etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,051 Commits 333 Branches 325 Tags 875 MiB
Commit Graph

436 Commits

Author SHA1 Message Date
Chip Childers f20bee3ca4 Adding patches module config for RAT. 2012-09-25 14:26:52 -04:00
Chiradeep Vittal 97a1ed2ecb CLOUDSTACK-143 vcpu hotplug is used whenever the number of vcpus are increased or decreased while the vm is online. so far this is never done in CloudStack for system vms. Also, no evidence that this file is copied to /etc/udev/rules.d where it would be needed 
CLOUDSTACK-144 xe-linux-distribution.init is used to communicate the distribution information to the xe toolset in dom0. No evidence that this file is copied to /etc/init.d where it would be needed. The right way to do it would be to install the xe-guest-utilities deb package from the xs-tools ISO distributed by Citrix XenServer
 2012-09-21 17:31:38 -07:00
Chiradeep Vittal 1ba030729d CLOUDSTACK-142 remove unneeded file 2012-09-21 15:37:41 -07:00
Chiradeep Vittal 6fe019e3cc CLOUDSTACK-148 logrotate.conf configuration was developed for CloudStack. Deleted comment and blank lines to show origin in a clearer fashion 2012-09-21 15:23:37 -07:00
Chiradeep Vittal df6fd4e644 CLOUDSTACK-168 remove unneeded file 2012-09-21 14:51:27 -07:00
Chiradeep Vittal 9a40415771 CLOUDSTACK-175 reduce config file to bare minimum by eliminating commented lines and whitespace 2012-09-21 14:47:32 -07:00
Chiradeep Vittal 8899180d7d CLOUDSTACK-170 remove unneeded secrets file 2012-09-21 14:44:49 -07:00
Chiradeep Vittal f27168291a CLOUDSTACK-170 remove unneeded file 2012-09-21 14:39:41 -07:00
Chiradeep Vittal feb77f3137 CLOUDSTACK-171 reduce config file to bare minimum by eliminating commented lines and whitespace 2012-09-21 14:35:08 -07:00
Chiradeep Vittal 3158e2fa16 CLOUDSTACK-174 remove unused file 2012-09-21 11:55:17 -07:00
Sheng Yang bbc78bab5d CLOUDSTACK-159: Clean the configuration file 
Now it's all written by myself.
 2012-09-21 11:47:58 -07:00
Anthony Xu 44e8938120 CLOUDSTACK-106: this issue seems be coverred by other issue somehow, when other issue is fixed, this issue shows up 2012-09-21 10:24:58 -07:00
Marcus Sorensen bf30dbc241 VPC - enable passwd server service 
There is currently no vpcrouter type defined in patchsystemvm.sh, which
controls our init scripts in the system vms. This patch allows the
services that would normally start on a router to start also on the VPC
router, in particular the password server was missing.

Signed-off-by: Edison Su <sudison@gmail.com>
 2012-09-20 15:44:51 -07:00
Marcus Sorensen 38457ee8ac CLOUDSTACK-131: KVM fails to copy authorized_keys to system vm now that iso is not 
mounted

Signed-off-by: Edison Su <sudison@gmail.com>
 2012-09-20 11:06:53 -07:00
Chip Childers 868bad8445 Adding license headers to CS authored ip tables config files 2012-09-14 13:19:17 -04:00
Chip Childers d1eb762b1e Adding license header 2012-09-14 13:19:17 -04:00
Chip Childers 763311c006 License header updates, and modification to root pom for exclusions. 2012-09-13 16:55:48 -04:00
Manikanta Kattamuri cfc2b85651 Removing eclipse .classpath and .project files as they are configured to ant build and adding the entries into .gitignore to stop further comitting of the files 
Signed-off-by: Chip Childers <chip.childers@gmail.com>
 2012-09-13 14:18:14 -04:00
anthony ba0522461d VPC : configure apache2 for each guest network 2012-09-07 18:10:42 -07:00
anthony 5756a2a73b VPC : clean up rt_table when stop domr 2012-09-07 17:48:23 -07:00
anthony 6c96e638be VPC : static route, add route table in cloud-early-config 2012-09-07 17:46:40 -07:00
Anthony Xu 4a0e645e28 CS-16254: 
passwd_server listen on every interface, but only guest interface is enabled for that port
 2012-09-07 17:10:54 -07:00
Anthony Xu 3cfe01d07c VPC : by default , outgoing traffic is allowed out, once egress rules are added, only traffic specified in those are allowed out, others are blocked 2012-09-07 17:03:12 -07:00
Edison Su 3db9736a07 CLOUDSTACK-29 
remove iptables/xe-guest/xt
 2012-09-06 11:05:09 -07:00
Edison Su 5ae15f8bbf first OSS build 2012-09-05 17:45:25 -07:00
Edison Su ea9121bc8f KVM initial VPC support 
Implements
SetupGuestNetworkCommand,SetNetworkACLCommand,SetSourceNatCommand,IpAssocVpcCommand,SetPortForwardingRulesVpcCommand.
Passes basic functionality, though I'm sure there may be some honing to
do.

Also fixes a few minor things found along the way:
 vpc_guestnw.sh wasn't successfully setting up apache due to default
listen IP of 10.1.1.1
 vpc_guestnw.sh was referencing a 'logger_it' function, replaced with
'logger -t cloud'
 system vms were running with OS type "Debian GNU/Linux 5.0(32-bit)",
which was not found in the KVMGuestOsMapper
 the Xen implementation of SetupGuestNetworkCommand had apparently
copied its catch message from UnPlug Nic, fixed string

Send-by: Marcus Sorensen
RB: https://reviews.apache.org/r/6883
 2012-09-04 11:45:59 -07:00
Hugo Trippaers 3054537182 Use maven to build the systemvm zip and iso 2012-09-03 14:09:19 +02:00
Gavin Lee 39a676c496 Correct license header mainly for patches folder 
Signed-off-by: Chip Childers <chip.childers@gmail.com>
I've assumed that Gavin's commit is appropriate, based
on an assumption that we will keep these files in the source
tree.  If https://issues.apache.org/jira/browse/LEGAL-146
results in a different opionion from the members, then we
will end up having to do something more drastic anyway.
 2012-08-31 10:50:46 -04:00
Rohit Yadav 2296dc4acc bug CS-15942: Fixes port forwarding issue for redundant routers 2012-08-28 12:11:55 +05:30
Rohit Yadav fd4a1a39c1 Bug CS-15970: Fixes Redundant router status when host is XenServer 2012-08-28 12:07:33 +05:30
kishan b42a813ff1 bug CS-16112: During unplug nic iptables rules are cleaned up in both cloud_nic.sh and vpc_netusage.sh. Consolidated this code in cloud_nic.sh 
status CS-16112: resolved fixed

Conflicts:
	patches/systemvm/debian/config/opt/cloud/bin/vpc_netusage.sh
 2012-08-22 12:00:02 +05:30
Sheng Yang 20ccb6c1cb S2S VPN: CS-16092: Add ESP rule to iptables 
Otherwise the other end cannot initiate connection.
 2012-08-20 17:28:46 -07:00
kishan 691be5c60e bug CS-15577: Added per gateway network usage for VPC and VPN usage. VPN usage uses 525 mark for outgoing traffic and 524 mark for incoming traffic 
status CS-15577: resolved fixed
 2012-08-17 17:07:13 +05:30
John Kinsella 6a41965b70 [ASFCS40] Updated version number to reflect 4.0.0 2012-08-14 22:54:44 -07:00
Sheng Yang e7efd0d95b S2S VPN: Don't consider VPN is down if IPsec SA still existed 
Because ISAKMP SA wouldn't be updated after expiration if IPsec SA is still in
affect.
 2012-08-10 16:20:52 -07:00
Sheng Yang 435480cb5a S2S VPN: CS-15641: Enable UDP port 4500 for NAT-T 2012-08-06 17:15:38 -07:00
Sheng Yang 4908adb3a1 S2S VPN: CS-15852: Add vpninmask for VPN network usage 2012-08-06 15:32:36 -07:00
Sheng Yang 6e7b4bc07b S2S VPN: CS-15642: Re-initiate the VPN connections after router reboot 
Conflicts:

	server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
 2012-08-06 15:32:18 -07:00
Sheng Yang 84a1a311f9 S2S VPN: CS-15511: Add PFS support for VPN connection 2012-08-06 15:27:13 -07:00
Sheng Yang 1b5103c501 S2S VPN: CS-15472: Separate IKE lifetime and ESP lifetime 2012-08-06 15:19:26 -07:00
anthony 9b43753399 VPC : handle Revoke rules for staticroute 2012-08-02 18:59:49 -07:00
anthony 0c9d5f5eb1 VPC : typo 2012-08-02 18:59:48 -07:00
Alena Prokharchyk 7706a9c32f Merge branch 'master' into vpc 
Conflicts:
	server/src/com/cloud/network/NetworkManagerImpl.java
	server/src/com/cloud/network/rules/RulesManagerImpl.java
 2012-07-31 13:37:28 -07:00
anthony f763f53c2d CS-15680 : set broadcast IP 2012-07-30 13:24:33 -07:00
anthony 3aae979967 CS-15708 : fix network cleanup 2012-07-30 13:24:10 -07:00
Hugo Trippaers 5d31b58c1b Disable IPv6 in the systemvm 2012-07-30 15:17:56 +02:00
Sheng Yang dd50bdf38e CS-15731: Make S2S VPN no-nat rule the top of POSTROUTING 2012-07-27 18:49:25 -07:00
Sheng Yang 8eee8f342e S2S VPN: CS-15650: Add connection status update to s2s vpn 2012-07-27 16:28:06 -07:00
anthony d5d6c9f5f4 VPC : this is default iptables for vpc route 2012-07-27 15:04:42 -07:00
anthony 0369fa3101 VCP : for each network, there will be a seperate config file deriving from this one 2012-07-27 15:04:42 -07:00
anthony 59937838e5 VPC : create/destroy static nat 2012-07-27 15:04:42 -07:00
anthony ae579c4cdd VPC : create/destroy static route 2012-07-27 15:04:42 -07:00
anthony 0d52ac205b VPC : create/destroy source NAT 2012-07-27 15:04:42 -07:00
anthony 9910176d76 VPC : create/destroy private Gateway 2012-07-27 15:04:41 -07:00
anthony f7da1772b0 VPC : portforwarding script 2012-07-27 15:04:41 -07:00
anthony 952da87e19 VPC : basic network usage per guest network 2012-07-27 15:04:41 -07:00
anthony 744bfdce5f VPC : vpc loadbalancer script 2012-07-27 15:04:41 -07:00
anthony 7dc4231ea6 VPC : vpc ip assocate fix 2012-07-27 15:04:41 -07:00
anthony 165a21c62a VPC : vpc_acl.sh is for VPC access control list 2012-07-27 15:04:40 -07:00
anthony 05dc92c02c VPC : remove all rules for a plugged nic device 2012-07-27 15:04:40 -07:00
anthony 599dcb49d5 VPC : add vpc_func.sh 2012-07-27 15:04:40 -07:00
anthony 5edb646be2 VPC : ipassoc.sh typo fix 2012-07-27 15:04:40 -07:00
anthony 7fd73fc5ab VPC : add vpc_guestnw.sh 2012-07-27 15:04:40 -07:00
Sheng Yang 4d42845853 S2S VPN: Add back pfs=no for ipsec.conf 
According to ipsec.conf manual:

pfs

whether Perfect Forward Secrecy of keys is desired on the connection's keying
channel (with PFS, penetration of the key-exchange protocol does not compromise
keys negotiated earlier); Since there is no reason to ever refuse PFS, Openswan
will allow a connection defined with pfs=no to use PFS anyway. Acceptable values
are yes (the default) and no.

Found removing the option would make it impossible to work with no PFS setting
router. It may related to CS-15511.
 2012-07-23 19:35:08 -07:00
Sheng Yang 27d82f683b S2S VPN: Support for multiply VPN connections per VPC/VPN gateway 2012-07-23 19:03:29 -07:00
Sheng Yang f1e2be7157 CS-15511: Fix parameter transfer in bash 
[Dropped Vmware support in this commit, due to lack of VMware support in VPC now]

Conflicts:

	plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
 2012-07-23 14:51:40 -07:00
Sheng Yang 7d68e33323 S2S VPN: Use source NAT ip address for VPN gateway 
Conflicts:

	api/src/com/cloud/api/commands/CreateVpnGatewayCmd.java
	server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java
	server/src/com/cloud/network/vpc/VpcManagerImpl.java
 2012-07-23 14:44:05 -07:00
Sheng Yang d855dff7c2 CS-6840: Fix wrong path of check s2s vpn script 2012-07-23 14:35:32 -07:00
bfederle c8f72c9198 Merge branch 'master' into vpc 
Conflicts:
	ui/scripts/network.js
 2012-07-23 10:36:25 -07:00
David Nalley 67bc9c819a fixing some more license headers 2012-07-20 15:59:31 -04:00
Sheng Yang a1333649db CS-15536: Insert VPN mangle policy to FORWARD and OUTPUT 
In order to get traffic tagged while ACL chain involved in PREROUTING chain.

Also using more generic tag checking in nat table.
 2012-07-17 17:23:11 -07:00
Alena Prokharchyk 353423acec Merge branch 'master' into vpc 
Conflicts:
	api/src/com/cloud/api/commands/ListFirewallRulesCmd.java
	api/src/com/cloud/api/response/FirewallResponse.java
	api/src/com/cloud/api/response/IPAddressResponse.java
	server/src/com/cloud/api/ApiDBUtils.java
	server/src/com/cloud/network/NetworkManagerImpl.java
	server/src/com/cloud/network/dao/FirewallRulesDaoImpl.java
	server/src/com/cloud/network/dao/NetworkDaoImpl.java
	server/src/com/cloud/server/ManagementServerImpl.java
 2012-07-06 12:04:10 -07:00
David Nalley ecf2cd57f9 fixing license headers in marvin 2012-07-04 18:45:08 -04:00
Sheng Yang 1d97af3abf CS-6840: Add status checking for site 2 site VPN 2012-07-02 16:29:23 -07:00
Sheng Yang cd9854336a CS-6840: Update ipsectunnel.sh 2012-07-02 16:27:38 -07:00
Clayton Weise df062f1fe8 CS-6840: Add ipsectunnel script 2012-07-02 16:27:35 -07:00
anthony 4707888363 VPC : revert dnsmasq.conf 2012-06-15 14:33:22 -07:00
anthony 2deba9bd86 VPC : add vpc_vpn_l2tp.sh 2012-06-15 14:32:56 -07:00
anthony 10a578db46 VPC : fix nic hot plug script 2012-06-15 14:32:31 -07:00
anthony d51e3443cb VPC : add nic hot plug script 2012-06-15 14:32:10 -07:00
anthony a7462bb232 VPC : vpc_ipassosc.sh 2012-06-15 14:30:50 -07:00
anthony 768463d113 VPC : add new dnsmasq.conf for VPC domr 2012-06-15 14:30:39 -07:00
anthony d49210e42b VPC : add new type vpcrouter in cloud-early-config 2012-06-15 14:30:31 -07:00
anthony c7e440a1de VPC : revert iptables-router 2012-06-15 14:30:23 -07:00
anthony fb7fc6fd91 VPC : revert change in cloud-early-config 2012-06-15 14:30:15 -07:00
anthony d80476b93e VPC : add new ipassoc.sh for vpc 2012-06-15 14:30:07 -07:00
anthony 0f5775d446 VPC : revert changes in ipassoc.sh 2012-06-15 14:29:56 -07:00
anthony 95faedc09f VPC : bug fix 2012-06-15 14:29:47 -07:00
anthony f1883e991c VPC : bug fix 2012-06-15 14:26:50 -07:00
anthony edbf4a0ba7 VPC : many debug fix 2012-06-15 14:26:41 -07:00
anthony c75fe80125 VPC : use routerProxy to call networkUsage.sh 
Conflicts:

	core/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
 2012-06-15 14:25:21 -07:00
anthony a08c9e7890 VPC : move acl.sh ipassoc.sh to /opt/cloud/bin/ 2012-06-15 14:24:09 -07:00
anthony daf1aa4b92 VPC, implement plug/unplug nic 2012-06-15 14:22:29 -07:00
anthony 1a621a01f5 typo fix 2012-06-15 14:19:02 -07:00
anthony c442d6d7ab add guestnw.sh 
add acl.sh
merge setup_dhcpsvr and setup_route
 2012-06-15 14:18:47 -07:00
anthony 396fa72ee3 1. move control network to eth0 on domr 
2. if it is basic mode, use guest NIC as Control NIC
 2012-06-15 14:18:38 -07:00
Sheng Yang 96e7e3d1ca CS-15175: Fix public interfaces of redundant router 
We need to use ifup/ifdown to bring up the interfaces, because ifconfig don't
know the ip of the interface after we modify cloud-early-config to avoid
first start up of public interface.

Reviewed-by: Edison
 2012-05-31 17:58:02 -07:00
Sheng Yang 985757ffe6 CS-14421: Clean /etc/network/interfaces when sysytemvm reboot 
In order to make sure next time, booting process would use cloud-early-config's
setup, rather than networking scripts to bring up interfaces.

Reviewed-by: Kelven Yang
 2012-05-31 17:57:55 -07:00
anthony 3d74115769 CS-14784, CS-15065 , after release IP, reapply other IPs in the same eth device, to prevent secondary IPs are removed when primary IP is removed 2012-05-23 18:42:53 -07:00
Jayapal 5485faae3a CS-13500 Added hairpin NAT fix for static NAT 2012-05-23 12:15:33 +05:30