CLOUDSTACK-9669:egress destination cidr VR python script changes
CLOUDSTACK-9669:egress destination API and orchestration changes
CLOUDSTACK-9669: Added the ipset package in systemvm template
CLOUDSTACK-9669:Added licence header for new files
CLOUDSTACK-9669: replacing 0.0.0.0/0 with the network cidr
ipset member add with 0.0.0.0/0 fails. So 0.0.0.0/0 replaced with the network cidr.
In source cidr 0.0.0.0/0 is nothing but network cidr.
updated the default egress all cidr with network cidr
This fixes the agreed upon url on download.cloudstack.org in various
sql files and misc scripts.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
- commented some occurences of cloud.com as being harmless
* examples
* identifiers (internal)
- changed the URL for vhd-util download
- changed comments from 'cloud.com' to 'Apache CloudStack'
This removes nic/network specific details while exporting the systemvmtemplate
for vmware (ova file). Having this causes the ssvms to not deploy in
dvswitch-based vmware environments that have no vswitch portgroups (dummy etc).
Tested this on a local Trillian env.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
- Switches Travis to use jdk1.8
- Changes java-version to 1.8
- Change jdk/maven version to 1.8
- Switch to F5/java8 compatible library release
- Switch packaging to use jdk 1.8, and jre 1.8 in init/systemd scripts
- Switch systemvm to openjdk-8-jre
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
This commit adds a additional VirtIO channel with the name
'org.qemu.guest_agent.0' to all Instances.
With the Qemu Guest Agent the Hypervisor gains more control over the Instance if
these tools are present inside the Instance, for example:
* Power control
* Flushing filesystems
* Fetching Network information
In the future this should allow safer snapshots on KVM since we can instruct the
Instance to flush the filesystems prior to snapshotting the disk.
More information: http://wiki.qemu.org/Features/QAPI/GuestAgent
Keep in mind that on Ubuntu AppArmor still needs to be disabled since the default
AppArmor profile doesn't allow libvirt to write into /var/lib/libvirt/qemu
This commit does not add any communication methods through API-calls, it merely
adds the channel to the Instances and installs the Guest Agent in the SSVMs.
With the addition of the Qemu Guest Agent channel a second channel appears in /dev
on a SSVM as a VirtIO port.
The order in which the ports are defined in the XML matters for the naming inside
the SSVM VM and by not relying on /dev/vportXX but looking for a static name the
SSVM still boots properly if the order in the XML definition is changed.
A SSVM with both ports attached will have something like this:
root@v-215-VM:~# ls -l /dev/virtio-ports
total 0
lrwxrwxrwx 1 root root 11 May 13 21:41 org.qemu.guest_agent.0 -> ../vport0p2
lrwxrwxrwx 1 root root 11 May 13 21:41 v-215-VM.vport -> ../vport0p1
root@v-215-VM:~# ls -l /dev/vport*
crw------- 1 root root 251, 1 May 13 21:41 /dev/vport0p1
crw------- 1 root root 251, 2 May 13 21:41 /dev/vport0p2
root@v-215-VM:~#
In this case the SSVM port points to /dev/vport0p1, but if the order in the XML
is different it might point to /dev/vport0p2
By looking for a portname with a pre-defined pattern in /dev/virtio-ports we
do not rely on the order in the XML definition.
Signed-off-by: Wido den Hollander <wido@widodh.nl>
- Update base debian iso to version 7.11
- Upgrade ruby version to 2.3.0 (latest/stable)
- Fix Gemfile
- Update README
- Fix openswan pkg name with the same version
- Remove cloud-cleanup it's not available
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
- Adding keepalived installation in the right script. I added the change on the buildsystemvm.sh, which is no longer used.
Signed-off-by: wilderrodrigues <wrodrigues@schubergphilis.com>
The console-setup service brings a nice font to the console, but why would we want to use it. In most cases it takes a <10 seconds to set it up. When using nested hypervising, I found this takes much longer time that causes tests to time-out. I'd suggest turning off these services. They are not required for the services the systemvm provides.
This commit fixes a chmod issue where extracted vmdk file is not readable by all
users/groups. The other improvement is to use ovftool to build systemvm template
for vmware if it's available. This is based on a dev ML discussion and a suggested
approach by Ilya: http://markmail.org/message/kntsetgxdbppfh22
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
/var/log fills up /var and fails operation of normal services. This fix
restricts /var/log to 100-200M. The fix for CLOUDSTACK-6885 tries to make sure
we don't keep a lot of logs.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Replace chef with a python script
configure.py will read the bags and (hopefully) create the desired state
At this stage this is ipassociation
This code should work for both VR and VPCrs
TODO:
iptables
ip route throw (present in VR but not in VPCr
Determine default route
Unit tests
----
Author: Ian Southam <isoutham@schubergphilis.com>
First commit towards moving systemvm to chef based configuration
In this commit
1. cmdline json databag is created
2. ip association data bag is created
3. Basic chef cookbook to manage ips and routes
Conflicts:
systemvm/patches/debian/config/etc/init.d/cloud-early-config
systemvm/patches/debian/config/var/chef/cookbooks/README
tools/appliance/definitions/systemvm64template/postinstall.sh
----
Because we've refactored the systemvm template the change to
postinstall.sh now gets its own chef.sh file.
This is a plugin that puts in ovm3 support ranging from 3.3.1 to 3.3.2. Basic
functionality is in here, advanced networking etc..
Snapshots only work when a VM is stopped now due to the semantics of OVM's raw
image implementation (so snapshots should work on a storage level underneath the
hypervisor shrug)
This closes#113
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Installed flask package and removed the disk expert recipe in
system vm template to keep only one partition
Signed-off-by: Frank Zhang <frank.zhang@citrix.com>
