:54:47 +05:30
1b4325d2c8
CLOUDSTACK-6106 supporting VPC VR on Hyper-V
2014-03-14 17:36:43 +05:30
423a748807
adds hypervisor script to convert JSON routing polcies (ACL) config in
...
to flow rules and applies them on the bridge
add event subscriber in OvsTunnelManager, that listens to
replaceNetworkAcl events. On event sends the updated policy info to all
the hosts in the VPC
2014-03-14 16:56:37 +05:30
2c7786992f
some bug fixes
2014-03-14 16:56:37 +05:30
32ac021043
make Ovs as VPC provider
2014-03-14 16:56:36 +05:30
3139b35518
mark VPC to be using distributed router if VPC offerign supports
...
distributedrouter capability.
2014-03-14 16:56:35 +05:30
e3ec12e5d0
-add check to ensure 'Connectivity' service provider specified in
...
createVpcOffering actually supports 'DistributedRouter' capability
- enable OVS to support 'DistributedRouter' capability
2014-03-14 16:56:35 +05:30
7c4443e233
-introduces 'DistributedRouter' as capability to 'Connectivity' service.
...
-create VPC offering to permit 'DistributedRouter' as capability to
connectivity service
2014-03-14 16:56:35 +05:30
f7337527cf
CLOUDSTACK-6090: Virtual Router Service Failure Alerting
...
Signed-off-by: Koushik Das <koushik@apache.org>
2014-03-14 15:14:15 +05:30
Min Chen
Sheng Yang
santhosh
Murali Reddy
Daan Hoogland
Alena Prokharchyk
Jayapal
Prachi Damle
Rajani Karuturi
Kishan Kavala
Harikrishna Patnala
sbalineni
Edison Su
Nitin Mehta
Rajesh Battala