apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
10,311 Commits 304 Branches 324 Tags
Commit Graph

124 Commits

Author SHA1 Message Date
Alena Prokharchyk
5307d21210 DisableStaticNat: if elasticIP service is enabled for the network offering, always allocate new elastic ip and create static nat rule for it when disableStaticNat is called 2012-01-24 14:06:01 -08:00
Alena Prokharchyk
03cce245cf Fail to create vm when corresponding elastic ip failed to apply on the backend 2012-01-19 14:13:49 -08:00
Alena Prokharchyk
d4d345a587 Don't retry to re-create the vm when failed to allocate public ip 2012-01-19 14:00:07 -08:00
Alena Prokharchyk
a9e4af0866 Can't release/disable static nat for IP when the IP is elastic 2012-01-19 13:58:36 -08:00
Alena Prokharchyk
4f46c3b160 Mark ip as not elastic when disable static nat is called on it 2012-01-19 13:58:36 -08:00
Alena Prokharchyk
212c22b256 Added isElastic flag to ip address 2012-01-19 13:58:35 -08:00
Alena Prokharchyk
1d0ffc4575 EnableStaticNat for newly allocated address - if eIp is enabled, and the target vm already assigned to the ip, reassign the vm to the new ip 2012-01-19 13:58:35 -08:00
Alena Prokharchyk
6325d21c50 Get new elasticIp when releaseIpAddress is called for elasticIP of the vm 2012-01-19 13:58:35 -08:00
Alena Prokharchyk
6deeb7ddc9 Firewall service is enabled in default elb/eip network offering 
Also added more handling for error cases scenarios
 2012-01-19 13:58:35 -08:00
Alena Prokharchyk
0e8104cca1 Disassociate ip address - always allocate a new IP and enable static nat for it when elactic IP is enabled 2012-01-19 13:58:35 -08:00
Alena Prokharchyk
83400cd15f bug 12776: if there are multiple objects involved in resource creation, verify that they belong to the same account 
status 12776: resolved fixed
 2012-01-17 13:40:37 -08:00
Alena Prokharchyk
f0c4980dff bug 13110: use Ternary data structure when build search criteria 
status 13110: resolved fixed
 2012-01-16 14:15:28 -08:00
kishan
474543d623 Bug 10284: Throw exception instead of returnning false for firewall API commands 
Status 10284: resolved fixed
Reviewed-By: Nitin
 2012-01-12 19:03:34 +05:30
Alena Prokharchyk
e6080436cf bug 12926: fixed regression in enableStaticNat code introduced by preserve ip fix 2012-01-10 12:17:13 -08:00
Alena Prokharchyk
c581506103 bug 12306: list* command revamp 2012-01-09 10:07:42 -08:00
Sheng Yang
89ca2fe48e bug 12656: Add restriction for network update and new rules 
status 12656: resolved fixed
 2012-01-05 21:08:41 -08:00
Alena Prokharchyk
4f54b5e9d3 Fixed error message 2011-11-21 17:53:40 -08:00
Edison Su
b2a5e26c06 bug 10792: add default system wide firewall rule 
status 10792: resolved fixed
 2011-11-15 16:51:30 -08:00
Alex Huang
f6fcaa49ec Merge complete except for virtualnetworkappliancemanager 2011-11-10 15:18:16 -08:00
alena
3a845d2d75 Keep Service/Provider map per network as well as per networkOffering (to handle the case when there are multiple providers defined for the same service in the network offering, and only one is picked when the network is created) 2011-11-07 16:16:03 -08:00
alena
17a7b7cda4 listNetworkOfferings: added an ability to filter based on the Services supported 2011-11-07 10:53:28 -08:00
Nitin
62e89dc132 bug 11778: Make sure that there exist no PF/LB rules before enabling static nat on an ip and vice versa. Reviewed by - Jana 
status 11778: resolved fixed
 2011-11-07 17:11:15 +05:30
Nitin
0d1f89f507 bug 10530: Add vmid in the logs 2011-10-28 23:36:07 +05:30
alena
95bac58076 Cleanup firewall/pf/lb/vpn rules as a part of networkShutdown 2011-10-26 18:00:22 -07:00
alena
525a0a7675 1)Changed implementation for restart network: call shutdown/implement methods as a part of it 
2)Re-apply all existing firewall rules as a part of implement call. TODO: Cleanup all existing rules from the backend (leave them in the DB) as a part of shutdown call
 2011-10-25 18:24:24 -07:00
alena
6379c9c61e Return false when failed to apply the rules on the backend 2011-10-24 17:55:04 -07:00
alena
f6717e0a23 1) Method name change 
2) Rely on SourceNatService when decide if DirectNetworkGuru and GuestNetworkGuru should handle the network
 2011-10-24 17:30:14 -07:00
alena
1e684beca5 bug 11744: remove firewall rules before removing statis nat rules as a part of disableStaticNat call 
status 11744: resolved fixed
 2011-10-21 17:21:09 -07:00
alena
25c2734e03 More stuff to Projects feature - added support for adding resources (vms, templates, isos) to the project 2011-10-05 13:24:25 -07:00
alena
10308d1ea6 bug 11555: Fixed NPE happening during LB rule cleanup in case when createLB fails 
status 11555: resolved fixed

Reviewed-by: frank@cloud.com

Conflicts:

	server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
 2011-09-23 11:02:19 -07:00
alena
a1cab92ae1 bug 11537: revoke related FirewallRules when do vmExpunge and ipAddress release. 
status 11537: resolved fixed

Reviewed-by: edison@cloud.com

Conflicts:

	server/src/com/cloud/network/firewall/FirewallManagerImpl.java
	server/src/com/cloud/vm/UserVmManagerImpl.java
 2011-09-22 14:01:02 -07:00
alena
a1331d1cfc Intermidiate checkin to Project feature: 
1) Introduce new managers - ProjectManager and DomainManager. Moved all domain related code from AccountManager to DomainManager.
2) Moved some code from ManagementServerImpl to the correct managers.
3) New resource limit for Domain - Project
 2011-09-20 18:35:28 -07:00
alena
8c53dbcdd7 bug 11185: support multiple CIDR on overlapping port ranges for firewall rules 
status 11185: resolved fixed

Conflicts:

	server/src/com/cloud/network/firewall/FirewallManagerImpl.java

Conflicts:

	api/src/com/cloud/network/firewall/FirewallService.java
	server/src/com/cloud/network/firewall/FirewallManagerImpl.java
	server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
	server/src/com/cloud/network/rules/RulesManagerImpl.java
 2011-08-25 12:21:11 -07:00
alena
e3f179844e bug 11236: domainAdmin/regularUser can edit/delete/copy/extract Public template/iso only if it was created by them. They still can use/see public template/iso when execute list/deploy/attachIso commands. Root admin can operate with other people templates w/o any restrictions. 
status 11236: resolved fixed
 2011-08-24 14:48:35 -07:00
alena
8a7feb8ec1 Merge branch '2.2.y' 
Conflicts:
	agent/src/com/cloud/agent/resource/computing/LibvirtComputingResource.java
	api/src/com/cloud/agent/api/routing/LoadBalancerConfigCommand.java
	api/src/com/cloud/agent/api/to/FirewallRuleTO.java
	api/src/com/cloud/agent/api/to/IpAddressTO.java
	api/src/com/cloud/agent/api/to/PortForwardingRuleTO.java
	api/src/com/cloud/api/ApiConstants.java
	api/src/com/cloud/api/BaseCmd.java
	api/src/com/cloud/api/ResponseGenerator.java
	api/src/com/cloud/api/commands/CreateFirewallRuleCmd.java
	api/src/com/cloud/api/commands/CreateIpForwardingRuleCmd.java
	api/src/com/cloud/api/commands/CreateLoadBalancerRuleCmd.java
	api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java
	api/src/com/cloud/api/commands/DeleteLoadBalancerRuleCmd.java
	api/src/com/cloud/api/commands/ListCapabilitiesCmd.java
	api/src/com/cloud/api/commands/UpdateNetworkCmd.java
	api/src/com/cloud/api/response/CapabilitiesResponse.java
	api/src/com/cloud/network/Network.java
	api/src/com/cloud/network/NetworkService.java
	api/src/com/cloud/network/firewall/FirewallService.java
	api/src/com/cloud/network/lb/LoadBalancingRule.java
	api/src/com/cloud/network/lb/LoadBalancingRulesService.java
	api/src/com/cloud/network/rules/FirewallRule.java
	api/src/com/cloud/network/rules/RulesService.java
	api/src/com/cloud/offering/NetworkOffering.java
	client/tomcatconf/commands.properties.in
	cloud.spec
	core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
	core/src/com/cloud/hypervisor/xen/resource/CitrixHelper.java
	core/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
	core/src/com/cloud/storage/template/DownloadManagerImpl.java
	core/src/com/cloud/vm/DomainRouterVO.java
	debian/cloud-deps.install
	patches/systemvm/debian/config/etc/init.d/cloud-early-config
	patches/systemvm/debian/config/root/ipassoc.sh
	patches/systemvm/debian/config/root/loadbalancer.sh
	scripts/vm/hypervisor/kvm/rundomrpre.sh
	scripts/vm/hypervisor/xenserver/vmops
	server/src/com/cloud/agent/manager/AgentAttache.java
	server/src/com/cloud/agent/manager/AgentManagerImpl.java
	server/src/com/cloud/agent/manager/AgentMonitor.java
	server/src/com/cloud/agent/manager/ClusteredAgentManagerImpl.java
	server/src/com/cloud/alert/ClusterAlertAdapter.java
	server/src/com/cloud/api/ApiResponseHelper.java
	server/src/com/cloud/api/ApiServer.java
	server/src/com/cloud/cluster/ClusterManagerImpl.java
	server/src/com/cloud/configuration/Config.java
	server/src/com/cloud/configuration/ConfigurationManager.java
	server/src/com/cloud/configuration/ConfigurationManagerImpl.java
	server/src/com/cloud/configuration/DefaultComponentLibrary.java
	server/src/com/cloud/deploy/FirstFitPlanner.java
	server/src/com/cloud/ha/HighAvailabilityManagerImpl.java
	server/src/com/cloud/host/dao/HostDaoImpl.java
	server/src/com/cloud/hypervisor/xen/discoverer/XcpServerDiscoverer.java
	server/src/com/cloud/network/LoadBalancerVO.java
	server/src/com/cloud/network/NetworkManager.java
	server/src/com/cloud/network/NetworkManagerImpl.java
	server/src/com/cloud/network/dao/FirewallRulesDao.java
	server/src/com/cloud/network/dao/FirewallRulesDaoImpl.java
	server/src/com/cloud/network/element/DhcpElement.java
	server/src/com/cloud/network/element/VirtualRouterElement.java
	server/src/com/cloud/network/firewall/FirewallManagerImpl.java
	server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java
	server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
	server/src/com/cloud/network/rules/FirewallManager.java
	server/src/com/cloud/network/rules/FirewallRuleVO.java
	server/src/com/cloud/network/rules/PortForwardingRuleVO.java
	server/src/com/cloud/network/rules/RulesManagerImpl.java
	server/src/com/cloud/network/rules/StaticNatRuleImpl.java
	server/src/com/cloud/network/security/SecurityGroupListener.java
	server/src/com/cloud/network/security/SecurityGroupManagerImpl.java
	server/src/com/cloud/offerings/NetworkOfferingVO.java
	server/src/com/cloud/server/ConfigurationServerImpl.java
	server/src/com/cloud/server/ManagementServerImpl.java
	server/src/com/cloud/storage/StorageManager.java
	server/src/com/cloud/storage/StorageManagerImpl.java
	server/src/com/cloud/storage/dao/VMTemplateHostDaoImpl.java
	server/src/com/cloud/storage/download/DownloadMonitorImpl.java
	server/src/com/cloud/upgrade/DatabaseUpgradeChecker.java
	server/src/com/cloud/upgrade/dao/Upgrade228to229.java
	server/src/com/cloud/upgrade/dao/Upgrade229to2210.java
	server/src/com/cloud/user/AccountManagerImpl.java
	server/src/com/cloud/vm/UserVmManagerImpl.java
	server/src/com/cloud/vm/VirtualMachineManagerImpl.java
	server/src/com/cloud/vm/dao/DomainRouterDao.java
	server/src/com/cloud/vm/dao/DomainRouterDaoImpl.java
	setup/db/create-index-fk.sql
	setup/db/create-schema.sql
	setup/db/db/schema-222to224.sql
	setup/db/db/schema-227to228.sql
	setup/db/db/schema-228to229.sql
	setup/db/db/schema-229to2210.sql
	tools/testClient/README
	ui/scripts/cloud.core.instance.js
	utils/src/com/cloud/utils/SerialVersionUID.java
	utils/src/com/cloud/utils/db/ConnectionConcierge.java
	utils/src/com/cloud/utils/db/Merovingian2.java
	utils/src/com/cloud/utils/db/Transaction.java
	utils/src/com/cloud/utils/nio/Link.java
	utils/src/com/cloud/utils/nio/NioConnection.java
	utils/src/com/cloud/utils/time/InaccurateClock.java
 2011-08-22 20:28:30 -07:00
alena
05713a20e8 bug 11114: when release static nat as a part of vm expunge, do searchIncludingRemoved in nics table as the nics are marked as Removed before static nat is released 
status 11114: resolved fixed
 2011-08-15 10:18:45 -07:00
alena
d8a9612ef7 Remove firewall rule along with pf/staticNat/lb rule if the pf/staticNat/lb failed to create due to network rule conflict 2011-08-15 10:18:44 -07:00
alena
803255b0ba bug 11029: db upgrade from 2.2.9 to 2.2.10 includes firewall_rule upgrade now 
status 11029: resolved fixed

Commit also includes the following:

* map firewall rule to pf/lb/staticNat/vpn when the firewall rule is created as a part of pf/lb/staticNat/vpn rule creation
* when delete firewall rules, also delete related firewall rule
 2011-08-15 10:18:09 -07:00
Chiradeep Vittal
51af0db682 mass merge 2.2.10 2011-08-11 16:41:52 -07:00
alena
5080e8ba33 No need to apply static nat for ip which is not static nat enabled 2011-08-11 16:00:16 -07:00
alena
477e5d6389 bug 10561: reapply static nat on the backend as a part of domR restart and network restart 2011-08-11 11:19:09 -07:00
alena
278f2a401f bug 10561: intermediate checkin for enable/disableStaticNat. 
1) On enableStaticNat command we actually send the command to the backend (we used to just upgrade the DB in the past). The backend command carries sourceIp and destIp, and creates IP to IP mapping on the domR.
2) On disableStaticNat for the Ip address in addition to cleaning up port ranges, we also delete IP to IP mapping on the domR.
 2011-08-11 10:19:22 -07:00
alena
fe3dd44bec ICMP protocol is supported in createFirewallRule command only; throw an error if specified in createPF/StaticNat/LB rule 2011-08-10 12:56:25 -07:00
alena
32b53351ff Fixed response processing in createFirewallRule command 2011-08-10 11:36:34 -07:00
Abhinandan Prateek
949ad3f4c4 bug 10561: readding source cidr changes to firewall rules 2011-08-10 13:55:37 +05:30
Abhinandan Prateek
9bba09857e bug 10561: readding source cidr changes to firewall rules 2011-08-10 13:52:42 +05:30
alena
56d5054e39 Revert "bug 10561: Allowing ICMP traffic through static NAT" 
This reverts commit 5e74e24bb359456967866cb2c6cc0f6f73570f97.

Conflicts:

	server/src/com/cloud/network/rules/RulesManagerImpl.java
 2011-08-09 15:51:57 -07:00
alena
6b9603bc4c bug 10561: intermidiate checkin for FirewallRuleFeature 
1) Added new apis: createFirewallRule, deleteFirewallRule, listFirewallRules
2) Modified existing apis - added boolean openFirewall parameter to createPortForwardingRule/createIpForwardingRule/createRemoteAccessVpn. If parameter is set to true, open firewall on the domR before creating an actual PF rule there
Modified backend calls appropriately.
3) Schema changes for firewall_rules table:
* startPort/endPort can be null now
* added icmp_type, icmp_code fields (can be not null only when protocol is icmp)
4) Added new manager - FirewallManagerImpl

Conflicts:

	api/src/com/cloud/api/BaseCmd.java
	client/tomcatconf/commands.properties.in
	server/src/com/cloud/api/ApiResponseHelper.java
	server/src/com/cloud/configuration/DefaultComponentLibrary.java
	server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
	server/src/com/cloud/network/rules/RulesManagerImpl.java
 2011-08-09 15:51:56 -07:00
Abhinandan Prateek
311afeae23 bug 10731: reverting back source cidr changes for loadbalancer and portforwarding 2011-08-09 16:01:48 +05:30
alena
06d007337a bug 10561: intermidiate checkin for FirewallRuleFeature 
1) Added new apis: createFirewallRule, deleteFirewallRule, listFirewallRules
2) Modified existing apis - added boolean openFirewall parameter to createPortForwardingRule/createIpForwardingRule/createRemoteAccessVpn. If parameter is set to true, open firewall on the domR before creating an actual PF rule there
Modified backend calls appropriately.
3) Schema changes for firewall_rules table:
* startPort/endPort can be null now
* added icmp_type, icmp_code fields (can be not null only when protocol is icmp)
4) Added new manager - FirewallManagerImpl
 2011-08-08 20:59:40 -07:00