The authenticators now have an encode function that cloudstack will use to encode the user supplied password before storing it in the database. This makes it easier to add other authenticators with other hashing algorithms. The requires a two step approach to creating the admin account at first start as the authenticators are only present in the management-server component locator.
The SHA256 salted authenticator make use of this new system and adds a hashing algorithm based on SHA256 with a salt. This type of hash is far less susceptible to rainbow table attacks.
To make use of these new features the users password will be sent over the wire just as he typed it and it will be transformed into a hash on the server and compared with the stored password. This means that the hash will not go over the wire anymore.
The default authenticator in components.xml is still set to md5 for backwards compatibility. For new installations the sha256 could be enabled.
This patch adds RBD (RADOS Block Device) support for primary storage in combination with KVM.
To get this patch working you need:
- libvirt-java 0.4.8
- libvirt with RBD storage pool support (>0.9.13)
- Qemu with RBD support (>0.14)
The primary storage does not support all the functions of CloudStack yet, for example snapshotting is disabled
due to the fact that backupping up a RBD snapshot is not possible in the way CloudStack wants to do it.
Creating templates from RBD volumes goes well, creating a VM from a template however is still a hit-and-miss.
NFS primary storage is also still required, you are not able to run your System VM's from RBD, they will need
to run on NFS.
Other then these points you can run instances with RBD backed disks.
Adds a helper to return an object to pass to the 'tagger' widget,
including all required data and action functions.
Syntax is as follows, just include anywhere were the tags widget is
supported:
tags: cloudStack.api.tags({
resourceType: 'Project',
contextId: 'projects'
})
Add 'about' dialog to the CloudStack top header, showing current verison
information.
Patch submitted by: oyla.smola@gmail.com
Reviewed-by: brian
Conflicts:
ui/scripts/ui/core.js
-Fix enable static NAT never completing if detail view was not visible
-- caused by JS error in widget
-If detail view isn't visible anymore, don't show post-enable/disable
NAT dialog which refreshes list view
Rework zone wizard:
-Support creation of multiple physical networks via drag-and-drop UI
-Support configuration of traffic types
-Allow creation of complete zone resources -- pods, clusters, hosts,
storage -- in a similar fashion to the quick install
-Add requirements to support elastic load balancer
Rework zone details page:
-Convert old zone chart into a regular zone details pane, split into
multiple tabs
-Add zone-specific resources dashboard
-Allow display of multiple physical networks
