apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

CLOUDSTACK-4913: Don't enable ebtables/iptables for non-security group zone

Browse Source
This commit is contained in:
Sheng Yang 2013-10-24 18:27:01 -07:00
parent df1924d910
commit f650d07b6f
2 changed files with 10 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/discoverer/XcpServerDiscoverer.java
View File

@ -311,6 +311,9 @@ public class XcpServerDiscoverer extends DiscovererBase implements Discoverer, L
details.put("storage.network.device1", storageNetworkLabel);
}
DataCenterVO zone = _dcDao.findById(dcId);
boolean securityGroupEnabled = zone.isSecurityGroupEnabled();
params.put("securitygroupenabled", Boolean.toString(securityGroupEnabled));
params.put("wait", Integer.toString(_wait));
details.put("wait", Integer.toString(_wait));

9
plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
View File

@ -329,6 +329,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
protected int _migratewait;
protected String _instance; //instance name (default is usually "VM")
static final Random _rand = new Random(System.currentTimeMillis());
protected boolean _securityGroupEnabled;
protected IAgentControl _agentControl;
@ -4969,8 +4970,11 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
s_logger.warn("set xenserver Iptable failed");
return null;
}
_canBridgeFirewall = can_bridge_firewall(conn);
if (_securityGroupEnabled) {
_canBridgeFirewall = can_bridge_firewall(conn);
}
String result = callHostPluginPremium(conn, "heartbeat", "host", _host.uuid, "interval", Integer
.toString(_heartbeatInterval));
if (result == null || !result.contains("> DONE <")) {
@ -5944,6 +5948,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
_publicNetworkName = (String) params.get("public.network.device");
_guestNetworkName = (String)params.get("guest.network.device");
_instance = (String) params.get("instance.name");
_securityGroupEnabled = Boolean.parseBoolean((String)params.get("securitygroupenabled"));
_linkLocalPrivateNetworkName = (String) params.get("private.linkLocal.device");
if (_linkLocalPrivateNetworkName == null) {