You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cloudstack.apache.org by ja...@apache.org on 2013/07/09 09:46:16 UTC

[1/2] git commit: updated refs/heads/master to 4779a00

Updated Branches:
  refs/heads/master 97f1e8831 -> 4779a0059


CLOUDSTACK-3352 fixed removing previous acl rules when emply acl is applied


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/e46b9007
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/e46b9007
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/e46b9007

Branch: refs/heads/master
Commit: e46b90078e0ec39b7762679a43fe3b744323eb8a
Parents: 97f1e88
Author: Jayapal <ja...@apache.org>
Authored: Tue Jul 9 12:35:48 2013 +0530
Committer: Jayapal <ja...@apache.org>
Committed: Tue Jul 9 12:50:39 2013 +0530

----------------------------------------------------------------------
 .../com/cloud/network/element/VpcProvider.java  |  3 ++-
 .../element/VpcVirtualRouterElement.java        |  6 +++---
 .../network/vpc/NetworkACLManagerImpl.java      | 21 +++++++++++++++-----
 3 files changed, 21 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e46b9007/api/src/com/cloud/network/element/VpcProvider.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/element/VpcProvider.java b/api/src/com/cloud/network/element/VpcProvider.java
index acdd05d..dc7b3bb 100644
--- a/api/src/com/cloud/network/element/VpcProvider.java
+++ b/api/src/com/cloud/network/element/VpcProvider.java
@@ -24,6 +24,7 @@ import com.cloud.exception.ConcurrentOperationException;
 import com.cloud.exception.InsufficientCapacityException;
 import com.cloud.exception.InsufficientNetworkCapacityException;
 import com.cloud.exception.ResourceUnavailableException;
+import com.cloud.network.vpc.NetworkACLItem;
 import com.cloud.network.vpc.PrivateGateway;
 import com.cloud.network.vpc.StaticRouteProfile;
 import com.cloud.network.vpc.Vpc;
@@ -53,5 +54,5 @@ public interface VpcProvider extends NetworkElement{
 
     boolean applyStaticRoutes(Vpc vpc, List<StaticRouteProfile> routes) throws ResourceUnavailableException;
 
-    boolean applyACLItemsToPrivateGw(PrivateGateway gateway) throws ResourceUnavailableException;
+    boolean applyACLItemsToPrivateGw(PrivateGateway gateway, List<? extends NetworkACLItem> rules) throws ResourceUnavailableException;
 }

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e46b9007/server/src/com/cloud/network/element/VpcVirtualRouterElement.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/element/VpcVirtualRouterElement.java b/server/src/com/cloud/network/element/VpcVirtualRouterElement.java
index 51c527c..966710c 100644
--- a/server/src/com/cloud/network/element/VpcVirtualRouterElement.java
+++ b/server/src/com/cloud/network/element/VpcVirtualRouterElement.java
@@ -343,7 +343,8 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc
 
         if ( _vpcRouterMgr.setupPrivateGateway(gateway, router) ) {
             try {
-                if (!applyACLItemsToPrivateGw(gateway)) {
+                List<NetworkACLItemVO> rules = _networkACLItemDao.listByACL(gateway.getNetworkACLId());
+                if (!applyACLItemsToPrivateGw(gateway, rules)) {
                     s_logger.debug ("Failed to apply network acl id  "+ gateway.getNetworkACLId() + "  on gateway ");
                     return  false;
                 }
@@ -446,9 +447,8 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc
     }
 
     @Override
-    public boolean applyACLItemsToPrivateGw(PrivateGateway gateway) throws ResourceUnavailableException {
+    public boolean applyACLItemsToPrivateGw(PrivateGateway gateway,List<? extends NetworkACLItem> rules) throws ResourceUnavailableException {
         VpcGatewayVO vpcGatewayVo = _vpcGatewayDao.findById(gateway.getId());
-        List<NetworkACLItemVO> rules = _networkACLItemDao.listByACL(vpcGatewayVo.getNetworkACLId());
         Network config = _networkDao.findById(gateway.getNetworkId());
         boolean isPrivateGateway = true;
 

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/e46b9007/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
index eb18eb7..5c45a86 100644
--- a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
+++ b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java
@@ -153,6 +153,17 @@ public class NetworkACLManagerImpl extends ManagerBase implements NetworkACLMana
     @Override
     public boolean replaceNetworkACLForPrivateGw(NetworkACL acl, PrivateGateway gateway) throws ResourceUnavailableException {
         VpcGatewayVO vpcGatewayVo = _vpcGatewayDao.findById(gateway.getId());
+        List<NetworkACLItemVO> aclItems = _networkACLItemDao.listByACL(acl.getId());
+        if (aclItems == null || aclItems.isEmpty()) {
+            //Revoke ACL Items of the existing ACL if the new network acl is empty
+            //Other wise existing rules will not be removed on the router elelment
+            s_logger.debug("New network ACL is empty. Revoke existing rules before applying ACL");
+            if(!revokeACLItemsForPrivateGw (gateway)){
+                throw new CloudRuntimeException("Failed to replace network ACL. Error while removing existing ACL " +
+                        "items for privatewa gateway: "+ gateway.getId());
+            }
+        }
+
         vpcGatewayVo.setNetworkACLId(acl.getId());
         if (_vpcGatewayDao.update(vpcGatewayVo.getId(),vpcGatewayVo)) {
             return applyACLToPrivateGw(gateway);
@@ -318,7 +329,7 @@ public class NetworkACLManagerImpl extends ManagerBase implements NetworkACLMana
             }
         }
 
-        boolean success = applyACLItemsToPrivateGw(gateway, aclItems);
+        boolean success = applyACLToPrivateGw(gateway, aclItems);
 
         if (s_logger.isDebugEnabled() && success) {
             s_logger.debug("Successfully released Network ACLs for private gateway id=" + gateway.getId() + " and # of rules now = "
@@ -345,11 +356,11 @@ public class NetworkACLManagerImpl extends ManagerBase implements NetworkACLMana
     @Override
     public boolean applyACLToPrivateGw(PrivateGateway gateway) throws ResourceUnavailableException {
         VpcGatewayVO vpcGatewayVO = _vpcGatewayDao.findById(gateway.getId());
-        List<NetworkACLItemVO> rules = _networkACLItemDao.listByACL(vpcGatewayVO.getNetworkACLId());
-        return applyACLItemsToPrivateGw(gateway, rules);
+        List<? extends NetworkACLItem> rules = _networkACLItemDao.listByACL(vpcGatewayVO.getNetworkACLId());
+        return applyACLToPrivateGw(gateway, rules);
     }
 
-    private boolean applyACLItemsToPrivateGw(PrivateGateway gateway, List<NetworkACLItemVO> rules) throws ResourceUnavailableException {
+    private boolean applyACLToPrivateGw(PrivateGateway gateway, List<? extends NetworkACLItem> rules) throws ResourceUnavailableException {
         List<VpcProvider> vpcElements = null;
         vpcElements = new ArrayList<VpcProvider>();
         vpcElements.add((VpcProvider)_ntwkModel.getElementImplementingProvider(Network.Provider.VPCVirtualRouter.getName()));
@@ -359,7 +370,7 @@ public class NetworkACLManagerImpl extends ManagerBase implements NetworkACLMana
         }
 
         for (VpcProvider provider: vpcElements){
-            return provider.applyACLItemsToPrivateGw(gateway);
+            return provider.applyACLItemsToPrivateGw(gateway, rules);
             }
         return false;
     }

[2/2] git commit: updated refs/heads/master to 4779a00

Posted by ja...@apache.org.

CLOUDSTACK-3404 fixed vm deploy in ipv6 network, dhcp_release is performed only in ipv4


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/4779a005
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/4779a005
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/4779a005

Branch: refs/heads/master
Commit: 4779a00594cf83e553580fedefd80fd137ae4508
Parents: e46b900
Author: Jayapal <ja...@apache.org>
Authored: Tue Jul 9 13:14:43 2013 +0530
Committer: Jayapal <ja...@apache.org>
Committed: Tue Jul 9 13:15:45 2013 +0530

----------------------------------------------------------------------
 patches/systemvm/debian/config/root/edithosts.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/4779a005/patches/systemvm/debian/config/root/edithosts.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/root/edithosts.sh b/patches/systemvm/debian/config/root/edithosts.sh
index 513571e..2d99586 100755
--- a/patches/systemvm/debian/config/root/edithosts.sh
+++ b/patches/systemvm/debian/config/root/edithosts.sh
@@ -96,7 +96,7 @@ wait_for_dnsmasq () {
   return 1
 }
 
-if [ $no_dhcp_release -eq 0 ]
+if [ "$ipv4" != '' -a $no_dhcp_release -eq 0 ]
 then
   #release previous dhcp lease if present
   logger -t cloud "edithosts: releasing $ipv4"