diff --git a/.gitignore b/.gitignore index d77203170ab..3db1674f860 100644 --- a/.gitignore +++ b/.gitignore @@ -45,10 +45,13 @@ deps/awsapi-lib/ git-remote-https.exe.stackdump *.swp tools/devcloud/devcloudbox/.vagrant -deps/*.jar -deps/*.war -deps/*.mar *.jar +*.war +*.mar +*.zip +*.iso +*.tar.gz +*.tgz awsapi/modules/* !.gitignore .classpath diff --git a/INSTALL.md b/INSTALL.md new file mode 100644 index 00000000000..54d02512ba2 --- /dev/null +++ b/INSTALL.md @@ -0,0 +1,143 @@ +This document describes how to set up and configure a single server CloudStack +development environment. If you aren't looking for a development environment, +the easiest way to deploy CloudStack is by using RPM or DEB packages from: + + - http://cloudstack.org/download.html + - http://jenkins.cloudstack.org (CI/Build server) + - http://cloudstack.apt-get.eu (Debian repository) + +CloudStack developers use various platforms for development, this guide will +focus on CentOS and was tested against a CentOS 6.2 x86_64 setup. + +Refer to the [wiki](http://cwiki.apache.org/confluence/display/CLOUDSTACK/Index) +for the latest information, especially: + + - [Setting up development environment](https://cwiki.apache.org/confluence/display/CLOUDSTACK/Setting+up+CloudStack+Development+Environment) for CloudStack. + - [Building](https://cwiki.apache.org/confluence/display/CLOUDSTACK/Building+with+Maven) CloudStack. + +## Setting up Development Environment + +### Installing Tools and Dependencies + +Install tools and dependencies used for development: + + $ yum install git ant ant-devel java-1.6.0-openjdk java-1.6.0-openjdk-devel + mysql mysql-server tomcat6 mkisofs gcc python MySQL-python openssh-clients wget + +Set up Maven (3.0.4): + + $ wget http://www.us.apache.org/dist/maven/maven-3/3.0.4/binaries/apache-maven-3.0.4-bin.tar.gz + $ cd /usr/local/ # or any path + $ tar -zxvf apache-maven-3.0.4-bin.tar.gz + $ echo export M2_HOME=/usr/local/apache-maven-3.0.4 >> ~/.bashrc # or .zshrc or .profile + $ echo export PATH=${M2_HOME}/bin:${PATH} >> ~/.bashrc # or .zshrc or .profile + +Note: Tomcat 6.0.35 has some known issue with CloudStack, please use Tomcat +6.0.33 from http://archive.apache.org/dist/tomcat/tomcat-6/v6.0.33/bin + +### Configure Environment + +Set CATALINA_HOME to path where you extract/install tomcat, put them in your +.bashrc or .zshrc or .profile: + + $ echo export CATALINA_HOME=/usr/share/tomcat6/ >> ~/.bashrc + +Fix permissions on CATALINA_HOME: + + $ chown -R : $CATALINA_HOME + +Generate you ssh keys, useful for ssh-ing to your hosts and vm etc.: + + $ ssh-keygen -t rsa -q + +CloudStack uses some ports, make sure at least those used by the management +server are available and not blocked by any local firewall. Following ports are +used by CloudStack and its entities: + +8787: CloudStack (Tomcat) debug socket +9090, 8250: CloudStack Management Server, User/Client API +8096: User/Client to CloudStack Management Server (unauthenticated) +3306: MySQL Server +3922, 8250, 80/443, 111/2049, 53: Secondary Storage VM +3922, 8250, 53: Console Proxy VM +3922, 8250, 53: Virtual Router +22, 80, 443: XenServer, XAPI +22: KVM +443: vCenter +DNS: 53 +NFS: 111/2049 + +### Configuring MySQL Server + +Start the MySQL service: + + $ service mysqld start + +### Getting the Source Code + +You may get the source code from the repository hosted on Apache: + + $ git clone https://git-wip-us.apache.org/repos/asf/incubator-cloudstack.git + +Or, you may fork a repository from the official Apache CloudStack mirror by +Apache on [Github](https://github.com/apache/incubator-cloudstack) + +To keep yourself updated on a branch, do: + + $ git pull + +For example, for master: + + $ git pull origin master + +## Building + +Populate the dependencies using Maven: + + $ mvn -P deps + +Clean previous build, if needed: + + $ mvn clean + $ ant clean-all + $ ant clean-tomcat + +Build all sub-modules: + + $ ant build-all + +Deploy the built project on tomcat: + + $ ant deploy-server + +Clear old database (if any) and deploy the database schema: + + $ ant deploydb + +Start the management server in debug mode: + + $ ant debug + +If this works, you've successfully setup a single server CloudStack installation. + +Open the following URL on your browser to access the Management Server UI: + + http://localhost:8080/client/ + +Or, + + http://management-server-ip-address:8080/client + +The default credentials are; user: admin, password: password and the domain +field should be left blank which is defaulted to the ROOT domain. + +## Packaging + +To create rpms: + + $ mvn -P deps && ./waf rpm + +To create debs: + + $ mvn -P deps && dpkg-buildpackage + diff --git a/INSTALL.txt b/INSTALL.txt deleted file mode 100644 index 87404780e06..00000000000 --- a/INSTALL.txt +++ /dev/null @@ -1,70 +0,0 @@ -This document describes how to set up and configure a single server CloudStack development environment. If you aren't looking for a development environment The easiest way is to deploy CloudStack from RPM package, building CloudStack from source is for developers. This guide is all about building CloudStack from the source and installing directly from there . This guide is suitable for you if you want to develop the CloudStack. - -I have tested this procedure on Fedora Core 14 - -Step 1: Install the tools and dependencies: -For fedora the package names are ant ant-devel, openjdk, openjdk-devel - -Tools: -yum install ant ant-devel openjdk openjdk-devel mysql mysql-server tomcat - -Dependencies: -yum install jakarta-commons-collections jakarta-commons-dbcp.noarch apache-commons-logging.noarch jakarta-commons-pool jakarta-commons-httpclient.noarch ws-commons-util.noarch glibc-devel gcc python MySQL-python openssh-clients - -Tomcat: -Download tomcat6.0.33 from http://archive.apache.org/dist/tomcat/tomcat-6/v6.0.33/bin/ instead of using distribution's default tomcat. Set CATALINA_HOME and CATALINA_BASE to path where you extract tomcat in environment variable, it would be better off setting them in .bashrc as it will take effect every time you log in. - -Note: Tomcat6.0.35 has some known issue with CloudStack, please avoid it - -SSHKEY: -Run: -sh-keygen -t rsa -q -to create sshkey for your account if you don't have one - -Step 2: Configuration - -Start the MySQL service : - -# service mysqld start - -Step 3: Get the source - -$ git clone https://github.com/CloudStack/CloudStack.git - -For subsequent pulls, do: -$ git pull - -Step 4: Building, testing, and deploying CloudStack using Ant : - -Ant is a Java-based build tool designed to be cross-platform, easy to use, extensible, and scalable. Ant is controlled by providing a text file that tells how to perform all the stages of building, testing, and deploying a project. These files are build files, and every project that uses Ant must have at least one named as build.xml. You can see build.xml in your CloudStack source. - -Type to build CloudStack : -$ ant clean-all build-all - -Type to deploy mgt server : -$ ant deploy-server - -Type to deploy database : -$ ant deploydb - -Type to run mgt server: -$ ant debug - -If all of the above process is successful. You are done the single server CloudStack installation.Now your CloudStack Management Server is running. - -Open your browser and type the bellow url in address bar: - -http://localhost:8080/client/ - -OR - -http://management-server-ip-address:8080/client - -You can see CloudStack Management Console page via a web browser. It will show you management consle login page. You can use the default username and password and leave domain as blank. - -The default credentials are “admin” for user and “password” for password. The domain field should be left blank. A blank -domain field is defaulted to the ROOT domain. - -NOTE : This document is very basic CloudStack development installation. If you are very new to CloudStack and want to feel the power of CloudStack very quickly in RPM based distro, this document will guide very clear step to get it done. Since I am new to CloudStack, I doing this documentation by learning from community. I will keet update new information in this guide to make it more valuable resource. - - diff --git a/LICENSE b/LICENSE index 1394d656fa0..d43769fbf4b 100644 --- a/LICENSE +++ b/LICENSE @@ -184,7 +184,7 @@ This distribution contains third party resources. Within the . directory licensed under the BSD (3-clause) http://www.opensource.org/licenses/BSD-3-Clause (as follows) - Copyright 2005-2010 Thomas Nagy + Copyright (c) 2005-2010 Thomas Nagy Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions @@ -217,7 +217,7 @@ Within the . directory Within the awsapi directory licensed under the BSD (3-clause) http://www.opensource.org/licenses/BSD-3-Clause (as follows) - Copyright 2005-2010 Thomas Nagy + Copyright (c) 2005-2010 Thomas Nagy Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions @@ -250,7 +250,7 @@ Within the awsapi directory Within the console-proxy/js directory licensed under the MIT License http://www.opensource.org/licenses/mit-license.php (as follows) - Copyright 2009, John Resig + Copyright (c) 2009, John Resig Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the @@ -312,7 +312,7 @@ Within the deps directory Within the deps/awsapi-lib directory licensed under the ANTLR 2 License http://www.antlr2.org/license.html (as follows) - + ANTLR 2 License We reserve no legal rights to the ANTLR--it is fully in the public domain. An @@ -328,17 +328,17 @@ Within the deps/awsapi-lib directory remain intact in our source code. As long as these guidelines are kept, we expect to continue enhancing this system and expect to make other tools available as they are completed. - + from ANTLR Translator Generator Project http://www.antlr2.org/ antlr-2.7.6.jar http://repo1.maven.org/maven2/antlr/antlr/2.7.6/antlr-2.7.6-sources.jar licensed under the Apache License, Version 2 http://www.apache.org/licenses/LICENSE-2.0.txt (as above) - Copyright 2004-2008 The Apache Software Foundation + Copyright (c) 2004-2008 The Apache Software Foundation from The Apache Software Foundation http://www.apache.org/ XmlSchema-1.4.3.jar licensed under the Apache License, Version 2 http://www.apache.org/licenses/LICENSE-2.0.txt (as above) - Copyright 2004-2012 The Apache Software Foundation + Copyright (c) 2004-2012 The Apache Software Foundation from The Apache Software Foundation http://www.apache.org/ apache-log4j-extras-1.0.jar http://logging.apache.org/log4j/companions/extras/ axiom-api-1.2.8.jar http://ws.apache.org/axiom/source-repository.html @@ -370,7 +370,7 @@ Within the deps/awsapi-lib directory xml-apis.jar http://repo1.maven.org/maven2/xml-apis/xml-apis/1.3.04/xml-apis-1.3.04-sources.jar licensed under the Apache License, Version 2 http://www.apache.org/licenses/LICENSE-2.0.txt (as above) - Copyright 2009 Google Inc. + Copyright (c) 2009 Google Inc. from Google Inc. http://google.com cloud-gson.jar http://code.google.com/p/google-gson/ @@ -381,7 +381,7 @@ Within the deps/awsapi-lib directory licensed under the BSD (3-clause) http://www.opensource.org/licenses/BSD-3-Clause (as follows) - Copyright 2002-2011 Atsuhiko Yamanaka, JCraft,Inc. + Copyright (c) 2002-2011 Atsuhiko Yamanaka, JCraft,Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions @@ -412,7 +412,7 @@ Within the deps/awsapi-lib directory licensed under the COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 http://www.opensource.org/licenses/CDDL-1.0 (as follows) - Copyright 1997-2010 Oracle and/or its affiliates. All rights reserved. + Copyright (c) 1997-2010 Oracle and/or its affiliates. All rights reserved. COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 @@ -802,7 +802,7 @@ Within the deps/awsapi-lib directory licensed under the COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 http://www.opensource.org/licenses/CDDL-1.0 (as follows) - Copyright 2006 Sun Microsystems, Inc. All rights reserved. + Copyright (c) 2006 Sun Microsystems, Inc. All rights reserved. COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 @@ -1190,7 +1190,7 @@ Within the deps/awsapi-lib directory licensed under the COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 http://www.opensource.org/licenses/CDDL-1.0 (as follows) - Copyright 1997-2010 Oracle and/or its affiliates. All rights reserved. + Copyright (c) 1997-2010 Oracle and/or its affiliates. All rights reserved. COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 @@ -1839,13 +1839,13 @@ Within the deps/awsapi-lib directory STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - + from DOM4J Project http://dom4j.sourceforge.net/ dom4j-1.6.1.jar http://dom4j.sourceforge.net/source-repository.html licensed under the MIT License http://www.opensource.org/licenses/mit-license.php (as follows) - Copyright 2004-2011 QOS.ch + Copyright (c) 2004-2011 QOS.ch Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the @@ -2343,21 +2343,79 @@ Within the deps/awsapi-lib directory use the text of this Exhibit A rather than the text found in the Original Code Source Code for Your Modifications.] - + from Shigeru Chiba http://www.csg.ci.i.u-tokyo.ac.jp/~chiba/javassist/ javassist-3.9.0.GA.jar http://sourceforge.net/projects/jboss/files/Javassist/ +Within the patches/systemvm/debian/config/etc directory + placed in the public domain + by Adiscon GmbH http://www.adiscon.com/ + rsyslog.conf + by Simon Kelley + dnsmasq.conf + vpcdnsmasq.conf + + +Within the patches/systemvm/debian/config/etc/apache2 directory + licensed under the Apache License, Version 2 http://www.apache.org/licenses/LICENSE-2.0.txt (as above) + Copyright (c) 2012 The Apache Software Foundation + from The Apache Software Foundation http://www.apache.org/ + httpd.conf + ports.conf + sites-available/default + sites-available/default-ssl + vhostexample.conf + + +Within the patches/systemvm/debian/config/etc/ssh/ directory + licensed under the BSD (2-clause) http://www.opensource.org/licenses/BSD-2-Clause (as follows) + + + Redistribution and use in source and binary forms, with or without modification, + are permitted provided that the following conditions are met: + + Redistributions of source code must retain the above copyright notice, this list + of conditions and the following disclaimer. Redistributions in binary form must + reproduce the above copyright notice, this list of conditions and the following + disclaimer in the documentation and/or other materials provided with the + distribution. + + Neither the name of the author nor the names of contributors may be used to + endorse or promote products derived from this software without specific prior + written permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND + ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED + WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR + ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; + LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON + ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS + SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + from OpenSSH Project http://www.openssh.org/ + sshd_config + + +Within the patches/systemvm/debian/config/root/redundant_router directory + placed in the public domain + by The netfilter.org project http://www.netfilter.org/ + conntrackd.conf.templ + + Within the scripts/storage/secondary directory licensed under the Apache License, Version 2 http://www.apache.org/licenses/LICENSE-2.0.txt (as above) - Copyright 2010-2011 OpenStack, LLC. + Copyright (c) 2010-2011 OpenStack, LLC. from OpenStack, LLC http://www.openstack.org swift Within the scripts/vm/hypervisor/xenserver directory licensed under the Apache License, Version 2 http://www.apache.org/licenses/LICENSE-2.0.txt (as above) - Copyright 2010-2011 OpenStack, LLC. + Copyright (c) 2010-2011 OpenStack, LLC. from OpenStack, LLC http://www.openstack.org swift @@ -2369,7 +2427,7 @@ Within the target/jar directory licensed under the Apache License, Version 1.1 http://www.apache.org/licenses/LICENSE-1.1 (as follows) - Copyright 2012 The Apache Software Foundation + Copyright (c) 2012 The Apache Software Foundation /* ==================================================================== * The Apache Software License, Version 1.1 @@ -2429,7 +2487,7 @@ Within the target/jar directory cloud-commons-discovery.jar http://commons.apache.org/discovery/ licensed under the Apache License, Version 2 http://www.apache.org/licenses/LICENSE-2.0.txt (as above) - Copyright 2012 The Apache Software Foundation + Copyright (c) 2012 The Apache Software Foundation from The Apache Software Foundation http://www.apache.org/ cloud-axis.jar http://axis.apache.org/axis/ cloud-cglib.jar http://cglib.sourceforge.net/ @@ -2453,12 +2511,12 @@ Within the target/jar directory cloud-jasypt-1.9.jar http://www.jasypt.org licensed under the Apache License, Version 2 http://www.apache.org/licenses/LICENSE-2.0.txt (as above) - Copyright 2003-2007 Luck Consulting Pty Ltd + Copyright (c) 2003-2007 Luck Consulting Pty Ltd from Luck Consulting Pty Ltd http://gregluck.com/blog/about/ cloud-ehcache.jar http://ehcache.org/ licensed under the Apache License, Version 2 http://www.apache.org/licenses/LICENSE-2.0.txt (as above) - Copyright 2009 Google Inc. + Copyright (c) 2009 Google Inc. from Google Inc. http://google.com cloud-google-gson-1.7.1.jar http://code.google.com/p/google-gson/ @@ -2470,7 +2528,7 @@ Within the target/jar directory licensed under the BSD (3-clause) http://www.opensource.org/licenses/BSD-3-Clause (as follows) - Copyright 2009, Caringo, Inc. + Copyright (c) 2009, Caringo, Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions @@ -2501,7 +2559,7 @@ Within the target/jar directory licensed under the BSD (3-clause) http://www.opensource.org/licenses/BSD-3-Clause (as follows) - Copyright 2002-2011 Atsuhiko Yamanaka, JCraft,Inc. + Copyright (c) 2002-2011 Atsuhiko Yamanaka, JCraft,Inc. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions @@ -2532,7 +2590,7 @@ Within the target/jar directory licensed under the BSD (3-clause) http://www.opensource.org/licenses/BSD-3-Clause (as follows) - Copyright 2007-2008 Trilead AG (http://www.trilead.com) + Copyright (c) 2007-2008 Trilead AG (http://www.trilead.com) All rights reserved. Redistribution and use in source and binary forms, with or without @@ -2593,7 +2651,7 @@ Within the target/jar directory licensed under the COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 http://www.opensource.org/licenses/CDDL-1.0 (as follows) - Copyright 2006 Sun Microsystems, Inc. All rights reserved. + Copyright (c) 2006 Sun Microsystems, Inc. All rights reserved. COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 @@ -2982,7 +3040,7 @@ Within the target/jar directory licensed under the COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 http://www.opensource.org/licenses/CDDL-1.0 (as follows) - Copyright 1997-2010 Oracle and/or its affiliates. All rights reserved. + Copyright (c) 1997-2010 Oracle and/or its affiliates. All rights reserved. COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0 @@ -3370,7 +3428,7 @@ Within the target/jar directory licensed under the Common Public License - v 1.0 http://opensource.org/licenses/cpl1.0 (as follows) - Copyright IBM Corp 2006 + Copyright (c) IBM Corp 2006 Common Public License Version 1.0 (CPL) @@ -3812,7 +3870,7 @@ Within the target/jar directory licensed under the Eclipse Distribution License Version 1.0 http://www.eclipse.org/org/documents/edl-v10.php (as follows) - Copyright 2012 The Eclipse Foundation. + Copyright (c) 2012 The Eclipse Foundation. Eclipse Distribution License Version 1.0 @@ -3845,6 +3903,34 @@ Within the target/jar directory from The Eclipse Foundation http://www.eclipse.org cloud-javax.persistence-2.0.0.jar http://wiki.eclipse.org/EclipseLink/Release/2.0.0 + licensed under the MIT License http://www.opensource.org/licenses/mit-license.php (as follows) + + Copyright (C) 2008 Tth Istvn + 2008-2012 Daniel Veillard + 2009-2011 Bryan Kearney + + Permission is hereby granted, free of charge, to any person obtaining + a copy of this software and associated documentation files (the + "Software"), to deal in the Software without restriction, including + without limitation the rights to use, copy, modify, merge, publish, + distribute, sublicense, and/or sell copies of the Software, and to + permit persons to whom the Software is furnished to do so, subject to + the following conditions: + + The above copyright notice and this permission notice shall be + included in all copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, + EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF + MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND + NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE + LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION + OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION + WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. + + from The libvirt project http://libvirt.org/ + libvirt-java-0.4.9 + licensed under the XStream BSD Style License https://fisheye.codehaus.org/browse/xstream/trunk/LICENSE.txt?hb=true (as follows) @@ -3881,13 +3967,6 @@ Within the target/jar directory cloud-xstream-1.3.1.jar http://xstream.codehaus.org/repository.html -Within the tools/gcc directory - licensed under the Apache License, Version 2 http://www.apache.org/licenses/LICENSE-2.0.txt (as above) - Copyright 2009 Google Inc. - from Google Inc. http://google.com - compiler.jar - - Within the ui/lib directory placed in the public domain by Eric Meyer http://meyerweb.com/eric/ @@ -3895,7 +3974,7 @@ Within the ui/lib directory licensed under the BSD (2-clause) http://www.opensource.org/licenses/BSD-2-Clause (as follows) - Copyright 2008 George McGinley Smith + Copyright (c) 2008 George McGinley Smith All rights reserved. Redistribution and use in source and binary forms, with or without modification, @@ -3927,7 +4006,7 @@ Within the ui/lib directory licensed under the MIT License http://www.opensource.org/licenses/mit-license.php (as follows) - Copyright 2011, John Resig + Copyright (c) 2011, John Resig Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the @@ -3953,7 +4032,7 @@ Within the ui/lib directory licensed under the MIT License http://www.opensource.org/licenses/mit-license.php (as follows) - Copyright 2006 - 2011 Jrn Zaefferer + Copyright (c) 2006 - 2011 Jrn Zaefferer Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the @@ -3979,7 +4058,7 @@ Within the ui/lib directory licensed under the MIT License http://www.opensource.org/licenses/mit-license.php (as follows) - Copyright 2010, Sebastian Tschan + Copyright (c) 2010, Sebastian Tschan Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the @@ -4005,7 +4084,7 @@ Within the ui/lib directory licensed under the MIT License http://www.opensource.org/licenses/mit-license.php (as follows) - Copyright 2006 Klaus Hartl (stilbuero.de) + Copyright (c) 2006 Klaus Hartl (stilbuero.de) Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the @@ -4151,7 +4230,7 @@ Within the ui/lib/jquery-ui directory Within the ui/lib/qunit directory licensed under the MIT License http://www.opensource.org/licenses/mit-license.php (as follows) - Copyright 2012 John Resig, Jrn Zaefferer + Copyright (c) 2012 John Resig, Jrn Zaefferer Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the @@ -4179,7 +4258,7 @@ Within the ui/lib/qunit directory Within the utils/src/com/cloud/utils/db directory licensed under the Apache License, Version 2 http://www.apache.org/licenses/LICENSE-2.0.txt (as above) - Copyright 2004 Clinton Begin + Copyright (c) 2004 Clinton Begin from Clinton Begin http://code.google.com/p/mybatis/ ScriptRunner.java http://code.google.com/p/mybatis/ diff --git a/README.md b/README.md index a672397c31a..c565de6a0ae 100644 --- a/README.md +++ b/README.md @@ -53,7 +53,7 @@ Software License Version 2. To build the default build target, use maven3 and execute: -maven install +mvn install ## Including optional third party libraries in your build diff --git a/agent-simulator/src/com/cloud/agent/manager/MockVmManager.java b/agent-simulator/src/com/cloud/agent/manager/MockVmManager.java index cd8f5faf7da..07cf584883e 100644 --- a/agent-simulator/src/com/cloud/agent/manager/MockVmManager.java +++ b/agent-simulator/src/com/cloud/agent/manager/MockVmManager.java @@ -19,21 +19,7 @@ package com.cloud.agent.manager; import java.util.HashMap; import java.util.Map; -import com.cloud.agent.api.Answer; -import com.cloud.agent.api.CheckVirtualMachineCommand; -import com.cloud.agent.api.CleanupNetworkRulesCmd; -import com.cloud.agent.api.GetDomRVersionAnswer; -import com.cloud.agent.api.GetDomRVersionCmd; -import com.cloud.agent.api.GetVmStatsCommand; -import com.cloud.agent.api.GetVncPortCommand; -import com.cloud.agent.api.MigrateAnswer; -import com.cloud.agent.api.MigrateCommand; -import com.cloud.agent.api.NetworkUsageCommand; -import com.cloud.agent.api.RebootCommand; -import com.cloud.agent.api.SecurityGroupRuleAnswer; -import com.cloud.agent.api.SecurityGroupRulesCmd; -import com.cloud.agent.api.StartCommand; -import com.cloud.agent.api.StopCommand; +import com.cloud.agent.api.*; import com.cloud.agent.api.check.CheckSshAnswer; import com.cloud.agent.api.check.CheckSshCommand; import com.cloud.agent.api.proxy.CheckConsoleProxyLoadCommand; @@ -90,5 +76,8 @@ public interface MockVmManager extends Manager { MigrateAnswer Migrate(MigrateCommand cmd, SimulatorInfo info); GetDomRVersionAnswer getDomRVersion(GetDomRVersionCmd cmd); Map getVms(String hostGuid); - + + CheckRouterAnswer checkRouter(CheckRouterCommand cmd); + + Answer bumpPriority(BumpUpPriorityCommand cmd); } diff --git a/agent-simulator/src/com/cloud/agent/manager/MockVmManagerImpl.java b/agent-simulator/src/com/cloud/agent/manager/MockVmManagerImpl.java index d740ab77eaf..78881f2fc3a 100644 --- a/agent-simulator/src/com/cloud/agent/manager/MockVmManagerImpl.java +++ b/agent-simulator/src/com/cloud/agent/manager/MockVmManagerImpl.java @@ -25,43 +25,15 @@ import java.util.concurrent.ConcurrentHashMap; import javax.ejb.Local; import javax.naming.ConfigurationException; +import com.cloud.agent.api.*; +import com.cloud.agent.api.routing.*; +import com.cloud.network.router.VirtualRouter; import org.apache.log4j.Logger; -import com.cloud.agent.api.Answer; -import com.cloud.agent.api.CheckVirtualMachineAnswer; -import com.cloud.agent.api.CheckVirtualMachineCommand; -import com.cloud.agent.api.CleanupNetworkRulesCmd; -import com.cloud.agent.api.GetDomRVersionAnswer; -import com.cloud.agent.api.GetDomRVersionCmd; -import com.cloud.agent.api.GetVmStatsAnswer; -import com.cloud.agent.api.GetVmStatsCommand; -import com.cloud.agent.api.GetVncPortAnswer; -import com.cloud.agent.api.GetVncPortCommand; -import com.cloud.agent.api.MigrateAnswer; -import com.cloud.agent.api.MigrateCommand; -import com.cloud.agent.api.NetworkUsageAnswer; -import com.cloud.agent.api.NetworkUsageCommand; -import com.cloud.agent.api.RebootAnswer; -import com.cloud.agent.api.RebootCommand; -import com.cloud.agent.api.SecurityGroupRuleAnswer; -import com.cloud.agent.api.SecurityGroupRulesCmd; -import com.cloud.agent.api.StartAnswer; -import com.cloud.agent.api.StartCommand; -import com.cloud.agent.api.StopAnswer; -import com.cloud.agent.api.StopCommand; -import com.cloud.agent.api.VmStatsEntry; import com.cloud.agent.api.check.CheckSshAnswer; import com.cloud.agent.api.check.CheckSshCommand; import com.cloud.agent.api.proxy.CheckConsoleProxyLoadCommand; import com.cloud.agent.api.proxy.WatchConsoleProxyLoadCommand; -import com.cloud.agent.api.routing.DhcpEntryCommand; -import com.cloud.agent.api.routing.IpAssocCommand; -import com.cloud.agent.api.routing.LoadBalancerConfigCommand; -import com.cloud.agent.api.routing.SavePasswordCommand; -import com.cloud.agent.api.routing.SetFirewallRulesCommand; -import com.cloud.agent.api.routing.SetPortForwardingRulesCommand; -import com.cloud.agent.api.routing.SetStaticNatRulesCommand; -import com.cloud.agent.api.routing.VmDataCommand; import com.cloud.agent.api.to.NicTO; import com.cloud.agent.api.to.VirtualMachineTO; import com.cloud.network.Networks.TrafficType; @@ -262,8 +234,37 @@ public class MockVmManagerImpl implements MockVmManager { txn.close(); } } - - @Override + + @Override + public CheckRouterAnswer checkRouter(CheckRouterCommand cmd) { + String router_name = cmd.getAccessDetail(NetworkElementCommand.ROUTER_NAME); + int router_id = Integer.parseInt(router_name.split("-")[1]); + if (router_id % 2 == 0) { + s_logger.debug("Found even routerId, making it MASTER in RvR"); + CheckRouterAnswer ans = new CheckRouterAnswer(cmd, "Status: MASTER & Bumped: NO", true); + ans.setState(VirtualRouter.RedundantState.MASTER); + return ans; + } else { + s_logger.debug("Found odd routerId, making it BACKUP in RvR"); + CheckRouterAnswer ans = new CheckRouterAnswer(cmd, "Status: MASTER & Bumped: NO", true); + ans.setState(VirtualRouter.RedundantState.BACKUP); + return ans; + } + } + + @Override + public Answer bumpPriority(BumpUpPriorityCommand cmd) { + String router_name = cmd.getAccessDetail(NetworkElementCommand.ROUTER_NAME); + int router_id = Integer.parseInt(router_name.split("-")[1]); + if (router_id % 2 == 0) { + return new Answer(cmd, true, "Status: MASTER & Bumped: YES"); + } else { + return new Answer(cmd, true, "Status: BACKUP & Bumped: YES"); + } + + } + + @Override public Map getVmStates(String hostGuid) { Transaction txn = Transaction.open(Transaction.SIMULATOR_DB); try { diff --git a/agent-simulator/src/com/cloud/agent/manager/SimulatorManagerImpl.java b/agent-simulator/src/com/cloud/agent/manager/SimulatorManagerImpl.java index 60f76fd7482..9a81ea6edaa 100644 --- a/agent-simulator/src/com/cloud/agent/manager/SimulatorManagerImpl.java +++ b/agent-simulator/src/com/cloud/agent/manager/SimulatorManagerImpl.java @@ -24,45 +24,9 @@ import java.util.Map; import javax.ejb.Local; import javax.naming.ConfigurationException; +import com.cloud.agent.api.*; import org.apache.log4j.Logger; -import com.cloud.agent.api.Answer; -import com.cloud.agent.api.AttachIsoCommand; -import com.cloud.agent.api.AttachVolumeCommand; -import com.cloud.agent.api.BackupSnapshotCommand; -import com.cloud.agent.api.CheckHealthCommand; -import com.cloud.agent.api.CheckNetworkCommand; -import com.cloud.agent.api.CheckVirtualMachineCommand; -import com.cloud.agent.api.CleanupNetworkRulesCmd; -import com.cloud.agent.api.ClusterSyncAnswer; -import com.cloud.agent.api.ClusterSyncCommand; -import com.cloud.agent.api.Command; -import com.cloud.agent.api.ComputeChecksumCommand; -import com.cloud.agent.api.CreatePrivateTemplateFromSnapshotCommand; -import com.cloud.agent.api.CreatePrivateTemplateFromVolumeCommand; -import com.cloud.agent.api.CreateStoragePoolCommand; -import com.cloud.agent.api.CreateVolumeFromSnapshotCommand; -import com.cloud.agent.api.DeleteSnapshotBackupCommand; -import com.cloud.agent.api.DeleteStoragePoolCommand; -import com.cloud.agent.api.GetDomRVersionCmd; -import com.cloud.agent.api.GetHostStatsCommand; -import com.cloud.agent.api.GetStorageStatsCommand; -import com.cloud.agent.api.GetVmStatsCommand; -import com.cloud.agent.api.GetVncPortCommand; -import com.cloud.agent.api.MaintainCommand; -import com.cloud.agent.api.ManageSnapshotCommand; -import com.cloud.agent.api.MigrateCommand; -import com.cloud.agent.api.ModifyStoragePoolCommand; -import com.cloud.agent.api.NetworkUsageCommand; -import com.cloud.agent.api.PingTestCommand; -import com.cloud.agent.api.PrepareForMigrationCommand; -import com.cloud.agent.api.RebootCommand; -import com.cloud.agent.api.SecStorageSetupCommand; -import com.cloud.agent.api.SecStorageVMSetupCommand; -import com.cloud.agent.api.SecurityGroupRulesCmd; -import com.cloud.agent.api.StartCommand; -import com.cloud.agent.api.StopCommand; -import com.cloud.agent.api.StoragePoolInfo; import com.cloud.agent.api.check.CheckSshCommand; import com.cloud.agent.api.proxy.CheckConsoleProxyLoadCommand; import com.cloud.agent.api.proxy.WatchConsoleProxyLoadCommand; @@ -292,13 +256,17 @@ public class SimulatorManagerImpl implements SimulatorManager { return _mockAgentMgr.maintain((MaintainCommand)cmd); } else if (cmd instanceof GetVmStatsCommand) { return _mockVmMgr.getVmStats((GetVmStatsCommand)cmd); + } else if (cmd instanceof CheckRouterCommand) { + return _mockVmMgr.checkRouter((CheckRouterCommand) cmd); + } else if (cmd instanceof BumpUpPriorityCommand) { + return _mockVmMgr.bumpPriority((BumpUpPriorityCommand) cmd); } else if (cmd instanceof GetDomRVersionCmd) { - return _mockVmMgr.getDomRVersion((GetDomRVersionCmd)cmd); + return _mockVmMgr.getDomRVersion((GetDomRVersionCmd) cmd); } else if (cmd instanceof ClusterSyncCommand) { return new Answer(cmd); //return new ClusterSyncAnswer(((ClusterSyncCommand) cmd).getClusterId(), this.getVmStates(hostGuid)); } else if (cmd instanceof CopyVolumeCommand) { - return _mockStorageMgr.CopyVolume((CopyVolumeCommand)cmd); + return _mockStorageMgr.CopyVolume((CopyVolumeCommand) cmd); } else { return Answer.createUnsupportedCommandAnswer(cmd); } diff --git a/agent-simulator/src/com/cloud/simulator/SimulatorRuntimeException.java b/agent-simulator/src/com/cloud/simulator/SimulatorRuntimeException.java index 96a1e244584..ce962a2d296 100644 --- a/agent-simulator/src/com/cloud/simulator/SimulatorRuntimeException.java +++ b/agent-simulator/src/com/cloud/simulator/SimulatorRuntimeException.java @@ -1,3 +1,20 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + package com.cloud.simulator; import com.cloud.utils.SerialVersionUID; @@ -21,4 +38,4 @@ public class SimulatorRuntimeException extends RuntimeCloudException { protected SimulatorRuntimeException() { super(); } -} \ No newline at end of file +} diff --git a/agent/pom.xml b/agent/pom.xml index a5595805042..458d97ce4df 100644 --- a/agent/pom.xml +++ b/agent/pom.xml @@ -16,15 +16,14 @@ specific language governing permissions and limitations under the License. --> - + 4.0.0 cloud-agent Apache CloudStack Agents org.apache.cloudstack cloudstack - 4.0.0-SNAPSHOT + 4.1.0-SNAPSHOT diff --git a/api/pom.xml b/api/pom.xml index db147758ff3..f25a6bcbf74 100644 --- a/api/pom.xml +++ b/api/pom.xml @@ -16,15 +16,14 @@ specific language governing permissions and limitations under the License. --> - + 4.0.0 cloud-api Apache CloudStack API org.apache.cloudstack cloudstack - 4.0.0-SNAPSHOT + 4.1.0-SNAPSHOT diff --git a/api/src/com/cloud/agent/api/SetupGuestNetworkCommand.java b/api/src/com/cloud/agent/api/SetupGuestNetworkCommand.java index 693db291e5f..10dab557bf5 100644 --- a/api/src/com/cloud/agent/api/SetupGuestNetworkCommand.java +++ b/api/src/com/cloud/agent/api/SetupGuestNetworkCommand.java @@ -45,6 +45,10 @@ public class SetupGuestNetworkCommand extends NetworkElementCommand{ return networkDomain; } + public boolean isAdd() { + return add; + } + @Override public boolean executeInSequence() { return true; diff --git a/api/src/com/cloud/api/commands/AddVpnUserCmd.java b/api/src/com/cloud/api/commands/AddVpnUserCmd.java index 4a4be0178ec..10dc11a6e43 100644 --- a/api/src/com/cloud/api/commands/AddVpnUserCmd.java +++ b/api/src/com/cloud/api/commands/AddVpnUserCmd.java @@ -120,7 +120,7 @@ public class AddVpnUserCmd extends BaseAsyncCreateCmd { public void execute(){ VpnUser vpnUser = _entityMgr.findById(VpnUser.class, getEntityId()); Account account = _entityMgr.findById(Account.class, vpnUser.getAccountId()); - if (!_ravService.applyVpnUsers(vpnUser.getAccountId())) { + if (!_ravService.applyVpnUsers(vpnUser.getAccountId(), userName)) { throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to add vpn user"); } diff --git a/api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java b/api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java index 666611476aa..3f3915a705d 100644 --- a/api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java +++ b/api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java @@ -63,9 +63,15 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements P description = "the protocol for the port fowarding rule. Valid values are TCP or UDP.") private String protocol; + @Parameter(name = ApiConstants.PRIVATE_END_PORT, type = CommandType.INTEGER, required = false, description = "the ending port of port forwarding rule's private port range") + private Integer privateEndPort; + @Parameter(name = ApiConstants.PUBLIC_START_PORT, type = CommandType.INTEGER, required = true, description = "the starting port of port forwarding rule's public port range") private Integer publicStartPort; + + @Parameter(name = ApiConstants.PUBLIC_END_PORT, type = CommandType.INTEGER, required = false, description = "the ending port of port forwarding rule's private port range") + private Integer publicEndPort; @IdentityMapper(entityTableName = "vm_instance") @Parameter(name = ApiConstants.VIRTUAL_MACHINE_ID, type = CommandType.LONG, required = true, @@ -93,7 +99,7 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements P // /////////////////////////////////////////////////// public String getEntityTable() { - return "firewall_rules"; + return "firewall_rules"; } public Long getIpAddressId() { @@ -117,7 +123,7 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements P } return null; } - + public Boolean getOpenFirewall() { boolean isVpc = getVpcId() == null ? false : true; if (openFirewall != null) { @@ -154,6 +160,7 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements P return s_name; } + @Override public void execute() throws ResourceUnavailableException { UserContext callerContext = UserContext.current(); @@ -161,16 +168,16 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements P PortForwardingRule rule = null; try { UserContext.current().setEventDetails("Rule Id: " + getEntityId()); - + if (getOpenFirewall()) { success = success && _firewallService.applyFirewallRules(ipAddressId, callerContext.getCaller()); } - + success = success && _rulesService.applyPortForwardingRules(ipAddressId, callerContext.getCaller()); // State is different after the rule is applied, so get new object here rule = _entityMgr.findById(PortForwardingRule.class, getEntityId()); - FirewallRuleResponse fwResponse = new FirewallRuleResponse(); + FirewallRuleResponse fwResponse = new FirewallRuleResponse(); if (rule != null) { fwResponse = _responseGenerator.createPortForwardingRuleResponse(rule); setResponseObject(fwResponse); @@ -178,13 +185,13 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements P fwResponse.setResponseName(getCommandName()); } finally { if (!success || rule == null) { - + if (getOpenFirewall()) { _firewallService.revokeRelatedFirewallRule(getEntityId(), true); } - + _rulesService.revokePortForwardingRule(getEntityId(), true); - + throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to apply port forwarding rule"); } } @@ -213,7 +220,7 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements P @Override public Integer getSourcePortEnd() { - return publicStartPort.intValue(); + return (publicEndPort == null)? publicStartPort.intValue() : publicEndPort.intValue(); } @Override @@ -265,10 +272,10 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements P public Ip getDestinationIpAddress() { return null; } - + @Override public void setDestinationIpAddress(Ip destinationIpAddress) { - return; + return; } @Override @@ -278,7 +285,7 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements P @Override public int getDestinationPortEnd() { - return privateStartPort.intValue(); + return (privateEndPort == null)? privateStartPort.intValue() : privateEndPort.intValue(); } @Override @@ -287,12 +294,12 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements P if (cidrlist != null) { throw new InvalidParameterValueException("Parameter cidrList is deprecated; if you need to open firewall rule for the specific cidr, please refer to createFirewallRule command"); } - + try { PortForwardingRule result = _rulesService.createPortForwardingRule(this, virtualMachineId, getOpenFirewall()); setEntityId(result.getId()); } catch (NetworkRuleConflictException ex) { - s_logger.info("Network rule conflict: ", ex); + s_logger.info("Network rule conflict: " , ex); s_logger.trace("Network Rule Conflict: ", ex); throw new ServerApiException(BaseCmd.NETWORK_RULE_CONFLICT_ERROR, ex.getMessage()); } @@ -332,27 +339,27 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements P } return ip; } - + @Override public Integer getIcmpCode() { return null; } - + @Override public Integer getIcmpType() { return null; } - + @Override public Long getRelated() { return null; } - @Override - public FirewallRuleType getType() { - return FirewallRuleType.User; - } - + @Override + public FirewallRuleType getType() { + return FirewallRuleType.User; + } + @Override public AsyncJob.Type getInstanceType() { return AsyncJob.Type.FirewallRule; diff --git a/api/src/com/cloud/api/commands/RemoveVpnUserCmd.java b/api/src/com/cloud/api/commands/RemoveVpnUserCmd.java index 57a4301c8aa..28fe3670c24 100644 --- a/api/src/com/cloud/api/commands/RemoveVpnUserCmd.java +++ b/api/src/com/cloud/api/commands/RemoveVpnUserCmd.java @@ -113,7 +113,7 @@ public class RemoveVpnUserCmd extends BaseAsyncCmd { throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to remove vpn user"); } - if (!_ravService.applyVpnUsers(owner.getId())) { + if (!_ravService.applyVpnUsers(owner.getId(), userName)) { throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to apply vpn user removal"); } SuccessResponse response = new SuccessResponse(getCommandName()); diff --git a/api/src/com/cloud/api/commands/UpdatePhysicalNetworkCmd.java b/api/src/com/cloud/api/commands/UpdatePhysicalNetworkCmd.java index 30fa5325f0d..a6abc039042 100644 --- a/api/src/com/cloud/api/commands/UpdatePhysicalNetworkCmd.java +++ b/api/src/com/cloud/api/commands/UpdatePhysicalNetworkCmd.java @@ -22,11 +22,9 @@ import org.apache.log4j.Logger; import com.cloud.api.ApiConstants; import com.cloud.api.BaseAsyncCmd; -import com.cloud.api.BaseCmd; import com.cloud.api.IdentityMapper; import com.cloud.api.Implementation; import com.cloud.api.Parameter; -import com.cloud.api.ServerApiException; import com.cloud.api.response.PhysicalNetworkResponse; import com.cloud.async.AsyncJob; import com.cloud.event.EventTypes; @@ -99,13 +97,9 @@ public class UpdatePhysicalNetworkCmd extends BaseAsyncCmd { @Override public void execute(){ PhysicalNetwork result = _networkService.updatePhysicalNetwork(getId(),getNetworkSpeed(), getTags(), getVlan(), getState()); - if (result != null) { - PhysicalNetworkResponse response = _responseGenerator.createPhysicalNetworkResponse(result); - response.setResponseName(getCommandName()); - this.setResponseObject(response); - }else { - throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to update physical network"); - } + PhysicalNetworkResponse response = _responseGenerator.createPhysicalNetworkResponse(result); + response.setResponseName(getCommandName()); + this.setResponseObject(response); } @Override diff --git a/api/src/com/cloud/network/vpn/RemoteAccessVpnService.java b/api/src/com/cloud/network/vpn/RemoteAccessVpnService.java index b1c07a113cf..b2fb34b6831 100644 --- a/api/src/com/cloud/network/vpn/RemoteAccessVpnService.java +++ b/api/src/com/cloud/network/vpn/RemoteAccessVpnService.java @@ -35,7 +35,7 @@ public interface RemoteAccessVpnService { VpnUser addVpnUser(long vpnOwnerId, String userName, String password); boolean removeVpnUser(long vpnOwnerId, String userName); List listVpnUsers(long vpnOwnerId, String userName); - boolean applyVpnUsers(long vpnOwnerId); + boolean applyVpnUsers(long vpnOwnerId, String userName); List searchForRemoteAccessVpns(ListRemoteAccessVpnsCmd cmd); List searchForVpnUsers(ListVpnUsersCmd cmd); diff --git a/api/src/com/cloud/projects/ProjectService.java b/api/src/com/cloud/projects/ProjectService.java index c792f268e01..5834f1ce712 100644 --- a/api/src/com/cloud/projects/ProjectService.java +++ b/api/src/com/cloud/projects/ProjectService.java @@ -93,4 +93,6 @@ public interface ProjectService { Project enableProject(long projectId); boolean deleteProjectInvitation(long invitationId); + + Project findByProjectAccountIdIncludingRemoved(long projectAccountId); } diff --git a/api/src/com/cloud/resource/ResourceState.java b/api/src/com/cloud/resource/ResourceState.java index bb4c7e96ee8..6e0afa6c06c 100755 --- a/api/src/com/cloud/resource/ResourceState.java +++ b/api/src/com/cloud/resource/ResourceState.java @@ -113,6 +113,7 @@ public enum ResourceState { s_fsm.addTransition(ResourceState.ErrorInMaintenance, Event.Disable, ResourceState.Disabled); s_fsm.addTransition(ResourceState.ErrorInMaintenance, Event.DeleteHost, ResourceState.Disabled); s_fsm.addTransition(ResourceState.ErrorInMaintenance, Event.InternalEnterMaintenance, ResourceState.Maintenance); + s_fsm.addTransition(ResourceState.ErrorInMaintenance, Event.AdminCancelMaintenance, ResourceState.Enabled); s_fsm.addTransition(ResourceState.Error, Event.InternalCreated, ResourceState.Error); } } diff --git a/api/src/com/cloud/user/UserAccount.java b/api/src/com/cloud/user/UserAccount.java index 734e16b0f8f..2a6bd4f33e3 100644 --- a/api/src/com/cloud/user/UserAccount.java +++ b/api/src/com/cloud/user/UserAccount.java @@ -56,4 +56,6 @@ public interface UserAccount { String getRegistrationToken(); boolean isRegistered(); + + int getLoginAttempts(); } diff --git a/awsapi/LICENSE.txt b/awsapi/LICENSE.txt deleted file mode 100644 index 6b0b1270ff0..00000000000 --- a/awsapi/LICENSE.txt +++ /dev/null @@ -1,203 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright [yyyy] [name of copyright owner] - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - diff --git a/awsapi/NOTICE.txt b/awsapi/NOTICE.txt deleted file mode 100644 index bd396930715..00000000000 --- a/awsapi/NOTICE.txt +++ /dev/null @@ -1,26 +0,0 @@ -========================================================================= -== NOTICE file corresponding to the section 4 d of == -== the Apache License, Version 2.0, == -== in this case for the Apache Axis2 distribution. == -========================================================================= - -This product includes software developed by -The Apache Software Foundation (http://www.apache.org/). -Portions Copyright 2006 International Business Machines Corp. -Portions Copyright 2005-2007 WSO2, Inc. - -This product also includes schemas and specification developed by: -- the W3C consortium (http://www.w3c.org) - -This product also includes WS-* schemas developed by International -Business Machines Corporation, Microsoft Corporation, BEA Systems, -TIBCO Software, SAP AG, Sonic Software, and VeriSign - -This product also includes a WSDL developed by salesforce.com -- Copyright 1999-2006 salesforce.com, inc. - -Portions of the included xmlbeans library were originally based on the following: -- software copyright (c) 2000-2003, BEA Systems, . - -Please read the different LICENSE files present in the lib directory of -this distribution. diff --git a/awsapi/conf/cloud-bridge.properties b/awsapi/conf/cloud-bridge.properties index 4d1b23f86e7..d0820e840ec 100644 --- a/awsapi/conf/cloud-bridge.properties +++ b/awsapi/conf/cloud-bridge.properties @@ -1,25 +1,25 @@ -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - -host=http://localhost:7080/awsapi -storage.root=/Users/john1/S3-Mount -storage.multipartDir=__multipart__uploads__ -bucket.dns=false -serviceEndpoint=localhost:7080 - - - +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +host=http://localhost:7080/awsapi +storage.root=/Users/john1/S3-Mount +storage.multipartDir=__multipart__uploads__ +bucket.dns=false +serviceEndpoint=localhost:7080 + + + diff --git a/awsapi/docs/AmazonEC2/EC2-API-tool-setup.txt b/awsapi/docs/AmazonEC2/EC2-API-tool-setup.txt deleted file mode 100644 index d75fcee61c1..00000000000 --- a/awsapi/docs/AmazonEC2/EC2-API-tool-setup.txt +++ /dev/null @@ -1,68 +0,0 @@ -Licensed to the Apache Software Foundation (ASF) under one -or more contributor license agreements. See the NOTICE file -distributed with this work for additional information -regarding copyright ownership. The ASF licenses this file -to you under the Apache License, Version 2.0 (the -"License"); you may not use this file except in compliance -with the License. You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, -software distributed under the License is distributed on an -"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -KIND, either express or implied. See the License for the -specific language governing permissions and limitations -under the License. - ------------------------------------------------------------ - - -1. Get the EC2 API tool -http://s3.amazonaws.com/ec2-downloads/ec2-api-tools-1.3-62308.zip. Install it by unzipping it - -2. Prepare a API request certificate, if you have Amazon account, Amazon has the service to let you generate and download a X509 certificate and its associated private key - -3. Prepare EC2 command running environment - -Set following environment variables and make them point to the right location. - -EC2_ACCESS_KEY= -EC2_SECRET_KEY= -EC2_HOME: -EC2_CERT: -EC2_PRIVATE_KEY: -EC2_URL: http:///bridge/AmazonEC2 - -4. Generate CloudStack API key -Login to CloudStack management console, you can generate an API key and its secret key pair there. - -5. Inform CloudBridge about the API/security key pair to use - -http:///bridge/rest/AmazonEC2?Action=SetUserKeys&accesskey=&secretkey= - -6. Upload certificate and associate it with the API key -There is not a convenient tool to do that, this has to be done in manual step. following HTML form can be used to submit the certificate, be sure to replace the content -matching with your setup though. -to ec2-service.properties - - - -Save the cert into Cloud's EC2 Service: -

-

- - - - - - - - - -

- -

- - - diff --git a/awsapi/docs/AmazonEC2/EC2-implementation-guide.html b/awsapi/docs/AmazonEC2/EC2-implementation-guide.html deleted file mode 100644 index 737c669dcbd..00000000000 --- a/awsapi/docs/AmazonEC2/EC2-implementation-guide.html +++ /dev/null @@ -1,164 +0,0 @@ - - - -Cloud.com's EC2 API Implementation Guide - - -

Cloud.com's EC2 API Implementation Guide

-3/24/2011 -

Table of Contents

- -

-

1. Configuration Parameters

-Several configuration parameters are required to make Cloud.com's EC2 service work properly. -The following parameters are defined in the file:
<install directory>"/apache-tomcat-6.0.18/conf/ec2-service.properties": -
-managementServer=192.168.154.36
-cloudAPIPort=8080
-WSDLVersion=2010-08-31
-keystore=xes.keystore
-keystorePass=apache
-dbName=cloudsbridge
-dbUser=root
-dbPassword=
-pollInterval1=100
-pollInterval2=100
-pollInterval3=100
-pollInterval4=1000
-pollInterval5=100
-pollInterval6=100
-
-managementServer - FQDN or IP address of a Cloud.com management server. This is the address that -the EC2 service makes Cloud.com REST API calls against.
-cloudAPIPort - The TCP port that the CloudStack, User API is running on. If this property is not defined, -then no port is used by the EC2 service when it queries the CloudStack.
-WSDLVersion - The string that defines the WSDL used by the SOAP API which the REST API also implements. -This string is compared to the "Version=" parameter on each and every authorized REST request.
-keystore - The file name of the keystore used by EC2 which must be placed at the directory: -"../apache-tomcat-6.0.18/webapps/bridge/WEB-INF/classes"
-keystorePass - The password to the EC2 keystore specified by the "keystore" parameter.
-dbName - The MySql database name holding the EC2 service's required tables.
-dbUser= - The user name used to access the "dbName" MySql database.
-dbPassword - The password (if any) the "dbUser" needs to access the EC2 MySql database.
-pollInterval1 - Time in milliseconds between asynchronous job completion polling for the following Cloud.com -API call: createTemplate. Default value is 100.
-pollInterval2 - Time in milliseconds between asynchronous job completion polling for the following Cloud.com -API call: deployVirtualMachine. Default value is 100.
-pollInterval3 - Time in milliseconds between asynchronous job completion polling for the following Cloud.com -API call: createVolume. Default value is 100.
-pollInterval4 - Time in milliseconds between asynchronous job completion polling for the following Cloud.com -API call: createSnapshot. Default value is 1000.
-pollInterval5 - Time in milliseconds between asynchronous job completion polling for the following Cloud.com -API calls: deleteSnapshot, deleteTemplate, deleteVolume, attachVolume, detachVolume, disassociateIpAddress, enableStaticNat, disableStaticNat. Default value is 100.
-pollInterval6 - Time in milliseconds between asynchronous job completion polling for the following Cloud.com -API calls: startVirtualMachine, destroyVirtualMachine, stopVirtualMachine. Default value is 100.
-

-
-The following REST calls are used to configure a mapping between Amazon's instance types and CloudStack service offerings: -

-http://<fqdn-or-ip>:<port>/bridge/rest/AmazonEC2?Action=SetOfferMapping&amazonoffer=m1.large&cloudoffer=1
-

-The 'amazonoffer' parameter defines the standard Amazon instance types while the 'cloudoffer' parameter defines its associated -CloudStack service offering identifer. The result of this REST call is to save the defined relationship. A second call with the -same value for amazonoffer but with a different cloudoffer value will overwrite a previously saved setting. -
-SetOfferMapping is an authenticated REST call using the same authentication scheme as all other EC2 REST calls. This means that the following standard EC2 REST paramters must also be part of the request: Signature, SignatureMethod, Version, SignatureVersion, and Expires. -A HTTP 200 result code is returned on success and a 404 on failure. -

-http://<fqdn-or-ip>:<port>/bridge/rest/AmazonEC2?Action=DeleteOfferMapping&amazonoffer=m1.large
-

-The result of this REST call is to delete any relationship previously defined by a call to the SetOfferMapping call for the -value passed in the 'amazonoffer' parameter.
-DeleteOfferMapping is an authenticated REST call using the same authentication scheme as all other EC2 REST calls. This means that the following standard EC2 REST paramters must also be part of the request: Signature, SignatureMethod, Version, SignatureVersion, and Expires. -A HTTP 200 result code is returned on success and a 404 on failure. -

-Examples of other Amazon instance types are: -{ "m1.small", "m1.large", "m1.xlarge", "c1.medium", "c1.xlarge", "m2.xlarge", "m2.2xlarge", "m2.4xlarge" }.
-Service offering IDs can be obtained from the following Cloud.com API calls: listServiceOfferings. -Cloud.com's service offerings are configurable and thus can be different per installation, and they -can also be viewed from the Cloud.com's Admin UI. -

-

2. Required 3rd Party Software

-Cloud.com's EC2 service has been built and tested on the following set of 3rd party software: -
-MySql
-apache-tomcat 6.0.18
-axis2 1.5.1
-rampart 1.5 (installed into axis2 for WS-Security)
-used for testing: ec2-api-tools-1.3-53907
-
-

-

3. Maintenance

-As a result of the SetCertificate REST call [1], X509 Certificates used for SOAP authentication are -stored in the following keystore: -
-<install directory>/apache-tomcat-6.0.18/webapps/bridge/WEB-INF/classes/xes.keystore
-
-The keytool [2] command line tool can be used to delete certificates no longer in use. -

-As a result of the SetUserKeys REST call [1], entries are inserted into -the "usercredentials" table of the "cloudbridge" MySql database. -The MySql command line client can be used to delete usercredentials entries no longer in use. -

-

4. Installation Instructions

-

-On the very first install an EC2/S3 MySql database is created by running the following -scripts in the given order: cloudsbridge_db.sql, cloudsbridge_schema.sql, cloudbridge_index.sql -

-After a successful installation the following directory and file structure should exist: -

-<install directory>
-   apache-tomcat-6.0.18
-      conf
-        ec2-service.properties  (EC2 service's configuration parameters)
-        server.xml		
-      lib
-        <many axis2 jar files>	  
-      webapps
-        bridge
-          WEB-INF
-            classes
-               crypto.properties
-               xes.keystore  (holds X509 certificates for SOAP authentication)
-            modules
-               cloud-auth-ec2.mar
-               rampart-1.5.mar 
-               rahas-1.5.mar   
-               addressing-1.5.1.mar
-            services
-               cloud-ec2.aar  (the Axis2 EC2 service)
-
-The "../modules/cloud-auth-ec2.mar" module performs a mapping from an X509 certificate appearing in a SOAP -request (since its signed via WS-Security) to a matching user's Cloud.com API access and secret keys. This association -is first created via the SetUserKeys and SetCertificate REST calls [1]. -

-

5. References

-
    -
  1. Cloud.com's EC2 API User's Guide, 7/15/2010
    2. -
  2. keytool - Key and Certificate Management Tool
    3. -
- - diff --git a/awsapi/docs/AmazonEC2/EC2-local-deploy-using-ant.html b/awsapi/docs/AmazonEC2/EC2-local-deploy-using-ant.html deleted file mode 100644 index 07ba3aa4222..00000000000 --- a/awsapi/docs/AmazonEC2/EC2-local-deploy-using-ant.html +++ /dev/null @@ -1,92 +0,0 @@ - - - -Cloud.com's EC2 local deployment Guide - - -

Cloud.com's EC2 local deployment Guide

-8/30/2010 -8/25/2011 (updated) -

Table of Contents

- -

-

1. Required 3rd Party Software

-1) Following software has to be installed in order to deploy and run cloud-bridge tool: -
-apache-tomcat-6.0.32
-axis2 1.5.1 (http://apache.imghat.com//ws/axis2/1_5/axis2-1.5-bin.zip)
-ant
-java
-mysql
-
-2) Set following environment variables: -
-ANT_HOME
-CATALINA_HOME
-export ANT_HOME
-export JAVA_HOME
-
-3) Go to CATALINA_HOME directory and excute “mkdir temp” (this directory is used for storing temporary axis files) -

-

2. Clone repository

-Clone cloud-bridge repository: -
-git clone git@github.com:alena11081/cloud-bridge.git
-
-

-

3. Build, deploy and run cloud-bridge with ant

-Deployment procedure using ant (build.xml and build-cloud-bridge.xml are config files), execute from cloned cloud-bridge directory:. -
- 
-* ant clean - removes dist directory
-* ant clean-tomcat - cleans up $CATALINA_HOME/webapps/bridge directory
-* ant build-cloud-bridge compiles and places the resulting jars into cloud-bridge/dist:
-
-ls dist/
-cloud-auth-ec2.mar  cloud-auth-s3.mar  cloud-bridge.jar  cloud-ec2.aar  cloud-s3.aar
-
-
-* deploy-axis - copies and unwars cloud-bridge/lib/axis2-webapp-1.5.1.war to $CATALINA_HOME/webapps/bridge directory
-
-ant deploy-cloud-bridge copies files to $CATALINA_HOME/webapps/bridge tomcat directory:
-
-
-- copy cloud-bridge/dist/cloud-ec2.aar and  cloud-s3.aar to $CATALINA_HOME/webapps/bridge/WEB-INF/services
-- copy cloud-bridge/dist/cloud-auth-ec2.mar and cloud-auth-s3.mar to $CATALINA_HOME/webapps/bridge/WEB-INF/modules
-- copy all .mar files from cloud-bridge/modules to $CATALINA_HOME/webapps/bridge/WEB-INF/modules
-- copy cloud-bridge/dist/cloud-bridge.jar to $CATALINA_HOME/webapps/bridge/WEB-INF/lib
-- copy all .jar files from cloud-bridge/lib directory to $CATALINA_HOME/webapps/bridge/WEB-INF/lib
-- copy all .jar files from cloud-bridge/rampartlib directory to $CATALINA_HOME/webapps/bridge/WEB-INF/lib 
-- copy all files from cloud-bridge/conf directory to $CATALINA_HOME/webapps/bridge/WEB-INF/conf
-- copy cloud-bridge/resource/Axis2/axis2.xml to $CATALINA_HOME/webapps/bridge/WEB-INF/conf
-- copy cloud-bridge/web/web.xml to $CATALINA_HOME/webapps/bridge/WEB-INF
-- copy cloud-bridge/resource/AmazonEC2/crypto.properties and xes.keystore to $CATALINA_HOME/webapps/bridge/WEB-INF/classes/
-- remove $CATALINA_HOME/webapps/bridge/WEB-INF/lib/dom4j-1.6.1.jar
-
-
-ant deploydb - execute cloud-bridge/db/mysql/deploy-db-bridge.sh (for Unix). If it's a windows deployment, execute db/mysql/init_db.bat script
-5) Configure ec2-service.properties (see parameters descriptions in resource/AmazonEC2/docs/EC2-implementation-guide.html).
-6) To run application execute "./catalina.sh run" from $CATALINA_HOME/bin directory.
-
-
diff --git a/awsapi/docs/AmazonEC2/EC2-users-guide.html b/awsapi/docs/AmazonEC2/EC2-users-guide.html
deleted file mode 100644
index a51923cc89d..00000000000
--- a/awsapi/docs/AmazonEC2/EC2-users-guide.html
+++ /dev/null
@@ -1,275 +0,0 @@
-
-
-
-Cloud.com's EC2 API User's Guide
-
-
-
Cloud.com's EC2 API User's Guide

-4/17/2010
-
Table of Contents

-
-


-
Part 1. Cloud.com's Specific Implementation Details

-
1. User Registration

-To access Cloud.com's EC2 service via REST follow the instructions in Section 1.1.
-To access Cloud.com's EC2 service via SOAP follow instructions in both Section 1.1 and 1.2 below.  
-

-
1.1 Setting Cloud.com API Keys

-The EC2 service needs to be given the user's Cloud.com API access and secret keys [2] so that it
-can make Cloud.com API calls on the user's behalf.   This is done by the following REST command.
-
-
-http://<fqdn-or-ip>:<port>/bridge/rest/AmazonEC2?Action=SetUserKeys&accesskey=<key>&secretkey=<key>
-

-SetUserKeys is an unauthorized REST call.

-A HTTP 200 result code is returned on success and a 401 on failure.
-

-
1.2 Setting a User's X509 Certificate

-EC2 uses WS-Security [4] for authentication on SOAP access.  WS-Security signs the entire SOAP request 
-using a public/private key pair.   The user of Cloud.com's EC2 service must 
-generate a public/private key pair with the public key defined in an X509
-certificate.   The private key is used by a SOAP client in generating
-the WS-Security signature of a SOAP request.  The matching public key is stored on 
-a server and is used to verify the signature on each request.
-

-The following REST command must be used by a Cloud.com's EC2 service user to
-load their certificate into the service.   No access via the SOAP API is
-possible until this step is performed.  Also for this REST command to be 
-successful the instructions in Section 1.1 must be performed first.
-
-
-http://<fqdn-or-ip>:<port>/bridge/rest/AmazonEC2?Action=SetCertificate&AWSAccessKeyId=<Cloud.com API AccessKey>&cert=<pem encoded cert>
-

-SetCertificate is an authenticated REST call using the same authentication scheme as all other EC2 REST calls.
-This means that the following standard EC2 REST paramters must also be part of the request: Signature, SignatureMethod, Version, 
-SignatureVersion, and Expires [3].

-A HTTP 200 result code is returned on success and a 404 on failure.
-

-An example of a PEM encoded X509 Certificate is [5]:
-
------BEGIN CERTIFICATE-----
-MIICdzCCAeCgAwIBAgIGAPCRHu3UMA0GCSqGSIb3DQEBBQUAMFMxCzAJBgNVBAYT
-AlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMQwwCgYDVQQLEwNBV1MxITAfBgNVBAMT
-GEFXUyBMaW1pdGVkLUFzc3VyYW5jZSBDQTAeFw0xMDA2MjMxODE4MTZaFw0xMTA2
-MjMxODE4MTZaMFIxCzAJBgNVBAYTAlVTMRMwEQYDVQQKEwpBbWF6b24uY29tMRcw
-FQYDVQQLEw5BV1MtRGV2ZWxvcGVyczEVMBMGA1UEAxMMZWZieDQ0eXF1d3E2MIGf
-MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCw+RO1QV7t5EbluyAAD11SoZ4ats5t
-DBSta/QB3G9T0y3p2gURrYMDYVJ1BZmyel/DuMANx6UG6Vw+0o0SXOS3mH8Yu/lO
-OOH9WxWiXulGMIrpPCiUpnWMrWhIlHu8mqLLhBx+5k4I92plMfH97BySunbv9zaf
-ZRKXX3cXIYbUMwIDAQABo1cwVTAOBgNVHQ8BAf8EBAMCBaAwFgYDVR0lAQH/BAww
-CgYIKwYBBQUHAwIwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUCzKwCQvocPYFki/9
-NORZFTsjcZ8wDQYJKoZIhvcNAQEFBQADgYEAXmIe6+XsNHYIiLGQO6dh8nvHHzDw
-3sltNa7z6BSdNr7WDxpJg9oFUcddQVca1LZsjsqx6dIc1WxQUjPE9oOfSYqQZuMD
-/GOpWyXMb/oJ2MLI1Vp1ABKhHoHUJmPOrIou4UbCifMeD7MFZkezkKDqqH3jQMjA
-4YDNkSWLnJ9xba8=
------END CERTIFICATE-----
-

-

-To remove a previously loaded certificate the user can simply execute
-the following REST command.
-
-http://<fqdn-or-ip>:<port>/bridge/rest/AmazonEC2?Action=DeleteCertificate&AWSAccessKeyId=<Cloud.com API AccessKey>
-where the same value for the 'AWSAccessKeyId' parameter as was used in a previous call to SetCertificate.
-

-DeleteCertificate is an authenticated REST call using the same authentication scheme (and having all the same
-required parameters) as all other EC2 REST calls.

-A HTTP 200 result code is returned on success and a 404 on failure.
-

-
2. Endpoints

-For SOAP access the endpoint is:  
-
http://<fqdn-or-ip>:<port>/bridge/services/AmazonEC2

-For REST access the endpoint is:
-
http://<fqdn-or-ip>:<port>/bridge/rest/AmazonEC2

-

-
-
3. Differences between Amazon's and Cloud.com's EC2 Implementations

-EC2's RegisterImage Function
-

-This function maps to the Cloud.com's API "registerTemplate" function [2].   However the registerTemplate function
-requires the following additional parameters that are not present in the RegisterImage function:
-
-format - the format for the template. Possible values include QCOW2, RAW, and VHD.

-osTypeId - the ID of the OS Type that best represents the OS of this template.

-zoneId - the ID of the zone the template is to be hosted on.

-

-These parameters must be provided for a successful registerTemplate call and thus a RegsiterImage call.
-To accomidate these values we have redefined the "architecture" parameter defined for RegisterImage.
-The Amazon defined valid values are: "i386 | x86_64" and it is of type xsd:string.   Neither of these
-defined values has any meaning in the context of the Cloud.com API.
-
-The new definition of the architecture field is a three part value of the form:
-"<format>:<zoneName>:<osTypeName>", where ":" is the field delimitor.   A valid example
-would be: "VHD:ZONE1:Centos 4.5".   Cloud.com's EC2 code translates the "zoneName" value into a valid zoneId,
-and the "osTypeName" value into a matching osTypeId.  In addition, whereas the architecture field
-is optional in Amazon's definition of RegisterImage, it is required in Cloud.com's modified version.
-

-Another difference for the RegisterImage function concerns the use of the "imageLocation" parameter.
-As defined by Amazon [3]: 
-
-imageLocation - a full path to your AMI manifest in Amazon S3 storage.
-

-As defined for Cloud.com's EC2 implementation:
-
-imageLocation - is a URL of where the template is hosted. Possible URL include http:// and https://
-

-

-EC2's DescribeInstances Function
-

-Only the following list of filters are currently supported:
-
-availability-zone
-hypervisor
-image-id
-instance-id
-instance-type
-instance-state-code
-instance-state-name
-ip-address	
-owner-id
-root-device-name	
-

-

-EC2's DescribeVolumes Function
-

-Only the following list of filters are currently supported:
-
-attachment.attach-time
-attachment.device
-attachment.instance-id
-availability-zone
-create-time
-size
-snapshot-id
-status
-volume-id	
-

-

-EC2's DescribeSnapshots Function
-

-Only the following list of filters are currently supported:
-
-owner-alias
-owner-id (here its the CloudStack API key)
-snapshot-id
-start-time
-status
-volume-id
-volume-size
-

-

-

-EC2's DescribeSecurityGroups Function
-

-Only the following list of filters are currently supported:
-
-description
-group-id
-group-name
-ip-permission.cidr
-ip-permission.from-port
-ip-permission.to-port
-ip-permission.protocol
-owner-id
-

-

-
4. Miscellaneous

-The EC2 service provides a Cloud.com extension to obtain the release version of the EC2 software.
-
-
-http://<fqdn-or-ip>:<port>/bridge/rest/AmazonEC2?Action=CloudEC2Version
-

-CloudEC2Version is an unauthorized REST call.

-An example of a valid response from this function is:
-
-<CloudEC2Version>1.01</CloudEC2Version>
-

-


-
Part 2. Generic EC2 Details

-
List of EC2 Functions Implemented

-Refer to the Amazon EC2 documentation [3] for a description of each function.   
-Also see Part1, section 3 above, for differences between Amazon's and Cloud.com's EC2 implementations.
-
-AllocateAddress
-AssociateAddress
-AttachVolume 
-AuthorizeSecurityGroupIngress
-CreateImage 
-CreateSecurityGroup
-CreateSnapshot
-CreateVolume
-DeleteSecurityGroup
-DeleteSnapshot  
-DeleteVolume   
-DeregisterImage   
-DescribeAvailabilityZones  
-DescribeImageAttribute   
-DescribeImages   
-DescribeInstanceAttribute  
-DescribeInstances  
-DescribeSecurityGroups
-DescribeSnapshots   
-DescribeVolumes  
-DetachVolume
-DisassociateAddress  
-ModifyImageAttribute  
-RebootInstances   
-ReleaseAddress
-RegisterImage  
-RevokeSecurityGroupIngress
-ResetImageAttribute   
-RunInstances  
-StartInstances  
-StopInstances  
-TerminateInstances  
-

-

-
Supported WSDL Version

-http://ec2.amazonaws.com/doc/2010-08-31/

-Amazon EC2 Command Line Tool used for testing was version 1.3-57419.
-

-

-
References

-
    
-
  1. Public-key cryptograph
    2. 
-
  2. Cloud.com's Developer API
    3. 
-
  3. Amazon's EC2 API
    4. 
-
  4. WS-Security
    5. 
-
  5. X.509 Certificates
    6. 
-

-
-
diff --git a/awsapi/docs/AmazonEC2/wsdl2java-command-line.txt b/awsapi/docs/AmazonEC2/wsdl2java-command-line.txt
deleted file mode 100644
index c1b68538e9d..00000000000
--- a/awsapi/docs/AmazonEC2/wsdl2java-command-line.txt
+++ /dev/null
@@ -1,21 +0,0 @@
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements.  See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership.  The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied.  See the License for the
-specific language governing permissions and limitations
-under the License.
-
------------------------------------------------------------
-
-To generate the Java AXIS2 classes from the Amazon EC2 wsdl use the following command line:
-C:\axis2-1.5.1\bin>wsdl2java.bat -ss -sd -ssi -g -p com.amazon.ec2 -ns2p "http://ec2.amazonaws.com/doc/2010-08-31/"=com.amazon.ec2 -uri ec2.wsdl
diff --git a/awsapi/docs/AmazonS3/S3-users-guide.html b/awsapi/docs/AmazonS3/S3-users-guide.html
deleted file mode 100644
index adadd8b97fd..00000000000
--- a/awsapi/docs/AmazonS3/S3-users-guide.html
+++ /dev/null
@@ -1,120 +0,0 @@
-
-
-
-Cloud.com's S3 API User's Guide
-
-
-
Cloud.com's S3 API User's Guide

-3/4/2011                   
-
Table of Contents

-
-


-
Part 1. Cloud.com's Specific Implementation Details

-
User Registration

-The S3 service uses the user's Cloud.com API access and secret keys [1] to implement both
-the REST and SOAP authentication algorithms.  This is done by re-using an EC2 provided REST command.   Once
-this URL is invoked the user has registered for both the S3 service and the EC2 REST service.
-
-http://<fqdn-or-ip>:<port>/bridge/rest/AmazonS3?Action=SetUserKeys&accesskey=<key>&secretkey=<key>
-

-SetUserKeys is an unauthorized REST call.

-A HTTP 200 result code is returned on success and a 401 on failure.
-

-

-
Endpoints

-For SOAP access the endpoint is:  
-
http://<fqdn-or-ip>:<port>/bridge/services/AmazonS3

-
-For the SOAP PutObject function with a DIME attachment [3]:
-
http://<fqdn-or-ip>:<port>/bridge/dime/AmazonS3

-
-For REST access the endpoint is:
-
http://<fqdn-or-ip>:<port>/bridge/rest/AmazonS3

-

-
-
Part 2. Generic S3 Details

-
List of S3 Functions Implemented

-Refer to the Amazon S3 documentation [2] for a description of each function.   
-Also see Part1, section 3 above, for a list of unsupported S3 features.
-
-REST calls:
-GET Service
-DELETE Bucket
-GET Bucket
-GET Bucket acl
-GET Bucket versioning
-PUT Bucket
-PUT Bucket acl
-PUT Bucket versioning
-List Multipart Uploads
-DELETE Object
-GET Object
-GET Object acl
-HEAD Object
-POST Object
-PUT Object
-PUT Object (Copy)
-Initiate Multipart Upload
-Upload Part
-Complete Multipart Upload
-Abort Multipart Upload
-List Parts
-
-SOAP calls:
-ListAllMyBuckets
-CreateBucket
-DeleteBucket
-ListBucket
-GetBucketAccessControlPolicy
-SetBucketAccessControlPolicy
-PutObjectInline
-PutObject
-CopyObject
-GetObject
-GetObjectExtended
-DeleteObject
-GetObjectAccessControlPolicy
-SetObjectAccessControlPolicy
-

-

-
Supported WSDL Version

-http://s3.amazonaws.com/doc/2006-03-01/

-

-

-
References

-
    
-
  1. Cloud.com's Developer API
    2. 
-
  2. Amazon's S3 API
    3. 
-
  3. DIME
    4. 
-

-
-
diff --git a/awsapi/docs/AmazonS3/notes.txt b/awsapi/docs/AmazonS3/notes.txt
deleted file mode 100644
index e9a796880c9..00000000000
--- a/awsapi/docs/AmazonS3/notes.txt
+++ /dev/null
@@ -1,29 +0,0 @@
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements.  See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership.  The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied.  See the License for the
-specific language governing permissions and limitations
-under the License.
-
------------------------------------------------------------
-
-Example of headers for a rest call of copyObject
-
-Authorization: AWS Mark:djdjdjdjdjdjdjdj\n
-Host: Henry2.s3.amazonaws.com\n
-x-amz-copy-source: /Henry1/test1\n
-x-amz-metadata-directive: REPLACE\n
-x-amz-meta-hight: 55 feet\n
-x-amz-meta-width: 13 yards\n
-x-amz-meta-weight: 4 tons\n
-x-amz-acl: public-read\n
diff --git a/awsapi/docs/AmazonS3/wsdl2java-command-line.txt b/awsapi/docs/AmazonS3/wsdl2java-command-line.txt
deleted file mode 100644
index d22b8529502..00000000000
--- a/awsapi/docs/AmazonS3/wsdl2java-command-line.txt
+++ /dev/null
@@ -1,66 +0,0 @@
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements.  See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership.  The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied.  See the License for the
-specific language governing permissions and limitations
-under the License.
-
------------------------------------------------------------
-
-To generate the Java AXIS2 classes from the Amazon EC2 wsdl use the following command line, assuming source definitions in the local directory:
-$ wsdl2java.sh -ss -sd -ssi -g -p com.amazon.s3 -ns2p "http://s3.amazonaws.com/doc/2006-03-01/"=com.amazon.s3 -uri cloud-AmazonS3.wsdl
-
-This runs the wsdl2java code generation tool to produce stubs with asynchronous invocation methods, such as those useful for REST using the com.amazon.s3 package.
-
-This creates the following java source files in the src/com/amazon/s3 subdirectory …
-
-AccessControlList.java				ListAllMyBucketsResponse.java
-AccessControlPolicy.java			ListAllMyBucketsResult.java
-AmazonCustomerByEmail.java			ListBucket.java
-AmazonS3CallbackHandler.java			ListBucketResponse.java
-AmazonS3MessageReceiverInOut.java		ListBucketResult.java
-AmazonS3Skeleton.java				ListEntry.java
-AmazonS3SkeletonInterface.java			ListVersionsResponse.java
-AmazonS3Stub.java				ListVersionsResult.java
-BucketLoggingStatus.java			ListVersionsResultChoice_type0.java
-CanonicalUser.java				LocationConstraint.java
-CopyObject.java					LoggingSettings.java
-CopyObjectResponse.java				MetadataDirective.java
-CopyObjectResult.java				MetadataEntry.java
-CreateBucket.java				MfaDeleteStatus.java
-CreateBucketConfiguration.java			NotificationConfiguration.java
-CreateBucketResponse.java			Payer.java
-CreateBucketResult.java				Permission.java
-DeleteBucket.java				PostResponse.java
-DeleteBucketResponse.java			PrefixEntry.java
-DeleteMarkerEntry.java				PutObject.java
-DeleteObject.java				PutObjectInline.java
-DeleteObjectResponse.java			PutObjectInlineResponse.java
-ExtensionMapper.java				PutObjectResponse.java
-GetBucketAccessControlPolicy.java		PutObjectResult.java
-GetBucketAccessControlPolicyResponse.java	RequestPaymentConfiguration.java
-GetBucketLoggingStatus.java			Result.java
-GetBucketLoggingStatusResponse.java		SetBucketAccessControlPolicy.java
-GetObject.java					SetBucketAccessControlPolicyResponse.java
-GetObjectAccessControlPolicy.java		SetBucketLoggingStatus.java
-GetObjectAccessControlPolicyResponse.java	SetBucketLoggingStatusResponse.java
-GetObjectExtended.java				SetObjectAccessControlPolicy.java
-GetObjectExtendedResponse.java			SetObjectAccessControlPolicyResponse.java
-GetObjectResponse.java				Status.java
-GetObjectResult.java				StorageClass.java
-Grant.java					TopicConfiguration.java
-Grantee.java					User.java
-Group.java					VersionEntry.java
-ListAllMyBuckets.java				VersioningConfiguration.java
-ListAllMyBucketsEntry.java			VersioningStatus.java
-ListAllMyBucketsList.java
diff --git a/awsapi/pom.xml b/awsapi/pom.xml
index dec3a827e18..10b9c9be5b5 100644
--- a/awsapi/pom.xml
+++ b/awsapi/pom.xml
@@ -16,16 +16,15 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-awsapi
-  4.0.0-SNAPSHOT
   Apache CloudStack AWS API Bridge
+  war
   
     org.apache.cloudstack
     cloudstack
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
   
   
     
@@ -38,6 +37,11 @@
       axis2
       ${cs.axis2.version}
     
+    
+      org.apache.axis2
+      axis2-adb
+      ${cs.axis2.version}
+    
     
       org.apache.axis2
       axis2-webapp
@@ -46,7 +50,7 @@
     
     
       org.apache.ws.commons.axiom
-      axiom-api
+      axiom-impl
       ${cs.axiom.version}
     
     
@@ -58,6 +62,16 @@
       org.apache.neethi
       neethi
       ${cs.neethi.version}
+      
+        
+          org.apache.ws.commons.axiom
+          axiom-api
+        
+        
+          org.apache.ws.commons.axiom
+          axiom-impl
+        
+            
     
     
       com.google.code.gson
@@ -100,6 +114,10 @@
            bouncycastle
            bcprov-jdk14
         
+        
+           org.apache.xalan
+           xalan
+        
       
     
     
@@ -112,6 +130,10 @@
            bouncycastle
            bcprov-jdk14
         
+        
+           org.apache.xalan
+           xalan
+        
       
     
     
@@ -119,35 +141,53 @@
         rampart-core
         ${cs.rampart.version}
         runtime
+      
+        
+           org.apache.xalan
+           xalan
+        
+      
     
     
         org.apache.rampart
         rampart-policy
         ${cs.rampart.version}
         runtime
+      
+        
+           org.apache.xalan
+           xalan
+        
+      
     
     
         org.apache.rampart
         rampart-trust
         ${cs.rampart.version}
         runtime
+      
+        
+           org.apache.xalan
+           xalan
+        
+      
     
     
         org.slf4j
         slf4j-jdk14
-        1.5.11
+        1.6.1
         runtime
     
     
         org.slf4j
         slf4j-api
-        1.5.11
+        1.6.1
         runtime
     
     
         org.apache.ws.security
         wss4j
-        1.5.8
+        1.6.1
         runtime
     
     
@@ -192,6 +232,12 @@
         1.45
         runtime
     
+    
+      mysql
+      mysql-connector-java
+      5.1.21
+      runtime
+        
   
   
     install
@@ -203,6 +249,9 @@
           **/*.java
         
       
+      
+          ../utils/conf/
+            
     
     
       
@@ -254,6 +303,22 @@
           
         
       
+      
+        org.mortbay.jetty
+        maven-jetty-plugin
+        6.1.26
+        
+          
+            
+              7080
+              60000
+            
+          
+          /awsapi
+          ${basedir}/web/web.xml
+          ${basedir}/target/cloud-awsapi-${project.version}
+        
+            
     
     
     
-    	
-    		
-    		
-    			org.eclipse.m2e
-    			lifecycle-mapping
-    			1.0.0
-    			
-    				
-    					
-    						
-    							
-    								
-    									org.apache.maven.plugins
-    								
-    								
-    									maven-dependency-plugin
-    								
-    								
-    									[2.5.1,)
-    								
-    								
-    									copy-dependencies
-    								
-    							
-    							
-    								
-    							
-    						
-    					
-    				
-    			
-    		
-    	
+      
+        
+          org.eclipse.m2e
+          lifecycle-mapping
+          1.0.0
+          
+            
+              
+                
+                  
+                    
+                      org.apache.maven.plugins
+                    
+                    
+                      maven-antrun-plugin
+                    
+                    [1.7,)
+                    
+                      run
+                    
+                  
+                  
+                    
+                  
+                
+                
+                  
+                    org.apache.maven.plugins
+                    maven-dependency-plugin
+                    [2.0,)
+                    
+                      copy-dependencies
+                    
+                  
+                  
+                    
+                  
+                
+              
+            
+          
+        
+      
     
   
 
diff --git a/awsapi/resource/AmazonEC2/crypto.properties b/awsapi/resource/AmazonEC2/crypto.properties
index f55bea830b7..77a9eedd317 100644
--- a/awsapi/resource/AmazonEC2/crypto.properties
+++ b/awsapi/resource/AmazonEC2/crypto.properties
@@ -1,24 +1,24 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-# 
-#   http://www.apache.org/licenses/LICENSE-2.0
-# 
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
-org.apache.ws.security.crypto.merlin.keystore.type=jks
-org.apache.ws.security.crypto.merlin.keystore.password=apache
-org.apache.ws.security.crypto.merlin.keystore.alias=xeskey
-org.apache.ws.security.crypto.merlin.alias.password=apache
-org.apache.ws.security.crypto.merlin.file=xes.keystore
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+# 
+#   http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+
+org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
+org.apache.ws.security.crypto.merlin.keystore.type=jks
+org.apache.ws.security.crypto.merlin.keystore.password=apache
+org.apache.ws.security.crypto.merlin.keystore.alias=xeskey
+org.apache.ws.security.crypto.merlin.alias.password=apache
+org.apache.ws.security.crypto.merlin.file=xes.keystore
diff --git a/awsapi/resource/Axis2/axis2.xml b/awsapi/resource/Axis2/axis2.xml
index f94540008b7..f5e9308be1a 100644
--- a/awsapi/resource/Axis2/axis2.xml
+++ b/awsapi/resource/Axis2/axis2.xml
@@ -1,561 +1,561 @@
-
-
-
-    
-    
-    
-    true
-    false
-    false
-    false
-
-    
-    
-
-    
-    
-
-
-    
-    
-    
-    
-    
-
-    
-    30000
-
-    
-    
-    false
-
-    
-    
-    
-    
-    false
-
-    admin
-    axis2
-
-    
-    
-    
-    
-    
-
-    
-    
-    
-    
-
-
-    
-    
-    
-
-    
-    
-    
-    
-    
-
-    
-    false
-
-    
-    false
-
-    
-    
-    
-    
-
-    
-    
-
-    
-
-
-    
-    
-
-    
-    
-    
-
-
-    
-    
-    
-    
-
-    
-        
-    
-
-    
-    
-    
-    
-    
-    
-    
-    
-        
-        
-        
-        
-        
-        
-    
-
-    
-    
-    
-    
-    
-    
-        
-        
-        
-        
-        
-    
-
-    
-    
-    
-    
-    
-    
-        
-        
-        
-    
-
-    
-    
-    
-    
-        8080
-        
-        
-        
-        
-        
-        
-        
-        
-        
-    
-
-    
-    >
-    
-    
-    
-    
-
-    
-    
-    
-
-    
-    
-    
-    
-        HTTP/1.1
-        chunked
-
-        
-        
-    
-
-    
-        HTTP/1.1
-        chunked
-    
-
-    
-    
-
-    
-    
-    
-    
-    
-
-    
-    
-    
-    
-
-    
-    
-    
-    
-    
-
-        
-        true
-
-        
-        true
-
-        
-        
-
-        
-        multicast
-
-        
-        apache.axis2.domain
-
-        
-        apache.axis2.application.domain
-
-        
-        true
-
-        
-        10
-
-        
-        228.0.0.4
-
-        
-        45564
-
-        
-        500
-
-        
-        3000
-
-        
-        127.0.0.1
-
-        
-        127.0.0.1
-
-        
-        4000
-
-        
-        true
-
-        
-        true
-
-        
-        
-            
-                127.0.0.1
-                4000
-            
-            
-                127.0.0.1
-                4001
-            
-        
-
-        
-        
-            
-        
-
-        
-        
-            
-        
-
-        
-        
-            
-            
-                
-                    
-                    
-                
-                
-                    
-                    
-                
-                
-                    
-                
-                
-                    
-                
-            
-        
-    
-
-    
-    
-    
-    
-        
-        
-            
-                
-            
-            
-                
-            
-        
-        
-            
-                
-            
-        
-        
-        
-		      
-                    
-              
-           
-        
-        
-        
-            
-            
-            
-            
-            
-            
-            
-        
-        
-        
-        
-        
-            
-                
-            
-        
-   	    
-		      
-                    
-              
-        
-        
-    
-    
-        
-        
-        
-        
-        
-        
-        
-        
-        
-    
-    
-        
-            
-                
-            
-        
-        
-        
-        
-            
-            
-            
-            
-            
-            
-            
-        
-        
-        
-        
-        
-    
-    
-        
-        
-        
-        
-        
-        
-        
-    
-
-
+
+
+
+    
+    
+    
+    true
+    false
+    false
+    false
+
+    
+    
+
+    
+    
+
+
+    
+    
+    
+    
+    
+
+    
+    30000
+
+    
+    
+    false
+
+    
+    
+    
+    
+    false
+
+    admin
+    axis2
+
+    
+    
+    
+    
+    
+
+    
+    
+    
+    
+
+
+    
+    
+    
+
+    
+    
+    
+    
+    
+
+    
+    false
+
+    
+    false
+
+    
+    
+    
+    
+
+    
+    
+
+    
+
+
+    
+    
+
+    
+    
+    
+
+
+    
+    
+    
+    
+
+    
+        
+    
+
+    
+    
+    
+    
+    
+    
+    
+    
+        
+        
+        
+        
+        
+        
+    
+
+    
+    
+    
+    
+    
+    
+        
+        
+        
+        
+        
+    
+
+    
+    
+    
+    
+    
+    
+        
+        
+        
+    
+
+    
+    
+    
+    
+        8080
+        
+        
+        
+        
+        
+        
+        
+        
+        
+    
+
+    
+    >
+    
+    
+    
+    
+
+    
+    
+    
+
+    
+    
+    
+    
+        HTTP/1.1
+        chunked
+
+        
+        
+    
+
+    
+        HTTP/1.1
+        chunked
+    
+
+    
+    
+
+    
+    
+    
+    
+    
+
+    
+    
+    
+    
+
+    
+    
+    
+    
+    
+
+        
+        true
+
+        
+        true
+
+        
+        
+
+        
+        multicast
+
+        
+        apache.axis2.domain
+
+        
+        apache.axis2.application.domain
+
+        
+        true
+
+        
+        10
+
+        
+        228.0.0.4
+
+        
+        45564
+
+        
+        500
+
+        
+        3000
+
+        
+        127.0.0.1
+
+        
+        127.0.0.1
+
+        
+        4000
+
+        
+        true
+
+        
+        true
+
+        
+        
+            
+                127.0.0.1
+                4000
+            
+            
+                127.0.0.1
+                4001
+            
+        
+
+        
+        
+            
+        
+
+        
+        
+            
+        
+
+        
+        
+            
+            
+                
+                    
+                    
+                
+                
+                    
+                    
+                
+                
+                    
+                
+                
+                    
+                
+            
+        
+    
+
+    
+    
+    
+    
+        
+        
+            
+                
+            
+            
+                
+            
+        
+        
+            
+                
+            
+        
+        
+        
+		      
+                    
+              
+           
+        
+        
+        
+            
+            
+            
+            
+            
+            
+            
+        
+        
+        
+        
+        
+            
+                
+            
+        
+   	    
+		      
+                    
+              
+        
+        
+    
+    
+        
+        
+        
+        
+        
+        
+        
+        
+        
+    
+    
+        
+            
+                
+            
+        
+        
+        
+        
+            
+            
+            
+            
+            
+            
+            
+        
+        
+        
+        
+        
+    
+    
+        
+        
+        
+        
+        
+        
+        
+    
+
+
diff --git a/awsapi/scripts/run.bat b/awsapi/scripts/run.bat
index 437a37f8b83..453e74f8b31 100644
--- a/awsapi/scripts/run.bat
+++ b/awsapi/scripts/run.bat
@@ -1,18 +1,18 @@
-rem  Licensed to the Apache Software Foundation (ASF) under one
-rem  or more contributor license agreements.  See the NOTICE file
-rem  distributed with this work for additional information
-rem  regarding copyright ownership.  The ASF licenses this file
-rem  to you under the Apache License, Version 2.0 (the
-rem  "License"); you may not use this file except in compliance
-rem  with the License.  You may obtain a copy of the License at
-rem  
-rem    http://www.apache.org/licenses/LICENSE-2.0
-rem  
-rem  Unless required by applicable law or agreed to in writing,
-rem  software distributed under the License is distributed on an
-rem  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-rem  KIND, either express or implied.  See the License for the
-rem  specific language governing permissions and limitations
-rem  under the License.
-
-java -cp cloud-tool.jar;./lib/XmlSchema-1.4.3.jar;./lib/antlr-2.7.6.jar;./lib/apache-log4j-extras-1.0.jar;./lib/axiom-api-1.2.8.jar;./lib/axiom-impl-1.2.8.jar;./lib/axis2-adb-1.5.1.jar;./lib/axis2-ant-plugin-1.5.1.jar;./lib/axis2-jaxbri-1.5.1.jar;./lib/axis2-jaxws-1.5.1.jar;./lib/axis2-jibx-1.5.1.jar;./lib/axis2-json-1.5.1.jar;./lib/axis2-kernel-1.5.1.jar;./lib/axis2-transport-http-1.5.1.jar;./lib/axis2-transport-local-1.5.1.jar;./lib/commons-codec-1.3.jar;./lib/commons-collections-3.1.jar;./lib/commons-fileupload-1.2.jar;./lib/commons-httpclient-3.1.jar;./lib/commons-io-1.4.jar;./lib/commons-logging-1.1.1.jar;./lib/dom4j-1.6.1.jar;./lib/hibernate3.jar;./lib/httpcore-4.0.jar;./lib/javassist-3.9.0.GA.jar;./lib/jta-1.1.jar;./lib/junit-4.8.1.jar;./lib/log4j-1.2.15.jar;./lib/mail-1.4.jar;./lib/mysql-connector-java-5.1.7-bin.jar;./lib/neethi-2.0.4.jar;./lib/servlet-api.jar;./lib/slf4j-api-1.5.11.jar;./lib/slf4j-simple-1.5.11.jar;./lib/wsdl4j-1.6.2.jar com.cloud.gate.tool.CloudS3CmdTool %*
+rem  Licensed to the Apache Software Foundation (ASF) under one
+rem  or more contributor license agreements.  See the NOTICE file
+rem  distributed with this work for additional information
+rem  regarding copyright ownership.  The ASF licenses this file
+rem  to you under the Apache License, Version 2.0 (the
+rem  "License"); you may not use this file except in compliance
+rem  with the License.  You may obtain a copy of the License at
+rem  
+rem    http://www.apache.org/licenses/LICENSE-2.0
+rem  
+rem  Unless required by applicable law or agreed to in writing,
+rem  software distributed under the License is distributed on an
+rem  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+rem  KIND, either express or implied.  See the License for the
+rem  specific language governing permissions and limitations
+rem  under the License.
+
+java -cp cloud-tool.jar;./lib/XmlSchema-1.4.3.jar;./lib/antlr-2.7.6.jar;./lib/apache-log4j-extras-1.0.jar;./lib/axiom-api-1.2.8.jar;./lib/axiom-impl-1.2.8.jar;./lib/axis2-adb-1.5.1.jar;./lib/axis2-ant-plugin-1.5.1.jar;./lib/axis2-jaxbri-1.5.1.jar;./lib/axis2-jaxws-1.5.1.jar;./lib/axis2-jibx-1.5.1.jar;./lib/axis2-json-1.5.1.jar;./lib/axis2-kernel-1.5.1.jar;./lib/axis2-transport-http-1.5.1.jar;./lib/axis2-transport-local-1.5.1.jar;./lib/commons-codec-1.3.jar;./lib/commons-collections-3.1.jar;./lib/commons-fileupload-1.2.jar;./lib/commons-httpclient-3.1.jar;./lib/commons-io-1.4.jar;./lib/commons-logging-1.1.1.jar;./lib/dom4j-1.6.1.jar;./lib/hibernate3.jar;./lib/httpcore-4.0.jar;./lib/javassist-3.9.0.GA.jar;./lib/jta-1.1.jar;./lib/junit-4.8.1.jar;./lib/log4j-1.2.15.jar;./lib/mail-1.4.jar;./lib/mysql-connector-java-5.1.7-bin.jar;./lib/neethi-2.0.4.jar;./lib/servlet-api.jar;./lib/slf4j-api-1.5.11.jar;./lib/slf4j-simple-1.5.11.jar;./lib/wsdl4j-1.6.2.jar com.cloud.gate.tool.CloudS3CmdTool %*
diff --git a/awsapi/src/com/cloud/bridge/persist/dao/CloudStackConfigurationDaoImpl.java b/awsapi/src/com/cloud/bridge/persist/dao/CloudStackConfigurationDaoImpl.java
index c49f612bb43..63330428159 100644
--- a/awsapi/src/com/cloud/bridge/persist/dao/CloudStackConfigurationDaoImpl.java
+++ b/awsapi/src/com/cloud/bridge/persist/dao/CloudStackConfigurationDaoImpl.java
@@ -52,7 +52,12 @@ public class CloudStackConfigurationDaoImpl extends GenericDaoBase sc = NameSearch.create();
 			sc.setParameters("name", name);
-			return findOneBy(sc).getValue();
+			CloudStackConfigurationVO configItem = findOneBy(sc);
+			if (configItem == null) {
+				s_logger.warn("No configuration item found with name " + name);
+				return null;
+			}
+			return configItem.getValue();
         }finally {
 		
 		}
diff --git a/awsapi/src/com/cloud/bridge/service/EC2MainServlet.java b/awsapi/src/com/cloud/bridge/service/EC2MainServlet.java
index dceb665d1f2..60da11a2f1a 100644
--- a/awsapi/src/com/cloud/bridge/service/EC2MainServlet.java
+++ b/awsapi/src/com/cloud/bridge/service/EC2MainServlet.java
@@ -65,7 +65,7 @@ public class EC2MainServlet extends HttpServlet{
     		}
     		logger.info("Value of EC2 API Flag ::" + value);
 		}catch(Exception e){
-		    throw new ServletException("Error initializing awsapi: " + e.getMessage());
+		    throw new ServletException("Error initializing awsapi: " + e.getMessage(), e);
 		}
 	}
 	
diff --git a/awsapi/test/html/certSubmit.html b/awsapi/test/html/certSubmit.html
index 00cb5b7f882..edbfa68da47 100644
--- a/awsapi/test/html/certSubmit.html
+++ b/awsapi/test/html/certSubmit.html
@@ -1,37 +1,37 @@
-
-
-
-Save the cert into Cloud's EC2 Service:
-

-

-
-
-
-
-
-
-
-
-
-

-
-

-
-
+
+
+
+Save the cert into Cloud's EC2 Service:
+

+

+
+
+
+
+
+
+
+
+
+

+
+

+
+
diff --git a/awsapi/test/html/testRestURL.txt b/awsapi/test/html/testRestURL.txt
index 3153aa7715b..58ef3f247cc 100644
--- a/awsapi/test/html/testRestURL.txt
+++ b/awsapi/test/html/testRestURL.txt
@@ -1,44 +1,44 @@
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements.  See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership.  The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied.  See the License for the
-specific language governing permissions and limitations
-under the License.
-
------------------------------------------------------------
-
-      http://localhost:8080/gate/rest/AmazonEC2?Action=DescribeInstances&SignatureVersion=2&SignatureMethod=HmacSHA256&Version=2009-11-30&Timestamp=2010-01-07T15%3A23%3A03Z&Expires=2010-11-07T15%3A23%3A03Z&AWSAccessKeyId=O4O0Niu98EvraLKH2o8SFNMQlXZvuE5ueMDR9CHU5WA2-qv4PEQkgMcrtrNs6eHYwpLySev4Hi03_YXiHz4gGg&Signature=lyHOvu2LNxjLHIAlQo3F0JNSDtuCtqHtAX786cCZDFI=
-
-
-
-10:44:35,804  INFO EC2RestServlet:? - Request parameter Expires:2010-11-07T15:23
-:03Z
-10:44:36,197 ERROR RestAuth:? - Signature mismatch, [+fhKzW5k+O33zWoJ6dUmmo9ycZi
-td62M0Lwicz2jT2s=] [lyHOvu2LNxjLHIAlQo3F0JNSDtuCtqHtAX786cCZDFI=] over [GET
-localhost:8080
-/gate/rest/AmazonEC2
-AWSAccessKeyId=O4O0Niu98EvraLKH2o8SFNMQlXZvuE5ueMDR9CHU5WA2-qv4PEQkgMcrtrNs6eHYw
-pLySev4Hi03_YXiHz4gGg&Action=DescribeInstances&Expires=2010-11-07T15%3A23%3A03Z&
-SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2010-01-07T15%3A23%3A03Z
-&Version=2009-11-30]
-
-
-From usercredentials table:
------------------------+
-|  4 | O4O0Niu98EvraLKH2o8SFNMQlXZvuE5ueMDR9CHU5WA2-qv4PEQkgMcrtrNs6eHYwpLySev4H
-i03_YXiHz4gGg | EmskZDLp5EmwPQDzHtA2CK3heW12keN-YTTrO39Iz2Qfk8fmtkFih95B7xexhAat
-rlQ5ioNns4iT9qav3WzmrQ | CN=AWS Limited-Assurance CA, OU=AWS, O=Amazon.com, C=US
-, serial=1033226874324 |
-+----+--------------------------------------------------------------------------
-
-EmskZDLp5EmwPQDzHtA2CK3heW12keN-YTTrO39Iz2Qfk8fmtkFih95B7xexhAatrlQ5ioNns4iT9qav3WzmrQ
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements.  See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership.  The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License.  You may obtain a copy of the License at
+
+  http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied.  See the License for the
+specific language governing permissions and limitations
+under the License.
+
+-----------------------------------------------------------
+
+      http://localhost:8080/gate/rest/AmazonEC2?Action=DescribeInstances&SignatureVersion=2&SignatureMethod=HmacSHA256&Version=2009-11-30&Timestamp=2010-01-07T15%3A23%3A03Z&Expires=2010-11-07T15%3A23%3A03Z&AWSAccessKeyId=O4O0Niu98EvraLKH2o8SFNMQlXZvuE5ueMDR9CHU5WA2-qv4PEQkgMcrtrNs6eHYwpLySev4Hi03_YXiHz4gGg&Signature=lyHOvu2LNxjLHIAlQo3F0JNSDtuCtqHtAX786cCZDFI=
+
+
+
+10:44:35,804  INFO EC2RestServlet:? - Request parameter Expires:2010-11-07T15:23
+:03Z
+10:44:36,197 ERROR RestAuth:? - Signature mismatch, [+fhKzW5k+O33zWoJ6dUmmo9ycZi
+td62M0Lwicz2jT2s=] [lyHOvu2LNxjLHIAlQo3F0JNSDtuCtqHtAX786cCZDFI=] over [GET
+localhost:8080
+/gate/rest/AmazonEC2
+AWSAccessKeyId=O4O0Niu98EvraLKH2o8SFNMQlXZvuE5ueMDR9CHU5WA2-qv4PEQkgMcrtrNs6eHYw
+pLySev4Hi03_YXiHz4gGg&Action=DescribeInstances&Expires=2010-11-07T15%3A23%3A03Z&
+SignatureMethod=HmacSHA256&SignatureVersion=2&Timestamp=2010-01-07T15%3A23%3A03Z
+&Version=2009-11-30]
+
+
+From usercredentials table:
+-----------------------+
+|  4 | O4O0Niu98EvraLKH2o8SFNMQlXZvuE5ueMDR9CHU5WA2-qv4PEQkgMcrtrNs6eHYwpLySev4H
+i03_YXiHz4gGg | EmskZDLp5EmwPQDzHtA2CK3heW12keN-YTTrO39Iz2Qfk8fmtkFih95B7xexhAat
+rlQ5ioNns4iT9qav3WzmrQ | CN=AWS Limited-Assurance CA, OU=AWS, O=Amazon.com, C=US
+, serial=1033226874324 |
++----+--------------------------------------------------------------------------
+
+EmskZDLp5EmwPQDzHtA2CK3heW12keN-YTTrO39Iz2Qfk8fmtkFih95B7xexhAatrlQ5ioNns4iT9qav3WzmrQ
diff --git a/awsapi/web/web.xml b/awsapi/web/web.xml
index 288196f943c..a5b02072c3d 100644
--- a/awsapi/web/web.xml
+++ b/awsapi/web/web.xml
@@ -1,145 +1,145 @@
-
-
-
-
-
-
-
-    CloudBridge
-    
-        EC2MainServlet
-        EC2 Main Servlet
-        com.cloud.bridge.service.EC2MainServlet
-        1
-    
-    
-        AxisServlet
-        Apache-Axis Servlet
-        org.apache.axis2.transport.http.AxisServlet
-        
-        
-        
-        
-        
-        
-        
-        
-        
-        
-        2
-    
-    
-        AxisAdminServlet
-        Apache-Axis AxisAdmin Servlet (Web Admin)
-        
-            org.apache.axis2.webapp.AxisAdminServlet
-    
-    
-        CloudBridgeS3Servlet
-        Cloud.com Bridge S3 Service REST Servlet
-        com.cloud.bridge.service.S3RestServlet
-        
-            readonly
-            false
-        
-    
-    
-        CloudBridgeEC2Servlet
-        Cloud.com Bridge EC2 Service REST Servlet
-        com.cloud.bridge.service.EC2RestServlet
-    
-
-    
-        CloudBridgeS3Servlet
-        /rest/AmazonS3
-    
-
-   
-        CloudBridgeS3Servlet
-        /rest/AmazonS3/*
-    
-    
-    
-        CloudBridgeS3Servlet
-        /dime/AmazonS3
-    
-   
-     
-    
-        CloudBridgeEC2Servlet
-        /rest/AmazonEC2/*
-    
-    
-    
-    
-        CloudBridgeEC2Servlet
-        /rest/AmazonEC2
-    
-    
-    
-        AxisServlet
-        /servlet/AxisServlet
-    
-
-    
-        AxisServlet
-        *.jws
-    
-
-    
-        AxisServlet
-        /services/*
-    
-
-    
-        AxisAdminServlet
-        /axis2-admin/*
-    
-
-     
-        EC2MainServlet
-        /
-     
-     
-        EC2MainServlet
-        /*
-     
-
-    
-        inc
-        text/plain
-    
-
-   
-      index.jsp
-      index.html
-      /axis2-web/index.jsp
-    
-
-    
-      404
-      /axis2-web/Error/error404.jsp
-    
-
-    
-        500
-        /axis2-web/Error/error500.jsp
-    
-
+
+
+
+
+
+
+
+    CloudBridge
+    
+        EC2MainServlet
+        EC2 Main Servlet
+        com.cloud.bridge.service.EC2MainServlet
+        1
+    
+    
+        AxisServlet
+        Apache-Axis Servlet
+        org.apache.axis2.transport.http.AxisServlet
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        
+        2
+    
+    
+        AxisAdminServlet
+        Apache-Axis AxisAdmin Servlet (Web Admin)
+        
+            org.apache.axis2.webapp.AxisAdminServlet
+    
+    
+        CloudBridgeS3Servlet
+        Cloud.com Bridge S3 Service REST Servlet
+        com.cloud.bridge.service.S3RestServlet
+        
+            readonly
+            false
+        
+    
+    
+        CloudBridgeEC2Servlet
+        Cloud.com Bridge EC2 Service REST Servlet
+        com.cloud.bridge.service.EC2RestServlet
+    
+
+    
+        CloudBridgeS3Servlet
+        /rest/AmazonS3
+    
+
+   
+        CloudBridgeS3Servlet
+        /rest/AmazonS3/*
+    
+    
+    
+        CloudBridgeS3Servlet
+        /dime/AmazonS3
+    
+   
+     
+    
+        CloudBridgeEC2Servlet
+        /rest/AmazonEC2/*
+    
+    
+    
+    
+        CloudBridgeEC2Servlet
+        /rest/AmazonEC2
+    
+    
+    
+        AxisServlet
+        /servlet/AxisServlet
+    
+
+    
+        AxisServlet
+        *.jws
+    
+
+    
+        AxisServlet
+        /services/*
+    
+
+    
+        AxisAdminServlet
+        /axis2-admin/*
+    
+
+     
+        EC2MainServlet
+        /
+     
+     
+        EC2MainServlet
+        /*
+     
+
+    
+        inc
+        text/plain
+    
+
+   
+      index.jsp
+      index.html
+      /axis2-web/index.jsp
+    
+
+    
+      404
+      /axis2-web/Error/error404.jsp
+    
+
+    
+        500
+        /axis2-web/Error/error500.jsp
+    
+
diff --git a/build/build-aws-api.xml b/build/build-aws-api.xml
index d5bf729a9c6..d260debc015 100644
--- a/build/build-aws-api.xml
+++ b/build/build-aws-api.xml
@@ -225,7 +225,7 @@
 		
 			
 				
-				
+				
                                 
 			
 		
@@ -299,7 +299,7 @@
 			
 			
 				
-				
+				
 			
 		
 		
@@ -374,7 +374,7 @@
 			 -->
 			
 				
-				
+				
 			
 		
 		
diff --git a/client/WEB-INF/classes/resources/messages.properties b/client/WEB-INF/classes/resources/messages.properties
index 1535c314f3a..454974d4654 100644
--- a/client/WEB-INF/classes/resources/messages.properties
+++ b/client/WEB-INF/classes/resources/messages.properties
@@ -17,8 +17,8 @@
 
 
 #new labels (begin) **********************************************************************************************
-
-
+label.isolation.uri=Isolation URI
+label.broadcast.uri=Broadcast URI
 #new labels (end) ************************************************************************************************
 
 
diff --git a/client/pom.xml b/client/pom.xml
index 50b85e956f8..0a138764419 100644
--- a/client/pom.xml
+++ b/client/pom.xml
@@ -16,8 +16,7 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-client-ui
   Apache CloudStack Client UI
@@ -25,7 +24,7 @@
   
     org.apache.cloudstack
     cloudstack
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
   
   
     
@@ -152,15 +151,15 @@
             
             
               
-                
-                  
+                
+                  
                     
                   
                 
-                
+                
                   
                 
-                
+                
                   
                 
                 
@@ -204,7 +203,7 @@
                     
                   
                   
-                    
+                    
                   
                 
               
@@ -214,4 +213,86 @@
       
     
   
+  
+	
+		netapp
+		
+			
+				nonoss
+			
+		
+		
+			
+				org.apache.cloudstack
+				cloud-plugin-netapp
+				${project.version}
+			
+		
+	
+	
+		f5
+		
+			
+				nonoss
+			
+		
+		
+			
+				org.apache.cloudstack
+				cloud-plugin-network-f5
+				${project.version}
+			
+		
+	
+	
+		netscaler
+		
+			
+				nonoss
+			
+		
+		
+			
+				org.apache.cloudstack
+				cloud-plugin-network-netscaler
+				${project.version}
+			
+		
+	
+	
+		srx
+		
+			
+				nonoss
+			
+		
+		
+			
+				org.apache.cloudstack
+				cloud-plugin-network-srx
+				${project.version}
+			
+		
+	
+	
+		vmware
+		
+			
+				nonoss
+			
+		
+		
+			
+				org.apache.cloudstack
+				cloud-plugin-hypervisor-vmware
+				${project.version}
+			
+            
+                org.apache.cloudstack
+                cloud-vmware-base
+                ${project.version}
+            
+		
+	
+    
 
diff --git a/cloud-cli/cloudapis/cloud.py b/cloud-cli/cloudapis/cloud.py
index 1ee9806c978..a0e88805c82 100644
--- a/cloud-cli/cloudapis/cloud.py
+++ b/cloud-cli/cloudapis/cloud.py
@@ -71,10 +71,10 @@ class CloudAPI:
         requests = zip(requests.keys(), requests.values())
         requests.sort(key=lambda x: str.lower(x[0]))
 
-        requestUrl = "&".join(["=".join([request[0], urllib.quote_plus(str(request[1]))]) for request in requests])
-        hashStr = "&".join(["=".join([str.lower(request[0]), urllib.quote_plus(str.lower(str(request[1])))]) for request in requests])
+        requestUrl = "&".join(["=".join([request[0], urllib.quote(str(request[1],""))]) for request in requests])
+        hashStr = "&".join(["=".join([str.lower(request[0]), urllib.quote(str.lower(str(request[1])),"")]) for request in requests])
 
-        sig = urllib.quote_plus(base64.encodestring(hmac.new(self.securityKey, hashStr, hashlib.sha1).digest()).strip())
+        sig = urllib.quote_plus(base64.encodestring(hmac.new(self.securityKey, str.lower(hashStr), hashlib.sha1).digest()).strip())
 
         requestUrl += "&signature=%s"%sig
 
diff --git a/cloud.spec b/cloud.spec
index 724f8577a2e..405db861a5d 100644
--- a/cloud.spec
+++ b/cloud.spec
@@ -76,7 +76,7 @@ CloudStack management server.
 Summary:   CloudStack server library
 Requires: java >= 1.6.0
 Obsoletes: vmops-server < %{version}-%{release}
-Requires: %{name}-utils = %{version}, %{name}-core = %{version}, %{name}-deps = %{version}, tomcat6-servlet-2.5-api
+Requires: %{name}-utils = %{version}, %{name}-core = %{version}, %{name}-deps = %{version}, %{name}-scripts = %{version}, tomcat6-servlet-2.5-api
 Group:     System Environment/Libraries
 %description server
 The CloudStack server libraries provide a set of Java classes for CloudStack.
@@ -95,6 +95,7 @@ Requires: nfs-utils
 Requires: wget
 # there is a fsimage.so in the source code, which adds xen-libs as a dependence, needs to supress it, as rhel doesn't have this pacakge
 AutoReqProv: no
+Provides: cloud-agent-scripts = %{version}-%{release}
 Obsoletes: cloud-agent-scripts < %{version}-%{release}
 Group:     System Environment/Libraries
 %description scripts
@@ -274,7 +275,7 @@ Requires: %{name}-utils = %{version}, %{name}-core = %{version}, %{name}-deps =
 Requires: %{name}-setup = %{version}
 Requires: %{name}-client = %{version}
 Requires: jsvc
-License:   GPLv3+
+License:   Apache License 2.0
 Group:     System Environment/Libraries
 %description usage
 The CloudStack usage monitor provides usage accounting across the entire cloud for
@@ -387,18 +388,20 @@ else
     /sbin/service %{name}-agent condrestart >/dev/null 2>&1 || true
 fi
 
-%post client
-if [ "$1" == "1" ] ; then
-    /sbin/chkconfig --add %{name}-management > /dev/null 2>&1 || true
-    /sbin/chkconfig --level 345 %{name}-management on > /dev/null 2>&1 || true
+if [ -x /etc/sysconfig/modules/kvm.modules ] ; then
+    /bin/sh /etc/sysconfig/modules/kvm.modules
 fi
 
-if [ "$1" == "1" ] ; then
+%post client
+    /sbin/chkconfig --add %{name}-management > /dev/null 2>&1 || true
+    /sbin/chkconfig --level 345 %{name}-management on > /dev/null 2>&1 || true
+
     root=/usr/share/cloud/bridge
     target=/usr/share/cloud/management/
 
-    if [ ! -e $target/webapps/awsapi ]; then
-        ln -s $root/webapps/awsapi $target/webapps/awsapi
+    mkdir -p $target/webapps7080
+    if [ ! -e $target/webapps7080/awsapi ]; then
+        ln -s $root/webapps/awsapi $target/webapps7080/awsapi
     fi
 
     jars=`ls $root/lib`
@@ -412,7 +415,6 @@ if [ "$1" == "1" ] ; then
     do
         cp -f $root/conf/$c $target/conf
     done
-fi
 
 %files utils
 %defattr(0644,root,root,0755)
@@ -423,12 +425,14 @@ fi
 %doc %{_docdir}/%{name}-%{version}/version-info
 %doc %{_docdir}/%{name}-%{version}/sccs-info
 %doc %{_docdir}/%{name}-%{version}/configure-info
-%doc README.html
-%doc debian/copyright
+%doc LICENSE
+%doc NOTICE
 
 %files client-ui
 %defattr(0644,root,root,0755)
 %{_datadir}/%{name}/management/webapps/client/*
+%doc LICENSE
+%doc NOTICE
 
 %files server
 %defattr(0644,root,root,0755)
@@ -446,6 +450,8 @@ fi
 %{_javadir}/%{name}-plugin-elb.jar
 %{_javadir}/%{name}-plugin-nicira-nvp.jar
 %config(noreplace) %{_sysconfdir}/%{name}/server/*
+%doc LICENSE
+%doc NOTICE
 
 %files scripts
 %defattr(-,root,root,-)
@@ -453,7 +459,8 @@ fi
 # maintain the following list in sync with files scripts
 %{_libdir}/%{name}/common/vms/systemvm.zip
 %{_libdir}/%{name}/common/vms/systemvm.iso
-
+%doc LICENSE
+%doc NOTICE
 
 %files deps
 %defattr(0644,root,root,0755)
@@ -484,9 +491,14 @@ fi
 %{_javadir}/jstl-1.2.jar
 %{_javadir}/javax.persistence-2.0.0.jar
 %{_javadir}/bcprov-jdk16-1.45.jar
+%doc LICENSE
+%doc NOTICE
+
 %files core
 %defattr(0644,root,root,0755)
 %{_javadir}/%{name}-core.jar
+%doc LICENSE
+%doc NOTICE
 
 %files python
 %defattr(0644,root,root,0755)
@@ -494,6 +506,8 @@ fi
 %attr(0755,root,root) %{_bindir}/cloud-external-ipallocator.py
 %attr(0755,root,root) %{_initrddir}/cloud-ipallocator
 %dir %attr(0770,root,root) %{_localstatedir}/log/%{name}/ipallocator
+%doc LICENSE
+%doc NOTICE
 
 %files setup
 %attr(0755,root,root) %{_bindir}/%{name}-setup-databases
@@ -507,6 +521,8 @@ fi
 %{_datadir}/%{name}/setup/db/*.sql
 %{_datadir}/%{name}/setup/*.sh
 %{_datadir}/%{name}/setup/server-setup.xml
+%doc LICENSE
+%doc NOTICE
 
 %files client
 %defattr(0644,root,root,0775)
@@ -530,12 +546,16 @@ fi
 %dir %attr(0770,root,%{name}) %{_localstatedir}/cache/%{name}/management/temp
 %dir %attr(0770,root,%{name}) %{_localstatedir}/log/%{name}/management
 %dir %attr(0770,root,%{name}) %{_localstatedir}/log/%{name}/agent
+%doc LICENSE
+%doc NOTICE
 
 %files agent-libs
 %defattr(0644,root,root,0755)
 %{_javadir}/%{name}-agent.jar
 %{_javadir}/%{name}-plugin-hypervisor-kvm.jar
 %{_javadir}/libvirt-0.4.9.jar
+%doc LICENSE
+%doc NOTICE
 
 %files agent
 %defattr(0644,root,root,0755)
@@ -546,6 +566,8 @@ fi
 %attr(0755,root,root) %{_initrddir}/%{name}-agent
 %attr(0755,root,root) %{_bindir}/%{name}-setup-agent
 %dir %attr(0770,root,root) %{_localstatedir}/log/%{name}/agent
+%doc LICENSE
+%doc NOTICE
 
 %files cli
 %{_bindir}/%{name}-tool
@@ -555,9 +577,13 @@ fi
 %dir %{_prefix}/lib*/python*/site-packages/%{name}tool
 %{_prefix}/lib*/python*/site-packages/%{name}tool/*
 %{_prefix}/lib*/python*/site-packages/%{name}apis.py
+%doc LICENSE
+%doc NOTICE
 
 %files baremetal-agent
 %attr(0755,root,root) %{_bindir}/cloud-setup-baremetal
+%doc LICENSE
+%doc NOTICE
 
 %files usage
 %defattr(0644,root,root,0775)
@@ -567,6 +593,8 @@ fi
 %config(noreplace) %{_sysconfdir}/%{name}/usage/usage-components.xml
 %config(noreplace) %{_sysconfdir}/%{name}/usage/log4j-%{name}_usage.xml
 %config(noreplace) %attr(0640,root,%{name}) %{_sysconfdir}/%{name}/usage/db.properties
+%doc LICENSE
+%doc NOTICE
 
 %files aws-api
 %defattr(0644,cloud,cloud,0755)
@@ -575,6 +603,8 @@ fi
 %attr(0644,root,root) %{_datadir}/cloud/setup/bridge/db/*
 %attr(0755,root,root) %{_bindir}/cloudstack-aws-api-register
 %attr(0755,root,root) %{_bindir}/cloud-setup-bridge
+%doc LICENSE
+%doc NOTICE
 
 %changelog
 * Fri Sep 14 2012 Marcus Sorensen  4.0.1
diff --git a/console-proxy/certs/realhostip.csr b/console-proxy/certs/realhostip.csr
index 0684141d237..61395c9f8d9 100644
--- a/console-proxy/certs/realhostip.csr
+++ b/console-proxy/certs/realhostip.csr
@@ -1,15 +1,15 @@
------BEGIN NEW CERTIFICATE REQUEST-----
-MIICsDCCAZgCAQAwazELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRIwEAYDVQQHEwlDdXBlcnRp
-bm8xDjAMBgNVBAoTBVZNT3BzMRAwDgYDVQQLEwdVbmtub3duMRkwFwYDVQQDDBAqLnJlYWxob3N0
-aXAuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0/QLRH7PrPyPEF6eq6wsNIj
-SdPhoLMmzR4XlPiaS9/SzE2cpAq2YWZ8g78HcQqDnxN/Emt9m2hyjXbPstkh5zDbDpMPDnDbnBxA
-V9RSKTgRqYfQ+sQvrpsfaHesTFhE1L+4+odrvlgtzoQTPHxwgaiIgKJd9fyJHKg8cbB5UPEv6An0
-5VyVGOmJ+tvDgNV4oynUZ2nVdIWfNvXL/z2SpY48EFE8q3dCh0HpLAR/mAGEqNiVJfHpDS7DovP3
-D7X6I55bc0SNRl4tGTjbPFZw8ydGtoKmWPrsZc/ghmy5xp5TeI/XAaRPjH1BPt+Q6tdtbE6bEoBf
-OTM/qVYZ9kut9wIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBAF5lhhni9dW9MqSL2ixNbViPWpFS
-ecOggshYChJfZKrhsuZaDpumJ/+ebICS4zv/oxDwNLSmeAmydiaUQC9LFQEEwvPBYDTtTzwCrtwH
-yyFJQSm6pyeIBP/Bih/5hLW8JPm0bDbp5ldrHCDEgKQeeyQhyYOKFODkTuMLw+FLD+V86IVHxElL
-/urCRWyZEPwyMsgfsU6ywNX9XNShyk1uDHjFDE67sPhfw52ooxXrYQnBdTk+g0UXPbULzrCK/1kU
-fjRq347V9Fwi5NFyGADOaA+q6mtnlb1i3uH1n1YVUzevvpnIr3/RxPSYHB47Kj9iYKeDlYdTRHJy
-NpuvTfmQO2Y=
------END NEW CERTIFICATE REQUEST-----
+-----BEGIN NEW CERTIFICATE REQUEST-----
+MIICsDCCAZgCAQAwazELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRIwEAYDVQQHEwlDdXBlcnRp
+bm8xDjAMBgNVBAoTBVZNT3BzMRAwDgYDVQQLEwdVbmtub3duMRkwFwYDVQQDDBAqLnJlYWxob3N0
+aXAuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0/QLRH7PrPyPEF6eq6wsNIj
+SdPhoLMmzR4XlPiaS9/SzE2cpAq2YWZ8g78HcQqDnxN/Emt9m2hyjXbPstkh5zDbDpMPDnDbnBxA
+V9RSKTgRqYfQ+sQvrpsfaHesTFhE1L+4+odrvlgtzoQTPHxwgaiIgKJd9fyJHKg8cbB5UPEv6An0
+5VyVGOmJ+tvDgNV4oynUZ2nVdIWfNvXL/z2SpY48EFE8q3dCh0HpLAR/mAGEqNiVJfHpDS7DovP3
+D7X6I55bc0SNRl4tGTjbPFZw8ydGtoKmWPrsZc/ghmy5xp5TeI/XAaRPjH1BPt+Q6tdtbE6bEoBf
+OTM/qVYZ9kut9wIDAQABoAAwDQYJKoZIhvcNAQEFBQADggEBAF5lhhni9dW9MqSL2ixNbViPWpFS
+ecOggshYChJfZKrhsuZaDpumJ/+ebICS4zv/oxDwNLSmeAmydiaUQC9LFQEEwvPBYDTtTzwCrtwH
+yyFJQSm6pyeIBP/Bih/5hLW8JPm0bDbp5ldrHCDEgKQeeyQhyYOKFODkTuMLw+FLD+V86IVHxElL
+/urCRWyZEPwyMsgfsU6ywNX9XNShyk1uDHjFDE67sPhfw52ooxXrYQnBdTk+g0UXPbULzrCK/1kU
+fjRq347V9Fwi5NFyGADOaA+q6mtnlb1i3uH1n1YVUzevvpnIr3/RxPSYHB47Kj9iYKeDlYdTRHJy
+NpuvTfmQO2Y=
+-----END NEW CERTIFICATE REQUEST-----
diff --git a/console-proxy/js/ajaxviewer.js b/console-proxy/js/ajaxviewer.js
index 355cc827ba2..6ac56be6641 100644
--- a/console-proxy/js/ajaxviewer.js
+++ b/console-proxy/js/ajaxviewer.js
@@ -63,11 +63,296 @@ function getCurrentLanguage() {
 //
 function KeyboardMapper() {
 	this.mappedInput = [];
+	this.jsX11KeysymMap = [];
+	this.jsKeyPressX11KeysymMap = [];
 }
 
+//
+// RAW keyboard
+// 		Primarily translates KeyDown/KeyUp event, either as is (if there is no mapping entry)
+// 		or through mapped result.
+//
+// 		For KeyPress event, it translates it only if there exist a mapping entry
+// 		in jsX11KeysymMap map and the entry meets the condition
+// 
+// COOKED keyboard
+//		Primarily translates KeyPress event, either as is or through mapped result
+//		It translates KeyDown/KeyUp only there exists a mapping entry, or if there
+//		is no mapping entry, translate when certain modifier key is pressed (i.e., 
+//		CTRL or ALT key
+//
+// Mapping entry types
+//		direct		:	will be directly mapped into the entry value with the same event type
+//		boolean		:	only valid for jsX11KeysymMap, existence of this type, no matter true or false
+//						in value, corresponding KeyDown/KeyUp event will be masked
+//		array		:	contains a set of conditional mapping entry
+//		
+// Conditional mapping entry
+//
+//		{ 
+//			type: , code: , modifiers: ,
+//		  	shift : ,		-- match on shift state
+//			guestos : ,		-- match on guestos type
+//			browser: ,	-- match on browser
+//			browserVersion: 	-- match on browser version
+//		}
+//
+KeyboardMapper.KEYBOARD_TYPE_RAW = 0;
+KeyboardMapper.KEYBOARD_TYPE_COOKED = 1;
+
 KeyboardMapper.prototype = {
-	inputFeed : function(eventType, code, modifiers) {
-		this.mappedInput.push({type: eventType, code: code, modifiers: modifiers});
+		
+	setKeyboardType : function(keyboardType) {
+		this.keyboardType = keyboardType;
+		
+		if(keyboardType == KeyboardMapper.KEYBOARD_TYPE_RAW) {
+			// intialize keyboard mapping for RAW keyboard
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_CAPSLOCK] 		= AjaxViewer.X11_KEY_CAPSLOCK;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_BACKSPACE] 		= AjaxViewer.X11_KEY_BACKSPACE;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_TAB] 				= AjaxViewer.X11_KEY_TAB;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_ENTER] 			= AjaxViewer.X11_KEY_ENTER;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_ESCAPE] 			= AjaxViewer.X11_KEY_ESCAPE;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_INSERT] 			= AjaxViewer.X11_KEY_INSERT;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_DELETE] 			= AjaxViewer.X11_KEY_DELETE;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_HOME] 			= AjaxViewer.X11_KEY_HOME;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_END] 				= AjaxViewer.X11_KEY_END;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_PAGEUP] 			= AjaxViewer.X11_KEY_PAGEUP;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_PAGEDOWN] 		= AjaxViewer.X11_KEY_PAGEDOWN;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_LEFT] 			= AjaxViewer.X11_KEY_LEFT;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_UP] 				= AjaxViewer.X11_KEY_UP;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_RIGHT] 			= AjaxViewer.X11_KEY_RIGHT;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_DOWN] 			= AjaxViewer.X11_KEY_DOWN;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F1] 				= AjaxViewer.X11_KEY_F1;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F2] 				= AjaxViewer.X11_KEY_F2;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F3] 				= AjaxViewer.X11_KEY_F3;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F4] 				= AjaxViewer.X11_KEY_F4;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F5] 				= AjaxViewer.X11_KEY_F5;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F6] 				= AjaxViewer.X11_KEY_F6;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F7] 				= AjaxViewer.X11_KEY_F7;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F8] 				= AjaxViewer.X11_KEY_F8;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F9] 				= AjaxViewer.X11_KEY_F9;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F10] 				= AjaxViewer.X11_KEY_F10;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F11] 				= AjaxViewer.X11_KEY_F11;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F12] 				= AjaxViewer.X11_KEY_F12;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_SHIFT] 			= AjaxViewer.X11_KEY_SHIFT;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_CTRL] 			= AjaxViewer.X11_KEY_CTRL;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_ALT] 				= AjaxViewer.X11_KEY_ALT;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_GRAVE_ACCENT] 	= AjaxViewer.X11_KEY_GRAVE_ACCENT;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_SUBSTRACT] 		= AjaxViewer.X11_KEY_SUBSTRACT;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_ADD] 				= AjaxViewer.X11_KEY_ADD;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_OPEN_BRACKET] 	= AjaxViewer.X11_KEY_OPEN_BRACKET;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_CLOSE_BRACKET] 	= AjaxViewer.X11_KEY_CLOSE_BRACKET;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_BACK_SLASH] 		= AjaxViewer.X11_KEY_BACK_SLASH;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_SINGLE_QUOTE] 	= AjaxViewer.X11_KEY_SINGLE_QUOTE;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_COMMA] 			= AjaxViewer.X11_KEY_COMMA;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_PERIOD] 			= AjaxViewer.X11_KEY_PERIOD;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_FORWARD_SLASH] 	= AjaxViewer.X11_KEY_FORWARD_SLASH;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_DASH] 			= AjaxViewer.X11_KEY_DASH;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_SEMI_COLON] 		= AjaxViewer.X11_KEY_SEMI_COLON;
+
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD0] 			= AjaxViewer.X11_KEY_NUMPAD0;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD1] 			= AjaxViewer.X11_KEY_NUMPAD1;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD2] 			= AjaxViewer.X11_KEY_NUMPAD2;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD3] 			= AjaxViewer.X11_KEY_NUMPAD3;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD4] 			= AjaxViewer.X11_KEY_NUMPAD4;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD5] 			= AjaxViewer.X11_KEY_NUMPAD5;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD6] 			= AjaxViewer.X11_KEY_NUMPAD6;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD7] 			= AjaxViewer.X11_KEY_NUMPAD7;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD8] 			= AjaxViewer.X11_KEY_NUMPAD8;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD9] 			= AjaxViewer.X11_KEY_NUMPAD9;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_DECIMAL_POINT] 	= AjaxViewer.X11_KEY_DECIMAL_POINT;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_DIVIDE] 			= AjaxViewer.X11_KEY_DIVIDE;
+			
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_MULTIPLY] = [
+			    {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_SHIFT, modifiers: 0 },
+			    {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_ASTERISK, modifiers: 0 },
+			    {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_ASTERISK, modifiers: 0 },
+			    {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_SHIFT, modifiers: 0 }
+			];
+			
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_ADD] = false;
+			this.jsKeyPressX11KeysymMap = [];
+			this.jsKeyPressX11KeysymMap[61] = [
+			    {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: false },
+			    {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: false }
+			];
+			this.jsKeyPressX11KeysymMap[43] = [
+			    {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_SHIFT, modifiers: 0, shift: false },
+			    {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: false },
+			    {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: false },
+			    {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_SHIFT, modifiers: 0, shift: false },
+			    {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: true },
+			    {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: true }
+			];
+		} else {
+			// initialize mapping for COOKED keyboard
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_CAPSLOCK] 		= AjaxViewer.X11_KEY_CAPSLOCK;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_BACKSPACE] 		= AjaxViewer.X11_KEY_BACKSPACE;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_TAB] 				= AjaxViewer.X11_KEY_TAB;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_ENTER] 			= AjaxViewer.X11_KEY_ENTER;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_ESCAPE] 			= AjaxViewer.X11_KEY_ESCAPE;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_INSERT] 			= AjaxViewer.X11_KEY_INSERT;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_DELETE] 			= AjaxViewer.X11_KEY_DELETE;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_HOME] 			= AjaxViewer.X11_KEY_HOME;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_END] 				= AjaxViewer.X11_KEY_END;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_PAGEUP] 			= AjaxViewer.X11_KEY_PAGEUP;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_PAGEDOWN] 		= AjaxViewer.X11_KEY_PAGEDOWN;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_LEFT] 			= AjaxViewer.X11_KEY_LEFT;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_UP] 				= AjaxViewer.X11_KEY_UP;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_RIGHT] 			= AjaxViewer.X11_KEY_RIGHT;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_DOWN] 			= AjaxViewer.X11_KEY_DOWN;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F1] 				= AjaxViewer.X11_KEY_F1;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F2] 				= AjaxViewer.X11_KEY_F2;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F3] 				= AjaxViewer.X11_KEY_F3;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F4] 				= AjaxViewer.X11_KEY_F4;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F5] 				= AjaxViewer.X11_KEY_F5;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F6] 				= AjaxViewer.X11_KEY_F6;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F7] 				= AjaxViewer.X11_KEY_F7;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F8] 				= AjaxViewer.X11_KEY_F8;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F9] 				= AjaxViewer.X11_KEY_F9;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F10] 				= AjaxViewer.X11_KEY_F10;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F11] 				= AjaxViewer.X11_KEY_F11;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_F12] 				= AjaxViewer.X11_KEY_F12;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_SHIFT] 			= AjaxViewer.X11_KEY_SHIFT;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_CTRL] 			= AjaxViewer.X11_KEY_CTRL;
+			this.jsX11KeysymMap[AjaxViewer.JS_KEY_ALT] 				= AjaxViewer.X11_KEY_ALT;
+		}
+	},
+	
+	RawkeyboardInputHandler : function(eventType, code, modifiers, guestos, browser, browserVersion) {
+		if(eventType == AjaxViewer.KEY_DOWN || eventType == AjaxViewer.KEY_UP) {
+			
+			// special handling for Alt + Ctrl + Ins, convert it into Alt-Ctrl-Del
+			if(code == AjaxViewer.JS_KEY_INSERT) {
+				if((modifiers & AjaxViewer.ALT_KEY_MASK) != 0 && (modifiers & AjaxViewer.CTRL_KEY_MASK) != 0) {
+					this.mappedInput.push({type : eventType, code: 0xffff, modifiers: modifiers});
+					return;
+				}
+			}
+			
+			var X11Keysym = code;
+			if(this.jsX11KeysymMap[code] != undefined) {
+				X11Keysym = this.jsX11KeysymMap[code];
+				if(typeof this.jsX11KeysymMap[code] == "boolean") {
+					return;
+				} else if($.isArray(X11Keysym)) {
+					for(var i = 0; i < X11Keysym.length; i++) {
+						if(this.isConditionalEntryMatched(eventType, code, modifiers, X11Keysym[i], guestos, browser, browserVersion)) {
+							this.mappedInput.push(X11Keysym[i]);
+						}
+					}
+				} else {
+					this.mappedInput.push({type : eventType, code: X11Keysym, modifiers: modifiers});
+				}
+			} else {
+				this.mappedInput.push({type : eventType, code: X11Keysym, modifiers: modifiers});
+			}
+
+			// special handling for ALT/CTRL key
+			if(eventType == AjaxViewer.KEY_UP && (code == AjaxViewer.JS_KEY_ALT || code == code == AjaxViewer.JS_KEY_CTRL))
+				this.mappedInput.push({type : eventType, code: this.jsX11KeysymMap[code], modifiers: modifiers});
+			
+		} else if(eventType == AjaxViewer.KEY_PRESS) {
+			var X11Keysym = code;
+			X11Keysym = this.jsKeyPressX11KeysymMap[code];
+			if(X11Keysym) {
+				if($.isArray(X11Keysym)) {
+					for(var i = 0; i < X11Keysym.length; i++) {
+						if(this.isConditionalEntryMatched(eventType, code, modifiers, X11Keysym[i], guestos, browser))
+							this.mappedInput.push(X11Keysym[i]);
+					}
+				} else {
+					this.mappedInput.push({type : AjaxViewer.KEY_DOWN, code: X11Keysym, modifiers: modifiers});
+					this.mappedInput.push({type : AjaxViewer.KEY_UP, code: X11Keysym, modifiers: modifiers});
+				}
+			}
+		}
+	},
+	
+	CookedKeyboardInputHandler : function(eventType, code, modifiers, guestos, browser, browserVersion) {
+		if(eventType == AjaxViewer.KEY_DOWN || eventType == AjaxViewer.KEY_UP) {
+			
+			// special handling for Alt + Ctrl + Ins, convert it into Alt-Ctrl-Del
+			if(code == AjaxViewer.JS_KEY_INSERT) {
+				if((modifiers & AjaxViewer.ALT_KEY_MASK) != 0 && (modifiers & AjaxViewer.CTRL_KEY_MASK) != 0) {
+					this.mappedInput.push({type : eventType, code: 0xffff, modifiers: modifiers});
+					return;
+				}
+			}
+			
+			var X11Keysym = code;
+			if(this.jsX11KeysymMap[code] != undefined) {
+				X11Keysym = this.jsX11KeysymMap[code];
+				if(typeof this.jsX11KeysymMap[code] == "boolean") {
+					return;
+				} else if($.isArray(X11Keysym)) {
+					for(var i = 0; i < X11Keysym.length; i++) {
+						if(this.isConditionalEntryMatched(eventType, code, modifiers, X11Keysym[i], guestos, browser, browserVersion)) {
+							this.mappedInput.push(X11Keysym[i]);
+						}
+					}
+				} else {
+					this.mappedInput.push({type : eventType, code: X11Keysym, modifiers: modifiers});
+				}
+			} else {
+				if((modifiers & (AjaxViewer.CTRL_KEY_MASK | AjaxViewer.ALT_KEY_MASK)) != 0) {
+					this.mappedInput.push({type : eventType, code: X11Keysym, modifiers: modifiers});
+				}
+			}
+
+			// special handling for ALT/CTRL key
+			if(eventType == AjaxViewer.KEY_UP && (code == AjaxViewer.JS_KEY_ALT || code == code == AjaxViewer.JS_KEY_CTRL))
+				this.mappedInput.push({type : eventType, code: this.jsX11KeysymMap[code], modifiers: modifiers});
+			
+		} else if(eventType == AjaxViewer.KEY_PRESS) {
+			// special handling for * and + key on number pad
+			if(code == AjaxViewer.JS_NUMPAD_MULTIPLY) {
+				this.mappedInput.push({type : AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_SHIFT, modifiers: modifiers});
+				this.mappedInput.push({type : AjaxViewer.KEY_DOWN, code: 42, modifiers: modifiers});
+				this.mappedInput.push({type : AjaxViewer.KEY_UP, code: 42, modifiers: modifiers});
+				this.mappedInput.push({type : AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_SHIFT, modifiers: modifiers});
+				return;
+			}
+			
+			if(code == AjaxViewer.JS_NUMPAD_PLUS) {
+				this.mappedInput.push({type : AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_SHIFT, modifiers: modifiers});
+				this.mappedInput.push({type : AjaxViewer.KEY_DOWN, code: 43, modifiers: modifiers});
+				this.mappedInput.push({type : AjaxViewer.KEY_UP, code: 43, modifiers: modifiers});
+				this.mappedInput.push({type : AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_SHIFT, modifiers: modifiers});
+				return;
+			}
+			
+			// ENTER/BACKSPACE key should already have been sent through KEY DOWN/KEY UP event
+			if(code == AjaxViewer.JS_KEY_ENTER || code == AjaxViewer.JS_KEY_BACKSPACE)
+				return;
+
+			if(code > 0) {
+				var X11Keysym = code;
+				X11Keysym = this.jsKeyPressX11KeysymMap[code];
+				if(X11Keysym) {
+					if($.isArray(X11Keysym)) {
+						for(var i = 0; i < X11Keysym.length; i++) {
+							if(this.isConditionalEntryMatched(eventType, code, modifiers, X11Keysym[i], guestos, browser))
+								this.mappedInput.push(X11Keysym[i]);
+						}
+					} else {
+						this.mappedInput.push({type : AjaxViewer.KEY_DOWN, code: X11Keysym, modifiers: modifiers});
+						this.mappedInput.push({type : AjaxViewer.KEY_UP, code: X11Keysym, modifiers: modifiers});
+					}
+				} else {
+					// if there is no mappting entry, use the JS keypress code directly
+					this.mappedInput.push({type : AjaxViewer.KEY_DOWN, code: code, modifiers: modifiers});
+					this.mappedInput.push({type : AjaxViewer.KEY_UP, code: code, modifiers: modifiers});
+				}
+			}
+		}
+	},
+	
+	inputFeed : function(eventType, code, modifiers, guestos, browser, browserVersion) {
+		if(this.keyboardType == KeyboardMapper.KEYBOARD_TYPE_RAW)
+			this.RawkeyboardInputHandler(eventType, code, modifiers, guestos, browser, browserVersion);
+		else
+			this.CookedKeyboardInputHandler(eventType, code, modifiers, guestos, browser, browserVersion);
 	},
 	
 	getMappedInput : function() {
@@ -76,253 +361,44 @@ KeyboardMapper.prototype = {
 		return mappedInput;
 	},
 	
+	isConditionalEntryMatched : function(eventType, code, modifiers, entry, guestos, browser, browserVersion) {
+		if(eventType == AjaxViewer.KEY_DOWN || eventType == AjaxViewer.KEY_UP) {
+			// for KeyDown/KeyUp events, we require that the type in entry should match with
+			// the real input
+			if(entry.type != eventType)
+				return false;
+		}
+		
+		// check conditional match
+		if(entry.shift != undefined) {
+			var shift = ((modifiers & AjaxViewer.SHIFT_KEY_MASK) != 0 ? true : false); 
+			if(entry.shift ^ shift)
+				return false;
+		}
+		
+		if(entry.guestos != undefined) {
+			if(entry.guestos != guestos)
+				return false;
+		}
+		
+		if(entry.browser != undefined) {
+			if(entry.browser != browser)
+				return false;
+		}
+		
+		if(entry.browserVersion != undefined) {
+			if(entry.browserVersion != browserVersion)
+				return false;
+		}
+		
+		return true;
+	},
+	
 	isModifierInput : function(code) {
 		return $.inArray(code, [AjaxViewer.ALT_KEY_MASK, AjaxViewer.SHIFT_KEY_MASK, AjaxViewer.CTRL_KEY_MASK, AjaxViewer.META_KEY_MASK]) >= 0;
 	}
 };
 
-/////////////////////////////////////////////////////////////////////////////
-// JsX11KeyboardMapper
-//
-function JsX11KeyboardMapper() {
-	KeyboardMapper.apply(this, arguments);
-	
-	this.jsX11KeysymMap = [];
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_CAPSLOCK] 		= AjaxViewer.X11_KEY_CAPSLOCK;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_BACKSPACE] 		= AjaxViewer.X11_KEY_BACKSPACE;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_TAB] 				= AjaxViewer.X11_KEY_TAB;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_ENTER] 			= AjaxViewer.X11_KEY_ENTER;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_ESCAPE] 			= AjaxViewer.X11_KEY_ESCAPE;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_INSERT] 			= AjaxViewer.X11_KEY_INSERT;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_DELETE] 			= AjaxViewer.X11_KEY_DELETE;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_HOME] 			= AjaxViewer.X11_KEY_HOME;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_END] 				= AjaxViewer.X11_KEY_END;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_PAGEUP] 			= AjaxViewer.X11_KEY_PAGEUP;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_PAGEDOWN] 		= AjaxViewer.X11_KEY_PAGEDOWN;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_LEFT] 			= AjaxViewer.X11_KEY_LEFT;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_UP] 				= AjaxViewer.X11_KEY_UP;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_RIGHT] 			= AjaxViewer.X11_KEY_RIGHT;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_DOWN] 			= AjaxViewer.X11_KEY_DOWN;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F1] 				= AjaxViewer.X11_KEY_F1;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F2] 				= AjaxViewer.X11_KEY_F2;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F3] 				= AjaxViewer.X11_KEY_F3;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F4] 				= AjaxViewer.X11_KEY_F4;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F5] 				= AjaxViewer.X11_KEY_F5;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F6] 				= AjaxViewer.X11_KEY_F6;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F7] 				= AjaxViewer.X11_KEY_F7;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F8] 				= AjaxViewer.X11_KEY_F8;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F9] 				= AjaxViewer.X11_KEY_F9;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F10] 				= AjaxViewer.X11_KEY_F10;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F11] 				= AjaxViewer.X11_KEY_F11;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F12] 				= AjaxViewer.X11_KEY_F12;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_SHIFT] 			= AjaxViewer.X11_KEY_SHIFT;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_CTRL] 			= AjaxViewer.X11_KEY_CTRL;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_ALT] 				= AjaxViewer.X11_KEY_ALT;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_GRAVE_ACCENT] 	= AjaxViewer.X11_KEY_GRAVE_ACCENT;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_SUBSTRACT] 		= AjaxViewer.X11_KEY_SUBSTRACT;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_ADD] 				= AjaxViewer.X11_KEY_ADD;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_OPEN_BRACKET] 	= AjaxViewer.X11_KEY_OPEN_BRACKET;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_CLOSE_BRACKET] 	= AjaxViewer.X11_KEY_CLOSE_BRACKET;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_BACK_SLASH] 		= AjaxViewer.X11_KEY_BACK_SLASH;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_SINGLE_QUOTE] 	= AjaxViewer.X11_KEY_SINGLE_QUOTE;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_COMMA] 			= AjaxViewer.X11_KEY_COMMA;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_PERIOD] 			= AjaxViewer.X11_KEY_PERIOD;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_FORWARD_SLASH] 	= AjaxViewer.X11_KEY_FORWARD_SLASH;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_DASH] 			= AjaxViewer.X11_KEY_DASH;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_SEMI_COLON] 		= AjaxViewer.X11_KEY_SEMI_COLON;
-
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD0] 			= AjaxViewer.X11_KEY_NUMPAD0;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD1] 			= AjaxViewer.X11_KEY_NUMPAD1;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD2] 			= AjaxViewer.X11_KEY_NUMPAD2;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD3] 			= AjaxViewer.X11_KEY_NUMPAD3;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD4] 			= AjaxViewer.X11_KEY_NUMPAD4;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD5] 			= AjaxViewer.X11_KEY_NUMPAD5;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD6] 			= AjaxViewer.X11_KEY_NUMPAD6;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD7] 			= AjaxViewer.X11_KEY_NUMPAD7;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD8] 			= AjaxViewer.X11_KEY_NUMPAD8;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_NUMPAD9] 			= AjaxViewer.X11_KEY_NUMPAD9;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_DECIMAL_POINT] 	= AjaxViewer.X11_KEY_DECIMAL_POINT;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_DIVIDE] 			= AjaxViewer.X11_KEY_DIVIDE;
-	
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_MULTIPLY] = [
-	    {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_SHIFT, modifiers: 0 },
-	    {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_ASTERISK, modifiers: 0 },
-	    {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_ASTERISK, modifiers: 0 },
-	    {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_SHIFT, modifiers: 0 }
-	];
-	
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_ADD] = false;
-	this.jsKeyPressX11KeysymMap = [];
-	this.jsKeyPressX11KeysymMap[61] = [
-	    {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: false },
-	    {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: false }
-	];
-	this.jsKeyPressX11KeysymMap[43] = [
-	    {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_SHIFT, modifiers: 0, shift: false },
-	    {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: false },
-	    {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: false },
-	    {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_SHIFT, modifiers: 0, shift: false },
-	    {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: true },
-	    {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: true }
-	];
-}
-
-JsX11KeyboardMapper.prototype = new KeyboardMapper();
-JsX11KeyboardMapper.prototype.inputFeed = function(eventType, code, modifiers) {
-	if(eventType == AjaxViewer.KEY_DOWN || eventType == AjaxViewer.KEY_UP) {
-		
-		// special handling for Alt + Ctrl + Ins, convert it into Alt-Ctrl-Del
-		if(code == AjaxViewer.JS_KEY_INSERT) {
-			if((modifiers & AjaxViewer.ALT_KEY_MASK) != 0 && (modifiers & AjaxViewer.CTRL_KEY_MASK) != 0) {
-				this.mappedInput.push({type : eventType, code: 0xffff, modifiers: modifiers});
-				return;
-			}
-		}
-		
-		var X11Keysym = code;
-		if(this.jsX11KeysymMap[code] != undefined) {
-			X11Keysym = this.jsX11KeysymMap[code];
-			if(typeof this.jsX11KeysymMap[code] == "boolean") {
-				return;
-			} else if($.isArray(X11Keysym)) {
-				for(var i = 0; i < X11Keysym.length; i++) {
-					if(X11Keysym[i].type == eventType) {
-						this.mappedInput.push(X11Keysym[i]);
-					}
-				}
-			} else {
-				this.mappedInput.push({type : eventType, code: X11Keysym, modifiers: modifiers});
-			}
-		} else {
-			this.mappedInput.push({type : eventType, code: X11Keysym, modifiers: modifiers});
-		}
-
-		// special handling for ALT/CTRL key
-		if(eventType == AjaxViewer.KEY_UP && (code == AjaxViewer.JS_KEY_ALT || code == code == AjaxViewer.JS_KEY_CTRL))
-			this.mappedInput.push({type : eventType, code: this.jsX11KeysymMap[code], modifiers: modifiers});
-		
-	} else if(eventType == AjaxViewer.KEY_PRESS) {
-		var X11Keysym = code;
-		X11Keysym = this.jsKeyPressX11KeysymMap[code];
-		if(X11Keysym) {
-			if($.isArray(X11Keysym)) {
-				for(var i = 0; i < X11Keysym.length; i++) {
-					var shift = ((modifiers & AjaxViewer.SHIFT_KEY_MASK) != 0 ? true : false); 
-					if(!(X11Keysym[i].shift ^ shift))
-						this.mappedInput.push(X11Keysym[i]);
-				}
-			} else {
-				this.mappedInput.push({type : eventType, code: X11Keysym, modifiers: modifiers});
-			}
-		}
-	}
-}
-
-/////////////////////////////////////////////////////////////////////////////
-//JsCookedKeyboardMapper
-// For Xen/KVM hypervisors, it accepts "cooked" keyborad events
-//
-function JsCookedKeyboardMapper() {
-	KeyboardMapper.apply(this, arguments);
-	
-	this.jsX11KeysymMap = [];
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_CAPSLOCK] 		= AjaxViewer.X11_KEY_CAPSLOCK;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_BACKSPACE] 		= AjaxViewer.X11_KEY_BACKSPACE;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_TAB] 				= AjaxViewer.X11_KEY_TAB;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_ENTER] 			= AjaxViewer.X11_KEY_ENTER;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_ESCAPE] 			= AjaxViewer.X11_KEY_ESCAPE;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_INSERT] 			= AjaxViewer.X11_KEY_INSERT;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_DELETE] 			= AjaxViewer.X11_KEY_DELETE;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_HOME] 			= AjaxViewer.X11_KEY_HOME;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_END] 				= AjaxViewer.X11_KEY_END;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_PAGEUP] 			= AjaxViewer.X11_KEY_PAGEUP;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_PAGEDOWN] 		= AjaxViewer.X11_KEY_PAGEDOWN;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_LEFT] 			= AjaxViewer.X11_KEY_LEFT;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_UP] 				= AjaxViewer.X11_KEY_UP;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_RIGHT] 			= AjaxViewer.X11_KEY_RIGHT;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_DOWN] 			= AjaxViewer.X11_KEY_DOWN;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F1] 				= AjaxViewer.X11_KEY_F1;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F2] 				= AjaxViewer.X11_KEY_F2;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F3] 				= AjaxViewer.X11_KEY_F3;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F4] 				= AjaxViewer.X11_KEY_F4;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F5] 				= AjaxViewer.X11_KEY_F5;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F6] 				= AjaxViewer.X11_KEY_F6;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F7] 				= AjaxViewer.X11_KEY_F7;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F8] 				= AjaxViewer.X11_KEY_F8;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F9] 				= AjaxViewer.X11_KEY_F9;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F10] 				= AjaxViewer.X11_KEY_F10;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F11] 				= AjaxViewer.X11_KEY_F11;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_F12] 				= AjaxViewer.X11_KEY_F12;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_SHIFT] 			= AjaxViewer.X11_KEY_SHIFT;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_CTRL] 			= AjaxViewer.X11_KEY_CTRL;
-	this.jsX11KeysymMap[AjaxViewer.JS_KEY_ALT] 				= AjaxViewer.X11_KEY_ALT;
-}
-
-JsCookedKeyboardMapper.prototype = new KeyboardMapper();
-JsCookedKeyboardMapper.prototype.inputFeed = function(eventType, code, modifiers) {
-	if(eventType == AjaxViewer.KEY_DOWN || eventType == AjaxViewer.KEY_UP) {
-		
-		// special handling for Alt + Ctrl + Ins, convert it into Alt-Ctrl-Del
-		if(code == AjaxViewer.JS_KEY_INSERT) {
-			if((modifiers & AjaxViewer.ALT_KEY_MASK) != 0 && (modifiers & AjaxViewer.CTRL_KEY_MASK) != 0) {
-				this.mappedInput.push({type : eventType, code: 0xffff, modifiers: modifiers});
-				return;
-			}
-		}
-		
-		var X11Keysym = code;
-		if(this.jsX11KeysymMap[code] != undefined) {
-			X11Keysym = this.jsX11KeysymMap[code];
-			if(typeof this.jsX11KeysymMap[code] == "boolean") {
-				return;
-			} else if($.isArray(X11Keysym)) {
-				for(var i = 0; i < X11Keysym.length; i++) {
-					if(X11Keysym[i].type == eventType) {
-						this.mappedInput.push(X11Keysym[i]);
-					}
-				}
-			} else {
-				this.mappedInput.push({type : eventType, code: X11Keysym, modifiers: modifiers});
-			}
-		} else {
-			if((modifiers & AjaxViewer.CTRL_KEY_MASK) != 0) {
-				this.mappedInput.push({type : eventType, code: X11Keysym, modifiers: modifiers});
-			}
-		}
-
-		// special handling for ALT/CTRL key
-		if(eventType == AjaxViewer.KEY_UP && (code == AjaxViewer.JS_KEY_ALT || code == code == AjaxViewer.JS_KEY_CTRL))
-			this.mappedInput.push({type : eventType, code: this.jsX11KeysymMap[code], modifiers: modifiers});
-		
-	} else if(eventType == AjaxViewer.KEY_PRESS) {
-		var X11Keysym = code;
-		
-		// special handling for * and + key on number pad
-		if(code == AjaxViewer.JS_NUMPAD_MULTIPLY) {
-			this.mappedInput.push({type : AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_SHIFT, modifiers: modifiers});
-			this.mappedInput.push({type : AjaxViewer.KEY_DOWN, code: 42, modifiers: modifiers});
-			this.mappedInput.push({type : AjaxViewer.KEY_UP, code: 42, modifiers: modifiers});
-			this.mappedInput.push({type : AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_SHIFT, modifiers: modifiers});
-			return;
-		}
-		
-		if(code == AjaxViewer.JS_NUMPAD_PLUS) {
-			this.mappedInput.push({type : AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_SHIFT, modifiers: modifiers});
-			this.mappedInput.push({type : AjaxViewer.KEY_DOWN, code: 43, modifiers: modifiers});
-			this.mappedInput.push({type : AjaxViewer.KEY_UP, code: 43, modifiers: modifiers});
-			this.mappedInput.push({type : AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_SHIFT, modifiers: modifiers});
-			return;
-		}
-		
-		// ENTER/BACKSPACE key should already have been sent through KEY DOWN/KEY UP event
-		if(code == AjaxViewer.JS_KEY_ENTER || code == AjaxViewer.JS_KEY_BACKSPACE)
-			return;
-			
-		this.mappedInput.push({type : AjaxViewer.KEY_DOWN, code: X11Keysym, modifiers: modifiers});
-		this.mappedInput.push({type : AjaxViewer.KEY_UP, code: X11Keysym, modifiers: modifiers});
-	}
-}
-
 /////////////////////////////////////////////////////////////////////////////
 // class AjaxViewer
 //
@@ -653,12 +729,14 @@ AjaxViewer.prototype = {
 	
 	setupKeyboardTranslationTable : function() {
 		this.keyboardMappers = [];
-		// this.keyboardMappers[AjaxViewer.KEYBOARD_TYPE_ENGLISH] = new JsX11KeyboardMapper();
-		this.keyboardMappers[AjaxViewer.KEYBOARD_TYPE_ENGLISH] = new JsCookedKeyboardMapper();
-
-		// setup Japanese keyboard translation table
-		var mapper = new JsX11KeyboardMapper();
+		
+		var mapper = new KeyboardMapper();
+		this.keyboardMappers[AjaxViewer.KEYBOARD_TYPE_ENGLISH] = mapper;
+		mapper.setKeyboardType(KeyboardMapper.KEYBOARD_TYPE_COOKED);
+		
+		mapper = new KeyboardMapper();
 		this.keyboardMappers[AjaxViewer.KEYBOARD_TYPE_JAPANESE] = mapper;
+		mapper.setKeyboardType(KeyboardMapper.KEYBOARD_TYPE_RAW);
 		
 		// JP keyboard plugged in a English host OS
 /*		
@@ -1288,7 +1366,7 @@ AjaxViewer.prototype = {
 	
 	dispatchKeyboardInput : function(event, code, modifiers) {
 		var keyboardMapper = ajaxViewer.getCurrentKeyboardMapper();
-		keyboardMapper.inputFeed(event, code, modifiers);
+		keyboardMapper.inputFeed(event, code, modifiers, this.guestos, $.browser, $.browser.version);
 		this.dispatchMappedKeyboardInput(keyboardMapper.getMappedInput());
 	},
 	
diff --git a/console-proxy/pom.xml b/console-proxy/pom.xml
index 1820578cec6..d3f983e7d80 100644
--- a/console-proxy/pom.xml
+++ b/console-proxy/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-console-proxy
   Apache CloudStack Console Proxy
   
     org.apache.cloudstack
     cloudstack
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
   
   
     
@@ -139,7 +138,39 @@
           
         
       
-      
-    
-  
+      
+      
+      
+    
+  
+
 
diff --git a/console-proxy/src/com/cloud/consoleproxy/ConsoleProxyGCThread.java b/console-proxy/src/com/cloud/consoleproxy/ConsoleProxyGCThread.java
index 158f9fec49f..7f82a965f69 100644
--- a/console-proxy/src/com/cloud/consoleproxy/ConsoleProxyGCThread.java
+++ b/console-proxy/src/com/cloud/consoleproxy/ConsoleProxyGCThread.java
@@ -87,6 +87,7 @@ public class ConsoleProxyGCThread extends Thread {
                 
                 synchronized (connMap) {
                     connMap.remove(key);
+                    bReportLoad = true;
                 }
                 
                 // close the server connection
diff --git a/console-proxy/ui/viewer-bad-sid.ftl b/console-proxy/ui/viewer-bad-sid.ftl
index 246cb7f38d5..2f30ec36015 100644
--- a/console-proxy/ui/viewer-bad-sid.ftl
+++ b/console-proxy/ui/viewer-bad-sid.ftl
@@ -1,29 +1,29 @@
-
-
-
-
-
-
-

-
Unable to start console session as access is denied because of bad sid

-

-
-
-
+
+
+
+
+
+
+

+
Unable to start console session as access is denied because of bad sid

+

+
+
+
diff --git a/console-proxy/ui/viewer-connect-failed.ftl b/console-proxy/ui/viewer-connect-failed.ftl
index 57af5bd7e7b..9d907cacb43 100644
--- a/console-proxy/ui/viewer-connect-failed.ftl
+++ b/console-proxy/ui/viewer-connect-failed.ftl
@@ -1,29 +1,29 @@
-
-
-
-
-
-
-

-
Unable to start console session as connection is refused by the machine you are accessing

-

-
-
-
+
+
+
+
+
+
+

+
Unable to start console session as connection is refused by the machine you are accessing

+

+
+
+
diff --git a/console-proxy/ui/viewer.ftl b/console-proxy/ui/viewer.ftl
index 0dd7b391b47..d1b2b56d02d 100644
--- a/console-proxy/ui/viewer.ftl
+++ b/console-proxy/ui/viewer.ftl
@@ -1,59 +1,59 @@
-
-
-
-
-
-
-
-${title}
-
-
-
-
-

-	
-
-
-
-	
+
+
+
+
+
+
+
+${title}
+
+
+
+
+

+	
+
+
+
+	
diff --git a/core/pom.xml b/core/pom.xml
index 510cb04105e..15f0f7b7302 100644
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-core
   Apache CloudStack Core
   
     org.apache.cloudstack
     cloudstack
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
   
   
     
@@ -32,17 +31,7 @@
       cloud-api
       ${project.version}
     
-    
-      org.apache.cloudstack
-      xapi
-      ${cs.xapi.version}
-      
-        
-          junit
-          junit
-        
-      
-    
+
     
       commons-httpclient
       commons-httpclient
@@ -58,6 +47,6 @@
   
     install
     src
-    
+    test
   
 
diff --git a/debian/changelog b/debian/changelog
index c02d7451f06..c3243aad5e3 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,27 @@
+cloud (1:4.0.0-1) unstable; urgency=low
+
+  * Bumping the version to 4.0.0
+
+ -- Chip Childers   Fri, 5 Oct 2012 16:00:00 -0500
+
+cloud (1:4.0.0-beta6) unstable; urgency=low
+
+  * Bumping the version to 4.0 Beta 6
+
+ -- Wido den Hollander   Fri, 5 Oct 2012 11:41:17 +0200
+
+cloud (1:4.0.0-beta1) unstable; urgency=low
+
+  * Bumping the version to 4.0 Beta 1
+
+ -- Wido den Hollander   Wed, 26 Sep 2012 21:14:48 +0200
+
+cloud (4.0.0-rc2) unstable; urgency=low
+
+  * Bumping the version to 4.0 RC2
+
+ -- Wido den Hollander   Mon, 24 Sep 2012 11:30:29 +0200
+ 
 cloud (4.0.0-rc1) unstable; urgency=low
 
   * Bumping the version to 4.0 RC1
diff --git a/debian/control b/debian/control
index 265c050cc13..44736d74511 100644
--- a/debian/control
+++ b/debian/control
@@ -2,13 +2,13 @@ Source: cloud
 Section: libs
 Priority: extra
 Maintainer: Wido den Hollander 
-Build-Depends: debhelper (>= 7), openjdk-6-jdk, tomcat6, libws-commons-util-java, libcommons-dbcp-java, libcommons-collections-java, libcommons-httpclient-java, libservlet2.5-java, genisoimage, python-mysqldb, maven3 | maven (>= 3), liblog4j1.2-java (>= 1.2.16)
+Build-Depends: debhelper (>= 7), openjdk-6-jdk, tomcat6, libws-commons-util-java, libcommons-codec-java (>= 1.5), libcommons-httpclient-java (>= 3.1), libservlet2.5-java, genisoimage, python-mysqldb, maven3 | maven (>= 3), liblog4j1.2-java (>= 1.2.16)
 Standards-Version: 3.8.1
 Homepage: http://www.cloudstack.org/
 
 Package: cloud-deps
 Architecture: any
-Depends: openjdk-6-jre, libcommons-discovery-java (>= 0.5), libcommons-dbcp-java (>= 1.4), libcommons-pool-java (>= 1.5.6), libcommons-codec-java (>= 1.5)
+Depends: openjdk-6-jre, libcommons-codec-java (>= 1.5), libcommons-httpclient-java (>= 3.1)
 Description: CloudStack library dependencies
  This package contains a number of third-party dependencies
  not shipped by distributions, required to run the CloudStack
@@ -24,7 +24,7 @@ Description: CloudStack agent library dependencies
 
 Package: cloud-utils
 Architecture: any
-Depends: openjdk-6-jre, python, libcglib-java (>= 2.2.2), libjsch-java (>= 0.1.42), libbackport-util-concurrent-java (>= 3.1)
+Depends: openjdk-6-jre, python, libcglib-java (>= 2.2.2), libjsch-java (>= 0.1.42), libbackport-util-concurrent-java (>= 3.1), libcommons-dbcp-java (>= 1.4), libcommons-pool-java (>= 1.5.6)
 Description: CloudStack utility library
  The CloudStack utility libraries provide a set of Java classes used
  in the CloudStack environment.
@@ -40,7 +40,7 @@ Description: CloudStack management server UI
 
 Package: cloud-server
 Architecture: any
-Depends: openjdk-6-jre, cloud-utils (= ${source:Version}), cloud-core (= ${source:Version}), cloud-deps (= ${source:Version}), libservlet2.5-java
+Depends: openjdk-6-jre, cloud-utils (= ${source:Version}), cloud-core (= ${source:Version}), cloud-deps (= ${source:Version}), cloud-scripts (= ${source:Version}), libservlet2.5-java
 Description: CloudStack server library
  The CloudStack server libraries provide a set of Java classes used
  in the CloudStack management server.
@@ -84,13 +84,13 @@ Description: CloudStack Python library
 
 Package: cloud-agent-libs
 Architecture: any
-Depends: openjdk-6-jre, cloud-utils (= ${source:Version}), cloud-core (= ${source:Version}), cloud-agent-deps (= ${source:Version}), libcommons-httpclient-java, libcommons-collections-java, libcommons-dbcp-java, libcommons-pool-java, libcommons-logging-java
+Depends: openjdk-6-jre, cloud-utils (= ${source:Version}), cloud-core (= ${source:Version}), cloud-agent-deps (= ${source:Version})
 Description: CloudStack agent libraries
  The CloudStack agent libraries are used by the Cloud Agent.
 
 Package: cloud-agent
 Architecture: any
-Depends: openjdk-6-jre, cloud-utils (= ${source:Version}), cloud-core (= ${source:Version}), cloud-agent-deps (= ${source:Version}), python, cloud-python (= ${source:Version}), cloud-agent-libs (= ${source:Version}), cloud-scripts (= ${source:Version}), libvirt0, sysvinit-utils, chkconfig, qemu-kvm, libvirt-bin, uuid-runtime, rsync, grep, iproute, ebtables, vlan, libcommons-httpclient-java, libservlet2.5-java, liblog4j1.2-java (>= 1.2.16), libjna-java, wget, jsvc, lsb-base (>= 3.2)
+Depends: openjdk-6-jre, cloud-utils (= ${source:Version}), cloud-core (= ${source:Version}), cloud-agent-deps (= ${source:Version}), cloud-python (= ${source:Version}), cloud-agent-libs (= ${source:Version}), cloud-scripts (= ${source:Version}), libvirt0, sysvinit-utils, chkconfig, qemu-kvm, libvirt-bin, uuid-runtime, rsync, grep, iproute, ebtables, vlan, liblog4j1.2-java (>= 1.2.16), libjna-java, wget, jsvc, lsb-base (>= 3.2)
 Description: CloudStack agent
  The CloudStack agent is in charge of managing shared computing resources in
  a CloudStack powered cloud.  Install this package if this computer
diff --git a/debian/rules b/debian/rules
index 5c5ddcbe0a1..674d65df8c7 100755
--- a/debian/rules
+++ b/debian/rules
@@ -90,8 +90,11 @@ install-arch:
 binary-common:
 	dh_testdir
 	dh_testroot
-	dh_installchangelogs 
-	dh_installdocs -A README.html
+	dh_installchangelogs
+	dh_installdocs LICENSE
+	dh_installdocs DISCLAIMER
+	dh_installdocs NOTICE
+	dh_installdocs INSTALL.md
 #	dh_installexamples
 #	dh_installmenu
 #	dh_installdebconf
@@ -114,7 +117,8 @@ binary-common:
 #	dh_shlibdeps
 	dh_gencontrol
 	dh_md5sums
-	dh_builddeb
+	mkdir -p ./artifacts/debs
+	dh_builddeb --destdir=$(CURDIR)/artifacts/debs
 # Build architecture independant packages using the common target.
 # binary-indep: build-indep install-indep
 # 	$(MAKE) -f debian/rules DH_OPTIONS=-i binary-common
diff --git a/deps/XenServerJava/pom.xml b/deps/XenServerJava/pom.xml
index 13375144534..18ba54f56a3 100644
--- a/deps/XenServerJava/pom.xml
+++ b/deps/XenServerJava/pom.xml
@@ -16,13 +16,12 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   
     org.apache.cloudstack
     cloudstack
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
   xapi
diff --git a/deps/pom.xml b/deps/pom.xml
index 1e2008337d5..38bb17108c0 100644
--- a/deps/pom.xml
+++ b/deps/pom.xml
@@ -16,8 +16,7 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-deps
   Apache CloudStack Dependencies
@@ -25,7 +24,7 @@
   
     org.apache.cloudstack
     cloudstack
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
   
   
     
@@ -176,7 +175,20 @@
                     
                   
                   
-                    
+                    
+                  
+                
+                
+                  
+                    org.apache.maven.plugins
+                    maven-dependency-plugin
+                    [2.0,)
+                    
+                      copy-dependencies
+                    
+                  
+                  
+                    
                   
                 
               
diff --git a/developer/pom.xml b/developer/pom.xml
new file mode 100644
index 00000000000..eb6e11234c8
--- /dev/null
+++ b/developer/pom.xml
@@ -0,0 +1,238 @@
+
+
+	4.0.0
+	cloud-developer
+	Apache CloudStack Developer Tools
+	pom
+	
+		org.apache.cloudstack
+		cloudstack
+		4.1.0-SNAPSHOT
+	
+	
+		
+			mysql
+			mysql-connector-java
+			5.1.21
+			runtime
+		
+	
+	
+		install
+	
+
+	
+		
+			deploydb
+			
+				
+					deploydb
+				
+			
+			
+				
+					
+						org.codehaus.mojo
+						properties-maven-plugin
+						1.0-alpha-2
+						
+							
+								initialize
+								
+									read-project-properties
+								
+								
+									
+										${project.parent.basedir}/utils/conf/db.properties
+									
+								
+							
+						
+					
+					
+						maven-antrun-plugin
+						1.7
+						
+							
+								generate-resources
+								
+									run
+								
+								
+									
+										
+										
+											
+											
+										
+                                        
+                                            
+                                              
+                                            
+                                        
+									
+								
+							
+						
+					
+					
+						org.codehaus.mojo
+						sql-maven-plugin
+						1.5
+						
+							
+							
+								mysql
+								mysql-connector-java
+								${cs.mysql.version}
+							
+						
+						
+							org.gjt.mm.mysql.Driver
+							jdbc:mysql://${db.cloud.host}:${db.cloud.port}/cloud
+							${db.cloud.username}
+							${db.cloud.password}
+							
+							${maven.test.skip}
+							true
+						
+
+						
+							
+								drop-database
+								process-test-resources
+								
+									execute
+								
+								
+									root
+									${db.cloud.password}
+									jdbc:mysql://${db.cloud.host}:${db.cloud.port}
+									drop database if exists `cloud`
+								
+							
+                            
+                                create-database
+                                process-test-resources
+                                
+                                    execute
+                                
+                                
+                                    root
+                                    ${db.cloud.password}
+                                    jdbc:mysql://${db.cloud.host}:${db.cloud.port}
+                                    create database `cloud`
+                                
+                            
+                            
+                                drop-database-usage
+                                process-test-resources
+                                
+                                    execute
+                                
+                                
+                                    root
+                                    ${db.cloud.password}
+                                    jdbc:mysql://${db.cloud.host}:${db.cloud.port}
+                                    drop database if exists `cloud_usage`
+                                
+                            
+                            
+                                create-database-usage
+                                process-test-resources
+                                
+                                    execute
+                                
+                                
+                                    root
+                                    ${db.cloud.password}
+                                    jdbc:mysql://${db.cloud.host}:${db.cloud.port}
+                                    create database `cloud_usage`
+                                
+                            
+                            
+                                drop-database-cloudbridge
+                                process-test-resources
+                                
+                                    execute
+                                
+                                
+                                    root
+                                    ${db.cloud.password}
+                                    jdbc:mysql://${db.cloud.host}:${db.cloud.port}
+                                    drop database if exists `cloudbridge`
+                                
+                            
+                            
+                                create-database-cloudbridge
+                                process-test-resources
+                                
+                                    execute
+                                
+                                
+                                    root
+                                    ${db.cloud.password}
+                                    jdbc:mysql://${db.cloud.host}:${db.cloud.port}
+                                    create database `cloudbridge`
+                                
+                            
+							
+								create-schema
+								process-test-resources
+								
+									execute
+								
+								
+									
+										${basedir}/target/db/create-schema.sql
+										${basedir}/target/db/create-schema-premium.sql
+										${basedir}/target/db/templates.sql
+										${basedir}/target/db/create-index-fk.sql
+										${basedir}/target/db/cloudbridge_schema.sql
+										${basedir}/target/db/cloudbridge_multipart.sql
+										${basedir}/target/db/cloudbridge_index.sql
+										${basedir}/target/db/cloudbridge_multipart_alter.sql
+										${basedir}/target/db/cloudbridge_bucketpolicy.sql
+										${basedir}/target/db/cloudbridge_policy_alter.sql
+										${basedir}/target/db/cloudbridge_offering.sql
+										${basedir}/target/db/cloudbridge_offering_alter.sql
+									
+								
+							
+                            
+                                prefill-schema
+                                process-test-resources
+                                
+                                    execute
+                                
+                                
+                                    INSERT INTO `cloud`.`domain` (id, name, parent, path, owner) VALUES (1, 'ROOT', NULL, '/', 2)
+                                
+                            
+                            
+                                prefill-configuration
+                                process-test-resources
+                                
+                                    execute
+                                
+                                
+                                    INSERT INTO `cloud`.`configuration` (category, instance, component, name, value) VALUES ('Hidden', 'DEFAULT', 'management-server', 'init', 'false')
+                                
+                            
+						
+					
+				
+			
+		
+	
+
+
diff --git a/docs/.tx/config b/docs/.tx/config
new file mode 100644
index 00000000000..9b02286ea66
--- /dev/null
+++ b/docs/.tx/config
@@ -0,0 +1,2139 @@
+#  Licensed to the Apache Software Foundation (ASF) under one
+#  or more contributor license agreements.  See the NOTICE file
+#  distributed with this work for additional information
+#  regarding copyright ownership.  The ASF licenses this file
+#  to you under the Apache License, Version 2.0 (the
+#  "License"); you may not use this file except in compliance
+#  with the License.  You may obtain a copy of the License at
+#  
+#    http://www.apache.org/licenses/LICENSE-2.0
+#  
+#  Unless required by applicable law or agreed to in writing,
+#  software distributed under the License is distributed on an
+#  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#  KIND, either express or implied.  See the License for the
+#  specific language governing permissions and limitations
+#  under the License.
+
+[main]
+host = https://www.transifex.net
+
+[ACS_DOCS.about-clusters]
+file_filter = /about-cluster.po
+source_file = pot/about-clusters.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.about-hosts]
+file_filter = /about-hosts.po
+source_file = pot/about-hosts.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.about-physical-networks]
+file_filter = /about-physical-networks.po
+source_file = pot/about-physical-networks.pot
+source_lang = en
+type = PO
+
+
+
+[ACS_DOCS.about-pods]
+file_filter = /about-pods.po
+source_file = pot/about-pods.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.about-primary-storage]
+file_filter = /about-primary-storage.po
+source_file = pot/about-primary-storage.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.about-secondary-storage]
+file_filter = /about-secondary-storage.po
+source_file = pot/about-secondary-storage.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.about-virtual-networks]
+file_filter = /about-virtual-networks.po
+source_file = pot/about-virtual-networks.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.about-working-with-vms]
+file_filter = /about-working-with-vms.po
+source_file = pot/about-working-with-vms.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.about-zones]
+file_filter = /about-zones.po
+source_file = pot/about-zones.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.accept-membership-invite]
+file_filter = /accept-membership-invite.po
+source_file = pot/accept-membership-invite.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.accessing-vms]
+file_filter = /accessing-vms.po
+source_file = pot/accessing-vms.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.accounts]
+file_filter = /accounts.po
+source_file = pot/accounts.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.accounts-users-domains]
+file_filter = /accounts-users-domains.po
+source_file = pot/accounts-users-domains.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.acquire-new-ip-address]
+file_filter = /acquire-new-ip-address.po
+source_file = pot/acquire-new-ip-address.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.add-additional-guest-network]
+file_filter = /add-additional-guest-network.po
+source_file = pot/add-additional-guest-network.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.added-API-commands]
+file_filter = /added-API-commands.po
+source_file = pot/added-API-commands.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.added-cloudPlatform-error-codes]
+file_filter = /added-cloudPlatform-error-codes.po
+source_file = pot/added-cloudPlatform-error-codes.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.adding-IP-addresses-for-the-public-network]
+file_filter = /adding-IP-addresses-for-the-public-network.po
+source_file = pot/adding-IP-addresses-for-the-public-network.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.add-ingress-egress-rules]
+file_filter = /add-ingress-egress-rules.po
+source_file = pot/add-ingress-egress-rules.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.add-iso]
+file_filter = /add-iso.po
+source_file = pot/add-iso.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.add-load-balancer-rule]
+file_filter = /add-load-balancer-rule.po
+source_file = pot/add-load-balancer-rule.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.add-members-to-projects]
+file_filter = /add-members-to-projects.po
+source_file = pot/add-members-to-projects.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.add-more-clusters]
+file_filter = /add-more-clusters.po
+source_file = pot/add-more-clusters.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.add-password-management-to-templates]
+file_filter = /add-password-management-to-templates.po
+source_file = pot/add-password-management-to-templates.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.add-primary-storage]
+file_filter = /add-primary-storage.po
+source_file = pot/add-primary-storage.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.add-projects-members-from-ui]
+file_filter = /add-projects-members-from-ui.po
+source_file = pot/add-projects-members-from-ui.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.add-secondary-storage]
+file_filter = /add-secondary-storage.po
+source_file = pot/add-secondary-storage.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.add-security-group]
+file_filter = /add-security-group.po
+source_file = pot/add-security-group.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.admin-alerts]
+file_filter = /admin-alerts.po
+source_file = pot/admin-alerts.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.admin-guide]
+file_filter = /admin-guide.po
+source_file = pot/admin-guide.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.advanced-zone-configuration]
+file_filter = /advanced-zone-configuration.po
+source_file = pot/advanced-zone-configuration.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.advanced-zone-guest-ip-addresses]
+file_filter = /advanced-zone-guest-ip-addresses.po
+source_file = pot/advanced-zone-guest-ip-addresses.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.advanced-zone-network-traffic-types]
+file_filter = /advanced-zone-network-traffic-types.po
+source_file = pot/advanced-zone-network-traffic-types.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.advanced-zone-physical-network-configuration]
+file_filter = /advanced-zone-physical-network-configuration.po
+source_file = pot/advanced-zone-physical-network-configuration.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.advanced-zone-public-ip-addresses]
+file_filter = /advanced-zone-public-ip-addresses.po
+source_file = pot/advanced-zone-public-ip-addresses.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.alerts]
+file_filter = /alerts.po
+source_file = pot/alerts.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.allocators]
+file_filter = /allocators.po
+source_file = pot/allocators.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.api-reference]
+file_filter = /api-reference.po
+source_file = pot/api-reference.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.appendix-a-time-zones]
+file_filter = /appendix-a-time-zones.po
+source_file = pot/appendix-a-time-zones.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.asynchronous-commands-example]
+file_filter = /asynchronous-commands-example.po
+source_file = pot/asynchronous-commands-example.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.asynchronous-commands]
+file_filter = /asynchronous-commands.po
+source_file = pot/asynchronous-commands.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.attaching-volume]
+file_filter = /attaching-volume.po
+source_file = pot/attaching-volume.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.attach-iso-to-vm]
+file_filter = /attach-iso-to-vm.po
+source_file = pot/attach-iso-to-vm.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.Author_Group]
+file_filter = /Author_Group.po
+source_file = pot/Author_Group.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.automatic-snapshot-creation-retention]
+file_filter = /automatic-snapshot-creation-retention.po
+source_file = pot/automatic-snapshot-creation-retention.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.aws-ec2-configuration]
+file_filter = /aws-ec2-configuration.po
+source_file = pot/aws-ec2-configuration.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.aws-ec2-introduction]
+file_filter = /aws-ec2-introduction.po
+source_file = pot/aws-ec2-introduction.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.aws-ec2-requirements]
+file_filter = /aws-ec2-requirements.po
+source_file = pot/aws-ec2-requirements.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.aws-ec2-supported-commands]
+file_filter = /aws-ec2-supported-commands.po
+source_file = pot/aws-ec2-supported-commands.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.aws-ec2-user-setup]
+file_filter = /aws-ec2-user-setup.po
+source_file = pot/aws-ec2-user-setup.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.aws-interface-guide]
+file_filter = /aws-interface-guide.po
+source_file = pot/aws-interface-guide.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.basic-zone-configuration]
+file_filter = /basic-zone-configuration.po
+source_file = pot/basic-zone-configuration.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.basic-zone-guest-ip-addresses]
+file_filter = /basic-zone-guest-ip-addresses.po
+source_file = pot/basic-zone-guest-ip-addresses.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.basic-zone-network-traffic-types]
+file_filter = /basic-zone-network-traffic-types.po
+source_file = pot/basic-zone-network-traffic-types.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.basic-zone-physical-network-configuration]
+file_filter = /basic-zone-physical-network-configuration.po
+source_file = pot/basic-zone-physical-network-configuration.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.best-practices-for-vms]
+file_filter = /best-practices-for-vms.po
+source_file = pot/best-practices-for-vms.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.best-practices-primary-storage]
+file_filter = /best-practices-primary-storage.po
+source_file = pot/best-practices-primary-storage.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.best-practices-secondary-storage]
+file_filter = /best-practices-secondary-storage.po
+source_file = pot/best-practices-secondary-storage.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.best-practices-templates]
+file_filter = /best-practices-templates.po
+source_file = pot/best-practices-templates.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.best-practices-virtual-router]
+file_filter = /best-practices-virtual-router.po
+source_file = pot/best-practices-virtual-router.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.Book_Info_Build_All]
+file_filter = /Book_Info_Build_All.po
+source_file = pot/Book_Info_Build_All.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.Book_Info]
+file_filter = /Book_Info.po
+source_file = pot/Book_Info.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.change-console-proxy-ssl-certificate-domain]
+file_filter = /change-console-proxy-ssl-certificate-domain.po
+source_file = pot/change-console-proxy-ssl-certificate-domain.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.change-host-password]
+file_filter = /change-host-password.po
+source_file = pot/change-host-password.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.change-network-offering-on-guest-network]
+file_filter = /change-network-offering-on-guest-network.po
+source_file = pot/change-network-offering-on-guest-network.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.change-to-behavior-of-list-commands]
+file_filter = /change-to-behavior-of-list-commands.po
+source_file = pot/change-to-behavior-of-list-commands.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.changing-root-password]
+file_filter = /changing-root-password.po
+source_file = pot/changing-root-password.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.changing-secondary-storage-ip]
+file_filter = /changing-secondary-storage-ip.po
+source_file = pot/changing-secondary-storage-ip.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.changing-secondary-storage-servers]
+file_filter = /changing-secondary-storage-servers.po
+source_file = pot/changing-secondary-storage-servers.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.changing-secondary-storage-serversp]
+file_filter = /changing-secondary-storage-serversp.po
+source_file = pot/changing-secondary-storage-serversp.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.changing-service-offering-for-vm]
+file_filter = /changing-service-offering-for-vm.po
+source_file = pot/changing-service-offering-for-vm.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.changing-vm-name-os-group]
+file_filter = /changing-vm-name-os-group.po
+source_file = pot/changing-vm-name-os-group.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.choosing_a_deployment_architecture]
+file_filter = /choosing_a_deployment_architecture.po
+source_file = pot/choosing_a_deployment_architecture.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.citrix-xenserver-installation]
+file_filter = /citrix-xenserver-installation.po
+source_file = pot/citrix-xenserver-installation.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.cloud-infrastructure-concepts]
+file_filter = /cloud-infrastructure-concepts.po
+source_file = pot/cloud-infrastructure-concepts.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.cloud-infrastructure-overview]
+file_filter = /cloud-infrastructure-overview.po
+source_file = pot/cloud-infrastructure-overview.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.cloudplatform-api]
+file_filter = /cloudplatform-api.po
+source_file = pot/cloudplatform-api.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.cloudstack_admin]
+file_filter = /cloudstack_admin.po
+source_file = pot/cloudstack_admin.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.cloudstack_developers]
+file_filter = /cloudstack_developers.po
+source_file = pot/cloudstack_developers.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.cloudstack_features]
+file_filter = /cloudstack_features.po
+source_file = pot/cloudstack_features.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.cloudstack_installation]
+file_filter = /cloudstack_installation.po
+source_file = pot/cloudstack_installation.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.cloudstack]
+file_filter = /cloudstack.po
+source_file = pot/cloudstack.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.cloudstack_system_requirements]
+file_filter = /cloudstack_system_requirements.po
+source_file = pot/cloudstack_system_requirements.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.cloudstack_whatis]
+file_filter = /cloudstack_whatis.po
+source_file = pot/cloudstack_whatis.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.cluster-add]
+file_filter = /cluster-add.po
+source_file = pot/cluster-add.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.compatibility-matrix]
+file_filter = /compatibility-matrix.po
+source_file = pot/compatibility-matrix.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.compute-disk-service-offerings]
+file_filter = /compute-disk-service-offerings.po
+source_file = pot/compute-disk-service-offerings.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.concepts]
+file_filter = /concepts.po
+source_file = pot/concepts.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.configure-guest-traffic-in-advanced-zone]
+file_filter = /configure-guest-traffic-in-advanced-zone.po
+source_file = pot/configure-guest-traffic-in-advanced-zone.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.configure-public-traffic-in-an-advanced-zone]
+file_filter = /configure-public-traffic-in-an-advanced-zone.po
+source_file = pot/configure-public-traffic-in-an-advanced-zone.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.configure-usage-server]
+file_filter = /configure-usage-server.po
+source_file = pot/configure-usage-server.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.configure-virtual-router]
+file_filter = /configure-virtual-router.po
+source_file = pot/configure-virtual-router.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.configure-vpn]
+file_filter = /configure-vpn.po
+source_file = pot/configure-vpn.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.configure-xenserver-dom0-memory]
+file_filter = /configure-xenserver-dom0-memory.po
+source_file = pot/configure-xenserver-dom0-memory.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.configure-xenserver-dom-memory]
+file_filter = /configure-xenserver-dom-memory.po
+source_file = pot/configure-xenserver-dom-memory.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.configuring-projects]
+file_filter = /configuring-projects.po
+source_file = pot/configuring-projects.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.console-proxy]
+file_filter = /console-proxy.po
+source_file = pot/console-proxy.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.convert-hyperv-vm-to-template]
+file_filter = /convert-hyperv-vm-to-template.po
+source_file = pot/convert-hyperv-vm-to-template.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.create-bare-metal-template]
+file_filter = /create-bare-metal-template.po
+source_file = pot/create-bare-metal-template.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.create-new-projects]
+file_filter = /create-new-projects.po
+source_file = pot/create-new-projects.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.create-template-from-existing-vm]
+file_filter = /create-template-from-existing-vm.po
+source_file = pot/create-template-from-existing-vm.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.create-template-from-snapshot]
+file_filter = /create-template-from-snapshot.po
+source_file = pot/create-template-from-snapshot.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.create-templates-overview]
+file_filter = /create-templates-overview.po
+source_file = pot/create-templates-overview.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.create-vpn-connection-vpc]
+file_filter = /create-vpn-connection-vpc.po
+source_file = pot/create-vpn-connection-vpc.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.create-vpn-customer-gateway]
+file_filter = /create-vpn-customer-gateway.po
+source_file = pot/create-vpn-customer-gateway.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.create-vpn-gateway-for-vpc]
+file_filter = /create-vpn-gateway-for-vpc.po
+source_file = pot/create-vpn-gateway-for-vpc.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.create-windows-template]
+file_filter = /create-windows-template.po
+source_file = pot/create-windows-template.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.creating-compute-offerings]
+file_filter = /creating-compute-offerings.po
+source_file = pot/creating-compute-offerings.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.creating-disk-offerings]
+file_filter = /creating-disk-offerings.po
+source_file = pot/creating-disk-offerings.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.creating-network-offerings]
+file_filter = /creating-network-offerings.po
+source_file = pot/creating-network-offerings.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.creating-new-volumes]
+file_filter = /creating-new-volumes.po
+source_file = pot/creating-new-volumes.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.creating-system-service-offerings]
+file_filter = /creating-system-service-offerings.po
+source_file = pot/creating-system-service-offerings.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.creating-vms]
+file_filter = /creating-vms.po
+source_file = pot/creating-vms.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.customizing-dns]
+file_filter = /customizing-dns.po
+source_file = pot/customizing-dns.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.dates-in-usage-record]
+file_filter = /dates-in-usage-record.po
+source_file = pot/dates-in-usage-record.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.dedicated-ha-hosts]
+file_filter = /dedicated-ha-hosts.po
+source_file = pot/dedicated-ha-hosts.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.default-account-resource-limit]
+file_filter = /default-account-resource-limit.po
+source_file = pot/default-account-resource-limit.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.default-template]
+file_filter = /default-template.po
+source_file = pot/default-template.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.delete-templates]
+file_filter = /delete-templates.po
+source_file = pot/delete-templates.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.deleting-vms]
+file_filter = /deleting-vms.po
+source_file = pot/deleting-vms.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.deployment-architecture-overview]
+file_filter = /deployment-architecture-overview.po
+source_file = pot/deployment-architecture-overview.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.detach-move-volumes]
+file_filter = /detach-move-volumes.po
+source_file = pot/detach-move-volumes.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.developer-getting-started]
+file_filter = /developer-getting-started.po
+source_file = pot/developer-getting-started.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.developer_guide]
+file_filter = /developer_guide.po
+source_file = pot/developer_guide.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.developer-guide]
+file_filter = /developer-guide.po
+source_file = pot/developer-guide.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.developer-introduction]
+file_filter = /developer-introduction.po
+source_file = pot/developer-introduction.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.disable-enable-zones-pods-clusters]
+file_filter = /disable-enable-zones-pods-clusters.po
+source_file = pot/disable-enable-zones-pods-clusters.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.disk-volume-usage-record-format]
+file_filter = /disk-volume-usage-record-format.po
+source_file = pot/disk-volume-usage-record-format.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.dns-dhcp]
+file_filter = /dns-dhcp.po
+source_file = pot/dns-dhcp.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.domains]
+file_filter = /domains.po
+source_file = pot/domains.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.enable-disable-static-nat]
+file_filter = /enable-disable-static-nat.po
+source_file = pot/enable-disable-static-nat.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.enable-security-groups]
+file_filter = /enable-security-groups.po
+source_file = pot/enable-security-groups.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.enabling-api-call-expiration]
+file_filter = /enabling-api-call-expiration.po
+source_file = pot/enabling-api-call-expiration.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.enabling-port-8096]
+file_filter = /enabling-port-8096.po
+source_file = pot/enabling-port-8096.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.end-user-ui-overview]
+file_filter = /end-user-ui-overview.po
+source_file = pot/end-user-ui-overview.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.error-handling]
+file_filter = /error-handling.po
+source_file = pot/error-handling.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.event-log-queries]
+file_filter = /event-log-queries.po
+source_file = pot/event-log-queries.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.events-log]
+file_filter = /events-log.po
+source_file = pot/events-log.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.events]
+file_filter = /events.po
+source_file = pot/events.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.event-types]
+file_filter = /event-types.po
+source_file = pot/event-types.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.example-LDAP-configuration-commands]
+file_filter = /example-LDAP-configuration-commands.po
+source_file = pot/example-LDAP-configuration-commands.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.example-response-from-listUsageRecords]
+file_filter = /example-response-from-listUsageRecords.po
+source_file = pot/example-response-from-listUsageRecords.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.export-template]
+file_filter = /export-template.po
+source_file = pot/export-template.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.external-firewalls-and-load-balancers]
+file_filter = /external-firewalls-and-load-balancers.po
+source_file = pot/external-firewalls-and-load-balancers.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.feature-overview]
+file_filter = /feature-overview.po
+source_file = pot/feature-overview.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.firewall-rules]
+file_filter = /firewall-rules.po
+source_file = pot/firewall-rules.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.first_ms_node_install]
+file_filter = /first_ms_node_install.po
+source_file = pot/first_ms_node_install.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.globally-configured-limit]
+file_filter = /globally-configured-limit.po
+source_file = pot/globally-configured-limit.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.globally-configured-limits]
+file_filter = /globally-configured-limits.po
+source_file = pot/globally-configured-limits.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.guest-ip-ranges]
+file_filter = /guest-ip-ranges.po
+source_file = pot/guest-ip-ranges.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.guest-network]
+file_filter = /guest-network.po
+source_file = pot/guest-network.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.guest-traffic]
+file_filter = /guest-traffic.po
+source_file = pot/guest-traffic.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.ha-enabled-vm]
+file_filter = /ha-enabled-vm.po
+source_file = pot/ha-enabled-vm.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.ha-for-hosts]
+file_filter = /ha-for-hosts.po
+source_file = pot/ha-for-hosts.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.ha-management-server]
+file_filter = /ha-management-server.po
+source_file = pot/ha-management-server.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.host-add]
+file_filter = /host-add.po
+source_file = pot/host-add.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.host-allocation]
+file_filter = /host-allocation.po
+source_file = pot/host-allocation.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.hypervisor-host-install-agent]
+file_filter = /hypervisor-host-install-agent.po
+source_file = pot/hypervisor-host-install-agent.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.hypervisor-host-install-firewall]
+file_filter = /hypervisor-host-install-firewall.po
+source_file = pot/hypervisor-host-install-firewall.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.hypervisor-host-install-flow]
+file_filter = /hypervisor-host-install-flow.po
+source_file = pot/hypervisor-host-install-flow.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.hypervisor-host-install-libvirt]
+file_filter = /hypervisor-host-install-libvirt.po
+source_file = pot/hypervisor-host-install-libvirt.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.hypervisor-host-install-network]
+file_filter = /hypervisor-host-install-network.po
+source_file = pot/hypervisor-host-install-network.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.hypervisor-host-install-overview]
+file_filter = /hypervisor-host-install-overview.po
+source_file = pot/hypervisor-host-install-overview.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.hypervisor-host-install-prepare-os]
+file_filter = /hypervisor-host-install-prepare-os.po
+source_file = pot/hypervisor-host-install-prepare-os.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.hypervisor-host-install-security-policies]
+file_filter = /hypervisor-host-install-security-policies.po
+source_file = pot/hypervisor-host-install-security-policies.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.hypervisor-support-for-primarystorage]
+file_filter = /hypervisor-support-for-primarystorage.po
+source_file = pot/hypervisor-support-for-primarystorage.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.import-ami]
+file_filter = /import-ami.po
+source_file = pot/import-ami.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.increase-management-server-max-memory]
+file_filter = /increase-management-server-max-memory.po
+source_file = pot/increase-management-server-max-memory.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.incremental-snapshots-backup]
+file_filter = /incremental-snapshots-backup.po
+source_file = pot/incremental-snapshots-backup.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.initialize-and-test]
+file_filter = /initialize-and-test.po
+source_file = pot/initialize-and-test.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.initial-setup-of-external-firewalls-loadbalancers]
+file_filter = /initial-setup-of-external-firewalls-loadbalancers.po
+source_file = pot/initial-setup-of-external-firewalls-loadbalancers.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.installation-complete]
+file_filter = /installation-complete.po
+source_file = pot/installation-complete.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.installation_overview]
+file_filter = /installation_overview.po
+source_file = pot/installation_overview.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.installation]
+file_filter = /installation.po
+source_file = pot/installation.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.installation_steps_overview]
+file_filter = /installation_steps_overview.po
+source_file = pot/installation_steps_overview.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.installation-steps-overview]
+file_filter = /installation-steps-overview.po
+source_file = pot/installation-steps-overview.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.introduction]
+file_filter = /introduction.po
+source_file = pot/introduction.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.ipaddress-usage-record-format]
+file_filter = /ipaddress-usage-record-format.po
+source_file = pot/ipaddress-usage-record-format.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.ip-forwarding-firewalling]
+file_filter = /ip-forwarding-firewalling.po
+source_file = pot/ip-forwarding-firewalling.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.ip-load-balancing]
+file_filter = /ip-load-balancing.po
+source_file = pot/ip-load-balancing.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.isolated-networks]
+file_filter = /isolated-networks.po
+source_file = pot/isolated-networks.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.job-status]
+file_filter = /job-status.po
+source_file = pot/job-status.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.large_scale_redundant_setup]
+file_filter = /large_scale_redundant_setup.po
+source_file = pot/large_scale_redundant_setup.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.LDAPserver-for-user-authentication]
+file_filter = /LDAPserver-for-user-authentication.po
+source_file = pot/LDAPserver-for-user-authentication.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.linux-installation]
+file_filter = /linux-installation.po
+source_file = pot/linux-installation.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.loadbal-policy-port-fwd-rule-usage-record-fmt]
+file_filter = /loadbalancer-policy-port-forwarding-rule-usage-record-format.po
+source_file = pot/loadbalancer-policy-port-forwarding-rule-usage-record-format.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.load-balancer-rules]
+file_filter = /load-balancer-rules.po
+source_file = pot/load-balancer-rules.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.log-in]
+file_filter = /log-in.po
+source_file = pot/log-in.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.log-in-root-admin]
+file_filter = /log-in-root-admin.po
+source_file = pot/log-in-root-admin.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.long-running-job-events]
+file_filter = /long-running-job-events.po
+source_file = pot/long-running-job-events.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.maintain-hypervisors-on-hosts]
+file_filter = /maintain-hypervisors-on-hosts.po
+source_file = pot/maintain-hypervisors-on-hosts.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.maintenance-mode-for-primary-storage]
+file_filter = /maintenance-mode-for-primary-storage.po
+source_file = pot/maintenance-mode-for-primary-storage.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.making-api-request]
+file_filter = /making-api-request.po
+source_file = pot/making-api-request.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.manage-cloud]
+file_filter = /manage-cloud.po
+source_file = pot/manage-cloud.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.management-server-install-client]
+file_filter = /management-server-install-client.po
+source_file = pot/management-server-install-client.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.management-server-install-complete]
+file_filter = /management-server-install-complete.po
+source_file = pot/management-server-install-complete.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.management-server-install-db]
+file_filter = /management-server-install-db.po
+source_file = pot/management-server-install-db.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.management-server-install-db-external]
+file_filter = /management-server-install-db-external.po
+source_file = pot/management-server-install-db-external.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.management-server-install-db-local]
+file_filter = /management-server-install-db-local.po
+source_file = pot/management-server-install-db-local.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.management-server-install-flow]
+file_filter = /management-server-install-flow.po
+source_file = pot/management-server-install-flow.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.management-server-install-multi-node]
+file_filter = /management-server-install-multi-node.po
+source_file = pot/management-server-install-multi-node.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.management-server-install-nfs-shares]
+file_filter = /management-server-install-nfs-shares.po
+source_file = pot/management-server-install-nfs-shares.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.management-server-install-overview]
+file_filter = /management-server-install-overview.po
+source_file = pot/management-server-install-overview.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.management-server-install-prepare-os]
+file_filter = /management-server-install-prepare-os.po
+source_file = pot/management-server-install-prepare-os.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.management-server-install-systemvm]
+file_filter = /management-server-install-systemvm.po
+source_file = pot/management-server-install-systemvm.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.management-server-overview]
+file_filter = /management-server-overview.po
+source_file = pot/management-server-overview.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.manual-live-migration]
+file_filter = /manual-live-migration.po
+source_file = pot/manual-live-migration.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.max-result-page-returned]
+file_filter = /max-result-page-returned.po
+source_file = pot/max-result-page-returned.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.migrate-datadisk-volume-new-storage-pool]
+file_filter = /migrate-datadisk-volume-new-storage-pool.po
+source_file = pot/migrate-datadisk-volume-new-storage-pool.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.migrate-vm-rootvolume-volume-new-storage-pool]
+file_filter = /migrate-vm-rootvolume-volume-new-storage-pool.po
+source_file = pot/migrate-vm-rootvolume-volume-new-storage-pool.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.minimum-system-requirements]
+file_filter = /minimum-system-requirements.po
+source_file = pot/minimum-system-requirements.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.modify-delete-service-offerings]
+file_filter = /modify-delete-service-offerings.po
+source_file = pot/modify-delete-service-offerings.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.multi_node_management_server]
+file_filter = /multi_node_management_server.po
+source_file = pot/multi_node_management_server.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.multi_node_overview]
+file_filter = /multi_node_overview.po
+source_file = pot/multi_node_overview.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.multiple-system-vm-vmware]
+file_filter = /multiple-system-vm-vmware.po
+source_file = pot/multiple-system-vm-vmware.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.multi_site_deployment]
+file_filter = /multi_site_deployment.po
+source_file = pot/multi_site_deployment.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.networking-in-a-pod]
+file_filter = /networking-in-a-pod.po
+source_file = pot/networking-in-a-pod.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.networking-in-a-zone]
+file_filter = /networking-in-a-zone.po
+source_file = pot/networking-in-a-zone.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.networking_overview]
+file_filter = /networking_overview.po
+source_file = pot/networking-overview.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.networking-overview]
+file_filter = /networking-overview.po
+source_file = pot/networking-overview.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.network-offerings]
+file_filter = /network-offerings.po
+source_file = pot/network-offerings.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.network-offering-usage-record-format]
+file_filter = /network-offering-usage-record-format.po
+source_file = pot/network-offering-usage-record-format.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.network-service-providers]
+file_filter = /network-service-providers.po
+source_file = pot/network-service-providers.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.network-usage-record-format]
+file_filter = /network-usage-record-format.po
+source_file = pot/network-usage-record-format.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.nfs-shares-on-management-server]
+file_filter = /nfs-shares-on-management-server.po
+source_file = pot/nfs-shares-on-management-server.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.nfs-shares-on-separate-server]
+file_filter = /nfs-shares-on-separate-server.po
+source_file = pot/nfs-shares-on-separate-server.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.ongoing-config-of-external-firewall-loadbalancer]
+file_filter = /ongoing-configuration-of-external-firewalls-loadbalancer.po
+source_file = pot/ongoing-configuration-of-external-firewalls-loadbalancer.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.over-provisioning-service-offering-limits]
+file_filter = /over-provisioning-service-offering-limits.po
+source_file = pot/over-provisioning-service-offering-limits.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.per-domain-limits]
+file_filter = /per-domain-limits.po
+source_file = pot/per-domain-limits.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.performance-monitoring]
+file_filter = /performance-monitoring.po
+source_file = pot/performance-monitoring.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.physical-network-configuration-settings]
+file_filter = /physical-network-configuration-settings.po
+source_file = pot/physical-network-configuration-settings.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.pod-add]
+file_filter = /pod-add.po
+source_file = pot/pod-add.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.port-forwarding]
+file_filter = /port-forwarding.po
+source_file = pot/port-forwarding.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.Preface]
+file_filter = /Preface.po
+source_file = pot/Preface.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.prepare_os]
+file_filter = /prepare_os.po
+source_file = pot/prepare_os.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.prepare-system-vm-template]
+file_filter = /prepare-system-vm-template.po
+source_file = pot/prepare-system-vm-template.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.primary-storage-add]
+file_filter = /primary-storage-add.po
+source_file = pot/primary-storage-add.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.primary-storage-outage-and-data-loss]
+file_filter = /primary-storage-outage-and-data-loss.po
+source_file = pot/primary-storage-outage-and-data-loss.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.primary-storage]
+file_filter = /primary-storage.po
+source_file = pot/primary-storage.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.private-public-template]
+file_filter = /private-public-template.po
+source_file = pot/private-public-template.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.projects]
+file_filter = /projects.po
+source_file = pot/projects.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.provisioning-auth-api]
+file_filter = /provisioning-auth-api.po
+source_file = pot/provisioning-auth-api.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.provisioning]
+file_filter = /provisioning.po
+source_file = pot/provisioning.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.provisioning-steps-overview]
+file_filter = /provisioning-steps-overview.po
+source_file = pot/provisioning-steps-overview.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.provisioning-steps]
+file_filter = /provisioning-steps.po
+source_file = pot/provisioning-steps.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.query-filter]
+file_filter = /query-filter.po
+source_file = pot/query-filter.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.release-ip-address]
+file_filter = /release-ip-address.po
+source_file = pot/release-ip-address.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.removed-API-commands]
+file_filter = /removed-API-commands.po
+source_file = pot/removed-API-commands.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.remove-member-from-project]
+file_filter = /remove-member-from-project.po
+source_file = pot/remove-member-from-project.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.removing-vsphere-hosts]
+file_filter = /removing-vsphere-hosts.po
+source_file = pot/removing-vsphere-hosts.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.removing-xenserver-kvm-hosts]
+file_filter = /removing-xenserver-kvm-hosts.po
+source_file = pot/removing-xenserver-kvm-hosts.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.requirements-templates]
+file_filter = /requirements-templates.po
+source_file = pot/requirements-templates.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.resizing-volumes]
+file_filter = /resizing-volumes.po
+source_file = pot/resizing-volumes.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.response-formats]
+file_filter = /response-formats.po
+source_file = pot/response-formats.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.responses]
+file_filter = /responses.po
+source_file = pot/responses.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.Revision_History]
+file_filter = /Revision_History.po
+source_file = pot/Revision_History.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.roles]
+file_filter = /roles.po
+source_file = pot/roles.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.root-admin-ui-overview]
+file_filter = /root-admin-ui-overview.po
+source_file = pot/root-admin-ui-overview.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.runtime-allocation-virtual-network-resources]
+file_filter = /runtime-allocation-virtual-network-resources.po
+source_file = pot/runtime-allocation-virtual-network-resources.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.runtime-behavior-of-primary-storage]
+file_filter = /runtime-behavior-of-primary-storage.po
+source_file = pot/runtime-behavior-of-primary-storage.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.scheduled-maintenance-maintenance-mode-hosts]
+file_filter = /scheduled-maintenance-maintenance-mode-hosts.po
+source_file = pot/scheduled-maintenance-maintenance-mode-hosts.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.search-base]
+file_filter = /search-base.po
+source_file = pot/search-base.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.search-user-bind-dn]
+file_filter = /search-user-bind-dn.po
+source_file = pot/search-user-bind-dn.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.secondary-storage-add]
+file_filter = /secondary-storage-add.po
+source_file = pot/secondary-storage-add.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.secondary-storage-outage-and-data-loss]
+file_filter = /secondary-storage-outage-and-data-loss.po
+source_file = pot/secondary-storage-outage-and-data-loss.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.secondary-storage]
+file_filter = /secondary-storage.po
+source_file = pot/secondary-storage.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.secondary-storage-vm]
+file_filter = /secondary-storage-vm.po
+source_file = pot/secondary-storage-vm.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.security-groups]
+file_filter = /security-groups.po
+source_file = pot/security-groups.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.send-projects-membership-invitation]
+file_filter = /send-projects-membership-invitation.po
+source_file = pot/send-projects-membership-invitation.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.separate_storage_network]
+file_filter = /separate_storage_network.po
+source_file = pot/separate_storage_network.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.service-offerings]
+file_filter = /service-offerings.po
+source_file = pot/service-offerings.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.set-database-buffer-pool-size]
+file_filter = /set-database-buffer-pool-size.po
+source_file = pot/set-database-buffer-pool-size.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.set-monitor-total-vm-limits-per-host]
+file_filter = /set-monitor-total-vm-limits-per-host.po
+source_file = pot/set-monitor-total-vm-limits-per-host.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.set-projects-creator-permissions]
+file_filter = /set-projects-creator-permissions.po
+source_file = pot/set-projects-creator-permissions.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.set-resource-limits-for-projects]
+file_filter = /set-resource-limits-for-projects.po
+source_file = pot/set-resource-limits-for-projects.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.set-up-invitations]
+file_filter = /set-up-invitations.po
+source_file = pot/set-up-invitations.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.set-up-network-for-users]
+file_filter = /set-up-network-for-users.po
+source_file = pot/set-up-network-for-users.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.set-usage-limit]
+file_filter = /set-usage-limit.po
+source_file = pot/set-usage-limit.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.shared-networks]
+file_filter = /shared-networks.po
+source_file = pot/shared-networks.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.signing-api-requests]
+file_filter = /signing-api-requests.po
+source_file = pot/signing-api-requests.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.site-to-site-vpn]
+file_filter = /site-to-site-vpn.po
+source_file = pot/site-to-site-vpn.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.small_scale_deployment]
+file_filter = /small_scale_deployment.po
+source_file = pot/small_scale_deployment.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.snapshot-restore]
+file_filter = /snapshot-restore.po
+source_file = pot/snapshot-restore.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.SSL-keystore-path-and-password]
+file_filter = /SSL-keystore-path-and-password.po
+source_file = pot/SSL-keystore-path-and-password.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.standard-events]
+file_filter = /standard-events.po
+source_file = pot/standard-events.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.static-nat]
+file_filter = /static-nat.po
+source_file = pot/static-nat.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.sticky-session-policies-for-lb-rules]
+file_filter = /sticky-session-policies-for-lb-rules.po
+source_file = pot/sticky-session-policies-for-lb-rules.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.stopped-vm]
+file_filter = /stopped-vm.po
+source_file = pot/stopped-vm.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.stopping-and-starting-vms]
+file_filter = /stopping-and-starting-vms.po
+source_file = pot/stopping-and-starting-vms.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.stop-restart-management-server]
+file_filter = /stop-restart-management-server.po
+source_file = pot/stop-restart-management-server.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.storage]
+file_filter = /storage.po
+source_file = pot/storage.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.storage-tags]
+file_filter = /storage-tags.po
+source_file = pot/storage-tags.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.suspend-project]
+file_filter = /suspend-project.po
+source_file = pot/suspend-project.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.sysprep-for-windows-server-2003R2]
+file_filter = /sysprep-for-windows-server-2003R2.po
+source_file = pot/sysprep-for-windows-server-2003R2.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.sysprep-windows-server-2008R2]
+file_filter = /sysprep-windows-server-2008R2.po
+source_file = pot/sysprep-windows-server-2008R2.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.sys-reliability-and-ha]
+file_filter = /sys-reliability-and-ha.po
+source_file = pot/sys-reliability-and-ha.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.system-reserved-ip-addresses]
+file_filter = /system-reserved-ip-addresses.po
+source_file = pot/system-reserved-ip-addresses.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.system-service-offerings]
+file_filter = /system-service-offerings.po
+source_file = pot/system-service-offerings.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.system-vm-template]
+file_filter = /system-vm-template.po
+source_file = pot/system-vm-template.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.template-iso-snapshot-usage-record-format]
+file_filter = /template-iso-snapshot-usage-record-format.po
+source_file = pot/template-iso-snapshot-usage-record-format.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.templates]
+file_filter = /templates.po
+source_file = pot/templates.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.time-zones]
+file_filter = /time-zones.po
+source_file = pot/time-zones.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.troubleshooting-alerts]
+file_filter = /troubleshooting-alerts.po
+source_file = pot/troubleshooting-alerts.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.troubleshoot-dataloss-on-exported-primary-storage]
+file_filter = /troubleshooting-dataloss-on-exported-primary-storage.po
+source_file = pot/troubleshooting-dataloss-on-exported-primary-storage.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.troubleshooting-lb-rules-fails]
+file_filter = /troubleshooting-lb-rules-fails.po
+source_file = pot/troubleshooting-lb-rules-fails.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.troubleshoot-maint-mode-not-working-on-vCenter]
+file_filter = /troubleshooting-maintenance-mode-not-working-on-vCenter.po
+source_file = pot/troubleshooting-maintenance-mode-not-working-on-vCenter.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.troubleshooting]
+file_filter = /troubleshooting.po
+source_file = pot/troubleshooting.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.troubleshooting-recover-lost-virtual-router]
+file_filter = /troubleshooting-recover-lost-virtual-router.po
+source_file = pot/troubleshooting-recover-lost-virtual-router.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.troubleshooting-unable-to-deploy-vms]
+file_filter = /troubleshooting-unable-to-deploy-vms.po
+source_file = pot/troubleshooting-unable-to-deploy-vms.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.troubleshooting-unable-to-power-on-vm]
+file_filter = /troubleshooting-unable-to-power-on-vm.po
+source_file = pot/troubleshooting-unable-to-power-on-vm.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.troubleshooting-working-with-server-logs]
+file_filter = /troubleshooting-working-with-server-logs.po
+source_file = pot/troubleshooting-working-with-server-logs.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.tuning]
+file_filter = /tuning.po
+source_file = pot/tuning.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.ui]
+file_filter = /ui.po
+source_file = pot/ui.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.upgrade-virtual-router-with-service-offering]
+file_filter = /upgrade-virtual-router-with-service-offering.po
+source_file = pot/upgrade-virtual-router-with-service-offering.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.upload-existing-volume-to-vm]
+file_filter = /upload-existing-volume-to-vm.po
+source_file = pot/upload-existing-volume-to-vm.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.upload-template]
+file_filter = /upload-template.po
+source_file = pot/upload-template.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.usage-record-format]
+file_filter = /usage-record-format.po
+source_file = pot/usage-record-format.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.usage-types]
+file_filter = /usage-types.po
+source_file = pot/usage-types.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.use-project-view]
+file_filter = /use-project-view.po
+source_file = pot/use-project-view.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.user-data-and-meta-data]
+file_filter = /user-data-and-meta-data.po
+source_file = pot/user-data-and-meta-data.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.user-services-overview]
+file_filter = /user-services-overview.po
+source_file = pot/user-services-overview.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.using-multiple-guest-networks]
+file_filter = /using-multiple-guest-networks.po
+source_file = pot/using-multiple-guest-networks.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.using-netscaler-load-balancers]
+file_filter = /using-netscaler-load-balancers.po
+source_file = pot/using-netscaler-load-balancers.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.using-sshkeys]
+file_filter = /using-sshkeys.po
+source_file = pot/using-sshkeys.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.using-swift-for-secondary-storage]
+file_filter = /using-swift-for-secondary-storage.po
+source_file = pot/using-swift-for-secondary-storage.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.using-vpn-with-mac]
+file_filter = /using-vpn-with-mac.po
+source_file = pot/using-vpn-with-mac.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.using-vpn-with-windows]
+file_filter = /using-vpn-with-windows.po
+source_file = pot/using-vpn-with-windows.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.vcenter-maintenance-mode]
+file_filter = /vcenter-maintenance-mode.po
+source_file = pot/vcenter-maintenance-mode.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.virtual-machine-usage-record-format]
+file_filter = /virtual-machine-usage-record-format.po
+source_file = pot/virtual-machine-usage-record-format.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.virtual-router]
+file_filter = /virtual-router.po
+source_file = pot/virtual-router.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.vlan-provisioning]
+file_filter = /vlan-provisioning.po
+source_file = pot/vlan-provisioning.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.vm-lifecycle]
+file_filter = /vm-lifecycle.po
+source_file = pot/vm-lifecycle.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.vm-storage-migration]
+file_filter = /vm-storage-migration.po
+source_file = pot/vm-storage-migration.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.volume-deletion-garbage-collection]
+file_filter = /volume-deletion-garbage-collection.po
+source_file = pot/volume-deletion-garbage-collection.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.volume-status]
+file_filter = /volume-status.po
+source_file = pot/volume-status.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.vpc]
+file_filter = /vpc.po
+source_file = pot/vpc.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.vpn]
+file_filter = /vpn.po
+source_file = pot/vpn.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.VPN-user-usage-record-format]
+file_filter = /VPN-user-usage-record-format.po
+source_file = pot/VPN-user-usage-record-format.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.whatis]
+file_filter = /whatis.po
+source_file = pot/whatis.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.whats-in-this-adminguide]
+file_filter = /whats-in-this-adminguide.po
+source_file = pot/whats-in-this-adminguide.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.whats-new]
+file_filter = /whats-new.po
+source_file = pot/whats-new.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.who-should-read-installation]
+file_filter = /who-should-read-installation.po
+source_file = pot/who-should-read-installation.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.windows-installation]
+file_filter = /windows-installation.po
+source_file = pot/windows-installation.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.working-with-hosts]
+file_filter = /working-with-hosts.po
+source_file = pot/working-with-hosts.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.working-with-iso]
+file_filter = /working-with-iso.po
+source_file = pot/working-with-iso.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.working-with-snapshots]
+file_filter = /working-with-snapshots.po
+source_file = pot/working-with-snapshots.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.working-with-system-vm]
+file_filter = /working-with-system-vm.po
+source_file = pot/working-with-system-vm.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.working-with-templates]
+file_filter = /working-with-templates.po
+source_file = pot/working-with-templates.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.working-with-usage-data]
+file_filter = /working-with-usage-data.po
+source_file = pot/working-with-usage-data.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.working-with-volumes]
+file_filter = /working-with-volumes.po
+source_file = pot/working-with-volumes.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.work-with-usage]
+file_filter = /work-with-usage.po
+source_file = pot/work-with-usage.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.xenserver-maintenance-mode]
+file_filter = /xenserver-maintenance-mode.po
+source_file = pot/xenserver-maintenance-mode.pot
+source_lang = en
+type = PO
+
+[ACS_DOCS.zone-add]
+file_filter = /zone-add.po
+source_file = pot/zone-add.pot
+source_lang = en
+type = PO
diff --git a/docs/README.txt b/docs/README.txt
index 7fcfff8eb7d..113cfed77ee 100644
--- a/docs/README.txt
+++ b/docs/README.txt
@@ -57,10 +57,21 @@ Some of the XML files contain only a series of include tags to pull in content f
 The master book file contains  ...  tags. This file is referred to in the Publican configuration file, and is used as the controlling file when building the book.
 
 
-As a naming convention, start the name of a book file with cloudstack_ ; for example, cloudstack_installation.
+Document names are derived from the docname setting in the appropriate .cfg file. 
+This should not have CloudStack in the name (which is redundant because of 
+the CloudStack brand that the documentation is built with. The docname variable
+sets the name in the doc site table of contents. This name also needs to exist
+as .xml and .ent in the en-US directory. Examples of appropriate docnames: 
+Admin_Guide
+API_Developers_Guide
+Installation_Guide
 
 
-A Publican book file must also have certain other tags that are expected by Publican when it builds the project. Copy an existing master book file to get these tags.
+
+
+A Publican book file must also have certain other tags that are expected by
+Publican when it builds the project. Copy an existing master book file to
+get these tags.
 
 
 ----------------------------------
@@ -71,10 +82,15 @@ CONFIG FILES
 
 For each book file, there must be a corresponding publican.cfg (or
 .cfg) file in order to build the book with Publican. The
-docname: attribute in the config file matches the name of the master book file; for example, docname: cloudstack corresponds to the master book file cloudstack.xml.
+docname: attribute in the config file matches the name of the master book file;
+for example, docname: cloudstack corresponds to the master book file 
+cloudstack.xml.
 
 
-The .cfg files reside in the main directory, docs. To build a different book, just use the Publican command line flag --config=.cfg. (We also need per-book entities, Book_Info, Author_Info, and other Publican files. The technique for pulling these in is TBD.)
+The .cfg files reside in the main directory, docs. To build a different book,
+just use the Publican command line flag --config=.cfg. (We also
+need per-book entities, Book_Info, Author_Info, and other Publican files.
+The technique for pulling these in is TBD.)
 
 
 ----------------------------------
@@ -83,13 +99,18 @@ TO BUILD A BOOK
 
 ----------------------------------
 
-We will set up an automatic Publican job that generates new output whenever we check in changes to this repository. You can also build a book locally as follows.
+We will set up an automatic Publican job that generates new output whenever we
+check in changes to this repository. You can also build a book locally as 
+follows.
 
 
 First, install Publican, and get a local copy of the book source files.
 
 
-Put the desired publican.cfg in the docs directory. Go to the command line, cd to that directory, and run the publican build command. Specify what output format(s) and what language(s) you want to build. Always start with a test run. For example:
+Put the desired publican.cfg in the docs directory. Go to the command line, cd
+to that directory, and run the publican build command. Specify what output 
+format(s) and what language(s) you want to build. Always start with a test 
+run. For example:
 
 
 publican build --formats test --langs en-US
@@ -111,9 +132,29 @@ LOCALIZATION
 
 ----------------------------------
 
-Localized versions of the documentation files can be stored in appropriately named subdirectories parallel to en-US. The language code names to use for these directories are listed in Publican documentation, http://jfearn.fedorapeople.org/en-US/Publican/2.7/html/Users_Guide/appe-Users_Guide-Language_codes.html.
+Localized versions of the documentation files can be stored in appropriately 
+named subdirectories parallel to en-US. The language code names to use for 
+these directories are listed in Publican documentation, 
+http://jfearn.fedorapeople.org/en-US/Publican/2.7/html/Users_Guide/appe-Users_Guide-Language_codes.html.
 For example, Japanese XML files would be stored in the docs/ja-JP directory.
 
+Localization currently happens using Transifex and you can find the strings 
+to be translated at this location: 
+https://www.transifex.com/projects/p/ACS_DOCS/
+
+In preparation for l10n, authors and docs folks must take not of a number of
+things. 
+All .xml files must contain a translatable string.  tags are not enough. 
+All new .xml files must have a corresponding entry in docs/.tx/config 
+Filenames should be less than 50 characters long. 
+
+To generate new POT files and upload source do the following: 
+publican update_pot --config=./publican-all.cfg
+tx push -s 
+
+To receive translated files from publican, run the following command:
+tx pull 
+
 
 ----------------------------------
 
@@ -121,7 +162,11 @@ CONTRIBUTING
 
 ----------------------------------
 
-Contributors can create new section, chapter, book, publican.cfg, or localized .xml files at any time. Submit them following the same patch approval procedure that is used for contributing to CloudStack code. More information for contributors is available at https://cwiki.apache.org/confluence/display/CLOUDSTACK/Documentation+Team.
+Contributors can create new section, chapter, book, publican.cfg, or localized 
+.xml files at any time. Submit them following the same patch approval procedure
+that is used for contributing to CloudStack code. More information for 
+contributors is available at 
+https://cwiki.apache.org/confluence/display/CLOUDSTACK/Documentation+Team.
 
 ----------------------------------
 
diff --git a/docs/en-US/API_Developers_Guide.ent b/docs/en-US/API_Developers_Guide.ent
new file mode 100644
index 00000000000..6e902acd479
--- /dev/null
+++ b/docs/en-US/API_Developers_Guide.ent
@@ -0,0 +1,21 @@
+
+
+
+
+
diff --git a/docs/en-US/cloudstack_developers.xml b/docs/en-US/API_Developers_Guide.xml
similarity index 59%
rename from docs/en-US/cloudstack_developers.xml
rename to docs/en-US/API_Developers_Guide.xml
index e847f6a0474..7d55e0dd890 100644
--- a/docs/en-US/cloudstack_developers.xml
+++ b/docs/en-US/API_Developers_Guide.xml
@@ -23,7 +23,27 @@
 -->
 
 
-    
+    
+        &PRODUCT; API Developers Guide
+        Apache CloudStack
+        4.0
+        
+        
+        
+            
+                Complete technical documentation of &PRODUCT;.
+            
+        
+        
+            
+                
+                    
+                
+            
+        
+        
+        
+    
     
     
     
diff --git a/docs/en-US/cloudstack_developers.ent b/docs/en-US/Admin_Guide.ent
similarity index 100%
rename from docs/en-US/cloudstack_developers.ent
rename to docs/en-US/Admin_Guide.ent
diff --git a/docs/en-US/cloudstack-admin.xml b/docs/en-US/Admin_Guide.xml
similarity index 62%
rename from docs/en-US/cloudstack-admin.xml
rename to docs/en-US/Admin_Guide.xml
index c1537638bd8..b8b90ee62e5 100644
--- a/docs/en-US/cloudstack-admin.xml
+++ b/docs/en-US/Admin_Guide.xml
@@ -23,8 +23,29 @@
 -->
 
 
-    
+    
+    &PRODUCT; Admin Guide
+    Apache CloudStack
+    4.0
+    1
+    
+    
+        
+            Administration Guide for &PRODUCT;.
+        
+    
+    
+        
+            
+                
+            
+        
+    
+    
+    
+    
     
     
     
 
+
diff --git a/docs/en-US/Book_Info_Admin.xml b/docs/en-US/Book_Info_Admin.xml
new file mode 100644
index 00000000000..6bf89b328c8
--- /dev/null
+++ b/docs/en-US/Book_Info_Admin.xml
@@ -0,0 +1,46 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+
+
+	 Apache CloudStack 4.0
+		Administrator's Guide
+	Revised September 11, 2012 01:32 am Pacific
+	
+	
+	
+	
+	    If you have already installed &PRODUCT; or you want to learn more about the ongoing 
+	        operation and maintenance of a &PRODUCT;-powered cloud, read this documentation. It
+	        will help you start using, configuring, and managing the ongoing operation of your cloud.
+	
+	
+		
+			
+				
+			
+		
+	
+	
+	
+
diff --git a/docs/en-US/Book_Info_Build_All.xml b/docs/en-US/Book_Info_Build_All.xml
new file mode 100644
index 00000000000..7243149ee20
--- /dev/null
+++ b/docs/en-US/Book_Info_Build_All.xml
@@ -0,0 +1,44 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+
+
+	CloudStack Guide
+	Revised September 18, 2012 10:48 am Pacific
+	Apache CloudStack (incubating)
+	3.0
+	1
+	
+	
+		Complete technical documentation for Apache CloudStack.
+	
+	
+		
+			
+				
+			
+		
+	
+	
+	
+
diff --git a/docs/en-US/trial-installation.xml b/docs/en-US/CloudStack_Nicira_NVP_Guide.ent
similarity index 69%
rename from docs/en-US/trial-installation.xml
rename to docs/en-US/CloudStack_Nicira_NVP_Guide.ent
index 8270e579b17..abb18851bcf 100644
--- a/docs/en-US/trial-installation.xml
+++ b/docs/en-US/CloudStack_Nicira_NVP_Guide.ent
@@ -1,9 +1,3 @@
-
-
-%BOOK_ENTITIES;
-]>
-
 
 
-

-    Trial Installation
-    Coming soon.
-

+
+
+
+
diff --git a/docs/en-US/CloudStack_Nicira_NVP_Guide.xml b/docs/en-US/CloudStack_Nicira_NVP_Guide.xml
new file mode 100644
index 00000000000..c535c7cb891
--- /dev/null
+++ b/docs/en-US/CloudStack_Nicira_NVP_Guide.xml
@@ -0,0 +1,54 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+
+
+
+    
+    &PRODUCT; Plugin Guide for the Nicira NVP Plugin
+    Apache CloudStack
+    4.0
+    1
+    
+    
+        
+            Plugin Guide for the Nicira NVP Plugin.
+        
+    
+    
+        
+            
+                
+            
+        
+    
+    
+    
+    
+    
+    
+    
+    
+
+
diff --git a/docs/en-US/Installation_Guide.ent b/docs/en-US/Installation_Guide.ent
new file mode 100644
index 00000000000..abb18851bcf
--- /dev/null
+++ b/docs/en-US/Installation_Guide.ent
@@ -0,0 +1,22 @@
+
+
+
+
+
+
diff --git a/docs/en-US/Installation_Guide.xml b/docs/en-US/Installation_Guide.xml
new file mode 100644
index 00000000000..773fffb5815
--- /dev/null
+++ b/docs/en-US/Installation_Guide.xml
@@ -0,0 +1,55 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+
+
+    
+        &PRODUCT; Installation Guide
+        Apache CloudStack
+        4.0
+        1
+        
+        
+            
+                Installation Guide for &PRODUCT;.
+            
+        
+        
+            
+                
+                    
+                
+            
+        
+        
+        
+    
+    
+    
+    
+    
+    
+    
+    
+    
+
diff --git a/docs/en-US/Revision_History_Install_Guide.xml b/docs/en-US/Revision_History_Install_Guide.xml
new file mode 100644
index 00000000000..ee8dd31325a
--- /dev/null
+++ b/docs/en-US/Revision_History_Install_Guide.xml
@@ -0,0 +1,55 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+
+
+    Revision History
+    
+        
+            
+                1-0
+                October 5 2012
+                
+                    Jessica
+                    Tomechak
+                    
+                
+                
+                    Radhika
+                    PC
+                    
+                
+                
+                    Wido
+                    den Hollander
+                    
+                
+                
+                    
+                        Initial publication
+                    
+                
+            
+        
+    
+
diff --git a/docs/en-US/accounts.xml b/docs/en-US/accounts.xml
index aa62f680452..08404c82c96 100644
--- a/docs/en-US/accounts.xml
+++ b/docs/en-US/accounts.xml
@@ -22,8 +22,17 @@
     under the License.
 -->
 
+<<<<<<< HEAD
 
     Accounts
     
     
 
+=======
+

+    Accounts
+    
+    
+    
+

+>>>>>>> master
diff --git a/docs/en-US/acquire-new-ip-for-vpc.xml b/docs/en-US/acquire-new-ip-for-vpc.xml
new file mode 100644
index 00000000000..785e80bb874
--- /dev/null
+++ b/docs/en-US/acquire-new-ip-for-vpc.xml
@@ -0,0 +1,73 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Acquiring a New IP Address for a VPC
+  When you acquire an IP address, all IP addresses are allocated to VPC, not to the guest
+    networks within the VPC. The IPs are associated to the guest network only when the first
+    port-forwarding, load balancing, or Static NAT rule is created for the IP or the network. IP
+    can't be associated to more than one network at a time.
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user.
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      In the Select view, select VPC.
+      All the VPCs that you have created for the account is listed in the page.
+    
+    
+      Click the Configure button of the VPC to which you want to deploy the VMs.
+      The VPC page is displayed where all the tiers you created are listed in a
+        diagram.
+    
+    
+      Click the Settings icon.
+      The following options are displayed.
+      
+        
+          IP Addresses
+        
+        
+          Gateways
+        
+        
+          Site-to-Site VPN
+        
+        
+          Network ACLs
+        
+      
+    
+    
+      Select IP Addresses.
+      The IP Addresses page is displayed.
+    
+    
+      Click Acquire New IP, and click Yes in the confirmation dialog.
+      You are prompted for confirmation because, typically, IP addresses are a limited
+        resource. Within a few moments, the new IP address should appear with the state Allocated.
+        You can now use the IP address in port forwarding, load balancing, and static NAT
+        rules.
+    
+  
+

\ No newline at end of file
diff --git a/docs/en-US/add-additional-guest-network.xml b/docs/en-US/add-additional-guest-network.xml
index 3d3858a43a1..c684da023da 100644
--- a/docs/en-US/add-additional-guest-network.xml
+++ b/docs/en-US/add-additional-guest-network.xml
@@ -3,7 +3,6 @@
 
 %BOOK_ENTITIES;
 ]>
-
 
 

-	Adding an Additional Guest Network
-	
-		Log in to the &PRODUCT; UI as an administrator or end user. 
-		In the left navigation, choose Network.
-		Click Add guest network. Provide the following information: 
-			
-				Name: The name of the network. This will be user-visible. 
-				Display Text: The description of the network. This will be
-				user-visible.
-				Zone. The name of the zone this network applies to. Each zone is a broadcast domain, and therefore each zone has a different
-					IP range for the guest network. The administrator must configure the IP
-					range for each zone.
-				Network offering: If the administrator has configured
-						multiple network offerings, select the one you want to use for this
-						network.
-				Guest Gateway: The gateway that the guests should use.
-				Guest Netmask: The netmask in use on the subnet the guests will
-						use.
-				
-		Click Create.
-	
-
-	

+  Adding an Additional Guest Network
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user. 
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      Click Add guest network. Provide the following information: 
+      
+        
+          Name: The name of the network. This will be
+            user-visible. 
+        
+        
+          Display Text: The description of the network. This
+            will be user-visible.
+        
+        
+          Zone. The name of the zone this network applies to.
+            Each zone is a broadcast domain, and therefore each zone has a different IP range for
+            the guest network. The administrator must configure the IP range for each zone.
+        
+        
+          Network offering: If the administrator has
+            configured multiple network offerings, select the one you want to use for this
+            network.
+        
+        
+          Guest Gateway: The gateway that the guests should
+            use.
+        
+        
+          Guest Netmask: The netmask in use on the subnet the
+            guests will use.
+        
+      
+    
+    
+      Click Create.
+    
+  
+
diff --git a/docs/en-US/add-clusters-kvm-xenserver.xml b/docs/en-US/add-clusters-kvm-xenserver.xml
new file mode 100644
index 00000000000..ad5737191fd
--- /dev/null
+++ b/docs/en-US/add-clusters-kvm-xenserver.xml
@@ -0,0 +1,53 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Add Cluster: KVM or XenServer
+  These steps assume you have already installed the hypervisor on the hosts and logged in to
+    the &PRODUCT; UI.
+  
+    
+      In the left navigation, choose Infrastructure. In Zones, click View More, then click the
+        zone in which you want to add the cluster.
+    
+    
+      Click the Compute tab.
+    
+    
+      In the Clusters node of the diagram, click View All.
+    
+    
+      Click Add Cluster.
+    
+    
+      Choose the hypervisor type for this cluster.
+    
+    
+      Choose the pod in which you want to create the cluster.
+    
+    
+      Enter a name for the cluster. This can be text of your choosing and is not used by
+        &PRODUCT;.
+    
+    
+      Click OK.
+    
+  
+

diff --git a/docs/en-US/add-clusters-ovm.xml b/docs/en-US/add-clusters-ovm.xml
new file mode 100644
index 00000000000..11e1a13555f
--- /dev/null
+++ b/docs/en-US/add-clusters-ovm.xml
@@ -0,0 +1,43 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+
+

+    Add Cluster: OVM
+    To add a Cluster of hosts that run Oracle VM (OVM):
+    
+        Add a companion non-OVM cluster to the Pod. This cluster provides an environment where the CloudPlatform System VMs can run. You should have already installed a non-OVM hypervisor on at least one Host to prepare for this step. Depending on which hypervisor you used:
+        
+            For VMWare, follow the steps in Add Cluster: vSphere. When finished, return here and continue with the next step.
+            For KVM or XenServer, follow the steps in . When finished, return here and continue with the next step
+        
+        
+        In the left navigation, choose Infrastructure. In Zones, click View More, then click the zone in which you want to add the cluster.
+        Click the Compute tab. In the Pods node, click View All. Select the same pod you used in step 1.
+        Click View Clusters, then click Add Cluster.
+            The Add Cluster dialog is displayed.
+        In Hypervisor, choose OVM.
+        In Cluster, enter a name for the cluster.
+        Click Add.
+       
+

diff --git a/docs/en-US/add-clusters-vsphere.xml b/docs/en-US/add-clusters-vsphere.xml
new file mode 100644
index 00000000000..d9e78d28476
--- /dev/null
+++ b/docs/en-US/add-clusters-vsphere.xml
@@ -0,0 +1,121 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Add Cluster: vSphere
+  Host management for vSphere is done through a combination of vCenter and the &PRODUCT; admin
+    UI. &PRODUCT; requires that all hosts be in a &PRODUCT; cluster, but the cluster may consist of
+    a single host. As an administrator you must decide if you would like to use clusters of one host
+    or of multiple hosts. Clusters of multiple hosts allow for features like live migration.
+    Clusters also require shared storage such as NFS or iSCSI.
+  For vSphere servers, we recommend creating the cluster of hosts in vCenter and then adding
+    the entire cluster to &PRODUCT;. Follow these requirements:
+  
+    
+      Do not put more than 8 hosts in a vSphere cluster
+    
+    
+      Make sure the hypervisor hosts do not have any VMs already running before you add them
+        to &PRODUCT;.
+    
+  
+  To add a vSphere cluster to &PRODUCT;:
+  
+    
+      Create the cluster of hosts in vCenter. Follow the vCenter instructions to do this. You
+        will create a cluster that looks something like this in vCenter.
+      
+        
+          
+        
+        
+          vsphereclient.png: vSphere client
+        
+      
+    
+    
+      Log in to the UI.
+    
+    
+      In the left navigation, choose Infrastructure. In Zones, click View More, then click the
+        zone in which you want to add the cluster.
+    
+    
+      Click the Compute tab, and click View All on Pods. Choose the pod to which you want to
+        add the cluster.
+    
+    
+      Click View Clusters.
+    
+    
+      Click Add Cluster.
+    
+    
+      In Hypervisor, choose VMware.
+    
+    
+      Provide the following information in the dialog. The fields below make reference to
+        values from vCenter.
+      
+        
+          Cluster Name. Enter the name of the cluster you created in vCenter. For example,
+            "cloud.cluster.2.2.1"
+        
+        
+          vCenter Host. Enter the hostname or IP address of the vCenter server. 
+        
+        
+          vCenter Username. Enter the username that &PRODUCT; should use to connect to
+            vCenter. This user must have all administrative privileges.
+        
+        
+          vCenter Password. Enter the password for the user named above
+        
+        
+          vCenter Datacenter. Enter the vCenter datacenter that the cluster is in. For
+            example, "cloud.dc.VM".
+          If you have enabled Nexus dvSwitch in the environment, the following parameters for
+            dvSwitch configuration are displayed:
+        
+        
+          Nexus dvSwitch IP Address: The IP address of the Nexus VSM appliance.
+        
+        
+          Nexus dvSwitch Username: The username required to access the Nexus VSM
+            applicance.
+        
+        
+          Nexus dvSwitch Password: The password associated with the username specified
+            above.
+          
+            
+              
+            
+            
+              addcluster.png: add cluster
+            
+          
+          There might be a slight delay while the cluster is provisioned. It will
+            automatically display in the UI
+        
+      
+    
+  
+

diff --git a/docs/en-US/add-gateway-vpc.xml b/docs/en-US/add-gateway-vpc.xml
new file mode 100644
index 00000000000..616794a51d1
--- /dev/null
+++ b/docs/en-US/add-gateway-vpc.xml
@@ -0,0 +1,104 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Adding a Private Gateway to a VPC
+  A private gateway can be added by the root admin only. The VPC private network has 1:1
+    relationship with the NIC of the physical network. No gateways with duplicated VLAN and IP are
+    allowed in the same data center.
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user.
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      In the Select view, select VPC.
+      All the VPCs that you have created for the account is listed in the page.
+    
+    
+      Click the Configure button of the VPC to which you want to configure load balancing
+        rules.
+      The VPC page is displayed where all the tiers you created are listed in a
+        diagram.
+    
+    
+      Click the Settings icon.
+      The following options are displayed.
+      
+        
+          IP Addresses
+        
+        
+          Private Gateways
+        
+        
+          Site-to-Site VPN
+        
+        
+          Network ACLs
+        
+      
+    
+    
+      Select Private Gateways.
+      The Gateways page is displayed.
+    
+    
+      Click Add new gateway:
+      
+        
+          
+        
+        
+          add-new-gateway-vpc.png: adding a private gateway for the VPC.
+        
+      
+    
+    
+      Specify the following:
+      
+        
+          Physical Network: The physical network you have
+            created in the zone.
+        
+        
+          IP Address: The IP address associated with the VPC
+            gateway.
+        
+        
+          Gateway: The gateway through which the traffic is
+            routed to and from the VPC.
+        
+        
+          Netmask: The netmask associated with the VPC
+            gateway.
+        
+        
+          VLAN: The VLAN associated with the VPC
+            gateway.
+        
+      
+      The new gateway appears in the list. You can repeat these steps to add more gateway for
+        this VPC.
+    
+  
+

diff --git a/docs/en-US/add-ingress-egress-rules.xml b/docs/en-US/add-ingress-egress-rules.xml
index 10895d6737c..2490cec43cc 100644
--- a/docs/en-US/add-ingress-egress-rules.xml
+++ b/docs/en-US/add-ingress-egress-rules.xml
@@ -3,17 +3,14 @@
 
 %BOOK_ENTITIES;
 ]>
-
 
-
 

-    Adding Ingress and Egress Rules to a Security Group
-    
-        Log in to the &PRODUCT; UI as an administrator or end user. 
-        In the left navigation, choose Network
-		In Select view, choose Security Groups, then click the security group you want .
-		To add an ingress rule, click the Ingress Rules tab and fill out the following fields to specify what network traffic is allowed into VM instances in this security group. If no ingress rules are specified, then no traffic will be allowed in, except for responses to any traffic that has been allowed out through an egress rule.
-		
-			Add by CIDR/Account. Indicate whether the source of the
-						traffic will be defined by IP address (CIDR) or an existing security group
-						in a &PRODUCT; account (Account). Choose Account if you want to allow
-						incoming traffic from all VMs in another security group			
-			Protocol. The networking protocol that sources will use to
-						send traffic to the security group. TCP and UDP are typically used for data
-						exchange and end-user communications. ICMP is typically used to send error
-						messages or network monitoring data.
-			Start Port, End Port. (TCP, UDP only) A range of listening
-						ports that are the destination for the incoming traffic. If you are opening
-						a single port, use the same number in both fields.
-				ICMP Type, ICMP Code. (ICMP only) The type of message and
-						error code that will be accepted.
-			CIDR. (Add by CIDR only) To accept only traffic from IP
-						addresses within a particular address block, enter a CIDR or a
-						comma-separated list of CIDRs. The CIDR is the base IP address of the
-						incoming traffic. For example, 192.168.0.0/22. To allow all CIDRs, set to
-						0.0.0.0/0.
-			Account, Security Group. (Add by Account only) To accept only
-						traffic from another security group, enter the &PRODUCT; account and
-						name of a security group that has already been defined in that account. To
-						allow traffic between VMs within the security group you are editing now,
-						enter the same name you used in step 7.
-		
-			The following example allows inbound HTTP access from anywhere:
-			
-				
-					
-				
-				httpaccess.png: allows inbound HTTP access from anywhere
-			
-		
-		To add an egress rule, click the Egress Rules tab and fill out the following fields to specify what type of traffic is allowed to be sent out of VM instances in this security group. If no egress rules are specified, then all traffic will be allowed out. Once egress rules are specified, the following types of traffic are allowed out: traffic specified in egress rules; queries to DNS and DHCP servers; and responses to any traffic that has been allowed in through an ingress rule
-		
-			Add by CIDR/Account. Indicate whether the destination of the
-						traffic will be defined by IP address (CIDR) or an existing security group
-						in a &PRODUCT; account (Account). Choose Account if you want to allow
-						outgoing traffic to all VMs in another security group.
-			Protocol. The networking protocol that VMs will use to send
-						outgoing traffic. TCP and UDP are typically used for data exchange and
-						end-user communications. ICMP is typically used to send error messages or
-						network monitoring data.
-			Start Port, End Port. (TCP, UDP only) A range of listening
-						ports that are the destination for the outgoing traffic. If you are opening
-						a single port, use the same number in both fields.
-			ICMP Type, ICMP Code. (ICMP only) The type of message and
-						error code that will be sent
-			CIDR. (Add by CIDR only) To send traffic only to IP addresses
-						within a particular address block, enter a CIDR or a comma-separated list of
-						CIDRs. The CIDR is the base IP address of the destination. For example,
-						192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0.
-			Account, Security Group. (Add by Account only) To allow
-						traffic to be sent to another security group, enter the &PRODUCT;
-						account and name of a security group that has already been defined in that
-						account. To allow traffic between VMs within the security group you are
-						editing now, enter its name.
-		
-		Click Add.	
-	
+  Adding Ingress and Egress Rules to a Security Group
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user. 
+    
+    
+      In the left navigation, choose Network
+    
+    
+      In Select view, choose Security Groups, then click the security group you want .
+    
+    
+      To add an ingress rule, click the Ingress Rules tab and fill out the following fields to
+        specify what network traffic is allowed into VM instances in this security group. If no
+        ingress rules are specified, then no traffic will be allowed in, except for responses to any
+        traffic that has been allowed out through an egress rule.
+      
+        
+          Add by CIDR/Account. Indicate whether the source of
+            the traffic will be defined by IP address (CIDR) or an existing security group in a
+            &PRODUCT; account (Account). Choose Account if you want to allow incoming traffic from
+            all VMs in another security group
+        
+        
+          Protocol. The networking protocol that sources will
+            use to send traffic to the security group. TCP and UDP are typically used for data
+            exchange and end-user communications. ICMP is typically used to send error messages or
+            network monitoring data.
+        
+        
+          Start Port, End Port. (TCP, UDP only) A range of
+            listening ports that are the destination for the incoming traffic. If you are opening a
+            single port, use the same number in both fields.
+        
+        
+          ICMP Type, ICMP Code. (ICMP only) The type of
+            message and error code that will be accepted.
+        
+        
+          CIDR. (Add by CIDR only) To accept only traffic
+            from IP addresses within a particular address block, enter a CIDR or a comma-separated
+            list of CIDRs. The CIDR is the base IP address of the incoming traffic. For example,
+            192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0.
+        
+        
+          Account, Security Group. (Add by Account only) To
+            accept only traffic from another security group, enter the &PRODUCT; account and name of
+            a security group that has already been defined in that account. To allow traffic between
+            VMs within the security group you are editing now, enter the same name you used in step
+            7.
+        
+      
+      The following example allows inbound HTTP access from anywhere:
+      
+        
+          
+        
+        
+          httpaccess.png: allows inbound HTTP access from anywhere
+        
+      
+    
+    
+      To add an egress rule, click the Egress Rules tab and fill out the following fields to
+        specify what type of traffic is allowed to be sent out of VM instances in this security
+        group. If no egress rules are specified, then all traffic will be allowed out. Once egress
+        rules are specified, the following types of traffic are allowed out: traffic specified in
+        egress rules; queries to DNS and DHCP servers; and responses to any traffic that has been
+        allowed in through an ingress rule
+      
+        
+          Add by CIDR/Account. Indicate whether the
+            destination of the traffic will be defined by IP address (CIDR) or an existing security
+            group in a &PRODUCT; account (Account). Choose Account if you want to allow outgoing
+            traffic to all VMs in another security group.
+        
+        
+          Protocol. The networking protocol that VMs will use
+            to send outgoing traffic. TCP and UDP are typically used for data exchange and end-user
+            communications. ICMP is typically used to send error messages or network monitoring
+            data.
+        
+        
+          Start Port, End Port. (TCP, UDP only) A range of
+            listening ports that are the destination for the outgoing traffic. If you are opening a
+            single port, use the same number in both fields.
+        
+        
+          ICMP Type, ICMP Code. (ICMP only) The type of
+            message and error code that will be sent
+        
+        
+          CIDR. (Add by CIDR only) To send traffic only to IP
+            addresses within a particular address block, enter a CIDR or a comma-separated list of
+            CIDRs. The CIDR is the base IP address of the destination. For example, 192.168.0.0/22.
+            To allow all CIDRs, set to 0.0.0.0/0.
+        
+        
+          Account, Security Group. (Add by Account only) To
+            allow traffic to be sent to another security group, enter the &PRODUCT; account and name
+            of a security group that has already been defined in that account. To allow traffic
+            between VMs within the security group you are editing now, enter its name.
+        
+      
+    
+    
+      Click Add.
+    
+  
 

diff --git a/docs/en-US/add-iso.xml b/docs/en-US/add-iso.xml
index 60f61169905..25986e02e92 100644
--- a/docs/en-US/add-iso.xml
+++ b/docs/en-US/add-iso.xml
@@ -3,7 +3,6 @@
 
 %BOOK_ENTITIES;
 ]>
-
 
 

-	Adding an ISO
-	To make additional operating system or other software available for use with guest VMs, you can add an ISO. The ISO is typically thought of as an operating system image, but you can also add ISOs for other types of software, such as desktop applications that you want to be installed as part of a template.
-	
-		Log in to the &PRODUCT; UI as an administrator or end user.
-		In the left navigation bar, click Templates.
-		In Select View, choose ISOs.
-		Click Add ISO.
-		In the Add ISO screen, provide the following:
-		
-			Name: Short name for the ISO image. For example, CentOS 6.2
-						64-bit.
-			Description: Display test for the ISO image. For example,
-						CentOS 6.2 64-bit.
-			URL: The URL that hosts the ISO image. The Management Server
-						must be able to access this location via HTTP. If needed you can place the
-						ISO image directly on the Management Server
-			Zone: Choose the zone where you want the ISO to be available,
-						or All Zones to make it available throughout &PRODUCT;.
-			Bootable: Whether or not a guest could boot off this ISO
-						image. For example, a CentOS ISO is bootable, a Microsoft Office ISO is not
-						bootable.
-			OS Type: This helps &PRODUCT; and the hypervisor perform
-						certain operations and make assumptions that improve the performance of the
-						guest. Select one of the following.
-				
-					If the operating system of your desired ISO image is listed, choose it.
-					If the OS Type of the ISO is not listed or if the ISO is not bootable, choose Other.
-					(XenServer only) If you want to boot from this ISO in PV mode, choose Other PV (32-bit) or Other PV (64-bit)
-					(KVM only) If you choose an OS that is PV-enabled, the VMs created from this ISO will have a SCSI (virtio) root disk. If the OS is not PV-enabled, the VMs will have an IDE root disk. The PV-enabled types are:
-						
-							
-							
-									
-										Fedora 13
-										Fedora 12
-										Fedora 11
-										
-									
-									
-									Fedora 10
-									Fedora 9
-										Other PV
-									
-									
-									
-										Debian GNU/Linux
-										CentOS 5.3
-										CentOS 5.4
-									
-									
-										CentOS 5.5
-										Red Hat Enterprise Linux 5.3
-										Red Hat Enterprise Linux 5.4
-									
-								
-									Red Hat Enterprise Linux 5.5
-									Red Hat Enterprise Linux 6
-									
-								
-								
-							
-						
-				
-				It is not recommended to choose an older version of the OS than the version in the image. For
-							example, choosing CentOS 5.4 to support a CentOS 6.2 image will usually
-							not work. In these cases, choose Other.
-				
-			Extractable: Choose Yes if the ISO should be available for
-						extraction.
-			Public: Choose Yes if this ISO should be available to other
-						users.
-			Featured: Choose Yes if you would like this ISO to be more
-						prominent for users to select. The ISO will appear in the Featured ISOs
-						list. Only an administrator can make an ISO Featured.
-		
-		Click OK.
-			The Management Server will download the ISO. Depending on the size of the ISO, this may take a long time. The ISO status column will display Ready once it has been successfully downloaded into secondary storage. Clicking Refresh updates the download percentage.
-		
-		Important: Wait for the ISO to finish downloading. If you
-				move on to the next task and try to use the ISO right away, it will appear to fail.
-				The entire ISO must be available before &PRODUCT; can work with it.		
-	
+  Adding an ISO
+  To make additional operating system or other software available for use with guest VMs, you
+    can add an ISO. The ISO is typically thought of as an operating system image, but you can also
+    add ISOs for other types of software, such as desktop applications that you want to be installed
+    as part of a template.
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user.
+    
+    
+      In the left navigation bar, click Templates.
+    
+    
+      In Select View, choose ISOs.
+    
+    
+      Click Add ISO.
+    
+    
+      In the Add ISO screen, provide the following:
+      
+        
+          Name: Short name for the ISO image. For example,
+            CentOS 6.2 64-bit.
+        
+        
+          Description: Display test for the ISO image. For
+            example, CentOS 6.2 64-bit.
+        
+        
+          URL: The URL that hosts the ISO image. The
+            Management Server must be able to access this location via HTTP. If needed you can place
+            the ISO image directly on the Management Server
+        
+        
+          Zone: Choose the zone where you want the ISO to be
+            available, or All Zones to make it available throughout &PRODUCT;.
+        
+        
+          Bootable: Whether or not a guest could boot off
+            this ISO image. For example, a CentOS ISO is bootable, a Microsoft Office ISO is not
+            bootable.
+        
+        
+          OS Type: This helps &PRODUCT; and the hypervisor
+            perform certain operations and make assumptions that improve the performance of the
+            guest. Select one of the following.
+          
+            
+              If the operating system of your desired ISO image is listed, choose it.
+            
+            
+              If the OS Type of the ISO is not listed or if the ISO is not bootable, choose
+                Other.
+            
+            
+              (XenServer only) If you want to boot from this ISO in PV mode, choose Other PV
+                (32-bit) or Other PV (64-bit)
+            
+            
+              (KVM only) If you choose an OS that is PV-enabled, the VMs created from this ISO
+                will have a SCSI (virtio) root disk. If the OS is not PV-enabled, the VMs will have
+                an IDE root disk. The PV-enabled types are:
+              
+                
+                  
+                    
+                      Fedora 13
+                      Fedora 12
+                      Fedora 11
+                    
+                    
+                      Fedora 10
+                      Fedora 9
+                      Other PV
+                    
+                    
+                      Debian GNU/Linux
+                      CentOS 5.3
+                      CentOS 5.4
+                    
+                    
+                      CentOS 5.5
+                      Red Hat Enterprise Linux 5.3
+                      Red Hat Enterprise Linux 5.4
+                    
+                    
+                      Red Hat Enterprise Linux 5.5
+                      Red Hat Enterprise Linux 6
+                      
+                    
+                  
+                
+              
+            
+          
+          
+            It is not recommended to choose an older version of the OS than the version in the
+              image. For example, choosing CentOS 5.4 to support a CentOS 6.2 image will usually not
+              work. In these cases, choose Other.
+          
+        
+        
+          Extractable: Choose Yes if the ISO should be
+            available for extraction.
+        
+        
+          Public: Choose Yes if this ISO should be available
+            to other users.
+        
+        
+          Featured: Choose Yes if you would like this ISO to
+            be more prominent for users to select. The ISO will appear in the Featured ISOs list.
+            Only an administrator can make an ISO Featured.
+        
+      
+    
+    
+      Click OK.
+      The Management Server will download the ISO. Depending on the size of the ISO, this may
+        take a long time. The ISO status column will display Ready once it has been successfully
+        downloaded into secondary storage. Clicking Refresh updates the download percentage.
+    
+    
+      Important: Wait for the ISO to finish downloading. If
+        you move on to the next task and try to use the ISO right away, it will appear to fail. The
+        entire ISO must be available before &PRODUCT; can work with it.
+    
+  
 

diff --git a/docs/en-US/add-load-balancer-rule.xml b/docs/en-US/add-load-balancer-rule.xml
index 30128efba29..8cd0da4b7da 100644
--- a/docs/en-US/add-load-balancer-rule.xml
+++ b/docs/en-US/add-load-balancer-rule.xml
@@ -3,7 +3,6 @@
 
 %BOOK_ENTITIES;
 ]>
-
 
-
 

-	Adding a Load Balancer Rule
-	
-		Log in to the &PRODUCT; UI as an administrator or end user. 
-		In the left navigation, choose Network.
-		Click the name of the network where you want to load balance the traffic.
-		Click View IP Addresses.
-		Click the IP address for which you want to create the rule, then click the Configuration tab.
-		In the Load Balancing node of the diagram, click View All.
-		In a Basic zone, you can also create a load balancing rule without acquiring or selecting an
-				IP address. &PRODUCT; internally assign an IP when you create the load balancing
-				rule, which is listed in the IP Addresses page when the rule is created. 
-		To do that, select the name of the network, then click Add Load Balancer tab. Continue with
-					.
-		Fill in the following:		
-		
-			Name: A name for the load balancer rule.			
-			Public Port: The port receiving incoming traffic to be
-						balanced.
-			Private Port: The port that the VMs will use to receive the
-						traffic.
-			Algorithm: Choose the load balancing algorithm you want
-						&PRODUCT; to use. &PRODUCT; supports a variety of well-known
-						algorithms. If you are not familiar with these choices, you will find plenty
-						of information about them on the Internet.
-			Stickiness: (Optional) Click Configure and choose the
-						algorithm for the stickiness policy. See Sticky Session Policies for Load
-						Balancer Rules.
-			AutoScale: Click Configure and complete the AutoScale
-						configuration as explained in .
-			
-		Click Add VMs, then select two or more VMs that will divide the load of incoming traffic, and click Apply.
-		The new load balancer rule appears in the list. You can repeat these steps to add more load balancer rules for this IP address.
-			
-	
+  Adding a Load Balancer Rule
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user. 
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      Click the name of the network where you want to load balance the traffic.
+    
+    
+      Click View IP Addresses.
+    
+    
+      Click the IP address for which you want to create the rule, then click the Configuration
+        tab.
+    
+    
+      In the Load Balancing node of the diagram, click View All.
+      In a Basic zone, you can also create a load balancing rule without acquiring or
+        selecting an IP address. &PRODUCT; internally assign an IP when you create the load
+        balancing rule, which is listed in the IP Addresses page when the rule is created. 
+      To do that, select the name of the network, then click Add Load Balancer tab. Continue
+        with .
+    
+    
+      Fill in the following:
+      
+        
+          Name: A name for the load balancer rule.
+        
+        
+          Public Port: The port receiving incoming traffic to
+            be balanced.
+        
+        
+          Private Port: The port that the VMs will use to
+            receive the traffic.
+        
+        
+          Algorithm: Choose the load balancing algorithm you
+            want &PRODUCT; to use. &PRODUCT; supports a variety of well-known algorithms. If you are
+            not familiar with these choices, you will find plenty of information about them on the
+            Internet.
+        
+        
+          Stickiness: (Optional) Click Configure and choose
+            the algorithm for the stickiness policy. See Sticky Session Policies for Load Balancer
+            Rules.
+        
+      
+    
+    
+      Click Add VMs, then select two or more VMs that will divide the load of incoming
+        traffic, and click Apply.
+      The new load balancer rule appears in the list. You can repeat these steps to add more
+        load balancer rules for this IP address.
+    
+  
 

diff --git a/docs/en-US/add-loadbalancer-rule-vpc.xml b/docs/en-US/add-loadbalancer-rule-vpc.xml
new file mode 100644
index 00000000000..bba3e5ad134
--- /dev/null
+++ b/docs/en-US/add-loadbalancer-rule-vpc.xml
@@ -0,0 +1,123 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+

+  Adding Load Balancing Rules on a VPC
+  A &PRODUCT; user or administrator may create load balancing rules that balance traffic
+    received at a public IP to one or more VMs that belong to a network tier that provides load
+    balancing service in a VPC. A user creates a rule, specifies an algorithm, and assigns the rule
+    to a set of VMs within a VPC.
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user.
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      In the Select view, select VPC.
+      All the VPCs that you have created for the account is listed in the page.
+    
+    
+      Click the Configure button of the VPC to which you want to configure load balancing
+        rules.
+      The VPC page is displayed where all the tiers you created are listed in a
+        diagram.
+    
+    
+      Click the Settings icon.
+      The following options are displayed.
+      
+        
+          IP Addresses
+        
+        
+          Gateways
+        
+        
+          Site-to-Site VPN
+        
+        
+          Network ACLs
+        
+      
+    
+    
+      Select IP Addresses.
+      The IP Addresses page is displayed.
+    
+    
+      Click the IP address for which you want to create the rule, then click the Configuration
+        tab.
+    
+    
+      In the Load Balancing node of the diagram, click View All.
+    
+    
+      Select the tier to which you want to apply the rule.
+      
+        In a VPC, the load balancing service is supported only on a single tier.
+      
+    
+    
+      Specify the following:
+      
+        
+          Name: A name for the load balancer rule.
+        
+        
+          Public Port: The port that receives the incoming
+            traffic to be balanced.
+        
+        
+          Private Port: The port that the VMs will use to
+            receive the traffic.
+        
+        
+          Algorithm. Choose the load balancing algorithm you
+            want &PRODUCT; to use. &PRODUCT; supports the following well-known algorithms:
+          
+            
+              Round-robin
+            
+            
+              Least connections
+            
+            
+              Source
+            
+          
+        
+        
+          Stickiness. (Optional) Click Configure and choose
+            the algorithm for the stickiness policy. See Sticky Session Policies for Load Balancer
+            Rules.
+        
+        
+          Add VMs: Click Add VMs, then select two or more VMs
+            that will divide the load of incoming traffic, and click Apply.
+        
+      
+    
+  
+  The new load balancing rule appears in the list. You can repeat these steps to add more load
+    balancing rules for this IP address.
+

\ No newline at end of file
diff --git a/docs/en-US/add-members-to-projects.xml b/docs/en-US/add-members-to-projects.xml
index a51726e14fc..39c3edfb2c3 100644
--- a/docs/en-US/add-members-to-projects.xml
+++ b/docs/en-US/add-members-to-projects.xml
@@ -29,5 +29,7 @@
         If invitations have been enabled, you can send invitations to new members.
         If invitations are not enabled, you can add members directly through the UI.
     
+    
+    
    
       
diff --git a/docs/en-US/add-more-clusters.xml b/docs/en-US/add-more-clusters.xml
new file mode 100644
index 00000000000..a2e41e38f84
--- /dev/null
+++ b/docs/en-US/add-more-clusters.xml
@@ -0,0 +1,29 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Add More Clusters (Optional)
+  You need to tell &PRODUCT; about the hosts that it will manage. Hosts exist inside clusters,
+    so before you begin adding hosts to the cloud, you must add at least one cluster.
+  
+  
+  
+  
+

diff --git a/docs/en-US/add-portforward-rule-vpc.xml b/docs/en-US/add-portforward-rule-vpc.xml
new file mode 100644
index 00000000000..c3dbc39bb19
--- /dev/null
+++ b/docs/en-US/add-portforward-rule-vpc.xml
@@ -0,0 +1,103 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Adding a Port Forwarding Rule on a VPC
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user.
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      In the Select view, select VPC.
+      All the VPCs that you have created for the account is listed in the page.
+    
+    
+      Click the Configure button of the VPC to which you want to deploy the VMs.
+      The VPC page is displayed where all the tiers you created are listed in a
+        diagram.
+    
+    
+      Click the Settings icon.
+      The following options are displayed.
+      
+        
+          IP Addresses
+        
+        
+          Gateways
+        
+        
+          Site-to-Site VPN
+        
+        
+          Network ACLs
+        
+      
+    
+    
+      Choose an existing IP address or acquire a new IP address. Click the name of the IP
+        address in the list.
+      The IP Addresses page is displayed.
+    
+    
+      Click the IP address for which you want to create the rule, then click the Configuration
+        tab.
+    
+    
+      In the Port Forwarding node of the diagram, click View All.
+    
+    
+      Select the tier to which you want to apply the rule.
+    
+    
+      Specify the following:
+      
+        
+          Public Port: The port to which public traffic will
+            be addressed on the IP address you acquired in the previous step.
+        
+        
+          Private Port: The port on which the instance is
+            listening for forwarded public traffic.
+        
+        
+          Protocol: The communication protocol in use between
+            the two ports.
+          
+            
+              TCP
+            
+            
+              UDP
+            
+          
+        
+        
+          Add VM: Click Add VM. Select the name of the
+            instance to which this rule applies, and click Apply.
+          You can test the rule by opening an ssh session to the instance.
+        
+      
+    
+  
+

diff --git a/docs/en-US/add-primary-storage.xml b/docs/en-US/add-primary-storage.xml
new file mode 100644
index 00000000000..9c7ad3dc9cf
--- /dev/null
+++ b/docs/en-US/add-primary-storage.xml
@@ -0,0 +1,108 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Adding Primary Storage
+  
+    Ensure that nothing stored on the server. Adding the server to CloudStack will destroy any
+      existing data.
+  
+  When you create a new zone, the first primary storage is added as part of that procedure.
+    You can add primary storage servers at any time, such as when adding a new cluster or adding
+    more servers to an existing cluster.
+  
+    
+      Log in to the &PRODUCT; UI.
+    
+    
+      In the left navigation, choose Infrastructure. In Zones, click View More, then click the
+        zone in which you want to add the primary storage.
+    
+    
+      Click the Compute tab.
+    
+    
+      In the Primary Storage node of the diagram, click View All.
+    
+    
+      Click Add Primary Storage.
+    
+    
+      Provide the following information in the dialog. The information required varies
+        depending on your choice in Protocol.
+      
+        
+          Pod. The pod for the storage device.
+        
+        
+          Cluster. The cluster for the storage device.
+        
+        
+          Name. The name of the storage device
+        
+        
+          Protocol. For XenServer, choose either NFS, iSCSI, or PreSetup. For KVM, choose NFS
+            or SharedMountPoint. For vSphere choose either VMFS (iSCSI or FiberChannel) or
+            NFS
+        
+        
+          Server (for NFS, iSCSI, or PreSetup). The IP address or DNS name of the storage
+            device
+        
+        
+          Server (for VMFS). The IP address or DNS name of the vCenter server.
+        
+        
+          Path (for NFS). In NFS this is the exported path from the server.
+        
+        
+          Path (for VMFS). In vSphere this is a combination of the datacenter name and the
+            datastore name. The format is "/" datacenter name "/" datastore name. For example,
+            "/cloud.dc.VM/cluster1datastore".
+        
+        
+          Path (for SharedMountPoint). With KVM this is the path on each host that is where
+            this primary storage is mounted. For example, "/mnt/primary".
+        
+        
+          SR Name-Label (for PreSetup). Enter the name-label of the SR that has been set up
+            outside &PRODUCT;.
+        
+        
+          Target IQN (for iSCSI). In iSCSI this is the IQN of the target. For example,
+            iqn.1986-03.com.sun:02:01ec9bb549-1271378984
+        
+        
+          Lun # (for iSCSI). In iSCSI this is the LUN number. For example, 3.
+        
+        
+          Tags (optional). The comma-separated list of tags for this storage device. It should
+            be an equivalent set or superset of the tags on your disk offerings
+        
+      
+      The tag sets on primary storage across clusters in a Zone must be identical. For
+        example, if cluster A provides primary storage that has tags T1 and T2, all other clusters
+        in the Zone must also provide primary storage that has tags T1 and T2.
+    
+    
+      Click OK.
+    
+  
+

diff --git a/docs/en-US/add-secondary-storage.xml b/docs/en-US/add-secondary-storage.xml
new file mode 100644
index 00000000000..318a6ea79b6
--- /dev/null
+++ b/docs/en-US/add-secondary-storage.xml
@@ -0,0 +1,48 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Adding Secondary Storage
+  
+    Be sure there is nothing stored on the server. Adding the server to CloudStack will
+      destroy any existing data.
+  
+  When you create a new zone, the first secondary storage is added as part of that procedure.
+    You can add secondary storage servers at any time to add more servers to an existing
+    zone.
+  
+    
+      If you are going to use Swift for cloud-wide secondary storage, you must add the Swift
+        storage to &PRODUCT; before you add the local zone secondary storage servers.
+    
+    
+      To prepare for local zone secondary storage, you should have created and mounted an NFS
+        share during Management Server installation.
+    
+    
+      Make sure you prepared the system VM template during Management Server
+        installation.
+    
+    
+      4. Now that the secondary storage server for per-zone storage is prepared, add it to
+        &PRODUCT;. Secondary storage is added as part of the procedure for adding a new zone.
+    
+  
+

diff --git a/docs/en-US/add-security-group.xml b/docs/en-US/add-security-group.xml
index 7d86c9beabb..85a6ba0b38a 100644
--- a/docs/en-US/add-security-group.xml
+++ b/docs/en-US/add-security-group.xml
@@ -3,7 +3,6 @@
 
 %BOOK_ENTITIES;
 ]>
-
 
-
 

-	Adding a Security Group
-	A user or administrator can define a new security group.
-	
-		Log in to the &PRODUCT; UI as an administrator or end user. 
-		In the left navigation, choose Network
-		In Select view, choose Security Groups.
-		Click Add Security Group.
-		Provide a name and description.
-		Click OK.
-		The new security group appears in the Security Groups Details tab.
-		To make the security group useful, continue to Adding Ingress and Egress Rules to a Security Group.
-	
+  Adding a Security Group
+  A user or administrator can define a new security group.
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user. 
+    
+    
+      In the left navigation, choose Network
+    
+    
+      In Select view, choose Security Groups.
+    
+    
+      Click Add Security Group.
+    
+    
+      Provide a name and description.
+    
+    
+      Click OK.
+      The new security group appears in the Security Groups Details tab.
+    
+    
+      To make the security group useful, continue to Adding Ingress and Egress Rules to a
+        Security Group.
+    
+  
 

-
diff --git a/docs/en-US/add-tier.xml b/docs/en-US/add-tier.xml
new file mode 100644
index 00000000000..6beaab2a151
--- /dev/null
+++ b/docs/en-US/add-tier.xml
@@ -0,0 +1,89 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Adding Tiers
+  Tiers are distinct locations within a VPC that act as isolated networks, which do not have
+    access to other tiers by default. Tiers are set up on different VLANs that can communicate with
+    each other by using a virtual router. Tiers provide inexpensive, low latency network
+    connectivity to other tiers within the VPC.
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user.
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      In the Select view, select VPC.
+      All the VPC that you have created for the account is listed in the page.
+      
+        The end users can see their own VPCs, while root and domain admin can see any VPC they
+          are authorized to see.
+      
+    
+    
+      Click the Configure button of the VPC for which you want to set up tiers.
+      The Add new tier dialog is displayed, as follows:
+      
+        
+          
+        
+        
+          add-tier.png: adding a tier to a vpc.
+        
+      
+      If you have already created tiers, the VPC diagram is displayed. Click Create Tier to
+        add a new tier.
+    
+    
+      Specify the following:
+      All the fields are mandatory.
+      
+        
+          Name: A unique name for the tier you create.
+        
+        
+          Network Offering: The following default network
+            offerings are listed: DefaultIsolatedNetworkOfferingForVpcNetworksNoLB,
+            DefaultIsolatedNetworkOfferingForVpcNetworks
+          In a VPC, only one tier can be created by using LB-enabled network offering.
+        
+        
+          Gateway: The gateway for the tier you create.
+            Ensure that the gateway is within the Super CIDR range that you specified while creating
+            the VPC, and is not overlapped with the CIDR of any existing tier within the VPC.
+        
+        
+          Netmask: The netmask for the tier you create. 
+          For example, if the VPC CIDR is 10.0.0.0/16 and the network tier CIDR is
+            10.0.1.0/24, the gateway of the tier is 10.0.1.1, and the netmask of the tier is
+            255.255.255.0.
+        
+      
+    
+    
+      Click OK.
+    
+    
+      Continue with configuring access control list for the tier.
+    
+  
+

diff --git a/docs/en-US/add-vm-to-tier.xml b/docs/en-US/add-vm-to-tier.xml
new file mode 100644
index 00000000000..e401eed2656
--- /dev/null
+++ b/docs/en-US/add-vm-to-tier.xml
@@ -0,0 +1,45 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Deploying VMs to the Tier
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user.
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      In the Select view, select VPC.
+      All the VPCs that you have created for the account is listed in the page.
+    
+    
+      Click the Configure button of the VPC to which you want to deploy the VMs.
+      The VPC page is displayed where all the tiers you created are listed.
+    
+    
+      Click the Add VM button of the tier for which you want to add a VM.
+      The Add Instance page is displayed.
+      Follow the on-screen instruction to add an instance. For information on adding an
+        instance, see Adding Instances section in the Installation Guide.
+    
+  
+

diff --git a/docs/en-US/add-vpc.xml b/docs/en-US/add-vpc.xml
new file mode 100644
index 00000000000..8c088a0e1fd
--- /dev/null
+++ b/docs/en-US/add-vpc.xml
@@ -0,0 +1,75 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Adding a Virtual Private Cloud
+  When creating the VPC, you simply provide the zone and a set of IP addresses for the VPC
+    network address space. You specify this set of addresses in the form of a Classless Inter-Domain
+    Routing (CIDR) block.
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user. 
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      In the Select view, select VPC.
+    
+    
+      Click Add VPC. The Add VPC page is displayed as follows:
+      
+        
+          
+        
+        
+          add-vpc.png: adding a vpc.
+        
+      
+      Provide the following information:
+      
+        
+          Name: A short name for the VPC that you are
+            creating.
+        
+        
+          Description: A brief description of the VPC.
+        
+        
+          Zone: Choose the zone where you want the VPC to be
+            available.
+        
+        
+          Super CIDR for Guest Networks: Defines the CIDR
+            range for all the tiers (guest networks) within a VPC. When you create a tier, ensure
+            that its CIDR is within the Super CIDR value you enter. The CIDR must be RFC1918
+            compliant.
+        
+        
+          DNS domain for Guest Networks: If you want to
+            assign a special domain name, specify the DNS suffix. This parameter is applied to all
+            the tiers within the VPC. That implies, all the tiers you create in the VPC belong to
+            the same DNS domain. If the parameter is not specified, a DNS domain name is generated
+            automatically. 
+        
+      
+    
+  
+

diff --git a/docs/en-US/added-API-commands.xml b/docs/en-US/added-API-commands.xml
index b63895e7973..237c524b75f 100644
--- a/docs/en-US/added-API-commands.xml
+++ b/docs/en-US/added-API-commands.xml
@@ -3,165 +3,332 @@
 
 %BOOK_ENTITIES;
 ]>
-
-
 
-
-    

-        Added API commands
-            Added in 3.0.3:
-            
-                enableCiscoNexusVSM (Enables Nexus 1000v dvSwitch in &PRODUCT;.)
-                disableCiscoNexusVSM (Disables Nexus 1000v dvSwitch in &PRODUCT;.)
-                deleteCiscoNexusVSM (Deletes Nexus 1000v dvSwitch in &PRODUCT;.)
-                listCiscoNexusVSMs (Lists the control VLAN ID, packet VLAN ID, and data VLAN ID, as well as the IP address of the Nexus 1000v dvSwitch.)
-            
-            Added in 3.0.2:
-            
-                changeServiceForSystemVm
-                    Changes the service offering for a system VM (console proxy or secondary storage). The system VM must be in a "Stopped" state for this command to take effect.
-                
-            
-            Added in 3.0.1:
-            
-                changeServiceForSystemVm
-                Changes the service offering for a system VM (console proxy or secondary storage). The system VM must be in a "Stopped" state for this command to take effect.
-                    
-            
-                Added in 3.0.0:
-        
-            
-                
-                
-                
-                
-                    
-                        assignVirtualMachine (Move a user VM to another user under same domain.)
-                        restoreVirtualMachine (Restore a VM to original template or specific snapshot)
-                        createLBStickinessPolicy (Creates a Load Balancer stickiness policy )
-                    
-                    
-                        deleteLBStickinessPolicy (Deletes a LB stickiness policy.)
-                        listLBStickinessPolicies (Lists LBStickiness policies.)
-                        ldapConfig (Configure the LDAP context for this site.)
-                    
-                    
-                        addSwift (Adds Swift.)
-                        listSwifts (List Swift.)
-                        migrateVolume (Migrate volume)
-                    
-                    
-                        updateStoragePool (Updates a storage pool.)
-                        authorizeSecurityGroupEgress (Authorizes a particular egress rule for this security group)
-                        revokeSecurityGroupEgress (Deletes a particular egress rule from this security group)
-                    
-                    
-                        createNetworkOffering (Creates a network offering.)
-                        deleteNetworkOffering (Deletes a network offering.)
-                        createProject (Creates a project)
-                    
-                    
-                        deleteProject (Deletes a project)
-                        updateProject (Updates a project)
-                        activateProject (Activates a project)
-                    
-                    
-                        suspendProject (Suspends a project)
-                        listProjects (Lists projects and provides detailed information for listed projects)
-                        addAccountToProject (Adds acoount to a project)
-                    
-                    
-                        deleteAccountFromProject (Deletes account from the project)
-                        listProjectAccounts (Lists project's accounts)
-                        listProjectInvitations (Lists an account's invitations to join projects)
-                    
-                    
-                        updateProjectInvitation (Accepts or declines project invitation)
-                        deleteProjectInvitation (Deletes a project invitation)
-                        updateHypervisorCapabilities (Updates a hypervisor capabilities.)
-                    
-                    
-                        listHypervisorCapabilities (Lists all hypervisor capabilities.)
-                        createPhysicalNetwork (Creates a physical network)
-                        deletePhysicalNetwork (Deletes a Physical Network.)
-                    
-                    
-                        listPhysicalNetworks (Lists physical networks)
-                        updatePhysicalNetwork (Updates a physical network)
-                        listSupportedNetworkServices (Lists all network services provided by &PRODUCT; or for the given Provider.)
-                    
-                    
-                        addNetworkServiceProvider (Adds a network serviceProvider to a physical network)
-                        deleteNetworkServiceProvider (Deletes a Network Service Provider.)
-                        listNetworkServiceProviders (Lists network serviceproviders for a given physical network.)
-                    
-                    
-                        updateNetworkServiceProvider (Updates a network serviceProvider of a physical network)
-                        addTrafficType (Adds traffic type to a physical network)
-                        deleteTrafficType (Deletes traffic type of a physical network)
-                    
-                    
-                        listTrafficTypes (Lists traffic types of a given physical network.)
-                        updateTrafficType (Updates traffic type of a physical network)
-                        listTrafficTypeImplementors (Lists implementors of implementor of a network traffic type or implementors of all network traffic types)
-                    
-                    
-                        createStorageNetworkIpRange (Creates a Storage network IP range.)
-                        deleteStorageNetworkIpRange (Deletes a storage network IP Range.)
-                        listStorageNetworkIpRange (List a storage network IP range.)
-                    
-                    
-                        updateStorageNetworkIpRange (Update a Storage network IP range, only allowed when no IPs in this range have been allocated.)
-                        listUsageTypes (List Usage Types)
-                        addF5LoadBalancer (Adds a F5 BigIP load balancer device)
-                    
-                    
-                        configureF5LoadBalancer (configures a F5 load balancer device)
-                        deleteF5LoadBalancer ( delete a F5 load balancer device)
-                        listF5LoadBalancers (lists F5 load balancer devices)
-                    
-                    
-                        listF5LoadBalancerNetworks (lists network that are using a F5 load balancer device)
-                        addSrxFirewall (Adds a SRX firewall device)
-                        deleteSrxFirewall ( delete a SRX firewall device)
-                    
-                    
-                        listSrxFirewalls (lists SRX firewall devices in a physical network)
-                        listSrxFirewallNetworks (lists network that are using SRX firewall device)
-                        addNetscalerLoadBalancer (Adds a netscaler load balancer device)
-                    
-                    
-                        deleteNetscalerLoadBalancer ( delete a netscaler load balancer device)
-                        configureNetscalerLoadBalancer (configures a netscaler load balancer device)
-                        listNetscalerLoadBalancers (lists netscaler load balancer devices)
-                    
-                    
-                        listNetscalerLoadBalancerNetworks (lists network that are using a netscaler load balancer device)
-                        createVirtualRouterElement (Create a virtual router element.)
-                        configureVirtualRouterElement (Configures a virtual router element.)
-                    
-                    
-                        listVirtualRouterElements (Lists all available virtual router elements.)
-                        
-                        
-                    
-                
-            
-        
-    

+

+  Added API commands
+  Added in 4.0
+  
+    
+      createCounter (Adds metric counter)
+    
+    
+      deleteCounter (Deletes a counter)
+    
+    
+      listCounters (List the counters)
+    
+    
+      createCondition (Creates a condition)
+    
+    
+      deleteCondition (Removes a condition)
+    
+    
+      listConditions (List Conditions for the specific user)
+    
+    
+      createTags. Add tags to one or more resources. Example:
+        command=createTags
+&resourceIds=1,10,12
+&resourceType=userVm
+&tags[0].key=region
+&tags[0].value=canada
+&tags[1].key=city
+&tags[1].value=Toronto				
+    
+    
+      deleteTags. Remove tags from one or more resources. Example:
+        command=deleteTags
+&resourceIds=1,12
+&resourceType=Snapshot
+&tags[0].key=city								
+    
+    
+      listTags (Show currently defined resource tags)
+    
+    
+      createVPC (Creates a VPC)
+    
+    
+      listVPCs (Lists VPCs)
+    
+    
+      deleteVPC (Deletes a VPC)
+    
+    
+      updateVPC (Updates a VPC)
+    
+    
+      restartVPC (Restarts a VPC)
+    
+    
+      createVPCOffering (Creates VPC offering)
+    
+    
+      updateVPCOffering (Updates VPC offering)
+    
+    
+      deleteVPCOffering (Deletes VPC offering)
+    
+    
+      listVPCOfferings (Lists VPC offerings)
+    
+    
+      createPrivateGateway (Creates a private gateway)
+    
+    
+      listPrivateGateways (List private gateways)
+    
+    
+      deletePrivateGateway (Deletes a Private gateway)
+    
+    
+      createNetworkACL (Creates a ACL rule the given network (the network has to belong to
+        VPC))
+    
+    
+      deleteNetworkACL (Deletes a Network ACL)
+    
+    
+      listNetworkACLs (Lists all network ACLs)
+    
+    
+      createStaticRoute (Creates a static route)
+    
+    
+      deleteStaticRoute (Deletes a static route)
+    
+    
+      listStaticRoutes (Lists all static routes)
+    
+    
+      createVpnCustomerGateway (Creates site to site vpn customer gateway)
+    
+    
+      createVpnGateway (Creates site to site vpn local gateway)
+    
+    
+      createVpnConnection (Create site to site vpn connection)
+    
+    
+      deleteVpnCustomerGateway (Delete site to site vpn customer gateway)
+    
+    
+      deleteVpnGateway (Delete site to site vpn gateway)
+    
+    
+      deleteVpnConnection (Delete site to site vpn connection)
+    
+    
+      updateVpnCustomerGateway (Update site to site vpn customer gateway)
+    
+    
+      resetVpnConnection (Reset site to site vpn connection)
+    
+    
+      listVpnCustomerGateways (Lists site to site vpn customer gateways)
+    
+    
+      listVpnGateways (Lists site 2 site vpn gateways)
+    
+    
+      listVpnConnections (Lists site to site vpn connection gateways)
+    
+  
+  Added in 3.0.3:
+  
+    
+      enableCiscoNexusVSM (Enables Nexus 1000v dvSwitch in &PRODUCT;.)
+    
+    
+      disableCiscoNexusVSM (Disables Nexus 1000v dvSwitch in &PRODUCT;.)
+    
+    
+      deleteCiscoNexusVSM (Deletes Nexus 1000v dvSwitch in &PRODUCT;.)
+    
+    
+      listCiscoNexusVSMs (Lists the control VLAN ID, packet VLAN ID, and data VLAN ID, as well
+        as the IP address of the Nexus 1000v dvSwitch.)
+    
+  
+  Added in 3.0.2:
+  
+    
+      changeServiceForSystemVm
+      Changes the service offering for a system VM (console proxy or secondary storage). The
+        system VM must be in a "Stopped" state for this command to take effect.
+    
+  
+  Added in 3.0.1:
+  
+    
+      changeServiceForSystemVm
+      Changes the service offering for a system VM (console proxy or secondary storage). The
+        system VM must be in a "Stopped" state for this command to take effect.
+    
+  
+  Added in 3.0.0:
+  
+    
+      
+      
+      
+      
+        
+          assignVirtualMachine (Move a user VM to another user under same
+              domain.)
+          restoreVirtualMachine (Restore a VM to original template or specific
+              snapshot)
+          createLBStickinessPolicy (Creates a Load Balancer stickiness policy
+            )
+        
+        
+          deleteLBStickinessPolicy (Deletes a LB stickiness policy.)
+          listLBStickinessPolicies (Lists LBStickiness policies.)
+          ldapConfig (Configure the LDAP context for this site.)
+        
+        
+          addSwift (Adds Swift.)
+          listSwifts (List Swift.)
+          migrateVolume (Migrate volume)
+        
+        
+          updateStoragePool (Updates a storage pool.)
+          authorizeSecurityGroupEgress (Authorizes a particular egress rule for this
+              security group)
+          revokeSecurityGroupEgress (Deletes a particular egress rule from this
+              security group)
+        
+        
+          createNetworkOffering (Creates a network offering.)
+          deleteNetworkOffering (Deletes a network offering.)
+          createProject (Creates a project)
+        
+        
+          deleteProject (Deletes a project)
+          updateProject (Updates a project)
+          activateProject (Activates a project)
+        
+        
+          suspendProject (Suspends a project)
+          listProjects (Lists projects and provides detailed information for listed
+              projects)
+          addAccountToProject (Adds acoount to a project)
+        
+        
+          deleteAccountFromProject (Deletes account from the project)
+          listProjectAccounts (Lists project's accounts)
+          listProjectInvitations (Lists an account's invitations to join
+              projects)
+        
+        
+          updateProjectInvitation (Accepts or declines project
+            invitation)
+          deleteProjectInvitation (Deletes a project invitation)
+          updateHypervisorCapabilities (Updates a hypervisor
+            capabilities.)
+        
+        
+          listHypervisorCapabilities (Lists all hypervisor
+            capabilities.)
+          createPhysicalNetwork (Creates a physical network)
+          deletePhysicalNetwork (Deletes a Physical Network.)
+        
+        
+          listPhysicalNetworks (Lists physical networks)
+          updatePhysicalNetwork (Updates a physical network)
+          listSupportedNetworkServices (Lists all network services provided by
+              &PRODUCT; or for the given Provider.)
+        
+        
+          addNetworkServiceProvider (Adds a network serviceProvider to a physical
+              network)
+          deleteNetworkServiceProvider (Deletes a Network Service
+            Provider.)
+          listNetworkServiceProviders (Lists network serviceproviders for a given
+              physical network.)
+        
+        
+          updateNetworkServiceProvider (Updates a network serviceProvider of a physical
+              network)
+          addTrafficType (Adds traffic type to a physical network)
+          deleteTrafficType (Deletes traffic type of a physical network)
+        
+        
+          listTrafficTypes (Lists traffic types of a given physical
+            network.)
+          updateTrafficType (Updates traffic type of a physical network)
+          listTrafficTypeImplementors (Lists implementors of implementor of a network
+              traffic type or implementors of all network traffic types)
+        
+        
+          createStorageNetworkIpRange (Creates a Storage network IP
+            range.)
+          deleteStorageNetworkIpRange (Deletes a storage network IP
+            Range.)
+          listStorageNetworkIpRange (List a storage network IP range.)
+        
+        
+          updateStorageNetworkIpRange (Update a Storage network IP range, only allowed
+              when no IPs in this range have been allocated.)
+          listUsageTypes (List Usage Types)
+          addF5LoadBalancer (Adds a F5 BigIP load balancer device)
+        
+        
+          configureF5LoadBalancer (configures a F5 load balancer device)
+          deleteF5LoadBalancer ( delete a F5 load balancer device)
+          listF5LoadBalancers (lists F5 load balancer devices)
+        
+        
+          listF5LoadBalancerNetworks (lists network that are using a F5 load balancer
+              device)
+          addSrxFirewall (Adds a SRX firewall device)
+          deleteSrxFirewall ( delete a SRX firewall device)
+        
+        
+          listSrxFirewalls (lists SRX firewall devices in a physical
+            network)
+          listSrxFirewallNetworks (lists network that are using SRX firewall
+              device)
+          addNetscalerLoadBalancer (Adds a netscaler load balancer
+            device)
+        
+        
+          deleteNetscalerLoadBalancer ( delete a netscaler load balancer
+            device)
+          configureNetscalerLoadBalancer (configures a netscaler load balancer
+              device)
+          listNetscalerLoadBalancers (lists netscaler load balancer
+            devices)
+        
+        
+          listNetscalerLoadBalancerNetworks (lists network that are using a netscaler
+              load balancer device)
+          createVirtualRouterElement (Create a virtual router element.)
+          configureVirtualRouterElement (Configures a virtual router
+            element.)
+        
+        
+          listVirtualRouterElements (Lists all available virtual router
+              elements.)
+          
+          
+        
+      
+    
+  
+

diff --git a/docs/en-US/advanced-zone-configuration.xml b/docs/en-US/advanced-zone-configuration.xml
index 5186bc51fc0..84649db96ef 100644
--- a/docs/en-US/advanced-zone-configuration.xml
+++ b/docs/en-US/advanced-zone-configuration.xml
@@ -3,7 +3,6 @@
 
 %BOOK_ENTITIES;
 ]>
-
 
 

-	Advanced Zone Configuration
-    
-       
-        After you select Advanced in the Add Zone wizard and click Next, you will be asked to enter the following details. Then click Next.
-           	
-            
-             	
-                Name. A name for the zone.
-              
-                DNS 1 and 2. These are DNS servers for use by guest VMs in the zone. These DNS servers will be accessed via the public network you will add later. The public IP addresses for the zone must have a route to the DNS server named here.
-                             Internal DNS 1 and Internal DNS 2. These are DNS servers for use by system VMs in the zone(these are VMs used by &PRODUCT; itself, such as virtual routers, console proxies,and Secondary Storage VMs.) These DNS servers will be accessed via the management traffic network interface of the System VMs. The private IP address you provide for the pods must have a route to the internal DNS server named here.
-              	
-                Network Domain. (Optional) If you want to assign a special domain name to the guest VM network, specify the DNS suffix.
-                             Guest CIDR. This is the CIDR that describes the IP addresses in use in the guest virtual networks in this zone. For example, 10.1.1.0/24. As a matter of good practice you should set different CIDRs for different zones. This will make it easier to set up VPNs between networks in different zones.
-              
-                Hypervisor. (Introduced in version 3.0.1) Choose the hypervisor for the first cluster in the zone. You can add clusters with different hypervisors later, after you finish adding the zone.
-                              Public. A public zone is available to all users. A zone that is not public will be assigned to a particular domain.  Only users in that domain will be allowed to create guest VMs in this zone.
-              
-            
-            	
+  Advanced Zone Configuration
+  
+    
+      After you select Advanced in the Add Zone wizard and click Next, you will be asked to
+        enter the following details. Then click Next.
+      
+        
+          Name. A name for the zone.
         
-        
-        Choose which traffic types will be carried by the physical network.
-        	
-            The traffic types are management, public, guest, and storage traffic. For more information about the types, roll over the icons to display their tool tips, or see . This screen starts out with one network already configured. If you have multiple physical networks, you need to add more. Drag and drop traffic types onto a greyed-out network and it will become active. You can move the traffic icons from one network to another; for example, if the default traffic types shown for Network 1 do not match your actual setup, you can move them down. You can also change the network names if desired.
-        
+        
+          DNS 1 and 2. These are DNS servers for use by guest
+            VMs in the zone. These DNS servers will be accessed via the public network you will add
+            later. The public IP addresses for the zone must have a route to the DNS server named
+            here.
         
-        	
-        (Introduced in version 3.0.1) Assign a network traffic label to each traffic type on each physical network. These labels must match the labels you have already defined on the hypervisor host. To assign each label, click the Edit button under the traffic type icon within each physical network. A popup dialog appears where you can type the label, then click OK.
-        	
-            These traffic labels will be defined only for the hypervisor selected for the first cluster. For all other hypervisors, the labels can be configured after the zone is created.
-        	
-           (VMware only) If you have enabled Nexus dvSwitch in the environment, you must specify the corresponding Ethernet port profile names as network traffic label for each traffic type on the physical network. For more information on Nexus dvSwitch, see Configuring a vSphere Cluster with Nexus 1000v Virtual Switch.
-        
+        
+          Internal DNS 1 and Internal DNS 2. These are DNS
+            servers for use by system VMs in the zone(these are VMs used by &PRODUCT; itself, such
+            as virtual routers, console proxies,and Secondary Storage VMs.) These DNS servers will
+            be accessed via the management traffic network interface of the System VMs. The private
+            IP address you provide for the pods must have a route to the internal DNS server named
+            here.
         
-        	
-        Click Next.
-        	
+        
+          Network Domain. (Optional) If you want to assign a
+            special domain name to the guest VM network, specify the DNS suffix.
         
-        	
-        Configure the IP range for public Internet traffic. Enter the following details, then click Add. If desired, you can repeat this step to add more public Internet IP ranges. When done, click Next.
-        	
-            
-        	
-                Gateway. The gateway in use for these IP addresses.
-        	
-                Netmask. The netmask associated with this IP range.
-        
-                VLAN. The VLAN that will be used for public traffic.
-        	
-                Start IP/End IP. A range of IP addresses that are assumed to be accessible from the Internet and will be allocated for access to guest networks.
-        	
-            
-        	
+        
+          Guest CIDR. This is the CIDR that describes the IP
+            addresses in use in the guest virtual networks in this zone. For example, 10.1.1.0/24.
+            As a matter of good practice you should set different CIDRs for different zones. This
+            will make it easier to set up VPNs between networks in different zones.
         
-        	
-        In a new zone, &PRODUCT; adds the first pod for you. You can always add more pods later. For an overview of what a pod is, see .
-            	
-            To configure the first pod, enter the following, then click Next:
-            	
-            
-            
-                Pod Name. A name for the pod.
-            	
-                Reserved system gateway. The gateway for the hosts in that pod.
-            	
-                Reserved system netmask. The network prefix that defines the pod's subnet. Use CIDR notation.
-            	
-                Start/End Reserved System IP. The IP range in the management network that &PRODUCT; uses to manage various system VMs, such as Secondary Storage VMs, Console Proxy VMs, and DHCP. For more information, see .
-            	
-            
-            	
+        
+          Hypervisor. (Introduced in version 3.0.1) Choose
+            the hypervisor for the first cluster in the zone. You can add clusters with different
+            hypervisors later, after you finish adding the zone.
         
-        
-        Specify a range of VLAN IDs to carry guest traffic for each physical network (see VLAN Allocation Example ), then click Next.
-        	
+        
+          Public. A public zone is available to all users. A
+            zone that is not public will be assigned to a particular domain. Only users in that
+            domain will be allowed to create guest VMs in this zone.
         
-        	
-        In a new pod, &PRODUCT; adds the first cluster for you. You can always add more clusters later. For an overview of what a cluster is, see .
-        	
-            To configure the first cluster, enter the following, then click Next:
-        	
-            
-        	
-                Hypervisor. (Version 3.0.0 only; in 3.0.1, this field is read only) Choose the type of hypervisor software that all hosts in this cluster will run. If you choose VMware, additional fields appear so you can give information about a vSphere cluster. For vSphere servers, we recommend creating the cluster of hosts in vCenter and then adding the entire cluster to &PRODUCT;. See Add Cluster: vSphere .
-        	
-                Cluster name. Enter a name for the cluster.  This can be text of your choosing and is not used by &PRODUCT;.
-        	
-            
-        	
+      
+    
+    
+      Choose which traffic types will be carried by the physical network.
+      The traffic types are management, public, guest, and storage traffic. For more
+        information about the types, roll over the icons to display their tool tips, or see . This screen starts out with one network
+        already configured. If you have multiple physical networks, you need to add more. Drag and
+        drop traffic types onto a greyed-out network and it will become active. You can move the
+        traffic icons from one network to another; for example, if the default traffic types shown
+        for Network 1 do not match your actual setup, you can move them down. You can also change
+        the network names if desired.
+    
+    
+      (Introduced in version 3.0.1) Assign a network traffic label to each traffic type on
+        each physical network. These labels must match the labels you have already defined on the
+        hypervisor host. To assign each label, click the Edit button under the traffic type icon
+        within each physical network. A popup dialog appears where you can type the label, then
+        click OK.
+      These traffic labels will be defined only for the hypervisor selected for the first
+        cluster. For all other hypervisors, the labels can be configured after the zone is
+        created.
+      (VMware only) If you have enabled Nexus dvSwitch in the environment, you must specify
+        the corresponding Ethernet port profile names as network traffic label for each traffic type
+        on the physical network. For more information on Nexus dvSwitch, see Configuring a vSphere
+        Cluster with Nexus 1000v Virtual Switch.
+    
+    
+      Click Next.
+    
+    
+      Configure the IP range for public Internet traffic. Enter the following details, then
+        click Add. If desired, you can repeat this step to add more public Internet IP ranges. When
+        done, click Next.
+      
+        
+          Gateway. The gateway in use for these IP
+            addresses.
         
-        	
-        In a new cluster, &PRODUCT; adds the first host for you. You can always add more hosts later. For an overview of what a host is, see .
-        	
-            When you deploy &PRODUCT;, the hypervisor host must not have any VMs already running.
-        
-            Before you can configure the host, you need to install the hypervisor software on the host. You will need to know which version of the hypervisor software version is supported by &PRODUCT; and what additional configuration is required to ensure the host will work with &PRODUCT;. To find these installation details, see:
-        	
-            
-                        Citrix XenServer Installation for &PRODUCT;
-        	
-               VMware vSphere Installation and Configuration
-        	
-                KVM Installation and Configuration
-        	
-                Oracle VM (OVM) Installation and Configuration
-        	
-            
-        
-            To configure the first host, enter the following, then click Next:
-        	
-            
-        	
-                Host Name. The DNS name or IP address of the host.
-        	
-                Username. Usually root.
-        	
-                Password. This is the password for the user named above (from your XenServer or KVM install).
-        	
-                Host Tags. (Optional) Any labels that you use to categorize hosts for ease of maintenance. For example, you can set to the cloud's HA tag (set in the ha.tag global configuration parameter) if you want this host to be used only for VMs with the "high availability" feature enabled. For more information, see HA-Enabled Virtual Machines as well as HA for Hosts, both in the Administration Guide.
-        	
-            
-        
+        
+          Netmask. The netmask associated with this IP
+            range.
         
-        	
-        In a new cluster, &PRODUCT; adds the first primary storage server for you. You can always add more servers later. For an overview of what primary storage is, see .
-        	
-            To configure the first primary storage server, enter the following, then click Next:
+        
+          VLAN. The VLAN that will be used for public
+            traffic.
+        
+        
+          Start IP/End IP. A range of IP addresses that are
+            assumed to be accessible from the Internet and will be allocated for access to guest
+            networks.
+        
+      
+    
+    
+      In a new zone, &PRODUCT; adds the first pod for you. You can always add more pods later.
+        For an overview of what a pod is, see .
+      To configure the first pod, enter the following, then click Next:
+      
+        
+          Pod Name. A name for the pod.
+        
+        
+          Reserved system gateway. The gateway for the hosts
+            in that pod.
+        
+        
+          Reserved system netmask. The network prefix that
+            defines the pod's subnet. Use CIDR notation.
+        
+        
+          Start/End Reserved System IP. The IP range in the
+            management network that &PRODUCT; uses to manage various system VMs, such as Secondary
+            Storage VMs, Console Proxy VMs, and DHCP. For more information, see .
+        
+      
+    
+    
+      Specify a range of VLAN IDs to carry guest traffic for each physical network (see VLAN
+        Allocation Example ), then click Next.
+    
+    
+      In a new pod, &PRODUCT; adds the first cluster for you. You can always add more clusters
+        later. For an overview of what a cluster is, see .
+      To configure the first cluster, enter the following, then click Next:
+      
+        
+          Hypervisor. (Version 3.0.0 only; in 3.0.1, this
+            field is read only) Choose the type of hypervisor software that all hosts in this
+            cluster will run. If you choose VMware, additional fields appear so you can give
+            information about a vSphere cluster. For vSphere servers, we recommend creating the
+            cluster of hosts in vCenter and then adding the entire cluster to &PRODUCT;. See Add
+            Cluster: vSphere .
+        
+        
+          Cluster name. Enter a name for the cluster. This
+            can be text of your choosing and is not used by &PRODUCT;.
+        
+      
+    
+    
+      In a new cluster, &PRODUCT; adds the first host for you. You can always add more hosts
+        later. For an overview of what a host is, see .
+      
+        When you deploy &PRODUCT;, the hypervisor host must not have any VMs already
+          running.
+      
+      Before you can configure the host, you need to install the hypervisor software on the
+        host. You will need to know which version of the hypervisor software version is supported by
+        &PRODUCT; and what additional configuration is required to ensure the host will work with
+        &PRODUCT;. To find these installation details, see:
+      
+        
+          Citrix XenServer Installation for &PRODUCT;
+        
+        
+          VMware vSphere Installation and Configuration
+        
+        
+          KVM Installation and Configuration
+        
+        
+          Oracle VM (OVM) Installation and Configuration
+        
+      
+      To configure the first host, enter the following, then click Next:
+      
+        
+          Host Name. The DNS name or IP address of the
+            host.
+        
+        
+          Username. Usually root.
+        
+        
+          Password. This is the password for the user named
+            above (from your XenServer or KVM install).
+        
+        
+          Host Tags. (Optional) Any labels that you use to
+            categorize hosts for ease of maintenance. For example, you can set to the cloud's HA tag
+            (set in the ha.tag global configuration parameter) if you want this host to be used only
+            for VMs with the "high availability" feature enabled. For more information, see
+            HA-Enabled Virtual Machines as well as HA for Hosts, both in the Administration
+            Guide.
+        
+      
+    
+    
+      In a new cluster, &PRODUCT; adds the first primary storage server for you. You can
+        always add more servers later. For an overview of what primary storage is, see .
+      To configure the first primary storage server, enter the following, then click
+        Next:
+      
+        
+          Name. The name of the storage device.
+        
+        
+          Protocol. For XenServer, choose either NFS, iSCSI,
+            or PreSetup. For KVM, choose NFS or SharedMountPoint. For vSphere choose either VMFS
+            (iSCSI or FiberChannel) or NFS. The remaining fields in the screen vary depending on
+            what you choose here.
+          
+            
+              
+              
+              
+                
+                  NFS
+                  
                     
-        	
-                Name. The name of the storage device.
-        	
-                Protocol. For XenServer, choose either NFS, iSCSI, or PreSetup.  For KVM, choose NFS or SharedMountPoint.  For vSphere choose either VMFS (iSCSI or FiberChannel) or NFS. The remaining fields in the screen vary depending on what you choose here.
-        	
-                    
-        	
-                        
-        	
-                            
-        	
-                            
-        	
-                            
-        
-                                
-        	
-                                    NFS
-                                           
-        
-                                       
-                                                    Server. The IP address or DNS name of the storage device.
-                                                   Path. The exported path from the server.
-                                                   Tags (optional). The comma-separated list of tags for this storage device.  It should be an equivalent set or superset of the tags on your disk offerings.
-        	
-                                        
-                                                The tag sets on primary storage across clusters in a Zone must be identical.  For example, if cluster A provides primary storage that has tags T1 and T2, all other clusters in the Zone must also provide primary storage that has tags T1 and T2.
-        
-                                    
-                                        
-                                       
-                                            iSCSI
-                                            
-        
-                                        
-                                                  Server. The IP address or DNS name of the storage device.
-        
-                                            Target IQN. The IQN of the target. For example, iqn.1986-03.com.sun:02:01ec9bb549-1271378984.
-        
-                                            Lun. The LUN number. For example, 3.
-        
-                                            Tags (optional). The comma-separated list of tags for this storage device.  It should be an equivalent set or superset of the tags on your disk offerings.
-                                                
-                                                The tag sets on primary storage across clusters in a Zone must be identical.  For example, if cluster A provides primary storage that has tags T1 and T2, all other clusters in the Zone must also provide primary storage that has tags T1 and T2.
-                                            
-                                      
-                                        
-        
-                                    preSetup
-        	
-                                    
-                                                
-                                                   Server. The IP address or DNS name of the storage device.
-        
-                                            SR Name-Label. Enter the name-label of the SR that has been set up outside &PRODUCT;.
-        
-                                            Tags (optional). The comma-separated list of tags for this storage device.  It should be an equivalent set or superset of the tags on your disk offerings.
-                                               
-        
-                                        The tag sets on primary storage across clusters in a Zone must be identical.  For example, if cluster A provides primary storage that has tags T1 and T2, all other clusters in the Zone must also provide primary storage that has tags T1 and T2.
-                                            
-        
-                                
-                                        
-                                            SharedMountPoint
-        
-                                    
-        	
-                                        
-                                                    Path. The path on each host that is where this primary storage is mounted.  For example, "/mnt/primary".
-                                                    Tags (optional). The comma-separated list of tags for this storage device.  It should be an equivalent set or superset of the tags on your disk offerings.
-        	
-                                        
-        	
-                                        The tag sets on primary storage across clusters in a Zone must be identical.  For example, if cluster A provides primary storage that has tags T1 and T2, all other clusters in the Zone must also provide primary storage that has tags T1 and T2.
-        
-                                    
-        
-                                
-        
-                                
-        	
-                                    VMFS
-                                            
-        
-                                        
-                                                    Server. The IP address or DNS name of the vCenter server.
-                                                    Path. A combination of the datacenter name and the datastore name.  The format is "/" datacenter name "/" datastore name.  For example, "/cloud.dc.VM/cluster1datastore".
-        
-                                            Tags (optional). The comma-separated list of tags for this storage device.  It should be an equivalent set or superset of the tags on your disk offerings.
-        
-                                        
-                                                The tag sets on primary storage across clusters in a Zone must be identical.  For example, if cluster A provides primary storage that has tags T1 and T2, all other clusters in the Zone must also provide primary storage that has tags T1 and T2.
-                                            
-                                       
-                                    
-                                
-                           
-                        
-               
-            
-           
+                      
+                        Server. The IP address or DNS name of
+                          the storage device.
+                      
+                      
+                        Path. The exported path from the
+                          server.
+                      
+                      
+                        Tags (optional). The comma-separated
+                          list of tags for this storage device. It should be an equivalent set or
+                          superset of the tags on your disk offerings.
+                      
+                    
+                    The tag sets on primary storage across clusters in a Zone must be
+                      identical. For example, if cluster A provides primary storage that has tags T1
+                      and T2, all other clusters in the Zone must also provide primary storage that
+                      has tags T1 and T2.
+                  
+                
+                
+                  iSCSI
+                  
+                    
+                      
+                        Server. The IP address or DNS name of
+                          the storage device.
+                      
+                      
+                        Target IQN. The IQN of the target.
+                          For example, iqn.1986-03.com.sun:02:01ec9bb549-1271378984.
+                      
+                      
+                        Lun. The LUN number. For example,
+                          3.
+                      
+                      
+                        Tags (optional). The comma-separated
+                          list of tags for this storage device. It should be an equivalent set or
+                          superset of the tags on your disk offerings.
+                      
+                    
+                    The tag sets on primary storage across clusters in a Zone must be
+                      identical. For example, if cluster A provides primary storage that has tags T1
+                      and T2, all other clusters in the Zone must also provide primary storage that
+                      has tags T1 and T2.
+                  
+                
+                
+                  preSetup
+                  
+                    
+                      
+                        Server. The IP address or DNS name of
+                          the storage device.
+                      
+                      
+                        SR Name-Label. Enter the name-label
+                          of the SR that has been set up outside &PRODUCT;.
+                      
+                      
+                        Tags (optional). The comma-separated
+                          list of tags for this storage device. It should be an equivalent set or
+                          superset of the tags on your disk offerings.
+                      
+                    
+                    The tag sets on primary storage across clusters in a Zone must be
+                      identical. For example, if cluster A provides primary storage that has tags T1
+                      and T2, all other clusters in the Zone must also provide primary storage that
+                      has tags T1 and T2.
+                  
+                
+                
+                  SharedMountPoint
+                  
+                    
+                      
+                        Path. The path on each host that is
+                          where this primary storage is mounted. For example, "/mnt/primary".
+                      
+                      
+                        Tags (optional). The comma-separated
+                          list of tags for this storage device. It should be an equivalent set or
+                          superset of the tags on your disk offerings.
+                      
+                    
+                    The tag sets on primary storage across clusters in a Zone must be
+                      identical. For example, if cluster A provides primary storage that has tags T1
+                      and T2, all other clusters in the Zone must also provide primary storage that
+                      has tags T1 and T2.
+                  
+                
+                
+                  VMFS
+                  
+                    
+                      
+                        Server. The IP address or DNS name of
+                          the vCenter server.
+                      
+                      
+                        Path. A combination of the datacenter
+                          name and the datastore name. The format is "/" datacenter name "/"
+                          datastore name. For example, "/cloud.dc.VM/cluster1datastore".
+                      
+                      
+                        Tags (optional). The comma-separated
+                          list of tags for this storage device. It should be an equivalent set or
+                          superset of the tags on your disk offerings.
+                      
+                    
+                    The tag sets on primary storage across clusters in a Zone must be
+                      identical. For example, if cluster A provides primary storage that has tags T1
+                      and T2, all other clusters in the Zone must also provide primary storage that
+                      has tags T1 and T2.
+                  
+                
+              
+            
+          
         
-       
-        In a new zone, &PRODUCT; adds the first secondary storage server for you. For an overview of what secondary storage is, see .
-           
-            Before you can fill out this screen, you need to prepare the secondary storage by setting up NFS shares and installing the latest &PRODUCT; System VM template. See Adding Secondary Storage :
-           	
-            
-               
-                NFS Server. The IP address of the server.
-               
-                Path. The exported path from the server.
-               
-            
-           
+      
+    
+    
+      In a new zone, &PRODUCT; adds the first secondary storage server for you. For an
+        overview of what secondary storage is, see .
+      Before you can fill out this screen, you need to prepare the secondary storage by
+        setting up NFS shares and installing the latest &PRODUCT; System VM template. See Adding
+        Secondary Storage :
+      
+        
+          NFS Server. The IP address of the server.
         
-     	
-        Click Launch.
-           
+        
+          Path. The exported path from the server.
         
-    
-    
+      
+    
+    
+      Click Launch.
+    
+  
 

diff --git a/docs/en-US/advanced-zone-physical-network-configuration.xml b/docs/en-US/advanced-zone-physical-network-configuration.xml
index 0d917da5d67..8a68c2d76bf 100644
--- a/docs/en-US/advanced-zone-physical-network-configuration.xml
+++ b/docs/en-US/advanced-zone-physical-network-configuration.xml
@@ -3,7 +3,6 @@
 
 %BOOK_ENTITIES;
 ]>
-
 
 

+<<<<<<< HEAD
 	Advanced Zone Physical Network Configuration
 	Within a zone that uses advanced networking, you need to tell the Management Server how the physical network is set up to carry different kinds of traffic in isolation.
     
     
 

+=======
+  Advanced Zone Physical Network Configuration
+  Within a zone that uses advanced networking, you need to tell the Management Server how the
+    physical network is set up to carry different kinds of traffic in isolation.
+  
+  
+
+>>>>>>> master
diff --git a/docs/en-US/api-overview.xml b/docs/en-US/api-overview.xml
new file mode 100644
index 00000000000..a541049e116
--- /dev/null
+++ b/docs/en-US/api-overview.xml
@@ -0,0 +1,38 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+  &PRODUCT; API
+  The &PRODUCT; API is a low level API that has been used to implement the &PRODUCT; web UIs.
+    It is also a good basis for implementing other popular APIs such as EC2/S3 and emerging DMTF
+    standards.
+  Many &PRODUCT; API calls are asynchronous. These will return a Job ID immediately when
+    called. This Job ID can be used to query the status of the job later. Also, status calls on
+    impacted resources will provide some indication of their state.
+  The API has a REST-like query basis and returns results in XML or JSON.
+  See the
+      Developer’s Guide and the API
+      Reference.
+  
+  
+  
+
diff --git a/docs/en-US/automatic-snapshot-creation-retention.xml b/docs/en-US/automatic-snapshot-creation-retention.xml
index a1f62df8c73..54fbe68e5bb 100644
--- a/docs/en-US/automatic-snapshot-creation-retention.xml
+++ b/docs/en-US/automatic-snapshot-creation-retention.xml
@@ -3,7 +3,6 @@
 
 %BOOK_ENTITIES;
 ]>
-
 
-
 

-	Automatic Snapshot Creation and Retention
-	(Supported for the following hypervisors: XenServer,
-			VMware vSphere, and KVM)
-	Users can set up a recurring snapshot policy to automatically create multiple snapshots of a disk at regular intervals. Snapshots can be created on an hourly, daily, weekly, or monthly interval. One snapshot policy can be set up per disk volume. For example, a user can set up a daily snapshot at 02:30.
-	With each snapshot schedule, users can also specify the number of scheduled snapshots to be
-		retained. Older snapshots that exceed the retention limit are automatically deleted. This
-		user-defined limit must be equal to or lower than the global limit set by the &PRODUCT;
-		administrator. See . The limit applies only to
-		those snapshots that are taken as part of an automatic recurring snapshot policy. Additional
-		manual snapshots can be created and retained.
-	

+  Automatic Snapshot Creation and Retention
+  (Supported for the following hypervisors: XenServer,
+      VMware vSphere, and KVM)
+  Users can set up a recurring snapshot policy to automatically create multiple snapshots of a
+    disk at regular intervals. Snapshots can be created on an hourly, daily, weekly, or monthly
+    interval. One snapshot policy can be set up per disk volume. For example, a user can set up a
+    daily snapshot at 02:30.
+  With each snapshot schedule, users can also specify the number of scheduled snapshots to be
+    retained. Older snapshots that exceed the retention limit are automatically deleted. This
+    user-defined limit must be equal to or lower than the global limit set by the &PRODUCT;
+    administrator. See . The limit applies only to those
+    snapshots that are taken as part of an automatic recurring snapshot policy. Additional manual
+    snapshots can be created and retained.
+
\ No newline at end of file
diff --git a/docs/en-US/aws-ec2-configuration.xml b/docs/en-US/aws-ec2-configuration.xml
new file mode 100644
index 00000000000..e1924072168
--- /dev/null
+++ b/docs/en-US/aws-ec2-configuration.xml
@@ -0,0 +1,64 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+
+

+  Enabling the AWS API compatible Interface
+  
+    To enable the EC2 compatible service you need to set the configuration variable enable.ec2.apito true. This can be done via the &PRODUCT; GUI by going in Global Settings or via the API.
+  
+  
+    
+      
+        
+      
+      
+        Use the GUI to set the configuration variable to true
+      
+    
+  
+  
+    The easiest is to use the so-called integration port on which you can make unauthenticated calls. In Global Settings set the port to 8096 and subsequently call the updateConfiguration method. The following url shows you how:
+  
+  
+    
+      http://localhost:8096/client/api?command=updateConfiguration&name=enable.ec2.api&value=true
+    
+  
+  
+    Once you have updated enable.ec2.apito true, restart the server.
+  
+  
+    You will also need to define compute service offerings with names compatible with the Amazon EC2 instance types API names (e.g m1.small,m1.large). This is easiest done via the &PRODUCT; GUI. Go under Service Offerings select Compute offering and either create a new compute offering or modify an existing one, ensuring that the name matches an EC2 instance type API name. The snapshot below shows you how:
+  
+  
+    
+      
+        
+      
+    
+      Use the GUI to set the name of a compute service offering to an EC2 instance type API name.
+    
+    
+  
+ 

diff --git a/docs/en-US/aws-ec2-introduction.xml b/docs/en-US/aws-ec2-introduction.xml
new file mode 100644
index 00000000000..c2bfb32bc61
--- /dev/null
+++ b/docs/en-US/aws-ec2-introduction.xml
@@ -0,0 +1,47 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+
+

+  Amazon Web Services EC2 Compatible Interface
+    &PRODUCT; can translate Amazon Web Services (AWS) API calls to native &PRODUCT; API calls so that users can continue using existing AWS-compatible tools. This translation service runs as a separate web application in the same tomcat server as the management server of &PRODUCT;, listening on the same port. This Amazon EC2-compatible API is accessible through a SOAP web service as well as the REST query interface.
+    
+	  Expect the SOAP service to be deprecated in new releases in favor of the REST interface.
+     
+    
+      This service was previously enabled by a separate software called CloudBridge, it is now fully integrated with the &PRODUCT; management server.
+      
+    
+    Limitations
+    
+      
+        Supported only in zones that use basic networking.
+      
+      
+        Available in fresh installations of &PRODUCT;. Not available through upgrade of previous versions.
+      
+      
+        If you need to support features such as elastic IP, set up a Citrix NetScaler to provide this service. The commands such as ec2-associate-address will not work without EIP setup. Users running VMs in this zone will be using the NetScaler-enabled network offering (DefaultSharedNetscalerEIP and ELBNetworkOffering).
+      
+    
+

diff --git a/docs/en-US/aws-ec2-requirements.xml b/docs/en-US/aws-ec2-requirements.xml
new file mode 100644
index 00000000000..916cec5fdda
--- /dev/null
+++ b/docs/en-US/aws-ec2-requirements.xml
@@ -0,0 +1,30 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+
+

+  System Requirements
+    This interface complies with Amazon's WDSL version dated November 15, 2010, available at http://ec2.amazonaws.com/doc/2010-11-15/. The EC2 command line utilities compatible with it are EC2 tools v. 1.3.6230that can be downloaded at http://s3.amazonaws.com/ec2-downloads/ec2-api-tools-1.3-62308.zip
+    
+    Effort is underway to provide support for a newer API
+

diff --git a/docs/en-US/aws-ec2-supported-commands.xml b/docs/en-US/aws-ec2-supported-commands.xml
new file mode 100644
index 00000000000..77e47bd90a5
--- /dev/null
+++ b/docs/en-US/aws-ec2-supported-commands.xml
@@ -0,0 +1,407 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+
+

+  Supported AWS API Calls
+    
+      The following Amazon EC2 commands are supported by &PRODUCT; when the AWS API compatibility feature is enabled. For a few commands, there are differences between the &PRODUCT; and Amazon EC2 versions, and these differences are noted. The underlying SOAP call for each command is also given, for those who have built tools using those calls.
+    
+    Elastic IP Addresses
+    
+      Elastic IP API mapping
+      
+        
+        
+          
+            EC2 command
+            SOAP all
+            &PRODUCT; API call
+          
+        
+        
+          
+            ec2-allocate-address
+            AllocateAddress
+            associateIpAddress
+          
+          
+            ec2-associate-address
+            AssociateAddress
+            enableStaticNat
+          
+          
+            ec2-describe-addresses
+            DescribeAddresses
+            listPublicIpAddresses
+          
+          
+            ec2-diassociate-address
+            DisassociateAddress
+            disableStaticNat
+          
+          
+            ec2-release-address
+            ReleaseAddress
+            disassociateIpAddress
+          
+        
+      
+    

+    Availability Zones
+    
+      Availability Zone API mapping
+        
+          
+          
+            
+              EC2 command
+              SOAP all
+              &PRODUCT; API call
+            
+          
+          
+            
+              ec2-describe-availability-zones
+              DescribeAvailabilityZones
+              listZones
+            
+          
+        
+    

+    Images
+    
+      Images API mapping
+        
+          
+          
+            
+              EC2 command
+              SOAP all
+              &PRODUCT; API call
+            
+          
+          
+            
+              ec2-create-image
+              CreateImage
+              createTemplate
+            
+            
+              ec2-deregister
+              DeregisterImage
+              DeleteTemplate
+            
+            
+              ec2-describe-images
+              DescribeImages
+              listTemplates
+            
+            
+              ec2-register
+              RegisterImage
+              registerTemplate
+            
+          
+        
+    

+    Image Attributes
+    
+      Image Attributes API mapping
+      
+        
+        
+          
+            EC2 command
+            SOAP all
+            &PRODUCT; API call
+          
+        
+        
+          
+            ec2-describe-image-attribute
+            DescribeImageAttribute
+            listTemplatePermissions
+          
+          
+            ec2-modify-image-attribute
+            ModifyImageAttribute
+            updateTemplatePermissions
+          
+          
+            ec2-reset-image-attribute
+            ResetImageAttribute
+            updateTemplatePermissions
+          
+        
+      
+    

+    Instances
+    
+      Instances API mapping
+      
+        
+        
+          
+            EC2 command
+            SOAP all
+            &PRODUCT; API call
+          
+        
+        
+          
+            ec2-describe-instances
+            DescribeInstances
+            listVirtualMachines
+          
+          
+            ec2-run-instances
+            RunInstances
+            deployVirtualMachine
+          
+          
+            ec2-reboot-instances
+            RebootInstances
+            rebootVirtualMachine
+          
+          
+            ec2-start-instances
+            StartInstances
+            startVirtualMachine
+          
+          
+            ec2-stop-instances
+            StopInstances
+            stopVirtualMachine
+          
+          
+            ec2-terminate-instances
+            TerminateInstances
+            destroyVirtualMachine
+          
+        
+      
+    

+    Instance Attributes
+    
+      Instance Attributes Mapping
+      
+        
+        
+          
+            EC2 command
+            SOAP all
+            &PRODUCT; API call
+          
+        
+        
+          
+             ec2-describe-instance-attribute
+             DescribeInstanceAttribute
+             listVirtualMachines
+           
+         
+       
+     

+     Key Pairs
+     
+       Keys Pairs Mapping
+       
+         
+         
+           
+             EC2 command
+             SOAP all
+             &PRODUCT; API call
+           
+         
+         
+           
+             ec2-add-keypair 
+             CreateKeyPair
+             createSSHKeyPair
+           
+           
+             ec2-delete-keypair
+             DeleteKeyPair
+             deleteSSHKeyPair
+           
+           
+             ec2-describe-keypairs
+             DescribeKeyPairs
+             listSSHKeyPairs
+           
+           
+             ec2-import-keypair
+             ImportKeyPair
+             registerSSHKeyPair
+           	
+         
+       
+     

+     Passwords
+     
+       Passwords API Mapping
+       
+         
+         
+           
+             EC2 command
+             SOAP all
+             &PRODUCT; API call
+           
+         
+         
+           
+             ec2-get-password
+             GetPasswordData
+             getVMPassword
+          
+         
+       
+     

+     Security Groups
+     
+       Security Groups API Mapping
+       
+         
+         
+           
+             EC2 command
+             SOAP all
+             &PRODUCT; API call
+           
+         
+         
+           
+             ec2-authorize
+             AuthorizeSecurityGroupIngress
+             authorizeSecurityGroupIngress
+           
+           
+             ec2-add-group
+             CreateSecurityGroup
+             createSecurityGroup
+           
+           
+             ec2-delete-group
+             DeleteSecurityGroup
+             deleteSecurityGroup
+           
+           
+             ec2-describe-group
+             DescribeSecurityGroups
+             listSecurityGroups
+           
+           
+             ec2-revoke
+             RevokeSecurityGroupIngress
+             revokeSecurityGroupIngress
+           
+         
+       
+     

+     Snapshots
+     
+       Snapshots API Mapping
+       
+         
+         
+           
+             EC2 command
+             SOAP all
+             &PRODUCT; API call
+           
+         
+         
+           
+             ec2-create-snapshot
+             CreateSnapshot
+             createSnapshot
+           
+           
+             ec2-delete-snapshot
+             DeleteSnapshot
+             deleteSnapshot
+           
+           
+             ec2-describe-snapshots
+             DescribeSnapshots
+             listSnapshots
+           
+         
+      
+    

+    Volumes
+    
+	  Volumes API Mapping
+        
+         
+         
+           
+             EC2 command
+             SOAP all
+             &PRODUCT; API call
+           
+         
+         
+           
+             ec2-attach-volume
+             AttachVolume
+             attachVolume
+           
+           
+             ec2-create-volume
+             CreateVolume
+             createVolume
+           
+           
+             ec2-delete-volume
+             DeleteVolume
+             deleteVolume
+           
+           
+             ec2-describe-volume
+             DescribeVolume
+             listVolumes
+           
+           
+             ec2-detach-volume
+             DetachVolume
+             detachVolume
+           
+         
+       
+     

+

diff --git a/docs/en-US/aws-ec2-user-setup.xml b/docs/en-US/aws-ec2-user-setup.xml
new file mode 100644
index 00000000000..50c9fe26656
--- /dev/null
+++ b/docs/en-US/aws-ec2-user-setup.xml
@@ -0,0 +1,91 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+

+  User configuration
+  
+    Users of the Amazon EC2 compatible interface will be able to keep their existing EC2 tools and scripts and use them with their &PRODUCT; deployment, by specifyingi the endpoint of the managment server and using the proper user credentials.In order to do this, each user must perform the following configuration steps:
+  
+  
+    
+      
+        Generate user credentials.
+      
+      
+        Register with the service.
+      
+      
+        Setup the environment variables
+      
+    
+  
+
+  
+    To register, a user needs to:
+  
+
+  
+    
+      
+        Obtain his API key and his secret key as well as the DNS name or IP address of the &PRODUCT; server. Obtaining the keys can be done by asking the &PRODUCT; administrator or by using the GUI or via the API.
+      
+    
+	
+      
+        Obtain a self-signed X.509 certificate. It can be generated with the following command:
+      
+      $ openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /path/to/private_key.pem -out /path/to/cert.pem 
+      
+    
+    
+      
+        Register the mapping from the X.509 certificate to the API/Secret keys. Download the following script from http://download.cloud.com/releases/3.0.3/cloudstack-aws-api-register and run it. Substitute the values you obtained from the administrator in the URL below.
+      
+      
+$ cloudstack-aws-api-register --apikey=User’s CloudPlatform API key --secretkey=User’s CloudPlatform Secret key --cert=/path/to/cert.pem --url=http://&PRODUCT;.server:8080/awsapi
+       
+     
+   
+
+   
+     
+       A user with an existing AWS certificate could choose to use the same certificate with &PRODUCT; but note that the public key would be uploaded to the &PRODUCT; management server database.
+     
+   
+
+   
+     To use the EC2 command line tools, setup the environment variable in a similar fashion than with Amazon EC2 service. Specifically, in bash shell:
+     
+       $ export EC2_CERT=/path/to/cert.pem
+       $ export EC2_PRIVATE_KEY=/path/to/private_key.pem
+       $ export EC2_URL=http://&PRODUCT;.server:8080/awsapi
+       $ export EC2_HOME=/path/to/EC2_tools_directory
+     
+   
+
+   
+     The Amazon EC2 command-line tools have a default connection timeout. If you find that EC2 commands are not completing due to timeouts, you can pass a new timeout value as an argument with --connection-timeout TIMEOUT  or --request-timeout TIMEOUT 
+     
+   
+
+

diff --git a/docs/en-US/installation_overview.xml b/docs/en-US/aws-interface-guide.xml
similarity index 65%
rename from docs/en-US/installation_overview.xml
rename to docs/en-US/aws-interface-guide.xml
index eee444e571e..0c42b5bdb07 100644
--- a/docs/en-US/installation_overview.xml
+++ b/docs/en-US/aws-interface-guide.xml
@@ -22,12 +22,11 @@
  under the License.
 -->
 
-
-    Installation Overview
-        
-        
-        
-        
-        
-    
+
+    Amazon Web Service Interface Guide
+    
+    
+    
+    
+    
 
diff --git a/docs/en-US/castor-with-cs.xml b/docs/en-US/castor-with-cs.xml
new file mode 100644
index 00000000000..6385452b1ee
--- /dev/null
+++ b/docs/en-US/castor-with-cs.xml
@@ -0,0 +1,87 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Using the CAStor Back-end Storage with &PRODUCT;
+  This section describes how to use a CAStor cluster as the back-end storage system for a
+    &PRODUCT; S3 front-end. The CAStor back-end storage for &PRODUCT; extends the existing storage
+    classes and allows the storage configuration attribute to point to a CAStor cluster.
+  This feature makes use of the &PRODUCT; server's local disk to spool files before writing
+    them to CAStor when handling the PUT operations. However, a file must be successfully written
+    into the CAStor cluster prior to the return of a success code to the S3 client to ensure that
+    the transaction outcome is correctly reported.
+  
+    The S3 multipart file upload is not supported in this release. You are prompted with
+      proper error message if a multipart upload is attempted.
+  
+  To configure CAStor:
+  
+    
+      Install &PRODUCT; 4.0 by following the instructions given in the INSTALL.txt
+        file.
+      
+        You can use the S3 storage system in &PRODUCT; without setting up and installing the
+          compute components.
+      
+    
+    
+      Enable the S3 API by setting "enable.s3.api = true" in the Global parameter section in
+        the UI and register a user.
+      For more information, see S3 API in
+          &PRODUCT;.
+    
+    
+      Edit the cloud-bridge.properties file and modify the "storage.root" parameter.
+      
+        
+          Set "storage.root" to the key word "castor".
+        
+        
+          Specify a CAStor tenant domain to which content is written. If the domain is not
+            specified, the CAStor default domain, specified by the "cluster" parameter in CAStor's
+            node.cfg file, will be used.
+        
+        
+          Specify a list of node IP addresses, or set "zeroconf" and the cluster
+            name. When using a static IP list with a large cluster, it is not necessary to include
+            every node, only a few is required to initialize the client software.
+          For example:
+          storage.root=castor domain=cloudstack 10.1.1.51 10.1.1.52 10.1.1.53
+          In this example, the configuration file directs &PRODUCT; to write the S3 files to
+            CAStor instead of to a file system, where the CAStor domain name is cloudstack, and the
+            CAStor node IP addresses are those listed.
+        
+        
+          (Optional) The last value is a port number on which to communicate with the CAStor
+            cluster. If not specified, the default is 80.
+          #Static IP list with optional port
+storage.root=castor domain=cloudstack 10.1.1.51 10.1.1.52 10.1.1.53 80
+#Zeroconf locator for cluster named "castor.example.com"
+storage.root=castor domain=cloudstack zeroconf=castor.example.com
+        
+      
+    
+    
+      Create the tenant domain within the CAStor storage cluster. If you omit this step before
+        attempting to store content, you will get HTTP 412 errors in the awsapi.log.
+    
+  
+

diff --git a/docs/en-US/change-to-behavior-of-list-commands.xml b/docs/en-US/change-to-behavior-of-list-commands.xml
index 4e53590a773..9065398ef62 100644
--- a/docs/en-US/change-to-behavior-of-list-commands.xml
+++ b/docs/en-US/change-to-behavior-of-list-commands.xml
@@ -1,89 +1,109 @@
 
-
 %BOOK_ENTITIES;
 ]>
-
 
-
 

-        Change to Behavior of List Commands
-        There was a major change in how our List* API commands work in CloudStack 3.0 compared to 2.2.x. The rules below apply only for managed resources – those that belong to an account, domain, or project. They are irrelevant for the List* commands displaying unmanaged (system) resources, such as hosts, clusters, and external network resources.
-        When no parameters are passed in to the call, the caller sees only resources owned by the caller (even when the caller is the administrator). Previously, the administrator saw everyone else's resources by default.
-        When accountName and domainId are passed in:
-        
-            The caller sees the resources dedicated to the account specified.
-            If the call is executed by a regular user, the user is authorized to specify only the user's own account and domainId.
-            If the caller is a domain administrator, CloudStack performs an authorization check to see whether the caller is permitted to view resources for the given account and domainId.
-        
-        When projectId is passed in, only resources belonging to that project are listed.
-        When domainId is passed in, the call returns only resources belonging to the domain specified. To see the resources of subdomains, use the parameter isRecursive=true. Again, the regular user can see only resources owned by that user, the root administrator can list anything, and a domain administrator is authorized to see only resources of the administrator's own domain and subdomains.
-        To see all resources the caller is authorized to see, except for Project resources, use the parameter listAll=true.
-        To see all Project resources the caller is authorized to see, use the parameter projectId=-1.
-        There is one API command that doesn't fall under the rules above completely: the listTemplates command. This command has its own flags defining the list rules:
-        
-            
-                
-                
-                
-                    
-                        listTemplates Flag
-                        Description
-                    
-                
-                
-                    
-                        featured
-                        Returns templates that have been marked as featured and public.
-                    
-
-                        
-                            self
-                            Returns templates that have been registered or created by the calling user.
-                        
-
-                        
-                            selfexecutable
-                            Same as self, but only returns templates that are ready to be deployed with.
-                        
-
-                        
-                            sharedexecutable
-                            Ready templates that have been granted to the calling user by another user.
-                        
-
-                    
-                        executable
-                        Templates that are owned by the calling user, or public templates, that can be used to deploy a new VM.
-                    
-
-                        
-                            community
-                            Returns templates that have been marked as public but not featured.
-                        
-
-                    
-                        all
-                        Returns all templates (only usable by admins).
-                    
-                
-                
-            
-        The &PRODUCT; UI on a general view will display all resources that the logged-in user is authorized to see, except for project resources. To see the project resources, select the project view.
-    

+  Change to Behavior of List Commands
+  There was a major change in how our List* API commands work in CloudStack 3.0 compared to
+    2.2.x. The rules below apply only for managed resources – those that belong to an account,
+    domain, or project. They are irrelevant for the List* commands displaying unmanaged (system)
+    resources, such as hosts, clusters, and external network resources.
+  When no parameters are passed in to the call, the caller sees only resources owned by the
+    caller (even when the caller is the administrator). Previously, the administrator saw everyone
+    else's resources by default.
+  When accountName and domainId are passed in:
+  
+    
+      The caller sees the resources dedicated to the account specified.
+    
+    
+      If the call is executed by a regular user, the user is authorized to specify only the
+        user's own account and domainId.
+    
+    
+      If the caller is a domain administrator, CloudStack performs an authorization check to
+        see whether the caller is permitted to view resources for the given account and
+        domainId.
+    
+  
+  When projectId is passed in, only resources belonging to that project are listed.
+  When domainId is passed in, the call returns only resources belonging to the domain
+    specified. To see the resources of subdomains, use the parameter isRecursive=true. Again, the
+    regular user can see only resources owned by that user, the root administrator can list
+    anything, and a domain administrator is authorized to see only resources of the administrator's
+    own domain and subdomains.
+  To see all resources the caller is authorized to see, except for Project resources, use the
+    parameter listAll=true.
+  To see all Project resources the caller is authorized to see, use the parameter
+    projectId=-1.
+  There is one API command that doesn't fall under the rules above completely: the
+    listTemplates command. This command has its own flags defining the list rules:
+  
+    
+      
+      
+      
+        
+          listTemplates Flag
+          Description
+        
+      
+      
+        
+          featured
+          Returns templates that have been marked as featured and
+            public.
+        
+        
+          self
+          Returns templates that have been registered or created by the calling
+              user.
+        
+        
+          selfexecutable
+          Same as self, but only returns templates that are ready to be deployed
+              with.
+        
+        
+          sharedexecutable
+          Ready templates that have been granted to the calling user by another
+              user.
+        
+        
+          executable
+          Templates that are owned by the calling user, or public templates, that can
+              be used to deploy a new VM.
+        
+        
+          community
+          Returns templates that have been marked as public but not
+            featured.
+        
+        
+          all
+          Returns all templates (only usable by admins).
+        
+      
+    
+  
+  The &PRODUCT; UI on a general view will display all resources that the logged-in user is
+    authorized to see, except for project resources. To see the project resources, select the
+    project view.
+  
+
diff --git a/docs/en-US/changed-apicommands-4.0.xml b/docs/en-US/changed-apicommands-4.0.xml
new file mode 100644
index 00000000000..f851bf71b46
--- /dev/null
+++ b/docs/en-US/changed-apicommands-4.0.xml
@@ -0,0 +1,268 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Changed API Commands in 4.0
+  
+    
+      
+      
+      
+        
+          API Commands
+          Description
+        
+      
+      
+        
+          
+            copyTemplate
+            prepareTemplate
+            registerTemplate
+            updateTemplate
+            createProject
+            activateProject
+            suspendProject
+            updateProject
+            listProjectAccounts
+            createVolume
+            migrateVolume
+            attachVolume
+            detachVolume
+            uploadVolume
+            createSecurityGroup
+            registerIso
+            copyIso
+            updateIso
+            createIpForwardingRule
+            listIpForwardingRules
+            createLoadBalancerRule
+            updateLoadBalancerRule
+            createSnapshot
+          
+          
+            The commands in this list have a single new response parameter, and no other
+              changes.
+            New response parameter: tags(*)
+            
+              Many other commands also have the new tags(*) parameter in addition to other
+                changes; those commands are listed separately.
+            
+        
+        
+          
+            rebootVirtualMachine
+            attachIso
+            detachIso
+            listLoadBalancerRuleInstances
+            resetPasswordForVirtualMachine
+            changeServiceForVirtualMachine
+            recoverVirtualMachine
+            startVirtualMachine
+            migrateVirtualMachine
+            deployVirtualMachine
+            assignVirtualMachine
+            updateVirtualMachine
+            restoreVirtualMachine
+            stopVirtualMachine
+            destroyVirtualMachine
+          
+          
+            The commands in this list have two new response parameters, and no other
+              changes.
+            New response parameters: keypair, tags(*)
+          
+        
+        
+          
+            listSecurityGroups
+            listFirewallRules
+            listPortForwardingRules
+            listSnapshots
+            listIsos
+            listProjects
+            listTemplates
+            listLoadBalancerRules
+          
+          The commands in this list have the following new parameters, and no other
+              changes.
+            New request parameter: tags (optional)
+            New response parameter: tags(*)
+          
+        
+        
+          
+            listF5LoadBalancerNetworks
+            listNetscalerLoadBalancerNetworks
+            listSrxFirewallNetworks
+            updateNetwork
+          
+          
+            The commands in this list have three new response parameters, and no other
+              changes.
+            New response parameters: canusefordeploy, vpcid, tags(*)
+          
+        
+        
+          
+            createZone
+            updateZone
+          
+          The commands in this list have the following new parameters, and no other
+              changes.
+            New request parameter: localstorageenabled (optional)
+            New response parameter: localstorageenabled
+          
+        
+        
+          listZones
+          New response parameter: localstorageenabled
+        
+        
+          
+            rebootRouter
+            changeServiceForRouter
+            startRouter
+            destroyRouter
+            stopRouter
+          
+          The commands in this list have two new response parameters, and no other
+              changes.
+            New response parameters: vpcid, nic(*)
+        
+        
+          
+            updateAccount
+            disableAccount
+            listAccounts
+            markDefaultZoneForAccount
+            enableAccount
+          
+          The commands in this list have three new response parameters, and no other
+              changes.
+            New response parameters: vpcavailable, vpclimit, vpctotal
+        
+        
+          listRouters
+          
+            New request parameters: forvpc (optional), vpcid (optional)
+            New response parameters: vpcid, nic(*)
+          
+        
+        
+          listNetworkOfferings
+          
+            New request parameters: forvpc (optional)
+            New response parameters: forvpc 
+          
+        
+        
+          listVolumes
+          
+            New request parameters: details (optional), tags (optional)
+            New response parameters: tags(*)
+          
+        
+        
+          addTrafficMonitor
+          
+            New request parameters: excludezones (optional), includezones (optional)
+          
+        
+        
+          createNetwork
+          
+            New request parameters: vpcid (optional)
+            New response parameters: canusefordeploy, vpcid, tags(*)
+          
+        
+        
+          listPublicIpAddresses
+          
+            New request parameters: tags (optional), vpcid (optional)
+            New response parameters: vpcid, tags(*)
+          
+        
+        
+          listNetworks
+          
+            New request parameters: canusefordeploy (optional), forvpc (optional), tags
+              (optional), vpcid (optional)
+            New response parameters: canusefordeploy, vpcid, tags(*)
+          
+        
+        
+          restartNetwork
+          
+            New response parameters: vpcid, tags(*)
+          
+        
+        
+          enableStaticNat
+          
+            New request parameter: networkid (optional)
+          
+        
+        
+          createDiskOffering
+          
+            New request parameter: storagetype (optional)
+            New response parameter: storagetype
+          
+        
+        
+          listDiskOfferings
+          
+            New response parameter: storagetype
+          
+        
+        
+          updateDiskOffering
+          
+            New response parameter: storagetype
+          
+        
+        
+          createFirewallRule
+          
+            Changed request parameters: ipaddressid (old version - optional, new version -
+              required)
+            New response parameter: tags(*)
+          
+        
+        
+          listVirtualMachines
+          
+            New request parameters: isoid (optional), tags (optional), templateid
+              (optional)
+            New response parameters: keypair, tags(*)
+          
+        
+        
+          updateStorageNetworkIpRange
+          
+            New response parameters: id, endip, gateway, netmask, networkid, podid, startip,
+              vlan, zoneid
+          
+        
+      
+    
+  
+

diff --git a/docs/en-US/choosing-a-deployment-architecture.xml b/docs/en-US/choosing-a-deployment-architecture.xml
new file mode 100644
index 00000000000..0503d8c7597
--- /dev/null
+++ b/docs/en-US/choosing-a-deployment-architecture.xml
@@ -0,0 +1,29 @@
+
+%BOOK_ENTITIES;
+]>
+
+
+
+    Choosing a Deployment Architecture
+    The architecture used in a deployment will vary depending on the size and purpose of the deployment. This section contains examples of deployment architecture, including a small-scale deployment useful for test and trial deployments and a fully-redundant large-scale setup for production deployments.
+       
+    
+    
+    
+    
+
diff --git a/docs/en-US/citrix-xenserver-installation.xml b/docs/en-US/citrix-xenserver-installation.xml
index 75ba73d2664..b8ab5923982 100644
--- a/docs/en-US/citrix-xenserver-installation.xml
+++ b/docs/en-US/citrix-xenserver-installation.xml
@@ -100,11 +100,11 @@
   
       
     Install NTP.
-    # yum install ntp
+    # yum install ntp
       
       
     Edit the NTP configuration file to point to your NTP server.
-    # vi /etc/ntp.conf
+    # vi /etc/ntp.conf
     Add one or more server lines in this file with the names of the NTP servers you want to use. For example:
     
 server 0.xenserver.pool.ntp.org
@@ -115,11 +115,11 @@ server 3.xenserver.pool.ntp.org
       
       
     Restart the NTP client.
-    # service ntpd restart
+    # service ntpd restart
       
       
     Make sure NTP will start again upon reboot.
-    # chkconfig ntpd on
+    # chkconfig ntpd on
       
   
     
@@ -153,15 +153,15 @@ server 3.xenserver.pool.ntp.org
       
       
     Extract the file:
-    # tar xf xenserver-cloud-supp.tgz
+    # tar xf xenserver-cloud-supp.tgz
       
       
     Run the following script:
-    # xe-install-supplemental-pack xenserver-cloud-supp.iso
+    # xe-install-supplemental-pack xenserver-cloud-supp.iso
       
       
     If the XenServer host is part of a zone that uses basic networking, disable Open vSwitch (OVS):
-    # xe-switch-network-backend  bridge
+    # xe-switch-network-backend  bridge
     Restart  the host machine when prompted.
       
   
@@ -175,12 +175,12 @@ server 3.xenserver.pool.ntp.org
       Connect FiberChannel cable to all hosts in the cluster and to the FiberChannel storage host.
       
     Rescan the SCSI bus. Either use the following command or use XenCenter to perform an HBA rescan.
-    # scsi-rescan
+    # scsi-rescan
       
       Repeat step 2 on every host.
       
     Check to be sure you see the new SCSI disk.
-    # ls /dev/disk/by-id/scsi-360a98000503365344e6f6177615a516b -l
+    # ls /dev/disk/by-id/scsi-360a98000503365344e6f6177615a516b -l
     The output should look like this, although the specific file name will be different (scsi-<scsiID>):
     
 lrwxrwxrwx 1 root root 9 Mar 16 13:47
@@ -190,9 +190,9 @@ lrwxrwxrwx 1 root root 9 Mar 16 13:47
       Repeat step 4 on every host.
       
     On the storage server, run this command to get a unique ID for the new SR.
-    # uuidgen
+    # uuidgen
     The output should look like this, although the specific ID will be different:
-    e6849e96-86c3-4f2c-8fcc-350cc711be3d
+    e6849e96-86c3-4f2c-8fcc-350cc711be3d
       
       
     Create the FiberChannel SR. In name-label, use the unique ID you just generated.
@@ -202,11 +202,11 @@ device-config:SCSIid=360a98000503365344e6f6177615a516b
 name-label="e6849e96-86c3-4f2c-8fcc-350cc711be3d"
     
     This command returns a unique ID for the SR, like the following example (your ID will be different):
-    7a143820-e893-6c6a-236e-472da6ee66bf
+    7a143820-e893-6c6a-236e-472da6ee66bf
       
       
     To create a human-readable description for the SR, use the following command. In uuid, use the SR ID returned by the previous command. In name-description, set whatever friendly text you prefer.
-    # xe sr-param-set uuid=7a143820-e893-6c6a-236e-472da6ee66bf name-description="Fiber Channel storage repository"
+    # xe sr-param-set uuid=7a143820-e893-6c6a-236e-472da6ee66bf name-description="Fiber Channel storage repository"
     Make note of the values you will need when you add this storage to &PRODUCT; later (see ). In the Add Primary Storage dialog, in Protocol, you will choose PreSetup. In SR Name-Label, you will enter the name-label you set earlier (in this example, e6849e96-86c3-4f2c-8fcc-350cc711be3d).
       
       (Optional) If you want to enable multipath I/O on a FiberChannel SAN, refer to the documentation provided by the SAN vendor.
@@ -238,7 +238,7 @@ name-label="e6849e96-86c3-4f2c-8fcc-350cc711be3d"
     Run xe network-list and find the public network. This is usually attached to the NIC that is public. Once you find the network make note of its UUID. Call this <UUID-Public>.
     
         Run the following command.
-        # xe network-param-set name-label=cloud-public uuid=<UUID-Public>
+        # xe network-param-set name-label=cloud-public uuid=<UUID-Public>
     
       
   
@@ -250,7 +250,7 @@ name-label="e6849e96-86c3-4f2c-8fcc-350cc711be3d"
     Run xe network-list and find one of the guest networks. Once you find the network make note of its UUID. Call this <UUID-Guest>.
     
         Run the following command, substituting your own name-label and uuid values.
-        # xe network-param-set name-label=<cloud-guestN> uuid=<UUID-Guest>
+        # xe network-param-set name-label=<cloud-guestN> uuid=<UUID-Guest>
     
     Repeat these steps for each additional guest network, using a different name-label and uuid each time.
       
@@ -350,7 +350,7 @@ master-password=[your password]
         Copy the script from the Management Server in /usr/lib64/cloud/agent/scripts/vm/hypervisor/xenserver/cloud-setup-bonding.sh to the master host and ensure it is executable.
         
       Run the script:
-      # ./cloud-setup-bonding.sh
+      # ./cloud-setup-bonding.sh
         
     
     Now the bonds are set up and configured properly across the cluster.
@@ -398,11 +398,11 @@ master-password=[your password]
       
       
     Log in to one of the hosts in the cluster, and run this command to clean up the VLAN:
-    # . /opt/xensource/bin/cloud-clean-vlan.sh
+    # . /opt/xensource/bin/cloud-clean-vlan.sh
       
       
     Still logged in to the host, run the upgrade preparation script:
-    # /opt/xensource/bin/cloud-prepare-upgrade.sh
+    # /opt/xensource/bin/cloud-prepare-upgrade.sh
     Troubleshooting: If you see the error "can't eject CD," log in to the VM and umount the CD, then run the script again.
       
       
@@ -416,7 +416,7 @@ master-password=[your password]
 You attempted an operation on a VM which requires PV drivers to be installed but the drivers were not detected.
 vm: b6cf79c8-02ee-050b-922f-49583d9f1a14 (i-2-8-VM)
       To solve this issue, run the following:
-      # /opt/xensource/bin/make_migratable.sh  b6cf79c8-02ee-050b-922f-49583d9f1a14
+      # /opt/xensource/bin/make_migratable.sh  b6cf79c8-02ee-050b-922f-49583d9f1a14
         
         Reboot the host.
         Upgrade to the newer version of XenServer. Use the steps in XenServer documentation.
@@ -455,13 +455,13 @@ vm: b6cf79c8-02ee-050b-922f-49583d9f1a14 (i-2-8-VM)
         
         
       Run the following script:
-      # /opt/xensource/bin/setupxenserver.sh
+      # /opt/xensource/bin/setupxenserver.sh
       Troubleshooting: If you see the following error message, you can safely ignore it.
-      mv: cannot stat `/etc/cron.daily/logrotate': No such file or directory
+      mv: cannot stat `/etc/cron.daily/logrotate': No such file or directory
         
         
       Plug in the storage repositories (physical block devices) to the XenServer host:
-      # for pbd in `xe pbd-list currently-attached=false| grep ^uuid | awk '{print $NF}'`; do xe pbd-plug uuid=$pbd ; done
+      # for pbd in `xe pbd-list currently-attached=false| grep ^uuid | awk '{print $NF}'`; do xe pbd-plug uuid=$pbd ; done
       Note: If you add a host to this XenServer pool, you need to migrate all VMs on this host to other hosts, and eject this host from XenServer pool.
         
     
@@ -469,7 +469,7 @@ vm: b6cf79c8-02ee-050b-922f-49583d9f1a14 (i-2-8-VM)
       Repeat these steps to upgrade every host in the cluster to the same version of XenServer.
       
     Run the following command on one host in the XenServer cluster to clean up the host tags:
-    # for host in $(xe host-list | grep ^uuid | awk '{print $NF}') ; do xe host-param-clear uuid=$host param-name=tags; done;
+    # for host in $(xe host-list | grep ^uuid | awk '{print $NF}') ; do xe host-param-clear uuid=$host param-name=tags; done;
     When copying and pasting a command, be sure the command has pasted as a single line before executing. Some document viewers may introduce unwanted line breaks in copied text.
       
       
@@ -482,7 +482,7 @@ vm: b6cf79c8-02ee-050b-922f-49583d9f1a14 (i-2-8-VM)
       
       
     After all hosts are up, run the following on one host in the cluster:
-    # /opt/xensource/bin/cloud-clean-vlan.sh
+    # /opt/xensource/bin/cloud-clean-vlan.sh
       
   
     
diff --git a/docs/en-US/cloud-infrastructure-concepts.xml b/docs/en-US/cloud-infrastructure-concepts.xml
index 8860d3a39f5..df59fed1dbe 100644
--- a/docs/en-US/cloud-infrastructure-concepts.xml
+++ b/docs/en-US/cloud-infrastructure-concepts.xml
@@ -24,6 +24,7 @@
 
 
     Cloud Infrastructure Concepts
+<<<<<<< HEAD
     
     
         
@@ -32,3 +33,13 @@
     
     
 
+=======
+  
+  
+      
+  
+  
+  
+  
+
+>>>>>>> master
diff --git a/docs/en-US/cloud-infrastructure-overview.xml b/docs/en-US/cloud-infrastructure-overview.xml
index a761c47523c..32f2246eeb8 100644
--- a/docs/en-US/cloud-infrastructure-overview.xml
+++ b/docs/en-US/cloud-infrastructure-overview.xml
@@ -1,47 +1,46 @@
 
-
 %BOOK_ENTITIES;
 ]>
 
 	
+ or more contributor license agreements.  See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership.  The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License.  You may obtain a copy of the License at
+ 
+   http://www.apache.org/licenses/LICENSE-2.0
+ 
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied.  See the License for the
+ specific language governing permissions and limitations
+ under the License.
+-->
 
 

-	Cloud Infrastructure Overview
-	
-		The Management Server manages one or more zones (typically, datacenters) containing host computers where guest virtual machines will run. The cloud infrastructure is organized as follows:
-	
-	
-		Zone: Typically, a zone is equivalent to a single datacenter. A zone consists of one or more pods and secondary storage.
-		Pod: A pod is usually one rack of hardware that includes a layer-2 switch and one or more clusters.
-		Cluster: A cluster consists of one or more hosts and primary storage.
-		Host: A single compute node within a cluster. The hosts are where the actual cloud services run in the form of guest virtual machines.
-		Primary storage is associated with a cluster, and it stores the disk volumes for all the VMs running on hosts in that cluster.
-		Secondary storage is associated with a zone, and it stores templates, ISO images, and disk volume snapshots.
-	
-	
-		
-			
-		
-		infrastructure-overview.png: Nested organization of a zone
-	
-	More Information
-	For more information, see .
+    Cloud Infrastructure Overview
+    
+        The Management Server manages one or more zones (typically, datacenters) containing host computers where guest virtual machines will run. The cloud infrastructure is organized as follows:
+    
+    
+        Zone: Typically, a zone is equivalent to a single datacenter. A zone consists of one or more pods and secondary storage.
+        Pod: A pod is usually one rack of hardware that includes a layer-2 switch and one or more clusters.
+        Cluster: A cluster consists of one or more hosts and primary storage.
+        Host: A single compute node within a cluster. The hosts are where the actual cloud services run in the form of guest virtual machines.
+        Primary storage is associated with a cluster, and it stores the disk volumes for all the VMs running on hosts in that cluster.
+        Secondary storage is associated with a zone, and it stores templates, ISO images, and disk volume snapshots.
+    
+    
+        
+            
+        
+        infrastructure_overview.png: Nested organization of a zone
+    
+    More Information
+    For more information, see documentation on cloud infrastructure concepts.
 

-
diff --git a/docs/en-US/cloudstack.xml b/docs/en-US/cloudstack.xml
index c18bc194cfe..906eadc24a6 100644
--- a/docs/en-US/cloudstack.xml
+++ b/docs/en-US/cloudstack.xml
@@ -1,33 +1,56 @@
 
-
 %BOOK_ENTITIES;
 ]>
 
 
 
 
-    
+    
     
+    
+    
     
     
-    
-    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
     
-
+    
+    
+    
+
\ No newline at end of file
diff --git a/docs/en-US/cloudstack_admin.xml b/docs/en-US/cloudstack_admin.xml
deleted file mode 100644
index 30ccebd5539..00000000000
--- a/docs/en-US/cloudstack_admin.xml
+++ /dev/null
@@ -1,52 +0,0 @@
-
-
-%BOOK_ENTITIES;
-]>
-
-
-
-
-	
-    
-    
-    
-    
-    
-    
-    
-    
-    
-    
-    
-    
-    
-    
-    
-    
-    
-    
-    
-    
-    
-    
-    
-    
-
-
diff --git a/docs/en-US/cloudstack_features.xml b/docs/en-US/cloudstack_features.xml
deleted file mode 100644
index 95825aa2758..00000000000
--- a/docs/en-US/cloudstack_features.xml
+++ /dev/null
@@ -1,66 +0,0 @@
-
-
-%BOOK_ENTITIES;
-]>
-
-
-
-    

-        What Can &PRODUCT; Do?
-        
-        
-            Multiple Hypervisor Support
-        
-        
-            &PRODUCT; works with a variety of hypervisors. A single cloud deployment can contain multiple hypervisor implementations. You have the complete freedom to choose the right hypervisor for your workload. &PRODUCT; is designed to work with open source Xen and KVM hypervisors as well as enterprise-grade hypervisors such as Citrix XenServer, VMware vSphere, and Oracle VM (OVM). You can also provision “bare metal” hosts with no hypervisor (Beta feature. Untested in &PRODUCT; 3.0.x0.)
-        
-        
-            Massively Scalable Infrastructure Management
-        
-        
-            &PRODUCT; can manage tens of thousands of servers installed in multiple geographically distributed datacenters. The centralized management server scales linearly, eliminating the need for intermediate cluster-level management servers. No single component failure can cause cloud-wide outage. Periodic maintenance of the management server can be performed without affecting the functioning of virtual machines running in the cloud.
-        
-        
-            Automatic Configuration Management
-        
-        &PRODUCT; automatically configures each guest virtual machine’s networking and storage settings.
-        
-        &PRODUCT; internally manages a pool of virtual appliances to support the cloud itself. These appliances offer services such as firewalling, routing, DHCP, VPN access, console proxy, storage access, and storage replication. The extensive use of virtual appliances simplifies the installation, configuration, and ongoing management of a cloud deployment.
-        
-        
-            Graphical User Interface
-        
-        &PRODUCT; offers an administrator's Web interface, used for provisioning and managing the cloud, as well as an end-user's Web interface, used for running VMs and managing VM templates. The UI can be customized to reflect the desired service provider or enterprise look and feel.
-        
-        
-            API and Extensibility
-        
-        
-            &PRODUCT; provides an API that gives programmatic access to all the management features available in the UI. The API is maintained and documented. This API enables the creation of command line tools and new user interfaces to suit particular needs. See the Developer’s Guide and API Reference, both available at http://docs.cloud.com/CloudStack_Documentation.
-        
-        
-            The &PRODUCT; platform pluggable allocation architecture allows the creation of new types of allocators for the selection of storage and Hosts. See the Allocator Implementation Guide (http://docs.cloud.com/CloudStack_Documentation/Allocator_Implementation_Guide).
-        
-        
-            High Availability
-        
-        The &PRODUCT; platform has a number of features to increase the availability of the system. The Management Server itself may be deployed in a multi-node installation where the servers are load balanced. MySQL may be configured to use replication to provide for a manual failover in the event of database loss. For the Hosts, the &PRODUCT; platform supports NIC bonding and the use of separate networks for storage as well as iSCSI Multipath.
-        
-    

diff --git a/docs/en-US/cloudstack_system_requirements.xml b/docs/en-US/cloudstack_system_requirements.xml
deleted file mode 100644
index 8b5d709c441..00000000000
--- a/docs/en-US/cloudstack_system_requirements.xml
+++ /dev/null
@@ -1,68 +0,0 @@
-
-
-%BOOK_ENTITIES;
-]>
-
-
-
-    

-        Minimum System Requirements
-        
-            The machines that will run the Management Server and MySQL database must meet the following requirements. The same machines can also be used to provide primary and secondary storage, such as via localdisk or NFS. The Management Server may be placed on a virtual machine.
-        
-        
-            Operating system:
-                
-                    Commercial users: Preferred: RHEL 6.2+ 64-bit (https://access.redhat.com/downloads) or CentOS 6.2+ 64-bit (http://isoredirect.centos.org/centos/6/isos/x86_64/). Also supported (v3.0.3 and greater): RHEL and CentOS 5.4-5.x 64-bit
-                    Open-source community users: RHEL 5.4-5.x 64-bit or 6.2+ 64-bit; CentOS 5.4-5.x 64-bit or 6.2+ 64-bit; Ubuntu 10.04 LTS
-                
-            
-            64-bit x86 CPU (more cores results in better performance)
-            4 GB of memory
-            250 GB of local disk (more results in better capability; 500 GB recommended)
-            At least 1 NIC
-            Statically allocated IP address
-            Fully qualified domain name as returned by the hostname command
-        
-        The host is where the cloud services run in the form of guest virtual machines. Each host is one machine that meets the following requirements:
-        
-            Must be 64-bit and must support HVM (Intel-VT or AMD-V enabled). 
-            64-bit x86 CPU (more cores results in better performance)
-            Hardware virtualization support required
-            4 GB of memory
-            36 GB of local disk
-            At least 1 NIC
-            Statically allocated IP Address
-            Latest hotfixes applied to hypervisor software
-            When you deploy &PRODUCT;, the hypervisor host must not have any VMs already running
-        
-        Hosts have additional requirements depending on the hypervisor. See the requirements listed at the top of the Installation section for your chosen hypervisor:
-        
-            Citrix XenServer Installation for &PRODUCT;
-            VMware vSphere Installation and Configuration
-            KVM Installation and Configuration
-            Oracle VM (OVM) Installation and Configuration
-        
-        
-            
-                Be sure you fulfill the additional hypervisor requirements and installation steps provided in this Guide. Hypervisor hosts must be properly prepared to work with &PRODUCT;. For example, the requirements for XenServer are listed under Citrix XenServer Installation for &PRODUCT;.
-            
-        
-    

diff --git a/docs/en-US/cloudstack_whatis.xml b/docs/en-US/cloudstack_whatis.xml
deleted file mode 100644
index 5fea7d40199..00000000000
--- a/docs/en-US/cloudstack_whatis.xml
+++ /dev/null
@@ -1,39 +0,0 @@
-
-
-%BOOK_ENTITIES;
-]>
-
-
-
-
-    

-        What Is &PRODUCT;?
-        Who Should Read This
-        If you are new to &PRODUCT; or you want to learn more about concepts before installing and running &PRODUCT;, read this overview. If you just want to get started, you can skip to Overview of Installation Steps.
-        &PRODUCT; is an open source software platform that pools computing resources to build public, private, and hybrid Infrastructure as a Service (IaaS) clouds. &PRODUCT; manages the network, storage, and compute nodes that make up a cloud infrastructure. Use &PRODUCT; to deploy, manage, and configure cloud computing environments. Typical users are service providers and enterprises. With &PRODUCT;, you can:
-            
-                
-            Set up an on-demand, elastic cloud computing service. Service providers can sell self service virtual machine instances, storage volumes, and networking configurations over the Internet.
-                
-                Set up an on-premise private cloud for use by employees. Rather than managing virtual machines in the same way as physical machines, with &PRODUCT; an enterprise can offer self-service virtual machines to users without involving IT departments.
-                
-            
-        
-    

diff --git a/docs/en-US/configure-acl.xml b/docs/en-US/configure-acl.xml
new file mode 100644
index 00000000000..299196c5502
--- /dev/null
+++ b/docs/en-US/configure-acl.xml
@@ -0,0 +1,139 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Configuring Access Control List
+  Define Network Access Control List (ACL) on the VPC virtual router to control incoming
+    (ingress) and outgoing (egress) traffic between the VPC tiers, and the tiers and Internet. By
+    default, all incoming and outgoing traffic to the guest networks is blocked. To open the ports,
+    you must create a new network ACL. The network ACLs can be created for the tiers only if the
+    NetworkACL service is supported.
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user.
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      In the Select view, select VPC.
+      All the VPCs that you have created for the account is listed in the page.
+    
+    
+      Click the Settings icon.
+      The following options are displayed.
+      
+        
+          IP Addresses
+        
+        
+          Gateways
+        
+        
+          Site-to-Site VPN
+        
+        
+          Network ACLs
+        
+      
+    
+    
+      Select Network ACLs.
+      The Network ACLs page is displayed.
+    
+    
+      Click Add Network ACLs.
+      To add an ACL rule, fill in the following fields to specify what kind of network traffic
+        is allowed in this tier. 
+      
+        
+          CIDR: The CIDR acts as the Source CIDR for the
+            Ingress rules, and Destination CIDR for the Egress rules. To accept traffic only from or
+            to the IP addresses within a particular address block, enter a CIDR or a comma-separated
+            list of CIDRs. The CIDR is the base IP address of the incoming traffic. For example,
+            192.168.0.0/22. To allow all CIDRs, set to 0.0.0.0/0.
+        
+        
+          Protocol: The networking protocol that sources use
+            to send traffic to the tier. The TCP and UDP protocols are typically used for data
+            exchange and end-user communications. The ICMP protocol is typically used to send error
+            messages or network monitoring data.
+        
+        
+          Start Port, End
+              Port (TCP, UDP only): A range of listening ports that are the destination
+            for the incoming traffic. If you are opening a single port, use the same number in both
+            fields.
+        
+        
+          Select Tier: Select the tier for which you want to
+            add this ACL rule.
+        
+        
+          ICMP Type, ICMP
+              Code (ICMP only): The type of message and error code that will be
+            sent.
+        
+        
+          Traffic Type: Select the traffic type you want to
+            apply. 
+          
+            
+              Egress: To add an egress rule, select Egress
+                from the Traffic type drop-down box and click Add. This specifies what type of
+                traffic is allowed to be sent out of VM instances in this tier. If no egress rules
+                are specified, all traffic from the tier is allowed out at the VPC virtual router.
+                Once egress rules are specified, only the traffic specified in egress rules and the
+                responses to any traffic that has been allowed in through an ingress rule are
+                allowed out. No egress rule is required for the VMs in a tier to communicate with
+                each other.
+            
+            
+              Ingress: To add an ingress rule, select Ingress
+                from the Traffic type drop-down box and click Add. This specifies what network
+                traffic is allowed into the VM instances in this tier. If no ingress rules are
+                specified, then no traffic will be allowed in, except for responses to any traffic
+                that has been allowed out through an egress rule.
+            
+          
+          
+            By default, all incoming and outgoing traffic to the guest networks is blocked. To
+              open the ports, create a new network ACL.
+          
+        
+      
+    
+    
+      Click Add. The ACL rule is added.
+      To view the list of ACL rules you have added, click the desired tier from the Network
+        ACLs page, then select the Network ACL tab.
+      
+        
+          
+        
+        
+          network-acl.png: adding, editing, deleting an ACL rule.
+        
+      
+      You can edit the tags assigned to the ACL rules and delete the ACL rules you have
+        created. Click the appropriate button in the Actions column.
+    
+  
+

diff --git a/docs/en-US/configure-guest-traffic-in-advanced-zone.xml b/docs/en-US/configure-guest-traffic-in-advanced-zone.xml
index a626c1332a2..fb6685091a5 100644
--- a/docs/en-US/configure-guest-traffic-in-advanced-zone.xml
+++ b/docs/en-US/configure-guest-traffic-in-advanced-zone.xml
@@ -3,7 +3,6 @@
 
 %BOOK_ENTITIES;
 ]>
-
 
 

-	Configure Guest Traffic in an Advanced Zone
-	These steps assume you have already logged in to the &PRODUCT; UI. To configure the base guest network:
-	
-		In the left navigation, choose Infrastructure. On Zones, click View More, then click the zone to which you want to add a network.
-		Click the Network tab.
-		Click Add guest network.
-			The Add guest network window is displayed:
-				
-					
-				
-				
-					networksetupzone.png: Depicts network setup in a single zone
-				
-			
-		Provide the following information:
-		
-			Name. The name of the network. This will be
-						user-visible
-			Display Text: The description of the network. This will be
-			user-visible
-			Zone: The zone in which you are configuring the guest network.
-			Network offering: If the administrator has configured
-						multiple network offerings, select the one you want to use for this
-						network
-			Guest Gateway: The gateway that the guests should use
-			Guest Netmask: The netmask in use on the subnet the guests
-						will use
-			
-		
-		Click OK.
-		
-	

+  Configure Guest Traffic in an Advanced Zone
+  These steps assume you have already logged in to the &PRODUCT; UI. To configure the base
+    guest network:
+  
+    
+      In the left navigation, choose Infrastructure. On Zones, click View More, then click the
+        zone to which you want to add a network.
+    
+    
+      Click the Network tab.
+    
+    
+      Click Add guest network.
+      The Add guest network window is displayed:
+      
+        
+          
+        
+        
+          networksetupzone.png: Depicts network setup in a single zone
+        
+      
+    
+    
+      Provide the following information:
+      
+        
+          Name. The name of the network. This will be
+            user-visible
+        
+        
+          Display Text: The description of the network. This
+            will be user-visible
+        
+        
+          Zone: The zone in which you are configuring the
+            guest network.
+        
+        
+          Network offering: If the administrator has
+            configured multiple network offerings, select the one you want to use for this
+            network
+        
+        
+          Guest Gateway: The gateway that the guests should
+            use
+        
+        
+          Guest Netmask: The netmask in use on the subnet the
+            guests will use
+        
+      
+    
+    
+      Click OK.
+    
+  
+
\ No newline at end of file
diff --git a/docs/en-US/configure-package-repository.xml b/docs/en-US/configure-package-repository.xml
new file mode 100644
index 00000000000..50b7720d3de
--- /dev/null
+++ b/docs/en-US/configure-package-repository.xml
@@ -0,0 +1,46 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+
+

+    Configure package repository
+    &PRODUCT; is only distributed from source from the official mirrors. DEB and RPM packages are however build for your convience by third-parties
+    When installing &PRODUCT; it is recommended you use these package repositories for easy installation.
+    
+        These repositories contain both the Management Server and KVM Hypervisor packages.
+    
+    

+        DEB package repository
+        You can add a DEB package repository to your apt sources with the following commands. Please note that currently only packages for Ubuntu 12.04 (precise) are being build.
+        echo "deb http://cloudstack.apt-get.eu/ubuntu $(lsb_release -s -c) 4.0" > /etc/apt/sources.list.d/cloudstack.list
+        We now have to add the public key to the trusted keys.
+        wget -O - http://cloudstack.apt-get.eu/release.asc|apt-key add -
+        Now update your local apt cache.
+        apt-get update
+        Your DEB package repository should now be configured and ready for use.
+    

+    

+        RPM package repository
+        TODO
+    

+

\ No newline at end of file
diff --git a/docs/en-US/configure-public-traffic-in-an-advanced-zone.xml b/docs/en-US/configure-public-traffic-in-an-advanced-zone.xml
index 960a1a3308b..7a61cd380af 100644
--- a/docs/en-US/configure-public-traffic-in-an-advanced-zone.xml
+++ b/docs/en-US/configure-public-traffic-in-an-advanced-zone.xml
@@ -3,7 +3,6 @@
 
 %BOOK_ENTITIES;
 ]>
-
 
-
 

-    Configure Public Traffic in an Advanced Zone
-    In a zone that uses advanced networking, you need to configure at least one range of IP addresses for Internet traffic.
-

+  Configure Public Traffic in an Advanced Zone
+  In a zone that uses advanced networking, you need to configure at least one range of IP
+    addresses for Internet traffic.
+
\ No newline at end of file
diff --git a/docs/en-US/configure-vpc.xml b/docs/en-US/configure-vpc.xml
new file mode 100644
index 00000000000..45237d21cbb
--- /dev/null
+++ b/docs/en-US/configure-vpc.xml
@@ -0,0 +1,36 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Configuring a Virtual Private Cloud
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+

diff --git a/docs/en-US/configuring-projects.xml b/docs/en-US/configuring-projects.xml
index e18843d15d6..0f84dd81454 100644
--- a/docs/en-US/configuring-projects.xml
+++ b/docs/en-US/configuring-projects.xml
@@ -1,9 +1,4 @@
 
-
-%BOOK_ENTITIES;
-]>
-
 
-
+
+%BOOK_ENTITIES;
+]>
 

     Configuring Projects
-    Before &PRODUCT; users start using projects, the &PRODUCT; administrator must set up various systems to support them, including membership invitations, limits on project resources, and controls on who can create projects
+    Before CloudPlatform users start using projects, the CloudPlatform administrator must set
+        up various systems to support them, including membership invitations, limits on project
+        resources, and controls on who can create projects.
+    
+    
+    
 

       
diff --git a/docs/en-US/create-vpn-connection-vpc.xml b/docs/en-US/create-vpn-connection-vpc.xml
new file mode 100644
index 00000000000..1fba09e18fb
--- /dev/null
+++ b/docs/en-US/create-vpn-connection-vpc.xml
@@ -0,0 +1,103 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Creating a VPN Connection
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user.
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      In the Select view, select VPC.
+      All the VPCs that you create for the account are listed in the page.
+    
+    
+      Click the Configure button of the VPC to which you want to deploy the VMs.
+      The VPC page is displayed where all the tiers you created are listed in a
+        diagram.
+    
+    
+      Click the Settings icon.
+      The following options are displayed.
+      
+        
+          IP Addresses
+        
+        
+          Gateways
+        
+        
+          Site-to-Site VPN
+        
+        
+          Network ASLs
+        
+      
+    
+    
+      Select Site-to-Site VPN.
+      The Site-to-Site VPN page is displayed.
+    
+    
+      From the Select View drop-down, ensure that VPN Connection is selected.
+    
+    
+      Click Create VPN Connection.
+       The Create VPN Connection dialog is displayed:
+      
+        
+          
+        
+        
+          createvpnconnection.png: creating a vpn connection to the customer
+            gateway.
+        
+      
+    
+    
+      Select the desired customer gateway, then click OK to confirm.
+      Within a few moments, the VPN Connection is displayed.
+      The following information on the VPN connection is displayed:
+      
+        
+          IP Address
+        
+        
+          Gateway
+        
+        
+          State
+        
+        
+          IPSec Preshared Key
+        
+        
+          IKE Policy
+        
+        
+          ESP Policy
+        
+      
+    
+  
+

\ No newline at end of file
diff --git a/docs/en-US/create-vpn-customer-gateway.xml b/docs/en-US/create-vpn-customer-gateway.xml
new file mode 100644
index 00000000000..bf56e36e8b9
--- /dev/null
+++ b/docs/en-US/create-vpn-customer-gateway.xml
@@ -0,0 +1,191 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Creating and Updating a VPN Customer Gateway
+  
+    A VPN customer gateway can be connected to only one VPN gateway at a time.
+  
+  To add a VPN Customer Gateway:
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user. 
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      In the Select view, select VPN Customer Gateway.
+    
+    
+      Click Add site-to-site VPN.
+      
+        
+          
+        
+        
+          addvpncustomergateway.png: adding a customer gateway.
+        
+      
+      Provide the following information:
+      
+        
+          Name: A unique name for the VPN customer gateway
+            you create.
+        
+        
+          Gateway: The IP address for the remote
+            gateway.
+        
+        
+          CIDR list: The guest CIDR list of the remote
+            subnets. Enter a CIDR or a comma-separated list of CIDRs. Ensure that a guest CIDR list
+            is not overlapped with the VPC’s CIDR, or another guest CIDR. The CIDR must be
+            RFC1918-compliant.
+        
+        
+          IPsec Preshared Key: Preshared keying is a method
+            where the endpoints of the VPN share a secret key. This key value is used to
+            authenticate the customer gateway and the VPC VPN gateway to each other. 
+          
+            The IKE peers (VPN end points) authenticate each other by computing and sending a
+              keyed hash of data that includes the Preshared key. If the receiving peer is able to
+              create the same hash independently by using its Preshared key, it knows that both
+              peers must share the same secret, thus authenticating the customer gateway.
+          
+        
+        
+          IKE Encryption: The Internet Key Exchange (IKE)
+            policy for phase-1. The supported encryption algorithms are AES128, AES192, AES256, and
+            3DES. Authentication is accomplished through the Preshared Keys.
+          
+            The phase-1 is the first phase in the IKE process. In this initial negotiation
+              phase, the two VPN endpoints agree on the methods to be used to provide security for
+              the underlying IP traffic. The phase-1 authenticates the two VPN gateways to each
+              other, by confirming that the remote gateway has a matching Preshared Key.
+          
+        
+        
+          IKE Hash: The IKE hash for phase-1. The supported
+            hash algorithms are SHA1 and MD5.
+        
+        
+          IKE DH: A public-key cryptography protocol which
+            allows two parties to establish a shared secret over an insecure communications channel.
+            The 1536-bit Diffie-Hellman group is used within IKE to establish session keys. The
+            supported options are None, Group-5 (1536-bit) and Group-2 (1024-bit).
+        
+        
+          ESP Encryption: Encapsulating Security Payload
+            (ESP) algorithm within phase-2. The supported encryption algorithms are AES128, AES192,
+            AES256, and 3DES.
+          
+            The phase-2 is the second phase in the IKE process. The purpose of IKE phase-2 is
+              to negotiate IPSec security associations (SA) to set up the IPSec tunnel. In phase-2,
+              new keying material is extracted from the Diffie-Hellman key exchange in phase-1, to
+              provide session keys to use in protecting the VPN data flow.
+          
+        
+        
+          ESP Hash: Encapsulating Security Payload (ESP) hash
+            for phase-2. Supported hash algorithms are SHA1 and MD5.
+        
+        
+          Perfect Forward Secrecy: Perfect Forward Secrecy
+            (or PFS) is the property that ensures that a session key derived from a set of long-term
+            public and private keys will not be compromised. This property enforces a new
+            Diffie-Hellman key exchange. It provides the keying material that has greater key
+            material life and thereby greater resistance to cryptographic attacks. The available
+            options are None, Group-5 (1536-bit) and Group-2 (1024-bit). The security of the key
+            exchanges increase as the DH groups grow larger, as does the time of the
+            exchanges.
+          
+            When PFS is turned on, for every negotiation of a new phase-2 SA the two gateways
+              must generate a new set of phase-1 keys. This adds an extra layer of protection that
+              PFS adds, which ensures if the phase-2 SA’s have expired, the keys used for new
+              phase-2 SA’s have not been generated from the current phase-1 keying material.
+          
+        
+        
+          IKE Lifetime (seconds): The phase-1 lifetime of the
+            security association in seconds. Default is 86400 seconds (1 day). Whenever the time
+            expires, a new phase-1 exchange is performed.
+        
+        
+          ESP Lifetime (seconds): The phase-2 lifetime of the
+            security association in seconds. Default is 3600 seconds (1 hour). Whenever the value is
+            exceeded, a re-key is initiated to provide a new IPsec encryption and authentication
+            session keys.
+        
+        
+          Dead Peer Detection: A method to detect an
+            unavailable Internet Key Exchange (IKE) peer. Select this option if you want the virtual
+            router to query the liveliness of its IKE peer at regular intervals. It’s recommended to
+            have the same configuration of DPD on both side of VPN connection.
+        
+      
+    
+    
+      Click OK.
+    
+  
+  
+    Updating and Removing a VPN Customer Gateway
+    You can update a customer gateway either with no VPN connection, or related VPN connection
+      is in error state.
+  
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user. 
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      In the Select view, select VPN Customer Gateway.
+    
+    
+      Select the VPN customer gateway you want to work with.
+    
+    
+      To modify the required parameters, click the Edit VPN Customer Gateway button
+          
+            
+          
+          
+            edit.png: button to edit a VPN customer gateway
+          
+        
+    
+    
+      To remove the VPN customer gateway, click the Delete VPN Customer Gateway button
+          
+            
+          
+          
+            delete.png: button to remove a VPN customer gateway
+          
+        
+    
+    
+      Click OK.
+    
+  
+

\ No newline at end of file
diff --git a/docs/en-US/create-vpn-gateway-for-vpc.xml b/docs/en-US/create-vpn-gateway-for-vpc.xml
new file mode 100644
index 00000000000..396a7d9d174
--- /dev/null
+++ b/docs/en-US/create-vpn-gateway-for-vpc.xml
@@ -0,0 +1,80 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Creating a VPN gateway for the VPC
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user.
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      In the Select view, select VPC.
+      All the VPCs that you have created for the account is listed in the page.
+    
+    
+      Click the Configure button of the VPC to which you want to deploy the VMs.
+      The VPC page is displayed where all the tiers you created are listed in a
+        diagram.
+    
+    
+      Click the Settings icon.
+      The following options are displayed.
+      
+        
+          IP Addresses
+        
+        
+          Gateways
+        
+        
+          Site-to-Site VPN
+        
+        
+          Network ACLs
+        
+      
+    
+    
+      Select Site-to-Site VPN.
+      If you are creating the VPN gateway for the first time, selecting Site-to-Site VPN
+        prompts you to create a VPN gateway.
+    
+    
+      In the confirmation dialog, click Yes to confirm.
+      Within a few moments, the VPN gateway is created. You will be prompted to view the
+        details of the VPN gateway you have created. Click Yes to confirm.
+      The following details are displayed in the VPN Gateway page:
+      
+        
+          IP Address
+        
+        
+          Account
+        
+        
+          Domain
+        
+      
+    
+  
+

\ No newline at end of file
diff --git a/docs/en-US/create-vr-network-offering.xml b/docs/en-US/create-vr-network-offering.xml
new file mode 100644
index 00000000000..317e3c200a1
--- /dev/null
+++ b/docs/en-US/create-vr-network-offering.xml
@@ -0,0 +1,108 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Creating and Changing a Virtual Router Network Offering
+  To create the network offering in association with a virtual router system service
+    offering:
+  
+    
+      Log in to the &PRODUCT; UI as a user or admin.
+    
+    
+      First, create a system service offering, for example: VRsystemofferingHA.
+      For more information on creating a system service offering, see .
+    
+    
+      From the Select Offering drop-down, choose Network Offering.
+    
+    
+      Click Add Network Offering.
+    
+    
+      In the dialog, make the following choices:
+      
+        
+          Name. Any desired name for the network
+            offering.
+        
+        
+          Description. A short description of the offering
+            that can be displayed to users.
+        
+        
+          Network Rate. Allowed data transfer rate in MB per
+            second.
+        
+        
+          Traffic Type. The type of network traffic that will
+            be carried on the network.
+        
+        
+          Guest Type. Choose whether the guest network is
+            isolated or shared. For a description of these terms, see .
+        
+        
+          Specify VLAN. (Isolated guest networks only)
+            Indicate whether a VLAN should be specified when this offering is used.
+        
+        
+          Supported Services. Select one or more of the
+            possible network services. For some services, you must also choose the service provider;
+            for example, if you select Load Balancer, you can choose the &PRODUCT; virtual router or
+            any other load balancers that have been configured in the cloud. Depending on which
+            services you choose, additional fields may appear in the rest of the dialog box. For
+            more information, see 
+        
+        
+          System Offering. Choose the system service offering
+            that you want virtual routers to use in this network. In this case, the default “System
+            Offering For Software Router” and the custom “VRsystemofferingHA” are available and
+            displayed.
+        
+      
+    
+    
+      Click OK and the network offering is created.
+    
+  
+  To change the network offering of a guest network to the virtual router service
+    offering:
+  
+    
+      Select Network from the left navigation pane.
+    
+    
+      Select the guest network that you want to offer this network service to.
+    
+    
+      Click the Edit button.
+    
+    
+      From the Network Offering drop-down, select the virtual router network offering you have
+        just created.
+    
+    
+      Click OK.
+    
+  
+

diff --git a/docs/en-US/delete-reset-vpn.xml b/docs/en-US/delete-reset-vpn.xml
new file mode 100644
index 00000000000..318e5fe321e
--- /dev/null
+++ b/docs/en-US/delete-reset-vpn.xml
@@ -0,0 +1,89 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Restarting and Removing a VPN Connection
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user.
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      In the Select view, select VPC.
+      All the VPCs that you have created for the account is listed in the page.
+    
+    
+      Click the Configure button of the VPC to which you want to deploy the VMs.
+      The VPC page is displayed where all the tiers you created are listed in a
+        diagram.
+    
+    
+      Click the Settings icon.
+      The following options are displayed.
+      
+        
+          IP Addresses
+        
+        
+          Gateways
+        
+        
+          Site-to-Site VPN
+        
+        
+          Network ASLs
+        
+      
+    
+    
+      Select Site-to-Site VPN.
+      The Site-to-Site VPN page is displayed.
+    
+    
+      From the Select View drop-down, ensure that VPN Connection is selected.
+      All the VPN connections you created are displayed.
+    
+    
+      Select the VPN connection you want to work with.
+       The Details tab is displayed.
+    
+    
+      To remove a VPN connection, click the Delete VPN connection button
+          
+            
+          
+          
+            remove-vpn.png: button to remove a VPN connection
+          
+        
+      To restart a VPN connection, click the Reset VPN connection button present in the
+        Details tab.
+          
+            
+          
+          
+            reset-vpn.png: button to reset a VPN connection
+          
+        
+    
+  
+

diff --git a/docs/en-US/enable-disable-static-nat-vpc.xml b/docs/en-US/enable-disable-static-nat-vpc.xml
new file mode 100644
index 00000000000..17f0c10540f
--- /dev/null
+++ b/docs/en-US/enable-disable-static-nat-vpc.xml
@@ -0,0 +1,97 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Enabling or Disabling Static NAT on a VPC
+  A static NAT rule maps a public IP address to the private IP address of a VM in a VPC to
+    allow Internet traffic to it. This section tells how to enable or disable static NAT for a
+    particular IP address in a VPC.
+  If port forwarding rules are already in effect for an IP address, you cannot enable static
+    NAT to that IP.
+  If a guest VM is part of more than one network, static NAT rules will function only if they
+    are defined on the default network.
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user.
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      In the Select view, select VPC.
+      All the VPCs that you have created for the account is listed in the page.
+    
+    
+      Click the Configure button of the VPC to which you want to deploy the VMs.
+      The VPC page is displayed where all the tiers you created are listed in a
+        diagram.
+    
+    
+      Click the Settings icon.
+      The following options are displayed.
+      
+        
+          IP Addresses
+        
+        
+          Gateways
+        
+        
+          Site-to-Site VPN
+        
+        
+          Network ACLs
+        
+      
+    
+    
+      Select IP Addresses.
+      The IP Addresses page is displayed.
+    
+    
+      Click the IP you want to work with.
+    
+    
+      In the Details tab,click the Static NAT button.
+          
+            
+          
+          
+            enable-disable.png: button to enable Statid NAT.
+          
+        The button toggles between Enable and Disable, depending on whether
+        static NAT is currently enabled for the IP address.
+    
+    
+      If you are enabling static NAT, a dialog appears as follows:
+      
+        
+          
+        
+        
+          select-vmstatic-nat.png: selecting a tier to apply staticNAT.
+        
+      
+    
+    
+      Select the tier and the destination VM, then click Apply.
+    
+  
+

diff --git a/docs/en-US/global-config.xml b/docs/en-US/global-config.xml
new file mode 100644
index 00000000000..8bc08035d9b
--- /dev/null
+++ b/docs/en-US/global-config.xml
@@ -0,0 +1,54 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Setting Global Configuration Parameters
+  &PRODUCT; provides parameters that you can set to control many aspects of the cloud. When
+    &PRODUCT; is first installed, and periodically thereafter, you might need to modify these
+    settings.
+  
+    
+      Log in to the UI as administrator.
+    
+    
+      In the left navigation bar, click Global Settings.
+    
+    
+      In Select View, choose one of the following:
+      
+        
+          Global Settings. This displays a list of the parameters with brief descriptions and
+            current values.
+        
+        
+          Hypervisor Capabilities. This displays a list of hypervisor versions with the
+            maximum number of guests supported for each.
+        
+      
+    
+    
+      Use the search box to narrow down the list to those you are interested in.
+    
+    
+      Click the Edit icon to modify a value. If you are viewing Hypervisor Capabilities, you
+        must click the name of the hypervisor first to display the editing screen.
+    
+  
+

diff --git a/docs/en-US/host-add-vsphere.xml b/docs/en-US/host-add-vsphere.xml
new file mode 100644
index 00000000000..b47846448d7
--- /dev/null
+++ b/docs/en-US/host-add-vsphere.xml
@@ -0,0 +1,28 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+
+

+	Adding a Host (vSphere)
+    For vSphere servers, we recommend creating the cluster of hosts in vCenter and then adding the entire cluster to &PRODUCT;. See Add Cluster: vSphere.
+

diff --git a/docs/en-US/host-add-xenserver-kvm-ovm.xml b/docs/en-US/host-add-xenserver-kvm-ovm.xml
new file mode 100644
index 00000000000..710133211cb
--- /dev/null
+++ b/docs/en-US/host-add-xenserver-kvm-ovm.xml
@@ -0,0 +1,88 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+
+

+	Adding a Host (XenServer, KVM, or OVM)
+    XenServer, KVM, and Oracle VM (OVM) hosts can be added to a cluster at any time.
+    

+        Requirements for XenServer, KVM, and OVM Hosts
+        Make sure the hypervisor host does not have any VMs already running before you add it to &PRODUCT;.
+        Configuration requirements:
+        
+            Each cluster must contain only hosts with the identical hypervisor. 
+            For XenServer, do not put more than 8 hosts in a cluster. 
+            For KVM, do not put more than 16 hosts in a cluster.
+        
+        For hardware requirements, see the installation section for your hypervisor in the &PRODUCT; Installation Guide.
+    

+        XenServer Host Additional Requirements
+        If network bonding is in use, the administrator must cable the new host identically to other hosts in the cluster.  
+        For all additional hosts to be added to the cluster, run the following command.  This will cause the host to join the master in a XenServer pool.  
+        # xe pool-join master-address=[master IP] master-username=root master-password=[your password]
+        When copying and pasting a command, be sure the command has pasted as a single line before executing. Some document viewers may introduce unwanted line breaks in copied text.
+        With all hosts added to the XenServer pool, run the cloud-setup-bond script.  This script will complete the configuration and setup of the bonds on the new hosts in the cluster.
+        
+            Copy the script from the Management Server in /usr/lib64/cloud/agent/scripts/vm/hypervisor/xenserver/cloud-setup-bonding.sh to the master host and ensure it is executable.
+            Run the script:
+                # ./cloud-setup-bonding.sh
+            
+        
+    

+    

+        KVM Host Additional Requirements
+        
+            If shared mountpoint storage is in use, the administrator should ensure that the new host has all the same mountpoints (with storage mounted) as the other hosts in the cluster.
+            Make sure the new host has the same network configuration (guest, private, and public network) as other hosts in the cluster.
+        
+    

+    

+        OVM Host Additional Requirements
+        Before adding a used host in &PRODUCT;, as part of the cleanup procedure on the host, be sure to remove
+            /etc/ovs-agent/db/.
+        
+    

+    

+    

+        Adding a XenServer, KVM, or OVM Host
+        
+            If you have not already done so, install the hypervisor software on the host. You will need to know which version of the hypervisor software version is supported by &PRODUCT; and what additional configuration is required to ensure the host will work with &PRODUCT;. To find these installation details, see
+            the appropriate section for your hypervisor in the &PRODUCT; Installation Guide.
+            Log in to the &PRODUCT; UI as administrator.
+            In the left navigation, choose Infrastructure. In Zones, click View More, then click the zone in which you want to add the host.
+            Click the Compute tab. In the Clusters node, click View All.
+            Click the cluster where you want to add the host.
+            Click View Hosts.
+            Click Add Host.
+            Provide the following information.
+            
+                Host Name. The DNS name or IP address of the host.  
+                Username. Usually root.
+                Password. This is the password for the user named above (from your XenServer, KVM, or OVM install).
+                Host Tags (Optional). Any labels that you use to categorize hosts for ease of maintenance. For example, you can set to the cloud's HA tag (set in the ha.tag global configuration parameter) if you want this host to be used only for VMs with the "high availability" feature enabled. For more information, see HA-Enabled Virtual Machines as well as HA for Hosts.
+            
+                There may be a slight delay while the host is provisioned. It should automatically display in the UI. 
+            Repeat for additional hosts. 
+        
+    

+

diff --git a/docs/en-US/host-add.xml b/docs/en-US/host-add.xml
index b112d079d66..cf67dd3cc9d 100644
--- a/docs/en-US/host-add.xml
+++ b/docs/en-US/host-add.xml
@@ -27,7 +27,11 @@
         
             Before adding a host to the &PRODUCT; configuration, you must first install your chosen hypervisor on the host. &PRODUCT; can manage hosts running VMs under a variety of hypervisors. 
               The &PRODUCT; Installation Guide provides instructions on how to install each supported hypervisor
+<<<<<<< HEAD
                   and configure it for use with &PRODUCT;. See the Installation Guide for information about which version of your chosen hypervisor is supported, as well as crucial additional steps to configure the hosts for use with &PRODUCT;.
+=======
+                  and configure it for use with &PRODUCT;. See the appropriate section in the Installation Guide for information about which version of your chosen hypervisor is supported, as well as crucial additional steps to configure the hypervisor hosts for use with &PRODUCT;.
+>>>>>>> master
                 Be sure you have performed the additional &PRODUCT;-specific configuration steps described in the hypervisor installation section for your particular hypervisor.
             
             Now add the hypervisor host to &PRODUCT;. The technique to use varies depending on the hypervisor.
@@ -39,4 +43,8 @@
         
     
     
+<<<<<<< HEAD
 
+=======
+
+>>>>>>> master
diff --git a/docs/en-US/provisioning.xml b/docs/en-US/hypervisor-installation.xml
similarity index 80%
rename from docs/en-US/provisioning.xml
rename to docs/en-US/hypervisor-installation.xml
index 8a5b44af8e5..8bfc0c09c9b 100644
--- a/docs/en-US/provisioning.xml
+++ b/docs/en-US/hypervisor-installation.xml
@@ -22,8 +22,8 @@
  under the License.
 -->
 
-
-    Provisioning Your Cloud Infrastructure
-    
-    
-
+
+    Hypervisor Installation
+    
+    
+
\ No newline at end of file
diff --git a/docs/en-US/hypervisor-host-install-flow.xml b/docs/en-US/hypervisor-kvm-install-flow.xml
similarity index 94%
rename from docs/en-US/hypervisor-host-install-flow.xml
rename to docs/en-US/hypervisor-kvm-install-flow.xml
index 74668c8f423..e2544c19251 100644
--- a/docs/en-US/hypervisor-host-install-flow.xml
+++ b/docs/en-US/hypervisor-kvm-install-flow.xml
@@ -22,8 +22,8 @@
  under the License.
 -->
 
-

-    Hypervisor Host installation
+

+    KVM Hypervisor Host Installation
     
     
     
@@ -31,4 +31,4 @@
     
     
     
-

\ No newline at end of file
+

diff --git a/docs/en-US/images/NIC_bonding_and_multipath_IO.png b/docs/en-US/images/NIC_bonding_and_multipath_IO.png
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/docs/en-US/images/example_of_a_multi_site_deployment.png b/docs/en-US/images/example_of_a_multi_site_deployment.png
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/docs/en-US/images/large-scale-redundant-setup.png b/docs/en-US/images/large-scale-redundant-setup.png
new file mode 100644
index 00000000000..5d2581afb43
Binary files /dev/null and b/docs/en-US/images/large-scale-redundant-setup.png differ
diff --git a/docs/en-US/images/large_scale_redundant_setup.png b/docs/en-US/images/large_scale_redundant_setup.png
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/docs/en-US/images/multi-node-management-server.png b/docs/en-US/images/multi-node-management-server.png
new file mode 100644
index 00000000000..5cf5ed5456f
Binary files /dev/null and b/docs/en-US/images/multi-node-management-server.png differ
diff --git a/docs/en-US/images/multi-site-deployment.png b/docs/en-US/images/multi-site-deployment.png
new file mode 100644
index 00000000000..f3ae5bb6b5c
Binary files /dev/null and b/docs/en-US/images/multi-site-deployment.png differ
diff --git a/docs/en-US/images/multi_node_management_server.png b/docs/en-US/images/multi_node_management_server.png
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/docs/en-US/images/nic-bonding-and-multipath-io.png b/docs/en-US/images/nic-bonding-and-multipath-io.png
new file mode 100644
index 00000000000..0fe60b66ed6
Binary files /dev/null and b/docs/en-US/images/nic-bonding-and-multipath-io.png differ
diff --git a/docs/en-US/images/remove-vpc.png b/docs/en-US/images/remove-vpc.png
new file mode 100644
index 00000000000..aa9846cfd9b
Binary files /dev/null and b/docs/en-US/images/remove-vpc.png differ
diff --git a/docs/en-US/images/remove-vpn.png b/docs/en-US/images/remove-vpn.png
new file mode 100644
index 00000000000..27145cebbc7
Binary files /dev/null and b/docs/en-US/images/remove-vpn.png differ
diff --git a/docs/en-US/images/reset-vpn.png b/docs/en-US/images/reset-vpn.png
new file mode 100644
index 00000000000..04655dc37ad
Binary files /dev/null and b/docs/en-US/images/reset-vpn.png differ
diff --git a/docs/en-US/images/separate-storage-network.png b/docs/en-US/images/separate-storage-network.png
new file mode 100644
index 00000000000..24dbbefc5b4
Binary files /dev/null and b/docs/en-US/images/separate-storage-network.png differ
diff --git a/docs/en-US/images/separate_storage_network.png b/docs/en-US/images/separate_storage_network.png
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/docs/en-US/images/small-scale-deployment.png b/docs/en-US/images/small-scale-deployment.png
new file mode 100644
index 00000000000..1c88520e7b4
Binary files /dev/null and b/docs/en-US/images/small-scale-deployment.png differ
diff --git a/docs/en-US/images/small_scale_deployment.png b/docs/en-US/images/small_scale_deployment.png
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/docs/en-US/installation-steps-overview.xml b/docs/en-US/installation-steps-overview.xml
index ed2e3d1617d..ea00057bab3 100644
--- a/docs/en-US/installation-steps-overview.xml
+++ b/docs/en-US/installation-steps-overview.xml
@@ -34,49 +34,34 @@
     
     
     
-    
-        Prepare
-    
-    Make sure you have the required hardware ready
+    Make sure you have the required hardware ready. See 
     
     
-    (Optional) Fill out the preparation checklists
+    Install the Management Server (choose single-node or multi-node). See 
     
     
-    Install the &PRODUCT; software
+    Log in to the UI. See 
     
     
-    Install the Management Server (choose single-node or multi-node)
+    Add a zone. Includes the first pod, cluster, and host. See 
     
     
-    Log in to the UI
+    Add more pods (optional). See 
     
     
-    Provision your cloud infrastructure
+    Add more clusters (optional). See 
     
     
-    Add a zone. Includes the first pod, cluster, and host
+        Add more hosts (optional). See 
     
     
-    Add more pods
+    Add more primary storage (optional). See 
     
     
-    Add more clusters
+    Add more secondary storage (optional). See 
     
     
-    Add more hosts
-    
-    
-    Add more primary storage
-    
-    
-    Add more secondary storage
-    
-    
-    Try using the cloud
-    
-    
-    Initialization and testing
+    Try using the cloud. See 
     
     
 
diff --git a/docs/en-US/installation.xml b/docs/en-US/installation.xml
index 948931e5768..35f1c681dc8 100644
--- a/docs/en-US/installation.xml
+++ b/docs/en-US/installation.xml
@@ -27,6 +27,7 @@
     
     
     
+    
     
-    
+    
 
diff --git a/docs/en-US/inter-vlan-routing.xml b/docs/en-US/inter-vlan-routing.xml
new file mode 100644
index 00000000000..49a833cdb5d
--- /dev/null
+++ b/docs/en-US/inter-vlan-routing.xml
@@ -0,0 +1,107 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  About Inter-VLAN Routing
+  Inter-VLAN Routing is the capability to route network traffic between VLANs. This feature
+    enables you to build Virtual Private Clouds (VPC), an isolated segment of your cloud, that can
+    hold multi-tier applications. These tiers are deployed on different VLANs that can communicate
+    with each other. You provision VLANs to the tiers your create, and VMs can be deployed on
+    different tiers. The VLANs are connected to a virtual router, which facilitates communication
+    between the VMs. In effect, you can segment VMs by means of VLANs into different networks that
+    can host multi-tier applications, such as Web, Application, or Database. Such segmentation by
+    means of VLANs logically separate application VMs for higher security and lower broadcasts,
+    while remaining physically connected to the same device.
+  This feature is supported on XenServer and VMware hypervisors.
+  The major advantages are:
+  
+    
+      The administrator can deploy a set of VLANs and allow users to deploy VMs on these
+        VLANs. A guest VLAN is randomly alloted to an account from a pre-specified set of guest
+        VLANs. All the VMs of a certain tier of an account reside on the guest VLAN allotted to that
+        account.
+      
+        A VLAN allocated for an account cannot be shared between multiple accounts. 
+      
+    
+    
+      The administrator can allow users create their own VPC and deploy the application. In
+        this scenario, the VMs that belong to the account are deployed on the VLANs allotted to that
+        account.
+    
+    
+      Both administrators and users can create multiple VPCs. The guest network NIC is plugged
+        to the VPC virtual router when the first VM is deployed in a tier. 
+    
+    
+      The administrator can create the following gateways to send to or receive traffic from
+        the VMs:
+      
+        
+          VPN Gateway: For more information, see .
+        
+        
+          Public Gateway: The public gateway for a VPC is
+            added to the virtual router when the virtual router is created for VPC. The public
+            gateway is not exposed to the end users. You are not allowed to list it, nor allowed to
+            create any static routes.
+        
+        
+          Private Gateway: For more information, see .
+        
+      
+    
+    
+      Both administrators and users can create various possible destinations-gateway
+        combinations. However, only one gateway of each type can be used in a deployment.
+      For example:
+      
+        
+          VLANs and Public Gateway: For example, an
+            application is deployed in the cloud, and the Web application VMs communicate with the
+            Internet.
+        
+        
+          VLANs, VPN Gateway, and Public Gateway: For
+            example, an application is deployed in the cloud; the Web application VMs communicate
+            with the Internet; and the database VMs communicate with the on-premise devices.
+        
+      
+    
+    
+      The administrator can define Access Control List (ACL) on the virtual router to filter
+        the traffic among the VLANs or between the Internet and a VLAN. You can define ACL based on
+        CIDR, port range, protocol, type code (if ICMP protocol is selected) and Ingress/Egress
+        type.
+    
+  
+  The following figure shows the possible deployment scenarios of a Inter-VLAN setup:
+  
+    
+      
+    
+    
+      mutltier.png: a multi-tier setup.
+    
+  
+  To set up a multi-tier Inter-VLAN deployment, see .
+

diff --git a/docs/en-US/large_scale_redundant_setup.xml b/docs/en-US/large_scale_redundant_setup.xml
new file mode 100644
index 00000000000..427a42d9182
--- /dev/null
+++ b/docs/en-US/large_scale_redundant_setup.xml
@@ -0,0 +1,42 @@
+
+%BOOK_ENTITIES;
+]>
+
+
+

+    Large-Scale Redundant Setup
+    
+        
+            
+        
+        Large-Scale Redundant Setup
+    
+    This diagram illustrates the network architecture of a large-scale &PRODUCT; deployment.
+    
+        A layer-3 switching layer is at the core of the data center. A router redundancy protocol like VRRP should be deployed. Typically high-end core switches also include firewall modules. Separate firewall appliances may also be used if the layer-3 switch does not have integrated firewall capabilities. The firewalls are configured in NAT mode. The firewalls provide the following functions:
+            		
+	        Forwards HTTP requests and API calls from the Internet to the Management Server. The Management Server resides on the management network.
+	        When the cloud spans multiple zones, the firewalls should enable site-to-site VPN such that servers in different zones can directly reach each other.
+            
+        
+        A layer-2 access switch layer is established for each pod. Multiple switches can be stacked to increase port count. In either case, redundant pairs of layer-2 switches should be deployed.
+        The Management Server cluster (including front-end load balancers, Management Server nodes, and the MySQL database) is connected to the management network through a pair of load balancers.
+        Secondary storage servers are connected to the management network.
+        Each pod contains storage and computing servers. Each storage and computing server should have redundant NICs connected to separate layer-2 access switches.
+    
+

diff --git a/docs/en-US/management-server-install-db-external.xml b/docs/en-US/management-server-install-db-external.xml
index bc768290ce3..e77380fc54c 100644
--- a/docs/en-US/management-server-install-db-external.xml
+++ b/docs/en-US/management-server-install-db-external.xml
@@ -22,71 +22,82 @@
  under the License.
 -->
 
-

+

     Install the Database on a Separate Node
     This section describes how to install MySQL on a standalone machine, separate from the Management Server.
         This technique is intended for a deployment that includes several Management Server nodes.
         If you have a single-node Management Server deployment, you will typically use the same node for MySQL.
-        See .
+        See .
     
+    
+        The management server doesn't require a specific distribution for the MySQL node.
+            You can use a distribution or Operating System of your choice.
+            Using the same distribution as the management server is recommended, but not required.
+            See .
+        
+    
     
-        If you already have a version of MySQL installed on the Management Server node, make one of the following choices, depending on what version of MySQL it is. The most recent version tested is 5.1.58.
-            
-                If you already have installed MySQL version 5.1.58 or later, skip to step 3.
-                
-                If you have installed a version of MySQL earlier than 5.1.58, you can either skip to step 3 or uninstall MySQL and proceed to step 2 to install a more recent version.
-            
-            It is important that you choose the right database version. Never downgrade a MySQL installation.
-        
-        Log in as root to your Database Node and run the following commands. If you are going to install a replica database, then log in to the master.
-            
-# yum install mysql-server   
-# chkconfig --level 35 mysqld on
-            
+        
+            Install MySQL from the package repository from your distribution:
+            On RHEL or CentOS:
+            yum install mysql-server
+            On Ubuntu:
+            apt-get install mysql-server
         
         Edit the MySQL configuration (/etc/my.cnf or /etc/mysql/my.cnf, depending on your OS) 
             and insert the following lines in the [mysqld] section. You can put these lines below the datadir 
             line. The max_connections parameter should be set to 350 multiplied by the number of Management 
             Servers you are deploying. This example assumes two Management Servers.
+            
+                On Ubuntu you can also create a file /etc/mysql/conf.d/cloudstack.cnf and add these directives there. Don't forget to add [mysqld] on the first line of the file.
+            
             
 innodb_rollback_on_timeout=1
 innodb_lock_wait_timeout=600
 max_connections=700
 log-bin=mysql-bin
 binlog-format = 'ROW'
-            
-            The binlog-format variable is supported in MySQL versions 5.1 and greater. It is not supported in MySQL 5.0. In some versions of MySQL, an underscore character is used in place of the hyphen in the variable name. For the exact syntax and spelling of each variable, consult the documentation for your version of MySQL.
-        
-        Restart the MySQL service, then invoke MySQL as the root user.
-            
-# service mysqld restart
-# mysql -u root
+bind-address = 0.0.0.0
             
         
-        Best Practice: On RHEL and CentOS, MySQL does not set a root password by default. It is very strongly recommended that you set a root password as a security precaution. Run the following commands, and substitute your own desired root password.
-            mysql> SET PASSWORD = PASSWORD('password');
-            From now on, start MySQL with mysql -p so it will prompt you for the password.
+        
+            On RHEL/CentOS MySQL doesn't start after installation, start it manually.
+            service mysqld start
         
-        To grant access privileges to remote users, perform the following steps.
+        
+            
+                On RHEL and CentOS, MySQL does not set a root password by default. It is very strongly recommended that you set a root password as a security precaution. Run the following commands, and substitute your own desired root password. This step is not required on Ubuntu as it asks for a root password during installation.
+            
+            Run this command to secure your installation. You can answer "Y" to all questions except to "Disallow root login remotely?". This is required to set up the databases.
+            mysql_secure_installation
+        
+        If a firewall is present on the system, open TCP port 3306 so external MySQL connections can be established.
             
-                Run the following commands from the mysql prompt:
-                    
-mysql> GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION; 
-mysql> exit
-                    
+                
+                    On RHEL/CentOS:
+                    
+                        
+                            Edit the /etc/sysconfig/iptables file and add the following line at the beginning of the INPUT chain.
+                            -A INPUT -p tcp --dport 3306 -j ACCEPT
+                        
+                        
+                            Now reload the iptables rules.
+                            service iptables restart
+                        
+                    
                 
-                Restart the MySQL service.
-                    # service mysqld restart
-                
-                Open the MySQL server port (3306) in the firewall to allow remote clients to connect.
-                    # iptables -I INPUT -p tcp --dport 3306 -j ACCEPT
-                
-                Edit the /etc/sysconfig/iptables file and add the following line at the beginning of the INPUT chain.
-                     -A INPUT -p tcp --dport 3306 -j ACCEPT
+                
+                    On Ubuntu:
+                    UFW is the default firewall on Ubuntu, open the port with this command:
+                    ufw allow mysql
                 
             
         
-        Set up the database. The following command creates the cloud user on the database.
+        
+            Set up the database. The following command creates the cloud user on the database.
+            
+                This command should be run on the first Management server node!
+            
             
                 In dbpassword, specify the password to be assigned to the cloud user. You can choose to provide no password.
                 In deploy-as, specify the username and password of the user deploying the database. In the following command, it is assumed the root user is deploying the database and creating the cloud user.
@@ -94,12 +105,12 @@ mysql> exit
                 (Optional) For management_server_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; properties file. Default: password. It is highly recommended that you replace this with a more secure value. See About Password and Key Encryption.
                 (Optional) For database_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; database. Default: password. It is highly recommended that you replace this with a more secure value. See About Password and Key Encryption.
             
-            # cloud-setup-databases cloud:<dbpassword>@localhost --deploy-as=root:<password> -e <encryption_type> -m <management_server_key> -k <database_key>
+            cloud-setup-databases cloud:<dbpassword>@<ip address mysql server> \
+                --deploy-as=root:<password> \
+                -e <encryption_type> \
+                -m <management_server_key> \
+                -k <database_key>
             When this script is finished, you should see a message like “Successfully initialized the database.”
         
-        Now that the database is set up, you can finish configuring the OS for the Management Server. This command will set up iptables, sudoers, and start the Management Server.
-            # cloud-setup-management
-            You should see the message “Management Server setup is done.”
-        
     
 

diff --git a/docs/en-US/management-server-install-db-local.xml b/docs/en-US/management-server-install-db-local.xml
index 238f9dee629..ae8cfd1edca 100644
--- a/docs/en-US/management-server-install-db-local.xml
+++ b/docs/en-US/management-server-install-db-local.xml
@@ -22,28 +22,22 @@
  under the License.
 -->
 
-

+

     Install the Database on the Management Server Node
-    This section describes how to install MySQL on the same machine with the Management Server. This technique is intended for a simple deployment that has a single Management Server node. If you have a multi-node Management Server deployment, you will typically use a separate node for MySQL. See .
-    
+    This section describes how to install MySQL on the same machine with the Management Server. This technique is intended for a simple deployment that has a single Management Server node. If you have a multi-node Management Server deployment, you will typically use a separate node for MySQL. See .
     
-        If you already have a version of MySQL installed on the Management Server node, make one of the following choices, depending on what version of MySQL it is. The most recent version tested is 5.1.58.
-            
-                If you already have installed MySQL version 5.1.58 or later, skip to step 4.
-                
-                If you have installed a version of MySQL earlier than 5.1.58, you can either skip to step 4 or uninstall MySQL and proceed to step 2 to install a more recent version.
-            
-            It is important that you choose the right database version. Never downgrade a MySQL installation.
+        
+            Install MySQL from the package repository from your distribution:
+            On RHEL or CentOS:
+            yum install mysql-server
+            On Ubuntu:
+            apt-get install mysql-server
         
-        On the same computer where you installed the Management Server, re-run install.sh.
-            # ./install.sh
-            You should see a few messages as the installer prepares, followed by a list of choices.
-        
-        Choose D to install the MySQL server from the distribution’s repo.
-              > D
-            Troubleshooting: If you do not see the D option, you already have MySQL installed. Please go back to step 1.
-        
-        Edit the MySQL configuration (/etc/my.cnf or /etc/mysql/my.cnf, depending on your OS) and insert the following lines in the [mysqld] section. You can put these lines below the datadir line. The max_connections parameter should be set to 350 multiplied by the number of Management Servers you are deploying. This example assumes one Management Server.
+        
+            Edit the MySQL configuration (/etc/my.cnf or /etc/mysql/my.cnf, depending on your OS) and insert the following lines in the [mysqld] section. You can put these lines below the datadir line. The max_connections parameter should be set to 350 multiplied by the number of Management Servers you are deploying. This example assumes one Management Server.
+            
+                On Ubuntu you can also create a file /etc/mysql/conf.d/cloudstack.cnf and add these directives there. Don't forget to add [mysqld] on the first line of the file.
+            
             
 innodb_rollback_on_timeout=1
 innodb_lock_wait_timeout=600
@@ -51,48 +45,32 @@ max_connections=350
 log-bin=mysql-bin
 binlog-format = 'ROW'
             
-            The binlog-format variable is supported in MySQL versions 5.1 and greater. It is not supported in MySQL 5.0. In some versions of MySQL, an underscore character is used in place of the hyphen in the variable name. For the exact syntax and spelling of each variable, consult the documentation for your version of MySQL.
         
-        Restart the MySQL service, then invoke MySQL as the root user.
-            
-# service mysqld restart
-# mysql -u root
-            
+        
+            On RHEL/CentOS MySQL doesn't start after installation, start it manually.
+            service mysqld start
         
-        Best Practice: On RHEL and CentOS, MySQL does not set a root password by default. It is very strongly recommended that you set a root password as a security precaution. Run the following commands, and substitute your own desired root password.
-        mysql> SET PASSWORD = PASSWORD('password');
-            From now on, start MySQL with mysql -p so it will prompt you for the password.
+        
+            
+                On RHEL and CentOS, MySQL does not set a root password by default. It is very strongly recommended that you set a root password as a security precaution. Run the following commands, and substitute your own desired root password. This step is not required on Ubuntu as it asks for a root password during installation.
+            
+            Run this command to secure your installation. Since we are running MySQL locally you can answer "Y" to all questions.
+            mysql_secure_installation
         
-        To grant access privileges to remote users, perform the following steps.
-            
-                Run the following commands from the mysql prompt:
-                    
-mysql> GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' WITH GRANT OPTION; 
-mysql> exit
-                    
-                
-                Restart the MySQL service.
-                    # service mysqld restart
-                Open the MySQL server port (3306) in the firewall to allow remote clients to connect.
-                    # iptables -I INPUT -p tcp --dport 3306 -j ACCEPT
-                Edit the /etc/sysconfig/iptables file and add the following line at the beginning of the INPUT chain.
-                     -A INPUT -p tcp --dport 3306 -j ACCEPT
-            
-        
-        Set up the database. The following command creates the cloud user on the database.
+        Set up the database. The following command creates the "cloud" user on the database.
             
-                In dbpassword, specify the password to be assigned to the cloud user. You can choose to provide no password.
-                In deploy-as, specify the username and password of the user deploying the database. In the following command, it is assumed the root user is deploying the database and creating the cloud user.
+                In dbpassword, specify the password to be assigned to the "cloud" user. You can choose to provide no password although that is not recommended.
+                In deploy-as, specify the username and password of the user deploying the database. In the following command, it is assumed the root user is deploying the database and creating the "cloud" user.
                 (Optional) For encryption_type, use file or web to indicate the technique used to pass in the database encryption password. Default: file. See About Password and Key Encryption.
                 (Optional) For management_server_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; properties file. Default: password. It is highly recommended that you replace this with a more secure value. See About Password and Key Encryption.
                 (Optional) For database_key, substitute the default key that is used to encrypt confidential parameters in the &PRODUCT; database. Default: password. It is highly recommended that you replace this with a more secure value. See About Password and Key Encryption.
             
-            # cloud-setup-databases cloud:<dbpassword>@localhost --deploy-as=root:<password> -e <encryption_type> -m <management_server_key> -k <database_key>
+            cloud-setup-databases cloud:<dbpassword>@localhost \
+                --deploy-as=root:<password> \
+                -e <encryption_type> \
+                -m <management_server_key> \
+                -k <database_key>
             When this script is finished, you should see a message like “Successfully initialized the database.”
         
-        Now that the database is set up, you can finish configuring the OS for the Management Server. This command will set up iptables, sudoers, and start the Management Server.
-            # cloud-setup-management
-            You should see the message “Management Server setup is done.”
-        
     
 

diff --git a/docs/en-US/management-server-install-db.xml b/docs/en-US/management-server-install-db.xml
new file mode 100644
index 00000000000..24e638ad005
--- /dev/null
+++ b/docs/en-US/management-server-install-db.xml
@@ -0,0 +1,34 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+
+

+    Install the database server
+    The &PRODUCT; management server uses a MySQL database server to store it's data.
+        When you are installing the management server on a single node you can install the MySQL server locally.
+        When using a multi-node installation the MySQL database has to run on an external node.
+    
+    &PRODUCT; has been tested with MySQL 5.1 and 5.5, both should work fine. These versions are included in RHEL/CentOS and Ubuntu.
+    
+    
+

\ No newline at end of file
diff --git a/docs/en-US/management-server-install-flow.xml b/docs/en-US/management-server-install-flow.xml
index 112771bb500..33bcac9c85b 100644
--- a/docs/en-US/management-server-install-flow.xml
+++ b/docs/en-US/management-server-install-flow.xml
@@ -27,8 +27,7 @@
     
     
     
-    
-    
+    
     
     
     
diff --git a/docs/en-US/management-server-install-multi-node.xml b/docs/en-US/management-server-install-multi-node.xml
index 17d0f868b3c..db4bca5f83e 100644
--- a/docs/en-US/management-server-install-multi-node.xml
+++ b/docs/en-US/management-server-install-multi-node.xml
@@ -56,7 +56,7 @@
             
         
         Configure the database client. Note the absence of the --deploy-as argument in this case.
-            (For more details about the arguments to this command, see .)
+            (For more details about the arguments to this command, see .)
         
             # cloud-setup-databases cloud:<dbpassword>@<dbhost> -e <encryption_type> -m <management_server_key> -k <database_key>
             
diff --git a/docs/en-US/management-server-install-prepare-os.xml b/docs/en-US/management-server-install-prepare-os.xml
index ee76a5f1566..ef78731e81a 100644
--- a/docs/en-US/management-server-install-prepare-os.xml
+++ b/docs/en-US/management-server-install-prepare-os.xml
@@ -34,7 +34,7 @@
         
         
             Make sure that the machine can reach the Internet.
-            ping www.google.com
+            ping www.cloudstack.org
         
         
             Turn on NTP for time synchronization.
diff --git a/docs/en-US/multi_node_management_server.xml b/docs/en-US/multi_node_management_server.xml
new file mode 100644
index 00000000000..1ff713dbd16
--- /dev/null
+++ b/docs/en-US/multi_node_management_server.xml
@@ -0,0 +1,36 @@
+
+%BOOK_ENTITIES;
+]>
+
+
+

+    Multi-Node Management Server
+    The &PRODUCT; Management Server is deployed on one or more front-end servers connected to a single MySQL database. Optionally a pair of hardware load balancers distributes requests from the web. A backup management server set may be deployed using MySQL replication at a remote site to add DR capabilities.
+    
+        
+            
+        
+        Multi-Node Management Server
+    
+    The administrator must decide the following.
+    
+        Whether or not load balancers will be used.
+        How many Management Servers will be deployed.
+        Whether MySQL replication will be deployed to enable disaster recovery.
+    
+

diff --git a/docs/en-US/multi_site_deployment.xml b/docs/en-US/multi_site_deployment.xml
new file mode 100644
index 00000000000..8ad94aa2a70
--- /dev/null
+++ b/docs/en-US/multi_site_deployment.xml
@@ -0,0 +1,50 @@
+
+%BOOK_ENTITIES;
+]>
+
+
+

+    Multi-Site Deployment
+    The &PRODUCT; platform scales well into multiple sites through the use of zones. The following diagram shows an example of a multi-site deployment.
+    
+        
+            
+        
+        Example Of A Multi-Site Deployment
+    
+    Data Center 1 houses the primary Management Server as well as zone 1. The MySQL database is replicated in real time to the secondary Management Server installation in Data Center 2.
+    
+        
+            
+        
+        Separate Storage Network
+    
+    This diagram illustrates a setup with a separate storage network. Each server has four NICs, two connected to pod-level network switches and two connected to storage network switches.
+    There are two ways to configure the storage network:
+    
+         Bonded NIC and redundant switches can be deployed for NFS.  In NFS deployments, redundant switches and bonded NICs still result in one network (one CIDR block+ default gateway address).
+         iSCSI can take advantage of two separate storage networks (two CIDR blocks each with its own default gateway). Multipath iSCSI client can failover and load balance between separate storage networks.
+    
+    
+        
+            
+        
+        NIC Bonding And Multipath I/O
+    
+     This diagram illustrates the differences between NIC bonding and Multipath I/O (MPIO). NIC bonding configuration involves only one network. MPIO involves two separate networks.
+

diff --git a/docs/en-US/networks.xml b/docs/en-US/networks.xml
new file mode 100644
index 00000000000..d4ed76d4d0c
--- /dev/null
+++ b/docs/en-US/networks.xml
@@ -0,0 +1,48 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+  Managing Networks and Traffic
+  In a &PRODUCT;, guest VMs can communicate with each other using shared infrastructure with
+    the security and user perception that the guests have a private LAN. The &PRODUCT; virtual
+    router is the main component providing networking features for guest traffic. 
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+
diff --git a/docs/en-US/cloudstack_trial_installation.xml b/docs/en-US/plugin-niciranvp-about.xml
similarity index 56%
rename from docs/en-US/cloudstack_trial_installation.xml
rename to docs/en-US/plugin-niciranvp-about.xml
index 24a1699d1d7..8d2e20e7756 100644
--- a/docs/en-US/cloudstack_trial_installation.xml
+++ b/docs/en-US/plugin-niciranvp-about.xml
@@ -1,9 +1,10 @@
-
-
+
 %BOOK_ENTITIES;
+
+%xinclude;
 ]>
-
 
-
-
-    
-    
-    
-    
-
+
+    The Nicira NVP Plugin
+    
+    
+
+   
diff --git a/docs/en-US/plugin-niciranvp-devicemanagement.xml b/docs/en-US/plugin-niciranvp-devicemanagement.xml
new file mode 100644
index 00000000000..2423ce3925d
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-devicemanagement.xml
@@ -0,0 +1,47 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+

+    Device-management
+    In CloudStack 4.0.x each Nicira NVP setup is considered a "device" that can be added and removed from a physical network. To complete the configuration of the Nicira NVP plugin a device needs to be added to the physical network using the "addNiciraNVPDevice" API call. The plugin is now enabled on the physical network and any guest networks created on that network will be provisioned using the Nicra NVP Controller.
+    The plugin introduces a set of new API calls to manage the devices, see below or refer to the API reference.
+    
+        addNiciraNvpDevice
+        
+            
+                physicalnetworkid: the UUID of the physical network on which the device is configured
+                hostname: the IP address of the NVP controller
+                username: the username for access to the NVP API
+                password: the password for access to the NVP API
+                transportzoneuuid: the UUID of the transportzone
+            
+        
+        deleteNiciraNVPDevice
+        
+            
+                nvpdeviceid: the UUID of the device
+            
+        
+        listNiciraNVPDevices
+        
+    
+

\ No newline at end of file
diff --git a/docs/en-US/plugin-niciranvp-features.xml b/docs/en-US/plugin-niciranvp-features.xml
new file mode 100644
index 00000000000..cdcda9e2aa6
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-features.xml
@@ -0,0 +1,29 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+

+    Features of the Nicira NVP Plugin
+    In CloudStack release 4.0.x this plugin supports the Connectivity service. This service is responsible for creating Layer 2 networks supporting the networks created by Guests. In other words when an tennant creates a new network, instead of the traditional VLAN a logical network will be created by sending the appropriate calls to the Nicira NVP Controller.
+    The plugin has been tested with Nicira NVP versions 2.1.0, 2.2.0 and 2.2.1
+    In CloudStack 4.0.x only the XenServer hypervisor is supported for use in combination with Nicira NVP
+    In CloudStack 4.0.x the UI components for this plugin are not complete, configuration is done by sending commands to the API
+

\ No newline at end of file
diff --git a/docs/en-US/plugin-niciranvp-guide.xml b/docs/en-US/plugin-niciranvp-guide.xml
new file mode 100644
index 00000000000..89c9871021d
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-guide.xml
@@ -0,0 +1,31 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+
+
+    Plugin Guide for the Nicira NVP Plugin
+    
+    
+    
+
diff --git a/docs/en-US/cloudstack_installation.xml b/docs/en-US/plugin-niciranvp-introduction.xml
similarity index 58%
rename from docs/en-US/cloudstack_installation.xml
rename to docs/en-US/plugin-niciranvp-introduction.xml
index f6ef3cf7c4d..9c1d42df32d 100644
--- a/docs/en-US/cloudstack_installation.xml
+++ b/docs/en-US/plugin-niciranvp-introduction.xml
@@ -1,9 +1,10 @@
-
-
+
 %BOOK_ENTITIES;
+
+%xinclude;
 ]>
-
 
-
-
-    
-    
-    
-    
-
+

+    Introduction to the Nicira NVP Plugin
+    The Nicira NVP plugin allows CloudStack to use the Nicira solution for virtualized network as a provider for CloudStack networks and services.
+

diff --git a/docs/en-US/plugin-niciranvp-preparations.xml b/docs/en-US/plugin-niciranvp-preparations.xml
new file mode 100644
index 00000000000..95a25bdca26
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-preparations.xml
@@ -0,0 +1,36 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+

+    Prerequisites
+    Before enabling the Nicira NVP plugin the NVP Controller needs to be configured. Please review the NVP User Guide on how to do that. 
+    CloudStack needs to have at least one physical network with the isolation method set to "STT". This network should be enabled for the Guest traffic type.
+        The Guest traffic type should be configured with the traffic label that matches the name of the Integration Bridge on XenServer. See the Nicira NVP User Guide for more details on how to set this up in XenServer.
+    Make sure you have the following information ready:
+    
+        The IP address of the NVP Controller
+        The username to access the API
+        The password to access the API
+        The UUID of the Transport Zone that contains the hypervisors in this Zone
+        The UUID of the Physical Network that will used for the Guest networks
+    
+

\ No newline at end of file
diff --git a/docs/en-US/plugin-niciranvp-provider.xml b/docs/en-US/plugin-niciranvp-provider.xml
new file mode 100644
index 00000000000..d81db99d9c0
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-provider.xml
@@ -0,0 +1,42 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+

+    Enabling the service provider
+    To allow CloudStack to use the Nicira NVP Plugin the network service provider needs to be enabled on the physical network. The following sequence of API calls will enable the network service provider
+    
+        addNetworkServiceProvider
+        
+            
+                name = "NiciraNVP"
+                physicalnetworkid = <the uuid of the physical network>
+            
+        
+        updateNetworkServiceProvider
+        
+            
+                id = <the provider uuid returned by the previous call>
+                state = "Enabled"
+            
+        
+        
+

\ No newline at end of file
diff --git a/docs/en-US/plugin-niciranvp-revisions.xml b/docs/en-US/plugin-niciranvp-revisions.xml
new file mode 100644
index 00000000000..6e455cafaf7
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-revisions.xml
@@ -0,0 +1,45 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+
+
+    Revision History
+    
+        
+            
+                0-0
+                Wed Oct 03 2012
+                
+                    Hugo
+                    Trippaers
+                    hugo@apache.org
+                
+                
+                    
+                        Documentation created for 4.0.x version of the NVP Plugin
+                    
+                
+            
+        
+    
+
diff --git a/docs/en-US/plugin-niciranvp-tables.xml b/docs/en-US/plugin-niciranvp-tables.xml
new file mode 100644
index 00000000000..4f816550b30
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-tables.xml
@@ -0,0 +1,51 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+

+    Database tables
+    The following tables are added to the cloud database for the Nicira NVP Plugin
+    
+        nicira_nvp_nic_map, contains a mapping from nic to logical switch port
+        
+            
+                id
+                logicalswitch, uuid of the logical switch this port is connected to
+                logicalswitchport, uuid of the logical switch port for this nic
+                nic, the CloudStack uuid for this nic, reference to the nics table
+            
+            
+    
+    
+        external_nicira_nvp_devices, contains all configured devices
+        
+            
+                id
+                uuid
+                physical_network_id, the physical network this device is configured on
+                provider_name, set to "NiciraNvp"
+                device_name, display name for this device
+                host_id, reference to the host table with the device configuration
+            
+            
+    
+    
+

\ No newline at end of file
diff --git a/docs/en-US/plugin-niciranvp-troubleshooting.xml b/docs/en-US/plugin-niciranvp-troubleshooting.xml
new file mode 100644
index 00000000000..02b06555914
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-troubleshooting.xml
@@ -0,0 +1,28 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+
+    Troubleshooting the Nicira NVP Plugin
+    
+    
+    
+
diff --git a/docs/en-US/plugin-niciranvp-usage.xml b/docs/en-US/plugin-niciranvp-usage.xml
new file mode 100644
index 00000000000..17413387ea4
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-usage.xml
@@ -0,0 +1,29 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+
+    Using the Nicira NVP Plugin
+    
+    
+    
+    
+
diff --git a/docs/en-US/plugin-niciranvp-uuidreferences.xml b/docs/en-US/plugin-niciranvp-uuidreferences.xml
new file mode 100644
index 00000000000..c912971736b
--- /dev/null
+++ b/docs/en-US/plugin-niciranvp-uuidreferences.xml
@@ -0,0 +1,30 @@
+
+
+%BOOK_ENTITIES;
+
+%xinclude;
+]>
+
+

+    UUID References
+    The plugin maintains several references in the CloudStack database to items created on the NVP Controller.
+    Every guest network this is created will have its broadcast type set to Lswitch and if the network is in state "Implemented", the broadcast URI will have the UUID of the Logical Switch that was created for this network on the NVP Controller.
+    The Nics that are connected to one of the Logical Switches will have their Logical Switch Port UUID listed in the nicira_nvp_nic_map table
+    All devices created on the NVP Controller will have a tag set to domain-account of the owner of the network, this string can be used to search for items in the NVP Controller.    
+    
+

\ No newline at end of file
diff --git a/docs/en-US/prepare_os.xml b/docs/en-US/prepare_os.xml
deleted file mode 100644
index f0fc201cde7..00000000000
--- a/docs/en-US/prepare_os.xml
+++ /dev/null
@@ -1,106 +0,0 @@
-
-
-%BOOK_ENTITIES;
-]>
-
-
-
-    

-        Prepare the Operating System
-        The OS must be prepared to host the Management Server using the following steps. These steps must be performed on each Management Server node.
-            
-                Log in to your OS as root.
-                Check for a fully qualified hostname.
-                    # hostname --fqdn
-                    This should return a fully qualified hostname such as "kvm1.lab.example.org".  If it does not, edit /etc/hosts so that it does.
-                
-                Set SELinux to be permissive by default.
-                    
-                        Check to see whether SELinux is installed on your machine. If not, you can skip to step 4.
-                            In RHEL or CentOS, SELinux are installed and enabled by default. You can verify this with:
-                            # rpm -qa | grep selinux
-                            In Ubuntu, SELinux is not installed by default. You can verify this with:
-                            # dpkg --list 'selinux'
-                        
-                        Set the SELINUX variable in /etc/selinux/config to “permissive”. This ensures that the permissive setting will be maintained after a system reboot.
-                            In RHEL or CentOS:
-                            # vi /etc/selinux/config
-                            In Ubuntu (do this step only if SELinux was found on the machine in the previous step):
-                            # selinux-config-enforcing permissive                    
-                        
-                        Then set SELinux to permissive starting immediately, without requiring a system reboot.
-                            In CentOS:
-                            # setenforce permissive
-                            In RHEL:
-                            # setenforce 0
-                            In Ubuntu (do this step only if SELinux was found on the machine):
-                            # setenforce permissive
-                        
-                    
-                
-                Make sure that the Management Server can reach the Internet.
-                    # ping www.google.com
-                
-                (RHEL 6.2) If you do not have a Red Hat Network account, you need to prepare a local Yum repository.
-                    
-                        If you are working with a physical host, insert the RHEL 6.2 installation CD. If you are using a VM, attach the RHEL6 ISO.
-                        Mount the CDROM to /media.
-                        Create a repo file at /etc/yum.repos.d/rhel6.repo. In the file, insert the following lines:
-                            
-[rhel]
-name=rhel6
-baseurl=file:///media
-enabled=1
-gpgcheck=0    
-                            
-                        
-                    
-                
-                Turn on NTP for time synchronization.
-                    NTP is required to synchronize the clocks of the servers in your cloud.
-                    
-                        Install NTP.
-                            On RHEL or CentOS:
-                            # yum install ntp
-                            On Ubuntu:
-                            # apt-get install ntp
-                        
-                        Edit the NTP configuration file to point to your NTP server.
-                            # vi /etc/ntp.conf
-                            For example, you can use one of the following:
-                            0.xenserver.pool.ntp.org
-1.xenserver.pool.ntp.org
-2.xenserver.pool.ntp.org
-3.xenserver.pool.ntp.org
-
-                        
-                        Restart the NTP client.
-                            # service ntpd restart
-                        
-                        Make sure NTP will start again upon reboot.
-                            On RHEL or CentOS:
-                            # chkconfig ntpd on
-                            On Ubuntu:
-                            # chkconfig ntp on
-                        
-                    
-                
-            
-    

diff --git a/docs/en-US/primary-storage-add.xml b/docs/en-US/primary-storage-add.xml
index 401588c1880..bebbc5c1307 100644
--- a/docs/en-US/primary-storage-add.xml
+++ b/docs/en-US/primary-storage-add.xml
@@ -23,15 +23,40 @@
 -->
 
 

+<<<<<<< HEAD
 	Adding Primary Storage
     Ensure that nothing stored on the server. Adding the server to &PRODUCT; will destroy any existing data.
     When you create a new zone, the first primary storage is added as part of that procedure. You can add primary storage servers at any time, such as when adding a new cluster or adding more servers to an existing cluster.
     
         Log in to the &PRODUCT; UI.
+=======
+    Add Primary Storage
+    

+    System Requirements for Primary Storage
+    Hardware requirements:
+    
+        Any standards-compliant iSCSI or NFS server that is supported by the underlying hypervisor.
+        The storage server should be a machine with a large number of disks. The disks should ideally be managed by a hardware RAID controller.
+        Minimum required capacity depends on your needs.
+    
+    When setting up primary storage, follow these restrictions:
+    
+        Primary storage cannot be added until a host has been added to the cluster.
+        If you do not provision shared primary storage, you must set the global configuration parameter system.vm.local.storage.required to true, or else you will not be able to start VMs.
+    
+    

+    

+    Adding Primary Stroage
+    When you create a new zone, the first primary storage is added as part of that procedure. You can add primary storage servers at any time, such as when adding a new cluster or adding more servers to an existing cluster.
+    Be sure there is nothing stored on the server. Adding the server to &PRODUCT; will destroy any existing data.
+    
+        Log in to the &PRODUCT; UI (see ).
+>>>>>>> master
         In the left navigation, choose Infrastructure. In Zones, click View More, then click the zone in which you want to add the primary storage.
         Click the Compute tab.
         In the Primary Storage node of the diagram, click View All.
         Click Add Primary Storage.
+<<<<<<< HEAD
         Provide the following information in the dialog. The information required varies depending on your choice in Protocol.
             
                 Pod. The pod for the storage device.
@@ -51,4 +76,29 @@
             The tag sets on primary storage across clusters in a Zone must be identical.  For example, if cluster A provides primary storage that has tags T1 and T2, all other clusters in the Zone must also provide primary storage that has tags T1 and T2.
         Click OK.     
     
+=======
+        
+        Provide the following information in the dialog. The information required varies depending on your choice in Protocol.
+        
+            Pod. The pod for the storage device.
+            Cluster. The cluster for the storage device.
+            Name. The name of the storage device.
+            Protocol. For XenServer, choose either NFS, iSCSI, or PreSetup.  For KVM, choose NFS or SharedMountPoint.  For vSphere choose either VMFS (iSCSI or FiberChannel) or NFS.
+            Server (for NFS, iSCSI, or PreSetup). The IP address or DNS name of the storage device.
+            Server (for VMFS). The IP address or DNS name of the vCenter server.
+            Path (for NFS). In NFS this is the exported path from the server.
+            Path (for VMFS). In vSphere this is a combination of the datacenter name and the datastore name.  The format is "/" datacenter name "/" datastore name.  For example, "/cloud.dc.VM/cluster1datastore".
+            Path (for SharedMountPoint). With KVM this is the path on each host that is where this primary storage is mounted.  For example, "/mnt/primary".
+            SR Name-Label (for PreSetup). Enter the name-label of the SR that has been set up outside &PRODUCT;.
+            Target IQN (for iSCSI). In iSCSI this is the IQN of the target. For example, iqn.1986-03.com.sun:02:01ec9bb549-1271378984.
+            Lun # (for iSCSI). In iSCSI this is the LUN number. For example, 3.
+            Tags (optional). The comma-separated list of tags for this storage device.  It should be an equivalent set or superset of the tags on your disk offerings..
+        
+        The tag sets on primary storage across clusters in a Zone must be identical.  For example, if cluster A provides primary storage that has tags T1 and T2, all other clusters in the Zone must also provide primary storage that has tags T1 and T2.
+        
+        Click OK.
+    
+
+    

+>>>>>>> master
 

diff --git a/docs/en-US/projects-overview.xml b/docs/en-US/projects-overview.xml
new file mode 100644
index 00000000000..4f9a833b5ed
--- /dev/null
+++ b/docs/en-US/projects-overview.xml
@@ -0,0 +1,31 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+

+    Overview of Projects
+    Projects are used to organize people and resources. &PRODUCT; users within a single domain can group themselves into project teams so they can collaborate and share virtual resources such as VMs, snapshots, templates, data disks, and IP addresses. &PRODUCT; tracks resource usage per project as well as per user, so the usage can be billed to either a user account or a project. For example, a private cloud within a software company might have all members of the QA department assigned to one project, so the company can track the resources used in testing while the project members can more easily isolate their efforts from other users of the same cloud
+    You can configure &PRODUCT; to allow any user to create a new project, or you can restrict that ability to just &PRODUCT; administrators. Once you have created a project, you become that project’s administrator, and you can add others within your domain to the project. &PRODUCT; can be set up either so that you can add people directly to a project, or so that you have to send an invitation which the recipient must accept. Project members can view and manage all virtual resources created by anyone in the project (for example, share VMs). A user can be a member of any  number of projects and can switch views in the &PRODUCT; UI to show only project-related information, such as project VMs, fellow project members, project-related alerts, and so on.
+    The project administrator can pass on the role to another project member.  The project administrator can also add more members, remove members from the project, set new resource limits (as long as they are below the global defaults set by the &PRODUCT; administrator), and delete the project. When the administrator removes a member from the project, resources created by that user, such as VM instances, remain with the project. This brings us to the subject of resource ownership and which resources can be used by a project.
+    Resources created within a project are owned by the project, not by any particular &PRODUCT; account, and they can be used only within the project. A user who belongs to one or more projects can still create resources outside of those projects, and those resources belong to the user’s account; they will not be counted against the project’s usage or resource limits. You can create project-level networks to isolate traffic within the project and provide network services such as port forwarding, load balancing, VPN, and static NAT. A project can also make use of certain types of resources from outside the project, if those resources are shared. For example, a shared network or public template is available to any project in the domain. A project can get access to a private template if the template’s owner will grant permission. A project can use any service offering or disk offering available in its domain; however, you can not create private service and disk offerings at the project level..
+

+      
diff --git a/docs/en-US/projects.xml b/docs/en-US/projects.xml
index f26248f8264..862223df508 100644
--- a/docs/en-US/projects.xml
+++ b/docs/en-US/projects.xml
@@ -25,6 +25,7 @@
 
 	Using Projects to Organize Users and Resources
     
+<<<<<<< HEAD
     
     
     
@@ -33,6 +34,11 @@
     
     
     
+=======
+    
+    
+    
+>>>>>>> master
     
     
       
diff --git a/docs/en-US/provisioning-steps.xml b/docs/en-US/provisioning-steps.xml
index 27fc162a0bc..dc6cbadd2e8 100644
--- a/docs/en-US/provisioning-steps.xml
+++ b/docs/en-US/provisioning-steps.xml
@@ -21,6 +21,10 @@
     specific language governing permissions and limitations
     under the License.
 -->
+<<<<<<< HEAD
+=======
+
+>>>>>>> master
 
     Steps to Provisioning Your Cloud Infrastructure
     This section tells how to add zones, pods, clusters, hosts, storage, and networks to your cloud. If you are unfamiliar with these entities, please begin by looking through .
@@ -32,5 +36,4 @@
     
     
     
-    
-

+
diff --git a/docs/en-US/provisioning-steps.xml.orig b/docs/en-US/provisioning-steps.xml.orig
new file mode 100644
index 00000000000..b532783b2d2
--- /dev/null
+++ b/docs/en-US/provisioning-steps.xml.orig
@@ -0,0 +1,42 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+
+
+    Steps to Provisioning Your Cloud Infrastructure
+    This section tells how to add zones, pods, clusters, hosts, storage, and networks to your cloud. If you are unfamiliar with these entities, please begin by looking through .
+    
+    
+    
+    
+    
+    
+    
+    
+    
+<<<<<<< HEAD
+    
+

+=======
+
+>>>>>>> Promote sections to chapters: Cloud Infrastructure Concepts and Provisioning Steps.
diff --git a/docs/en-US/re-install-hosts.xml b/docs/en-US/re-install-hosts.xml
new file mode 100644
index 00000000000..b8092adb44a
--- /dev/null
+++ b/docs/en-US/re-install-hosts.xml
@@ -0,0 +1,26 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Re-Installing Hosts
+  You can re-install a host after placing it in maintenance mode and then removing it. If a
+    host is down and cannot be placed in maintenance mode, it should still be removed before the
+    re-install.
+

diff --git a/docs/en-US/release-ip-for-vpc.xml b/docs/en-US/release-ip-for-vpc.xml
new file mode 100644
index 00000000000..466ec663a17
--- /dev/null
+++ b/docs/en-US/release-ip-for-vpc.xml
@@ -0,0 +1,80 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Releasing an IP Address Alloted to a VPC
+  The IP address is a limited resource. If you no longer need a particular IP, you can
+    disassociate it from its VPC and return it to the pool of available addresses. An IP address can
+    be released from its tier, only when all the networking ( port forwarding, load balancing, or
+    StaticNAT ) rules are removed for this IP address. The released IP address will still belongs to
+    the same VPC.
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user.
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      In the Select view, select VPC.
+      All the VPCs that you have created for the account is listed in the page.
+    
+    
+      Click the Configure button of the VPC whose IP you want to release.
+      The VPC page is displayed where all the tiers you created are listed in a
+        diagram.
+    
+    
+      Click the Settings icon.
+      The following options are displayed.
+      
+        
+          IP Addresses
+        
+        
+          Gateways
+        
+        
+          Site-to-Site VPN
+        
+        
+          Network ACLs
+        
+      
+    
+    
+      Select IP Addresses.
+      The IP Addresses page is displayed.
+    
+    
+      Click the IP you want to release.
+    
+    
+      In the Details tab, click the Release IP button 
+          
+            
+          
+          
+            release-ip-icon.png: button to release an IP.
+          
+        
+    
+  
+

diff --git a/docs/en-US/release-notes-3.0.4.ent b/docs/en-US/release-notes.ent
similarity index 100%
rename from docs/en-US/release-notes-3.0.4.ent
rename to docs/en-US/release-notes.ent
diff --git a/docs/en-US/remove-tier.xml b/docs/en-US/remove-tier.xml
new file mode 100644
index 00000000000..b5996eb2de3
--- /dev/null
+++ b/docs/en-US/remove-tier.xml
@@ -0,0 +1,55 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Removing Tiers
+  You can remove a tier from a VPC. A removed tier cannot be revoked. When a tier is removed,
+    only the resources of the tier are expunged. All the network rules (port forwarding, load
+    balancing and staticNAT) and the IP addresses associated to the tier are removed. The IP address
+    still be belonging to the same VPC.
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user.
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      In the Select view, select VPC.
+      All the VPC that you have created for the account is listed in the page.
+    
+    
+      Click the Configure button of the VPC for which you want to set up tiers.
+      The Configure VPC page is displayed. Locate the tier you want to work with.
+    
+    
+      Click the Remove VPC button:
+      
+        
+          
+        
+        
+          remove-tier.png: removing a tier from a vpc.
+        
+      
+      Wait for some time for the tier to be removed.
+    
+  
+

diff --git a/docs/en-US/remove-vpc.xml b/docs/en-US/remove-vpc.xml
new file mode 100644
index 00000000000..c5eff850fd3
--- /dev/null
+++ b/docs/en-US/remove-vpc.xml
@@ -0,0 +1,68 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Editing, Restarting, and Removing a Virtual Private Cloud
+  
+    Ensure that all the tiers are removed before you remove a VPC.
+  
+  
+    
+      Log in to the &PRODUCT; UI as an administrator or end user. 
+    
+    
+      In the left navigation, choose Network.
+    
+    
+      In the Select view, select VPC.
+      All the VPCs that you have created for the account is listed in the page.
+    
+    
+      Select the VPC you want to work with.
+    
+    
+      To remove, click the Remove VPC button
+          
+            
+          
+          
+            remove-vpc.png: button to remove a VPC
+          
+        
+      You can edit the name and description of a VPC. To do that, select the VPC, then click
+        the Edit button. 
+          
+            
+          
+          
+            edit-icon.png: button to edit a VPC
+          
+        
+      To restart a VPC, select the VPC, then click the Restart button.
+          
+            
+          
+          
+            restart-vpc.png: button to restart a VPC
+          
+        
+    
+  
+

diff --git a/docs/en-US/secondary-storage-add.xml b/docs/en-US/secondary-storage-add.xml
index de7b69af13d..e1f45cdec66 100644
--- a/docs/en-US/secondary-storage-add.xml
+++ b/docs/en-US/secondary-storage-add.xml
@@ -5,31 +5,44 @@
 ]>
 
 
 
 

-	Adding Secondary Storage
-    Be sure there is nothing stored on the server. Adding the server to &PRODUCT; will destroy any existing data.
+    Add Secondary Storage
+    

+    System Requirements for Secondary Storage
+    
+        NFS storage appliance or Linux NFS server
+        (Optional) OpenStack Object Storage (Swift) (see http://swift.openstack.org)
+        100GB minimum capacity
+        A secondary storage device must be located in the same zone as the guest VMs it serves.
+        Each Secondary Storage server must be available to all hosts in the zone.
+    
+    

+    

+    Adding Secondary Storage
     When you create a new zone, the first secondary storage is added as part of that procedure. You can add secondary storage servers at any time to add more servers to an existing zone.
+    Be sure there is nothing stored on the server. Adding the server to &PRODUCT; will destroy any existing data.
     
-        If you are going to use Swift for cloud-wide secondary storage, you must add the Swift storage to &PRODUCT; before you add the local zone secondary storage servers.
-        To prepare for local zone secondary storage, you should have created and mounted an NFS share during Management Server installation.
-        Make sure you prepared the system VM template during Management Server installation.
-        4.	Now that the secondary storage server for per-zone storage is prepared, add it to &PRODUCT;. Secondary storage is added as part of the procedure for adding a new zone.
+        If you are going to use Swift for cloud-wide secondary storage, you must add the Swift storage to &PRODUCT; before you add the local zone secondary storage servers. See .
+        To prepare for local zone secondary storage, you should have created and mounted an NFS share during Management Server installation. See .See Preparing NFS Shares in the Installation Guide.
+        Make sure you prepared the system VM template during Management Server installation. See .See Prepare the System VM Template in the Installation Guide.
+        Now that the secondary storage server for per-zone storage is prepared, add it to &PRODUCT;. Secondary storage is added as part of the procedure for adding a new zone. See .
     
+    

 

diff --git a/docs/en-US/security-groups.xml b/docs/en-US/security-groups.xml
index 074581542c9..07b9f79bdd1 100644
--- a/docs/en-US/security-groups.xml
+++ b/docs/en-US/security-groups.xml
@@ -23,8 +23,13 @@
 -->
 
 

+<<<<<<< HEAD
     Using Security Groups to Control Traffic to VMs
     
+=======
+    Security Groups
+    
+>>>>>>> master
     
         
     
diff --git a/docs/en-US/separate_storage_network.xml b/docs/en-US/separate_storage_network.xml
new file mode 100644
index 00000000000..c3f6330cb14
--- /dev/null
+++ b/docs/en-US/separate_storage_network.xml
@@ -0,0 +1,24 @@
+
+%BOOK_ENTITIES;
+]>
+
+
+

+    Separate Storage Network
+    In the large-scale redundant setup described in the previous section, storage traffic can overload the management network. A separate storage network is optional for deployments. Storage protocols such as iSCSI are sensitive to network delays. A separate storage network ensures guest network traffic contention does not impact storage performance.
+

\ No newline at end of file
diff --git a/docs/en-US/set-global-project-resource-limits.xml b/docs/en-US/set-global-project-resource-limits.xml
new file mode 100644
index 00000000000..d91942ad8db
--- /dev/null
+++ b/docs/en-US/set-global-project-resource-limits.xml
@@ -0,0 +1,82 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Setting the Global Project Resource Limits
+  
+    
+      Log in as administrator to the &PRODUCT; UI.
+    
+    
+      In the left navigation, click Global Settings.
+    
+    
+      In the search box, type max.projects and click the search button.
+    
+    
+      In the search results, you will see the parameters you can use to set per-project
+        maximum resource amounts that apply to all projects in the cloud. No project can have more
+        resources, but an individual project can have lower limits. Click the edit button to set
+        each parameter. 
+          
+            
+          
+          
+            editbutton.png: Edits parameters
+          
+        
+      
+        
+          
+            
+              max.project.public.ips
+              Maximum number of public IP addresses that can be owned by any project in
+                  the cloud. See About Public IP Addresses.
+            
+            
+              max.project.snapshots
+              Maximum number of snapshots that can be owned by any project in the
+                  cloud. See Working with Snapshots.
+            
+            
+              max.project.templates
+              Maximum number of templates that can be owned by any project in the
+                  cloud. See Working with Templates.
+            
+            
+              max.project.uservms
+              Maximum number of guest virtual machines that can be owned by any project
+                  in the cloud. See Working With Virtual Machines.
+            
+            
+              max.project.volumes
+              Maximum number of data volumes that can be owned by any project in the
+                  cloud. See Working with Volumes.
+            
+          
+        
+      
+    
+    
+      Restart the Management Server.
+      # service cloud-management restart
+    
+  
+

diff --git a/docs/en-US/set-per-project-resource-limits.xml b/docs/en-US/set-per-project-resource-limits.xml
new file mode 100644
index 00000000000..a0f64ea5a38
--- /dev/null
+++ b/docs/en-US/set-per-project-resource-limits.xml
@@ -0,0 +1,55 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Setting Per-Project Resource Limits
+  The &PRODUCT; root administrator or the domain administrator of the domain where the project
+    resides can set new resource limits for an individual project. The project owner can set
+    resource limits only if the owner is also a domain or root administrator.
+  The new limits must be below the global default limits set by the &PRODUCT; administrator
+    (as described in ). If the project already
+    owns more of a given type of resource than the new maximum, the resources are not affected;
+    however, the project can not add any new resources of that type until the total drops below the
+    new limit.
+  
+    
+      Log in as administrator to the &PRODUCT; UI.
+    
+    
+      In the left navigation, click Projects.
+    
+    
+      In Select View, choose Projects.
+    
+    
+      Click the name of the project you want to work with.
+    
+    
+      Click the Resources tab. This tab lists the current maximum amount that the project is
+        allowed to own for each type of resource.
+    
+    
+      Type new values for one or more resources.
+    
+    
+      Click Apply.
+    
+  
+

diff --git a/docs/en-US/set-projects-creator-permissions.xml b/docs/en-US/set-projects-creator-permissions.xml
index 1d9309f8837..9b272f6bc7e 100644
--- a/docs/en-US/set-projects-creator-permissions.xml
+++ b/docs/en-US/set-projects-creator-permissions.xml
@@ -3,45 +3,60 @@
 
 %BOOK_ENTITIES;
 ]>
-
 
-
 

-    Setting Project Creator Permissions
-    You can configure &PRODUCT; to allow any user to create a new project, or you can restrict that ability to just &PRODUCT; administrators.
-    
-        Log in as administrator to the &PRODUCT; UI.
-        In the left navigation, click Global Settings.
-        In the search box, type allow.user.create.projects.
-        Click the edit button to set the parameter. 
-            
-                
-            
-            editbutton.png: Edits parameters
-        
-            
-                
-                    
-                        allow.user.create.projects
-                        Set to true to allow end users to create projects. Set to false if you want only the &PRODUCT; root administrator and domain administrators to create projects.
-                    
-                
-        Restart the Management Server.# service cloud-management restart
-    
+  Setting Project Creator Permissions
+  You can configure &PRODUCT; to allow any user to create a new project, or you can restrict
+    that ability to just &PRODUCT; administrators.
+  
+    
+      Log in as administrator to the &PRODUCT; UI.
+    
+    
+      In the left navigation, click Global Settings.
+    
+    
+      In the search box, type allow.user.create.projects.
+    
+    
+      Click the edit button to set the parameter.
+          
+            
+          
+          
+            editbutton.png: Edits parameters
+          
+        
+      
+        
+          
+            
+              allow.user.create.projects
+              Set to true to allow end users to create projects. Set to false if you
+                  want only the &PRODUCT; root administrator and domain administrators to create
+                  projects.
+            
+          
+        
+      
+    
+    
+      Restart the Management Server.
+      # service cloud-management restart
+    
+  
 

diff --git a/docs/en-US/set-resource-limits-for-projects.xml b/docs/en-US/set-resource-limits-for-projects.xml
index 2c331acde51..669ca259372 100644
--- a/docs/en-US/set-resource-limits-for-projects.xml
+++ b/docs/en-US/set-resource-limits-for-projects.xml
@@ -3,26 +3,30 @@
 
 %BOOK_ENTITIES;
 ]>
-
 
-
 

-    Setting Resource Limits for Projects
-    The &PRODUCT; administrator can set global default limits to control the amount of resources that can be owned by each project  in the cloud. This serves to prevent uncontrolled usage of resources such as snapshots, IP addresses, and virtual machine instances. Domain administrators can override these resource limits for individual projects with their domains, as long as the new limits are below the global defaults set by the &PRODUCT; root administrator. The root administrator can also set lower resource limits for any project in the cloud
+  Setting Resource Limits for Projects
+  The &PRODUCT; administrator can set global default limits to control the amount of resources
+    that can be owned by each project in the cloud. This serves to prevent uncontrolled usage of
+    resources such as snapshots, IP addresses, and virtual machine instances. Domain administrators
+    can override these resource limits for individual projects with their domains, as long as the
+    new limits are below the global defaults set by the &PRODUCT; root administrator. The root
+    administrator can also set lower resource limits for any project in the cloud
+  
+  
 

diff --git a/docs/en-US/small_scale_deployment.xml b/docs/en-US/small_scale_deployment.xml
new file mode 100644
index 00000000000..bba2b9a7573
--- /dev/null
+++ b/docs/en-US/small_scale_deployment.xml
@@ -0,0 +1,37 @@
+
+%BOOK_ENTITIES;
+]>
+
+
+
+

+    Small-Scale Deployment
+    
+        
+            
+        
+        Small-Scale Deployment
+    
+    This diagram illustrates the network architecture of a small-scale &PRODUCT; deployment.
+    
+        A firewall provides a connection to the Internet. The firewall is configured in NAT mode. The firewall forwards HTTP requests and API calls from the Internet to the Management Server. The Management Server resides on the management network.
+        A layer-2 switch connects all physical servers and storage.
+        A single NFS server functions as both the primary and secondary storage.
+        The Management Server is connected to the management network.
+    
+

diff --git a/docs/en-US/storage-overview.xml b/docs/en-US/storage-overview.xml
new file mode 100644
index 00000000000..bebf441ab60
--- /dev/null
+++ b/docs/en-US/storage-overview.xml
@@ -0,0 +1,27 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+

+  Storage Overview
+  &PRODUCT; defines two types of storage: primary and secondary. Primary storage can be
+    accessed by either iSCSI or NFS. Additionally, direct attached storage may be used for primary
+    storage. Secondary storage is always accessed using NFS.
+  There is no ephemeral storage in &PRODUCT;. All volumes on all nodes are persistent.
+

diff --git a/docs/en-US/suspend-project.xml b/docs/en-US/suspend-project.xml
index 93d50664f13..b4f821b2c26 100644
--- a/docs/en-US/suspend-project.xml
+++ b/docs/en-US/suspend-project.xml
@@ -5,22 +5,23 @@
 ]>
 
 
+
 

     Suspending or Deleting a Project
     When a project is suspended, it retains the resources it owns, but they can no longer be used. No new resources or members can be added to a suspended project.
@@ -36,17 +37,16 @@
                 
             
             
-                        deletebutton.png: Removes a project
-                    
+                deletebutton.png: Removes a project
+            
                                
             To suspend, use
                 
                     
                 
                 
-                        deletebutton.png: suspends a project
-                    
+                    deletebutton.png: suspends a project
+                
             
    
-   

-      
+

diff --git a/docs/en-US/system-service-offerings.xml b/docs/en-US/system-service-offerings.xml
index 1e4f8f966a6..c41aa2e293b 100644
--- a/docs/en-US/system-service-offerings.xml
+++ b/docs/en-US/system-service-offerings.xml
@@ -5,27 +5,25 @@
 ]>
 
 
 
 

     System Service Offerings
     System service offerings provide a choice of CPU speed, number of CPUs, tags, and RAM size, just as other service offerings do. But rather than being used for virtual machine instances and exposed to users, system service offerings are used to change the default properties of virtual routers, console proxies, and other system VMs. System service offerings are visible only to the &PRODUCT; root administrator. &PRODUCT; provides default system service offerings. The &PRODUCT; root administrator can create additional custom system service offerings.
     When &PRODUCT; creates a virtual router for a guest network, it uses default settings which are defined in the system service offering associated with the network offering. You can upgrade the capabilities of the virtual router by applying a new network offering that contains a different system service offering. All virtual routers in that network will begin using the settings from the new service offering.
-    
-    
 

diff --git a/docs/en-US/using-sshkeys.xml b/docs/en-US/using-sshkeys.xml
index 43b5e883d13..1e98eb699ad 100644
--- a/docs/en-US/using-sshkeys.xml
+++ b/docs/en-US/using-sshkeys.xml
@@ -5,59 +5,58 @@
 ]>
 
 
+
 

-      Using SSH Keys for Authentication
-    In addition to the username and password authentication, &PRODUCT; supports using SSH
-        keys to log in to the cloud infrastructure for additional security for your cloud
-        infrastructure. You can use the createSSHKeyPair API to generate the SSH keys.
-    Because each cloud user has their own ssh key, one cloud user cannot log in to another
-        cloud user's instances unless they share their ssh key files.  Using a single SSH key pair,
-        you can manage multiple instances. 
-  

-      Creating an Instance from Template that Supports SSH Keys
-      Perform the following:
-              
-              Create a new instance by using the template provided by &PRODUCT;.
-                  For more information on creating a new instance, see .
-                Download the &PRODUCT; script from The SSH Key Gen Script to the instance you have created.
-                wget http://sourceforge.net/projects/cloudstack/files/SSH%20Key%20Gen%20Script/cloud-set-guest-sshkey.in/download 
+    Using SSH Keys for Authentication
+    In addition to the username and password authentication, &PRODUCT; supports using SSH keys to log in to the cloud infrastructure for additional security. You can use the createSSHKeyPair API to generate the SSH keys.
+    Because each cloud user has their own SSH key, one cloud user cannot log in to another cloud user's instances unless they share their SSH key files.  Using a single SSH key pair, you can manage multiple instances.
+        

+         Creating an Instance Template that Supports SSH Keys
+            Create a instance template that supports SSH Keys.
+            
+                Create a new instance by using the template provided by cloudstack.
+                    For more information on creating a new instance, see 
+                
+                Download the cloudstack script from  The SSH Key Gen Scriptto the instance you have created.
+                    wget http://downloads.sourceforge.net/project/cloudstack/SSH%20Key%20Gen%20Script/cloud-set-guest-sshkey.in?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fcloudstack%2Ffiles%2FSSH%2520Key%2520Gen%2520Script%2F&ts=1331225219&use_mirror=iweb
+                
                 Copy the file to /etc/init.d.
-                cp cloud-set-guest-sshkey.in /etc/init.d/
+                    cp cloud-set-guest-sshkey.in /etc/init.d/
+                
                 Give the necessary permissions on the script:
-                chmod +x /etc/init.d/cloud-set-guest-sshkey.in  
+                    chmod +x /etc/init.d/cloud-set-guest-sshkey.in
+                  
                 Run the script while starting up the operating system:
-                chkconfig --add cloud-set-guest-sshkey.in                    
-                Stop the instance.
-              
-  

-           

-               Creating the SSH Keypair
-            You must make a call to the createSSHKeyPair api method. You can either use the &PRODUCT; python api library or the curl commands to make the call to the &PRODUCT; api.
-            For example, make a call from the &PRODUCT; server to create a SSH keypair called "keypair-doc" for the admin account in the root domain:
-            Ensure that you adjust these values to meet your needs. If you are making the API call from a
-            different server, your URL or port number will be different, and you will need to use
-            the API keys.
+                    chkconfig --add cloud-set-guest-sshkey.in
+                                    
+                Stop the instance.
+                
+            
+        

+        

+        Creating the SSH Keypair
+            You must make a call to the createSSHKeyPair api method. You can either use the &PRODUCT; Python API library or the curl commands to make the call to the cloudstack api.
+            For example, make a call from the cloudstack server to create a SSH keypair called "keypair-doc" for the admin account in the root domain:
+            Ensure that you adjust these values to meet your needs. If you are making the API call from a different server, your URL/PORT will be different, and you will need to use the API keys.
             
                 Run the following curl command:
-                curl --globoff "http://localhost:8096/?command=createSSHKeyPair&name=keypair-doc&account=admin&domainid=1"
+                curl --globoff "http://localhost:8096/?command=createSSHKeyPair&name=keypair-doc&account=admin&domainid=5163440e-c44b-42b5-9109-ad75cae8e8a2"
                 The output is something similar to what is given below:
                 <?xml version="1.0" encoding="ISO-8859-1"?><createsshkeypairresponse cloud-stack-version="3.0.0.20120228045507"><keypair><name>keypair-doc</name><fingerprint>f6:77:39:d5:5e:77:02:22:6a:d8:7f:ce:ab:cd:b3:56</fingerprint><privatekey>-----BEGIN RSA PRIVATE KEY-----
 MIICXQIBAAKBgQCSydmnQ67jP6lNoXdX3noZjQdrMAWNQZ7y5SrEu4wDxplvhYci
@@ -87,21 +86,20 @@ KfEEuzcCUIxtJYTahJ1pvlFkQ8anpuxjSEDp8x/18bq3
 -----END RSA PRIVATE KEY-----
                 Save the file.
             
-           

-    

-       Creating an Instance
-            Ensure that you use the same SSH key name that you created.
+        

+        

+        Creating an Instance
+        After you save the SSH keypair file, you must create an instance by using the template that you created at . Ensure that you use the same SSH key name that you created at .
         You cannot create the instance by using the GUI at this time and associate the instance with the newly created SSH keypair.
         A sample curl command to create a new instance is:
-        curl --globoff http://localhost:<port number>/?command=deployVirtualMachine&zoneId=1&serviceOfferingId=18727021-7556-4110-9322-d625b52e0813&templateId=e899c18a-ce13-4bbf-98a9-625c5026e0b5&securitygroupids=ff03f02f-9e3b-48f8-834d-91b822da40c5&account=admin\&domainid=1&keypair=keypair-doc
+        curl --globoff http://localhost:<port numbet>/?command=deployVirtualMachine\&zoneId=1\&serviceOfferingId=18727021-7556-4110-9322-d625b52e0813\&templateId=e899c18a-ce13-4bbf-98a9-625c5026e0b5\&securitygroupids=ff03f02f-9e3b-48f8-834d-91b822da40c5\&account=admin\&domainid=1\&keypair=keypair-doc
         Substitute the template, service offering and security group IDs (if you are using the security group feature) that are in your cloud environment.
-    

-

-    Logging In Using the SSH Keypair
+        

+        

+            Logging In Using the SSH Keypair
             To test your SSH key generation is successful, check whether you can log in to the cloud setup.
-         For example, from a Linux OS, run:
+            For exaple, from a Linux OS, run:
             ssh -i ~/.ssh/keypair-doc <ip address>
-        The -i parameter directs the ssh client to use a ssh key found at ~/.ssh/keypair-doc.
-    

-
  
-      
+        The -i parameter tells the ssh client to use a ssh key found at ~/.ssh/keypair-doc.
+        

+
diff --git a/docs/en-US/virtual-machines.xml b/docs/en-US/virtual-machines.xml
new file mode 100644
index 00000000000..7c74932b649
--- /dev/null
+++ b/docs/en-US/virtual-machines.xml
@@ -0,0 +1,34 @@
+
+
+%BOOK_ENTITIES;
+]>
+
+
+  Working With Virtual Machines
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+  
+
diff --git a/docs/publican-install.cfg b/docs/publican-adminguide.cfg
similarity index 90%
rename from docs/publican-install.cfg
rename to docs/publican-adminguide.cfg
index 708200d460f..7a8a203a0f6 100644
--- a/docs/publican-install.cfg
+++ b/docs/publican-adminguide.cfg
@@ -1,4 +1,4 @@
-# Publican configuration file for CloudStack Installation Guide
+# Publican configuration file for CloudStack Developer's Guide
 # Config::Simple 4.58
 # Tue May 29 00:57:27 2012
 #
@@ -20,10 +20,11 @@
 
 xml_lang: en-US
 type: Book
-docname: cloudstack_installation
+docname: Admin_Guide
 brand: cloudstack
 chunk_first: 1
 chunk_section_depth: 1
+condition: admin
 
 
 
diff --git a/docs/publican-all.cfg b/docs/publican-all.cfg
index 89e1d304320..897f92b4caa 100644
--- a/docs/publican-all.cfg
+++ b/docs/publican-all.cfg
@@ -24,4 +24,5 @@ type: Book
 docname: cloudstack
 brand: cloudstack
 chunk_first: 1
-chunk_section_depth: 2
+chunk_section_depth: 1
+condition: install
diff --git a/docs/publican-cloudstack/en-US/images/dot.png b/docs/publican-cloudstack/en-US/images/dot.png
index 79908d10d4f..079add95ded 100644
Binary files a/docs/publican-cloudstack/en-US/images/dot.png and b/docs/publican-cloudstack/en-US/images/dot.png differ
diff --git a/docs/publican-devguide.cfg b/docs/publican-devguide.cfg
index 3b364d944b0..006c0d16d00 100644
--- a/docs/publican-devguide.cfg
+++ b/docs/publican-devguide.cfg
@@ -20,7 +20,7 @@
 
 xml_lang: en-US
 type: Book
-docname: cloudstack_developers
+docname: API_Developers_Guide
 brand: cloudstack
 chunk_first: 1
 chunk_section_depth: 1
diff --git a/docs/publican-installation.cfg b/docs/publican-installation.cfg
index 708200d460f..e94044d4b60 100644
--- a/docs/publican-installation.cfg
+++ b/docs/publican-installation.cfg
@@ -20,10 +20,11 @@
 
 xml_lang: en-US
 type: Book
-docname: cloudstack_installation
+docname: Installation_Guide
 brand: cloudstack
 chunk_first: 1
 chunk_section_depth: 1
+condition: install
 
 
 
diff --git a/docs/publican-trial-install.cfg b/docs/publican-plugin-niciranvp.cfg
similarity index 78%
rename from docs/publican-trial-install.cfg
rename to docs/publican-plugin-niciranvp.cfg
index 3e657b8fb8a..2e3696dc49e 100644
--- a/docs/publican-trial-install.cfg
+++ b/docs/publican-plugin-niciranvp.cfg
@@ -1,10 +1,11 @@
-# Publican configuration file for CloudStack Trial Installation Guide
+# Publican configuration file for CloudStack Complete Documentation Set
+# Contains all technical docs except release notes
 # Config::Simple 4.58
 # Tue May 29 00:57:27 2012
 #
 # Licensed to the Apache Software Foundation (ASF) under one
 # or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information#	
+# distributed with this work for additional information#    
 # regarding copyright ownership.  The ASF licenses this file
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
@@ -20,10 +21,8 @@
 
 xml_lang: en-US
 type: Book
-docname: cloudstack_trial_installation
+docname: CloudStack_Nicira_NVP_Guide
 brand: cloudstack
 chunk_first: 1
 chunk_section_depth: 1
-
-
-
+condition: install
diff --git a/docs/publican-release-notes-4_0.cfg b/docs/publican-release-notes.cfg
similarity index 97%
rename from docs/publican-release-notes-4_0.cfg
rename to docs/publican-release-notes.cfg
index 07c9002516e..cabf1ea3c88 100644
--- a/docs/publican-release-notes-4_0.cfg
+++ b/docs/publican-release-notes.cfg
@@ -20,7 +20,7 @@
 
 xml_lang: en-US
 type: Book
-docname: release-notes-4.0
+docname: release-notes
 brand: cloudstack
 chunk_first: 0
 chunk_section_depth: 0
diff --git a/patches/pom.xml b/patches/pom.xml
index d62fc860185..d8267619153 100644
--- a/patches/pom.xml
+++ b/patches/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-patches
   Apache CloudStack SystemVM Patches
   
     org.apache.cloudstack
     cloudstack
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
   
   
     
diff --git a/patches/systemvm/debian/config/bin/vhd-util b/patches/systemvm/debian/config/bin/vhd-util
deleted file mode 100755
index 12a13927821..00000000000
Binary files a/patches/systemvm/debian/config/bin/vhd-util and /dev/null differ
diff --git a/patches/systemvm/debian/config/etc/httpd/conf/httpd.conf b/patches/systemvm/debian/config/etc/httpd/conf/httpd.conf
deleted file mode 100644
index e11384ef772..00000000000
--- a/patches/systemvm/debian/config/etc/httpd/conf/httpd.conf
+++ /dev/null
@@ -1,990 +0,0 @@
-#
-# This is the main Apache server configuration file.  It contains the
-# configuration directives that give the server its instructions.
-# See  for detailed information.
-# In particular, see
-# 
-# for a discussion of each configuration directive.
-#
-#
-# Do NOT simply read the instructions in here without understanding
-# what they do.  They're here only as hints or reminders.  If you are unsure
-# consult the online docs. You have been warned.  
-#
-# The configuration directives are grouped into three basic sections:
-#  1. Directives that control the operation of the Apache server process as a
-#     whole (the 'global environment').
-#  2. Directives that define the parameters of the 'main' or 'default' server,
-#     which responds to requests that aren't handled by a virtual host.
-#     These directives also provide default values for the settings
-#     of all virtual hosts.
-#  3. Settings for virtual hosts, which allow Web requests to be sent to
-#     different IP addresses or hostnames and have them handled by the
-#     same Apache server process.
-#
-# Configuration and logfile names: If the filenames you specify for many
-# of the server's control files begin with "/" (or "drive:/" for Win32), the
-# server will use that explicit path.  If the filenames do *not* begin
-# with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
-# with ServerRoot set to "/etc/httpd" will be interpreted by the
-# server as "/etc/httpd/logs/foo.log".
-#
-
-### Section 1: Global Environment
-#
-# The directives in this section affect the overall operation of Apache,
-# such as the number of concurrent requests it can handle or where it
-# can find its configuration files.
-#
-
-#
-# Don't give away too much information about all the subcomponents
-# we are running.  Comment out this line if you don't mind remote sites
-# finding out what major optional modules you are running
-ServerTokens OS
-
-#
-# ServerRoot: The top of the directory tree under which the server's
-# configuration, error, and log files are kept.
-#
-# NOTE!  If you intend to place this on an NFS (or otherwise network)
-# mounted filesystem then please read the LockFile documentation
-# (available at );
-# you will save yourself a lot of trouble.
-#
-# Do NOT add a slash at the end of the directory path.
-#
-ServerRoot "/etc/httpd"
-
-#
-# PidFile: The file in which the server should record its process
-# identification number when it starts.
-#
-PidFile run/httpd.pid
-
-#
-# Timeout: The number of seconds before receives and sends time out.
-#
-Timeout 120
-
-#
-# KeepAlive: Whether or not to allow persistent connections (more than
-# one request per connection). Set to "Off" to deactivate.
-#
-KeepAlive Off
-
-#
-# MaxKeepAliveRequests: The maximum number of requests to allow
-# during a persistent connection. Set to 0 to allow an unlimited amount.
-# We recommend you leave this number high, for maximum performance.
-#
-MaxKeepAliveRequests 100
-
-#
-# KeepAliveTimeout: Number of seconds to wait for the next request from the
-# same client on the same connection.
-#
-KeepAliveTimeout 15
-
-##
-## Server-Pool Size Regulation (MPM specific)
-## 
-
-# prefork MPM
-# StartServers: number of server processes to start
-# MinSpareServers: minimum number of server processes which are kept spare
-# MaxSpareServers: maximum number of server processes which are kept spare
-# ServerLimit: maximum value for MaxClients for the lifetime of the server
-# MaxClients: maximum number of server processes allowed to start
-# MaxRequestsPerChild: maximum number of requests a server process serves
-
-StartServers       8
-MinSpareServers    5
-MaxSpareServers   20
-ServerLimit      256
-MaxClients       256
-MaxRequestsPerChild  4000
-
-
-# worker MPM
-# StartServers: initial number of server processes to start
-# MaxClients: maximum number of simultaneous client connections
-# MinSpareThreads: minimum number of worker threads which are kept spare
-# MaxSpareThreads: maximum number of worker threads which are kept spare
-# ThreadsPerChild: constant number of worker threads in each server process
-# MaxRequestsPerChild: maximum number of requests a server process serves
-
-StartServers         2
-MaxClients         150
-MinSpareThreads     25
-MaxSpareThreads     75 
-ThreadsPerChild     25
-MaxRequestsPerChild  0
-
-
-#
-# Listen: Allows you to bind Apache to specific IP addresses and/or
-# ports, in addition to the default. See also the 
-# directive.
-#
-# Change this to Listen on specific IP addresses as shown below to 
-# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
-#
-#Listen 12.34.56.78:80
-Listen 10.1.1.1:80
-
-#
-# Dynamic Shared Object (DSO) Support
-#
-# To be able to use the functionality of a module which was built as a DSO you
-# have to place corresponding `LoadModule' lines at this location so the
-# directives contained in it are actually available _before_ they are used.
-# Statically compiled modules (those listed by `httpd -l') do not need
-# to be loaded here.
-#
-# Example:
-# LoadModule foo_module modules/mod_foo.so
-#
-LoadModule auth_basic_module modules/mod_auth_basic.so
-LoadModule auth_digest_module modules/mod_auth_digest.so
-LoadModule authn_file_module modules/mod_authn_file.so
-LoadModule authn_alias_module modules/mod_authn_alias.so
-LoadModule authn_anon_module modules/mod_authn_anon.so
-LoadModule authn_dbm_module modules/mod_authn_dbm.so
-LoadModule authn_default_module modules/mod_authn_default.so
-LoadModule authz_host_module modules/mod_authz_host.so
-LoadModule authz_user_module modules/mod_authz_user.so
-LoadModule authz_owner_module modules/mod_authz_owner.so
-LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
-LoadModule authz_dbm_module modules/mod_authz_dbm.so
-LoadModule authz_default_module modules/mod_authz_default.so
-LoadModule ldap_module modules/mod_ldap.so
-LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
-LoadModule include_module modules/mod_include.so
-LoadModule log_config_module modules/mod_log_config.so
-LoadModule logio_module modules/mod_logio.so
-LoadModule env_module modules/mod_env.so
-LoadModule ext_filter_module modules/mod_ext_filter.so
-LoadModule mime_magic_module modules/mod_mime_magic.so
-LoadModule expires_module modules/mod_expires.so
-LoadModule deflate_module modules/mod_deflate.so
-LoadModule headers_module modules/mod_headers.so
-LoadModule usertrack_module modules/mod_usertrack.so
-LoadModule setenvif_module modules/mod_setenvif.so
-LoadModule mime_module modules/mod_mime.so
-LoadModule dav_module modules/mod_dav.so
-LoadModule status_module modules/mod_status.so
-LoadModule autoindex_module modules/mod_autoindex.so
-LoadModule info_module modules/mod_info.so
-LoadModule dav_fs_module modules/mod_dav_fs.so
-LoadModule vhost_alias_module modules/mod_vhost_alias.so
-LoadModule negotiation_module modules/mod_negotiation.so
-LoadModule dir_module modules/mod_dir.so
-LoadModule actions_module modules/mod_actions.so
-LoadModule speling_module modules/mod_speling.so
-LoadModule userdir_module modules/mod_userdir.so
-LoadModule alias_module modules/mod_alias.so
-LoadModule rewrite_module modules/mod_rewrite.so
-LoadModule proxy_module modules/mod_proxy.so
-LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
-LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
-LoadModule proxy_http_module modules/mod_proxy_http.so
-LoadModule proxy_connect_module modules/mod_proxy_connect.so
-LoadModule cache_module modules/mod_cache.so
-LoadModule suexec_module modules/mod_suexec.so
-LoadModule disk_cache_module modules/mod_disk_cache.so
-LoadModule file_cache_module modules/mod_file_cache.so
-LoadModule mem_cache_module modules/mod_mem_cache.so
-LoadModule cgi_module modules/mod_cgi.so
-
-#
-# The following modules are not loaded by default:
-#
-#LoadModule cern_meta_module modules/mod_cern_meta.so
-#LoadModule asis_module modules/mod_asis.so
-
-#
-# Load config files from the config directory "/etc/httpd/conf.d".
-#
-Include conf.d/*.conf
-
-#
-# ExtendedStatus controls whether Apache will generate "full" status
-# information (ExtendedStatus On) or just basic information (ExtendedStatus
-# Off) when the "server-status" handler is called. The default is Off.
-#
-#ExtendedStatus On
-
-#
-# If you wish httpd to run as a different user or group, you must run
-# httpd as root initially and it will switch.  
-#
-# User/Group: The name (or #number) of the user/group to run httpd as.
-#  . On SCO (ODT 3) use "User nouser" and "Group nogroup".
-#  . On HPUX you may not be able to use shared memory as nobody, and the
-#    suggested workaround is to create a user www and use that user.
-#  NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
-#  when the value of (unsigned)Group is above 60000; 
-#  don't use Group #-1 on these systems!
-#
-User apache
-Group apache
-
-### Section 2: 'Main' server configuration
-#
-# The directives in this section set up the values used by the 'main'
-# server, which responds to any requests that aren't handled by a
-#  definition.  These values also provide defaults for
-# any  containers you may define later in the file.
-#
-# All of these directives may appear inside  containers,
-# in which case these default settings will be overridden for the
-# virtual host being defined.
-#
-
-#
-# ServerAdmin: Your address, where problems with the server should be
-# e-mailed.  This address appears on some server-generated pages, such
-# as error documents.  e.g. admin@your-domain.com
-#
-ServerAdmin root@localhost
-
-#
-# ServerName gives the name and port that the server uses to identify itself.
-# This can often be determined automatically, but we recommend you specify
-# it explicitly to prevent problems during startup.
-#
-# If this is not set to valid DNS name for your host, server-generated
-# redirections will not work.  See also the UseCanonicalName directive.
-#
-# If your host doesn't have a registered DNS name, enter its IP address here.
-# You will have to access it by its address anyway, and this will make 
-# redirections work in a sensible way.
-#
-#ServerName www.example.com:80
-
-#
-# UseCanonicalName: Determines how Apache constructs self-referencing 
-# URLs and the SERVER_NAME and SERVER_PORT variables.
-# When set "Off", Apache will use the Hostname and Port supplied
-# by the client.  When set "On", Apache will use the value of the
-# ServerName directive.
-#
-UseCanonicalName Off
-
-#
-# DocumentRoot: The directory out of which you will serve your
-# documents. By default, all requests are taken from this directory, but
-# symbolic links and aliases may be used to point to other locations.
-#
-DocumentRoot "/var/www/html"
-
-#
-# Each directory to which Apache has access can be configured with respect
-# to which services and features are allowed and/or disabled in that
-# directory (and its subdirectories). 
-#
-# First, we configure the "default" to be a very restrictive set of 
-# features.  
-#
-
-    Options FollowSymLinks
-    AllowOverride None
-
-
-#
-# Note that from this point forward you must specifically allow
-# particular features to be enabled - so if something's not working as
-# you might expect, make sure that you have specifically enabled it
-# below.
-#
-
-#
-# This should be changed to whatever you set DocumentRoot to.
-#
-
-
-#
-# Possible values for the Options directive are "None", "All",
-# or any combination of:
-#   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
-#
-# Note that "MultiViews" must be named *explicitly* --- "Options All"
-# doesn't give it to you.
-#
-# The Options directive is both complicated and important.  Please see
-# http://httpd.apache.org/docs/2.2/mod/core.html#options
-# for more information.
-#
-    Options Indexes FollowSymLinks
-
-#
-# AllowOverride controls what directives may be placed in .htaccess files.
-# It can be "All", "None", or any combination of the keywords:
-#   Options FileInfo AuthConfig Limit
-#
-    AllowOverride All
-
-#
-# Controls who can get stuff from this server.
-#
-    Order allow,deny
-    Allow from all
-
-
-
-#
-# UserDir: The name of the directory that is appended onto a user's home
-# directory if a ~user request is received.
-#
-# The path to the end user account 'public_html' directory must be
-# accessible to the webserver userid.  This usually means that ~userid
-# must have permissions of 711, ~userid/public_html must have permissions
-# of 755, and documents contained therein must be world-readable.
-# Otherwise, the client will only receive a "403 Forbidden" message.
-#
-# See also: http://httpd.apache.org/docs/misc/FAQ.html#forbidden
-#
-
-    #
-    # UserDir is disabled by default since it can confirm the presence
-    # of a username on the system (depending on home directory
-    # permissions).
-    #
-    UserDir disable
-
-    #
-    # To enable requests to /~user/ to serve the user's public_html
-    # directory, remove the "UserDir disable" line above, and uncomment
-    # the following line instead:
-    # 
-    #UserDir public_html
-
-
-
-#
-# Control access to UserDir directories.  The following is an example
-# for a site where these directories are restricted to read-only.
-#
-#
-#    AllowOverride FileInfo AuthConfig Limit
-#    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
-#    
-#        Order allow,deny
-#        Allow from all
-#    
-#    
-#        Order deny,allow
-#        Deny from all
-#    
-#
-
-#
-# DirectoryIndex: sets the file that Apache will serve if a directory
-# is requested.
-#
-# The index.html.var file (a type-map) is used to deliver content-
-# negotiated documents.  The MultiViews Option can be used for the 
-# same purpose, but it is much slower.
-#
-DirectoryIndex index.html index.html.var
-
-#
-# AccessFileName: The name of the file to look for in each directory
-# for additional configuration directives.  See also the AllowOverride
-# directive.
-#
-AccessFileName .htaccess
-
-#
-# The following lines prevent .htaccess and .htpasswd files from being 
-# viewed by Web clients. 
-#
-
-    Order allow,deny
-    Deny from all
-
-
-#
-# TypesConfig describes where the mime.types file (or equivalent) is
-# to be found.
-#
-TypesConfig /etc/mime.types
-
-#
-# DefaultType is the default MIME type the server will use for a document
-# if it cannot otherwise determine one, such as from filename extensions.
-# If your server contains mostly text or HTML documents, "text/plain" is
-# a good value.  If most of your content is binary, such as applications
-# or images, you may want to use "application/octet-stream" instead to
-# keep browsers from trying to display binary files as though they are
-# text.
-#
-DefaultType text/plain
-
-#
-# The mod_mime_magic module allows the server to use various hints from the
-# contents of the file itself to determine its type.  The MIMEMagicFile
-# directive tells the module where the hint definitions are located.
-#
-
-#   MIMEMagicFile /usr/share/magic.mime
-    MIMEMagicFile conf/magic
-
-
-#
-# HostnameLookups: Log the names of clients or just their IP addresses
-# e.g., www.apache.org (on) or 204.62.129.132 (off).
-# The default is off because it'd be overall better for the net if people
-# had to knowingly turn this feature on, since enabling it means that
-# each client request will result in AT LEAST one lookup request to the
-# nameserver.
-#
-HostnameLookups Off
-
-#
-# EnableMMAP: Control whether memory-mapping is used to deliver
-# files (assuming that the underlying OS supports it).
-# The default is on; turn this off if you serve from NFS-mounted 
-# filesystems.  On some systems, turning it off (regardless of
-# filesystem) can improve performance; for details, please see
-# http://httpd.apache.org/docs/2.2/mod/core.html#enablemmap
-#
-#EnableMMAP off
-
-#
-# EnableSendfile: Control whether the sendfile kernel support is 
-# used to deliver files (assuming that the OS supports it). 
-# The default is on; turn this off if you serve from NFS-mounted 
-# filesystems.  Please see
-# http://httpd.apache.org/docs/2.2/mod/core.html#enablesendfile
-#
-#EnableSendfile off
-
-#
-# ErrorLog: The location of the error log file.
-# If you do not specify an ErrorLog directive within a 
-# container, error messages relating to that virtual host will be
-# logged here.  If you *do* define an error logfile for a 
-# container, that host's errors will be logged there and not here.
-#
-ErrorLog logs/error_log
-
-#
-# LogLevel: Control the number of messages logged to the error_log.
-# Possible values include: debug, info, notice, warn, error, crit,
-# alert, emerg.
-#
-LogLevel warn
-
-#
-# The following directives define some format nicknames for use with
-# a CustomLog directive (see below).
-#
-LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
-LogFormat "%h %l %u %t \"%r\" %>s %b" common
-LogFormat "%{Referer}i -> %U" referer
-LogFormat "%{User-agent}i" agent
-
-# "combinedio" includes actual counts of actual bytes received (%I) and sent (%O); this
-# requires the mod_logio module to be loaded.
-#LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
-
-#
-# The location and format of the access logfile (Common Logfile Format).
-# If you do not define any access logfiles within a 
-# container, they will be logged here.  Contrariwise, if you *do*
-# define per- access logfiles, transactions will be
-# logged therein and *not* in this file.
-#
-#CustomLog logs/access_log common
-
-#
-# If you would like to have separate agent and referer logfiles, uncomment
-# the following directives.
-#
-#CustomLog logs/referer_log referer
-#CustomLog logs/agent_log agent
-
-#
-# For a single logfile with access, agent, and referer information
-# (Combined Logfile Format), use the following directive:
-#
-CustomLog logs/access_log combined
-
-#
-# Optionally add a line containing the server version and virtual host
-# name to server-generated pages (internal error documents, FTP directory
-# listings, mod_status and mod_info output etc., but not CGI generated
-# documents or custom error documents).
-# Set to "EMail" to also include a mailto: link to the ServerAdmin.
-# Set to one of:  On | Off | EMail
-#
-ServerSignature On
-
-#
-# Aliases: Add here as many aliases as you need (with no limit). The format is 
-# Alias fakename realname
-#
-# Note that if you include a trailing / on fakename then the server will
-# require it to be present in the URL.  So "/icons" isn't aliased in this
-# example, only "/icons/".  If the fakename is slash-terminated, then the 
-# realname must also be slash terminated, and if the fakename omits the 
-# trailing slash, the realname must also omit it.
-#
-# We include the /icons/ alias for FancyIndexed directory listings.  If you
-# do not use FancyIndexing, you may comment this out.
-#
-Alias /icons/ "/var/www/icons/"
-
-
-    Options Indexes MultiViews FollowSymLinks
-    AllowOverride None
-    Order allow,deny
-    Allow from all
-
-
-#
-# WebDAV module configuration section.
-# 
-
-    # Location of the WebDAV lock database.
-    DAVLockDB /var/lib/dav/lockdb
-
-
-#
-# ScriptAlias: This controls which directories contain server scripts.
-# ScriptAliases are essentially the same as Aliases, except that
-# documents in the realname directory are treated as applications and
-# run by the server when requested rather than as documents sent to the client.
-# The same rules about trailing "/" apply to ScriptAlias directives as to
-# Alias.
-#
-ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
-
-#
-# "/var/www/cgi-bin" should be changed to whatever your ScriptAliased
-# CGI directory exists, if you have that configured.
-#
-
-    AllowOverride None
-    Options None
-    Order allow,deny
-    Allow from all
-
-
-#
-# Redirect allows you to tell clients about documents which used to exist in
-# your server's namespace, but do not anymore. This allows you to tell the
-# clients where to look for the relocated document.
-# Example:
-# Redirect permanent /foo http://www.example.com/bar
-
-#
-# Directives controlling the display of server-generated directory listings.
-#
-
-#
-# IndexOptions: Controls the appearance of server-generated directory
-# listings.
-#
-IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable
-
-#
-# AddIcon* directives tell the server which icon to show for different
-# files or filename extensions.  These are only displayed for
-# FancyIndexed directories.
-#
-AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
-
-AddIconByType (TXT,/icons/text.gif) text/*
-AddIconByType (IMG,/icons/image2.gif) image/*
-AddIconByType (SND,/icons/sound2.gif) audio/*
-AddIconByType (VID,/icons/movie.gif) video/*
-
-AddIcon /icons/binary.gif .bin .exe
-AddIcon /icons/binhex.gif .hqx
-AddIcon /icons/tar.gif .tar
-AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
-AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
-AddIcon /icons/a.gif .ps .ai .eps
-AddIcon /icons/layout.gif .html .shtml .htm .pdf
-AddIcon /icons/text.gif .txt
-AddIcon /icons/c.gif .c
-AddIcon /icons/p.gif .pl .py
-AddIcon /icons/f.gif .for
-AddIcon /icons/dvi.gif .dvi
-AddIcon /icons/uuencoded.gif .uu
-AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
-AddIcon /icons/tex.gif .tex
-AddIcon /icons/bomb.gif core
-
-AddIcon /icons/back.gif ..
-AddIcon /icons/hand.right.gif README
-AddIcon /icons/folder.gif ^^DIRECTORY^^
-AddIcon /icons/blank.gif ^^BLANKICON^^
-
-#
-# DefaultIcon is which icon to show for files which do not have an icon
-# explicitly set.
-#
-DefaultIcon /icons/unknown.gif
-
-#
-# AddDescription allows you to place a short description after a file in
-# server-generated indexes.  These are only displayed for FancyIndexed
-# directories.
-# Format: AddDescription "description" filename
-#
-#AddDescription "GZIP compressed document" .gz
-#AddDescription "tar archive" .tar
-#AddDescription "GZIP compressed tar archive" .tgz
-
-#
-# ReadmeName is the name of the README file the server will look for by
-# default, and append to directory listings.
-#
-# HeaderName is the name of a file which should be prepended to
-# directory indexes. 
-ReadmeName README.html
-HeaderName HEADER.html
-
-#
-# IndexIgnore is a set of filenames which directory indexing should ignore
-# and not include in the listing.  Shell-style wildcarding is permitted.
-#
-IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
-
-#
-# DefaultLanguage and AddLanguage allows you to specify the language of 
-# a document. You can then use content negotiation to give a browser a 
-# file in a language the user can understand.
-#
-# Specify a default language. This means that all data
-# going out without a specific language tag (see below) will 
-# be marked with this one. You probably do NOT want to set
-# this unless you are sure it is correct for all cases.
-#
-# * It is generally better to not mark a page as 
-# * being a certain language than marking it with the wrong
-# * language!
-#
-# DefaultLanguage nl
-#
-# Note 1: The suffix does not have to be the same as the language
-# keyword --- those with documents in Polish (whose net-standard
-# language code is pl) may wish to use "AddLanguage pl .po" to
-# avoid the ambiguity with the common suffix for perl scripts.
-#
-# Note 2: The example entries below illustrate that in some cases 
-# the two character 'Language' abbreviation is not identical to 
-# the two character 'Country' code for its country,
-# E.g. 'Danmark/dk' versus 'Danish/da'.
-#
-# Note 3: In the case of 'ltz' we violate the RFC by using a three char
-# specifier. There is 'work in progress' to fix this and get
-# the reference data for rfc1766 cleaned up.
-#
-# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
-# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
-# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
-# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
-# Norwegian (no) - Polish (pl) - Portugese (pt)
-# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
-# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW)
-#
-AddLanguage ca .ca
-AddLanguage cs .cz .cs
-AddLanguage da .dk
-AddLanguage de .de
-AddLanguage el .el
-AddLanguage en .en
-AddLanguage eo .eo
-AddLanguage es .es
-AddLanguage et .et
-AddLanguage fr .fr
-AddLanguage he .he
-AddLanguage hr .hr
-AddLanguage it .it
-AddLanguage ja .ja
-AddLanguage ko .ko
-AddLanguage ltz .ltz
-AddLanguage nl .nl
-AddLanguage nn .nn
-AddLanguage no .no
-AddLanguage pl .po
-AddLanguage pt .pt
-AddLanguage pt-BR .pt-br
-AddLanguage ru .ru
-AddLanguage sv .sv
-AddLanguage zh-CN .zh-cn
-AddLanguage zh-TW .zh-tw
-
-#
-# LanguagePriority allows you to give precedence to some languages
-# in case of a tie during content negotiation.
-#
-# Just list the languages in decreasing order of preference. We have
-# more or less alphabetized them here. You probably want to change this.
-#
-LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW
-
-#
-# ForceLanguagePriority allows you to serve a result page rather than
-# MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
-# [in case no accepted languages matched the available variants]
-#
-ForceLanguagePriority Prefer Fallback
-
-#
-# Specify a default charset for all content served; this enables
-# interpretation of all content as UTF-8 by default.  To use the 
-# default browser choice (ISO-8859-1), or to allow the META tags
-# in HTML content to override this choice, comment out this
-# directive:
-#
-AddDefaultCharset UTF-8
-
-#
-# AddType allows you to add to or override the MIME configuration
-# file mime.types for specific file types.
-#
-#AddType application/x-tar .tgz
-
-#
-# AddEncoding allows you to have certain browsers uncompress
-# information on the fly. Note: Not all browsers support this.
-# Despite the name similarity, the following Add* directives have nothing
-# to do with the FancyIndexing customization directives above.
-#
-#AddEncoding x-compress .Z
-#AddEncoding x-gzip .gz .tgz
-
-# If the AddEncoding directives above are commented-out, then you
-# probably should define those extensions to indicate media types:
-#
-AddType application/x-compress .Z
-AddType application/x-gzip .gz .tgz
-
-#
-# AddHandler allows you to map certain file extensions to "handlers":
-# actions unrelated to filetype. These can be either built into the server
-# or added with the Action directive (see below)
-#
-# To use CGI scripts outside of ScriptAliased directories:
-# (You will also need to add "ExecCGI" to the "Options" directive.)
-#
-#AddHandler cgi-script .cgi
-
-#
-# For files that include their own HTTP headers:
-#
-#AddHandler send-as-is asis
-
-#
-# For type maps (negotiated resources):
-# (This is enabled by default to allow the Apache "It Worked" page
-#  to be distributed in multiple languages.)
-#
-AddHandler type-map var
-
-#
-# Filters allow you to process content before it is sent to the client.
-#
-# To parse .shtml files for server-side includes (SSI):
-# (You will also need to add "Includes" to the "Options" directive.)
-#
-AddType text/html .shtml
-AddOutputFilter INCLUDES .shtml
-
-#
-# Action lets you define media types that will execute a script whenever
-# a matching file is called. This eliminates the need for repeated URL
-# pathnames for oft-used CGI file processors.
-# Format: Action media/type /cgi-script/location
-# Format: Action handler-name /cgi-script/location
-#
-
-#
-# Customizable error responses come in three flavors:
-# 1) plain text 2) local redirects 3) external redirects
-#
-# Some examples:
-#ErrorDocument 500 "The server made a boo boo."
-#ErrorDocument 404 /missing.html
-#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
-#ErrorDocument 402 http://www.example.com/subscription_info.html
-#
-
-#
-# Putting this all together, we can internationalize error responses.
-#
-# We use Alias to redirect any /error/HTTP_.html.var response to
-# our collection of by-error message multi-language collections.  We use 
-# includes to substitute the appropriate text.
-#
-# You can modify the messages' appearance without changing any of the
-# default HTTP_.html.var files by adding the line:
-#
-#   Alias /error/include/ "/your/include/path/"
-#
-# which allows you to create your own set of files by starting with the
-# /var/www/error/include/ files and
-# copying them to /your/include/path/, even on a per-VirtualHost basis.
-#
-
-Alias /error/ "/var/www/error/"
-
-
-
-    
-        AllowOverride None
-        Options IncludesNoExec
-        AddOutputFilter Includes html
-        AddHandler type-map var
-        Order allow,deny
-        Allow from all
-        LanguagePriority en es de fr
-        ForceLanguagePriority Prefer Fallback
-    
-
-#    ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
-#    ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
-#    ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
-#    ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
-#    ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
-#    ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
-#    ErrorDocument 410 /error/HTTP_GONE.html.var
-#    ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
-#    ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
-#    ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
-#    ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
-#    ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
-#    ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
-#    ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
-#    ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
-#    ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
-#    ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
-
-
-
-
-#
-# The following directives modify normal HTTP response behavior to
-# handle known problems with browser implementations.
-#
-BrowserMatch "Mozilla/2" nokeepalive
-BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
-BrowserMatch "RealPlayer 4\.0" force-response-1.0
-BrowserMatch "Java/1\.0" force-response-1.0
-BrowserMatch "JDK/1\.0" force-response-1.0
-
-#
-# The following directive disables redirects on non-GET requests for
-# a directory that does not include the trailing slash.  This fixes a 
-# problem with Microsoft WebFolders which does not appropriately handle 
-# redirects for folders with DAV methods.
-# Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
-#
-BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
-BrowserMatch "MS FrontPage" redirect-carefully
-BrowserMatch "^WebDrive" redirect-carefully
-BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
-BrowserMatch "^gnome-vfs/1.0" redirect-carefully
-BrowserMatch "^XML Spy" redirect-carefully
-BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
-
-#
-# Allow server status reports generated by mod_status,
-# with the URL of http://servername/server-status
-# Change the ".example.com" to match your domain to enable.
-#
-#
-#    SetHandler server-status
-#    Order deny,allow
-#    Deny from all
-#    Allow from .example.com
-#
-
-#
-# Allow remote server configuration reports, with the URL of
-#  http://servername/server-info (requires that mod_info.c be loaded).
-# Change the ".example.com" to match your domain to enable.
-#
-#
-#    SetHandler server-info
-#    Order deny,allow
-#    Deny from all
-#    Allow from .example.com
-#
-
-#
-# Proxy Server directives. Uncomment the following lines to
-# enable the proxy server:
-#
-#
-#ProxyRequests On
-#
-#
-#    Order deny,allow
-#    Deny from all
-#    Allow from .example.com
-#
-
-#
-# Enable/disable the handling of HTTP/1.1 "Via:" headers.
-# ("Full" adds the server version; "Block" removes all outgoing Via: headers)
-# Set to one of: Off | On | Full | Block
-#
-#ProxyVia On
-
-#
-# To enable a cache of proxied content, uncomment the following lines.
-# See http://httpd.apache.org/docs/2.2/mod/mod_cache.html for more details.
-#
-#
-#   CacheEnable disk /
-#   CacheRoot "/var/cache/mod_proxy"
-#
-#
-
-#
-# End of proxy directives.
-
-### Section 3: Virtual Hosts
-#
-# VirtualHost: If you want to maintain multiple domains/hostnames on your
-# machine you can setup VirtualHost containers for them. Most configurations
-# use only name-based virtual hosts so the server doesn't need to worry about
-# IP addresses. This is indicated by the asterisks in the directives below.
-#
-# Please see the documentation at 
-# 
-# for further details before you try to setup virtual hosts.
-#
-# You may use the command line option '-S' to verify your virtual host
-# configuration.
-
-#
-# Use name-based virtual hosting.
-#
-#NameVirtualHost *:80
-#
-# NOTE: NameVirtualHost cannot be used without a port specifier 
-# (e.g. :80) if mod_ssl is being used, due to the nature of the
-# SSL protocol.
-#
-
-#
-# VirtualHost example:
-# Almost any Apache directive may go into a VirtualHost container.
-# The first VirtualHost section is used for requests without a known
-# server name.
-#
-#
-#    ServerAdmin webmaster@dummy-host.example.com
-#    DocumentRoot /www/docs/dummy-host.example.com
-#    ServerName dummy-host.example.com
-#    ErrorLog logs/dummy-host.example.com-error_log
-#    CustomLog logs/dummy-host.example.com-access_log common
-#
diff --git a/patches/systemvm/debian/config/etc/init.d/cloud-early-config b/patches/systemvm/debian/config/etc/init.d/cloud-early-config
index ca97d293c1c..7e5815682a8 100755
--- a/patches/systemvm/debian/config/etc/init.d/cloud-early-config
+++ b/patches/systemvm/debian/config/etc/init.d/cloud-early-config
@@ -115,6 +115,7 @@ get_boot_params() {
           cp -f $EXTRA_MOUNT/authorized_keys /var/cache/cloud/authorized_keys
           privkey=/var/cache/cloud/authorized_keys
           umount $EXTRA_MOUNT
+          cp -f $privkey /root/.ssh/ && chmod go-rwx /root/.ssh/authorized_keys
           ;;
      vmware)
           vmtoolsd --cmd 'machine.id.get' > /var/cache/cloud/cmdline 
@@ -407,7 +408,9 @@ setup_dnsmasq() {
 
 setup_sshd(){
   local ip=$1
+  local eth=$2
   [ -f /etc/ssh/sshd_config ] && sed -i -e "s/^[#]*ListenAddress.*$/ListenAddress $ip/" /etc/ssh/sshd_config
+  sed -i "/3922/s/eth./$eth/" /etc/iptables/rules
 }
 
 
@@ -455,7 +458,6 @@ setup_redundant_router() {
     mkdir -p /ramdisk
     mount tmpfs /ramdisk -t tmpfs
     mkdir -p /ramdisk/rrouter
-    rm /tmp/rrouter.lock
     ip route delete default
     cp /root/redundant_router/keepalived.conf.templ /etc/keepalived/keepalived.conf
     cp /root/redundant_router/conntrackd.conf.templ /etc/conntrackd/conntrackd.conf
@@ -574,7 +576,6 @@ setup_router() {
   sed -i  /gateway/d /etc/hosts
   echo "$ETH0_IP $NAME" >> /etc/hosts
 
-  setup_sshd $ETH1_IP
 
   enable_svc dnsmasq 1
   enable_svc haproxy 1
@@ -584,6 +585,7 @@ setup_router() {
   enable_fwding 1
   chkconfig nfs-common off
   cp /etc/iptables/iptables-router /etc/iptables/rules
+  setup_sshd $ETH1_IP "eth1"
 }
 
 
@@ -643,20 +645,15 @@ EOF
   sudo ip rule add from $VPCCIDR table static_route 2>/dev/null
   sudo ip rule add from $VPCCIDR table static_route_back 2>/dev/null
 
-  sed -i  /gateway/d /etc/hosts
-
-  echo "$ETH0_IP $NAME" >> /etc/hosts
-  setup_sshd $ETH0_IP
   setup_vpc_apache2
 
   enable_svc dnsmasq 1
   enable_svc haproxy 1
-  enable_svc cloud-passwd-srvr 1
   enable_svc cloud 0
   disable_rpfilter_domR
   enable_fwding 1
-  chkconfig nfs-common off
   cp /etc/iptables/iptables-vpcrouter /etc/iptables/rules
+  setup_sshd $ETH0_IP "eth0"
   cp /etc/vpcdnsmasq.conf /etc/dnsmasq.conf
   cp /etc/cloud-nic.rules /etc/udev/rules.d/cloud-nic.rules
   echo "" > /etc/dnsmasq.d/dhcphosts.txt
@@ -695,24 +692,18 @@ setup_dhcpsrvr() {
   sed -i  /gateway/d /etc/hosts
   echo "$ETH0_IP $NAME" >> /etc/hosts
 
-  if [ "$SSHONGUEST" == "true" ]
-  then
-    setup_sshd $ETH0_IP
-  else
-    setup_sshd $ETH1_IP
-  fi
-
   enable_svc dnsmasq 1
   enable_svc haproxy 0
   enable_svc cloud-passwd-srvr 1
   enable_svc cloud 0
   enable_fwding 0
   chkconfig nfs-common off
+  cp /etc/iptables/iptables-router /etc/iptables/rules
   if [ "$SSHONGUEST" == "true" ]
   then
-    sed '/3922/i -A INPUT -i eth0 -p tcp -m state --state NEW --dport 3922 -j ACCEPT' /etc/iptables/iptables-router > /etc/iptables/rules
+    setup_sshd $ETH0_IP "eth0"
   else
-    cp /etc/iptables/iptables-router /etc/iptables/rules
+    setup_sshd $ETH1_IP "eth1"
   fi
 }
 
@@ -744,9 +735,9 @@ setup_secstorage() {
 
   cp /etc/iptables/iptables-secstorage /etc/iptables/rules
   if [ "$hyp" == "vmware" ]; then
-    setup_sshd $ETH1_IP
+    setup_sshd $ETH1_IP "eth1"
   else
-    setup_sshd $ETH0_IP
+    setup_sshd $ETH0_IP "eth0"
   fi
   setup_apache2 $ETH2_IP
 
@@ -768,9 +759,9 @@ setup_console_proxy() {
   echo "$public_ip $NAME" >> /etc/hosts
   cp /etc/iptables/iptables-consoleproxy /etc/iptables/rules
   if [ "$hyp" == "vmware" ]; then
-    setup_sshd $ETH1_IP
+    setup_sshd $ETH1_IP "eth1"
   else
-    setup_sshd $ETH0_IP
+    setup_sshd $ETH0_IP "eth0"
   fi
 
   disable_rpfilter
@@ -791,13 +782,12 @@ setup_elbvm() {
   [ "$ETH2_IP" == "0.0.0.0" ] || [ "$ETH2_IP" == "" ] && public_ip=$ETH0_IP
   echo "$public_ip $NAME" >> /etc/hosts
 
+  cp /etc/iptables/iptables-elbvm /etc/iptables/rules
   if [ "$SSHONGUEST" == "true" ]
   then
-    sed '/3922/s/eth1/eth0/'
-    setup_sshd $ETH0_IP
+    setup_sshd $ETH0_IP "eth0"
   else
-    cp /etc/iptables/iptables-elbvm /etc/iptables/rules
-    setup_sshd $ETH1_IP
+    setup_sshd $ETH1_IP "eth1"
   fi
   
   enable_fwding 0
@@ -825,6 +815,8 @@ change_password() {
 }
 
 start() {
+  # Clear /tmp for file lock
+  rm -f /tmp/*.lock
   local hyp=$(hypervisor)
   [ $? -ne 0 ] && log_it "Failed to detect hypervisor type, bailing out of early init" && exit 10
   log_it "Detected that we are running inside $hyp guest"
diff --git a/patches/systemvm/debian/config/etc/init.d/cloud-passwd-srvr b/patches/systemvm/debian/config/etc/init.d/cloud-passwd-srvr
index 553fe0ae962..e6818415cfb 100755
--- a/patches/systemvm/debian/config/etc/init.d/cloud-passwd-srvr
+++ b/patches/systemvm/debian/config/etc/init.d/cloud-passwd-srvr
@@ -33,11 +33,11 @@ start() {
   [ "$ENABLED" != 0 ]  || exit 0 
   pid=$(getpid)
   [ "$pid" != "" ] && echo "Password server is already running (pid=$pid)" && return 0
-  nohup bash /opt/cloud/bin/passwd_server&
+  nohup bash /opt/cloud/bin/passwd_server &
 }
 
 getpid() {
-  pid=$(ps -ef | grep passwd_server | grep -v grep | awk '{print $2}')
+  pid=$(ps -ef | grep passwd_server_ip | grep -v grep | awk '{print $2}')
   echo $pid
 }
 
diff --git a/patches/systemvm/debian/config/etc/iptables/iptables-consoleproxy b/patches/systemvm/debian/config/etc/iptables/iptables-consoleproxy
index 6e230386412..ae5d14d8461 100644
--- a/patches/systemvm/debian/config/etc/iptables/iptables-consoleproxy
+++ b/patches/systemvm/debian/config/etc/iptables/iptables-consoleproxy
@@ -30,7 +30,6 @@ COMMIT
 -A INPUT -i eth2 -m state --state RELATED,ESTABLISHED -j ACCEPT 
 -A INPUT -p icmp --icmp-type 13 -j DROP
 -A INPUT -p icmp -j ACCEPT 
--A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 3922 -j ACCEPT
 -A INPUT -i eth1 -p tcp -m state --state NEW -m tcp --dport 3922 -j ACCEPT
 -A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 8001 -j ACCEPT
 -A INPUT -i eth1 -p tcp -m state --state NEW -m tcp --dport 8001 -j ACCEPT
diff --git a/patches/systemvm/debian/config/etc/iptables/iptables-secstorage b/patches/systemvm/debian/config/etc/iptables/iptables-secstorage
index 5218fa72de6..31399241126 100755
--- a/patches/systemvm/debian/config/etc/iptables/iptables-secstorage
+++ b/patches/systemvm/debian/config/etc/iptables/iptables-secstorage
@@ -33,6 +33,4 @@ COMMIT
 -A INPUT -p icmp --icmp-type 13 -j DROP
 -A INPUT -p icmp -j ACCEPT 
 -A INPUT -i eth0 -p tcp -m state --state NEW --dport 3922 -j ACCEPT
--A INPUT -i eth1 -p tcp -m state --state NEW --dport 3922 -j ACCEPT
--A INPUT -i eth3 -p tcp -m state --state NEW --dport 3922 -j ACCEPT
 COMMIT
diff --git a/patches/systemvm/debian/config/etc/logrotate.conf b/patches/systemvm/debian/config/etc/logrotate.conf
index f5a660964d3..59a6242bb4c 100644
--- a/patches/systemvm/debian/config/etc/logrotate.conf
+++ b/patches/systemvm/debian/config/etc/logrotate.conf
@@ -1,32 +1,21 @@
-# see "man logrotate" for details
 # rotate log files daily
 daily
-
 # keep 5 days worth
 rotate 5
-
 # create new (empty) log files after rotating old ones
 create
-
 # use date as a suffix of the rotated file
 dateext
-
-# uncomment this if you want your log files compressed
-#compress
-
 # max size 50M
 size 50M
-
 # RPM packages drop log rotation information into this directory
 include /etc/logrotate.d
-
 # no packages own wtmp and btmp -- we'll rotate them here
 /var/log/wtmp {
     monthly
     create 0664 root utmp
     rotate 1
 }
-
 /var/log/btmp {
     missingok
     monthly
@@ -34,4 +23,3 @@ include /etc/logrotate.d
     rotate 1
 }
 
-# system-specific logs may be also be configured here.
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/passwd_server b/patches/systemvm/debian/config/opt/cloud/bin/passwd_server
index 95225b6a901..71349dd0336 100755
--- a/patches/systemvm/debian/config/opt/cloud/bin/passwd_server
+++ b/patches/systemvm/debian/config/opt/cloud/bin/passwd_server
@@ -16,18 +16,8 @@
 # specific language governing permissions and limitations
 # under the License.
 
-. /etc/default/cloud-passwd-srvr
-
-while [ "$ENABLED" == "1" ]
-do
-	socat -lf /var/log/cloud.log TCP4-LISTEN:8080,reuseaddr,crnl,bind=0.0.0.0 SYSTEM:"/opt/cloud/bin/serve_password.sh \"\$SOCAT_PEERADDR\""
-
-	rc=$?
-	if [ $rc -ne 0 ]
-	then
-		logger -t cloud "Password server failed with error code $rc. Restarting socat..."
-		sleep 3
-	fi
-        . /etc/default/cloud-passwd-srvr
-
-done
+ips=$(ip addr show dev eth0 | grep inet | grep eth0 | awk '{print $2}' ); echo $ips
+for ip in $ips; do
+	addr=$(echo $ip | awk -F'/' '{print $1}')
+	/opt/cloud/bin/passwd_server_ip $addr &
+done;
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/passwd_server_ip b/patches/systemvm/debian/config/opt/cloud/bin/passwd_server_ip
new file mode 100755
index 00000000000..8d62dffa231
--- /dev/null
+++ b/patches/systemvm/debian/config/opt/cloud/bin/passwd_server_ip
@@ -0,0 +1,32 @@
+#!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+. /etc/default/cloud-passwd-srvr
+addr=$1;
+while [ "$ENABLED" == "1" ]
+do
+	socat -lf /var/log/cloud.log TCP4-LISTEN:8080,reuseaddr,crnl,bind=$addr SYSTEM:"/opt/cloud/bin/serve_password.sh \"\$SOCAT_PEERADDR\""
+
+	rc=$?
+	if [ $rc -ne 0 ]
+	then
+		logger -t cloud "Password server failed with error code $rc. Restarting socat..."
+		sleep 3
+	fi
+        . /etc/default/cloud-passwd-srvr
+done
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/patchsystemvm.sh b/patches/systemvm/debian/config/opt/cloud/bin/patchsystemvm.sh
index bdec43af1a9..3bbf7b1bf88 100755
--- a/patches/systemvm/debian/config/opt/cloud/bin/patchsystemvm.sh
+++ b/patches/systemvm/debian/config/opt/cloud/bin/patchsystemvm.sh
@@ -70,7 +70,6 @@ routing_svcs() {
    grep "redundant_router=1" /var/cache/cloud/cmdline > /dev/null
    RROUTER=$?
    chkconfig cloud off
-   chkconfig cloud-passwd-srvr on ; 
    chkconfig haproxy on ; 
    chkconfig ssh on
    chkconfig nfs-common off
@@ -78,22 +77,38 @@ routing_svcs() {
    if [ $RROUTER -eq 0 ]
    then
        chkconfig dnsmasq off
+       chkconfig cloud-passwd-srvr off
        chkconfig keepalived on
        chkconfig conntrackd on
        chkconfig postinit on
        echo "keepalived conntrackd postinit" > /var/cache/cloud/enabled_svcs
-       echo "dnsmasq " > /var/cache/cloud/disabled_svcs
+       echo "dnsmasq cloud-passwd-srvr" > /var/cache/cloud/disabled_svcs
    else
        chkconfig dnsmasq on
+       chkconfig cloud-passwd-srvr on
        chkconfig keepalived off
        chkconfig conntrackd off
-       echo "dnsmasq " > /var/cache/cloud/enabled_svcs
+       echo "dnsmasq cloud-passwd-srvr " > /var/cache/cloud/enabled_svcs
        echo "keepalived conntrackd " > /var/cache/cloud/disabled_svcs
    fi
-   echo "cloud-passwd-srvr ssh haproxy apache2" >> /var/cache/cloud/enabled_svcs
+   echo "ssh haproxy apache2" >> /var/cache/cloud/enabled_svcs
    echo "cloud nfs-common portmap" > /var/cache/cloud/disabled_svcs
 }
 
+vpcrouting_svcs() {
+   chkconfig cloud off
+   chkconfig haproxy on ; 
+   chkconfig ssh on
+   chkconfig nfs-common off
+   chkconfig portmap off
+   chkconfig dnsmasq on
+   chkconfig keepalived off
+   chkconfig conntrackd off
+   chkconfig apache2 off
+   echo "ssh haproxy dnsmasq" > /var/cache/cloud/enabled_svcs
+   echo "cloud cloud-passwd-srvr apache2 nfs-common portmap keepalived conntrackd" > /var/cache/cloud/disabled_svcs
+}
+
 dhcpsrvr_svcs() {
    chkconfig cloud off
    chkconfig cloud-passwd-srvr on ; 
@@ -177,7 +192,7 @@ then
    enable_serial_console
 fi
 
-if [ "$TYPE" == "router" ]
+if [ "$TYPE" == "router" ] || [ "$TYPE" == "vpcrouter" ]
 then
   routing_svcs
   if [ $? -gt 0 ]
@@ -187,6 +202,16 @@ then
   fi
 fi
 
+if [ "$TYPE" == "vpcrouter" ]
+then
+  vpcrouting_svcs
+  if [ $? -gt 0 ]
+  then
+    printf "Failed to execute vpcrouting_svcs\n" >$logfile
+    exit 6
+  fi
+fi
+
 if [ "$TYPE" == "dhcpsrvr" ]
 then
   dhcpsrvr_svcs
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/serve_password.sh b/patches/systemvm/debian/config/opt/cloud/bin/serve_password.sh
index c1f928ddcc8..b829b540666 100755
--- a/patches/systemvm/debian/config/opt/cloud/bin/serve_password.sh
+++ b/patches/systemvm/debian/config/opt/cloud/bin/serve_password.sh
@@ -20,6 +20,15 @@
 
 # set -x 
 
+source /root/func.sh
+
+lock="passwdlock"
+locked=$(getLockFile $lock)
+if [ "$locked" != "1" ]
+then
+    exit 1
+fi
+
 PASSWD_FILE=/var/cache/cloud/passwords
 
 #   $1 filename
@@ -91,4 +100,4 @@ fi
 
 # echo -e \"\\\"\\\n\\\"\"
 
-exit 0
+unlock_exit 0 $lock $locked
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh b/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh
index 7331c53ea67..faf62c6ff0c 100755
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh
+++ b/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh
@@ -48,7 +48,7 @@ destroy_acl_chain() {
 create_acl_chain() {
   destroy_acl_chain
   sudo iptables -t mangle -N ACL_OUTBOUND_$dev 2>/dev/null
-  sudo iptables -t mangle -A ACL_OUTBOUND_$dev -j DROP 2>/dev/null
+  sudo iptables -t mangle -A ACL_OUTBOUND_$dev -j ACCEPT 2>/dev/null
   sudo iptables -t mangle -A PREROUTING -m state --state NEW -i $dev -s $subnet/$mask ! -d $ip -j ACL_OUTBOUND_$dev  2>/dev/null
   sudo iptables -N ACL_INBOUND_$dev 2>/dev/null
   # drop if no rules match (this will be the last rule in the chain)
@@ -66,6 +66,7 @@ setup_apache2() {
   sed -i -e "s/Listen .*:80/Listen $ip:80/g" /etc/apache2/conf.d/vhost$dev.conf
   sed -i -e "s/Listen .*:443/Listen $ip:443/g" /etc/apache2/conf.d/vhost$dev.conf
   service apache2 restart
+  sudo iptables -D INPUT -i $dev -d $ip -p tcp -m state --state NEW --dport 80 -j ACCEPT
   sudo iptables -A INPUT -i $dev -d $ip -p tcp -m state --state NEW --dport 80 -j ACCEPT
 }
 
@@ -79,6 +80,11 @@ desetup_apache2() {
 
 setup_dnsmasq() {
   logger -t cloud "Setting up dnsmasq for network $ip/$mask "
+  # setup rules to allow dhcp/dns request
+  sudo iptables -D INPUT -i $dev -p udp -m udp --dport 67 -j ACCEPT
+  sudo iptables -D INPUT -i $dev -d $ip -p udp -m udp --dport 53 -j ACCEPT
+  sudo iptables -A INPUT -i $dev -p udp -m udp --dport 67 -j ACCEPT
+  sudo iptables -A INPUT -i $dev -d $ip -p udp -m udp --dport 53 -j ACCEPT
   # setup static 
   sed -i -e "/^[#]*dhcp-range=interface:$dev/d" /etc/dnsmasq.d/cloud.conf
   echo "dhcp-range=interface:$dev,set:interface-$dev,$ip,static" >> /etc/dnsmasq.d/cloud.conf
@@ -89,11 +95,13 @@ setup_dnsmasq() {
   echo "dhcp-option=tag:interface-$dev,15,$DOMAIN" >> /etc/dnsmasq.d/cloud.conf
   service dnsmasq restart
   sleep 1
-}
+} 
 
 desetup_dnsmasq() {
-  logger -t cloud "Setting up dnsmasq for network $ip/$mask "
-  
+  logger -t cloud "Desetting up dnsmasq for network $ip/$mask "
+  # remove rules to allow dhcp/dns request
+  sudo iptables -D INPUT -i $dev -p udp -m udp --dport 67 -j ACCEPT
+  sudo iptables -D INPUT -i $dev -d $ip -p udp -m udp --dport 53 -j ACCEPT
   sed -i -e "/^[#]*dhcp-option=tag:interface-$dev,option:router.*$/d" /etc/dnsmasq.d/cloud.conf
   sed -i -e "/^[#]*dhcp-option=tag:interface-$dev,6.*$/d" /etc/dnsmasq.d/cloud.conf
   sed -i -e "/^[#]*dhcp-range=interface:$dev/d" /etc/dnsmasq.d/cloud.conf
@@ -101,45 +109,53 @@ desetup_dnsmasq() {
   sleep 1
 }
 
+setup_passwdsvcs() {
+  logger -t cloud "Setting up password service for network $ip/$mask, eth $dev "
+  sudo iptables -D INPUT -i $dev -d $ip -p tcp -m state --state NEW --dport 8080 -j ACCEPT
+  sudo iptables -A INPUT -i $dev -d $ip -p tcp -m state --state NEW --dport 8080 -j ACCEPT
+  nohup bash /opt/cloud/bin/vpc_passwd_server $ip >/dev/null 2>&1 &
+}
+
+desetup_passwdsvcs() {
+  logger -t cloud "Desetting up password service for network $ip/$mask, eth $dev "
+  sudo iptables -D INPUT -i $dev -d $ip -p tcp -m state --state NEW --dport 8080 -j ACCEPT
+  pid=`ps -ef | grep socat | grep $ip | grep -v grep | awk '{print $2}'`
+  if [ -n "$pid" ]
+  then
+    kill -9 $pid
+  fi 
+}
+
 create_guest_network() {
   logger -t cloud " $(basename $0): Create network on interface $dev,  gateway $gw, network $ip/$mask "
   # setup ip configuration
   sudo ip addr add dev $dev $ip/$mask brd +
   sudo ip link set $dev up
   sudo arping -c 3 -I $dev -A -U -s $ip $ip
-  # setup rules to allow dhcp/dns request
-  sudo iptables -D INPUT -i $dev -p udp -m udp --dport 67 -j ACCEPT
-  sudo iptables -D INPUT -i $dev -p udp -m udp --dport 53 -j ACCEPT
-  sudo iptables -A INPUT -i $dev -p udp -m udp --dport 67 -j ACCEPT
-  sudo iptables -A INPUT -i $dev -p udp -m udp --dport 53 -j ACCEPT
-  sudo iptables -D INPUT -i $dev -p tcp -m state --state NEW --dport 8080 -j ACCEPT
-  sudo iptables -D INPUT -i $dev -p tcp -m state --state NEW --dport 80 -j ACCEPT
-  sudo iptables -A INPUT -i $dev -p tcp -m state --state NEW --dport 8080 -j ACCEPT
-  sudo iptables -A INPUT -i $dev -p tcp -m state --state NEW --dport 80 -j ACCEPT
   # restore mark from  connection mark
   local tableName="Table_$dev"
   sudo ip route add $subnet/$mask dev $dev table $tableName proto static
+  sudo iptables -t mangle -D PREROUTING -i $dev -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark
+  sudo iptables -t nat -D POSTROUTING -s $subnet/$mask -o $dev -j SNAT --to-source $ip
   sudo iptables -t mangle -A PREROUTING -i $dev -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark
   # set up hairpin
   sudo iptables -t nat -A POSTROUTING -s $subnet/$mask -o $dev -j SNAT --to-source $ip
   create_acl_chain
   setup_dnsmasq
   setup_apache2
+  setup_passwdsvcs
 }
 
 destroy_guest_network() {
   logger -t cloud " $(basename $0): Create network on interface $dev,  gateway $gw, network $ip/$mask "
 
   sudo ip addr del dev $dev $ip/$mask
-  sudo iptables -D INPUT -i $dev -p udp -m udp --dport 67 -j ACCEPT
-  sudo iptables -D INPUT -i $dev -p udp -m udp --dport 53 -j ACCEPT
-  sudo iptables -D INPUT -i $dev -p tcp -m state --state NEW --dport 8080 -j ACCEPT
-  sudo iptables -D INPUT -i $dev -p tcp -m state --state NEW --dport 80 -j ACCEPT
   sudo iptables -t mangle -D PREROUTING -i $dev -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark
-  sudo iptables -t nat -A POSTROUTING -s $subnet/$mask -o $dev -j SNAT --to-source $ip
+  sudo iptables -t nat -D POSTROUTING -s $subnet/$mask -o $dev -j SNAT --to-source $ip
   destroy_acl_chain
   desetup_dnsmasq
   desetup_apache2
+  desetup_passwdsvcs
 }
 
 #set -x
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_passwd_server b/patches/systemvm/debian/config/opt/cloud/bin/vpc_passwd_server
new file mode 100755
index 00000000000..6488bec86f4
--- /dev/null
+++ b/patches/systemvm/debian/config/opt/cloud/bin/vpc_passwd_server
@@ -0,0 +1,32 @@
+#!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+
+ip=$1
+result=$ip
+while [ -n "$result" ]
+do
+    socat -lf /var/log/cloud.log TCP4-LISTEN:8080,reuseaddr,crnl,bind=$ip SYSTEM:"/opt/cloud/bin/serve_password.sh \"\$SOCAT_PEERADDR\""
+    rc=$?
+    if [ $rc -ne 0 ]
+    then
+        logger -t cloud "Password server failed with error code $rc. Restarting socat..."
+        sleep 3
+    fi
+    result=`ip addr show | grep $ip`
+done
diff --git a/patches/systemvm/debian/config/root/redundant_router/arping_gateways.sh.templ b/patches/systemvm/debian/config/root/redundant_router/arping_gateways.sh.templ
index 80f7f030dcb..176bce22559 100644
--- a/patches/systemvm/debian/config/root/redundant_router/arping_gateways.sh.templ
+++ b/patches/systemvm/debian/config/root/redundant_router/arping_gateways.sh.templ
@@ -1,3 +1,20 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
 ip link|grep BROADCAST|grep -v eth0|grep -v eth1|cut -d ":" -f 2 > /tmp/iflist
 while read i
 do
diff --git a/patches/systemvm/debian/config/root/redundant_router/backup.sh.templ b/patches/systemvm/debian/config/root/redundant_router/backup.sh.templ
index 8378f64663d..03111b557a5 100644
--- a/patches/systemvm/debian/config/root/redundant_router/backup.sh.templ
+++ b/patches/systemvm/debian/config/root/redundant_router/backup.sh.templ
@@ -1,4 +1,20 @@
 #!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
 
 source /root/func.sh
 
diff --git a/patches/systemvm/debian/config/root/redundant_router/check_heartbeat.sh.templ b/patches/systemvm/debian/config/root/redundant_router/check_heartbeat.sh.templ
index 26954650a6d..908c0d8f06f 100755
--- a/patches/systemvm/debian/config/root/redundant_router/check_heartbeat.sh.templ
+++ b/patches/systemvm/debian/config/root/redundant_router/check_heartbeat.sh.templ
@@ -1,4 +1,21 @@
 #!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
 
 if [ -e [RROUTER_BIN_PATH]/keepalived.ts2 ]
 then
diff --git a/patches/systemvm/debian/config/root/redundant_router/checkrouter.sh.templ b/patches/systemvm/debian/config/root/redundant_router/checkrouter.sh.templ
index ae22ec7629d..fbf4f0f54d0 100755
--- a/patches/systemvm/debian/config/root/redundant_router/checkrouter.sh.templ
+++ b/patches/systemvm/debian/config/root/redundant_router/checkrouter.sh.templ
@@ -1,4 +1,21 @@
 #!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
 
 source /root/func.sh
 
diff --git a/patches/systemvm/debian/config/root/redundant_router/disable_pubip.sh b/patches/systemvm/debian/config/root/redundant_router/disable_pubip.sh
index 84631f67951..af5edbfd2a1 100644
--- a/patches/systemvm/debian/config/root/redundant_router/disable_pubip.sh
+++ b/patches/systemvm/debian/config/root/redundant_router/disable_pubip.sh
@@ -21,4 +21,5 @@ while read i
 do
     ifconfig $i down
 done < /tmp/iflist
+service cloud-passwd-srvr stop
 service dnsmasq stop
diff --git a/patches/systemvm/debian/config/root/redundant_router/enable_pubip.sh.templ b/patches/systemvm/debian/config/root/redundant_router/enable_pubip.sh.templ
index 32604954990..ccdef0b7ea6 100644
--- a/patches/systemvm/debian/config/root/redundant_router/enable_pubip.sh.templ
+++ b/patches/systemvm/debian/config/root/redundant_router/enable_pubip.sh.templ
@@ -1,12 +1,35 @@
 #!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
 
 set -e
 
 ip link|grep BROADCAST|grep -v eth0|grep -v eth1|cut -d ":" -f 2 > /tmp/iflist
 while read i
 do
-    ifdown $i
-    ifup $i
+    if [ "$i" == "eth2" ]
+    then
+        ifdown $i
+        ifup $i
+    else
+        ifconfig $i down
+        ifconfig $i up
+    fi
 done < /tmp/iflist
 ip route add default via [GATEWAY] dev eth2 && \
+service cloud-passwd-srvr restart && \
 service dnsmasq restart
diff --git a/patches/systemvm/debian/config/root/redundant_router/fault.sh.templ b/patches/systemvm/debian/config/root/redundant_router/fault.sh.templ
index 2305fb24c0a..aecb08db247 100644
--- a/patches/systemvm/debian/config/root/redundant_router/fault.sh.templ
+++ b/patches/systemvm/debian/config/root/redundant_router/fault.sh.templ
@@ -1,4 +1,20 @@
 #!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
 
 source /root/func.sh
 
diff --git a/patches/systemvm/debian/config/root/redundant_router/heartbeat.sh.templ b/patches/systemvm/debian/config/root/redundant_router/heartbeat.sh.templ
index 90d790b5372..e064c1a2cf3 100755
--- a/patches/systemvm/debian/config/root/redundant_router/heartbeat.sh.templ
+++ b/patches/systemvm/debian/config/root/redundant_router/heartbeat.sh.templ
@@ -1,4 +1,20 @@
 #!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
 
 t=$(date +%s)
 echo $t > [RROUTER_BIN_PATH]/keepalived.ts
diff --git a/patches/systemvm/debian/config/root/redundant_router/keepalived.conf.templ b/patches/systemvm/debian/config/root/redundant_router/keepalived.conf.templ
index fd7235f67e2..a4969a5b698 100644
--- a/patches/systemvm/debian/config/root/redundant_router/keepalived.conf.templ
+++ b/patches/systemvm/debian/config/root/redundant_router/keepalived.conf.templ
@@ -1,4 +1,19 @@
-! Configuration File for keepalived
+! Licensed to the Apache Software Foundation (ASF) under one
+! or more contributor license agreements.  See the NOTICE file
+! distributed with this work for additional information
+! regarding copyright ownership.  The ASF licenses this file
+! to you under the Apache License, Version 2.0 (the
+! "License"); you may not use this file except in compliance
+! with the License.  You may obtain a copy of the License at
+!
+!   http://www.apache.org/licenses/LICENSE-2.0
+!
+! Unless required by applicable law or agreed to in writing,
+! software distributed under the License is distributed on an
+! "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+! KIND, either express or implied.  See the License for the
+! specific language governing permissions and limitations
+! under the License.
 
 global_defs {
    router_id [ROUTER_ID]
@@ -36,29 +51,7 @@ vrrp_instance inside_network {
         heartbeat
     }
 
-    #nopreempt
-
-    # notify scripts and alerts are optional
-    #
-    # filenames of scripts to run on transitions
-    # can be unquoted (if just filename)
-    # or quoted (if has parameters)
-    # to MASTER transition
     notify_master "[RROUTER_BIN_PATH]/master.sh"
-    # to BACKUP transition
     notify_backup "[RROUTER_BIN_PATH]/backup.sh"
-    # FAULT transition
     notify_fault "[RROUTER_BIN_PATH]/fault.sh"
- 
-    # for ANY state transition.
-    # "notify" script is called AFTER the
-    # notify_* script(s) and is executed
-    # with 3 arguments provided by keepalived
-    # (ie don't include parameters in the notify line).
-    # arguments
-    # $1 = "GROUP"|"INSTANCE"
-    # $2 = name of group or instance
-    # $3 = target state of transition
-    #     ("MASTER"|"BACKUP"|"FAULT")
-    #notify [RROUTER_BIN_PATH]/notify.sh
 }
diff --git a/patches/systemvm/debian/config/root/redundant_router/master.sh.templ b/patches/systemvm/debian/config/root/redundant_router/master.sh.templ
index c8d06374de2..418fd5d83b8 100644
--- a/patches/systemvm/debian/config/root/redundant_router/master.sh.templ
+++ b/patches/systemvm/debian/config/root/redundant_router/master.sh.templ
@@ -1,4 +1,20 @@
 #!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
 
 source /root/func.sh
 
diff --git a/patches/systemvm/debian/config/var/lib/misc/dnsmasq.leases b/patches/systemvm/debian/config/var/lib/misc/dnsmasq.leases
deleted file mode 100644
index e69de29bb2d..00000000000
diff --git a/patches/systemvm/debian/vpn/etc/ipsec.conf b/patches/systemvm/debian/vpn/etc/ipsec.conf
index a1c4bfb52b8..dc363b3a65f 100644
--- a/patches/systemvm/debian/vpn/etc/ipsec.conf
+++ b/patches/systemvm/debian/vpn/etc/ipsec.conf
@@ -1,50 +1,9 @@
-# /etc/ipsec.conf - Openswan IPsec configuration file
-
-# This file:  /usr/share/doc/openswan/ipsec.conf-sample
-#
 # Manual:     ipsec.conf.5
+version	2.0	
 
-
-version	2.0	# conforms to second version of ipsec.conf specification
-
-# basic configuration
 config setup
-	# Do not set debug options to debug configuration issues!
-	# plutodebug / klipsdebug = "all", "none" or a combation from below:
-	# "raw crypt parsing emitting control klips pfkey natt x509 dpd private"
-	# eg:
-	# plutodebug="control parsing"
-	#
-	# enable to get logs per-peer
-	# plutoopts="--perpeerlog"
-	#
-	# Again: only enable plutodebug or klipsdebug when asked by a developer
-	#
-	# NAT-TRAVERSAL support, see README.NAT-Traversal
 	nat_traversal=yes
-	# exclude networks used on server side by adding %v4:!a.b.c.0/24
 	virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
-	# OE is now off by default. Uncomment and change to on, to enable.
-	oe=off
-	# which IPsec stack to use. auto will try netkey, then klips then mast
 	protostack=auto
 	
-
-# Add connections here
-
-# sample VPN connection
-# for more examples, see /etc/ipsec.d/examples/
-#conn sample
-#		# Left security gateway, subnet behind it, nexthop toward right.
-#		left=10.0.0.1
-#		leftsubnet=172.16.0.0/24
-#		leftnexthop=10.22.33.44
-#		# Right security gateway, subnet behind it, nexthop toward left.
-#		right=10.12.12.1
-#		rightsubnet=192.168.0.0/24
-#		rightnexthop=10.101.102.103
-#		# To authorize this connection, but not actually start it, 
-#		# at startup, uncomment this.
-#		#auto=add
-
 include /etc/ipsec.d/*.conf
diff --git a/patches/systemvm/debian/vpn/etc/ipsec.conf.orig b/patches/systemvm/debian/vpn/etc/ipsec.conf.orig
deleted file mode 100644
index d185e6cd502..00000000000
--- a/patches/systemvm/debian/vpn/etc/ipsec.conf.orig
+++ /dev/null
@@ -1,48 +0,0 @@
-# /etc/ipsec.conf - Openswan IPsec configuration file
-
-# This file:  /usr/share/doc/openswan/ipsec.conf-sample
-#
-# Manual:     ipsec.conf.5
-
-
-version	2.0	# conforms to second version of ipsec.conf specification
-
-# basic configuration
-config setup
-	# Do not set debug options to debug configuration issues!
-	# plutodebug / klipsdebug = "all", "none" or a combation from below:
-	# "raw crypt parsing emitting control klips pfkey natt x509 dpd private"
-	# eg:
-	# plutodebug="control parsing"
-	#
-	# enable to get logs per-peer
-	# plutoopts="--perpeerlog"
-	#
-	# Again: only enable plutodebug or klipsdebug when asked by a developer
-	#
-	# NAT-TRAVERSAL support, see README.NAT-Traversal
-	nat_traversal=yes
-	# exclude networks used on server side by adding %v4:!a.b.c.0/24
-	virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
-	# OE is now off by default. Uncomment and change to on, to enable.
-	oe=off
-	# which IPsec stack to use. auto will try netkey, then klips then mast
-	protostack=auto
-	
-
-# Add connections here
-
-# sample VPN connection
-# for more examples, see /etc/ipsec.d/examples/
-#conn sample
-#		# Left security gateway, subnet behind it, nexthop toward right.
-#		left=10.0.0.1
-#		leftsubnet=172.16.0.0/24
-#		leftnexthop=10.22.33.44
-#		# Right security gateway, subnet behind it, nexthop toward left.
-#		right=10.12.12.1
-#		rightsubnet=192.168.0.0/24
-#		rightnexthop=10.101.102.103
-#		# To authorize this connection, but not actually start it, 
-#		# at startup, uncomment this.
-#		#auto=add
diff --git a/patches/systemvm/debian/vpn/etc/ipsec.secrets b/patches/systemvm/debian/vpn/etc/ipsec.secrets
index 67ae69886cb..d9a9a43c747 100644
--- a/patches/systemvm/debian/vpn/etc/ipsec.secrets
+++ b/patches/systemvm/debian/vpn/etc/ipsec.secrets
@@ -1,12 +1,2 @@
-# RCSID $Id: ipsec.secrets.proto,v 1.3.6.1 2005/09/28 13:59:14 paul Exp $
-# This file holds shared secrets or RSA private keys for inter-Pluto
-# authentication.  See ipsec_pluto(8) manpage, and HTML documentation.
-
-# RSA private key for this host, authenticating it to any other host
-# which knows the public part.  Suitable public keys, for ipsec.conf, DNS,
-# or configuration of other implementations, can be extracted conveniently
-# with "ipsec showhostkey".
-
-# this file is managed with debconf and will contain the automatically created RSA keys
 include /var/lib/openswan/ipsec.secrets.inc
 include /etc/ipsec.d/ipsec.*.secrets
diff --git a/patches/systemvm/debian/vpn/etc/ipsec.secrets.orig b/patches/systemvm/debian/vpn/etc/ipsec.secrets.orig
deleted file mode 100644
index 6885545e8e8..00000000000
--- a/patches/systemvm/debian/vpn/etc/ipsec.secrets.orig
+++ /dev/null
@@ -1,11 +0,0 @@
-# RCSID $Id: ipsec.secrets.proto,v 1.3.6.1 2005/09/28 13:59:14 paul Exp $
-# This file holds shared secrets or RSA private keys for inter-Pluto
-# authentication.  See ipsec_pluto(8) manpage, and HTML documentation.
-
-# RSA private key for this host, authenticating it to any other host
-# which knows the public part.  Suitable public keys, for ipsec.conf, DNS,
-# or configuration of other implementations, can be extracted conveniently
-# with "ipsec showhostkey".
-
-# this file is managed with debconf and will contain the automatically created RSA keys
-include /var/lib/openswan/ipsec.secrets.inc
diff --git a/patches/systemvm/debian/vpn/etc/xl2tpd/xl2tpd.conf.orig b/patches/systemvm/debian/vpn/etc/xl2tpd/xl2tpd.conf.orig
deleted file mode 100644
index 9f2f03a5048..00000000000
--- a/patches/systemvm/debian/vpn/etc/xl2tpd/xl2tpd.conf.orig
+++ /dev/null
@@ -1,76 +0,0 @@
-;
-; Sample l2tpd configuration file
-;
-; This example file should give you some idea of how the options for l2tpd
-; should work.  The best place to look for a list of all options is in
-; the source code itself, until I have the time to write better documetation :)
-; Specifically, the file "file.c" contains a list of commands at the end.
-;
-; You most definitely don't have to spell out everything as it is done here
-;
-; [global]								; Global parameters:
-; port = 1701						 	; * Bind to port 1701
-; auth file = /etc/l2tpd/l2tp-secrets 	; * Where our challenge secrets are
-; access control = yes					; * Refuse connections without IP match
-; rand source = dev                     ; Source for entropy for random
-;                                       ; numbers, options are:
-;                                       ; dev - reads of /dev/urandom
-;                                       ; sys - uses rand()
-;                                       ; egd - reads from egd socket
-;                                       ; egd is not yet implemented
-;
-; [lns default]							; Our fallthrough LNS definition
-; exclusive = no						; * Only permit one tunnel per host
-; ip range = 192.168.0.1-192.168.0.20	; * Allocate from this IP range
-; no ip range = 192.168.0.3-192.168.0.9 ; * Except these hosts
-; ip range = 192.168.0.5				; * But this one is okay
-; ip range = lac1-lac2					; * And anything from lac1 to lac2's IP
-; lac = 192.168.1.4 - 192.168.1.8		; * These can connect as LAC's
-; no lac = untrusted.marko.net			; * This guy can't connect
-; hidden bit = no						; * Use hidden AVP's?
-; local ip = 192.168.1.2				; * Our local IP to use
-; length bit = yes						; * Use length bit in payload?
-; require chap = yes					; * Require CHAP auth. by peer
-; refuse pap = yes						; * Refuse PAP authentication
-; refuse chap = no						; * Refuse CHAP authentication
-; refuse authentication = no			; * Refuse authentication altogether
-; require authentication = yes			; * Require peer to authenticate
-; unix authentication = no				; * Use /etc/passwd for auth.
-; name = myhostname						; * Report this as our hostname
-; ppp debug = no						; * Turn on PPP debugging
-; pppoptfile = /etc/ppp/options.l2tpd.lns	; * ppp options file
-; call rws = 10							; * RWS for call (-1 is valid)
-; tunnel rws = 4						; * RWS for tunnel (must be > 0)
-; flow bit = yes						; * Include sequence numbers
-; challenge = yes						; * Challenge authenticate peer ; 
-; rx bps = 10000000				; Receive tunnel speed
-; tx bps = 10000000				; Transmit tunnel speed
-; bps = 100000					; Define both receive and transmit speed in one option
-
-; [lac marko]							; Example VPN LAC definition
-; lns = lns.marko.net					; * Who is our LNS?
-; lns = lns2.marko.net					; * A backup LNS (not yet used)
-; redial = yes							; * Redial if disconnected?
-; redial timeout = 15					; * Wait n seconds between redials
-; max redials = 5						; * Give up after n consecutive failures
-; hidden bit = yes						; * User hidden AVP's?
-; local ip = 192.168.1.1				; * Force peer to use this IP for us
-; remote ip = 192.168.1.2				; * Force peer to use this as their IP
-; length bit = no						; * Use length bit in payload?
-; require pap = no						; * Require PAP auth. by peer
-; require chap = yes					; * Require CHAP auth. by peer
-; refuse pap = yes						; * Refuse PAP authentication
-; refuse chap = no						; * Refuse CHAP authentication
-; refuse authentication = no			; * Refuse authentication altogether
-; require authentication = yes			; * Require peer to authenticate
-; name = marko							; * Report this as our hostname
-; ppp debug = no						; * Turn on PPP debugging
-; pppoptfile = /etc/ppp/options.l2tpd.marko	; * ppp options file for this lac
-; call rws = 10							; * RWS for call (-1 is valid)
-; tunnel rws = 4						; * RWS for tunnel (must be > 0)
-; flow bit = yes						; * Include sequence numbers
-; challenge = yes						; * Challenge authenticate peer 
-;
-; [lac cisco]							; Another quick LAC
-; lns = cisco.marko.net					; * Required, but can take from default
-; require authentication = yes			
diff --git a/patches/systemvm/debian/xe/xe-linux-distribution.init b/patches/systemvm/debian/xe/xe-linux-distribution.init
deleted file mode 100644
index df6c8455213..00000000000
--- a/patches/systemvm/debian/xe/xe-linux-distribution.init
+++ /dev/null
@@ -1,106 +0,0 @@
-#!/bin/bash
-#
-# xe-linux-distribution	Write Linux distribution information to XenStore.
-#
-# chkconfig: 2345 14 86
-# description: Writes Linux distribution version information to XenStore.
-#
-### BEGIN INIT INFO
-# Provides:          XenServer Virtual Machine Tools
-# Required-Start:    $local_fs
-# Required-Stop:     $local_fs
-# Default-Start:     2 3 4 5
-# Default-Stop:      0 1 6
-# Short-Description: XenServer Virtual Machine daemon providing host integration services
-# Description:       Writes Linux distribution version information to XenStore.
-### END INIT INFO
-
-LANG="C"
-export LANG
-
-if [ -f /etc/init.d/functions ] ; then
-. /etc/init.d/functions
-else
-action()
-{
-    descr=$1 ; shift
-    cmd=$@
-    echo -n "$descr "
-    $cmd
-    ret=$?
-    if [ $ret -eq 0 ] ; then
-	echo "OK"
-    else
-	echo "Failed"
-    fi
-    return $ret
-}
-fi
-
-XE_LINUX_DISTRIBUTION=/usr/sbin/xe-linux-distribution
-XE_LINUX_DISTRIBUTION_CACHE=/var/cache/xe-linux-distribution
-XE_DAEMON=/usr/sbin/xe-daemon
-XE_DAEMON_PIDFILE=/var/run/xe-daemon.pid
-
-if [ ! -x "${XE_LINUX_DISTRIBUTION}" ] ; then
-    exit 0
-fi
-
-start()
-{
-    if [ ! -e /proc/xen/xenbus ] ; then
-	if [ ! -d /proc/xen ] ; then
-	    action $"Mounting xenfs on /proc/xen:" /bin/false
-	    echo "Could not find /proc/xen directory."
-	    echo "You need a post 2.6.29-rc1 kernel with CONFIG_XEN_COMPAT_XENFS=y and CONFIG_XENFS=y|m"
-	    exit 1
-	else 
-	    # This is needed post 2.6.29-rc1 when /proc/xen support was pushed upstream as a xen filesystem
-	    action $"Mounting xenfs on /proc/xen:" mount -t xenfs none /proc/xen
-	fi
-    fi
-
-    if [ -e /proc/xen/capabilities ] && grep -q control_d /proc/xen/capabilities ; then
-	# Do not want daemon in domain 0
-	exit 0
-    fi
-
-    action $"Detecting Linux distribution version:" \
-	${XE_LINUX_DISTRIBUTION} ${XE_LINUX_DISTRIBUTION_CACHE}
-
-    action $"Starting xe daemon: " /bin/true
-    mkdir -p $(dirname ${XE_DAEMON_PIDFILE})
-    # This is equivalent to daemon() in C
-    ( exec &>/dev/null ; ${XE_DAEMON} -p ${XE_DAEMON_PIDFILE} & )
-}
-
-stop()
-{
-    action $"Stopping xe daemon: "   kill -TERM $(cat ${XE_DAEMON_PIDFILE})
-}
-
-# fail silently if not running xen
-if [ ! -d /proc/xen ]; then
-   exit
-fi
-
-case "$1" in
-  start)
-        start
-        ;;
-  stop)
-	stop
-	;;
-  force-reload|restart)
-	stop
-	start
-	;;
-  *)
-        # do not advertise unreasonable commands that there is no reason
-        # to use with this device
-        echo $"Usage: $0 start|restart"
-        exit 1
-esac
-
-exit $?
-
diff --git a/patches/systemvm/debian/xe/xen-vcpu-hotplug.rules b/patches/systemvm/debian/xe/xen-vcpu-hotplug.rules
deleted file mode 100644
index ecb200e2201..00000000000
--- a/patches/systemvm/debian/xe/xen-vcpu-hotplug.rules
+++ /dev/null
@@ -1 +0,0 @@
-ACTION=="add", SUBSYSTEM=="cpu", RUN+="/bin/sh -c '[ ! -e /sys$devpath/online ] || echo 1 > /sys$devpath/online'"
diff --git a/plugins/deployment-planners/user-concentrated-pod/pom.xml b/plugins/deployment-planners/user-concentrated-pod/pom.xml
index ca2fae143ab..78829356170 100644
--- a/plugins/deployment-planners/user-concentrated-pod/pom.xml
+++ b/plugins/deployment-planners/user-concentrated-pod/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-plugin-planner-user-concentrated-pod
   Apache CloudStack Plugin - User Concentrated Pod Deployment Planner
   
     org.apache.cloudstack
     cloudstack-plugins
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
 
diff --git a/plugins/deployment-planners/user-dispersing/pom.xml b/plugins/deployment-planners/user-dispersing/pom.xml
index 6e1ffc6f026..33f6582e72f 100644
--- a/plugins/deployment-planners/user-dispersing/pom.xml
+++ b/plugins/deployment-planners/user-dispersing/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-plugin-planner-user-dispersing
   Apache CloudStack Plugin - User Dispersing Deployment Planner
   
     org.apache.cloudstack
     cloudstack-plugins
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
 
diff --git a/plugins/file-systems/netapp/pom.xml b/plugins/file-systems/netapp/pom.xml
index f10e5a4a499..d2fdda8e8ff 100644
--- a/plugins/file-systems/netapp/pom.xml
+++ b/plugins/file-systems/netapp/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-plugin-netapp
   Apache CloudStack Plugin - NetApp File System
   
     org.apache.cloudstack
     cloudstack-plugins
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
   
diff --git a/plugins/host-allocators/random/pom.xml b/plugins/host-allocators/random/pom.xml
index ad66c0e0af0..ba7e1ae1e65 100644
--- a/plugins/host-allocators/random/pom.xml
+++ b/plugins/host-allocators/random/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-plugin-host-allocator-random
   Apache CloudStack Plugin - Host Allocator Random
   
     org.apache.cloudstack
     cloudstack-plugins
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
 
diff --git a/plugins/hypervisors/kvm/agent-descriptor.xml b/plugins/hypervisors/kvm/agent-descriptor.xml
new file mode 100644
index 00000000000..51024a879ef
--- /dev/null
+++ b/plugins/hypervisors/kvm/agent-descriptor.xml
@@ -0,0 +1,68 @@
+
+
+  kvm-agent
+  
+    zip
+  
+  yes
+  
+    
+      
+      
+    
+  
+  
+    
+      ../../../agent/scripts
+      
+      774
+      
+      	run.sh
+      	_run.sh
+      	agent.sh
+      
+    
+    
+      target
+      
+      555
+      
+      	cloud-plugin-hypervisor-kvm-*.jar
+      
+    
+    
+      ../../../scripts
+      scripts
+      555
+    
+    
+      ../../../agent/conf
+      conf
+      555
+      774
+      
+      	agent.properties
+      	log4j-cloud.xml
+      
+    
+  
+ 
diff --git a/plugins/hypervisors/kvm/pom.xml b/plugins/hypervisors/kvm/pom.xml
index 48630856769..d3eca911a04 100644
--- a/plugins/hypervisors/kvm/pom.xml
+++ b/plugins/hypervisors/kvm/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-plugin-hypervisor-kvm
   Apache CloudStack Plugin - Hypervisor KVM
   
     org.apache.cloudstack
     cloudstack-plugins
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
   
@@ -45,4 +44,56 @@
       0.4.9
     
   
+  
+      install
+      src
+      test
+       
+        
+          maven-assembly-plugin
+          2.3
+          
+            kvm-agent
+            false
+            
+              agent-descriptor.xml
+            
+          
+          
+            
+              make-agent
+              package
+              
+                single
+              
+            
+          
+        
+        
+          maven-resources-plugin
+          2.6
+          
+            
+              copy-resources
+              
+            package
+            
+              copy-resources
+            
+            
+              dist
+                        
+                
+                  target
+                  
+                    kvm-agent.zip
+                  
+                
+                            
+                        
+          
+        
+      
+    
+  
 
diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java
index cf4de095cf7..116c09d3807 100644
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java
@@ -85,11 +85,18 @@ public class BridgeVifDriver extends VifDriverBase {
             URI broadcastUri = nic.getBroadcastUri();
             vlanId = broadcastUri.getHost();
         }
+        String trafficLabel = nic.getName();
         if (nic.getType() == Networks.TrafficType.Guest) {
             if (nic.getBroadcastType() == Networks.BroadcastDomainType.Vlan
                     && !vlanId.equalsIgnoreCase("untagged")) {
-                String brName = createVlanBr(vlanId, _pifs.get("private"));
-                intf.defBridgeNet(brName, null, nic.getMac(), getGuestNicModel(guestOsType));
+                if(trafficLabel != null || !trafficLabel.isEmpty()) {
+                    s_logger.debug("creating a vlan dev and bridge for guest traffic per traffic label " + trafficLabel);
+                    String brName = createVlanBr(vlanId, _pifs.get(trafficLabel));
+                    intf.defBridgeNet(brName, null, nic.getMac(), getGuestNicModel(guestOsType));
+                } else {
+                    String brName = createVlanBr(vlanId, _pifs.get("private"));
+                    intf.defBridgeNet(brName, null, nic.getMac(), getGuestNicModel(guestOsType));
+                }
             } else {
                 intf.defBridgeNet(_bridges.get("guest"), null, nic.getMac(), getGuestNicModel(guestOsType));
             }
@@ -100,8 +107,14 @@ public class BridgeVifDriver extends VifDriverBase {
         } else if (nic.getType() == Networks.TrafficType.Public) {
             if (nic.getBroadcastType() == Networks.BroadcastDomainType.Vlan
                     && !vlanId.equalsIgnoreCase("untagged")) {
-                String brName = createVlanBr(vlanId, _pifs.get("public"));
-                intf.defBridgeNet(brName, null, nic.getMac(), getGuestNicModel(guestOsType));
+                if(trafficLabel != null || !trafficLabel.isEmpty()){
+                    s_logger.debug("creating a vlan dev and bridge for public traffic per traffic label " + trafficLabel);
+                    String brName = createVlanBr(vlanId, _pifs.get(trafficLabel));
+                    intf.defBridgeNet(brName, null, nic.getMac(), getGuestNicModel(guestOsType));
+                } else {
+                    String brName = createVlanBr(vlanId, _pifs.get("public"));
+                    intf.defBridgeNet(brName, null, nic.getMac(), getGuestNicModel(guestOsType));
+                }
             } else {
                 intf.defBridgeNet(_bridges.get("public"), null, nic.getMac(), getGuestNicModel(guestOsType));
             }
@@ -120,22 +133,32 @@ public class BridgeVifDriver extends VifDriverBase {
         // Nothing needed as libvirt cleans up tap interface from bridge.
     }
 
-    private String setVnetBrName(String vnetId) {
-        return "cloudVirBr" + vnetId;
+    private String setVnetBrName(String pifName, String vnetId) {
+        String brName = "br" + pifName + "-"+ vnetId;
+        String oldStyleBrName = "cloudVirBr" + vnetId;
+
+        String cmdout = Script.runSimpleBashScript("brctl show | grep " + oldStyleBrName);
+        if (cmdout != null && cmdout.contains(oldStyleBrName)) {
+            s_logger.info("Using old style bridge name for vlan " + vnetId + " because existing bridge " + oldStyleBrName + " was found");
+            brName = oldStyleBrName;
+        }
+
+        return brName;
     }
 
     private String createVlanBr(String vlanId, String nic)
             throws InternalErrorException {
-        String brName = setVnetBrName(vlanId);
-        createVnet(vlanId, nic);
+        String brName = setVnetBrName(nic, vlanId);
+        createVnet(vlanId, nic, brName);
         return brName;
     }
 
-    private void createVnet(String vnetId, String pif)
+    private void createVnet(String vnetId, String pif, String brName)
             throws InternalErrorException {
         final Script command = new Script(_modifyVlanPath, _timeout, s_logger);
         command.add("-v", vnetId);
         command.add("-p", pif);
+        command.add("-b", brName);
         command.add("-o", "add");
 
         final String result = command.execute();
diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
index 65742d8a784..1bc70faa9d3 100755
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
@@ -44,6 +44,8 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 import java.util.Properties;
+import java.util.regex.Pattern;
+import java.util.regex.Matcher;
 import java.util.Set;
 import java.util.UUID;
 import java.util.concurrent.ConcurrentHashMap;
@@ -681,7 +683,9 @@ public class LibvirtComputingResource extends ServerResourceBase implements
         _sysvmISOPath = (String) params.get("systemvm.iso.path");
         if (_sysvmISOPath == null) {
             String[] isoPaths = { "/usr/lib64/cloud/agent/vms/systemvm.iso",
-                    "/usr/lib/cloud/agent/vms/systemvm.iso" };
+                    "/usr/lib/cloud/agent/vms/systemvm.iso",
+                    "/usr/lib64/cloud/common/vms/systemvm.iso",
+                    "/usr/lib/cloud/common/vms/systemvm.iso" };
             for (String isoPath : isoPaths) {
                 if (_storage.exists(isoPath)) {
                     _sysvmISOPath = isoPath;
@@ -775,32 +779,32 @@ public class LibvirtComputingResource extends ServerResourceBase implements
     }
 
     private void getPifs() {
-        /* get pifs from bridge */
-        String pubPif = null;
-        String privPif = null;
-        String vlan = null;
-        if (_publicBridgeName != null) {
-            pubPif = Script.runSimpleBashScript("brctl show | grep "
-                    + _publicBridgeName + " | awk '{print $4}'");
-            vlan = Script.runSimpleBashScript("ls /proc/net/vlan/" + pubPif);
-            if (vlan != null && !vlan.isEmpty()) {
-                pubPif = Script
-                        .runSimpleBashScript("grep ^Device\\: /proc/net/vlan/"
-                                + pubPif + " | awk {'print $2'}");
+        /* gather all available bridges and find their pifs, so that we can match them against traffic labels later */
+        String cmdout = Script.runSimpleBashScript("brctl show | tail -n +2 | grep -v \"^\\s\"|awk '{print $1}'|sed '{:q;N;s/\\n/%/g;t q}'");
+        s_logger.debug("cmdout was " + cmdout);
+        List bridges = Arrays.asList(cmdout.split("%"));
+        for (String bridge : bridges) {
+            s_logger.debug("looking for pif for bridge " + bridge);
+            String pif = getPif(bridge);
+            if(_publicBridgeName != null && bridge.equals(_publicBridgeName)){
+                _pifs.put("public", pif);
+            } else if (_guestBridgeName != null) {
+                _pifs.put("private", pif);
             }
+            _pifs.put(bridge, pif);
         }
-        if (_guestBridgeName != null) {
-            privPif = Script.runSimpleBashScript("brctl show | grep "
-                    + _guestBridgeName + " | awk '{print $4}'");
-            vlan = Script.runSimpleBashScript("ls /proc/net/vlan/" + privPif);
-            if (vlan != null && !vlan.isEmpty()) {
-                privPif = Script
-                        .runSimpleBashScript("grep ^Device\\: /proc/net/vlan/"
-                                + privPif + " | awk {'print $2'}");
-            }
+        s_logger.debug("done looking for pifs, no more bridges");
+    }
+
+    private String getPif(String bridge) {
+        String pif = Script.runSimpleBashScript("brctl show | grep " + bridge + " | awk '{print $4}'");
+        String vlan = Script.runSimpleBashScript("ls /proc/net/vlan/" + pif);
+
+        if (vlan != null && !vlan.isEmpty()) {
+                pif = Script.runSimpleBashScript("grep ^Device\\: /proc/net/vlan/" + pif + " | awk {'print $2'}");
         }
-        _pifs.put("private", privPif);
-        _pifs.put("public", pubPif);
+
+        return pif;
     }
 
     private boolean checkNetwork(String networkName) {
@@ -2626,11 +2630,15 @@ public class LibvirtComputingResource extends ServerResourceBase implements
         File sshKeysDir = new File(_SSHKEYSPATH);
         String result = null;
         if (!sshKeysDir.exists()) {
-            sshKeysDir.mkdir();
             // Change permissions for the 700
-            Script script = new Script("chmod", _timeout, s_logger);
-            script.add("700", _SSHKEYSPATH);
+            Script script = new Script("mkdir", _timeout, s_logger);
+            script.add("-m","700");
+            script.add(_SSHKEYSPATH);
             script.execute();
+            
+            if(!sshKeysDir.exists()) {
+                s_logger.debug("failed to create directory " + _SSHKEYSPATH);
+            }
         }
 
         File pubKeyFile = new File(_SSHPUBKEYPATH);
@@ -3908,7 +3916,18 @@ public class LibvirtComputingResource extends ServerResourceBase implements
     }
 
     private String getVnetIdFromBrName(String vnetBrName) {
-        return vnetBrName.replaceAll("cloudVirBr", "");
+        if (vnetBrName.contains("cloudVirBr")) {
+            return vnetBrName.replaceAll("cloudVirBr", "");
+        } else {
+            Pattern r = Pattern.compile("-(\\d+)$");
+            Matcher m = r.matcher(vnetBrName);
+            if(m.group(1) != null || !m.group(1).isEmpty()) {
+                return m.group(1);
+            } else {
+                s_logger.debug("unable to get a vlan ID from name " + vnetBrName);
+                return "";
+            }
+        }
     }
 
     private void cleanupVMNetworks(Connect conn, List nics) {
@@ -4285,7 +4304,7 @@ public class LibvirtComputingResource extends ServerResourceBase implements
 
     /* online snapshot supported by enhanced qemu-kvm */
     private boolean isSnapshotSupported() {
-        String result = executeBashScript("qemu-img --help|grep convert |grep snapshot");
+        String result = executeBashScript("qemu-img --help|grep convert");
         if (result != null) {
             return false;
         } else {
diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStoragePoolManager.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStoragePoolManager.java
index 8246a5c8c81..2c0e0ac9b6f 100644
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStoragePoolManager.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/KVMStoragePoolManager.java
@@ -49,7 +49,7 @@ public class KVMStoragePoolManager {
     }
 
     public KVMStoragePool getStoragePoolByURI(String uri) {
-        return this._storageAdaptor.getStoragePoolByUri(uri);
+        return this._storageAdaptor.getStoragePoolByURI(uri);
     }
 
     public KVMStoragePool createStoragePool(String name, String host, int port, String path,
diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
index d6236a0d603..059073f4f69 100644
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/LibvirtStorageAdaptor.java
@@ -101,81 +101,6 @@ public class LibvirtStorageAdaptor implements StorageAdaptor {
         return pool.storageVolCreateXML(volDef.toString(), 0);
     }
 
-    public StoragePool getStoragePoolbyURI(Connect conn, URI uri)
-            throws LibvirtException {
-        String sourcePath;
-        String uuid;
-        String sourceHost = "";
-        String protocal;
-        if (uri.getScheme().equalsIgnoreCase("local")) {
-            sourcePath = _mountPoint + File.separator
-                    + uri.toString().replace("local:///", "");
-            sourcePath = sourcePath.replace("//", "/");
-            uuid = UUID.nameUUIDFromBytes(new String(sourcePath).getBytes())
-                    .toString();
-            protocal = "DIR";
-        } else {
-            sourcePath = uri.getPath();
-            sourcePath = sourcePath.replace("//", "/");
-            sourceHost = uri.getHost();
-            uuid = UUID.nameUUIDFromBytes(
-                    new String(sourceHost + sourcePath).getBytes()).toString();
-            protocal = "NFS";
-        }
-
-        String targetPath = _mountPoint + File.separator + uuid;
-        StoragePool sp = null;
-        try {
-            sp = conn.storagePoolLookupByUUIDString(uuid);
-        } catch (LibvirtException e) {
-        }
-
-        if (sp == null) {
-            try {
-                LibvirtStoragePoolDef spd = null;
-                if (protocal.equalsIgnoreCase("NFS")) {
-                    _storageLayer.mkdir(targetPath);
-                    spd = new LibvirtStoragePoolDef(poolType.NETFS, uuid, uuid,
-                            sourceHost, sourcePath, targetPath);
-                    s_logger.debug(spd.toString());
-                    // addStoragePool(uuid);
-
-                } else if (protocal.equalsIgnoreCase("DIR")) {
-                    _storageLayer.mkdir(targetPath);
-                    spd = new LibvirtStoragePoolDef(poolType.DIR, uuid, uuid,
-                            null, null, sourcePath);
-                }
-
-                synchronized (getStoragePool(uuid)) {
-                    sp = conn.storagePoolDefineXML(spd.toString(), 0);
-                    if (sp == null) {
-                        s_logger.debug("Failed to define storage pool");
-                        return null;
-                    }
-                    sp.create(0);
-                }
-
-                return sp;
-            } catch (LibvirtException e) {
-                try {
-                    if (sp != null) {
-                        sp.undefine();
-                        sp.free();
-                    }
-                } catch (LibvirtException l) {
-
-                }
-                throw e;
-            }
-        } else {
-            StoragePoolInfo spi = sp.getInfo();
-            if (spi.state != StoragePoolState.VIR_STORAGE_POOL_RUNNING) {
-                sp.create(0);
-            }
-            return sp;
-        }
-    }
-
     public void storagePoolRefresh(StoragePool pool) {
         try {
             synchronized (getStoragePool(pool.getUUIDString())) {
@@ -199,7 +124,7 @@ public class LibvirtStorageAdaptor implements StorageAdaptor {
             sp.create(0);
             return sp;
         } catch (LibvirtException e) {
-            s_logger.debug(e.toString());
+            s_logger.error(e.toString());
             if (sp != null) {
                 try {
                     sp.undefine();
@@ -213,10 +138,11 @@ public class LibvirtStorageAdaptor implements StorageAdaptor {
         }
     }
 
-    private StoragePool CreateSharedStoragePool(Connect conn, String uuid,
+    private StoragePool createSharedStoragePool(Connect conn, String uuid,
             String host, String path) {
         String mountPoint = path;
         if (!_storageLayer.exists(mountPoint)) {
+            s_logger.error(mountPoint + " does not exists. Check local.storage.path in agent.properties.");
             return null;
         }
         LibvirtStoragePoolDef spd = new LibvirtStoragePoolDef(poolType.DIR,
@@ -229,7 +155,7 @@ public class LibvirtStorageAdaptor implements StorageAdaptor {
 
             return sp;
         } catch (LibvirtException e) {
-            s_logger.debug(e.toString());
+            s_logger.error(e.toString());
             if (sp != null) {
                 try {
                     sp.undefine();
@@ -259,7 +185,7 @@ public class LibvirtStorageAdaptor implements StorageAdaptor {
             sp.create(0);
             return sp;
         } catch (LibvirtException e) {
-            s_logger.debug(e.toString());
+            s_logger.error(e.toString());
             if (sp != null) {
                 try {
                     sp.undefine();
@@ -293,7 +219,7 @@ public class LibvirtStorageAdaptor implements StorageAdaptor {
                 s = conn.secretDefineXML(sd.toString());
                 s.setValue(Base64.decodeBase64(userInfoTemp[1]));
             } catch (LibvirtException e) {
-                s_logger.debug(e.toString());
+                s_logger.error(e.toString());
                 if (s != null) {
                     try {
                         s.undefine();
@@ -367,32 +293,6 @@ public class LibvirtStorageAdaptor implements StorageAdaptor {
         return parser.parseStorageVolumeXML(volDefXML);
     }
 
-    public StorageVol getVolumeFromURI(Connect conn, String volPath)
-            throws LibvirtException, URISyntaxException {
-        int index = volPath.lastIndexOf("/");
-        URI volDir = null;
-        StoragePool sp = null;
-        StorageVol vol = null;
-        try {
-            volDir = new URI(volPath.substring(0, index));
-            String volName = volPath.substring(index + 1);
-            sp = getStoragePoolbyURI(conn, volDir);
-            vol = sp.storageVolLookupByName(volName);
-            return vol;
-        } catch (LibvirtException e) {
-            s_logger.debug("Faild to get vol path: " + e.toString());
-            throw e;
-        } finally {
-            try {
-                if (sp != null) {
-                    sp.free();
-                }
-            } catch (LibvirtException e) {
-
-            }
-        }
-    }
-
     public StoragePool createFileBasedStoragePool(Connect conn,
             String localStoragePath, String uuid) {
         if (!(_storageLayer.exists(localStoragePath) && _storageLayer
@@ -550,7 +450,7 @@ public class LibvirtStorageAdaptor implements StorageAdaptor {
                 sp = createNfsStoragePool(conn, name, host, path);
             } else if (type == StoragePoolType.SharedMountPoint
                     || type == StoragePoolType.Filesystem) {
-                sp = CreateSharedStoragePool(conn, name, host, path);
+                sp = createSharedStoragePool(conn, name, host, path);
             } else if (type == StoragePoolType.RBD) {
                 sp = createRBDStoragePool(conn, name, host, port, userInfo, path);
             } else if (type == StoragePoolType.CLVM) {
@@ -820,7 +720,7 @@ public class LibvirtStorageAdaptor implements StorageAdaptor {
     }
 
     @Override
-    public KVMStoragePool getStoragePoolByUri(String uri) {
+    public KVMStoragePool getStoragePoolByURI(String uri) {
         URI storageUri = null;
 
         try {
@@ -837,11 +737,12 @@ public class LibvirtStorageAdaptor implements StorageAdaptor {
             sourcePath = storageUri.getPath();
             sourcePath = sourcePath.replace("//", "/");
             sourceHost = storageUri.getHost();
-            uuid = UUID.randomUUID().toString();
+            uuid = UUID.nameUUIDFromBytes(
+                    new String(sourceHost + sourcePath).getBytes()).toString();
             protocal = StoragePoolType.NetworkFilesystem;
         }
 
-            return createStoragePool(uuid, sourceHost, 0, sourcePath, "", protocal);
+        return createStoragePool(uuid, sourceHost, 0, sourcePath, "", protocal);
     }
 
     @Override
diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/StorageAdaptor.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/StorageAdaptor.java
index ec103322cf1..ef1e7c9302a 100644
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/StorageAdaptor.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/storage/StorageAdaptor.java
@@ -55,7 +55,7 @@ public interface StorageAdaptor {
     public KVMPhysicalDisk createDiskFromSnapshot(KVMPhysicalDisk snapshot,
             String snapshotName, String name, KVMStoragePool destPool);
 
-    public KVMStoragePool getStoragePoolByUri(String uri);
+    public KVMStoragePool getStoragePoolByURI(String uri);
 
     public KVMPhysicalDisk getPhysicalDiskFromURI(String uri);
 
diff --git a/plugins/hypervisors/ovm/pom.xml b/plugins/hypervisors/ovm/pom.xml
index a8b23d0b943..5700c14d4eb 100644
--- a/plugins/hypervisors/ovm/pom.xml
+++ b/plugins/hypervisors/ovm/pom.xml
@@ -16,15 +16,21 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-plugin-hypervisor-ovm
   Apache CloudStack Plugin - Hypervisor OracleVM
   
     org.apache.cloudstack
     cloudstack-plugins
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
+  
+    
+      org.apache.cloudstack
+      xapi
+      ${cs.xapi.version}
+        
+    
 
diff --git a/plugins/hypervisors/vmware/pom.xml b/plugins/hypervisors/vmware/pom.xml
index 435ae38b847..81d8dc1dd4f 100644
--- a/plugins/hypervisors/vmware/pom.xml
+++ b/plugins/hypervisors/vmware/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-plugin-hypervisor-vmware
   Apache CloudStack Plugin - Hypervisor VMware
   
     org.apache.cloudstack
     cloudstack-plugins
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
   
@@ -33,5 +32,23 @@
       cloud-vmware-base
       ${project.version}
     
+    
+      com.cloud.com.vmware
+      vmware-vim
+      1.0
+      provided
+    
+    
+      com.cloud.com.vmware
+      vmware-vim25
+      1.0
+      provided
+    
+    
+      com.cloud.com.vmware
+      vmware-apputils
+      1.0
+      provided
+        
   
 
diff --git a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/manager/VmwareManagerImpl.java b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/manager/VmwareManagerImpl.java
index 205fb26f09d..64ded51b453 100755
--- a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/manager/VmwareManagerImpl.java
+++ b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/manager/VmwareManagerImpl.java
@@ -230,25 +230,31 @@ public class VmwareManagerImpl implements VmwareManager, VmwareStorageMount, Lis
         _privateNetworkVSwitchName = configDao.getValue(Config.VmwarePrivateNetworkVSwitch.key());
 
         if (_privateNetworkVSwitchName == null) {
-            _privateNetworkVSwitchName = "vSwitch0";
-        } else {
-            _privateNetworkVSwitchName = "privateEthernetPortProfile";
+            if (_nexusVSwitchActive) {
+                _privateNetworkVSwitchName = "privateEthernetPortProfile";
+            } else {
+                _privateNetworkVSwitchName = "vSwitch0";
+            }
         }
 
         _publicNetworkVSwitchName = configDao.getValue(Config.VmwarePublicNetworkVSwitch.key());
 
         if (_publicNetworkVSwitchName == null) {
-            _publicNetworkVSwitchName = "vSwitch0";
-        } else {
-            _publicNetworkVSwitchName = "publicEthernetPortProfile";
+            if (_nexusVSwitchActive) {
+                _publicNetworkVSwitchName = "publicEthernetPortProfile";
+            } else {
+                _publicNetworkVSwitchName = "vSwitch0";
+            }
         }
 
         _guestNetworkVSwitchName = configDao.getValue(Config.VmwareGuestNetworkVSwitch.key());
 
         if (_guestNetworkVSwitchName == null) {
-            _guestNetworkVSwitchName = "vSwitch0";
-        } else {
-            _guestNetworkVSwitchName = "guestEthernetPortProfile";
+            if (_nexusVSwitchActive) {
+                _guestNetworkVSwitchName = "guestEthernetPortProfile";
+            } else {
+                _guestNetworkVSwitchName = "vSwitch0";
+            }
         }
 
         _serviceConsoleName = configDao.getValue(Config.VmwareServiceConsole.key());
@@ -658,9 +664,9 @@ public class VmwareManagerImpl implements VmwareManager, VmwareStorageMount, Lis
         File file = new File(url.getFile());
         File isoFile = new File(file.getParent() + "/vms/systemvm.iso");
         if (!isoFile.exists()) {
-            isoFile = new File("/usr/lib64/cloud/agent/" + "/vms/systemvm.iso");
+            isoFile = new File("/usr/lib64/cloud/common/" + "/vms/systemvm.iso");
             if (!isoFile.exists()) {
-                isoFile = new File("/usr/lib/cloud/agent/" + "/vms/systemvm.iso");
+                isoFile = new File("/usr/lib/cloud/common/" + "/vms/systemvm.iso");
             }
         }
         return isoFile;
@@ -673,9 +679,9 @@ public class VmwareManagerImpl implements VmwareManager, VmwareStorageMount, Lis
 
         File keyFile = new File(file.getParent(), "/scripts/vm/systemvm/id_rsa.cloud");
         if (!keyFile.exists()) {
-            keyFile = new File("/usr/lib64/cloud/agent" + "/scripts/vm/systemvm/id_rsa.cloud");
+            keyFile = new File("/usr/lib64/cloud/common" + "/scripts/vm/systemvm/id_rsa.cloud");
             if (!keyFile.exists()) {
-                keyFile = new File("/usr/lib/cloud/agent" + "/scripts/vm/systemvm/id_rsa.cloud");
+                keyFile = new File("/usr/lib/cloud/common" + "/scripts/vm/systemvm/id_rsa.cloud");
             }
         }
         return keyFile;
diff --git a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
index 1fa14fa1e5b..0b0f285a960 100755
--- a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
+++ b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
@@ -250,9 +250,6 @@ import com.vmware.vim25.VirtualMachineGuestOsIdentifier;
 import com.vmware.vim25.VirtualMachinePowerState;
 import com.vmware.vim25.VirtualMachineRuntimeInfo;
 import com.vmware.vim25.VirtualSCSISharing;
-import com.xensource.xenapi.Connection;
-import com.xensource.xenapi.VIF;
-import com.xensource.xenapi.VM;
 
 public class VmwareResource implements StoragePoolResource, ServerResource, VmwareHostService {
     private static final Logger s_logger = Logger.getLogger(VmwareResource.class);
@@ -936,7 +933,7 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa
             int ethDeviceNum = findRouterEthDeviceIndex(domrName, routerIp, nic.getMac());
             s_logger.info("find interface index. routerIp: " + routerIp + ", mac: " + nic.getMac() + ", index: " + ethDeviceNum);
 
-            String args = "-C ";
+            String args =(cmd.isAdd()?"-C":"-D");
             String dev = "eth" + ethDeviceNum;
             args += " -d " + dev;
             args += " -i " + domrGIP;
@@ -4558,12 +4555,12 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa
 
         try {
             if (s_logger.isTraceEnabled()) {
-                s_logger.trace("Executing /root/netusage.sh " + args + " on DomR " + privateIpAddress);
+                s_logger.trace("Executing /opt/cloud/bin/netusage.sh " + args + " on DomR " + privateIpAddress);
             }
 
             VmwareManager mgr = getServiceContext().getStockObject(VmwareManager.CONTEXT_STOCK_NAME);
 
-            Pair result = SshHelper.sshExecute(privateIpAddress, DEFAULT_DOMR_SSHPORT, "root", mgr.getSystemVMKeyFile(), null, "/root/netusage.sh " + args);
+            Pair result = SshHelper.sshExecute(privateIpAddress, DEFAULT_DOMR_SSHPORT, "root", mgr.getSystemVMKeyFile(), null, "/opt/cloud/bin/netusage.sh " + args);
 
             if (!result.first()) {
                 return null;
diff --git a/plugins/hypervisors/vmware/src/com/cloud/storage/resource/VmwareSecondaryStorageContextFactory.java b/plugins/hypervisors/vmware/src/com/cloud/storage/resource/VmwareSecondaryStorageContextFactory.java
index fce66a97539..fc298c895c8 100644
--- a/plugins/hypervisors/vmware/src/com/cloud/storage/resource/VmwareSecondaryStorageContextFactory.java
+++ b/plugins/hypervisors/vmware/src/com/cloud/storage/resource/VmwareSecondaryStorageContextFactory.java
@@ -17,6 +17,7 @@
 package com.cloud.storage.resource;
 
 import java.util.HashMap;
+import java.util.Iterator;
 import java.util.Map;
 
 import com.cloud.hypervisor.vmware.util.VmwareContext;
@@ -60,10 +61,11 @@ public class VmwareSecondaryStorageContextFactory {
 	
 	public static void invalidate(VmwareContext context) {
 		synchronized(s_contextMap) {
-			for(Map.Entry entry : s_contextMap.entrySet()) {
-				if(entry.getValue() == context) {
-					s_contextMap.remove(entry.getKey());
-				}
+            for(Iterator> entryIter = s_contextMap.entrySet().iterator(); entryIter.hasNext();) {
+                Map.Entry entry = entryIter.next();
+                if(entry.getValue() == context) {
+                    entryIter.remove();
+                }
 			}
 		}
 		
diff --git a/plugins/hypervisors/xen/pom.xml b/plugins/hypervisors/xen/pom.xml
index bf38e47adfa..959c972e080 100644
--- a/plugins/hypervisors/xen/pom.xml
+++ b/plugins/hypervisors/xen/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-plugin-hypervisor-xen
   Apache CloudStack Plugin - Hypervisor Xen
   
     org.apache.cloudstack
     cloudstack-plugins
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
   
@@ -33,5 +32,16 @@
       cloud-plugin-network-ovs
       ${project.version}
     
+    
+      org.apache.cloudstack
+      xapi
+      ${cs.xapi.version}
+      
+        
+          junit
+          junit
+        
+      
+        
   
 
diff --git a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
index 5c4db2b45fb..d2db85c8597 100644
--- a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
+++ b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
@@ -7359,7 +7359,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
                 return new SetupGuestNetworkAnswer(cmd, false, "Can not find vif with mac " + mac + " for VM " + domrName);
             }
 
-            String args = "vpc_guestnw.sh " + domrIP + " -C";
+            String args = "vpc_guestnw.sh " + domrIP + (cmd.isAdd()?" -C":" -D");
             String dev = "eth" + domrVif.getDevice(conn);
             args += " -d " + dev;
             args += " -i " + domrGIP;
diff --git a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/XcpOssResource.java b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/XcpOssResource.java
index d4260c72930..0a1064707b1 100644
--- a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/XcpOssResource.java
+++ b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/XcpOssResource.java
@@ -74,7 +74,11 @@ public class XcpOssResource extends CitrixResourceBase {
     
     @Override
     protected String getGuestOsType(String stdType, boolean bootFromCD) {
-        return CitrixHelper.getXcpGuestOsType(stdType);
+    	if (stdType.equalsIgnoreCase("Debian GNU/Linux 6(64-bit)")) {
+    		return "Debian Squeeze 6.0 (64-bit)";
+    	} else {
+    		return CitrixHelper.getXcpGuestOsType(stdType);
+    	}
     }
     
     protected VBD createPatchVbd(Connection conn, String vmName, VM vm) throws XmlRpcException, XenAPIException {
diff --git a/plugins/network-elements/elastic-loadbalancer/pom.xml b/plugins/network-elements/elastic-loadbalancer/pom.xml
index c1ab2c56664..dac500d8fd2 100644
--- a/plugins/network-elements/elastic-loadbalancer/pom.xml
+++ b/plugins/network-elements/elastic-loadbalancer/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-plugin-network-elb
   Apache CloudStack Plugin - Network Elastic Load Balancer
   
     org.apache.cloudstack
     cloudstack-plugins
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
 
diff --git a/plugins/network-elements/f5/pom.xml b/plugins/network-elements/f5/pom.xml
index 0cba48cdfcf..bf40332cfbb 100644
--- a/plugins/network-elements/f5/pom.xml
+++ b/plugins/network-elements/f5/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-plugin-network-f5
   Apache CloudStack Plugin - F5
   
     org.apache.cloudstack
     cloudstack-plugins
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
   
diff --git a/plugins/network-elements/juniper-srx/pom.xml b/plugins/network-elements/juniper-srx/pom.xml
index 38a2b550c7e..6040720da6e 100644
--- a/plugins/network-elements/juniper-srx/pom.xml
+++ b/plugins/network-elements/juniper-srx/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-plugin-network-srx
   Apache CloudStack Plugin - Juniper SRX
   
     org.apache.cloudstack
     cloudstack-plugins
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
   
diff --git a/plugins/network-elements/netscaler/pom.xml b/plugins/network-elements/netscaler/pom.xml
index 377e6e0f228..b11009d8b1a 100644
--- a/plugins/network-elements/netscaler/pom.xml
+++ b/plugins/network-elements/netscaler/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-plugin-network-netscaler
   Apache CloudStack Plugin - Network Netscaler
   
     org.apache.cloudstack
     cloudstack-plugins
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
   
diff --git a/plugins/network-elements/nicira-nvp/pom.xml b/plugins/network-elements/nicira-nvp/pom.xml
index 37c3a3a6ecd..70f85607e4a 100644
--- a/plugins/network-elements/nicira-nvp/pom.xml
+++ b/plugins/network-elements/nicira-nvp/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-plugin-network-nvp
   Apache CloudStack Plugin - Network Nicira NVP
   
     org.apache.cloudstack
     cloudstack-plugins
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
 
diff --git a/plugins/network-elements/ovs/pom.xml b/plugins/network-elements/ovs/pom.xml
index 02d455c2b54..ab7ffab8465 100644
--- a/plugins/network-elements/ovs/pom.xml
+++ b/plugins/network-elements/ovs/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-plugin-network-ovs
   Apache CloudStack Plugin - Open vSwitch
   
     org.apache.cloudstack
     cloudstack-plugins
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
 
diff --git a/plugins/pom.xml b/plugins/pom.xml
index 206d4a1c1aa..dbdea24e17b 100644
--- a/plugins/pom.xml
+++ b/plugins/pom.xml
@@ -16,8 +16,7 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloudstack-plugins
   Apache CloudStack Plugin POM
@@ -25,11 +24,12 @@
   
     org.apache.cloudstack
     cloudstack
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
   
   
     install
     src
+    test
   
   
     deployment-planners/user-concentrated-pod
diff --git a/plugins/storage-allocators/random/pom.xml b/plugins/storage-allocators/random/pom.xml
index 6cb60cdf7ff..b476d1de49f 100644
--- a/plugins/storage-allocators/random/pom.xml
+++ b/plugins/storage-allocators/random/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-plugin-storage-allocator-random
   Apache CloudStack Plugin - Storage Allocator Random
   
     org.apache.cloudstack
     cloudstack-plugins
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
 
diff --git a/plugins/user-authenticators/ldap/pom.xml b/plugins/user-authenticators/ldap/pom.xml
index 7facc3f3307..05e9466d825 100644
--- a/plugins/user-authenticators/ldap/pom.xml
+++ b/plugins/user-authenticators/ldap/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-plugin-user-authenticator-ldap
   Apache CloudStack Plugin - User Authenticator LDAP
   
     org.apache.cloudstack
     cloudstack-plugins
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
 
diff --git a/plugins/user-authenticators/md5/pom.xml b/plugins/user-authenticators/md5/pom.xml
index 1dac92d7e3f..f358f8f1c21 100644
--- a/plugins/user-authenticators/md5/pom.xml
+++ b/plugins/user-authenticators/md5/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-plugin-user-authenticator-md5
   Apache CloudStack Plugin - User Authenticator MD5
   
     org.apache.cloudstack
     cloudstack-plugins
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
 
diff --git a/plugins/user-authenticators/plain-text/pom.xml b/plugins/user-authenticators/plain-text/pom.xml
index a4280a37d26..6406fa92489 100644
--- a/plugins/user-authenticators/plain-text/pom.xml
+++ b/plugins/user-authenticators/plain-text/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-plugin-user-authenticator-plaintext
   Apache CloudStack Plugin - User Authenticator Plain Text
   
     org.apache.cloudstack
     cloudstack-plugins
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
     ../../pom.xml
   
 
diff --git a/pom.xml b/pom.xml
index ef478a3ed11..1e3c4ca931d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -16,8 +16,7 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
 
   
@@ -28,7 +27,7 @@
 
   org.apache.cloudstack
   cloudstack
-  4.0.0-SNAPSHOT
+  4.1.0-SNAPSHOT
   pom
   Apache CloudStack
   CloudStack is an IaaS (“Infrastracture as a Service”) cloud orchestration platform.
@@ -74,7 +73,7 @@
     1.4
     1.4
     1.5.1
-    1.6.2
+    1.5.1
     1.2.8
     2.0.4
     2.4
@@ -157,6 +156,7 @@
     plugins
     awsapi
     patches
+    client
     test
   
 
@@ -184,20 +184,27 @@
           0.8
           
             0
-            true
+            false
             
+              INSTALL.md
+              **/.classpath
+              **/.project
+              **/.settings/**
+              .metadata/**
               .git/**
               .gitignore
               **/*.crt
               **/*.csr
               **/*.key
               **/authorized_keys
+              **/*.war
               **/*.mar
               **/*.jar
               **/*.iso
               **/*.tgz
               **/*.zip
               **/target/**
+              **/.vagrant
               build/build.number
               console-proxy/js/jquery.js
               debian/compat
@@ -209,52 +216,6 @@
               deps/XenServerJava/Makefile
               dist/console-proxy/js/jquery.js
               scripts/vm/systemvm/id_rsa.cloud
-              patches/systemvm/debian/xe/xen-vcpu-hotplug.rules
-              patches/systemvm/debian/xe/xe-linux-distribution.init
-              patches/systemvm/debian/systemvm.vmx
-              patches/systemvm/debian/config/etc/ssh/sshd_config
-              patches/systemvm/debian/config/etc/logrotate.d/haproxy
-              patches/systemvm/debian/config/etc/logrotate.d/dnsmasq
-              patches/systemvm/debian/config/etc/logrotate.d/apache2
-              patches/systemvm/debian/config/etc/logrotate.d/ppp
-              patches/systemvm/debian/config/etc/logrotate.d/rsyslog
-              patches/systemvm/debian/config/etc/vpcdnsmasq.conf
-              patches/systemvm/debian/config/etc/httpd/conf/httpd.conf
-              patches/systemvm/debian/config/etc/haproxy/haproxy.cfg
-              patches/systemvm/debian/config/etc/apache2/vhostexample.conf
-              patches/systemvm/debian/config/etc/apache2/sites-available/default-ssl
-              patches/systemvm/debian/config/etc/apache2/sites-available/default
-              patches/systemvm/debian/config/etc/apache2/httpd.conf
-              patches/systemvm/debian/config/etc/apache2/ports.conf
-              patches/systemvm/debian/config/etc/rsyslog.conf
-              patches/systemvm/debian/config/etc/cloud-nic.rules
-              patches/systemvm/debian/config/etc/logrotate.conf
-              patches/systemvm/debian/config/etc/init.d/postinit
-              patches/systemvm/debian/config/etc/modprobe.d/aesni_intel
-              patches/systemvm/debian/config/etc/sysctl.conf
-              patches/systemvm/debian/config/etc/dnsmasq.conf
-              patches/systemvm/debian/config/etc/rc.local
-              patches/systemvm/debian/config/root/redundant_router/heartbeat.sh.templ
-              patches/systemvm/debian/config/root/redundant_router/keepalived.conf.templ
-              patches/systemvm/debian/config/root/redundant_router/check_heartbeat.sh.templ
-              patches/systemvm/debian/config/root/redundant_router/backup.sh.templ
-              patches/systemvm/debian/config/root/redundant_router/arping_gateways.sh.templ
-              patches/systemvm/debian/config/root/redundant_router/fault.sh.templ
-              patches/systemvm/debian/config/root/redundant_router/checkrouter.sh.templ
-              patches/systemvm/debian/config/root/redundant_router/master.sh.templ
-              patches/systemvm/debian/config/root/redundant_router/conntrackd.conf.templ
-              patches/systemvm/debian/config/root/redundant_router/enable_pubip.sh.templ
-              patches/systemvm/debian/config/var/lib/misc/dnsmasq.leases
-              patches/systemvm/debian/config/var/www/html/userdata/.htaccess
-              patches/systemvm/debian/config/var/www/html/latest/.htaccess
-              patches/systemvm/debian/vpn/etc/ipsec.conf.orig
-              patches/systemvm/debian/vpn/etc/ipsec.secrets.orig
-              patches/systemvm/debian/vpn/etc/ipsec.conf
-              patches/systemvm/debian/vpn/etc/ipsec.d/l2tp.conf
-              patches/systemvm/debian/vpn/etc/ppp/options.xl2tpd
-              patches/systemvm/debian/vpn/etc/xl2tpd/xl2tpd.conf
-              patches/systemvm/debian/vpn/etc/xl2tpd/xl2tpd.conf.orig
-              patches/systemvm/debian/vpn/etc/ipsec.secrets
               tools/devcloud/basebuild/puppet-devcloudinitial/files/network.conf
               tools/devcloud/devcloud.cfg
               ui/lib/flot/jquery.colorhelpers.js
@@ -281,6 +242,35 @@
               ui/lib/qunit/qunit.js
               ui/lib/reset.css
               waf
+              patches/systemvm/debian/systemvm.vmx
+              patches/systemvm/debian/config/root/.ssh/authorized_keys
+              patches/systemvm/debian/config/etc/apache2/httpd.conf
+              patches/systemvm/debian/config/etc/apache2/ports.conf
+              patches/systemvm/debian/config/etc/apache2/sites-available/default
+              patches/systemvm/debian/config/etc/apache2/sites-available/default-ssl
+              patches/systemvm/debian/config/etc/apache2/vhostexample.conf
+              patches/systemvm/debian/config/etc/dnsmasq.conf
+              patches/systemvm/debian/config/etc/vpcdnsmasq.conf
+              patches/systemvm/debian/config/etc/ssh/sshd_config 
+              patches/systemvm/debian/config/etc/rsyslog.conf 
+              patches/systemvm/debian/config/etc/logrotate.conf
+              patches/systemvm/debian/config/etc/logrotate.d/*
+              patches/systemvm/debian/config/etc/sysctl.conf
+              patches/systemvm/debian/config/root/redundant_router/keepalived.conf.templ
+              patches/systemvm/debian/config/root/redundant_router/arping_gateways.sh.templ
+              patches/systemvm/debian/config/root/redundant_router/conntrackd.conf.templ 
+              patches/systemvm/debian/vpn/etc/ipsec.conf
+              patches/systemvm/debian/vpn/etc/ppp/options.xl2tpd
+              patches/systemvm/debian/vpn/etc/xl2tpd/xl2tpd.conf
+              patches/systemvm/debian/vpn/etc/ipsec.secrets
+              patches/systemvm/debian/config/etc/haproxy/haproxy.cfg
+              patches/systemvm/debian/config/etc/cloud-nic.rules
+              patches/systemvm/debian/config/etc/modprobe.d/aesni_intel
+              patches/systemvm/debian/config/etc/rc.local
+              patches/systemvm/debian/config/var/www/html/userdata/.htaccess
+              patches/systemvm/debian/config/var/www/html/latest/.htaccess
+              patches/systemvm/debian/vpn/etc/ipsec.d/l2tp.conf
+
             
           
         
@@ -291,8 +281,24 @@
           
             ${cs.jdk.version}
             ${cs.jdk.version}
+			true
+          	128m
+          	512m            
           
         
+      
+        org.apache.maven.plugins
+        maven-jar-plugin
+        2.4
+        
+          
+            
+              true
+              true
+            
+          
+        
+      
       
         org.codehaus.mojo
         build-helper-maven-plugin
@@ -314,18 +320,31 @@
   
 
   
-    
-      client
-      
-        client
-      
-    
+
     
       deps
       
         deps
       
     
+    
+      developer
+      
+        developer
+      
+    
+    
+      vmware
+      
+        
+          nonoss
+        
+      
+      
+        vmware-base
+      
+    
+
   
 
 
diff --git a/scripts/vm/hypervisor/xenserver/vhd-util b/scripts/vm/hypervisor/xenserver/vhd-util
deleted file mode 100755
index 46d62dd44d9..00000000000
Binary files a/scripts/vm/hypervisor/xenserver/vhd-util and /dev/null differ
diff --git a/scripts/vm/hypervisor/xenserver/vmops b/scripts/vm/hypervisor/xenserver/vmops
index e3f3e336e92..21c73ac8dc2 100755
--- a/scripts/vm/hypervisor/xenserver/vmops
+++ b/scripts/vm/hypervisor/xenserver/vmops
@@ -360,6 +360,26 @@ def createFile(session, args):
 
     return txt
 
+@echo
+def createFileInDomr(session, args):
+    file_path = args['filepath']
+    file_contents = args['filecontents']
+    domrip = args['domrip']
+    try:
+        tmpfile = util.pread2(['mktemp']).strip()
+        f = open(tmpfile, "w")
+        f.write(file_contents)
+        f.close()
+        target = "root@" + domrip + ":" + file_path
+        util.pread2(['scp','-P','3922','-q','-o','StrictHostKeyChecking=no','-i','/root/.ssh/id_rsa.cloud',tmpfile, target])
+        util.pread2(['rm',tmpfile])
+        txt = 'success'
+    except:
+        util.SMlog(" failed to create HA proxy cfg file ")
+        txt = ''
+
+    return txt
+
 @echo
 def deleteFile(session, args):
     file_path = args["filepath"]
@@ -1452,4 +1472,5 @@ if __name__ == "__main__":
                             "setLinkLocalIP":setLinkLocalIP,
                             "cleanup_rules":cleanup_rules,
                             "bumpUpPriority":bumpUpPriority,
+                            "createFileInDomr":createFileInDomr,
                             "kill_copy_process":kill_copy_process})
diff --git a/scripts/vm/network/vnet/modifyvlan.sh b/scripts/vm/network/vnet/modifyvlan.sh
index 33d697a47bd..5577825ea54 100755
--- a/scripts/vm/network/vnet/modifyvlan.sh
+++ b/scripts/vm/network/vnet/modifyvlan.sh
@@ -22,15 +22,14 @@
 # set -x
 
 usage() {
-  printf "Usage: %s: -o (add | delete) -v  -p  \n" 
+  printf "Usage: %s: -o (add | delete) -v  -p  -b \n" 
 }
 
-VIRBR=cloudVirBr
 addVlan() {
 	local vlanId=$1
 	local pif=$2
 	local vlanDev=$pif.$vlanId
-	local vlanBr=$VIRBR$vlanId
+	local vlanBr=$3
     
     vconfig set_name_type DEV_PLUS_VID_NO_PAD	
 
@@ -99,7 +98,7 @@ deleteVlan() {
 	local vlanId=$1
 	local pif=$2
 	local vlanDev=$pif.$vlanId
-	local vlanBr=$VIRBR$vlanId
+        local vlanBr=$3
 
 	vconfig rem $vlanDev > /dev/null
 	
@@ -132,7 +131,7 @@ op=
 vlanId=
 option=$@
 
-while getopts 'o:v:p:' OPTION
+while getopts 'o:v:p:b:' OPTION
 do
   case $OPTION in
   o)	oflag=1
@@ -144,6 +143,9 @@ do
   p)    pflag=1
 		pif="$OPTARG"
 		;;
+  b)    bflag=1
+                brName="$OPTARG"
+                ;;
   ?)	usage
 		exit 2
 		;;
@@ -151,7 +153,7 @@ do
 done
 
 # Check that all arguments were passed in
-if [ "$oflag$vflag$pflag" != "111" ]
+if [ "$oflag$vflag$pflag$bflag" != "1111" ]
 then
 	usage
 	exit 2
@@ -167,7 +169,7 @@ fi
 if [ "$op" == "add" ]
 then
 	# Add the vlan
-	addVlan $vlanId $pif
+	addVlan $vlanId $pif $brName
 	
 	# If the add fails then return failure
 	if [ $? -gt 0 ]
@@ -178,22 +180,9 @@ else
 	if [ "$op" == "delete" ]
 	then
 		# Delete the vlan
-		deleteVlan $vlanId $pif
+		deleteVlan $vlanId $pif $brName
 	
 		# Always exit with success
 		exit 0
 	fi
 fi
-
-
-
-
-
-
-
-
-
-
-
-
-
diff --git a/scripts/vm/systemvm/injectkeys.sh b/scripts/vm/systemvm/injectkeys.sh
index e628b16a16f..e56eb85b356 100755
--- a/scripts/vm/systemvm/injectkeys.sh
+++ b/scripts/vm/systemvm/injectkeys.sh
@@ -23,7 +23,7 @@
 
 #set -x
 
-TMP=${HOME}/tmp
+TMP=/tmp
 MOUNTPATH=${HOME}/systemvm_mnt
 TMPDIR=${TMP}/cloud/systemvm
 
@@ -80,7 +80,6 @@ systemvmpath=$3
 command -v mkisofs > /dev/null   || (echo "$(basename $0): mkisofs not found, please install or ensure PATH is accurate" ; exit 4)
 
 inject_into_iso systemvm.iso $newpubkey
-#inject_into_iso systemvm-premium.iso $newpubkey
 
 [ $? -ne 0 ] && exit 5
 
diff --git a/server/pom.xml b/server/pom.xml
index f7178d8eb0a..29922b62cb5 100644
--- a/server/pom.xml
+++ b/server/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
   4.0.0
   cloud-server
   Apache CloudStack Server
   
     org.apache.cloudstack
     cloudstack
-    4.0.0-SNAPSHOT
+    4.1.0-SNAPSHOT
   
   
     
@@ -64,10 +63,34 @@
       jstl
       ${cs.jstl.version}
     
+    
+      org.apache.cloudstack
+      cloud-utils
+      ${project.version}
+      tests
+      test
+    
+    
   
   
     install
     src
-    
+    test
+    
+      
+        test/resources
+      
+    
+    
+      
+        org.apache.maven.plugins
+        maven-surefire-plugin
+        
+          
+            com/cloud/upgrade/*
+          
+        
+      
+    
   
 
diff --git a/server/src/com/cloud/api/ApiDBUtils.java b/server/src/com/cloud/api/ApiDBUtils.java
index 712693185d1..3fac7a74a7d 100755
--- a/server/src/com/cloud/api/ApiDBUtils.java
+++ b/server/src/com/cloud/api/ApiDBUtils.java
@@ -733,6 +733,10 @@ public class ApiDBUtils {
         return _projectMgr.findByProjectAccountId(projectAccountId);
     }
     
+    public static Project findProjectByProjectAccountIdIncludingRemoved(long projectAccountId) {
+        return _projectMgr.findByProjectAccountIdIncludingRemoved(projectAccountId);
+    }
+    
     public static Project findProjectById(long projectId) {
         return _projectMgr.getProject(projectId);
     }
diff --git a/server/src/com/cloud/api/ApiResponseHelper.java b/server/src/com/cloud/api/ApiResponseHelper.java
index b20aede1f1e..2b6a31b4cca 100755
--- a/server/src/com/cloud/api/ApiResponseHelper.java
+++ b/server/src/com/cloud/api/ApiResponseHelper.java
@@ -2746,7 +2746,7 @@ public class ApiResponseHelper implements ResponseGenerator {
                 regularAccounts.add(accountName);
             } else {
                 // convert account to projectIds
-                Project project = ApiDBUtils.findProjectByProjectAccountId(account.getId());
+                Project project = ApiDBUtils.findProjectByProjectAccountIdIncludingRemoved(account.getId());
 
                 if (project.getUuid() != null && !project.getUuid().isEmpty())
                     projectIds.add(project.getUuid());
@@ -3343,7 +3343,7 @@ public class ApiResponseHelper implements ResponseGenerator {
 
         if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
             // find the project
-            Project project = ApiDBUtils.findProjectByProjectAccountId(account.getId());
+            Project project = ApiDBUtils.findProjectByProjectAccountIdIncludingRemoved(account.getId());
             response.setProjectId(project.getId());
             response.setProjectName(project.getName());
         } else {
@@ -3359,7 +3359,7 @@ public class ApiResponseHelper implements ResponseGenerator {
         Account account = ApiDBUtils.findAccountByIdIncludingRemoved(accountId);
         if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
             // find the project
-            Project project = ApiDBUtils.findProjectByProjectAccountId(account.getId());
+            Project project = ApiDBUtils.findProjectByProjectAccountIdIncludingRemoved(account.getId());
             response.setProjectId(project.getId());
             response.setProjectName(project.getName());
         } else {
@@ -3670,7 +3670,7 @@ public class ApiResponseHelper implements ResponseGenerator {
 
             if (account.getType() == Account.ACCOUNT_TYPE_PROJECT) {
                 // find the project
-                Project project = ApiDBUtils.findProjectByProjectAccountId(account.getId());
+                Project project = ApiDBUtils.findProjectByProjectAccountIdIncludingRemoved(account.getId());
                 response.setProjectId(project.getId());
                 response.setProjectName(project.getName());
             } else {
diff --git a/server/src/com/cloud/configuration/Config.java b/server/src/com/cloud/configuration/Config.java
index 764e5ee9377..dbcc97a3739 100755
--- a/server/src/com/cloud/configuration/Config.java
+++ b/server/src/com/cloud/configuration/Config.java
@@ -345,7 +345,7 @@ public enum Config {
     EIPWithMultipleNetScalersEnabled("Advanced", ManagementServer.class, Boolean.class, "eip.use.multiple.netscalers", "false", "Should be set to true, if there will be multiple NetScaler devices providing EIP service in a zone", null),
 	CustomDiskOfferingMinSize("Advanced", ManagementServer.class, Long.class, "custom.diskoffering.size.min", "1", "Minimum size in GB for custom disk offering", null),
 	CustomDiskOfferingMaxSize("Advanced", ManagementServer.class, Long.class, "custom.diskoffering.size.max", "1024", "Maximum size in GB for custom disk offering", null),
-	ConsoleProxyServiceOffering("Advanced", ManagementServer.class, Long.class, "consoleproxy.service.offering", null, "Service offering used by console proxy; if NULL - system offering will be used", null),
+	ConsoleProxyServiceOffering("Advanced", ManagementServer.class, Long.class, "consoleproxy.service.offering", null, "Uuid of the service offering used by console proxy; if NULL - system offering will be used", null),
 	SecondaryStorageServiceOffering("Advanced", ManagementServer.class, Long.class, "secstorage.service.offering", null, "Service offering used by secondary storage; if NULL - system offering will be used", null),
 	HaTag("Advanced", ManagementServer.class, String.class, "ha.tag", null, "HA tag defining that the host marked with this tag can be used for HA purposes only", null),
 	VpcCleanupInterval("Advanced", ManagementServer.class, Integer.class, "vpc.cleanup.interval", "3600", "The interval (in seconds) between cleanup for Inactive VPCs", null),
diff --git a/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java b/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
index 6de14632fc9..d7875f72ee5 100755
--- a/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
+++ b/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
@@ -21,6 +21,7 @@ import java.util.ArrayList;
 import java.util.Date;
 import java.util.Enumeration;
 import java.util.HashMap;
+import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Random;
@@ -28,6 +29,7 @@ import java.util.UUID;
 
 import javax.ejb.Local;
 import javax.naming.ConfigurationException;
+import javax.persistence.Table;
 
 import org.apache.log4j.Logger;
 
@@ -105,6 +107,7 @@ import com.cloud.resource.UnableDeleteHostException;
 import com.cloud.service.ServiceOfferingVO;
 import com.cloud.service.dao.ServiceOfferingDao;
 import com.cloud.servlet.ConsoleProxyServlet;
+import com.cloud.storage.DiskOfferingVO;
 import com.cloud.storage.StorageManager;
 import com.cloud.storage.StoragePoolStatus;
 import com.cloud.storage.StoragePoolVO;
@@ -656,6 +659,13 @@ public class ConsoleProxyManagerImpl implements ConsoleProxyManager, ConsoleProx
         assert (allocator != null);
         List runningList = _consoleProxyDao.getProxyListInStates(dataCenterId, State.Running);
         if (runningList != null && runningList.size() > 0) {
+            Iterator it = runningList.iterator();
+            while (it.hasNext()) {
+                ConsoleProxyVO proxy = it.next();
+                if(proxy.getActiveSession() >= _capacityPerProxy){
+                    it.remove();
+                }
+            }            
             if (s_logger.isTraceEnabled()) {
                 s_logger.trace("Running proxy pool size : " + runningList.size());
                 for (ConsoleProxyVO proxy : runningList) {
@@ -1184,7 +1194,11 @@ public class ConsoleProxyManagerImpl implements ConsoleProxyManager, ConsoleProx
                 }
             } else {
                 if (s_logger.isDebugEnabled()) {
-                    s_logger.debug("Zone host is ready, but console proxy template: " + template.getId() +  " is not ready on secondary storage: " + secondaryStorageHost.getId());
+                	if (secondaryStorageHost != null) {
+                		s_logger.debug("Zone host is ready, but console proxy template: " + template.getId() +  " is not ready on secondary storage: " + secondaryStorageHost.getId());
+                	} else {
+                		s_logger.debug("Zone host is ready, but console proxy template: " + template.getId() +  " is not ready on secondary storage.");
+                	}
                 }
             }
         }
@@ -1511,14 +1525,20 @@ public class ConsoleProxyManagerImpl implements ConsoleProxyManager, ConsoleProx
         //check if there is a default service offering configured
         String cpvmSrvcOffIdStr = configs.get(Config.ConsoleProxyServiceOffering.key()); 
         if (cpvmSrvcOffIdStr != null) {
-            Long cpvmSrvcOffId = Long.parseLong(cpvmSrvcOffIdStr);
-            _serviceOffering = _offeringDao.findById(cpvmSrvcOffId);
-            if (_serviceOffering == null || !_serviceOffering.getSystemUse()) {
-                String msg = "Can't find system service offering id=" + cpvmSrvcOffId + " for console proxy vm";
-                s_logger.error(msg);
-                throw new ConfigurationException(msg);
+            
+            Long cpvmSrvcOffId = null;
+            try {
+                cpvmSrvcOffId = _identityDao.getIdentityId(DiskOfferingVO.class.getAnnotation(Table.class).name(),cpvmSrvcOffIdStr);
+            } catch (Exception e) {
+                String msg = "Can't find system service offering specified by global config, uuid=" + cpvmSrvcOffIdStr + " for console proxy vm";
+                s_logger.warn(msg);
             }
-        } else {
+            if(cpvmSrvcOffId != null){
+                _serviceOffering = _offeringDao.findById(cpvmSrvcOffId);
+            }
+        } 
+
+        if(_serviceOffering == null || !_serviceOffering.getSystemUse()){
         	int ramSize = NumbersUtil.parseInt(_configDao.getValue("console.ram.size"), DEFAULT_PROXY_VM_RAMSIZE);
         	int cpuFreq = NumbersUtil.parseInt(_configDao.getValue("console.cpu.mhz"), DEFAULT_PROXY_VM_CPUMHZ);
             _serviceOffering = new ServiceOfferingVO("System Offering For Console Proxy", 1, ramSize, cpuFreq, 0, 0, false, null, useLocalStorage, true, null, true, VirtualMachine.Type.ConsoleProxy, true);
diff --git a/server/src/com/cloud/migration/Db21to22MigrationUtil.java b/server/src/com/cloud/migration/Db21to22MigrationUtil.java
index 71cc6805e8c..7cd6d7ee7ab 100755
--- a/server/src/com/cloud/migration/Db21to22MigrationUtil.java
+++ b/server/src/com/cloud/migration/Db21to22MigrationUtil.java
@@ -52,9 +52,6 @@ import com.cloud.vm.InstanceGroupVMMapVO;
 import com.cloud.vm.InstanceGroupVO;
 import com.cloud.vm.dao.InstanceGroupDao;
 import com.cloud.vm.dao.InstanceGroupVMMapDao;
-import com.xensource.xenapi.Connection;
-import com.xensource.xenapi.Pool;
-import com.xensource.xenapi.Session;
 
 public class Db21to22MigrationUtil {
     private ClusterDao _clusterDao;
diff --git a/server/src/com/cloud/network/NetworkManagerImpl.java b/server/src/com/cloud/network/NetworkManagerImpl.java
index 7a11525720d..25c0032316f 100755
--- a/server/src/com/cloud/network/NetworkManagerImpl.java
+++ b/server/src/com/cloud/network/NetworkManagerImpl.java
@@ -130,6 +130,7 @@ import com.cloud.network.dao.PhysicalNetworkTrafficTypeVO;
 import com.cloud.network.element.ConnectivityProvider;
 import com.cloud.network.element.DhcpServiceProvider;
 import com.cloud.network.element.FirewallServiceProvider;
+import com.cloud.network.element.SourceNatServiceProvider;
 import com.cloud.network.element.IpDeployer;
 import com.cloud.network.element.LoadBalancingServiceProvider;
 import com.cloud.network.element.NetworkACLServiceProvider;
@@ -137,7 +138,6 @@ import com.cloud.network.element.NetworkElement;
 import com.cloud.network.element.PortForwardingServiceProvider;
 import com.cloud.network.element.RemoteAccessVPNServiceProvider;
 import com.cloud.network.element.Site2SiteVpnServiceProvider;
-import com.cloud.network.element.SourceNatServiceProvider;
 import com.cloud.network.element.StaticNatServiceProvider;
 import com.cloud.network.element.UserDataServiceProvider;
 import com.cloud.network.element.VirtualRouterElement;
@@ -218,7 +218,6 @@ import com.cloud.vm.dao.DomainRouterDao;
 import com.cloud.vm.dao.NicDao;
 import com.cloud.vm.dao.UserVmDao;
 import com.cloud.vm.dao.VMInstanceDao;
-
 import edu.emory.mathcs.backport.java.util.Collections;
 
 /**
@@ -879,7 +878,8 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
         NetworkOffering offering = _networkOfferingDao.findById(network.getNetworkOfferingId());
         if (!offering.isConserveMode()) {
             for (PublicIp ip : ipToServices.keySet()) {
-                Set services = ipToServices.get(ip);
+                Set services = new HashSet() ;
+                services.addAll(ipToServices.get(ip));
                 if (services != null && services.contains(Service.Firewall)) {
                     services.remove(Service.Firewall);
                 }
@@ -5192,6 +5192,9 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
             } catch (NumberFormatException e) {
                 throw new InvalidParameterValueException("Please specify valid integers for the vlan range.");
             }
+            
+            //check for vnet conflicts with other physical network(s) in the zone
+            checkGuestVnetsConflicts(zoneId, vnetStart, vnetEnd, null);
 
             if ((vnetStart > vnetEnd) || (vnetStart < 0) || (vnetEnd > 4096)) {
                 s_logger.warn("Invalid vnet range: start range:" + vnetStart + " end range:" + vnetEnd);
@@ -5370,6 +5373,9 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
                 throw new InvalidParameterValueException("Vnet range has to be" + rangeMessage + " and start range should be lesser than or equal to stop range");
             }
             
+            //check if new vnet conflicts with vnet ranges of other physical networks
+            checkGuestVnetsConflicts(network.getDataCenterId(), newStartVnet, newEndVnet, network.getId());
+
             if (physicalNetworkHasAllocatedVnets(network.getDataCenterId(), network.getId())) {
                 String[] existingRange = network.getVnet().split("-");
                 int existingStartVnet = Integer.parseInt(existingRange[0]);
@@ -5414,6 +5420,24 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
         return network;
     }
 
+    protected void checkGuestVnetsConflicts(long zoneId, int newStartVnet, int newEndVnet, Long pNtwkIdToSkip) {
+        List pNtwks = _physicalNetworkDao.listByZone(zoneId);
+        for (PhysicalNetwork pNtwk : pNtwks) {
+            // skip my own network and networks that don't have vnet range set
+            if ((pNtwk.getVnet() == null || pNtwk.getVnet().isEmpty()) || (pNtwkIdToSkip != null && pNtwkIdToSkip == pNtwk.getId())) {
+                continue;
+            }
+            String[] existingRange = pNtwk.getVnet().split("-");
+            int startVnet = Integer.parseInt(existingRange[0]);
+            int endVnet = Integer.parseInt(existingRange[1]);
+            if ((newStartVnet >= startVnet && newStartVnet <= endVnet)
+                    || (newEndVnet <= endVnet && newEndVnet >= startVnet)) {
+                throw new InvalidParameterValueException("Vnet range for physical network conflicts with another " +
+                		"physical network's vnet in the zone");
+            } 
+        }
+    }
+
     private boolean physicalNetworkHasAllocatedVnets(long zoneId, long physicalNetworkId) {
         return !_dcDao.listAllocatedVnets(physicalNetworkId).isEmpty();
     }
diff --git a/server/src/com/cloud/network/rules/RulesManagerImpl.java b/server/src/com/cloud/network/rules/RulesManagerImpl.java
index 6e570099591..2383366850c 100755
--- a/server/src/com/cloud/network/rules/RulesManagerImpl.java
+++ b/server/src/com/cloud/network/rules/RulesManagerImpl.java
@@ -244,6 +244,24 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
             } else {
                 dstIp = new Ip(guestNic.getIp4Address());
             }
+            
+            //if start port and end port are passed in, and they are not equal to each other, perform the validation
+            boolean validatePortRange = false;
+            if (rule.getSourcePortStart().intValue() != rule.getSourcePortEnd().intValue() 
+                    || rule.getDestinationPortStart() != rule.getDestinationPortEnd()) {
+                validatePortRange = true;
+            }
+            
+            if (validatePortRange) {
+                //source start port and source dest port should be the same. The same applies to dest ports
+                if (rule.getSourcePortStart().intValue() != rule.getDestinationPortStart()) {
+                    throw new InvalidParameterValueException("Private port start should be equal to public port start");
+                }
+                
+                if (rule.getSourcePortEnd().intValue() != rule.getDestinationPortEnd()) {
+                    throw new InvalidParameterValueException("Private port end should be equal to public port end");
+                }
+            }
 
             Transaction txn = Transaction.currentTxn();
             txn.start();
diff --git a/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java b/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
index 1f7fbaace50..c01dc6e91fe 100755
--- a/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
+++ b/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
@@ -418,7 +418,7 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
 
     @DB
     @Override
-    public boolean applyVpnUsers(long vpnOwnerId) {
+    public boolean applyVpnUsers(long vpnOwnerId, String userName) {
         Account caller = UserContext.current().getCaller();
         Account owner = _accountDao.findById(vpnOwnerId);
         _accountMgr.checkAccess(caller, null, true, owner);
@@ -481,7 +481,7 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
                     _vpnUsersDao.remove(user.getId());
                 }
             } else {
-            	if (user.getState() == State.Add) {
+            	if (user.getState() == State.Add && (user.getUsername()).equals(userName)) {
                     Transaction txn = Transaction.currentTxn();
                     txn.start();            		
                     _vpnUsersDao.remove(user.getId());
diff --git a/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java b/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
index db678ae694c..ae0f4ec7fa1 100644
--- a/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
+++ b/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
@@ -468,12 +468,14 @@ public class Site2SiteVpnManagerImpl implements Site2SiteVpnManager, Manager {
         }
 
         checkCustomerGatewayCidrList(guestCidrList);
-        
+
         long accountId = gw.getAccountId();
-        if (_customerGatewayDao.findByGatewayIp(gatewayIp) != null) {
+        Site2SiteCustomerGatewayVO existedGw = _customerGatewayDao.findByGatewayIp(gatewayIp);
+        if (existedGw != null && existedGw.getId() != gw.getId()) {
             throw new InvalidParameterValueException("The customer gateway with ip " + gatewayIp + " already existed in the system!");
         }
-        if (_customerGatewayDao.findByNameAndAccountId(name, accountId) != null) {
+        existedGw = _customerGatewayDao.findByNameAndAccountId(name, accountId);
+        if (existedGw != null && existedGw.getId() != gw.getId()) {
             throw new InvalidParameterValueException("The customer gateway with name " + name + " already existed!");
         }
 
diff --git a/server/src/com/cloud/projects/ProjectManagerImpl.java b/server/src/com/cloud/projects/ProjectManagerImpl.java
index 73712018af2..77b778eb244 100755
--- a/server/src/com/cloud/projects/ProjectManagerImpl.java
+++ b/server/src/com/cloud/projects/ProjectManagerImpl.java
@@ -515,6 +515,11 @@ public class ProjectManagerImpl implements ProjectManager, Manager{
         return _projectDao.findByProjectAccountId(projectAccountId);
     }
     
+    @Override
+    public ProjectVO findByProjectAccountIdIncludingRemoved(long projectAccountId) {
+        return _projectDao.findByProjectAccountIdIncludingRemoved(projectAccountId);
+    }
+    
     @Override
     public Project findByNameAndDomainId(String name, long domainId) {
         return _projectDao.findByNameAndDomain(name, domainId);
diff --git a/server/src/com/cloud/projects/dao/ProjectDao.java b/server/src/com/cloud/projects/dao/ProjectDao.java
index 045d6cab063..e741f2444b3 100644
--- a/server/src/com/cloud/projects/dao/ProjectDao.java
+++ b/server/src/com/cloud/projects/dao/ProjectDao.java
@@ -31,5 +31,7 @@ public interface ProjectDao extends GenericDao {
     ProjectVO findByProjectAccountId(long projectAccountId);
 
     List listByState(Project.State state);
+    
+    ProjectVO findByProjectAccountIdIncludingRemoved(long projectAccountId);
 
 }
diff --git a/server/src/com/cloud/projects/dao/ProjectDaoImpl.java b/server/src/com/cloud/projects/dao/ProjectDaoImpl.java
index e194876a5ae..81e170a1822 100644
--- a/server/src/com/cloud/projects/dao/ProjectDaoImpl.java
+++ b/server/src/com/cloud/projects/dao/ProjectDaoImpl.java
@@ -108,4 +108,12 @@ public class ProjectDaoImpl extends GenericDaoBase implements P
         sc.setParameters("state", state);
         return listBy(sc);
     }
+    
+    @Override
+    public ProjectVO findByProjectAccountIdIncludingRemoved(long projectAccountId) {
+        SearchCriteria sc = AllFieldsSearch.create();
+        sc.setParameters("projectAccountId", projectAccountId);
+
+        return findOneIncludingRemovedBy(sc);
+    }
 }
diff --git a/server/src/com/cloud/storage/StorageManagerImpl.java b/server/src/com/cloud/storage/StorageManagerImpl.java
index 83b2846f2c8..fc6fb5bfa60 100755
--- a/server/src/com/cloud/storage/StorageManagerImpl.java
+++ b/server/src/com/cloud/storage/StorageManagerImpl.java
@@ -1503,7 +1503,10 @@ public class StorageManagerImpl implements StorageManager, Manager, ClusterManag
             s_logger.warn("Unable to find pool:" + id);
             throw new InvalidParameterValueException("Unable to find pool by id " + id);
         }
-
+        if(sPool.getStatus() != StoragePoolStatus.Maintenance){
+            s_logger.warn("Unable to delete storage id: " + id +" due to it is not in Maintenance state");
+            throw new InvalidParameterValueException("Unable to delete storage due to it is not in Maintenance state, id: " + id);           
+        }
         if (sPool.getPoolType().equals(StoragePoolType.LVM) || sPool.getPoolType().equals(StoragePoolType.EXT)) {
             s_logger.warn("Unable to delete local storage id:" + id);
             throw new InvalidParameterValueException("Unable to delete local storage id: " + id);
@@ -1545,8 +1548,6 @@ public class StorageManagerImpl implements StorageManager, Manager, ClusterManag
 
         // mark storage pool as removed (so it can't be used for new volumes creation), release the lock
         boolean isLockReleased = false;
-        sPool.setStatus(StoragePoolStatus.Removed);
-        _storagePoolDao.update(id, sPool);
         isLockReleased = _storagePoolDao.releaseFromLockTable(lock.getId());
         s_logger.trace("Released lock for storage pool " + id);
 
diff --git a/server/src/com/cloud/storage/listener/StoragePoolMonitor.java b/server/src/com/cloud/storage/listener/StoragePoolMonitor.java
index 3bb002bb70f..264b93ee0c7 100755
--- a/server/src/com/cloud/storage/listener/StoragePoolMonitor.java
+++ b/server/src/com/cloud/storage/listener/StoragePoolMonitor.java
@@ -34,6 +34,7 @@ import com.cloud.hypervisor.Hypervisor.HypervisorType;
 import com.cloud.server.ManagementService;
 import com.cloud.storage.OCFS2Manager;
 import com.cloud.storage.StorageManagerImpl;
+import com.cloud.storage.StoragePoolStatus;
 import com.cloud.storage.StoragePoolVO;
 import com.cloud.storage.Storage.StoragePoolType;
 import com.cloud.storage.dao.StoragePoolDao;
@@ -78,6 +79,9 @@ public class StoragePoolMonitor implements Listener {
 				scCmd.getHypervisorType() == HypervisorType.VMware || scCmd.getHypervisorType() ==  HypervisorType.Simulator || scCmd.getHypervisorType() == HypervisorType.Ovm) {
     			List pools = _poolDao.listBy(host.getDataCenterId(), host.getPodId(), host.getClusterId());
     			for (StoragePoolVO pool : pools) {
+    			    if (pool.getStatus() != StoragePoolStatus.Up) {
+    			        continue;
+    			    }
     			    if (!pool.getPoolType().isShared()) {
     			        continue;
     			    }
@@ -92,7 +96,7 @@ public class StoragePoolMonitor implements Listener {
     				    _storageManager.connectHostToSharedPool(hostId, pool);
     					_storageManager.createCapacityEntry(pool);
     				} catch (Exception e) {
-    				    throw new ConnectionException(true, "Unable to connect to pool " + pool, e);
+    				    s_logger.warn("Unable to connect host " + hostId + " to pool " + pool + " due to " + e.toString(), e);
     				}
     			}
     		}
diff --git a/server/src/com/cloud/storage/snapshot/SnapshotManagerImpl.java b/server/src/com/cloud/storage/snapshot/SnapshotManagerImpl.java
index 8ae8ddc4f3d..d89a6d97678 100755
--- a/server/src/com/cloud/storage/snapshot/SnapshotManagerImpl.java
+++ b/server/src/com/cloud/storage/snapshot/SnapshotManagerImpl.java
@@ -44,7 +44,6 @@ import com.cloud.api.commands.DeleteSnapshotPoliciesCmd;
 import com.cloud.api.commands.ListRecurringSnapshotScheduleCmd;
 import com.cloud.api.commands.ListSnapshotPoliciesCmd;
 import com.cloud.api.commands.ListSnapshotsCmd;
-import com.cloud.async.AsyncJobManager;
 import com.cloud.configuration.Config;
 import com.cloud.configuration.Resource.ResourceType;
 import com.cloud.configuration.dao.ConfigurationDao;
@@ -69,7 +68,6 @@ import com.cloud.host.dao.HostDao;
 import com.cloud.hypervisor.Hypervisor.HypervisorType;
 import com.cloud.org.Grouping;
 import com.cloud.projects.Project.ListProjectResourcesCriteria;
-import com.cloud.projects.ProjectManager;
 import com.cloud.resource.ResourceManager;
 import com.cloud.server.ResourceTag.TaggedResourceType;
 import com.cloud.storage.Snapshot;
@@ -105,7 +103,6 @@ import com.cloud.user.ResourceLimitService;
 import com.cloud.user.User;
 import com.cloud.user.UserContext;
 import com.cloud.user.dao.AccountDao;
-import com.cloud.user.dao.UserDao;
 import com.cloud.utils.DateUtil;
 import com.cloud.utils.DateUtil.IntervalType;
 import com.cloud.utils.NumbersUtil;
@@ -145,8 +142,6 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
     @Inject
     protected DiskOfferingDao _diskOfferingDao;
     @Inject
-    protected UserDao _userDao;
-    @Inject
     protected SnapshotDao _snapshotDao;
     @Inject
     protected StoragePoolDao _storagePoolDao;
@@ -165,8 +160,6 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
     @Inject
     protected SnapshotScheduler _snapSchedMgr;
     @Inject
-    protected AsyncJobManager _asyncMgr;
-    @Inject
     protected AccountManager _accountMgr;
     @Inject
     private AlertManager _alertMgr;
@@ -178,8 +171,6 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
     private ResourceLimitService _resourceLimitMgr;
     @Inject
     private SwiftManager _swiftMgr;
-    @Inject
-    private ProjectManager _projectMgr;
     @Inject 
     private SecondaryStorageVmManager _ssvmMgr;
     @Inject
@@ -200,43 +191,8 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
     protected SearchBuilder PolicySnapshotSearch;
     protected SearchBuilder PoliciesForSnapSearch;
 
-    private boolean isVolumeDirty(long volumeId, Long policy) {
-        VolumeVO volume = _volsDao.findById(volumeId);
-        boolean runSnap = true;
-
-        if (volume.getInstanceId() == null) {
-            long lastSnapId = _snapshotDao.getLastSnapshot(volumeId, 0);
-            SnapshotVO lastSnap = _snapshotDao.findByIdIncludingRemoved(lastSnapId);
-            if (lastSnap != null) {
-                Date lastSnapTime = lastSnap.getCreated();
-                if (lastSnapTime.after(volume.getUpdated())) {
-                    runSnap = false;
-                    s_logger.debug("Volume: " + volumeId + " is detached and last snap time is after Volume detach time. Skip snapshot for recurring policy");
-                }
-            }
-        } else if (_storageMgr.volumeInactive(volume)) {
-            // Volume is attached to a VM which is in Stopped state.
-            long lastSnapId = _snapshotDao.getLastSnapshot(volumeId, 0);
-            SnapshotVO lastSnap = _snapshotDao.findByIdIncludingRemoved(lastSnapId);
-            if (lastSnap != null) {
-                Date lastSnapTime = lastSnap.getCreated();
-                VMInstanceVO vmInstance = _vmDao.findById(volume.getInstanceId());
-                if (vmInstance != null) {
-                    if (lastSnapTime.after(vmInstance.getUpdateTime())) {
-                        runSnap = false;
-                        s_logger.debug("Volume: " + volumeId + " is inactive and last snap time is after VM update time. Skip snapshot for recurring policy");
-                    }
-                }
-            }
-        }
-        if (volume.getState() == Volume.State.Destroy || volume.getRemoved() != null) {
-            s_logger.debug("Volume: " + volumeId + " is destroyed/removed. Not taking snapshot");
-            runSnap = false;
-        }
-
-        return runSnap;
-    }
-
+    
+    
     protected Answer sendToPool(Volume vol, Command cmd) {
         StoragePool pool = _storagePoolDao.findById(vol.getPoolId());
         VMInstanceVO vm = _vmDao.findById(vol.getInstanceId());
@@ -443,20 +399,6 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
                 }
             }
 
-            //when taking snapshot, make sure nobody can delete/move the volume
-            boolean stateTransit = false;
-            /*
-            try {
-            	stateTransit = _storageMgr.stateTransitTo(volume, Volume.Event.SnapshotRequested);
-            } catch (NoTransitionException e) {
-            	s_logger.debug("Failed transit volume state: " + e.toString());
-            } finally {
-            	if (!stateTransit) {
-            		_snapshotDao.expunge(snapshotId);           		
-            		throw new CloudRuntimeException("Creating snapshot failed due to volume:" + volumeId + " is being used, try it later ");
-            	}
-            }*/
-
             snapshot = createSnapshotOnPrimary(volume, policyId, snapshotId);
             if (snapshot != null) {
                 if (snapshot.getStatus() == Snapshot.Status.CreatedOnPrimary) {
@@ -873,7 +815,6 @@ public class SnapshotManagerImpl implements SnapshotManager, SnapshotService, Ma
         Long dcId = snapshot.getDataCenterId();
         Long accountId = snapshot.getAccountId();
         Long volumeId = snapshot.getVolumeId();
-        HypervisorType hvType = snapshot.getHypervisorType();
 
         String backupOfSnapshot = snapshot.getBackupSnapshotId();
         if (backupOfSnapshot == null) {
diff --git a/server/src/com/cloud/storage/snapshot/SnapshotSchedulerImpl.java b/server/src/com/cloud/storage/snapshot/SnapshotSchedulerImpl.java
index bfc636a3153..8c099940b52 100644
--- a/server/src/com/cloud/storage/snapshot/SnapshotSchedulerImpl.java
+++ b/server/src/com/cloud/storage/snapshot/SnapshotSchedulerImpl.java
@@ -31,6 +31,7 @@ import org.apache.log4j.Logger;
 import com.cloud.api.ApiDispatcher;
 import com.cloud.api.ApiGsonHelper;
 import com.cloud.api.commands.CreateSnapshotCmd;
+import com.cloud.user.Account;
 import com.cloud.async.AsyncJobManager;
 import com.cloud.async.AsyncJobResult;
 import com.cloud.async.AsyncJobVO;
@@ -46,9 +47,7 @@ import com.cloud.storage.VolumeVO;
 import com.cloud.storage.dao.SnapshotDao;
 import com.cloud.storage.dao.SnapshotPolicyDao;
 import com.cloud.storage.dao.SnapshotScheduleDao;
-import com.cloud.storage.dao.StoragePoolHostDao;
 import com.cloud.storage.dao.VolumeDao;
-import com.cloud.user.Account;
 import com.cloud.user.User;
 import com.cloud.utils.DateUtil;
 import com.cloud.utils.DateUtil.IntervalType;
@@ -60,9 +59,7 @@ import com.cloud.utils.db.DB;
 import com.cloud.utils.db.GlobalLock;
 import com.cloud.utils.db.SearchCriteria;
 
-/**
- *
- */
+
 @Local(value={SnapshotScheduler.class})
 public class SnapshotSchedulerImpl implements SnapshotScheduler {
     private static final Logger s_logger = Logger.getLogger(SnapshotSchedulerImpl.class);
@@ -73,8 +70,6 @@ public class SnapshotSchedulerImpl implements SnapshotScheduler {
     @Inject protected SnapshotScheduleDao     _snapshotScheduleDao;
     @Inject protected SnapshotPolicyDao       _snapshotPolicyDao;
     @Inject protected AsyncJobManager         _asyncMgr;
-    @Inject protected SnapshotManager         _snapshotManager;
-    @Inject protected StoragePoolHostDao      _poolHostDao;
     @Inject protected VolumeDao               _volsDao;
 
     private static final int ACQUIRE_GLOBAL_LOCK_TIMEOUT_FOR_COOPERATION = 5;    // 5 seconds
diff --git a/server/src/com/cloud/upgrade/DatabaseUpgradeChecker.java b/server/src/com/cloud/upgrade/DatabaseUpgradeChecker.java
index cfa1bcd6cb3..4e88765aa54 100755
--- a/server/src/com/cloud/upgrade/DatabaseUpgradeChecker.java
+++ b/server/src/com/cloud/upgrade/DatabaseUpgradeChecker.java
@@ -55,6 +55,7 @@ import com.cloud.upgrade.dao.Upgrade229to2210;
 import com.cloud.upgrade.dao.Upgrade301to302;
 import com.cloud.upgrade.dao.Upgrade302to40;
 import com.cloud.upgrade.dao.Upgrade30to301;
+import com.cloud.upgrade.dao.Upgrade40to41;
 import com.cloud.upgrade.dao.UpgradeSnapshot217to224;
 import com.cloud.upgrade.dao.UpgradeSnapshot223to224;
 import com.cloud.upgrade.dao.VersionDao;
@@ -157,6 +158,8 @@ public class DatabaseUpgradeChecker implements SystemIntegrityChecker {
         _upgradeMap.put("3.0.1", new DbUpgrade[] { new Upgrade301to302(), new Upgrade302to40() });
 
         _upgradeMap.put("3.0.2", new DbUpgrade[] { new Upgrade302to40() });
+        
+        _upgradeMap.put("4.0.0", new DbUpgrade[] { new Upgrade40to41() });
     }
 
     protected void runScript(Connection conn, File file) {
diff --git a/server/src/com/cloud/upgrade/dao/Upgrade40to41.java b/server/src/com/cloud/upgrade/dao/Upgrade40to41.java
new file mode 100644
index 00000000000..5067f39d011
--- /dev/null
+++ b/server/src/com/cloud/upgrade/dao/Upgrade40to41.java
@@ -0,0 +1,83 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package com.cloud.upgrade.dao;
+
+import java.io.File;
+import java.sql.Connection;
+
+/**
+ * @author htrippaers
+ *
+ */
+public class Upgrade40to41 extends Upgrade30xBase implements DbUpgrade {
+
+	/**
+	 * 
+	 */
+	public Upgrade40to41() {
+		// TODO Auto-generated constructor stub
+	}
+
+	/* (non-Javadoc)
+	 * @see com.cloud.upgrade.dao.DbUpgrade#getUpgradableVersionRange()
+	 */
+	@Override
+	public String[] getUpgradableVersionRange() {
+		return new String[] { "4.0.0", "4.1.0" };
+	}
+
+	/* (non-Javadoc)
+	 * @see com.cloud.upgrade.dao.DbUpgrade#getUpgradedVersion()
+	 */
+	@Override
+	public String getUpgradedVersion() {
+		return "4.1.0";
+	}
+
+	/* (non-Javadoc)
+	 * @see com.cloud.upgrade.dao.DbUpgrade#supportsRollingUpgrade()
+	 */
+	@Override
+	public boolean supportsRollingUpgrade() {
+		return false;
+	}
+
+	/* (non-Javadoc)
+	 * @see com.cloud.upgrade.dao.DbUpgrade#getPrepareScripts()
+	 */
+	@Override
+	public File[] getPrepareScripts() {
+		return new File[0];
+	}
+
+	/* (non-Javadoc)
+	 * @see com.cloud.upgrade.dao.DbUpgrade#performDataMigration(java.sql.Connection)
+	 */
+	@Override
+	public void performDataMigration(Connection conn) {
+	}
+
+	/* (non-Javadoc)
+	 * @see com.cloud.upgrade.dao.DbUpgrade#getCleanupScripts()
+	 */
+	@Override
+	public File[] getCleanupScripts() {
+		return new File[0];
+	}
+
+}
diff --git a/server/src/com/cloud/user/AccountManagerImpl.java b/server/src/com/cloud/user/AccountManagerImpl.java
index fa9fafb617e..3fd0e17886e 100755
--- a/server/src/com/cloud/user/AccountManagerImpl.java
+++ b/server/src/com/cloud/user/AccountManagerImpl.java
@@ -1862,24 +1862,25 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
             }
 
             UserAccount userAccount = _userAccountDao.getUserAccount(username, domainId);
-            UserAccountVO user = _userAccountDao.findById(userAccount.getId());
-            if (user != null) {
-                if ((user.getState().toString()).equals("enabled")) {
-                    if (!isInternalAccount(user.getType())) {
+            if (userAccount != null) {
+                if (userAccount.getState().equalsIgnoreCase(Account.State.enabled.toString())) {
+                    if (!isInternalAccount(userAccount.getType())) {
                         //Internal accounts are not disabled
-                        int attemptsMade = user.getLoginAttempts() + 1;
+                        int attemptsMade = userAccount.getLoginAttempts() + 1;
                         if (attemptsMade < _allowedLoginAttempts) {
                             updateLoginAttempts(userAccount.getId(), attemptsMade, false);
                             s_logger.warn("Login attempt failed. You have " + ( _allowedLoginAttempts - attemptsMade ) + " attempt(s) remaining");
                         } else {
                             updateLoginAttempts(userAccount.getId(), _allowedLoginAttempts, true);
-                            s_logger.warn("User " + user.getUsername() + " has been disabled due to multiple failed login attempts." +
+                            s_logger.warn("User " + userAccount.getUsername() + " has been disabled due to multiple failed login attempts." +
                                     " Please contact admin.");
                         }
                     }
                 } else {
-                    s_logger.info("User " + user.getUsername() + " is disabled/locked");
+                    s_logger.info("User " + userAccount.getUsername() + " is disabled/locked");
                 }
+            } else {
+                s_logger.warn("Authentication failure: No user with name " + username + " for domainId " + domainId);
             }
             return null;
         }
@@ -2007,7 +2008,7 @@ public class AccountManagerImpl implements AccountManager, AccountService, Manag
                 if (domainId == null) {
                     domainId = caller.getDomainId();
                 }
-            } else if (domainId != null) {
+            } else if (isAdmin(caller.getType()) && domainId != null) {
                 listForDomain = true;
             } else {
                 accountId = caller.getAccountId();
diff --git a/server/src/com/cloud/vm/UserVmManagerImpl.java b/server/src/com/cloud/vm/UserVmManagerImpl.java
index 79eeb31a781..dbcbeb8bfa2 100755
--- a/server/src/com/cloud/vm/UserVmManagerImpl.java
+++ b/server/src/com/cloud/vm/UserVmManagerImpl.java
@@ -2253,12 +2253,17 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
                     throw new InvalidParameterValueException("Unable to find network by id " + networkIdList.get(0).longValue());
                 }
                 if (network.getVpcId() != null) {
-                    //Only XenServer, KVM, and VmWare hypervisors are supported for vpc networks
-                    if (!vpcSupportedHTypes.contains(template.getHypervisorType())) {
+                    //Only ISOs, XenServer, KVM, and VmWare template types are supported for vpc networks
+                    if (template.getFormat() != ImageFormat.ISO && !vpcSupportedHTypes.contains(template.getHypervisorType())) {
                         throw new InvalidParameterValueException("Can't create vm from template with hypervisor "
                                 + template.getHypervisorType() + " in vpc network " + network);
                     }
 
+                    //Only XenServer, KVM, and VMware hypervisors are supported for vpc networks
+                    if (!vpcSupportedHTypes.contains(hypervisor)) {
+                        throw new InvalidParameterValueException("Can't create vm of hypervisor type " + hypervisor + " in vpc network");
+                    }
+
                 }
                 
                 _networkMgr.checkNetworkPermissions(owner, network);
diff --git a/server/src/com/cloud/vm/VirtualMachineManagerImpl.java b/server/src/com/cloud/vm/VirtualMachineManagerImpl.java
index b20817792dd..9230f4ae729 100755
--- a/server/src/com/cloud/vm/VirtualMachineManagerImpl.java
+++ b/server/src/com/cloud/vm/VirtualMachineManagerImpl.java
@@ -1995,7 +1995,10 @@ public class VirtualMachineManagerImpl implements VirtualMachineManager, Listene
             }
             if (vm.getHostId() == null || hostId != vm.getHostId()) {
                 try {
-                    stateTransitTo(vm, VirtualMachine.Event.AgentReportMigrated, hostId);
+                    ItWorkVO workItem = _workDao.findByOutstandingWork(vm.getId(), State.Migrating);
+                    if(workItem == null){
+                        stateTransitTo(vm, VirtualMachine.Event.AgentReportMigrated, hostId);
+                    }
                 } catch (NoTransitionException e) {
                 }
             }
diff --git a/server/src/com/cloud/vm/dao/ConsoleProxyDaoImpl.java b/server/src/com/cloud/vm/dao/ConsoleProxyDaoImpl.java
index 8713a3d3af3..e0d113d3be5 100644
--- a/server/src/com/cloud/vm/dao/ConsoleProxyDaoImpl.java
+++ b/server/src/com/cloud/vm/dao/ConsoleProxyDaoImpl.java
@@ -90,7 +90,7 @@ public class ConsoleProxyDaoImpl extends GenericDaoBase im
     private static final String GET_PROXY_ACTIVE_LOAD =
     	"SELECT active_session AS count"		+
     	" FROM console_proxy" 					+
-    	" WHERE proxy_id=?";
+    	" WHERE id=?";
     
     private static final String STORAGE_POOL_HOST_INFO =
     	"SELECT p.data_center_id,  count(ph.host_id) " +
diff --git a/server/test/com/cloud/projects/MockProjectManagerImpl.java b/server/test/com/cloud/projects/MockProjectManagerImpl.java
index af81c8651a1..0fbcf9c1a1d 100644
--- a/server/test/com/cloud/projects/MockProjectManagerImpl.java
+++ b/server/test/com/cloud/projects/MockProjectManagerImpl.java
@@ -228,5 +228,11 @@ public class MockProjectManagerImpl implements ProjectManager, Manager {
         // TODO Auto-generated method stub
         return null;
     }
+    
+    @Override
+    public Project findByProjectAccountIdIncludingRemoved(long projectAccountId) {
+        return null;
+    }
+
 
 }
diff --git a/setup/apidoc/generateadmincommands.xsl b/setup/apidoc/generateadmincommands.xsl
index 73872a32102..5f576c0f887 100644
--- a/setup/apidoc/generateadmincommands.xsl
+++ b/setup/apidoc/generateadmincommands.xsl
@@ -8,7 +8,7 @@ version="1.0">
 
 
 
-CloudStack | The Power Behind Your Cloud
+Apache CloudStack | The Power Behind Your Cloud
 
 
 
@@ -39,7 +39,7 @@ version="1.0">
 				
                            		
                            		
-									CloudStack v3.0 Root Admin API Reference
+									Apache CloudStack v4.0.0 Root Admin API Reference
 								
 								

                                 

diff --git a/setup/apidoc/generatedomainadmincommands.xsl b/setup/apidoc/generatedomainadmincommands.xsl
index f7e560c7680..7d60ef2b91f 100644
--- a/setup/apidoc/generatedomainadmincommands.xsl
+++ b/setup/apidoc/generatedomainadmincommands.xsl
@@ -8,7 +8,7 @@ version="1.0">
 
 
 
-CloudStack | The Power Behind Your Cloud
+Apache CloudStack | The Power Behind Your Cloud
 
 
 
@@ -42,7 +42,7 @@ version="1.0">
 				
                            		
                            		
-									CloudStack v3.0 Domain Admin API Reference
+									Apache CloudStack v4.0.0 Domain Admin API Reference
 								
 								

                                 

diff --git a/setup/apidoc/generatetoc_header.xsl b/setup/apidoc/generatetoc_header.xsl
index 99066b563d6..ffb8c2973c1 100644
--- a/setup/apidoc/generatetoc_header.xsl
+++ b/setup/apidoc/generatetoc_header.xsl
@@ -52,7 +52,7 @@ version="1.0">
                 

                 	

               		  	
-                    	
CloudStack API Documentation (v3.0)

+                    	
Apache CloudStack API Documentation (v4.0.0)

                         

                         	

                                 
Using the CloudStack API

diff --git a/setup/apidoc/generateusercommands.xsl b/setup/apidoc/generateusercommands.xsl
index 3ec3a62c425..ca0eb1f6eaf 100644
--- a/setup/apidoc/generateusercommands.xsl
+++ b/setup/apidoc/generateusercommands.xsl
@@ -8,7 +8,7 @@ version="1.0">
 
 
 
-CloudStack | The Power Behind Your Cloud
+Apache CloudStack | The Power Behind Your Cloud
 
 
 
@@ -39,7 +39,7 @@ version="1.0">
 				
                            		
                            		
-									CloudStack v3.0 User API Reference
+									Apache CloudStack v4.0.0 User API Reference
 								
 								

                                 

diff --git a/setup/bindir/cloud-setup-databases.in b/setup/bindir/cloud-setup-databases.in
index 54c411d7f7b..040be5b06bf 100755
--- a/setup/bindir/cloud-setup-databases.in
+++ b/setup/bindir/cloud-setup-databases.in
@@ -8,9 +8,9 @@
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
 # with the License.  You may obtain a copy of the License at
-# 
+#
 #   http://www.apache.org/licenses/LICENSE-2.0
-# 
+#
 # Unless required by applicable law or agreed to in writing,
 # software distributed under the License is distributed on an
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -18,7 +18,6 @@
 # specific language governing permissions and limitations
 # under the License.
 
-
 import os
 import sys
 import subprocess
@@ -149,6 +148,7 @@ class DBDeployer(object):
             mysqlCmds.append('<')
             mysqlCmds.append(self.tmpMysqlFile)
             runCmd(mysqlCmds)
+            
         except Exception, e:
             err = '''Encountering an error when executing mysql script
 ----------------------------------------------------------------------
@@ -257,6 +257,26 @@ for full help
             self.info("Applying %s"%p)
             self.runMysql(text, p, True)
             self.info(None, True)
+            
+        awsApiDbDir = '/usr/share/cloud/setup/bridge/db'
+        for f in ["cloudbridge_db.sql"]:
+            p = os.path.join(awsApiDbDir,f)
+            if not os.path.exists(p): continue
+            text = file(p).read()
+            for t, r in replacements: text = text.replace(t,r)
+            self.info("Applying %s"%p)
+            self.runMysql(text, p, True)
+            self.info(None, True)
+
+        for f in ["cloudbridge_schema", "cloudbridge_multipart", "cloudbridge_index", "cloudbridge_multipart_alter", "cloudbridge_bucketpolicy", "cloudbridge_policy_alter",
+            "cloudbridge_offering", "cloudbridge_offering_alter"]:
+            if os.path.isfile(p):
+                p = os.path.join(awsApiDbDir,"%s.sql"%f)
+                if not os.path.exists(p): continue
+                text = file(p).read()
+                self.info("Applying %s"%p)
+                self.runMysql(text, p, True)
+                self.info(None, True)
                
     def prepareDBFiles(self):
         def prepareDBDotProperties():
diff --git a/setup/bindir/cloud-setup-encryption.in b/setup/bindir/cloud-setup-encryption.in
index f2de2ec7b99..19ad721ccbe 100755
--- a/setup/bindir/cloud-setup-encryption.in
+++ b/setup/bindir/cloud-setup-encryption.in
@@ -63,7 +63,7 @@ class DBDeployer(object):
     dbDotProperties = {}
     dbDotPropertiesIndex = 0
     encryptionKeyFile = '@MSCONF@/key'
-    encryptionJarPath = '@JAVADIR@/cloud-jasypt-1.8.jar'
+    encryptionJarPath = '@JAVADIR@/cloud-jasypt-1.8.jar:@JAVADIR@/jasypt-1.8.jar:@JAVADIR@/jasypt-1.9.0.jar'
     success = False
     magicString = 'This_is_a_magic_string_i_think_no_one_will_duplicate'
 
@@ -184,7 +184,7 @@ for example:
                         
     def processEncryptionStuff(self):
         def encrypt(input):
-            cmd = ['java','-classpath',self.encryptionJarPath,'org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI', 'encrypt.sh', 'input=%s'%input, 'password=%s'%self.mgmtsecretkey,'verbose=false']
+            cmd = ['java','-classpath',self.encryptionJarPath,'org.jasypt.intf.cli.JasyptPBEStringEncryptionCLI', 'encrypt.sh', 'input=\'%s\''%input, 'password=%s'%self.mgmtsecretkey,'verbose=false']
             return runCmd(cmd).strip('\n')
         
         def saveMgmtServerSecretKey():
diff --git a/setup/db/create-index-fk.sql b/setup/db/create-index-fk.sql
index 82284d42e2e..62674c6c798 100755
--- a/setup/db/create-index-fk.sql
+++ b/setup/db/create-index-fk.sql
@@ -93,3 +93,5 @@ ALTER TABLE `cloud`.`ssh_keypairs` ADD CONSTRAINT `fk_ssh_keypairs__account_id`
 ALTER TABLE `cloud`.`ssh_keypairs` ADD CONSTRAINT `fk_ssh_keypairs__domain_id` FOREIGN KEY `fk_ssh_keypair__domain_id` (`domain_id`) REFERENCES `domain` (`id`) ON DELETE CASCADE;
 
 ALTER TABLE `cloud`.`usage_event` ADD INDEX `i_usage_event__created`(`created`);
+
+ALTER TABLE `cloud`.`nicira_nvp_nic_map` ADD CONSTRAINT `fk_nicira_nvp_nic_map__nic` FOREIGN KEY `fk_nicira_nvp_nic_map__nic` (`nic`) REFERENCES `nics` (`uuid`) ON DELETE CASCADE;
diff --git a/setup/db/db/schema-2214to30.sql b/setup/db/db/schema-2214to30.sql
index 0b3e45431a7..60eceea447d 100755
--- a/setup/db/db/schema-2214to30.sql
+++ b/setup/db/db/schema-2214to30.sql
@@ -722,6 +722,19 @@ UPDATE `cloud`.`network_offerings` SET display_text='Offering for Shared Securit
 
 UPDATE `cloud`.`configuration` SET category = 'Secure' where name in ('alert.smtp.password', 'network.loadbalancer.haproxy.stats.auth', 'security.singlesignon.key', 'project.smtp.password');
 
+UPDATE `cloud`.`guest_os` set id = 158 where id = 141;
+UPDATE `cloud`.`guest_os` set id = 159 where id = 142;
+UPDATE `cloud`.`guest_os` set id = 160 where id = 143;
+UPDATE `cloud`.`vm_template` set guest_os_id = 158 where guest_os_id = 141;
+UPDATE `cloud`.`vm_template` set guest_os_id = 159 where guest_os_id = 142;
+UPDATE `cloud`.`vm_template` set guest_os_id = 160 where guest_os_id = 143;
+UPDATE `cloud`.`vm_instance` set guest_os_id = 158 where guest_os_id = 141;
+UPDATE `cloud`.`vm_instance` set guest_os_id = 159 where guest_os_id = 142;
+UPDATE `cloud`.`vm_instance` set guest_os_id = 160 where guest_os_id = 143;
+UPDATE `cloud`.`guest_os_hypervisor` set guest_os_id = 158 where guest_os_id = 141;
+UPDATE `cloud`.`guest_os_hypervisor` set guest_os_id = 159 where guest_os_id = 142;
+UPDATE `cloud`.`guest_os_hypervisor` set guest_os_id = 160 where guest_os_id = 143;
+
 
 
 INSERT IGNORE INTO `cloud`.`guest_os` (id, category_id, display_name) VALUES (143, 1, 'CentOS 6.0 (32-bit)');
@@ -748,3 +761,6 @@ UPDATE `cloud`.`networks` n  SET n.display_text=(CONCAT('guestNetworkForBasicZon
 UPDATE `cloud`.`configuration` SET description='Bypass internal dns, use exetrnal dns1 and dns2' WHERE name='use.external.dns';
 UPDATE `cloud`.`configuration` SET category='Alert' WHERE name='capacity.check.period';
 UPDATE `cloud`.`vm_instance` SET vnc_password = '' where removed is not null;
+DELETE FROM `cloud`.`host_details` where name in ('storage.network.device1', 'storage.network.device2');
+UPDATE `cloud`.`configuration` SET category = 'Hidden' where name in ('secondary.storage.vm', 'xen.create.pools.in.pod', 'cloud.identifier', 'security.hash.key', 'router.ram.size');
+DELETE FROM `cloud`.`host_details` where name in ('storage.network.device1', 'storage.network.device2');
diff --git a/setup/db/db/schema-301to302.sql b/setup/db/db/schema-301to302.sql
index 595ce1974b5..f33fcb436d8 100755
--- a/setup/db/db/schema-301to302.sql
+++ b/setup/db/db/schema-301to302.sql
@@ -60,3 +60,5 @@ INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'manag
 INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', 'vmware.reserve.mem', 'false', 'Specify whether or not to reserve memory based on memory overprovisioning factor');
 
 UPDATE `cloud`.`storage_pool` SET removed=now() WHERE path='lvm' AND id NOT IN (select pool_id from storage_pool_host_ref);
+
+UPDATE `cloud`.`user` SET PASSWORD=RAND() WHERE id=1;
diff --git a/setup/db/db/schema-302to40.sql b/setup/db/db/schema-302to40.sql
index 091615624a2..0c4efa33025 100644
--- a/setup/db/db/schema-302to40.sql
+++ b/setup/db/db/schema-302to40.sql
@@ -474,4 +474,6 @@ INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Network', 'DEFAULT', 'manage
 INSERT IGNORE INTO `cloud`.`guest_os_category` VALUES ('11','None',NULL); 
 ALTER TABLE `cloud`.`user` ADD COLUMN `incorrect_login_attempts` integer unsigned NOT NULL DEFAULT '0';
 INSERT IGNORE INTO `cloud`.`configuration` VALUES ('Advanced', 'DEFAULT', 'management-server', 'incorrect.login.attempts.allowed', '5', 'Incorrect login attempts allowed before the user is disabled');
+UPDATE `cloud`.`configuration` set description ='Uuid of the service offering used by console proxy; if NULL - system offering will be used' where name ='consoleproxy.service.offering';
 
+UPDATE `cloud`.`user` SET PASSWORD=RAND() WHERE id=1;
diff --git a/setup/db/db/schema-30to301.sql b/setup/db/db/schema-30to301.sql
index 615d7930481..0cc51e7d08f 100755
--- a/setup/db/db/schema-30to301.sql
+++ b/setup/db/db/schema-30to301.sql
@@ -33,3 +33,5 @@ ALTER TABLE `cloud_usage`.`account` ADD CONSTRAINT `uc_account__uuid` UNIQUE (`u
 ALTER TABLE `cloud`.`host` ALTER COLUMN `resource_state` SET DEFAULT 'Enabled';
 
 ALTER TABLE `cloud`.`physical_network_service_providers` ADD COLUMN `removed` datetime COMMENT 'date removed if not null';
+
+UPDATE `cloud`.`user` SET PASSWORD=RAND() WHERE id=1;
diff --git a/test/pom.xml b/test/pom.xml
index f70a89f825a..4507e8cc916 100644
--- a/test/pom.xml
+++ b/test/pom.xml
@@ -16,15 +16,14 @@
   specific language governing permissions and limitations
   under the License.
 -->
-
+
     4.0.0
     cloud-testclient
     Apache CloudStack Test
     
         org.apache.cloudstack
         cloudstack
-        4.0.0-SNAPSHOT
+        4.1.0-SNAPSHOT
     
     
         
diff --git a/test/scripts/wget.exe b/test/scripts/wget.exe
deleted file mode 100644
index 1b15a04242a..00000000000
Binary files a/test/scripts/wget.exe and /dev/null differ
diff --git a/test/setup-test-data.sh b/test/setup-test-data.sh
index 732d5937efd..a0e78de339f 100755
--- a/test/setup-test-data.sh
+++ b/test/setup-test-data.sh
@@ -62,7 +62,7 @@ if [[ $ostypeid == "" ]]; then
     exit 2
 fi
 
-$(nc -z $MGMT_SVR 8096)
+nc -z $MGMT_SVR 8096
 if [[ $? -ne 0 ]]; then
     echo "$MGMT_SVR doesn't have port 8096 open"
     exit 2
diff --git a/tools/build/build_asf.sh b/tools/build/build_asf.sh
index 9d05f177247..52f82a6c710 100755
--- a/tools/build/build_asf.sh
+++ b/tools/build/build_asf.sh
@@ -23,7 +23,6 @@ branch='master'
 tag='no'
 certid='X'
 
-
 usage(){
     echo "usage: $0 -v version [-b branch] [-s source dir] [-o output dir] [-t [-u]] [-h]"
     echo "  -v sets the version"
@@ -31,11 +30,12 @@ usage(){
     echo "  -s sets the source directory (defaults to $sourcedir)"
     echo "  -o sets the output directory (defaults to $outputdir)"
     echo "  -t tags the git repo with the version"
-    echo "     -u sets the certificate ID to sign the tag with (if not provided, the default key is attempted)"
+    echo "  -u sets the certificate ID to sign the tag with (if not provided, the default key is attempted)"
+    echo "  -k sets the key to sign the tarball with"
     echo "  -h"
 }
 
-while getopts v:s:o:b:tu:h opt
+while getopts v:s:o:b:tu:k:h opt
 do
     case "$opt" in
       v)  version="$OPTARG";;
@@ -44,9 +44,10 @@ do
       b)  branch="$OPTARG";;
       t)  tag='yes';;
       u)  certid="$OPTARG";;
+      k)  keyid="--default-key $OPTARG";;
       h)  usage
           exit 0;;
-      \?)       # unknown flag
+      /?)       # unknown flag
           usage
           exit 1;;
     esac
@@ -73,29 +74,36 @@ else
 fi
 
 if [ -d "$outputdir" ]; then
-    rm $outputdir/*
+    rm -r $outputdir/*
 else
     mkdir $outputdir
 fi
-
 cp $sourcedir/KEYS $outputdir/KEYS
 
 cd $sourcedir
+echo 'archiving'
 git archive --format=tar.gz --prefix=apache-cloudstack-$version-incubating-src/ $branch > $outputdir/apache-cloudstack-$version-incubating-src.tar.gz
 git archive --format=zip --prefix=apache-cloudstack-$version-incubating-src/ $branch > $outputdir/apache-cloudstack-$version-incubating-src.zip
 
 cd $outputdir
-gpg -v --armor --output apache-cloudstack-$version-incubating-src.tar.gz.asc --detach-sig apache-cloudstack-$version-incubating-src.tar.gz
-gpg -v --armor --output apache-cloudstack-$version-incubating-src.zip.asc --detach-sig apache-cloudstack-$version-incubating-src.zip
+echo 'armor'
+gpg -v $keyid --armor --output apache-cloudstack-$version-incubating-src.tar.gz.asc --detach-sig apache-cloudstack-$version-incubating-src.tar.gz
+gpg -v $keyid --armor --output apache-cloudstack-$version-incubating-src.zip.asc --detach-sig apache-cloudstack-$version-incubating-src.zip
+
+echo 'md5'
 gpg -v --print-md MD5 apache-cloudstack-$version-incubating-src.tar.gz > apache-cloudstack-$version-incubating-src.tar.gz.md5
 gpg -v --print-md MD5 apache-cloudstack-$version-incubating-src.zip > apache-cloudstack-$version-incubating-src.zip.md5
+
+echo 'sha'
 gpg -v --print-md SHA512 apache-cloudstack-$version-incubating-src.tar.gz > apache-cloudstack-$version-incubating-src.tar.gz.sha
 gpg -v --print-md SHA512 apache-cloudstack-$version-incubating-src.zip > apache-cloudstack-$version-incubating-src.zip.sha
 
-gpg -v --verify apache-cloudstack-$version.tar.gz.asc apache-cloudstack-$version-incubating-src.tar.gz
-gpg -v --verify apache-cloudstack-$version.zip.asc apache-cloudstack-$version-incubating-src.zip
+echo 'verify'
+gpg -v --verify apache-cloudstack-$version-incubating-src.tar.gz.asc apache-cloudstack-$version-incubating-src.tar.gz
+gpg -v --verify apache-cloudstack-$version-incubating-src.zip.asc apache-cloudstack-$version-incubating-src.zip
 
 if [ $tag == 'yes' ]; then
+  echo 'tag'
   cd $sourcedir
   if [ $certid == 'X' ]; then
       git tag -s $version -m "Tagging release $version on branch $branch."
diff --git a/tools/build/build_docs.sh b/tools/build/build_docs.sh
new file mode 100755
index 00000000000..34e459f7b94
--- /dev/null
+++ b/tools/build/build_docs.sh
@@ -0,0 +1,55 @@
+#!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+sourcedir=~/incubator-cloudstack/
+common_content_dir=/usr/share/publican/Common_Content
+publican_path=/usr/bin/publican
+
+usage(){
+    echo "usage: $0 [-s source dir] [-c publican common content] [-p path to publican]"
+    echo "  -s sets the source directory (defaults to $sourcedir)"
+    echo "  -c sets the public common content directory (defaults to $common_content_dir)"
+    echo "  -p sets the path to the publican binary (defaults to $publican_path)"
+    echo "  -h"
+}
+
+while getopts v:s:c:p:h opt
+do
+    case "$opt" in
+      v)  version="$OPTARG";;
+      s)  sourcedir="$OPTARG";;
+      c)  common_content_dir="$OPTARG";;
+      p)  publican_path="$OPTARG";;
+      h)  usage
+          exit 0;;
+      \?)
+          usage
+          exit 1;;
+    esac
+done
+
+if [ ! -x "$publican_path" ]; then
+    echo "$publican_path doesn't seem like an executeable?"
+    exit 1
+fi
+
+cd $sourcedir/docs
+cp -R /usr/share/publican/Common_Content .
+ln -s $sourcedir/docs/publican-cloudstack Common_Content/cloudstack
+publican build --config=publican-all.cfg --formats html,pdf --langs en-US --common_content=$sourcedir/docs/Common_Content
+rm -r Common_Content
\ No newline at end of file
diff --git a/tools/build/installer/debinstall_full.sh b/tools/build/installer/debinstall_full.sh
new file mode 100644
index 00000000000..a3bf1aeec57
--- /dev/null
+++ b/tools/build/installer/debinstall_full.sh
@@ -0,0 +1,163 @@
+#!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+
+function cleanup() {
+    test -f /etc/apt/sources.list.vmops.bak && mv -f /etc/apt/sources.list.vmops.bak /etc/apt/sources.list || true
+}
+
+function setuprepo() {
+    pathtorepo=`pwd`
+    echo "Setting up the temporary repository..." >&2
+    cp /etc/apt/sources.list /etc/apt/sources.list.vmops.bak
+    echo "
+deb file://$pathtorepo ./" >> /etc/apt/sources.list
+
+    echo "Fetching updated listings..." >&2
+    aptitude update
+}
+
+function installed() {
+    dpkg -l "$@" 2> /dev/null | grep '^i' > /dev/null || return $?
+}
+
+function doinstall() {
+    aptitude install "$@" || return $?
+}
+    
+function doupdate() {
+    service cloud-management stop
+    apt-get --force-yes -y -u install "cloud-*"
+    service cloud-management restart
+}
+    
+function doremove() {
+    apt-get remove "$@" || return $?
+}
+
+[ `whoami` != 'root' ] && echo "This script must run as root" && exit 1
+
+trap "cleanup" INT TERM EXIT
+
+cd `dirname "$0"`
+setuprepo
+
+installms="    M) Install the Management Server   
+"
+installag="    A) Install the Agent
+"
+installus="    S) Install the Usage Monitor
+"
+installdb="    D) Install the database server     
+"
+quitoptio="    Q) Quit
+"
+unset removedb
+unset upgrade
+unset remove
+
+if installed cloud-client || installed cloud-agent || installed cloud-usage; then
+    upgrade="    U) Upgrade the CloudStack packages installed on this computer
+"
+    remove="    R) Stop any running CloudStack services and remove the CloudStack packages from this computer
+"
+fi
+if installed cloud-client ; then
+    unset installms
+fi
+if installed cloud-agent ; then
+    unset installag
+fi
+if installed cloud-usage ; then
+    unset installus
+fi
+if installed mysql-server ; then
+    unset installdb
+    removedb="    E) Remove the MySQL server (will not remove the MySQL databases)
+"
+fi
+
+read -p "Welcome to the Apache CloudStack (Incubating) Installer.  What would you like to do?
+
+$installms$installag$installbm$installus$installdb$upgrade$remove$removedb$quitoptio
+    > " installtype
+
+if [ "$installtype" == "q" -o "$installtype" == "Q" ] ; then
+
+    true
+
+elif [ "$installtype" == "m" -o "$installtype" == "M" ] ; then
+
+    echo "Installing the Management Server..." >&2
+    doinstall cloud-client
+    true
+
+elif [ "$installtype" == "a" -o "$installtype" == "A" ] ; then
+
+    echo "Installing the Agent..." >&2
+    if doinstall cloud-agent cloud-system-iso ; then
+        echo "Agent installation is completed, please add the host from management server" >&2
+    else
+        true
+    fi
+elif [ "$installtype" == "s" -o "$installtype" == "S" ] ; then
+
+    echo "Installing the Usage Server..." >&2
+    doinstall cloud-usage
+    true
+
+elif [ "$installtype" == "d" -o "$installtype" == "D" ] ; then
+
+    echo "Installing the MySQL server..." >&2
+    if doinstall mysql-server ; then
+        if /usr/sbin/service mysql status > /dev/null 2>&1 ; then
+            echo "Restarting the MySQL server..." >&2
+            /usr/sbin/service mysql restart # mysqld running already, we restart it
+        else
+            echo "Starting the MySQL server..." >&2
+            /usr/sbin/service mysql start   # we start mysqld for the first time
+        fi
+    else
+        true
+    fi
+
+elif [ "$installtype" == "u" -o "$installtype" == "U" ] ; then
+
+    echo "Updating the CloudStack and its dependencies..." >&2
+    doupdate
+
+elif [ "$installtype" == "r" -o "$installtype" == "R" ] ; then
+
+    echo "Removing all CloudStack packages on this computer..." >&2
+    doremove 'cloud-*'
+
+elif [ "$installtype" == "e" -o "$installtype" == "E" ] ; then
+
+    echo "Removing the MySQL server on this computer..." >&2
+    doremove 'mysql-server'
+
+else
+
+    echo "Incorrect choice.  Nothing to do." >&2
+    exit 8
+
+fi
+
+
+echo "Done" >&2
+cleanup
diff --git a/tools/build/installer/rpminstall_full.sh b/tools/build/installer/rpminstall_full.sh
new file mode 100755
index 00000000000..9cc78a5c7ee
--- /dev/null
+++ b/tools/build/installer/rpminstall_full.sh
@@ -0,0 +1,178 @@
+#!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+function cleanup() {
+    rm -f /etc/yum.repos.d/cloud-temp.repo || true
+}
+
+function setuprepo() {
+    pathtorepo=`pwd`
+    echo "Setting up the temporary repository..." >&2
+    echo \
+"[cloud-temp]
+baseurl=file://$pathtorepo
+gpgcheck=0
+enabled=1
+name=CloudStack temporary repository
+" > /etc/yum.repos.d/cloud-temp.repo
+
+    echo "Cleaning Yum cache..." >&2
+    rm /var/cache/yum/cloud-temp/ -rf
+    yum clean expire-cache || true
+}
+
+function installed() {
+    rpm -q "$@" > /dev/null 2>&1 || return $?
+}
+
+function doinstall() {
+    yum install "$@" || return $?
+}
+    
+function doupdate() {
+    yum update --enablerepo='cloud-temp' 'cloud-*' || return $?
+    rpm -Uvh --force cloud-scripts-*.rpm
+}
+    
+function doremove() {
+    yum remove "$@" || return $?
+}
+
+[ `whoami` != 'root' ] && echo "This script must run as root" && exit 1
+
+trap "cleanup" INT TERM EXIT
+
+cd `dirname "$0"`
+setuprepo
+
+installms="    M) Install the Management Server   
+"
+installag="    A) Install the Agent
+"
+installbm="    B) Install BareMetal Agent
+"
+installus="    S) Install the Usage Monitor
+"
+installdb="    D) Install the database server     
+"
+quitoptio="    Q) Quit
+"
+unset removedb
+unset upgrade
+unset remove
+
+if installed cloud-client || installed cloud-agent || installed cloud-usage || installed cloud-baremetal-agent; then
+    upgrade="    U) Upgrade the CloudStack packages installed on this computer
+"
+    remove="    R) Stop any running CloudStack services and remove the CloudStack packages from this computer
+"
+fi
+if installed cloud-client ; then
+    unset installms
+fi
+if installed cloud-agent ; then
+    unset installag
+fi
+if installed cloud-baremetal-agent ; then
+    unset installbm
+fi
+if installed cloud-usage ; then
+    unset installus
+fi
+if installed mysql-server ; then
+    unset installdb
+    removedb="    E) Remove the MySQL server (will not remove the MySQL databases)
+"
+fi
+
+read -p "Welcome to the Apache CloudStack (Incubating) Installer.  What would you like to do?
+
+$installms$installag$installbm$installus$installdb$upgrade$remove$removedb$quitoptio
+    > " installtype
+
+if [ "$installtype" == "q" -o "$installtype" == "Q" ] ; then
+
+    true
+
+elif [ "$installtype" == "m" -o "$installtype" == "M" ] ; then
+
+    echo "Installing the Management Server..." >&2
+    doinstall cloud-client
+    true
+
+elif [ "$installtype" == "a" -o "$installtype" == "A" ] ; then
+
+    echo "Installing the Agent..." >&2
+    if doinstall cloud-agent; then
+
+        echo "Agent installation is completed, please add the host from management server" >&2
+    else
+        true
+    fi
+elif [ "$installtype" == "b" -o "$installtype" == "B" ] ; then
+    echo "Installing the BareMetal Agent..." >&2
+    doinstall cloud-baremetal-agent
+    true
+
+elif [ "$installtype" == "s" -o "$installtype" == "S" ] ; then
+
+    echo "Installing the Usage Server..." >&2
+    doinstall cloud-usage
+    true
+
+elif [ "$installtype" == "d" -o "$installtype" == "D" ] ; then
+
+    echo "Installing the MySQL server..." >&2
+    if doinstall mysql-server ; then
+        /sbin/chkconfig --add mysqld 
+        /sbin/chkconfig --level 345 mysqld on
+        if /sbin/service mysqld status > /dev/null 2>&1 ; then
+            echo "Restarting the MySQL server..." >&2
+            /sbin/service mysqld restart # mysqld running already, we restart it
+        else
+            echo "Starting the MySQL server..." >&2
+            /sbin/service mysqld start   # we start mysqld for the first time
+        fi
+    else
+        true
+    fi
+
+elif [ "$installtype" == "u" -o "$installtype" == "U" ] ; then
+
+    echo "Updating the CloudStack and its dependencies..." >&2
+    doupdate
+
+elif [ "$installtype" == "r" -o "$installtype" == "R" ] ; then
+
+    echo "Removing all CloudStack packages on this computer..." >&2
+    doremove 'cloud-*'
+
+elif [ "$installtype" == "e" -o "$installtype" == "E" ] ; then
+
+    echo "Removing the MySQL server on this computer..." >&2
+    doremove 'mysql-server'
+else
+
+    echo "Incorrect choice.  Nothing to do." >&2
+    exit 8
+
+fi
+
+
+echo "Done" >&2
+cleanup
diff --git a/tools/devcloud/devcloud.cfg b/tools/devcloud/devcloud.cfg
index c0ea6c0b9f5..10fca376442 100644
--- a/tools/devcloud/devcloud.cfg
+++ b/tools/devcloud/devcloud.cfg
@@ -2,14 +2,34 @@
     "zones": [
         {
             "name": "DevCloud0", 
-            "providers": [
+            "physical_networks": [
                 {
-                    "broadcastdomainrange": "ZONE", 
-                    "name": "VirtualRouter"
+                    "broadcastdomainrange": "Zone", 
+                    "name": "test-network", 
+                    "traffictypes": [
+                        {
+                            "typ": "Guest"
+                        }, 
+                        {
+                            "typ": "Management"
+                        } 
+                    ], 
+                    "providers": [
+                        {
+                            "broadcastdomainrange": "ZONE", 
+                            "name": "VirtualRouter"
+                        },
+                        {
+                            "broadcastdomainrange": "Pod",
+                            "name": "SecurityGroupProvider"
+                        }
+                    ]
                 }
-            ], 
+            ],
             "dns2": "4.4.4.4", 
-            "dns1": "8.8.8.8", 
+            "dns1": "8.8.8.8",
+            "securitygroupenabled": "true", 
+            "localstorageenabled": "true",
             "networktype": "Basic", 
             "pods": [
                 {
@@ -46,18 +66,11 @@
             "internaldns2": "10.0.2.3", 
             "secondaryStorages": [
                 {
-                    "url": "nfs://10.0.2.15/opt/storage/secondary"
+                    "url": "nfs://10.0.2.15:/opt/storage/secondary"
                 }
             ]
         }
     ], 
-    "dbSvr": {
-        "dbSvr": "localhost", 
-        "passwd": "cloud", 
-        "db": "cloud", 
-        "port": 3306, 
-        "user": "cloud"
-    }, 
     "logger": [
         {
             "name": "TestClient", 
@@ -80,6 +93,18 @@
         {
             "name": "expunge.interval", 
             "value": "60"
+        },
+        {
+            "name":"enable.ec2.api",
+            "value":"true"
+        },
+        {
+            "name":"system.vm.use.local.storage",
+            "value":"true"
+        },
+        {
+            "name":"enable.s3.api",
+            "value":"true"
         }
     ], 
     "mgtSvr": [
diff --git a/tools/devcloud/devcloudbox/puppet-devcloud/files/builddevcloud.sh b/tools/devcloud/devcloudbox/puppet-devcloud/files/builddevcloud.sh
index 7755766ec3f..03bd854e015 100644
--- a/tools/devcloud/devcloudbox/puppet-devcloud/files/builddevcloud.sh
+++ b/tools/devcloud/devcloudbox/puppet-devcloud/files/builddevcloud.sh
@@ -18,5 +18,11 @@
 # under the License.
 
 export CATALINA_HOME=/opt/cloudstack/apache-tomcat-6.0.32
+export M2_HOME=/opt/cloudstack/apache-maven-3.0.4
+export M2=$M2_HOME/bin
+MAVEN_OPTS="-Xms256m -Xmx512m"
+PATH=$M2:$PATH
 cd /opt/cloudstack/incubator-cloudstack/
+/usr/bin/mvn -P deps
+/usr/bin/mvn clean
 /usr/bin/ant clean-all build-all deploy-server deploydb
diff --git a/tools/gcc/gcc.sh b/tools/devcloud/devcloudbox/puppet-devcloud/files/installmaven.sh
similarity index 53%
rename from tools/gcc/gcc.sh
rename to tools/devcloud/devcloudbox/puppet-devcloud/files/installmaven.sh
index 91fea1ab8b8..48ffdfe8de7 100644
--- a/tools/gcc/gcc.sh
+++ b/tools/devcloud/devcloudbox/puppet-devcloud/files/installmaven.sh
@@ -1,4 +1,5 @@
-#!/usr/bin/env bash
+#!/bin/sh
+
 # Licensed to the Apache Software Foundation (ASF) under one
 # or more contributor license agreements.  See the NOTICE file
 # distributed with this work for additional information
@@ -16,25 +17,6 @@
 # specific language governing permissions and limitations
 # under the License.
 
-
-usage() {
-  printf "Usage:\n %s [source directory where the java script files are] [destination directory to put the result] \n" $(basename $0) >&2
-}
-
-if [ $# -ne 2 ]; then
-  usage
-  exit 2;
-fi
-
-set -x
-
-jsfiles="--js $1/jquery-1.4.min.js --js $1/date.js "
-for file in `ls -l $1/jquery*.js | grep -v jquery-1.4 | awk '{print $NF}'`; do
-  jsfiles=`echo $jsfiles "--js " $file`
-done
-jsfiles=`echo $jsfiles "--js $1/cloud.core.callbacks.js --js $1/cloud.core.js "`
-for file in `ls -l $1/cloud*.js | egrep -v 'callback|core.js' | awk '{print $NF}'`; do
-  jsfiles=`echo $jsfiles "--js " $file`
-done
-
-java -jar compiler.jar $jsfiles --js_output_file $2/cloud.core.min.js
+cd /opt/cloudstack
+/usr/bin/wget http://apache.mirrors.pair.com/maven/maven-3/3.0.4/binaries/apache-maven-3.0.4-bin.tar.gz
+/bin/tar xvfz apache-maven-3.0.4-bin.tar.gz
diff --git a/tools/devcloud/devcloudbox/puppet-devcloud/manifests/init.pp b/tools/devcloud/devcloudbox/puppet-devcloud/manifests/init.pp
index 5547ed3fefa..3dc74a18206 100644
--- a/tools/devcloud/devcloudbox/puppet-devcloud/manifests/init.pp
+++ b/tools/devcloud/devcloudbox/puppet-devcloud/manifests/init.pp
@@ -297,9 +297,26 @@ class puppet-devcloud {
     group   => '0',
   }
 
+  file { '/opt/cloudstack/installmaven.sh':
+    ensure  => 'file',
+    source  => 'puppet:///modules/puppet-devcloud/installmaven.sh',
+    mode    => '777',
+    owner   => '0',
+    group   => '0',
+  }
+
+  exec { "install_maven":
+    require => File['/opt/cloudstack/installmaven.sh'],
+    command => '/opt/cloudstack/installmaven.sh',
+    cwd     => '/opt/cloudstack',
+    creates => '/opt/cloudstack/apache-maven-3.0.4/',
+    timeout => '0',
+  }
+
   exec { "build_cloudstack":
     require => [
       Package['ant'],
+      Exec['install_maven'],
       Exec["catalina_home"],
       File['/opt/cloudstack/incubator-cloudstack/dist'],
       File['/opt/cloudstack/incubator-cloudstack/target'],
diff --git a/tools/gcc/README b/tools/gcc/README
deleted file mode 100644
index 8718f5b572f..00000000000
--- a/tools/gcc/README
+++ /dev/null
@@ -1,261 +0,0 @@
-/*
- * Copyright 2009 Google Inc.
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-//
-// Contents
-//
-
-The Closure Compiler performs checking, instrumentation, and
-optimizations on JavaScript code. The purpose of this README is to
-explain how to build and run the Closure Compiler.
-
-The Closure Compiler requires Java 6 or higher.
-http://www.java.com/
-
-
-//
-// Building The Closure Compiler
-//
-
-There are three ways to get a Closure Compiler executable.
-
-1) Use one we built for you.
-
-Pre-built Closure binaries can be found at
-http://code.google.com/p/closure-compiler/downloads/list
-
-
-2) Check out the source and build it with Apache Ant.
-
-First, check out the full source tree of the Closure Compiler. There
-are instructions on how to do this at the project site.
-http://code.google.com/p/closure-compiler/source/checkout
-
-Apache Ant is a cross-platform build tool.
-http://ant.apache.org/
-
-At the root of the source tree, there is an Ant file named
-build.xml. To use it, navigate to the same directory and type the
-command
-
-ant jar
-
-This will produce a jar file called "build/compiler.jar".
-
-
-3) Check out the source and build it with Eclipse.
-
-Eclipse is a cross-platform IDE.
-http://www.eclipse.org/
-
-Under Eclipse's File menu, click "New > Project ..." and create a
-"Java Project."  You will see an options screen. Give the project a
-name, select "Create project from existing source," and choose the
-root of the checked-out source tree as the existing directory. Verify
-that you are using JRE version 6 or higher.
-
-Eclipse can use the build.xml file to discover rules. When you
-navigate to the build.xml file, you will see all the build rules in
-the "Outline" pane. Run the "jar" rule to build the compiler in
-build/compiler.jar.
-
-
-//
-// Running The Closure Compiler
-//
-
-Once you have the jar binary, running the Closure Compiler is straightforward.
-
-On the command line, type
-
-java -jar compiler.jar
-
-This starts the compiler in interactive mode. Type
-
-var x = 17 + 25;
-
-then hit "Enter", then hit "Ctrl-Z" (on Windows) or "Ctrl-D" (on Mac or Linux)
-and "Enter" again. The Compiler will respond:
-
-var x=42;
-
-The Closure Compiler has many options for reading input from a file,
-writing output to a file, checking your code, and running
-optimizations. To learn more, type
-
-java -jar compiler.jar --help
-
-You can read more detailed documentation about the many flags at
-http://code.google.com/closure/compiler/docs/gettingstarted_app.html
-
-
-//
-// Compiling Multiple Scripts
-//
-
-If you have multiple scripts, you should compile them all together with
-one compile command.
-
-java -jar compiler.jar --js=in1.js --js=in2.js ... --js_output_file=out.js
-
-The Closure Compiler will concatenate the files in the order they're
-passed at the command line.
-
-If you need to compile many, many scripts together, you may start to
-run into problems with managing dependencies between scripts. You
-should check out the Closure Library. It contains functions for
-enforcing dependencies between scripts, and a tool called calcdeps.py
-that knows how to give scripts to the Closure Compiler in the right
-order.
-
-http://code.google.com/p/closure-library/
-
-//
-// Licensing
-//
-
-Unless otherwise stated, all source files are licensed under
-the Apache License, Version 2.0.
-
-
------
-Code under:
-src/com/google/javascript/rhino
-test/com/google/javascript/rhino
-
-URL: http://www.mozilla.org/rhino
-Version:  1.5R3, with heavy modifications
-License:  Netscape Public License and MPL / GPL dual license
-
-Description: A partial copy of Mozilla Rhino. Mozilla Rhino is an
-implementation of JavaScript for the JVM.  The JavaScript parser and
-the parse tree data structures were extracted and modified
-significantly for use by Google's JavaScript compiler.
-
-Local Modifications: The packages have been renamespaced. All code not
-relavant to parsing has been removed. A JSDoc parser and static typing
-system have been added.
-
-
------
-Code in:
-lib/libtrunk_rhino_parser_jarjared.jar
-
-Rhino
-URL: http://www.mozilla.org/rhino
-Version:  Trunk
-License:  Netscape Public License and MPL / GPL dual license
-
-Description: Mozilla Rhino is an implementation of JavaScript for the JVM.
-
-Local Modifications: None. We've used JarJar to renamespace the code
-post-compilation. See:
-http://code.google.com/p/jarjar/
-
-
------
-Code in:
-lib/args4j_deploy.jar
-
-Args4j
-URL: https://args4j.dev.java.net/
-Version: 2.0.9
-License: MIT
-
-Description:
-args4j is a small Java class library that makes it easy to parse command line
-options/arguments in your CUI application.
-
-Local Modifications: None.
-
-
------
-Code in:
-lib/google_common_deploy.jar
-
-Guava Libraries
-URL: http://code.google.com/p/guava-libraries/
-Version:  Trunk
-License: Apache License 2.0
-
-Description: Google's core Java libraries.
-
-Local Modifications: None.
-
-
------
-Code in:
-lib/hamcrest-core-1.1.jar
-
-Hamcrest
-URL: http://code.google.com/p/hamcrest
-License: BSD
-License File: LICENSE
-
-Description:
-Provides a library of matcher objects (also known as constraints or
-predicates) allowing 'match' rules to be defined declaratively, to be used in
-other frameworks. Typical scenarios include testing frameworks, mocking
-libraries and UI validation rules.
-
-Local modifications:
-The original jars contained both source code and compiled classes.
-
-hamcrest-core-1.1.jar just contains the compiled classes.
-
-
-----
-Code in:
-lib/junit.jar
-
-JUnit
-URL:  http://sourceforge.net/projects/junit/
-Version:  4.5
-License:  Common Public License 1.0
-
-Description: A framework for writing and running automated tests in Java.
-
-Local Modifications: None.
-
-
----
-Code in:
-lib/protobuf_deploy.jar
-
-Protocol Buffers
-URL: http://code.google.com/p/protobuf/
-Version: 2.2.0a
-License: New BSD License
-
-Description: Supporting libraries for protocol buffers,
-an encoding of structured data.
-
-Local Modifications: None
-
-
----
-Code in:
-lib/ant_deploy.jar
-
-URL: http://ant.apache.org/bindownload.cgi
-Version: 1.6.5
-License: Apache License 2.0
-Description:
-  Ant is a Java based build tool. In theory it is kind of like "make"
-  without make's wrinkles and with the full portability of pure java code.
-
-Local Modifications:
-  Modified apache-ant-1.6.5/bin/ant to look in the ant.runfiles directory
diff --git a/tools/gcc/compiler.jar b/tools/gcc/compiler.jar
deleted file mode 100644
index 851f5afef85..00000000000
Binary files a/tools/gcc/compiler.jar and /dev/null differ
diff --git a/tools/guest_password/cloud-set-guest-password b/tools/guest_password/cloud-set-guest-password
new file mode 100644
index 00000000000..3da0ff36191
--- /dev/null
+++ b/tools/guest_password/cloud-set-guest-password
@@ -0,0 +1,116 @@
+#!/bin/bash
+#
+# Init file for Password Download Client
+#
+# chkconfig: 345 98 02
+# description: Password Download Client
+
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+# 
+#   http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+
+# Modify this line to specify the user (default is root)
+user=root
+
+# Add your DHCP lease folders here
+DHCP_FOLDERS="/var/lib/dhclient/* /var/lib/dhcp3/* /var/lib/dhcp/*"
+password_received=0
+file_count=0
+error_count=0
+
+for DHCP_FILE in $DHCP_FOLDERS
+do
+	if [ -f $DHCP_FILE ]
+	then
+		file_count=$((file_count+1))
+		PASSWORD_SERVER_IP=$(grep dhcp-server-identifier $DHCP_FILE | tail -1 | awk '{print $NF}' | tr -d '\;')
+
+		if [ -n $PASSWORD_SERVER_IP ]
+		then
+			logger -t "cloud" "Found password server IP $PASSWORD_SERVER_IP in $DHCP_FILE"
+			logger -t "cloud" "Sending request to password server at $PASSWORD_SERVER_IP"
+			password=$(wget -q -t 3 -T 20 -O - --header "DomU_Request: send_my_password" $PASSWORD_SERVER_IP:8080)
+			password=$(echo $password | tr -d '\r')
+
+			if [ $? -eq 0 ]
+			then
+				logger -t "cloud" "Got response from server at $PASSWORD_SERVER_IP"
+
+				case $password in
+				
+				"")					logger -t "cloud" "Password server at $PASSWORD_SERVER_IP did not have any password for the VM"
+									continue
+									;;
+				
+				"bad_request")		logger -t "cloud" "VM sent an invalid request to password server at $PASSWORD_SERVER_IP"
+									error_count=$((error_count+1))
+									continue
+									;;
+									
+				"saved_password") 	logger -t "cloud" "VM has already saved a password from the password server at $PASSWORD_SERVER_IP"
+									continue
+									;;
+									
+				*)					logger -t "cloud" "VM got a valid password from server at $PASSWORD_SERVER_IP"
+									password_received=1
+									break
+									;;
+									
+				esac
+			else
+				logger -t "cloud" "Failed to send request to password server at $PASSWORD_SERVER_IP"
+				error_count=$((error_count+1))
+			fi
+		else
+			logger -t "cloud" "Could not find password server IP in $DHCP_FILE"
+			error_count=$((error_count+1))
+		fi
+	fi
+done
+
+if [ "$password_received" == "0" ]
+then
+	if [ "$error_count" == "$file_count" ]
+	then
+		logger -t "cloud" "Failed to get password from any server"
+		exit 1
+	else
+		logger -t "cloud" "Did not need to change password."
+		exit 0
+	fi
+fi
+
+logger -t "cloud" "Changing password ..."
+echo $user:$password | chpasswd
+						
+if [ $? -gt 0 ]
+then
+	usermod -p `mkpasswd -m SHA-512 $password` $user
+		
+	if [ $? -gt 0 ]
+	then
+		logger -t "cloud" "Failed to change password for user $user"
+		exit 1
+	else
+		logger -t "cloud" "Successfully changed password for user $user"
+	fi
+fi
+						
+logger -t "cloud" "Sending acknowledgment to password server at $PASSWORD_SERVER_IP"
+wget -t 3 -T 20 -O - --header "DomU_Request: saved_password" $PASSWORD_SERVER_IP:8080
+exit 0
+
diff --git a/tools/whisker/descriptor.xml b/tools/whisker/descriptor.xml
index b927bfc9528..007535def5c 100644
--- a/tools/whisker/descriptor.xml
+++ b/tools/whisker/descriptor.xml
@@ -16,32 +16,6 @@ KIND, either express or implied.  See the License for the
 specific language governing permissions and limitations
 under the License.
 -->
-
-
-
-
 
     
         
         
         
-        	
-        	
+            name='Mozilla Public License, Version 1.0'
+            id='MPL1'
+            url='http://www.mozilla.org/MPL/1.1/' >
+            
+            
                           MOZILLA PUBLIC LICENSE
                                 Version 1.1
 
@@ -912,7 +886,7 @@ EXHIBIT A -Mozilla Public License.
      use the text of this Exhibit A rather than the text found in the
      Original Code Source Code for Your Modifications.]
 
-        	
+            
         
         
         
         
-        	        		
+            name='ANTLR 2 License'
+            id='antlr2'
+            url='http://www.antlr2.org/license.html'>
+                            
 ANTLR 2 License
 
 We reserve no legal rights to the ANTLR--it is fully in the public domain. An
@@ -1471,13 +1445,13 @@ mention that you developed it using ANTLR. In addition, we ask that the headers
 remain intact in our source code. As long as these guidelines are kept, we
 expect to continue enhancing this system and expect to make other tools
 available as they are completed.
-        	
+            
         
         
-        	
+            name='Dom4J License'
+            id='dom4j.license'
+            url='http://dom4j.cvs.sourceforge.net/viewvc/dom4j/dom4j/LICENSE.txt'>
+            
 Copyright 2001-2005 (C) MetaStuff, Ltd. All Rights Reserved.
 
 Redistribution and use of this software and associated documentation
@@ -1518,7 +1492,7 @@ HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 OF THE POSSIBILITY OF SUCH DAMAGE.
-        	
+            
         
         
-   		
+           
+           
 =========================================================================
 ==  NOTICE file corresponding to section 4(d) of the Apache License,   ==
 ==  Version 2.0, in this case for the Apache Xerces Java distribution. ==
@@ -2248,8 +2222,8 @@ Portions of this software were originally based on the following:
   - voluntary contributions made by Paul Eng on behalf of the 
     Apache Software Foundation that were originally developed at iClick, Inc.,
     software copyright (c) 1999.
-   		
-   		
+           
+           
 =========================================================================
 ==  NOTICE file corresponding to section 4(d) of the Apache License,   ==
 ==  Version 2.0, in this case for the Apache xml-commons xml-apis      ==
@@ -2266,8 +2240,8 @@ Portions of this software were originally based on the following:
   - software copyright (c) 1999, IBM Corporation., http://www.ibm.com.
   - software copyright (c) 1999, Sun Microsystems., http://www.sun.com.
   - software copyright (c) 2000 World Wide Web Consortium, http://www.w3.org
-   		
-   		
+           
+           
 Apache Rampart
 Copyright 2010 The Apache Software Foundation
 
@@ -2276,13 +2250,17 @@ The Apache Software Foundation (http://www.apache.org/).
 
 Please read the different LICENSE files present in the lib directory of
 this distribution.
-   		
+           
     
     
           
+          
         
         
+            id='openstack.org'
+            name='OpenStack, LLC'
+            url='http://www.openstack.org' />
         
+            id='antlr2.org'
+            name='ANTLR Translator Generator Project'
+            url='http://www.antlr2.org/' />
         
+            id='qos.ch'
+            name='QOS.ch'
+            url='http://www.qos.ch/' />
         
+            id='dom4j.sourceforge.net'
+            name='DOM4J Project'
+            url='http://dom4j.sourceforge.net/' />
         
+            id='json-simple'
+            name='Json.simple Project'
+            url='http://code.google.com/p/json-simple/' />
         
+            id='junit.org'
+            name='JUnit Project'
+            url='http://www.junit.org/' />
         
+            id='person:shigeru.chiba'
+            name='Shigeru Chiba'
+            url='http://www.csg.ci.i.u-tokyo.ac.jp/~chiba/javassist/' />
         
+        
+        
+        
+        
+        
     
     
         Copyright (c) 2012 The Apache Software Foundation
@@ -2427,13 +2425,53 @@ The Apache Software Foundation (http://www.apache.org/).
     
         
             
-Copyright © 2005-2010 Thomas Nagy
+Copyright (c) 2005-2010 Thomas Nagy
             
             
                 
             
         
     
+    
+        
+            
+Copyright (c) 2012 The Apache Software Foundation
+            
+            
+                
+                
+                
+                
+                
+            
+        
+    
+    
+        
+            
+                
+            
+            
+                
+                
+            
+        
+    
+    
+        
+            
+                
+            
+        
+    
+    
+        
+            
+            
+                
+            
+        
+    
     
         
             
@@ -2448,7 +2486,7 @@ All rights reserved.
     
         
             
-Copyright © 2009, John Resig
+Copyright (c) 2009, John Resig
             
             
                 
@@ -2458,7 +2496,7 @@ Copyright © 2009, John Resig
     
         
             
-Copyright © 2011, John Resig
+Copyright (c) 2011, John Resig
             
             
                 
@@ -2466,7 +2504,7 @@ Copyright © 2011, John Resig
         
         
             
-Copyright © 2006 - 2011 Jörn Zaefferer
+Copyright (c) 2006 - 2011 Jörn Zaefferer
             
             
                 
@@ -2474,7 +2512,7 @@ Copyright © 2006 - 2011 Jörn Zaefferer
         
         
             
-Copyright © 2010, Sebastian Tschan
+Copyright (c) 2010, Sebastian Tschan
             
             
                 
@@ -2482,7 +2520,7 @@ Copyright © 2010, Sebastian Tschan
         
         
             
-Copyright © 2006 Klaus Hartl (stilbuero.de)
+Copyright (c) 2006 Klaus Hartl (stilbuero.de)
             
             
                 
@@ -2490,7 +2528,7 @@ Copyright © 2006 Klaus Hartl (stilbuero.de)
         
         
             
-Copyright © 2008 George McGinley Smith
+Copyright (c) 2008 George McGinley Smith
 All rights reserved.
             
             
@@ -2549,9 +2587,9 @@ Updated November 2009 with contributions from: btburnett3, Anthony Aragues and X
     
     
         
-	        
-Copyright © 2012 John Resig, Jörn Zaefferer
-	        
+            
+Copyright (c) 2012 John Resig, Jörn Zaefferer
+            
             
                 
                 
@@ -2561,7 +2599,7 @@ Copyright © 2012 John Resig, Jörn Zaefferer
     
         
             
-Copyright © 2005-2010 Thomas Nagy
+Copyright (c) 2005-2010 Thomas Nagy
             
             
                 
@@ -2571,7 +2609,7 @@ Copyright © 2005-2010 Thomas Nagy
     
         
             
-Copyright © 2004 Clinton Begin
+Copyright (c) 2004 Clinton Begin
             
             
 `                
@@ -2579,11 +2617,21 @@ Copyright © 2004 Clinton Begin
         
     
     
+        
+            
+Copyright (C) 2008      Tóth István <stoty@tvnet.hu>
+              2008-2012 Daniel Veillard <veillard@redhat.com>
+              2009-2011 Bryan Kearney <bkearney@redhat.com>
+            
+            
+                
+            
+        
         
             
-Copyright © 2012 The Apache Software Foundation
+Copyright (c) 2012 The Apache Software Foundation
             
-            
+            
                 
                 
                 
@@ -2603,9 +2651,9 @@ Copyright © 2012 The Apache Software Foundation
         
         
             
-Copyright © 2012 The Apache Software Foundation
+Copyright (c) 2012 The Apache Software Foundation
             
-            
+            
                 
             
         
@@ -2619,7 +2667,7 @@ Copyright (c) 2007-2010, The JASYPT team (http://www.jasypt.org)
         
         
             
-Copyright © 2003-2007 Luck Consulting Pty Ltd
+Copyright (c) 2003-2007 Luck Consulting Pty Ltd
             
             
                 
@@ -2627,7 +2675,7 @@ Copyright © 2003-2007 Luck Consulting Pty Ltd
         
         
             
-Copyright © 2006 Sun Microsystems, Inc. All rights reserved.
+Copyright (c) 2006 Sun Microsystems, Inc. All rights reserved.
             
             
                 
@@ -2636,7 +2684,7 @@ Copyright © 2006 Sun Microsystems, Inc. All rights reserved.
         
         
             
-Copyright © 1997-2010 Oracle and/or its affiliates. All rights reserved.
+Copyright (c) 1997-2010 Oracle and/or its affiliates. All rights reserved.
             
             
                 
@@ -2644,7 +2692,7 @@ Copyright © 1997-2010 Oracle and/or its affiliates. All rights reserved.
         
         
             
-Copyright © 2009 Google Inc.
+Copyright (c) 2009 Google Inc.
             
             
                 
@@ -2652,7 +2700,7 @@ Copyright © 2009 Google Inc.
         
         
             
-Copyright © 2012 The Eclipse Foundation.
+Copyright (c) 2012 The Eclipse Foundation.
             
             
                 
@@ -2660,7 +2708,7 @@ Copyright © 2012 The Eclipse Foundation.
         
         
             
-Copyright © 2009, Caringo, Inc.
+Copyright (c) 2009, Caringo, Inc.
             
             
                 
@@ -2668,7 +2716,7 @@ Copyright © 2009, Caringo, Inc.
         
         
             
-Copyright © 2002-2011 Atsuhiko Yamanaka, JCraft,Inc.
+Copyright (c) 2002-2011 Atsuhiko Yamanaka, JCraft,Inc.
             
             
                 
@@ -2676,7 +2724,7 @@ Copyright © 2002-2011 Atsuhiko Yamanaka, JCraft,Inc.
         
         
             
-Copyright © IBM Corp 2006 
+Copyright (c) IBM Corp 2006 
             
             
                 
@@ -2697,7 +2745,7 @@ Copyright © IBM Corp 2006
         
         
             
-Copyright © 2007-2008 Trilead AG (http://www.trilead.com)
+Copyright (c) 2007-2008 Trilead AG (http://www.trilead.com)
 All rights reserved.
             
             
@@ -2713,8 +2761,8 @@ All rights reserved.
         
         
             
-        	
-        		
+            
+                
             
         
         
@@ -2724,64 +2772,54 @@ All rights reserved.
         
     
     
-    	
-    		
-Copyright © 2010-2011 OpenStack, LLC.
-			
-			
-				
-			
-		
-	
+        
+            
+Copyright (c) 2010-2011 OpenStack, LLC.
+            
+            
+                
+            
+        
+    
     
-    	
-    		
-Copyright © 2010-2011 OpenStack, LLC.
-			
-			
-				
-			
-		
-	
-    
-    	
-    		
-Copyright © 2009 Google Inc.
-			
-			
-				
-			
-		
-	
+        
+            
+Copyright (c) 2010-2011 OpenStack, LLC.
+            
+            
+                
+            
+        
+    
     
-    	
-    		
-Copyright © 2004-2008 The Apache Software Foundation
-			
-			
-				
-			
-		
-		
+        
+            
+Copyright (c) 2004-2008 The Apache Software Foundation
+            
+            
+                
+            
+        
+        
             
-			
-				
-			
-		
-		
-    		
-Copyright © 2004-2011 QOS.ch
-			
-			
-				
-				
-			
-		
+            
+                
+            
+        
+        
+            
+Copyright (c) 2004-2011 QOS.ch
+            
+            
+                
+                
+            
+        
         
             
-Copyright © 2004-2012 The Apache Software Foundation
+Copyright (c) 2004-2012 The Apache Software Foundation
             
-            
+            
                 
                 
                 
@@ -2814,7 +2852,7 @@ Copyright © 2004-2012 The Apache Software Foundation
         
         
             
-Copyright © 2009 Google Inc.
+Copyright (c) 2009 Google Inc.
             
             
                 
@@ -2822,14 +2860,14 @@ Copyright © 2009 Google Inc.
         
         
             
-        	
-        		
-        		
-        	
+            
+                
+                
+            
         
         
             
-Copyright © 1997-2010 Oracle and/or its affiliates. All rights reserved.
+Copyright (c) 1997-2010 Oracle and/or its affiliates. All rights reserved.
             
             
                 
@@ -2839,7 +2877,7 @@ Copyright © 1997-2010 Oracle and/or its affiliates. All rights reserved.
         
         
             
-Copyright © 2006 Sun Microsystems, Inc. All rights reserved.
+Copyright (c) 2006 Sun Microsystems, Inc. All rights reserved.
             
             
                 
@@ -2847,7 +2885,7 @@ Copyright © 2006 Sun Microsystems, Inc. All rights reserved.
         
         
             
-Copyright © 2002-2011 Atsuhiko Yamanaka, JCraft,Inc.
+Copyright (c) 2002-2011 Atsuhiko Yamanaka, JCraft,Inc.
             
             
                 
@@ -2861,7 +2899,7 @@ Copyright © 2002-2011 Atsuhiko Yamanaka, JCraft,Inc.
         
         
             
-Copyright © 1997-2010 Oracle and/or its affiliates. All rights reserved.
+Copyright (c) 1997-2010 Oracle and/or its affiliates. All rights reserved.
             
             
                 
@@ -2869,23 +2907,23 @@ Copyright © 1997-2010 Oracle and/or its affiliates. All rights reserved.
         
         
             
-        	
-        		
+            
+                
             
         
         
             
-        	
-        		PROJECTJavassist
-        		INITIAL_DEVELOPERShigeru Chiba
-        		INITIAL_DEVELOPER_COPYRIGHT1999-2008 Shigeru Chiba
-        		CONTRIBUTORS
-        		ALT_LIC_NAMEGNU Lesser General Public License Version 2.1 or later
-        		ALT_LIC_SHORTLGPL
-           	
-           	
-           		
-           	
+            
+                PROJECTJavassist
+                INITIAL_DEVELOPERShigeru Chiba
+                INITIAL_DEVELOPER_COPYRIGHT1999-2008 Shigeru Chiba
+                CONTRIBUTORS
+                ALT_LIC_NAMEGNU Lesser General Public License Version 2.1 or later
+                ALT_LIC_SHORTLGPL
+               
+               
+                   
+               
         
-	
+    
 
diff --git a/ui/css/cloudstack3.css b/ui/css/cloudstack3.css
index dfd4b1677d9..19b0aee4794 100644
--- a/ui/css/cloudstack3.css
+++ b/ui/css/cloudstack3.css
@@ -6,9 +6,9 @@
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
-* 
+*
 *   http://www.apache.org/licenses/LICENSE-2.0
-* 
+*
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -8611,6 +8611,9 @@ div.panel.ui-dialog div.list-view div.fixed-header {
   position: relative;
   left: 5px;
   top: 8px;
+  display: inline-block;
+  padding-bottom: 13px;
+  max-width: 171px;
 }
 
 .info-boxes .info-box ul li .total span {
@@ -10006,6 +10009,15 @@ div.ui-dialog div.autoscaler div.field-group div.form-container form div.form-it
   font-size: 11px;
 }
 
+/*CS-16413: Disable infrastructure totals*/
+.system-dashboard.zone .status_box li span.header {
+  display: block;
+  width: 156px;
+  font-size: 16px;
+  text-align: center;
+  top: 31px;
+}
+
 /*Action icons*/
 .action.edit .icon {
   background-position: 1px -1px;
@@ -10386,5 +10398,6 @@ div.ui-dialog div.autoscaler div.field-group div.form-container form div.form-it
 
 .label-hovered {
   cursor: pointer;
-  color: blue !important;
+  color: #0000FF !important;
 }
+
diff --git a/ui/dictionary.jsp b/ui/dictionary.jsp
index f64864ccadf..9457e30af79 100644
--- a/ui/dictionary.jsp
+++ b/ui/dictionary.jsp
@@ -25,6 +25,8 @@ under the License.
 <% long now = System.currentTimeMillis(); %>