diff --git a/patches/systemvm/debian/buildsystemvm.sh b/patches/systemvm/debian/buildsystemvm.sh index de65f717e57..61a1d0c3b2f 100755 --- a/patches/systemvm/debian/buildsystemvm.sh +++ b/patches/systemvm/debian/buildsystemvm.sh @@ -31,7 +31,7 @@ HOSTNAME=systemvm SIZE=2000 DEBIAN_MIRROR=ftp.us.debian.org/debian MINIMIZE=true -CLOUDSTACK_RELEASE=2.2 +CLOUDSTACK_RELEASE=3.0 offset=4096 baseimage() { mkdir -p $LOCATION @@ -382,6 +382,8 @@ packages() { chroot . apt-get --no-install-recommends -q -y --force-yes install xenstore-utils libxenstore3.0 #keepalived and conntrackd chroot . apt-get --no-install-recommends -q -y --force-yes install keepalived conntrackd ipvsadm libnetfilter-conntrack3 libnl1 + #ipcalc + chroot . apt-get --no-install-recommends -q -y --force-yes install ipcalc echo "***** getting sun jre 6*********" chroot . echo 'sun-java6-bin shared/accepted-sun-dlj-v1-1 boolean true @@ -391,7 +393,6 @@ packages() { sun-java6-bin shared/present-sun-dlj-v1-1 note sun-java6-jre shared/present-sun-dlj-v1-1 note ' | chroot . debconf-set-selections chroot . apt-get --no-install-recommends -q -y install sun-java6-jre - } @@ -427,6 +428,16 @@ services() { chroot . chkconfig monit off } +dhcp_fix() { + #deal with virtio DHCP issue, copy and install customized kernel module and iptables + mkdir -p tmp + cp /tmp/systemvm/xt_CHECKSUM.ko lib/modules/2.6.32-5-686-bigmem/kernel/net/netfilter + chroot . depmod -a 2.6.32-5-686-bigmem + cp /tmp/systemvm/iptables_1.4.8-3local1checksum1_i386.deb tmp/ + chroot . dpkg -i tmp/iptables_1.4.8-3local1checksum1_i386.deb + rm tmp/iptables_1.4.8-3local1checksum1_i386.deb +} + cleanup() { rm -f usr/sbin/policy-rc.d rm -f root/config.dat @@ -468,6 +479,11 @@ MOUNTPOINT=/mnt/$IMAGENAME/ IMAGELOC=$LOCATION/$IMAGENAME.img scriptdir=$(dirname $PWD/$0) +rm -rf /tmp/systemvm +mkdir -p /tmp/systemvm +cp ./xt_CHECKSUM.ko /tmp/systemvm +cp ./iptables_1.4.8-3local1checksum1_i386.deb /tmp/systemvm + rm -f $IMAGELOC begin=$(date +%s) echo "*************INSTALLING BASEIMAGE********************" @@ -528,6 +544,9 @@ apache2 echo "*************CONFIGURING VPN********************" vpn_config +echo "*************FIX DHCP ISSUE********************" +dhcp_fix + echo "*************CLEANING UP********************" cleanup diff --git a/patches/systemvm/debian/config/etc/iptables/iptables-router b/patches/systemvm/debian/config/etc/iptables/iptables-router index 9b56209159e..7124807eb39 100644 --- a/patches/systemvm/debian/config/etc/iptables/iptables-router +++ b/patches/systemvm/debian/config/etc/iptables/iptables-router @@ -23,4 +23,11 @@ COMMIT -A FORWARD -i eth0 -o eth2 -j ACCEPT -A FORWARD -i eth2 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT COMMIT - +*mangle +:PREROUTING ACCEPT [0:0] +:INPUT ACCEPT [0:0] +:FORWARD ACCEPT [0:0] +:OUTPUT ACCEPT [0:0] +:POSTROUTING ACCEPT [0:0] +-A POSTROUTING -p udp --dport bootpc -j CHECKSUM --checksum-fill +COMMIT diff --git a/patches/systemvm/debian/config/root/checkrouter.sh b/patches/systemvm/debian/config/root/checkrouter.sh deleted file mode 100755 index c6e7fb94273..00000000000 --- a/patches/systemvm/debian/config/root/checkrouter.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash - -source /root/func.sh - -lock="rrouter" -locked=$(getLockFile $lock) -if [ "$locked" != "1" ] -then - exit 1 -fi - -bumped="Bumped: NO" -if [ -e /tmp/rrouter_bumped ] -then - bumped="Bumped: YES" -fi - -stat=`tail -n 1 /root/keepalived.log | grep "Status"` -if [ $? -eq 0 ] -then - echo "$stat&$bumped" -fi - -unlock_exit $? $lock $locked diff --git a/patches/systemvm/debian/config/root/edithosts.sh.orig b/patches/systemvm/debian/config/root/edithosts.sh.orig deleted file mode 100755 index bb88c6a3f7f..00000000000 --- a/patches/systemvm/debian/config/root/edithosts.sh.orig +++ /dev/null @@ -1,101 +0,0 @@ -#!/usr/bin/env bash - - - - # - # Copyright (C) 2010 Cloud.com, Inc. All rights reserved. - # - # This software is licensed under the GNU General Public License v3 or later. - # - # It is free software: you can redistribute it and/or modify - # it under the terms of the GNU General Public License as published by - # the Free Software Foundation, either version 3 of the License, or any later version. - # This program is distributed in the hope that it will be useful, - # but WITHOUT ANY WARRANTY; without even the implied warranty of - # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - # GNU General Public License for more details. - # - # You should have received a copy of the GNU General Public License - # along with this program. If not, see . - # - -# edithosts.sh -- edit the dhcphosts file on the routing domain -# $1 : the mac address -# $2 : the associated ip address -# $3 : the hostname - -source /root/func.sh - -lock="biglock" -locked=$(getLockFile $lock) -if [ "$locked" != "1" ] -then - exit 1 -fi - -lock_rr="rrouter" -locked_rr=$(getLockFile $lock_rr) -if [ "$locked_rr" != "1" ] -then - exit 1 -fi - -grep "redundant_router=1" /var/cache/cloud/cmdline > /dev/null -no_redundant=$? - -wait_for_dnsmasq () { - local _pid=$(pidof dnsmasq) - for i in 0 1 2 3 4 5 6 7 8 9 10 - do - sleep 1 - _pid=$(pidof dnsmasq) - [ "$_pid" != "" ] && break; - done - [ "$_pid" != "" ] && return 0; - logger -t cloud "edithosts: timed out waiting for dnsmasq to start" - return 1 -} - -logger -t cloud "edithosts: update $1 $2 $3 to hosts" - -[ ! -f /etc/dhcphosts.txt ] && touch /etc/dhcphosts.txt -[ ! -f /var/lib/misc/dnsmasq.leases ] && touch /var/lib/misc/dnsmasq.leases - -#delete any previous entries from the dhcp hosts file -sed -i /$1/d /etc/dhcphosts.txt -sed -i /$2,/d /etc/dhcphosts.txt -sed -i /$3,/d /etc/dhcphosts.txt - -#put in the new entry -echo "$1,$2,$3,infinite" >>/etc/dhcphosts.txt - -#delete leases to supplied mac and ip addresses -sed -i /$1/d /var/lib/misc/dnsmasq.leases -sed -i /"$2 "/d /var/lib/misc/dnsmasq.leases -sed -i /"$3 "/d /var/lib/misc/dnsmasq.leases - -#put in the new entry -echo "0 $1 $2 $3 *" >> /var/lib/misc/dnsmasq.leases - -#edit hosts file as well -sed -i /"$2 "/d /etc/hosts -sed -i /"$3"/d /etc/hosts -echo "$2 $3" >> /etc/hosts - -# make dnsmasq re-read files -pid=$(pidof dnsmasq) -if [ "$pid" != "" ] -then - service dnsmasq restart -else - if [ $no_redundant -eq 1 ] - then - wait_for_dnsmasq - else - logger -t cloud "edithosts: skip wait dnsmasq due to redundant virtual router" - fi -fi - -ret=$? -releaseLockFile $lock_rr $locked_rr -unlock_exit $ret $lock $locked diff --git a/patches/systemvm/debian/iptables_1.4.8-3local1checksum1_i386.deb b/patches/systemvm/debian/iptables_1.4.8-3local1checksum1_i386.deb new file mode 100644 index 00000000000..eea3cbd3d15 Binary files /dev/null and b/patches/systemvm/debian/iptables_1.4.8-3local1checksum1_i386.deb differ diff --git a/patches/systemvm/debian/xt_CHECKSUM.ko b/patches/systemvm/debian/xt_CHECKSUM.ko new file mode 100644 index 00000000000..a0e0ef670e4 Binary files /dev/null and b/patches/systemvm/debian/xt_CHECKSUM.ko differ