mirror of
https://github.com/apache/cloudstack.git
synced 2025-10-26 08:42:29 +01:00
Merge branch 'master' into ui-multiple-nics
Conflicts: ui/scripts/network.js
This commit is contained in:
Brian Federle
commit
70164aa3bb
@ -38,10 +38,13 @@ import java.util.UUID;
|
||||
|
||||
import javax.naming.ConfigurationException;
|
||||
|
||||
import org.apache.commons.beanutils.PropertyUtils;
|
||||
import org.apache.commons.httpclient.HttpClient;
|
||||
import org.apache.commons.httpclient.MultiThreadedHttpConnectionManager;
|
||||
import org.apache.commons.httpclient.methods.GetMethod;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.apache.log4j.PropertyConfigurator;
|
||||
import org.apache.log4j.xml.DOMConfigurator;
|
||||
|
||||
import com.cloud.agent.Agent.ExitStatus;
|
||||
import com.cloud.agent.dao.StorageComponent;
|
||||
@ -377,6 +380,18 @@ public class AgentShell implements IAgentShell {
|
||||
|
||||
public void init(String[] args) throws ConfigurationException {
|
||||
|
||||
// PropertiesUtil is used both in management server and agent packages,
|
||||
// it searches path under class path and common J2EE containers
|
||||
// For KVM agent, do it specially here
|
||||
|
||||
File file = new File("/etc/cloudstack/agent/log4j-cloud.xml");
|
||||
if(file == null || !file.exists()) {
|
||||
file = PropertiesUtil.findConfigFile("log4j-cloud.xml");
|
||||
}
|
||||
DOMConfigurator.configureAndWatch(file.getAbsolutePath());
|
||||
|
||||
s_logger.info("Agent started");
|
||||
|
||||
final Class<?> c = this.getClass();
|
||||
_version = c.getPackage().getImplementationVersion();
|
||||
if (_version == null) {
|
||||
|
||||
@ -18,6 +18,7 @@ package com.cloud.agent.api;
|
||||
|
||||
import java.io.ByteArrayOutputStream;
|
||||
import java.io.IOException;
|
||||
import java.util.List;
|
||||
import java.util.zip.DeflaterOutputStream;
|
||||
|
||||
import org.apache.commons.codec.binary.Base64;
|
||||
@ -80,6 +81,7 @@ public class SecurityGroupRulesCmd extends Command {
|
||||
Long msId;
|
||||
IpPortAndProto [] ingressRuleSet;
|
||||
IpPortAndProto [] egressRuleSet;
|
||||
private List<String> secIps;
|
||||
|
||||
public SecurityGroupRulesCmd() {
|
||||
super();
|
||||
@ -103,6 +105,23 @@ public class SecurityGroupRulesCmd extends Command {
|
||||
}
|
||||
|
||||
|
||||
public SecurityGroupRulesCmd(String guestIp, String guestMac, String vmName, Long vmId, String signature, Long seqNum, IpPortAndProto[] ingressRuleSet, IpPortAndProto[] egressRuleSet, List<String> secIps) {
|
||||
super();
|
||||
this.guestIp = guestIp;
|
||||
this.vmName = vmName;
|
||||
this.ingressRuleSet = ingressRuleSet;
|
||||
this.egressRuleSet = egressRuleSet;
|
||||
this.guestMac = guestMac;
|
||||
this.signature = signature;
|
||||
this.seqNum = seqNum;
|
||||
this.vmId = vmId;
|
||||
if (signature == null) {
|
||||
String stringified = stringifyRules();
|
||||
this.signature = DigestUtils.md5Hex(stringified);
|
||||
}
|
||||
this.secIps = secIps;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean executeInSequence() {
|
||||
return true;
|
||||
@ -131,6 +150,10 @@ public class SecurityGroupRulesCmd extends Command {
|
||||
return guestIp;
|
||||
}
|
||||
|
||||
public List<String> getSecIps() {
|
||||
return secIps;
|
||||
}
|
||||
|
||||
|
||||
public String getVmName() {
|
||||
return vmName;
|
||||
@ -165,6 +188,20 @@ public class SecurityGroupRulesCmd extends Command {
|
||||
}
|
||||
|
||||
|
||||
public String getSecIpsString() {
|
||||
StringBuilder sb = new StringBuilder();
|
||||
List<String> ips = getSecIps();
|
||||
if (ips == null) {
|
||||
return "0:";
|
||||
} else {
|
||||
for (String ip : ips) {
|
||||
sb.append(ip).append(":");
|
||||
}
|
||||
}
|
||||
return sb.toString();
|
||||
}
|
||||
|
||||
|
||||
public String stringifyCompressedRules() {
|
||||
StringBuilder ruleBuilder = new StringBuilder();
|
||||
for (SecurityGroupRulesCmd.IpPortAndProto ipPandP : getIngressRuleSet()) {
|
||||
|
||||
@ -16,12 +16,15 @@
|
||||
// under the License.
|
||||
package com.cloud.agent.api.to;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
public class NicTO extends NetworkTO {
|
||||
int deviceId;
|
||||
Integer networkRateMbps;
|
||||
Integer networkRateMulticastMbps;
|
||||
boolean defaultNic;
|
||||
String uuid;
|
||||
List <String> nicSecIps;
|
||||
|
||||
public NicTO() {
|
||||
super();
|
||||
@ -69,4 +72,12 @@ public class NicTO extends NetworkTO {
|
||||
public String toString() {
|
||||
return new StringBuilder("[Nic:").append(type).append("-").append(ip).append("-").append(broadcastUri).append("]").toString();
|
||||
}
|
||||
|
||||
public void setNicSecIps(List<String> secIps) {
|
||||
this.nicSecIps = secIps;
|
||||
}
|
||||
|
||||
public List<String> getNicSecIps() {
|
||||
return nicSecIps;
|
||||
}
|
||||
}
|
||||
|
||||
@ -24,6 +24,7 @@ import org.apache.cloudstack.api.command.user.securitygroup.CreateSecurityGroupC
|
||||
import org.apache.cloudstack.api.command.user.securitygroup.DeleteSecurityGroupCmd;
|
||||
import org.apache.cloudstack.api.command.user.securitygroup.RevokeSecurityGroupEgressCmd;
|
||||
import org.apache.cloudstack.api.command.user.securitygroup.RevokeSecurityGroupIngressCmd;
|
||||
import org.apache.cloudstack.api.command.user.vm.AddIpToVmNicCmd;
|
||||
|
||||
import com.cloud.exception.InvalidParameterValueException;
|
||||
import com.cloud.exception.PermissionDeniedException;
|
||||
@ -45,5 +46,6 @@ public interface SecurityGroupService {
|
||||
public List<? extends SecurityRule> authorizeSecurityGroupIngress(AuthorizeSecurityGroupIngressCmd cmd);
|
||||
|
||||
public List<? extends SecurityRule> authorizeSecurityGroupEgress(AuthorizeSecurityGroupEgressCmd cmd);
|
||||
|
||||
public boolean securityGroupRulesForVmSecIp(Long nicId, Long networkId,
|
||||
String secondaryIp, boolean ruleAction);
|
||||
}
|
||||
|
||||
@ -37,6 +37,7 @@ public interface VirtualMachineTemplate extends ControlledEntity, Identity, Inte
|
||||
featured, // returns templates that have been marked as featured and public
|
||||
self, // returns templates that have been registered or created by the calling user
|
||||
selfexecutable, // same as self, but only returns templates that are ready to be deployed with
|
||||
shared, // including templates that have been granted to the calling user by another user
|
||||
sharedexecutable, // ready templates that have been granted to the calling user by another user
|
||||
executable, // templates that are owned by the calling user, or public templates, that can be used to deploy a
|
||||
community, // returns templates that have been marked as public but not featured
|
||||
|
||||
@ -33,7 +33,7 @@ import com.cloud.user.Account;
|
||||
import com.cloud.user.User;
|
||||
import com.cloud.user.UserContext;
|
||||
|
||||
@APICommand(name = "deleteUser", description="Creates a user for an account", responseObject=UserResponse.class)
|
||||
@APICommand(name = "deleteUser", description="Deletes a user for an account", responseObject=SuccessResponse.class)
|
||||
public class DeleteUserCmd extends BaseCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(DeleteUserCmd.class.getName());
|
||||
|
||||
@ -42,7 +42,7 @@ public class DeleteUserCmd extends BaseCmd {
|
||||
/////////////////////////////////////////////////////
|
||||
//////////////// API parameters /////////////////////
|
||||
/////////////////////////////////////////////////////
|
||||
@Parameter(name=ApiConstants.ID, type=CommandType.UUID, entityType=UserResponse.class, required=true, description="Deletes a user")
|
||||
@Parameter(name=ApiConstants.ID, type=CommandType.UUID, entityType=UserResponse.class, required=true, description="id of the user to be deleted")
|
||||
private Long id;
|
||||
|
||||
@Inject RegionService _regionService;
|
||||
|
||||
@ -28,6 +28,8 @@ import org.apache.cloudstack.api.response.NicResponse;
|
||||
import org.apache.cloudstack.api.response.NicSecondaryIpResponse;
|
||||
|
||||
import com.cloud.async.AsyncJob;
|
||||
import com.cloud.dc.DataCenter;
|
||||
import com.cloud.dc.DataCenter.NetworkType;
|
||||
import com.cloud.event.EventTypes;
|
||||
import com.cloud.exception.ConcurrentOperationException;
|
||||
import com.cloud.exception.InsufficientAddressCapacityException;
|
||||
@ -83,6 +85,9 @@ public class AddIpToVmNicCmd extends BaseAsyncCmd {
|
||||
|
||||
public Long getNetworkId() {
|
||||
Nic nic = _entityMgr.findById(Nic.class, nicId);
|
||||
if (nic == null) {
|
||||
throw new InvalidParameterValueException("Can't find network id for specified nic");
|
||||
}
|
||||
Long networkId = nic.getNetworkId();
|
||||
return networkId;
|
||||
}
|
||||
@ -98,6 +103,13 @@ public class AddIpToVmNicCmd extends BaseAsyncCmd {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
public NetworkType getNetworkType() {
|
||||
Network ntwk = _entityMgr.findById(Network.class, getNetworkId());
|
||||
DataCenter dc = _entityMgr.findById(DataCenter.class, ntwk.getDataCenterId());
|
||||
return dc.getNetworkType();
|
||||
}
|
||||
|
||||
@Override
|
||||
public long getEntityOwnerId() {
|
||||
Account caller = UserContext.current().getCaller();
|
||||
@ -134,7 +146,7 @@ public class AddIpToVmNicCmd extends BaseAsyncCmd {
|
||||
|
||||
UserContext.current().setEventDetails("Nic Id: " + getNicId() );
|
||||
String ip;
|
||||
String SecondaryIp = null;
|
||||
String secondaryIp = null;
|
||||
if ((ip = getIpaddress()) != null) {
|
||||
if (!NetUtils.isValidIp(ip)) {
|
||||
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Invalid ip address " + ip);
|
||||
@ -142,15 +154,24 @@ public class AddIpToVmNicCmd extends BaseAsyncCmd {
|
||||
}
|
||||
|
||||
try {
|
||||
SecondaryIp = _networkService.allocateSecondaryGuestIP(_accountService.getAccount(getEntityOwnerId()), getZoneId(), getNicId(), getNetworkId(), getIpaddress());
|
||||
secondaryIp = _networkService.allocateSecondaryGuestIP(_accountService.getAccount(getEntityOwnerId()), getZoneId(), getNicId(), getNetworkId(), getIpaddress());
|
||||
} catch (InsufficientAddressCapacityException e) {
|
||||
throw new InvalidParameterValueException("Allocating guest ip for nic failed");
|
||||
}
|
||||
|
||||
if (SecondaryIp != null) {
|
||||
s_logger.info("Associated ip address to NIC : " + SecondaryIp);
|
||||
if (secondaryIp != null) {
|
||||
if (getNetworkType() == NetworkType.Basic) {
|
||||
// add security group rules for the secondary ip addresses
|
||||
boolean success = false;
|
||||
success = _securityGroupService.securityGroupRulesForVmSecIp(getNicId(), getNetworkId(), secondaryIp, (boolean) true);
|
||||
if (success == false) {
|
||||
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to set security group rules for the secondary ip");
|
||||
}
|
||||
}
|
||||
|
||||
s_logger.info("Associated ip address to NIC : " + secondaryIp);
|
||||
NicSecondaryIpResponse response = new NicSecondaryIpResponse();
|
||||
response = _responseGenerator.createSecondaryIPToNicResponse(ip, getNicId(), getNetworkId());
|
||||
response = _responseGenerator.createSecondaryIPToNicResponse(secondaryIp, getNicId(), getNetworkId());
|
||||
response.setResponseName(getCommandName());
|
||||
this.setResponseObject(response);
|
||||
} else {
|
||||
|
||||
@ -27,15 +27,21 @@ import org.apache.cloudstack.api.ServerApiException;
|
||||
import org.apache.cloudstack.api.response.NicSecondaryIpResponse;
|
||||
import org.apache.cloudstack.api.response.SuccessResponse;
|
||||
import com.cloud.async.AsyncJob;
|
||||
import com.cloud.dc.DataCenter;
|
||||
import com.cloud.dc.DataCenter.NetworkType;
|
||||
import com.cloud.event.EventTypes;
|
||||
import com.cloud.exception.InsufficientAddressCapacityException;
|
||||
import com.cloud.exception.InvalidParameterValueException;
|
||||
import com.cloud.network.Network;
|
||||
import com.cloud.user.Account;
|
||||
import com.cloud.user.UserContext;
|
||||
import com.cloud.vm.Nic;
|
||||
import com.cloud.vm.NicSecondaryIp;
|
||||
|
||||
@APICommand(name = "removeIpFromNic", description="Assigns secondary IP to NIC.", responseObject=SuccessResponse.class)
|
||||
public class RemoveIpFromVmNicCmd extends BaseAsyncCmd {
|
||||
public static final Logger s_logger = Logger.getLogger(RemoveIpFromVmNicCmd.class.getName());
|
||||
private static final String s_name = "unassignsecondaryipaddrtonicresponse";
|
||||
private static final String s_name = "removeipfromnicresponse";
|
||||
|
||||
/////////////////////////////////////////////////////
|
||||
//////////////// API parameters /////////////////////
|
||||
@ -43,7 +49,7 @@ public class RemoveIpFromVmNicCmd extends BaseAsyncCmd {
|
||||
|
||||
@Parameter(name=ApiConstants.ID, type=CommandType.UUID, required = true, entityType = NicSecondaryIpResponse.class,
|
||||
description="the ID of the secondary ip address to nic")
|
||||
private long id;
|
||||
private Long id;
|
||||
|
||||
// unexposed parameter needed for events logging
|
||||
@Parameter(name=ApiConstants.ACCOUNT_ID, type=CommandType.UUID, expose=false)
|
||||
@ -57,7 +63,7 @@ public class RemoveIpFromVmNicCmd extends BaseAsyncCmd {
|
||||
return "nic_secondary_ips";
|
||||
}
|
||||
|
||||
public long getIpAddressId() {
|
||||
public Long getIpAddressId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
@ -80,6 +86,11 @@ public class RemoveIpFromVmNicCmd extends BaseAsyncCmd {
|
||||
return EventTypes.EVENT_NET_IP_ASSIGN;
|
||||
}
|
||||
|
||||
public NicSecondaryIp getIpEntry() {
|
||||
NicSecondaryIp nicSecIp = _entityMgr.findById(NicSecondaryIp.class, getIpAddressId());
|
||||
return nicSecIp;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String getEventDescription() {
|
||||
return ("Disassociating ip address with id=" + id);
|
||||
@ -98,16 +109,54 @@ public class RemoveIpFromVmNicCmd extends BaseAsyncCmd {
|
||||
return "addressinfo";
|
||||
}
|
||||
|
||||
public Long getNetworkId() {
|
||||
NicSecondaryIp nicSecIp = _entityMgr.findById(NicSecondaryIp.class, getIpAddressId());
|
||||
if (nicSecIp != null) {
|
||||
Long networkId = nicSecIp.getNetworkId();
|
||||
return networkId;
|
||||
} else {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
public NetworkType getNetworkType() {
|
||||
Network ntwk = _entityMgr.findById(Network.class, getNetworkId());
|
||||
if (ntwk != null) {
|
||||
DataCenter dc = _entityMgr.findById(DataCenter.class, ntwk.getDataCenterId());
|
||||
return dc.getNetworkType();
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void execute() throws InvalidParameterValueException {
|
||||
UserContext.current().setEventDetails("Ip Id: " + getIpAddressId());
|
||||
boolean result = _networkService.releaseSecondaryIpFromNic(getIpAddressId());
|
||||
UserContext.current().setEventDetails("Ip Id: " + id);
|
||||
NicSecondaryIp nicSecIp = getIpEntry();
|
||||
|
||||
if (nicSecIp == null) {
|
||||
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Invalid IP id is passed");
|
||||
}
|
||||
|
||||
if (getNetworkType() == NetworkType.Basic) {
|
||||
//remove the security group rules for this secondary ip
|
||||
boolean success = false;
|
||||
success = _securityGroupService.securityGroupRulesForVmSecIp(nicSecIp.getNicId(), nicSecIp.getNetworkId(),nicSecIp.getIp4Address(), false);
|
||||
if (success == false) {
|
||||
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to set security group rules for the secondary ip");
|
||||
}
|
||||
}
|
||||
|
||||
try {
|
||||
boolean result = _networkService.releaseSecondaryIpFromNic(id);
|
||||
if (result) {
|
||||
SuccessResponse response = new SuccessResponse(getCommandName());
|
||||
this.setResponseObject(response);
|
||||
} else {
|
||||
throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to remove secondary ip address for the nic");
|
||||
}
|
||||
} catch (InvalidParameterValueException e) {
|
||||
throw new InvalidParameterValueException("Removing guest ip from nic failed");
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -20,28 +20,38 @@ import java.util.List;
|
||||
|
||||
import org.apache.cloudstack.api.ApiConstants;
|
||||
import org.apache.cloudstack.api.BaseResponse;
|
||||
import org.apache.cloudstack.api.EntityReference;
|
||||
|
||||
import com.cloud.network.rules.FirewallRule;
|
||||
import com.cloud.serializer.Param;
|
||||
import com.cloud.vm.NicSecondaryIp;
|
||||
import com.google.gson.annotations.SerializedName;
|
||||
|
||||
@EntityReference(value=NicSecondaryIp.class)
|
||||
@SuppressWarnings("unused")
|
||||
public class NicSecondaryIpResponse extends BaseResponse {
|
||||
|
||||
@SerializedName(ApiConstants.ID) @Param(description="the ID of the secondary private IP addr")
|
||||
private Long id;
|
||||
private String id;
|
||||
|
||||
@SerializedName(ApiConstants.IP_ADDRESS) @Param(description="Secondary IP address")
|
||||
private String ipAddr;
|
||||
|
||||
@SerializedName(ApiConstants.NIC_ID) @Param(description="the ID of the nic")
|
||||
private Long nicId;
|
||||
private String nicId;
|
||||
|
||||
@SerializedName(ApiConstants.NETWORK_ID) @Param(description="the ID of the network")
|
||||
private Long nwId;
|
||||
private String nwId;
|
||||
|
||||
@SerializedName(ApiConstants.VIRTUAL_MACHINE_ID) @Param(description="the ID of the vm")
|
||||
private Long vmId;
|
||||
private String vmId;
|
||||
|
||||
public Long getId() {
|
||||
@Override
|
||||
public String getObjectId() {
|
||||
return this.getId();
|
||||
}
|
||||
|
||||
public String getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
@ -53,32 +63,32 @@ public class NicSecondaryIpResponse extends BaseResponse {
|
||||
this.ipAddr = ipAddr;
|
||||
}
|
||||
|
||||
public Long getNicId() {
|
||||
public String getNicId() {
|
||||
return nicId;
|
||||
}
|
||||
|
||||
public void setNicId(Long nicId) {
|
||||
this.nicId = nicId;
|
||||
public void setNicId(String string) {
|
||||
this.nicId = string;
|
||||
}
|
||||
|
||||
public Long getNwId() {
|
||||
public String getNwId() {
|
||||
return nwId;
|
||||
}
|
||||
|
||||
public void setNwId(Long nwId) {
|
||||
public void setNwId(String nwId) {
|
||||
this.nwId = nwId;
|
||||
}
|
||||
|
||||
public Long getVmId() {
|
||||
public String getVmId() {
|
||||
return vmId;
|
||||
}
|
||||
|
||||
public void setVmId(Long vmId) {
|
||||
public void setVmId(String vmId) {
|
||||
this.vmId = vmId;
|
||||
}
|
||||
|
||||
public Long setId(Long id) {
|
||||
return id;
|
||||
public void setId(String id) {
|
||||
this.id = id;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -109,10 +109,6 @@
|
||||
<property name="name" value="HypervisorAdapter"/>
|
||||
</bean>
|
||||
|
||||
<bean id="bareMetalTemplateAdapter" class="com.cloud.baremetal.BareMetalTemplateAdapter">
|
||||
<property name="name" value="BareMetalAdapter"/>
|
||||
</bean>
|
||||
|
||||
<!--
|
||||
Storage pool allocators
|
||||
-->
|
||||
|
||||
@ -1,33 +0,0 @@
|
||||
<?xml version="1.0"?>
|
||||
<!--
|
||||
Licensed to the Apache Software Foundation (ASF) under one
|
||||
or more contributor license agreements. See the NOTICE file
|
||||
distributed with this work for additional information
|
||||
regarding copyright ownership. The ASF licenses this file
|
||||
to you under the Apache License, Version 2.0 (the
|
||||
"License"); you may not use this file except in compliance
|
||||
with the License. You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing,
|
||||
software distributed under the License is distributed on an
|
||||
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
KIND, either express or implied. See the License for the
|
||||
specific language governing permissions and limitations
|
||||
under the License.
|
||||
-->
|
||||
<components-cloudzones.xml>
|
||||
<system-integrity-checker class="com.cloud.upgrade.DatabaseUpgradeChecker">
|
||||
<checker name="ManagementServerNode" class="com.cloud.cluster.ManagementServerNode"/>
|
||||
<checker name="PremiumDatabaseUpgradeChecker" class="com.cloud.upgrade.PremiumDatabaseUpgradeChecker"/>
|
||||
</system-integrity-checker>
|
||||
|
||||
<management-server class="com.cloud.server.ManagementServerExtImpl" library="com.cloud.configuration.CloudZonesComponentLibrary" extends="components-premium.xml:management-server"/>
|
||||
|
||||
<configuration-server class="com.cloud.server.ConfigurationServerImpl" extends="components.xml:configuration-server">
|
||||
<dao name="Configuration configuration server" class="com.cloud.configuration.dao.ConfigurationDaoImpl" singleton="false">
|
||||
<param name="premium">true</param>
|
||||
</dao>
|
||||
</configuration-server>
|
||||
</components-cloudzones.xml>
|
||||
@ -1,97 +0,0 @@
|
||||
<?xml version="1.0"?>
|
||||
<!--
|
||||
Licensed to the Apache Software Foundation (ASF) under one
|
||||
or more contributor license agreements. See the NOTICE file
|
||||
distributed with this work for additional information
|
||||
regarding copyright ownership. The ASF licenses this file
|
||||
to you under the Apache License, Version 2.0 (the
|
||||
"License"); you may not use this file except in compliance
|
||||
with the License. You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing,
|
||||
software distributed under the License is distributed on an
|
||||
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
KIND, either express or implied. See the License for the
|
||||
specific language governing permissions and limitations
|
||||
under the License.
|
||||
-->
|
||||
<!--
|
||||
components.xml is the configuration file for the VM Ops
|
||||
insertion servers. Someone can quickly pull together an
|
||||
insertion server by selecting the correct adapters to use.
|
||||
|
||||
Here are some places to look for information.
|
||||
- To find out the general functionality that each Manager
|
||||
or Adapter provide, look at the javadoc for the interface
|
||||
that it implements. The interface is usually the
|
||||
"key" attribute in the declaration.
|
||||
- To find specific implementation of each Manager or
|
||||
Adapter, look at the javadoc for the actual class. The
|
||||
class can be found in the <class> element.
|
||||
- To find out the configuration parameters for each Manager
|
||||
or Adapter, look at the javadoc for the actual implementation
|
||||
class. It should be documented in the description of the
|
||||
class.
|
||||
- To know more about the components.xml in general, look for
|
||||
the javadoc for ComponentLocator.java.
|
||||
|
||||
If you found that the Manager or Adapter are not properly
|
||||
documented, please contact the author.
|
||||
-->
|
||||
<components-nonoss.xml>
|
||||
<system-integrity-checker class="com.cloud.upgrade.DatabaseUpgradeChecker">
|
||||
<checker name="ManagementServerNode" class="com.cloud.cluster.ManagementServerNode"/>
|
||||
<checker name="PremiumDatabaseUpgradeChecker" class="com.cloud.upgrade.PremiumDatabaseUpgradeChecker"/>
|
||||
</system-integrity-checker>
|
||||
|
||||
<management-server class="com.cloud.server.ManagementServerExtImpl" library="com.cloud.configuration.PremiumComponentLibrary" extends="components.xml:management-server">
|
||||
<adapters key="com.cloud.ha.Investigator">
|
||||
<adapter name="VmwareInvestigator" class="com.cloud.ha.VmwareInvestigator"/>
|
||||
</adapters>
|
||||
|
||||
<adapters key="com.cloud.ha.FenceBuilder">
|
||||
<adapter name="VmwareFenceBuilder" class="com.cloud.ha.VmwareFencer"/>
|
||||
</adapters>
|
||||
|
||||
<adapters key="com.cloud.resource.Discoverer">
|
||||
<adapter name="VShpereServer" class="com.cloud.hypervisor.vmware.VmwareServerDiscoverer"/>
|
||||
</adapters>
|
||||
|
||||
<adapters key="com.cloud.network.element.NetworkElement">
|
||||
<adapter name="JuniperSRX" class="com.cloud.network.element.JuniperSRXExternalFirewallElement"/>
|
||||
<adapter name="Netscaler" class="com.cloud.network.element.NetscalerElement"/>
|
||||
<adapter name="F5BigIP" class="com.cloud.network.element.F5ExternalLoadBalancerElement"/>
|
||||
<adapter name="CiscoNexus1000vVSM" class="com.cloud.network.element.CiscoNexusVSMElement"/>
|
||||
</adapters>
|
||||
|
||||
<adapters key="com.cloud.hypervisor.HypervisorGuru">
|
||||
<adapter name="VMwareGuru" class="com.cloud.hypervisor.guru.VMwareGuru"/>
|
||||
</adapters>
|
||||
|
||||
<manager name="VmwareManager" key="com.cloud.hypervisor.vmware.manager.VmwareManager" class="com.cloud.hypervisor.vmware.manager.VmwareManagerImpl"/>
|
||||
<manager name="NetappManager" key="com.cloud.netapp.NetappManager" class="com.cloud.netapp.NetappManagerImpl"/>
|
||||
<pluggableservice name="NetscalerExternalLoadBalancerElementService" key="com.cloud.network.element.NetscalerLoadBalancerElementService" class="com.cloud.network.element.NetscalerElement"/>
|
||||
<pluggableservice name="F5ExternalLoadBalancerElementService" key="com.cloud.network.element.F5ExternalLoadBalancerElementService" class="com.cloud.network.element.F5ExternalLoadBalancerElement"/>
|
||||
<pluggableservice name="JuniperSRXFirewallElementService" key="com.cloud.network.element.JuniperSRXFirewallElementService" class="com.cloud.network.element.JuniperSRXExternalFirewallElement"/>
|
||||
<pluggableservice name="CiscoNexusVSMElementService" key="com.cloud.network.element.CiscoNexusVSMElementService" class="com.cloud.network.element.CiscoNexusVSMElement"/>
|
||||
|
||||
<dao name="NetScalerPodDao" class="com.cloud.network.dao.NetScalerPodDaoImpl" singleton="false"/>
|
||||
<dao name="CiscoNexusVSMDeviceDao" class="com.cloud.network.dao.CiscoNexusVSMDeviceDaoImpl" singleton="false"/>
|
||||
<dao name="NetappPool" class="com.cloud.netapp.dao.PoolDaoImpl" singleton="false"/>
|
||||
<dao name="NetappVolume" class="com.cloud.netapp.dao.VolumeDaoImpl" singleton="false"/>
|
||||
<dao name="NetappLun" class="com.cloud.netapp.dao.LunDaoImpl" singleton="false"/>
|
||||
<dao name="Configuration configuration server" class="com.cloud.configuration.dao.ConfigurationDaoImpl" singleton="false">
|
||||
<param name="premium">true</param>
|
||||
</dao>
|
||||
</management-server>
|
||||
<configuration-server class="com.cloud.server.ConfigurationServerImpl" extends="components.xml:configuration-server">
|
||||
<dao name="Configuration configuration server" class="com.cloud.configuration.dao.ConfigurationDaoImpl" singleton="false">
|
||||
<param name="premium">true</param>
|
||||
</dao>
|
||||
</configuration-server>
|
||||
|
||||
|
||||
|
||||
</components-nonoss.xml>
|
||||
@ -1,306 +0,0 @@
|
||||
<?xml version="1.0"?>
|
||||
<!--
|
||||
Licensed to the Apache Software Foundation (ASF) under one
|
||||
or more contributor license agreements. See the NOTICE file
|
||||
distributed with this work for additional information
|
||||
regarding copyright ownership. The ASF licenses this file
|
||||
to you under the Apache License, Version 2.0 (the
|
||||
"License"); you may not use this file except in compliance
|
||||
with the License. You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing,
|
||||
software distributed under the License is distributed on an
|
||||
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
KIND, either express or implied. See the License for the
|
||||
specific language governing permissions and limitations
|
||||
under the License.
|
||||
-->
|
||||
<!--
|
||||
components.xml is the configuration file for the VM Ops
|
||||
insertion servers. Someone can quickly pull together an
|
||||
insertion server by selecting the correct adapters to use.
|
||||
|
||||
Here are some places to look for information.
|
||||
- To find out the general functionality that each Manager
|
||||
or Adapter provide, look at the javadoc for the interface
|
||||
that it implements. The interface is usually the
|
||||
"key" attribute in the declaration.
|
||||
- To find specific implementation of each Manager or
|
||||
Adapter, look at the javadoc for the actual class. The
|
||||
class can be found in the <class> element.
|
||||
- To find out the configuration parameters for each Manager
|
||||
or Adapter, look at the javadoc for the actual implementation
|
||||
class. It should be documented in the description of the
|
||||
class.
|
||||
- To know more about the components.xml in general, look for
|
||||
the javadoc for ComponentLocator.java.
|
||||
|
||||
If you found that the Manager or Adapter are not properly
|
||||
documented, please contact the author.
|
||||
-->
|
||||
<components.xml>
|
||||
<system-integrity-checker class="com.cloud.upgrade.DatabaseUpgradeChecker">
|
||||
<checker name="ManagementServerNode" class="com.cloud.cluster.ManagementServerNode"/>
|
||||
<checker name="EncryptionSecretKeyChecker" class="com.cloud.utils.crypt.EncryptionSecretKeyChecker"/>
|
||||
<checker name="DatabaseIntegrityChecker" class="com.cloud.upgrade.DatabaseIntegrityChecker"/>
|
||||
<checker name="DatabaseUpgradeChecker" class="com.cloud.upgrade.PremiumDatabaseUpgradeChecker"/>
|
||||
</system-integrity-checker>
|
||||
|
||||
<interceptor library="com.cloud.configuration.DefaultInterceptorLibrary"/>
|
||||
<management-server class="com.cloud.server.ManagementServerExtImpl" library="com.cloud.configuration.PremiumComponentLibrary">
|
||||
<dao name="Configuration configuration server" class="com.cloud.configuration.dao.ConfigurationDaoImpl">
|
||||
<param name="premium">true</param>
|
||||
</dao>
|
||||
<adapters key="org.apache.cloudstack.acl.APIChecker">
|
||||
<adapter name="AccountBasedAPIRateLimit" class="org.apache.cloudstack.ratelimit.ApiRateLimitServiceImpl" singleton="true">
|
||||
<param name="api.throttling.interval">1</param>
|
||||
<param name="api.throttling.max">25</param>
|
||||
<param name="api.throttling.cachesize">50000</param>
|
||||
</adapter>
|
||||
<adapter name="StaticRoleBasedAPIAccessChecker" class="org.apache.cloudstack.acl.StaticRoleBasedAPIAccessChecker"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.agent.manager.allocator.HostAllocator">
|
||||
<adapter name="FirstFitRouting" class="com.cloud.agent.manager.allocator.impl.FirstFitRoutingAllocator"/>
|
||||
<!--adapter name="FirstFitRouting" class="com.cloud.agent.manager.allocator.impl.RecreateHostAllocator"/-->
|
||||
<!--adapter name="FirstFit" class="com.cloud.agent.manager.allocator.impl.FirstFitAllocator"/-->
|
||||
</adapters>
|
||||
<adapters key="com.cloud.agent.manager.allocator.PodAllocator">
|
||||
<adapter name="User First" class="com.cloud.agent.manager.allocator.impl.UserConcentratedAllocator"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.consoleproxy.ConsoleProxyAllocator">
|
||||
<adapter name="Balance" class="com.cloud.consoleproxy.ConsoleProxyBalanceAllocator"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.network.guru.NetworkGuru">
|
||||
<!--
|
||||
NOTE: The order of those gurus implicates priority of network traffic types the guru implements.
|
||||
The upper the higher priority. It effects listTafficTypeImplementors API which returns impelmentor
|
||||
of a specific network traffic.
|
||||
A fair question is, if two gurus implement the same two network traffic types, but these traffic types
|
||||
have cross priority, how to rank them? For example:
|
||||
GuruA (TrafficTypeA, TrafficTypeB)
|
||||
GuruB (TrafficTypeA, TrafficTypeB)
|
||||
we want GuruB.TrafficTypeB > GuruA.TrafficTypeB and GuruB.TrafficTypeA < GuruA.TrafficTypeA. As the priority
|
||||
implicated by order can not map to multiple traffic type, you have to do implement GuruC which inherits GuruB
|
||||
for TrafficTypeB. Then ranking them in order of:
|
||||
GuruC (TrafficTypeB)
|
||||
GuruA (TrafficTypeA, TrafficTypeB)
|
||||
GuruB (TrafficTypeA, TrafficTypeB)
|
||||
now GuruC represents TrafficTypeB with highest priority while GuruA represents TrafficTypeA with highest pirority.
|
||||
|
||||
However, above case barely happens.
|
||||
-->
|
||||
|
||||
<adapter name="StorageNetworkGuru" class="com.cloud.network.guru.StorageNetworkGuru"/>
|
||||
<adapter name="ExternalGuestNetworkGuru" class="com.cloud.network.guru.ExternalGuestNetworkGuru"/>
|
||||
<adapter name="PublicNetworkGuru" class="com.cloud.network.guru.PublicNetworkGuru"/>
|
||||
<adapter name="PodBasedNetworkGuru" class="com.cloud.network.guru.PodBasedNetworkGuru"/>
|
||||
<adapter name="ControlNetworkGuru" class="com.cloud.network.guru.ControlNetworkGuru"/>
|
||||
<adapter name="DirectNetworkGuru" class="com.cloud.network.guru.DirectNetworkGuru"/>
|
||||
<adapter name="DirectPodBasedNetworkGuru" class="com.cloud.network.guru.DirectPodBasedNetworkGuru"/>
|
||||
<adapter name="OvsGuestNetworkGuru" class="com.cloud.network.guru.OvsGuestNetworkGuru"/>
|
||||
<adapter name="PrivateNetworkGuru" class="com.cloud.network.guru.PrivateNetworkGuru"/>
|
||||
<adapter name="NiciraNvpGuestNetworkGuru" class="com.cloud.network.guru.NiciraNvpGuestNetworkGuru"/>
|
||||
<adapter name="BigSwitchVnsGuestNetworkGuru" class="com.cloud.network.guru.BigSwitchVnsGuestNetworkGuru"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.cluster.ClusterServiceAdapter">
|
||||
<adapter name="ClusterService" class="com.cloud.cluster.ClusterServiceServletAdapter"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.storage.secondary.SecondaryStorageVmAllocator">
|
||||
<adapter name="Balance" class="com.cloud.storage.secondary.SecondaryStorageVmDefaultAllocator"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.network.IpAddrAllocator">
|
||||
<adapter name="Basic" class="com.cloud.network.ExteralIpAddressAllocator"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.server.auth.UserAuthenticator">
|
||||
<!-- <adapter name="SHA256SALT" class="com.cloud.server.auth.SHA256SaltedUserAuthenticator"/> -->
|
||||
<adapter name="MD5" class="com.cloud.server.auth.MD5UserAuthenticator"/>
|
||||
<adapter name="LDAP" class="com.cloud.server.auth.LDAPUserAuthenticator"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.ha.Investigator">
|
||||
<adapter name="SimpleInvestigator" class="com.cloud.ha.CheckOnAgentInvestigator"/>
|
||||
<adapter name="XenServerInvestigator" class="com.cloud.ha.XenServerInvestigator"/>
|
||||
<adapter name="PingInvestigator" class="com.cloud.ha.UserVmDomRInvestigator"/>
|
||||
<adapter name="ManagementIPSysVMInvestigator" class="com.cloud.ha.ManagementIPSystemVMInvestigator"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.ha.FenceBuilder">
|
||||
<adapter name="XenServerFenceBuilder" class="com.cloud.ha.XenServerFencer"/>
|
||||
<adapter name="KVMFenceBuilder" class="com.cloud.ha.KVMFencer"/>
|
||||
<adapter name="OvmFenceBuilder" class="com.cloud.ovm.hypervisor.OvmFencer"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.hypervisor.HypervisorGuru">
|
||||
<adapter name="XenServerGuru" class="com.cloud.hypervisor.XenServerGuru"/>
|
||||
<adapter name="KVMGuru" class="com.cloud.hypervisor.KVMGuru"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.resource.Discoverer">
|
||||
<adapter name="XCP Agent" class="com.cloud.hypervisor.xen.discoverer.XcpServerDiscoverer"/>
|
||||
<adapter name="SecondaryStorage" class="com.cloud.storage.secondary.SecondaryStorageDiscoverer"/>
|
||||
<adapter name="KVM Agent" class="com.cloud.hypervisor.kvm.discoverer.KvmServerDiscoverer"/>
|
||||
<adapter name="Bare Metal Agent" class="com.cloud.baremetal.BareMetalDiscoverer"/>
|
||||
<adapter name="SCVMMServer" class="com.cloud.hypervisor.hyperv.HypervServerDiscoverer"/>
|
||||
<adapter name="Ovm Discover" class="com.cloud.ovm.hypervisor.OvmDiscoverer" />
|
||||
</adapters>
|
||||
<adapters key="com.cloud.deploy.DeploymentPlanner">
|
||||
<adapter name="First Fit" class="com.cloud.deploy.FirstFitPlanner"/>
|
||||
<adapter name="UserDispersing" class="com.cloud.deploy.UserDispersingPlanner"/>
|
||||
<adapter name="UserConcentratedPod" class="com.cloud.deploy.UserConcentratedPodPlanner"/>
|
||||
<adapter name="BareMetal Fit" class="com.cloud.deploy.BareMetalPlanner"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.alert.AlertAdapter">
|
||||
<adapter name="ClusterAlert" class="com.cloud.alert.ClusterAlertAdapter"/>
|
||||
<adapter name="ConsoleProxyAlert" class="com.cloud.alert.ConsoleProxyAlertAdapter"/>
|
||||
<adapter name="SecondaryStorageVmAlert" class="com.cloud.alert.SecondaryStorageVmAlertAdapter"/>
|
||||
</adapters>
|
||||
<adapters key="org.apache.cloudstack.acl.SecurityChecker">
|
||||
<adapter name="DomainChecker" class="com.cloud.acl.DomainChecker"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.network.element.NetworkElement">
|
||||
<adapter name="VirtualRouter" class="com.cloud.network.element.VirtualRouterElement"/>
|
||||
<adapter name="Ovs" class="com.cloud.network.element.OvsElement"/>
|
||||
<adapter name="ExternalDhcpServer" class="com.cloud.network.element.ExternalDhcpElement"/>
|
||||
<adapter name="BareMetal" class="com.cloud.network.element.BareMetalElement"/>
|
||||
<adapter name="SecurityGroupProvider" class="com.cloud.network.element.SecurityGroupElement"/>
|
||||
<adapter name="VpcVirtualRouter" class="com.cloud.network.element.VpcVirtualRouterElement"/>
|
||||
<adapter name="NiciraNvp" class="com.cloud.network.element.NiciraNvpElement"/>
|
||||
<adapter name="BigSwitchVns" class="com.cloud.network.element.BigSwitchVnsElement"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.network.element.FirewallServiceProvider">
|
||||
<adapter name="VirtualRouter" class="com.cloud.network.element.VirtualRouterElement"/>
|
||||
<adapter name="VpcVirtualRouter" class="com.cloud.network.element.VpcVirtualRouterElement"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.network.element.DhcpServiceProvider">
|
||||
<adapter name="VirtualRouter" class="com.cloud.network.element.VirtualRouterElement"/>
|
||||
<adapter name="ExternalDhcpElement" class="com.cloud.network.element.ExternalDhcpElement"/>
|
||||
<adapter name="VpcVirtualRouter" class="com.cloud.network.element.VpcVirtualRouterElement"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.network.element.UserDataServiceProvider">
|
||||
<adapter name="VirtualRouter" class="com.cloud.network.element.VirtualRouterElement"/>
|
||||
<adapter name="VpcVirtualRouter" class="com.cloud.network.element.VpcVirtualRouterElement"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.network.element.SourceNatServiceProvider">
|
||||
<adapter name="VirtualRouter" class="com.cloud.network.element.VirtualRouterElement"/>
|
||||
<adapter name="VpcVirtualRouter" class="com.cloud.network.element.VpcVirtualRouterElement"/>
|
||||
<adapter name="NiciraNvp" class="com.cloud.network.element.NiciraNvpElement"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.network.element.StaticNatServiceProvider">
|
||||
<adapter name="VirtualRouter" class="com.cloud.network.element.VirtualRouterElement"/>
|
||||
<adapter name="VpcVirtualRouter" class="com.cloud.network.element.VpcVirtualRouterElement"/>
|
||||
<adapter name="NiciraNvp" class="com.cloud.network.element.NiciraNvpElement"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.network.element.PortForwardingServiceProvider">
|
||||
<adapter name="VirtualRouter" class="com.cloud.network.element.VirtualRouterElement"/>
|
||||
<adapter name="VpcVirtualRouter" class="com.cloud.network.element.VpcVirtualRouterElement"/>
|
||||
<adapter name="NiciraNvp" class="com.cloud.network.element.NiciraNvpElement"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.network.element.LoadBalancingServiceProvider">
|
||||
<adapter name="VirtualRouter" class="com.cloud.network.element.VirtualRouterElement"/>
|
||||
<adapter name="VpcVirtualRouter" class="com.cloud.network.element.VpcVirtualRouterElement"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.network.element.RemoteAccessVPNServiceProvider">
|
||||
<adapter name="VirtualRouter" class="com.cloud.network.element.VirtualRouterElement"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.network.element.Site2SiteVpnServiceProvider">
|
||||
<adapter name="VpcVirtualRouter" class="com.cloud.network.element.VpcVirtualRouterElement"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.network.element.IpDeployer">
|
||||
<adapter name="VirtualRouter" class="com.cloud.network.element.VirtualRouterElement"/>
|
||||
<adapter name="VpcVirtualRouter" class="com.cloud.network.element.VpcVirtualRouterElement"/>
|
||||
<adapter name="NiciraNvp" class="com.cloud.network.element.NiciraNvpElement"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.network.element.ConnectivityProvider">
|
||||
<adapter name="NiciraNvp" class="com.cloud.network.element.NiciraNvpElement"/>
|
||||
<adapter name="BigSwitchVns" class="com.cloud.network.element.BigSwitchVnsElement"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.network.element.NetworkACLServiceProvider">
|
||||
<adapter name="VpcVirtualRouter" class="com.cloud.network.element.VpcVirtualRouterElement"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.network.element.VpcProvider">
|
||||
<adapter name="VpcVirtualRouter" class="com.cloud.network.element.VpcVirtualRouterElement"/>
|
||||
</adapters>
|
||||
|
||||
<adapters key="com.cloud.cluster.agentlb.AgentLoadBalancerPlanner">
|
||||
<adapter name="ClusterBasedAgentLbPlanner" class="com.cloud.cluster.agentlb.ClusterBasedAgentLoadBalancerPlanner"/>
|
||||
</adapters>
|
||||
<adapters key="com.cloud.hypervisor.HypervisorGuru">
|
||||
<adapter name="XenServerGuru" class="com.cloud.hypervisor.XenServerGuru"/>
|
||||
<adapter name="KVMGuru" class="com.cloud.hypervisor.KVMGuru"/>
|
||||
<adapter name="BareMetalGuru" class="com.cloud.baremetal.BareMetalGuru"/>
|
||||
<adapter name="HypervGuru" class="com.cloud.hypervisor.guru.HypervGuru"/>
|
||||
<adapter name="OvmGuru" class="com.cloud.ovm.hypervisor.OvmGuru" />
|
||||
</adapters>
|
||||
<adapters key="com.cloud.agent.StartupCommandProcessor">
|
||||
<adapter name="BasicAgentAuthorizer" class="com.cloud.agent.manager.authn.impl.BasicAgentAuthManager"/>
|
||||
</adapters>
|
||||
<manager name="OvsTunnelManager" key="com.cloud.network.ovs.OvsTunnelManager" class="com.cloud.network.ovs.OvsTunnelManagerImpl"/>
|
||||
<manager name="ElasticLoadBalancerManager" key="com.cloud.network.lb.ElasticLoadBalancerManager" class="com.cloud.network.lb.ElasticLoadBalancerManagerImpl"/>
|
||||
<pluggableservice name="ApiDiscoveryService" key="org.apache.cloudstack.discovery.ApiDiscoveryService" class="org.apache.cloudstack.discovery.ApiDiscoveryServiceImpl"/>
|
||||
<pluggableservice name="VirtualRouterElementService" key="com.cloud.network.element.VirtualRouterElementService" class="com.cloud.network.element.VirtualRouterElement"/>
|
||||
<pluggableservice name="NiciraNvpElementService" key="com.cloud.network.element.NiciraNvpElementService" class="com.cloud.network.element.NiciraNvpElement"/>
|
||||
<pluggableservice name="ApiRateLimitService" key="org.apache.cloudstack.ratelimit.ApiRateLimitService" class="org.apache.cloudstack.ratelimit.ApiRateLimitServiceImpl"/>
|
||||
<pluggableservice name="BigSwitchVnsElementService" key="com.cloud.network.element.BigSwitchVnsElementService" class="com.cloud.network.element.BigSwitchVnsElement"/>
|
||||
<dao name="OvsTunnelInterfaceDao" class="com.cloud.network.ovs.dao.OvsTunnelInterfaceDaoImpl" singleton="false"/>
|
||||
<dao name="OvsTunnelAccountDao" class="com.cloud.network.ovs.dao.OvsTunnelNetworkDaoImpl" singleton="false"/>
|
||||
<dao name="NiciraNvpDao" class="com.cloud.network.dao.NiciraNvpDaoImpl" singleton="false"/>
|
||||
<dao name="NiciraNvpNicMappingDao" class="com.cloud.network.dao.NiciraNvpNicMappingDaoImpl" singleton="false"/>
|
||||
<dao name="NiciraNvpRouterMappingDao" class="com.cloud.network.dao.NiciraNvpRouterMappingDaoImpl" singleton="false"/>
|
||||
<dao name="ElasticLbVmMapDao" class="com.cloud.network.lb.dao.ElasticLbVmMapDaoImpl" singleton="false"/>
|
||||
<dao name="BigSwitchVnsDao" class="com.cloud.network.dao.BigSwitchVnsDaoImpl" singleton="false"/>
|
||||
</management-server>
|
||||
|
||||
<configuration-server class="com.cloud.server.ConfigurationServerImpl">
|
||||
<dao name="Configuration configuration server" class="com.cloud.configuration.dao.ConfigurationDaoImpl" singleton="false">
|
||||
<param name="premium">true</param>
|
||||
</dao>
|
||||
<dao name="Snapshot policy defaults" class="com.cloud.storage.dao.SnapshotPolicyDaoImpl" singleton="false"/>
|
||||
<dao name="DiskOffering configuration server" class="com.cloud.storage.dao.DiskOfferingDaoImpl" singleton="false"/>
|
||||
<dao name="ServiceOffering configuration server" class="com.cloud.service.dao.ServiceOfferingDaoImpl" singleton="false"/>
|
||||
<dao name="host zone configuration server" class="com.cloud.dc.dao.DataCenterDaoImpl" singleton="false"/>
|
||||
<dao name="host pod configuration server" class="com.cloud.dc.dao.HostPodDaoImpl" singleton="false"/>
|
||||
<dao name="DomainDao" class="com.cloud.domain.dao.DomainDaoImpl" singleton="false"/>
|
||||
<dao name="NetworkOfferingDao" class="com.cloud.offerings.dao.NetworkOfferingDaoImpl" singleton="false"/>
|
||||
<dao name="DataCenterDao" class="com.cloud.dc.dao.DataCenterDaoImpl" singleton="false"/>
|
||||
<dao name="NetworkDao" class="com.cloud.network.dao.NetworkDaoImpl" singleton="false"/>
|
||||
<dao name="IpAddressDao" class="com.cloud.network.dao.IPAddressDaoImpl" singleton="false"/>
|
||||
<dao name="VlanDao" class="com.cloud.dc.dao.VlanDaoImpl" singleton="false"/>
|
||||
<dao name="ResouceCountDao" class="com.cloud.configuration.dao.ResourceCountDaoImpl" singleton="false"/>
|
||||
<dao name="AccountDao" class="com.cloud.user.dao.AccountDaoImpl" singleton="false"/>
|
||||
<dao name="UserDao" class="com.cloud.user.dao.UserDaoImpl" singleton="false"/>
|
||||
<dao name="NetworkOfferingServiceDao" class="com.cloud.offerings.dao.NetworkOfferingServiceMapDaoImpl" singleton="false"/>
|
||||
<dao name="VirtualRouterProviderDao" class="com.cloud.network.dao.VirtualRouterProviderDaoImpl" singleton="false"/>
|
||||
<dao name="IdentityDao" class="com.cloud.uuididentity.dao.IdentityDaoImpl" singleton="false"/>
|
||||
<dao name="Site2SiteCustomerGatewayDao" class="com.cloud.network.dao.Site2SiteCustomerGatewayDaoImpl" singleton="false"/>
|
||||
<dao name="Site2SiteVpnGatewayDao" class="com.cloud.network.dao.Site2SiteVpnGatewayDaoImpl" singleton="false"/>
|
||||
<dao name="Site2SiteVpnConnectionDao" class="com.cloud.network.dao.Site2SiteVpnConnectionDaoImpl" singleton="false"/>
|
||||
<dao name="RegionDao" class="org.apache.cloudstack.region.dao.RegionDaoImpl" singleton="false"/>
|
||||
<dao name="UserIpv6AddressDao" class="com.cloud.network.dao.UserIpv6AddressDaoImpl" singleton="false"/>
|
||||
</configuration-server>
|
||||
|
||||
<awsapi-ec2server class="com.cloud.bridge.service.EC2MainServlet">
|
||||
<dao name="CloudStackConfigurationDao" class="com.cloud.bridge.persist.dao.CloudStackConfigurationDaoImpl" singleton="false"/>
|
||||
<dao name="UserCredentialsDao" class="com.cloud.bridge.persist.dao.UserCredentialsDaoImpl" singleton="false"/>
|
||||
<dao name="CloudStackSvcOfferingDao" class="com.cloud.bridge.persist.dao.CloudStackSvcOfferingDaoImpl" singleton="false"/>
|
||||
<dao name="OfferingDao" class="com.cloud.bridge.persist.dao.OfferingDaoImpl" singleton="false"/>
|
||||
<dao name="CloudStackAccountDao" class="com.cloud.bridge.persist.dao.CloudStackAccountDaoImpl" singleton="false"/>
|
||||
<dao name="CloudStackUserDao" class="com.cloud.bridge.persist.dao.CloudStackUserDaoImpl" singleton="false"/>
|
||||
</awsapi-ec2server>
|
||||
|
||||
<awsapi-s3server class="com.cloud.bridge.service.S3RestServlet">
|
||||
<dao name="CloudStackConfigurationDao" class="com.cloud.bridge.persist.dao.CloudStackConfigurationDaoImpl" singleton="false"/>
|
||||
<dao name="MHostDao" class="com.cloud.bridge.persist.dao.MHostDaoImpl" singleton="false"/>
|
||||
<dao name="SHostDao" class="com.cloud.bridge.persist.dao.SHostDaoImpl" singleton="false"/>
|
||||
<dao name="UserCredentialsDao" class="com.cloud.bridge.persist.dao.UserCredentialsDaoImpl" singleton="false"/>
|
||||
<dao name="BucketPolicyDao" class="com.cloud.bridge.persist.dao.BucketPolicyDaoImpl" singleton="false"/>
|
||||
<dao name="MHostMountDao" class="com.cloud.bridge.persist.dao.MHostMountDaoImpl" singleton="false"/>
|
||||
<dao name="SAclDao" class="com.cloud.bridge.persist.dao.SAclDaoImpl" singleton="false"/>
|
||||
<dao name="SBucketDao" class="com.cloud.bridge.persist.dao.SBucketDaoImpl" singleton="false"/>
|
||||
<dao name="SMetaDao" class="com.cloud.bridge.persist.dao.SMetaDaoImpl" singleton="false"/>
|
||||
<dao name="SObjectDao" class="com.cloud.bridge.persist.dao.SObjectDaoImpl" singleton="false"/>
|
||||
<dao name="SObjectItemDao" class="com.cloud.bridge.persist.dao.SObjectItemDaoImpl" singleton="false"/>
|
||||
<dao name="MultiPartPartsDao" class="com.cloud.bridge.persist.dao.MultiPartPartsDaoImpl" singleton="false"/>
|
||||
<dao name="MultiPartUploadsDao" class="com.cloud.bridge.persist.dao.MultiPartUploadsDaoImpl" singleton="false"/>
|
||||
<dao name="MultipartMetaDao" class="com.cloud.bridge.persist.dao.MultipartMetaDaoImpl" singleton="false"/>
|
||||
<dao name="UserCredentialsDao" class="com.cloud.bridge.persist.dao.UserCredentialsDaoImpl" singleton="false"/>
|
||||
</awsapi-s3server>
|
||||
|
||||
</components.xml>
|
||||
@ -115,10 +115,6 @@
|
||||
<property name="name" value="HypervisorAdapter"/>
|
||||
</bean>
|
||||
|
||||
<bean id="bareMetalTemplateAdapter" class="com.cloud.baremetal.BareMetalTemplateAdapter">
|
||||
<property name="name" value="BareMetalAdapter"/>
|
||||
</bean>
|
||||
|
||||
<!--
|
||||
Storage pool allocators
|
||||
-->
|
||||
|
||||
@ -0,0 +1,71 @@
|
||||
// Licensed to the Apache Software Foundation (ASF) under one
|
||||
// or more contributor license agreements. See the NOTICE file
|
||||
// distributed with this work for additional information
|
||||
// regarding copyright ownership. The ASF licenses this file
|
||||
// to you under the Apache License, Version 2.0 (the
|
||||
// "License"); you may not use this file except in compliance
|
||||
// with the License. You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing,
|
||||
// software distributed under the License is distributed on an
|
||||
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package com.cloud.agent.api;
|
||||
|
||||
import com.cloud.vm.VirtualMachine;
|
||||
|
||||
public class NetworkRulesVmSecondaryIpCommand extends Command {
|
||||
|
||||
private String vmName;
|
||||
private VirtualMachine.Type type;
|
||||
private String vmSecIp;
|
||||
private String vmMac;
|
||||
private String action;
|
||||
|
||||
public NetworkRulesVmSecondaryIpCommand(String vmName, VirtualMachine.Type type) {
|
||||
this.vmName = vmName;
|
||||
this.type = type;
|
||||
}
|
||||
|
||||
|
||||
public NetworkRulesVmSecondaryIpCommand(String vmName, String vmMac,
|
||||
String secondaryIp, boolean action) {
|
||||
this.vmName = vmName;
|
||||
this.vmMac = vmMac;
|
||||
this.vmSecIp = secondaryIp;
|
||||
if (action) {
|
||||
this.action = "-A";
|
||||
} else {
|
||||
this.action = "-D";
|
||||
}
|
||||
}
|
||||
|
||||
public String getVmName() {
|
||||
return vmName;
|
||||
}
|
||||
|
||||
public VirtualMachine.Type getType() {
|
||||
return type;
|
||||
}
|
||||
|
||||
public String getVmSecIp() {
|
||||
return vmSecIp;
|
||||
}
|
||||
|
||||
public String getVmMac() {
|
||||
return vmMac;
|
||||
}
|
||||
|
||||
public String getAction() {
|
||||
return action;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean executeInSequence() {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
2
debian/cloudstack-management.postinst
vendored
2
debian/cloudstack-management.postinst
vendored
@ -20,7 +20,7 @@ if [ "$1" = configure ]; then
|
||||
if ! getent passwd cloud >/dev/null; then
|
||||
adduser --quiet --system --group --no-create-home --home /var/lib/cloudstack/management cloud
|
||||
else
|
||||
usermod -m /var/lib/cloudstack/management cloud
|
||||
usermod -m -d /var/lib/cloudstack/management cloud
|
||||
fi
|
||||
chown cloud /var/log/cloudstack/management
|
||||
fi
|
||||
3
debian/cloudstack-usage.install
vendored
3
debian/cloudstack-usage.install
vendored
@ -15,7 +15,8 @@
|
||||
# specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
/usr/share/cloudstack-usage/lib/cloudstack-usage.jar
|
||||
/usr/share/cloudstack-usage/lib/*
|
||||
/usr/share/cloudstack-usage/plugins
|
||||
/etc/init.d/cloudstack-usage
|
||||
/var/log/cloudstack/usage
|
||||
/etc/cloudstack/usage/*
|
||||
|
||||
15
debian/rules
vendored
15
debian/rules
vendored
@ -64,8 +64,8 @@ install:
|
||||
mkdir $(DESTDIR)/var/log/$(PACKAGE)/agent
|
||||
mkdir $(DESTDIR)/usr/share/$(PACKAGE)-agent
|
||||
mkdir $(DESTDIR)/usr/share/$(PACKAGE)-agent/plugins
|
||||
install -D agent/target/cloud-agent-4.2.0-SNAPSHOT.jar $(DESTDIR)/usr/share/$(PACKAGE)-agent/lib/$(PACKAGE)-agent.jar
|
||||
install -D plugins/hypervisors/kvm/target/cloud-plugin-hypervisor-kvm-4.2.0-SNAPSHOT.jar $(DESTDIR)/usr/share/$(PACKAGE)-agent/lib/
|
||||
install -D agent/target/cloud-agent-$(VERSION)-SNAPSHOT.jar $(DESTDIR)/usr/share/$(PACKAGE)-agent/lib/$(PACKAGE)-agent.jar
|
||||
install -D plugins/hypervisors/kvm/target/cloud-plugin-hypervisor-kvm-$(VERSION)-SNAPSHOT.jar $(DESTDIR)/usr/share/$(PACKAGE)-agent/lib/
|
||||
install -D plugins/hypervisors/kvm/target/dependencies/* $(DESTDIR)/usr/share/$(PACKAGE)-agent/lib/
|
||||
install -D packaging/debian/init/cloud-agent $(DESTDIR)/$(SYSCONFDIR)/init.d/$(PACKAGE)-agent
|
||||
install -D agent/bindir/cloud-setup-agent.in $(DESTDIR)/usr/bin/cloud-setup-agent
|
||||
@ -86,14 +86,14 @@ install:
|
||||
mkdir $(DESTDIR)/var/lib/$(PACKAGE)/management
|
||||
mkdir $(DESTDIR)/var/lib/$(PACKAGE)/mnt
|
||||
cp -r client/target/utilities/scripts/db/* $(DESTDIR)/usr/share/$(PACKAGE)-management/setup/
|
||||
cp -r client/target/cloud-client-ui-4.2.0-SNAPSHOT/* $(DESTDIR)/usr/share/$(PACKAGE)-management/webapps/client/
|
||||
cp -r client/target/cloud-client-ui-$(VERSION)-SNAPSHOT/* $(DESTDIR)/usr/share/$(PACKAGE)-management/webapps/client/
|
||||
cp server/target/conf/* $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/server/
|
||||
cp client/target/conf/* $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/management/
|
||||
ln -s tomcat6-nonssl.conf $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/management/tomcat6.conf
|
||||
mkdir -p $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/management/Catalina/localhost/client
|
||||
install -D packaging/debian/init/cloud-management $(DESTDIR)/$(SYSCONFDIR)/init.d/$(PACKAGE)-management
|
||||
install -D client/bindir/cloud-update-xenserver-licenses.in $(DESTDIR)/usr/bin/cloud-update-xenserver-licenses
|
||||
install -D server/target/cloud-server-4.2.0-SNAPSHOT.jar $(DESTDIR)/usr/share/$(PACKAGE)-management/lib/$(PACKAGE)-server.jar
|
||||
install -D server/target/cloud-server-$(VERSION)-SNAPSHOT.jar $(DESTDIR)/usr/share/$(PACKAGE)-management/lib/$(PACKAGE)-server.jar
|
||||
ln -s /usr/share/tomcat6/bin $(DESTDIR)/usr/share/$(PACKAGE)-management/bin
|
||||
ln -s ../../..$(SYSCONFDIR)/$(PACKAGE)/management $(DESTDIR)/usr/share/$(PACKAGE)-management/conf
|
||||
ln -s /usr/share/tomcat6/lib $(DESTDIR)/usr/share/$(PACKAGE)-management/lib
|
||||
@ -115,7 +115,7 @@ install:
|
||||
install -D client/target/utilities/bin/cloud-set-guest-sshkey $(DESTDIR)/usr/bin
|
||||
install -D client/target/utilities/bin/cloud-setup-databases $(DESTDIR)/usr/bin
|
||||
install -D client/target/utilities/bin/cloud-setup-management $(DESTDIR)/usr/bin
|
||||
install -D services/console-proxy/server/dist/systemvm.iso $(DESTDIR)/usr/share/$(PACKAGE)-common/vms/systemvm.iso
|
||||
install -D client/target/cloud-client-ui-$(VERSION)-SNAPSHOT/WEB-INF/classes/vms/systemvm.iso $(DESTDIR)/usr/share/$(PACKAGE)-common/vms/systemvm.iso
|
||||
|
||||
# cloudstack-python
|
||||
mkdir -p $(DESTDIR)/usr/lib/python2.7/dist-packages
|
||||
@ -124,7 +124,10 @@ install:
|
||||
# cloudstack-usage
|
||||
mkdir $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/usage
|
||||
mkdir $(DESTDIR)/var/log/$(PACKAGE)/usage
|
||||
install -D usage/target/cloud-usage-4.2.0-SNAPSHOT.jar $(DESTDIR)/usr/share/$(PACKAGE)-usage/lib/$(PACKAGE)-usage.jar
|
||||
mkdir $(DESTDIR)/usr/share/$(PACKAGE)-usage
|
||||
mkdir $(DESTDIR)/usr/share/$(PACKAGE)-usage/plugins
|
||||
install -D usage/target/cloud-usage-$(VERSION)-SNAPSHOT.jar $(DESTDIR)/usr/share/$(PACKAGE)-usage/lib/$(PACKAGE)-usage.jar
|
||||
install -D usage/target/dependencies/* $(DESTDIR)/usr/share/$(PACKAGE)-usage/lib/
|
||||
cp usage/target/transformed/* $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/usage/
|
||||
ln -s ../management/db.properties $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/usage/db.properties
|
||||
install -D packaging/debian/init/cloud-usage $(DESTDIR)/$(SYSCONFDIR)/init.d/$(PACKAGE)-usage
|
||||
|
||||
@ -567,7 +567,6 @@ public class VolumeServiceImpl implements VolumeService {
|
||||
|
||||
AsyncCallFuture<VolumeApiResult> future = new AsyncCallFuture<VolumeApiResult>();
|
||||
VolumeObject vo = (VolumeObject) volume;
|
||||
vo.stateTransit(Volume.Event.UploadRequested);
|
||||
|
||||
CreateVolumeContext<VolumeApiResult> context = new CreateVolumeContext<VolumeApiResult>(null, vo, future);
|
||||
AsyncCallbackDispatcher<VolumeServiceImpl, CreateCmdResult> caller = AsyncCallbackDispatcher.create(this);
|
||||
|
||||
@ -30,7 +30,7 @@ whatami=cloud-external-ipallocator
|
||||
SHORTNAME="$whatami"
|
||||
PIDFILE=/var/run/"$whatami".pid
|
||||
LOCKFILE=/var/lock/subsys/"$SHORTNAME"
|
||||
LOGFILE=/var/log/cloud/ipallocator/ipallocator.log
|
||||
LOGFILE=/var/log/cloudstack/ipallocator/ipallocator.log
|
||||
PROGNAME="External IPAllocator"
|
||||
|
||||
unset OPTIONS
|
||||
|
||||
@ -79,6 +79,7 @@ Requires: MySQL-python
|
||||
Requires: python-paramiko
|
||||
Requires: ipmitool
|
||||
Requires: %{name}-common = %{_ver}
|
||||
Requires: %{name}-awsapi = %{_ver}
|
||||
Obsoletes: cloud-client < 4.1.0
|
||||
Obsoletes: cloud-client-ui < 4.1.0
|
||||
Obsoletes: cloud-daemonize < 4.1.0
|
||||
@ -145,13 +146,15 @@ Apache CloudStack command line interface
|
||||
%package awsapi
|
||||
Summary: Apache CloudStack AWS API compatibility wrapper
|
||||
Requires: %{name}-management = %{_ver}
|
||||
Obsoletes: cloud-aws-api < 4.1.0
|
||||
Provides: cloud-aws-api
|
||||
%description awsapi
|
||||
Apache Cloudstack AWS API compatibility wrapper
|
||||
|
||||
%package docs
|
||||
Summary: Apache CloudStack documentation
|
||||
%description docs
|
||||
Apache CloudStack documentations
|
||||
#%package docs
|
||||
#Summary: Apache CloudStack documentation
|
||||
#%description docs
|
||||
#Apache CloudStack documentations
|
||||
|
||||
%prep
|
||||
echo Doing CloudStack build
|
||||
@ -316,6 +319,10 @@ if [ "$1" == "1" ] ; then
|
||||
/sbin/chkconfig --level 345 cloud-management on > /dev/null 2>&1 || true
|
||||
fi
|
||||
|
||||
if [ -d "%{_datadir}/%{name}-management" ] ; then
|
||||
ln -s %{_datadir}/%{name}-bridge/webapps %{_datadir}/%{name}-management/webapps7080
|
||||
fi
|
||||
|
||||
if [ ! -f %{_datadir}/cloudstack-common/scripts/vm/hypervisor/xenserver/vhd-util ] ; then
|
||||
echo Please download vhd-util from http://download.cloud.com.s3.amazonaws.com/tools/vhd-util and put it in
|
||||
echo %{_datadir}/cloudstack-common/scripts/vm/hypervisor/xenserver/
|
||||
@ -328,16 +335,14 @@ if getent passwd cloud | grep -q /var/lib/cloud; then
|
||||
fi
|
||||
|
||||
|
||||
%post awsapi
|
||||
if [ -d "%{_datadir}/%{name}-management" ] ; then
|
||||
ln -s %{_datadir}/%{name}-bridge/webapps %{_datadir}/%{name}-management/webapps7080
|
||||
fi
|
||||
#%post awsapi
|
||||
#if [ -d "%{_datadir}/%{name}-management" ] ; then
|
||||
# ln -s %{_datadir}/%{name}-bridge/webapps %{_datadir}/%{name}-management/webapps7080
|
||||
#fi
|
||||
|
||||
#No default permission as the permission setup is complex
|
||||
%files management
|
||||
%defattr(-,root,root,-)
|
||||
%doc LICENSE
|
||||
%doc NOTICE
|
||||
%dir %attr(0770,root,cloud) %{_sysconfdir}/%{name}/management/Catalina
|
||||
%dir %attr(0770,root,cloud) %{_sysconfdir}/%{name}/management/Catalina/localhost
|
||||
%dir %attr(0770,root,cloud) %{_sysconfdir}/%{name}/management/Catalina/localhost/client
|
||||
@ -432,9 +437,9 @@ fi
|
||||
%doc LICENSE
|
||||
%doc NOTICE
|
||||
|
||||
%files docs
|
||||
%doc LICENSE
|
||||
%doc NOTICE
|
||||
#%files docs
|
||||
#%doc LICENSE
|
||||
#%doc NOTICE
|
||||
|
||||
%files awsapi
|
||||
%defattr(0644,cloud,cloud,0755)
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
#!/bin/bash
|
||||
|
||||
### BEGIN INIT INFO
|
||||
# Provides: cloud usage
|
||||
# Provides: cloudstack usage
|
||||
# Required-Start: $network $local_fs
|
||||
# Required-Stop: $network $local_fs
|
||||
# Default-Start: 3 4 5
|
||||
@ -32,17 +32,15 @@
|
||||
|
||||
. /lib/lsb/init-functions
|
||||
|
||||
SHORTNAME="cloud-usage"
|
||||
SHORTNAME="cloudstack-usage"
|
||||
PIDFILE=/var/run/"$SHORTNAME".pid
|
||||
LOGFILE=/var/log/cloud/usage/usage-server.log
|
||||
PROGNAME="CloudStack Usage Monitor"
|
||||
CLASS="com.cloud.usage.UsageServer"
|
||||
PROG="jsvc"
|
||||
DAEMON="/usr/bin/jsvc"
|
||||
USER=@MSUSER@
|
||||
|
||||
unset OPTIONS
|
||||
[ -r @SYSCONFDIR@/default/"$SHORTNAME" ] && source @SYSCONFDIR@/default/"$SHORTNAME"
|
||||
[ -r /etc/default/"$SHORTNAME" ] && source /etc/default/"$SHORTNAME"
|
||||
|
||||
# The first existing directory is used for JAVA_HOME (if JAVA_HOME is not defined in $DEFAULT)
|
||||
JDK_DIRS="/usr/lib/jvm/java-7-openjdk-amd64 /usr/lib/jvm/java-7-openjdk-i386 /usr/lib/jvm/java-6-openjdk /usr/lib/jvm/java-6-openjdk-i386 /usr/lib/jvm/java-6-openjdk-amd64 /usr/lib/jvm/java-6-sun"
|
||||
@ -54,14 +52,12 @@ for jdir in $JDK_DIRS; do
|
||||
done
|
||||
export JAVA_HOME
|
||||
|
||||
SCP="@SYSTEMCLASSPATH@"
|
||||
DCP="@DEPSCLASSPATH@"
|
||||
UCP="@USAGECLASSPATH@"
|
||||
JCP="/usr/share/java/commons-daemon.jar"
|
||||
UCP=`ls /usr/share/cloudstack-usage/lib/*.jar | tr '\n' ':' | sed s'/.$//'`
|
||||
PCP=`ls /usr/share/cloudstack-usage/plugins/*.jar 2>/dev/null | tr '\n' ':' | sed s'/.$//'`
|
||||
|
||||
# We need to append the JSVC daemon JAR to the classpath
|
||||
# AgentShell implements the JSVC daemon methods
|
||||
export CLASSPATH="$SCP:$DCP:$UCP:$JCP:@USAGESYSCONFDIR@"
|
||||
export CLASSPATH="/usr/share/java/commons-daemon.jar:$UCP:$PCP:/etc/cloudstack/usage"
|
||||
|
||||
start() {
|
||||
if [ -s "$PIDFILE" ] && kill -0 $(cat "$PIDFILE") >/dev/null 2>&1; then
|
||||
@ -79,7 +75,7 @@ start() {
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if start_daemon -p $PIDFILE $DAEMON -cp "$CLASSPATH" -pidfile "$PIDFILE" -user "$USER" -outfile SYSLOG -errfile SYSLOG -Dpid=$$ $CLASS
|
||||
if start_daemon -p $PIDFILE $DAEMON -cp "$CLASSPATH" -pidfile "$PIDFILE" -outfile SYSLOG -errfile SYSLOG -Dpid=$$ $CLASS
|
||||
RETVAL=$?
|
||||
then
|
||||
rc=0
|
||||
|
||||
@ -593,6 +593,17 @@ setup_redundant_router() {
|
||||
fi
|
||||
}
|
||||
|
||||
setup_aesni() {
|
||||
if [ `grep aes /proc/cpuinfo | wc -l` -gt 0 ]
|
||||
then
|
||||
modprobe aesni_intel
|
||||
if [ `lsmod | grep aesni_intel | wc -l` -gt 0 ]
|
||||
then
|
||||
echo aesni_intel >> /etc/modules
|
||||
fi
|
||||
fi
|
||||
}
|
||||
|
||||
setup_router() {
|
||||
log_it "Setting up virtual router system vm"
|
||||
|
||||
@ -643,10 +654,8 @@ setup_router() {
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
|
||||
setup_aesni
|
||||
setup_dnsmasq
|
||||
|
||||
setup_apache2 $ETH0_IP
|
||||
|
||||
sed -i /gateway/d /etc/hosts
|
||||
|
||||
@ -22,7 +22,7 @@ then
|
||||
lasttime=$(cat [RROUTER_BIN_PATH]/keepalived.ts2)
|
||||
thistime=$(cat [RROUTER_BIN_PATH]/keepalived.ts)
|
||||
diff=$(($thistime - $lasttime))
|
||||
if [ $diff -gt 100 ]
|
||||
if [ $diff -lt 30]
|
||||
then
|
||||
echo Keepalived process is dead! >> [RROUTER_LOG]
|
||||
service keepalived stop >> [RROUTER_LOG] 2>&1
|
||||
|
||||
@ -73,6 +73,7 @@ public class ApiDiscoveryServiceImpl implements ApiDiscoveryService {
|
||||
s_logger.debug(String.format("getting api commands of service: %s", service.getClass().getName()));
|
||||
cmdClasses.addAll(service.getCommands());
|
||||
}
|
||||
cmdClasses.addAll(this.getCommands());
|
||||
cacheResponseMap(cmdClasses);
|
||||
long endTime = System.nanoTime();
|
||||
s_logger.info("Api Discovery Service: Annotation, docstrings, api relation graph processed in " + (endTime - startTime) / 1000000.0 + " ms");
|
||||
|
||||
@ -293,58 +293,6 @@ public class LibvirtStorageAdaptor implements StorageAdaptor {
|
||||
return parser.parseStorageVolumeXML(volDefXML);
|
||||
}
|
||||
|
||||
public StoragePool createFileBasedStoragePool(Connect conn,
|
||||
String localStoragePath, String uuid) {
|
||||
if (!(_storageLayer.exists(localStoragePath) && _storageLayer
|
||||
.isDirectory(localStoragePath))) {
|
||||
return null;
|
||||
}
|
||||
|
||||
File path = new File(localStoragePath);
|
||||
if (!(path.canWrite() && path.canRead() && path.canExecute())) {
|
||||
return null;
|
||||
}
|
||||
|
||||
StoragePool pool = null;
|
||||
|
||||
try {
|
||||
pool = conn.storagePoolLookupByUUIDString(uuid);
|
||||
} catch (LibvirtException e) {
|
||||
|
||||
}
|
||||
|
||||
if (pool == null) {
|
||||
LibvirtStoragePoolDef spd = new LibvirtStoragePoolDef(poolType.DIR,
|
||||
uuid, uuid, null, null, localStoragePath);
|
||||
try {
|
||||
pool = conn.storagePoolDefineXML(spd.toString(), 0);
|
||||
pool.create(0);
|
||||
} catch (LibvirtException e) {
|
||||
if (pool != null) {
|
||||
try {
|
||||
pool.destroy();
|
||||
pool.undefine();
|
||||
} catch (LibvirtException e1) {
|
||||
}
|
||||
pool = null;
|
||||
}
|
||||
throw new CloudRuntimeException(e.toString());
|
||||
}
|
||||
}
|
||||
|
||||
try {
|
||||
StoragePoolInfo spi = pool.getInfo();
|
||||
if (spi.state != StoragePoolState.VIR_STORAGE_POOL_RUNNING) {
|
||||
pool.create(0);
|
||||
}
|
||||
|
||||
} catch (LibvirtException e) {
|
||||
throw new CloudRuntimeException(e.toString());
|
||||
}
|
||||
|
||||
return pool;
|
||||
}
|
||||
|
||||
@Override
|
||||
public KVMStoragePool getStoragePool(String uuid) {
|
||||
StoragePool storage = null;
|
||||
|
||||
@ -21,6 +21,7 @@ import java.io.File;
|
||||
import java.io.FileOutputStream;
|
||||
import java.io.OutputStreamWriter;
|
||||
import java.rmi.RemoteException;
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
@ -915,7 +916,7 @@ public class VmwareStorageManagerImpl implements VmwareStorageManager {
|
||||
|
||||
// wait if there are already VM snapshot task running
|
||||
ManagedObjectReference taskmgr = context.getServiceContent().getTaskManager();
|
||||
ManagedObjectReference[] tasks = (ManagedObjectReference[]) context.getVimClient().getDynamicProperty(taskmgr, "recentTask");
|
||||
List<ManagedObjectReference> tasks = (ArrayList<ManagedObjectReference>)context.getVimClient().getDynamicProperty(taskmgr, "recentTask");
|
||||
for (ManagedObjectReference taskMor : tasks) {
|
||||
TaskInfo info = (TaskInfo) (context.getVimClient().getDynamicProperty(taskMor, "info"));
|
||||
if(info.getEntityName().equals(cmd.getVmName()) && info.getName().equalsIgnoreCase("CreateSnapshot_Task")){
|
||||
@ -1048,7 +1049,7 @@ public class VmwareStorageManagerImpl implements VmwareStorageManager {
|
||||
|
||||
// wait if there are already VM revert task running
|
||||
ManagedObjectReference taskmgr = context.getServiceContent().getTaskManager();
|
||||
ManagedObjectReference[] tasks = (ManagedObjectReference[]) context.getVimClient().getDynamicProperty(taskmgr, "recentTask");
|
||||
List<ManagedObjectReference> tasks = (ArrayList<ManagedObjectReference>)context.getVimClient().getDynamicProperty(taskmgr, "recentTask");
|
||||
for (ManagedObjectReference taskMor : tasks) {
|
||||
TaskInfo info = (TaskInfo) (context.getVimClient().getDynamicProperty(taskMor, "info"));
|
||||
if(info.getEntityName().equals(cmd.getVmName()) && info.getName().equalsIgnoreCase("RevertToSnapshot_Task")){
|
||||
|
||||
@ -5034,7 +5034,7 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa
|
||||
boolean bRefresh = false;
|
||||
if(firewallMo != null) {
|
||||
HostFirewallInfo firewallInfo = firewallMo.getFirewallInfo();
|
||||
if(firewallInfo != null) {
|
||||
if(firewallInfo != null && firewallInfo.getRuleset() != null) {
|
||||
for(HostFirewallRuleset rule : firewallInfo.getRuleset()) {
|
||||
if("vncServer".equalsIgnoreCase(rule.getKey())) {
|
||||
bRefresh = true;
|
||||
|
||||
@ -118,6 +118,7 @@ import com.cloud.agent.api.ModifySshKeysCommand;
|
||||
import com.cloud.agent.api.ModifyStoragePoolAnswer;
|
||||
import com.cloud.agent.api.ModifyStoragePoolCommand;
|
||||
import com.cloud.agent.api.NetworkRulesSystemVmCommand;
|
||||
import com.cloud.agent.api.NetworkRulesVmSecondaryIpCommand;
|
||||
import com.cloud.agent.api.PingCommand;
|
||||
import com.cloud.agent.api.PingRoutingCommand;
|
||||
import com.cloud.agent.api.PingRoutingWithNwGroupsCommand;
|
||||
@ -597,6 +598,8 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
|
||||
return execute((DeleteVMSnapshotCommand)cmd);
|
||||
} else if (clazz == RevertToVMSnapshotCommand.class) {
|
||||
return execute((RevertToVMSnapshotCommand)cmd);
|
||||
} else if (clazz == NetworkRulesVmSecondaryIpCommand.class) {
|
||||
return execute((NetworkRulesVmSecondaryIpCommand)cmd);
|
||||
} else {
|
||||
return Answer.createUnsupportedCommandAnswer(cmd);
|
||||
}
|
||||
@ -1468,7 +1471,18 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
|
||||
for (NicTO nic : nics) {
|
||||
if ( nic.isSecurityGroupEnabled() || nic.getIsolationUri() != null
|
||||
&& nic.getIsolationUri().getScheme().equalsIgnoreCase(IsolationType.Ec2.toString())) {
|
||||
result = callHostPlugin(conn, "vmops", "default_network_rules", "vmName", vmName, "vmIP", nic.getIp(), "vmMAC", nic.getMac(), "vmID", Long.toString(vmSpec.getId()));
|
||||
List<String> nicSecIps = nic.getNicSecIps();
|
||||
String secIpsStr;
|
||||
StringBuilder sb = new StringBuilder();
|
||||
if (nicSecIps != null) {
|
||||
for (String ip : nicSecIps) {
|
||||
sb.append(ip).append(":");
|
||||
}
|
||||
secIpsStr = sb.toString();
|
||||
} else {
|
||||
secIpsStr = "0:";
|
||||
}
|
||||
result = callHostPlugin(conn, "vmops", "default_network_rules", "vmName", vmName, "vmIP", nic.getIp(), "vmMAC", nic.getMac(), "vmID", Long.toString(vmSpec.getId()), "secIps", secIpsStr);
|
||||
|
||||
if (result == null || result.isEmpty() || !Boolean.parseBoolean(result)) {
|
||||
s_logger.warn("Failed to program default network rules for " + vmName+" on nic with ip:"+nic.getIp()+" mac:"+nic.getMac());
|
||||
@ -5454,7 +5468,8 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
|
||||
"signature", cmd.getSignature(),
|
||||
"seqno", Long.toString(cmd.getSeqNum()),
|
||||
"deflated", "true",
|
||||
"rules", cmd.compressStringifiedRules());
|
||||
"rules", cmd.compressStringifiedRules(),
|
||||
"secIps", cmd.getSecIpsString());
|
||||
|
||||
if (result == null || result.isEmpty() || !Boolean.parseBoolean(result)) {
|
||||
s_logger.warn("Failed to program network rules for vm " + cmd.getVmName());
|
||||
@ -7506,6 +7521,19 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
|
||||
return new Answer(cmd, success, "");
|
||||
}
|
||||
|
||||
private Answer execute(NetworkRulesVmSecondaryIpCommand cmd) {
|
||||
boolean success = true;
|
||||
Connection conn = getConnection();
|
||||
|
||||
String result = callHostPlugin(conn, "vmops", "network_rules_vmSecondaryIp", "vmName", cmd.getVmName(), "vmMac", cmd.getVmMac(), "vmSecIp", cmd.getVmSecIp(), "action",
|
||||
cmd.getAction());
|
||||
if (result == null || result.isEmpty() || !Boolean.parseBoolean(result)) {
|
||||
success = false;
|
||||
}
|
||||
|
||||
return new Answer(cmd, success, "");
|
||||
}
|
||||
|
||||
protected SetFirewallRulesAnswer execute(SetFirewallRulesCommand cmd) {
|
||||
String[] results = new String[cmd.getRules().length];
|
||||
String callResult;
|
||||
|
||||
@ -638,14 +638,11 @@ StaticNatServiceProvider {
|
||||
|
||||
@Override
|
||||
public IpDeployer getIpDeployer(Network network) {
|
||||
ExternalLoadBalancerDeviceVO lbDevice = getExternalLoadBalancerForNetwork(network);
|
||||
if (lbDevice == null) {
|
||||
s_logger.error("Cannot find external load balanacer for network " + network.getName());
|
||||
return null;
|
||||
}
|
||||
|
||||
if (_networkMgr.isNetworkInlineMode(network)) {
|
||||
return getIpDeployerForInlineMode(network);
|
||||
}
|
||||
|
||||
return this;
|
||||
}
|
||||
|
||||
|
||||
@ -68,7 +68,7 @@ log() {
|
||||
|
||||
if [ $shouldwelog -eq 1 ]
|
||||
then
|
||||
echo "$d - $1" >> /var/log/cloud/agent/resizevolume.log
|
||||
echo "$d - $1" >> /var/log/cloudstack/agent/resizevolume.log
|
||||
fi
|
||||
}
|
||||
|
||||
@ -237,7 +237,7 @@ do
|
||||
esac
|
||||
done
|
||||
|
||||
shouldwelog=1 #set this to 1 while debugging to get output in /var/log/cloud/agent/resizevolume.log
|
||||
shouldwelog=1 #set this to 1 while debugging to get output in /var/log/cloudstack/agent/resizevolume.log
|
||||
|
||||
if [ "$ptype" == "CLVM" ]
|
||||
then
|
||||
|
||||
@ -610,6 +610,7 @@ def destroy_network_rules_for_vm(session, args):
|
||||
util.SMlog("Ignoring failure to delete egress chain " + vmchain_egress)
|
||||
|
||||
remove_rule_log_for_vm(vm_name)
|
||||
remove_secip_log_for_vm(vm_name)
|
||||
|
||||
if 1 in [ vm_name.startswith(c) for c in ['r-', 's-', 'v-', 'l-'] ]:
|
||||
return 'true'
|
||||
@ -749,6 +750,43 @@ def default_arp_antispoof(vm_chain, vifs, vm_ip, vm_mac):
|
||||
|
||||
return 'true'
|
||||
|
||||
|
||||
@echo
|
||||
def network_rules_vmSecondaryIp(session, args):
|
||||
vm_name = args.pop('vmName')
|
||||
vm_mac = args.pop('vmMac')
|
||||
ip_secondary = args.pop('vmSecIp')
|
||||
action = args.pop('action')
|
||||
util.SMlog("vmMac = "+ vm_mac)
|
||||
util.SMlog("vmName = "+ vm_name)
|
||||
#action = "-A"
|
||||
util.SMlog("action = "+ action)
|
||||
try:
|
||||
vm = session.xenapi.VM.get_by_name_label(vm_name)
|
||||
if len(vm) != 1:
|
||||
return 'false'
|
||||
vm_rec = session.xenapi.VM.get_record(vm[0])
|
||||
vm_vifs = vm_rec.get('VIFs')
|
||||
vifnums = [session.xenapi.VIF.get_record(vif).get('device') for vif in vm_vifs]
|
||||
domid = vm_rec.get('domid')
|
||||
except:
|
||||
util.SMlog("### Failed to get domid or vif list for vm ##" + vm_name)
|
||||
return 'false'
|
||||
|
||||
if domid == '-1':
|
||||
util.SMlog("### Failed to get domid for vm (-1): " + vm_name)
|
||||
return 'false'
|
||||
|
||||
vifs = ["vif" + domid + "." + v for v in vifnums]
|
||||
#vm_name = '-'.join(vm_name.split('-')[:-1])
|
||||
vmchain = chain_name(vm_name)
|
||||
add_to_ipset(vmchain, [ip_secondary], action)
|
||||
|
||||
#add arptables rules for the secondary ip
|
||||
arp_rules_vmip(vmchain, vifs, [ip_secondary], vm_mac, action)
|
||||
|
||||
return 'true'
|
||||
|
||||
@echo
|
||||
def default_network_rules_systemvm(session, args):
|
||||
vm_name = args.pop('vmName')
|
||||
@ -798,6 +836,55 @@ def default_network_rules_systemvm(session, args):
|
||||
util.SMlog("Failed to log default network rules for systemvm, ignoring")
|
||||
return 'true'
|
||||
|
||||
@echo
|
||||
def create_ipset_forvm (ipsetname):
|
||||
result = True
|
||||
try:
|
||||
util.SMlog("Creating ipset chain .... " + ipsetname)
|
||||
util.pread2(['ipset', '-F', ipsetname])
|
||||
util.pread2(['ipset', '-X', ipsetname])
|
||||
util.pread2(['ipset', '-N', ipsetname, 'iphash'])
|
||||
except:
|
||||
util.SMlog("ipset chain not exists creating.... " + ipsetname)
|
||||
util.pread2(['ipset', '-N', ipsetname, 'iphash'])
|
||||
|
||||
return result
|
||||
|
||||
@echo
|
||||
def add_to_ipset(ipsetname, ips, action):
|
||||
result = True
|
||||
for ip in ips:
|
||||
try:
|
||||
util.SMlog("vm ip " + ip)
|
||||
util.pread2(['ipset', action, ipsetname, ip])
|
||||
except:
|
||||
util.SMlog("vm ip alreday in ip set" + ip)
|
||||
continue
|
||||
|
||||
return result
|
||||
|
||||
@echo
|
||||
def arp_rules_vmip (vm_chain, vifs, ips, vm_mac, action):
|
||||
try:
|
||||
if action == "-A":
|
||||
action = "-I"
|
||||
for vif in vifs:
|
||||
for vm_ip in ips:
|
||||
#accept any arp requests to this vm as long as the request is for this vm's ip
|
||||
util.pread2(['arptables', action, vm_chain, '-o', vif, '--opcode', 'Request', '--destination-ip', vm_ip, '-j', 'ACCEPT'])
|
||||
#accept any arp replies to this vm as long as the mac and ip matches
|
||||
util.pread2(['arptables', action, vm_chain, '-o', vif, '--opcode', 'Reply', '--destination-mac', vm_mac, '--destination-ip', vm_ip, '-j', 'ACCEPT'])
|
||||
#accept arp replies into the bridge as long as the source mac and ips match the vm
|
||||
util.pread2(['arptables', action, vm_chain, '-i', vif, '--opcode', 'Reply', '--source-mac', vm_mac, '--source-ip', vm_ip, '-j', 'ACCEPT'])
|
||||
#accept any arp requests from this vm. In the future this can be restricted to deny attacks on hosts
|
||||
#also important to restrict source ip and src mac in these requests as they can be used to update arp tables on destination
|
||||
util.pread2(['arptables', action, vm_chain, '-i', vif, '--opcode', 'Request', '--source-mac', vm_mac, '--source-ip', vm_ip, '-j', 'RETURN'])
|
||||
except:
|
||||
util.SMlog("Failed to program arptables rules for ip")
|
||||
return 'false'
|
||||
|
||||
return 'true'
|
||||
|
||||
|
||||
@echo
|
||||
def default_network_rules(session, args):
|
||||
@ -805,6 +892,8 @@ def default_network_rules(session, args):
|
||||
vm_ip = args.pop('vmIP')
|
||||
vm_id = args.pop('vmID')
|
||||
vm_mac = args.pop('vmMAC')
|
||||
sec_ips = args.pop("secIps")
|
||||
action = "-A"
|
||||
|
||||
try:
|
||||
vm = session.xenapi.VM.get_by_name_label(vm_name)
|
||||
@ -854,6 +943,32 @@ def default_network_rules(session, args):
|
||||
except:
|
||||
util.pread2(['iptables', '-F', vmchain_default])
|
||||
|
||||
vmipset = vm_name
|
||||
#create ipset and add vm ips to that ip set
|
||||
if create_ipset_forvm(vmipset) == False:
|
||||
util.SMlog(" failed to create ipset for rule " + str(tokens))
|
||||
return 'false'
|
||||
|
||||
#add primary nic ip to ipset
|
||||
if add_to_ipset(vmipset, [vm_ip], action ) == False:
|
||||
util.SMlog(" failed to add vm " + vm_ip + " ip to set ")
|
||||
return 'false'
|
||||
|
||||
#add secodnary nic ips to ipset
|
||||
secIpSet = "1"
|
||||
ips = sec_ips.split(':')
|
||||
ips.pop()
|
||||
if ips[0] == "0":
|
||||
secIpSet = "0";
|
||||
|
||||
if secIpSet == "1":
|
||||
util.SMlog("Adding ipset for secondary ips")
|
||||
add_to_ipset(vmipset, ips, action)
|
||||
if write_secip_log_for_vm(vm_name, sec_ips, vm_id) == False:
|
||||
util.SMlog("Failed to log default network rules, ignoring")
|
||||
|
||||
keyword = '--' + get_ipset_keyword()
|
||||
|
||||
try:
|
||||
for v in vifs:
|
||||
util.pread2(['iptables', '-A', 'BRIDGE-FIREWALL', '-m', 'physdev', '--physdev-is-bridged', '--physdev-out', v, '-j', vmchain_default])
|
||||
@ -861,16 +976,22 @@ def default_network_rules(session, args):
|
||||
|
||||
#don't let vm spoof its ip address
|
||||
for v in vifs:
|
||||
util.pread2(['iptables', '-A', vmchain_default, '-m', 'physdev', '--physdev-is-bridged', '--physdev-in', v, '--source', vm_ip,'-p', 'udp', '--dport', '53', '-j', 'RETURN'])
|
||||
util.pread2(['iptables', '-A', vmchain_default, '-m', 'physdev', '--physdev-is-bridged', '--physdev-in', v, '--source', '!', vm_ip, '-j', 'DROP'])
|
||||
util.pread2(['iptables', '-A', vmchain_default, '-m', 'physdev', '--physdev-is-bridged', '--physdev-out', v, '--destination', '!', vm_ip, '-j', 'DROP'])
|
||||
util.pread2(['iptables', '-A', vmchain_default, '-m', 'physdev', '--physdev-is-bridged', '--physdev-in', v, '--source', vm_ip, '-j', vmchain_egress])
|
||||
#util.pread2(['iptables', '-A', vmchain_default, '-m', 'physdev', '--physdev-is-bridged', '--physdev-in', v, '--source', vm_ip,'-p', 'udp', '--dport', '53', '-j', 'RETURN'])
|
||||
util.pread2(['iptables', '-A', vmchain_default, '-m', 'physdev', '--physdev-is-bridged', '--physdev-in', v, '-m', 'set', keyword, vmipset, 'src', '-p', 'udp', '--dport', '53', '-j', 'RETURN'])
|
||||
util.pread2(['iptables', '-A', vmchain_default, '-m', 'physdev', '--physdev-is-bridged', '--physdev-in', v, '-m', 'set', '!', keyword, vmipset, 'src', '-j', 'DROP'])
|
||||
util.pread2(['iptables', '-A', vmchain_default, '-m', 'physdev', '--physdev-is-bridged', '--physdev-out', v, '-m', 'set', '!', keyword, vmipset, 'dst', '-j', 'DROP'])
|
||||
util.pread2(['iptables', '-A', vmchain_default, '-m', 'physdev', '--physdev-is-bridged', '--physdev-in', v, '-m', 'set', keyword, vmipset, 'src', '-j', vmchain_egress])
|
||||
util.pread2(['iptables', '-A', vmchain_default, '-m', 'physdev', '--physdev-is-bridged', '--physdev-out', v, '-j', vmchain])
|
||||
except:
|
||||
util.SMlog("Failed to program default rules for vm " + vm_name)
|
||||
return 'false'
|
||||
|
||||
default_arp_antispoof(vmchain, vifs, vm_ip, vm_mac)
|
||||
#add default arp rules for secondary ips;
|
||||
if secIpSet == "1":
|
||||
util.SMlog("Adding arp rules for sec ip")
|
||||
arp_rules_vmip(vmchain, vifs, ips, vm_mac, action)
|
||||
|
||||
default_ebtables_antispoof_rules(vmchain, vifs, vm_ip, vm_mac)
|
||||
|
||||
if write_rule_log_for_vm(vm_name, vm_id, vm_ip, domid, '_initial_', '-1', vm_mac) == False:
|
||||
@ -994,10 +1115,45 @@ def network_rules_for_rebooted_vm(session, vmName):
|
||||
destroy_arptables_rules(vmchain)
|
||||
[vm_ip, vm_mac] = get_vm_mac_ip_from_log(vmchain)
|
||||
default_arp_antispoof(vmchain, vifs, vm_ip, vm_mac)
|
||||
|
||||
#check wether the vm has secondary ips
|
||||
if is_secondary_ips_set(vm_name) == True:
|
||||
vmips = get_vm_sec_ips(vm_name)
|
||||
#add arp rules for the secondaryp ip
|
||||
for ip in vmips:
|
||||
arp_rules_vmip(vmchain, vifs, [ip], vm_mac, "-A")
|
||||
|
||||
|
||||
default_ebtables_antispoof_rules(vmchain, vifs, vm_ip, vm_mac)
|
||||
rewrite_rule_log_for_vm(vm_name, curr_domid)
|
||||
return True
|
||||
|
||||
|
||||
|
||||
@echo
|
||||
def get_vm_sec_ips(vm_name):
|
||||
logfilename = "/var/run/cloud/" + vm_name +".ip"
|
||||
|
||||
lines = (line.rstrip() for line in open(logfilename))
|
||||
for line in lines:
|
||||
try:
|
||||
[_vmName,_vmIP,_vmID] = line.split(',')
|
||||
break
|
||||
except ValueError,v:
|
||||
[_vmName,_vmIP,_vmID] = line.split(',')
|
||||
|
||||
_vmIPS = _vmIP.split(":")[:-1]
|
||||
return _vmIPS
|
||||
|
||||
@echo
|
||||
def is_secondary_ips_set(vm_name):
|
||||
logfilename = "/var/run/cloud/" + vm_name +".ip"
|
||||
if not os.path.exists(logfilename):
|
||||
return False
|
||||
|
||||
return True
|
||||
|
||||
@echo
|
||||
def rewrite_rule_log_for_vm(vm_name, new_domid):
|
||||
logfilename = "/var/run/cloud/" + vm_name +".log"
|
||||
if not os.path.exists(logfilename):
|
||||
@ -1194,6 +1350,39 @@ def check_rule_log_for_vm(vmName, vmID, vmIP, domID, signature, seqno):
|
||||
|
||||
return [reprogramDefault, reprogramChain, rewriteLog]
|
||||
|
||||
@echo
|
||||
def write_secip_log_for_vm (vmName, secIps, vmId):
|
||||
vm_name = vmName
|
||||
logfilename = "/var/run/cloud/"+vm_name+".ip"
|
||||
util.SMlog("Writing log to " + logfilename)
|
||||
logf = open(logfilename, 'w')
|
||||
output = ','.join([vmName, secIps, vmId])
|
||||
result = True
|
||||
|
||||
try:
|
||||
logf.write(output)
|
||||
logf.write('\n')
|
||||
except:
|
||||
util.SMlog("Failed to write to rule log file " + logfilename)
|
||||
result = False
|
||||
|
||||
logf.close()
|
||||
|
||||
return result
|
||||
|
||||
@echo
|
||||
def remove_secip_log_for_vm(vmName):
|
||||
vm_name = vmName
|
||||
logfilename = "/var/run/cloud/"+vm_name+".ip"
|
||||
|
||||
result = True
|
||||
try:
|
||||
os.remove(logfilename)
|
||||
except:
|
||||
util.SMlog("Failed to delete rule log file " + logfilename)
|
||||
result = False
|
||||
|
||||
return result
|
||||
|
||||
@echo
|
||||
def write_rule_log_for_vm(vmName, vmID, vmIP, domID, signature, seqno, vmMac='ff:ff:ff:ff:ff:ff'):
|
||||
@ -1289,6 +1478,7 @@ def network_rules(session, args):
|
||||
vm_mac = args.get('vmMAC')
|
||||
signature = args.pop('signature')
|
||||
seqno = args.pop('seqno')
|
||||
sec_ips = args.pop("secIps")
|
||||
deflated = 'false'
|
||||
if 'deflated' in args:
|
||||
deflated = args.pop('deflated')
|
||||
@ -1469,6 +1659,7 @@ if __name__ == "__main__":
|
||||
"can_bridge_firewall":can_bridge_firewall, "default_network_rules":default_network_rules,
|
||||
"destroy_network_rules_for_vm":destroy_network_rules_for_vm,
|
||||
"default_network_rules_systemvm":default_network_rules_systemvm,
|
||||
"network_rules_vmSecondaryIp":network_rules_vmSecondaryIp,
|
||||
"get_rule_logs_for_vms":get_rule_logs_for_vms,
|
||||
"setLinkLocalIP":setLinkLocalIP,
|
||||
"cleanup_rules":cleanup_rules,
|
||||
|
||||
@ -797,7 +797,7 @@ def addFWFramework(brname):
|
||||
return False
|
||||
|
||||
if __name__ == '__main__':
|
||||
logging.basicConfig(filename="/var/log/cloud/security_group.log", format="%(asctime)s - %(message)s", level=logging.DEBUG)
|
||||
logging.basicConfig(filename="/var/log/cloudstack/agent/security_group.log", format="%(asctime)s - %(message)s", level=logging.DEBUG)
|
||||
parser = OptionParser()
|
||||
parser.add_option("--vmname", dest="vmName")
|
||||
parser.add_option("--vmip", dest="vmIP")
|
||||
|
||||
@ -184,6 +184,7 @@ import com.cloud.vm.ConsoleProxyVO;
|
||||
import com.cloud.vm.InstanceGroup;
|
||||
import com.cloud.vm.Nic;
|
||||
import com.cloud.vm.NicProfile;
|
||||
import com.cloud.vm.NicVO;
|
||||
import com.cloud.vm.VMInstanceVO;
|
||||
import com.cloud.vm.NicSecondaryIp;
|
||||
import com.cloud.vm.VirtualMachine;
|
||||
@ -3447,9 +3448,11 @@ public class ApiResponseHelper implements ResponseGenerator {
|
||||
|
||||
public NicSecondaryIpResponse createSecondaryIPToNicResponse(String ipAddr, Long nicId, Long networkId) {
|
||||
NicSecondaryIpResponse response = new NicSecondaryIpResponse();
|
||||
NicVO nic = _entityMgr.findById(NicVO.class, nicId);
|
||||
NetworkVO network = _entityMgr.findById(NetworkVO.class, networkId);
|
||||
response.setIpAddr(ipAddr);
|
||||
response.setNicId(nicId);
|
||||
response.setNwId(networkId);
|
||||
response.setNicId(nic.getUuid());
|
||||
response.setNwId(network.getUuid());
|
||||
response.setObjectName("nicsecondaryip");
|
||||
return response;
|
||||
}
|
||||
@ -3465,7 +3468,7 @@ public class ApiResponseHelper implements ResponseGenerator {
|
||||
List<NicSecondaryIpResponse> ipList = new ArrayList<NicSecondaryIpResponse>();
|
||||
for (NicSecondaryIpVO ip: secondaryIps) {
|
||||
NicSecondaryIpResponse ipRes = new NicSecondaryIpResponse();
|
||||
ipRes.setId(ip.getId());
|
||||
ipRes.setId(ip.getUuid());
|
||||
ipRes.setIpAddr(ip.getIp4Address());
|
||||
ipList.add(ipRes);
|
||||
}
|
||||
|
||||
@ -327,11 +327,13 @@ public class ApiServer implements HttpRequestHandler, ApiServerService {
|
||||
}
|
||||
String[] value = (String[]) params.get(key);
|
||||
// fail if parameter value contains ASCII control (non-printable) characters
|
||||
if (value[0] != null) {
|
||||
String newValue = StringUtils.stripControlCharacters(value[0]);
|
||||
if ( !newValue.equals(value[0]) ) {
|
||||
throw new ServerApiException(ApiErrorCode.PARAM_ERROR, "Received value " + value[0] + " for parameter "
|
||||
+ key + " is invalid, contains illegal ASCII non-printable characters");
|
||||
}
|
||||
}
|
||||
paramMap.put(key, value[0]);
|
||||
}
|
||||
|
||||
|
||||
@ -56,7 +56,9 @@ public class ProjectInvitationJoinDaoImpl extends GenericDaoBase<ProjectInvitati
|
||||
response.setId(invite.getUuid());
|
||||
response.setProjectId(invite.getProjectUuid());
|
||||
response.setProjectName(invite.getProjectName());
|
||||
if (invite.getState() != null) {
|
||||
response.setInvitationState(invite.getState().toString());
|
||||
}
|
||||
|
||||
if (invite.getAccountName() != null) {
|
||||
response.setAccountName(invite.getAccountName());
|
||||
|
||||
@ -25,8 +25,9 @@ import javax.persistence.Enumerated;
|
||||
import javax.persistence.Id;
|
||||
import javax.persistence.Table;
|
||||
|
||||
import com.cloud.projects.ProjectInvitation.State;
|
||||
import com.cloud.utils.db.GenericDao;
|
||||
import com.cloud.vm.VirtualMachine.State;
|
||||
|
||||
|
||||
@Entity
|
||||
@Table(name="project_invitation_view")
|
||||
|
||||
@ -1,217 +0,0 @@
|
||||
// Licensed to the Apache Software Foundation (ASF) under one
|
||||
// or more contributor license agreements. See the NOTICE file
|
||||
// distributed with this work for additional information
|
||||
// regarding copyright ownership. The ASF licenses this file
|
||||
// to you under the Apache License, Version 2.0 (the
|
||||
// "License"); you may not use this file except in compliance
|
||||
// with the License. You may obtain a copy of the License at
|
||||
//
|
||||
// http://www.apache.org/licenses/LICENSE-2.0
|
||||
//
|
||||
// Unless required by applicable law or agreed to in writing,
|
||||
// software distributed under the License is distributed on an
|
||||
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
// KIND, either express or implied. See the License for the
|
||||
// specific language governing permissions and limitations
|
||||
// under the License.
|
||||
package com.cloud.baremetal;
|
||||
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
|
||||
import javax.ejb.Local;
|
||||
import javax.inject.Inject;
|
||||
|
||||
import org.apache.cloudstack.api.command.user.iso.DeleteIsoCmd;
|
||||
import org.apache.cloudstack.api.command.user.iso.RegisterIsoCmd;
|
||||
import org.apache.cloudstack.api.command.user.template.RegisterTemplateCmd;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import com.cloud.configuration.Resource.ResourceType;
|
||||
import com.cloud.dc.DataCenterVO;
|
||||
import com.cloud.event.EventTypes;
|
||||
import com.cloud.event.UsageEventUtils;
|
||||
import com.cloud.exception.ResourceAllocationException;
|
||||
import com.cloud.host.Host;
|
||||
import com.cloud.host.HostVO;
|
||||
import com.cloud.host.dao.HostDao;
|
||||
import com.cloud.resource.ResourceManager;
|
||||
import com.cloud.storage.TemplateProfile;
|
||||
import com.cloud.storage.VMTemplateHostVO;
|
||||
import com.cloud.storage.VMTemplateVO;
|
||||
import com.cloud.storage.VMTemplateStorageResourceAssoc.Status;
|
||||
import com.cloud.storage.VMTemplateZoneVO;
|
||||
import com.cloud.template.TemplateAdapter;
|
||||
import com.cloud.template.TemplateAdapterBase;
|
||||
import com.cloud.user.Account;
|
||||
import com.cloud.utils.db.DB;
|
||||
import com.cloud.utils.exception.CloudRuntimeException;
|
||||
|
||||
@Local(value=TemplateAdapter.class)
|
||||
public class BareMetalTemplateAdapter extends TemplateAdapterBase implements TemplateAdapter {
|
||||
private final static Logger s_logger = Logger.getLogger(BareMetalTemplateAdapter.class);
|
||||
@Inject HostDao _hostDao;
|
||||
@Inject ResourceManager _resourceMgr;
|
||||
|
||||
@Override
|
||||
public String getName() {
|
||||
return TemplateAdapterType.BareMetal.getName();
|
||||
}
|
||||
|
||||
@Override
|
||||
public TemplateProfile prepare(RegisterTemplateCmd cmd) throws ResourceAllocationException {
|
||||
TemplateProfile profile = super.prepare(cmd);
|
||||
|
||||
if (profile.getZoneId() == null || profile.getZoneId() == -1) {
|
||||
List<DataCenterVO> dcs = _dcDao.listAllIncludingRemoved();
|
||||
for (DataCenterVO dc : dcs) {
|
||||
List<HostVO> pxeServers = _resourceMgr.listAllHostsInOneZoneByType(Host.Type.PxeServer, dc.getId());
|
||||
if (pxeServers.size() == 0) {
|
||||
throw new CloudRuntimeException("Please add PXE server before adding baremetal template in zone " + dc.getName());
|
||||
}
|
||||
}
|
||||
} else {
|
||||
List<HostVO> pxeServers = _resourceMgr.listAllHostsInOneZoneByType(Host.Type.PxeServer, profile.getZoneId());
|
||||
if (pxeServers.size() == 0) {
|
||||
throw new CloudRuntimeException("Please add PXE server before adding baremetal template in zone " + profile.getZoneId());
|
||||
}
|
||||
}
|
||||
|
||||
return profile;
|
||||
}
|
||||
|
||||
@Override
|
||||
public TemplateProfile prepare(RegisterIsoCmd cmd) throws ResourceAllocationException {
|
||||
throw new CloudRuntimeException("Baremetal doesn't support ISO template");
|
||||
}
|
||||
|
||||
private void templateCreateUsage(VMTemplateVO template, HostVO host) {
|
||||
if (template.getAccountId() != Account.ACCOUNT_ID_SYSTEM) {
|
||||
UsageEventUtils.publishUsageEvent(EventTypes.EVENT_TEMPLATE_CREATE, template.getAccountId(), host.getDataCenterId(),
|
||||
template.getId(), template.getName(), null, template.getSourceTemplateId(), 0L,
|
||||
template.getClass().getName(), template.getUuid());
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public VMTemplateVO create(TemplateProfile profile) {
|
||||
VMTemplateVO template = persistTemplate(profile);
|
||||
Long zoneId = profile.getZoneId();
|
||||
|
||||
/* There is no secondary storage vm for baremetal, we use pxe server id.
|
||||
* Tempalte is not bound to pxeserver right now, and we assume the pxeserver
|
||||
* cannot be removed once it was added. so we use host id of first found pxe
|
||||
* server as reference in template_host_ref.
|
||||
* This maybe a FIXME in future.
|
||||
*/
|
||||
VMTemplateHostVO vmTemplateHost = null;
|
||||
if (zoneId == null || zoneId == -1) {
|
||||
List<DataCenterVO> dcs = _dcDao.listAllIncludingRemoved();
|
||||
for (DataCenterVO dc : dcs) {
|
||||
HostVO pxe = _resourceMgr.listAllHostsInOneZoneByType(Host.Type.PxeServer, dc.getId()).get(0);
|
||||
|
||||
vmTemplateHost = _tmpltHostDao.findByHostTemplate(dc.getId(), template.getId());
|
||||
if (vmTemplateHost == null) {
|
||||
vmTemplateHost = new VMTemplateHostVO(pxe.getId(), template.getId(), new Date(), 100,
|
||||
Status.DOWNLOADED, null, null, null, null, template.getUrl());
|
||||
_tmpltHostDao.persist(vmTemplateHost);
|
||||
templateCreateUsage(template, pxe);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
HostVO pxe = _resourceMgr.listAllHostsInOneZoneByType(Host.Type.PxeServer, zoneId).get(0);
|
||||
vmTemplateHost = new VMTemplateHostVO(pxe.getId(), template.getId(), new Date(), 100,
|
||||
Status.DOWNLOADED, null, null, null, null, template.getUrl());
|
||||
_tmpltHostDao.persist(vmTemplateHost);
|
||||
templateCreateUsage(template, pxe);
|
||||
}
|
||||
|
||||
_resourceLimitMgr.incrementResourceCount(profile.getAccountId(), ResourceType.template);
|
||||
return template;
|
||||
}
|
||||
|
||||
public TemplateProfile prepareDelete(DeleteIsoCmd cmd) {
|
||||
throw new CloudRuntimeException("Baremetal doesn't support ISO, how the delete get here???");
|
||||
}
|
||||
|
||||
@Override @DB
|
||||
public boolean delete(TemplateProfile profile) {
|
||||
VMTemplateVO template = (VMTemplateVO)profile.getTemplate();
|
||||
Long templateId = template.getId();
|
||||
boolean success = true;
|
||||
String zoneName;
|
||||
boolean isAllZone;
|
||||
|
||||
if (!template.isCrossZones() && profile.getZoneId() != null) {
|
||||
isAllZone = false;
|
||||
zoneName = profile.getZoneId().toString();
|
||||
} else {
|
||||
zoneName = "all zones";
|
||||
isAllZone = true;
|
||||
}
|
||||
|
||||
s_logger.debug("Attempting to mark template host refs for template: " + template.getName() + " as destroyed in zone: " + zoneName);
|
||||
Account account = _accountDao.findByIdIncludingRemoved(template.getAccountId());
|
||||
String eventType = EventTypes.EVENT_TEMPLATE_DELETE;
|
||||
List<VMTemplateHostVO> templateHostVOs = _tmpltHostDao.listByTemplateId(templateId);
|
||||
|
||||
for (VMTemplateHostVO vo : templateHostVOs) {
|
||||
VMTemplateHostVO lock = null;
|
||||
try {
|
||||
HostVO pxeServer = _hostDao.findById(vo.getHostId());
|
||||
if (!isAllZone && pxeServer.getDataCenterId() != profile.getZoneId()) {
|
||||
continue;
|
||||
}
|
||||
|
||||
lock = _tmpltHostDao.acquireInLockTable(vo.getId());
|
||||
if (lock == null) {
|
||||
s_logger.debug("Failed to acquire lock when deleting templateHostVO with ID: " + vo.getId());
|
||||
success = false;
|
||||
break;
|
||||
}
|
||||
|
||||
vo.setDestroyed(true);
|
||||
_tmpltHostDao.update(vo.getId(), vo);
|
||||
VMTemplateZoneVO templateZone = _tmpltZoneDao.findByZoneTemplate(pxeServer.getDataCenterId(), templateId);
|
||||
if (templateZone != null) {
|
||||
_tmpltZoneDao.remove(templateZone.getId());
|
||||
}
|
||||
|
||||
UsageEventUtils.publishUsageEvent(eventType, account.getId(), pxeServer.getDataCenterId(),
|
||||
templateId, null, template.getClass().getName(), template.getUuid());
|
||||
} finally {
|
||||
if (lock != null) {
|
||||
_tmpltHostDao.releaseFromLockTable(lock.getId());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
s_logger.debug("Successfully marked template host refs for template: " + template.getName() + " as destroyed in zone: " + zoneName);
|
||||
|
||||
// If there are no more non-destroyed template host entries for this template, delete it
|
||||
if (success && (_tmpltHostDao.listByTemplateId(templateId).size() == 0)) {
|
||||
long accountId = template.getAccountId();
|
||||
|
||||
VMTemplateVO lock = _tmpltDao.acquireInLockTable(templateId);
|
||||
|
||||
try {
|
||||
if (lock == null) {
|
||||
s_logger.debug("Failed to acquire lock when deleting template with ID: " + templateId);
|
||||
success = false;
|
||||
} else if (_tmpltDao.remove(templateId)) {
|
||||
// Decrement the number of templates
|
||||
_resourceLimitMgr.decrementResourceCount(accountId, ResourceType.template);
|
||||
}
|
||||
|
||||
} finally {
|
||||
if (lock != null) {
|
||||
_tmpltDao.releaseFromLockTable(lock.getId());
|
||||
}
|
||||
}
|
||||
s_logger.debug("Removed template: " + template.getName() + " because all of its template host refs were marked as destroyed.");
|
||||
}
|
||||
|
||||
return success;
|
||||
}
|
||||
}
|
||||
@ -252,17 +252,19 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
|
||||
// FIXME - why don't we have interface for DataCenterLinkLocalIpAddressDao?
|
||||
@Inject protected DataCenterLinkLocalIpAddressDao _LinkLocalIpAllocDao;
|
||||
|
||||
private int _maxVolumeSizeInGb;
|
||||
private long _defaultPageSize;
|
||||
private int _maxVolumeSizeInGb = Integer.parseInt(Config.MaxVolumeSize.getDefaultValue());
|
||||
private long _defaultPageSize = Long.parseLong(Config.DefaultPageSize.getDefaultValue());
|
||||
protected Set<String> configValuesForValidation;
|
||||
|
||||
@Override
|
||||
public boolean configure(final String name, final Map<String, Object> params) throws ConfigurationException {
|
||||
String maxVolumeSizeInGbString = _configDao.getValue("storage.max.volume.size");
|
||||
_maxVolumeSizeInGb = NumbersUtil.parseInt(maxVolumeSizeInGbString, 2000);
|
||||
String maxVolumeSizeInGbString = _configDao.getValue(Config.MaxVolumeSize.key());
|
||||
_maxVolumeSizeInGb = NumbersUtil.parseInt(maxVolumeSizeInGbString,
|
||||
Integer.parseInt(Config.MaxVolumeSize.getDefaultValue()));
|
||||
|
||||
String defaultPageSizeString = _configDao.getValue("default.page.size");
|
||||
_defaultPageSize = NumbersUtil.parseLong(defaultPageSizeString, 500L);
|
||||
String defaultPageSizeString = _configDao.getValue(Config.DefaultPageSize.key());
|
||||
_defaultPageSize = NumbersUtil.parseLong(defaultPageSizeString,
|
||||
Long.parseLong(Config.DefaultPageSize.getDefaultValue()));
|
||||
|
||||
populateConfigValuesForValidationSet();
|
||||
return true;
|
||||
|
||||
@ -34,6 +34,7 @@ import com.cloud.vm.VMInstanceVO;
|
||||
import com.cloud.vm.VirtualMachine;
|
||||
import com.cloud.vm.VirtualMachineProfile;
|
||||
import com.cloud.vm.dao.NicDao;
|
||||
import com.cloud.vm.dao.NicSecondaryIpDao;
|
||||
import com.cloud.vm.dao.VMInstanceDao;
|
||||
|
||||
public abstract class HypervisorGuruBase extends AdapterBase implements HypervisorGuru {
|
||||
@ -41,6 +42,7 @@ public abstract class HypervisorGuruBase extends AdapterBase implements Hypervis
|
||||
@Inject VMTemplateDetailsDao _templateDetailsDao;
|
||||
@Inject NicDao _nicDao;
|
||||
@Inject VMInstanceDao _virtualMachineDao;
|
||||
@Inject NicSecondaryIpDao _nicSecIpDao;
|
||||
|
||||
protected HypervisorGuruBase() {
|
||||
super();
|
||||
@ -68,6 +70,14 @@ public abstract class HypervisorGuruBase extends AdapterBase implements Hypervis
|
||||
// Workaround to make sure the TO has the UUID we need for Niciri integration
|
||||
NicVO nicVO = _nicDao.findById(profile.getId());
|
||||
to.setUuid(nicVO.getUuid());
|
||||
//check whether the this nic has secondary ip addresses set
|
||||
//set nic secondary ip address in NicTO which are used for security group
|
||||
// configuration. Use full when vm stop/start
|
||||
List <String> secIps = null;
|
||||
if (nicVO.getSecondaryIp()) {
|
||||
secIps = _nicSecIpDao.getSecondaryIpAddressesForNic(nicVO.getId());
|
||||
}
|
||||
to.setNicSecIps(secIps);
|
||||
return to;
|
||||
}
|
||||
|
||||
|
||||
@ -21,6 +21,8 @@ import java.util.Map;
|
||||
|
||||
import org.apache.cloudstack.acl.ControlledEntity.ACLType;
|
||||
import com.cloud.dc.DataCenter;
|
||||
import com.cloud.dc.DataCenterVO;
|
||||
import com.cloud.dc.Pod;
|
||||
import com.cloud.dc.Vlan.VlanType;
|
||||
import com.cloud.deploy.DataCenterDeployment;
|
||||
import com.cloud.deploy.DeployDestination;
|
||||
@ -339,8 +341,9 @@ public interface NetworkManager {
|
||||
public String allocateGuestIP(Account ipOwner, boolean isSystem, long zoneId, Long networkId, String requestedIp)
|
||||
throws InsufficientAddressCapacityException;
|
||||
|
||||
boolean removeVmSecondaryIps(long vmId);
|
||||
|
||||
List<? extends Nic> listVmNics(Long vmId, Long nicId);
|
||||
String allocatePublicIpForGuestNic(Long networkId, DataCenter dc, Pod pod, Account caller, String requestedIp) throws InsufficientAddressCapacityException;
|
||||
boolean removeVmSecondaryIpsOfNic(long nicId);
|
||||
|
||||
}
|
||||
|
||||
@ -1765,12 +1765,8 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
|
||||
_nicDao.remove(nic.getId());
|
||||
s_logger.debug("Removed nic id=" + nic.getId());
|
||||
//remove the secondary ip addresses corresponding to to this nic
|
||||
List<NicSecondaryIpVO> secondaryIps = _nicSecondaryIpDao.listByNicId(nic.getId());
|
||||
if (secondaryIps != null) {
|
||||
for (NicSecondaryIpVO ip : secondaryIps) {
|
||||
_nicSecondaryIpDao.remove(ip.getId());
|
||||
}
|
||||
s_logger.debug("Removed nic " + nic.getId() + " secondary ip addreses");
|
||||
if (!removeVmSecondaryIpsOfNic(nic.getId())) {
|
||||
s_logger.debug("Removing nic " + nic.getId() + " secondary ip addreses failed");
|
||||
}
|
||||
}
|
||||
|
||||
@ -2835,7 +2831,6 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
|
||||
|
||||
_accountMgr.checkAccess(caller, null, false, network);
|
||||
|
||||
//return acquireGuestIpAddress(network, requestedIp);
|
||||
ipaddr = acquireGuestIpAddress(network, requestedIp);
|
||||
return ipaddr;
|
||||
}
|
||||
@ -3655,10 +3650,10 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean removeVmSecondaryIps(long vmId) {
|
||||
public boolean removeVmSecondaryIpsOfNic(long nicId) {
|
||||
Transaction txn = Transaction.currentTxn();
|
||||
txn.start();
|
||||
List <NicSecondaryIpVO> ipList = _nicSecondaryIpDao.listByVmId(vmId);
|
||||
List <NicSecondaryIpVO> ipList = _nicSecondaryIpDao.listByNicId(nicId);
|
||||
if (ipList != null) {
|
||||
for (NicSecondaryIpVO ip: ipList) {
|
||||
_nicSecondaryIpDao.remove(ip.getId());
|
||||
@ -3669,4 +3664,16 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String allocatePublicIpForGuestNic(Long networkId, DataCenter dc, Pod pod,Account owner,
|
||||
String requestedIp) throws InsufficientAddressCapacityException {
|
||||
PublicIp ip = assignPublicIpAddress(dc.getId(), null, owner, VlanType.DirectAttached, networkId, requestedIp, false);
|
||||
if (ip == null) {
|
||||
s_logger.debug("There is no free public ip address");
|
||||
return null;
|
||||
}
|
||||
Ip ipAddr = ip.getAddress();
|
||||
return ipAddr.addr();
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -742,7 +742,7 @@ public class NetworkModelImpl extends ManagerBase implements NetworkModel {
|
||||
|
||||
@Override
|
||||
public Nic getNicInNetwork(long vmId, long networkId) {
|
||||
return _nicDao.findByInstanceIdAndNetworkId(networkId, vmId);
|
||||
return _nicDao.findByInstanceIdAndNetworkIdIncludingRemoved(networkId, vmId);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -517,8 +517,45 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService {
|
||||
} catch (InsufficientAddressCapacityException e) {
|
||||
throw new InvalidParameterValueException("Allocating guest ip for nic failed");
|
||||
}
|
||||
} else if (dc.getNetworkType() == NetworkType.Basic) {
|
||||
Account caller = UserContext.current().getCaller();
|
||||
long callerUserId = UserContext.current().getCallerUserId();
|
||||
_accountMgr.checkAccess(caller, AccessType.UseNetwork, false, network);
|
||||
//handle the basic networks here
|
||||
VirtualMachine vm = _userVmDao.findById(nicVO.getInstanceId());
|
||||
if (vm == null) {
|
||||
throw new InvalidParameterValueException("There is no vm with the nic");
|
||||
}
|
||||
VMInstanceVO vmi = (VMInstanceVO)vm;
|
||||
Long podId = vmi.getPodIdToDeployIn();
|
||||
if (podId == null) {
|
||||
throw new InvalidParameterValueException("vm pod id is null");
|
||||
}
|
||||
Pod pod = _hostPodDao.findById(podId);
|
||||
if (pod == null) {
|
||||
throw new InvalidParameterValueException("vm pod is null");
|
||||
}
|
||||
|
||||
try {
|
||||
ipaddr = _networkMgr.allocatePublicIpForGuestNic(networkId, dc, pod, caller, requestedIp);
|
||||
if (ipaddr == null) {
|
||||
throw new InvalidParameterValueException("Allocating ip to guest nic " + nicId + " failed");
|
||||
}
|
||||
} catch (InsufficientAddressCapacityException e) {
|
||||
s_logger.error("Allocating ip to guest nic " + nicId + " failed");
|
||||
return null;
|
||||
}
|
||||
} else if (isSharedNetworkOfferingWithServices(network.getNetworkOfferingId()) && zone.getNetworkType() == NetworkType.Advanced) {
|
||||
// if shared network in the advanced zone, then check the caller against the network for 'AccessType.UseNetwork'
|
||||
Account caller = UserContext.current().getCaller();
|
||||
long callerUserId = UserContext.current().getCallerUserId();
|
||||
_accountMgr.checkAccess(caller, AccessType.UseNetwork, false, network);
|
||||
if (s_logger.isDebugEnabled()) {
|
||||
s_logger.debug("Associate IP address called by the user " + callerUserId + " account " + ipOwner.getId());
|
||||
}
|
||||
} else {
|
||||
throw new InvalidParameterValueException("AddIpToVMNic is not supported in this network...");
|
||||
s_logger.error("AddIpToVMNic is not supported in this network...");
|
||||
return null;
|
||||
}
|
||||
|
||||
if (ipaddr != null) {
|
||||
@ -549,18 +586,18 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService {
|
||||
boolean success = false;
|
||||
|
||||
// Verify input parameters
|
||||
NicSecondaryIpVO ipVO= _nicSecondaryIpDao.findById(ipAddressId);
|
||||
if (ipVO == null) {
|
||||
NicSecondaryIpVO secIpVO= _nicSecondaryIpDao.findById(ipAddressId);
|
||||
if (secIpVO == null) {
|
||||
throw new InvalidParameterValueException("Unable to find ip address by id");
|
||||
}
|
||||
|
||||
Network network = _networksDao.findById(ipVO.getNetworkId());
|
||||
Network network = _networksDao.findById(secIpVO.getNetworkId());
|
||||
|
||||
// verify permissions
|
||||
_accountMgr.checkAccess(caller, null, true, network);
|
||||
|
||||
Long nicId = ipVO.getNicId();
|
||||
s_logger.debug("ip id and nic id" + ipAddressId + "..." + nicId);
|
||||
Long nicId = secIpVO.getNicId();
|
||||
s_logger.debug("ip id = " + ipAddressId + " nic id = " + nicId);
|
||||
//check is this the last secondary ip for NIC
|
||||
List<NicSecondaryIpVO> ipList = _nicSecondaryIpDao.listByNicId(nicId);
|
||||
boolean lastIp = false;
|
||||
@ -568,8 +605,16 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService {
|
||||
// this is the last secondary ip to nic
|
||||
lastIp = true;
|
||||
}
|
||||
|
||||
DataCenter dc = _dcDao.findById(network.getDataCenterId());
|
||||
if (dc == null) {
|
||||
throw new InvalidParameterValueException("Invalid zone Id is given");
|
||||
}
|
||||
|
||||
s_logger.debug("Calling the ip allocation ...");
|
||||
if (dc.getNetworkType() == NetworkType.Advanced && network.getGuestType() == Network.GuestType.Isolated) {
|
||||
//check PF or static NAT is configured on this ip address
|
||||
String secondaryIp = ipVO.getIp4Address();
|
||||
String secondaryIp = secIpVO.getIp4Address();
|
||||
List<PortForwardingRuleVO> pfRuleList = _portForwardingDao.listByDestIpAddr(secondaryIp);
|
||||
if (pfRuleList.size() != 0) {
|
||||
s_logger.debug("VM nic IP " + secondaryIp + " is associated with the port forwarding rule");
|
||||
@ -581,7 +626,20 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService {
|
||||
s_logger.debug("VM nic IP " + secondaryIp + " is associated with the static NAT rule public IP address id " + publicIpVO.getId());
|
||||
throw new InvalidParameterValueException("Can' remove the ip " + secondaryIp + "is associate with static NAT rule public IP address id " + publicIpVO.getId());
|
||||
}
|
||||
success = removeNicSecondaryIP(ipVO, lastIp);
|
||||
} else if (dc.getNetworkType() == NetworkType.Basic) {
|
||||
IPAddressVO ip = _ipAddressDao.findByIpAndNetworkId(secIpVO.getNetworkId(), secIpVO.getIp4Address());
|
||||
if (ip != null) {
|
||||
Transaction txn = Transaction.currentTxn();
|
||||
txn.start();
|
||||
_networkMgr.markIpAsUnavailable(ip.getId());
|
||||
_ipAddressDao.unassignIpAddress(ip.getId());
|
||||
txn.commit();
|
||||
}
|
||||
} else if (isSharedNetworkOfferingWithServices(network.getNetworkOfferingId()) && dc.getNetworkType() == NetworkType.Advanced) {
|
||||
throw new InvalidParameterValueException("Not supported for this network now");
|
||||
}
|
||||
|
||||
success = removeNicSecondaryIP(secIpVO, lastIp);
|
||||
return success;
|
||||
}
|
||||
|
||||
|
||||
@ -66,4 +66,6 @@ public interface IPAddressDao extends GenericDao<IPAddressVO, Long> {
|
||||
IPAddressVO findByVmIp(String vmIp);
|
||||
|
||||
IPAddressVO findByAssociatedVmIdAndVmIp(long vmId, String vmIp);
|
||||
|
||||
IPAddressVO findByIpAndNetworkId(long networkId, String ipAddress);
|
||||
}
|
||||
|
||||
@ -184,6 +184,14 @@ public class IPAddressDaoImpl extends GenericDaoBase<IPAddressVO, Long> implemen
|
||||
return findOneBy(sc);
|
||||
}
|
||||
|
||||
@Override
|
||||
public IPAddressVO findByIpAndNetworkId(long networkId, String ipAddress) {
|
||||
SearchCriteria<IPAddressVO> sc = AllFieldsSearch.create();
|
||||
sc.setParameters("network", networkId);
|
||||
sc.setParameters("ipAddress", ipAddress);
|
||||
return findOneBy(sc);
|
||||
}
|
||||
|
||||
@Override
|
||||
public IPAddressVO findByIpAndDcId(long dcId, String ipAddress) {
|
||||
SearchCriteria<IPAddressVO> sc = AllFieldsSearch.create();
|
||||
|
||||
@ -16,6 +16,8 @@
|
||||
// under the License.
|
||||
package com.cloud.network.guru;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import javax.ejb.Local;
|
||||
import javax.inject.Inject;
|
||||
|
||||
@ -54,7 +56,9 @@ import com.cloud.utils.component.AdapterBase;
|
||||
import com.cloud.utils.db.DB;
|
||||
import com.cloud.utils.db.Transaction;
|
||||
import com.cloud.vm.Nic.ReservationStrategy;
|
||||
import com.cloud.vm.dao.NicSecondaryIpDao;
|
||||
import com.cloud.vm.NicProfile;
|
||||
import com.cloud.vm.NicSecondaryIp;
|
||||
import com.cloud.vm.ReservationContext;
|
||||
import com.cloud.vm.VirtualMachine;
|
||||
import com.cloud.vm.VirtualMachineProfile;
|
||||
@ -79,6 +83,8 @@ public class DirectNetworkGuru extends AdapterBase implements NetworkGuru {
|
||||
UserIpv6AddressDao _ipv6Dao;
|
||||
@Inject
|
||||
Ipv6AddressManager _ipv6Mgr;
|
||||
@Inject
|
||||
NicSecondaryIpDao _nicSecondaryIpDao;
|
||||
|
||||
private static final TrafficType[] _trafficTypes = {TrafficType.Guest};
|
||||
|
||||
@ -230,6 +236,16 @@ public class DirectNetworkGuru extends AdapterBase implements NetworkGuru {
|
||||
txn.start();
|
||||
_networkMgr.markIpAsUnavailable(ip.getId());
|
||||
_ipAddressDao.unassignIpAddress(ip.getId());
|
||||
//unassign nic secondary ip address
|
||||
s_logger.debug("remove nic " + nic.getId() + " secondary ip ");
|
||||
List<String> nicSecIps = null;
|
||||
nicSecIps = _nicSecondaryIpDao.getSecondaryIpAddressesForNic(nic.getId());
|
||||
for (String secIp: nicSecIps) {
|
||||
IPAddressVO pubIp = _ipAddressDao.findByIpAndSourceNetworkId(nic.getNetworkId(), secIp);
|
||||
_networkMgr.markIpAsUnavailable(pubIp.getId());
|
||||
_ipAddressDao.unassignIpAddress(pubIp.getId());
|
||||
}
|
||||
|
||||
txn.commit();
|
||||
}
|
||||
}
|
||||
|
||||
@ -46,8 +46,10 @@ import org.apache.cloudstack.api.command.user.securitygroup.RevokeSecurityGroupI
|
||||
import org.apache.commons.codec.digest.DigestUtils;
|
||||
import org.apache.log4j.Logger;
|
||||
|
||||
import com.amazonaws.services.identitymanagement.model.User;
|
||||
import com.cloud.agent.AgentManager;
|
||||
import com.cloud.agent.api.NetworkRulesSystemVmCommand;
|
||||
import com.cloud.agent.api.NetworkRulesVmSecondaryIpCommand;
|
||||
import com.cloud.agent.api.SecurityGroupRulesCmd;
|
||||
import com.cloud.agent.api.SecurityGroupRulesCmd.IpPortAndProto;
|
||||
import com.cloud.agent.manager.Commands;
|
||||
@ -67,12 +69,6 @@ import com.cloud.network.NetworkManager;
|
||||
import com.cloud.network.NetworkModel;
|
||||
import com.cloud.network.security.SecurityGroupWork.Step;
|
||||
import com.cloud.network.security.SecurityRule.SecurityRuleType;
|
||||
import com.cloud.network.security.dao.SecurityGroupDao;
|
||||
import com.cloud.network.security.dao.SecurityGroupRuleDao;
|
||||
import com.cloud.network.security.dao.SecurityGroupRulesDao;
|
||||
import com.cloud.network.security.dao.SecurityGroupVMMapDao;
|
||||
import com.cloud.network.security.dao.SecurityGroupWorkDao;
|
||||
import com.cloud.network.security.dao.VmRulesetLogDao;
|
||||
import com.cloud.network.security.dao.*;
|
||||
import com.cloud.projects.ProjectManager;
|
||||
import com.cloud.tags.dao.ResourceTagDao;
|
||||
@ -97,6 +93,8 @@ import com.cloud.utils.net.NetUtils;
|
||||
import com.cloud.vm.*;
|
||||
import com.cloud.vm.VirtualMachine.Event;
|
||||
import com.cloud.vm.VirtualMachine.State;
|
||||
import com.cloud.vm.dao.NicDao;
|
||||
import com.cloud.vm.dao.NicSecondaryIpDao;
|
||||
import com.cloud.vm.dao.UserVmDao;
|
||||
import com.cloud.vm.dao.VMInstanceDao;
|
||||
import edu.emory.mathcs.backport.java.util.Collections;
|
||||
@ -149,6 +147,10 @@ public class SecurityGroupManagerImpl extends ManagerBase implements SecurityGro
|
||||
ProjectManager _projectMgr;
|
||||
@Inject
|
||||
ResourceTagDao _resourceTagDao;
|
||||
@Inject
|
||||
NicDao _nicDao;
|
||||
@Inject
|
||||
NicSecondaryIpDao _nicSecIpDao;
|
||||
|
||||
ScheduledExecutorService _executorPool;
|
||||
ScheduledExecutorService _cleanupExecutor;
|
||||
@ -489,7 +491,7 @@ public class SecurityGroupManagerImpl extends ManagerBase implements SecurityGro
|
||||
return affectedVms;
|
||||
}
|
||||
|
||||
protected SecurityGroupRulesCmd generateRulesetCmd(String vmName, String guestIp, String guestMac, Long vmId, String signature, long seqnum, Map<PortAndProto, Set<String>> ingressRules, Map<PortAndProto, Set<String>> egressRules) {
|
||||
protected SecurityGroupRulesCmd generateRulesetCmd(String vmName, String guestIp, String guestMac, Long vmId, String signature, long seqnum, Map<PortAndProto, Set<String>> ingressRules, Map<PortAndProto, Set<String>> egressRules, List<String> secIps) {
|
||||
List<IpPortAndProto> ingressResult = new ArrayList<IpPortAndProto>();
|
||||
List<IpPortAndProto> egressResult = new ArrayList<IpPortAndProto>();
|
||||
for (PortAndProto pAp : ingressRules.keySet()) {
|
||||
@ -506,7 +508,7 @@ public class SecurityGroupManagerImpl extends ManagerBase implements SecurityGro
|
||||
egressResult.add(ipPortAndProto);
|
||||
}
|
||||
}
|
||||
return new SecurityGroupRulesCmd(guestIp, guestMac, vmName, vmId, signature, seqnum, ingressResult.toArray(new IpPortAndProto[ingressResult.size()]), egressResult.toArray(new IpPortAndProto[egressResult.size()]));
|
||||
return new SecurityGroupRulesCmd(guestIp, guestMac, vmName, vmId, signature, seqnum, ingressResult.toArray(new IpPortAndProto[ingressResult.size()]), egressResult.toArray(new IpPortAndProto[egressResult.size()]), secIps);
|
||||
}
|
||||
|
||||
protected void handleVmStopped(VMInstanceVO vm) {
|
||||
@ -947,8 +949,19 @@ public class SecurityGroupManagerImpl extends ManagerBase implements SecurityGro
|
||||
Map<PortAndProto, Set<String>> egressRules = generateRulesForVM(userVmId, SecurityRuleType.EgressRule);
|
||||
agentId = vm.getHostId();
|
||||
if (agentId != null) {
|
||||
// get nic secondary ip address
|
||||
String privateIp = vm.getPrivateIpAddress();
|
||||
NicVO nic = _nicDao.findByIp4AddressAndVmId(privateIp, vm.getId());
|
||||
List<String> nicSecIps = null;
|
||||
if (nic != null) {
|
||||
if (nic.getSecondaryIp()) {
|
||||
//get secondary ips of the vm
|
||||
long networkId = nic.getNetworkId();
|
||||
nicSecIps = _nicSecIpDao.getSecondaryIpAddressesForNic(nic.getId());
|
||||
}
|
||||
}
|
||||
SecurityGroupRulesCmd cmd = generateRulesetCmd( vm.getInstanceName(), vm.getPrivateIpAddress(), vm.getPrivateMacAddress(), vm.getId(), generateRulesetSignature(ingressRules, egressRules), seqnum,
|
||||
ingressRules, egressRules);
|
||||
ingressRules, egressRules, nicSecIps);
|
||||
Commands cmds = new Commands(cmd);
|
||||
try {
|
||||
_agentMgr.send(agentId, cmds, _answerListener);
|
||||
@ -1272,4 +1285,66 @@ public class SecurityGroupManagerImpl extends ManagerBase implements SecurityGro
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean securityGroupRulesForVmSecIp(Long nicId, Long networkId,
|
||||
String secondaryIp, boolean ruleAction) {
|
||||
|
||||
String vmMac = null;
|
||||
String vmName = null;
|
||||
|
||||
if (secondaryIp == null || nicId == null || networkId == null) {
|
||||
throw new InvalidParameterValueException("Vm nicId or networkId or secondaryIp can't be null");
|
||||
}
|
||||
|
||||
NicVO nic = _nicDao.findById(nicId);
|
||||
Long vmId = nic.getInstanceId();
|
||||
|
||||
// Validate parameters
|
||||
List<SecurityGroupVO> vmSgGrps = getSecurityGroupsForVm(vmId);
|
||||
if (vmSgGrps == null) {
|
||||
s_logger.debug("Vm is not in any Security group ");
|
||||
return true;
|
||||
}
|
||||
|
||||
Account caller = UserContext.current().getCaller();
|
||||
|
||||
for (SecurityGroupVO securityGroup: vmSgGrps) {
|
||||
Account owner = _accountMgr.getAccount(securityGroup.getAccountId());
|
||||
if (owner == null) {
|
||||
throw new InvalidParameterValueException("Unable to find security group owner by id=" + securityGroup.getAccountId());
|
||||
}
|
||||
// Verify permissions
|
||||
_accountMgr.checkAccess(caller, null, true, securityGroup);
|
||||
}
|
||||
|
||||
UserVm vm = _userVMDao.findById(vmId);
|
||||
if (vm.getType() != VirtualMachine.Type.User) {
|
||||
throw new InvalidParameterValueException("Can't configure the SG ipset, arprules rules for the non user vm");
|
||||
}
|
||||
|
||||
if (vm != null) {
|
||||
vmMac = vm.getPrivateMacAddress();
|
||||
vmName = vm.getInstanceName();
|
||||
if (vmMac == null || vmName == null) {
|
||||
throw new InvalidParameterValueException("vm name or vm mac can't be null");
|
||||
}
|
||||
}
|
||||
|
||||
//create command for the to add ip in ipset and arptables rules
|
||||
NetworkRulesVmSecondaryIpCommand cmd = new NetworkRulesVmSecondaryIpCommand(vmName, vmMac, secondaryIp, ruleAction);
|
||||
s_logger.debug("Asking agent to configure rules for vm secondary ip");
|
||||
Commands cmds = null;
|
||||
|
||||
cmds = new Commands(cmd);
|
||||
try {
|
||||
_agentMgr.send(vm.getHostId(), cmds);
|
||||
} catch (AgentUnavailableException e) {
|
||||
s_logger.debug(e.toString());
|
||||
} catch (OperationTimedoutException e) {
|
||||
s_logger.debug(e.toString());
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
||||
@ -40,6 +40,7 @@ import com.cloud.utils.NumbersUtil;
|
||||
import com.cloud.utils.Profiler;
|
||||
import com.cloud.utils.exception.CloudRuntimeException;
|
||||
import com.cloud.utils.mgmt.JmxUtil;
|
||||
import com.cloud.vm.NicVO;
|
||||
import com.cloud.vm.VirtualMachine.State;
|
||||
import com.cloud.network.security.SecurityRule.SecurityRuleType;
|
||||
|
||||
@ -169,9 +170,19 @@ public class SecurityGroupManagerImpl2 extends SecurityGroupManagerImpl{
|
||||
Map<PortAndProto, Set<String>> egressRules = generateRulesForVM(userVmId, SecurityRuleType.EgressRule);
|
||||
Long agentId = vm.getHostId();
|
||||
if (agentId != null) {
|
||||
String privateIp = vm.getPrivateIpAddress();
|
||||
NicVO nic = _nicDao.findByIp4AddressAndVmId(privateIp, vm.getId());
|
||||
List<String> nicSecIps = null;
|
||||
if (nic != null) {
|
||||
if (nic.getSecondaryIp()) {
|
||||
//get secondary ips of the vm
|
||||
long networkId = nic.getNetworkId();
|
||||
nicSecIps = _nicSecIpDao.getSecondaryIpAddressesForNic(nic.getId());
|
||||
}
|
||||
}
|
||||
SecurityGroupRulesCmd cmd = generateRulesetCmd(vm.getInstanceName(), vm.getPrivateIpAddress(),
|
||||
vm.getPrivateMacAddress(), vm.getId(), null,
|
||||
work.getLogsequenceNumber(), ingressRules, egressRules);
|
||||
work.getLogsequenceNumber(), ingressRules, egressRules, nicSecIps);
|
||||
cmd.setMsId(_serverId);
|
||||
if (s_logger.isDebugEnabled()) {
|
||||
s_logger.debug("SecurityGroupManager v2: sending ruleset update for vm " + vm.getInstanceName() +
|
||||
|
||||
@ -770,6 +770,13 @@ public class ResourceManagerImpl extends ManagerBase implements ResourceManager,
|
||||
}
|
||||
}
|
||||
clusterId = cluster.getId();
|
||||
if (_clusterDetailsDao.findDetail(clusterId,"cpuOvercommitRatio") == null) {
|
||||
ClusterDetailsVO cluster_cpu_detail = new ClusterDetailsVO(clusterId,"cpuOvercommitRatio","1");
|
||||
ClusterDetailsVO cluster_memory_detail = new ClusterDetailsVO(clusterId,"memoryOvercommitRatio","1");
|
||||
_clusterDetailsDao.persist(cluster_cpu_detail);
|
||||
_clusterDetailsDao.persist(cluster_memory_detail);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
try {
|
||||
|
||||
@ -472,7 +472,7 @@ public class VMTemplateDaoImpl extends GenericDaoBase<VMTemplateVO, Long> implem
|
||||
} else {
|
||||
whereClause += " AND t.account_id IN (" + permittedAccountsStr + ")";
|
||||
}
|
||||
} else if (templateFilter == TemplateFilter.sharedexecutable && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
} else if ((templateFilter == TemplateFilter.shared || templateFilter == TemplateFilter.sharedexecutable) && caller.getType() != Account.ACCOUNT_TYPE_ADMIN) {
|
||||
if (caller.getType() == Account.ACCOUNT_TYPE_NORMAL) {
|
||||
joinClause += " LEFT JOIN launch_permission lp ON t.id = lp.template_id WHERE" + " (t.account_id IN (" + permittedAccountsStr + ") OR" + " lp.account_id IN ("
|
||||
+ permittedAccountsStr + "))";
|
||||
@ -565,7 +565,7 @@ public class VMTemplateDaoImpl extends GenericDaoBase<VMTemplateVO, Long> implem
|
||||
dataCenterJoin = " INNER JOIN data_center dc on (h.data_center_id = dc.id)";
|
||||
}
|
||||
|
||||
if (templateFilter == TemplateFilter.sharedexecutable){
|
||||
if (templateFilter == TemplateFilter.sharedexecutable || templateFilter == TemplateFilter.shared ){
|
||||
lpjoin = " INNER JOIN launch_permission lp ON t.id = lp.template_id ";
|
||||
}
|
||||
|
||||
@ -644,7 +644,8 @@ public class VMTemplateDaoImpl extends GenericDaoBase<VMTemplateVO, Long> implem
|
||||
}
|
||||
|
||||
if (!permittedAccounts.isEmpty() && !(templateFilter == TemplateFilter.featured ||
|
||||
templateFilter == TemplateFilter.community || templateFilter == TemplateFilter.executable) && !isAdmin(caller.getType()) ) {
|
||||
templateFilter == TemplateFilter.community || templateFilter == TemplateFilter.executable
|
||||
|| templateFilter == TemplateFilter.shared || templateFilter == TemplateFilter.sharedexecutable) && !isAdmin(caller.getType()) ) {
|
||||
whereClause += attr + "t.account_id IN (" + permittedAccountsStr + ")";
|
||||
}
|
||||
|
||||
@ -655,7 +656,7 @@ public class VMTemplateDaoImpl extends GenericDaoBase<VMTemplateVO, Long> implem
|
||||
}
|
||||
} else if (templateFilter == TemplateFilter.self || templateFilter == TemplateFilter.selfexecutable) {
|
||||
whereClause += " AND t.account_id IN (" + permittedAccountsStr + ")";
|
||||
} else if (templateFilter == TemplateFilter.sharedexecutable) {
|
||||
} else if (templateFilter == TemplateFilter.sharedexecutable || templateFilter == TemplateFilter.shared ) {
|
||||
whereClause += " AND " +
|
||||
" (t.account_id IN (" + permittedAccountsStr + ") OR" +
|
||||
" lp.account_id IN (" + permittedAccountsStr + "))";
|
||||
|
||||
@ -1360,13 +1360,6 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Use
|
||||
+ " as a part of vm id=" + vmId
|
||||
+ " expunge because resource is unavailable", e);
|
||||
}
|
||||
//remove vm secondary ip addresses
|
||||
if (_networkMgr.removeVmSecondaryIps(vmId)) {
|
||||
s_logger.debug("Removed vm " + vmId + " secondary ip address of the VM Nics as a part of expunge process");
|
||||
} else {
|
||||
success = false;
|
||||
s_logger.warn("Fail to remove secondary ip address of vm " + vmId + " Nics as a part of expunge process");
|
||||
}
|
||||
|
||||
return success;
|
||||
}
|
||||
|
||||
@ -60,4 +60,6 @@ public interface NicDao extends GenericDao<NicVO, Long> {
|
||||
NicVO findByIp4AddressAndNetworkIdAndInstanceId(long networkId, long instanceId, String ip4Address);
|
||||
|
||||
List<NicVO> listByVmIdAndNicId(Long vmId, Long nicId);
|
||||
|
||||
NicVO findByIp4AddressAndVmId(String ip4Address, long instance);
|
||||
}
|
||||
|
||||
@ -212,4 +212,13 @@ public class NicDaoImpl extends GenericDaoBase<NicVO, Long> implements NicDao {
|
||||
sc.setParameters("nicid", nicId);
|
||||
return listBy(sc);
|
||||
}
|
||||
|
||||
@Override
|
||||
public NicVO findByIp4AddressAndVmId(String ip4Address, long instance) {
|
||||
SearchCriteria<NicVO> sc = AllFieldsSearch.create();
|
||||
sc.setParameters("address", ip4Address);
|
||||
sc.setParameters("instance", instance);
|
||||
return findOneBy(sc);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@ -32,6 +32,7 @@ import org.springframework.stereotype.Component;
|
||||
import org.apache.cloudstack.api.command.user.vm.ListNicsCmd;
|
||||
|
||||
import com.cloud.dc.DataCenter;
|
||||
import com.cloud.dc.Pod;
|
||||
import com.cloud.dc.Vlan.VlanType;
|
||||
import com.cloud.deploy.DataCenterDeployment;
|
||||
import com.cloud.deploy.DeployDestination;
|
||||
@ -854,11 +855,6 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean removeVmSecondaryIps(long vmId) {
|
||||
// TODO Auto-generated method stub
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
public List<? extends Nic> listVmNics(Long vmId, Long nicId) {
|
||||
@ -871,4 +867,18 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage
|
||||
// TODO Auto-generated method stub
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String allocatePublicIpForGuestNic(Long networkId, DataCenter dc,
|
||||
Pod pod, Account caller, String requestedIp)
|
||||
throws InsufficientAddressCapacityException {
|
||||
// TODO Auto-generated method stub
|
||||
return null;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean removeVmSecondaryIpsOfNic(long nicId) {
|
||||
// TODO Auto-generated method stub
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
@ -34,6 +34,7 @@ import org.apache.log4j.Logger;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import com.cloud.dc.DataCenter;
|
||||
import com.cloud.dc.Pod;
|
||||
import com.cloud.dc.Vlan.VlanType;
|
||||
import com.cloud.deploy.DataCenterDeployment;
|
||||
import com.cloud.deploy.DeployDestination;
|
||||
@ -1365,12 +1366,6 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage
|
||||
|
||||
|
||||
|
||||
@Override
|
||||
public boolean removeVmSecondaryIps(long vmId) {
|
||||
// TODO Auto-generated method stub
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
@ -1390,4 +1385,30 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage
|
||||
// TODO Auto-generated method stub
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@Override
|
||||
public String allocatePublicIpForGuestNic(Long networkId, DataCenter dc,
|
||||
Pod pod, Account caller, String requestedIp)
|
||||
throws InsufficientAddressCapacityException {
|
||||
// TODO Auto-generated method stub
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
@Override
|
||||
public boolean removeVmSecondaryIpsOfNic(long nicId) {
|
||||
// TODO Auto-generated method stub
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
@ -50,9 +50,10 @@ public class ConsoleProxyHttpHandlerHelper {
|
||||
ConsoleProxyPasswordBasedEncryptor encryptor = new ConsoleProxyPasswordBasedEncryptor(
|
||||
ConsoleProxy.getEncryptorPassword());
|
||||
|
||||
ConsoleProxyClientParam param = encryptor.decryptObject(ConsoleProxyClientParam.class, map.get("token"));
|
||||
|
||||
// make sure we get information from token only
|
||||
map.clear();
|
||||
ConsoleProxyClientParam param = encryptor.decryptObject(ConsoleProxyClientParam.class, map.get("token"));
|
||||
if(param != null) {
|
||||
if(param.getClientHostAddress() != null)
|
||||
map.put("host", param.getClientHostAddress());
|
||||
|
||||
@ -18,7 +18,7 @@
|
||||
|
||||
set -x
|
||||
|
||||
if [ "$1"!="" ]
|
||||
if [ ! -z "$1" ]
|
||||
then
|
||||
appliance="$1"
|
||||
else
|
||||
|
||||
@ -668,7 +668,19 @@
|
||||
});
|
||||
}
|
||||
|
||||
if(args.data.cidr !="" ){
|
||||
var oldcidr;
|
||||
$.ajax({
|
||||
url: createURL("listNetworks&id=" + args.context.networks[0].id ),
|
||||
dataType: "json",
|
||||
async: false,
|
||||
success: function(json) {
|
||||
oldcidr = json.listnetworksresponse.network[0].cidr;
|
||||
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
if(args.data.cidr !="" && args.data.cidr != oldcidr ){
|
||||
$.extend(data, {
|
||||
guestvmcidr: args.data.cidr
|
||||
});
|
||||
|
||||
@ -127,6 +127,24 @@
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<groupId>org.apache.maven.plugins</groupId>
|
||||
<artifactId>maven-dependency-plugin</artifactId>
|
||||
<version>2.5.1</version>
|
||||
<executions>
|
||||
<execution>
|
||||
<id>copy-dependencies</id>
|
||||
<phase>package</phase>
|
||||
<goals>
|
||||
<goal>copy-dependencies</goal>
|
||||
</goals>
|
||||
<configuration>
|
||||
<outputDirectory>${project.build.directory}/dependencies</outputDirectory>
|
||||
<includeScope>runtime</includeScope>
|
||||
</configuration>
|
||||
</execution>
|
||||
</executions>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
<profiles>
|
||||
|
||||
@ -19,7 +19,6 @@ package com.cloud.utils;
|
||||
import java.io.File;
|
||||
|
||||
import org.apache.log4j.Logger;
|
||||
import org.apache.log4j.PropertyConfigurator;
|
||||
import org.apache.log4j.xml.DOMConfigurator;
|
||||
|
||||
public class LogUtils {
|
||||
@ -36,7 +35,7 @@ public class LogUtils {
|
||||
file = PropertiesUtil.findConfigFile(nameWithoutExtension + ".properties");
|
||||
if (file != null) {
|
||||
s_logger.info("log4j configuration found at " + file.getAbsolutePath());
|
||||
PropertyConfigurator.configureAndWatch(file.getAbsolutePath());
|
||||
DOMConfigurator.configureAndWatch(file.getAbsolutePath());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user