4629 Commits

Author SHA1 Message Date
Wei Zhou
e47b78b2bb
directdownload: fix keytool importcert (#11113)
* directdownload: fix keytool importcert

```
$ /usr/bin/keytool -importcert file /etc/cloudstack/agent/CSCERTIFICATE-full -keystore /etc/cloudstack/agent/cloud.jks -alias full -storepass DAWsfkJeeGrmhta6
Illegal option:  file
keytool -importcert [OPTION]...

Imports a certificate or a certificate chain

Options:

 -noprompt               do not prompt
 -trustcacerts           trust certificates from cacerts
 -protected              password through protected mechanism
 -alias <alias>          alias name of the entry to process
 -file <file>            input file name
 -keypass <arg>          key password
 -keystore <keystore>    keystore name
 -cacerts                access the cacerts keystore
 -storepass <arg>        keystore password
 -storetype <type>       keystore type
 -providername <name>    provider name
 -addprovider <name>     add security provider by name (e.g. SunPKCS11)
   [-providerarg <arg>]    configure argument for -addprovider
 -providerclass <class>  add security provider by fully-qualified class name
   [-providerarg <arg>]    configure argument for -providerclass
 -providerpath <list>    provider classpath
 -v                      verbose output

Use "keytool -?, -h, or --help" for this help message
```

* DirectDownload: drop HttpsMultiTrustManager
2025-07-07 13:36:16 +02:00
Bernardo De Marco Gonçalves
39c8c4dbae
Normalize naming of Kubernetes clusters (#10778) 2025-07-05 15:20:08 +02:00
Pearl Dsilva
cbd2b5a022
Add check for ldap truststore password (#11055) 2025-06-19 10:03:58 +02:00
Pearl Dsilva
379ee07d88 Updating pom.xml version numbers for release 4.19.4.0-SNAPSHOT
Signed-off-by: Pearl Dsilva <pearl1594@gmail.com>
2025-06-06 18:00:09 +05:30
Daan Hoogland
0c7d47138d Updating pom.xml version numbers for release 4.19.3.0
Signed-off-by: Daan Hoogland <daan@onecht.net>
2025-05-30 09:08:58 +02:00
nvazquez
a0080a04fe Adding privilege checks on user and account operations
Co-authored-by: Harikrishna <harikrishna.patnala@gmail.com>
2025-05-27 16:24:29 +02:00
Abhishek Kumar
e2f187912c cks: create separate service account in project
A separate service account will be created and added in the project, if
not exist already, when a Kubernetes cluster is deployed in a project.
This account will have a role with limited API access.

Cleanup clusters on owner account cleanup, delete service account
if needed

When the owner account of k8s clusters is deleted, while its node VMs
get expunged, the cluster entry in DB remain present. This fixes the
issue by cleaning up all clusters for the account deleted.

Project k8s service account will be deleted on account cleanup or when
there is no active k8s cluster remaining

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
2025-05-27 16:24:29 +02:00
Pearl Dsilva
b760b0262f
Fix issue with configdrive on XenServer (#10912) 2025-05-27 10:14:04 +02:00
Suresh Kumar Anaparti
6e19c07da1
Fixed typos (#10882) 2025-05-22 11:41:04 +05:30
Suresh Kumar Anaparti
112dfddd40
Reset the pool id when create volume fails on the allocated pool, and update the resize error when no endpoint exists (#10777)
* Reset the pool id when create volume fails on the allocated pool

- the pool id is persisted while creating the volume, when it fails the pool id is not reverted. On next create volume attempt, CloudStack couldn't find any suitable primary storage even there are pools available with enough capacity as the pool is already assigned to volume which is in Allocated state (and storage pool compatibility check fails). Ensure volume is not assigned to any pool if create volume fails (so the next creation job would pick the suitable pool).

* endpoint check for resize

* update the resize error through callback result instead of exception
2025-05-16 10:26:28 +02:00
Suresh Kumar Anaparti
f199783c75
VMware import - logs sanitation (#10433) 2025-05-16 09:21:19 +02:00
Nicolas Vazquez
8d3ae3e057
[Vmware] Improve listing of Vmware Datacenter VMs for migration to KVM (#10770)
Co-authored-by: dahn <daan.hoogland@gmail.com>
Co-authored-by: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
2025-05-14 08:12:27 +02:00
Rene Peinthor
88ce639255
Linstor: implement volume and storage stats (#10850) 2025-05-13 10:06:35 +02:00
Suresh Kumar Anaparti
47a268202b
[VMware] Sync the disk path or datastore changes for IDE disks, and before any volume resize during start vm (for the volumes on datastore cluster) (#10748) 2025-05-12 13:21:04 +02:00
Abhishek Kumar
e68abcd85d
xenserver: destroy halted vm on expunge (#10833)
* xenserver: destroy halted vm on expunge

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
2025-05-12 10:46:37 +05:30
Wei Zhou
ea32a1a71a
server: fetch IP of VMs on L2 networks (#10431) 2025-05-09 10:19:30 +02:00
dahn
5a5c865133
Revert "Add the option to filter by host when retrieving of unregistered VMs (#9925)" (#10647)
This reverts commit aa6c581e405d7652916a9290e042f0bd26c3913a.
2025-04-24 09:06:57 +02:00
Rohit Yadav
29e58e906f
plugin/shutdown: use mgmt server uuid in the shutdown response (#10717) 2025-04-18 11:08:53 +02:00
Rene Glover
f13cf597a2
4.19 fix saml account selector (#10311) 2025-04-14 12:59:43 +02:00
Abhishek Kumar
5d5ac17c68
xenserver: do not destroy halted hypervisor vm (#9175)
Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
2025-04-09 09:33:01 +02:00
Rene Peinthor
f4a7c8ab89
linstor: implement missing deleteDatastore (#10561)
Somehow deleteDatastore was never implemented, that meant:
templates haven't been cleaned up on datastore delete and
also agents have never been informed about storage pool removal.
2025-03-18 08:50:19 -04:00
Abhisar Sinha
35e809e7ce
Set external Id to null after backupProvider.removeVMFromBackup (#10562) 2025-03-17 12:46:05 -04:00
Rene Peinthor
95c24810ab
linstor: try to delete -rst resource before snapshot backup (#10443)
If a -rst resource wasn't deleted because of a failed copy,
a reoccurring snapshot attempt couldn't be done, because there
was still the "old" -rst resource. To prevent this always
try to remove the -rst resource before, if it doesn't exist it is a noop.
2025-03-10 16:23:01 +01:00
Wei Zhou
8ce34ad791
kvm: find cluster-wide pools only in Up state when investigate a host (#10516) 2025-03-10 09:27:38 -04:00
Wei Zhou
cd6d1a23a2
KVM: return null state instead of Disconnected when investigate a host without NFS (#10515) 2025-03-10 09:06:15 +01:00
Rene Glover
f0179855f5
add use of virsh domifaddr to get VM external DHCP IP (#10376)
* add use of virsh domifaddr to get VM external DHCP IP

* updates to modularize LibvirtGetVmIpAddressCommandWrapper per comments; added test cases to cover 90%+ scenarios

* updates to modularize LibvirtGetVmIpAddressCommandWrapper per comments; added test cases to cover 90%+ scenarios

* updates to modularize LibvirtGetVmIpAddressCommandWrapper per comments; added test cases to cover 90%+ scenarios
2025-02-28 10:13:53 +05:30
Wei Zhou
f992ebb52a
fix volume migration across cluster-scope pools (#10266) 2025-02-27 08:50:22 -05:00
Daan Hoogland
4a3686297d Updating pom.xml version numbers for release 4.19.3.0-SNAPSHOT
Signed-off-by: Daan Hoogland <daan@onecht.net>
2025-02-25 10:43:11 +01:00
Daan Hoogland
4e321d4356 Updating pom.xml version numbers for release 4.19.2.0
Signed-off-by: Daan Hoogland <daan@onecht.net>
2025-02-20 09:32:07 +01:00
dahn
e196275d5a
ipmi: extra log sanitation (#10428) 2025-02-20 09:01:28 +01:00
Suresh Kumar Anaparti
b9ebc7b721
VMware Import - Support external VMs in any folders/subfolders other than the root folder ('vm') of datacenter (#10411) 2025-02-18 09:23:25 +01:00
dahn
aa6c581e40
Add the option to filter by host when retrieving of unregistered VMs (#9925)
Co-authored-by: Nicolas Vazquez <nicovazquez90@gmail.com>
2025-02-10 17:06:39 +01:00
Nicolas Vazquez
4f604c00b6
Support virtio-blk root disk controller (#10229) 2025-02-10 15:03:07 +01:00
Gabriel Pordeus Santos
58a63f64fd
Fix VMWare leftovers when deleting VM without root disk (#9735) 2025-02-09 09:31:39 +01:00
Rene Glover
3337f425ff
Primera pure patches & various small fixes (#10132)
Co-authored-by: GLOVER RENE <rg9975@cs419-mgmtserver.rg9975nprd.app.ecp.att.com>
Co-authored-by: Suresh Kumar Anaparti <sureshkumar.anaparti@gmail.com>
2025-02-07 13:19:34 +01:00
Rene Peinthor
df99a29483
linstor: Fix using multiple primary storage with same linstor-controller (#10280) 2025-02-06 10:18:04 +01:00
Rene Peinthor
55e8eaab89
Linstor: encryption support (#10126)
This introduces a new encryption mode, instead of a simple bool.
Now also storage driver can just provide encrypted volumes to CloudStack.
2025-02-04 15:18:49 +01:00
Abhishek Kumar
b93589b5bd
server: reset 2fa user configuration on incomplete setup (#10247)
Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
2025-01-30 15:51:04 +01:00
Wei Zhou
b9890875cc
CKS: use --delete-emptydir-data instead of deprecated --delete-local-data (#10234) 2025-01-30 15:49:26 +01:00
Abhishek Kumar
4787885fc0
cks: prevent npe on cluster listing with removed offering (#10075)
Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
2025-01-24 09:47:52 +01:00
Harikrishna
20759187b3
Fix local storage deletion cases (#10231)
* Delete local storage properties in agent.properties during delete pool

* Fix stale entry when add local storage failed

* Smaller methods

* Comment added
2025-01-23 12:46:33 +05:30
Wei Zhou
b186272f68
kvm: add SCSI controllers based on the number of virtio-SCSI disks (#9823)
According to libvirt code, the units per scsi controller is set to 7
therefore, we need to create scsi controller every 7 disks (including CDROM).

50cc7a0d9d/src/conf/domain_conf.h (L3007-L3008)

50cc7a0d9d/src/conf/domain_conf.c (L6701-L6704)
2025-01-22 14:00:02 +01:00
Rene Peinthor
1ff68cf9b1
linstor: Fix ZFS snapshot backup (#10219)
Linstor plugin used the wrong zfs dataset path to hide/unhide
the snapshot device.
Also don't use the full path to the zfs binary.
2025-01-21 15:40:17 +05:30
Abhishek Kumar
00c659b7a7
api: fix access for listSystemVmUsageHistory (#10032)
Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
2025-01-20 14:29:27 +01:00
Suresh Kumar Anaparti
188eacd9eb
Certificate and VM hostname validation improvements (#10051)
* Certificate and VM hostname validation improvements

* Improve certificate name validation and some code/log improvements
2024-12-20 10:18:11 +05:30
Rene Peinthor
a9587bfd2e
kvm-storage: provide isVMMigrate information to storage plugins (#10093)
Particular Linstor needs can use this information to only allow
dual volume access for live migration and not enable it in general,
which can and will lead to data corruption if for some reason
2 VMs get started on 2 different hosts.
2024-12-18 09:13:41 +01:00
Suresh Kumar Anaparti
b4ad04badf
Allow config drive deletion of migrated VM, on host maintenance (#10045) 2024-12-18 09:12:28 +01:00
Rene Peinthor
a2f2e87c12
linstor: improve heartbeat check with also asking linstor (#10105)
If a node doesn't have a DRBD connection to another node,
additionally ask Linstor-Controller if the node is alive.
Otherwise we would have simply said no and the node might still be alive.
This is always the case in a non hyperconverged setup.
2024-12-16 09:59:57 +01:00
Wei Zhou
f9b176744e
SAML2: add cookie with HttpOnly too #10013 (#10047) 2024-12-09 16:45:21 +01:00
Rodrigo D. Lopez
4189bac8e0
enable to create VPC portfowarding rules with source cidr (#7081)
Co-authored-by: Lopez <rodrigo@scclouds.com.br>
Co-authored-by: Fabricio Duarte <fabricio.duarte.jr@gmail.com>
2024-11-28 17:53:07 +01:00