apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity
28,100 Commits 304 Branches 324 Tags
Commit Graph

60 Commits

Author SHA1 Message Date
Jayapal
c13201353c CLOUDSTACK-8707: Added missed esp policy esp is added with esp_lifetime instead of esp_policy, corrected it. 2015-08-05 14:14:46 +05:30
Ian Southam
b7b54f1680 Fixes to enable test to succeed. Small change to Marvin to be able to override retries 
Signed-off-by: wilderrodrigues <wrodrigues@schubergphilis.com>
 2015-07-08 11:19:12 +02:00
Ian Southam
56483436f0 Pep8 changes that got lost with the strange double push request problem last time 2015-05-26 07:07:43 -04:00
Ian Southam
ab915b6c92 Allow forward to fix port forwarding rules 2015-05-19 12:54:38 +00:00
wilderrodrigues
2fad87d3f3 Make the routers persistent 
- After configuration save the ipdated in files
    * /etc/iptables/router_rules.v4 and /etc/iptables/router_rules.v6
    * Reload the configuration on reboot via the /etc/rc.local using iptables-restore
 2015-04-14 15:09:47 +02:00
wilderrodrigues
cb2b9e870b Fixing the communication with VM via Public IP 
- Pub IP port forwarding and static NAT fixed for single VPCs
   - Pub IP port forwarding fixed for redundant VPCs

[wip] fix static NAT for redundant VPCs

This closes #150
 2015-04-08 16:04:55 +02:00
Ian Southam
7bfccd699b Fixed Port forwarding (DNAT/SNAT) for isolated networks 
Fixed failure on using eth10 (which CS now supports)
Refactored CSForward to us CsInterface object instead of teh way it was kludged together
Fixed hex conversion for device numbers and iptables marks
 2015-03-16 11:40:12 +01:00
Ian Southam
585f5f7000 ACL issues 
ACL order issues
Do not block multicast traffic for vrrp
Many smaller bug fixes
checkrouter provided in /opt/cloud/bin
 2015-03-16 11:40:10 +01:00
Ian Southam
57d3ffaef8 Fixed password server, fixed more firewall issues 
Fixed issues with real IP and not virtual (gateway) IP being opened on the firewall
DNS now works on the vms
 2015-03-16 11:40:03 +01:00
Ian Southam
f5ef75ee7e Vrrp will fail if your own code keeps killing it off 2015-03-16 11:39:51 +01:00
wilderrodrigues
0be56a5ff6 Fixing the timout )ssh hanging) on the CsApp.py file 
Adding kill_all() method on the CsProcess.py file (not being used yet)
Changing a bit the logic in the merge.py

The changes in the logic might be reverted, but they are causing no harm now.
 2015-03-16 11:39:50 +01:00
wilderrodrigues
35151961be Fixing call on AclIP class. Instead of self.fw = fw we have to do self.fw = fw.get_fw() 
Fixing the master.py path in the keepalived.conf.templ
 2015-03-16 11:39:16 +01:00
Ian Southam
bdda01d269 Countless bug fixes, mostly do do with VR redundancy 
Also added some new unit tests and adjusted the code to make them work
 2015-03-16 11:38:18 +01:00
Ian Southam
8a6a407114 Dhcp refactor 
Loads of tiny bugs squashed and some big ones
Tested with domR needs VPC testing now
TODO:  Unit tests CsDhcp
 2015-03-16 11:38:17 +01:00
Hugo Trippaers
75dda0b5b2 Fix imports 2015-03-16 11:38:17 +01:00
Ian Southam
40eb8423b9 Fixed hostname on router 2015-03-16 11:38:16 +01:00
Ian Southam
84624091fd Load balancer config 2015-03-16 11:38:16 +01:00
Ian Southam
7d0df32560 Lots of fixes from the testing 
firewallrules implemented sperately from networkacl (ugly but best that can be done ATM)
Some refactoring in CsDHCP as it made no sense to do it that way anymore
processmonitoring implemented
Domain not correctly sourced in VR
 2015-03-16 11:38:15 +01:00
Ian Southam
08d2e10cb9 pep8 2015-03-16 11:38:15 +01:00
Ian Southam
0496ba7a00 firewallrules (VR) and metworkacl (VPC) did not as I believe they shgould get combined 
in the underlying java code
Have split them out again.
Omce tested this will need some refactorinfg because it is currently PFU
 2015-03-16 11:38:15 +01:00
Ian Southam
f924a9755d Adding port forwarding ranges exposes a rather unfortunate typo 2015-03-16 11:38:15 +01:00
Hugo Trippaers
5c4d221c34 Let's stick to CamelCase for now 2015-03-16 11:38:12 +01:00
Hugo Trippaers
9385f071d7 Fix PEP8 compliance 2015-03-16 11:38:07 +01:00
Ian Southam
54f5c53a20 Decided not at this stage to combine VPC and VR code 2015-03-16 11:38:06 +01:00
Hugo Trippaers
4cfe2a32c0 Fix a few things introduced by the rebase 2015-03-16 11:35:35 +01:00
Ian Southam
7b95b78223 backup fault and master implemented 
Some more refactoring to decluter the bin directory
New config class to carry around the log, command line and firewall data
 2015-03-16 11:35:29 +01:00
Ian Southam
8a2391336c Getting redundancy to work via teh configuration files 
Some refactoring to make class loading a little more logical
Removed fw global (does not persist accross modules)
Added first tests
Added command line call to set and disable redundancy
Added command line call to set master
 2015-03-16 11:35:29 +01:00
Ian Southam
093749eaae A start on the redundancy code 
This will not break anything but also will not work
 2015-03-16 11:35:29 +01:00
Ian Southam
a01e9082cd New code for ACLs (VPN configuration) failed functional tests 
Some corrections
 2015-03-16 11:35:28 +01:00
Ian Southam
f7d0a11a34 Process VPN requests\ 
No tests (yet)
 2015-03-16 11:35:28 +01:00
Ian Southam
725c040d5c Added code to configure netusage for vpc and domR devices 
Removed code from existing scripts that does the same
Fixed some more issues with CsNetfilter
Added rsync for/etc/iptables in rsync
 2015-03-16 11:35:27 +01:00
Ian Southam
733bc19eac Include base rule sets in Acls 
Also made some adjustments to the base rule sets to ensure my parsing routine works
 2015-03-16 11:35:26 +01:00
Hugo Trippaers
a7338387c1 Sourcenat is handled differently for routers and vpc routers 2015-03-16 11:35:26 +01:00
Ian Southam
8b38bff962 A lot of corner cases dealt with 
Need now to expand the test data to ensure I have got them all
Also failure to match because bizarrely some strings were unicode and some not
 2015-03-16 11:35:25 +01:00
Hugo Trippaers
f21b90a73e Add missing sourcenat rule 2015-03-16 11:35:25 +01:00
Hugo Trippaers
6d12d94e0c Add the public source nat rule 2015-03-16 11:35:24 +01:00
Hugo Trippaers
80a149abb7 Add port forwarding and static nat to the convergence infrastructure 2015-03-16 11:35:24 +01:00
Ian Southam
0e8c79c7f1 That is the acls. 
Need to check the order stays good
 2015-03-16 11:35:23 +01:00
Ian Southam
8f4461567d That should be all the dhcp settings correct 
CsGuestNetwork moved out of configure
dnsmasq config all switched to CsDhcp
 2015-03-16 11:35:22 +01:00
Ian Southam
b45c71ee31 Acl code linked in 
Dhcp code
Test file for dhcp entry
 2015-03-16 11:35:22 +01:00
Hugo Trippaers
683e660d60 Small (but important) fixes 2015-03-16 11:35:22 +01:00
Ian Southam
19fd0b4b57 Added logic to create all necessary firewall rules 
TODO:  Auto add chains
TODO:  Delete rules that should not be there
TODO: Deal with precidence
 2015-03-16 11:35:21 +01:00
Ian Southam
cd0ad69281 Tidied up main to be in line with the newer classes 
Added a base classs CsDataBag which will autoload a given databag
 2015-03-16 11:35:21 +01:00
Ian Southam
c6d99a45a2 First part of some serious refactoring 
The problem is that teh convergence model does not works as it currently is
Firewall rules will get added but not deleted

This builds a table of firewall rules that need to be present
The new CsNetfilter class will then do:
1.  Add rules that are not present
2.  Delete any that were not explicitly in the add list

WIP
 2015-03-16 11:35:21 +01:00
Hugo Trippaers
e323d63867 Merge vmmetadata, reuse the code from the existing script to parse it. 2015-03-16 11:35:20 +01:00
Ian Southam
4527519081 Refactored CsHelper into a module 
Introduced CsNetfilter module/class
 2015-03-16 11:35:20 +01:00
Ian Southam
4e63119873 Moved processing the cmd_line databag into update 2015-03-16 11:35:20 +01:00
Ian Southam
680454dfdf Some bug fixes 
Some more tests
store vmpassword functionally working
Tests for store password
 2015-03-16 11:35:18 +01:00
Ian Southam
9d73879061 Fixed test (assert in guest check was wrong way around) 
Also found condition inw hich apache would be miscobfigured and failed to run (I love tests!!)
Fixed configure.py to cover this case
Added a test to provoke this case!
 2015-03-16 11:35:18 +01:00
Ian Southam
4c5f4a1f9f Added vmpassword type (does nothing yet) 
Fixed tests to use /var/cache/cloud
Added some test files but will remove them when tests are properly completed
Fixed a bug in configure that did not deal well with databags with empty dev sections
 2015-03-16 11:35:17 +01:00