apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-11-02 20:02:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
37,020 Commits 307 Branches 324 Tags
Commit Graph

95 Commits

Author SHA1 Message Date
Vishesh
ae1d7cc860
Fix private gateway acl on static routes (#10262) 2025-02-10 18:50:30 +01:00
dahn
d453c63848
cleanup VM IP after expunge in redundant VPC (#10183) 
Co-authored-by: Pearl Dsilva <pearl1594@gmail.com>
 2025-02-09 09:34:20 +01:00
Wei Zhou
90c960eeed
VPC VR: fix ACL between tier and private gateway (#10268) 2025-02-04 16:00:58 +01:00
Rodrigo D. Lopez
4189bac8e0
enable to create VPC portfowarding rules with source cidr (#7081) 
Co-authored-by: Lopez <rodrigo@scclouds.com.br>
Co-authored-by: Fabricio Duarte <fabricio.duarte.jr@gmail.com>
 2024-11-28 17:53:07 +01:00
Rohit Yadav
5b7c86aa45 Merge remote-tracking branch 'origin/4.18' into 4.19 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2024-11-07 14:51:43 +05:30
Wei Zhou
896b8bfabf
VR: fix wrong check when compare two configuration files (#9822) 2024-11-07 14:48:02 +05:30
Wei Zhou
1ca9a10912
VR: remove vpn user info when apply vpn users list (#9568) 
Prior to this PR
```
root@r-663-VM:/var/cache/cloud# gzip -dk vpn_user_list.json.aae73e2c-32ba-44f3-bf47-426933a67bcb.gz
root@r-663-VM:/var/cache/cloud# /opt/cloud/bin/update_config.py vpn_user_list.json.aae73e2c-32ba-44f3-bf47-426933a67bcb
{'id': 'vpnuserlist', 'test': {'add': True, 'password': 'test', 'user': 'test'}}
{'vpn_users': [{'user': 'test', 'password': 'test', 'add': True}], 'type': 'vpnuserlist', 'delete_from_processed_cache': False}
 line = # Secrets for authentication using CHAP

 line = # client	server	secret			IP addresses

 line =

 line =

 line = test * test *
```

with this PR
```
root@r-663-VM:/var/cache/cloud# gzip -dk vpn_user_list.json.aae73e2c-32ba-44f3-bf47-426933a67bcb.gz
root@r-663-VM:/var/cache/cloud# /opt/cloud/bin/update_config.py vpn_user_list.json.aae73e2c-32ba-44f3-bf47-426933a67bcb
root@r-663-VM:/var/cache/cloud#
```
 2024-09-04 11:57:28 +05:30
dahn
56b69b157e
prevent duplicate ip table rules in SSVM (#8530) 
Co-authored-by: Wei Zhou <weizhou@apache.org>
 2024-06-14 09:01:15 +02:00
Wei Zhou
3b0e6ac90c
VR: fix dnmasq misconfiguration if there are multiple IP ranges in a shared network (#8741) 2024-04-24 14:51:50 +02:00
Wei Zhou
e47a910019
VR: fix issue between VPC VMs and other Public IPs in the same subnet as additional Public IPs (#8599) 
* VR: fix issue between VPC VMs and other Public IPs in the same subnet as additional Public IPs

* Update PR8599: move to VpcVirtualNetworkApplianceManagerImpl
 2024-02-13 11:03:40 +05:30
Wei Zhou
10d7e6cf6f
VR: remove apache2 config for removed VPC tiers (#7982) 2023-09-26 15:25:39 +02:00
Wei Zhou
8c546bd5a6
router: do not restart conntrackd if no guest networks (issue 6702) (#7265) 
This PR fixes #6702

The service conntrackd will be started by the script /opt/cloud/bin/cs/CsRedundant.py, therefore add it to disabled_svcs so it is not started automatically when VR is started.
 2023-05-11 12:59:32 +05:30
Pearl Dsilva
3044d63a8b
Configurable MTU for VR (#6426) 
Co-authored-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
 2023-01-04 09:42:24 +01:00
Wei Zhou
a63b2aba7a
VM Autoscaling with virtual router (#6571) 2022-12-05 15:23:03 +01:00
dahn
0c93a85b3a
add ip rule for VPC extra IPs (#6846) 2022-10-31 15:13:19 +01:00
Abhishek Kumar
67024b036a
vr: fix packet interface mismatch (#6656) 
Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>
Co-authored-by: Daan Hoogland <daan@onecht.net>
 2022-09-29 17:02:28 +02:00
Abhishek Kumar
d42c0eeb11
systemvm: setup radvd correctly (#6343) 
* systemvm: setup radvd correctly

Fixes radvd setup on VR for isolated network

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* donot start radvd on startup

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* Revert "donot start radvd on startup"

This reverts commit 2a8f737f3cf548386f025a436da5e66f59af858b.

* ipv6: do not start radvd in common.sh

* ipv6: do not add radvd to enabled_svcs in CsRedundant.py

* systemvm: add radvd to /var/cache/cloud/enabled_svcs when enable radvd

* test: fix test_network_ipv6.py

Co-authored-by: Wei Zhou <weizhou@apache.org>
 2022-05-03 17:53:32 -03:00
Abhishek Kumar
e53ed9e350
network: fix event, acl, firewall for ipv6 nw (#6314) 
* add guest ipv6 cidr for fw rule

Signed-off-by: Abhishek Kumar <abhishek.kumar@shapeblue.com>

* fix fw, acl nft chains

Signed-off-by: Abhishek Kumar <abhishek.kumar@shapeblue.com>

* remove unnecessary log

Signed-off-by: Abhishek Kumar <abhishek.kumar@shapeblue.com>

* api response should return default internet protocol

Signed-off-by: Abhishek Kumar <abhishek.kumar@shapeblue.com>

* event resource fix for ipv6 firewall rule events

Signed-off-by: Abhishek Kumar <abhishek.kumar@shapeblue.com>

* fix radvd, restore ipv6 intf in vm type script

Signed-off-by: Abhishek Kumar <abhishek.kumar@shapeblue.com>

* fix dadfailed with rvr

Signed-off-by: Abhishek Kumar <abhishek.kumar@shapeblue.com>
 2022-04-26 23:30:44 -03:00
Abhishek Kumar
4a914aa88d
network: ipv6 static routes (#5786) 
* wip

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* IPv6: configure VR of isolated networks

* IPv6: add default IPv6 route in VR of isolated networks

* Reformat server/src/main/java/com/cloud/network/NetworkServiceImpl.java

* IPv6: update network to offering which support IPv6

* IPv6: update vm nic ipv6 address when update network to new offering

* IPv6: configure VPC VR to support multiple tiers with IPv6

* IPv6: add RDNSS in radvd.conf

* IPv6/UI: support ipv6 protocols in Network ACL

* wip

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* changes for diagnostics

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* more import fromo #5594

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* IPv6: fix wrong public ipv6 in VPC VR

* changes

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* Update server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java

Co-authored-by: dahn <daan.hoogland@gmail.com>

* ui: fix add ipv6 prefix labels, message

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* ui: label fix

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* logging fix

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* test fix

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* changes

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* minor ui refactor

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* ip6 events

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* ip6 usage

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* unused

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* slaac based public ip

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* remove unused

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* diagnostics fix for vr

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* firewall changes

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* alert and show ipv6 usage

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* change for network response

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* ipv6 network test

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* changes

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* ui: fix ipaddress listing

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* wip

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix simulator

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* changes

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* changes

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* test fix

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* test and fixes

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* test temp change revert

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fixes

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* use uuid

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* event syntax fix

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* wip

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* review comments

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* assign vlan public IP for dualstack only if both protocols present on same vlan

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* internetprotocol in networkofferingresponse

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* add tcp, udp

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* support vpc with ipv6 only on same vlan

- adds new internet protocol param to createVpcOffering API
- When DualStack internet protocol is selected for the VPC offering, tiers with network with or without IPv6 support can be deployed.
- When IPv4 internet protocol is used for the VPC offering, tiers with network with only IPv4 support can be deployed

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* change and fix

allow VPC with IPv4 protocol to deploy tiers with IPv6

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* test fix

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* ui fixes

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix multiple routes, network guest ipv6 gateway

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* address review comments

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* stop radvd on backup VR

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix router redundant status with ipv6

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* disable radvd for backup vr

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* correctly set ipv6 in redundant router case

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* remove unused code

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix connection

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* ui: don't show all protocol for egress

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix guest ipv6 for redundant VRs

Redundant VRs will not be assigned an IPv6 by ACS and guest netwrok gateway will be added as IPv6 for guest interface by systemvm scripts during setting redundant state of the VR.

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix missing ipv6 on redundant vr

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix syntax

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* ui: fix vpc tier redirect to show details

When redirecting to VPC tier, details tab should be active by default

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* restart radvd on primary redundant vr

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* check for ipv6 values

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* remove old ui change

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix condition

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* remove gateway from backup vr

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* network upgrade fail early

when IPv6 network cannot be allocated fail before shutting down the network

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix radvd not running on RVR

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* prepare radvd.conf once

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix job polling

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix RVR for vpc with ipv6

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix ipv6 network acls

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* Update CsConfig.py

* add check

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* test: vpc offering test

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* test: add negative tests for guest prefix, public range

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* add default ipv6 route for primary

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix dadfailed on vpc rvr

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* ui: fix add iprange form, dedicate action visibility

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix adding, deleting ipv6 range

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix failing test

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix missing destination cidr in ipv6 firewall

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix ipv6 nftables rules

Allow storing linger IPv6 CIDRs in DB
Specify all port range for TC{, UDP protocol rules withot ports
Fix adding nft rules by creating chains first

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix icmpv6 type, code

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix icmp type, code

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* test: add more for ipv6 network

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* add warning message for egress policy in ipv6 fw rule

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* ui,server: update ipv6 vlan range

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* subnet operations inside transaction

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* server: persistent public IPv6 for network

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* ui: fix action alignment

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix vpc acl for tiers

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix removing network placeholder nic

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix acl rules for ip version

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix placeholder nic and nd-neighbor block issue

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* test for redundant nw

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* fix ping

Signed-off-by: Abhishek Kumar <abhishek.mrt22@gmail.com>

* systemvm: uprgade to debian 11.3.0

* ipv6: enable ipv6 in sysctl config in bootstrap.sh

* VR: fix KeyError: 'nic_ip6_cidr'

* build fix for latest event changes

Signed-off-by: Abhishek Kumar <abhishek.kumar@shapeblue.com>

Co-authored-by: Wei Zhou <weizhou@apache.org>
Co-authored-by: dahn <daan.hoogland@gmail.com>
 2022-04-25 22:51:32 -03:00
Wei Zhou
c61ea9f96d
VR: Do not add iptables rules for the revoked ip addresses (#6189) 2022-04-06 00:16:47 -03:00
Wei Zhou
4568a68d83
CsDhcp.py: fix runtests.sh error (#5671) 
$ cd systemvm/test
$ bash -x runtests.sh
......
../debian/opt/cloud/bin/cs/CsDhcp.py:114:25: E266 too many leading '#' for block comment
+ '[' 1 -gt 0 ']'
+ echo 'pycodestyle failed, please check your code'
 2021-11-17 14:05:20 +01:00
Wei Zhou
9f5ac89c9a
VR: fix data-server if shared network has multiple ip ranges (#5530) 
* VR: fix data-server if shared network has multiple ip ranges

This fixes #5518

* Update PR #5530: fix nameserver in vm with IP in additional IP ranges

without this change
```
root@r-757-VM:~# cat /etc/dnsmasq.d/cloud.conf
listen-address=127.0.0.1,10.10.12.31,10.10.13.19
dhcp-range=set:interface-eth0-0,10.10.12.31,static
dhcp-option=tag:interface-eth0-0,15,cs1cloud.internal
dhcp-option=tag:interface-eth0-0,6,10.10.12.31,10.0.32.1,8.8.8.8
dhcp-option=tag:interface-eth0-0,3,10.10.12.254
dhcp-option=tag:interface-eth0-0,1,255.255.255.0
dhcp-range=set:interface-eth0-1,10.10.13.19,static
dhcp-option=tag:interface-eth0-1,15,cs1cloud.internal
dhcp-option=tag:interface-eth0-1,6,10.10.12.31,10.0.32.1,8.8.8.8 <<< nameserver 10.10.12.31
dhcp-option=tag:interface-eth0-1,3,10.10.13.254
dhcp-option=tag:interface-eth0-1,1,255.255.255.0
```

with this change
```
root@r-757-VM:~# cat /etc/dnsmasq.d/cloud.conf
listen-address=127.0.0.1,10.10.12.31,10.10.13.19
dhcp-range=set:interface-eth0-0,10.10.12.31,static
dhcp-option=tag:interface-eth0-0,15,cs1cloud.internal
dhcp-option=tag:interface-eth0-0,6,10.10.12.31,10.0.32.1,8.8.8.8
dhcp-option=tag:interface-eth0-0,3,10.10.12.254
dhcp-option=tag:interface-eth0-0,1,255.255.255.0
dhcp-range=set:interface-eth0-1,10.10.13.19,static
dhcp-option=tag:interface-eth0-1,15,cs1cloud.internal
dhcp-option=tag:interface-eth0-1,6,10.10.13.19,10.0.32.1,8.8.8.8 <<< nameserver 10.10.13.19
dhcp-option=tag:interface-eth0-1,3,10.10.13.254
dhcp-option=tag:interface-eth0-1,1,255.255.255.0
```

* Update #5530: add 'localise-queries' to /etc/dnsmasq.conf
 2021-10-04 11:40:25 +02:00
nicolas
6509f43edc Merge branch '4.15' into main 2021-08-25 01:24:58 -03:00
Wei Zhou
16e4de0c25
vr: reload dnsmasq when start vms (#5319) 
* vr: reload dnsmasq when start vms

* vr: fix pycodestyle check error

* vr: delete leases only when needed
 2021-08-24 22:47:34 -03:00
davidjumani
cb1078aa20
Merge remote-tracking branch 'apache/4.15' into main 2021-08-09 15:10:51 +05:30
Wei Zhou
05d1d568fb
vr: restart conntrackd instead of '/usr/sbin/conntrackd -d' (#5275) 
* vr: restart conntrackd instead of '/usr/sbin/conntrackd -d'

* vr: remove unused cmd

* Revert "vr: remove unused cmd"

This reverts commit b97cf469952fe0706d91af411eaffa62a06761a6.

* vr: remove unused cmd
 2021-08-09 13:35:45 +05:30
Suresh Kumar Anaparti
958182481e cloudstack: make code more inclusive 
Inclusivity changes for CloudStack

- Change default git branch name from 'master' to 'main' (post renaming/changing default git branch to 'main' in git repo)
- Rename some offensive words/terms as appropriate for inclusiveness.

This PR updates the default git branch to 'main', as part of #4887.

Signed-off-by: Suresh Kumar Anaparti <suresh.anaparti@shapeblue.com>
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2021-06-08 15:47:20 +05:30
Rohit Yadav
e824fdba20 Merge remote-tracking branch 'origin/4.14' into 4.15 
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>

Conflicts:
	server/src/main/java/com/cloud/vm/UserVmManagerImpl.java
 2021-04-10 13:41:50 +05:30
Spaceman1984
4bab06a74b
systemvm: Restricting http access on VR to internal network (#4847) 
There is a potential security issue with having http access to the VR from anywhere.
This PR restricts http access to the VR to the internal network only.
 2021-04-10 13:19:31 +05:30
Rohit Yadav
43257f8300 Merge remote-tracking branch 'origin/4.14' into 4.15 2021-04-05 12:59:37 +05:30
aleskxyz
ca4669c4d4
systemvm: Add localized "data-server" records in /etc/hosts for VPC routers (#4873) 2021-04-05 12:34:10 +05:30
Wei Zhou
63c91c1458
server: Fix network statistics for vpc (#3944) 
This contains 3 main changes
(1) add NETWORK_STATS_ethX for all nics with public ips in VPC VRs (current: NETWORK_STATS_eth1)
(2) DO NOT create records in user_statistics for each VPC tier (only one record per public nic per VPC VR)
(3) send NetworkUsageCommand before unplugging a NIC with public IPs from VPC VR
 2021-04-01 12:43:06 +05:30
davidjumani
4d33e159f7
vr: Ensuring dnsmasq.leases file is populated (#4529) 2020-12-14 09:06:24 +00:00
Wei Zhou
8a68617eee bugfix #9 vpc vr: Add PREROUTING rule for vm with static nat to multiple private gateways 2020-11-25 08:40:16 +01:00
Wei Zhou
69c0f71cf7 bugfix #8 vpc: add rule for traffic between vm and private gateway 2020-11-25 08:40:16 +01:00
Wei Zhou
a8c9b4531b bugfix #7 vpc vr: allow servers in private gateway to reach internet via the VPC VR if it is gateway 2020-11-25 08:40:16 +01:00
Wei Zhou
8fb2efee1c bugfix #6 vpc vr: Add iptables rules for ACL of private gateway 2020-11-25 08:40:16 +01:00
Wei Zhou
81ac9f90ab
vr: fix python exception when configure VRs (#4489) 
before
```
root@r-27-VM:/var/cache/cloud# /opt/cloud/bin/configure.py monitor_service.json
ERROR:root:Command 'ip link show eth0 | grep 'state DOWN'' returned non-zero exit status 1
```

with this change
```
root@r-27-VM:/var/cache/cloud# /opt/cloud/bin/configure.py monitor_service.json
root@r-27-VM:/var/cache/cloud#
```
 2020-11-23 14:09:40 +05:30
Wei Zhou
75fdb07387
vpc: fix ips on wrong interfaces after rebooting vpc vrs (#4467) 
* vpc: fix ips on wrong interfaces after rebooting vpc vrs

* #4467: Rename to updateNicWithDeviceId

* CLSTACK-8923 vr: Force a restart of keepalived if conntrackd is not running or configuration has changed
 2020-11-20 21:02:53 +05:30
Wei Zhou
a368ba9def
VR: fix logging is not working and logs are not appended to /var/log/cloud.log (#4466) 2020-11-20 10:40:02 +00:00
Wei Zhou
ff8a84ee77
systemvm: fix proc.find in CsProcess.py (#4413) 
Co-authored-by: Wei Zhou <w.zhou@global.leaseweb.com>
 2020-10-21 19:21:54 +02:00
Rohit Yadav
766eab8cab Merge remote-tracking branch 'origin/4.13' into 4.14 2020-09-23 10:49:19 +05:30
Lucas Granet
ab02cf7078 router: adding "data-server" dns entry in /etc/hosts (#4319) 
The DNS entry "data-server" was not added in /etc/hosts.

Since the VR is now considered as a "dhcpsrvr" (?), we need to apply this commit to add this DNS entry.
/etc/hosts is fully rewritten by this script.

Fixes: #4308
(cherry picked from commit dc65f31f9f3cb47240946c8c1cced44a7ecf9640)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2020-09-23 10:48:44 +05:30
Rohit Yadav
3de5ca9871 Merge remote-tracking branch 'origin/4.13' into 4.14 
Fixes forward-merge lint issue

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
 2020-06-15 08:59:08 +05:30
havengit
60d7215a06
fix dhcp lease entry wrong hostname (#4064) 
When Guest VM add secondary nic,  will get wrong hostname "infiniteh" from dhcp server
infiniteh -->infinite
cat /etc/dhcphosts.txt
02:00:0b:ef:00:04,set:192_168_4_18,192.168.4.18,gumd-tes3,infiniteh
 2020-05-11 10:56:14 +02:00
Daan Hoogland
8e4be6dc60 Merge branch '4.13' 2020-04-16 15:27:52 +02:00
dahn
6a72e6e9f8 do not put in default accept rules for DNS and BOOTPS 2020-04-16 15:09:51 +02:00
Daan Hoogland
6f9890694d Merge release branch 4.13 to master 
* 4.13:
  vr: fix password server run with empty gateway in isolated netw… (#3943)
  Fix simulator docker db deploy issue (apache#3397) (#3651)
 2020-03-09 11:26:21 +01:00
Wei Zhou
7d0fd9fa3f
vr: fix password server run with empty gateway in isolated netw… (#3943) 2020-03-09 10:35:56 +01:00
Daan Hoogland
8c078b8849 Merge release branch 4.13 to master 
* 4.13:
  vrouter: reload keepalived instead of restart and fix password… (#3898)
  Allow port 80/8080 accessible only from guest network (#3907)
 2020-02-28 17:20:48 +01:00