To configure firewall rules, CloudStack modifies `/etc/sysctl.conf` and
execute those modifications. This may be harmful for several reasons:
1. `/etc/sysctl.conf` may be managed by some configuration management
system. Such a system will constantly restore the previous version.
2. `/etc/sysctl.conf` may contain additional properties that have been
changed later by some system administrator (for example, once a
firewall has been configured, forwarding may have been activated
while it is disabled in `/etc/sysctl.conf`). Executing the file
again at a later time may disrupt the system.
3. Entries are added again and again. `/etc/sysctl.conf` will contain
the same directives repeated several times.
Using a configuration file is not needed as `sysctl` is able to directly
modify sysctl values with `-w` flag.
Signed-off-by: Vincent Bernat <Vincent.Bernat@exoscale.ch>
Use host.reserved.ram.mb agent property to modify total system RAM
before reporting to management server.
Remove dom0ram variable and its min/max calculation. Just reserve a
default of 1GB, unless overridden by host.reserved.mem.mb property.
Incase create useraccount fails with any runtime exception,
linkdomaintoldap api shouldnt fail. It just will not return the admin id
as it didnt create the account.
added test cases to verify this as well.
- When stopping/detroying a VPC router and creating a new one via the addition os a VM, the networks are no plugged correctly
- The ETH1 ends up with the IP of the guest nic, which remains down. This causes routes problems and the VMs are not reachable via the pub IPs
- The test will create a VPC, add 2 tier, 2 VMs, ACL, PF and SSH into the VM
- Then it will stop the router, destroy the router, add another VM to 1 tier and check that we can reach all the VMs
CLOUDSTACK-8762: Check to confirm disk activity before starting a VMImplements a VM volume/disk file activity checker that checks if QCOW2 file
has been changed before starting the VM. This is useful as a pessimistic
approach to save VMs that were running on faulty hosts that CloudStack could
try to launch on other hosts while the host was not cleanly fenced. This is
optional and available only if you enable the settings in agent.properties
file, on per-host basis.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
* pr/753:
CLOUDSTACK-8762: Check to confirm disk activity before starting a VM
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
L10n update master from Transifex 20150901Update L10N resource files on master branch with 4.6 translation strings from Transifex (20150901)
Fix an issue with the key message.admin.guide.read on pt_BR L10N in web UI at the root cause
* pr/769:
Update L10N resource files on master branch with 4.6 translation strings from Transifex (20150901) Fix an issue with the key message.admin.guide.read on pt_BR L10N in web UI at the root cause
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Guys, can you review it? things need to be discussed:
(1) this supports KVM/QCOW2 only. Anyone want to implement for other Hypervisor/format ?
(2) The original data volume (on primary storage) will be removed.
(3) The script uses the default timeout in libvirtComputingResource. Do we need to add one in global configuration (like copy.volume.wait or backup.snapshot.wait, create.volume.from.snapshot.wait)
(4) In scripts/storage/qcow2/managesnapshot.sh, I use "qemu-img convert -f qcow2 -O qcow2" to copy the snapshot from secondary to primary (hence there is no base image file), instead of "cp -f", this is because convert is faster than cp in my testing.
* pr/732:
CLOUDSTACK-5863: revert volume snapshot for KVM/QCOW2
Signed-off-by: Wei Zhou <w.zhou@tech.leaseweb.com>
CLOUDSTACK-8785: Proper enforcement of retry count (max.retries) for all work type handled by HighAvailability manager
Retry count is properly enforced for all work types in HA manager. Also reorganized some of the code for easy testing.
Signed-off-by: Koushik Das <koushik@apache.org>
Support live migration on older version of Libvirthttps://issues.apache.org/jira/browse/CLOUDSTACK-8792
A flag being passed to Libvirt assumes v1.0.0 or later.
We need to put a check in the code to pass in a different flag if the version of Libvirt is < 1.0.0.
* pr/767:
Support live migration on older version of Libvirt
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Proposal for an improved CglibThrowableRendererFollowing our discussions on mailing list, here is a PR with a proposal for an improvement on CglibThrowableRenderer. We would still have to define a number to limit the stack traces of causes (I randomly chose 3, just to get the code running). The test case is also not good in my opinion, but I ran out of ideas (waiting for suggestions on that).
* pr/762:
Changed the test case to test each of the log traces in the array list.
Proposal for an improved CglibThrowableRenderer
Signed-off-by: Rajani Karuturi <rajani.karuturi@citrix.com>
made domainId compulsory in api LinkDomainToLdapCmd
used accountServive from BaseCmd in LinkDomainToLdapCmd
changed the allowed account type values to 0 and 2
CLOUDSTACK-8725 RVR functionality is broken in case of isolated networksconntrackd fails to start.
Rebased with master. This closes#692
* pr/763:
CLOUDSTACK-8725 RVR functionality is broken in case of isolated networks, conntrackd fails to start.
Signed-off-by: Rajani Karuturi <rajani.karuturi@citrix.com>
CLOUDSTACK-8766: Fix infinite scrolling pagination for zonal iso/template listing
Due to aggregation of templates and isos on the UI/client side, it could result
that for each page we could end up having lesser templates/isos listed to have
the scroll shown that triggers infinite scrolling. The fix is to use similar
approach as in projects.js, to use the maximum pagesize of 500. In theory, there
is still a chance if there are 500 zones with the same template being listed
resulting in only one aggregated template which could cause the scroll to not
get shown; but in practice I believe this fix should work for most users.
(cherry picked from commit 8a1cc7aac6f3d9a0a1686e2dae8dd12b74ed9cdd)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
* pr/751:
CLOUDSTACK-8766: Fix infinite scrolling pagination for zonal iso/template listing
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Made following fixes in simulator
- Support for ScaleVmCommand/NetworkRulesVmSecondaryIpCommand in resource layer
- Added support for scaling up a running VM in simulator
- Fixed some method names not following convention
In order to test PR #725 using simulator some of these changes are needed.
Based on the way HV check is present in the scale VM API, had to explicitly put simulator related check to allow support. The ideal way would be to remove all these HV specific check from code and made them some configuration (by putting them in hypervisor_capabilities table in DB). But that will be a bigger effort outside the scope of this PR.
Signed-off-by: Koushik Das <koushik@apache.org>
This reverts commit cd7218e241, reversing
changes made to f5a7395cc2.
Reason for Revert:
noredist build failed with the below error:
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-compiler-plugin:3.2:compile (default-compile) on project cloud-plugin-hypervisor-vmware: Compilation failure
[ERROR] /home/jenkins/acs/workspace/build-master-noredist/plugins/hypervisors/vmware/src/com/cloud/hypervisor/guru/VMwareGuru.java:[484,12] error: non-static variable logger cannot be referenced from a static context
[ERROR] -> [Help 1]
even the normal build is broken as reported by @koushik-das on dev list
http://markmail.org/message/nngimssuzkj5gpbz
Changed variable s_logger to non-static and fixed its name in com.cloud.utils.component.ComponentLifecycleBase and its subclassesHi guys,
We have noticed that every single class that is a subclass of ComponentLifecycleBase instantiate their on logger manually and uses a nonstandard name. We fixed that by changing the variable in ComponentLifecycleBase to protected and non-static and instantiated it using the method getClass from Object class. Therefore, we can reduce the code in a few hundred lines and use a more intuitive name for the logger variable.
During that process we found a static method that used the s_logger variable in classes:
com.cloud.network.element.VirtualRouterElement
org.apache.cloudstack.network.element.InternalLoadBalancerElement
To fix that we had to create a new class com.cloud.network.element.HAProxyLBRule, instantiate it with @Componente and inject into the aforementioned classes.
The class that we create is com.cloud.network.element.HAProxyLBRule and has the following methods:
com.cloud.network.element.HAProxyLBRule.containsOnlyNumbers(String, String)
com.cloud.network.element.HAProxyLBRule.validateHAProxyLBRule(LoadBalancingRule)
Sadly we could not write test cases to it; hence we did not fully understand those methods. However, if anyone out there understands it, we would appreciate some code to be added to it.
As minor this change may seem; we believe that it enhances a little bit the ACS code by using standard name to logger variable.
* pr/714:
Solved jira ticket: CLOUDSTACK-8750
Signed-off-by: Daan Hoogland <daan@onecht.net>
use fakelocalhost in BasicRestClientTestBasicRestClientTest will fail if the port 443 is open on localhost.
use fakelocalhost instead of localhost can fix it.
Please see the latest discussion in https://github.com/apache/cloudstack/pull/737
* pr/752:
use fakelocalhost in BasicRestClientTest
Signed-off-by: Rajani Karuturi <rajani.karuturi@citrix.com>
CLOUDSTACK-8783: specify ciphersuite SSL_DH_anon_WITH_3DES_EDE_CBC_SHA in MockServerTest.javaThe ciphersuite could be different on os.
Sometimes the MockServerTest fails due to the ciphersuite does not work (for instance misconfiguration).
SSL_DH_anon_WITH_3DES_EDE_CBC_SHA has 168-bit encryption and anonymous auth, which is suitable for SSL testing.
* pr/759:
CLOUDSTACK-8783: specify ciphersuite SSL_DH_anon_WITH_3DES_EDE_CBC_SHA in MockServerTest.java
Signed-off-by: Rajani Karuturi <rajani.karuturi@citrix.com>
Putting CglibThrowableRenderer.java back after it was removed in 83fd8f6Also removing the entry 'log/' from .gitignore since that was the culprit for the removal of the file.
This was detected in #714
* pr/758:
Putting CglibThrowableRenderer.java back after it was removed in 83fd8f6
Signed-off-by: Rajani Karuturi <rajani.karuturi@citrix.com>
Implements a VM volume/disk file activity checker that checks if QCOW2 file
has been changed before starting the VM. This is useful as a pessimistic
approach to save VMs that were running on faulty hosts that CloudStack could
try to launch on other hosts while the host was not cleanly fenced. This is
optional and available only if you enable the settings in agent.properties
file, on per-host basis.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Fix schema-421to430.sql issue after MariaDB upgrade@remibergsma @wido Can you test it?
* pr/757:
Fix schema-421to430.sql issue after MariaDB upgrade
Signed-off-by: Wido den Hollander <wido@widodh.nl>
Due to aggregation of templates and isos on the UI/client side, it could result
that for each page we could end up having lesser templates/isos listed to have
the scroll shown that triggers infinite scrolling. In theory, there
is still a chance if there are several zones with the same template being listed
resulting in only one aggregated template which could cause the scroll to not
get shown; but in practice I believe this fix should work for most users.
Page size set based on experimental data:
https://github.com/apache/cloudstack/pull/751#issuecomment-135661968
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
fix debian package after addition of license header in pom.xmlPR#737 add lines in pom.xml which break debian build.
This fix debian package build issue.
* pr/746:
fix debian package after addition of license header in pom.xml
Signed-off-by: Remi Bergsma <github@remi.nl>
Vincent Bernat
Kevin McCormick
Rajani Karuturi
wilderrodrigues
Rohit Yadav
Jayapal
shweta agarwal
Wei Zhou
Milamber
Koushik Das
Mike Tutkowski
weingartner
Bharat Kumar
Daan Hoogland
Kshitij Kansal
Miguel Ferreira
Wido den Hollander
Remi Bergsma
Rajani Karuturi