277 Commits

Author SHA1 Message Date
Rajani Karuturi
1decf5366d Merge release branch 4.9 to master
* 4.9:
  CLOUDSTACK-9765: centos: packaging: fix missing path in spec file post install
2017-03-15 10:52:14 +05:30
Rene Moser
bcc6b4fbaf CLOUDSTACK-9765: centos: packaging: fix missing path in spec file post install 2017-02-02 15:56:55 +01:00
Wido den Hollander
84e496b4f9
CLOUDSTACK-676: IPv6 Basic Security Grouping for KVM
This commit implements basic Security Grouping for KVM in
Basic Networking.

It does not implement full Security Grouping yet, but it does:
- Prevent IP-Address source spoofing
- Allow DHCPv6 clients, but disallow DHCPv6 servers
- Disallow Instances to send out Router Advertisements

The Security Grouping allows ICMPv6 packets as described by RFC4890
as they are essential for IPv6 connectivity.

Following RFC4890 it allows:
- Router Solicitations
- Router Advertisements (incoming only)
- Neighbor Advertisements
- Neighbor Solicitations
- Packet Too Big
- Time Exceeded
- Destination Unreachable
- Parameter Problem
- Echo Request

ICMPv6 is a essential part of IPv6, without it connectivity will break or be very
unreliable.

For now it allows any UDP and TCP packet to be send in to the Instance which
effectively opens up the firewall completely.

Future commits will implement Security Grouping further which allows controlling UDP and TCP
ports for IPv6 like can be done with IPv4.

Regardless of the egress filtering (which can't be done yet) it will always allow outbound DNS
to port 53 over UDP or TCP.

Signed-off-by: Wido den Hollander <wido@widodh.nl>
2017-01-26 15:36:08 +01:00
Rohit Yadav
e6cc78f531 CLOUDSTACK-9710: Switch to JRE1.8
- Switches Travis to use jdk1.8
- Changes java-version to 1.8
- Change jdk/maven version to 1.8
- Switch to F5/java8 compatible library release
- Switch packaging to use jdk 1.8, and jre 1.8 in init/systemd scripts
- Switch systemvm to openjdk-8-jre

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2017-01-11 14:04:03 +05:30
Rohit Yadav
3fa461693c
Merge branch '4.9' 2016-11-09 14:54:20 +05:30
Rohit Yadav
cf825eb044 systemd: Fix semicolon missing in b75e69
While forward merging PR #1728, and resolving merge issues a semi-colon was
not added causing cloudstack-agent to fail to start. This fixes the
issue of running agent on centos7.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-11-09 14:44:01 +05:30
Rohit Yadav
0a2798c6be
Merge branch '4.9' 2016-11-02 23:12:28 +05:30
Rohit Yadav
b75e695815
Merge pull request #1728 from shapeblue/4.9_9551
CLOUDSTACK-9551: Move java tmp dir to cloudstack-agent's path to avoidMove java tmp dir to cloudstack-agent's path to avoid noexec on /tmp

* pr/1728:
  CLOUDSTACK-9551: Move java tmp dir to cloudstack-agent's path to avoid noexec on /tmp

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-11-02 23:10:39 +05:30
Abhinandan Prateek
bd85e5b4da CLOUDSTACK-9551: Move java tmp dir to cloudstack-agent's path to avoid
noexec on /tmp
2016-10-25 10:55:56 +05:30
Rohit Yadav
16913a9822 CLOUDSTACK-9842: Make UI JSP Free
We use some JSP file just for translation of strings in the UI. This is
achievable purely in JavaScript. This removes those JSPs, simplifies
translation usage and workflow (purely JS based). The l10n js (dictionary)
files are generated from existing messages.properties files during client-ui
code generation phase.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-09-28 12:26:43 +05:30
Milamber
8463fb153a In comment, Add missing packages for Docker Ubuntu builds 2016-09-04 09:34:15 +01:00
Rohit Yadav
0671a80972
Merge pull request #1621 from milamberspace/FixPR1610_addLineReturn
[CLOUDSTACK-9444] Fix a little issue from PR1610 if the db.properties file hasn't EOL character at the end of file

And some improvements about the dir/file using variables

cc @wido @rhtyd

* pr/1621:
  Fix a little issue from PR1610 if the db.properties file hasn't EOL character at the end of file And some improvements about the dir/file using variables

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-08-30 18:32:09 +05:30
Milamber
6051fa503a Fix a little issue from PR1610 if the db.properties file hasn't EOL character at the end of file
And some improvements about the dir/file using variables
2016-08-30 08:29:06 +01:00
Rohit Yadav
c8a52c94d2 CLOUDSTACK-9462: Refactor systemd scripts
Refactors and unifies usage of systemd script and default files across
CentOS and Ubuntu/Debian packaging system.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-08-26 15:19:58 +05:30
Wido den Hollander
142772d524 CLOUDSTACK-9462: Systemd support for Ubuntu 16.04
- systemd: Add a /etc/sysconfig/cloudstack-* file

  This allows users to easily override variables passed to Java when
  starting up.

  It also creates a foundation for sharing the systemd service profile
  between CentOS and Ubuntu since it only requires the environment file
  to be changed.

- deb: Add Ubuntu 16.04 support

  Ubuntu 16.04 differs from Ubuntu 14.04 in a few ways:
  - systemd instead of sysvinit / upstart
  - Java 8 support

  The packaging now detects on which distribution it is being
  build and based on that it installs different files in the
  packages, but it also changes the Dependencies.

  Packages for Ubuntu 16.04 will require Java 8 as a JRE

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-08-25 14:18:51 +05:30
Rohit Yadav
d6e904520b Merge branch '4.8' into 4.9 2016-08-24 13:04:25 +05:30
Rohit Yadav
8cd44b1684 CLOUDSTACK-9467: Add symlink to key file for usage server
On fresh installation, the usage server fails to start if the `key` file does
not exist in its classpath. The issue is reproducible in environments where
the usage server is installed before cloudstack-setup-databases has been called.
Before the cloudstack db has been setup, the key file does not exist at its
default location and installation of usage-server fails to add a symlink to the
key file.

This fix adds a default symlink to `/etc/cloudstack/management/key` if a
symlink/file does not already exist in the /etc/cloudstack/usage directory.

On new installation, in the post-installation steps it checks if the symlink
or file exists, and adds a symlink if it does not exist. On existing
installations, if symlink or file exists then it will skip adding symlink.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-08-23 17:20:41 +05:30
Rohit Yadav
7b8ba24c64 CLOUDSTACK-9452: add python-argparse dependency on el6,7 rpms
The patchviasocket script was rewritten in Python from PR #1533 and made
assumptions that Python 2.7 would be available. In case of CentOS, python 2.7
may not be available or installed. This change ensures that python-argparse
is installed which is used by this script.

Expose cmd error in the logs when patch command fails.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-08-10 16:25:17 +05:30
Rajani Karuturi
c03d035c8b Merge release branch 4.8 to 4.9
* 4.8:
  server: give more memory to tests
  packaging: Marvin and integration-tests packages
2016-08-05 14:30:45 +05:30
Rohit Yadav
de041df74d packaging: Marvin and integration-tests packages
This introduces two new cloudstack packages: marvin and integration-tests.
The two packages will make it easier for CI systems to install Marvin for a
specific cloudstack release/build and run integration tests that are specific
for that version/build.

- maven: add explicit juniper-contrail-api maven repository
- marvin: build source distribution for both install and package mvn phases

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-07-20 16:31:23 +05:30
Wido den Hollander
343ea6098e
packaging: Add db.X.driver=jdbc:mysql to db.properties on upgrade
This is required afther the upgrade to 4.9.0 and for convience we
add this to the configuration so our users do not have to.
2016-07-12 10:13:23 +02:00
Nick Livens
02c5d44f0b Dynamic loading of DB driver + support for other DB providers 2016-05-23 15:50:28 +02:00
Rohit Yadav
20638caaa4 packaging: don't bundle systemvm.zip in rpms
Removes bundling of systemvm.zip in cloudstack-common rpms. This is not
done in debian packaging either there we remove for rpms as well, as this
file is not used by any subsystem but systemvm.iso is used.

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-05-19 10:12:48 +05:30
Rohit Yadav
07dcac7373 packaging: backup commands.properties as it does not exist in new rpms
In case of rpms, the commands.properties file is bundled at
/usr/share/cloudstack-management/webapps/client/WEB-INF/classes/commands.properties

In case of a rpm upgrade, new rpms won't ship with commands.properties file. For
existing installations this copies the commands.properties file to
/etc/cloudstack/management

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-05-19 09:56:46 +05:30
Paul Angus
11e3582fdf Remove extraneous log directory and add catalina.out log rotation 2016-05-12 08:41:39 +01:00
Will Stevens
d2a95b4c69 Merge pull request #1054 from wido/CLOUDSTACK-8818
CLOUDSTACK-8818: Use MySQL native connector with PythonMySQLdb has been deprecated and is also not supported in Python 3.

mysql.connector is a connector written in Python which talks the
native MySQL protocol without any external code.

https://dev.mysql.com/doc/connector-python/en/

* pr/1054:
  CLOUDSTACK-8818: Use MySQL native connector with Python

Signed-off-by: Will Stevens <williamstevens@gmail.com>
2016-05-10 23:54:23 -04:00
Will Stevens
bbfd69fbca Merge pull request #1428 from myENA/mysqlhapatch
Addresses CLOUDSTACK-9300 where the MySQL HA StaticStrategy class fai

* pr/1428:
  Addresses CLOUDSTACK-9300 where the MySQL HA StaticStrategy class fails to load successfully

Signed-off-by: Will Stevens <williamstevens@gmail.com>
2016-05-10 23:51:59 -04:00
Wido den Hollander
92e3ba2053 CLOUDSTACK-8818: Use MySQL native connector with Python
MySQLdb has been deprecated and is also not supported in Python 3.

mysql.connector is a connector written in Python which talks the
native MySQL protocol without any external code.

https://dev.mysql.com/doc/connector-python/en/
2016-05-04 23:28:52 +02:00
Will Stevens
b8286548b1 Merge pull request #1433 from Slair1/patch-1
CLOUDSTACK-9305: Cloudstack Usage Breaks if DB HA enabledWith DB HA enabled in db.properties, the cloudstack-usage service restarts every 10 seconds.  Making the suggested change has fixed it for me.  Cloudstack 4.8 on Centos7

* pr/1433:
  Cloudstack Usage Breaks if DB HA enabled

Signed-off-by: Will Stevens <williamstevens@gmail.com>
2016-05-04 10:24:52 -04:00
Will Stevens
e762e27054 Merge pull request #1409 from davidamorimfaria/CLOUDSTACK-9283
CLOUDSTACK-9283: add pid to java arguments in cloudstack-usage.servicecloudstack-usage fails to start throwing Integer exception during PID retrieval, and the service keeps restarting after 10s (as defined in the systemd service definition).

Adding the pid to the java arguments in the systemd service definition makes it stop looping in centos7

* pr/1409:
  CLOUDSTACK-9283: add pid to java arguments in systemd/cloudstack-usage.service

Signed-off-by: Will Stevens <williamstevens@gmail.com>
2016-04-28 16:07:08 -04:00
Slair1
6089d898d9 Cloudstack Usage Breaks if DB HA enabled
With DB HA enabled in db.properties, the cloudstack-usage service restarts every 10 seconds.  Making the suggested change has fixed it for me.  Cloudstack 4.8 on Centos7

Update cloudstack-usage.service
2016-04-07 19:45:18 -05:00
Rohit Yadav
a11f711062 systemvm: set default umask 022 in injectkeys.sh
The default umask of 0022 is set in Ubuntu and other packages. Set the same
in case of CentOS startup scripts. Use umask 022 in the injectkeys.sh script

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2016-03-14 12:21:57 +01:00
Simon Weller
c22659d76d Addresses CLOUDSTACK-9300 where the MySQL HA StaticStrategy class fails to load successfully 2016-03-04 06:53:44 -06:00
David Amorim Faria
ce180796e9 CLOUDSTACK-9283: add pid to java arguments in systemd/cloudstack-usage.service 2016-02-10 16:46:03 +01:00
Remi Bergsma
d7859ad21c Merge release branch 4.6 to master
* 4.6:
  Revert "Change references of people.apache.org to home.apache.org in the test code"
  Change references of people.apache.org to home.apache.org in the test code This closes #1123 Signed-off-by: SrikanteswaraRao Talluri <talluri@apache.org>
  CLOUDSTACK-9077 Fix injectkeys.sh to work on CentOS7
  CLOUDSTACK-9065: fix bug when creating packaging with noredist flag
2015-11-27 20:10:02 +01:00
David Amorim Faria
adb0d3bb74 CLOUDSTACK-9065: fix bug when creating packaging with noredist flag 2015-11-25 01:41:22 +01:00
Remi Bergsma
a3688e0eb5 Merge release branch 4.6 to master
* 4.6:
  CLOUDSTACK-9052 Shuffling the password to avoid having a subset of characters in fixed positions.
  Refactor package.sh:  * lint  * adjust exit codes (1 for usage, 2 for maven, 3 for rpmbuild)  * variable naming consistency  * add option for package release version  * revise synopsis and usage
2015-11-22 12:52:43 +01:00
Boris Schrijver
5c0366c99e CLOUDSTACK-9062: Improve S3 implementation.
The S3 implementation is far from finished, this commit focusses on the bases.

 - Upgrade AWS SDK to latest version.
 - Rewrite S3 Template downloader.
 - Rewrite S3Utils utility class.
 - Improve addImageStoreS3 API command.
 - Split various classes for convenience.
 - Various minor improvements and code optimalisations.

A side effect of the new AWS SDK is that it, by default, uses the V4 signature. Therefore I added an option to specify the Signer, so it stays compatible with previous versions.
2015-11-19 15:29:10 +01:00
David Amorim Faria
e66dd8c1e0 Refactor package.sh:
* lint
 * adjust exit codes (1 for usage, 2 for maven, 3 for rpmbuild)
 * variable naming consistency
 * add option for package release version
 * revise synopsis and usage
2015-11-16 19:30:25 +01:00
Remi Bergsma
ee639cffe4 Merge pull request #1052 from davidamorimfaria/centos7-packaging
CLOUDSTACK-9049: fix Centos7 with Tomcat7 packaging and python libsCLOUDSTACK-9049: Fix Centos7 with Tomcat7 packaging and python libs

* pr/1052:
  CLOUDSTACK-9049: fix Centos7 with Tomcat7 packaging and python libs * adjust library to support tomcat7 config files * adjust centos7 spec to use tomcat7 config files from deployment * add option to use tomcat7 files in management server setup
  reorder content to match original

Signed-off-by: Remi Bergsma <github@remi.nl>
2015-11-10 13:30:55 +01:00
David Amorim Faria
3c4a24cf2c CLOUDSTACK-9049: fix Centos7 with Tomcat7 packaging and python libs
* adjust library to support tomcat7 config files
* adjust centos7 spec to use tomcat7 config files from deployment
* add option to use tomcat7 files in management server setup
2015-11-10 11:55:19 +01:00
David Amorim Faria
c84bb6b725 reorder content to match original 2015-11-10 08:38:59 +01:00
Boris Schrijver
7bbc5338c5 CLOUDSTACK-9045: Corrected mount point for management server DEBIAN. 2015-11-08 20:38:47 +01:00
Remi Bergsma
acce645119 Merge pull request #1008 from davidamorimfaria/master
CLOUDSTACK-8812 / CLOUDSTACK-9010: adjust packaging for centos7

Here are a few adjustments for the packaging in centos7. With these changes I was able to start the service. Please review. Thank you.

* pr/1008:
  CLOUDSTACK-9010: adjust packaging for centos7

This closes #888

Signed-off-by: Remi Bergsma <github@remi.nl>
2015-10-31 11:55:06 +01:00
David Amorim Faria
be75b7f44c CLOUDSTACK-9010: adjust packaging for centos7
* Adjust systemd service to match tomcat7 startup,
   and change service type to simple.

 * Adjust sysconfig to only have one JAVA_OPTS
   due to behaviour change in tomcat7.

 * Adjust spec to remove some config files
   from WEB-INF since they are placed in /etc.
   This is a similar behaviour to the centos6 spec.
2015-10-31 08:47:15 +01:00
Rohit Yadav
909df859b3 CLOUDSTACK-9000: logrotate cloudstack-agent out and err logs
Adds logrotate rules for cloudstack-agent.{err,out} log files

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
2015-10-28 17:17:03 +05:30
Sudhansu
734e42d2b2 CLOUDSTACK-8815 : Issues with cloudstack-management init script
instead of using basename use target file.
2015-09-28 17:31:07 +05:30
Wido den Hollander
a5ca762acb Merge pull request #820 from wido/CLOUDSTACK-8840
CLOUDSTACK-8840: Systemd service for the Usage ServerThere already was a uncompleted systemd service file for the Usage
Server.

This new one replaces sysvinit and the old systemd service file.

* pr/820:
  CLOUDSTACK-8840: Do not include old systemd wrapper
  CLOUDSTACK-8840: Fix the source path of the service file
  CLOUDSTACK-8840: Systemd service for the Usage Server

Signed-off-by: Wido den Hollander <wido@widodh.nl>
2015-09-17 10:09:58 +02:00
Wido den Hollander
0204269b96 CLOUDSTACK-8840: Do not include old systemd wrapper 2015-09-16 13:59:52 +02:00
Wido den Hollander
2c143543b5 CLOUDSTACK-8840: Fix the source path of the service file 2015-09-15 09:33:17 +02:00