Wei Zhou 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							c61ea9f96d 
							
						 
					 
					
						
						
							
							VR: Do not add iptables rules for the revoked ip addresses ( #6189 )  
						
						
						
						
					 
					
						2022-04-06 00:16:47 -03:00 
						 
				 
			
				
					
						
							
							
								Wei Zhou 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							47454eca7d 
							
						 
					 
					
						
						
							
							VR: add '-m <protocol>' for tcp or udp protocol ( #6188 )  
						
						
						
						
					 
					
						2022-04-06 00:16:12 -03:00 
						 
				 
			
				
					
						
							
							
								John Bampton 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							980c0bff03 
							
						 
					 
					
						
						
							
							Fix spelling ( #6041 )  
						
						... 
						
						
						
						Changed `occured` to `occurred` 
						
						
					 
					
						2022-03-03 13:10:14 -03:00 
						 
				 
			
				
					
						
							
							
								Suresh Kumar Anaparti 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							bc70535ee5 
							
						 
					 
					
						
						
							
							Updating pom.xml version numbers for release 4.16.2.0-SNAPSHOT  
						
						... 
						
						
						
						Signed-off-by: Suresh Kumar Anaparti <suresh.anaparti@shapeblue.com> 
						
						
					 
					
						2022-03-03 18:15:33 +05:30 
						 
				 
			
				
					
						
							
							
								Suresh Kumar Anaparti 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							cad9332082 
							
						 
					 
					
						
						
							
							Updating pom.xml version numbers for release 4.16.1.0  
						
						... 
						
						
						
						Signed-off-by: Suresh Kumar Anaparti <suresh.anaparti@shapeblue.com> 
						
						
					 
					
						2022-02-25 19:01:16 +05:30 
						 
				 
			
				
					
						
							
							
								Rakesh 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							831f7cff54 
							
						 
					 
					
						
						
							
							Support mutiple management networks in systemvms ( #4678 )  
						
						... 
						
						
						
						* Support mutliple management networks in systemvms
Currently only one management.network.cidr is suuported in systemvms
Allow supporting comma separated list of cidr's so that multiple
networks are reachable from systemvms.
* add local gateway
Co-authored-by: Rakesh Venkatesh <rakeshv@apache.org> 
						
						
					 
					
						2022-02-22 08:11:31 -03:00 
						 
				 
			
				
					
						
							
							
								Suresh Kumar Anaparti 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							b50542a11c 
							
						 
					 
					
						
						
							
							Merge branch '4.16' into main  
						
						
						
						
					 
					
						2022-02-15 19:26:04 +05:30 
						 
				 
			
				
					
						
							
							
								Pearl Dsilva 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							e0a5df50ce 
							
						 
					 
					
						
						
							
							CKS Enhancements and SystemVM template upgrade improvements ( #5863 )  
						
						... 
						
						
						
						* This PR/commit comprises of the following:
- Support to fallback on the older systemVM template in case of no change in template across ACS versions
- Update core user to cloud in CKS
- Display details of accessing CKS nodes in the UI - K8s Access tab
- Update systemvm template from debian 11 to debian 11.2
- Update letsencrypt cert
- Remove docker dependency as from ACS 4.16 onward k8s has deprecated support for docker - use containerd as container runtime
* support for private registry - containerd
* Enable updating template type (only) for system owned templates via UI
* edit indents
* Address comments and move cmd from patch file to cloud-init runcmd
* temporary change
* update k8s test to use k8s version 1.21.5 (instead of 1.21.3 - due to https://github.com/kubernetes/kubernetes/pull/104530 )
* support for private registry - containerd
* Enable updating template type (only) for system owned templates via UI
* smooth upgrade of cks clusters
* update pom file with temp download.cloudstack.org testing links
* fix pom
* add cgroup config for containerd
* add systemd config for kubelet
* add additional info during image registry config
* update to official links 
						
						
					 
					
						2022-02-15 18:27:14 +05:30 
						 
				 
			
				
					
						
							
							
								Rohit Yadav 
							
						 
					 
					
						
						
						
						
							
						
						
							d8004871e5 
							
						 
					 
					
						
						
							
							Merge remote-tracking branch 'origin/4.16' into main  
						
						
						
						
					 
					
						2021-11-18 14:05:53 +05:30 
						 
				 
			
				
					
						
							
							
								Wei Zhou 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							4568a68d83 
							
						 
					 
					
						
						
							
							CsDhcp.py: fix runtests.sh error ( #5671 )  
						
						... 
						
						
						
						$ cd systemvm/test
$ bash -x runtests.sh
......
../debian/opt/cloud/bin/cs/CsDhcp.py:114:25: E266 too many leading '#' for block comment
+ '[' 1 -gt 0 ']'
+ echo 'pycodestyle failed, please check your code' 
						
						
					 
					
						2021-11-17 14:05:20 +01:00 
						 
				 
			
				
					
						
							
							
								nicolas 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							3f79436840 
							
						 
					 
					
						
						
							
							Updating pom.xml version numbers for release 4.17.0.0-SNAPSHOT  
						
						... 
						
						
						
						Signed-off-by: nicolas <nicovazquez90@gmail.com> 
						
						
					 
					
						2021-11-09 22:55:52 -03:00 
						 
				 
			
				
					
						
							
							
								nicolas 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							93c3c3b9ac 
							
						 
					 
					
						
						
							
							Updating pom.xml version numbers for release 4.16.1.0-SNAPSHOT  
						
						... 
						
						
						
						Signed-off-by: nicolas <nicovazquez90@gmail.com> 
						
						
					 
					
						2021-11-09 22:50:22 -03:00 
						 
				 
			
				
					
						
							
							
								nicolas 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							44c08b5acc 
							
						 
					 
					
						
						
							
							Updating pom.xml version numbers for release 4.16.0.0  
						
						... 
						
						
						
						Signed-off-by: nicolas <nicovazquez90@gmail.com> 
						
						
					 
					
						2021-11-04 14:14:57 -03:00 
						 
				 
			
				
					
						
							
							
								Wei Zhou 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							798d7bebf6 
							
						 
					 
					
						
						
							
							VR: skip dhcp/dns health check in some cases ( #5554 )  
						
						... 
						
						
						
						this fixes  #5536  
						
						
					 
					
						2021-10-08 08:22:32 +05:30 
						 
				 
			
				
					
						
							
							
								davidjumani 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							6ac834a358 
							
						 
					 
					
						
						
							
							Adding AutoScaling for cks + CKS CoreOS EOL update + systemvmtemplate improvements ( #4329 )  
						
						... 
						
						
						
						Adding AutoScaling support for cks
Kubernetes PR : kubernetes/autoscaler#3629
Also replaces CoreOS with Debian
Fixes  #4198 
Co-authored-by: Pearl Dsilva <pearl1594@gmail.com>
Co-authored-by: Pearl Dsilva <pearl.dsilva@shapeblue.com>
Co-authored-by: Wei Zhou <w.zhou@global.leaseweb.com>
Co-authored-by: Rohit Yadav <rohit.yadav@shapeblue.com> 
						
						
					 
					
						2021-10-06 21:17:41 +05:30 
						 
				 
			
				
					
						
							
							
								Wei Zhou 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							9f5ac89c9a 
							
						 
					 
					
						
						
							
							VR: fix data-server if shared network has multiple ip ranges ( #5530 )  
						
						... 
						
						
						
						* VR: fix data-server if shared network has multiple ip ranges
This fixes  #5518 
* Update PR #5530 : fix nameserver in vm with IP in additional IP ranges
without this change
```
root@r-757-VM:~# cat /etc/dnsmasq.d/cloud.conf
listen-address=127.0.0.1,10.10.12.31,10.10.13.19
dhcp-range=set:interface-eth0-0,10.10.12.31,static
dhcp-option=tag:interface-eth0-0,15,cs1cloud.internal
dhcp-option=tag:interface-eth0-0,6,10.10.12.31,10.0.32.1,8.8.8.8
dhcp-option=tag:interface-eth0-0,3,10.10.12.254
dhcp-option=tag:interface-eth0-0,1,255.255.255.0
dhcp-range=set:interface-eth0-1,10.10.13.19,static
dhcp-option=tag:interface-eth0-1,15,cs1cloud.internal
dhcp-option=tag:interface-eth0-1,6,10.10.12.31,10.0.32.1,8.8.8.8 <<< nameserver 10.10.12.31
dhcp-option=tag:interface-eth0-1,3,10.10.13.254
dhcp-option=tag:interface-eth0-1,1,255.255.255.0
```
with this change
```
root@r-757-VM:~# cat /etc/dnsmasq.d/cloud.conf
listen-address=127.0.0.1,10.10.12.31,10.10.13.19
dhcp-range=set:interface-eth0-0,10.10.12.31,static
dhcp-option=tag:interface-eth0-0,15,cs1cloud.internal
dhcp-option=tag:interface-eth0-0,6,10.10.12.31,10.0.32.1,8.8.8.8
dhcp-option=tag:interface-eth0-0,3,10.10.12.254
dhcp-option=tag:interface-eth0-0,1,255.255.255.0
dhcp-range=set:interface-eth0-1,10.10.13.19,static
dhcp-option=tag:interface-eth0-1,15,cs1cloud.internal
dhcp-option=tag:interface-eth0-1,6,10.10.13.19,10.0.32.1,8.8.8.8 <<< nameserver 10.10.13.19
dhcp-option=tag:interface-eth0-1,3,10.10.13.254
dhcp-option=tag:interface-eth0-1,1,255.255.255.0
```
* Update #5530 : add 'localise-queries' to /etc/dnsmasq.conf 
						
						
					 
					
						2021-10-04 11:40:25 +02:00 
						 
				 
			
				
					
						
							
							
								Abhishek Kumar 
							
						 
					 
					
						
						
						
						
							
						
						
							56f4da6dce 
							
						 
					 
					
						
						
							
							Merge remote-tracking branch 'apache/4.15' into main  
						
						
						
						
					 
					
						2021-09-02 16:13:33 +05:30 
						 
				 
			
				
					
						
							
							
								Rakesh 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							70f2420e54 
							
						 
					 
					
						
						
							
							router: Use source IP from subnet for snat ( #5376 )  
						
						... 
						
						
						
						When snat is configured on a vm in a subnet then the source
ip should be taken from the same subnet rather than from
random other subnet.
Co-authored-by: Rakesh Venkatesh <rakeshv@apache.org> 
						
						
					 
					
						2021-09-02 13:59:46 +05:30 
						 
				 
			
				
					
						
							
							
								Wei Zhou 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							989a46850e 
							
						 
					 
					
						
						
							
							vr: ipsec/l2tp vpn secret with no ID selectors ( #5375 )  
						
						... 
						
						
						
						according to https://wiki.strongswan.org/projects/strongswan/wiki/Ipsecsecrets  , the ID selector is optional. 
						
						
					 
					
						2021-09-02 13:57:20 +05:30 
						 
				 
			
				
					
						
							
							
								nicolas 
							
						 
					 
					
						
						
						
						
							
						
						
							6509f43edc 
							
						 
					 
					
						
						
							
							Merge branch '4.15' into main  
						
						
						
						
					 
					
						2021-08-25 01:24:58 -03:00 
						 
				 
			
				
					
						
							
							
								Wei Zhou 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							16e4de0c25 
							
						 
					 
					
						
						
							
							vr: reload dnsmasq when start vms ( #5319 )  
						
						... 
						
						
						
						* vr: reload dnsmasq when start vms
* vr: fix pycodestyle check error
* vr: delete leases only when needed 
						
						
					 
					
						2021-08-24 22:47:34 -03:00 
						 
				 
			
				
					
						
							
							
								Rohit Yadav 
							
						 
					 
					
						
						
						
						
							
						
						
							57a55bd777 
							
						 
					 
					
						
						
							
							Merge remote-tracking branch 'origin/4.15' into main  
						
						
						
						
					 
					
						2021-08-20 17:19:40 +05:30 
						 
				 
			
				
					
						
							
							
								Wei Zhou 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							0390281ad2 
							
						 
					 
					
						
						
							
							vr: cleanup files in /var/cache/cloud/processed every day ( #5331 )  
						
						... 
						
						
						
						* vr: cleanup files in /var/cache/cloud/processed every day
* #5331 : add license header 
						
						
					 
					
						2021-08-20 17:10:04 +05:30 
						 
				 
			
				
					
						
							
							
								Rohit Yadav 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							69a0ab665d 
							
						 
					 
					
						
						
							
							systemvmtemplate: bump to Debian 11.0.0 systemvmtemplate ( #5317 )  
						
						... 
						
						
						
						Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com> 
						
						
					 
					
						2021-08-18 16:47:08 +05:30 
						 
				 
			
				
					
						
							
							
								davidjumani 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							cb1078aa20 
							
						 
					 
					
						
						
							
							Merge remote-tracking branch 'apache/4.15' into main  
						
						
						
						
					 
					
						2021-08-09 15:10:51 +05:30 
						 
				 
			
				
					
						
							
							
								Wei Zhou 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							05d1d568fb 
							
						 
					 
					
						
						
							
							vr: restart conntrackd instead of '/usr/sbin/conntrackd -d' ( #5275 )  
						
						... 
						
						
						
						* vr: restart conntrackd instead of '/usr/sbin/conntrackd -d'
* vr: remove unused cmd
* Revert "vr: remove unused cmd"
This reverts commit b97cf469952fe0706d91af411eaffa62a06761a6.
* vr: remove unused cmd 
						
						
					 
					
						2021-08-09 13:35:45 +05:30 
						 
				 
			
				
					
						
							
							
								Gabriel Beims Bräscher 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							6cd5b36347 
							
						 
					 
					
						
						
							
							[UI] Add Shift key for noVNC consoles ( #5237 )  
						
						
						
						
					 
					
						2021-07-27 09:58:34 +02:00 
						 
				 
			
				
					
						
							
							
								Rohit Yadav 
							
						 
					 
					
						
						
						
						
							
						
						
							d916e416ec 
							
						 
					 
					
						
						
							
							Updating pom.xml version numbers for release 4.15.2.0-SNAPSHOT  
						
						... 
						
						
						
						Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com> 
						
						
					 
					
						2021-07-02 22:59:07 +05:30 
						 
				 
			
				
					
						
							
							
								Rohit Yadav 
							
						 
					 
					
						
						
						
						
							
						
						
							379454caae 
							
						 
					 
					
						
						
							
							Updating pom.xml version numbers for release 4.15.1.0  
						
						... 
						
						
						
						Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com> 
						
						
					 
					
						2021-06-28 15:27:27 +05:30 
						 
				 
			
				
					
						
							
							
								Rohit Yadav 
							
						 
					 
					
						
						
						
						
							
						
						
							f58b72f6f7 
							
						 
					 
					
						
						
							
							Merge remote-tracking branch 'origin/4.15'  
						
						
						
						
					 
					
						2021-06-27 18:25:46 +05:30 
						 
				 
			
				
					
						
							
							
								Pearl Dsilva 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							aa809727a8 
							
						 
					 
					
						
						
							
							Fix configuration of ntp server list in systemVMs ( #5160 )  
						
						
						
						
					 
					
						2021-06-26 18:16:36 +05:30 
						 
				 
			
				
					
						
							
							
								Rakesh 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							faa57434ab 
							
						 
					 
					
						
						
							
							systemvm: Change logrotate interval to hourly ( #5132 )  
						
						... 
						
						
						
						* Change logrotate interval to hourly
The logrotate config says interval as hourly but it relies
on timer service to be invoked but in timer the frequency
is mentioned as 12h. So it wont be invoked every hour.
So change the frequency to hourly
* Add change to vpc router 
						
						
					 
					
						2021-06-24 11:07:06 +05:30 
						 
				 
			
				
					
						
							
							
								Wei Zhou 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							347f8a5a73 
							
						 
					 
					
						
						
							
							VR: fix source cidr of egress rules are not applied ( #5143 )  
						
						... 
						
						
						
						This reverts change in commit
065fa1c849 (diff-c78f7f699938cf529cbcef26bda2ed93630b58f336986fd0753fbfa1a6adbc43L103-R103) 
						
						
					 
					
						2021-06-24 11:05:24 +05:30 
						 
				 
			
				
					
						
							
							
								Suresh Kumar Anaparti 
							
						 
					 
					
						
						
						
						
							
						
						
							958182481e 
							
						 
					 
					
						
						
							
							cloudstack: make code more inclusive  
						
						... 
						
						
						
						Inclusivity changes for CloudStack
- Change default git branch name from 'master' to 'main' (post renaming/changing default git branch to 'main' in git repo)
- Rename some offensive words/terms as appropriate for inclusiveness.
This PR updates the default git branch to 'main', as part of #4887 .
Signed-off-by: Suresh Kumar Anaparti <suresh.anaparti@shapeblue.com>
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com> 
						
						
					 
					
						2021-06-08 15:47:20 +05:30 
						 
				 
			
				
					
						
							
							
								Rohit Yadav 
							
						 
					 
					
						
						
						
						
							
						
						
							5aefd3e204 
							
						 
					 
					
						
						
							
							Merge remote-tracking branch 'origin/4.15'  
						
						
						
						
					 
					
						2021-06-02 14:03:54 +05:30 
						 
				 
			
				
					
						
							
							
								Wei Zhou 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							b25823213b 
							
						 
					 
					
						
						
							
							vr: remove old ips with same mac address in dhcpentry databag ( #5059 )  
						
						... 
						
						
						
						This PR fixes  #5058 
when start a vm, the old entries in databag for the vm (with same mac addresses) should be removed then set again, to avoid duplicated records in dhcpentry databag and also /etc/dhcphosts.txt 
Testing with Isolated networks:
(1) stop vm, change vm ip address, start vm
vm info is updated in /etc/dhcphosts.txt and /etc/cloudstack/dhcpentry.json
(2) stop vm, expunge vm.
vm is removed from /etc/dhcphosts.txt and /var/lib/misc/dnsmasq.leases
Testing with VPC:
(1) create vm in 2 vpc tiers
vm has 2 entries in /etc/dhcphosts.txt, and /etc/cloudstack/dhcpentry.json
(2) stop vm, change ip addresses, change nics order, start vm
entries are updated in /etc/dhcphosts.txt and /etc/cloudstack/dhcpentry.json
(3) remove a nic from vm (hot unplug)
vm nic is removed from /etc/dhcphosts.txt and /var/lib/misc/dnsmasq.leases
entry in /etc/cloudstack/dhcpentry.json is updated. 
						
						
					 
					
						2021-06-01 20:57:26 +05:30 
						 
				 
			
				
					
						
							
							
								Abhishek Kumar 
							
						 
					 
					
						
						
						
						
							
						
						
							426f14b6ed 
							
						 
					 
					
						
						
							
							Merge remote-tracking branch 'apache/4.15'  
						
						... 
						
						
						
						Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com> 
						
						
					 
					
						2021-05-18 15:19:20 +05:30 
						 
				 
			
				
					
						
							
							
								Wei Zhou 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							1b28ea1ebb 
							
						 
					 
					
						
						
							
							network: fix dhcp/password/metadata issues on shared networks with multiple subnets ( #5013 )  
						
						... 
						
						
						
						* #4943 : apply iptables for password and metadata
* #4943 : fix wrong ip alias
* #4943 : revert previous change and add ip_aliases
Co-authored-by: Wei Zhou <weizhouapache@gmail.com> 
						
						
					 
					
						2021-05-13 14:31:47 +05:30 
						 
				 
			
				
					
						
							
							
								Rohit Yadav 
							
						 
					 
					
						
						
						
						
							
						
						
							fce84e62ab 
							
						 
					 
					
						
						
							
							Merge remote-tracking branch 'origin/4.15'  
						
						
						
						
					 
					
						2021-05-06 00:27:43 +05:30 
						 
				 
			
				
					
						
							
							
								Pearl Dsilva 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							bc80815cf5 
							
						 
					 
					
						
						
							
							server: Adding VPN options for IKE version and IKE split connections ( #4953 )  
						
						... 
						
						
						
						IKE version allows selecting ike (autoselect), ikev1, or ikev2.
Split connections gives an option of separating the first right subnet from the rest, and kicking out individual statements for each right subnet for better cross-compatibility.
Backported from PR: #4137 
update per PR suggestion
Fixes  #3138 
Co-authored-by: Greg Goodrich <ggoodrich@ippathways.com>
Co-authored-by: Daan Hoogland <dahn@onecht.net>
Co-authored-by: Pearl Dsilva <pearl.dsilva@shapeblue.com> 
						
						
					 
					
						2021-05-05 12:54:23 +05:30 
						 
				 
			
				
					
						
							
							
								dahn 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							a1f825e7c7 
							
						 
					 
					
						
						
							
							python3: Migrate Marvin and smoketests to python3 ( #4727 )  
						
						... 
						
						
						
						This PR prepares marvin and tests for python3. it was part of #4479 , until nose2 was decided to be abandoned from that PR.
Re-PR of #4543  and #3730  to enable cooperation
Co-authored-by: Daan Hoogland <dahn@onecht.net>
Co-authored-by: Gabriel Beims Bräscher <gabriel@apache.org>
Co-authored-by: Rohit Yadav <rohit.yadav@shapeblue.com> 
						
						
					 
					
						2021-05-04 23:19:37 +05:30 
						 
				 
			
				
					
						
							
							
								Abhishek Kumar 
							
						 
					 
					
						
						
						
						
							
						
						
							cce736709e 
							
						 
					 
					
						
						
							
							Merge remote-tracking branch 'apache/4.15'  
						
						
						
						
					 
					
						2021-04-12 11:43:57 +05:30 
						 
				 
			
				
					
						
							
							
								Rohit Yadav 
							
						 
					 
					
						
						
						
						
							
						
						
							e824fdba20 
							
						 
					 
					
						
						
							
							Merge remote-tracking branch 'origin/4.14' into 4.15  
						
						... 
						
						
						
						Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Conflicts:
	server/src/main/java/com/cloud/vm/UserVmManagerImpl.java 
						
						
					 
					
						2021-04-10 13:41:50 +05:30 
						 
				 
			
				
					
						
							
							
								Spaceman1984 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							4bab06a74b 
							
						 
					 
					
						
						
							
							systemvm: Restricting http access on VR to internal network ( #4847 )  
						
						... 
						
						
						
						There is a potential security issue with having http access to the VR from anywhere.
This PR restricts http access to the VR to the internal network only. 
						
						
					 
					
						2021-04-10 13:19:31 +05:30 
						 
				 
			
				
					
						
							
							
								Rohit Yadav 
							
						 
					 
					
						
						
						
						
							
						
						
							3783fd5cec 
							
						 
					 
					
						
						
							
							Merge remote-tracking branch 'origin/4.15'  
						
						
						
						
					 
					
						2021-04-05 13:00:18 +05:30 
						 
				 
			
				
					
						
							
							
								Rohit Yadav 
							
						 
					 
					
						
						
						
						
							
						
						
							43257f8300 
							
						 
					 
					
						
						
							
							Merge remote-tracking branch 'origin/4.14' into 4.15  
						
						
						
						
					 
					
						2021-04-05 12:59:37 +05:30 
						 
				 
			
				
					
						
							
							
								aleskxyz 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							ca4669c4d4 
							
						 
					 
					
						
						
							
							systemvm: Add localized "data-server" records in /etc/hosts for VPC routers ( #4873 )  
						
						
						
						
					 
					
						2021-04-05 12:34:10 +05:30 
						 
				 
			
				
					
						
							
							
								Rohit Yadav 
							
						 
					 
					
						
						
						
						
							
						
						
							d4635e3442 
							
						 
					 
					
						
						
							
							Merge remote-tracking branch 'origin/4.15'  
						
						... 
						
						
						
						Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com> 
						
						
					 
					
						2021-04-01 14:35:01 +05:30 
						 
				 
			
				
					
						
							
							
								Wei Zhou 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							d4ba00434c 
							
						 
					 
					
						
						
							
							VR: fix rsyslog compresses log files but not release disk space in VR ( #4869 )  
						
						... 
						
						
						
						We had critical issue with VR recently. The VRs of shared network or vpc stops working after some days.
After investigation, I found that the disk space is full
```
root@r-10-VM:~# df
Filesystem     1K-blocks    Used Available Use% Mounted on
/dev/vda5        2086316 2069932         0 100% /
```
logrotate/ryslog has compresses the log files, but space is not released. see `lsof |grep deleted`
```
root@r-10-VM:~# lsof |grep deleted
rsyslogd    960                      root   12w      REG              254,5 493060096        137 /var/log/daemon.log.1 (deleted)
rsyslogd    960                      root   13w      REG              254,5  17715200        110 /var/log/messages.1 (deleted)
rsyslogd    960                      root   16w      REG              254,5 545968128        342 /var/log/auth.log.1 (deleted)
rsyslogd    960                      root   18w      REG              254,5  38313984        341 /var/log/cron.log.1 (deleted)
rsyslogd    960  962 in:imuxso       root   12w      REG              254,5 493060096        137 /var/log/daemon.log.1 (deleted)
rsyslogd    960  962 in:imuxso       root   13w      REG              254,5  17715200        110 /var/log/messages.1 (deleted)
rsyslogd    960  962 in:imuxso       root   16w      REG              254,5 545968128        342 /var/log/auth.log.1 (deleted)
rsyslogd    960  962 in:imuxso       root   18w      REG              254,5  38313984        341 /var/log/cron.log.1 (deleted)
rsyslogd    960  963 in:imklog       root   12w      REG              254,5 493060096        137 /var/log/daemon.log.1 (deleted)
rsyslogd    960  963 in:imklog       root   13w      REG              254,5  17715200        110 /var/log/messages.1 (deleted)
rsyslogd    960  963 in:imklog       root   16w      REG              254,5 545968128        342 /var/log/auth.log.1 (deleted)
rsyslogd    960  963 in:imklog       root   18w      REG              254,5  38313984        341 /var/log/cron.log.1 (deleted)
rsyslogd    960  964 in:imfile       root   12w      REG              254,5 493060096        137 /var/log/daemon.log.1 (deleted)
rsyslogd    960  964 in:imfile       root   13w      REG              254,5  17715200        110 /var/log/messages.1 (deleted)
rsyslogd    960  964 in:imfile       root   16w      REG              254,5 545968128        342 /var/log/auth.log.1 (deleted)
rsyslogd    960  964 in:imfile       root   18w      REG              254,5  38313984        341 /var/log/cron.log.1 (deleted)
rsyslogd    960  965 in:imudp        root   12w      REG              254,5 493060096        137 /var/log/daemon.log.1 (deleted)
rsyslogd    960  965 in:imudp        root   13w      REG              254,5  17715200        110 /var/log/messages.1 (deleted)
rsyslogd    960  965 in:imudp        root   16w      REG              254,5 545968128        342 /var/log/auth.log.1 (deleted)
rsyslogd    960  965 in:imudp        root   18w      REG              254,5  38313984        341 /var/log/cron.log.1 (deleted)
rsyslogd    960  966 rs:main         root   12w      REG              254,5 493060096        137 /var/log/daemon.log.1 (deleted)
rsyslogd    960  966 rs:main         root   13w      REG              254,5  17715200        110 /var/log/messages.1 (deleted)
rsyslogd    960  966 rs:main         root   16w      REG              254,5 545968128        342 /var/log/auth.log.1 (deleted)
rsyslogd    960  966 rs:main         root   18w      REG              254,5  38313984        341 /var/log/cron.log.1 (deleted)
```
workaround: restarting rsyslog to release the space.
```
systemctl restart rsyslog
```
The root cause is, the following command does not work in 4.15 template
```
root@r-10-VM:~# invoke-rc.d rsyslog rotate
[FAIL] Closing open files: rsyslogd failed!
```
Fix: use `/usr/lib/rsyslog/rsyslog-rotate` instead
```
root@r-10-VM:~# /usr/lib/rsyslog/rsyslog-rotate
root@r-10-VM:~# cat /usr/lib/rsyslog/rsyslog-rotate
if [ -d /run/systemd/system ]; then
    systemctl kill -s HUP rsyslog.service
else
    invoke-rc.d rsyslog rotate > /dev/null
fi
``` 
						
						
					 
					
						2021-04-01 14:30:58 +05:30 
						 
				 
			
				
					
						
							
							
								Wei Zhou 
							
						 
					 
					
						
						
							
							
						
						
						
							
						
						
							dc5b9ec7c8 
							
						 
					 
					
						
						
							
							systemvm: remove logrotate config for wtmp and btmp ( #4872 )  
						
						... 
						
						
						
						logrotate in systemvms run every day. it exits with failure.
```
root@r-100-VM:~# systemctl status logrotate
● logrotate.service - Rotate log files
   Loaded: loaded (/lib/systemd/system/logrotate.service; static; vendor preset: enabled)
   Active: failed (Result: exit-code) since Thu 2021-03-23 00:00:01 UTC; 2 days ago
     Docs: man:logrotate(8)
           man:logrotate.conf(5)
  Process: 25001 ExecStart=/usr/sbin/logrotate /etc/logrotate.conf (code=exited, status=1/FAILURE)
 Main PID: 25001 (code=exited, status=1/FAILURE)
Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable.
```
it is because the logrotate for wtmp and btmp already exist in 4.15 systemvm template.
```
root@r-100-VM:~# cat /etc/logrotate.d/wtmp
/var/log/wtmp {
    missingok
    monthly
    create 0664 root utmp
    minsize 1M
    rotate 1
}
root@r-100-VM:~# cat /etc/logrotate.d/btmp
/var/log/btmp {
    missingok
    monthly
    create 0660 root utmp
    rotate 1
}
```
remove them from /etc/logrotate.conf fixes the issue.
```
root@r-100-VM:~# systemctl status logrotate
● logrotate.service - Rotate log files
   Loaded: loaded (/lib/systemd/system/logrotate.service; static; vendor preset: enabled)
   Active: inactive (dead) since Thu 2021-03-25 00:00:01 UTC; 9h ago
     Docs: man:logrotate(8)
           man:logrotate.conf(5)
  Process: 28211 ExecStart=/usr/sbin/logrotate /etc/logrotate.conf (code=exited, status=0/SUCCESS)
 Main PID: 28211 (code=exited, status=0/SUCCESS)
Mar 25 00:00:01 r-100-VM systemd[1]: Starting Rotate log files...
Mar 25 00:00:01 r-100-VM systemd[1]: logrotate.service: Succeeded.
Mar 25 00:00:01 r-100-VM systemd[1]: Started Rotate log files.
``` 
						
						
					 
					
						2021-04-01 12:51:17 +05:30