apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
28,488 Commits 304 Branches 324 Tags
Commit Graph

46 Commits

Author SHA1 Message Date
Jayapal
746a5dc48e CLOUDSTACK-8891: Fixed default iptables rules on VR for guest traffic 2015-09-24 12:49:43 +05:30
Bharat Kumar
b66dcda49f CLOUDSTACK-8799 fixed for vpc networks. 2015-09-11 14:57:32 +02:00
Bharat Kumar
1a02773b55 CLOUDSTACK-8799 fixed the defalut routes 
CLOUDSTACK-8799 made changes to fix CsRedundant.py
 2015-09-11 14:57:32 +02:00
wilderrodrigues
f5e5f4d002 CLOUDSTACK-8688 - default policies for INPUT and FORWARD should be set to DROP instead of ACCEPT 
- In order to be able to access the routers via the link local interface, we have to add a rules with NEW and ESTABLISHED state
 2015-08-31 12:43:04 +02:00
Michael Andersen
a9eb4ba5c9 Fixed defaultroute on VPC routers in CsRoute and CsAddress 
Refactored CsRoute
 2015-08-24 13:35:29 +02:00
Michael Andersen
bb93a61ee7 pep8 cleanup 2015-08-24 13:35:01 +02:00
wilderrodrigues
20be22c698 CLOUDSTACK-8616 - Removing the Priority form KeepaliveD configuration 
- We use no preempt mode with state set as EQUAL to both nodes, no need to have Priotities setup
   - Do not add IPs as comments to the configuration. If a new guest interface is added, the file will change anyway.
     - This was used in the past when keepalived would restart for each new interface added
   - Removed the long sleep form the tests: we now sleep 5 seconds per PF rule added

CLOUDSTACK-8616 - Fix keepalived.ts/2 files comparison

   - Add call to set_fault() in case of router transits to that state
   - Removing commented out code

CLOUDSTACK-8616 - Fixing check_heartbeat.sh.templ

CLOUDSTACK-8616 - Call set_fault from the check_heartbeat.sh script

Signed-off-by: wilderrodrigues <wrodrigues@schubergphilis.com>
 2015-07-16 13:14:48 +02:00
Ian Southam
b7b54f1680 Fixes to enable test to succeed. Small change to Marvin to be able to override retries 
Signed-off-by: wilderrodrigues <wrodrigues@schubergphilis.com>
 2015-07-08 11:19:12 +02:00
wilderrodrigues
cb2b9e870b Fixing the communication with VM via Public IP 
- Pub IP port forwarding and static NAT fixed for single VPCs
   - Pub IP port forwarding fixed for redundant VPCs

[wip] fix static NAT for redundant VPCs

This closes #150
 2015-04-08 16:04:55 +02:00
Ian Southam
7bfccd699b Fixed Port forwarding (DNAT/SNAT) for isolated networks 
Fixed failure on using eth10 (which CS now supports)
Refactored CSForward to us CsInterface object instead of teh way it was kludged together
Fixed hex conversion for device numbers and iptables marks
 2015-03-16 11:40:12 +01:00
Ian Southam
6fc680be71 Fixed password server respawning issue 
Some changes to isolated network acl generation
 2015-03-16 11:40:11 +01:00
Ian Southam
585f5f7000 ACL issues 
ACL order issues
Do not block multicast traffic for vrrp
Many smaller bug fixes
checkrouter provided in /opt/cloud/bin
 2015-03-16 11:40:10 +01:00
Ian Southam
c1ec5b0b16 nat rules added to incorrect interface 2015-03-16 11:40:07 +01:00
Ian Southam
baa758accc Utterley stupid 2015-03-16 11:40:06 +01:00
Ian Southam
aa6fdf853b A tab got in there somehow! 2015-03-16 11:40:05 +01:00
Ian Southam
b3da2c54c2 Add network stats for isalated networks 2015-03-16 11:40:04 +01:00
Ian Southam
57d3ffaef8 Fixed password server, fixed more firewall issues 
Fixed issues with real IP and not virtual (gateway) IP being opened on the firewall
DNS now works on the vms
 2015-03-16 11:40:03 +01:00
Ian Southam
9e82281cc1 Fixed rules for dhcp towards v, 
Fixed fw rules for a bunch of things
Bring public interface up if no tier has been defined
 2015-03-16 11:39:58 +01:00
Ian Southam
7a9a356094 Switch control interface for vrrp to guest network 
Fix rRouter that was deleting the gateway interface
 2015-03-16 11:39:57 +01:00
Ian Southam
87d4171c53 Who changed my condition! 
De Morgans laws chaps
The negation of a conjunction is the disjunction of the negations.
The negation of a disjunction is the conjunction of the negations.
 2015-03-16 11:39:56 +01:00
Ian Southam
bf6e3fa8b2 Fixed CsAddress destroying the VIP address on a redundant router 
Taken quite a bit of code out of CsRedundant
Fixed public IP in keepalived when there is no guest network
 2015-03-16 11:39:53 +01:00
Ian Southam
f5ef75ee7e Vrrp will fail if your own code keeps killing it off 2015-03-16 11:39:51 +01:00
wilderrodrigues
62d586e2af Reverting the changes on CsAddress done in commit 374946e07748dd3ad659381c7d88e5e4140e4eeb 2015-03-16 11:39:50 +01:00
wilderrodrigues
bd7799401b Removing guest interfaces form the VRRP list 
Removing the not is_redundant from the check that put interfaces UP.
  - it now checks only "not is_public"
 2015-03-16 11:39:50 +01:00
wilderrodrigues
0be56a5ff6 Fixing the timout )ssh hanging) on the CsApp.py file 
Adding kill_all() method on the CsProcess.py file (not being used yet)
Changing a bit the logic in the merge.py

The changes in the logic might be reverted, but they are causing no harm now.
 2015-03-16 11:39:50 +01:00
Ian Southam
406af7e855 Sorting out redundancy 
some new unit testing
stupid bug in CsCmdLine refactor
 2015-03-16 11:39:14 +01:00
Ian Southam
bdda01d269 Countless bug fixes, mostly do do with VR redundancy 
Also added some new unit tests and adjusted the code to make them work
 2015-03-16 11:38:18 +01:00
Ian Southam
8a6a407114 Dhcp refactor 
Loads of tiny bugs squashed and some big ones
Tested with domR needs VPC testing now
TODO:  Unit tests CsDhcp
 2015-03-16 11:38:17 +01:00
Ian Southam
40eb8423b9 Fixed hostname on router 2015-03-16 11:38:16 +01:00
Ian Southam
7d0df32560 Lots of fixes from the testing 
firewallrules implemented sperately from networkacl (ugly but best that can be done ATM)
Some refactoring in CsDHCP as it made no sense to do it that way anymore
processmonitoring implemented
Domain not correctly sourced in VR
 2015-03-16 11:38:15 +01:00
Ian Southam
467374c981 This time after running the unittests <blush> 2015-03-16 11:38:14 +01:00
Ian Southam
cca4b58d50 A couple of firewall fixes for DomRouter code 2015-03-16 11:38:14 +01:00
Ian Southam
6b0c40ed3e iAdd chains before provisioning rules 2015-03-16 11:38:11 +01:00
Ian Southam
50ee12c6e3 Corrected basic firewalling setup 2015-03-16 11:38:10 +01:00
Ian Southam
4cdaada380 Bugger 2015-03-16 11:38:10 +01:00
Ian Southam
dce2c9e35a Syntax error 2015-03-16 11:38:10 +01:00
Ian Southam
092c8924c9 Bug corrections 2015-03-16 11:38:09 +01:00
Ian Southam
5249df8799 Splitting router and vpc 2015-03-16 11:38:09 +01:00
Ian Southam
99d7c8f457 Fix syntax error 2015-03-16 11:38:09 +01:00
Ian Southam
945cc0bcfb Aligning router chain names correctly 2015-03-16 11:38:08 +01:00
Hugo Trippaers
9385f071d7 Fix PEP8 compliance 2015-03-16 11:38:07 +01:00
Ian Southam
2f8352bf96 Daft mistake that left more data getting merged than we would have liked 2015-03-16 11:38:06 +01:00
Hugo Trippaers
01acd3d8ec VR interfaces need the proper network type in ips 2015-03-16 11:38:05 +01:00
Hugo Trippaers
a9c5f91223 Fix indents 2015-03-16 11:35:37 +01:00
Ian Southam
e30da35879 Interfaces were not coming up on non redundant router 2015-03-16 11:35:37 +01:00
Ian Southam
7b95b78223 backup fault and master implemented 
Some more refactoring to decluter the bin directory
New config class to carry around the log, command line and firewall data
 2015-03-16 11:35:29 +01:00