$1 is "2" during package upgrade in %post section, this fixes the
handling of $1 as per https://fedoraproject.org/wiki/Packaging:Scriptlets
This improves handling of $1 during %post upgrade step. Some of the
command/code are idempotent such as enabling and starting a service
and can be run without any $1 checks.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
This enables the firewall/mangle tables rules to ACCEPT instead of RETURN, which
is the same behaviour as observed in ACS 4.5. By accepting the traffic, guest
VMs will be able to communicate tcp traffic between each other over snat public
IPs.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
This removes username and passwords details from the listClusters
response. The details are usually seen in VMware environments only.
With dynamic roles features, the listClusters API may be provided
to a read-only root-admin user role/type which should not be able to get
the credentials.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Libvirt / Qemu (KVM) does not collect statistics about these either.
On some systems it might even yield a 'internal error' from libvirt
when attempting to gather block statistics from such devices.
For example Ubuntu 16.04 (Xenial) has a issue with this.
Skip them when looping through all devices.
Signed-off-by: Wido den Hollander <wido@widodh.nl>
The 'force' option provided with the stopVirtualMachine API command is
often assumed to be a hard shutdown sent to the hypervisor, when in fact
it is for CloudStacks' internal use. CloudStack should be able to send
the 'hard' power-off request to the hosts.
When forced parameter on the stopVM API is true, power off (hard shutdown)
a VM. This uses initial changes from #1635 to pass the forced parameter
to hypervisor plugin via the StopCommand, and fixes force stop (poweroff)
handling for KVM, VMware and XenServer.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
CLOUDSTACK-9792: Add upgrade path for 4.9.3.0
This adds an upgrade path from 4.9.2.0 to 4.9.3.0, this also includes
changes from PR #1928 that adds missing hypervisor capability in
4.9/4.10+. This also fixes a db-cleanup path sequence issues, with that
puts 4.10 after 4.1.0, and before 4.2.0.
Once validated I can help merge this on master, since this will cause
merge conflicts on fwd-merging.
Ping - @syed @karuturi @borisstoyanov @DaanHoogland @abhinandanprateek
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
- do not keep passwords in databag (/etc/cloudstack/vmpasswd.json)
- process only the password we get in (vm_password.json) from mgt server
- lookup the correct passwd server instead of adding passwd to all of them
Example:
- 4 tiers and 199 VMs running
- Start vm 200 would cause new passwd from vm_password.json (1) to be merged with /etc/cloudstack/vmpasswd.json (199)
- A curl command was exected foreach password (200) foreach tier (4) resulting in 800 calls
- In fact, since passwds are never cleaned it could very well be even more as the ip address was the key in the json file so until the ip address was reused the original password would remain and be sent to passwd server every time another vm starts.
- This took ~40 seconds
Now we just figure out the right tier and only process the new password resulting in a single curl call.
- takes 0,03 seconds!
When sending the DHCP offerings to the VRs this setting wasn't read properly which made
it default to 'all'.
This causes all DHCP offerings to be send to all VRs instead of just those in the POD.
As VR provisioning can be very time consuming this can drastically reduce deployment time
of the VR.
Signed-off-by: Wido den Hollander <wido@widodh.nl>
This fixes log4j xml to have @AGENTLOG@ replaced with values defined
in build/replace.properties.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
HostStats returns cpu usage in percentage while memory usage in bytes.
This fixes a regression in maximum CPU usage deviation that did not
assume the values to be in percentage and multiple the final ratios
with 100 which leads to 100x the actual deviation value.
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
Ldap auto creation of accounts is broken due to the security fix for
CLOUDSTACK-9369.
There was an explicit check to not allow login incase the
user doesnt exist. removed the same.
