etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
28,665 Commits 335 Branches 325 Tags 909 MiB
Commit Graph

428 Commits

Author SHA1 Message Date
Ian Southam 6fc680be71 Fixed password server respawning issue 
Some changes to isolated network acl generation
 2015-03-16 11:40:11 +01:00
Ian Southam 5ddf87b2fd Use reload on keepalived 
restart causes the master status to flip unecessarily during provisioning tasks
 2015-03-16 11:40:11 +01:00
Ian Southam 585f5f7000 ACL issues 
ACL order issues
Do not block multicast traffic for vrrp
Many smaller bug fixes
checkrouter provided in /opt/cloud/bin
 2015-03-16 11:40:10 +01:00
Ian Southam 3cc0915a01 Work arounds for how CS adds and removes hosts 2015-03-16 11:40:08 +01:00
Ian Southam 748e2e51a9 Check both ip and hosts when building dhcp bag 2015-03-16 11:40:08 +01:00
Ian Southam c1ec5b0b16 nat rules added to incorrect interface 2015-03-16 11:40:07 +01:00
Ian Southam 7700e940ff dnsmasq should restart if config changes and hup if hosts change 2015-03-16 11:40:07 +01:00
wilderrodrigues e7969b640b No hardcoded passwords. 
- If for some reason the cmdLine json doesn't contain the password key, which is almost impossible to happen,
    we generate a password based on other unique data per VPC
 2015-03-16 11:40:06 +01:00
wilderrodrigues 4b6604318d generate random password for redundant VPC 2015-03-16 11:40:06 +01:00
Ian Southam baa758accc Utterley stupid 2015-03-16 11:40:06 +01:00
Ian Southam 639126da8b {ip: hosts} syntax goes wrong if ip contains 1:: 
Needs to anchore regexp
 2015-03-16 11:40:05 +01:00
Ian Southam aa6fdf853b A tab got in there somehow! 2015-03-16 11:40:05 +01:00
Ian Southam b3da2c54c2 Add network stats for isalated networks 2015-03-16 11:40:04 +01:00
Ian Southam 57d3ffaef8 Fixed password server, fixed more firewall issues 
Fixed issues with real IP and not virtual (gateway) IP being opened on the firewall
DNS now works on the vms
 2015-03-16 11:40:03 +01:00
wilderrodrigues e6b3ee318c Fix the checkrouter.sh script in order to report the routers state 2015-03-16 11:40:02 +01:00
Ian Southam 9e82281cc1 Fixed rules for dhcp towards v, 
Fixed fw rules for a bunch of things
Bring public interface up if no tier has been defined
 2015-03-16 11:39:58 +01:00
wilderrodrigues 4c9f4fcdd3 Make virtual router id unique per redundant group 
Customise the messages showed during VPC restart based on redundancy
Do not show "Make Redundant" option if VPC is already redundant
Show on VPC details if a VPC is redundant
 2015-03-16 11:39:58 +01:00
Ian Southam 7a9a356094 Switch control interface for vrrp to guest network 
Fix rRouter that was deleting the gateway interface
 2015-03-16 11:39:57 +01:00
Ian Southam 87d4171c53 Who changed my condition! 
De Morgans laws chaps
The negation of a conjunction is the disjunction of the negations.
The negation of a disjunction is the conjunction of the negations.
 2015-03-16 11:39:56 +01:00
Ian Southam db48a99678 Restart keepalived if a pub interface gets added or removed 2015-03-16 11:39:55 +01:00
Ian Southam c828653a0a Another correction 2015-03-16 11:39:54 +01:00
Ian Southam 267bc52579 Mistake no I set no priority! 2015-03-16 11:39:54 +01:00
Ian Southam 2b0c4c85a9 Fixed up get_dns for normal isolated vrs 2015-03-16 11:39:53 +01:00
Ian Southam bf6e3fa8b2 Fixed CsAddress destroying the VIP address on a redundant router 
Taken quite a bit of code out of CsRedundant
Fixed public IP in keepalived when there is no guest network
 2015-03-16 11:39:53 +01:00
Ian Southam 6d34f1f797 Set to EQUAL and noprempt - let keppalived decide who is boss 
Also removed bump as we really do not need this
 2015-03-16 11:39:53 +01:00
Ian Southam 3b1dd68ae9 Remove vpc_router_svcs because they will be the same as any other router (soon) 
One question is apache2
 2015-03-16 11:39:52 +01:00
Ian Southam 9bec4b64e7 This change breaks stuff 
This id is used to define the groups and will prevent the two vrrp instances from talking to each other
Result = MASTER MASTER
 2015-03-16 11:39:52 +01:00
wilderrodrigues b7a142800d Adding the router priority when the control interface is created 
Adding some logging to the check heartbeat script
 2015-03-16 11:39:52 +01:00
Ian Southam e95a6498b5 No bump for now 2015-03-16 11:39:51 +01:00
Ian Southam f5ef75ee7e Vrrp will fail if your own code keeps killing it off 2015-03-16 11:39:51 +01:00
wilderrodrigues ae53d5ede1 Fix router priuority using the same logic as the one for the state 
Fix the router state. do not show UNKNOW, but MASTER or BACKUP depending on the type of router
Implement the virtual_router_id to be passed as a boot parameter to the router
  - it is needed for the keepalived configuration
 2015-03-16 11:39:51 +01:00
wilderrodrigues a5d6f90f66 Implementing redundant router arguments to add redundant_state 
Implementing the arguments on the python side
 2015-03-16 11:39:51 +01:00
Ian Southam 279f1a2741 Lots of changes to do with redundancy 2015-03-16 11:39:50 +01:00
wilderrodrigues 62d586e2af Reverting the changes on CsAddress done in commit 374946e07748dd3ad659381c7d88e5e4140e4eeb 2015-03-16 11:39:50 +01:00
wilderrodrigues bd7799401b Removing guest interfaces form the VRRP list 
Removing the not is_redundant from the check that put interfaces UP.
  - it now checks only "not is_public"
 2015-03-16 11:39:50 +01:00
wilderrodrigues da53a5502e Fix restarting VPC 2015-03-16 11:39:50 +01:00
wilderrodrigues 0be56a5ff6 Fixing the timout )ssh hanging) on the CsApp.py file 
Adding kill_all() method on the CsProcess.py file (not being used yet)
Changing a bit the logic in the merge.py

The changes in the logic might be reverted, but they are causing no harm now.
 2015-03-16 11:39:50 +01:00
Ian Southam fb094ecafd get_dns via guest network returns blank dns servers 
fixed and added unit test
 2015-03-16 11:39:49 +01:00
wilderrodrigues 84ba06b87d Fix: the update_config.py was not parsing the incoming guest net configuration properly 
Added comments to the CitrixResourceBase class: do not destroy the cd-rom
 2015-03-16 11:39:49 +01:00
wilderrodrigues 2bb79b8115 Adding some info to the update_config.py 2015-03-16 11:39:49 +01:00
wilderrodrigues edd839ab10 Fix: allow multiple VIFs per Mac Address 
Fix: RTNETLINK errors
     - Management Server health check trying to create already existing interface
     - Changes on update_config.py, cs_guestnetwork.py, merger.py
Fix: replace RRouTER_LOG in the CsRedundant.py per log file location
Fix: Guest Net address association during Router restart
     - Changes on NicProfileHelper, NicProfileHelperImpl
Fix: aggregationExecution() method on VirtualNetworkApplianceManagerImpl
     - Do not send an AggregationControlCommand to a non-configured router

Some classes have been formatted.
 2015-03-16 11:39:48 +01:00
wilderrodrigues 460204fa9f Fixing CsDhcp.py 
Fixing assign IPv4 on GuestNetworkGuru.java
Fixing getRouters() on VpcVirtualRouterElement.java
Fixing Fixing paths on keepalived.conf.templ

Refactor on the other files
 2015-03-16 11:39:17 +01:00
wilderrodrigues ddbc565bc4 Log an error when removing keepalived.strikes file and it doesn't exit. 2015-03-16 11:39:17 +01:00
wilderrodrigues 40eb579115 TK-3135 fixes for VPC restart 
* removed the "is redundant" flag form the addVpcRouterToGuestNetwork() method
* removed the "is redundant" flag from the removeVpcRouterFromGuestNetwork() method
* changed the path of the master.py file in the keepalived.conf.temp file
* the call to routerDao.addRouterToGuestNetwork() in the VpcRouterDeploymentDefinition is not needed. That step will be performed once a VM is created
  - In addition, when restarting a VPC the routers will have the guest net configured, if any exists.

* Pushing the POM.xml as well, to use the old Jetty for now. Could not fix the logging problem. Will replace the POM with master version after VPC is done.
 2015-03-16 11:39:17 +01:00
wilderrodrigues 35151961be Fixing call on AclIP class. Instead of self.fw = fw we have to do self.fw = fw.get_fw() 
Fixing the master.py path in the keepalived.conf.templ
 2015-03-16 11:39:16 +01:00
wilderrodrigues 84bf46dc2f Java: Fixing the redundant flag for the router control nic and the guest network command; 
Python: fix the redundant setup in the CsRedundant class
 2015-03-16 11:39:15 +01:00
wilderrodrigues 3b6f247d40 Fix problem with reading invalid key form the dictionary 
I did in the same way Ian did for other files, but we have to find a better way to fix it.
 2015-03-16 11:39:15 +01:00
wilderrodrigues 370fe518f2 Fixing delete_leases function. 
It was refering a non-existing variable.
 2015-03-16 11:39:14 +01:00
Ian Southam 636dfd6217 New unit test 
Some stupid typos
pep8
 2015-03-16 11:39:14 +01:00
Ian Southam 406af7e855 Sorting out redundancy 
some new unit testing
stupid bug in CsCmdLine refactor
 2015-03-16 11:39:14 +01:00
Ian Southam bdda01d269 Countless bug fixes, mostly do do with VR redundancy 
Also added some new unit tests and adjusted the code to make them work
 2015-03-16 11:38:18 +01:00
Ian Southam 24c8de3c13 Some convenience methods 2015-03-16 11:38:17 +01:00
Ian Southam 8a6a407114 Dhcp refactor 
Loads of tiny bugs squashed and some big ones
Tested with domR needs VPC testing now
TODO:  Unit tests CsDhcp
 2015-03-16 11:38:17 +01:00
Ian Southam 31266d354f Broken code during guest network merge 2015-03-16 11:38:17 +01:00
Hugo Trippaers 75dda0b5b2 Fix imports 2015-03-16 11:38:17 +01:00
Ian Southam 40eb8423b9 Fixed hostname on router 2015-03-16 11:38:16 +01:00
Ian Southam d89c1e28ab Forgot to add append method 2015-03-16 11:38:16 +01:00
Ian Southam ec09f04b88 Small bug 2015-03-16 11:38:16 +01:00
Ian Southam 84624091fd Load balancer config 2015-03-16 11:38:16 +01:00
Ian Southam 7d0df32560 Lots of fixes from the testing 
firewallrules implemented sperately from networkacl (ugly but best that can be done ATM)
Some refactoring in CsDHCP as it made no sense to do it that way anymore
processmonitoring implemented
Domain not correctly sourced in VR
 2015-03-16 11:38:15 +01:00
Ian Southam 08d2e10cb9 pep8 2015-03-16 11:38:15 +01:00
Ian Southam 0496ba7a00 firewallrules (VR) and metworkacl (VPC) did not as I believe they shgould get combined 
in the underlying java code
Have split them out again.
Omce tested this will need some refactorinfg because it is currently PFU
 2015-03-16 11:38:15 +01:00
Ian Southam f924a9755d Adding port forwarding ranges exposes a rather unfortunate typo 2015-03-16 11:38:15 +01:00
Ian Southam 467374c981 This time after running the unittests <blush> 2015-03-16 11:38:14 +01:00
Ian Southam cca4b58d50 A couple of firewall fixes for DomRouter code 2015-03-16 11:38:14 +01:00
wilderrodrigues 099add4fd6 Removing "global" declaration from if block 
In python an "if" block doesn't change the scope. So, global not needed as it was creating an warning.
 2015-03-16 11:38:13 +01:00
wilderrodrigues 185975f6ac Adding [ERROR] tag before error message to ease identification 2015-03-16 11:38:13 +01:00
Hugo Trippaers 67ee33ff8a More pep8 checks and fixes 2015-03-16 11:38:12 +01:00
Hugo Trippaers 5c4d221c34 Let's stick to CamelCase for now 2015-03-16 11:38:12 +01:00
Hugo Trippaers e10545506d Add boilerplates for module unittests 2015-03-16 11:38:12 +01:00
Hugo Trippaers 628af2f973 Get started with some tests on the python code 2015-03-16 11:38:11 +01:00
Ian Southam 6b0c40ed3e iAdd chains before provisioning rules 2015-03-16 11:38:11 +01:00
Ian Southam 50ee12c6e3 Corrected basic firewalling setup 2015-03-16 11:38:10 +01:00
Ian Southam 13b7ca1b3f New code must not run on systemvm 2015-03-16 11:38:10 +01:00
Ian Southam 4cdaada380 Bugger 2015-03-16 11:38:10 +01:00
Ian Southam dce2c9e35a Syntax error 2015-03-16 11:38:10 +01:00
Ian Southam 092c8924c9 Bug corrections 2015-03-16 11:38:09 +01:00
Ian Southam 5249df8799 Splitting router and vpc 2015-03-16 11:38:09 +01:00
Ian Southam 99d7c8f457 Fix syntax error 2015-03-16 11:38:09 +01:00
Ian Southam 945cc0bcfb Aligning router chain names correctly 2015-03-16 11:38:08 +01:00
Hugo Trippaers a2e7f30542 Fix license headers 2015-03-16 11:38:08 +01:00
Hugo Trippaers 18f517a8b1 pep8 2015-03-16 11:38:08 +01:00
Hugo Trippaers 9385f071d7 Fix PEP8 compliance 2015-03-16 11:38:07 +01:00
Hugo Trippaers acaeec9a27 Fix indent 2015-03-16 11:38:07 +01:00
Ian Southam 5dcdf26328 Typo 2015-03-16 11:38:07 +01:00
Ian Southam 54f5c53a20 Decided not at this stage to combine VPC and VR code 2015-03-16 11:38:06 +01:00
Hugo Trippaers 0afe0153a7 Fix tab characters 2015-03-16 11:38:06 +01:00
Ian Southam 2f8352bf96 Daft mistake that left more data getting merged than we would have liked 2015-03-16 11:38:06 +01:00
Hugo Trippaers 76d0669656 Avoid confusion and make sure the file is put in only one location 2015-03-16 11:38:06 +01:00
Hugo Trippaers 01acd3d8ec VR interfaces need the proper network type in ips 2015-03-16 11:38:05 +01:00
Hugo Trippaers 4632936733 We actually don't need all the process stuff 2015-03-16 11:38:05 +01:00
Hugo Trippaers a9c5f91223 Fix indents 2015-03-16 11:35:37 +01:00
Ian Southam ba4684d53d Updated incorrect file. 
This led to the file loading twice
 2015-03-16 11:35:37 +01:00
Ian Southam e30da35879 Interfaces were not coming up on non redundant router 2015-03-16 11:35:37 +01:00
Hugo Trippaers 4cfe2a32c0 Fix a few things introduced by the rebase 2015-03-16 11:35:35 +01:00
Ian Southam 55c008f569 Cockup during the adding of the Apache licence 2015-03-16 11:35:31 +01:00
Ian Southam f0b783bb11 Removed stuff that is moved to CsRedundant 2015-03-16 11:35:30 +01:00
Ian Southam 7b95b78223 backup fault and master implemented 
Some more refactoring to decluter the bin directory
New config class to carry around the log, command line and firewall data
 2015-03-16 11:35:29 +01:00
Ian Southam 8a2391336c Getting redundancy to work via teh configuration files 
Some refactoring to make class loading a little more logical
Removed fw global (does not persist accross modules)
Added first tests
Added command line call to set and disable redundancy
Added command line call to set master
 2015-03-16 11:35:29 +01:00
Ian Southam 093749eaae A start on the redundancy code 
This will not break anything but also will not work
 2015-03-16 11:35:29 +01:00
Ian Southam a01e9082cd New code for ACLs (VPN configuration) failed functional tests 
Some corrections
 2015-03-16 11:35:28 +01:00
Ian Southam f7d0a11a34 Process VPN requests\ 
No tests (yet)
 2015-03-16 11:35:28 +01:00
Ian Southam b95d8257a4 Merge operation for site2site vpn 2015-03-16 11:35:28 +01:00
Ian Southam 725c040d5c Added code to configure netusage for vpc and domR devices 
Removed code from existing scripts that does the same
Fixed some more issues with CsNetfilter
Added rsync for/etc/iptables in rsync
 2015-03-16 11:35:27 +01:00
Ian Southam 3cdaa55462 icmp-type parameter was being skipped 2015-03-16 11:35:27 +01:00
Ian Southam 2765a506dc Moved databag into a separate file 2015-03-16 11:35:26 +01:00
Ian Southam 733bc19eac Include base rule sets in Acls 
Also made some adjustments to the base rule sets to ensure my parsing routine works
 2015-03-16 11:35:26 +01:00
Hugo Trippaers a7338387c1 Sourcenat is handled differently for routers and vpc routers 2015-03-16 11:35:26 +01:00
Hugo Trippaers 576564e744 If a file doesn't exist, create it 2015-03-16 11:35:26 +01:00
Ian Southam 762e05ddee Bug fixed: 
Default drop rul for inbound chain gets dropped by CsNetFilter
This would have been bad (tm)
 2015-03-16 11:35:25 +01:00
Ian Southam 8b38bff962 A lot of corner cases dealt with 
Need now to expand the test data to ensure I have got them all
Also failure to match because bizarrely some strings were unicode and some not
 2015-03-16 11:35:25 +01:00
Ian Southam 5137d7e136 Removed dhcpopts.conf for now as, it is the routing options and they seem to be dealt with dofferently in the new arrangement 
Changed the dhcp tests to avoid handing out the broadcast and gateway addresses :)
 2015-03-16 11:35:25 +01:00
Hugo Trippaers f21b90a73e Add missing sourcenat rule 2015-03-16 11:35:25 +01:00
Hugo Trippaers 6d12d94e0c Add the public source nat rule 2015-03-16 11:35:24 +01:00
Hugo Trippaers 80a149abb7 Add port forwarding and static nat to the convergence infrastructure 2015-03-16 11:35:24 +01:00
Hugo Trippaers 8c5dba31d0 Fix the forwardingrule databag 2015-03-16 11:35:24 +01:00
Ian Southam 7fc3365459 Implemented delete (add : false) for cs_dhcp 
Added some tests to the test_update_config tests for dhcp entries
 2015-03-16 11:35:24 +01:00
Ian Southam e6e47de6ff Stupid stupd bug 
a or b is of course not the same as a | b
 2015-03-16 11:35:23 +01:00
Ian Southam c318bd6337 Corrected bug (I love tests) 
The dhcp server will only start listening after a host has been added
In this condition, HUP is not enough
Changed so that if it is adding a first host it will restart the server
 2015-03-16 11:35:23 +01:00
Ian Southam 0e8c79c7f1 That is the acls. 
Need to check the order stays good
 2015-03-16 11:35:23 +01:00
Hugo Trippaers f273fd4659 Add the static nat rules to the merge procedure 2015-03-16 11:35:23 +01:00
Hugo Trippaers a789e8bf57 Fix a bug that would add updated control ip address instead of replace 2015-03-16 11:35:22 +01:00
Ian Southam 8f4461567d That should be all the dhcp settings correct 
CsGuestNetwork moved out of configure
dnsmasq config all switched to CsDhcp
 2015-03-16 11:35:22 +01:00
Ian Southam b45c71ee31 Acl code linked in 
Dhcp code
Test file for dhcp entry
 2015-03-16 11:35:22 +01:00
Hugo Trippaers 683e660d60 Small (but important) fixes 2015-03-16 11:35:22 +01:00
Ian Southam 574fa2c0a0 Call update_config.py if it is there 2015-03-16 11:35:21 +01:00
Ian Southam 8abf1a22ab Auto create missing chains 
Auto delete superfluous rules
TO DO: Priorities
 2015-03-16 11:35:21 +01:00
Ian Southam 19fd0b4b57 Added logic to create all necessary firewall rules 
TODO:  Auto add chains
TODO:  Delete rules that should not be there
TODO: Deal with precidence
 2015-03-16 11:35:21 +01:00
Ian Southam cd0ad69281 Tidied up main to be in line with the newer classes 
Added a base classs CsDataBag which will autoload a given databag
 2015-03-16 11:35:21 +01:00
Ian Southam c6d99a45a2 First part of some serious refactoring 
The problem is that teh convergence model does not works as it currently is
Firewall rules will get added but not deleted

This builds a table of firewall rules that need to be present
The new CsNetfilter class will then do:
1.  Add rules that are not present
2.  Delete any that were not explicitly in the add list

WIP
 2015-03-16 11:35:21 +01:00
Hugo Trippaers e323d63867 Merge vmmetadata, reuse the code from the existing script to parse it. 2015-03-16 11:35:20 +01:00
Ian Southam 4527519081 Refactored CsHelper into a module 
Introduced CsNetfilter module/class
 2015-03-16 11:35:20 +01:00
Ian Southam 4e63119873 Moved processing the cmd_line databag into update 2015-03-16 11:35:20 +01:00
Ian Southam 3ea63ced68 Added merge for network_acl type message 2015-03-16 11:35:19 +01:00
Ian Southam fff3964332 Add catchall for unknown types 2015-03-16 11:35:19 +01:00
Hugo Trippaers 9ede758e4d Small update to try do deal with the stuck issue 2015-03-16 11:35:19 +01:00
Ian Southam 98a43d184b Fixed bug in which every run of loadQueueFile would append to the json file (merge) 
cloud-early-config now saves its input file to /var/cache/cloud
Execute load cmd_line.json in update_config
Old way of working still in there to stop and possible clash until the base image is made
 2015-03-16 11:35:19 +01:00
Ian Southam 680454dfdf Some bug fixes 
Some more tests
store vmpassword functionally working
Tests for store password
 2015-03-16 11:35:18 +01:00
Ian Southam 9d73879061 Fixed test (assert in guest check was wrong way around) 
Also found condition inw hich apache would be miscobfigured and failed to run (I love tests!!)
Fixed configure.py to cover this case
Added a test to provoke this case!
 2015-03-16 11:35:18 +01:00
Ian Southam 4c5f4a1f9f Added vmpassword type (does nothing yet) 
Fixed tests to use /var/cache/cloud
Added some test files but will remove them when tests are properly completed
Fixed a bug in configure that did not deal well with databags with empty dev sections
 2015-03-16 11:35:17 +01:00
Hugo Trippaers 6a016d5b54 Small fixes 2015-03-16 11:35:17 +01:00
Hugo Trippaers 85434f49b9 Hotfix for lost control interface 2015-03-16 11:35:17 +01:00
Hugo Trippaers 58919dcf50 Change the location for the temporary json files to /var/cache/cloud 2015-03-16 11:35:16 +01:00
Ian Southam ca2ff2946e Added some tests that test stuff 
Specifically checking whether certain ip addresses get added and deleted
Also a rudementary test for the guest network ip
Much more to do!!
 2015-03-16 11:35:16 +01:00
Ian Southam c428d60e6b Stop ignoring eth0 2015-03-16 11:35:15 +01:00
Ian Southam dd6b643ceb Do not use eth0 or eth1 for random tests 
One or other will be the control interface of the box
 2015-03-16 11:35:15 +01:00
Ian Southam cc5d72133e Removed chef as we will definitely not go this way 2015-03-16 11:35:14 +01:00
Ian Southam 6a7a832ef5 iDo not do the post configure steps on a control interface 2015-03-16 11:35:14 +01:00
Ian Southam 2aed586bfc Removed merge_cline - no longer required 
Added the last pieces of vpc guest network
password server and associated FW rules
Added apache2 config and start of server
Corrected a bug in CsFile
Fixed some of the many pyLint bleats
 2015-03-16 11:35:13 +01:00
Leo Simons 295e2caff0 Fix configure::waitForDevice when a device is missing. 
Was using non-existing 'ip' variable.
 2015-03-16 11:35:12 +01:00