CLOUDSTACK-10013: SystemVM.iso refactoring and cleanups

- Removes old/dead files
- Refactors file path/location, backward compatible to filepaths in
  systemvm.isoa
- Fixes failures around apache2

agent-simulator/tomcatconf/commands-simulator.properties.in

@@ -1,21 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-# 
-#   http://www.apache.org/licenses/LICENSE-2.0
-# 
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-configureSimulator=com.cloud.api.commands.ConfigureSimulatorCmd;1
-querySimulatorMock=com.cloud.api.commands.QuerySimulatorMockCmd;1
-cleanupSimulatorMock=com.cloud.api.commands.CleanupSimulatorMockCmd;1

client/pom.xml

@@ -798,7 +798,6 @@
                   <target>
                     <copy todir="${basedir}/target/common/vms">
                       <fileset dir="${basedir}/../systemvm/dist">
-                        <include name="systemvm.zip"/>
                         <include name="systemvm.iso"/>
                       </fileset>
                     </copy>

developer/developer-prefill.sql

@@ -112,7 +112,7 @@ INSERT INTO `cloud`.`configuration` (category, instance, component, name, value)
 
 INSERT INTO `cloud`.`configuration` (category, instance, component, name, value)
             VALUES ('Advanced', 'DEFAULT', 'management-server',
-            'ping.timeout', '1.5');
+            'ping.timeout', '2.0');
 
 -- Enable dynamic RBAC by default for fresh deployments
 INSERT INTO `cloud`.`configuration` (category, instance, component, name, value)

pom.xml

@@ -920,35 +920,12 @@
               <exclude>ui/lib/reset.css</exclude>
               <exclude>ui/lib/require.js</exclude>
               <exclude>utils/testsmallfileinactive</exclude>
-              <exclude>systemvm/conf/agent.properties</exclude>
-              <exclude>systemvm/conf/environment.properties</exclude>
-              <exclude>systemvm/js/jquery.js</exclude>
-              <exclude>systemvm/js/jquery.flot.navigate.js</exclude>
-              <exclude>systemvm/patches/debian/systemvm.vmx</exclude>
-              <exclude>systemvm/patches/debian/config/root/.ssh/authorized_keys</exclude>
-              <exclude>systemvm/patches/debian/config/etc/apache2/httpd.conf</exclude>
-              <exclude>systemvm/patches/debian/config/etc/apache2/vhost.template</exclude>
-              <exclude>systemvm/patches/debian/config/etc/dnsmasq.conf.tmpl</exclude>
-              <exclude>systemvm/patches/debian/config/etc/vpcdnsmasq.conf</exclude>
-              <exclude>systemvm/patches/debian/config/etc/ssh/sshd_config</exclude>
-              <exclude>systemvm/patches/debian/config/etc/rsyslog.conf</exclude>
-              <exclude>systemvm/patches/debian/config/etc/logrotate.conf</exclude>
-              <exclude>systemvm/patches/debian/config/etc/logrotate.d/*</exclude>
-              <exclude>systemvm/patches/debian/config/etc/sysctl.conf</exclude>
-              <exclude>systemvm/patches/debian/config/root/redundant_router/keepalived.conf.templ</exclude>
-              <exclude>systemvm/patches/debian/config/root/redundant_router/arping_gateways.sh.templ</exclude>
-              <exclude>systemvm/patches/debian/config/root/redundant_router/conntrackd.conf.templ</exclude>
-              <exclude>systemvm/patches/debian/vpn/etc/ipsec.conf</exclude>
-              <exclude>systemvm/patches/debian/vpn/etc/ppp/options.xl2tpd</exclude>
-              <exclude>systemvm/patches/debian/vpn/etc/xl2tpd/xl2tpd.conf</exclude>
-              <exclude>systemvm/patches/debian/vpn/etc/ipsec.secrets</exclude>
-              <exclude>systemvm/patches/debian/config/etc/haproxy/haproxy.cfg</exclude>
-              <exclude>systemvm/patches/debian/config/etc/cloud-nic.rules</exclude>
-              <exclude>systemvm/patches/debian/config/etc/modprobe.d/aesni_intel</exclude>
-              <exclude>systemvm/patches/debian/config/etc/rc.local</exclude>
-              <exclude>systemvm/patches/debian/config/var/www/html/userdata/.htaccess</exclude>
-              <exclude>systemvm/patches/debian/config/var/www/html/latest/.htaccess</exclude>
-              <exclude>systemvm/patches/debian/vpn/etc/ipsec.d/l2tp.conf</exclude>
+              <exclude>systemvm/agent/conf/agent.properties</exclude>
+              <exclude>systemvm/agent/conf/environment.properties</exclude>
+              <exclude>systemvm/agent/js/jquery.js</exclude>
+              <exclude>systemvm/agent/js/jquery.flot.navigate.js</exclude>
+              <exclude>systemvm/patches/debian/**</exclude>
+              <exclude>systemvm/patches/vpn/**</exclude>
               <exclude>tools/transifex/.tx/config</exclude>
               <exclude>tools/logo/apache_cloudstack.png</exclude>
               <exclude>tools/marvin/marvin/sandbox/advanced/sandbox.cfg</exclude>

setup/dev/advanced.cfg

@@ -231,7 +231,7 @@
         },
         {
             "name": "ping.timeout",
-            "value": "1.5"
+            "value": "2.0"
         }
     ],
     "mgtSvr": [

systemvm/agent/css/logger.css

@@ -136,4 +136,3 @@ a:hover.logwin_minimizebutton {
     height: 477px;
     background: white;
 }
-

systemvm/agent/js/ajaxviewer.js

@@ -1437,4 +1437,3 @@ AjaxViewer.prototype = {
 		return modifiers;
 	}
 };
-

systemvm/agent/js/cloud.logger.js

@@ -335,4 +335,3 @@ Logger.prototype = {
 		}
 	}
 };
-

systemvm/agent/scripts/config_ssl.sh

@@ -47,8 +47,6 @@ config_apache2_conf() {
   cp -f /etc/apache2/sites-available/default-ssl.orig /etc/apache2/sites-available/default-ssl
   sed -i -e "s/<VirtualHost.*>/<VirtualHost $ip:80>/" /etc/apache2/sites-available/default
   sed -i -e "s/<VirtualHost.*>/<VirtualHost $ip:443>/" /etc/apache2/sites-available/default-ssl
-  sed -i -e "s/Listen .*:80/Listen $ip:80/g" /etc/apache2/ports.conf
-  sed -i -e "s/Listen .*:443/Listen $ip:443/g" /etc/apache2/ports.conf
   sed -i  's/ssl-cert-snakeoil.key/cert_apache.key/' /etc/apache2/sites-available/default-ssl
   sed -i  's/ssl-cert-snakeoil.pem/cert_apache.crt/' /etc/apache2/sites-available/default-ssl
   sed -i  's/SSLProtocol.*$/SSLProtocol all -SSLv2 -SSLv3/' /etc/apache2/sites-available/default-ssl
@@ -208,10 +206,7 @@ fi
 if [ -d /etc/apache2 ]
 then
   config_apache2_conf $publicIp $hostName
-  /etc/init.d/apache2 stop
-  /etc/init.d/apache2 start
+  systemctl restart apache2
 else
   config_httpd_conf $publicIp $hostName
 fi
-
-

systemvm/agent/scripts/ipfirewall.sh

@@ -47,4 +47,3 @@ do
         ips "$i"
 done
 exit $?
-

systemvm/agent/ui/viewer-update.ftl

@@ -21,4 +21,3 @@ tileMap = [ ${tileSequence} ];
 	ajaxViewer.resize('main_panel', ${width}, ${height}, ${tileWidth}, ${tileHeight});
 </#if>
 ajaxViewer.refresh('${imgUrl}', tileMap, false);
- 

systemvm/bindir/cloud-setup-console-proxy.in

@@ -1,220 +0,0 @@
-#!/usr/bin/env python
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-# 
-#   http://www.apache.org/licenses/LICENSE-2.0
-# 
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-import sys, os, subprocess, errno, re, getopt
-
-# ---- This snippet of code adds the sources path and the waf configured PYTHONDIR to the Python path ----
-# ---- We do this so cloud_utils can be looked up in the following order:
-# ---- 1) Sources directory
-# ---- 2) waf configured PYTHONDIR
-# ---- 3) System Python path
-for pythonpath in (
-		"@PYTHONDIR@",
-		os.path.join(os.path.dirname(__file__),os.path.pardir,os.path.pardir,"python","lib"),
-	):
-		if os.path.isdir(pythonpath): sys.path.insert(0,pythonpath)
-# ---- End snippet of code ----
-import cloud_utils
-from cloud_utils import stderr
-
-E_GENERIC= 1
-E_NOKVM = 2
-E_NODEFROUTE = 3
-E_DHCP = 4
-E_NOPERSISTENTNET = 5
-E_NETRECONFIGFAILED = 6
-E_VIRTRECONFIGFAILED = 7
-E_FWRECONFIGFAILED = 8
-E_CPRECONFIGFAILED = 9
-E_CPFAILEDTOSTART = 10
-E_NOFQDN = 11
-
-def bail(errno=E_GENERIC,message=None,*args):
-	if message: stderr(message,*args)
-	stderr("Cloud Console Proxy setup aborted")
-	sys.exit(errno)
-
-
-#---------------- boilerplate for python 2.4 support 
-
-
-# CENTOS does not have this -- we have to put this here
-try:
-	from subprocess import check_call
-	from subprocess import CalledProcessError
-except ImportError:
-	def check_call(*popenargs, **kwargs):
-		import subprocess
-		retcode = subprocess.call(*popenargs, **kwargs)
-		cmd = kwargs.get("args")
-		if cmd is None: cmd = popenargs[0]
-		if retcode: raise CalledProcessError(retcode, cmd)
-		return retcode
-
-	class CalledProcessError(Exception):
-		def __init__(self, returncode, cmd):
-			self.returncode = returncode ; self.cmd = cmd
-		def __str__(self): return "Command '%s' returned non-zero exit status %d" % (self.cmd, self.returncode)
-
-# ------------ end boilerplate -------------------------
-
-def check_hostname(): return check_call(["hostname",'--fqdn'])
-
-class Command:
-	def __init__(self,name,parent=None):
-		self.__name = name
-		self.__parent = parent
-	def __getattr__(self,name):
-		if name == "_print": name = "print"
-		return Command(name,self)
-	def __call__(self,*args):
-		cmd = self.__get_recursive_name() + list(args)
-		#print "	",cmd
-		popen = subprocess.Popen(cmd,stdout=subprocess.PIPE,stderr=subprocess.PIPE)
-		m = popen.communicate()
-		ret = popen.wait()
-		if ret:
-			e = CalledProcessError(ret,cmd)
-			e.stdout,e.stderr = m
-			raise e
-		class CommandOutput:
-			def __init__(self,stdout,stderr):
-				self.stdout = stdout
-				self.stderr = stderr
-		return CommandOutput(*m)
-	def __lt__(self,other):
-		cmd = self.__get_recursive_name()
-		#print "	",cmd,"<",other
-		popen = subprocess.Popen(cmd,stdin=subprocess.PIPE,stdout=subprocess.PIPE,stderr=subprocess.PIPE)
-		m = popen.communicate(other)
-		ret = popen.wait()
-		if ret:
-			e = CalledProcessError(ret,cmd)
-			e.stdout,e.stderr = m
-			raise e
-		class CommandOutput:
-			def __init__(self,stdout,stderr):
-				self.stdout = stdout
-				self.stderr = stderr
-		return CommandOutput(*m)
-		
-	def __get_recursive_name(self,sep=None):
-		m = self
-		l = []
-		while m is not None:
-			l.append(m.__name)
-			m = m.__parent
-		l.reverse()
-		if sep: return sep.join(l)
-		else: return l
-	def __str__(self):
-		return '<Command %r>'%self.__get_recursive_name(sep=" ")
-		
-	def __repr__(self): return self.__str__()
-
-ip = Command("ip")
-service = Command("service")
-chkconfig = Command("chkconfig")
-ufw = Command("ufw")
-iptables = Command("iptables")
-augtool = Command("augtool")
-ifconfig = Command("ifconfig")
-uuidgen = Command("uuidgen")
-
-Fedora = os.path.exists("/etc/fedora-release")
-CentOS = os.path.exists("/etc/centos-release") or ( os.path.exists("/etc/redhat-release") and not os.path.exists("/etc/fedora-release") )
-
-#--------------- procedure starts here ------------
-
-def main():
-	# parse cmd line	
-	opts, args = getopt.getopt(sys.argv[1:], "a", ["host=", "zone=", "pod="])
-	host=None
-	zone=None
-	pod=None
-    	autoMode=False
-	do_check_kvm = True	
-	for opt, arg in opts:
-		if opt == "--host":
-			if arg != "":
-				host = arg
-		elif opt == "--zone":
-			if arg != "":
-				zone = arg
-		elif opt == "--pod":
-		        if arg != "":
-				pod = arg
-        	elif opt == "-a":
-            		autoMode=True
-	servicename = "@PACKAGE@-console-proxy"
-	
-	if autoMode:
-		cloud_utils.setLogFile("/var/log/cloud/setupConsoleProxy.log")
-
-	stderr("Welcome to the Cloud Console Proxy setup")
-	stderr("")
-
-	try:
-		check_hostname()
-		stderr("The hostname of this machine is properly set up")
-	except CalledProcessError,e:
-		bail(E_NOFQDN,"This machine does not have an FQDN (fully-qualified domain name) for a hostname")
-
-	stderr("Stopping the Cloud Console Proxy")
-	cloud_utils.stop_service(servicename)
-	stderr("Cloud Console Proxy stopped")
-
-	ports = "8002".split()
-	if Fedora or CentOS:
-		try:
-			o = chkconfig("--list","iptables")
-			if ":on" in o.stdout and os.path.exists("/etc/sysconfig/iptables"):
-				stderr("Setting up firewall rules to permit traffic to Cloud services")
-				service.iptables.start() ; print o.stdout + o.stderr
-				for p in ports: iptables("-I","INPUT","1","-p","tcp","--dport",p,'-j','ACCEPT')
-				o = service.iptables.save() ; print o.stdout + o.stderr
-		except CalledProcessError,e:
-			print e.stdout+e.stderr
-			bail(E_FWRECONFIGFAILED,"Firewall rules could not be set")
-	else:
-		stderr("Setting up firewall rules to permit traffic to Cloud services")
-		try:
-			for p in ports: ufw.allow(p)
-			stderr("Rules set")
-		except CalledProcessError,e:
-			print e.stdout+e.stderr
-			bail(E_FWRECONFIGFAILED,"Firewall rules could not be set")
-
-		stderr("We are going to enable ufw now.  This may disrupt network connectivity and service availability.  See the ufw documentation for information on how to manage ufw firewall policies.")
-		try:
-			o = ufw.enable < "y\n" ; print o.stdout + o.stderr
-		except CalledProcessError,e:
-			print e.stdout+e.stderr
-			bail(E_FWRECONFIGFAILED,"Firewall could not be enabled")
-
-	cloud_utils.setup_consoleproxy_config("@CPSYSCONFDIR@/agent.properties", host, zone, pod)
-	stderr("Enabling and starting the Cloud Console Proxy")
-	cloud_utils.enable_service(servicename)
-	stderr("Cloud Console Proxy restarted")
-
-if __name__ == "__main__":
-	main()
-
-# FIXMES: 1) nullify networkmanager on ubuntu (asking the user first) and enable the networking service permanently

systemvm/conf.dom0/agent.properties.in

@@ -1,46 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-# 
-#   http://www.apache.org/licenses/LICENSE-2.0
-# 
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# Sample configuration file for VMOPS console proxy
-
-instance=ConsoleProxy
-consoleproxy.httpListenPort=8002
-
-#resource= the java class, which agent load to execute
-resource=com.cloud.agent.resource.consoleproxy.ConsoleProxyResource
-
-#host= The IP address of management server
-host=localhost
-
-#port = The port management server listening on, default is 8250
-port=8250
-
-#pod= The pod, which agent belonged to
-pod=default
-
-#zone= The zone, which agent belonged to
-zone=default
-
-#private.network.device= the private nic device
-# if this is commented, it is autodetected on service startup
-# private.network.device=cloudbr0
-
-#public.network.device= the public nic device
-# if this is commented, it is autodetected on service startup
-# public.network.device=cloudbr0
-
-#guid= a GUID to identify the agent

systemvm/conf.dom0/consoleproxy.properties.in

@@ -1,23 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-# 
-#   http://www.apache.org/licenses/LICENSE-2.0
-# 
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-consoleproxy.tcpListenPort=0
-consoleproxy.httpListenPort=80
-consoleproxy.httpCmdListenPort=8001
-consoleproxy.jarDir=./applet/
-consoleproxy.viewerLinger=180
-consoleproxy.reconnectMaxRetry=5

systemvm/conf.dom0/log4j-cloud.xml.in

@@ -1,111 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements.  See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership.  The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License.  You may obtain a copy of the License at
-
-  http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied.  See the License for the
-specific language governing permissions and limitations
-under the License.
--->
-<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
-
-<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/" debug="false">
-
-   <!-- ================================= -->
-   <!-- Preserve messages in a local file -->
-   <!-- ================================= -->
-
-   <!-- A time/date based rolling appender -->
-   <appender name="FILE" class="org.apache.log4j.rolling.RollingFileAppender">
-      <param name="Append" value="true"/>
-      <param name="Threshold" value="WARN"/>
-      <rollingPolicy class="org.apache.log4j.rolling.TimeBasedRollingPolicy">
-        <param name="FileNamePattern" value="@CPLOG@.%d{yyyy-MM-dd}.gz"/>
-        <param name="ActiveFileName" value="@CPLOG@"/>
-      </rollingPolicy>
-      <layout class="org.apache.log4j.EnhancedPatternLayout">
-         <param name="ConversionPattern" value="%d{ISO8601} %-5p [%c{3}] (%t:%x) (logid:%X{logcontextid}) %m%n"/>
-      </layout>
-   </appender>
-   
-   <!-- ============================== -->
-   <!-- Append messages to the console -->
-   <!-- ============================== -->
-
-   <appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender">
-      <param name="Target" value="System.out"/>
-      <param name="Threshold" value="WARN"/>
-
-      <layout class="org.apache.log4j.PatternLayout">
-         <param name="ConversionPattern" value="%d{ABSOLUTE} %5p %c{1}:%L - %m%n"/>
-      </layout>
-   </appender>
-
-   <!-- ================ -->
-   <!-- Limit categories -->
-   <!-- ================ -->
-
-   <category name="com.cloud.console.ConsoleCanvas">
-     <priority value="WARN"/>
-   </category>
-   
-   <category name="com.cloud.consoleproxy.ConsoleProxyAjaxImageHandler">
-     <priority value="WARN"/>
-   </category>
-   
-   <category name="com.cloud.consoleproxy.ConsoleProxyViwer">
-     <priority value="WARN"/>
-   </category>
-
-   <category name="com.cloud.consoleproxy">
-     <priority value="INFO"/>
-   </category>
-
-   <category name="com.cloud">
-     <priority value="DEBUG"/>
-   </category>
-   
-   <!-- Limit the org.apache category to INFO as its DEBUG is verbose -->
-   <category name="org.apache">
-      <priority value="INFO"/>
-   </category>
-
-   <category name="org">
-      <priority value="INFO"/>
-   </category>
-   
-   <category name="net">
-     <priority value="INFO"/>
-   </category>
-
-   <!-- Limit the com.amazonaws category to INFO as its DEBUG is verbose -->
-   <category name="com.amazonaws">
-      <priority value="INFO"/>
-   </category>
-
-   <!-- Limit the httpclient.wire category to INFO as its DEBUG is verbose -->
-   <category name="httpclient.wire">
-      <priority value="INFO"/>
-   </category>
-
-   <!-- ======================= -->
-   <!-- Setup the Root category -->
-   <!-- ======================= -->
-
-   <root>
-      <level value="INFO"/>
-      <appender-ref ref="CONSOLE"/>
-      <appender-ref ref="FILE"/>
-   </root>
-
-</log4j:configuration>

systemvm/conf/agent.properties.ssvm

@@ -1,21 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-# 
-#   http://www.apache.org/licenses/LICENSE-2.0
-# 
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-#mount.path=~/secondary-storage/
-resource=org.apache.cloudstack.storage.resource.NfsSecondaryStorageResource
-testCifsMount=cifs://192.168.1.1/CSHV3?user=administrator&password=1pass%40word1
-#testLocalRoot=test

systemvm/distro/centos/SYSCONFDIR/rc.d/init.d/cloud-console-proxy.in

@@ -1,96 +0,0 @@
-#!/bin/bash
-
-# chkconfig: 35 99 10
-# description: Cloud Console Proxy
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-# 
-#   http://www.apache.org/licenses/LICENSE-2.0
-# 
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# WARNING: if this script is changed, then all other initscripts MUST BE changed to match it as well
-
-. /etc/rc.d/init.d/functions
-
-# set environment variables
-
-SHORTNAME=`basename $0`
-PIDFILE=@PIDDIR@/"$SHORTNAME".pid
-LOCKFILE=@LOCKDIR@/"$SHORTNAME"
-LOGFILE=@CPLOG@
-PROGNAME="Cloud Console Proxy"
-
-unset OPTIONS
-[ -r @SYSCONFDIR@/sysconfig/"$SHORTNAME" ] && source @SYSCONFDIR@/sysconfig/"$SHORTNAME"
-DAEMONIZE=@BINDIR@/@PACKAGE@-daemonize
-PROG=@LIBEXECDIR@/console-proxy-runner
-
-start() {
-        echo -n $"Starting $PROGNAME: "
-	if hostname --fqdn >/dev/null 2>&1 ; then
-		daemon --check=$SHORTNAME --pidfile=${PIDFILE} "$DAEMONIZE" \
-			-n "$SHORTNAME" -p "$PIDFILE" -l "$LOGFILE" "$PROG" $OPTIONS
-		RETVAL=$?
-		echo
-	else
-		failure
-		echo
-		echo The host name does not resolve properly to an IP address.  Cannot start "$PROGNAME". > /dev/stderr
-		RETVAL=9
-	fi
-	[ $RETVAL = 0 ] && touch ${LOCKFILE}
-	return $RETVAL
-}
-
-stop() {
-	echo -n $"Stopping $PROGNAME: "
-	killproc -p ${PIDFILE} $SHORTNAME # -d 10 $SHORTNAME
-	RETVAL=$?
-	echo
-	[ $RETVAL = 0 ] && rm -f ${LOCKFILE} ${PIDFILE}
-}
-
-
-# See how we were called.
-case "$1" in
-  start)
-	start
-	;;
-  stop)
-	stop
-	;;
-  status)
-        status -p ${PIDFILE} $SHORTNAME
-	RETVAL=$?
-	;;
-  restart)
-	stop
-	sleep 3
-	start
-	;;
-  condrestart)
-	if status -p ${PIDFILE} $SHORTNAME >&/dev/null; then
-		stop
-		sleep 3
-		start
-	fi
-	;;
-  *)
-	echo $"Usage: $SHORTNAME {start|stop|restart|condrestart|status|help}"
-	RETVAL=3
-esac
-
-exit $RETVAL
-

systemvm/distro/fedora/SYSCONFDIR/rc.d/init.d/cloud-console-proxy.in

@@ -1,96 +0,0 @@
-#!/bin/bash
-
-# chkconfig: 35 99 10
-# description: Cloud Console Proxy
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-# 
-#   http://www.apache.org/licenses/LICENSE-2.0
-# 
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# WARNING: if this script is changed, then all other initscripts MUST BE changed to match it as well
-
-. /etc/rc.d/init.d/functions
-
-# set environment variables
-
-SHORTNAME=`basename $0`
-PIDFILE=@PIDDIR@/"$SHORTNAME".pid
-LOCKFILE=@LOCKDIR@/"$SHORTNAME"
-LOGFILE=@CPLOG@
-PROGNAME="Cloud Console Proxy"
-
-unset OPTIONS
-[ -r @SYSCONFDIR@/sysconfig/"$SHORTNAME" ] && source @SYSCONFDIR@/sysconfig/"$SHORTNAME"
-DAEMONIZE=@BINDIR@/@PACKAGE@-daemonize
-PROG=@LIBEXECDIR@/console-proxy-runner
-
-start() {
-        echo -n $"Starting $PROGNAME: "
-	if hostname --fqdn >/dev/null 2>&1 ; then
-		daemon --check=$SHORTNAME --pidfile=${PIDFILE} "$DAEMONIZE" \
-			-n "$SHORTNAME" -p "$PIDFILE" -l "$LOGFILE" "$PROG" $OPTIONS
-		RETVAL=$?
-		echo
-	else
-		failure
-		echo
-		echo The host name does not resolve properly to an IP address.  Cannot start "$PROGNAME". > /dev/stderr
-		RETVAL=9
-	fi
-	[ $RETVAL = 0 ] && touch ${LOCKFILE}
-	return $RETVAL
-}
-
-stop() {
-	echo -n $"Stopping $PROGNAME: "
-	killproc -p ${PIDFILE} $SHORTNAME # -d 10 $SHORTNAME
-	RETVAL=$?
-	echo
-	[ $RETVAL = 0 ] && rm -f ${LOCKFILE} ${PIDFILE}
-}
-
-
-# See how we were called.
-case "$1" in
-  start)
-	start
-	;;
-  stop)
-	stop
-	;;
-  status)
-        status -p ${PIDFILE} $SHORTNAME
-	RETVAL=$?
-	;;
-  restart)
-	stop
-	sleep 3
-	start
-	;;
-  condrestart)
-	if status -p ${PIDFILE} $SHORTNAME >&/dev/null; then
-		stop
-		sleep 3
-		start
-	fi
-	;;
-  *)
-	echo $"Usage: $SHORTNAME {start|stop|restart|condrestart|status|help}"
-	RETVAL=3
-esac
-
-exit $RETVAL
-

systemvm/distro/rhel/SYSCONFDIR/rc.d/init.d/cloud-console-proxy.in

@@ -1,96 +0,0 @@
-#!/bin/bash
-
-# chkconfig: 35 99 10
-# description: Cloud Console Proxy
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-# 
-#   http://www.apache.org/licenses/LICENSE-2.0
-# 
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# WARNING: if this script is changed, then all other initscripts MUST BE changed to match it as well
-
-. /etc/rc.d/init.d/functions
-
-# set environment variables
-
-SHORTNAME=`basename $0`
-PIDFILE=@PIDDIR@/"$SHORTNAME".pid
-LOCKFILE=@LOCKDIR@/"$SHORTNAME"
-LOGFILE=@CPLOG@
-PROGNAME="Cloud Console Proxy"
-
-unset OPTIONS
-[ -r @SYSCONFDIR@/sysconfig/"$SHORTNAME" ] && source @SYSCONFDIR@/sysconfig/"$SHORTNAME"
-DAEMONIZE=@BINDIR@/@PACKAGE@-daemonize
-PROG=@LIBEXECDIR@/console-proxy-runner
-
-start() {
-        echo -n $"Starting $PROGNAME: "
-	if hostname --fqdn >/dev/null 2>&1 ; then
-		daemon --check=$SHORTNAME --pidfile=${PIDFILE} "$DAEMONIZE" \
-			-n "$SHORTNAME" -p "$PIDFILE" -l "$LOGFILE" "$PROG" $OPTIONS
-		RETVAL=$?
-		echo
-	else
-		failure
-		echo
-		echo The host name does not resolve properly to an IP address.  Cannot start "$PROGNAME". > /dev/stderr
-		RETVAL=9
-	fi
-	[ $RETVAL = 0 ] && touch ${LOCKFILE}
-	return $RETVAL
-}
-
-stop() {
-	echo -n $"Stopping $PROGNAME: "
-	killproc -p ${PIDFILE} $SHORTNAME # -d 10 $SHORTNAME
-	RETVAL=$?
-	echo
-	[ $RETVAL = 0 ] && rm -f ${LOCKFILE} ${PIDFILE}
-}
-
-
-# See how we were called.
-case "$1" in
-  start)
-	start
-	;;
-  stop)
-	stop
-	;;
-  status)
-        status -p ${PIDFILE} $SHORTNAME
-	RETVAL=$?
-	;;
-  restart)
-	stop
-	sleep 3
-	start
-	;;
-  condrestart)
-	if status -p ${PIDFILE} $SHORTNAME >&/dev/null; then
-		stop
-		sleep 3
-		start
-	fi
-	;;
-  *)
-	echo $"Usage: $SHORTNAME {start|stop|restart|condrestart|status|help}"
-	RETVAL=3
-esac
-
-exit $RETVAL
-

systemvm/distro/ubuntu/SYSCONFDIR/init.d/cloud-console-proxy.in

@@ -1,110 +0,0 @@
-#!/bin/bash
-
-# chkconfig: 35 99 10
-# description: Cloud Console Proxy
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-# 
-#   http://www.apache.org/licenses/LICENSE-2.0
-# 
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# WARNING: if this script is changed, then all other initscripts MUST BE changed to match it as well
-
-. /lib/lsb/init-functions
-. /etc/default/rcS
-
-# set environment variables
-
-SHORTNAME=`basename $0`
-PIDFILE=@PIDDIR@/"$SHORTNAME".pid
-LOCKFILE=@LOCKDIR@/"$SHORTNAME"
-LOGFILE=@CPLOG@
-PROGNAME="Cloud Console Proxy"
-
-unset OPTIONS
-[ -r @SYSCONFDIR@/default/"$SHORTNAME" ] && source @SYSCONFDIR@/default/"$SHORTNAME"
-DAEMONIZE=@BINDIR@/@PACKAGE@-daemonize
-PROG=@LIBEXECDIR@/console-proxy-runner
-
-start() {
-        log_daemon_msg $"Starting $PROGNAME" "$SHORTNAME"
-	if [ -s "$PIDFILE" ] && kill -0 $(cat "$PIDFILE") >/dev/null 2>&1; then
-	      log_progress_msg "apparently already running"
-	      log_end_msg 0
-	      exit 0
-	fi
-	if hostname --fqdn >/dev/null 2>&1 ; then
-		true
-	else
-		log_failure_msg "The host name does not resolve properly to an IP address.  Cannot start $PROGNAME"
-		log_end_msg 1
-		exit 1
-	fi
- 
-	if start-stop-daemon --start --quiet \
-		--pidfile "$PIDFILE" \
-		--exec "$DAEMONIZE" -- -n "$SHORTNAME" -p "$PIDFILE" -l "$LOGFILE" "$PROG" $OPTIONS
-		RETVAL=$?
-	    then
-		rc=0
-		sleep 1
-		if ! kill -0 $(cat "$PIDFILE") >/dev/null 2>&1; then
-		    log_failure_msg "$PROG failed to start"
-		    rc=1
-		fi
-	else
-		rc=1
-	fi
-
-	if [ $rc -eq 0 ]; then
-		log_end_msg 0
-	else
-		log_end_msg 1
-		rm -f "$PIDFILE"
-	fi
-}
-
-stop() {
-	echo -n $"Stopping $PROGNAME" "$SHORTNAME"
-	start-stop-daemon --stop --quiet --oknodo --pidfile "$PIDFILE"
-	log_end_msg $?
-	rm -f "$PIDFILE"
-}
-
-
-# See how we were called.
-case "$1" in
-  start)
-	start
-	;;
-  stop)
-	stop
-	;;
-  status)
-        status_of_proc -p "$PIDFILE" "$PROG" "$SHORTNAME"
-	RETVAL=$?
-	;;
-  restart)
-	stop
-	sleep 3
-	start
-	;;
-  *)
-	echo $"Usage: $SHORTNAME {start|stop|restart|status|help}"
-	RETVAL=3
-esac
-
-exit $RETVAL
-

systemvm/libexec/console-proxy-runner.in

@@ -1,90 +0,0 @@
-#!/usr/bin/env bash
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-# 
-#   http://www.apache.org/licenses/LICENSE-2.0
-# 
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-#run.sh runs the agent client.
-
-cd `dirname "$0"`
-
-SYSTEMJARS="@SYSTEMJARS@"
-SCP=$(build-classpath $SYSTEMJARS) ; if [ $? != 0 ] ; then SCP="@SYSTEMCLASSPATH@" ; fi
-DCP="@DEPSCLASSPATH@"
-ACP="@AGENTCLASSPATH@"
-export CLASSPATH=$SCP:$DCP:$ACP:@CPSYSCONFDIR@
-for jarfile in "@PREMIUMJAVADIR@"/* ; do
-	if [ ! -e "$jarfile" ] ; then continue ; fi
-	CLASSPATH=$jarfile:$CLASSPATH
-done
-for plugin in "@PLUGINJAVADIR@"/* ; do
-	if [ ! -e "$plugin" ] ; then continue ; fi
-	CLASSPATH=$plugin:$CLASSPATH
-done
-export CLASSPATH
-
-set -e
-cd "@CPLIBDIR@"
-echo Current directory is "$PWD"
-echo CLASSPATH to run the console proxy: "$CLASSPATH"
-
-export PATH=/sbin:/usr/sbin:"$PATH"
-SERVICEARGS=
-for x in private public ; do
-	configuration=`grep -q "^$x.network.device" "@CPSYSCONFDIR@"/agent.properties || true`
-	if [ -n "$CONFIGURATION" ] ; then
-		echo "Using manually-configured network device $CONFIGURATION"
-	else
-		defaultroute=`ip route | grep ^default | cut -d ' ' -f 5`
-		test -n "$defaultroute"
-		echo "Using auto-discovered network device $defaultroute which is the default route"
-		SERVICEARGS="$SERVICEARGS $x.network.device="$defaultroute
-	fi
-done
-
-function termagent() {
-    if [ "$agentpid" != "" ] ; then
-	echo Killing VMOps Console Proxy "(PID $agentpid)" with SIGTERM >&2
-	kill -TERM $agentpid
-	echo Waiting for agent to exit >&2
-	wait $agentpid
-	ex=$?
-	echo Agent exited with return code $ex >&2	
-    else
-	echo Agent PID is unknown >&2
-    fi
-}
-
-trap termagent TERM
-while true ; do
-	java -Xms128M -Xmx384M -cp "$CLASSPATH" "$@" com.cloud.agent.AgentShell $SERVICEARGS &
-	agentpid=$!
-	echo "Console Proxy started.  PID: $!" >&2
-	wait $agentpid
-	ex=$?
-	if [ $ex -gt 128 ]; then
-		echo "wait on console proxy process interrupted by SIGTERM" >&2
-		exit $ex
-	fi
-	echo "Console proxy exited with return code $ex" >&2
-	if [ $ex -eq 0 ] || [ $ex -eq 1 ] || [ $ex -eq 66 ] || [ $ex -gt 128 ]; then
-		echo "Exiting..." > /dev/stderr
-		exit $ex
-	fi
-	echo "Restarting console proxy..." > /dev/stderr
-	sleep 1
-done

systemvm/patches/debian/README

@@ -1,34 +0,0 @@
-####################################################
- Note there is a new systemvm build script based on
- Veewee(Vagrant) under tools/appliance.
-####################################################
-
-1. The buildsystemvm.sh script builds a 32-bit system vm disk based on the Debian Squeeze distro. This system vm can boot on any hypervisor thanks to the pvops support in the kernel. It is fully automated
-2. The files under config/ are the specific tweaks to the default Debian configuration that are required for CloudStack operation.
-3. The variables at the top of the buildsystemvm.sh script can be customized:
-	IMAGENAME=systemvm # dont touch this
-	LOCATION=/var/lib/images/systemvm #
-	MOUNTPOINT=/mnt/$IMAGENAME/ # this is where the image is mounted on your host while the vm image is built
-	IMAGELOC=$LOCATION/$IMAGENAME.img
-	PASSWORD=password # password for the vm
-	APT_PROXY= #you can put in an APT cacher such as apt-cacher-ng
-	HOSTNAME=systemvm # dont touch this
-	SIZE=2000 # dont touch this for now
-	DEBIAN_MIRROR=ftp.us.debian.org/debian 
-	MINIMIZE=true # if this is true, a lot of docs, fonts, locales and apt cache is wiped out
-
-4. The systemvm includes the (non-free) Sun JRE. You can put in the standard debian jre-headless package instead but it pulls in X and bloats the image. 
-5. You need to be 'root' to run the buildsystemvm.sh script
-6. The image is a raw image. You can run the convert.sh tool to produce images suitable for Citrix Xenserver, VMWare and KVM. 
-   * Conversion to Citrix Xenserver VHD format requires the vhd-util tool. You can use the 
-       -- checked in config/bin/vhd-util) OR
-       -- build the vhd-util tool yourself as follows:
-           a. The xen repository has a tool called vhd-util that compiles and runs on any linux system (http://xenbits.xensource.com/xen-4.0-testing.hg?file/8e8dd38374e9/tools/blktap2/vhd/ or full Xen source at http://www.xen.org/products/xen_source.html).
-           b. Apply this patch: http://lists.xensource.com/archives/cgi-bin/mesg.cgi?a=xen-devel&i=006101cb22f6%242004dd40%24600e97c0%24%40zhuo%40cloudex.cn.
-           c. Build the vhd-util tool
-               cd tools/blktap2
-               make
-               sudo make install
-   * Conversion to ova (VMWare) requires the ovf tool, available from 
-       http://communities.vmware.com/community/vmtn/server/vsphere/automationtools/ovf
-   * Conversion to QCOW2 requires qemu-img

systemvm/patches/debian/config/etc/chef/node.json

@@ -1,5 +0,0 @@
-{
-  "run_list": [
-    "recipe[csip::default]"
-  ]
-}

systemvm/patches/debian/config/etc/chef/solo.rb

@@ -1,21 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-data_bags_path "/var/chef/data_bags"
-cookbook_path "/var/chef/cookbooks"
-log_level :debug
-log_location STDOUT

systemvm/patches/debian/config/opt/cloud/templates/README

@@ -1,2 +0,0 @@
-These are the templates for the redundant router 
-and redundant vpc_router

systemvm/patches/debian/config/opt/cloud/testdata/acl0001.json

@@ -1,54 +0,0 @@
-{
-    "eth2": {
-        "device": "eth2", 
-        "egress_rules": [
-            {
-                "allowed": false, 
-                "cidr": "10.0.6.0/8", 
-                "first_port": 60, 
-                "last_port": 60, 
-                "type": "tcp"
-            }
-        ], 
-        "ingress_rules": [
-            {
-                "allowed": true, 
-                "cidr": "10.0.1.0/8", 
-                "protocol": 41, 
-                "type": "protocol"
-            }, 
-            {
-                "allowed": true, 
-                "cidr": "10.0.4.0/8", 
-                "type": "all"
-            }, 
-            {
-                "allowed": true, 
-                "cidr": "10.0.3.0/8", 
-                "icmp_code": -1, 
-                "icmp_type": -1, 
-                "type": "icmp"
-            }, 
-            {
-                "allowed": true, 
-                "cidr": "10.0.2.0/8", 
-                "first_port": 40, 
-                "last_port": 40, 
-                "type": "udp"
-            }, 
-            {
-                "allowed": true, 
-                "cidr": "10.0.1.0/8", 
-                "first_port": 30, 
-                "last_port": 30, 
-                "type": "tcp"
-            }
-        ], 
-        "mac_address": "02:00:0d:7b:00:04", 
-        "nic_ip": "172.16.1.1", 
-        "nic_netmask": "24", 
-        "private_gateway_acl": false, 
-        "type": "networkacl"
-    }, 
-    "id": "networkacl"
-}

systemvm/patches/debian/config/root/redundant_router/arping_gateways.sh.templ

@@ -1,29 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-ip link|grep BROADCAST|grep -v eth0|grep -v eth1|cut -d ":" -f 2 > /tmp/iflist
-while read i
-do
-    ip addr show $i|grep "inet " > /tmp/iplist_$i
-    while read line
-    do
-        ip=`echo $line|cut -d " " -f 2|cut -d "/" -f 1`
-        arping -I $i -A $ip -c 1 >> [RROUTER_LOG] 2>&1
-        arping -I $i -A $ip -c 1 >> [RROUTER_LOG] 2>&1
-    done < /tmp/iplist_$i
-done < /tmp/iflist
-sleep 1

systemvm/patches/debian/config/root/redundant_router/backup.sh.templ

@@ -1,39 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-sleep 1
-
-source /root/func.sh
-
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
-    exit 1
-fi
-
-echo To backup called >> [RROUTER_LOG]
-[RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1
-echo Disable public ip $? >> [RROUTER_LOG]
-[RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1
-[RROUTER_BIN_PATH]/primary-backup.sh backup >> [RROUTER_LOG] 2>&1
-echo Switch conntrackd mode backup $? >> [RROUTER_LOG]
-echo Status: BACKUP >> [RROUTER_LOG]
-
-releaseLockFile $lock $locked
-exit 0

systemvm/patches/debian/config/root/redundant_router/check_bumpup.sh

@@ -1,19 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-cat /tmp/rrouter_bumped

systemvm/patches/debian/config/root/redundant_router/check_heartbeat.sh.templ

@@ -1,60 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-ROUTER_BIN_PATH=/ramdisk/rrouter
-STRIKE_FILE="$ROUTER_BIN_PATH/keepalived.strikes"
-
-if [ -e [RROUTER_BIN_PATH]/keepalived.ts2 ]
-then
-    lasttime=$(cat [RROUTER_BIN_PATH]/keepalived.ts2)
-    thistime=$(cat [RROUTER_BIN_PATH]/keepalived.ts)
-    diff=$(($thistime - $lasttime))
-    s=0
-    if [ $diff -lt 30 ]
-    then
-        if [ -e $STRIKE_FILE ]
-        then
-            s=`cat $STRIKE_FILE 2>/dev/null`
-        fi
-        s=$(($s+1))
-        echo $s > $STRIKE_FILE
-    else
-        if [ -e $STRIKE_FILE ]
-        then
-            rm $STRIKE_FILE
-        else
-            echo keepalived.strikes file does not exist! >> $ROUTER_LOG
-        fi
-    fi
-    #3 strikes rule
-    if [ $s -gt 2 ]
-    then
-        echo Keepalived process is dead! >> [RROUTER_LOG]
-        [RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1
-        [RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1
-        [RROUTER_BIN_PATH]/primary-backup.sh fault >> [RROUTER_LOG] 2>&1
-        service keepalived stop >> [RROUTER_LOG] 2>&1
-        service conntrackd stop >> [RROUTER_LOG] 2>&1
-        pkill -9 keepalived >> [RROUTER_LOG] 2>&1
-        pkill -9 conntrackd >> [RROUTER_LOG] 2>&1
-        echo Status: FAULT \(keepalived process is dead\) >> [RROUTER_LOG]
-        exit
-    fi
-fi
-
-cp [RROUTER_BIN_PATH]/keepalived.ts [RROUTER_BIN_PATH]/keepalived.ts2

systemvm/patches/debian/config/root/redundant_router/checkrouter.sh.templ

@@ -1,56 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-source /root/func.sh
-
-nolock=0
-if [ $# -eq 1 ]
-then
-    if [ $1 == "--no-lock" ]
-    then
-        nolock=1
-    fi
-fi
-
-if [ $nolock -eq 0 ]
-then
-    lock="biglock"
-    locked=$(getLockFile $lock)
-    if [ "$locked" != "1" ]
-    then
-        exit 1
-    fi
-fi
-
-bumped="Bumped: NO"
-if [ -e /tmp/rrouter_bumped ]
-then
-    bumped="Bumped: YES"
-fi
-
-stat=`tail -n 1 [RROUTER_LOG] | grep "Status"`
-if [ $? -eq 0 ]
-then
-    echo "$stat&$bumped"
-fi
-
-if [ $nolock -eq 0 ]
-then
-    unlock_exit $? $lock $locked
-fi

systemvm/patches/debian/config/root/redundant_router/conntrackd.conf.templ

@@ -1,401 +0,0 @@
-#
-# Synchronizer settings
-#
-Sync {
-	Mode FTFW {
-		#
-		# Size of the resend queue (in objects). This is the maximum
-		# number of objects that can be stored waiting to be confirmed
-		# via acknoledgment. If you keep this value low, the daemon
-		# will have less chances to recover state-changes under message
-		# omission. On the other hand, if you keep this value high,
-		# the daemon will consume more memory to store dead objects.
-		# Default is 131072 objects.
-		#
-		# ResendQueueSize 131072
-
-		#
-		# This parameter allows you to set an initial fixed timeout
-		# for the committed entries when this node goes from backup
-		# to primary. This mechanism provides a way to purge entries
-		# that were not recovered appropriately after the specified
-		# fixed timeout. If you set a low value, TCP entries in
-		# Established states with no traffic may hang. For example,
-		# an SSH connection without KeepAlive enabled. If not set,
-		# the daemon uses an approximate timeout value calculation
-		# mechanism. By default, this option is not set.
-		#
-		# CommitTimeout 180
-
-		#
-		# If the firewall replica goes from primary to backup,
-		# the conntrackd -t command is invoked in the script. 
-		# This command schedules a flush of the table in N seconds.
-		# This is useful to purge the connection tracking table of
-		# zombie entries and avoid clashes with old entries if you
-		# trigger several consecutive hand-overs. Default is 60 seconds.
-		#
-		# PurgeTimeout 60
-
-		# Set the acknowledgement window size. If you decrease this
-		# value, the number of acknowlegdments increases. More
-		# acknowledgments means more overhead as conntrackd has to
-		# handle more control messages. On the other hand, if you
-		# increase this value, the resend queue gets more populated.
-		# This results in more overhead in the queue releasing.
-		# The following value is based on some practical experiments
-		# measuring the cycles spent by the acknowledgment handling
-		# with oprofile. If not set, default window size is 300.
-		#
-		# ACKWindowSize 300
-
-		#
-		# This clause allows you to disable the external cache. Thus,
-		# the state entries are directly injected into the kernel
-		# conntrack table. As a result, you save memory in user-space
-		# but you consume slots in the kernel conntrack table for
-		# backup state entries. Moreover, disabling the external cache
-		# means more CPU consumption. You need a Linux kernel
-		# >= 2.6.29 to use this feature. By default, this clause is
-		# set off. If you are installing conntrackd for first time,
-		# please read the user manual and I encourage you to consider
-		# using the fail-over scripts instead of enabling this option!
-		#
-		# DisableExternalCache Off
-	}
-
-	#
-	# Multicast IP and interface where messages are
-	# broadcasted (dedicated link). IMPORTANT: Make sure
-	# that iptables accepts traffic for destination
-	# 225.0.0.50, eg:
-	#
-	#	iptables -I INPUT -d 225.0.0.50 -j ACCEPT
-	#	iptables -I OUTPUT -d 225.0.0.50 -j ACCEPT
-	#
-	Multicast {
-		# 
-		# Multicast address: The address that you use as destination
-		# in the synchronization messages. You do not have to add
-		# this IP to any of your existing interfaces. If any doubt,
-		# do not modify this value.
-		#
-		IPv4_address 225.0.0.50
-
-		#
-		# The multicast group that identifies the cluster. If any
-		# doubt, do not modify this value.
-		#
-		Group 3780
-
-		#
-		# IP address of the interface that you are going to use to
-		# send the synchronization messages. Remember that you must
-		# use a dedicated link for the synchronization messages.
-		#
-		IPv4_interface [LINK_IP]
-
-		#
-		# The name of the interface that you are going to use to
-		# send the synchronization messages.
-		#
-		Interface [LINK_IF]
-
-		# The multicast sender uses a buffer to enqueue the packets
-		# that are going to be transmitted. The default size of this
-		# socket buffer is available at /proc/sys/net/core/wmem_default.
-		# This value determines the chances to have an overrun in the
-		# sender queue. The overrun results packet loss, thus, losing
-		# state information that would have to be retransmitted. If you
-		# notice some packet loss, you may want to increase the size
-		# of the sender buffer. The default size is usually around
-		# ~100 KBytes which is fairly small for busy firewalls.
-		#
-		SndSocketBuffer 1249280
-
-		# The multicast receiver uses a buffer to enqueue the packets
-		# that the socket is pending to handle. The default size of this
-		# socket buffer is available at /proc/sys/net/core/rmem_default.
-		# This value determines the chances to have an overrun in the
-		# receiver queue. The overrun results packet loss, thus, losing
-		# state information that would have to be retransmitted. If you
-		# notice some packet loss, you may want to increase the size of
-		# the receiver buffer. The default size is usually around
-		# ~100 KBytes which is fairly small for busy firewalls.
-		#
-		RcvSocketBuffer 1249280
-
-		# 
-		# Enable/Disable message checksumming. This is a good
-		# property to achieve fault-tolerance. In case of doubt, do
-		# not modify this value.
-		#
-		Checksum on
-	}
-	#
-	# You can specify more than one dedicated link. Thus, if one dedicated
-	# link fails, conntrackd can fail-over to another. Note that adding
-	# more than one dedicated link does not mean that state-updates will
-	# be sent to all of them. There is only one active dedicated link at
-	# a given moment. The `Default' keyword indicates that this interface
-	# will be selected as the initial dedicated link. You can have 
-	# up to 4 redundant dedicated links. Note: Use different multicast 
-	# groups for every redundant link.
-	#
-	# Multicast Default {
-	#	IPv4_address 225.0.0.51
-	#	Group 3781
-	#	IPv4_interface 192.168.100.101
-	#	Interface eth3
-	#	# SndSocketBuffer 1249280
-	#	# RcvSocketBuffer 1249280
-	#	Checksum on
-	# }
-
-	#
-	# You can use Unicast UDP instead of Multicast to propagate events.
-	# Note that you cannot use unicast UDP and Multicast at the same
-	# time, you can only select one.
-	# 
-	# UDP {
-		# 
-		# UDP address that this firewall uses to listen to events.
-		#
-		# IPv4_address 192.168.2.100
-		#
-		# or you may want to use an IPv6 address:
-		#
-		# IPv6_address fe80::215:58ff:fe28:5a27
-
-		#
-		# Destination UDP address that receives events, ie. the other
-		# firewall's dedicated link address.
-		#
-		# IPv4_Destination_Address 192.168.2.101
-		#
-		# or you may want to use an IPv6 address:
-		#
-		# IPv6_Destination_Address fe80::2d0:59ff:fe2a:775c
-
-		#
-		# UDP port used
-		#
-		# Port 3780
-
-		#
-		# The name of the interface that you are going to use to
-		# send the synchronization messages.
-		#
-		# Interface eth2
-
-		# 
-		# The sender socket buffer size
-		#
-		# SndSocketBuffer 1249280
-
-		#
-		# The receiver socket buffer size
-		#
-		# RcvSocketBuffer 1249280
-
-		# 
-		# Enable/Disable message checksumming. 
-		#
-		# Checksum on
-	# }
-
-}
-
-#
-# General settings
-#
-General {
-	#
-	# Set the nice value of the daemon, this value goes from -20
-	# (most favorable scheduling) to 19 (least favorable). Using a
-	# very low value reduces the chances to lose state-change events.
-	# Default is 0 but this example file sets it to most favourable
-	# scheduling as this is generally a good idea. See man nice(1) for
-	# more information.
-	#
-	Nice -20
-
-	#
-	# Select a different scheduler for the daemon, you can select between
-	# RR and FIFO and the process priority (minimum is 0, maximum is 99).
-	# See man sched_setscheduler(2) for more information. Using a RT
-	# scheduler reduces the chances to overrun the Netlink buffer.
-	#
-	# Scheduler {
-	#	Type FIFO
-	#	Priority 99
-	# }
-
-	#
-	# Number of buckets in the cache hashtable. The bigger it is,
-	# the closer it gets to O(1) at the cost of consuming more memory.
-	# Read some documents about tuning hashtables for further reference.
-	#
-	HashSize 32768
-
-	#
-	# Maximum number of conntracks, it should be double of: 
-	# $ cat /proc/sys/net/netfilter/nf_conntrack_max
-	# since the daemon may keep some dead entries cached for possible
-	# retransmission during state synchronization.
-	#
-	HashLimit 131072
-
-	#
-	# Logfile: on (/var/log/conntrackd.log), off, or a filename
-	# Default: off
-	#
-	LogFile on
-
-	#
-	# Syslog: on, off or a facility name (daemon (default) or local0..7)
-	# Default: off
-	#
-	#Syslog on
-
-	#
-	# Lockfile
-	# 
-	LockFile /var/lock/conntrack.lock
-
-	#
-	# Unix socket configuration
-	#
-	UNIX {
-		Path /var/run/conntrackd.ctl
-		Backlog 20
-	}
-
-	#
-	# Netlink event socket buffer size. If you do not specify this clause,
-	# the default buffer size value in /proc/net/core/rmem_default is
-	# used. This default value is usually around 100 Kbytes which is
-	# fairly small for busy firewalls. This leads to event message dropping
-	# and high CPU consumption. This example configuration file sets the
-	# size to 2 MBytes to avoid this sort of problems.
-	#
-	NetlinkBufferSize 2097152
-
-	#
-	# The daemon doubles the size of the netlink event socket buffer size
-	# if it detects netlink event message dropping. This clause sets the
-	# maximum buffer size growth that can be reached. This example file
-	# sets the size to 8 MBytes.
-	#
-	NetlinkBufferSizeMaxGrowth 8388608
-
-	#
-	# If the daemon detects that Netlink is dropping state-change events,
-	# it automatically schedules a resynchronization against the Kernel
-	# after 30 seconds (default value). Resynchronizations are expensive
-	# in terms of CPU consumption since the daemon has to get the full
-	# kernel state-table and purge state-entries that do not exist anymore.
-	# Be careful of setting a very small value here. You have the following
-	# choices: On (enabled, use default 30 seconds value), Off (disabled)
-	# or Value (in seconds, to set a specific amount of time). If not
-	# specified, the daemon assumes that this option is enabled.
-	#
-	# NetlinkOverrunResync On
-
-	#
-	# If you want reliable event reporting over Netlink, set on this
-	# option. If you set on this clause, it is a good idea to set off
-	# NetlinkOverrunResync. This option is off by default and you need
-	# a Linux kernel >= 2.6.31.
-	#
-	# NetlinkEventsReliable Off
-
-	# 
-	# By default, the daemon receives state updates following an
-	# event-driven model. You can modify this behaviour by switching to
-	# polling mode with the PollSecs clause. This clause tells conntrackd
-	# to dump the states in the kernel every N seconds. With regards to
-	# synchronization mode, the polling mode can only guarantee that
-	# long-lifetime states are recovered. The main advantage of this method
-	# is the reduction in the state replication at the cost of reducing the
-	# chances of recovering connections.
-	#
-	# PollSecs 15
-
-	#
-	# The daemon prioritizes the handling of state-change events coming
-	# from the core. With this clause, you can set the maximum number of
-	# state-change events (those coming from kernel-space) that the daemon
-	# will handle after which it will handle other events coming from the
-	# network or userspace. A low value improves interactivity (in terms of
-	# real-time behaviour) at the cost of extra CPU consumption.
-	# Default (if not set) is 100.
-	#
-	# EventIterationLimit 100
-
-	#
-	# Event filtering: This clause allows you to filter certain traffic,
-	# There are currently three filter-sets: Protocol, Address and
-	# State. The filter is attached to an action that can be: Accept or
-	# Ignore. Thus, you can define the event filtering policy of the
-	# filter-sets in positive or negative logic depending on your needs.
-	# You can select if conntrackd filters the event messages from 
-	# user-space or kernel-space. The kernel-space event filtering
-	# saves some CPU cycles by avoiding the copy of the event message
-	# from kernel-space to user-space. The kernel-space event filtering
-	# is prefered, however, you require a Linux kernel >= 2.6.29 to
-	# filter from kernel-space. If you want to select kernel-space 
-	# event filtering, use the keyword 'Kernelspace' instead of 
-	# 'Userspace'.
-	#
-	Filter From Userspace {
-		#
-		# Accept only certain protocols: You may want to replicate
-		# the state of flows depending on their layer 4 protocol.
-		#
-		Protocol Accept {
-			TCP
-			SCTP
-			DCCP
-			# UDP
-			# ICMP # This requires a Linux kernel >= 2.6.31
-		}
-
-		#
-		# Ignore traffic for a certain set of IP's: Usually all the
-		# IP assigned to the firewall since local traffic must be
-		# ignored, only forwarded connections are worth to replicate.
-		# Note that these values depends on the local IPs that are
-		# assigned to the firewall.
-		#
-		Address Ignore {
-			IPv4_address 127.0.0.1 # loopback
-            IPv4_address [IGNORE_IP1]
-            IPv4_address [IGNORE_IP2]
-            IPv4_address [IGNORE_IP3]
-			#IPv4_address 192.168.0.100 # virtual IP 1
-			#IPv4_address 192.168.1.100 # virtual IP 2
-			#IPv4_address 192.168.0.1
-			#IPv4_address 192.168.1.1
-			#IPv4_address 192.168.100.100 # dedicated link ip
-			#
-			# You can also specify networks in format IP/cidr.
-			# IPv4_address 192.168.0.0/24
-			#
-			# You can also specify an IPv6 address
-			# IPv6_address ::1
-		}
-
-		#
-		# Uncomment this line below if you want to filter by flow state.
-		# This option introduces a trade-off in the replication: it
-		# reduces CPU consumption at the cost of having lazy backup 
-		# firewall replicas. The existing TCP states are: SYN_SENT,
-		# SYN_RECV, ESTABLISHED, FIN_WAIT, CLOSE_WAIT, LAST_ACK,
-		# TIME_WAIT, CLOSED, LISTEN.
-		#
-		# State Accept {
-		#	ESTABLISHED CLOSED TIME_WAIT CLOSE_WAIT for TCP
-		# }
-	}
-}

systemvm/patches/debian/config/root/redundant_router/disable_pubip.sh

@@ -1,23 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-ip link|grep BROADCAST|grep -v eth0|grep -v eth1|cut -d ":" -f 2 > /tmp/iflist
-while read i
-do
-    ifconfig $i down
-done < /tmp/iflist

systemvm/patches/debian/config/root/redundant_router/enable_pubip.sh.templ

@@ -1,50 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-ip link|grep BROADCAST|grep -v eth0|grep -v eth1|cut -d ":" -f 2 > /tmp/iflist
-ip addr show eth2 | grep "inet" 2>&1 > /dev/null
-is_init=$?
-
-set -e
-
-while read i
-do
-    # if eth2'ip has already been configured, we would use ifconfig rather than ifdown/ifup
-    if [ "$i" == "eth2" -a "$is_init" != "0" ]
-    then
-        ifdown $i
-        ifup $i
-    else
-        ifconfig $i down
-        ifconfig $i up
-    fi
-done < /tmp/iflist
-ip route add default via [GATEWAY] dev eth2
-
-while read line
-do
-dev=$(echo $line | awk '{print $1'})
-gw=$(echo $line | awk '{print $2'})
-
-if [ "$dev" == "eth2" ]
-then
-    continue;
-fi
-ip route add default via $gw table Table_$dev proto static
-
-done < /var/cache/cloud/ifaceGwIp

systemvm/patches/debian/config/root/redundant_router/fault.sh.templ

@@ -1,37 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-source /root/func.sh
-
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
-    exit 1
-fi
-
-echo To fault called >> [RROUTER_LOG]
-[RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1
-echo Disable public ip >> [RROUTER_LOG]
-[RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1
-echo Stop services $? >> [RROUTER_LOG]
-[RROUTER_BIN_PATH]/primary-backup.sh fault >> [RROUTER_LOG] 2>&1
-echo Switch conntrackd mode fault $? >> [RROUTER_LOG]
-echo Status: FAULT >> [RROUTER_LOG]
-
-releaseLockFile $lock $locked

systemvm/patches/debian/config/root/redundant_router/heartbeat.sh.templ

@@ -1,20 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-t=$(date +%s)
-echo $t > [RROUTER_BIN_PATH]/keepalived.ts

systemvm/patches/debian/config/root/redundant_router/keepalived.conf.templ

@@ -1,57 +0,0 @@
-! Licensed to the Apache Software Foundation (ASF) under one
-! or more contributor license agreements.  See the NOTICE file
-! distributed with this work for additional information
-! regarding copyright ownership.  The ASF licenses this file
-! to you under the Apache License, Version 2.0 (the
-! "License"); you may not use this file except in compliance
-! with the License.  You may obtain a copy of the License at
-!
-!   http://www.apache.org/licenses/LICENSE-2.0
-!
-! Unless required by applicable law or agreed to in writing,
-! software distributed under the License is distributed on an
-! "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-! KIND, either express or implied.  See the License for the
-! specific language governing permissions and limitations
-! under the License.
-
-global_defs {
-   router_id [ROUTER_ID]
-}
-
-vrrp_script check_bumpup {
-    script "[RROUTER_BIN_PATH]/check_bumpup.sh"
-    interval 5
-    weight [DELTA]
-}
-
-vrrp_script heartbeat {
-    script "[RROUTER_BIN_PATH]/heartbeat.sh"
-    interval 10
-}
-
-vrrp_instance inside_network {
-    state BACKUP
-    interface eth0
-    virtual_router_id 51
-    priority [PRIORITY]
-
-    advert_int 1
-    authentication {
-        auth_type PASS
-        auth_pass WORD
-    }
-
-    virtual_ipaddress {
-        [ROUTER_IP] brd [BOARDCAST] dev eth0
-    }
-
-    track_script {
-        check_bumpup
-        heartbeat
-    }
-
-    notify_master "[RROUTER_BIN_PATH]/master.sh"
-    notify_backup "[RROUTER_BIN_PATH]/backup.sh"
-    notify_fault "[RROUTER_BIN_PATH]/fault.sh"
-}

systemvm/patches/debian/config/root/redundant_router/master.sh.templ

@@ -1,60 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-source /root/func.sh
-
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
-    exit 1
-fi
-
-echo To master called >> [RROUTER_LOG]
-[RROUTER_BIN_PATH]/enable_pubip.sh >> [RROUTER_LOG] 2>&1
-ret=$?
-if [ $ret -eq 0 ]
-then
-    [RROUTER_BIN_PATH]/services.sh restart >> [RROUTER_LOG] 2>&1
-    ret=$?
-fi
-last_msg=`tail -n 1 [RROUTER_LOG]`
-echo Enable public ip returned $ret >> [RROUTER_LOG]
-if [ $ret -ne 0 ]
-then
-    echo Fail to enable public ip! >> [RROUTER_LOG]
-    [RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1
-    [RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1
-    service keepalived stop >> [RROUTER_LOG] 2>&1
-    service conntrackd stop >> [RROUTER_LOG] 2>&1
-    echo Status: FAULT \($last_msg\) >> [RROUTER_LOG]
-    releaseLockFile $lock $locked
-    exit
-fi
-[RROUTER_BIN_PATH]/primary-backup.sh primary >> [RROUTER_LOG] 2>&1
-ret=$?
-echo Switch conntrackd mode primary returned $ret >> [RROUTER_LOG]
-if [ $ret -ne 0 ]
-then
-    echo Fail to switch conntrackd mode, but try to continue working >> [RROUTER_LOG]
-fi
-[RROUTER_BIN_PATH]/arping_gateways.sh
-echo Status: MASTER >> [RROUTER_LOG]
-
-releaseLockFile $lock $locked
-exit 0

systemvm/patches/debian/config/root/redundant_router/primary-backup.sh.templ

@@ -1,126 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-CONNTRACKD_BIN=/usr/sbin/conntrackd
-CONNTRACKD_LOCK=/var/lock/conntrack.lock
-CONNTRACKD_CONFIG=/etc/conntrackd/conntrackd.conf
-CONNTRACKD_LOG=[RROUTER_LOG]
-
-case "$1" in
-  primary)
-    #
-    # commit the external cache into the kernel table
-    #
-    $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -c
-    if [ $? -eq 1 ]
-    then
-        logger "ERROR: failed to invoke conntrackd -c"
-    fi
-
-    #
-    # flush the internal and the external caches
-    #
-    $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -f
-    if [ $? -eq 1 ]
-    then
-    	logger "ERROR: failed to invoke conntrackd -f"
-    fi
-
-    #
-    # resynchronize my internal cache to the kernel table
-    #
-    $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -R
-    if [ $? -eq 1 ]
-    then
-    	logger "ERROR: failed to invoke conntrackd -R"
-    fi
-
-    #
-    # send a bulk update to backups 
-    #
-    $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -B
-    if [ $? -eq 1 ]
-    then
-        logger "ERROR: failed to invoke conntrackd -B"
-    fi
-    echo Conntrackd switch to primary done >> $CONNTRACKD_LOG
-    ;;
-  backup)
-    #
-    # is conntrackd running? request some statistics to check it
-    #
-    $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -s
-    if [ $? -eq 1 ]
-    then
-        #
-	# something's wrong, do we have a lock file?
-	#
-    	if [ -f $CONNTRACKD_LOCK ]
-	then
-	    logger "WARNING: conntrackd was not cleanly stopped."
-	    logger "If you suspect that it has crashed:"
-	    logger "1) Enable coredumps"
-	    logger "2) Try to reproduce the problem"
-	    logger "3) Post the coredump to netfilter-devel@vger.kernel.org"
-	    rm -f $CONNTRACKD_LOCK
-	fi
-	$CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -d
-	if [ $? -eq 1 ]
-	then
-	    logger "ERROR: cannot launch conntrackd"
-	    exit 1
-	fi
-    fi
-    #
-    # shorten kernel conntrack timers to remove the zombie entries.
-    #
-    $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -t
-    if [ $? -eq 1 ]
-    then
-    	logger "ERROR: failed to invoke conntrackd -t"
-    fi
-
-    #
-    # request resynchronization with master firewall replica (if any)
-    # Note: this does nothing in the alarm approach.
-    #
-    $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -n
-    if [ $? -eq 1 ]
-    then
-    	logger "ERROR: failed to invoke conntrackd -n"
-    fi
-    echo Conntrackd switch to backup done >> $CONNTRACKD_LOG
-    ;;
-  fault)
-    #
-    # shorten kernel conntrack timers to remove the zombie entries.
-    #
-    $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -t
-    if [ $? -eq 1 ]
-    then
-    	logger "ERROR: failed to invoke conntrackd -t"
-    fi
-    echo Conntrackd switch to fault done >> $CONNTRACKD_LOG
-    ;;
-  *)
-    logger "conntrackd: ERROR: unknown state transition: " $1
-    echo "Usage: primary-backup.sh {primary|backup|fault}"
-    exit 1
-    ;;
-esac
-
-exit 0

systemvm/patches/debian/config/root/redundant_router/services.sh

@@ -1,68 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-vpn_service() {
-	ps aux|grep ipsec | grep -v grep > /dev/null
-	no_vpn=$?
-	if [ $no_vpn -eq 1 ]
-	then
-		return 0
-	fi
-	r=0
-	case "$1" in
-		stop)
-			service ipsec stop && \
-			service xl2tpd stop
-			r=$?
-			;;
-		restart)
-			service ipsec restart && \
-			service xl2tpd restart
-			r=$?
-			;;
-	esac
-	return $r
-}
-
-ret=0
-case "$1" in
-    start)
-	vpn_service restart && \
-        service cloud-passwd-srvr start && \
-        service dnsmasq start
-	ret=$?
-        ;;
-    stop)
-	vpn_service stop && \
-        service cloud-passwd-srvr stop && \
-        service dnsmasq stop
-	ret=$?
-        ;;
-    restart)
-	vpn_service restart && \
-        service cloud-passwd-srvr restart && \
-        service dnsmasq restart
-	ret=$?
-        ;;
-    *)
-        echo "Usage: services {start|stop|restart}"
-        exit 1
-	;;
-esac
-
-exit $ret

systemvm/patches/debian/convert.sh

@@ -1,64 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-# 
-#   http://www.apache.org/licenses/LICENSE-2.0
-# 
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-
- 
-
-
-begin=$(date +%s)
-echo "Backing up systemvm.img"
-cp systemvm.img systemvm.img.tmp
-echo "Converting raw image to fixed vhd"
-vhd-util convert -s 0 -t 1 -i systemvm.img.tmp -o systemvm.vhd &> /dev/null
-echo "Converting fixed vhd to dynamic vhd"
-vhd-util convert -s 1 -t 2 -i systemvm.vhd -o systemvm.vhd &> /dev/null
-echo "Compressing vhd..."
-bzip2 -c systemvm.vhd > systemvm.vhd.bz2
-echo "Done VHD"
-
-echo "Converting raw image to qcow2"
-qemu-img  convert -f raw -O qcow2 systemvm.img systemvm.qcow2
-echo "Compressing qcow2..."
-bzip2 -c systemvm.qcow2 > systemvm.qcow2.bz2
-echo "Done qcow2"
-echo "Converting raw image to vmdk"
-qemu-img  convert -f raw -O vmdk systemvm.img systemvm.vmdk
-echo "Done creating vmdk"
-echo "Creating ova appliance "
-ovftool systemvm.vmx systemvm.ova
-echo "Done creating OVA"
-echo "Cleaning up..."
-rm -vf systemvm.vmdk
-rm -vf systemvm.vhd.bak
-
-echo "Compressing raw image..."
-bzip2 -c systemvm.img > systemvm.img.bz2
-echo "Done compressing raw image"
-
-echo "Generating md5sums"
-md5sum systemvm.img  > md5sum
-md5sum systemvm.img.bz2  >> md5sum
-md5sum systemvm.vhd  >> md5sum
-md5sum systemvm.vhd.bz2  >> md5sum
-md5sum systemvm.qcow2  >> md5sum
-md5sum systemvm.qcow2.bz2  >> md5sum
-md5sum systemvm.ova  >> md5sum
-fin=$(date +%s)
-t=$((fin-begin))
-echo "Finished compressing/converting image in $t seconds"

systemvm/patches/debian/etc/apache2/vhost.template

@@ -235,4 +235,3 @@ Listen 10.1.1.1:80
 <IfModule mod_gnutls.c>
     Listen 10.1.1.1:443
 </IfModule>
-

systemvm/patches/debian/etc/cloud-nic.rules

@@ -1,2 +1 @@
 SUBSYSTEM=="net" KERNEL=="eth*" RUN+="/opt/cloud/bin/cloud-nic.sh $env{ACTION} %k"
-

systemvm/patches/debian/etc/iptables/iptables-elbvm

@@ -31,4 +31,3 @@ COMMIT
 -A INPUT -i lo -j ACCEPT
 -A INPUT -i eth1 -p tcp -m state --state NEW --dport 3922 -j ACCEPT
 COMMIT
-