only on a given primary storage. Currently, the prepare template api
will seed/prepare a given template on all the primary storage pools in
a zone. If however, a user wishes to prepare a template only a
particular storage pool, it isn't possible. Updated the api to take
storage pool id as an optional parameter. If the pool id is provided
then the template is prepared only on the given primary storage pool
Disablestorage pep8CLOUDSTACK-8738: Added Maintenance mode related fixes into base.py for test_disablestoragepool.
Also fixed pep8 issues in script, most of them for E501 (long lines) with max-line-length set to default
Test Result:
Test Steps: ... === TestName: test_01_disable_enable_pool_1_host | Status : SUCCESS ===
ok
Test Steps: ... === TestName: test_01_disable_enable_pool_2_CLUSTER | Status : SUCCESS ===
ok
Test Steps: ... SKIP: No ZONE storage pools found
Test Steps: ... === TestName: test_02_vm_operations_on_disabled_pool_1_host | Status : SUCCESS ===
ok
Test Steps: ... === TestName: test_02_vm_operations_on_disabled_pool_2_CLUSTER | Status : SUCCESS ===
ok
Test Steps: ... SKIP: No ZONE wide storage pools found
Test Steps: ... === TestName: test_01_cross_cluster_attach_disk | Status : SUCCESS ===
ok
* pr/703:
Fixed pep8 issues
CLOUDSTACK-8738: Added the two methods for enable and cancel maintenance mode on StoragePool
Signed-off-by: Remi Bergsma <github@remi.nl>
Removed double encoding of Public Key from JS.See Cloudstack issue CLOUDSTACK-8742 & CLOUDSTACK-8649 for information.
* pr/709:
Removed double encoding of Public Key from JS.
Signed-off-by: Wido den Hollander <wido@widodh.nl>
Refactored NicProfile.java for readability.Only changed names and reorganized them! No functional implementation change.
See issue CLOUDSTACK-8736 for ongoing effort to clean up network code.
* pr/705:
Refactored NicProfile.java for readability.
Signed-off-by: Wido den Hollander <wido@widodh.nl>
CLOUDSTACK-8669: create volume failed due to null charsetAdded a new private method getCharSetFromConnection() which checks if
the connection charset is null and if it is null, returns
StringUtils.getPreferredCharset
regression caused by commit f03411ca0436c8b52f5e60b0c8820fd1d1ba2ff6
* pr/695:
CLOUDSTACK-8669: create volume failed due to null charset
CLOUDSTACK-8669: making StringUtils.getDefaultCharset protected
Signed-off-by: Remi Bergsma <github@remi.nl>
Added a new private method getCharSetFromConnection() which checks if
the connection charset is null and if it is null, returns
StringUtils.getPreferredCharset
regression caused by commit f03411ca0436c8b52f5e60b0c8820fd1d1ba2ff6
[CLOUDSTACK-8427] Add missing localization for some labels in Web UI- on new functionnality: upload volume/template from Local
- on the zone configuration wizard for the "Next" button
- update French messages properties from transifex
- Improve some French translations ("Tlverser" for "Upload")
* pr/686:
Add missing localization for some labels in Web UI - on new functionnality: upload volume/template from Local - on the zone configuration wizard for the "Next" button - update French messages properties from transifex - Improve some French translations ("Téléverser" for "Upload")
Signed-off-by: Remi Bergsma <github@remi.nl>
Cloudstack 8656: do away with more silently ignoring exceptions.a lot of messages added.
some restructuring for test exception assertions and try-with-resource blocks
* pr/654: (29 commits)
CLOUDSTACK-8656: more logging instead of sysout
CLOUDSTACK-8656: use catch block for validation
CLOUDSTACK-8656: class in json specified not found
CLOUDSTACK-8656: removed unused classes
CLOUDSTACK-8656: restructure of tests
CLOUDSTACK-8656: reorganise sychronized block
CLOUDSTACK-8656: restructure tests to ensure exception throwing
CLOUDSTACK-8656: validate the throwing of ServerApiException
CLOUDSTACK-8656: logging ignored exceptions
CLOUDSTACK-8656: try-w-r removes need for empty catch block
CLOUDSTACK-8656: try-w-r instead of clunckey close-except
CLOUDSTACK-8656: deal with empty SQLException catch block by try-w-r
CLOUDSTACK-8656: unnecessary close construct removed
CLOUDSTACK-8656: message about timed buffer logging
CLOUDSTACK-8656: message about invalid number from store
CLOUDSTACK-8656: move cli test tool to separate file
CLOUDSTACK-8656: exception is the rule for some tests
CLOUDSTACK-8656: network related exception logging
CLOUDSTACK-8656: reporting ignored exceptions in server
CLOUDSTACK-8656: log in case we are on a platform not supporting UTF8
...
Signed-off-by: Remi Bergsma <github@remi.nl>
Fix site-to-site VPN featureThis is work done together with @jayapalu on fixing the site2site VPN. The first part was done in PR #690 by @jayapalu. On top of that, some other fixes were needed and those are added in this PR. It made sense to make a new PR which includes all fixes so we can actually test it.
The original PR #690 is already merged into this one, so can be closed. Since the commit ids are kept the same, merging this will close both.
I closely compared the 4.4/4.5 implementation with the new 4.6 one. I did not only make it work, but also added some security improvements (some of which were also in 4.4/4.5). I noticed the pre shared key was being logged, so removed that as well.
This is how I tested and verified it:
https://github.com/schubergphilis/MCT-shared/tree/master/helper_scripts/cloudstack/vpn_tests
When I have some time available, I'll write a Marvin test for it that we can include in the repo.
It now works(tm) with one manual step due to CLOUDSTACK-8685:
We need a default gateway before site-to-site VPN will actually work. It will connect, but not forward packets. The reason for this, is due to the iptables setup. VM1 has router1 as gateway, but router1 does not know the route to VM2 so it will give up. With a default gateway, the packets are about to be forwarded to the default gateway but when they reach eth1 the public nic, iptables kicks in, does some magic and forwards it through the ipsec tunnel. So, you need a default gw set to upstream.
Workaround for now is setting the route manually:
``route add default gw 1.2.3.4`` or ``ip route add default via 1.2.3.4``
In other words, we need to fix CLOUDSTACK-8685 soon, too.
Thanks to @snuf @jayapalu!
@jayapalu @snuf could you please review this?
* pr/693:
do not log sensitive site-to-site VPN PSK
tighten security of site-to-site VPN
CLOUDSTACK-8730: fix s2s iptables rules and ipsec config
CLOUDSTACK-8710: Fixed applying iptables rules for s2s vpn
Signed-off-by: Remi Bergsma <github@remi.nl>
Interface changes related to CLOUDSTACK-8580See issue CLOUDSTACK-8580 and individual commits.
* pr/680:
Made interface changes related to CLOUDSTACK-8580
Signed-off-by: Remi Bergsma <github@remi.nl>
Added responses to ListCapabilities to reflect CLOUDSTACK-8580 changes.
This to add these options to the gui. See issue CLOUDSTACK-8580.
3be14e978a
Removed comments as proposed by Daan Hoogland.
Upgrade paths from 4.5.1 exists to both 4.5.2, and 4.6.0. Since 4.5.2 and 4.6.0
are not release, and the bug affects 4.5 branch; this patch aims to port that
fix from master to both 4.5/master branches.
Ported from commit b6a7804
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
CLOUDSTACK-8710: Fixed applying iptables rules for s2s vpn
@remibergsma @wilderrodrigues
Moved applying iptables rules apply after vpn configuration so that vpn specific rules also get applied
* pr/690:
CLOUDSTACK-8710: Fixed applying iptables rules for s2s vpn
This closes#690
Signed-off-by: Remi Bergsma <github@remi.nl>
Logging before:
2015-08-12 16:30:07,126 Searching for 192.168.23.6 and replacing with 192.168.23.6 192.168.23.5: PSK "preSharedKey"
Logging after:
2015-08-12 16:30:07,126 Searching for 192.168.23.6 and replacing with 192.168.23.6 192.168.23.5: PSK "****"
