Merge remote-tracking branch 'origin/4.17' into main

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

pom.xml

@@ -49,7 +49,7 @@
         <!-- keep in alphabetic order -->
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
-        <project.systemvm.template.version>4.17.0.0</project.systemvm.template.version>
+        <project.systemvm.template.version>4.17.2.0</project.systemvm.template.version>
         <sonar.organization>apache</sonar.organization>
         <sonar.host.url>https://sonarcloud.io</sonar.host.url>
 

systemvm/debian/opt/cloud/bin/setup/common.sh

@@ -576,6 +576,25 @@ setup_vpc_apache2() {
   setup_apache2_common
 }
 
+setup_vpc_mgmt_route() {
+  log_it "Set up route for management network: $MGMTNET via local gateway: $LOCAL_GW for device eth$1 for hypervisor: $HYPERVISOR"
+  if [ -n "$MGMTNET"  -a -n "$LOCAL_GW" ]
+  then
+    mgmt_route_rule="$MGMTNET via $LOCAL_GW dev eth${1}"
+    if [ "$HYPERVISOR" == "vmware" ] || [ "$HYPERVISOR" == "hyperv" ];
+    then
+      exist=`sudo ip route show $mgmt_route_rule | wc -l`
+      if [ $exist -eq 0 ]
+      then
+          log_it "Add route for management network via local gateway, hypervisor: $HYPERVISOR, rule: $mgmt_route_rule"
+          sudo ip route add $mgmt_route_rule
+          # workaround to activate vSwitch under VMware
+          timeout 3 ping -n -c 3 $LOCAL_GW || true
+      fi
+    fi
+  fi
+}
+
 clean_ipalias_config() {
   rm -f /etc/apache2/conf.d/ports.*.meta-data.conf
   rm -f /etc/apache2/sites-available/ipAlias*

systemvm/debian/opt/cloud/bin/setup/init.sh

@@ -190,6 +190,7 @@ setup_interface_sshd() {
   elif [ "$TYPE" == "vpcrouter" ]; then
     init_interfaces "eth0"
     setup_interface "0" $ETH0_IP $ETH0_MASK $GW
+    setup_vpc_mgmt_route "0"
     setup_sshd $ETH0_IP "eth0"
 
   elif [ "$TYPE" == "ilbvm" ]; then

systemvm/debian/opt/cloud/bin/setup/vpcrouter.sh

@@ -66,15 +66,7 @@ setup_vpcrouter() {
     echo "nameserver $IP6_NS2" >> /etc/resolv.conf
   fi
 
-  if [ -n "$MGMTNET"  -a -n "$LOCAL_GW" ]
+  setup_vpc_mgmt_route "0"
-  then
-     if [ "$HYPERVISOR" == "vmware" ] || [ "$HYPERVISOR" == "hyperv" ];
-     then
-         ip route add $MGMTNET via $LOCAL_GW dev eth0
-         # workaround to activate vSwitch under VMware
-         timeout 3 ping -n -c 3 $LOCAL_GW || true
-     fi
-  fi
 
   ip route delete default
   # create route table for static route

tools/appliance/README.md

@@ -26,7 +26,7 @@ CentOS based built-in user VM template.
 # Setting up Tools and Environment
 
 - Install packer and latest KVM, qemu on a Linux machine
-- Install tools for exporting appliances: qemu-img, ovftool, faketime
+- Install tools for exporting appliances: qemu-img, ovftool, faketime, sharutils
 - Build and install `vhd-util` as described in build.sh or use pre-built
   binaries at:
 

tools/appliance/systemvmtemplate/scripts/configure_systemvm_services.sh

@@ -19,7 +19,7 @@
 set -e
 set -x
 
-CLOUDSTACK_RELEASE=4.17.0
+CLOUDSTACK_RELEASE=4.17.2
 
 function configure_apache2() {
    # Enable ssl, rewrite and auth
@@ -50,10 +50,10 @@ function configure_cacerts() {
   CDIR=$(pwd)
   cd /tmp
   # Add LetsEncrypt ca-cert
-  wget https://letsencrypt.org/certs/lets-encrypt-r3.der
   wget https://letsencrypt.org/certs/isrgrootx1.der
-  keytool -trustcacerts -keystore /etc/ssl/certs/java/cacerts -storepass changeit -noprompt -importcert -alias letsencryptauthorityr3 -file lets-encrypt-r3.der
+  wget https://letsencrypt.org/certs/lets-encrypt-r3.der
   keytool -trustcacerts -keystore /etc/ssl/certs/java/cacerts -storepass changeit -noprompt -importcert -alias letsencryptauthorityx1 -file isrgrootx1.der
+  keytool -trustcacerts -keystore /etc/ssl/certs/java/cacerts -storepass changeit -noprompt -importcert -alias letsencryptauthorityr3 -file lets-encrypt-r3.der
   rm -f lets-encrypt-r3.der isrgrootx1.der
   cd $CDIR
 }

tools/appliance/systemvmtemplate/template.json

@@ -23,12 +23,12 @@
       ],
       "boot_wait": "5s",
       "disk_interface": "virtio",
-      "disk_size": "4000M",
+      "disk_size": "5000M",
       "format": "qcow2",
       "headless": true,
       "http_directory": "http",
-      "iso_checksum": "sha512:2810f894afab9ac2631ddd097599761c1481b85e629d6a3197fe1488713af048d37241eb85def681ba86e62b406dd9b891ee1ae7915416335b6bb000d57c1e53",
+      "iso_checksum": "sha512:6a6607a05d57b7c62558e9c462fe5c6c04b9cfad2ce160c3e9140aa4617ab73aff7f5f745dfe51bbbe7b33c9b0e219a022ad682d6c327de0e53e40f079abf66a",
-      "iso_url": "https://cdimage.debian.org/debian-cd/11.3.0/amd64/iso-cd/debian-11.3.0-amd64-netinst.iso",
+      "iso_url": "https://cdimage.debian.org/debian-cd/11.5.0/amd64/iso-cd/debian-11.5.0-amd64-netinst.iso",
       "net_device": "virtio-net",
       "output_directory": "../dist",
       "qemuargs": [