apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Reuse APIChecker adapter interface for APi Rate limit checking and optimize ApiRateLimitService interface.

Browse Source 
Signed-off-by: Min Chen <min.chen@citrix.com>
This commit is contained in:
Min Chen 2013-01-15 15:53:19 -08:00
commit 4355d06a86
80 changed files with 1213 additions and 681 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

43
api/src/com/cloud/exception/RequestLimitException.java Normal file
View File

@ -0,0 +1,43 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package com.cloud.exception;
import com.cloud.utils.SerialVersionUID;
import com.cloud.utils.exception.CloudRuntimeException;
/**
* Exception thrown if number of requests is over api rate limit set.
* @author minc
*
*/
public class RequestLimitException extends CloudRuntimeException {
private static final long serialVersionUID = SerialVersionUID.AccountLimitException;
protected RequestLimitException() {
super();
}
public RequestLimitException(String msg) {
super(msg);
}
public RequestLimitException(String msg, Throwable cause) {
super(msg, cause);
}
}

2
api/src/com/cloud/network/NetworkService.java
View File

@ -60,6 +60,8 @@ public interface NetworkService {
Network getNetwork(long networkId);
Network getNetwork(String networkUuid);
IpAddress getIp(long id);
NetworkProfile convertNetworkToNetworkProfile(long networkId);

2
api/src/com/cloud/user/DomainService.java
View File

@ -30,6 +30,8 @@ public interface DomainService {
Domain getDomain(long id);
Domain getDomain(String uuid);
/**
* Return whether a domain is a child domain of a given domain.
*

11
api/src/org/apache/cloudstack/acl/APIChecker.java
View File

@ -16,13 +16,16 @@
// under the License.
package org.apache.cloudstack.acl;
import org.apache.cloudstack.acl.RoleType;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.exception.RequestLimitException;
import com.cloud.user.User;
import com.cloud.utils.component.Adapter;
// APIChecker checks the ownership and access control to API requests
public interface APIChecker extends Adapter {
// Interface for checking access for a role using apiname
boolean checkAccess(RoleType roleType, String apiCommandName);
// Interface for checking existence of an api by name
boolean checkExistence(String apiCommandName);
// If true, apiChecker has checked the operation
// If false, apiChecker is unable to handle the operation or not implemented
// On exception, checkAccess failed don't allow
boolean checkAccess(User user, String apiCommandName) throws PermissionDeniedException, RequestLimitException;
}

7
api/src/org/apache/cloudstack/api/ResponseGenerator.java
View File

@ -314,13 +314,6 @@ public interface ResponseGenerator {
StorageNetworkIpRangeResponse createStorageNetworkIpRangeResponse(StorageNetworkIpRange result);
/**
* @param tableName TODO
* @param token
* @return
*/
Long getIdentiyId(String tableName, String token);
/**
* @param resourceTag
* @param keyValueOnly TODO

17
api/src/org/apache/cloudstack/api/command/user/vm/DeployVMCmd.java
View File

@ -147,10 +147,9 @@ public class DeployVMCmd extends BaseAsyncCreateCmd {
private List<String> securityGroupNameList;
@ACL(checkKeyAccess=true)
@Parameter(name = ApiConstants.IP_NETWORK_LIST, type = CommandType.MAP, entityType={Network.class,IpAddress.class},
@Parameter(name = ApiConstants.IP_NETWORK_LIST, type = CommandType.MAP, entityType={Network.class, IpAddress.class},
description = "ip to network mapping. Can't be specified with networkIds parameter." +
" Example: iptonetworklist[0].ip=10.10.10.11&iptonetworklist[0].networkid=204 - requests to" +
" use ip 10.10.10.11 in network id=204")
" Example: iptonetworklist[0].ip=10.10.10.11&iptonetworklist[0].networkid=uuid - requests to use ip 10.10.10.11 in network id=uuid")
private Map ipToNetworkList;
@Parameter(name=ApiConstants.IP_ADDRESS, type=CommandType.STRING, description="the ip address for default vm's network")
@ -284,7 +283,17 @@ public class DeployVMCmd extends BaseAsyncCreateCmd {
Iterator iter = ipsCollection.iterator();
while (iter.hasNext()) {
HashMap<String, String> ips = (HashMap<String, String>) iter.next();
Long networkId = Long.valueOf(_responseGenerator.getIdentiyId("networks", ips.get("networkid")));
Long networkId;
Network network = _networkService.getNetwork(ips.get("networkid"));
if (network != null) {
networkId = network.getId();
} else {
try {
networkId = Long.parseLong(ips.get("networkid"));
} catch(NumberFormatException e) {
throw new InvalidParameterValueException("Unable to translate and find entity with networkId: " + ips.get("networkid"));
}
}
String requestedIp = (String) ips.get("ip");
ipToNetworkMap.put(networkId, requestedIp);
}

2
api/src/org/apache/cloudstack/api/command/user/volume/ExtractVolumeCmd.java
View File

@ -137,7 +137,7 @@ public class ExtractVolumeCmd extends BaseAsyncCmd {
Volume vol = _entityMgr.findById(Volume.class, id);
response.setId(vol.getUuid());
response.setName(vol.getName());
DataCenter zone = _entityMgr.findById(DataCenter.class, id);
DataCenter zone = _entityMgr.findById(DataCenter.class, zoneId);
response.setZoneId(zone.getUuid());
response.setZoneName(zone.getName());
response.setMode(mode);

10
client/bindir/cloud-setup-management.in
View File

@ -16,8 +16,9 @@
# specific language governing permissions and limitations
# under the License.
import sys
from cloudutils.syscfg import sysConfigFactory
from cloudutils.utilities import initLoging
from cloudutils.utilities import initLoging, UnknownSystemException
from cloudutils.cloudException import CloudRuntimeException, CloudInternalException
from cloudutils.globalEnv import globalEnv
from cloudutils.serviceConfigServer import cloudManagementConfig
@ -35,7 +36,12 @@ if __name__ == '__main__':
glbEnv.mode = "Server"
print "Starting to configure CloudStack Management Server:"
syscfg = sysConfigFactory.getSysConfigFactory(glbEnv)
try:
syscfg = sysConfigFactory.getSysConfigFactory(glbEnv)
except UnknownSystemException:
print >>sys.stderr, ("Error: CloudStack failed to detect your "
"operating system. Exiting.")
sys.exit(1)
try:
syscfg.registerService(cloudManagementConfig)
syscfg.config()

24
client/tomcatconf/api-limit_commands.properties.in
View File

@ -1,24 +0,0 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
# bitmap of permissions at the end of each classname, 1 = ADMIN, 2 =
# RESOURCE_DOMAIN_ADMIN, 4 = DOMAIN_ADMIN, 8 = USER
# Please standardize naming conventions to camel-case (even for acronyms).
# CloudStack API Rate Limit service command
getApiLimit=15
resetApiLimit=1

25
client/tomcatconf/cisconexusvsm_commands.properties.in
View File

@ -1,25 +0,0 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
### bitmap of permissions at the end of each classname, 1 = ADMIN, 2 = RESOURCE_DOMAIN_ADMIN, 4 = DOMAIN_ADMIN, 8 = USER
### Please standardize naming conventions to camel-case (even for acronyms).
#### Cisco Nexus 1000v Virtual Supervisor Module (VSM) commands
deleteCiscoNexusVSM=1
enableCiscoNexusVSM=1
disableCiscoNexusVSM=1
listCiscoNexusVSMs=1

28
client/tomcatconf/commands-ext.properties.in
View File

@ -1,28 +0,0 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#### usage commands
generateUsageRecords=com.cloud.api.commands.GenerateUsageRecordsCmd;1
listUsageRecords=com.cloud.api.commands.GetUsageRecordsCmd;1
listUsageTypes=com.cloud.api.commands.ListUsageTypesCmd;1
#### traffic monitor commands
addTrafficMonitor=com.cloud.api.commands.AddTrafficMonitorCmd;1
deleteTrafficMonitor=com.cloud.api.commands.DeleteTrafficMonitorCmd;1
listTrafficMonitors=com.cloud.api.commands.ListTrafficMonitorsCmd;1

89
client/tomcatconf/commands.properties.in
View File

@ -424,3 +424,92 @@ resetVpnConnection=15
listVpnCustomerGateways=15
listVpnGateways=15
listVpnConnections=15
#### router commands
createVirtualRouterElement=7
configureVirtualRouterElement=7
listVirtualRouterElements=7
#### usage commands
generateUsageRecords=1
listUsageRecords=1
listUsageTypes=1
#### traffic monitor commands
addTrafficMonitor=1
deleteTrafficMonitor=1
listTrafficMonitors=1
#### Cisco Nexus 1000v Virtual Supervisor Module (VSM) commands
deleteCiscoNexusVSM=1
enableCiscoNexusVSM=1
disableCiscoNexusVSM=1
listCiscoNexusVSMs=1
#### f5 big ip load balancer commands
#Deprecated commands
addExternalLoadBalancer=1
deleteExternalLoadBalancer=1
listExternalLoadBalancers=1
addF5LoadBalancer=1
configureF5LoadBalancer=1
deleteF5LoadBalancer=1
listF5LoadBalancers=1
listF5LoadBalancerNetworks=1
#### juniper srx firewall commands
addExternalFirewall=1
deleteExternalFirewall=1
listExternalFirewalls=1
addSrxFirewall=1
deleteSrxFirewall=1
configureSrxFirewall=1
listSrxFirewalls=1
listSrxFirewallNetworks=1
####Netapp integration commands
createVolumeOnFiler=15
destroyVolumeOnFiler=15
listVolumesOnFiler=15
createLunOnFiler=15
destroyLunOnFiler=15
listLunsOnFiler=15
associateLun=15
dissociateLun=15
createPool=15
deletePool=15
modifyPool=15
listPools=15
#### netscaler load balancer commands
addNetscalerLoadBalancer=1
deleteNetscalerLoadBalancer=1
configureNetscalerLoadBalancer=1
listNetscalerLoadBalancers=1
listNetscalerLoadBalancerNetworks=1
#### nicira nvp commands
addNiciraNvpDevice=1
deleteNiciraNvpDevice=1
listNiciraNvpDevices=1
listNiciraNvpDeviceNetworks=1
# Not implemented (yet)
#configureNiciraNvpDevice=1
#### host simulator commands
configureSimulator=1
#### api discovery commands
listApis=15
#### API Rate Limit service command
getApiLimit=15
resetApiLimit=1

8
client/tomcatconf/components.xml.in
View File

@ -54,15 +54,13 @@ under the License.
<param name="premium">true</param>
</dao>
<adapters key="org.apache.cloudstack.acl.APIChecker">
<adapter name="StaticRoleBasedAPIAccessChecker" class="org.apache.cloudstack.acl.StaticRoleBasedAPIAccessChecker"/>
</adapters>
<adapters key="org.apache.cloudstack.acl.APILimitChecker">
<adapter name="AccountBasedAPIRateLimit" class="org.apache.cloudstack.ratelimit.ApiRateLimitServiceImpl" singleton="true">
<param name="api.throttling.interval">1</param>
<param name="api.throttling.max">25</param>
<param name="api.throttling.cachesize">50000</param>
</adapter>
</adapters>
</adapter>
<adapter name="StaticRoleBasedAPIAccessChecker" class="org.apache.cloudstack.acl.StaticRoleBasedAPIAccessChecker"/>
</adapters>
<adapters key="com.cloud.agent.manager.allocator.HostAllocator">
<adapter name="FirstFitRouting" class="com.cloud.agent.manager.allocator.impl.FirstFitRoutingAllocator"/>
<!--adapter name="FirstFitRouting" class="com.cloud.agent.manager.allocator.impl.RecreateHostAllocator"/-->

32
client/tomcatconf/f5bigip_commands.properties.in
View File

@ -1,32 +0,0 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
### bitmap of permissions at the end of each classname, 1 = ADMIN, 2 = RESOURCE_DOMAIN_ADMIN, 4 = DOMAIN_ADMIN, 8 = USER
### Please standardize naming conventions to camel-case (even for acronyms).
#### f5 big ip load balancer commands
#Deprecated commands
addExternalLoadBalancer=1
deleteExternalLoadBalancer=1
listExternalLoadBalancers=1
addF5LoadBalancer=1
configureF5LoadBalancer=1
deleteF5LoadBalancer=1
listF5LoadBalancers=1
listF5LoadBalancerNetworks=1

30
client/tomcatconf/junipersrx_commands.properties.in
View File

@ -1,30 +0,0 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
### bitmap of permissions at the end of each classname, 1 = ADMIN, 2 = RESOURCE_DOMAIN_ADMIN, 4 = DOMAIN_ADMIN, 8 = USER
### Please standardize naming conventions to camel-case (even for acronyms).
#### juniper srx firewall commands
addExternalFirewall=1
deleteExternalFirewall=1
listExternalFirewalls=1
addSrxFirewall=1
deleteSrxFirewall=1
configureSrxFirewall=1
listSrxFirewalls=1
listSrxFirewallNetworks=1

33
client/tomcatconf/netapp_commands.properties.in
View File

@ -1,33 +0,0 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
### bitmap of permissions at the end of each classname, 1 = ADMIN, 2 = RESOURCE_DOMAIN_ADMIN, 4 = DOMAIN_ADMIN, 8 = USER
### Please standardize naming conventions to camel-case (even for acronyms).
####Netapp integration commands
createVolumeOnFiler=15
destroyVolumeOnFiler=15
listVolumesOnFiler=15
createLunOnFiler=15
destroyLunOnFiler=15
listLunsOnFiler=15
associateLun=15
dissociateLun=15
createPool=15
deletePool=15
modifyPool=15
listPools=15

26
client/tomcatconf/netscalerloadbalancer_commands.properties.in
View File

@ -1,26 +0,0 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
### bitmap of permissions at the end of each classname, 1 = ADMIN, 2 = RESOURCE_DOMAIN_ADMIN, 4 = DOMAIN_ADMIN, 8 = USER
### Please standardize naming conventions to camel-case (even for acronyms).
#### netscaler load balancer commands
addNetscalerLoadBalancer=1
deleteNetscalerLoadBalancer=1
configureNetscalerLoadBalancer=1
listNetscalerLoadBalancers=1
listNetscalerLoadBalancerNetworks=1

29
client/tomcatconf/nicira-nvp_commands.properties.in
View File

@ -1,29 +0,0 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
### bitmap of permissions at the end of each classname, 1 = ADMIN, 2 = RESOURCE_DOMAIN_ADMIN, 4 = DOMAIN_ADMIN, 8 = USER
### Please standardize naming conventions to camel-case (even for acronyms).
#### nicira nvp commands
addNiciraNvpDevice=1
deleteNiciraNvpDevice=1
listNiciraNvpDevices=1
listNiciraNvpDeviceNetworks=1
# Not implemented (yet)
#configureNiciraNvpDevice=1

19
client/tomcatconf/simulator_commands.properties.in
View File

@ -1,19 +0,0 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
configureSimulator=1

24
client/tomcatconf/virtualrouter_commands.properties.in
View File

@ -1,24 +0,0 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
### bitmap of permissions at the end of each classname, 1 = ADMIN, 2 = RESOURCE_DOMAIN_ADMIN, 4 = DOMAIN_ADMIN, 8 = USER
### Please standardize naming conventions to camel-case (even for acronyms).
#### router commands
createVirtualRouterElement=7
configureVirtualRouterElement=7
listVirtualRouterElements=7

54
plugins/acl/static-role-based/src/org/apache/cloudstack/acl/StaticRoleBasedAPIAccessChecker.java
View File

@ -16,16 +16,19 @@
// under the License.
package org.apache.cloudstack.acl;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.server.ManagementServer;
import com.cloud.user.Account;
import com.cloud.user.AccountService;
import com.cloud.user.User;
import com.cloud.utils.PropertiesUtil;
import com.cloud.utils.component.AdapterBase;
import com.cloud.utils.component.ComponentLocator;
import com.cloud.utils.component.PluggableService;
import javax.ejb.Local;
import javax.naming.ConfigurationException;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
@ -33,7 +36,7 @@ import org.apache.log4j.Logger;
// This is the default API access checker that grab's the user's account
// based on the account type, access is granted
@Local(value=APIChecker.class)
@Local(value = APIChecker.class)
public class StaticRoleBasedAPIAccessChecker extends AdapterBase implements APIChecker {
protected static final Logger s_logger = Logger.getLogger(StaticRoleBasedAPIAccessChecker.class);
@ -41,25 +44,28 @@ public class StaticRoleBasedAPIAccessChecker extends AdapterBase implements APIC
private static Map<RoleType, Set<String>> s_roleBasedApisMap =
new HashMap<RoleType, Set<String>>();
private static AccountService s_accountService;
protected StaticRoleBasedAPIAccessChecker() {
super();
for (RoleType roleType: RoleType.values()) {
for (RoleType roleType : RoleType.values())
s_roleBasedApisMap.put(roleType, new HashSet<String>());
}
}
@Override
public boolean checkAccess(RoleType roleType, String commandName) {
return s_roleBasedApisMap.get(roleType).contains(commandName);
}
@Override
public boolean checkExistence(String apiName) {
for (RoleType roleType: RoleType.values()) {
if (s_roleBasedApisMap.get(roleType).contains(apiName))
return true;
public boolean checkAccess(User user, String commandName)
throws PermissionDeniedException {
Account account = s_accountService.getAccount(user.getAccountId());
if (account == null) {
throw new PermissionDeniedException("The account id=" + user.getAccountId() + "for user id=" + user.getId() + "is null");
}
return false;
RoleType roleType = s_accountService.getRoleType(account);
boolean isAllowed = s_roleBasedApisMap.get(roleType).contains(commandName);
if (!isAllowed) {
throw new PermissionDeniedException("The API does not exist or is blacklisted. Role type=" + roleType.toString() + " is not allowed to request the api: " + commandName);
}
return isAllowed;
}
@Override
@ -68,30 +74,26 @@ public class StaticRoleBasedAPIAccessChecker extends AdapterBase implements APIC
// Read command properties files to build the static map per role.
ComponentLocator locator = ComponentLocator.getLocator(ManagementServer.Name);
List<PluggableService> services = locator.getAllPluggableServices();
services.add((PluggableService) ComponentLocator.getComponent(ManagementServer.Name));
s_accountService = locator.getManager(AccountService.class);
Map<String, String> configPropertiesMap = new HashMap<String, String>();
for (PluggableService service : services) {
configPropertiesMap.putAll(service.getProperties());
}
processMapping(PropertiesUtil.processConfigFile(new String[]
{"commands.properties"}));
processConfigFiles(configPropertiesMap);
return true;
}
private void processConfigFiles(Map<String, String> configMap) {
for (Map.Entry<String, String> entry: configMap.entrySet()) {
private void processMapping(Map<String, String> configMap) {
for (Map.Entry<String, String> entry : configMap.entrySet()) {
String apiName = entry.getKey();
String roleMask = entry.getValue();
try {
short cmdPermissions = Short.parseShort(roleMask);
for (RoleType roleType: RoleType.values()) {
for (RoleType roleType : RoleType.values()) {
if ((cmdPermissions & roleType.getValue()) != 0)
s_roleBasedApisMap.get(roleType).add(apiName);
}
} catch (NumberFormatException nfe) {
s_logger.info("Malformed commands.properties permissions value, for entry: " + entry.toString());
s_logger.info("Malformed key=value pair for entry: " + entry.toString());
}
}
}

10
plugins/api/discovery/src/org/apache/cloudstack/api/command/user/discovery/ListApisCmd.java
View File

@ -16,7 +16,10 @@
// under the License.
package org.apache.cloudstack.api.command.user.discovery;
import com.cloud.user.AccountService;
import com.cloud.user.User;
import com.cloud.user.UserContext;
import com.cloud.utils.component.Inject;
import org.apache.cloudstack.acl.RoleType;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants;
@ -39,14 +42,17 @@ public class ListApisCmd extends BaseCmd {
@PlugService
ApiDiscoveryService _apiDiscoveryService;
@Inject
private AccountService _accountService;
@Parameter(name=ApiConstants.NAME, type=CommandType.STRING, description="API name")
private String name;
@Override
public void execute() throws ServerApiException {
if (_apiDiscoveryService != null) {
RoleType roleType = _accountService.getRoleType(UserContext.current().getCaller());
ListResponse<ApiDiscoveryResponse> response = (ListResponse<ApiDiscoveryResponse>) _apiDiscoveryService.listApis(roleType, name);
User user = _accountService.getActiveUser(UserContext.current().getCallerUserId());
ListResponse<ApiDiscoveryResponse> response = (ListResponse<ApiDiscoveryResponse>) _apiDiscoveryService.listApis(user, name);
if (response == null) {
throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Api Discovery plugin was unable to find an api by that name or process any apis");
}

4
plugins/api/discovery/src/org/apache/cloudstack/discovery/ApiDiscoveryService.java
View File

@ -16,11 +16,11 @@
// under the License.
package org.apache.cloudstack.discovery;
import com.cloud.user.User;
import com.cloud.utils.component.PluggableService;
import org.apache.cloudstack.acl.RoleType;
import org.apache.cloudstack.api.BaseResponse;
import org.apache.cloudstack.api.response.ListResponse;
public interface ApiDiscoveryService extends PluggableService {
ListResponse<? extends BaseResponse> listApis(RoleType roleType, String apiName);
ListResponse<? extends BaseResponse> listApis(User user, String apiName);
}

116
plugins/api/discovery/src/org/apache/cloudstack/discovery/ApiDiscoveryServiceImpl.java
View File

@ -18,11 +18,15 @@ package org.apache.cloudstack.discovery;
import com.cloud.serializer.Param;
import com.cloud.server.ManagementServer;
import com.cloud.user.User;
import com.cloud.utils.ReflectUtil;
import com.cloud.utils.StringUtils;
import com.cloud.utils.component.Adapters;
import com.cloud.utils.component.ComponentLocator;
import com.cloud.utils.component.Inject;
import com.cloud.utils.component.PluggableService;
import com.google.gson.annotations.SerializedName;
import org.apache.cloudstack.acl.APIChecker;
import org.apache.cloudstack.acl.RoleType;
import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.BaseCmd;
@ -30,6 +34,7 @@ import org.apache.cloudstack.api.BaseAsyncCmd;
import org.apache.cloudstack.api.BaseAsyncCreateCmd;
import org.apache.cloudstack.api.BaseResponse;
import org.apache.cloudstack.api.Parameter;
import org.apache.cloudstack.api.command.user.discovery.ListApisCmd;
import org.apache.cloudstack.api.response.ApiDiscoveryResponse;
import org.apache.cloudstack.api.response.ApiParameterResponse;
import org.apache.cloudstack.api.response.ApiResponseResponse;
@ -49,57 +54,31 @@ import java.util.Set;
public class ApiDiscoveryServiceImpl implements ApiDiscoveryService {
private static final Logger s_logger = Logger.getLogger(ApiDiscoveryServiceImpl.class);
private static Map<RoleType, List<ApiDiscoveryResponse>> _roleTypeDiscoveryResponseListMap;
@Inject(adapter = APIChecker.class)
protected Adapters<APIChecker> _apiAccessCheckers;
private static Map<String, ApiDiscoveryResponse> _apiNameDiscoveryResponseMap =
new HashMap<String, ApiDiscoveryResponse>();
private static Map<String, List<RoleType>> _apiNameRoleTypeListMap = null;
private static Map<String, ApiDiscoveryResponse> _apiNameDiscoveryResponseMap = null;
protected ApiDiscoveryServiceImpl() {
super();
if (_roleTypeDiscoveryResponseListMap == null) {
if (_apiNameDiscoveryResponseMap == null) {
long startTime = System.nanoTime();
_roleTypeDiscoveryResponseListMap = new HashMap<RoleType, List<ApiDiscoveryResponse>>();
for (RoleType roleType: RoleType.values())
_roleTypeDiscoveryResponseListMap.put(roleType, new ArrayList<ApiDiscoveryResponse>());
_apiNameDiscoveryResponseMap = new HashMap<String, ApiDiscoveryResponse>();
cacheResponseMap();
long endTime = System.nanoTime();
s_logger.info("Api Discovery Service: Annotation, docstrings, api relation graph processed in " + (endTime - startTime) / 1000000.0 + " ms");
}
}
private Map<String, List<RoleType>> getApiNameRoleTypeListMap() {
Map<String, List<RoleType>> apiNameRoleTypeMap = new HashMap<String, List<RoleType>>();
ComponentLocator locator = ComponentLocator.getLocator(ManagementServer.Name);
List<PluggableService> services = locator.getAllPluggableServices();
services.add((PluggableService) ComponentLocator.getComponent(ManagementServer.Name));
for (PluggableService service : services) {
for (Map.Entry<String, String> entry: service.getProperties().entrySet()) {
String apiName = entry.getKey();
String roleMask = entry.getValue();
try {
short cmdPermissions = Short.parseShort(roleMask);
if (!apiNameRoleTypeMap.containsKey(apiName))
apiNameRoleTypeMap.put(apiName, new ArrayList<RoleType>());
for (RoleType roleType: RoleType.values()) {
if ((cmdPermissions & roleType.getValue()) != 0)
apiNameRoleTypeMap.get(apiName).add(roleType);
}
} catch (NumberFormatException nfe) {
}
}
}
return apiNameRoleTypeMap;
}
private void cacheResponseMap() {
Set<Class<?>> cmdClasses = ReflectUtil.getClassesWithAnnotation(APICommand.class,
new String[]{"org.apache.cloudstack.api", "com.cloud.api"});
//TODO: Fix and use PluggableService to get the classes
Map<String, List<String>> responseApiNameListMap = new HashMap<String, List<String>>();
for(Class<?> cmdClass: cmdClasses) {
for (Class<?> cmdClass : cmdClasses) {
APICommand apiCmdAnnotation = cmdClass.getAnnotation(APICommand.class);
if (apiCmdAnnotation == null)
apiCmdAnnotation = cmdClass.getSuperclass().getAnnotation(APICommand.class);
@ -123,9 +102,9 @@ public class ApiDiscoveryServiceImpl implements ApiDiscoveryService {
response.setRelated(responseName);
Field[] responseFields = apiCmdAnnotation.responseObject().getDeclaredFields();
for(Field responseField: responseFields) {
for (Field responseField : responseFields) {
SerializedName serializedName = responseField.getAnnotation(SerializedName.class);
if(serializedName != null) {
if (serializedName != null) {
ApiResponseResponse responseResponse = new ApiResponseResponse();
responseResponse.setName(serializedName.value());
Param param = responseField.getAnnotation(Param.class);
@ -137,14 +116,14 @@ public class ApiDiscoveryServiceImpl implements ApiDiscoveryService {
}
Field[] fields = ReflectUtil.getAllFieldsForClass(cmdClass,
new Class<?>[] {BaseCmd.class, BaseAsyncCmd.class, BaseAsyncCreateCmd.class});
new Class<?>[]{BaseCmd.class, BaseAsyncCmd.class, BaseAsyncCreateCmd.class});
boolean isAsync = ReflectUtil.isCmdClassAsync(cmdClass,
new Class<?>[] {BaseAsyncCmd.class, BaseAsyncCreateCmd.class});
new Class<?>[]{BaseAsyncCmd.class, BaseAsyncCreateCmd.class});
response.setAsync(isAsync);
for(Field field: fields) {
for (Field field : fields) {
Parameter parameterAnnotation = field.getAnnotation(Parameter.class);
if (parameterAnnotation != null
&& parameterAnnotation.expose()
@ -166,10 +145,10 @@ public class ApiDiscoveryServiceImpl implements ApiDiscoveryService {
_apiNameDiscoveryResponseMap.put(apiName, response);
}
for (String apiName: _apiNameDiscoveryResponseMap.keySet()) {
for (String apiName : _apiNameDiscoveryResponseMap.keySet()) {
ApiDiscoveryResponse response = _apiNameDiscoveryResponseMap.get(apiName);
Set<ApiParameterResponse> processedParams = new HashSet<ApiParameterResponse>();
for (ApiParameterResponse param: response.getParams()) {
for (ApiParameterResponse param : response.getParams()) {
if (responseApiNameListMap.containsKey(param.getRelated())) {
List<String> relatedApis = responseApiNameListMap.get(param.getRelated());
param.setRelated(StringUtils.join(relatedApis, ","));
@ -192,41 +171,48 @@ public class ApiDiscoveryServiceImpl implements ApiDiscoveryService {
}
@Override
public ListResponse<? extends BaseResponse> listApis(RoleType roleType, String name) {
// Creates roles based response list cache the first time listApis is called
// Due to how adapters work, this cannot be done when mgmt loads
if (_apiNameRoleTypeListMap == null) {
long startTime = System.nanoTime();
_apiNameRoleTypeListMap = getApiNameRoleTypeListMap();
for (Map.Entry<String, List<RoleType>> entry: _apiNameRoleTypeListMap.entrySet()) {
String apiName = entry.getKey();
for (RoleType roleTypeInList: entry.getValue()) {
_roleTypeDiscoveryResponseListMap.get(roleTypeInList).add(
_apiNameDiscoveryResponseMap.get(apiName));
}
}
long endTime = System.nanoTime();
s_logger.info("Api Discovery Service: List apis cached in " + (endTime - startTime) / 1000000.0 + " ms");
}
public ListResponse<? extends BaseResponse> listApis(User user, String name) {
ListResponse<ApiDiscoveryResponse> response = new ListResponse<ApiDiscoveryResponse>();
List<ApiDiscoveryResponse> responseList = new ArrayList<ApiDiscoveryResponse>();
if (user == null)
return null;
if (name != null) {
if (!_apiNameDiscoveryResponseMap.containsKey(name))
return null;
List<ApiDiscoveryResponse> singleResponse = new ArrayList<ApiDiscoveryResponse>();
singleResponse.add(_apiNameDiscoveryResponseMap.get(name));
response.setResponses(singleResponse);
for (APIChecker apiChecker : _apiAccessCheckers) {
try {
apiChecker.checkAccess(user, name);
} catch (Exception ex) {
return null;
}
}
responseList.add(_apiNameDiscoveryResponseMap.get(name));
} else {
response.setResponses(_roleTypeDiscoveryResponseListMap.get(roleType));
for (String apiName : _apiNameDiscoveryResponseMap.keySet()) {
boolean isAllowed = true;
for (APIChecker apiChecker : _apiAccessCheckers) {
try {
apiChecker.checkAccess(user, name);
} catch (Exception ex) {
isAllowed = false;
}
}
if (isAllowed)
responseList.add(_apiNameDiscoveryResponseMap.get(apiName));
}
}
response.setResponses(responseList);
return response;
}
@Override
public Map<String, String> getProperties() {
Map<String, String> apiDiscoveryPropertyMap = new HashMap<String, String>();
apiDiscoveryPropertyMap.put("listApis", "15");
return apiDiscoveryPropertyMap;
public List<Class<?>> getCommands() {
List<Class<?>> cmdList = new ArrayList<Class<?>>();
cmdList.add(ListApisCmd.class);
return cmdList;
}
}

2
plugins/api/rate-limit/src/org/apache/cloudstack/api/command/admin/ratelimit/ResetApiLimitCmd.java
View File

@ -83,7 +83,7 @@ public class ResetApiLimitCmd extends BaseCmd {
@Override
public void execute(){
boolean result = _apiLimitService.resetApiLimit(this);
boolean result = _apiLimitService.resetApiLimit(this.accountId);
if (result) {
SuccessResponse response = new SuccessResponse(getCommandName());
this.setResponseObject(response);

3
plugins/api/rate-limit/src/org/apache/cloudstack/api/command/user/ratelimit/GetApiLimitCmd.java
View File

@ -78,7 +78,8 @@ public class GetApiLimitCmd extends BaseListCmd {
@Override
public void execute(){
ApiLimitResponse response = _apiLimitService.searchApiLimit(this);
Account caller = UserContext.current().getCaller();
ApiLimitResponse response = _apiLimitService.searchApiLimit(caller);
response.setResponseName(getCommandName());
this.setResponseObject(response);
}

9
plugins/api/rate-limit/src/org/apache/cloudstack/ratelimit/ApiRateLimitService.java
View File

@ -16,11 +16,8 @@
// under the License.
package org.apache.cloudstack.ratelimit;
import org.apache.cloudstack.api.command.admin.ratelimit.ResetApiLimitCmd;
import org.apache.cloudstack.api.command.user.ratelimit.GetApiLimitCmd;
import org.apache.cloudstack.api.response.ApiLimitResponse;
import org.apache.cloudstack.api.response.ListResponse;
import com.cloud.user.Account;
import com.cloud.utils.component.PluggableService;
/**
@ -30,9 +27,9 @@ import com.cloud.utils.component.PluggableService;
*/
public interface ApiRateLimitService extends PluggableService{
public ApiLimitResponse searchApiLimit(GetApiLimitCmd cmd);
public ApiLimitResponse searchApiLimit(Account caller);
public boolean resetApiLimit(ResetApiLimitCmd cmd);
public boolean resetApiLimit(Long accountId);
public void setTimeToLive(int timeToLive);

69
plugins/api/rate-limit/src/org/apache/cloudstack/ratelimit/ApiRateLimitServiceImpl.java
View File

@ -16,6 +16,8 @@
// under the License.
package org.apache.cloudstack.ratelimit;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import javax.ejb.Local;
import javax.naming.ConfigurationException;
@ -25,19 +27,21 @@ import net.sf.ehcache.CacheManager;
import org.apache.log4j.Logger;
import org.apache.cloudstack.acl.APILimitChecker;
import org.apache.cloudstack.api.BaseCmd;
import org.apache.cloudstack.api.ServerApiException;
import org.apache.cloudstack.acl.APIChecker;
import org.apache.cloudstack.api.command.admin.ratelimit.ResetApiLimitCmd;
import org.apache.cloudstack.api.command.user.ratelimit.GetApiLimitCmd;
import org.apache.cloudstack.api.response.ApiLimitResponse;
import com.cloud.user.Account;
import com.cloud.user.UserContext;
import com.cloud.utils.PropertiesUtil;
import com.cloud.utils.component.AdapterBase;
@Local(value = APILimitChecker.class)
public class ApiRateLimitServiceImpl extends AdapterBase implements APILimitChecker, ApiRateLimitService {
import com.cloud.exception.PermissionDeniedException;
import com.cloud.exception.RequestLimitException;
import com.cloud.user.Account;
import com.cloud.user.AccountService;
import com.cloud.user.User;
import com.cloud.utils.component.AdapterBase;
import com.cloud.utils.component.Inject;
@Local(value = APIChecker.class)
public class ApiRateLimitServiceImpl extends AdapterBase implements APIChecker, ApiRateLimitService {
private static final Logger s_logger = Logger.getLogger(ApiRateLimitServiceImpl.class);
/**
@ -52,6 +56,10 @@ public class ApiRateLimitServiceImpl extends AdapterBase implements APILimitChec
private LimitStore _store = null;
@Inject
AccountService _accountService;
@Override
public boolean configure(String name, Map<String, Object> params) throws ConfigurationException {
@ -80,9 +88,10 @@ public class ApiRateLimitServiceImpl extends AdapterBase implements APILimitChec
CacheManager cm = CacheManager.create();
Cache cache = new Cache("api-limit-cache", maxElements, false, false, timeToLive, timeToLive);
cm.addCache(cache);
s_logger.info("Limit Cache created: " + cache.toString());
s_logger.info("Limit Cache created with timeToLive=" + timeToLive + ", maxAllowed=" + maxAllowed + ", maxElements=" + maxElements );
cacheStore.setCache(cache);
_store = cacheStore;
}
return true;
@ -92,8 +101,7 @@ public class ApiRateLimitServiceImpl extends AdapterBase implements APILimitChec
@Override
public ApiLimitResponse searchApiLimit(GetApiLimitCmd cmd) {
Account caller = UserContext.current().getCaller();
public ApiLimitResponse searchApiLimit(Account caller) {
ApiLimitResponse response = new ApiLimitResponse();
response.setAccountId(caller.getUuid());
response.setAccountName(caller.getAccountName());
@ -118,9 +126,9 @@ public class ApiRateLimitServiceImpl extends AdapterBase implements APILimitChec
@Override
public boolean resetApiLimit(ResetApiLimitCmd cmd) {
if ( cmd.getAccountId() != null ){
_store.create(cmd.getAccountId(), timeToLive);
public boolean resetApiLimit(Long accountId) {
if ( accountId != null ){
_store.create(accountId, timeToLive);
}
else{
_store.resetCounters();
@ -129,10 +137,15 @@ public class ApiRateLimitServiceImpl extends AdapterBase implements APILimitChec
}
@Override
public void checkLimit(Account account) throws ServerApiException {
Long accountId = account.getId();
@Override
public boolean checkAccess(User user, String apiCommandName) throws PermissionDeniedException, RequestLimitException {
Long accountId = user.getAccountId();
Account account = _accountService.getAccount(accountId);
if ( _accountService.isRootAdmin(account.getType())){
// no API throttling on root admin
return true;
}
StoreEntry entry = _store.get(accountId);
if (entry == null) {
@ -145,25 +158,27 @@ public class ApiRateLimitServiceImpl extends AdapterBase implements APILimitChec
int current = entry.incrementAndGet();
if (current <= maxAllowed) {
return;
s_logger.info("current count = " + current);
return true;
} else {
long expireAfter = entry.getExpireDuration();
s_logger.warn("The given user has reached his/her account api limit, please retry after " + expireAfter + " ms.");
throw new ServerApiException(BaseCmd.API_LIMIT_EXCEED, "The given user has reached his/her account api limit, please retry after " +
expireAfter + " ms.");
// for this exception, we can just show the same message to user and admin users.
String msg = "The given user has reached his/her account api limit, please retry after " + expireAfter + " ms.";
s_logger.warn(msg);
throw new RequestLimitException(msg);
}
}
@Override
public Map<String, String> getProperties() {
return PropertiesUtil.processConfigFile(new String[]
{ "api-limit_commands.properties" });
public List<Class<?>> getCommands() {
List<Class<?>> cmdList = new ArrayList<Class<?>>();
cmdList.add(ResetApiLimitCmd.class);
cmdList.add(GetApiLimitCmd.class);
return cmdList;
}
@Override
public void setTimeToLive(int timeToLive) {
this.timeToLive = timeToLive;

72
plugins/api/rate-limit/test/org/apache/cloudstack/ratelimit/ApiRateLimitTest.java
View File

@ -23,20 +23,18 @@ import java.util.concurrent.Executors;
import javax.naming.ConfigurationException;
import org.apache.cloudstack.api.ServerApiException;
import org.apache.cloudstack.api.command.admin.ratelimit.ResetApiLimitCmd;
import org.apache.cloudstack.api.command.user.ratelimit.GetApiLimitCmd;
import org.apache.cloudstack.api.response.ApiLimitResponse;
import org.apache.cloudstack.ratelimit.ApiRateLimitServiceImpl;
import org.junit.Before;
import org.junit.BeforeClass;
import org.junit.Test;
import com.cloud.configuration.Config;
import com.cloud.configuration.dao.ConfigurationDao;
import com.cloud.exception.RequestLimitException;
import com.cloud.user.Account;
import com.cloud.user.AccountService;
import com.cloud.user.AccountVO;
import com.cloud.user.UserContext;
import com.cloud.user.User;
import com.cloud.user.UserVO;
import static org.junit.Assert.*;
import static org.mockito.Mockito.*;
@ -44,25 +42,45 @@ import static org.mockito.Mockito.*;
public class ApiRateLimitTest {
static ApiRateLimitServiceImpl _limitService = new ApiRateLimitServiceImpl();
private static long acctIdSeq = 0L;
static AccountService _accountService = mock(AccountService.class);
private static long acctIdSeq = 5L;
private static Account testAccount;
@BeforeClass
public static void setUp() throws ConfigurationException {
_limitService.configure("ApiRateLimitTest", Collections.<String, Object> emptyMap());
_limitService._accountService = _accountService;
// Standard responses
AccountVO acct = new AccountVO(acctIdSeq);
acct.setType(Account.ACCOUNT_TYPE_NORMAL);
acct.setAccountName("demo");
testAccount = acct;
when(_accountService.getAccount(5L)).thenReturn(testAccount);
when(_accountService.isRootAdmin(Account.ACCOUNT_TYPE_NORMAL)).thenReturn(false);
}
@Before
public void testSetUp() {
// reset counter for each test
_limitService.resetApiLimit(null);
}
private Account createFakeAccount(){
return new AccountVO(acctIdSeq++);
private User createFakeUser(){
UserVO user = new UserVO();
user.setAccountId(acctIdSeq);
return user;
}
private boolean isUnderLimit(Account key){
private boolean isUnderLimit(User key){
try{
_limitService.checkLimit(key);
_limitService.checkAccess(key, null);
return true;
}
catch (ServerApiException ex){
catch (RequestLimitException ex){
return false;
}
}
@ -73,7 +91,7 @@ public class ApiRateLimitTest {
_limitService.setMaxAllowed(allowedRequests);
_limitService.setTimeToLive(1);
Account key = createFakeAccount();
User key = createFakeUser();
assertTrue("Allow for the first request", isUnderLimit(key));
assertFalse("Second request should be blocked, since we assume that the two api "
@ -86,10 +104,10 @@ public class ApiRateLimitTest {
_limitService.setMaxAllowed(allowedRequests);
_limitService.setTimeToLive(1);
Account key = createFakeAccount();
User key = createFakeUser();
for (int i = 0; i < allowedRequests; i++) {
assertTrue("We should allow " + allowedRequests + " requests per second", isUnderLimit(key));
assertTrue("We should allow " + allowedRequests + " requests per second, but failed at request " + i, isUnderLimit(key));
}
@ -103,7 +121,7 @@ public class ApiRateLimitTest {
_limitService.setTimeToLive(1);
final Account key = createFakeAccount();
final User key = createFakeUser();
int clientCount = allowedRequests;
Runnable[] clients = new Runnable[clientCount];
@ -158,7 +176,7 @@ public class ApiRateLimitTest {
_limitService.setMaxAllowed(allowedRequests);
_limitService.setTimeToLive(1);
Account key = this.createFakeAccount();
User key = this.createFakeUser();
assertTrue("The first request should be allowed", isUnderLimit(key));
@ -174,41 +192,35 @@ public class ApiRateLimitTest {
_limitService.setMaxAllowed(allowedRequests);
_limitService.setTimeToLive(1);
Account key = this.createFakeAccount();
User key = this.createFakeUser();
assertTrue("The first request should be allowed", isUnderLimit(key));
assertFalse("Another request should be blocked", isUnderLimit(key));
ResetApiLimitCmd cmd = new ResetApiLimitCmd();
cmd.setAccountId(key.getId());
_limitService.resetApiLimit(cmd);
_limitService.resetApiLimit(key.getAccountId());
assertTrue("Another request should be allowed after reset counter", isUnderLimit(key));
}
/* Disable this since I cannot mock Static method UserContext.current()
@Test
public void verifySearchCounter() throws Exception {
int allowedRequests = 10;
_limitService.setMaxAllowed(allowedRequests);
_limitService.setTimeToLive(1);
Account key = this.createFakeAccount();
User key = this.createFakeUser();
for ( int i = 0; i < 5; i++ ){
assertTrue("Issued 5 requests", isUnderLimit(key));
}
GetApiLimitCmd cmd = new GetApiLimitCmd();
UserContext ctx = mock(UserContext.class);
when(UserContext.current().getCaller()).thenReturn(key);
ApiLimitResponse response = _limitService.searchApiLimit(cmd);
ApiLimitResponse response = _limitService.searchApiLimit(testAccount);
assertEquals("apiIssued is incorrect", 5, response.getApiIssued());
assertEquals("apiAllowed is incorrect", 5, response.getApiAllowed());
assertTrue("expiredAfter is incorrect", response.getExpireAfter() < 1);
assertTrue("expiredAfter is incorrect", response.getExpireAfter() < 1000);
}
*/
}

2
plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/KVMGuestOsMapper.java
View File

@ -91,6 +91,8 @@ public class KVMGuestOsMapper {
s_mapper.put("Fedora 10", "Fedora 10");
s_mapper.put("Fedora 9", "Fedora 9");
s_mapper.put("Fedora 8", "Fedora 8");
s_mapper.put("Ubuntu 12.04 (32-bit)", "Ubuntu 12.04");
s_mapper.put("Ubuntu 12.04 (64-bit)", "Ubuntu 12.04");
s_mapper.put("Ubuntu 10.04 (32-bit)", "Ubuntu 10.04");
s_mapper.put("Ubuntu 10.04 (64-bit)", "Ubuntu 10.04");
s_mapper.put("Ubuntu 10.10 (32-bit)", "Ubuntu 10.10");

5
plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
View File

@ -2901,9 +2901,8 @@ public class LibvirtComputingResource extends ServerResourceBase implements
NicTO[] nics = vmSpec.getNics();
for (NicTO nic : nics) {
if (nic.getIsolationUri() != null
&& nic.getIsolationUri().getScheme()
.equalsIgnoreCase(IsolationType.Ec2.toString())) {
if (nic.isSecurityGroupEnabled() || ( nic.getIsolationUri() != null
&& nic.getIsolationUri().getScheme().equalsIgnoreCase(IsolationType.Ec2.toString()))) {
if (vmSpec.getType() != VirtualMachine.Type.User) {
default_network_rules_for_systemvm(conn, vmName);
break;

11
plugins/hypervisors/simulator/src/com/cloud/server/ManagementServerSimulatorImpl.java
View File

@ -17,16 +17,17 @@
package com.cloud.server;
import com.cloud.api.commands.ConfigureSimulator;
import com.cloud.utils.PropertiesUtil;
import java.util.List;
import java.util.Map;
public class ManagementServerSimulatorImpl extends ManagementServerExtImpl {
@Override
public Map<String, String> getProperties() {
Map<String, String> apiNameRoleMaskMapping = super.getProperties();
apiNameRoleMaskMapping.putAll(PropertiesUtil.processConfigFile(new String[]
{"commands-simulator.properties"}));
return apiNameRoleMaskMapping;
public List<Class<?>> getCommands() {
List<Class<?>> cmdList = super.getCommands();
cmdList.add(ConfigureSimulator.class);
return cmdList;
}
}

11
plugins/hypervisors/vmware/src/com/cloud/network/element/CiscoNexusVSMElement.java
View File

@ -17,6 +17,7 @@
package com.cloud.network.element;
import java.lang.Class;
import java.lang.String;
import java.util.List;
import java.util.Map;
@ -239,8 +240,12 @@ public class CiscoNexusVSMElement extends CiscoNexusVSMDeviceManagerImpl impleme
}
@Override
public Map<String, String> getProperties() {
return PropertiesUtil.processConfigFile(new String[]
{ "cisconexusvsm_commands.properties" });
public List<Class<?>> getCommands() {
List<Class<?>> cmdList = new ArrayList<Class<?>>();
cmdList.add(ListCiscoNexusVSMsCmd.class);
cmdList.add(EnableCiscoNexusVSMCmd.class);
cmdList.add(DisableCiscoNexusVSMCmd.class);
cmdList.add(DeleteCiscoNexusVSMCmd.class);
return cmdList;
}
}

6
plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
View File

@ -1324,7 +1324,8 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
NicTO[] nics = vmSpec.getNics();
boolean secGrpEnabled = false;
for (NicTO nic : nics) {
if (nic.getIsolationUri() != null && nic.getIsolationUri().getScheme().equalsIgnoreCase(IsolationType.Ec2.toString())) {
if (nic.isSecurityGroupEnabled() || (nic.getIsolationUri() != null
&& nic.getIsolationUri().getScheme().equalsIgnoreCase(IsolationType.Ec2.toString()))) {
secGrpEnabled = true;
break;
}
@ -1342,7 +1343,8 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
//For user vm, program the rules for each nic if the isolation uri scheme is ec2
NicTO[] nics = vmSpec.getNics();
for (NicTO nic : nics) {
if (nic.getIsolationUri() != null && nic.getIsolationUri().getScheme().equalsIgnoreCase(IsolationType.Ec2.toString())) {
if ( nic.isSecurityGroupEnabled() || nic.getIsolationUri() != null
&& nic.getIsolationUri().getScheme().equalsIgnoreCase(IsolationType.Ec2.toString())) {
result = callHostPlugin(conn, "vmops", "default_network_rules", "vmName", vmName, "vmIP", nic.getIp(), "vmMAC", nic.getMac(), "vmID", Long.toString(vmSpec.getId()));
if (result == null || result.isEmpty() || !Boolean.parseBoolean(result)) {

15
plugins/network-elements/f5/src/com/cloud/network/element/F5ExternalLoadBalancerElement.java
View File

@ -16,6 +16,7 @@
// under the License.
package com.cloud.network.element;
import java.lang.Class;
import java.lang.String;
import java.util.ArrayList;
import java.util.HashMap;
@ -262,9 +263,17 @@ public class F5ExternalLoadBalancerElement extends ExternalLoadBalancerDeviceMan
}
@Override
public Map<String, String> getProperties() {
return PropertiesUtil.processConfigFile(new String[]
{ "f5bigip_commands.properties" });
public List<Class<?>> getCommands() {
List<Class<?>> cmdList = new ArrayList<Class<?>>();
cmdList.add(AddExternalLoadBalancerCmd.class);
cmdList.add(AddF5LoadBalancerCmd.class);
cmdList.add(ConfigureF5LoadBalancerCmd.class);
cmdList.add(DeleteExternalLoadBalancerCmd.class);
cmdList.add(DeleteF5LoadBalancerCmd.class);
cmdList.add(ListExternalLoadBalancersCmd.class);
cmdList.add(ListF5LoadBalancerNetworksCmd.class);
cmdList.add(ListF5LoadBalancersCmd.class);
return cmdList;
}
@Override

14
plugins/network-elements/juniper-srx/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java
View File

@ -404,9 +404,17 @@ public class JuniperSRXExternalFirewallElement extends ExternalFirewallDeviceMan
}
@Override
public Map<String, String> getProperties() {
return PropertiesUtil.processConfigFile(new String[]
{ "junipersrx_commands.properties"});
public List<Class<?>> getCommands() {
List<Class<?>> cmdList = new ArrayList<Class<?>>();
cmdList.add(AddExternalFirewallCmd.class);
cmdList.add(AddSrxFirewallCmd.class);
cmdList.add(ConfigureSrxFirewallCmd.class);
cmdList.add(DeleteExternalFirewallCmd.class);
cmdList.add(DeleteSrxFirewallCmd.class);
cmdList.add(ListExternalFirewallsCmd.class);
cmdList.add(ListSrxFirewallNetworksCmd.class);
cmdList.add(ListSrxFirewallsCmd.class);
return cmdList;
}
@Override

9
plugins/network-elements/midokura-midonet/src/com/cloud/network/element/MidokuraMidonetElement.java
View File

@ -38,15 +38,10 @@ import com.cloud.vm.VirtualMachineProfile;
import org.apache.log4j.Logger;
import javax.ejb.Local;
import java.lang.Class;
import java.util.Map;
import java.util.Set;
/**
* User: tomoe
* Date: 8/8/12
* Time: 1:38 PM
*/
@Local(value = NetworkElement.class)
public class MidokuraMidonetElement extends AdapterBase implements ConnectivityProvider, PluggableService {
private static final Logger s_logger = Logger.getLogger(MidokuraMidonetElement.class);
@ -126,7 +121,7 @@ public class MidokuraMidonetElement extends AdapterBase implements ConnectivityP
}
@Override
public String getPropertiesFile() {
public List<Class<?>> getCommands() {
// TODO: implement this.
return null;
}

12
plugins/network-elements/netscaler/src/com/cloud/network/element/NetscalerElement.java
View File

@ -16,6 +16,7 @@
// under the License.
package com.cloud.network.element;
import java.lang.Class;
import java.net.URI;
import java.util.ArrayList;
import java.util.HashMap;
@ -465,9 +466,14 @@ StaticNatServiceProvider {
}
@Override
public Map<String, String> getProperties() {
return PropertiesUtil.processConfigFile(new String[]
{ "netscalerloadbalancer_commands.properties" });
public List<Class<?>> getCommands() {
List<Class<?>> cmdList = new ArrayList<Class<?>>();
cmdList.add(AddNetscalerLoadBalancerCmd.class);
cmdList.add(ConfigureNetscalerLoadBalancerCmd.class);
cmdList.add(DeleteNetscalerLoadBalancerCmd.class);
cmdList.add(ListNetscalerLoadBalancerNetworksCmd.class);
cmdList.add(ListNetscalerLoadBalancersCmd.class);
return cmdList;
}
@Override

10
plugins/network-elements/nicira-nvp/src/com/cloud/network/element/NiciraNvpElement.java
View File

@ -541,9 +541,13 @@ public class NiciraNvpElement extends AdapterBase implements
}
@Override
public Map<String, String> getProperties() {
return PropertiesUtil.processConfigFile(new String[]
{ "nicira-nvp_commands.properties" });
public List<Class<?>> getCommands() {
List<Class<?>> cmdList = new ArrayList<Class<?>>();
cmdList.add(AddNiciraNvpDeviceCmd.class);
cmdList.add(DeleteNiciraNvpDeviceCmd.class);
cmdList.add(ListNiciraNvpDeviceNetworksCmd.class);
cmdList.add(ListNiciraNvpDevicesCmd.class);
return cmdList;
}
@Override

2
pom.xml
View File

@ -245,7 +245,9 @@
<exclude>scripts/vm/systemvm/id_rsa.cloud</exclude>
<exclude>tools/devcloud/basebuild/puppet-devcloudinitial/files/network.conf</exclude>
<exclude>tools/devcloud/devcloud.cfg</exclude>
<exclude>tools/devcloud/devcloud-advanced.cfg</exclude>
<exclude>tools/devcloud-kvm/devcloud-kvm.cfg</exclude>
<exclude>tools/devcloud-kvm/devcloud-kvm-advanced.cfg</exclude>
<exclude>ui/lib/flot/jquery.colorhelpers.js</exclude>
<exclude>ui/lib/flot/jquery.flot.crosshair.js</exclude>
<exclude>ui/lib/flot/jquery.flot.fillbetween.js</exclude>

6
python/lib/cloudutils/utilities.py
View File

@ -96,6 +96,10 @@ def writeProgressBar(msg, result):
output = "[%-6s]\n"%"Failed"
sys.stdout.write(output)
sys.stdout.flush()
class UnknownSystemException(Exception):
"This Excption is raised if the current operating enviornment is unknown"
pass
class Distribution:
def __init__(self):
@ -120,7 +124,7 @@ class Distribution:
self.arch = bash("uname -m").getStdout()
else:
self.distro = "Unknown"
raise UnknownSystemException
def getVersion(self):
return self.distro

6
server/src/com/cloud/api/ApiDispatcher.java
View File

@ -64,7 +64,6 @@ import com.cloud.utils.component.PluggableService;
import com.cloud.utils.db.GenericDao;
import com.cloud.utils.exception.CSExceptionErrorCode;
import com.cloud.utils.exception.CloudRuntimeException;
import com.cloud.uuididentity.dao.IdentityDao;
// ApiDispatcher: A class that dispatches API commands to the appropriate manager for execution.
public class ApiDispatcher {
@ -75,7 +74,6 @@ public class ApiDispatcher {
@Inject private AsyncJobManager _asyncMgr = null;
@Inject private AccountManager _accountMgr = null;
@Inject EntityManager _entityMgr = null;
@Inject IdentityDao _identityDao = null;
Map<String, Class<? extends GenericDao>> _daoNameMap = new HashMap<String, Class<? extends GenericDao>>();
// singleton class
@ -708,8 +706,4 @@ public class ApiDispatcher {
throw new CloudRuntimeException("Internal error at plugService for command " + cmd.getCommandName() + " [field " + field.getName() + " is not accessible]");
}
}
public static Long getIdentiyId(String tableName, String token) {
return s_instance._identityDao.getIdentityId(tableName, token);
}
}

5
server/src/com/cloud/api/ApiResponseHelper.java
View File

@ -2791,11 +2791,6 @@ public class ApiResponseHelper implements ResponseGenerator {
return response;
}
@Override
public Long getIdentiyId(String tableName, String token) {
return ApiDispatcher.getIdentiyId(tableName, token);
}
@Override
public ResourceTagResponse createResourceTagResponse(ResourceTag resourceTag, boolean keyValueOnly) {
ResourceTagJoinVO rto = ApiDBUtils.newResourceTagView(resourceTag);

90
server/src/com/cloud/api/ApiServer.java
View File

@ -115,6 +115,7 @@ import com.cloud.event.EventUtils;
import com.cloud.exception.CloudAuthenticationException;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.exception.RequestLimitException;
import com.cloud.server.ManagementServer;
import com.cloud.user.Account;
import com.cloud.user.AccountManager;
@ -132,14 +133,12 @@ import com.cloud.utils.concurrency.NamedThreadFactory;
import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.db.Transaction;
import com.cloud.utils.exception.CSExceptionErrorCode;
import com.cloud.uuididentity.dao.IdentityDao;
public class ApiServer implements HttpRequestHandler {
private static final Logger s_logger = Logger.getLogger(ApiServer.class.getName());
private static final Logger s_accessLogger = Logger.getLogger("apiserver." + ApiServer.class.getName());
public static boolean encodeApiResponse = false;
public static boolean apiThrottlingEnabled = true;
public static String jsonContentType = "text/javascript";
private ApiDispatcher _dispatcher;
@ -218,7 +217,6 @@ public class ApiServer implements HttpRequestHandler {
if (jsonType != null) {
jsonContentType = jsonType;
}
apiThrottlingEnabled = Boolean.valueOf(configDao.getValue(Config.ApiLimitEnabled.key()));
if (apiPort != null) {
ListenerThread listenerThread = new ListenerThread(this, apiPort);
@ -555,19 +553,22 @@ public class ApiServer implements HttpRequestHandler {
// if userId not null, that mean that user is logged in
if (userId != null) {
User user = ApiDBUtils.findUserById(userId);
if (apiThrottlingEnabled){
// go through each API limit checker, throw exception inside adapter implementation so that message
// can contain some detailed information only known for each adapter implementation.
checkRequestLimit(user);
try{
checkCommandAvailable(user, commandName);
}
if (!isCommandAvailable(user, commandName)) {
catch (PermissionDeniedException ex){
s_logger.debug("The given command:" + commandName + " does not exist or it is not available for user with id:" + userId);
throw new ServerApiException(BaseCmd.UNSUPPORTED_ACTION_ERROR, "The given command does not exist or it is not available for user");
}
catch (RequestLimitException ex){
s_logger.debug(ex.getMessage());
throw new ServerApiException(BaseCmd.API_LIMIT_EXCEED, ex.getMessage());
}
return true;
} else {
// check against every available command to see if the command exists or not
if (!doesCommandExist(commandName) && !commandName.equals("login") && !commandName.equals("logout")) {
if (!_apiNameCmdClassMap.containsKey(commandName) && !commandName.equals("login") && !commandName.equals("logout")) {
s_logger.debug("The given command:" + commandName + " does not exist or it is not available for user with id:" + userId);
throw new ServerApiException(BaseCmd.UNSUPPORTED_ACTION_ERROR, "The given command does not exist or it is not available for user");
}
@ -612,30 +613,29 @@ public class ApiServer implements HttpRequestHandler {
// if api/secret key are passed to the parameters
if ((signature == null) || (apiKey == null)) {
if (s_logger.isDebugEnabled()) {
s_logger.info("expired session, missing signature, or missing apiKey -- ignoring request...sig: " + signature + ", apiKey: " + apiKey);
}
s_logger.debug("Expired session, missing signature, or missing apiKey -- ignoring request. Signature: " + signature + ", apiKey: " + apiKey);
return false; // no signature, bad request
}
Date expiresTS = null;
// FIXME: Hard coded signature, why not have an enum
if ("3".equals(signatureVersion)) {
// New signature authentication. Check for expire parameter and its validity
if (expires == null) {
s_logger.info("missing Expires parameter -- ignoring request...sig: " + signature + ", apiKey: " + apiKey);
s_logger.debug("Missing Expires parameter -- ignoring request. Signature: " + signature + ", apiKey: " + apiKey);
return false;
}
synchronized (_dateFormat) {
try {
expiresTS = _dateFormat.parse(expires);
} catch (ParseException pe) {
s_logger.info("Incorrect date format for Expires parameter", pe);
s_logger.debug("Incorrect date format for Expires parameter", pe);
return false;
}
}
Date now = new Date(System.currentTimeMillis());
if (expiresTS.before(now)) {
s_logger.info("Request expired -- ignoring ...sig: " + signature + ", apiKey: " + apiKey);
s_logger.debug("Request expired -- ignoring ...sig: " + signature + ", apiKey: " + apiKey);
return false;
}
}
@ -646,7 +646,7 @@ public class ApiServer implements HttpRequestHandler {
// verify there is a user with this api key
Pair<User, Account> userAcctPair = _accountMgr.findUserByApiKey(apiKey);
if (userAcctPair == null) {
s_logger.info("apiKey does not map to a valid user -- ignoring request, apiKey: " + apiKey);
s_logger.debug("apiKey does not map to a valid user -- ignoring request, apiKey: " + apiKey);
return false;
}
@ -661,7 +661,10 @@ public class ApiServer implements HttpRequestHandler {
UserContext.updateContext(user.getId(), account, null);
if (!isCommandAvailable(user, commandName)) {
try{
checkCommandAvailable(user, commandName);
}
catch (PermissionDeniedException ex){
s_logger.debug("The given command:" + commandName + " does not exist or it is not available for user");
throw new ServerApiException(BaseCmd.UNSUPPORTED_ACTION_ERROR, "The given command:" + commandName + " does not exist or it is not available for user with id:" + userId);
}
@ -686,24 +689,16 @@ public class ApiServer implements HttpRequestHandler {
s_logger.info("User signature: " + signature + " is not equaled to computed signature: " + computedSignature);
}
return equalSig;
} catch (Exception ex) {
if (ex instanceof ServerApiException && ((ServerApiException) ex).getErrorCode() == BaseCmd.UNSUPPORTED_ACTION_ERROR) {
throw (ServerApiException) ex;
}
s_logger.error("unable to verifty request signature", ex);
} catch (ServerApiException ex){
throw ex;
} catch (Exception ex){
s_logger.error("unable to verify request signature");
}
return false;
}
public Long fetchDomainId(String domainUUID){
ComponentLocator locator = ComponentLocator.getLocator(ManagementServer.Name);
IdentityDao identityDao = locator.getDao(IdentityDao.class);
try{
Long domainId = identityDao.getIdentityId("domain", domainUUID);
return domainId;
}catch(InvalidParameterValueException ex){
return null;
}
public Long fetchDomainId(String domainUUID) {
return _domainMgr.getDomain(domainUUID).getId();
}
public void loginUser(HttpSession session, String username, String password, Long domainId, String domainPath, String loginIpAddress ,Map<String, Object[]> requestParameters) throws CloudAuthenticationException {
@ -800,41 +795,14 @@ public class ApiServer implements HttpRequestHandler {
}
private void checkRequestLimit(User user) throws ServerApiException {
Account account = ApiDBUtils.findAccountById(user.getAccountId());
if ( _accountMgr.isRootAdmin(account.getType()) ){
// no api throttling for root admin
return;
}
for (APILimitChecker apiChecker : _apiLimitCheckers) {
// Fail the checking if any checker fails to verify
apiChecker.checkLimit(account);
}
}
private boolean doesCommandExist(String apiName) {
for (APIChecker apiChecker : _apiAccessCheckers) {
// If any checker has api info on the command, return true
if (apiChecker.checkExistence(apiName))
return true;
}
return false;
}
private boolean isCommandAvailable(User user, String commandName) {
private void checkCommandAvailable(User user, String commandName) throws PermissionDeniedException {
if (user == null) {
return false;
throw new PermissionDeniedException("User is null for role based API access check for command" + commandName);
}
Account account = _accountMgr.getAccount(user.getAccountId());
RoleType roleType = _accountMgr.getRoleType(account);
for (APIChecker apiChecker : _apiAccessCheckers) {
// Fail the checking if any checker fails to verify
if (!apiChecker.checkAccess(roleType, commandName))
return false;
apiChecker.checkAccess(user, commandName);
}
return true;
}
private Class<?> getCmdClass(String cmdName) {

43
server/src/com/cloud/api/ApiServlet.java
View File

@ -128,7 +128,7 @@ public class ApiServlet extends HttpServlet {
reqStr = auditTrailSb.toString() + " " + req.getQueryString();
s_logger.debug("===START=== " + StringUtils.cleanString(reqStr));
}
try {
HttpSession session = req.getSession(false);
Object[] responseTypeParam = params.get("response");
@ -298,24 +298,16 @@ public class ApiServlet extends HttpServlet {
* params.put(BaseCmd.Properties.ACCOUNT_OBJ.getName(), new Object[] { accountObj }); } else {
* params.put(BaseCmd.Properties.USER_ID.getName(), new String[] { userId });
* params.put(BaseCmd.Properties.ACCOUNT_OBJ.getName(), new Object[] { accountObj }); } }
*
*
* // update user context info here so that we can take information if the request is authenticated // via api
* key mechanism updateUserContext(params, session != null ? session.getId() : null);
*/
auditTrailSb.insert(0,
"(userId=" + UserContext.current().getCallerUserId() + " accountId=" + UserContext.current().getCaller().getId() + " sessionId=" + (session != null ? session.getId() : null)
+ ")");
auditTrailSb.insert(0, "(userId=" + UserContext.current().getCallerUserId() + " accountId="
+ UserContext.current().getCaller().getId() + " sessionId=" + (session != null ? session.getId() : null) + ")");
try {
String response = _apiServer.handleRequest(params, false, responseType, auditTrailSb);
writeResponse(resp, response != null ? response : "", HttpServletResponse.SC_OK, responseType);
} catch (ServerApiException se) {
String serializedResponseText = _apiServer.getSerializedApiError(se.getErrorCode(), se.getDescription(), params, responseType, null);
resp.setHeader("X-Description", se.getDescription());
writeResponse(resp, serializedResponseText, se.getErrorCode(), responseType);
auditTrailSb.append(" " + se.getErrorCode() + " " + se.getDescription());
}
String response = _apiServer.handleRequest(params, false, responseType, auditTrailSb);
writeResponse(resp, response != null ? response : "", HttpServletResponse.SC_OK, responseType);
} else {
if (session != null) {
try {
@ -329,17 +321,14 @@ public class ApiServlet extends HttpServlet {
writeResponse(resp, serializedResponse, HttpServletResponse.SC_UNAUTHORIZED, responseType);
}
} catch (ServerApiException se) {
String serializedResponseText = _apiServer.getSerializedApiError(se.getErrorCode(), se.getDescription(), params, responseType, null);
resp.setHeader("X-Description", se.getDescription());
writeResponse(resp, serializedResponseText, se.getErrorCode(), responseType);
auditTrailSb.append(" " + se.getErrorCode() + " " + se.getDescription());
} catch (Exception ex) {
if (ex instanceof ServerApiException && ((ServerApiException) ex).getErrorCode() == BaseCmd.UNSUPPORTED_ACTION_ERROR) {
ServerApiException se = (ServerApiException) ex;
String serializedResponseText = _apiServer.getSerializedApiError(se.getErrorCode(), se.getDescription(), params, responseType, null);
resp.setHeader("X-Description", se.getDescription());
writeResponse(resp, serializedResponseText, se.getErrorCode(), responseType);
auditTrailSb.append(" " + se.getErrorCode() + " " + se.getDescription());
} else {
s_logger.error("unknown exception writing api response", ex);
auditTrailSb.append(" unknown exception writing api response");
}
s_logger.error("unknown exception writing api response", ex);
auditTrailSb.append(" unknown exception writing api response");
} finally {
s_accessLogger.info(auditTrailSb.toString());
if (s_logger.isDebugEnabled()) {
@ -354,9 +343,9 @@ public class ApiServlet extends HttpServlet {
* private void updateUserContext(Map<String, Object[]> requestParameters, String sessionId) { String userIdStr =
* (String)(requestParameters.get(BaseCmd.Properties.USER_ID.getName())[0]); Account accountObj =
* (Account)(requestParameters.get(BaseCmd.Properties.ACCOUNT_OBJ.getName())[0]);
*
*
* Long userId = null; Long accountId = null; if(userIdStr != null) userId = Long.parseLong(userIdStr);
*
*
* if(accountObj != null) accountId = accountObj.getId(); UserContext.updateContext(userId, accountId, sessionId); }
*/
@ -386,7 +375,7 @@ public class ApiServlet extends HttpServlet {
private String getLoginSuccessResponse(HttpSession session, String responseType) {
StringBuffer sb = new StringBuffer();
int inactiveInterval = session.getMaxInactiveInterval();
String user_UUID = (String)session.getAttribute("user_UUID");
session.removeAttribute("user_UUID");

5
server/src/com/cloud/configuration/Config.java
View File

@ -358,10 +358,7 @@ public enum Config {
DetailBatchQuerySize("Advanced", ManagementServer.class, Integer.class, "detail.batch.query.size", "2000", "Default entity detail batch query size for listing", null),
ConcurrentSnapshotsThresholdPerHost("Advanced", ManagementServer.class, Long.class, "concurrent.snapshots.threshold.perhost",
null, "Limits number of snapshots that can be handled by the host concurrently; default is NULL - unlimited", null),
// API throttling
ApiLimitEnabled("Advanced", ManagementServer.class, Boolean.class, "api.throttling.enable", "true", "If true, api throttline feature is enabled", "true,false");
null, "Limits number of snapshots that can be handled by the host concurrently; default is NULL - unlimited", null);
private final String _category;
private final Class<?> _componentClass;

56
server/src/com/cloud/configuration/ConfigurationManagerImpl.java
View File

@ -2071,7 +2071,12 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
Long projectId = cmd.getProjectId();
Long domainId = cmd.getDomainId();
Account vlanOwner = null;
// if end ip is not specified, default it to startIp
if (endIP == null && startIP != null) {
endIP = startIP;
}
if (projectId != null) {
if (accountName != null) {
throw new InvalidParameterValueException("Account and projectId are mutually exclusive");
@ -2176,6 +2181,7 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
throw new InvalidParameterValueException("Nework id is required for Direct vlan creation ");
}
networkId = network.getId();
zoneId = network.getDataCenterId();
}
} else if (network.getGuestType() == null || network.getGuestType() == Network.GuestType.Isolated) {
throw new InvalidParameterValueException("Can't create direct vlan for network id=" + networkId + " with type: " + network.getGuestType());
@ -2192,34 +2198,34 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
endIP = startIP;
}
if (forVirtualNetwork || zone.getNetworkType() == DataCenter.NetworkType.Basic || zone.isSecurityGroupEnabled()) {
if (vlanGateway == null || vlanNetmask == null || zoneId == null) {
throw new InvalidParameterValueException("Gateway, netmask and zoneId have to be passed in for virtual and direct untagged networks");
}
} else {
// check if startIp and endIp belong to network Cidr
String networkCidr = network.getCidr();
String networkGateway = network.getGateway();
Long networkZoneId = network.getDataCenterId();
String networkNetmask = NetUtils.getCidrNetmask(networkCidr);
// Check if ip addresses are in network range
if (!NetUtils.sameSubnet(startIP, networkGateway, networkNetmask)) {
throw new InvalidParameterValueException("Start ip is not in network cidr: " + networkCidr);
}
if (endIP != null) {
if (!NetUtils.sameSubnet(endIP, networkGateway, networkNetmask)) {
throw new InvalidParameterValueException("End ip is not in network cidr: " + networkCidr);
if ( zone.getNetworkType() == DataCenter.NetworkType.Advanced ) {
if (network.getTrafficType() == TrafficType.Guest) {
if (network.getGuestType() != GuestType.Shared) {
throw new InvalidParameterValueException("Can execute createVLANIpRanges on shared guest network, but type of this guest network "
+ network.getId() + " is " + network.getGuestType());
}
List<VlanVO> vlans = _vlanDao.listVlansByNetworkId(network.getId());
if ( vlans != null && vlans.size() > 0 ) {
VlanVO vlan = vlans.get(0);
if ( vlanId == null ) {
vlanId = vlan.getVlanTag();
} else if ( vlan.getVlanTag() != vlanId ) {
throw new InvalidParameterValueException("there is already one vlan " + vlan.getVlanTag() + " on network :" +
+ network.getId() + ", only one vlan is allowed on guest network");
}
vlanGateway = vlan.getVlanGateway();
vlanNetmask = vlan.getVlanNetmask();
}
} else if (network.getTrafficType() == TrafficType.Management) {
throw new InvalidParameterValueException("Cannot execute createVLANIpRanges on management network");
}
// set gateway, netmask, zone from network object
vlanGateway = networkGateway;
vlanNetmask = networkNetmask;
zoneId = networkZoneId;
}
if (vlanGateway == null || vlanNetmask == null || zoneId == null) {
throw new InvalidParameterValueException("Gateway, netmask and zoneId have to be passed in for virtual and direct untagged networks");
}
// if it's an account specific range, associate ip address list to the account
boolean associateIpRangeToAccount = false;

37
server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
View File

@ -31,6 +31,8 @@ import javax.ejb.Local;
import javax.naming.ConfigurationException;
import javax.persistence.Table;
import com.cloud.offering.DiskOffering;
import com.cloud.storage.dao.DiskOfferingDao;
import org.apache.log4j.Logger;
import com.cloud.agent.AgentManager;
@ -107,7 +109,6 @@ import com.cloud.resource.UnableDeleteHostException;
import com.cloud.service.ServiceOfferingVO;
import com.cloud.service.dao.ServiceOfferingDao;
import com.cloud.servlet.ConsoleProxyServlet;
import com.cloud.storage.DiskOfferingVO;
import com.cloud.storage.StorageManager;
import com.cloud.storage.StoragePoolStatus;
import com.cloud.storage.StoragePoolVO;
@ -138,7 +139,6 @@ import com.cloud.utils.db.Transaction;
import com.cloud.utils.events.SubscriptionMgr;
import com.cloud.utils.exception.CloudRuntimeException;
import com.cloud.utils.net.NetUtils;
import com.cloud.uuididentity.dao.IdentityDao;
import com.cloud.vm.ConsoleProxyVO;
import com.cloud.vm.NicProfile;
import com.cloud.vm.ReservationContext;
@ -216,6 +216,8 @@ public class ConsoleProxyManagerImpl implements ConsoleProxyManager, ConsoleProx
@Inject
ServiceOfferingDao _offeringDao;
@Inject
DiskOfferingDao _diskOfferingDao;
@Inject
NetworkOfferingDao _networkOfferingDao;
@Inject
StoragePoolDao _storagePoolDao;
@ -224,8 +226,6 @@ public class ConsoleProxyManagerImpl implements ConsoleProxyManager, ConsoleProx
@Inject
ResourceManager _resourceMgr;
@Inject
IdentityDao _identityDao;
@Inject
NetworkDao _networkDao;
@Inject
RulesManager _rulesMgr;
@ -928,14 +928,12 @@ public class ConsoleProxyManagerImpl implements ConsoleProxyManager, ConsoleProx
return new ConsoleAccessAuthenticationAnswer(cmd, false);
}
vmId = _identityDao.getIdentityId("vm_instance", cmd.getVmId());
if (vmId == null) {
s_logger.error("Invalid vm id " + cmd.getVmId() + " sent from console access authentication");
return new ConsoleAccessAuthenticationAnswer(cmd, false);
}
VMInstanceVO vm = _instanceDao.findById(vmId);
VirtualMachine vm = _instanceDao.findByUuid(cmd.getVmId());
if (vm == null) {
vm = _instanceDao.findById(Long.parseLong(cmd.getVmId()));
}
if (vm == null) {
s_logger.error("Invalid vm id " + cmd.getVmId() + " sent from console access authentication");
return new ConsoleAccessAuthenticationAnswer(cmd, false);
}
@ -1525,16 +1523,13 @@ public class ConsoleProxyManagerImpl implements ConsoleProxyManager, ConsoleProx
//check if there is a default service offering configured
String cpvmSrvcOffIdStr = configs.get(Config.ConsoleProxyServiceOffering.key());
if (cpvmSrvcOffIdStr != null) {
Long cpvmSrvcOffId = null;
try {
cpvmSrvcOffId = _identityDao.getIdentityId(DiskOfferingVO.class.getAnnotation(Table.class).name(),cpvmSrvcOffIdStr);
} catch (Exception e) {
String msg = "Can't find system service offering specified by global config, uuid=" + cpvmSrvcOffIdStr + " for console proxy vm";
s_logger.warn(msg);
}
if(cpvmSrvcOffId != null){
_serviceOffering = _offeringDao.findById(cpvmSrvcOffId);
DiskOffering diskOffering = _diskOfferingDao.findByUuid(cpvmSrvcOffIdStr);
if (diskOffering == null)
diskOffering = _diskOfferingDao.findById(Long.parseLong(cpvmSrvcOffIdStr));
if (diskOffering != null) {
_serviceOffering = _offeringDao.findById(diskOffering.getId());
} else {
s_logger.warn("Can't find system service offering specified by global config, uuid=" + cpvmSrvcOffIdStr + " for console proxy vm");
}
}

1
server/src/com/cloud/hypervisor/HypervisorGuruBase.java
View File

@ -62,6 +62,7 @@ public abstract class HypervisorGuruBase extends AdapterBase implements Hypervis
to.setIsolationuri(profile.getIsolationUri());
to.setNetworkRateMbps(profile.getNetworkRate());
to.setName(profile.getName());
to.setSecurityGroupEnabled(profile.isSecurityGroupEnabled());
// Workaround to make sure the TO has the UUID we need for Niciri integration
NicVO nicVO = _nicDao.findById(profile.getId());

6
server/src/com/cloud/network/NetworkManagerImpl.java
View File

@ -2441,6 +2441,12 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
return _networksDao.findById(id);
}
@Override
@DB
public Network getNetwork(String uuid) {
return _networksDao.findByUuid(uuid);
}
@Override
public List<? extends RemoteAccessVPNServiceProvider> getRemoteAccessVpnElements() {
List<RemoteAccessVPNServiceProvider> elements = new ArrayList<RemoteAccessVPNServiceProvider>();

10
server/src/com/cloud/network/element/VirtualRouterElement.java
View File

@ -26,6 +26,7 @@ import javax.ejb.Local;
import com.cloud.utils.PropertiesUtil;
import org.apache.cloudstack.api.command.admin.router.ConfigureVirtualRouterElementCmd;
import org.apache.cloudstack.api.command.admin.router.CreateVirtualRouterElementCmd;
import org.apache.cloudstack.api.command.admin.router.ListVirtualRouterElementsCmd;
import org.apache.log4j.Logger;
@ -681,9 +682,12 @@ public class VirtualRouterElement extends AdapterBase implements VirtualRouterEl
}
@Override
public Map<String, String> getProperties() {
return PropertiesUtil.processConfigFile(new String[]
{ "virtualrouter_commands.properties" });
public List<Class<?>> getCommands() {
List<Class<?>> cmdList = new ArrayList<Class<?>>();
cmdList.add(CreateVirtualRouterElementCmd.class);
cmdList.add(ConfigureVirtualRouterElementCmd.class);
cmdList.add(ListVirtualRouterElementsCmd.class);
return cmdList;
}
@Override

4
server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
View File

@ -1381,9 +1381,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
assert guestNetwork.getTrafficType() == TrafficType.Guest;
// 1) Get deployment plan and find out the list of routers
boolean isPodBased = (dest.getDataCenter().getNetworkType() == NetworkType.Basic ||
_networkMgr.areServicesSupportedInNetwork(guestNetwork.getId(), Service.SecurityGroup))
&& guestNetwork.getTrafficType() == TrafficType.Guest;
boolean isPodBased = (dest.getDataCenter().getNetworkType() == NetworkType.Basic);
// dest has pod=null, for Basic Zone findOrDeployVRs for all Pods
List<DeployDestination> destinations = new ArrayList<DeployDestination>();

6
server/src/com/cloud/server/ManagementServerExtImpl.java
View File

@ -207,9 +207,9 @@ public class ManagementServerExtImpl extends ManagementServerImpl implements Man
}
@Override
public Map<String, String> getProperties() {
return PropertiesUtil.processConfigFile(new String[]
{ "commands.properties", "commands-ext.properties" });
public List<Class<?>> getCommands() {
//TODO: Add api cmd classes
return null;
}
private Date computeAdjustedTime(Date initialDate, TimeZone targetTZ, boolean adjustToDayStart) {

7
server/src/com/cloud/server/ManagementServerImpl.java
View File

@ -760,7 +760,6 @@ public class ManagementServerImpl implements ManagementServer {
sc.addAnd("vm_type", SearchCriteria.Op.EQ, vmTypeStr);
}
sc.addAnd("systemUse", SearchCriteria.Op.EQ, isSystem);
sc.addAnd("removed", SearchCriteria.Op.NULL);
return _offeringsDao.search(sc, searchFilter);
@ -2298,9 +2297,9 @@ public class ManagementServerImpl implements ManagementServer {
}
@Override
public Map<String, String> getProperties() {
return PropertiesUtil.processConfigFile(new String[]
{ "commands.properties" });
public List<Class<?>> getCommands() {
//TODO: Add cmd classes
return null;
}
protected class EventPurgeTask implements Runnable {

5
server/src/com/cloud/user/DomainManagerImpl.java
View File

@ -85,6 +85,11 @@ public class DomainManagerImpl implements DomainManager, DomainService, Manager
return _domainDao.findById(domainId);
}
@Override
public Domain getDomain(String domainUuid) {
return _domainDao.findByUuid(domainUuid);
}
@Override
public String getName() {
return _name;

22
server/test/com/cloud/api/ListPerfTest.java
View File

@ -16,6 +16,8 @@
// under the License.
package com.cloud.api;
import static org.junit.Assert.*;
import java.util.HashMap;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.ExecutorService;
@ -24,6 +26,8 @@ import java.util.concurrent.Executors;
import org.junit.Before;
import org.junit.Test;
import com.cloud.utils.exception.CloudRuntimeException;
/**
* Test fixture to do performance test for list command
@ -175,7 +179,8 @@ public class ListPerfTest extends APITest {
params.put("response", "json");
params.put("listAll", "true");
params.put("sessionkey", sessionKey);
int clientCount = 6;
// assuming ApiRateLimitService set api.throttling.max = 25
int clientCount = 26;
Runnable[] clients = new Runnable[clientCount];
final boolean[] isUsable = new boolean[clientCount];
@ -196,8 +201,13 @@ public class ListPerfTest extends APITest {
try {
startGate.await();
System.out.println(sendRequest("listAccounts", params));
sendRequest("listAccounts", params);
isUsable[j] = true;
} catch (CloudRuntimeException e){
isUsable[j] = false;
e.printStackTrace();
} catch (InterruptedException e) {
e.printStackTrace();
} finally {
@ -217,6 +227,14 @@ public class ListPerfTest extends APITest {
endGate.await();
int rejectCount = 0;
for ( int i = 0; i < isUsable.length; ++i){
if ( !isUsable[i])
rejectCount++;
}
assertEquals("Only one request should be rejected!", 1, rejectCount);
}
}

6
server/test/com/cloud/network/MockNetworkManagerImpl.java
View File

@ -112,6 +112,12 @@ public class MockNetworkManagerImpl implements NetworkManager, Manager, NetworkS
return null;
}
@Override
public Network getNetwork(String networkUuid) {
// TODO Auto-generated method stub
return null;
}
@Override
public IpAddress getIp(long id) {
// TODO Auto-generated method stub

6
server/test/com/cloud/user/MockDomainManagerImpl.java
View File

@ -46,6 +46,12 @@ public class MockDomainManagerImpl implements Manager, DomainManager {
return null;
}
@Override
public Domain getDomain(String uuid) {
// TODO Auto-generated method stub
return null;
}
@Override
public boolean isChildDomain(Long parentId, Long childId) {
// TODO Auto-generated method stub

6
server/test/com/cloud/vpc/MockNetworkManagerImpl.java
View File

@ -156,6 +156,12 @@ public class MockNetworkManagerImpl implements NetworkManager, Manager{
return null;
}
@Override
public Network getNetwork(String networkUuid) {
// TODO Auto-generated method stub
return null;
}
/* (non-Javadoc)
* @see com.cloud.network.NetworkService#getIp(long)
*/

2
setup/db/db/schema-40to410.sql
View File

@ -142,8 +142,6 @@ UPDATE `cloud`.`conditions` set uuid=id WHERE uuid is NULL;
INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', '"detail.batch.query.size"', '2000', 'Default entity detail batch query size for listing');
INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', 'api.throttling.enabled', 'true, 'enable api rate limiting');
--- DB views for list api ---
use cloud;

11
setup/db/templates.kvm.sql
View File

@ -51,11 +51,12 @@ INSERT INTO `cloud`.`guest_os` (uuid, category_id, name, display_name) VALUES (U
INSERT INTO `cloud`.`guest_os` (uuid, category_id, name, display_name) VALUES (UUID(), 5, 'Fedora 10', 'Fedora 10');
INSERT INTO `cloud`.`guest_os` (uuid, category_id, name, display_name) VALUES (UUID(), 5, 'Fedora 9', 'Fedora 9');
INSERT INTO `cloud`.`guest_os` (uuid, category_id, name, display_name) VALUES (UUID(), 5, 'Fedora 8', 'Fedora 8');
INSERT INTO `cloud`.`guest_os` (uuid, category_id, name, display_name) VALUES (UUID(), 2, 'Ubuntu 10.04', 'Ubuntu 10.04');
INSERT INTO `cloud`.`guest_os` (uuid, category_id, name, display_name) VALUES (UUID(), 2, 'Ubuntu 9.10', 'Ubuntu 9.10');
INSERT INTO `cloud`.`guest_os` (uuid, category_id, name, display_name) VALUES (UUID(), 2, 'Ubuntu 9.04', 'Ubuntu 9.04');
INSERT INTO `cloud`.`guest_os` (uuid, category_id, name, display_name) VALUES (UUID(), 2, 'Ubuntu 8.10', 'Ubuntu 8.10');
INSERT INTO `cloud`.`guest_os` (uuid, category_id, name, display_name) VALUES (UUID(), 2, 'Ubuntu 8.04', 'Ubuntu 8.04');
INSERT INTO `cloud`.`guest_os` (uuid, category_id, name, display_name) VALUES (UUID(), 10, 'Ubuntu 12.04', 'Ubuntu 12.04');
INSERT INTO `cloud`.`guest_os` (uuid, category_id, name, display_name) VALUES (UUID(), 10, 'Ubuntu 10.04', 'Ubuntu 10.04');
INSERT INTO `cloud`.`guest_os` (uuid, category_id, name, display_name) VALUES (UUID(), 10, 'Ubuntu 9.10', 'Ubuntu 9.10');
INSERT INTO `cloud`.`guest_os` (uuid, category_id, name, display_name) VALUES (UUID(), 10, 'Ubuntu 9.04', 'Ubuntu 9.04');
INSERT INTO `cloud`.`guest_os` (uuid, category_id, name, display_name) VALUES (UUID(), 10, 'Ubuntu 8.10', 'Ubuntu 8.10');
INSERT INTO `cloud`.`guest_os` (uuid, category_id, name, display_name) VALUES (UUID(), 10, 'Ubuntu 8.04', 'Ubuntu 8.04');
INSERT INTO `cloud`.`guest_os` (uuid, category_id, name, display_name) VALUES (UUID(), 2, 'Debian Squeeze', 'Debian Squeeze');
INSERT INTO `cloud`.`guest_os` (uuid, category_id, name, display_name) VALUES (UUID(), 2, 'Debian Lenny', 'Debian Lenny');
INSERT INTO `cloud`.`guest_os` (uuid, category_id, name, display_name) VALUES (UUID(), 2, 'Debian Etch', 'Debian Etch');

7
setup/db/templates.sql
View File

@ -211,6 +211,8 @@ INSERT INTO `cloud`.`guest_os` (id, uuid, category_id, display_name) VALUES (159
INSERT INTO `cloud`.`guest_os` (id, uuid, category_id, display_name) VALUES (160, UUID(), 6, 'Windows PV');
INSERT INTO `cloud`.`guest_os` (id, uuid, category_id, display_name) VALUES (161, UUID(), 1, 'CentOS 5.7 (32-bit)');
INSERT INTO `cloud`.`guest_os` (id, uuid, category_id, display_name) VALUES (162, UUID(), 1, 'CentOS 5.7 (64-bit)');
INSERT INTO `cloud`.`guest_os` (id, uuid, category_id, display_name) VALUES (163, UUID(), 10, 'Ubuntu 12.04 (32-bit)');
INSERT INTO `cloud`.`guest_os` (id, uuid, category_id, display_name) VALUES (164, UUID(), 10, 'Ubuntu 12.04 (64-bit)');
INSERT INTO `cloud`.`guest_os` (id, uuid, category_id, display_name) VALUES (200, UUID(), 1, 'Other CentOS (32-bit)');
INSERT INTO `cloud`.`guest_os` (id, uuid, category_id, display_name) VALUES (201, UUID(), 1, 'Other CentOS (64-bit)');
@ -370,11 +372,13 @@ INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ("VmWare", 'Debian GNU/Linux 4(32-bit)', 73);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ("VmWare", 'Debian GNU/Linux 4(64-bit)', 74);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ("VmWare", 'Ubuntu 12.04 (32-bit)', 162);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ("VmWare", 'Ubuntu 10.04 (32-bit)', 121);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ("VmWare", 'Ubuntu 9.10 (32-bit)', 122);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ("VmWare", 'Ubuntu 9.04 (32-bit)', 123);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ("VmWare", 'Ubuntu 8.10 (32-bit)', 124);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ("VmWare", 'Ubuntu 8.04 (32-bit)', 125);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ("VmWare", 'Ubuntu 12.04 (64-bit)', 163);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ("VmWare", 'Ubuntu 10.04 (64-bit)', 126);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ("VmWare", 'Ubuntu 9.10 (64-bit)', 127);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ("VmWare", 'Ubuntu 9.04 (64-bit)', 128);
@ -385,6 +389,7 @@ INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ("VmWare", 'Other Ubuntu Linux (32-bit)', 59);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ("VmWare", 'Other Ubuntu (64-bit)', 100);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ("VmWare", 'Other 2.6x Linux (32-bit)', 75);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ("VmWare", 'Other 2.6x Linux (64-bit)', 76);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ("VmWare", 'Other Linux (32-bit)', 98);
@ -454,6 +459,8 @@ INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ('KVM', 'Fedora 8', 120);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ('KVM', 'Ubuntu 10.04', 121);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ('KVM', 'Ubuntu 10.04', 126);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ('KVM', 'Ubuntu 10.04', 162);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ('KVM', 'Ubuntu 10.04', 163);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ('KVM', 'Ubuntu 9.10', 122);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ('KVM', 'Ubuntu 9.10', 127);
INSERT INTO `cloud`.`guest_os_hypervisor` (hypervisor_type, guest_os_name, guest_os_id) VALUES ('KVM', 'Ubuntu 9.04', 123);

1
tools/apidoc/gen_toc.py
View File

@ -129,6 +129,7 @@ known_categories = {
'AutoScale': 'AutoScale',
'Counter': 'AutoScale',
'Condition': 'AutoScale',
'Api': 'API Discovery',
}

2
tools/apidoc/pom.xml
View File

@ -57,7 +57,7 @@
<argument>${client.config.jars}</argument>
<argument>./target</argument>
<argument>-f</argument>
<argument>${client.config.conf}/commands.properties,${client.config.conf}/commands-ext.properties,${client.config.conf}/virtualrouter_commands.properties,${client.config.conf}/nicira-nvp_commands.properties</argument>
<argument>${client.config.conf}/commands.properties</argument>
</arguments>
</configuration>
</execution>

115
tools/devcloud-kvm/devcloud-kvm-advanced.cfg Normal file
View File

@ -0,0 +1,115 @@
{
"zones": [
{
"localstorageenabled": "true",
"name": "testzone",
"guestcidraddress": "10.1.1.0/24",
"dns1": "8.8.8.8",
"physical_networks": [
{
"broadcastdomainrange": "Zone",
"vlan": "3900-4000",
"name": "eth0",
"traffictypes": [
{
"kvm": "cloudbr0",
"typ": "Management"
},
{
"kvm": "cloudbr0",
"typ": "Guest"
}
],
"providers": [
{
"broadcastdomainrange": "ZONE",
"name": "VirtualRouter"
},
{
"broadcastdomainrange": "ZONE",
"name": "VpcVirtualRouter"
}
]
},
{
"broadcastdomainrange": "Zone",
"name": "eth1",
"traffictypes": [
{
"kvm": "cloudbr1",
"typ": "Public"
}
],
"providers": [
{
"broadcastdomainrange": "ZONE",
"name": "VirtualRouter"
}
]
}
],
"ipranges": [
{
"startip": "192.168.100.100",
"endip": "192.168.100.199",
"netmask": "255.255.255.0",
"vlan": "untagged",
"gateway": "192.168.100.1"
}
],
"networktype": "Advanced",
"pods": [
{
"endip": "172.17.10.199",
"name": "testpod",
"startip": "172.17.10.100",
"netmask": "255.255.255.0",
"clusters": [
{
"clustername": "testcluster",
"hypervisor": "KVM",
"hosts": [
{
"username": "root",
"url": "http://172.17.10.10/",
"password": "password"
}
],
"clustertype": "CloudManaged"
}
],
"gateway": "172.17.10.1"
}
],
"internaldns1": "8.8.4.4",
"secondaryStorages": [
{
"url": "nfs://172.17.10.10:/nfs/secondary"
}
]
}
],
"dbSvr": {
"dbSvr": "127.0.0.1",
"passwd": "cloud",
"db": "cloud",
"port": 3306,
"user": "cloud"
},
"logger": [
{
"name": "TestClient",
"file": "/var/log/testclient.log"
},
{
"name": "TestCase",
"file": "/var/log/testcase.log"
}
],
"mgtSvr": [
{
"mgtSvrIp": "172.17.10.10",
"port": 8096
}
]
}

157
tools/devcloud-kvm/devcloud-kvm.py Normal file
View File

@ -0,0 +1,157 @@
#!/usr/bin/env python
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
'''
############################################################
# Experimental state of scripts
# * Need to be reviewed
# * Only a sandbox
############################################################
'''
import random
import marvin
from ConfigParser import SafeConfigParser
from optparse import OptionParser
from marvin.configGenerator import *
def getGlobalSettings(config):
for k, v in dict(config.items('globals')).iteritems():
cfg = configuration()
cfg.name = k
cfg.value = v
yield cfg
def describeDevcloudKvmResources(config):
zs = cloudstackConfiguration()
z = zone()
z.dns1 = config.get('environment', 'dns')
z.internaldns1 = config.get('environment', 'dns')
z.name = 'Devcloud-%s'%(config.get('cloudstack', 'hypervisor'))
z.networktype = 'Advanced'
z.guestcidraddress = '10.1.1.0/24'
z.localstorageenabled = 'true'
vpcprovider = provider()
vpcprovider.name = 'VpcVirtualRouter'
pn = physical_network()
pn.name = "eth0"
pn.vlan = config.get('cloudstack', 'pnet.vlan')
pn.tags = ["devcloud-guest"]
pn.traffictypes = [traffictype("Guest", {"kvm" :"kvm-guest" }), traffictype("Management")]
pn.providers.append(vpcprovider)
pn2 = physical_network()
pn2.name = "eth1"
pn2.vlan = config.get('cloudstack', 'pnet2.vlan')
pn2.tags = ["devcloud-public"]
pn2.traffictypes = [traffictype("Public", {"kvm" : "kvm-public"})]
pn2.providers.append(vpcprovider)
z.physical_networks.append(pn)
z.physical_networks.append(pn2)
p = pod()
p.name = 'POD0'
p.gateway = config.get('cloudstack', 'private.gateway')
p.startip = config.get('cloudstack', 'private.pod.startip')
p.endip = config.get('cloudstack', 'private.pod.endip')
p.netmask = config.get('cloudstack', 'private.netmask')
v = iprange()
v.gateway = config.get('cloudstack', 'public.gateway')
v.startip = config.get('cloudstack', 'public.vlan.startip')
v.endip = config.get('cloudstack', 'public.vlan.endip')
v.netmask = config.get('cloudstack', 'public.netmask')
v.vlan = config.get('cloudstack', 'public.vlan')
z.ipranges.append(v)
c = cluster()
c.clustername = 'C0'
c.hypervisor = config.get('cloudstack', 'hypervisor')
c.clustertype = 'CloudManaged'
h = host()
h.username = 'root'
h.password = config.get('cloudstack', 'host.password')
h.url = 'http://%s'%(config.get('cloudstack', 'host'))
c.hosts.append(h)
ps = primaryStorage()
ps.name = 'PS0'
ps.url = config.get('cloudstack', 'primary.pool')
c.primaryStorages.append(ps)
p.clusters.append(c)
z.pods.append(p)
secondary = secondaryStorage()
secondary.url = config.get('cloudstack', 'secondary.pool')
z.secondaryStorages.append(secondary)
'''Add zone'''
zs.zones.append(z)
'''Add mgt server'''
mgt = managementServer()
mgt.mgtSvrIp = config.get('environment', 'mshost')
mgt.user = config.get('environment', 'mshost.user')
mgt.passwd = config.get('environment', 'mshost.passwd')
zs.mgtSvr.append(mgt)
'''Add a database'''
db = dbServer()
db.dbSvr = config.get('environment', 'mysql.host')
db.user = config.get('environment', 'mysql.cloud.user')
db.passwd = config.get('environment', 'mysql.cloud.passwd')
zs.dbSvr = db
'''Add some configuration'''
[zs.globalConfig.append(cfg) for cfg in getGlobalSettings(config)]
''''add loggers'''
testClientLogger = logger()
testClientLogger.name = 'TestClient'
testClientLogger.file = 'testclient.log'
testCaseLogger = logger()
testCaseLogger.name = 'TestCase'
testCaseLogger.file = 'testcase.log'
zs.logger.append(testClientLogger)
zs.logger.append(testCaseLogger)
return zs
if __name__ == '__main__':
parser = OptionParser()
parser.add_option('-i', '--input', action='store', default='setup.properties', \
dest='input', help='file containing environment setup information')
parser.add_option('-o', '--output', action='store', default='./devcloud-kvm-advanced.cfg', \
dest='output', help='path where environment json will be generated')
(opts, args) = parser.parse_args()
cfg_parser = SafeConfigParser()
cfg_parser.read(opts.input)
cfg = describeDevcloudKvmResources(cfg_parser)
generate_setup_config(cfg, opts.output)

62
tools/devcloud-kvm/kvm.properties Normal file
View File

@ -0,0 +1,62 @@
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
[globals]
#global settings in cloudstack
expunge.delay=60
expunge.interval=60
storage.cleanup.interval=300
account.cleanup.interval=600
expunge.workers=3
workers=10
vm.allocation.algorithm=random
vm.op.wait.interval=5
guest.domain.suffix=devcloud.kvm
instance.name=vm
check.pod.cidrs=true
secstorage.allowed.internal.sites=10.147.28.0/24
[environment]
dns=8.8.8.8
mshost=127.0.0.1
mshost.user=root
mshost.passwd=password
mysql.host=127.0.0.1
mysql.cloud.user=cloud
mysql.cloud.passwd=cloud
[cloudstack]
#guest VLAN
pnet.vlan=3900-3919
pnet2.vlan=3920-3939
#management network
private.gateway=192.168.56.1
private.pod.startip=192.168.56.200
private.pod.endip=192.168.56.249
private.netmask=255.255.255.0
#public network
public.gateway=10.0.3.2
public.vlan=31
public.vlan.startip=10.0.3.100
public.vlan.endip=10.0.3.199
public.netmask=255.255.255.0
#hypervisor host information
hypervisor=KVM
host=192.168.56.10
host.password=password
#storage pools
primary.pool=nfs://192.168.56.10/opt/storage/primary
secondary.pool=nfs://192.168.56.10/opt/storage/secondary

118
tools/devcloud/devcloud-advanced.cfg Normal file
View File

@ -0,0 +1,118 @@
# This configuration is meant for running advanced networking, with management server on the laptop.
# It requires that the user run a DNS resolver within devcloud via 'apt-get install dnsmasq'
{
"zones": [
{
"localstorageenabled": "true",
"name": "testzone",
"guestcidraddress": "10.1.1.0/24",
"dns1": "8.8.8.8",
"physical_networks": [
{
"broadcastdomainrange": "Zone",
"vlan": "3900-4000",
"name": "eth0",
"traffictypes": [
{
"xen": "Pool-wide network associated with eth0",
"typ": "Management"
},
{
"xen": "Pool-wide network associated with eth0",
"typ": "Guest"
}
],
"providers": [
{
"broadcastdomainrange": "ZONE",
"name": "VirtualRouter"
},
{
"broadcastdomainrange": "ZONE",
"name": "VpcVirtualRouter"
}
]
},
{
"broadcastdomainrange": "Zone",
"name": "eth1",
"traffictypes": [
{
"xen": "Pool-wide network associated with eth1",
"typ": "Public"
}
],
"providers": [
{
"broadcastdomainrange": "ZONE",
"name": "VirtualRouter"
}
]
}
],
"ipranges": [
{
"startip": "10.0.3.100",
"endip": "10.0.3.199",
"netmask": "255.255.255.0",
"vlan": "untagged",
"gateway": "10.0.3.2"
}
],
"networktype": "Advanced",
"pods": [
{
"endip": "192.168.56.249",
"name": "testpod",
"startip": "192.168.56.200",
"netmask": "255.255.255.0",
"clusters": [
{
"clustername": "testcluster",
"hypervisor": "XenServer",
"hosts": [
{
"username": "root",
"url": "http://192.168.56.10/",
"password": "password"
}
],
"clustertype": "CloudManaged"
}
],
"gateway": "192.168.56.1"
}
],
"internaldns1": "192.168.56.10",
"secondaryStorages": [
{
"url": "nfs://192.168.56.10:/opt/storage/secondary"
}
]
}
],
"dbSvr": {
"dbSvr": "127.0.0.1",
"passwd": "cloud",
"db": "cloud",
"port": 3306,
"user": "cloud"
},
"logger": [
{
"name": "TestClient",
"file": "/var/log/testclient.log"
},
{
"name": "TestCase",
"file": "/var/log/testcase.log"
}
],
"mgtSvr": [
{
"mgtSvrIp": "192.168.56.10",
"port": 8096
}
]
}

124
tools/devcloud/devcloud-advanced_internal-mgt.cfg Normal file
View File

@ -0,0 +1,124 @@
# This config is designed to run as an advanced network, with management server in devcloud
# It also requires an 'apt-get install dnsmasq' to run a resolver in devcloud for internal dns
{
"zones": [
{
"localstorageenabled": "true",
"name": "testzone",
"guestcidraddress": "10.1.1.0/24",
"dns1": "8.8.8.8",
"physical_networks": [
{
"broadcastdomainrange": "Zone",
"vlan": "3900-4000",
"name": "eth0",
"traffictypes": [
{
"xen": "Pool-wide network associated with eth0",
"typ": "Management"
},
{
"xen": "Pool-wide network associated with eth0",
"typ": "Guest"
}
],
"providers": [
{
"broadcastdomainrange": "ZONE",
"name": "VirtualRouter"
},
{
"broadcastdomainrange": "ZONE",
"name": "VpcVirtualRouter"
}
]
},
{
"broadcastdomainrange": "Zone",
"name": "eth1",
"traffictypes": [
{
"xen": "Pool-wide network associated with eth1",
"typ": "Public"
}
],
"providers": [
{
"broadcastdomainrange": "ZONE",
"name": "VirtualRouter"
}
]
}
],
"ipranges": [
{
"startip": "10.0.3.100",
"endip": "10.0.3.199",
"netmask": "255.255.255.0",
"vlan": "untagged",
"gateway": "10.0.3.2"
}
],
"networktype": "Advanced",
"pods": [
{
"endip": "192.168.56.249",
"name": "testpod",
"startip": "192.168.56.200",
"netmask": "255.255.255.0",
"clusters": [
{
"clustername": "testcluster",
"hypervisor": "XenServer",
"hosts": [
{
"username": "root",
"url": "http://192.168.56.10/",
"password": "password"
}
],
"clustertype": "CloudManaged"
}
],
"gateway": "192.168.56.1"
}
],
"internaldns1": "192.168.56.10",
"secondaryStorages": [
{
"url": "nfs://192.168.56.10:/opt/storage/secondary"
}
]
}
],
"dbSvr": {
"dbSvr": "127.0.0.1",
"passwd": "cloud",
"db": "cloud",
"port": 3306,
"user": "cloud"
},
"logger": [
{
"name": "TestClient",
"file": "/var/log/testclient.log"
},
{
"name": "TestCase",
"file": "/var/log/testcase.log"
}
],
"mgtSvr": [
{
"mgtSvrIp": "192.168.56.10",
"port": 8096
}
],
"globalConfig": [
{
"name": "host",
"value": "192.168.56.10"
}
]
}

3
tools/marvin/marvin/configGenerator.py
View File

@ -65,8 +65,6 @@ class zone():
self.internaldns2 = None
self.securitygroupenabled = None
self.localstorageenabled = None
''' Guest Vlan range - only advanced zone'''
self.vlan = None
'''default public network, in advanced mode'''
self.ipranges = []
self.physical_networks = []
@ -80,6 +78,7 @@ class traffictype():
self.xen = labeldict['xen'] if 'xen' in labeldict.keys() else None
self.kvm = labeldict['kvm'] if 'kvm' in labeldict.keys() else None
self.vmware = labeldict['vmware'] if 'vmware' in labeldict.keys() else None
self.simulator = labeldict['simulator'] if 'simulator' in labeldict.keys() else None
#{
# 'xen' : 'cloud-xen',
# 'kvm' : 'cloud-kvm',

10
tools/marvin/marvin/deployDataCenter.py
View File

@ -258,10 +258,10 @@ class deployDataCenters():
traffic_type = addTrafficType.addTrafficTypeCmd()
traffic_type.physicalnetworkid = physical_network_id
traffic_type.traffictype = traffictype.typ
if traffictype.labeldict is not None:
traffic_type.kvmnetworklabel = traffictype.labeldict.kvm
traffic_type.xennetworklabel = traffictype.labeldict.xen
traffic_type.vmwarenetworklabel = traffictype.labeldict.vmware
traffic_type.kvmnetworklabel = traffictype.kvm if traffictype.kvm is not None else None
traffic_type.xennetworklabel = traffictype.xen if traffictype.xen is not None else None
traffic_type.vmwarenetworklabel = traffictype.vmware if traffictype.vmware is not None else None
traffic_type.simulatorlabel = traffictype.simulator if traffictype.simulator is not None else None
return self.apiClient.addTrafficType(traffic_type)
def enableZone(self, zoneid, allocation_state="Enabled"):
@ -289,7 +289,7 @@ class deployDataCenters():
for pnet in zone.physical_networks:
phynetwrk = self.createPhysicalNetwork(pnet, zoneId)
self.configureProviders(phynetwrk, pnet.providers)
self.updatePhysicalNetwork(phynetwrk.id, "Enabled", vlan=zone.vlan)
self.updatePhysicalNetwork(phynetwrk.id, "Enabled", vlan=pnet.vlan)
if zone.networktype == "Basic":
listnetworkoffering = listNetworkOfferings.listNetworkOfferingsCmd()

3
tools/marvin/marvin/integration/lib/base.py
View File

@ -1109,6 +1109,9 @@ class DiskOffering:
if domainid:
cmd.domainid = domainid
if services["storagetype"]:
cmd.storagetype = services["storagetype"]
return DiskOffering(apiclient.createDiskOffering(cmd).__dict__)
def delete(self, apiclient):

18
tools/marvin/marvin/sandbox/advanced/advanced_env.py
View File

@ -52,10 +52,22 @@ def describeResources(config):
pn = physical_network()
pn.name = "Sandbox-pnet"
pn.traffictypes = [traffictype("Guest"), traffictype("Management"), traffictype("Public")]
pn.vlan = config.get('cloudstack', 'pnet.vlan')
pn.tags = ["cloud-simulator-public"]
pn.traffictypes = [traffictype("Guest"),
traffictype("Management", {"simulator" : "cloud-simulator-mgmt"}),
traffictype("Public", {"simulator":"cloud-simulator-public"})]
pn.providers.append(vpcprovider)
pn2 = physical_network()
pn2.name = "Sandbox-pnet2"
pn2.vlan = config.get('cloudstack', 'pnet2.vlan')
pn2.tags = ["cloud-simulator-guest"]
pn2.traffictypes = [traffictype('Guest', {'simulator': 'cloud-simulator-guest'})]
pn2.providers.append(vpcprovider)
z.physical_networks.append(pn)
z.physical_networks.append(pn2)
p = pod()
p.name = 'POD0'
@ -118,11 +130,11 @@ def describeResources(config):
''''add loggers'''
testClientLogger = logger()
testClientLogger.name = 'TestClient'
testClientLogger.file = '/var/log/testclient.log'
testClientLogger.file = 'testclient.log'
testCaseLogger = logger()
testCaseLogger.name = 'TestCase'
testCaseLogger.file = '/var/log/testcase.log'
testCaseLogger.file = 'testcase.log'
zs.logger.append(testClientLogger)
zs.logger.append(testCaseLogger)

16
tools/marvin/marvin/sandbox/advanced/setup.properties
View File

@ -24,10 +24,9 @@ storage.cleanup.interval=300
account.cleanup.interval=600
expunge.workers=3
workers=10
use.user.concentrated.pod.allocation=false
vm.allocation.algorithm=random
vm.op.wait.interval=5
guest.domain.suffix=sandbox.kvm
guest.domain.suffix=sandbox.simulator
instance.name=QA
direct.agent.load.size=1000
default.page.size=10000
@ -35,15 +34,16 @@ check.pod.cidrs=true
secstorage.allowed.internal.sites=10.147.28.0/24
[environment]
dns=10.147.28.6
mshost=10.147.29.111
mshost=localhost
mshost.user=root
mshost.passwd=password
mysql.host=10.147.29.111
mysql.host=localhost
mysql.cloud.user=cloud
mysql.cloud.passwd=cloud
[cloudstack]
#guest VLAN
zone.vlan=675-679
pnet.vlan=675-679
pnet2.vlan=800-1000
#management network
private.gateway=10.147.29.1
private.pod.startip=10.147.29.150
@ -56,9 +56,9 @@ public.vlan.startip=10.147.31.150
public.vlan.endip=10.147.31.159
public.netmask=255.255.255.0
#hypervisor host information
hypervisor=XenServer
host=10.147.29.58
hypervisor=Simulator
host=simulator0
host.password=password
#storage pools
primary.pool=nfs://10.147.28.6:/export/home/sandbox/kamakura
primary.pool=nfs://10.147.28.6:/export/home/sandbox/primary
secondary.pool=nfs://10.147.28.6:/export/home/sandbox/sstor

10
ui/scripts/network.js
View File

@ -1259,12 +1259,16 @@
data.listvirtualmachinesresponse.virtualmachine : [],
function(instance) {
var nonAutoScale=0;
if(instance.displayname == null)
nonAutoScale = 1;
else{
if( instance.displayname.match(/AutoScale-LB-/)==null)
nonAutoScale =1;
else {
if(instance.displayname.match(/AutoScale-LB-/).length)
nonAutoScale =0;
}
}
var isActiveState= $.inArray(instance.state, ['Destroyed','Expunging']) == -1;
return nonAutoScale && isActiveState;
}
@ -2623,12 +2627,16 @@
function(instance) {
//Hiding the autoScale VMs
var nonAutoScale =0;
if(instance.displayname == null)
nonAutoScale = 1
else {
if(instance.displayname.match(/AutoScale-LB-/) == null)
nonAutoScale = 1;
else {
if( instance.displayname.match(/AutoScale-LB-/).length)
nonAutoScale =0;
}
}
}
var isActiveState = $.inArray(instance.state, ['Destroyed','Expunging']) == -1;
var notExisting = !$.grep(itemData, function(item) {
return item.id == instance.id;

3
ui/scripts/sharedFunctions.js
View File

@ -208,12 +208,13 @@ function parseXMLHttpResponse(XMLHttpResponse) {
var json = JSON.parse(XMLHttpResponse.responseText);
if (json != null) {
var property;
for(property in json) {}
for(property in json) {
var errorObj = json[property];
if(errorObj.errorcode == 401 && errorObj.errortext == "unable to verify user credentials and/or request signature")
return _l('label.session.expired');
else
return _s(errorObj.errortext);
}
}
else {
return "";

3
utils/src/com/cloud/utils/component/PluggableService.java
View File

@ -16,11 +16,12 @@
// under the License.
package com.cloud.utils.component;
import java.util.List;
import java.util.Map;
// This interface defines methods for pluggable code within the Cloud Stack.
public interface PluggableService {
// The config command properties filenames that lists allowed API commands
// and role masks supported by this pluggable service
Map<String, String> getProperties();
List<Class<?>> getCommands();
}

2
utils/src/com/cloud/utils/db/GenericDao.java
View File

@ -56,7 +56,7 @@ public interface GenericDao<T, ID extends Serializable> {
T findById(ID id, boolean fresh);
// Finds one unique VO using uuid
T findByUuid(ID uuid);
T findByUuid(String uuid);
/**
* @return VO object ready to be used for update. It won't have any fields filled in.

2
utils/src/com/cloud/utils/db/GenericDaoBase.java
View File

@ -915,7 +915,7 @@ public abstract class GenericDaoBase<T, ID extends Serializable> implements Gene
@Override @DB(txn=false)
@SuppressWarnings("unchecked")
public T findByUuid(final ID uuid) {
public T findByUuid(final String uuid) {
SearchCriteria<T> sc = createSearchCriteria();
sc.addAnd("uuid", SearchCriteria.Op.EQ, uuid);
return findOneBy(sc);

1
utils/src/com/cloud/utils/exception/CSExceptionErrorCode.java
View File

@ -96,6 +96,7 @@ public class CSExceptionErrorCode {
ExceptionErrorCodeMap.put("com.cloud.exception.UnsupportedServiceException", 4530);
ExceptionErrorCodeMap.put("com.cloud.exception.VirtualMachineMigrationException", 4535);
ExceptionErrorCodeMap.put("com.cloud.async.AsyncCommandQueued", 4540);
ExceptionErrorCodeMap.put("com.cloud.exception.RequestLimitException", 4545);
// Have a special error code for ServerApiException when it is
// thrown in a standalone manner when failing to detect any of the above