apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge release branch 4.7 to master

Browse Source 
* 4.7:
  Refactor public ip retrieval into method
  CLOUDSTACK-9244 Fix setting up RFC1918 routes
  CLOUDSTACK-9239 throw exception on deprecated command
  Enhance VR performance by selectively executing tasks instead of brute-forcing
  CLOUDSTACK-9236: Load Balancing Health Check button displayed when non-NetScaler offering is used
This commit is contained in:
Remi Bergsma 2016-01-20 14:18:09 +01:00
commit 6f9215cf39
6 changed files with 156 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
api/src/org/apache/cloudstack/api/command/admin/account/LockAccountCmd.java
View File

@ -16,7 +16,7 @@
// under the License. // under the License.
package org.apache.cloudstack.api.command.admin.account; package org.apache.cloudstack.api.command.admin.account;
import org.apache.log4j.Logger; import java.util.logging.Logger;
import org.apache.cloudstack.api.APICommand; import org.apache.cloudstack.api.APICommand;
import org.apache.cloudstack.api.ApiConstants; import org.apache.cloudstack.api.ApiConstants;
@ -26,9 +26,14 @@ import org.apache.cloudstack.api.response.AccountResponse;
import org.apache.cloudstack.api.response.DomainResponse; import org.apache.cloudstack.api.response.DomainResponse;
import com.cloud.user.Account; import com.cloud.user.Account;
import com.cloud.utils.exception.CloudRuntimeException;
@APICommand(name = "lockAccount", description = "Locks an account", responseObject = AccountResponse.class, entityType = {Account.class}, @APICommand(name = "lockAccount",
requestHasSensitiveInfo = false, responseHasSensitiveInfo = true) description = "This deprecated function used to locks an account. Look for the API DisableAccount instead",
responseObject = AccountResponse.class,
entityType = {Account.class},
requestHasSensitiveInfo = false,
responseHasSensitiveInfo = true)
public class LockAccountCmd extends BaseCmd { public class LockAccountCmd extends BaseCmd {
public static final Logger s_logger = Logger.getLogger(LockAccountCmd.class.getName()); public static final Logger s_logger = Logger.getLogger(LockAccountCmd.class.getName());
@ -71,7 +76,7 @@ public class LockAccountCmd extends BaseCmd {
@Override @Override
public long getEntityOwnerId() { public long getEntityOwnerId() {
Account account = _accountService.getActiveAccountByName(getAccountName(), getDomainId()); final Account account = _accountService.getActiveAccountByName(getAccountName(), getDomainId());
if (account != null) { if (account != null) {
return account.getAccountId(); return account.getAccountId();
} }
@ -81,14 +86,6 @@ public class LockAccountCmd extends BaseCmd {
@Override @Override
public void execute() { public void execute() {
// Account result = null; throw new CloudRuntimeException("LockAccount does not lock accounts. Its implementation is disabled. Use DisableAccount instead");
//result = _accountService.lockAccount(this);
// if (result != null){
// AccountResponse response = _responseGenerator.createAccountResponse(result);
// response.setResponseName(getCommandName());
// this.setResponseObject(response);
// } else {
// throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to lock account");
// }
} }
} }

13
systemvm/patches/debian/config/etc/init.d/cloud-early-config
View File

@ -1166,6 +1166,7 @@ setup_storage_network() {
} }
setup_system_rfc1918_internal() { setup_system_rfc1918_internal() {
public_ip=`getPublicIp`
echo "$public_ip" | grep -E "^((127\.)|(10\.)|(172\.1[6-9]\.)|(172\.2[0-9]\.)|(172\.3[0-1]\.)|(192\.168\.))" echo "$public_ip" | grep -E "^((127\.)|(10\.)|(172\.1[6-9]\.)|(172\.2[0-9]\.)|(172\.3[0-1]\.)|(192\.168\.))"
if [ "$?" == "0" ]; then if [ "$?" == "0" ]; then
log_it "Not setting up route of RFC1918 space to $LOCAL_GW befause $public_ip is RFC1918." log_it "Not setting up route of RFC1918 space to $LOCAL_GW befause $public_ip is RFC1918."
@ -1180,6 +1181,12 @@ setup_system_rfc1918_internal() {
fi fi
} }
getPublicIp() {
public_ip=$ETH2_IP
[ "$ETH2_IP" == "0.0.0.0" ] && public_ip=$ETH1_IP
echo $public_ip
}
setup_secstorage() { setup_secstorage() {
log_it "Setting up secondary storage system vm" log_it "Setting up secondary storage system vm"
sysctl vm.min_free_kbytes=8192 sysctl vm.min_free_kbytes=8192
@ -1188,8 +1195,7 @@ setup_secstorage() {
setup_storage_network setup_storage_network
setup_system_rfc1918_internal setup_system_rfc1918_internal
sed -i /gateway/d /etc/hosts sed -i /gateway/d /etc/hosts
public_ip=$ETH2_IP public_ip=`getPublicIp`
[ "$ETH2_IP" == "0.0.0.0" ] && public_ip=$ETH1_IP
echo "$public_ip $NAME" >> /etc/hosts echo "$public_ip $NAME" >> /etc/hosts
cp /etc/iptables/iptables-secstorage /etc/iptables/rules.v4 cp /etc/iptables/iptables-secstorage /etc/iptables/rules.v4
@ -1246,8 +1252,7 @@ setup_console_proxy() {
local hyp=$1 local hyp=$1
setup_common eth0 eth1 eth2 setup_common eth0 eth1 eth2
setup_system_rfc1918_internal setup_system_rfc1918_internal
public_ip=$ETH2_IP public_ip=`getPublicIp`
[ "$ETH2_IP" == "0.0.0.0" ] && public_ip=$ETH1_IP
sed -i /gateway/d /etc/hosts sed -i /gateway/d /etc/hosts
echo "$public_ip $NAME" >> /etc/hosts echo "$public_ip $NAME" >> /etc/hosts
cp /etc/iptables/iptables-consoleproxy /etc/iptables/rules.v4 cp /etc/iptables/iptables-consoleproxy /etc/iptables/rules.v4

118
systemvm/patches/debian/config/opt/cloud/bin/configure.py
View File

@ -288,7 +288,7 @@ class CsAcl(CsDataBag):
if item == "id": if item == "id":
continue continue
if self.config.is_vpc(): if self.config.is_vpc():
dev_obj = self.AclDevice(self.dbag[item], self.config).create() self.AclDevice(self.dbag[item], self.config).create()
else: else:
self.AclIP(self.dbag[item], self.config).create() self.AclIP(self.dbag[item], self.config).create()
@ -901,79 +901,123 @@ class CsForwardingRules(CsDataBag):
def main(argv): def main(argv):
# The file we are currently processing, if it is "cmd_line.json" everything will be processed.
process_file = argv[1]
# process_file can be None, if so assume cmd_line.json
if process_file is None:
process_file = "cmd_line.json"
# Track if changes need to be committed to NetFilter
iptables_change = False
# The "GLOBAL" Configuration object
config = CsConfig() config = CsConfig()
logging.basicConfig(filename=config.get_logger(), logging.basicConfig(filename=config.get_logger(),
level=config.get_level(), level=config.get_level(),
format=config.get_format()) format=config.get_format())
# Load stored ip adresses from disk to CsConfig()
config.set_address() config.set_address()
logging.debug("Configuring ip addresses") logging.debug("Configuring ip addresses")
# IP configuration
config.address().compare() config.address().compare()
config.address().process() config.address().process()
logging.debug("Configuring vmpassword") if process_file in ["cmd_line.json", "guest_network.json"]:
password = CsPassword("vmpassword", config) logging.debug("Configuring Guest Network")
password.process() iptables_change = True
logging.debug("Configuring vmdata") if process_file in ["cmd_line.json", "vm_password.json"]:
metadata = CsVmMetadata('vmdata', config) logging.debug("Configuring vmpassword")
metadata.process() password = CsPassword("vmpassword", config)
password.process()
logging.debug("Configuring networkacl") if process_file in ["cmd_line.json", "vm_metadata.json"]:
logging.debug("Configuring vmdata")
metadata = CsVmMetadata('vmdata', config)
metadata.process()
# Always run both CsAcl().process() methods
# They fill the base rules in config.fw[]
acls = CsAcl('networkacl', config) acls = CsAcl('networkacl', config)
acls.process() acls.process()
logging.debug("Configuring firewall rules")
acls = CsAcl('firewallrules', config) acls = CsAcl('firewallrules', config)
acls.process() acls.process()
logging.debug("Configuring PF rules")
fwd = CsForwardingRules("forwardingrules", config) fwd = CsForwardingRules("forwardingrules", config)
fwd.process() fwd.process()
logging.debug("Configuring s2s vpn")
vpns = CsSite2SiteVpn("site2sitevpn", config) vpns = CsSite2SiteVpn("site2sitevpn", config)
vpns.process() vpns.process()
logging.debug("Configuring remote access vpn")
#remote access vpn
rvpn = CsRemoteAccessVpn("remoteaccessvpn", config) rvpn = CsRemoteAccessVpn("remoteaccessvpn", config)
rvpn.process() rvpn.process()
logging.debug("Configuring vpn users list")
#remote access vpn users
vpnuser = CsVpnUser("vpnuserlist", config)
vpnuser.process()
logging.debug("Configuring dhcp entry")
dhcp = CsDhcp("dhcpentry", config)
dhcp.process()
logging.debug("Configuring load balancer")
lb = CsLoadBalancer("loadbalancer", config) lb = CsLoadBalancer("loadbalancer", config)
lb.process() lb.process()
logging.debug("Configuring monitor service") if process_file in ["cmd_line.json", "network_acl.json"]:
mon = CsMonitor("monitorservice", config) logging.debug("Configuring networkacl")
mon.process() iptables_change = True
logging.debug("Configuring iptables rules") if process_file in ["cmd_line.json", "firewall_rules.json"]:
nf = CsNetfilters() logging.debug("Configuring firewall rules")
nf.compare(config.get_fw()) iptables_change = True
if process_file in ["cmd_line.json", "forwarding_rules.json", "staticnat_rules.json"]:
logging.debug("Configuring PF rules")
iptables_change = True
if process_file in ["cmd_line.json", "site_2_site_vpn.json"]:
logging.debug("Configuring s2s vpn")
iptables_change = True
if process_file in ["cmd_line.json", "remote_access_vpn.json"]:
logging.debug("Configuring remote access vpn")
iptables_change = True
if process_file in ["cmd_line.json", "vpn_user_list.json"]:
logging.debug("Configuring vpn users list")
vpnuser = CsVpnUser("vpnuserlist", config)
vpnuser.process()
if process_file in ["cmd_line.json", "vm_dhcp_entry.json", "dhcp.json"]:
logging.debug("Configuring dhcp entry")
dhcp = CsDhcp("dhcpentry", config)
dhcp.process()
if process_file in ["cmd_line.json", "load_balancer.json"]:
logging.debug("Configuring load balancer")
iptables_change = True
if process_file in ["cmd_line.json", "monitor_service.json"]:
logging.debug("Configuring monitor service")
mon = CsMonitor("monitorservice", config)
mon.process()
# If iptable rules have changed, apply them.
if iptables_change:
logging.debug("Configuring iptables rules")
nf = CsNetfilters()
nf.compare(config.get_fw())
red = CsRedundant(config) red = CsRedundant(config)
red.set() red.set()
logging.debug("Configuring static routes") if process_file in ["cmd_line.json", "static_routes.json"]:
static_routes = CsStaticRoutes("staticroutes", config) logging.debug("Configuring static routes")
static_routes.process() static_routes = CsStaticRoutes("staticroutes", config)
static_routes.process()
logging.debug("Configuring iptables rules done ...saving rules") if iptables_change:
logging.debug("Configuring iptables rules done ...saving rules")
# Save iptables configuration - will be loaded on reboot by the iptables-restore that is configured on /etc/rc.local # Save iptables configuration - will be loaded on reboot by the iptables-restore that is configured on /etc/rc.local
CsHelper.save_iptables("iptables-save", "/etc/iptables/router_rules.v4") CsHelper.save_iptables("iptables-save", "/etc/iptables/router_rules.v4")
CsHelper.save_iptables("ip6tables-save", "/etc/iptables/router_rules.v6") CsHelper.save_iptables("ip6tables-save", "/etc/iptables/router_rules.v6")
if __name__ == "__main__": if __name__ == "__main__":
main(sys.argv) main(sys.argv)

29
systemvm/patches/debian/config/opt/cloud/bin/cs/CsDhcp.py
View File

@ -50,12 +50,12 @@ class CsDhcp(CsDataBag):
self.configure_server() self.configure_server()
# We restart DNSMASQ every time the configure.py is called in order to avoid lease problems.
CsHelper.service("dnsmasq", "restart")
self.conf.commit() self.conf.commit()
self.cloud.commit() self.cloud.commit()
# We restart DNSMASQ every time the configure.py is called in order to avoid lease problems.
CsHelper.service("dnsmasq", "restart")
def configure_server(self): def configure_server(self):
# self.conf.addeq("dhcp-hostsfile=%s" % DHCP_HOSTS) # self.conf.addeq("dhcp-hostsfile=%s" % DHCP_HOSTS)
for i in self.devinfo: for i in self.devinfo:
@ -96,29 +96,8 @@ class CsDhcp(CsDataBag):
self.conf.search(sline, line) self.conf.search(sline, line)
def delete_leases(self): def delete_leases(self):
changed = []
leases = []
try: try:
for line in open(LEASES): open(LEASES, 'w').close()
bits = line.strip().split(' ')
to = {"device": bits[0],
"mac": bits[1],
"ip": bits[2],
"host": bits[3:],
"del": False
}
changed.append(to)
for v in changed:
if v['mac'] == to['mac'] or v['ip'] == to['ip'] or v['host'] == to['host']:
to['del'] = True
leases.append(to)
for o in leases:
if o['del']:
cmd = "dhcp_release eth%s %s %s" % (o['device'], o['ip'], o['mac'])
logging.info(cmd)
CsHelper.execute(cmd)
except IOError: except IOError:
return return

2
systemvm/patches/debian/config/opt/cloud/bin/update_config.py
View File

@ -41,7 +41,7 @@ currentGuestNetConfig = "/etc/cloudstack/guestnetwork.json"
def finish_config(): def finish_config():
# Converge # Converge
returncode = configure.main([]) returncode = configure.main(sys.argv)
sys.exit(returncode) sys.exit(returncode)

52
ui/scripts/network.js
View File

@ -3620,7 +3620,37 @@
requireValidation: true, requireValidation: true,
buttonLabel: 'Configure', buttonLabel: 'Configure',
action: cloudStack.uiCustom.healthCheck() action: cloudStack.uiCustom.healthCheck()
},
isHidden: function(args) {
if (!('vpc' in args.context)) { //From Guest Network section
var lbProviderIsNetscaler = false;
$.ajax({
url: createURL('listNetworkOfferings'),
data: {
id: args.context.networks[0].networkofferingid
},
async: false,
success: function(json) {
var networkOffering = json.listnetworkofferingsresponse.networkoffering[0];
var services = networkOffering.service;
lbProviderIsNetscaler = checkIfNetScalerProviderIsEnabled(services);
}
});
if (lbProviderIsNetscaler == true) { //Health-Check is only supported on Netscaler (but not on any other provider)
return false; //Show Health-Check button
} else {
return 2; //Hide Health-Check button (Both Header and Form)
}
} else { //From VPC section
var lbProviderIsNetscaler;
var services = args.context.vpc[0].service;
lbProviderIsNetscaler = checkIfNetScalerProviderIsEnabled(services);
if (lbProviderIsNetscaler == true) { //Health-Check is only supported on Netscaler (but not on any other provider)
return false; //Show Health-Check button
} else {
return 2; //Hide Health-Check button (both Header and Form)
}
}
} }
}, },
@ -6545,6 +6575,26 @@
} }
}; };
function checkIfNetScalerProviderIsEnabled(services) {
if (services != null) {
for (var i = 0; i < services.length; i++) {
if (services[i].name == 'Lb') {
var providers = services[i].provider;
if (providers != null) {
for (var k = 0; k < providers.length; k++) {
if (providers[k].name == 'Netscaler') {
return true;
}
}
}
return false;
}
}
}
return false;
}
function getExtaPropertiesForIpObj(ipObj, args) { function getExtaPropertiesForIpObj(ipObj, args) {
if (!('vpc' in args.context)) { //***** Guest Network section > Guest Network page > IP Address page ***** if (!('vpc' in args.context)) { //***** Guest Network section > Guest Network page > IP Address page *****
var services = args.context.networks[0].service; var services = args.context.networks[0].service;