You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ro...@apache.org on 2017/12/16 06:45:53 UTC
[cloudstack] branch debian9-systemvmtemplate updated (737cdea ->
ac9b898)
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a change to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git.
omit 737cdea vmware related fixes
omit cb39c25 CLOUDSTACK-9501: route is not available by default on CentOS7 (#1637)
omit 41eabaf increase timeout as things run slow in nested-environments
omit 949e1f0 don't skip rvr tests for vmware
omit 4f4e798 process unprocessed cmd_line.json
omit 58f7fc0 rm rc.local!
omit 289e1c2 CLOUDSTACK-10187: Don't delete vifs for VPCs with source nat
omit 17285a4 fixes
omit e08d2d2 fix volume usage test case
omit 8135906 systemvm fixes
omit 6c304c5 more fixes
omit 159b160 fixes
omit c5241d3 use new get_test_templates
omit 6096177 systemvmtemplate enlargements
omit 939466d rvr fixes
omit 979bb45 more fixes
omit 2f1ae96 fsck on systemvm boot
omit 821ac53 fix simulator build
omit da16bba refactor tests, introduce a new get_test_template that returns a small testing template such as macchinina etc.
omit f5c1c4e using debian 9.3.0 now :)
omit 51490db update per new macchinina template
omit 23d59e4 more systemvmtemplate optimizations
omit 4d72077 CLOUDSTACK-10181: Skip rVR test cases for VMware until supported
omit ffe324f CLOUDSTACK-10013: SystemVM codebase refactorings and improvements
omit 9b58f4c CLOUDSTACK-10013: Make the generated VR/json files unique (ports #1470)
omit fa197e1 CLOUDSTACK-10010: Port marvin test from #2190 by @swill
omit f494d7d CLOUDSTACK-10013: Fix ipsec VPN configuration
omit 6795ec5 CLOUDSTACK-10013: SystemVM.iso refactoring and cleanups
omit 132712c CLOUDSTACK-10129: UX improvements and event timeline
omit 6f1c2e0 CLOUDSTACK-9348: Improve Nio SSH handshake buffers
omit b41c4fa CLOUDSTACK-7853: Fix ping timeout edge case and refactor code
omit dcaf5f1 CLOUDSTACK-10013: Debian9 SystemVM appliance improvements
omit 4411bfa CLOUDSTACK-10013: Make Debian9 systemvmtemplates work with systemd
omit a53a8dd CLOUDSTACK-10013: Migrate systemvmtemplate to Debian9
add 6ab2ba9 doc: replace virutal by virtual (typo)
add d57b518 Merge pull request #2359 from exoscale/doc_virutal
add fc49533 CLOUDSTACK-9986: Use host table to iterate for zone/cluster metrics (#2353)
add 44a7eb0 CLOUDSTACK-10176: VM Start Api Job returns success for failed Job (#2354)
add b417226 CLOUDSTACK-9839: Add XenServer 7.1 and 7.2 interoperablility (#2346)
add 47419df CLOUDSTACK-10039: Adding used IOPS to storage pool response (#2294)
add 566238b CLOUDSTACK-8908: After copying the template charging for that template is stopped (#2308)
add 973a9c1 CLOUDSTACK-10003 automatic configure juniper srx/vsrx nat loopback, (#2184)
new c72ca39 CLOUDSTACK-10013: Migrate systemvmtemplate to Debian9
new d5680ad CLOUDSTACK-10013: Make Debian9 systemvmtemplates work with systemd
new c5f8543 CLOUDSTACK-10013: Debian9 SystemVM appliance improvements
new 86c21ba CLOUDSTACK-7853: Fix ping timeout edge case and refactor code
new b62ea9e CLOUDSTACK-9348: Improve Nio SSH handshake buffers
new 5882244 CLOUDSTACK-10129: UX improvements and event timeline
new 9f7fdb6 CLOUDSTACK-10013: SystemVM.iso refactoring and cleanups
new ea11b69 CLOUDSTACK-10013: Fix ipsec VPN configuration
new efc63d6 CLOUDSTACK-10010: Port marvin test from #2190 by @swill
new 6ea2717 CLOUDSTACK-10013: Make the generated VR/json files unique (ports #1470)
new 795963b CLOUDSTACK-10013: SystemVM codebase refactorings and improvements
new 779f2b1 CLOUDSTACK-10181: Skip rVR test cases for VMware until supported
new e0c2f00 more systemvmtemplate optimizations
new dc4b7ab update per new macchinina template
new 6607ba9 using debian 9.3.0 now :)
new 83b5e1e refactor tests, introduce a new get_test_template that returns a small testing template such as macchinina etc.
new daa55ae fix simulator build
new 5c31b85 fsck on systemvm boot
new a8a929c more fixes
new d691a70 rvr fixes
new 2cb23ef systemvmtemplate enlargements
new 5b2c68e use new get_test_templates
new 7ed696a fixes
new 27704a92 more fixes
new 4b4cec6 systemvm fixes
new 2716ede fix volume usage test case
new cbaca70 fixes
new 4394136 CLOUDSTACK-10187: Don't delete vifs for VPCs with source nat
new e8314a0 rm rc.local!
new 6730e7f process unprocessed cmd_line.json
new aa51d5b don't skip rvr tests for vmware
new a678ba7 increase timeout as things run slow in nested-environments
new 3dc2b48 CLOUDSTACK-9501: route is not available by default on CentOS7 (#1637)
new ac9b898 vmware related fixes
This update added new revisions after undoing existing revisions.
That is to say, some revisions that were in the old version of the
branch are not in the new version. This situation occurs
when a user --force pushes a change and generates a repository
containing something like this:
* -- * -- B -- O -- O -- O (737cdea)
\
N -- N -- N refs/heads/debian9-systemvmtemplate (ac9b898)
You should already have received notification emails for all of the O
revisions, and so the following emails describe only the N revisions
from the common base, B.
Any revisions marked "omit" are not gone; other references still
refer to them. Any revisions marked "discard" are gone forever.
The 34 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
api/src/com/cloud/network/vpc/VpcOffering.java | 2 +-
.../api/response/AcquireIPAddressResponse.java | 8 +--
.../cloudstack/api/response/IPAddressResponse.java | 8 +--
.../api/response/StoragePoolResponse.java | 8 +++
.../com/cloud/vm/VirtualMachineManagerImpl.java | 6 +-
.../com/cloud/usage/dao/UsageStorageDaoImpl.java | 2 +
.../cloudstack/metrics/MetricsServiceImpl.java | 17 ++++--
.../cloud/network/resource/JuniperSrxResource.java | 71 +++++++++++++++++++++-
.../api/query/dao/StoragePoolJoinDaoImpl.java | 19 ++++++
server/src/com/cloud/vm/UserVmManagerImpl.java | 4 +-
setup/db/db/schema-41000to41100.sql | 29 +++++++++
systemvm/debian/etc/issue | 1 -
test/metadata/func/flatnetwork.xml | 2 +-
test/metadata/func/roughflatstress.xml | 4 +-
test/metadata/func/securitygroups.xml | 2 +-
ui/l10n/en.js | 1 +
ui/scripts/system.js | 9 +++
17 files changed, 168 insertions(+), 25 deletions(-)
--
To stop receiving notification emails like this one, please contact
['"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>'].
[cloudstack] 18/34: fsck on systemvm boot
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 5c31b85b248d2dbf1d08f229b4133ecf87b3405a
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Mon Dec 11 10:15:32 2017 +0530
fsck on systemvm boot
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
test/integration/smoke/test_snapshots.py | 2 +-
tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh | 5 +++--
tools/appliance/definitions/systemvmtemplate/configure_grub.sh | 2 +-
tools/appliance/definitions/systemvmtemplate/finalize.sh | 4 ++--
4 files changed, 7 insertions(+), 6 deletions(-)
diff --git a/test/integration/smoke/test_snapshots.py b/test/integration/smoke/test_snapshots.py
index a75a1e9..6e9a877 100644
--- a/test/integration/smoke/test_snapshots.py
+++ b/test/integration/smoke/test_snapshots.py
@@ -62,7 +62,7 @@ class TestSnapshotRootDisk(cloudstackTestCase):
cls._cleanup = []
if not cls.hypervisorNotSupported:
- cls.template = get_test_template(cls.apiclient, cl.zone.id, cls.hypervisor)
+ cls.template = get_test_template(cls.apiclient, cls.zone.id, cls.hypervisor)
if cls.template == FAILED:
assert False, "get_test_template() failed to return template"
diff --git a/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh b/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
index 6f37e34..2d7394d 100644
--- a/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
+++ b/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
@@ -19,10 +19,11 @@
set -e
set -x
-function remove_reserved_blocks() {
+function fix_tune2fs() {
for partition in $(blkid -o list | grep ext | awk '{print $1}')
do
tune2fs -m0 $partition
+ tune2fs -c 1 $partition
done
fdisk -l
df -h
@@ -42,7 +43,7 @@ function apt_upgrade() {
# Setup sudo
echo 'cloud ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/cloud
- remove_reserved_blocks
+ fix_tune2fs
add_backports
rm -fv /root/*.iso
diff --git a/tools/appliance/definitions/systemvmtemplate/configure_grub.sh b/tools/appliance/definitions/systemvmtemplate/configure_grub.sh
index 85f9da2..4a42dc6 100644
--- a/tools/appliance/definitions/systemvmtemplate/configure_grub.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_grub.sh
@@ -28,7 +28,7 @@ GRUB_DEFAULT=0
GRUB_TIMEOUT=0
GRUB_DISTRIBUTOR=Debian
GRUB_CMDLINE_LINUX_DEFAULT="quiet"
-GRUB_CMDLINE_LINUX="console=tty0 console=ttyS0,115200n8 console=hvc0 earlyprintk=xen net.ifnames=0 biosdevname=0 debian-installer=en_US nomodeset"
+GRUB_CMDLINE_LINUX="console=tty0 console=ttyS0,115200n8 console=hvc0 earlyprintk=xen net.ifnames=0 biosdevname=0 debian-installer=en_US fsck.mode=force nomodeset"
GRUB_CMDLINE_XEN="com1=115200 console=com1"
GRUB_TERMINAL="console serial"
GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1"
diff --git a/tools/appliance/definitions/systemvmtemplate/finalize.sh b/tools/appliance/definitions/systemvmtemplate/finalize.sh
index 912887c..febae7b 100644
--- a/tools/appliance/definitions/systemvmtemplate/finalize.sh
+++ b/tools/appliance/definitions/systemvmtemplate/finalize.sh
@@ -51,14 +51,14 @@ function cleanup_veewee() {
# Zero out the free space to save space in the final image:
function zero_disk() {
+ df -h
+ fstrim -av
for path in / /boot /var/log /tmp
do
dd if=/dev/zero of=${path}/zero bs=1M || true
sync
rm -f ${path}/zero
done
- fstrim -av
- df -h
}
function finalize() {
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 28/34: CLOUDSTACK-10187: Don't delete vifs for VPCs
with source nat
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 439413638f400694a1821e16d7afbc391b66795e
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Wed Dec 13 01:28:18 2017 +0530
CLOUDSTACK-10187: Don't delete vifs for VPCs with source nat
On XenServer, both redundant router's vifs were getting deleted when any
PF rule is removed from any of the acquired public IPs. This fix
ensures that lastIp is set to `false` when processed by hypervisor
resources to avoid removing of VIFs when VPCs have any source nat IP.
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
.../com/cloud/network/router/CommandSetupHelper.java | 19 ++++++++++++++-----
test/integration/smoke/test_vpc_redundant.py | 4 ++--
2 files changed, 16 insertions(+), 7 deletions(-)
diff --git a/server/src/com/cloud/network/router/CommandSetupHelper.java b/server/src/com/cloud/network/router/CommandSetupHelper.java
index cadaf4f..c8d85fe 100644
--- a/server/src/com/cloud/network/router/CommandSetupHelper.java
+++ b/server/src/com/cloud/network/router/CommandSetupHelper.java
@@ -475,7 +475,7 @@ public class CommandSetupHelper {
public void createAssociateIPCommands(final VirtualRouter router, final List<? extends PublicIpAddress> ips, final Commands cmds, final long vmId) {
final String ipAssocCommand = "IPAssocCommand";
- createRedundantAssociateIPCommands(router, ips, cmds, ipAssocCommand, vmId);
+ createRedundantAssociateIPCommands(router, ips, cmds, ipAssocCommand, false);
}
public void createNetworkACLsCommands(final List<? extends NetworkACLItem> rules, final VirtualRouter router, final Commands cmds, final long guestNetworkId,
@@ -645,7 +645,7 @@ public class CommandSetupHelper {
final String ipAssocCommand = "IPAssocVpcCommand";
if (router.getIsRedundantRouter()) {
- createRedundantAssociateIPCommands(router, ips, cmds, ipAssocCommand, 0);
+ createRedundantAssociateIPCommands(router, ips, cmds, ipAssocCommand, true);
return;
}
@@ -742,7 +742,7 @@ public class CommandSetupHelper {
}
}
- public void createRedundantAssociateIPCommands(final VirtualRouter router, final List<? extends PublicIpAddress> ips, final Commands cmds, final String ipAssocCommand, final long vmId) {
+ public void createRedundantAssociateIPCommands(final VirtualRouter router, final List<? extends PublicIpAddress> ips, final Commands cmds, final String ipAssocCommand, final boolean isVPC) {
// Ensure that in multiple vlans case we first send all ip addresses of
// vlan1, then all ip addresses of vlan2, etc..
@@ -840,7 +840,16 @@ public class CommandSetupHelper {
}
// for network if the ips does not have any rules, then only last ip
- List<IPAddressVO> userIps = _ipAddressDao.listByAssociatedNetwork(associatedWithNetworkId, null);
+ final List<IPAddressVO> userIps = _ipAddressDao.listByAssociatedNetwork(associatedWithNetworkId, null);
+ boolean hasSourceNat = false;
+ if (isVPC && userIps.size() > 0 && userIps.get(0) != null) {
+ // All ips should belong to a VPC
+ final Long vpcId = userIps.get(0).getVpcId();
+ final List<IPAddressVO> sourceNatIps = _ipAddressDao.listByAssociatedVpc(vpcId, true);
+ if (sourceNatIps != null && sourceNatIps.size() > 0) {
+ hasSourceNat = true;
+ }
+ }
int ipsWithrules = 0;
int ipsStaticNat = 0;
@@ -864,7 +873,7 @@ public class CommandSetupHelper {
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
// if there is 1 static nat then it will be checked for remove at the resource
- if (ipsWithrules == 0 && ipsStaticNat == 0) {
+ if (ipsWithrules == 0 && ipsStaticNat == 0 && !hasSourceNat) {
// there is only one ip address for the network.
cmd.setAccessDetail(NetworkElementCommand.NETWORK_PUB_LAST_IP, "true");
} else {
diff --git a/test/integration/smoke/test_vpc_redundant.py b/test/integration/smoke/test_vpc_redundant.py
index b87ce43..e7b29b1 100644
--- a/test/integration/smoke/test_vpc_redundant.py
+++ b/test/integration/smoke/test_vpc_redundant.py
@@ -610,7 +610,7 @@ class TestVPCRedundancy(cloudstackTestCase):
gc_wait = Configurations.list(self.apiclient, name="network.gc.wait")
gc_interval = Configurations.list(self.apiclient, name="network.gc.interval")
-
+
self.logger.debug("network.gc.wait is ==> %s" % gc_wait)
self.logger.debug("network.gc.interval is ==> %s" % gc_interval)
@@ -628,7 +628,7 @@ class TestVPCRedundancy(cloudstackTestCase):
@attr(tags=["advanced", "intervlan"], required_hardware="true")
def test_05_rvpc_multi_tiers(self):
- """ Create a redundant VPC with 1 Tier, 1 VM, 1 ACL, 1 PF and test Network GC Nics"""
+ """ Create a redundant VPC with multiple tiers"""
self.logger.debug("Starting test_05_rvpc_multi_tiers")
self.query_routers()
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 20/34: rvr fixes
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit d691a70c9ae6781c6ad0ae667d6492d9e8f048dc
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Mon Dec 11 18:14:05 2017 +0530
rvr fixes
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
systemvm/debian/opt/cloud/bin/cs/CsRedundant.py | 11 ++--
systemvm/debian/opt/cloud/bin/setup/common.sh | 61 ----------------------
systemvm/debian/opt/cloud/bin/setup/router.sh | 5 --
systemvm/debian/opt/cloud/bin/setup/vpcrouter.sh | 5 --
.../opt/cloud/templates/keepalived.conf.templ | 1 -
5 files changed, 7 insertions(+), 76 deletions(-)
diff --git a/systemvm/debian/opt/cloud/bin/cs/CsRedundant.py b/systemvm/debian/opt/cloud/bin/cs/CsRedundant.py
index 108f337..29b5028 100755
--- a/systemvm/debian/opt/cloud/bin/cs/CsRedundant.py
+++ b/systemvm/debian/opt/cloud/bin/cs/CsRedundant.py
@@ -75,6 +75,10 @@ class CsRedundant(object):
def _redundant_off(self):
CsHelper.service("conntrackd", "stop")
CsHelper.service("keepalived", "stop")
+ CsHelper.umount_tmpfs(self.CS_RAMDISK_DIR)
+ CsHelper.rmdir(self.CS_RAMDISK_DIR)
+ CsHelper.rm(self.CONNTRACKD_CONF)
+ CsHelper.rm(self.KEEPALIVED_CONF)
def _redundant_on(self):
guest = self.address.get_guest_if()
@@ -107,10 +111,9 @@ class CsRedundant(object):
CsHelper.service("keepalived", "stop")
return
- # setup_router should execute this already:
- # CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False)
- # CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR)
- # CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False)
+ CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False)
+ CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR)
+ CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False)
for s in self.CS_TEMPLATES:
d = s
if s.endswith(".templ"):
diff --git a/systemvm/debian/opt/cloud/bin/setup/common.sh b/systemvm/debian/opt/cloud/bin/setup/common.sh
index 76ec826..f1f72f4 100755
--- a/systemvm/debian/opt/cloud/bin/setup/common.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/common.sh
@@ -609,67 +609,6 @@ routing_svcs() {
fi
}
-setup_redundant_router() {
- rrouter_bin_path="/ramdisk/rrouter"
- rrouter_log="/ramdisk/rrouter/keepalived.log"
- rrouter_bin_path_str="\/ramdisk\/rrouter"
- rrouter_log_str="\/ramdisk\/rrouter\/keepalived.log"
- mkdir -p /ramdisk
- mount tmpfs /ramdisk -t tmpfs
- mkdir -p /ramdisk/rrouter
- ip route delete default
-
- # Seed keepalived
- if [ "$RROUTER_STATE" == "MASTER" ]
- then
- sed -i "s/priority.*/priority 100/g" /opt/cloud/templates/keepalived.conf.templ
- else
- sed -i "s/priority.*/priority 50/g" /opt/cloud/templates/keepalived.conf.templ
- fi
- cp /opt/cloud/templates/keepalived.conf.templ /etc/keepalived/keepalived.conf # changes!
- sed -i "s/\[ROUTER_ID\]/$NAME/g" /etc/keepalived/keepalived.conf
- sed -i "s/\[ROUTER_IP\]/$GUEST_GW\/$GUEST_CIDR_SIZE/g" /etc/keepalived/keepalived.conf #fixme, multiple ips?
- sed -i "s/\[BOARDCAST\]/$GUEST_BRD/g" /etc/keepalived/keepalived.conf
- sed -i "s/\[PRIORITY\]/$ROUTER_PR/g" /etc/keepalived/keepalived.conf
- sed -i "s/\[PASS\]/$VM_PASSWORD/g" /etc/keepalived/keepalived.conf
- sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" /etc/keepalived/keepalived.conf
- sed -i "s/\[DELTA\]/2/g" /etc/keepalived/keepalived.conf
- sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived
- if [ $ADVERT_INT ]
- then
- sed -i "s/advert_int 1/advert_int $ADVERT_INT/g" /etc/keepalived/keepalived.conf
- fi
- chmod -x /etc/keepalived/keepalived.conf
-
- # Seed conntrackd
- cp /opt/cloud/templates/conntrackd.conf.templ /etc/conntrackd/conntrackd.conf
- sed -i "s/\[LINK_IF\]/eth0/g" /etc/conntrackd/conntrackd.conf
- sed -i "s/\[LINK_IP\]/$ETH0_IP/g" /etc/conntrackd/conntrackd.conf
- sed -i "s/\[IGNORE_IP1\]/$GUEST_GW/g" /etc/conntrackd/conntrackd.conf # checkme?
- sed -i "s/\[IGNORE_IP2\]/$ETH0_IP/g" /etc/conntrackd/conntrackd.conf
- sed -i "s/\[IGNORE_IP3\]/$ETH1_IP/g" /etc/conntrackd/conntrackd.conf
-
- # ramdisk scripts
- cp /opt/cloud/templates/heartbeat.sh.templ $rrouter_bin_path/heartbeat.sh
- cp /opt/cloud/templates/check_heartbeat.sh.templ $rrouter_bin_path/check_heartbeat.sh
- cp /opt/cloud/templates/arping_gateways.sh.templ $rrouter_bin_path/arping_gateways.sh
- cp /opt/cloud/templates/check_bumpup.sh $rrouter_bin_path/
- cp /opt/cloud/templates/checkrouter.sh.templ /opt/cloud/bin/checkrouter.sh # changes!
- #sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" /opt/cloud/bin/checkrouter.sh
-
- sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" $rrouter_bin_path/heartbeat.sh
- sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" $rrouter_bin_path/check_heartbeat.sh
- sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/check_heartbeat.sh
- sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/arping_gateways.sh
- chmod a+x $rrouter_bin_path/*.sh
-
- crontab -l|grep "check_heartbeat.sh"
- if [ $? -ne 0 ]
- then
- (crontab -l; echo -e "SHELL=/bin/bash\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n* * * * * $rrouter_bin_path/check_heartbeat.sh 2>&1 > /dev/null") | crontab
- fi
-}
-
parse_cmd_line() {
CMDLINE=$(cat /var/cache/cloud/cmdline)
TYPE="unknown"
diff --git a/systemvm/debian/opt/cloud/bin/setup/router.sh b/systemvm/debian/opt/cloud/bin/setup/router.sh
index 3bd4224..c3141f8 100755
--- a/systemvm/debian/opt/cloud/bin/setup/router.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/router.sh
@@ -49,11 +49,6 @@ setup_router() {
fi
fi
- if [ -n "$ETH2_IP" -a "$RROUTER" == "1" ]
- then
- setup_redundant_router
- fi
-
log_it "Checking udev NIC assignment order changes"
if [ "$NIC_MACS" != "" ]
then
diff --git a/systemvm/debian/opt/cloud/bin/setup/vpcrouter.sh b/systemvm/debian/opt/cloud/bin/setup/vpcrouter.sh
index 5ed09c7..106cfd6 100755
--- a/systemvm/debian/opt/cloud/bin/setup/vpcrouter.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/vpcrouter.sh
@@ -73,11 +73,6 @@ EOF
fi
fi
- if [ "$RROUTER" == "1" ]
- then
- setup_redundant_router
- fi
-
ip route delete default
# create route table for static route
diff --git a/systemvm/debian/opt/cloud/templates/keepalived.conf.templ b/systemvm/debian/opt/cloud/templates/keepalived.conf.templ
index bf896f9..722a9e7 100644
--- a/systemvm/debian/opt/cloud/templates/keepalived.conf.templ
+++ b/systemvm/debian/opt/cloud/templates/keepalived.conf.templ
@@ -28,7 +28,6 @@ vrrp_instance inside_network {
state BACKUP
interface eth2
virtual_router_id 51
- priority 50
nopreempt
advert_int 1
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 04/34: CLOUDSTACK-7853: Fix ping timeout edge case and
refactor code
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 86c21bade1c01a748ee77687f8e0a6375c879209
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Sat Dec 2 15:50:34 2017 +0530
CLOUDSTACK-7853: Fix ping timeout edge case and refactor code
Refresh InaccurateClock every 10seconds, refactor code to get ping timeout
and ping interval.
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
.../src/com/cloud/agent/manager/AgentManagerImpl.java | 16 ++++++++--------
.../main/java/com/cloud/utils/time/InaccurateClock.java | 2 +-
2 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/engine/orchestration/src/com/cloud/agent/manager/AgentManagerImpl.java b/engine/orchestration/src/com/cloud/agent/manager/AgentManagerImpl.java
index 325f3ec..7815c76 100644
--- a/engine/orchestration/src/com/cloud/agent/manager/AgentManagerImpl.java
+++ b/engine/orchestration/src/com/cloud/agent/manager/AgentManagerImpl.java
@@ -213,7 +213,7 @@ public class AgentManagerImpl extends ManagerBase implements AgentManager, Handl
_nodeId = ManagementServerNode.getManagementServerId();
s_logger.info("Configuring AgentManagerImpl. management server node id(msid): " + _nodeId);
- final long lastPing = (System.currentTimeMillis() >> 10) - (long) (PingTimeout.value() * PingInterval.value());
+ final long lastPing = (System.currentTimeMillis() >> 10) - getTimeout();
_hostDao.markHostsAsDisconnected(_nodeId, lastPing);
registerForHostEvents(new BehindOnPingListener(), true, true, false);
@@ -241,8 +241,12 @@ public class AgentManagerImpl extends ManagerBase implements AgentManager, Handl
return true;
}
+ protected int getPingInterval() {
+ return PingInterval.value();
+ }
+
protected long getTimeout() {
- return (long) (PingTimeout.value() * PingInterval.value());
+ return (long) (Math.ceil(PingTimeout.value() * PingInterval.value()));
}
@Override
@@ -358,10 +362,6 @@ public class AgentManagerImpl extends ManagerBase implements AgentManager, Handl
return null;
}
- protected int getPingInterval() {
- return PingInterval.value();
- }
-
@Override
public Answer send(final Long hostId, final Command cmd) throws AgentUnavailableException, OperationTimedoutException {
final Commands cmds = new Commands(Command.OnError.Stop);
@@ -623,7 +623,7 @@ public class AgentManagerImpl extends ManagerBase implements AgentManager, Handl
}
}
- _monitorExecutor.scheduleWithFixedDelay(new MonitorTask(), PingInterval.value(), PingInterval.value(), TimeUnit.SECONDS);
+ _monitorExecutor.scheduleWithFixedDelay(new MonitorTask(), getPingInterval(), getPingInterval(), TimeUnit.SECONDS);
return true;
}
@@ -1515,7 +1515,7 @@ public class AgentManagerImpl extends ManagerBase implements AgentManager, Handl
attache = createAttacheForDirectConnect(host, resource);
final StartupAnswer[] answers = new StartupAnswer[cmds.length];
for (int i = 0; i < answers.length; i++) {
- answers[i] = new StartupAnswer(cmds[i], attache.getId(), PingInterval.value());
+ answers[i] = new StartupAnswer(cmds[i], attache.getId(), getPingInterval());
}
attache.process(answers);
diff --git a/utils/src/main/java/com/cloud/utils/time/InaccurateClock.java b/utils/src/main/java/com/cloud/utils/time/InaccurateClock.java
index 2a22853..e03231d 100644
--- a/utils/src/main/java/com/cloud/utils/time/InaccurateClock.java
+++ b/utils/src/main/java/com/cloud/utils/time/InaccurateClock.java
@@ -63,7 +63,7 @@ public class InaccurateClock extends StandardMBean implements InaccurateClockMBe
public synchronized String restart() {
turnOff();
s_executor = Executors.newScheduledThreadPool(1, new NamedThreadFactory("InaccurateClock"));
- s_executor.scheduleAtFixedRate(new SetTimeTask(), 0, 60, TimeUnit.SECONDS);
+ s_executor.scheduleAtFixedRate(new SetTimeTask(), 0, 10, TimeUnit.SECONDS);
return "Restarted";
}
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 30/34: process unprocessed cmd_line.json
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 6730e7f1d2c74c86959015fe2a3d304db887a1f8
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Wed Dec 13 15:57:05 2017 +0530
process unprocessed cmd_line.json
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
systemvm/debian/opt/cloud/bin/update_config.py | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/systemvm/debian/opt/cloud/bin/update_config.py b/systemvm/debian/opt/cloud/bin/update_config.py
index 7b86378..c22aea0 100755
--- a/systemvm/debian/opt/cloud/bin/update_config.py
+++ b/systemvm/debian/opt/cloud/bin/update_config.py
@@ -112,6 +112,12 @@ def is_guestnet_configured(guestnet_dict, keys):
return exists
+# If the command line json file is unprocessed process it
+# This is important or, the control interfaces will get deleted!
+if jsonFilename != "cmd_line.json" and os.path.isfile(jsonPath % "cmd_line.json"):
+ qf = QueueFile()
+ qf.setFile("cmd_line.json")
+ qf.load(None)
if not (os.path.isfile(jsonConfigFile) and os.access(jsonConfigFile, os.R_OK)):
print "[ERROR] update_config.py :: Unable to read and access %s to process it" % jsonConfigFile
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 29/34: rm rc.local!
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit e8314a04bbca761dd178f2454eec13e74ad8de0d
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Wed Dec 13 01:42:05 2017 +0530
rm rc.local!
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
systemvm/debian/etc/rc.local | 19 -------------------
1 file changed, 19 deletions(-)
diff --git a/systemvm/debian/etc/rc.local b/systemvm/debian/etc/rc.local
deleted file mode 100755
index e419de0..0000000
--- a/systemvm/debian/etc/rc.local
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 32/34: increase timeout as things run slow in
nested-environments
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit a678ba7b6341003ee59404090c21b6c1cd9f7caf
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Wed Dec 13 16:49:52 2017 +0530
increase timeout as things run slow in nested-environments
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
test/integration/smoke/test_deploy_vm_root_resize.py | 8 ++++----
test/integration/smoke/test_ssvm.py | 4 ++--
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/test/integration/smoke/test_deploy_vm_root_resize.py b/test/integration/smoke/test_deploy_vm_root_resize.py
index 4855099..463b93e 100755
--- a/test/integration/smoke/test_deploy_vm_root_resize.py
+++ b/test/integration/smoke/test_deploy_vm_root_resize.py
@@ -126,9 +126,9 @@ class TestDeployVmRootSize(cloudstackTestCase):
if cls.restartreq:
cls.restartServer()
- #Giving 30 seconds to management to warm-up,
+ #Giving 90 seconds to management to warm-up,
#Experienced failures when trying to deploy a VM exactly when management came up
- time.sleep(30)
+ time.sleep(90)
#create a service offering
cls.service_offering = ServiceOffering.create(
@@ -159,9 +159,9 @@ class TestDeployVmRootSize(cloudstackTestCase):
tags="")
cls.restartServer()
- #Giving 30 seconds to management to warm-up,
+ #Giving 90 seconds to management to warm-up,
#Experienced failures when trying to deploy a VM exactly when management came up
- time.sleep(30)
+ time.sleep(90)
cleanup_resources(cls.api_client, cls._cleanup)
except Exception as e:
diff --git a/test/integration/smoke/test_ssvm.py b/test/integration/smoke/test_ssvm.py
index 41db1ab..f20003b 100644
--- a/test/integration/smoke/test_ssvm.py
+++ b/test/integration/smoke/test_ssvm.py
@@ -73,7 +73,7 @@ class TestSSVMs(cloudstackTestCase):
return list_host_response[0].state == 'Up', None
return False, None
- res, _ = wait_until(3, self.services["sleep"], checkRunningAgent)
+ res, _ = wait_until(3, 300, checkRunningAgent)
if not res:
raise Exception("Failed to wait for SSVM agent to be Up")
@@ -99,7 +99,7 @@ class TestSSVMs(cloudstackTestCase):
return ssvm_response.state == 'Running', ssvm_response
return False, None
- res, ssvm_response = wait_until(3, self.services["sleep"], checkRunningState)
+ res, ssvm_response = wait_until(3, 300, checkRunningState)
if not res:
self.fail("Failed to reach systemvm state to Running")
return ssvm_response
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 19/34: more fixes
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit a8a929ca73ab6f30f79099e5e2b7cfccf46f1f29
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Mon Dec 11 17:39:44 2017 +0530
more fixes
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
systemvm/debian/opt/cloud/bin/update_config.py | 2 +-
test/integration/smoke/test_templates.py | 4 ++--
.../definitions/systemvmtemplate/apt_upgrade.sh | 1 -
.../appliance/definitions/systemvmtemplate/cleanup.sh | 3 +--
.../definitions/systemvmtemplate/configure_grub.sh | 2 +-
.../definitions/systemvmtemplate/definition.rb | 2 +-
.../appliance/definitions/systemvmtemplate/finalize.sh | 2 +-
.../appliance/definitions/systemvmtemplate/preseed.cfg | 18 ++++++++++++++----
tools/marvin/marvin/lib/common.py | 15 +++++----------
9 files changed, 26 insertions(+), 23 deletions(-)
diff --git a/systemvm/debian/opt/cloud/bin/update_config.py b/systemvm/debian/opt/cloud/bin/update_config.py
index a603f47..db47c53 100755
--- a/systemvm/debian/opt/cloud/bin/update_config.py
+++ b/systemvm/debian/opt/cloud/bin/update_config.py
@@ -41,7 +41,7 @@ currentGuestNetConfig = "/etc/cloudstack/guestnetwork.json"
# If the command line json file is unprocessed process it
# This is important or, the control interfaces will get deleted!
-if os.path.isfile(jsonPath % "cmd_line.json"):
+if jsonFilename != "cmd_line.json" and os.path.isfile(jsonPath % "cmd_line.json"):
qf = QueueFile()
qf.setFile("cmd_line.json")
qf.load(None)
diff --git a/test/integration/smoke/test_templates.py b/test/integration/smoke/test_templates.py
index 955fe6e..6544ad2 100644
--- a/test/integration/smoke/test_templates.py
+++ b/test/integration/smoke/test_templates.py
@@ -158,7 +158,6 @@ class TestCreateTemplateWithChecksum(cloudstackTestCase):
cmd.id = temp.id
cmd.zoneid = self.zone.id
self.apiclient.deleteTemplate(cmd)
-
except Exception as e:
raise Exception("Warning: Exception during cleanup : %s" % e)
return
@@ -227,7 +226,8 @@ class TestCreateTemplateWithChecksum(cloudstackTestCase):
def registerTemplate(self, cmd):
temp = self.apiclient.registerTemplate(cmd)[0]
- self.cleanup.append(temp)
+ if not temp:
+ self.cleanup.append(temp)
return temp
def getOsType(self, param):
diff --git a/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh b/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
index 2d7394d..4a408c3 100644
--- a/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
+++ b/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
@@ -22,7 +22,6 @@ set -x
function fix_tune2fs() {
for partition in $(blkid -o list | grep ext | awk '{print $1}')
do
- tune2fs -m0 $partition
tune2fs -c 1 $partition
done
fdisk -l
diff --git a/tools/appliance/definitions/systemvmtemplate/cleanup.sh b/tools/appliance/definitions/systemvmtemplate/cleanup.sh
index 00f068d..fd7d9f3 100644
--- a/tools/appliance/definitions/systemvmtemplate/cleanup.sh
+++ b/tools/appliance/definitions/systemvmtemplate/cleanup.sh
@@ -22,7 +22,7 @@ set -x
function cleanup_apt() {
apt-get -y remove --purge dictionaries-common busybox isc-dhcp-client isc-dhcp-common \
task-english task-ssh-server tasksel tasksel-data laptop-detect nano wamerican \
- debconf-i18n sharutils gnupg gnupg-agent keyboard-configuration
+ debconf-i18n sharutils gnupg gnupg-agent
apt-get -y autoremove --purge
apt-get autoclean
@@ -59,7 +59,6 @@ function cleanup_misc() {
# Docs and data files
rm -fr /var/lib/apt/*
rm -fr /var/cache/apt/*
- rm -fr /usr/lib/gnupg*
rm -fr /usr/share/doc
rm -fr /usr/share/man
rm -fr /usr/share/info
diff --git a/tools/appliance/definitions/systemvmtemplate/configure_grub.sh b/tools/appliance/definitions/systemvmtemplate/configure_grub.sh
index 4a42dc6..c0a2596 100644
--- a/tools/appliance/definitions/systemvmtemplate/configure_grub.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_grub.sh
@@ -27,7 +27,7 @@ function configure_grub() {
GRUB_DEFAULT=0
GRUB_TIMEOUT=0
GRUB_DISTRIBUTOR=Debian
-GRUB_CMDLINE_LINUX_DEFAULT="quiet"
+GRUB_CMDLINE_LINUX_DEFAULT=""
GRUB_CMDLINE_LINUX="console=tty0 console=ttyS0,115200n8 console=hvc0 earlyprintk=xen net.ifnames=0 biosdevname=0 debian-installer=en_US fsck.mode=force nomodeset"
GRUB_CMDLINE_XEN="com1=115200 console=com1"
GRUB_TERMINAL="console serial"
diff --git a/tools/appliance/definitions/systemvmtemplate/definition.rb b/tools/appliance/definitions/systemvmtemplate/definition.rb
index 917dd77..b5e4da2 100644
--- a/tools/appliance/definitions/systemvmtemplate/definition.rb
+++ b/tools/appliance/definitions/systemvmtemplate/definition.rb
@@ -36,7 +36,7 @@ architectures = {
config = {
:cpu_count => '1',
:memory_size => '512',
- :disk_size => '2000', :disk_format => 'VDI', :hostiocache => 'off',
+ :disk_size => '2500', :disk_format => 'VDI', :hostiocache => 'off',
:iso_download_timeout => '1000',
:boot_wait => '10',
:boot_cmd_sequence => [
diff --git a/tools/appliance/definitions/systemvmtemplate/finalize.sh b/tools/appliance/definitions/systemvmtemplate/finalize.sh
index febae7b..fb8c8f3 100644
--- a/tools/appliance/definitions/systemvmtemplate/finalize.sh
+++ b/tools/appliance/definitions/systemvmtemplate/finalize.sh
@@ -53,7 +53,7 @@ function cleanup_veewee() {
function zero_disk() {
df -h
fstrim -av
- for path in / /boot /var/log /tmp
+ for path in / /boot /var /var/log /tmp
do
dd if=/dev/zero of=${path}/zero bs=1M || true
sync
diff --git a/tools/appliance/definitions/systemvmtemplate/preseed.cfg b/tools/appliance/definitions/systemvmtemplate/preseed.cfg
index 7fbe2a1..290d867 100644
--- a/tools/appliance/definitions/systemvmtemplate/preseed.cfg
+++ b/tools/appliance/definitions/systemvmtemplate/preseed.cfg
@@ -57,23 +57,33 @@ d-i partman-auto/method string regular
d-i partman-auto/choose_recipe select atomic
d-i partman-auto/expert_recipe string \
boot-root :: \
- 100 50 100 ext2 \
+ 100 50 200 ext2 \
$primary{ } $bootable{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext2 } \
mountpoint{ /boot } \
. \
- 1500 40 1600 ext4 \
+ 1000 40 1200 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ / } \
. \
- 350 60 400 ext4 \
+ 700 70 800 ext4 \
+ method{ format } format{ } \
+ use_filesystem{ } filesystem{ ext4 } \
+ mountpoint{ /var } \
+ . \
+ 400 60 500 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /var/log } \
. \
- 50 100 200 linux-swap \
+ 100 90 200 ext4 \
+ method{ format } format{ } \
+ use_filesystem{ } filesystem{ ext4 } \
+ mountpoint{ /tmp } \
+ . \
+ 200 100 1024 linux-swap \
method{ swap } format{ } \
.
diff --git a/tools/marvin/marvin/lib/common.py b/tools/marvin/marvin/lib/common.py
index 64182d9..73fdf2a 100644
--- a/tools/marvin/marvin/lib/common.py
+++ b/tools/marvin/marvin/lib/common.py
@@ -394,16 +394,6 @@ def get_test_template(apiclient, zone_id=None, hypervisor=None):
"url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-vmware.ova",
"requireshvm": "True",
"ispublic": "True"
- },
- "simulator": {
- "name": "tiny-simulator",
- "displaytext": "tiny simulator",
- "format": "vhd",
- "hypervisor": "simulator",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-xen.vhd.bz2",
- "requireshvm": "True",
- "ispublic": "True"
}
}
@@ -411,6 +401,11 @@ def get_test_template(apiclient, zone_id=None, hypervisor=None):
return FAILED
hypervisor = hypervisor.lower()
+
+ # Return built-in template for simulator
+ if hypervisor == 'simulator':
+ return get_template(apiclient, zone_id)
+
if hypervisor not in test_templates.keys():
print "Provided hypervisor has no test template"
return FAILED
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 10/34: CLOUDSTACK-10013: Make the generated VR/json
files unique (ports #1470)
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 6ea2717edad57cf2cd7a61edf93a3dc07eeda1be
Author: Remi Bergsma <gi...@remi.nl>
AuthorDate: Sat Dec 2 23:19:14 2017 +0530
CLOUDSTACK-10013: Make the generated VR/json files unique (ports #1470)
This ports PR #1470 by @remibergsma.
Make the generated json files unique to prevent concurrency issues:
The json files now have UUIDs to prevent them from getting overwritten
before they've been executed. Prevents config to be pushed to the wrong
router.
2016-02-25 18:32:23,797 DEBUG [c.c.a.t.Request] (AgentManager-Handler-1:null) (logid:) Seq 2-4684025087442026584: Processing: { Ans: , MgmtId: 90520732674657, via: 2, Ver: v1, Flags: 10, [{"com.cloud.agent.api.routing.GroupA
nswer":{"results":["null - success: null","null - success: [INFO] update_config.py :: Processing incoming file => vm_dhcp_entry.json.4ea45061-2efb-4467-8eaa-db3d77fb0a7b\n[INFO] Processing JSON file vm_dhcp_entry.json.4ea4506
1-2efb-4467-8eaa-db3d77fb0a7b\n"],"result":true,"wait":0}}] }
On the router:
2016-02-25 18:32:23,416 merge.py __moveFile:298 Processed file written to /var/cache/cloud/processed/vm_dhcp_entry.json.4ea45061-2efb-4467-8eaa-db3d77fb0a7b.gz
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
.../facade/AbstractConfigItemFacade.java | 21 +-
.../kvm/resource/LibvirtComputingResource.java | 5 +
systemvm/patches/debian/etc/rc.local | 9 -
systemvm/patches/debian/opt/cloud/bin/configure.py | 220 +++++++++------------
systemvm/patches/debian/opt/cloud/bin/merge.py | 37 ++--
.../patches/debian/opt/cloud/bin/update_config.py | 22 ++-
6 files changed, 159 insertions(+), 155 deletions(-)
diff --git a/core/src/com/cloud/agent/resource/virtualnetwork/facade/AbstractConfigItemFacade.java b/core/src/com/cloud/agent/resource/virtualnetwork/facade/AbstractConfigItemFacade.java
index f017384..a083012 100644
--- a/core/src/com/cloud/agent/resource/virtualnetwork/facade/AbstractConfigItemFacade.java
+++ b/core/src/com/cloud/agent/resource/virtualnetwork/facade/AbstractConfigItemFacade.java
@@ -22,6 +22,8 @@ package com.cloud.agent.resource.virtualnetwork.facade;
import java.util.Hashtable;
import java.util.LinkedList;
import java.util.List;
+import java.util.UUID;
+import org.apache.log4j.Logger;
import com.cloud.agent.api.BumpUpPriorityCommand;
import com.cloud.agent.api.SetupGuestNetworkCommand;
@@ -58,6 +60,8 @@ import com.google.gson.GsonBuilder;
public abstract class AbstractConfigItemFacade {
+ private static final Logger s_logger = Logger.getLogger(AbstractConfigItemFacade.class);
+
private final static Gson gson;
private static Hashtable<Class<? extends NetworkElementCommand>, AbstractConfigItemFacade> flyweight = new Hashtable<Class<? extends NetworkElementCommand>, AbstractConfigItemFacade>();
@@ -104,13 +108,26 @@ public abstract class AbstractConfigItemFacade {
return instance;
}
+ private static String appendUuidToJsonFiles(final String filename) {
+ String remoteFileName = new String(filename);
+ if (remoteFileName.endsWith("json")) {
+ remoteFileName += "." + UUID.randomUUID().toString();
+ }
+ return remoteFileName;
+ }
+
protected List<ConfigItem> generateConfigItems(final ConfigBase configuration) {
final List<ConfigItem> cfg = new LinkedList<>();
- final ConfigItem configFile = new FileConfigItem(VRScripts.CONFIG_PERSIST_LOCATION, destinationFile, gson.toJson(configuration));
+ final String remoteFilename = appendUuidToJsonFiles(destinationFile);
+ if (s_logger.isDebugEnabled()) {
+ s_logger.debug("Transformed filename: " + destinationFile + " to: " + remoteFilename);
+ }
+
+ final ConfigItem configFile = new FileConfigItem(VRScripts.CONFIG_PERSIST_LOCATION, remoteFilename, gson.toJson(configuration));
cfg.add(configFile);
- final ConfigItem updateCommand = new ScriptConfigItem(VRScripts.UPDATE_CONFIG, destinationFile);
+ final ConfigItem updateCommand = new ScriptConfigItem(VRScripts.UPDATE_CONFIG, remoteFilename);
cfg.add(updateCommand);
return cfg;
diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
index 952fe9e..2e5d571 100644
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
@@ -332,6 +332,9 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv
if (details == null) {
details = parser.getLines();
}
+
+ s_logger.debug("Executing script in VR: " + script);
+
return new ExecutionResult(command.getExitValue() == 0, details);
}
@@ -340,6 +343,8 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv
final File permKey = new File("/root/.ssh/id_rsa.cloud");
String error = null;
+ s_logger.debug("Creating file in VR, with ip: " + routerIp + ", file: " + filename);
+
try {
SshHelper.scpTo(routerIp, 3922, "root", permKey, null, path, content.getBytes(), filename, null);
} catch (final Exception e) {
diff --git a/systemvm/patches/debian/etc/rc.local b/systemvm/patches/debian/etc/rc.local
index bb4e251..895c120 100755
--- a/systemvm/patches/debian/etc/rc.local
+++ b/systemvm/patches/debian/etc/rc.local
@@ -67,12 +67,3 @@ then
python /opt/cloud/bin/baremetal-vr.py &
logger -t cloud "Started baremetal-vr service"
fi
-
-if [ "$TYPE" == "router" ] || [ "$TYPE" == "vpcrouter" ] || [ "$TYPE" == "dhcpsrvr" ]
-then
- if [ -x /opt/cloud/bin/update_config.py ]
- then
- /opt/cloud/bin/update_config.py cmd_line.json
- logger -t cloud "Updated config: cmd_line.json"
- fi
-fi
diff --git a/systemvm/patches/debian/opt/cloud/bin/configure.py b/systemvm/patches/debian/opt/cloud/bin/configure.py
index b8a3e02..3b39e6d 100755
--- a/systemvm/patches/debian/opt/cloud/bin/configure.py
+++ b/systemvm/patches/debian/opt/cloud/bin/configure.py
@@ -17,33 +17,29 @@
# specific language governing permissions and limitations
# under the License.
import sys
-import os
import base64
-from merge import DataBag
-from pprint import pprint
-import subprocess
+from collections import OrderedDict
+
import logging
import re
-import time
-import shutil
+
import os.path
import os
from fcntl import flock, LOCK_EX, LOCK_UN
-from cs.CsDatabag import CsDataBag, CsCmdLine
-import cs.CsHelper
+from cs.CsDatabag import CsDataBag
from cs.CsNetfilter import CsNetfilters
from cs.CsDhcp import CsDhcp
from cs.CsRedundant import *
from cs.CsFile import CsFile
-from cs.CsApp import CsApache, CsDnsmasq
from cs.CsMonitor import CsMonitor
from cs.CsLoadBalancer import CsLoadBalancer
from cs.CsConfig import CsConfig
from cs.CsProcess import CsProcess
from cs.CsStaticRoutes import CsStaticRoutes
+OCCURRENCES = 1
class CsPassword(CsDataBag):
@@ -668,16 +664,11 @@ class CsRemoteAccessVpn(CsDataBag):
continue
vpnconfig=self.dbag[public_ip]
- #Enable remote access vpn
+ # Enable remote access vpn
if vpnconfig['create']:
shutdownIpsec = False
logging.debug("Enabling remote access vpn on "+ public_ip)
- dev = CsHelper.get_device(public_ip)
- if dev == "":
- logging.error("Request for ipsec to %s not possible because ip is not configured", public_ip)
- continue
-
CsHelper.start_if_stopped("ipsec")
self.configure_l2tpIpsec(public_ip, self.dbag[public_ip])
logging.debug("Remote accessvpn data bag %s", self.dbag)
@@ -960,16 +951,49 @@ class CsForwardingRules(CsDataBag):
self.fw.append(["nat", "front", "-A POSTROUTING -s %s -d %s -j SNAT -o eth0 --to-source %s" % (self.getNetworkByIp(rule['internal_ip']),rule["internal_ip"], self.getGuestIp())])
+class IpTablesExecutor:
+
+ config = None
+
+ def __init__(self, config):
+ self.config = config
+
+ def process(self):
+ acls = CsAcl('networkacl', self.config)
+ acls.process()
+
+ acls = CsAcl('firewallrules', self.config)
+ acls.process()
+
+ fwd = CsForwardingRules("forwardingrules", self.config)
+ fwd.process()
+
+ vpns = CsSite2SiteVpn("site2sitevpn", self.config)
+ vpns.process()
+
+ rvpn = CsRemoteAccessVpn("remoteaccessvpn", self.config)
+ rvpn.process()
+
+ lb = CsLoadBalancer("loadbalancer", self.config)
+ lb.process()
+
+ logging.debug("Configuring iptables rules")
+ nf = CsNetfilters()
+ nf.compare(self.config.get_fw())
+
+ logging.debug("Configuring iptables rules done ...saving rules")
+
+ # Save iptables configuration - will be loaded on reboot by the iptables-restore that is configured on /etc/rc.local
+ CsHelper.save_iptables("iptables-save", "/etc/iptables/router_rules.v4")
+ CsHelper.save_iptables("ip6tables-save", "/etc/iptables/router_rules.v6")
+
def main(argv):
# The file we are currently processing, if it is "cmd_line.json" everything will be processed.
process_file = argv[1]
- # process_file can be None, if so assume cmd_line.json
if process_file is None:
- process_file = "cmd_line.json"
-
- # Track if changes need to be committed to NetFilter
- iptables_change = False
+ logging.debug("No file was received, do not go on processing the other actions. Just leave for now.")
+ return
# The "GLOBAL" Configuration object
config = CsConfig()
@@ -977,108 +1001,60 @@ def main(argv):
logging.basicConfig(filename=config.get_logger(),
level=config.get_level(),
format=config.get_format())
- try:
- # Load stored ip adresses from disk to CsConfig()
- config.set_address()
-
- logging.debug("Configuring ip addresses")
- config.address().compare()
- config.address().process()
-
- if process_file in ["cmd_line.json", "guest_network.json"]:
- logging.debug("Configuring Guest Network")
- iptables_change = True
-
- if process_file in ["cmd_line.json", "vm_password.json"]:
- logging.debug("Configuring vmpassword")
- password = CsPassword("vmpassword", config)
- password.process()
-
- if process_file in ["cmd_line.json", "vm_metadata.json"]:
- logging.debug("Configuring vmdata")
- metadata = CsVmMetadata('vmdata', config)
- metadata.process()
-
- if process_file in ["cmd_line.json", "network_acl.json"]:
- logging.debug("Configuring networkacl")
- iptables_change = True
-
- if process_file in ["cmd_line.json", "firewall_rules.json"]:
- logging.debug("Configuring firewall rules")
- iptables_change = True
-
- if process_file in ["cmd_line.json", "forwarding_rules.json", "staticnat_rules.json"]:
- logging.debug("Configuring PF rules")
- iptables_change = True
-
- if process_file in ["cmd_line.json", "site_2_site_vpn.json"]:
- logging.debug("Configuring s2s vpn")
- iptables_change = True
-
- if process_file in ["cmd_line.json", "remote_access_vpn.json"]:
- logging.debug("Configuring remote access vpn")
- iptables_change = True
-
- if process_file in ["cmd_line.json", "vpn_user_list.json"]:
- logging.debug("Configuring vpn users list")
- vpnuser = CsVpnUser("vpnuserlist", config)
- vpnuser.process()
-
- if process_file in ["cmd_line.json", "vm_dhcp_entry.json", "dhcp.json"]:
- logging.debug("Configuring dhcp entry")
- dhcp = CsDhcp("dhcpentry", config)
- dhcp.process()
-
- if process_file in ["cmd_line.json", "load_balancer.json"]:
- logging.debug("Configuring load balancer")
- iptables_change = True
-
- if process_file in ["cmd_line.json", "monitor_service.json"]:
- logging.debug("Configuring monitor service")
- mon = CsMonitor("monitorservice", config)
- mon.process()
-
- # If iptable rules have changed, apply them.
- if iptables_change:
- acls = CsAcl('networkacl', config)
- acls.process()
-
- acls = CsAcl('firewallrules', config)
- acls.flushAllowAllEgressRules()
- acls.process()
-
- fwd = CsForwardingRules("forwardingrules", config)
- fwd.process()
-
- vpns = CsSite2SiteVpn("site2sitevpn", config)
- vpns.process()
-
- rvpn = CsRemoteAccessVpn("remoteaccessvpn", config)
- rvpn.process()
-
- lb = CsLoadBalancer("loadbalancer", config)
- lb.process()
-
- logging.debug("Configuring iptables rules")
- nf = CsNetfilters()
- nf.compare(config.get_fw())
-
- logging.debug("Configuring iptables rules done ...saving rules")
-
- # Save iptables configuration - will be loaded on reboot by the iptables-restore that is configured on /etc/rc.local
- CsHelper.save_iptables("iptables-save", "/etc/iptables/router_rules.v4")
- CsHelper.save_iptables("ip6tables-save", "/etc/iptables/router_rules.v6")
-
- red = CsRedundant(config)
- red.set()
-
- if process_file in ["cmd_line.json", "static_routes.json"]:
- logging.debug("Configuring static routes")
- static_routes = CsStaticRoutes("staticroutes", config)
- static_routes.process()
- except Exception:
- logging.exception("Exception while configuring router")
- return 1
+ # Load stored ip adresses from disk to CsConfig()
+ config.set_address()
+
+ logging.debug("Configuring ip addresses")
+ config.address().compare()
+ config.address().process()
+
+ databag_map = OrderedDict([("guest_network.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
+ ("vm_password.json", {"process_iptables" : False, "executor" : CsPassword("vmpassword", config)}),
+ ("vm_metadata.json", {"process_iptables" : False, "executor" : CsVmMetadata('vmdata', config)}),
+ ("network_acl.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
+ ("firewall_rules.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
+ ("forwarding_rules.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
+ ("staticnat_rules.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
+ ("site_2_site_vpn.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
+ ("remote_access_vpn.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
+ ("vpn_user_list.json", {"process_iptables" : False, "executor" : CsVpnUser("vpnuserlist", config)}),
+ ("vm_dhcp_entry.json", {"process_iptables" : False, "executor" : CsDhcp("dhcpentry", config)}),
+ ("dhcp.json", {"process_iptables" : False, "executor" : CsDhcp("dhcpentry", config)}),
+ ("load_balancer.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
+ ("monitor_service.json", {"process_iptables" : False, "executor" : CsMonitor("monitorservice", config)}),
+ ("static_routes.json", {"process_iptables" : False, "executor" : CsStaticRoutes("staticroutes", config)})
+ ])
+
+ if process_file.count("cmd_line.json") == OCCURRENCES:
+ logging.debug("cmd_line.json changed. All other files will be processed as well.")
+
+ while databag_map:
+ item = databag_map.popitem(last = False)
+ item_name = item[0]
+ item_dict = item[1]
+ if not item_dict["process_iptables"]:
+ executor = item_dict["executor"]
+ executor.process()
+
+ iptables_executor = IpTablesExecutor(config)
+ iptables_executor.process()
+ else:
+ while databag_map:
+ item = databag_map.popitem(last = False)
+ item_name = item[0]
+ item_dict = item[1]
+ if process_file.count(item_name) == OCCURRENCES:
+ executor = item_dict["executor"]
+ executor.process()
+
+ if item_dict["process_iptables"]:
+ iptables_executor = IpTablesExecutor(config)
+ iptables_executor.process()
+
+ break
+
+ red = CsRedundant(config)
+ red.set()
if __name__ == "__main__":
main(sys.argv)
diff --git a/systemvm/patches/debian/opt/cloud/bin/merge.py b/systemvm/patches/debian/opt/cloud/bin/merge.py
index 1c9adf2..ef20d0b 100755
--- a/systemvm/patches/debian/opt/cloud/bin/merge.py
+++ b/systemvm/patches/debian/opt/cloud/bin/merge.py
@@ -18,8 +18,10 @@
import json
import os
-import time
+import uuid
import logging
+import gzip
+import shutil
import cs_ip
import cs_guestnetwork
import cs_cmdline
@@ -36,8 +38,6 @@ import cs_remoteaccessvpn
import cs_vpnusers
import cs_staticroutes
-from pprint import pprint
-
class DataBag:
@@ -282,22 +282,26 @@ class QueueFile:
if data is not None:
self.data = data
self.type = self.data["type"]
- proc = updateDataBag(self)
+ updateDataBag(self)
return
- fn = self.configCache + '/' + self.fileName
+ filename = '{cache_location}/{json_file}'.format(cache_location = self.configCache, json_file = self.fileName)
try:
- handle = open(fn)
- except IOError:
- logging.error("Could not open %s", fn)
+ handle = open(filename)
+ except IOError as exception:
+ error_message = ("Exception occurred with the following exception error '{error}'. Could not open '{file}'. "
+ "It seems that the file has already been moved.".format(error = exception, file = filename))
+ logging.error(error_message)
else:
+ logging.info("Continuing with the processing of file '{file}'".format(file = filename))
+
self.data = json.load(handle)
self.type = self.data["type"]
handle.close()
if self.keep:
- self.__moveFile(fn, self.configCache + "/processed")
+ self.__moveFile(filename, self.configCache + "/processed")
else:
- os.remove(fn)
- proc = updateDataBag(self)
+ os.remove(filename)
+ updateDataBag(self)
def setFile(self, name):
self.fileName = name
@@ -314,8 +318,15 @@ class QueueFile:
def __moveFile(self, origPath, path):
if not os.path.exists(path):
os.makedirs(path)
- timestamp = str(int(round(time.time())))
- os.rename(origPath, path + "/" + self.fileName + "." + timestamp)
+ originalName = os.path.basename(origPath)
+ if originalName.count(".") == 1:
+ originalName += "." + str(uuid.uuid4())
+ zipped_file_name = path + "/" + originalName + ".gz"
+ with open(origPath, 'rb') as f_in, gzip.open(zipped_file_name, 'wb') as f_out:
+ shutil.copyfileobj(f_in, f_out)
+ os.remove(origPath)
+
+ logging.debug("Processed file written to %s", zipped_file_name)
class PrivateGatewayHack:
diff --git a/systemvm/patches/debian/opt/cloud/bin/update_config.py b/systemvm/patches/debian/opt/cloud/bin/update_config.py
index ab08e03..e36980a 100755
--- a/systemvm/patches/debian/opt/cloud/bin/update_config.py
+++ b/systemvm/patches/debian/opt/cloud/bin/update_config.py
@@ -26,6 +26,8 @@ import os.path
import configure
import json
+OCCURRENCES = 1
+
logging.basicConfig(filename='/var/log/cloud.log', level=logging.INFO, format='%(asctime)s %(filename)s %(funcName)s:%(lineno)d %(message)s')
# first commandline argument should be the file to process
@@ -39,6 +41,14 @@ jsonCmdConfigPath = jsonPath % sys.argv[1]
currentGuestNetConfig = "/etc/cloudstack/guestnetwork.json"
+# If the command line json file is unprocessed process it
+# This is important or, the control interfaces will get deleted!
+if os.path.isfile(jsonPath % "cmd_line.json"):
+ qf = QueueFile()
+ qf.setFile("cmd_line.json")
+ qf.load(None)
+
+
def finish_config():
# Converge
returncode = configure.main(sys.argv)
@@ -111,19 +121,13 @@ def is_guestnet_configured(guestnet_dict, keys):
return exists
-if not (os.path.isfile(jsonCmdConfigPath) and os.access(jsonCmdConfigPath, os.R_OK)):
+filename = jsonCmdConfigPath
+if not (os.path.isfile(filename) and os.access(filename, os.R_OK)):
print "[ERROR] update_config.py :: You are telling me to process %s, but i can't access it" % jsonCmdConfigPath
sys.exit(1)
-# If the command line json file is unprocessed process it
-# This is important or, the control interfaces will get deleted!
-if os.path.isfile(jsonPath % "cmd_line.json"):
- qf = QueueFile()
- qf.setFile("cmd_line.json")
- qf.load(None)
-
# If the guest network is already configured and have the same IP, do not try to configure it again otherwise it will break
-if sys.argv[1] == "guest_network.json":
+if sys.argv[1] and sys.argv[1].count("guest_network.json") == OCCURRENCES:
if os.path.isfile(currentGuestNetConfig):
file = open(currentGuestNetConfig)
guestnet_dict = json.load(file)
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 17/34: fix simulator build
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit daa55ae63fd4e05c55414147d50ea70e424a7795
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Mon Dec 11 02:51:17 2017 +0530
fix simulator build
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
tools/marvin/marvin/lib/common.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/marvin/marvin/lib/common.py b/tools/marvin/marvin/lib/common.py
index 32abda7..64182d9 100644
--- a/tools/marvin/marvin/lib/common.py
+++ b/tools/marvin/marvin/lib/common.py
@@ -401,7 +401,7 @@ def get_test_template(apiclient, zone_id=None, hypervisor=None):
"format": "vhd",
"hypervisor": "simulator",
"ostype": "Other Linux (64-bit)",
- "url": "http://fake.url/tiny.vhd.bz2",
+ "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-xen.vhd.bz2",
"requireshvm": "True",
"ispublic": "True"
}
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 27/34: fixes
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit cbaca700f8bfd3bf8bde181826b909dfaf1211f5
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Wed Dec 13 00:26:27 2017 +0530
fixes
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
systemvm/debian/etc/rc.local | 28 ----------------
.../etc/systemd/system/cloud-postinit.service | 2 +-
systemvm/debian/opt/cloud/bin/setup/common.sh | 3 +-
.../debian/opt/cloud/bin/setup/consoleproxy.sh | 2 +-
systemvm/debian/opt/cloud/bin/setup/dhcpsrvr.sh | 2 +-
systemvm/debian/opt/cloud/bin/setup/elbvm.sh | 2 +-
systemvm/debian/opt/cloud/bin/setup/ilbvm.sh | 2 +-
.../debian/opt/cloud/bin/setup/patchsystemvm.sh | 4 +++
systemvm/debian/opt/cloud/bin/setup/postinit.sh | 39 +++++++++++++++++++---
systemvm/debian/opt/cloud/bin/setup/secstorage.sh | 2 +-
systemvm/debian/opt/cloud/bin/update_config.py | 7 ----
ui/l10n/en.js | 1 -
ui/scripts/system.js | 4 +--
ui/scripts/ui/dialog.js | 2 +-
ui/scripts/ui/widgets/multiEdit.js | 2 +-
15 files changed, 49 insertions(+), 53 deletions(-)
diff --git a/systemvm/debian/etc/rc.local b/systemvm/debian/etc/rc.local
index 94c6466..e419de0 100755
--- a/systemvm/debian/etc/rc.local
+++ b/systemvm/debian/etc/rc.local
@@ -16,32 +16,4 @@
# specific language governing permissions and limitations
# under the License.
-[ ! -f /var/cache/cloud/enabled_svcs ] && touch /var/cache/cloud/enabled_svcs
-for svc in $(cat /var/cache/cloud/enabled_svcs)
-do
- logger -t cloud "Starting $svc"
- systemctl enable --no-block --now $svc
-done
-[ ! -f /var/cache/cloud/disabled_svcs ] && touch /var/cache/cloud/disabled_svcs
-for svc in $(cat /var/cache/cloud/disabled_svcs)
-do
- logger -t cloud "Stopping $svc"
- systemctl disable --no-block --now $svc
-done
-
-# Restore the persistent iptables nat, rules and filters for IPv4 and IPv6 if they exist
-ipv4="/etc/iptables/rules.v4"
-if [ -e $ipv4 ]
-then
- iptables-restore < $ipv4
-fi
-
-ipv6="/etc/iptables/rules.v6"
-if [ -e $ipv6 ]
-then
- iptables-restore < $ipv6
-fi
-
-date > /var/cache/cloud/boot_up_done
-logger -t cloud "Boot up process done"
diff --git a/systemvm/debian/etc/systemd/system/cloud-postinit.service b/systemvm/debian/etc/systemd/system/cloud-postinit.service
index 04f71a3..c23516e 100644
--- a/systemvm/debian/etc/systemd/system/cloud-postinit.service
+++ b/systemvm/debian/etc/systemd/system/cloud-postinit.service
@@ -11,4 +11,4 @@ WantedBy=multi-user.target
Type=oneshot
ExecStart=/opt/cloud/bin/setup/postinit.sh
RemainAfterExit=true
-TimeoutStartSec=5min
+TimeoutStartSec=10min
diff --git a/systemvm/debian/opt/cloud/bin/setup/common.sh b/systemvm/debian/opt/cloud/bin/setup/common.sh
index f1f72f4..078cb58 100755
--- a/systemvm/debian/opt/cloud/bin/setup/common.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/common.sh
@@ -590,8 +590,7 @@ routing_svcs() {
systemctl disable --now portmap
systemctl enable apache2
systemctl enable haproxy
- systemctl enable ssh
- echo "ssh haproxy apache2" > /var/cache/cloud/enabled_svcs
+ echo "haproxy apache2" > /var/cache/cloud/enabled_svcs
echo "cloud nfs-common portmap" > /var/cache/cloud/disabled_svcs
if [ $RROUTER -eq 1 ]
then
diff --git a/systemvm/debian/opt/cloud/bin/setup/consoleproxy.sh b/systemvm/debian/opt/cloud/bin/setup/consoleproxy.sh
index a3b2797..225dc6f 100755
--- a/systemvm/debian/opt/cloud/bin/setup/consoleproxy.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/consoleproxy.sh
@@ -19,7 +19,7 @@
. /opt/cloud/bin/setup/common.sh
consoleproxy_svcs() {
- echo "cloud ssh" > /var/cache/cloud/enabled_svcs
+ echo "cloud" > /var/cache/cloud/enabled_svcs
echo "haproxy dnsmasq apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
mkdir -p /var/log/cloud
}
diff --git a/systemvm/debian/opt/cloud/bin/setup/dhcpsrvr.sh b/systemvm/debian/opt/cloud/bin/setup/dhcpsrvr.sh
index 467bb56..9161aeb 100755
--- a/systemvm/debian/opt/cloud/bin/setup/dhcpsrvr.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/dhcpsrvr.sh
@@ -19,7 +19,7 @@
. /opt/cloud/bin/setup/common.sh
dhcpsrvr_svcs() {
- echo "ssh dnsmasq apache2" > /var/cache/cloud/enabled_svcs
+ echo "dnsmasq apache2" > /var/cache/cloud/enabled_svcs
echo "cloud nfs-common conntrackd keepalived haproxy portmap" > /var/cache/cloud/disabled_svcs
}
diff --git a/systemvm/debian/opt/cloud/bin/setup/elbvm.sh b/systemvm/debian/opt/cloud/bin/setup/elbvm.sh
index 600fb0d..ae16b4b 100755
--- a/systemvm/debian/opt/cloud/bin/setup/elbvm.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/elbvm.sh
@@ -19,7 +19,7 @@
. /opt/cloud/bin/setup/common.sh
elbvm_svcs() {
- echo "ssh haproxy" > /var/cache/cloud/enabled_svcs
+ echo "haproxy" > /var/cache/cloud/enabled_svcs
echo "cloud dnsmasq conntrackd keepalived apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
}
diff --git a/systemvm/debian/opt/cloud/bin/setup/ilbvm.sh b/systemvm/debian/opt/cloud/bin/setup/ilbvm.sh
index 58a711c..ac801b2 100755
--- a/systemvm/debian/opt/cloud/bin/setup/ilbvm.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/ilbvm.sh
@@ -19,7 +19,7 @@
. /opt/cloud/bin/setup/common.sh
ilbvm_svcs() {
- echo "ssh haproxy" > /var/cache/cloud/enabled_svcs
+ echo "haproxy" > /var/cache/cloud/enabled_svcs
echo "cloud dnsmasq conntrackd keepalived apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
}
diff --git a/systemvm/debian/opt/cloud/bin/setup/patchsystemvm.sh b/systemvm/debian/opt/cloud/bin/setup/patchsystemvm.sh
index 8642945..ba5e2d8 100755
--- a/systemvm/debian/opt/cloud/bin/setup/patchsystemvm.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/patchsystemvm.sh
@@ -44,6 +44,10 @@ CMDLINE=/var/cache/cloud/cmdline
PATCH_MOUNT=$1
TYPE=$2
+# Refresh and setup systemd
+chmod -x /etc/systemd/system/cloud*.service
+systemctl daemon-reload
+
echo "Patching systemvm for cloud service with mount=$PATCH_MOUNT for type=$TYPE" >> $logfile
if [ "$TYPE" == "consoleproxy" ] || [ "$TYPE" == "secstorage" ] && [ -f ${PATCH_MOUNT}/agent.zip ]
diff --git a/systemvm/debian/opt/cloud/bin/setup/postinit.sh b/systemvm/debian/opt/cloud/bin/setup/postinit.sh
index 9a16966..d29203f 100755
--- a/systemvm/debian/opt/cloud/bin/setup/postinit.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/postinit.sh
@@ -21,10 +21,6 @@
# Eject cdrom if any
eject || true
-# Refresh and setup systemd
-chmod -x /etc/systemd/system/cloud*.service
-systemctl daemon-reload
-
# Setup router
CMDLINE=/var/cache/cloud/cmdline
for str in $(cat $CMDLINE)
@@ -44,7 +40,7 @@ if [ "$TYPE" == "router" ] || [ "$TYPE" == "vpcrouter" ] || [ "$TYPE" == "dhcpsr
then
if [ -x /opt/cloud/bin/update_config.py ]
then
- /opt/cloud/bin/update_config.py cmd_line.json
+ /opt/cloud/bin/update_config.py cmd_line.json || true
logger -t cloud "postinit: Updated config cmd_line.json"
fi
fi
@@ -54,3 +50,36 @@ then
python /opt/cloud/bin/baremetal-vr.py &
logger -t cloud "Started baremetal-vr service"
fi
+
+[ ! -f /var/cache/cloud/enabled_svcs ] && touch /var/cache/cloud/enabled_svcs
+for svc in $(cat /var/cache/cloud/enabled_svcs)
+do
+ logger -t cloud "Starting $svc"
+ systemctl enable --no-block --now $svc
+done
+
+[ ! -f /var/cache/cloud/disabled_svcs ] && touch /var/cache/cloud/disabled_svcs
+for svc in $(cat /var/cache/cloud/disabled_svcs)
+do
+ logger -t cloud "Stopping $svc"
+ systemctl disable --no-block --now $svc
+done
+
+# Enable SSH by default
+systemctl enable --no-block --now ssh
+
+# Restore the persistent iptables nat, rules and filters for IPv4 and IPv6 if they exist
+ipv4="/etc/iptables/rules.v4"
+if [ -e $ipv4 ]
+then
+ iptables-restore < $ipv4
+fi
+
+ipv6="/etc/iptables/rules.v6"
+if [ -e $ipv6 ]
+then
+ iptables-restore < $ipv6
+fi
+
+date > /var/cache/cloud/boot_up_done
+logger -t cloud "Boot up process done"
diff --git a/systemvm/debian/opt/cloud/bin/setup/secstorage.sh b/systemvm/debian/opt/cloud/bin/setup/secstorage.sh
index b890d77..8b6d4ee 100755
--- a/systemvm/debian/opt/cloud/bin/setup/secstorage.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/secstorage.sh
@@ -19,7 +19,7 @@
. /opt/cloud/bin/setup/common.sh
secstorage_svcs() {
- echo "apache2 cloud ssh nfs-common portmap" > /var/cache/cloud/enabled_svcs
+ echo "apache2 cloud nfs-common portmap" > /var/cache/cloud/enabled_svcs
echo "conntrackd keepalived haproxy dnsmasq" > /var/cache/cloud/disabled_svcs
mkdir -p /var/log/cloud
}
diff --git a/systemvm/debian/opt/cloud/bin/update_config.py b/systemvm/debian/opt/cloud/bin/update_config.py
index b63cd0e..7b86378 100755
--- a/systemvm/debian/opt/cloud/bin/update_config.py
+++ b/systemvm/debian/opt/cloud/bin/update_config.py
@@ -117,13 +117,6 @@ if not (os.path.isfile(jsonConfigFile) and os.access(jsonConfigFile, os.R_OK)):
print "[ERROR] update_config.py :: Unable to read and access %s to process it" % jsonConfigFile
sys.exit(1)
-# If the command line json file is unprocessed process it
-# This is important or, the control interfaces will get deleted!
-if jsonFilename != "cmd_line.json" and os.path.isfile(jsonPath % "cmd_line.json"):
- qf = QueueFile()
- qf.setFile("cmd_line.json")
- qf.load(None)
-
# If the guest network is already configured and have the same IP, do not try to configure it again otherwise it will break
if jsonFilename.startswith("guest_network.json"):
if os.path.isfile(currentGuestNetConfig):
diff --git a/ui/l10n/en.js b/ui/l10n/en.js
index 57700de..2587562 100644
--- a/ui/l10n/en.js
+++ b/ui/l10n/en.js
@@ -556,7 +556,6 @@ var dictionary = {"ICMP.code":"ICMP Code",
"label.console.proxy.vm":"Console Proxy VM",
"label.continue":"Continue",
"label.continue.basic.install":"Continue with basic installation",
-"label.control.ip":"Control IP",
"label.copying.iso":"Copying ISO",
"label.corrections.saved":"Corrections saved",
"label.counter":"Counter",
diff --git a/ui/scripts/system.js b/ui/scripts/system.js
index 70837fa..d8a5f92 100755
--- a/ui/scripts/system.js
+++ b/ui/scripts/system.js
@@ -10895,8 +10895,8 @@
return args;
}
},
- controlip: {
- label: 'label.control.ip'
+ publicip: {
+ label: 'label.public.ip'
},
hostname: {
label: 'label.host'
diff --git a/ui/scripts/ui/dialog.js b/ui/scripts/ui/dialog.js
index 1564a2b..c518859 100644
--- a/ui/scripts/ui/dialog.js
+++ b/ui/scripts/ui/dialog.js
@@ -897,7 +897,7 @@
$listView.dialog({
dialogClass: 'multi-edit-add-list panel',
- width: 825,
+ width: 900,
title: _l('Select VM'),
buttons: [{
text: _l('label.apply'),
diff --git a/ui/scripts/ui/widgets/multiEdit.js b/ui/scripts/ui/widgets/multiEdit.js
index 48d597e..677448a 100755
--- a/ui/scripts/ui/widgets/multiEdit.js
+++ b/ui/scripts/ui/widgets/multiEdit.js
@@ -579,7 +579,7 @@
var $dataList = $listView.addClass('multi-edit-add-list').dialog({
dialogClass: 'multi-edit-add-list panel',
- width: 825,
+ width: 900,
title: label,
buttons: [{
text: _l('label.apply'),
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 24/34: more fixes
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 27704a92c60066110664afaf38a6345b4c2e3d90
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Tue Dec 12 12:31:33 2017 +0530
more fixes
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
.../cloudstack/framework/jobs/impl/AsyncJobManagerImpl.java | 4 ++++
server/src/com/cloud/server/StatsCollector.java | 12 ++++++++++--
systemvm/debian/etc/issue | 2 +-
test/integration/smoke/test_nic.py | 6 +++---
test/integration/smoke/test_service_offerings.py | 2 +-
5 files changed, 19 insertions(+), 7 deletions(-)
diff --git a/framework/jobs/src/org/apache/cloudstack/framework/jobs/impl/AsyncJobManagerImpl.java b/framework/jobs/src/org/apache/cloudstack/framework/jobs/impl/AsyncJobManagerImpl.java
index 7f2e156..3ce96a6 100644
--- a/framework/jobs/src/org/apache/cloudstack/framework/jobs/impl/AsyncJobManagerImpl.java
+++ b/framework/jobs/src/org/apache/cloudstack/framework/jobs/impl/AsyncJobManagerImpl.java
@@ -216,6 +216,10 @@ public class AsyncJobManagerImpl extends ManagerBase implements AsyncJobManager,
@SuppressWarnings("rawtypes")
final GenericDao dao = GenericDaoBase.getDao(job.getClass());
+ if (dao == null) {
+ throw new CloudRuntimeException(String.format("Failed to get dao from job's class=%s, for job id=%d, cmd=%s", job.getClass(), job.getId(), job.getCmd()));
+ }
+
publishOnEventBus(job, "submit");
if (!_vmInstanceDao.lockInLockTable(String.valueOf(syncObjId), VmJobLockTimeout.value())){
diff --git a/server/src/com/cloud/server/StatsCollector.java b/server/src/com/cloud/server/StatsCollector.java
index 305711e..96b51f5 100644
--- a/server/src/com/cloud/server/StatsCollector.java
+++ b/server/src/com/cloud/server/StatsCollector.java
@@ -918,7 +918,12 @@ public class StatsCollector extends ManagerBase implements ComponentMethodInterc
try {
HashMap<String, VolumeStatsEntry> volumeStatsByUuid = _userVmMgr.getVolumeStatistics(pool.getClusterId(), pool.getUuid(), pool.getPoolType(), volumeLocators, StatsTimeout.value());
if (volumeStatsByUuid != null){
- _volumeStats.putAll(volumeStatsByUuid);
+ for (final Map.Entry<String, VolumeStatsEntry> entry : volumeStatsByUuid.entrySet()) {
+ if (entry == null || entry.getKey() == null || entry.getValue() == null) {
+ continue;
+ }
+ _volumeStats.put(entry.getKey(), entry.getValue());
+ }
}
} catch (Exception e) {
s_logger.warn("Failed to get volume stats for cluster with ID: " + pool.getClusterId(), e);
@@ -932,7 +937,10 @@ public class StatsCollector extends ManagerBase implements ComponentMethodInterc
}
public VolumeStats getVolumeStats(String volumeLocator) {
- return _volumeStats.get(volumeLocator);
+ if (_volumeStats.containsKey(volumeLocator)) {
+ return _volumeStats.get(volumeLocator);
+ }
+ return null;
}
class StorageCollector extends ManagedContextRunnable {
diff --git a/systemvm/debian/etc/issue b/systemvm/debian/etc/issue
index 2d2b7c0..fdef90e 100644
--- a/systemvm/debian/etc/issue
+++ b/systemvm/debian/etc/issue
@@ -1,3 +1,3 @@
- __?.o/ Apache CloudStack SystemVM 4.11
+ __?.o/ Apache CloudStack SystemVM
( )# https://cloudstack.apache.org
(___(_) \s \r \n \l
diff --git a/test/integration/smoke/test_nic.py b/test/integration/smoke/test_nic.py
index 584ccf5..c7f8468 100644
--- a/test/integration/smoke/test_nic.py
+++ b/test/integration/smoke/test_nic.py
@@ -22,7 +22,7 @@ from marvin.lib.base import (Account,
VirtualMachine,
NetworkOffering)
from marvin.lib.common import (get_zone,
- get_test_template,
+ get_template,
get_domain)
from marvin.lib.utils import validateList
from marvin.codes import PASS
@@ -76,10 +76,10 @@ class TestNic(cloudstackTestCase):
self.services["service_offerings"][
"tiny"]["storagetype"] = 'local'
- template = get_test_template(
+ template = get_template(
self.apiclient,
self.zone.id,
- self.hypervisor
+ self.services["ostype"]
)
# Set Zones and disk offerings
self.services["small"]["zoneid"] = self.zone.id
diff --git a/test/integration/smoke/test_service_offerings.py b/test/integration/smoke/test_service_offerings.py
index 42bebe0..50c69d7 100644
--- a/test/integration/smoke/test_service_offerings.py
+++ b/test/integration/smoke/test_service_offerings.py
@@ -385,7 +385,7 @@ class TestServiceOfferings(cloudstackTestCase):
"Check CPU Speed for small offering"
)
- range = 20
+ range = 25
if self.hypervisor.lower() == "hyperv":
range = 200
# TODO: Find the memory allocated to VM on hyperv hypervisor using
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 34/34: vmware related fixes
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit ac9b898236149c9360c74ccca144e2ce595eaea5
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Fri Dec 15 17:15:36 2017 +0530
vmware related fixes
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
systemvm/debian/opt/cloud/bin/setup/common.sh | 8 ++++----
systemvm/debian/opt/cloud/bin/setup/vpcrouter.sh | 7 ++-----
2 files changed, 6 insertions(+), 9 deletions(-)
diff --git a/systemvm/debian/opt/cloud/bin/setup/common.sh b/systemvm/debian/opt/cloud/bin/setup/common.sh
index 078cb58..23bf5ad 100755
--- a/systemvm/debian/opt/cloud/bin/setup/common.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/common.sh
@@ -331,14 +331,14 @@ setup_common() {
ip route add default via $GW dev $gwdev
fi
- # a hacking way to activate vSwitch under VMware
- ping -n -c 3 $GW &
+ # Workaround to activate vSwitch under VMware
+ timeout 5 ping -n -c 3 $GW || true
if [ -n "$MGMTNET" -a -n "$LOCAL_GW" ]
then
- ping -n -c 3 $LOCAL_GW &
+ timeout 5 ping -n -c 3 $LOCAL_GW || true
#This code is added to address ARP issue by pinging MGMT_GW
MGMT_GW=$(echo $MGMTNET | awk -F "." '{print $1"."$2"."$3".1"}')
- ping -n -c 3 $MGMT_GW &
+ timeout 5 ping -n -c 3 $MGMT_GW || true
fi
if [ "$HYPERVISOR" == "vmware" ]; then
diff --git a/systemvm/debian/opt/cloud/bin/setup/vpcrouter.sh b/systemvm/debian/opt/cloud/bin/setup/vpcrouter.sh
index 106cfd6..6bad7e7 100755
--- a/systemvm/debian/opt/cloud/bin/setup/vpcrouter.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/vpcrouter.sh
@@ -65,11 +65,8 @@ EOF
if [ "$HYPERVISOR" == "vmware" ] || [ "$HYPERVISOR" == "hyperv" ];
then
ip route add $MGMTNET via $LOCAL_GW dev eth0
-
- # a hacking way to activate vSwitch under VMware
- ping -n -c 3 $LOCAL_GW &
- sleep 3
- pkill ping
+ # workaround to activate vSwitch under VMware
+ timeout 5 ping -n -c 3 $LOCAL_GW || true
fi
fi
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 08/34: CLOUDSTACK-10013: Fix ipsec VPN configuration
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit ea11b69c5426abe71ed01ec127177a97798e8b62
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Fri Dec 1 20:58:18 2017 +0530
CLOUDSTACK-10013: Fix ipsec VPN configuration
- Fixes strongswan/ipsec, l2tpd and pppd configs
- Uses auto=route in ipsec configs
- Fixes road-warrior setup
- Fixes site-to-site VPN with automatic connection configuration
- Fixes vpc_vpn tests
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
systemvm/patches/debian/opt/cloud/bin/configure.py | 38 +++++++++++++---------
.../patches/debian/opt/cloud/bin/ipsectunnel.sh | 10 +-----
.../debian/opt/cloud/bin/monitor_service.sh | 2 --
systemvm/patches/vpn/etc/ipsec.d/l2tp.conf | 12 +++----
systemvm/patches/vpn/etc/ppp/options.xl2tpd | 2 --
systemvm/patches/vpn/opt/cloud/bin/vpn_l2tp.sh | 18 +++++-----
test/integration/smoke/test_vpc_vpn.py | 26 +++++++++++----
7 files changed, 55 insertions(+), 53 deletions(-)
diff --git a/systemvm/patches/debian/opt/cloud/bin/configure.py b/systemvm/patches/debian/opt/cloud/bin/configure.py
index 68d1c26..b8a3e02 100755
--- a/systemvm/patches/debian/opt/cloud/bin/configure.py
+++ b/systemvm/patches/debian/opt/cloud/bin/configure.py
@@ -546,10 +546,6 @@ class CsSite2SiteVpn(CsDataBag):
ikepolicy=obj['ike_policy'].replace(';','-')
esppolicy=obj['esp_policy'].replace(';','-')
- pfs='no'
- if 'modp' in esppolicy:
- pfs='yes'
-
if rightpeer in self.confips:
self.confips.remove(rightpeer)
file = CsFile(vpnconffile)
@@ -557,7 +553,6 @@ class CsSite2SiteVpn(CsDataBag):
file.search("conn ", "conn vpn-%s" % rightpeer)
file.addeq(" left=%s" % leftpeer)
file.addeq(" leftsubnet=%s" % obj['local_guest_cidr'])
- file.addeq(" leftnexthop=%s" % obj['local_public_gateway'])
file.addeq(" right=%s" % rightpeer)
file.addeq(" rightsubnet=%s" % peerlist)
file.addeq(" type=tunnel")
@@ -567,9 +562,8 @@ class CsSite2SiteVpn(CsDataBag):
file.addeq(" ikelifetime=%s" % self.convert_sec_to_h(obj['ike_lifetime']))
file.addeq(" esp=%s" % esppolicy)
file.addeq(" lifetime=%s" % self.convert_sec_to_h(obj['esp_lifetime']))
- file.addeq(" pfs=%s" % pfs)
file.addeq(" keyingtries=2")
- file.addeq(" auto=start")
+ file.addeq(" auto=route")
if 'encap' not in obj:
obj['encap']=False
file.addeq(" forceencaps=%s" % CsHelper.bool_to_yn(obj['encap']))
@@ -585,10 +579,20 @@ class CsSite2SiteVpn(CsDataBag):
logging.info("Configured vpn %s %s", leftpeer, rightpeer)
CsHelper.execute("ipsec rereadsecrets")
- # This will load the new config and start the connection when needed since auto=start in the config
+ # This will load the new config
CsHelper.execute("ipsec reload")
os.chmod(vpnsecretsfile, 0400)
+ for i in xrange(3):
+ result = CsHelper.execute('ipsec status vpn-%s | grep "%s"' % (rightpeer, peerlist.split(",", 1)[0]))
+ if len(result) > 0:
+ break
+ time.sleep(1)
+
+ # With 'auto=route', connections are established on an attempt to
+ # communicate over the S2S VPN. This uses ping to initialize the connection.
+ CsHelper.execute("timeout 5 ping -c 3 %s" % (peerlist.split("/", 1)[0].replace(".0", ".1")))
+
def convert_sec_to_h(self, val):
hrs = int(val) / 3600
return "%sh" % hrs
@@ -658,6 +662,7 @@ class CsRemoteAccessVpn(CsDataBag):
self.confips = []
logging.debug(self.dbag)
+
for public_ip in self.dbag:
if public_ip == "id":
continue
@@ -665,12 +670,13 @@ class CsRemoteAccessVpn(CsDataBag):
#Enable remote access vpn
if vpnconfig['create']:
+ shutdownIpsec = False
logging.debug("Enabling remote access vpn on "+ public_ip)
dev = CsHelper.get_device(public_ip)
if dev == "":
- logging.error("Request for ipsec to %s not possible because ip is not configured", public_ip)
- continue
+ logging.error("Request for ipsec to %s not possible because ip is not configured", public_ip)
+ continue
CsHelper.start_if_stopped("ipsec")
self.configure_l2tpIpsec(public_ip, self.dbag[public_ip])
@@ -682,7 +688,6 @@ class CsRemoteAccessVpn(CsDataBag):
CsHelper.execute("ipsec rereadsecrets")
else:
logging.debug("Disabling remote access vpn .....")
- #disable remote access vpn
CsHelper.execute("ipsec down L2TP-PSK")
CsHelper.execute("systemctl stop xl2tpd")
@@ -693,7 +698,6 @@ class CsRemoteAccessVpn(CsDataBag):
xl2tpdconffile="/etc/xl2tpd/xl2tpd.conf"
xl2tpoptionsfile='/etc/ppp/options.xl2tpd'
- file = CsFile(l2tpconffile)
localip=obj['local_ip']
localcidr=obj['local_cidr']
publicIface=obj['public_interface']
@@ -701,13 +705,13 @@ class CsRemoteAccessVpn(CsDataBag):
psk=obj['preshared_key']
#left
- file.addeq(" left=%s" % left)
- file.commit()
-
+ l2tpfile = CsFile(l2tpconffile)
+ l2tpfile.addeq(" left=%s" % left)
+ l2tpfile.commit()
secret = CsFile(vpnsecretfilte)
secret.empty()
- secret.addeq(": PSK \"%s\"" %psk)
+ secret.addeq("%s %%any : PSK \"%s\"" % (left, psk))
secret.commit()
xl2tpdconf = CsFile(xl2tpdconffile)
@@ -730,6 +734,8 @@ class CsRemoteAccessVpn(CsDataBag):
self.fw.append(["", "", "-A INPUT -i %s --dst %s -p udp -m udp --dport 1701 -j ACCEPT" % (publicdev, publicip)])
self.fw.append(["", "", "-A INPUT -i %s -p ah -j ACCEPT" % publicdev])
self.fw.append(["", "", "-A INPUT -i %s -p esp -j ACCEPT" % publicdev])
+ self.fw.append(["", "", "-A OUTPUT -p ah -j ACCEPT"])
+ self.fw.append(["", "", "-A OUTPUT -p esp -j ACCEPT"])
if self.config.is_vpc():
self.fw.append(["", ""," -N VPN_FORWARD"])
diff --git a/systemvm/patches/debian/opt/cloud/bin/ipsectunnel.sh b/systemvm/patches/debian/opt/cloud/bin/ipsectunnel.sh
index 20caec5..c42650f 100755
--- a/systemvm/patches/debian/opt/cloud/bin/ipsectunnel.sh
+++ b/systemvm/patches/debian/opt/cloud/bin/ipsectunnel.sh
@@ -142,7 +142,6 @@ ipsec_tunnel_add() {
sudo echo "conn vpn-$rightpeer" > $vpnconffile &&
sudo echo " left=$leftpeer" >> $vpnconffile &&
sudo echo " leftsubnet=$leftnet" >> $vpnconffile &&
- sudo echo " leftnexthop=$leftnexthop" >> $vpnconffile &&
sudo echo " right=$rightpeer" >> $vpnconffile &&
sudo echo " rightsubnets={$rightnets}" >> $vpnconffile &&
sudo echo " type=tunnel" >> $vpnconffile &&
@@ -152,9 +151,8 @@ ipsec_tunnel_add() {
sudo echo " ikelifetime=${ikelifetime}s" >> $vpnconffile &&
sudo echo " esp=$esppolicy" >> $vpnconffile &&
sudo echo " salifetime=${esplifetime}s" >> $vpnconffile &&
- sudo echo " pfs=$pfs" >> $vpnconffile &&
sudo echo " keyingtries=2" >> $vpnconffile &&
- sudo echo " auto=start" >> $vpnconffile &&
+ sudo echo " auto=route" >> $vpnconffile &&
sudo echo "$leftpeer $rightpeer: PSK \"$secret\"" > $vpnsecretsfile &&
sudo chmod 0400 $vpnsecretsfile
@@ -291,12 +289,6 @@ do
done < /tmp/iflist
rightnets=${rightnets//,/ }
-pfs="no"
-echo "$esppolicy" | grep "modp" > /dev/null
-if [ $? -eq 0 ]
-then
- pfs="yes"
-fi
ret=0
#Firewall ports for one-to-one/static NAT
diff --git a/systemvm/patches/debian/opt/cloud/bin/monitor_service.sh b/systemvm/patches/debian/opt/cloud/bin/monitor_service.sh
index d9d8ec8..e1c7914 100755
--- a/systemvm/patches/debian/opt/cloud/bin/monitor_service.sh
+++ b/systemvm/patches/debian/opt/cloud/bin/monitor_service.sh
@@ -50,8 +50,6 @@ echo $processname >> $configFile
echo $service_name >> $configFile
echo $pidfile >> $configFile
-
-
done
}
diff --git a/systemvm/patches/vpn/etc/ipsec.d/l2tp.conf b/systemvm/patches/vpn/etc/ipsec.d/l2tp.conf
index 1cbfe78..2e211e1 100644
--- a/systemvm/patches/vpn/etc/ipsec.d/l2tp.conf
+++ b/systemvm/patches/vpn/etc/ipsec.d/l2tp.conf
@@ -1,13 +1,9 @@
#ipsec remote access vpn configuration
conn L2TP-PSK
- authby=psk
- pfs=no
+ authby=secret
rekey=no
keyingtries=3
- keyexchange=ikev1
- forceencaps=yes
leftfirewall=yes
- leftnexthop=%defaultroute
type=transport
#
# ----------------------------------------------------------
@@ -19,7 +15,7 @@ conn L2TP-PSK
#
left=172.26.0.151
#
- leftprotoport=17/1701
+ leftprotoport=udp/l2tp
# If you insist on supporting non-updated Windows clients,
# you can use: leftprotoport=17/%any
#
@@ -31,10 +27,10 @@ conn L2TP-PSK
# If you want to allow multiple connections from any IP address,
# you can use: right=%any
#
- rightprotoport=17/%any
+ rightprotoport=udp/%any
#
# ----------------------------------------------------------
# Change 'ignore' to 'add' to enable this configuration.
#
rightsubnetwithin=0.0.0.0/0
- auto=add
+ auto=route
diff --git a/systemvm/patches/vpn/etc/ppp/options.xl2tpd b/systemvm/patches/vpn/etc/ppp/options.xl2tpd
index 08c301b..a01687f 100644
--- a/systemvm/patches/vpn/etc/ppp/options.xl2tpd
+++ b/systemvm/patches/vpn/etc/ppp/options.xl2tpd
@@ -4,11 +4,9 @@ ipcp-accept-remote
noccp
idle 1800
auth
-crtscts
mtu 1410
mru 1410
nodefaultroute
debug
-lock
connect-delay 5000
ms-dns 10.1.1.1
diff --git a/systemvm/patches/vpn/opt/cloud/bin/vpn_l2tp.sh b/systemvm/patches/vpn/opt/cloud/bin/vpn_l2tp.sh
index 60ee8a6..5928548 100755
--- a/systemvm/patches/vpn/opt/cloud/bin/vpn_l2tp.sh
+++ b/systemvm/patches/vpn/opt/cloud/bin/vpn_l2tp.sh
@@ -87,15 +87,15 @@ iptables_() {
}
start_ipsec() {
- service ipsec status > /dev/null
+ systemctl is-active ipsec > /dev/null
if [ $? -ne 0 ]
then
- service ipsec start > /dev/null
+ systemctl start ipsec > /dev/null
#Wait until ipsec started, 5 seconds at most
for i in {1..5}
do
logger -t cloud "$(basename $0): waiting ipsec start..."
- service ipsec status > /dev/null
+ systemctl is-active ipsec > /dev/null
result=$?
if [ $result -eq 0 ]
then
@@ -104,7 +104,7 @@ start_ipsec() {
sleep 1
done
fi
- service ipsec status > /dev/null
+ systemctl is-active ipsec > /dev/null
return $?
}
@@ -112,14 +112,14 @@ ipsec_server() {
local op=$1
case $op in
"start") start_ipsec
- sudo service xl2tpd start
+ sudo systemctl start xl2tpd
;;
- "stop") sudo service xl2tpd stop
+ "stop") sudo systemctl stop xl2tpd
;;
"restart") start_ipsec
sudo ipsec auto --rereadall
- service xl2tpd stop
- service xl2tpd start
+ systemctl stop xl2tpd
+ systemctl start xl2tpd
;;
esac
}
@@ -131,7 +131,7 @@ create_l2tp_ipsec_vpn_server() {
local local_ip=$4
sed -i -e "s/left=.*$/left=$public_ip/" /etc/ipsec.d/l2tp.conf
- echo ": PSK \"$ipsec_psk\"" > /etc/ipsec.d/ipsec.any.secrets
+ echo "$public_ip %any : PSK \"$ipsec_psk\"" > /etc/ipsec.d/ipsec.any.secrets
sed -i -e "s/^ip range = .*$/ip range = $client_range/" /etc/xl2tpd/xl2tpd.conf
sed -i -e "s/^local ip = .*$/local ip = $local_ip/" /etc/xl2tpd/xl2tpd.conf
diff --git a/test/integration/smoke/test_vpc_vpn.py b/test/integration/smoke/test_vpc_vpn.py
index ddf7693..83c244b 100644
--- a/test/integration/smoke/test_vpc_vpn.py
+++ b/test/integration/smoke/test_vpc_vpn.py
@@ -21,7 +21,8 @@ from marvin.codes import PASS, FAILED
from marvin.cloudstackTestCase import cloudstackTestCase
from marvin.lib.utils import (validateList,
cleanup_resources,
- get_process_status)
+ get_process_status,
+ wait_until)
from marvin.lib.base import (Domain,
Account,
@@ -184,7 +185,7 @@ class Services:
},
"vpn": {
"vpn_user": "root",
- "vpn_pass": "Md1s#dc",
+ "vpn_pass": "Md1sdc",
"vpn_pass_fail": "abc!123", # too short
"iprange": "10.3.2.1-10.3.2.10",
"fordisplay": "true"
@@ -756,8 +757,19 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
self.apiclient, customer2_response.id, vpn1_response['id'])
self.debug("VPN connection created for VPC %s" % vpc1.id)
- self.assertEqual(
- vpnconn2_response['state'], "Connected", "Failed to connect between VPCs!")
+ def checkVpnConnected():
+ connections = Vpn.listVpnConnection(
+ self.apiclient,
+ listall='true',
+ vpcid=vpc2.id)
+ if isinstance(connections, list):
+ return connections[0].state == 'Connected', None
+ return False, None
+
+ # Wait up to 60 seconds for passive connection to show up as Connected
+ res, _ = wait_until(2, 30, checkVpnConnected)
+ if not res:
+ self.fail("Failed to connect between VPCs, see VPN state as Connected")
# acquire an extra ip address to use to ssh into vm2
try:
@@ -792,9 +804,9 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
if ssh_client:
# run ping test
- packet_loss = ssh_client.execute(
- "/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress + " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0]
- self.assert_(int(packet_loss) == 0, "Ping did not succeed")
+ packet_loss = ssh_client.execute("/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress + " | grep packet | sed 's/.*received, //g' | sed 's/[% ]*packet.*//g'")[0]
+ # during startup, some packets may not reply due to link/ipsec-route setup
+ self.assert_(int(packet_loss) < 50, "Ping did not succeed")
else:
self.fail("Failed to setup ssh connection to %s" % vm2.public_ip)
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 06/34: CLOUDSTACK-10129: UX improvements and event
timeline
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 5882244faa839e2d8482639e8d74d030a2c35162
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Tue Nov 28 19:25:09 2017 +0530
CLOUDSTACK-10129: UX improvements and event timeline
- Fixes timezone issue where dates show up as nvalid in UI
- Introduces new event timeline listing/filtering of events
- Several UI improvements to add columns in list views
- Bulk operations support in instance list view to shutdown and destroy
multiple-selected VMs (limitation: after operation, redundant entries
may show up in the list view, refreshing VM list view fixes that)
- Align table thead/tbody to avoid splitting of tables
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
.../org/apache/cloudstack/api/ApiConstants.java | 2 +
.../api/command/user/event/ListEventsCmd.java | 7 +
.../cloudstack/api/response/EventResponse.java | 2 +-
.../schema/src/com/cloud/user/UserAccountVO.java | 4 +
engine/schema/src/com/cloud/user/UserVO.java | 4 +
.../src/com/cloud/api/query/QueryManagerImpl.java | 10 +-
ui/css/cloudstack3.css | 3 +-
ui/l10n/en.js | 3 +
ui/scripts/events.js | 20 +-
ui/scripts/instances.js | 275 ++++++++++++---------
ui/scripts/metrics.js | 13 +-
ui/scripts/network.js | 51 +++-
ui/scripts/sharedFunctions.js | 2 +-
ui/scripts/storage.js | 30 ++-
ui/scripts/system.js | 112 +++++++--
ui/scripts/templates.js | 27 ++
ui/scripts/ui/widgets/dataTable.js | 13 +-
17 files changed, 412 insertions(+), 166 deletions(-)
diff --git a/api/src/org/apache/cloudstack/api/ApiConstants.java b/api/src/org/apache/cloudstack/api/ApiConstants.java
index a5bd95f..89deeef 100644
--- a/api/src/org/apache/cloudstack/api/ApiConstants.java
+++ b/api/src/org/apache/cloudstack/api/ApiConstants.java
@@ -205,6 +205,7 @@ public class ApiConstants {
public static final String OUTOFBANDMANAGEMENT_POWERSTATE = "outofbandmanagementpowerstate";
public static final String OUTOFBANDMANAGEMENT_ENABLED = "outofbandmanagementenabled";
public static final String PARAMS = "params";
+ public static final String PARENT_ID = "parentid";
public static final String PARENT_DOMAIN_ID = "parentdomainid";
public static final String PASSWORD = "password";
public static final String SHOULD_UPDATE_PASSWORD = "update_passwd_on_host";
@@ -274,6 +275,7 @@ public class ApiConstants {
public static final String SNAPSHOT_QUIESCEVM = "quiescevm";
public static final String SOURCE_ZONE_ID = "sourcezoneid";
public static final String START_DATE = "startdate";
+ public static final String START_ID = "startid";
public static final String START_IP = "startip";
public static final String START_IPV6 = "startipv6";
public static final String START_PORT = "startport";
diff --git a/api/src/org/apache/cloudstack/api/command/user/event/ListEventsCmd.java b/api/src/org/apache/cloudstack/api/command/user/event/ListEventsCmd.java
index a4934fa..b98c308 100644
--- a/api/src/org/apache/cloudstack/api/command/user/event/ListEventsCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/event/ListEventsCmd.java
@@ -65,6 +65,9 @@ public class ListEventsCmd extends BaseListProjectAndAccountResourcesCmd {
@Parameter(name = ApiConstants.TYPE, type = CommandType.STRING, description = "the event type (see event types)")
private String type;
+ @Parameter(name = ApiConstants.START_ID, type = CommandType.UUID, entityType = EventResponse.class, description = "the parent/start ID of the event, when provided this will list all the events with the start/parent ID including the parent event")
+ private Long startId;
+
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
@@ -97,6 +100,10 @@ public class ListEventsCmd extends BaseListProjectAndAccountResourcesCmd {
return type;
}
+ public Long getStartId() {
+ return startId;
+ }
+
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
diff --git a/api/src/org/apache/cloudstack/api/response/EventResponse.java b/api/src/org/apache/cloudstack/api/response/EventResponse.java
index 5ce66ed..da15434 100644
--- a/api/src/org/apache/cloudstack/api/response/EventResponse.java
+++ b/api/src/org/apache/cloudstack/api/response/EventResponse.java
@@ -78,7 +78,7 @@ public class EventResponse extends BaseResponse implements ControlledViewEntityR
@Param(description = "the state of the event")
private Event.State state;
- @SerializedName("parentid")
+ @SerializedName(ApiConstants.PARENT_ID)
@Param(description = "whether the event is parented")
private String parentId;
diff --git a/engine/schema/src/com/cloud/user/UserAccountVO.java b/engine/schema/src/com/cloud/user/UserAccountVO.java
index 5ce0eb7..2ad2ae0 100644
--- a/engine/schema/src/com/cloud/user/UserAccountVO.java
+++ b/engine/schema/src/com/cloud/user/UserAccountVO.java
@@ -33,6 +33,7 @@ import org.apache.cloudstack.api.InternalIdentity;
import com.cloud.utils.db.Encrypt;
import com.cloud.utils.db.GenericDao;
+import com.google.common.base.Strings;
@Entity
@Table(name = "user")
@@ -257,6 +258,9 @@ public class UserAccountVO implements UserAccount, InternalIdentity {
@Override
public String getTimezone() {
+ if (Strings.isNullOrEmpty(timezone)) {
+ return "UTC";
+ }
return timezone;
}
diff --git a/engine/schema/src/com/cloud/user/UserVO.java b/engine/schema/src/com/cloud/user/UserVO.java
index da7811e..d6ddb58 100644
--- a/engine/schema/src/com/cloud/user/UserVO.java
+++ b/engine/schema/src/com/cloud/user/UserVO.java
@@ -34,6 +34,7 @@ import org.apache.cloudstack.api.InternalIdentity;
import com.cloud.user.Account.State;
import com.cloud.utils.db.Encrypt;
import com.cloud.utils.db.GenericDao;
+import com.google.common.base.Strings;
/**
* A bean representing a user
@@ -233,6 +234,9 @@ public class UserVO implements User, Identity, InternalIdentity {
@Override
public String getTimezone() {
+ if (Strings.isNullOrEmpty(timezone)) {
+ return "UTC";
+ }
return timezone;
}
diff --git a/server/src/com/cloud/api/query/QueryManagerImpl.java b/server/src/com/cloud/api/query/QueryManagerImpl.java
index 42bef79..2a6919b 100644
--- a/server/src/com/cloud/api/query/QueryManagerImpl.java
+++ b/server/src/com/cloud/api/query/QueryManagerImpl.java
@@ -520,6 +520,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
String keyword = cmd.getKeyword();
Integer entryTime = cmd.getEntryTime();
Integer duration = cmd.getDuration();
+ Long startId = cmd.getStartId();
Ternary<Long, Boolean, ListProjectResourcesCriteria> domainIdRecursiveListProject = new Ternary<Long, Boolean, ListProjectResourcesCriteria>(
cmd.getDomainId(), cmd.isRecursive(), null);
@@ -542,7 +543,7 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
sb.and("createDateG", sb.entity().getCreateDate(), SearchCriteria.Op.GTEQ);
sb.and("createDateL", sb.entity().getCreateDate(), SearchCriteria.Op.LTEQ);
sb.and("state", sb.entity().getState(), SearchCriteria.Op.NEQ);
- sb.and("startId", sb.entity().getStartId(), SearchCriteria.Op.EQ);
+ sb.or("startId", sb.entity().getStartId(), SearchCriteria.Op.EQ);
sb.and("createDate", sb.entity().getCreateDate(), SearchCriteria.Op.BETWEEN);
sb.and("displayEvent", sb.entity().getDisplay(), SearchCriteria.Op.EQ);
sb.and("archived", sb.entity().getArchived(), SearchCriteria.Op.EQ);
@@ -561,6 +562,13 @@ public class QueryManagerImpl extends MutualExclusiveIdsManagerBase implements Q
sc.setParameters("id", id);
}
+ if (startId != null) {
+ sc.setParameters("startId", startId);
+ if (id == null) {
+ sc.setParameters("id", startId);
+ }
+ }
+
if (keyword != null) {
SearchCriteria<EventJoinVO> ssc = _eventJoinDao.createSearchCriteria();
ssc.addOr("type", SearchCriteria.Op.LIKE, "%" + keyword + "%");
diff --git a/ui/css/cloudstack3.css b/ui/css/cloudstack3.css
index 987f35d..519778b 100644
--- a/ui/css/cloudstack3.css
+++ b/ui/css/cloudstack3.css
@@ -96,7 +96,7 @@ a:hover {
/*Table*/
table {
- width: 940px;
+ width: 955px;
max-width: 977px;
margin: 15px 15px 12px 12px;
font-size: 13px;
@@ -1307,7 +1307,6 @@ div.panel div.list-view {
div.panel div.list-view div.data-table table {
width: 955px;
- margin-top: 44px;
}
.detail-view div.list-view div.data-table table {
diff --git a/ui/l10n/en.js b/ui/l10n/en.js
index 19b5cd4..57700de 100644
--- a/ui/l10n/en.js
+++ b/ui/l10n/en.js
@@ -556,6 +556,7 @@ var dictionary = {"ICMP.code":"ICMP Code",
"label.console.proxy.vm":"Console Proxy VM",
"label.continue":"Continue",
"label.continue.basic.install":"Continue with basic installation",
+"label.control.ip":"Control IP",
"label.copying.iso":"Copying ISO",
"label.corrections.saved":"Corrections saved",
"label.counter":"Counter",
@@ -749,6 +750,7 @@ var dictionary = {"ICMP.code":"ICMP Code",
"label.event":"Event",
"label.event.archived":"Event Archived",
"label.event.deleted":"Event Deleted",
+"label.event.timeline":"Event Timeline",
"label.every":"Every",
"label.example":"Example",
"label.expunge":"Expunge",
@@ -993,6 +995,7 @@ var dictionary = {"ICMP.code":"ICMP Code",
"label.manage":"Manage",
"label.manage.resources":"Manage Resources",
"label.managed":"Managed",
+"label.managed.state":"Managed State",
"label.management":"Management",
"label.management.ips":"Management IP Addresses",
"label.management.server":"Management Server",
diff --git a/ui/scripts/events.js b/ui/scripts/events.js
index 2fd70dd..82550a9 100644
--- a/ui/scripts/events.js
+++ b/ui/scripts/events.js
@@ -46,12 +46,12 @@
label: 'label.type',
truncate: true
},
- domain: {
- label: 'label.domain'
- },
account: {
label: 'label.account'
},
+ domain: {
+ label: 'label.domain'
+ },
created: {
label: 'label.date',
converter: cloudStack.converters.toLocalDate
@@ -338,6 +338,14 @@
var data = {};
listViewDataProvider(args, data);
+ if ("events" in args.context) {
+ var startId = args.context.events[0].parentid;
+ if (!startId) {
+ startId = args.context.events[0].id;
+ }
+ data.startid = startId;
+ }
+
$.ajax({
url: createURL('listEvents'),
data: data,
@@ -357,8 +365,12 @@
},
detailView: {
name: 'label.details',
- actions: {
+ viewAll: {
+ path: 'events',
+ label: 'label.event.timeline',
+ },
+ actions: {
// Remove single event
remove: {
label: 'label.delete',
diff --git a/ui/scripts/instances.js b/ui/scripts/instances.js
index ca77c27..ab0b05d 100644
--- a/ui/scripts/instances.js
+++ b/ui/scripts/instances.js
@@ -17,6 +17,153 @@
(function($, cloudStack) {
var vmMigrationHostObjs, ostypeObjs;
+ var vmStopAction = function(args) {
+ var action = {
+ messages: {
+ confirm: function(args) {
+ return 'message.action.stop.instance';
+ },
+ notification: function(args) {
+ return 'label.action.stop.instance';
+ }
+ },
+ label: 'label.action.stop.instance',
+ compactLabel: 'label.stop',
+ addRow: 'false',
+ createForm: {
+ title: 'notification.stop.instance',
+ desc: 'message.action.stop.instance',
+ fields: {
+ forced: {
+ label: 'force.stop',
+ isBoolean: true,
+ isChecked: false
+ }
+ }
+ },
+ action: function(args) {
+ var instances = args.context.instances;
+ $(instances).map(function(index, instance) {
+ var data = {
+ id: instance.id,
+ forced: (args.data.forced == "on")
+ };
+ $.ajax({
+ url: createURL("stopVirtualMachine"),
+ data: data,
+ dataType: "json",
+ success: function(json) {
+ var jid = json.stopvirtualmachineresponse.jobid;
+ args.response.success({
+ _custom: {
+ jobId: jid,
+ getUpdatedItem: function(json) {
+ return $.extend(json.queryasyncjobresultresponse.jobresult.virtualmachine, { hostid: null });
+ },
+ getActionFilter: function() {
+ return vmActionfilter;
+ }
+ }
+ });
+ },
+ error: function(json) {
+ args.response.error(parseXMLHttpResponse(json));
+ }
+ });
+ });
+ },
+ notification: {
+ poll: pollAsyncJobResult
+ }
+ };
+
+
+ if (args && args.listView) {
+ $.extend(action, {
+ isHeader: true,
+ isMultiSelectAction: true
+ });
+ }
+
+ return action;
+ };
+
+ var vmDestroyAction = function(args) {
+ var action = {
+ messages: {
+ notification: function(args) {
+ return 'label.action.destroy.instance';
+ }
+ },
+ label: 'label.action.destroy.instance',
+ compactLabel: 'label.destroy',
+ addRow: 'false',
+ createForm: {
+ title: 'label.action.destroy.instance',
+ desc: 'label.action.destroy.instance',
+ isWarning: true,
+ preFilter: function(args) {
+ if (! g_allowUserExpungeRecoverVm) {
+ args.$form.find('.form-item[rel=expunge]').hide();
+ }
+ },
+ fields: {
+ expunge: {
+ label: 'label.expunge',
+ isBoolean: true,
+ isChecked: false
+ }
+ }
+ },
+ action: function(args) {
+ var instances = args.context.instances;
+ $(instances).map(function(index, instance) {
+ var data = {
+ id: instance.id
+ };
+ if (args.data.expunge == 'on') {
+ $.extend(data, {
+ expunge: true
+ });
+ }
+ $.ajax({
+ url: createURL('destroyVirtualMachine'),
+ data: data,
+ success: function(json) {
+ var jid = json.destroyvirtualmachineresponse.jobid;
+ args.response.success({
+ _custom: {
+ jobId: jid,
+ getUpdatedItem: function(json) {
+ if ('virtualmachine' in json.queryasyncjobresultresponse.jobresult) //destroy without expunge
+ return json.queryasyncjobresultresponse.jobresult.virtualmachine;
+ else //destroy with expunge
+ return { 'toRemove': true };
+ },
+ getActionFilter: function() {
+ return vmActionfilter;
+ }
+ }
+ });
+ }
+ });
+ });
+ },
+ notification: {
+ poll: pollAsyncJobResult
+ }
+ };
+
+ if (args && args.listView) {
+ $.extend(action, {
+ isHeader: true,
+ isMultiSelectAction: true
+ });
+ }
+
+ return action;
+ };
+
var vmSnapshotAction = function(args) {
var action = {
messages: {
@@ -162,6 +309,7 @@
var hiddenFields = [];
if (!isAdmin()) {
hiddenFields.push('instancename');
+ hiddenFields.push('account');
}
return hiddenFields;
},
@@ -180,16 +328,26 @@
ipaddress: {
label: 'label.ip.address'
},
+ account: {
+ label: 'label.account'
+ },
zonename: {
label: 'label.zone.name'
},
state: {
- label: 'label.state',
+ label: 'label.metrics.state',
+ converter: function (str) {
+ // For localization
+ return str;
+ },
indicator: {
'Running': 'on',
'Stopped': 'off',
+ 'Error': 'off',
'Destroyed': 'off',
- 'Error': 'off'
+ 'Expunging': 'off',
+ 'Stopping': 'warning',
+ 'Shutdowned': 'warning'
}
}
},
@@ -304,6 +462,8 @@
poll: pollAsyncJobResult
}
},
+ stop: vmStopAction({ listView: true}),
+ destroy: vmDestroyAction({ listView: true }),
snapshot: vmSnapshotAction({ listView: true }),
viewMetrics: {
label: 'label.metrics',
@@ -680,55 +840,7 @@
poll: pollAsyncJobResult
}
},
- stop: {
- label: 'label.action.stop.instance',
- compactLabel: 'label.stop',
- createForm: {
- title: 'notification.stop.instance',
- desc: 'message.action.stop.instance',
- fields: {
- forced: {
- label: 'force.stop',
- isBoolean: true,
- isChecked: false
- }
- }
- },
- action: function(args) {
- var array1 = [];
- array1.push("&forced=" + (args.data.forced == "on"));
- $.ajax({
- url: createURL("stopVirtualMachine&id=" + args.context.instances[0].id + array1.join("")),
- dataType: "json",
- async: true,
- success: function(json) {
- var jid = json.stopvirtualmachineresponse.jobid;
- args.response.success({
- _custom: {
- jobId: jid,
- getUpdatedItem: function(json) {
- return $.extend(json.queryasyncjobresultresponse.jobresult.virtualmachine, { hostid: null });
- },
- getActionFilter: function() {
- return vmActionfilter;
- }
- }
- });
- }
- });
- },
- messages: {
- confirm: function(args) {
- return 'message.action.stop.instance';
- },
- notification: function(args) {
- return 'label.action.stop.instance';
- }
- },
- notification: {
- poll: pollAsyncJobResult
- }
- },
+ stop: vmStopAction(),
restart: {
label: 'label.action.reboot.instance',
compactLabel: 'label.reboot',
@@ -772,66 +884,7 @@
}
},
snapshot: vmSnapshotAction(),
- destroy: {
- label: 'label.action.destroy.instance',
- compactLabel: 'label.destroy',
- createForm: {
- title: 'label.action.destroy.instance',
- desc: 'label.action.destroy.instance',
- isWarning: true,
- preFilter: function(args) {
- if (! g_allowUserExpungeRecoverVm) {
- args.$form.find('.form-item[rel=expunge]').hide();
- }
- },
- fields: {
- expunge: {
- label: 'label.expunge',
- isBoolean: true,
- isChecked: false
- }
- }
- },
- messages: {
- notification: function(args) {
- return 'label.action.destroy.instance';
- }
- },
- action: function(args) {
- var data = {
- id: args.context.instances[0].id
- };
- if (args.data.expunge == 'on') {
- $.extend(data, {
- expunge: true
- });
- }
- $.ajax({
- url: createURL('destroyVirtualMachine'),
- data: data,
- success: function(json) {
- var jid = json.destroyvirtualmachineresponse.jobid;
- args.response.success({
- _custom: {
- jobId: jid,
- getUpdatedItem: function(json) {
- if ('virtualmachine' in json.queryasyncjobresultresponse.jobresult) //destroy without expunge
- return json.queryasyncjobresultresponse.jobresult.virtualmachine;
- else //destroy with expunge
- return { 'toRemove': true };
- },
- getActionFilter: function() {
- return vmActionfilter;
- }
- }
- });
- }
- });
- },
- notification: {
- poll: pollAsyncJobResult
- }
- },
+ destroy: vmDestroyAction(),
expunge: {
label: 'label.action.expunge.instance',
compactLabel: 'label.expunge',
diff --git a/ui/scripts/metrics.js b/ui/scripts/metrics.js
index bc73934..19d0118 100644
--- a/ui/scripts/metrics.js
+++ b/ui/scripts/metrics.js
@@ -293,8 +293,6 @@
'Disconnected': 'off',
'Removed': 'off',
'Error': 'off',
- 'Connecting': 'transition',
- 'Rebalancing': 'transition',
'Alert': 'warning'
},
compact: true
@@ -448,9 +446,7 @@
'Error': 'off',
'Destroyed': 'off',
'Expunging': 'off',
- 'Stopping': 'transition',
- 'Starting': 'transition',
- 'Migrating': 'transition',
+ 'Stopping': 'warning',
'Shutdowned': 'warning'
},
compact: true
@@ -560,13 +556,12 @@
return str;
},
indicator: {
- 'Allocated': 'transition',
- 'Creating': 'transition',
+ 'Allocated': 'on',
'Ready': 'on',
'Destroy': 'off',
'Expunging': 'off',
'Migrating': 'warning',
- 'UploadOp': 'transition',
+ 'UploadOp': 'warning',
'Snapshotting': 'warning',
},
compact: true
@@ -651,7 +646,7 @@
'Down': 'off',
'Removed': 'off',
'ErrorInMaintenance': 'off',
- 'PrepareForMaintenance': 'transition',
+ 'PrepareForMaintenance': 'warning',
'CancelMaintenance': 'warning',
'Maintenance': 'warning',
},
diff --git a/ui/scripts/network.js b/ui/scripts/network.js
index 66ab75a..b66df02 100644
--- a/ui/scripts/network.js
+++ b/ui/scripts/network.js
@@ -804,13 +804,16 @@
},
id: 'networks',
+ preFilter: function(args) {
+ if (isAdmin() || isDomainAdmin()) {
+ return []
+ }
+ return ['account']
+ },
fields: {
name: {
label: 'label.name'
},
- account: {
- label: 'label.account'
- },
type: {
label: 'label.type'
},
@@ -819,6 +822,27 @@
},
ip6cidr: {
label: 'label.ipv6.CIDR'
+ },
+ account: {
+ label: 'label.account'
+ },
+ zonename: {
+ label: 'label.zone'
+ },
+ state: {
+ converter: function(str) {
+ // For localization
+ return str;
+ },
+ label: 'label.state',
+ indicator: {
+ 'Allocated': 'on',
+ 'Released': 'off',
+ 'Destroy': 'off',
+ 'Shutdown': 'off',
+ 'Setup': 'warning',
+ 'Implemented': 'on'
+ }
}
},
@@ -1615,11 +1639,14 @@
networkid: args.context.networks[0].id
},
dataType: 'json',
- async: true,
+ async: false,
success: function(json) {
var response = json.listegressfirewallrulesresponse.firewallrule ?
json.listegressfirewallrulesresponse.firewallrule : [];
+ if (response.length > 0) {
+ isConfigRulesMsgShown = true;
+ }
args.response.success({
data: $.map(response, function(rule) {
if (rule.protocol == 'all') {
@@ -1879,6 +1906,12 @@
listView: {
id: 'ipAddresses',
label: 'label.ips',
+ preFilter: function(args) {
+ if (isAdmin()) {
+ return ['account']
+ }
+ return []
+ },
fields: {
ipaddress: {
label: 'label.ips',
@@ -1890,12 +1923,18 @@
return text;
}
},
- zonename: {
- label: 'label.zone'
+ associatednetworkname: {
+ label: 'label.network'
},
virtualmachinedisplayname: {
label: 'label.vm.name'
},
+ account: {
+ label: 'label.account'
+ },
+ zonename: {
+ label: 'label.zone'
+ },
state: {
converter: function(str) {
// For localization
diff --git a/ui/scripts/sharedFunctions.js b/ui/scripts/sharedFunctions.js
index 655aee9..94a8743 100644
--- a/ui/scripts/sharedFunctions.js
+++ b/ui/scripts/sharedFunctions.js
@@ -1028,7 +1028,7 @@ cloudStack.converters = {
var disconnected = new Date();
disconnected.setISO8601(UtcDate);
- if (g_timezoneoffset != null) {
+ if (g_timezoneoffset != null && g_timezoneoffset != "null") {
localDate = disconnected.getTimePlusTimezoneOffset(g_timezoneoffset);
} else {
var browserDate = new Date();
diff --git a/ui/scripts/storage.js b/ui/scripts/storage.js
index 9c017b1..1cba750 100644
--- a/ui/scripts/storage.js
+++ b/ui/scripts/storage.js
@@ -36,8 +36,10 @@
label: 'label.volumes',
preFilter: function(args) {
var hiddenFields = [];
- if (isAdmin() != true)
+ if (isAdmin() != true) {
hiddenFields.push('hypervisor');
+ hiddenFields.push('account');
+ }
return hiddenFields;
},
fields: {
@@ -47,11 +49,33 @@
type: {
label: 'label.type'
},
+ vmdisplayname: {
+ label: 'label.vm.display.name'
+ },
hypervisor: {
label: 'label.hypervisor'
},
- vmdisplayname: {
- label: 'label.vm.display.name'
+ account: {
+ label: 'label.account'
+ },
+ zonename: {
+ label: 'label.zone'
+ },
+ state: {
+ label: 'label.metrics.state',
+ converter: function (str) {
+ // For localization
+ return str;
+ },
+ indicator: {
+ 'Allocated': 'on',
+ 'Ready': 'on',
+ 'Destroy': 'off',
+ 'Expunging': 'off',
+ 'Migrating': 'warning',
+ 'UploadOp': 'warning',
+ 'Snapshotting': 'warning',
+ }
}
},
diff --git a/ui/scripts/system.js b/ui/scripts/system.js
index fbcfb72..70837fa 100755
--- a/ui/scripts/system.js
+++ b/ui/scripts/system.js
@@ -39,7 +39,7 @@
router.guestnetworkname = router.vpcname;
}
- if ("isredundantrouter" in router && router.isredundantrouter) {
+ if (router.isredundantrouter) {
router.guestnetworkname = router.guestnetworkname + " (" + router.redundantstate + ")";
}
@@ -2082,6 +2082,12 @@
},
isolationmethods: {
label: 'label.isolation.method'
+ },
+ vlan: {
+ label: 'label.vlan'
+ },
+ broadcastdomainrange: {
+ label: 'label.broadcast.domain.range'
}
},
@@ -9107,6 +9113,14 @@
data: data,
success: function (json) {
var systemvmObjs = json.listsystemvmsresponse.systemvm;
+ $(systemvmObjs).each(function(idx, item) {
+ var controlIp = item.linklocalip;
+ if (item.hypervisor == "VMware") {
+ var controlIp = item.privateip;
+ }
+ item.controlip = controlIp;
+ });
+
if (systemvmObjs != undefined) {
$.ajax({
url: createURL('listHosts'),
@@ -9487,16 +9501,19 @@
label: 'label.name'
},
publicip: {
- label: 'label.public.ip'
+ label: 'label.ip'
},
- account: {
- label: 'label.account'
+ routerType: {
+ label: 'label.type'
},
guestnetworkname: {
label: 'label.network'
},
- routerType: {
- label: 'label.type'
+ account: {
+ label: 'label.account'
+ },
+ hostname: {
+ label: 'label.host'
},
state: {
converter: function (str) {
@@ -10878,6 +10895,12 @@
return args;
}
},
+ controlip: {
+ label: 'label.control.ip'
+ },
+ hostname: {
+ label: 'label.host'
+ },
zonename: {
label: 'label.zone'
},
@@ -13195,12 +13218,19 @@
netmask: {
label: 'label.netmask'
},
+ zonename: {
+ label: 'label.zone'
+ },
allocationstate: {
converter: function (str) {
// For localization
return str;
},
- label: 'label.allocation.state'
+ label: 'label.allocation.state',
+ indicator: {
+ 'Enabled': 'on',
+ 'Disabled': 'off'
+ }
}
},
@@ -13852,23 +13882,27 @@
name: {
label: 'label.name'
},
+ hypervisortype: {
+ label: 'label.hypervisor'
+ },
+ zonename: {
+ label: 'label.zone'
+ },
podname: {
label: 'label.pod'
},
- hypervisortype: {
- label: 'label.hypervisor'
+ managedstate: {
+ label: 'label.managed.state'
},
- //allocationstate: { label: 'label.allocation.state' },
- //managedstate: { label: 'Managed State' },
allocationstate: {
converter: function (str) {
// For localization
return str;
},
- label: 'label.state',
+ label: 'label.allocation.state',
indicator: {
'Enabled': 'on',
- 'Destroyed': 'off'
+ 'Disabled': 'off'
}
}
},
@@ -15405,15 +15439,26 @@
name: {
label: 'label.name'
},
+ ipaddress: {
+ label: 'label.ip.address'
+ },
+ hypervisor: {
+ label: 'label.hypervisor'
+ },
zonename: {
label: 'label.zone'
},
- podname: {
- label: 'label.pod'
- },
clustername: {
label: 'label.cluster'
},
+ resourcestate: {
+ label: 'label.resource.state',
+ indicator: {
+ 'Enabled': 'on',
+ 'Disabled': 'off',
+ 'Maintenance': 'warning'
+ }
+ },
state: {
label: 'label.state',
indicator: {
@@ -17415,12 +17460,34 @@
label: 'label.path',
truncate: true
},
+ type: {
+ label: 'label.type'
+ },
+ scope: {
+ label: 'label.scope'
+ },
clustername: {
label: 'label.cluster',
truncate: true
},
- scope: {
- label: 'label.scope'
+ zonename: {
+ label: 'label.zone'
+ },
+ state: {
+ label: 'label.state',
+ converter: function (str) {
+ // For localization
+ return str;
+ },
+ indicator: {
+ 'Up': 'on',
+ 'Down': 'off',
+ 'Removed': 'off',
+ 'ErrorInMaintenance': 'off',
+ 'PrepareForMaintenance': 'warning',
+ 'CancelMaintenance': 'warning',
+ 'Maintenance': 'warning',
+ }
}
},
@@ -19410,8 +19477,17 @@
name: {
label: 'label.name'
},
+ url: {
+ label: 'label.url'
+ },
protocol: {
label: 'label.protocol'
+ },
+ scope: {
+ label: 'label.scope'
+ },
+ zonename: {
+ label: 'label.zone'
}
},
diff --git a/ui/scripts/templates.js b/ui/scripts/templates.js
index 1ab1b9b..b2df73e 100755
--- a/ui/scripts/templates.js
+++ b/ui/scripts/templates.js
@@ -55,12 +55,24 @@
label: 'label.community'
}
},
+ preFilter: function() {
+ if (isAdmin()||isDomainAdmin()) {
+ return []
+ }
+ return ['account']
+ },
fields: {
name: {
label: 'label.name'
},
hypervisor: {
label: 'label.hypervisor'
+ },
+ ostypename: {
+ label: 'label.os.type'
+ },
+ account: {
+ label: 'label.account'
}
},
@@ -2038,9 +2050,21 @@
label: 'label.community'
}
},
+ preFilter: function() {
+ if (isAdmin()||isDomainAdmin()) {
+ return []
+ }
+ return ['account']
+ },
fields: {
name: {
label: 'label.name'
+ },
+ ostypename: {
+ label: 'label.os.type'
+ },
+ account: {
+ label: 'label.account'
}
},
@@ -2347,7 +2371,10 @@
id: item.id,
name: item.name,
description: item.description,
+ ostypename: item.ostypename,
ostypeid: item.ostypeid,
+ account: item.account,
+ domain: item.domain,
zones: item.zonename,
zoneids: [item.zoneid]
};
diff --git a/ui/scripts/ui/widgets/dataTable.js b/ui/scripts/ui/widgets/dataTable.js
index 4574052..216487f 100644
--- a/ui/scripts/ui/widgets/dataTable.js
+++ b/ui/scripts/ui/widgets/dataTable.js
@@ -78,19 +78,12 @@
return true;
};
- var splitTable = function() {
+ var reattachTable = function() {
var $mainContainer = $('<div>')
.addClass('data-table')
.appendTo($table.parent())
- .append(
- $table.detach()
+ .append($table.detach()
);
- $table = $mainContainer;
- var $theadContainer = $('<div>').addClass('fixed-header').prependTo($table);
- var $theadTable = $('<table>').appendTo($theadContainer).attr('nowrap', 'nowrap');
- var $thead = $table.find('thead').detach().appendTo($theadTable);
-
- return $thead;
};
/**
@@ -289,7 +282,7 @@
var init = function() {
var noSelect = options && options.noSelect == true ? true : false;
if (!$table.closest('div.data-table').size() && !$table.hasClass('no-split')) {
- splitTable();
+ reattachTable();
$table.find('tbody').closest('table').addClass('body');
}
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 33/34: CLOUDSTACK-9501: route is not available by
default on CentOS7 (#1637)
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 3dc2b4816756ad2bab0d4d10a84aed417831e254
Author: lmrv <ep...@le-morvan.com>
AuthorDate: Thu Dec 14 00:54:05 2017 +0530
CLOUDSTACK-9501: route is not available by default on CentOS7 (#1637)
This adds the `net-tools` dependency on CentOS cloudstack-agent rpms.
This will provide ifconfig, route and other tools that may be used
by CloudStack scripts and utilities.
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
packaging/centos7/cloud.spec | 1 +
1 file changed, 1 insertion(+)
diff --git a/packaging/centos7/cloud.spec b/packaging/centos7/cloud.spec
index 10b9c3e..caf1960 100644
--- a/packaging/centos7/cloud.spec
+++ b/packaging/centos7/cloud.spec
@@ -104,6 +104,7 @@ Requires: bridge-utils
Requires: ebtables
Requires: iptables
Requires: ethtool
+Requires: net-tools
Requires: iproute
Requires: ipset
Requires: perl
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 21/34: systemvmtemplate enlargements
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 2cb23efc51e4f3ceb4a8d5000fc07254f9bd6a0f
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Mon Dec 11 18:23:11 2017 +0530
systemvmtemplate enlargements
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
tools/appliance/definitions/systemvmtemplate/preseed.cfg | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/tools/appliance/definitions/systemvmtemplate/preseed.cfg b/tools/appliance/definitions/systemvmtemplate/preseed.cfg
index 290d867..60bd9a8 100644
--- a/tools/appliance/definitions/systemvmtemplate/preseed.cfg
+++ b/tools/appliance/definitions/systemvmtemplate/preseed.cfg
@@ -63,17 +63,17 @@ d-i partman-auto/expert_recipe string \
use_filesystem{ } filesystem{ ext2 } \
mountpoint{ /boot } \
. \
- 1000 40 1200 ext4 \
+ 1300 40 1500 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ / } \
. \
- 700 70 800 ext4 \
+ 550 70 800 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /var } \
. \
- 400 60 500 ext4 \
+ 350 60 500 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /var/log } \
@@ -83,7 +83,7 @@ d-i partman-auto/expert_recipe string \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /tmp } \
. \
- 200 100 1024 linux-swap \
+ 100 100 1024 linux-swap \
method{ swap } format{ } \
.
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 03/34: CLOUDSTACK-10013: Debian9 SystemVM appliance
improvements
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit c5f85438432f0b1dd5642562d0ff488c3bdac231
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Fri Nov 17 14:53:57 2017 +0530
CLOUDSTACK-10013: Debian9 SystemVM appliance improvements
- Refactor cloud-early-config and make appliance specific scripts
- Make patching work without requiring restart of appliance and remove
postinit script
- Migrate to systemd, speedup booting/loading
- Takes about 5-15s to boot on KVM, and 10-30seconds for VMware and XenServer
- Appliance boots and works on KVM, VMware, XenServer and HyperV
- Update Debian9 ISO url with sha512 checksum
- Speedup console proxy service launch
- Enable additional kernel modules
- Remove unknown ssh key
- Update vhd-util URL as previous URL was down
- Enable sshd by default
- Use hostnamectl to add hostname
- Disable services by default
- Use existing log4j xml, patching not necessary by cloud-early-config
- Several minor fixes and file refactorings, removed dead code/files
- Removes inserv
- Fix dnsmasq config syntax
- Fix haproxy config syntax
- Fix smoke tests and improve performance
- Fix apache pid file path in cloud.monitoring per the new template
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
.../consoleproxy/ConsoleProxyResource.java | 21 +-
.../src/com/cloud/network/HAProxyConfigurator.java | 16 +-
.../virtualnetwork/VirtualRoutingResourceTest.java | 8 +-
.../src/com/cloud/consoleproxy/ConsoleProxy.java | 41 +-
setup/db/db/schema-41000to41100.sql | 3 +
systemvm/conf/log4j-cloud.xml | 95 +-
.../debian/config/etc/apache2/vhost.template | 7 -
.../debian/config/etc/default/cloud-passwd-srvr | 19 -
.../patches/debian/config/etc/haproxy/haproxy.cfg | 3 +-
.../debian/config/etc/init.d/cloud-early-config | 1541 ++------------------
.../debian/config/etc/init.d/cloud-passwd-srvr | 4 -
systemvm/patches/debian/config/etc/init.d/postinit | 176 ---
systemvm/patches/debian/config/etc/rc.local | 56 +-
systemvm/patches/debian/config/etc/sysctl.conf | 1 -
.../debian/config/opt/cloud/bin/configure.py | 4 +-
.../debian/config/opt/cloud/bin/cs/CsApp.py | 1 -
.../debian/config/opt/cloud/bin/cs/CsDhcp.py | 4 +-
.../debian/config/opt/cloud/bin/cs/CsHelper.py | 6 +-
.../patches/debian/config/opt/cloud/bin/dnsmasq.sh | 4 +-
.../debian/config/opt/cloud/bin/edithosts.sh | 2 +-
.../debian/config/opt/cloud/bin/ipsectunnel.sh | 62 +-
.../debian/config/opt/cloud/bin/passwd_server_ip | 4 +-
.../debian/config/opt/cloud/bin/patchsystemvm.sh | 262 ----
.../debian/config/opt/cloud/bin/setup/common.sh | 862 +++++++++++
.../config/opt/cloud/bin/setup/consoleproxy.sh | 61 +
.../cloud => opt/cloud/bin/setup/default.sh} | 14 +-
.../debian/config/opt/cloud/bin/setup/dhcpsrvr.sh | 62 +
.../debian/config/opt/cloud/bin/setup/elbvm.sh | 53 +
.../debian/config/opt/cloud/bin/setup/ilbvm.sh | 46 +-
.../config/opt/cloud/bin/setup/patchsystemvm.sh | 57 +
.../debian/config/opt/cloud/bin/setup/router.sh | 106 ++
.../config/opt/cloud/bin/setup/secstorage.sh | 90 ++
.../debian/config/opt/cloud/bin/setup/vpcrouter.sh | 129 ++
.../opt/cloud/templates/check_heartbeat.sh.templ | 6 +-
.../debian/config/root/.ssh/authorized_keys | 2 +-
systemvm/scripts/_run.sh | 24 +-
systemvm/scripts/config_ssl.sh | 1 -
systemvm/scripts/run.sh | 4 -
systemvm/systemvm-descriptor.xml | 6 +-
.../integration/component/test_browse_templates.py | 6 +-
test/integration/component/test_browse_volumes.py | 6 +-
test/integration/component/test_security_groups.py | 4 +-
test/integration/smoke/test_list_ids_parameter.py | 70 +-
test/integration/smoke/test_loadbalance.py | 15 +-
test/integration/smoke/test_router_dns.py | 2 +-
test/integration/smoke/test_router_dnsservice.py | 16 +-
test/integration/smoke/test_routers.py | 18 +-
test/integration/smoke/test_ssvm.py | 237 +--
.../systemvmtemplate/authorized_keys.sh | 7 +-
.../definitions/systemvmtemplate/cleanup.sh | 13 +-
.../systemvmtemplate/configure_conntrack.sh | 3 +
.../definitions/systemvmtemplate/configure_grub.sh | 8 +-
.../systemvmtemplate/configure_login.sh | 1 +
.../systemvmtemplate/configure_networking.sh | 1 -
.../configure_systemvm_services.sh | 56 +-
.../definitions/systemvmtemplate/definition.rb | 6 +-
.../systemvmtemplate/install_systemvm_packages.sh | 31 +-
.../definitions/systemvmtemplate/preseed.cfg | 4 +-
.../definitions/systemvmtemplate/zerodisk.sh | 5 +
.../src/main/java/com/cloud/utils/ReflectUtil.java | 21 +
utils/src/main/java/com/cloud/utils/nio/Link.java | 4 +-
61 files changed, 1987 insertions(+), 2410 deletions(-)
diff --git a/agent/src/com/cloud/agent/resource/consoleproxy/ConsoleProxyResource.java b/agent/src/com/cloud/agent/resource/consoleproxy/ConsoleProxyResource.java
index 1fed3be..24e8257 100644
--- a/agent/src/com/cloud/agent/resource/consoleproxy/ConsoleProxyResource.java
+++ b/agent/src/com/cloud/agent/resource/consoleproxy/ConsoleProxyResource.java
@@ -59,6 +59,7 @@ import com.cloud.host.Host.Type;
import com.cloud.resource.ServerResource;
import com.cloud.resource.ServerResourceBase;
import com.cloud.utils.NumbersUtil;
+import com.cloud.utils.ReflectUtil;
import com.cloud.utils.net.NetUtils;
import com.cloud.utils.script.Script;
import com.google.gson.Gson;
@@ -315,20 +316,19 @@ public class ConsoleProxyResource extends ServerResourceBase implements ServerRe
private void launchConsoleProxy(final byte[] ksBits, final String ksPassword, final String encryptorPassword) {
final Object resource = this;
+ s_logger.info("Building class loader for com.cloud.consoleproxy.ConsoleProxy");
+ final ClassLoader loader = ReflectUtil.getClassLoaderForName("console-proxy");
if (_consoleProxyMain == null) {
+ s_logger.info("Running com.cloud.consoleproxy.ConsoleProxy with encryptor password=" + encryptorPassword);
_consoleProxyMain = new Thread(new ManagedContextRunnable() {
@Override
protected void runInContext() {
try {
- Class<?> consoleProxyClazz = Class.forName("com.cloud.consoleproxy.ConsoleProxy");
+ Class<?> consoleProxyClazz = loader.loadClass("com.cloud.consoleproxy.ConsoleProxy");
try {
- s_logger.info("Invoke setEncryptorPassword(), ecnryptorPassword: " + encryptorPassword);
- Method methodSetup = consoleProxyClazz.getMethod("setEncryptorPassword", String.class);
- methodSetup.invoke(null, encryptorPassword);
-
s_logger.info("Invoke startWithContext()");
- Method method = consoleProxyClazz.getMethod("startWithContext", Properties.class, Object.class, byte[].class, String.class);
- method.invoke(null, _properties, resource, ksBits, ksPassword);
+ Method method = consoleProxyClazz.getMethod("startWithContext", Properties.class, Object.class, byte[].class, String.class, String.class);
+ method.invoke(null, _properties, resource, ksBits, ksPassword, encryptorPassword);
} catch (SecurityException e) {
s_logger.error("Unable to launch console proxy due to SecurityException", e);
System.exit(ExitStatus.Error.value());
@@ -357,7 +357,7 @@ public class ConsoleProxyResource extends ServerResourceBase implements ServerRe
s_logger.info("com.cloud.consoleproxy.ConsoleProxy is already running");
try {
- Class<?> consoleProxyClazz = Class.forName("com.cloud.consoleproxy.ConsoleProxy");
+ Class<?> consoleProxyClazz = loader.loadClass("com.cloud.consoleproxy.ConsoleProxy");
Method methodSetup = consoleProxyClazz.getMethod("setEncryptorPassword", String.class);
methodSetup.invoke(null, encryptorPassword);
} catch (SecurityException e) {
@@ -441,6 +441,11 @@ public class ConsoleProxyResource extends ServerResourceBase implements ServerRe
}
@Override
+ public boolean stop() {
+ return true;
+ }
+
+ @Override
public void setName(String name) {
}
diff --git a/core/src/com/cloud/network/HAProxyConfigurator.java b/core/src/com/cloud/network/HAProxyConfigurator.java
index d3db0db..3b5f23f 100644
--- a/core/src/com/cloud/network/HAProxyConfigurator.java
+++ b/core/src/com/cloud/network/HAProxyConfigurator.java
@@ -48,7 +48,7 @@ public class HAProxyConfigurator implements LoadBalancerConfigurator {
private static String[] defaultsSection = {"defaults", "\tlog global", "\tmode tcp", "\toption dontlognull", "\tretries 3", "\toption redispatch",
"\toption forwardfor", "\toption forceclose", "\ttimeout connect 5000", "\ttimeout client 50000", "\ttimeout server 50000"};
- private static String[] defaultListen = {"listen vmops 0.0.0.0:9", "\toption transparent"};
+ private static String[] defaultListen = {"listen vmops", "\tbind 0.0.0.0:9", "\toption transparent"};
@Override
public String[] generateConfiguration(final List<PortForwardingRuleTO> fwRules) {
@@ -100,7 +100,10 @@ public class HAProxyConfigurator implements LoadBalancerConfigurator {
final List<String> result = new ArrayList<String>();
// add line like this: "listen 65_37_141_30-80 65.37.141.30:80"
StringBuilder sb = new StringBuilder();
- sb.append("listen ").append(poolName).append(" ").append(publicIP).append(":").append(publicPort);
+ sb.append("listen ").append(poolName);
+ result.add(sb.toString());
+ sb = new StringBuilder();
+ sb.append("\tbind ").append(publicIP).append(":").append(publicPort);
result.add(sb.toString());
sb = new StringBuilder();
// FIXME sb.append("\t").append("balance ").append(algorithm);
@@ -474,9 +477,12 @@ public class HAProxyConfigurator implements LoadBalancerConfigurator {
final String algorithm = lbTO.getAlgorithm();
final List<String> result = new ArrayList<String>();
- // add line like this: "listen 65_37_141_30-80 65.37.141.30:80"
+ // add line like this: "listen 65_37_141_30-80\n\tbind 65.37.141.30:80"
+ sb = new StringBuilder();
+ sb.append("listen ").append(poolName);
+ result.add(sb.toString());
sb = new StringBuilder();
- sb.append("listen ").append(poolName).append(" ").append(publicIP).append(":").append(publicPort);
+ sb.append("\tbind ").append(publicIP).append(":").append(publicPort);
result.add(sb.toString());
sb = new StringBuilder();
sb.append("\t").append("balance ").append(algorithm);
@@ -552,7 +558,7 @@ public class HAProxyConfigurator implements LoadBalancerConfigurator {
}
private String generateStatsRule(final LoadBalancerConfigCommand lbCmd, final String ruleName, final String statsIp) {
- final StringBuilder rule = new StringBuilder("\nlisten ").append(ruleName).append(" ").append(statsIp).append(":").append(lbCmd.lbStatsPort);
+ final StringBuilder rule = new StringBuilder("\nlisten ").append(ruleName).append("\n\tbind ").append(statsIp).append(":").append(lbCmd.lbStatsPort);
// TODO DH: write test for this in both cases
if (!lbCmd.keepAliveEnabled) {
s_logger.info("Haproxy mode http enabled");
diff --git a/core/test/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResourceTest.java b/core/test/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResourceTest.java
index 6405037..200f266 100644
--- a/core/test/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResourceTest.java
+++ b/core/test/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResourceTest.java
@@ -834,7 +834,8 @@ public class VirtualRoutingResourceTest implements VirtualRouterDeployer {
"\ttimeout client 50000\n" +
"\ttimeout server 50000\n" +
"\n" +
- "listen stats_on_guest 10.1.10.2:8081\n" +
+ "listen stats_on_guest\n" +
+ "\tbind 10.1.10.2:8081\n" +
"\tmode http\n" +
"\toption httpclose\n" +
"\tstats enable\n" +
@@ -843,7 +844,8 @@ public class VirtualRoutingResourceTest implements VirtualRouterDeployer {
"\tstats auth admin1:AdMiN123\n" +
"\n" +
"\t \n" +
- "listen 64_10_1_10-80 64.10.1.10:80\n" +
+ "listen 64_10_1_10-80\n" +
+ "\tbind 64.10.1.10:80\n" +
"\tbalance algo\n" +
"\tserver 64_10_1_10-80_0 10.1.10.2:80 check\n" +
"\tmode http\n" +
@@ -917,4 +919,4 @@ public class VirtualRoutingResourceTest implements VirtualRouterDeployer {
assertTrue(args.startsWith("-c /var/cache/cloud/VR-"));
assertTrue(args.endsWith(".cfg"));
}
-}
\ No newline at end of file
+}
diff --git a/services/console-proxy/server/src/com/cloud/consoleproxy/ConsoleProxy.java b/services/console-proxy/server/src/com/cloud/consoleproxy/ConsoleProxy.java
index 863f0bf..f0c3c4e 100644
--- a/services/console-proxy/server/src/com/cloud/consoleproxy/ConsoleProxy.java
+++ b/services/console-proxy/server/src/com/cloud/consoleproxy/ConsoleProxy.java
@@ -26,21 +26,18 @@ import java.lang.reflect.Method;
import java.net.InetSocketAddress;
import java.net.URISyntaxException;
import java.net.URL;
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
import java.util.Hashtable;
import java.util.Map;
import java.util.Properties;
import java.util.concurrent.Executor;
-import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.xml.DOMConfigurator;
-import com.google.gson.Gson;
-import com.sun.net.httpserver.HttpServer;
-
import com.cloud.consoleproxy.util.Logger;
import com.cloud.utils.PropertiesUtil;
+import com.cloud.utils.ReflectUtil;
+import com.google.gson.Gson;
+import com.sun.net.httpserver.HttpServer;
/**
*
@@ -74,25 +71,11 @@ public class ConsoleProxy {
static String factoryClzName;
static boolean standaloneStart = false;
- static String encryptorPassword = genDefaultEncryptorPassword();
-
- private static String genDefaultEncryptorPassword() {
- try {
- SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
-
- byte[] randomBytes = new byte[16];
- random.nextBytes(randomBytes);
- return Base64.encodeBase64String(randomBytes);
- } catch (NoSuchAlgorithmException e) {
- s_logger.error("Unexpected exception ", e);
- assert (false);
- }
-
- return "Dummy";
- }
+ static String encryptorPassword = "Dummy";
private static void configLog4j() {
- URL configUrl = System.class.getResource("/conf/log4j-cloud.xml");
+ final ClassLoader loader = ReflectUtil.getClassLoaderForName("conf");
+ URL configUrl = loader.getResource("/conf/log4j-cloud.xml");
if (configUrl == null)
configUrl = ClassLoader.getSystemResource("log4j-cloud.xml");
@@ -249,23 +232,25 @@ public class ConsoleProxy {
}
}
- public static void startWithContext(Properties conf, Object context, byte[] ksBits, String ksPassword) {
+ public static void startWithContext(Properties conf, Object context, byte[] ksBits, String ksPassword, String password) {
+ setEncryptorPassword(password);
+ configLog4j();
+ Logger.setFactory(new ConsoleProxyLoggerFactory());
s_logger.info("Start console proxy with context");
+
if (conf != null) {
for (Object key : conf.keySet()) {
s_logger.info("Context property " + (String)key + ": " + conf.getProperty((String)key));
}
}
- configLog4j();
- Logger.setFactory(new ConsoleProxyLoggerFactory());
-
// Using reflection to setup private/secure communication channel towards management server
ConsoleProxy.context = context;
ConsoleProxy.ksBits = ksBits;
ConsoleProxy.ksPassword = ksPassword;
try {
- Class<?> contextClazz = Class.forName("com.cloud.agent.resource.consoleproxy.ConsoleProxyResource");
+ final ClassLoader loader = ReflectUtil.getClassLoaderForName("agent");
+ Class<?> contextClazz = loader.loadClass("com.cloud.agent.resource.consoleproxy.ConsoleProxyResource");
authMethod = contextClazz.getDeclaredMethod("authenticateConsoleAccess", String.class, String.class, String.class, String.class, String.class, Boolean.class);
reportMethod = contextClazz.getDeclaredMethod("reportLoadInfo", String.class);
ensureRouteMethod = contextClazz.getDeclaredMethod("ensureRoute", String.class);
diff --git a/setup/db/db/schema-41000to41100.sql b/setup/db/db/schema-41000to41100.sql
index f546027..5f7eff2 100644
--- a/setup/db/db/schema-41000to41100.sql
+++ b/setup/db/db/schema-41000to41100.sql
@@ -489,3 +489,6 @@ INSERT IGNORE INTO `cloud`.`guest_os_hypervisor` (uuid, hypervisor_type, hypervi
-- Add XenServer 7.2 hypervisor guest OS mappings (copy 7.1.0 & remove Windows Vista, Windows XP, Windows 2003, CentOS 4.x, RHEL 4.xS, LES 10 (all versions) as per XenServer 7.2 Release Notes)
INSERT IGNORE INTO `cloud`.`guest_os_hypervisor` (uuid,hypervisor_type, hypervisor_version, guest_os_name, guest_os_id, created, is_user_defined) SELECT UUID(),'Xenserver', '7.2.0', guest_os_name, guest_os_id, utc_timestamp(), 0 FROM `cloud`.`guest_os_hypervisor` WHERE hypervisor_type='Xenserver' AND hypervisor_version='7.1.0' AND guest_os_id not in (1,2,3,4,56,101,56,58,93,94,50,51,87,88,89,90,91,92,26,27,28,29,40,41,42,43,44,45,96,97,107,108,109,110,151,152,153);
+
+-- Change monitor patch for apache2 in systemvm
+UPDATE `cloud`.`monitoring_services` SET pidfile="/var/run/apache2/apache2.pid" WHERE process_name="apache2" AND service_name="apache2";
diff --git a/systemvm/conf/log4j-cloud.xml b/systemvm/conf/log4j-cloud.xml
index 9c26bf4..b32bb57 100644
--- a/systemvm/conf/log4j-cloud.xml
+++ b/systemvm/conf/log4j-cloud.xml
@@ -18,37 +18,67 @@ specific language governing permissions and limitations
under the License.
-->
<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
-
<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/" debug="false">
<!-- ================================= -->
<!-- Preserve messages in a local file -->
<!-- ================================= -->
- <!-- A time/date based rolling appender -->
- <appender name="FILE" class="org.apache.log4j.DailyRollingFileAppender">
- <param name="File" value="${log.home}systemvm.log"/>
+ <appender name="FILE1" class="org.apache.log4j.RollingFileAppender">
+ <param name="File" value="/var/log/cloud.log"/>
+ <param name="MaxFileSize" value="10000KB"/>
+ <param name="MaxBackupIndex" value="4"/>
+
+ <layout class="org.apache.log4j.EnhancedPatternLayout">
+ <param name="ConversionPattern" value="%d{ISO8601}{GMT} %-5p [%c{3}] (%t:%x) %m%n"/>
+ </layout>
+ </appender>
+
+ <appender name="FILE2" class="org.apache.log4j.RollingFileAppender">
+ <param name="File" value="/var/log/cloud/cloud.out"/>
+ <param name="Append" value="true"/>
+ <param name="MaxFileSize" value="10000KB"/>
+ <param name="MaxBackupIndex" value="4"/>
+
+ <layout class="org.apache.log4j.EnhancedPatternLayout">
+ <param name="ConversionPattern" value="%d{ISO8601}{GMT} %-5p [%c{3}] (%t:%x) %m%n"/>
+ </layout>
+ </appender>
+
+ <appender name="FILE3" class="org.apache.log4j.rolling.RollingFileAppender">
+ <param name="File" value="/usr/local/cloud/systemvm/cloud.log"/>
+ <param name="Append" value="true"/>
+ <param name="MaxFileSize" value="10000KB"/>
+ <param name="MaxBackupIndex" value="4"/>
+
+ <layout class="org.apache.log4j.EnhancedPatternLayout">
+ <param name="ConversionPattern" value="%d{ISO8601}{GMT} %-5p [%c{3}] (%t:%x) %m%n"/>
+ </layout>
+ </appender>
+
+ <appender name="APISERVER" class="org.apache.log4j.rolling.RollingFileAppender">
<param name="Append" value="true"/>
<param name="Threshold" value="DEBUG"/>
+ <rollingPolicy class="org.apache.log4j.rolling.TimeBasedRollingPolicy">
+ <param name="FileNamePattern" value="/var/log/cloud/api-server.log.%d{yyyy-MM-dd}{GMT}.gz"/>
+ <param name="ActiveFileName" value="/var/log/cloud/api-server.log"/>
+ </rollingPolicy>
- <!-- Rollover at midnight each day -->
- <param name="DatePattern" value="'.'yyyy-MM-dd"/>
-
- <layout class="org.apache.log4j.PatternLayout">
- <param name="ConversionPattern" value="%d %-5p [%c{3}] (%t:%x) %m%n"/>
+ <layout class="org.apache.log4j.EnhancedPatternLayout">
+ <param name="ConversionPattern" value="%d{ISO8601}{GMT} %m%n"/>
</layout>
</appender>
-
+
<!-- ============================== -->
<!-- Append messages to the console -->
<!-- ============================== -->
<appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender">
<param name="Target" value="System.out"/>
- <param name="Threshold" value="WARN"/>
+ <param name="Threshold" value="INFO"/>
- <layout class="org.apache.log4j.PatternLayout">
- <param name="ConversionPattern" value="%d{ABSOLUTE} %5p %c{1}:%L - %m%n"/>
+ <layout class="org.apache.log4j.EnhancedPatternLayout">
+ <param name="ConversionPattern" value="%d{ABSOLUTE}{GMT} %5p %c{1}:%L - %m%n"/>
</layout>
</appender>
@@ -56,26 +86,14 @@ under the License.
<!-- Limit categories -->
<!-- ================ -->
- <category name="com.cloud.console.ConsoleCanvas">
- <priority value="WARN"/>
- </category>
-
- <category name="com.cloud.consoleproxy.ConsoleProxyAjaxImageHandler">
- <priority value="WARN"/>
- </category>
-
- <category name="com.cloud.consoleproxy.ConsoleProxyViewer">
- <priority value="WARN"/>
- </category>
-
- <category name="com.cloud.consoleproxy">
- <priority value="INFO"/>
+ <category name="com.cloud">
+ <priority value="DEBUG"/>
</category>
- <category name="com.cloud">
+ <category name="org.apache.cloudstack">
<priority value="DEBUG"/>
</category>
-
+
<!-- Limit the org.apache category to INFO as its DEBUG is verbose -->
<category name="org.apache">
<priority value="INFO"/>
@@ -84,20 +102,19 @@ under the License.
<category name="org">
<priority value="INFO"/>
</category>
-
+
<category name="net">
<priority value="INFO"/>
</category>
- <!-- Limit the com.amazonaws category to INFO as its DEBUG is verbose -->
- <category name="com.amazonaws">
- <priority value="INFO"/>
+ <category name="apiserver.com.cloud">
+ <priority value="DEBUG"/>
</category>
- <!-- Limit the httpclient.wire category to INFO as its DEBUG is verbose -->
- <category name="httpclient.wire">
- <priority value="INFO"/>
- </category>
+ <logger name="apiserver.com.cloud" additivity="false">
+ <level value="DEBUG"/>
+ <appender-ref ref="APISERVER"/>
+ </logger>
<!-- ======================= -->
<!-- Setup the Root category -->
@@ -106,7 +123,9 @@ under the License.
<root>
<level value="INFO"/>
<appender-ref ref="CONSOLE"/>
- <appender-ref ref="FILE"/>
+ <appender-ref ref="FILE1"/>
+ <appender-ref ref="FILE2"/>
+ <appender-ref ref="FILE3"/>
</root>
</log4j:configuration>
diff --git a/systemvm/patches/debian/config/etc/apache2/vhost.template b/systemvm/patches/debian/config/etc/apache2/vhost.template
index 043a286..7b89c3b 100644
--- a/systemvm/patches/debian/config/etc/apache2/vhost.template
+++ b/systemvm/patches/debian/config/etc/apache2/vhost.template
@@ -83,9 +83,6 @@
Allow from 127.0.0.0/255.0.0.0 ::1/128
</Directory>
- # Include CORS configuration **IF SET**
- Include /etc/apache2/[cC][oO][rR][sS].conf
-
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
@@ -228,12 +225,8 @@
# README.Debian.gz
Listen 10.1.1.1:80
-NameVirtualHost 10.1.1.1:80
<IfModule mod_ssl.c>
- # If you add NameVirtualHost *:443 here, you will also have to change
- # the VirtualHost statement in /etc/apache2/sites-available/default-ssl
- # to <VirtualHost *:443>
# Server Name Indication for SSL named virtual hosts is currently not
# supported by MSIE on Windows XP.
Listen 10.1.1.1:443
diff --git a/systemvm/patches/debian/config/etc/default/cloud-passwd-srvr b/systemvm/patches/debian/config/etc/default/cloud-passwd-srvr
deleted file mode 100644
index 0b85c63..0000000
--- a/systemvm/patches/debian/config/etc/default/cloud-passwd-srvr
+++ /dev/null
@@ -1,19 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-#set ENABLED to 1 if you want the init script to start the password server
-ENABLED=0
diff --git a/systemvm/patches/debian/config/etc/haproxy/haproxy.cfg b/systemvm/patches/debian/config/etc/haproxy/haproxy.cfg
index 94737ac..0adbfc6 100644
--- a/systemvm/patches/debian/config/etc/haproxy/haproxy.cfg
+++ b/systemvm/patches/debian/config/etc/haproxy/haproxy.cfg
@@ -22,5 +22,6 @@ defaults
timeout server 50000
-listen cloud-default 0.0.0.0:35999
+listen cloud-default
+ bind 0.0.0.0:35999
option transparent
diff --git a/systemvm/patches/debian/config/etc/init.d/cloud-early-config b/systemvm/patches/debian/config/etc/init.d/cloud-early-config
index 6eaed91..9964f90 100755
--- a/systemvm/patches/debian/config/etc/init.d/cloud-early-config
+++ b/systemvm/patches/debian/config/etc/init.d/cloud-early-config
@@ -5,7 +5,7 @@
# Required-Stop: $local_fs
# Default-Start: S
# Default-Stop: 0 6
-# Short-Description: configure according to cmdline
+# Short-Description: configures systemvm using cmdline
### END INIT INFO
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
@@ -24,21 +24,14 @@
# specific language governing permissions and limitations
# under the License.
-PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin"
#set -x
#exec 3>&0 4>&1 > /var/log/test.log 2>&1
-#start hv_kvp daemon
-[ -f /usr/sbin/hv_kvp_daemon ] && /usr/sbin/hv_kvp_daemon
-
-# Fix haproxy directory issue
-mkdir -p /var/lib/haproxy
+PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin"
+CMDLINE=/var/cache/cloud/cmdline
# Clear boot up flag, it would be created by rc.local after boot up done
rm -f /var/cache/cloud/boot_up_done
-# Randomize cloud password so only ssh login is allowed
-echo "cloud:`openssl rand -base64 32`" | chpasswd
-
[ -x /sbin/ifup ] || exit 0
. /lib/lsb/init-functions
@@ -48,71 +41,45 @@ log_it() {
log_action_msg "$@"
}
-init_interfaces_orderby_macs() {
- macs=( $(echo $1 | sed "s/|/ /g") )
- total_nics=${#macs[@]}
- interface_file=${2:-"/etc/network/interfaces"}
- rule_file=${3:-"/etc/udev/rules.d/70-persistent-net.rules"}
-
- echo -n "auto lo" > $interface_file
- for((i=0; i<total_nics; i++))
- do
- if [[ $i < 3 ]]
- then
- echo -n " eth$i" >> $interface_file
- fi
- done
- cat >> $interface_file << EOF
-
-iface lo inet loopback
-
-EOF
-
- echo "" > $rule_file
- for((i=0; i < ${#macs[@]}; i++))
- do
- echo "SUBSYSTEM==\"net\", ACTION==\"add\", DRIVERS==\"?*\", ATTR{address}==\"${macs[$i]}\", NAME=\"eth$i\"" >> $rule_file
- done
-}
-
-init_interfaces() {
- if [ "$NIC_MACS" == "" ]
- then
- cat > /etc/network/interfaces << EOF
-auto lo $1 $2 $3
-iface lo inet loopback
-
-EOF
- else
- init_interfaces_orderby_macs "$NIC_MACS"
- fi
-}
-
hypervisor() {
- [ -d /proc/xen ] && mount -t xenfs none /proc/xen
- [ -d /proc/xen ] && echo "xen-domU" && return 0
-
local try=$([ -x /usr/sbin/virt-what ] && virt-what | tail -1)
[ "$try" != "" ] && echo $try && return 0
- vmware-checkvm &> /dev/null && echo "vmware" && return 0
-
grep -q QEMU /proc/cpuinfo && echo "kvm" && return 0
grep -q QEMU /var/log/messages && echo "kvm" && return 0
+ [ -d /proc/xen ] && mount -t xenfs none /proc/xen
+ [ -d /proc/xen ] && echo "xen-domU" && return 0
+
+ vmware-checkvm &> /dev/null && echo "vmware" && return 0
+
echo "unknown" && return 1
+}
+config_guest() {
+ if [ "$HYPERVISOR" == "kvm" ]
+ then
+ # Configure hot-plug
+ modprobe acpiphp || true
+ modprobe pci_hotplug || true
+ # Configure serial console FIXME: remove during build we enable it?
+ #sed -i -e "/^serial.*/d" /boot/grub/grub.conf
+ #sed -i -e "/^terminal.*/d" /boot/grub/grub.conf
+ #sed -i -e "/^default.*/a\serial --unit=0 --speed=115200 --parity=no --stop=1" /boot/grub/grub.conf
+ #sed -i -e "/^serial.*/a\terminal --timeout=0 serial console" /boot/grub/grub.conf
+ #sed -i -e "s/\(^kernel.* ro\) \(console.*\)/\1 console=tty0 console=ttyS0,115200n8/" /boot/grub/grub.conf
+ sed -i -e "/^s0:2345:respawn.*/d" /etc/inittab
+ sed -i -e "/6:23:respawn/a\s0:2345:respawn:/sbin/getty -L 115200 ttyS0 vt102" /etc/inittab
+ fi
+ [ ! -d /proc/xen ] && sed -i 's/^vc/#vc/' /etc/inittab && telinit q
+ [ -d /proc/xen ] && sed -i 's/^#vc/vc/' /etc/inittab && telinit q
}
get_boot_params() {
- local EXTRA_MOUNT=/media/extra
- local hyp=$(hypervisor)
- [ $? -ne 0 ] && log_it "Failed to detect hypervisor type, bailing out of early init" && exit 10
-
- case $hyp in
+ case $HYPERVISOR in
xen-domU|xen-hvm)
- cat /proc/cmdline > /var/cache/cloud/cmdline
- sed -i "s/%/ /g" /var/cache/cloud/cmdline
+ cat /proc/cmdline > $CMDLINE
+ sed -i "s/%/ /g" $CMDLINE
;;
kvm)
VPORT=$(find /dev/virtio-ports -type l -name '*.vport' 2>/dev/null|head -1)
@@ -125,66 +92,79 @@ get_boot_params() {
log_it "${VPORT} not loaded, perhaps guest kernel is too old." && exit 2
fi
- local factor=2
- local progress=1
- for i in {1..5}
- do
- while read line; do
- if [[ $line == cmdline:* ]]; then
- cmd=${line//cmdline:/}
- echo $cmd > /var/cache/cloud/cmdline
- elif [[ $line == pubkey:* ]]; then
- pubkey=${line//pubkey:/}
- echo $pubkey > /var/cache/cloud/authorized_keys
- echo $pubkey > /root/.ssh/authorized_keys
+ local factor=2
+ local progress=1
+ for i in {1..5}
+ do
+ while read line; do
+ if [[ $line == cmdline:* ]]; then
+ cmd=${line//cmdline:/}
+ echo $cmd > $CMDLINE
+ elif [[ $line == pubkey:* ]]; then
+ pubkey=${line//pubkey:/}
+ echo $pubkey > /var/cache/cloud/authorized_keys
+ echo $pubkey > /root/.ssh/authorized_keys
fi
- done < $VPORT
- # In case of reboot we do not send the boot args again.
- # So, no need to wait for them, as the boot args are already set at startup
- if [ -s /var/cache/cloud/cmdline ]
- then
+ done < $VPORT
+ # In case of reboot we do not send the boot args again.
+ # So, no need to wait for them, as the boot args are already set at startup
+ if [ -s $CMDLINE ]
+ then
log_it "Found a non empty cmdline file. Will now exit the loop and proceed with configuration."
break;
fi
sleep ${progress}s
progress=$[ progress * factor ]
- done
+ done
chmod go-rwx /root/.ssh/authorized_keys
;;
vmware)
- vmtoolsd --cmd 'machine.id.get' > /var/cache/cloud/cmdline
+ vmtoolsd --cmd 'machine.id.get' > $CMDLINE
;;
virtualpc|hyperv)
# Hyper-V is recognized as virtualpc hypervisor type. Boot args are passed using KVP Daemon
#waiting for the hv_kvp_daemon to start up
#sleep need to fix the race condition of hv_kvp_daemon and cloud-early-config
+ [ -f /usr/sbin/hv_kvp_daemon ] && /usr/sbin/hv_kvp_daemon
sleep 5
- cp -f /var/opt/hyperv/.kvp_pool_0 /var/cache/cloud/cmdline
+ cp -f /var/opt/hyperv/.kvp_pool_0 $CMDLINE
cat /dev/null > /var/opt/hyperv/.kvp_pool_0
;;
virtualbox)
# Virtualbox is used to test the virtual router
# get the commandline from a dmistring (yes, hacky!)
- dmidecode | grep cmdline | sed 's/^.*cmdline://' > /var/cache/cloud/cmdline
+ dmidecode | grep cmdline | sed 's/^.*cmdline://' > $CMDLINE
RV=$?
if [ $RV -ne 0 ] ; then
log_it "Failed to get cmdline from a virtualbox dmi property"
fi
;;
esac
+}
+get_systemvm_type() {
+ for str in $(cat $CMDLINE)
+ do
+ KEY=$(echo $str | cut -d= -f1)
+ VALUE=$(echo $str | cut -d= -f2)
+ case $KEY in
+ type)
+ export TYPE=$VALUE
+ ;;
+ *)
+ ;;
+ esac
+ done
}
patch() {
local PATCH_MOUNT=/media/cdrom
local patchfile=$PATCH_MOUNT/cloud-scripts.tgz
- local md5file=/var/cache/cloud/cloud-scripts-signature
local privkey=$PATCH_MOUNT/authorized_keys
- local shouldpatch=false
+ local md5file=/var/cache/cloud/cloud-scripts-signature
local cdrom_dev=
mkdir -p $PATCH_MOUNT
-
if [ -e /dev/xvdd ]; then
cdrom_dev=/dev/xvdd
elif [ -e /dev/cdrom ]; then
@@ -196,1370 +176,101 @@ patch() {
elif [ -e /dev/cdrom3 ]; then
cdrom_dev=/dev/cdrom3
fi
+
[ -f /var/cache/cloud/authorized_keys ] && privkey=/var/cache/cloud/authorized_keys
if [ -n "$cdrom_dev" ]; then
mount -o ro $cdrom_dev $PATCH_MOUNT
- [ -f $privkey ] && cp -f $privkey /root/.ssh/ && chmod go-rwx /root/.ssh/authorized_keys
local oldmd5=
[ -f ${md5file} ] && oldmd5=$(cat ${md5file})
local newmd5=
[ -f ${patchfile} ] && newmd5=$(md5sum ${patchfile} | awk '{print $1}')
-
- if [ "$oldmd5" != "$newmd5" ] && [ -f ${patchfile} ] && [ "$newmd5" != "" ]
+
+ log_it "Scripts checksum detected: oldmd5=$oldmd5 newmd5=$newmd5"
+ if [ "$oldmd5" != "$newmd5" ] && [ -f ${patchfile} ] && [ "$newmd5" != "" ]
then
- shouldpatch=true
- log_it "Patching scripts oldmd5=$oldmd5 newmd5=$newmd5"
tar xzf $patchfile -C /
echo ${newmd5} > ${md5file}
+ log_it "Patched scripts using $patchfile"
fi
- log_it "Patching cloud service"
- hyperVisor=$(hypervisor)
- /opt/cloud/bin/patchsystemvm.sh $PATCH_MOUNT $hyperVisor
- umount $PATCH_MOUNT
-
- if [ "$shouldpatch" == "true" ]
- then
- log_it "Rebooting system since we patched init scripts"
- sync
- sleep 2
- reboot
- fi
- fi
- if [ -f /mnt/cmdline ]; then
- cat /mnt/cmdline > /var/cache/cloud/cmdline
- fi
- return 0
-}
-
-patch_log4j() {
-log_it "Updating log4j-cloud.xml"
-mkdir -p /usr/local/cloud/systemvm/conf
-cat << "EOF" > /usr/local/cloud/systemvm/conf/temp.xml
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
-
-<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/" debug="false">
-
- <!-- ================================= -->
- <!-- Preserve messages in a local file -->
- <!-- ================================= -->
-
- <appender name="FILE1" class="org.apache.log4j.RollingFileAppender">
- <param name="File" value="/var/log/cloud.log"/>
- <param name="MaxFileSize" value="10000KB"/>
- <param name="MaxBackupIndex" value="4"/>
-
- <layout class="org.apache.log4j.EnhancedPatternLayout">
- <param name="ConversionPattern" value="%d{ISO8601}{GMT} %-5p [%c{3}] (%t:%x) %m%n"/>
- </layout>
- </appender>
-
- <appender name="FILE2" class="org.apache.log4j.RollingFileAppender">
- <param name="File" value="/var/log/cloud/cloud.out"/>
- <param name="Append" value="true"/>
- <param name="MaxFileSize" value="10000KB"/>
- <param name="MaxBackupIndex" value="4"/>
-
- <layout class="org.apache.log4j.EnhancedPatternLayout">
- <param name="ConversionPattern" value="%d{ISO8601}{GMT} %-5p [%c{3}] (%t:%x) %m%n"/>
- </layout>
- </appender>
-
- <appender name="FILE3" class="org.apache.log4j.rolling.RollingFileAppender">
- <param name="File" value="/usr/local/cloud/systemvm/cloud.log"/>
- <param name="Append" value="true"/>
- <param name="MaxFileSize" value="10000KB"/>
- <param name="MaxBackupIndex" value="4"/>
-
- <layout class="org.apache.log4j.EnhancedPatternLayout">
- <param name="ConversionPattern" value="%d{ISO8601}{GMT} %-5p [%c{3}] (%t:%x) %m%n"/>
- </layout>
- </appender>
-
- <appender name="APISERVER" class="org.apache.log4j.rolling.RollingFileAppender">
- <param name="Append" value="true"/>
- <param name="Threshold" value="DEBUG"/>
- <rollingPolicy class="org.apache.log4j.rolling.TimeBasedRollingPolicy">
- <param name="FileNamePattern" value="/var/log/cloud/api-server.log.%d{yyyy-MM-dd}{GMT}.gz"/>
- <param name="ActiveFileName" value="/var/log/cloud/api-server.log"/>
- </rollingPolicy>
-
- <layout class="org.apache.log4j.EnhancedPatternLayout">
- <param name="ConversionPattern" value="%d{ISO8601}{GMT} %m%n"/>
- </layout>
- </appender>
-
- <!-- ============================== -->
- <!-- Append messages to the console -->
- <!-- ============================== -->
-
- <appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender">
- <param name="Target" value="System.out"/>
- <param name="Threshold" value="INFO"/>
-
- <layout class="org.apache.log4j.EnhancedPatternLayout">
- <param name="ConversionPattern" value="%d{ABSOLUTE}{GMT} %5p %c{1}:%L - %m%n"/>
- </layout>
- </appender>
-
- <!-- ================ -->
- <!-- Limit categories -->
- <!-- ================ -->
-
- <category name="com.cloud">
- <priority value="DEBUG"/>
- </category>
-
- <!-- Limit the org.apache category to INFO as its DEBUG is verbose -->
- <category name="org.apache">
- <priority value="INFO"/>
- </category>
-
- <category name="org">
- <priority value="INFO"/>
- </category>
-
- <category name="net">
- <priority value="INFO"/>
- </category>
-
- <category name="apiserver.com.cloud">
- <priority value="DEBUG"/>
- </category>
-
- <logger name="apiserver.com.cloud" additivity="false">
- <level value="DEBUG"/>
- <appender-ref ref="APISERVER"/>
- </logger>
-
- <!-- ======================= -->
- <!-- Setup the Root category -->
- <!-- ======================= -->
-
- <root>
- <level value="INFO"/>
- <appender-ref ref="CONSOLE"/>
- <appender-ref ref="FILE1"/>
- <appender-ref ref="FILE2"/>
- <appender-ref ref="FILE3"/>
- </root>
-
-</log4j:configuration>
-EOF
-mv /usr/local/cloud/systemvm/conf/temp.xml /usr/local/cloud/systemvm/conf/log4j-cloud.xml
-}
-
-setup_interface() {
- local intfnum=$1
- local ip=$2
- local mask=$3
- local gw=$4
- local force=$5
- local intf=eth${intfnum}
- local bootproto="static"
-
-
- if [ "$BOOTPROTO" == "dhcp" ]
- then
- if [ "$intfnum" != "0" ]
- then
- bootproto="dhcp"
- fi
- fi
-
- if [ "$ip" != "0.0.0.0" -a "$ip" != "" -o "$force" == "force" ]
- then
- echo "iface $intf inet $bootproto" >> /etc/network/interfaces
- if [ "$bootproto" == "static" ]
- then
- echo " address $ip " >> /etc/network/interfaces
- echo " netmask $mask" >> /etc/network/interfaces
- fi
- fi
-
- if [ "$ip" == "0.0.0.0" -o "$ip" == "" ]
- then
- ifconfig $intf down
- fi
-
- if [ "$force" == "force" ]
- then
- ifdown $intf
- else
- ifdown $intf
- if [ "$RROUTER" != "1" -o "$1" != "2" ]
- then
- ifup $intf
- timer=0
- log_it "checking that $intf has IP "
- while true
- do
- ip=$(ifconfig $intf | grep "inet addr:" | awk '{print $2}' | awk -F: '{print $2}')
- if [ -z $ip ]
- then
- sleep 1;
- #waiting for the interface to setup with ip
- log_it "waiting for $intf interface setup with ip timer=$timer"
- else
- break
- fi
-
- if [ $timer -gt 15 ]
- then
- log_it "interface $intf is not set up with ip... exiting";
- break
- fi
-
- timer=`expr $timer + 1`
- done
- fi
- fi
-}
-
-setup_interface_ipv6() {
- sysctl net.ipv6.conf.all.disable_ipv6=0
- sysctl net.ipv6.conf.all.forwarding=1
- sysctl net.ipv6.conf.all.accept_ra=1
-
- sed -i "s/net.ipv6.conf.all.disable_ipv6 =.*$/net.ipv6.conf.all.disable_ipv6 = 0/" /etc/sysctl.conf
- sed -i "s/net.ipv6.conf.all.forwarding =.*$/net.ipv6.conf.all.forwarding = 1/" /etc/sysctl.conf
- sed -i "s/net.ipv6.conf.all.accept_ra =.*$/net.ipv6.conf.all.accept_ra = 1/" /etc/sysctl.conf
-
- local intfnum=$1
- local ipv6="$2"
- local prelen="$3"
- local intf=eth${intfnum}
-
- echo "iface $intf inet6 static" >> /etc/network/interfaces
- echo " address $ipv6 " >> /etc/network/interfaces
- echo " netmask $prelen" >> /etc/network/interfaces
- echo " accept_ra 1" >> /etc/network/interfaces
- ifdown $intf
- ifup $intf
-}
-
-enable_fwding() {
- local enabled=$1
- log_it "cloud: enable_fwding = $1"
- log_it "enable_fwding = $1"
- echo "$1" > /proc/sys/net/ipv4/ip_forward
- [ -f /etc/iptables/iptables.conf ] && sed -i "s/ENABLE_ROUTING=.*$/ENABLE_ROUTING=$enabled/" /etc/iptables/iptables.conf && return
-}
-
-disable_rpfilter() {
- log_it "cloud: disable rp_filter"
- log_it "disable rpfilter"
- sed -i "s/net.ipv4.conf.default.rp_filter.*$/net.ipv4.conf.default.rp_filter = 0/" /etc/sysctl.conf
-}
-
-get_public_vif_list() {
- local vif_list=""
- for i in /sys/class/net/eth*; do
- vif=$(basename $i);
- if [ "$vif" != "eth0" ] && [ "$vif" != "eth1" ]
- then
- vif_list="$vif_list $vif";
- fi
- done
-
- echo $vif_list
-}
-
-disable_rpfilter_domR() {
- log_it "cloud: Tuning rp_filter on public interfaces"
-
- VIF_LIST=$(get_public_vif_list)
- log_it "rpfilter public interfaces : $VIF_LIST"
- if [ "$DISABLE_RP_FILTER" == "true" ]
- then
- log_it "cloud: disable rp_filter on public interfaces"
- sed -i "s/net.ipv4.conf.default.rp_filter.*$/net.ipv4.conf.default.rp_filter = 0/" /etc/sysctl.conf
- echo "0" > /proc/sys/net/ipv4/conf/default/rp_filter
- for vif in $VIF_LIST; do
- log_it "cloud: disable rp_filter on public interface: $vif"
- sed -i "s/net.ipv4.conf.$vif.rp_filter.*$/net.ipv4.conf.$vif.rp_filter = 0/" /etc/sysctl.conf
- echo "0" > /proc/sys/net/ipv4/conf/$vif/rp_filter
- done
- else
- log_it "cloud: enable rp_filter on public interfaces"
- sed -i "s/net.ipv4.conf.default.rp_filter.*$/net.ipv4.conf.default.rp_filter = 1/" /etc/sysctl.conf
- echo "1" > /proc/sys/net/ipv4/conf/default/rp_filter
- for vif in $VIF_LIST; do
- log_it "cloud: enable rp_filter on public interface: $vif"
- sed -i "s/net.ipv4.conf.$vif.rp_filter.*$/net.ipv4.conf.$vif.rp_filter = 1/" /etc/sysctl.conf
- echo "1" > /proc/sys/net/ipv4/conf/$vif/rp_filter
- done
- fi
- log_it "cloud: Enabling rp_filter on Non-public interfaces(eth0,eth1,lo)"
- echo "1" > /proc/sys/net/ipv4/conf/eth0/rp_filter
- echo "1" > /proc/sys/net/ipv4/conf/eth1/rp_filter
- echo "1" > /proc/sys/net/ipv4/conf/lo/rp_filter
-}
-
-enable_irqbalance() {
- local enabled=$1
- local proc=0
-
- proc=$(cat /proc/cpuinfo | grep "processor" | wc -l)
- if [ $proc -le 1 ] && [ $enabled -eq 1 ]
- then
- enabled=0
- fi
-
- log_it "Processors = $proc Enable service ${svc} = $enabled"
- local cfg=/etc/default/irqbalance
- [ -f $cfg ] && sed -i "s/ENABLED=.*$/ENABLED=$enabled/" $cfg && return
-}
-
-disable_hvc() {
- [ ! -d /proc/xen ] && sed -i 's/^vc/#vc/' /etc/inittab && telinit q
- [ -d /proc/xen ] && sed -i 's/^#vc/vc/' /etc/inittab && telinit q
-}
-
-enable_vpc_rpsrfs() {
- local enable=$1
- if [ $enable -eq 0 ]
- then
- echo 0 > /etc/rpsrfsenable
- else
- echo 1 > /etc/rpsrfsenable
- fi
-
- return 0
-}
-
-enable_rpsrfs() {
- local enable=$1
-
- if [ $enable -eq 0 ]
- then
- echo 0 > /etc/rpsrfsenable
- return 0
- fi
-
- if [ ! -f /sys/class/net/eth0/queues/rx-0/rps_cpus ]
- then
- echo "rps is not enabled in the kernel"
- echo 0 > /etc/rpsrfsenable
- return 0
- fi
-
- proc=$(cat /proc/cpuinfo | grep "processor" | wc -l)
- if [ $proc -le 1 ]
- then
- echo 0 > /etc/rpsrfsenable
- return 0;
- fi
-
- echo 1 > /etc/rpsrfsenable
- num=1
- num=$(($num<<$proc))
- num=$(($num-1));
- echo $num;
- hex=$(printf "%x\n" $num)
- echo $hex;
- #enable rps
- echo $hex > /sys/class/net/eth0/queues/rx-0/rps_cpus
- echo $hex > /sys/class/net/eth2/queues/rx-0/rps_cpus
-
- #enble rfs
- echo 256 > /proc/sys/net/core/rps_sock_flow_entries
- echo 256 > /sys/class/net/eth0/queues/rx-0/rps_flow_cnt
- echo 256 > /sys/class/net/eth2/queues/rx-0/rps_flow_cnt
-}
-
-setup_common() {
- init_interfaces $1 $2 $3
- if [ -n "$ETH0_IP" ]
- then
- setup_interface "0" $ETH0_IP $ETH0_MASK $GW
- fi
- if [ -n "$ETH0_IP6" ]
- then
- setup_interface_ipv6 "0" $ETH0_IP6 $ETH0_IP6_PRELEN
- fi
- setup_interface "1" $ETH1_IP $ETH1_MASK $GW
- if [ -n "$ETH2_IP" ]
- then
- setup_interface "2" $ETH2_IP $ETH2_MASK $GW
- fi
-
- echo $NAME > /etc/hostname
- echo 'AVAHI_DAEMON_DETECT_LOCAL=0' > /etc/default/avahi-daemon
- hostname $NAME
-
- #Nameserver
- sed -i -e "/^nameserver.*$/d" /etc/resolv.conf # remove previous entries
- sed -i -e "/^nameserver.*$/d" /etc/dnsmasq-resolv.conf # remove previous entries
- if [ -n "$internalNS1" ]
- then
- echo "nameserver $internalNS1" > /etc/dnsmasq-resolv.conf
- echo "nameserver $internalNS1" > /etc/resolv.conf
- fi
-
- if [ -n "$internalNS2" ]
- then
- echo "nameserver $internalNS2" >> /etc/dnsmasq-resolv.conf
- echo "nameserver $internalNS2" >> /etc/resolv.conf
- fi
- if [ -n "$NS1" ]
- then
- echo "nameserver $NS1" >> /etc/dnsmasq-resolv.conf
- echo "nameserver $NS1" >> /etc/resolv.conf
- fi
-
- if [ -n "$NS2" ]
- then
- echo "nameserver $NS2" >> /etc/dnsmasq-resolv.conf
- echo "nameserver $NS2" >> /etc/resolv.conf
- fi
-
- if [ -n "$IP6_NS1" ]
- then
- echo "nameserver $IP6_NS1" >> /etc/dnsmasq-resolv.conf
- echo "nameserver $IP6_NS1" >> /etc/resolv.conf
- fi
- if [ -n "$IP6_NS2" ]
- then
- echo "nameserver $IP6_NS2" >> /etc/dnsmasq-resolv.conf
- echo "nameserver $IP6_NS2" >> /etc/resolv.conf
- fi
-
- if [ -n "$MGMTNET" -a -n "$LOCAL_GW" ]
- then
- ip route add $MGMTNET via $LOCAL_GW dev eth1
- fi
-
- ip route delete default
- if [ "$RROUTER" != "1" ]
- then
- gwdev=$3
- if [ -z "$gwdev" ]
- then
- gwdev="eth0"
- fi
-
- ip route add default via $GW dev $gwdev
- fi
-
- # a hacking way to activate vSwitch under VMware
- ping -n -c 3 $GW &
- sleep 3
- pkill ping
- if [ -n "$MGMTNET" -a -n "$LOCAL_GW" ]
- then
- ping -n -c 3 $LOCAL_GW &
- sleep 3
- pkill ping
- #This code is added to address ARP issue by pinging MGMT_GW
- MGMT_GW=$(echo $MGMTNET | awk -F "." '{print $1"."$2"."$3".1"}')
- ping -n -c 3 $MGMT_GW &
- sleep 3
- pkill ping
-
- fi
-
- local hyp=$(hypervisor)
- if [ "$hyp" == "vmware" ]; then
- ntpq -p &> /dev/null || vmware-toolbox-cmd timesync enable
- fi
-}
+ log_it "Patching cloud service"
+ /opt/cloud/bin/setup/patchsystemvm.sh $PATCH_MOUNT $TYPE
-setup_dnsmasq() {
- log_it "Setting up dnsmasq"
-
- touch /etc/dhcpopts.txt
-
- [ -z $DHCP_RANGE ] && [ $ETH0_IP ] && DHCP_RANGE=$ETH0_IP
- [ $ETH0_IP6 ] && DHCP_RANGE_IP6=$ETH0_IP6
- [ -z $DOMAIN ] && DOMAIN="cloudnine.internal"
- #removing the dnsmasq multiple ranges config file.
- rm /etc/dnsmasq.d/multiple_ranges.conf
-
- #get the template
- cp /etc/dnsmasq.conf.tmpl /etc/dnsmasq.conf
-
- if [ -n "$DOMAIN" ]
- then
- #send domain name to dhcp clients
- sed -i s/[#]*dhcp-option=15.*$/dhcp-option=15,\"$DOMAIN\"/ /etc/dnsmasq.conf
- #DNS server will append $DOMAIN to local queries
- sed -r -i s/^[#]?domain=.*$/domain=$DOMAIN/ /etc/dnsmasq.conf
- #answer all local domain queries
- sed -i -e "s/^[#]*local=.*$/local=\/$DOMAIN\//" /etc/dnsmasq.conf
- fi
-
- if [ -n "$DNS_SEARCH_ORDER" ]
- then
- sed -i -e "/^[#]*dhcp-option.*=119.*$/d" /etc/dnsmasq.conf
- echo "dhcp-option-force=119,$DNS_SEARCH_ORDER" >> /etc/dnsmasq.conf
- # set the domain search order as a space seprated list for option 15
- DNS_SEARCH_ORDER=$(echo $DNS_SEARCH_ORDER | sed 's/,/ /g')
- #send domain name to dhcp clients
- sed -i s/[#]*dhcp-option=15.*$/dhcp-option=15,\""$DNS_SEARCH_ORDER"\"/ /etc/dnsmasq.conf
- fi
-
- if [ $DHCP_RANGE ]
- then
- sed -i -e "s/^dhcp-range_ip4=.*$/dhcp-range=$DHCP_RANGE,static/" /etc/dnsmasq.conf
- else
- sed -i -e "s/^dhcp-range_ip4=.*$//" /etc/dnsmasq.conf
- fi
- if [ $DHCP_RANGE_IP6 ]
- then
- sed -i -e "s/^dhcp-range_ip6=.*$/dhcp-range=$DHCP_RANGE_IP6,static/" /etc/dnsmasq.conf
- # For nondefault6 tagged host, don't send dns-server information
- sed -i /nondefault6/d /etc/dnsmasq.conf
- echo "dhcp-option=nondefault6,option6:dns-server" >> /etc/dnsmasq.conf
- else
- sed -i -e "s/^dhcp-range_ip6=.*$//" /etc/dnsmasq.conf
- fi
-
- if [ "$RROUTER" == "1" ]
- then
- DEFAULT_GW=$GUEST_GW
- INTERNAL_DNS=$GUEST_GW
- else
- if [ "$TYPE" == "dhcpsrvr" ]
- then
- DEFAULT_GW=$GW
- else
- DEFAULT_GW=$ETH0_IP
- fi
- INTERNAL_DNS=$ETH0_IP
- fi
- sed -i -e "/^[#]*dhcp-option=option:router.*$/d" /etc/dnsmasq.conf
- [ $DEFAULT_GW ] && echo "dhcp-option=option:router,$DEFAULT_GW" >> /etc/dnsmasq.conf
-
- [ $ETH0_IP ] && [ $NS1 ] && NS="$NS1,"
- [ $ETH0_IP ] && [ $NS2 ] && NS="$NS$NS2,"
- [ $ETH0_IP6 ] && [ $IP6_NS1 ] && NS6="[$IP6_NS1],"
- [ $ETH0_IP6 ] && [ $IP6_NS2 ] && NS6="$NS6[$IP6_NS2],"
- #for now set up ourself as the dns server as well
- sed -i -e "/^[#]*dhcp-option=6,.*$/d" /etc/dnsmasq.conf
- sed -i -e "/^[#]*dhcp-option=option6:dns-server,.*$/d" /etc/dnsmasq.conf
- if [ "$USE_EXTERNAL_DNS" != "true" ]
- then
- [ $ETH0_IP ] && NS="$INTERNAL_DNS,$NS"
- [ $ETH0_IP6 ] && NS6="[::],$NS6"
- # enable dns
- sed -i -e "/^[#]*port=.*$/d" /etc/dnsmasq.conf
- else
- # disable dns
- sed -i -e "/^[#]*port=.*$/d" /etc/dnsmasq.conf
- echo "port=0" >> /etc/dnsmasq.conf
- fi
- NS=${NS%?}
- NS6=${NS6%?}
- [ $ETH0_IP ] && echo "dhcp-option=6,$NS" >> /etc/dnsmasq.conf
- [ $ETH0_IP6 ] && echo "dhcp-option=option6:dns-server,$NS6" >> /etc/dnsmasq.conf
-#adding the name data-server to the /etc/hosts for allowing the access to user-data service and ssh-key reset in every subnet.
-#removing the existing entires to avoid duplicates on restarts.
- sed -i '/data-server/d' /etc/hosts
- if [ -n "$ETH0_IP" ]
- then
- echo "$ETH0_IP data-server" >> /etc/hosts
- fi
- if [ -n "$ETH0_IP6" ]
- then
- echo "$ETH0_IP6 data-server" >> /etc/hosts
- fi
-#add the dhcp-client-update only if dnsmasq version is 2.6 and above
- dnsmasqVersion=$(dnsmasq -v | grep version -m 1 | grep -o "[[:digit:]]\.[[:digit:]]")
- major=$(echo "$dnsmasqVersion" | cut -d '.' -f 1)
- minor=$(echo "$dnsmasqVersion" | cut -d '.' -f 2)
- if [ "$major" -eq '2' -a "$minor" -ge '6' ] || [ "$major" -gt '2' ]
- then
- sed -i -e "/^dhcp-client-update/d" /etc/dnsmasq.conf
- echo 'dhcp-client-update' >> /etc/dnsmasq.conf
- fi
-
- command -v dhcp_release > /dev/null 2>&1
- no_dhcp_release=$?
- if [ $no_dhcp_release -eq 0 -a -z "$ETH0_IP6" ]
- then
- echo 1 > /var/cache/cloud/dnsmasq_managed_lease
- sed -i -e "/^leasefile-ro/d" /etc/dnsmasq.conf
- else
- echo 0 > /var/cache/cloud/dnsmasq_managed_lease
- fi
-}
-
-setup_sshd(){
- local ip=$1
- local eth=$2
- [ -f /etc/ssh/sshd_config ] && sed -i -e "s/^[#]*ListenAddress.*$/ListenAddress $ip/" /etc/ssh/sshd_config
- sed -i "/3922/s/eth./$eth/" /etc/iptables/rules.v4
- sed -i "/3922/s/eth./$eth/" /etc/iptables/rules
- systemctl restart sshd
-}
-
-
-setup_vpc_apache2() {
- log_it "Setting up apache web server for VPC"
- systemctl disable apache2
- clean_ipalias_config
- setup_apache2_common
-}
-
-
-clean_ipalias_config() {
- # Old
- rm -f /etc/apache2/conf.d/ports.*.meta-data.conf
- rm -f /etc/apache2/sites-available/ipAlias*
- rm -f /etc/apache2/sites-enabled/ipAlias*
- rm -f /etc/apache2/conf.d/vhost*.conf
- rm -f /etc/apache2/ports.conf
- rm -f /etc/apache2/vhostexample.conf
- rm -f /etc/apache2/sites-available/default
- rm -f /etc/apache2/sites-available/default-ssl
- rm -f /etc/apache2/sites-enabled/default
- rm -f /etc/apache2/sites-enabled/default-ssl
-
- # New
- rm -f /etc/apache2/sites-enabled/vhost-*.conf
- rm -f /etc/apache2/sites-enabled/000-default
-
- rm -rf /etc/failure_config
-}
-
-setup_apache2_common() {
- sed -i 's/^Include ports.conf.*/# CS: Done by Python CsApp config\n#Include ports.conf/g' /etc/apache2/apache2.conf
- [ -f /etc/apache2/conf.d/security ] && sed -i -e "s/^ServerTokens .*/ServerTokens Prod/g" /etc/apache2/conf.d/security
- [ -f /etc/apache2/conf.d/security ] && sed -i -e "s/^ServerSignature .*/ServerSignature Off/g" /etc/apache2/conf.d/security
-
- # Disable listing of http://SSVM-IP/icons folder for security issue. see article http://www.i-lateral.com/tutorials/disabling-the-icons-folder-on-an-ubuntu-web-server/
- [ -f /etc/apache2/mods-available/alias.conf ] && sed -i s/"Options Indexes MultiViews"/"Options -Indexes MultiViews"/ /etc/apache2/mods-available/alias.conf
-
- echo "Options -Indexes" > /var/www/html/.htaccess
-}
-
-setup_apache2() {
- log_it "Setting up apache web server"
- clean_ipalias_config
- setup_apache2_common
- local ip=$1
-
- # Deprecated, functionality moved to Cs Python code
- # [ -f /etc/apache2/sites-available/default ] && sed -i -e "s/<VirtualHost.*>/<VirtualHost $ip:80>/" /etc/apache2/sites-available/default
- # [ -f /etc/apache2/sites-available/default-ssl ] && sed -i -e "s/<VirtualHost.*>/<VirtualHost $ip:443>/" /etc/apache2/sites-available/default-ssl
- # [ -f /etc/apache2/ports.conf ] && sed -i -e "s/Listen .*:80/Listen $ip:80/g" /etc/apache2/ports.conf
- # [ -f /etc/apache2/ports.conf ] && sed -i -e "s/Listen .*:443/Listen $ip:443/g" /etc/apache2/ports.conf
- # [ -f /etc/apache2/ports.conf ] && sed -i -e "s/NameVirtualHost .*:80/NameVirtualHost $ip:80/g" /etc/apache2/ports.conf
-}
-
-setup_aesni() {
- if [ `grep aes /proc/cpuinfo | wc -l` -gt 0 ]
- then
- modprobe aesni_intel
- fi
-}
-
-load_modules() {
-
- #load nf modules for ftp
- modprobe nf_nat_ftp
- modprobe nf_conntrack_ftp
-}
-
-setup_router() {
- log_it "Setting up virtual router system vm"
-
- #To save router public interface and gw ip information
- touch /var/cache/cloud/ifaceGwIp
-
- oldmd5=
- [ -f "/etc/udev/rules.d/70-persistent-net.rules" ] && oldmd5=$(md5sum "/etc/udev/rules.d/70-persistent-net.rules" | awk '{print $1}')
-
- if [ -n "$ETH2_IP" ]
- then
- setup_common eth0 eth1 eth2
-
- if [ -n "$EXTRA_PUBNICS" ]
- then
- for((i = 3; i < 3 + $EXTRA_PUBNICS; i++))
- do
- setup_interface "$i" "0.0.0.0" "255.255.255.255" $GW "force"
- done
- fi
- else
- setup_common eth0 eth1
- if [ -n "$EXTRA_PUBNICS" ]
- then
- for((i = 2; i < 2 + $EXTRA_PUBNICS; i++))
- do
- setup_interface "$i" "0.0.0.0" "255.255.255.255" $GW "force"
- done
- fi
- fi
-
- # Moved to Cs Python code
- #if [ -n "$ETH2_IP" -a "$RROUTER" == "1" ]
- #then
- #setup_redundant_router
- #fi
-
- log_it "Checking udev NIC assignment order changes"
- if [ "$NIC_MACS" != "" ]
- then
- init_interfaces_orderby_macs "$NIC_MACS" "/tmp/interfaces" "/tmp/udev-rules"
- newmd5=$(md5sum "/tmp/udev-rules" | awk '{print $1}')
- rm /tmp/interfaces
- rm /tmp/udev-rules
-
- if [ "$oldmd5" != "$newmd5" ]
- then
- log_it "udev NIC assignment requires reboot to take effect"
- sync
- sleep 2
- reboot
- fi
- fi
-
- setup_aesni
- setup_dnsmasq
- setup_apache2 $ETH0_IP
-
- sed -i /gateway/d /etc/hosts
- echo "$ETH0_IP $NAME" >> /etc/hosts
-
-
- systemctl enable dnsmasq haproxy cloud-passwd-srvr
- systemctl restart dnsmasq haproxy cloud-passwd-srvr
- enable_irqbalance 1
- disable_rpfilter_domR
- enable_fwding 1
- enable_rpsrfs 1
- systemctl disable nfs-common
- cp /etc/iptables/iptables-router /etc/iptables/rules.v4
-#for old templates
- cp /etc/iptables/iptables-router /etc/iptables/rules
- setup_sshd $ETH1_IP "eth1"
- load_modules
-
- #Only allow DNS service for current network
- sed -i "s/-A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p udp -m udp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules.v4
- sed -i "s/-A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p udp -m udp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules
- sed -i "s/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules.v4
- sed -i "s/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules
-
- #setup hourly logrotate
- mv -n /etc/cron.daily/logrotate /etc/cron.hourly 2>&1
-
-}
-
-
-
-setup_vpcrouter() {
- log_it "Setting up VPC virtual router system vm"
-
- if [ -f /etc/hosts ]; then
- grep -q $NAME /etc/hosts || echo "127.0.0.1 $NAME" >> /etc/hosts;
- fi
-
- cat > /etc/network/interfaces << EOF
-auto lo eth0
-iface lo inet loopback
-EOF
- setup_interface "0" $ETH0_IP $ETH0_MASK $GW
-
- echo $NAME > /etc/hostname
- echo 'AVAHI_DAEMON_DETECT_LOCAL=0' > /etc/default/avahi-daemon
- hostname $NAME
-
- #Nameserver
- sed -i -e "/^nameserver.*$/d" /etc/resolv.conf # remove previous entries
- sed -i -e "/^nameserver.*$/d" /etc/dnsmasq-resolv.conf # remove previous entries
- if [ -n "$internalNS1" ]
- then
- echo "nameserver $internalNS1" > /etc/dnsmasq-resolv.conf
- echo "nameserver $internalNS1" > /etc/resolv.conf
- fi
-
- if [ -n "$internalNS2" ]
- then
- echo "nameserver $internalNS2" >> /etc/dnsmasq-resolv.conf
- echo "nameserver $internalNS2" >> /etc/resolv.conf
- fi
- if [ -n "$NS1" ]
- then
- echo "nameserver $NS1" >> /etc/dnsmasq-resolv.conf
- echo "nameserver $NS1" >> /etc/resolv.conf
- fi
-
- if [ -n "$NS2" ]
- then
- echo "nameserver $NS2" >> /etc/dnsmasq-resolv.conf
- echo "nameserver $NS2" >> /etc/resolv.conf
- fi
- if [ -n "$MGMTNET" -a -n "$LOCAL_GW" ]
- then
- if [ "$hyp" == "vmware" ] || [ "$hyp" == "hyperv" ];
- then
- ip route add $MGMTNET via $LOCAL_GW dev eth0
-
- # a hacking way to activate vSwitch under VMware
- ping -n -c 3 $LOCAL_GW &
- sleep 3
- pkill ping
- fi
- fi
-
- ip route delete default
- # create route table for static route
-
- sudo echo "252 static_route" >> /etc/iproute2/rt_tables 2>/dev/null
- sudo echo "251 static_route_back" >> /etc/iproute2/rt_tables 2>/dev/null
- sudo ip rule add from $VPCCIDR table static_route 2>/dev/null
- sudo ip rule add from $VPCCIDR table static_route_back 2>/dev/null
-
- setup_vpc_apache2
-
- systemctl enable dnsmasq haproxy cloud-passwd-srvr
- enable_irqbalance 1
- enable_vpc_rpsrfs 1
- disable_rpfilter
- enable_fwding 1
- cp /etc/iptables/iptables-vpcrouter /etc/iptables/rules.v4
- cp /etc/iptables/iptables-vpcrouter /etc/iptables/rules
- setup_sshd $ETH0_IP "eth0"
- cp /etc/vpcdnsmasq.conf /etc/dnsmasq.conf
- cp /etc/cloud-nic.rules /etc/udev/rules.d/cloud-nic.rules
- echo "" > /etc/dnsmasq.d/dhcphosts.txt
- echo "dhcp-hostsfile=/etc/dhcphosts.txt" > /etc/dnsmasq.d/cloud.conf
-
- [ -z $DOMAIN ] && DOMAIN="cloudnine.internal"
- #DNS server will append $DOMAIN to local queries
- sed -r -i s/^[#]?domain=.*$/domain=$DOMAIN/ /etc/dnsmasq.conf
- #answer all local domain queries
- sed -i -e "s/^[#]*local=.*$/local=\/$DOMAIN\//" /etc/dnsmasq.conf
-
- command -v dhcp_release > /dev/null 2>&1
- no_dhcp_release=$?
- if [ $no_dhcp_release -eq 0 ]
- then
- echo 1 > /var/cache/cloud/dnsmasq_managed_lease
- sed -i -e "/^leasefile-ro/d" /etc/dnsmasq.conf
- else
- echo 0 > /var/cache/cloud/dnsmasq_managed_lease
- fi
- load_modules
-
- systemctl restart dnsmasq haproxy cloud-passwd-srvr
-
- #setup hourly logrotate
- mv -n /etc/cron.daily/logrotate /etc/cron.hourly 2>&1
-
-}
-
-
-
-setup_dhcpsrvr() {
- log_it "Setting up dhcp server system vm"
- setup_common eth0 eth1
- setup_dnsmasq
- setup_apache2 $ETH0_IP
-
- sed -i /gateway/d /etc/hosts
- [ $ETH0_IP ] && echo "$ETH0_IP $NAME" >> /etc/hosts
- [ $ETH0_IP6 ] && echo "$ETH0_IP6 $NAME" >> /etc/hosts
-
- systemctl enable dnsmasq cloud-passwd-srvr
- systemctl restart dnsmasq cloud-passwd-srvr
- enable_irqbalance 0
- enable_fwding 0
- systemctl disable nfs-common
-
- cp /etc/iptables/iptables-router /etc/iptables/rules.v4
- cp /etc/iptables/iptables-router /etc/iptables/rules
-
- #Only allow DNS service for current network
- sed -i "s/-A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p udp -m udp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules.v4
- sed -i "s/-A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p udp -m udp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules
- sed -i "s/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules.v4
- sed -i "s/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules
-
- if [ "$SSHONGUEST" == "true" ]
- then
- setup_sshd $ETH0_IP "eth0"
- else
- setup_sshd $ETH1_IP "eth1"
- fi
-}
-
-setup_storage_network() {
- if [ x"$STORAGE_IP" == "x" -o x"$STORAGE_NETMASK" == "x" ]
- then
- log_it "Incompleted parameters STORAGE_IP:$STORAGE_IP, STORAGE_NETMASK:$STORAGE_NETMASK, STORAGE_CIDR:$STORAGE_CIDR. Cannot setup storage network"
- return
- fi
-
- echo "" >> /etc/network/interfaces
- echo "auto eth3" >> /etc/network/interfaces
-
- setup_interface "3" "$STORAGE_IP" "$STORAGE_NETMASK"
- [ -n "$MTU" ] && ifconfig eth3 mtu $MTU && echo " mtu $MTU" >> /etc/network/interfaces
- #ip route add "$STORAGE_CIDR" via "$STORAGE_IP"
- log_it "Successfully setup storage network with STORAGE_IP:$STORAGE_IP, STORAGE_NETMASK:$STORAGE_NETMASK, STORAGE_CIDR:$STORAGE_CIDR"
-}
-
-setup_system_rfc1918_internal() {
- public_ip=`getPublicIp`
- echo "$public_ip" | grep -E "^((127\.)|(10\.)|(172\.1[6-9]\.)|(172\.2[0-9]\.)|(172\.3[0-1]\.)|(192\.168\.))"
- if [ "$?" == "0" ]; then
- log_it "Not setting up route of RFC1918 space to $LOCAL_GW befause $public_ip is RFC1918."
- else
- log_it "Setting up route of RFC1918 space to $LOCAL_GW"
- # Setup general route for RFC 1918 space, as otherwise it will be sent to
- # the public gateway and not work
- # More specific routes that may be set have preference over this generic route.
- ip route add 10.0.0.0/8 via $LOCAL_GW
- ip route add 172.16.0.0/12 via $LOCAL_GW
- ip route add 192.168.0.0/16 via $LOCAL_GW
- fi
-}
-
-getPublicIp() {
- public_ip=$ETH2_IP
- [ "$ETH2_IP" == "0.0.0.0" ] && public_ip=$ETH1_IP
- echo $public_ip
-}
-
-setup_ntp() {
- log_it "Setting up NTP"
- NTP_CONF_FILE="/etc/ntp.conf"
- if [ -f $NTP_CONF_FILE ]
- then
- IFS=',' read -a server_list <<< "$NTP_SERVER_LIST"
- for (( iterator=${#server_list[@]}-1 ; iterator>=0 ; iterator-- ))
- do
- server=$(echo ${server_list[iterator]} | tr -d '\r')
- PATTERN="server $server"
- if grep -q "^$PATTERN$" $NTP_CONF_FILE ; then
- sed -i "/^$PATTERN$/d" $NTP_CONF_FILE
- fi
- sed -i "0,/^server/s//$PATTERN\nserver/" $NTP_CONF_FILE
- done
- systemctl restart ntp
- else
- log_it "NTP configuration file not found"
- fi
-}
-
-setup_secstorage() {
- log_it "Setting up secondary storage system vm"
- sysctl vm.min_free_kbytes=8192
- local hyp=$1
- setup_common eth0 eth1 eth2
- setup_storage_network
- setup_system_rfc1918_internal
- sed -i /gateway/d /etc/hosts
- public_ip=`getPublicIp`
- echo "$public_ip $NAME" >> /etc/hosts
-
- cp /etc/iptables/iptables-secstorage /etc/iptables/rules.v4
- cp /etc/iptables/iptables-secstorage /etc/iptables/rules
- if [ "$hyp" == "vmware" ] || [ "$hyp" == "hyperv" ]; then
- setup_sshd $ETH1_IP "eth1"
- else
- setup_sshd $ETH0_IP "eth0"
- fi
- setup_apache2 $ETH2_IP
-
- # Deprecated, should move to Cs Python all of it
- sed -e "s/<VirtualHost .*:80>/<VirtualHost $ETH2_IP:80>/" \
- -e "s/<VirtualHost .*:443>/<VirtualHost $ETH2_IP:443>/" \
- -e "s/Listen .*:80/Listen $ETH2_IP:80/g" \
- -e "s/Listen .*:443/Listen $ETH2_IP:443/g" \
- -e "s/NameVirtualHost .*:80/NameVirtualHost $ETH2_IP:80/g" /etc/apache2/vhost.template > /etc/apache2/sites-enabled/vhost-${ETH2_IP}.conf
-
- log_it "setting up apache2 for post upload of volume/template"
- a2enmod proxy
- a2enmod proxy_http
- a2enmod headers
-
- cat >/etc/apache2/cors.conf <<CORS
-RewriteEngine On
-RewriteCond %{HTTPS} =on
-RewriteCond %{REQUEST_METHOD} =POST
-RewriteRule ^/upload/(.*) http://127.0.0.1:8210/upload?uuid=\$1 [P,L]
-Header always set Access-Control-Allow-Origin "*"
-Header always set Access-Control-Allow-Methods "POST, OPTIONS"
-Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token, x-signature, x-metadata, x-expires"
-CORS
-
- disable_rpfilter
- enable_fwding 0
- systemctl disable haproxy dnsmasq cloud-passwd-srvr
- systemctl enable cloud apache2
- systemctl restart cloud apache2
- enable_irqbalance 0
- rm /etc/logrotate.d/cloud
- setup_ntp
-}
-
-setup_console_proxy() {
- log_it "Setting up console proxy system vm"
- local hyp=$1
- setup_common eth0 eth1 eth2
- setup_system_rfc1918_internal
- public_ip=`getPublicIp`
- sed -i /gateway/d /etc/hosts
- echo "$public_ip $NAME" >> /etc/hosts
- cp /etc/iptables/iptables-consoleproxy /etc/iptables/rules.v4
- cp /etc/iptables/iptables-consoleproxy /etc/iptables/rules
- if [ "$hyp" == "vmware" ] || [ "$hyp" == "hyperv" ]; then
- setup_sshd $ETH1_IP "eth1"
- else
- setup_sshd $ETH0_IP "eth0"
+ [ -f $privkey ] && cp -f $privkey /root/.ssh/ && chmod go-rwx /root/.ssh/authorized_keys
+ umount $PATCH_MOUNT
fi
- systemctl enable cloud
- disable_rpfilter
- enable_fwding 0
- enable_irqbalance 0
- systemctl disable nfs-common
- rm /etc/logrotate.d/cloud
-}
-
-setup_elbvm() {
- log_it "Setting up Elastic Load Balancer system vm"
- local hyp=$1
- setup_common eth0 eth1
- sed -i /gateway/d /etc/hosts
- public_ip=$ETH2_IP
- [ "$ETH2_IP" == "0.0.0.0" ] || [ "$ETH2_IP" == "" ] && public_ip=$ETH0_IP
- echo "$public_ip $NAME" >> /etc/hosts
-
- cp /etc/iptables/iptables-elbvm /etc/iptables/rules.v4
- cp /etc/iptables/iptables-elbvm /etc/iptables/rules
- if [ "$SSHONGUEST" == "true" ]
- then
- setup_sshd $ETH0_IP "eth0"
- else
- setup_sshd $ETH1_IP "eth1"
+ if [ -f /mnt/cmdline ]; then
+ cat /mnt/cmdline > $CMDLINE
fi
-
- enable_fwding 0
- enable_irqbalance 0
- systemctl disable nfs-common
- systemctl disable portmap
-}
-
-setup_ilbvm() {
- log_it "Setting up Internal Load Balancer system vm"
- local hyp=$1
- setup_common eth0 eth1
- #eth0 = guest network, eth1=control network
-
- sed -i /$NAME/d /etc/hosts
- echo "$ETH0_IP $NAME" >> /etc/hosts
- cp /etc/iptables/iptables-ilbvm /etc/iptables/rules.v4
- cp /etc/iptables/iptables-ilbvm /etc/iptables/rules
- setup_sshd $ETH1_IP "eth1"
-
- enable_fwding 0
- systemctl enable haproxy
- enable_irqbalance 1
- systemctl disable nfs-common
- systemctl disable portmap
-}
-
-setup_default() {
- cat > /etc/network/interfaces << EOF
-auto lo
-iface lo inet loopback
-EOF
- cp -f /etc/iptables/rt_tables_init /etc/iproute2/rt_tables
-}
-
-change_password() {
- if [ x"$VM_PASSWORD" != x"" ]
- then
- echo "root:$VM_PASSWORD" | chpasswd
- fi
+ return 0
}
start() {
# Clear /tmp for file lock
rm -f /tmp/*.lock
rm -f /tmp/rrouter_bumped
- local hyp=$(hypervisor)
+ rm -f /root/.rnd
+ echo "" > /root/.ssh/known_hosts
+
+ export HYPERVISOR=$(hypervisor)
[ $? -ne 0 ] && log_it "Failed to detect hypervisor type, bailing out of early init" && exit 10
- log_it "Detected that we are running inside $hyp guest"
+ log_it "Detected that we are running inside $HYPERVISOR"
+
+ config_guest
get_boot_params
+ get_systemvm_type
patch
- patch_log4j
- parse_cmd_line
- change_password
- case $TYPE in
- router)
- [ "$NAME" == "" ] && NAME=router
- setup_router
- if [ -x /opt/cloud/bin/update_config.py ]
- then
- /opt/cloud/bin/update_config.py cmd_line.json
- fi
- ;;
- vpcrouter)
- [ "$NAME" == "" ] && NAME=vpcrouter
- setup_vpcrouter
- if [ -x /opt/cloud/bin/update_config.py ]
- then
- /opt/cloud/bin/update_config.py cmd_line.json
- fi
- ;;
- dhcpsrvr)
- [ "$NAME" == "" ] && NAME=dhcpsrvr
- setup_dhcpsrvr
- if [ -x /opt/cloud/bin/update_config.py ]
- then
- /opt/cloud/bin/update_config.py cmd_line.json
- fi
- ;;
- secstorage)
- [ "$NAME" == "" ] && NAME=secstorage
- setup_secstorage $hyp;
- ;;
- consoleproxy)
- [ "$NAME" == "" ] && NAME=consoleproxy
- setup_console_proxy $hyp;
- ;;
- elbvm)
- [ "$NAME" == "" ] && NAME=elb
- setup_elbvm
- ;;
- ilbvm)
- [ "$NAME" == "" ] && NAME=ilb
- setup_ilbvm
- ;;
- unknown)
- [ "$NAME" == "" ] && NAME=systemvm
- setup_default;
- ;;
- esac
- if [ "$hyp" == "hyperv" ]; then
- # eject the systemvm.iso
- eject
- fi
- return 0
-}
+ sync
+ sysctl -p
-disable_hvc
+ log_it "Configuring systemvm type=$TYPE"
-parse_cmd_line() {
-CMDLINE=$(cat /var/cache/cloud/cmdline)
-TYPE="unknown"
-BOOTPROTO="static"
-DISABLE_RP_FILTER="false"
-STORAGE_IP=""
-STORAGE_NETMASK=""
-STORAGE_CIDR=""
-VM_PASSWORD=""
+ if [ -f "/opt/cloud/bin/setup/$TYPE.sh" ]; then
+ /opt/cloud/bin/setup/$TYPE.sh
+ else
+ /opt/cloud/bin/setup/default.sh
+ fi
-CHEF_TMP_FILE=/tmp/cmdline.json
-COMMA="\t"
-echo -e "{\n\"type\": \"cmdline\"," > ${CHEF_TMP_FILE}
-echo -e "\n\"cmd_line\": {" >> ${CHEF_TMP_FILE}
+ log_it "Finished setting up systemvm"
-for i in $CMDLINE
- do
- # search for foo=bar pattern and cut out foo
- KEY=$(echo $i | cut -d= -f1)
- VALUE=$(echo $i | cut -d= -f2)
- echo -en ${COMMA} >> ${CHEF_TMP_FILE}
- # Two lines so values do not accidently interpretted as escapes!!
- echo -n \"${KEY}\"': '\"${VALUE}\" >> ${CHEF_TMP_FILE}
- COMMA=",\n\t"
- case $KEY in
- disable_rp_filter)
- DISABLE_RP_FILTER=$VALUE
- ;;
- eth0ip)
- ETH0_IP=$VALUE
- ;;
- eth1ip)
- ETH1_IP=$VALUE
- ;;
- eth2ip)
- ETH2_IP=$VALUE
- ;;
- host)
- MGMT_HOST=$VALUE
- ;;
- gateway)
- GW=$VALUE
- ;;
- ip6gateway)
- IP6GW=$VALUE
- ;;
- eth0mask)
- ETH0_MASK=$VALUE
- ;;
- eth1mask)
- ETH1_MASK=$VALUE
- ;;
- eth2mask)
- ETH2_MASK=$VALUE
- ;;
- eth0ip6)
- ETH0_IP6=$VALUE
- ;;
- eth0ip6prelen)
- ETH0_IP6_PRELEN=$VALUE
- ;;
- internaldns1)
- internalNS1=$VALUE
- ;;
- internaldns2)
- internalNS2=$VALUE
- ;;
- dns1)
- NS1=$VALUE
- ;;
- dns2)
- NS2=$VALUE
- ;;
- ip6dns1)
- IP6_NS1=$VALUE
- ;;
- ip6dns2)
- IP6_NS2=$VALUE
- ;;
- domain)
- DOMAIN=$VALUE
- ;;
- dnssearchorder)
- DNS_SEARCH_ORDER=$VALUE
- ;;
- useextdns)
- USE_EXTERNAL_DNS=$VALUE
- ;;
- mgmtcidr)
- MGMTNET=$VALUE
- ;;
- localgw)
- LOCAL_GW=$VALUE
- ;;
- template)
- TEMPLATE=$VALUE
- ;;
- sshonguest)
- SSHONGUEST=$VALUE
- ;;
- name)
- NAME=$VALUE
- ;;
- dhcprange)
- DHCP_RANGE=$(echo $VALUE | tr ':' ',')
- ;;
- bootproto)
- BOOTPROTO=$VALUE
- ;;
- type)
- TYPE=$VALUE
- ;;
- defaultroute)
- DEFAULTROUTE=$VALUE
- ;;
- redundant_router)
- RROUTER=$VALUE
- ;;
- guestgw)
- GUEST_GW=$VALUE
- ;;
- guestbrd)
- GUEST_BRD=$VALUE
- ;;
- guestcidrsize)
- GUEST_CIDR_SIZE=$VALUE
- ;;
- router_pr)
- ROUTER_PR=$VALUE
- ;;
- extra_pubnics)
- EXTRA_PUBNICS=$VALUE
- ;;
- nic_macs)
- NIC_MACS=$VALUE
- ;;
- mtu)
- MTU=$VALUE
- ;;
- storageip)
- STORAGE_IP=$VALUE
- ;;
- storagenetmask)
- STORAGE_NETMASK=$VALUE
- ;;
- storagecidr)
- STORAGE_CIDR=$VALUE
- ;;
- vmpassword)
- VM_PASSWORD=$VALUE
- ;;
- vpccidr)
- VPCCIDR=$VALUE
- ;;
- cidrsize)
- CIDR_SIZE=$VALUE
- ;;
- advert_int)
- ADVERT_INT=$VALUE
- ;;
- ntpserverlist)
- NTP_SERVER_LIST=$VALUE
- ;;
- esac
-done
-echo -e "\n\t}\n}" >> ${CHEF_TMP_FILE}
-if [ "$TYPE" != "unknown" ]
-then
- mv ${CHEF_TMP_FILE} /var/cache/cloud/cmd_line.json
-fi
-
-[ $ETH0_IP ] && LOCAL_ADDRS=$ETH0_IP
-[ $ETH0_IP6 ] && LOCAL_ADDRS=$ETH0_IP6
-[ $ETH0_IP ] && [ $ETH0_IP6 ] && LOCAL_ADDRS="$ETH0_IP,$ETH0_IP6"
+ return 0
}
case "$1" in
-start)
-
- log_action_begin_msg "Executing cloud-early-config"
- log_it "Executing cloud-early-config"
- if start; then
- log_action_end_msg $?
- else
- log_action_end_msg $?
- fi
- ;;
-
-stop)
- log_action_begin_msg "Stopping cloud-early-config"
- #Override old system's interface setting
- setup_default;
- log_action_end_msg 0
- ;;
-
-force-reload|restart)
-
- log_warning_msg "Running $0 is deprecated because it may not enable again some interfaces"
- log_action_begin_msg "Executing cloud-early-config"
- if start; then
- log_action_end_msg $?
- else
- log_action_end_msg $?
- fi
- ;;
+ start)
+ log_action_begin_msg "Executing cloud-early-config"
+ log_it "Executing cloud-early-config"
+ if start; then
+ log_action_end_msg $?
+ else
+ log_action_end_msg $?
+ fi
+ ;;
+
+ stop)
+ log_action_begin_msg "Stopping cloud-early-config"
+ #Override old system's interface setting
+ setup_default;
+ log_action_end_msg 0
+ ;;
+
+ force-reload|restart)
+ log_warning_msg "Running $0 is deprecated because it may not enable again some interfaces"
+ log_action_begin_msg "Executing cloud-early-config"
+ if start; then
+ log_action_end_msg $?
+ else
+ log_action_end_msg $?
+ fi
+ ;;
-*)
- echo "Usage: /etc/init.d/cloud-early-config {start|stop}"
- exit 1
- ;;
+ *)
+ echo "Usage: /etc/init.d/cloud-early-config {start|stop}"
+ exit 1
+ ;;
esac
exit 0
diff --git a/systemvm/patches/debian/config/etc/init.d/cloud-passwd-srvr b/systemvm/patches/debian/config/etc/init.d/cloud-passwd-srvr
index c089e72..05e2f37 100755
--- a/systemvm/patches/debian/config/etc/init.d/cloud-passwd-srvr
+++ b/systemvm/patches/debian/config/etc/init.d/cloud-passwd-srvr
@@ -24,9 +24,6 @@
# specific language governing permissions and limitations
# under the License.
-ENABLED=0
-[ -e /etc/default/cloud-passwd-srvr ] && . /etc/default/cloud-passwd-srvr
-
add_iptables_rules()
{
#Delete any old iptables rule for port 8080 on eth0
@@ -72,7 +69,6 @@ remove_iptables_rules()
}
start() {
- [ "$ENABLED" != 0 ] || exit 0
pid=$(getpid)
[ "$pid" != "" ] && echo "Password server is already running (pid=$pid)" && return 0
add_iptables_rules
diff --git a/systemvm/patches/debian/config/etc/init.d/postinit b/systemvm/patches/debian/config/etc/init.d/postinit
deleted file mode 100755
index ddbcb08..0000000
--- a/systemvm/patches/debian/config/etc/init.d/postinit
+++ /dev/null
@@ -1,176 +0,0 @@
-#!/bin/bash -e
-### BEGIN INIT INFO
-# Provides: postinit
-# Required-Start: $local_fs cloud-early-config
-# Required-Stop: $local_fs
-# Default-Start: 2 3 4 5
-# Default-Stop: 0 1 6
-# Short-Description: post-init
-### END INIT INFO
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-replace_in_file() {
- local filename=$1
- local keyname=$2
- local value=$3
- sed -i /$keyname=/d $filename
- echo "$keyname=$value" >> $filename
- return $?
-}
-
-setup_secstorage() {
- public_ip=$ETH2_IP
- sed -i /$NAME/d /etc/hosts
- echo "$public_ip $NAME" >> /etc/hosts
- [ -f /etc/httpd/conf/httpd.conf ] && sed -i -e "s/^Listen.*:80$/Listen $public_ip:80/" /etc/httpd/conf/httpd.conf
- [ -f /etc/httpd/conf/httpd.conf ] && sed -i -e "s/^Listen.*:443$/Listen $public_ip:443/" /etc/httpd/conf/httpd.conf
-}
-
-setup_console_proxy() {
- public_ip=$ETH2_IP
- sed -i /$NAME/d /etc/hosts
- echo "$public_ip $NAME" >> /etc/hosts
-}
-
-setup_redundant_router() {
- if [ "$RROUTER" != "1" ]
- then
- return 1
- fi
- rrouter_bin_path="/ramdisk/rrouter"
- eth2mac=`ip link show eth2 | awk '/ether/ {print $2}'`
- sed -i "s/\[ETH2MAC\]/$eth2mac/g" $rrouter_bin_path/enable_pubip.sh
-}
-
-start() {
- case $TYPE in
- secstorage)
- [ "$NAME" == "" ] && NAME=secstorage
- setup_secstorage;
- ;;
- consoleproxy)
- [ "$NAME" == "" ] && NAME=consoleproxy
- setup_console_proxy;
- ;;
- router)
- [ "$NAME" == "" ] && NAME=router
- setup_redundant_router;
- ;;
-
- esac
-}
-
-stop() {
- echo ""
-}
-
-status() {
- echo ""
-}
-
-CMDLINE=$(cat /var/cache/cloud/cmdline)
-TYPE="router"
-BOOTPROTO="static"
-
-for i in $CMDLINE
- do
- # search for foo=bar pattern and cut out foo
- KEY=$(echo $i | cut -d= -f1)
- VALUE=$(echo $i | cut -d= -f2)
- case $KEY in
- eth0ip)
- ETH0_IP=$VALUE
- ;;
- eth1ip)
- ETH1_IP=$VALUE
- ;;
- eth2ip)
- ETH2_IP=$VALUE
- ;;
- gateway)
- GW=$VALUE
- ;;
- eth0mask)
- ETH0_MASK=$VALUE
- ;;
- eth1mask)
- ETH1_MASK=$VALUE
- ;;
- eth2mask)
- ETH2_MASK=$VALUE
- ;;
- dns1)
- NS1=$VALUE
- ;;
- dns2)
- NS2=$VALUE
- ;;
- domain)
- DOMAIN=$VALUE
- ;;
- mgmtcidr)
- MGMTNET=$VALUE
- ;;
- localgw)
- LOCAL_GW=$VALUE
- ;;
- template)
- TEMPLATE=$VALUE
- ;;
- name)
- NAME=$VALUE
- ;;
- dhcprange)
- DHCP_RANGE=$(echo $VALUE | tr ':' ',')
- ;;
- bootproto)
- BOOTPROTO=$VALUE
- ;;
- type)
- TYPE=$VALUE
- ;;
- redundant_router)
- RROUTER=$VALUE
- ;;
- esac
-done
-
-if [ "$BOOTPROTO" == "static" -a "$RROUTER" != "1" ]
-then
- exit 0
-fi
-
-ETH1_IP=$(ifconfig eth1|grep 'inet addr:'|cut -d : -f 2|cut -d \ -f 1)
-ETH2_IP=$(ifconfig eth2|grep 'inet addr:'|cut -d : -f 2|cut -d \ -f 1)
-
-
-case "$1" in
- start) start
- ;;
- stop) stop
- ;;
- status) status
- ;;
- restart) stop
- start
- ;;
- *) echo "Usage: $0 {start|stop|status|restart}"
- exit 1
- ;;
-esac
diff --git a/systemvm/patches/debian/config/etc/rc.local b/systemvm/patches/debian/config/etc/rc.local
index c0b1939..bb4e251 100755
--- a/systemvm/patches/debian/config/etc/rc.local
+++ b/systemvm/patches/debian/config/etc/rc.local
@@ -18,47 +18,61 @@
#under the License.
[ ! -f /var/cache/cloud/enabled_svcs ] && touch /var/cache/cloud/enabled_svcs
-for svc in $(cat /var/cache/cloud/enabled_svcs)
+for svc in $(cat /var/cache/cloud/enabled_svcs)
do
logger -t cloud "Starting $svc"
- service $svc start
+ systemctl enable --now $svc
done
[ ! -f /var/cache/cloud/disabled_svcs ] && touch /var/cache/cloud/disabled_svcs
-for svc in $(cat /var/cache/cloud/disabled_svcs)
+for svc in $(cat /var/cache/cloud/disabled_svcs)
do
logger -t cloud "Stopping $svc"
- service $svc stop
+ systemctl disable --now $svc
done
-CMDLINE=$(cat /var/cache/cloud/cmdline)
-router=$(echo "$CMDLINE" | grep -o type=router)
-vpcrouter=$(echo "$CMDLINE" | grep -o type=vpcrouter)
-if [ "$router" != "" ] || [ "$vpcrouter" != "" ]
+#Restore the persistent iptables nat, rules and filters for IPv4 and IPv6 if they exist
+ipv4="/etc/iptables/router_rules.v4"
+if [ -e $ipv4 ]
then
- echo 1000000 > /proc/sys/net/ipv4/netfilter/ip_conntrack_max
- echo 1000000 > /proc/sys/net/netfilter/nf_conntrack_max
- echo 1000000 > /proc/sys/net/nf_conntrack_max
+ iptables-restore < $ipv4
fi
-if [ "$router" != "" ]
+ipv6="/etc/iptables/router_rules.v6"
+if [ -e $ipv6 ]
then
- python /opt/cloud/bin/baremetal-vr.py &
+ iptables-restore < $ipv6
fi
date > /var/cache/cloud/boot_up_done
logger -t cloud "Boot up process done"
-#Restore the persistent iptables nat, rules and filters for IPv4 and IPv6 if they exist
-ipv4="/etc/iptables/router_rules.v4"
-if [ -e $ipv4 ]
+CMDLINE=/var/cache/cloud/cmdline
+for str in $(cat $CMDLINE)
+ do
+ KEY=$(echo $str | cut -d= -f1)
+ VALUE=$(echo $str | cut -d= -f2)
+ case $KEY in
+ type)
+ export TYPE=$VALUE
+ ;;
+ *)
+ ;;
+ esac
+done
+
+if [ "$TYPE" == "router" ]
then
- iptables-restore < $ipv4
+ python /opt/cloud/bin/baremetal-vr.py &
+ logger -t cloud "Started baremetal-vr service"
fi
-ipv6="/etc/iptables/router_rules.v6"
-if [ -e $ipv6 ]
+if [ "$TYPE" == "router" ] || [ "$TYPE" == "vpcrouter" ] || [ "$TYPE" == "dhcpsrvr" ]
then
- iptables-restore < $ipv6
-fi
\ No newline at end of file
+ if [ -x /opt/cloud/bin/update_config.py ]
+ then
+ /opt/cloud/bin/update_config.py cmd_line.json
+ logger -t cloud "Updated config: cmd_line.json"
+ fi
+fi
diff --git a/systemvm/patches/debian/config/etc/sysctl.conf b/systemvm/patches/debian/config/etc/sysctl.conf
index b8a8fe0..91baa5d 100644
--- a/systemvm/patches/debian/config/etc/sysctl.conf
+++ b/systemvm/patches/debian/config/etc/sysctl.conf
@@ -48,7 +48,6 @@ net.ipv4.tcp_syncookies = 1
# disable tcp time stamps
net.ipv4.tcp_timestamps = 0
-net.ipv4.netfilter.ip_conntrack_max = 1000000
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_max_tw_buckets = 1000000
net.core.somaxconn = 65535
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/configure.py b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
index bc5349a..68d1c26 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
@@ -678,13 +678,13 @@ class CsRemoteAccessVpn(CsDataBag):
self.remoteaccessvpn_iptables(public_ip, self.dbag[public_ip])
CsHelper.execute("ipsec update")
- CsHelper.execute("service xl2tpd start")
+ CsHelper.execute("systemctl start xl2tpd")
CsHelper.execute("ipsec rereadsecrets")
else:
logging.debug("Disabling remote access vpn .....")
#disable remote access vpn
CsHelper.execute("ipsec down L2TP-PSK")
- CsHelper.execute("service xl2tpd stop")
+ CsHelper.execute("systemctl stop xl2tpd")
def configure_l2tpIpsec(self, left, obj):
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsApp.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsApp.py
index 9762e04..496a0e7 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsApp.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsApp.py
@@ -49,7 +49,6 @@ class CsApache(CsApp):
file.search("<VirtualHost.*:443>", "\t<VirtualHost %s:443>" % (self.ip))
file.search("Listen .*:80", "Listen %s:80" % (self.ip))
file.search("Listen .*:443", "Listen %s:443" % (self.ip))
- file.search("NameVirtualHost .*:80", "NameVirtualHost %s:80" % (self.ip))
file.search("ServerName.*", "\tServerName %s.%s" % (self.config.cl.get_type(), self.config.get_domain()))
if file.is_changed():
file.commit()
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDhcp.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDhcp.py
index da9e616..b645679 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDhcp.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDhcp.py
@@ -70,8 +70,8 @@ class CsDhcp(CsDataBag):
continue
device = i['dev']
ip = i['ip'].split('/')[0]
- sline = "dhcp-range=interface:%s,set:interface-%s-%s" % (device, device, idx)
- line = "dhcp-range=interface:%s,set:interface-%s-%s,%s,static" % (device, device, idx, ip)
+ sline = "dhcp-range=set:interface-%s-%s" % (device, idx)
+ line = "dhcp-range=set:interface-%s-%s,%s,static" % (device, idx, ip)
self.conf.search(sline, line)
gn = CsGuestNetwork(device, self.config)
sline = "dhcp-option=tag:interface-%s-%s,15" % (device, idx)
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsHelper.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsHelper.py
index d0e512e..7ff32ee 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsHelper.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsHelper.py
@@ -212,14 +212,14 @@ def execute2(command):
def service(name, op):
- execute("service %s %s" % (name, op))
+ execute("systemctl %s %s" % (op, name))
logging.info("Service %s %s" % (name, op))
def start_if_stopped(name):
- ret = execute2("service %s status" % name)
+ ret = execute2("systemctl is-active %s" % name)
if ret.returncode:
- execute2("service %s start" % name)
+ execute2("systemctl start %s" % name)
def hup_dnsmasq(name, user):
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/dnsmasq.sh b/systemvm/patches/debian/config/opt/cloud/bin/dnsmasq.sh
index 8fae25c..11c0ffe 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/dnsmasq.sh
+++ b/systemvm/patches/debian/config/opt/cloud/bin/dnsmasq.sh
@@ -111,7 +111,7 @@ echo -e "$dns_option" >> "$DHCP_CONFIG"
#restart the dnsmasq
-service dnsmasq restart
+systemctl restart dnsmasq
result=$?
if [ "$result" -ne "0" ]
then
@@ -122,7 +122,7 @@ then
cp "$DHCP_CONFIG_MAIN" "$DHCP_FAILURE_CONFIG_MAIN"
cp "$DHCP_CONFIG_BAK" "$DHCP_CONFIG"
cp "$DHCP_CONFIG_MAIN_BAK" "$DHCP_CONFIG_MAIN"
- service dnsmasq restart
+ systemctl restart dnsmasq
unlock_exit $result $lock $locked
fi
rm "$DHCP_CONFIG_BAK"
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/edithosts.sh b/systemvm/patches/debian/config/opt/cloud/bin/edithosts.sh
index f0d9c00..ab3f539 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/edithosts.sh
+++ b/systemvm/patches/debian/config/opt/cloud/bin/edithosts.sh
@@ -215,7 +215,7 @@ then
then
kill -HUP $pid
else
- service dnsmasq restart
+ systemctl restart dnsmasq
fi
else
if [ $no_redundant -eq 1 ]
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh b/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh
index e0af6a2..20caec5 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh
+++ b/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh
@@ -29,15 +29,15 @@ usage() {
#set -x
start_ipsec() {
- service ipsec status > /dev/null
+ systemctl is-active ipsec > /dev/null
if [ $? -ne 0 ]
then
- service ipsec start > /dev/null
+ systemctl start ipsec > /dev/null
#Wait until ipsec started, 5 seconds at most
for i in {1..5}
do
logger -t cloud "$(basename $0): waiting ipsec start..."
- service ipsec status > /dev/null
+ systemctl is-active ipsec > /dev/null
result=$?
if [ $result -eq 0 ]
then
@@ -46,7 +46,7 @@ start_ipsec() {
sleep 1
done
fi
- service ipsec status > /dev/null
+ systemctl is-active ipsec > /dev/null
return $?
}
@@ -139,36 +139,36 @@ ipsec_tunnel_add() {
check_and_enable_iptables
- sudo echo "conn vpn-$rightpeer" > $vpnconffile &&
- sudo echo " left=$leftpeer" >> $vpnconffile &&
- sudo echo " leftsubnet=$leftnet" >> $vpnconffile &&
- sudo echo " leftnexthop=$leftnexthop" >> $vpnconffile &&
- sudo echo " right=$rightpeer" >> $vpnconffile &&
- sudo echo " rightsubnets={$rightnets}" >> $vpnconffile &&
- sudo echo " type=tunnel" >> $vpnconffile &&
- sudo echo " authby=secret" >> $vpnconffile &&
- sudo echo " keyexchange=ike" >> $vpnconffile &&
- sudo echo " ike=$ikepolicy" >> $vpnconffile &&
- sudo echo " ikelifetime=${ikelifetime}s" >> $vpnconffile &&
- sudo echo " esp=$esppolicy" >> $vpnconffile &&
- sudo echo " salifetime=${esplifetime}s" >> $vpnconffile &&
- sudo echo " pfs=$pfs" >> $vpnconffile &&
- sudo echo " keyingtries=2" >> $vpnconffile &&
- sudo echo " auto=start" >> $vpnconffile &&
- sudo echo "$leftpeer $rightpeer: PSK \"$secret\"" > $vpnsecretsfile &&
- sudo chmod 0400 $vpnsecretsfile
+ sudo echo "conn vpn-$rightpeer" > $vpnconffile &&
+ sudo echo " left=$leftpeer" >> $vpnconffile &&
+ sudo echo " leftsubnet=$leftnet" >> $vpnconffile &&
+ sudo echo " leftnexthop=$leftnexthop" >> $vpnconffile &&
+ sudo echo " right=$rightpeer" >> $vpnconffile &&
+ sudo echo " rightsubnets={$rightnets}" >> $vpnconffile &&
+ sudo echo " type=tunnel" >> $vpnconffile &&
+ sudo echo " authby=secret" >> $vpnconffile &&
+ sudo echo " keyexchange=ike" >> $vpnconffile &&
+ sudo echo " ike=$ikepolicy" >> $vpnconffile &&
+ sudo echo " ikelifetime=${ikelifetime}s" >> $vpnconffile &&
+ sudo echo " esp=$esppolicy" >> $vpnconffile &&
+ sudo echo " salifetime=${esplifetime}s" >> $vpnconffile &&
+ sudo echo " pfs=$pfs" >> $vpnconffile &&
+ sudo echo " keyingtries=2" >> $vpnconffile &&
+ sudo echo " auto=start" >> $vpnconffile &&
+ sudo echo "$leftpeer $rightpeer: PSK \"$secret\"" > $vpnsecretsfile &&
+ sudo chmod 0400 $vpnsecretsfile
- if [ $dpd -ne 0 ]
- then
- sudo echo " dpddelay=30" >> $vpnconffile &&
- sudo echo " dpdtimeout=120" >> $vpnconffile &&
- sudo echo " dpdaction=restart" >> $vpnconffile
- fi
+ if [ $dpd -ne 0 ]
+ then
+ sudo echo " dpddelay=30" >> $vpnconffile &&
+ sudo echo " dpdtimeout=120" >> $vpnconffile &&
+ sudo echo " dpdaction=restart" >> $vpnconffile
+ fi
- enable_iptables_subnets
+ enable_iptables_subnets
- sudo ipsec auto --rereadall
- sudo ipsec auto --add vpn-$rightpeer
+ sudo ipsec auto --rereadall
+ sudo ipsec auto --add vpn-$rightpeer
logger -t cloud "$(basename $0): done ipsec tunnel entry for right peer=$rightpeer right networks=$rightnets"
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/passwd_server_ip b/systemvm/patches/debian/config/opt/cloud/bin/passwd_server_ip
index 5e15a19..ce21b53 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/passwd_server_ip
+++ b/systemvm/patches/debian/config/opt/cloud/bin/passwd_server_ip
@@ -16,9 +16,8 @@
# specific language governing permissions and limitations
# under the License.
-. /etc/default/cloud-passwd-srvr
addr=$1;
-while [ "$ENABLED" == "1" ]
+while true
do
python /opt/cloud/bin/passwd_server_ip.py $addr >/dev/null 2>/dev/null
rc=$?
@@ -27,5 +26,4 @@ do
logger -t cloud "Password server failed with error code $rc. Restarting it..."
sleep 3
fi
- . /etc/default/cloud-passwd-srvr
done
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/patchsystemvm.sh b/systemvm/patches/debian/config/opt/cloud/bin/patchsystemvm.sh
deleted file mode 100755
index 81a1b14..0000000
--- a/systemvm/patches/debian/config/opt/cloud/bin/patchsystemvm.sh
+++ /dev/null
@@ -1,262 +0,0 @@
-#/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-#set -x
-logfile="/var/log/patchsystemvm.log"
-# To use existing console proxy .zip-based package file
-patch_console_proxy() {
- local patchfile=$1
- local backupfolder="/tmp/.conf.backup"
- if [ -f /usr/local/cloud/systemvm/conf/cloud.jks ]; then
- rm -fr $backupfolder
- mkdir -p $backupfolder
- cp -r /usr/local/cloud/systemvm/conf/* $backupfolder/
- fi
- rm /usr/local/cloud/systemvm -rf
- mkdir -p /usr/local/cloud/systemvm
- echo "All" | unzip $patchfile -d /usr/local/cloud/systemvm >$logfile 2>&1
- find /usr/local/cloud/systemvm/ -name \*.sh | xargs chmod 555
- if [ -f $backupfolder/cloud.jks ]; then
- cp -r $backupfolder/* /usr/local/cloud/systemvm/conf/
- echo "Restored keystore file and certs using backup" >> $logfile
- fi
- rm -fr $backupfolder
- return 0
-}
-
-consoleproxy_svcs() {
- systemctl enable cloud
- systemctl enable postinit
- systemctl disable cloud-passwd-srvr
- systemctl disable haproxy
- systemctl disable dnsmasq
- systemctl enable ssh
- systemctl disable apache2
- systemctl disable nfs-common
- systemctl disable portmap
- systemctl disable keepalived
- systemctl disable conntrackd
- echo "cloud postinit ssh" > /var/cache/cloud/enabled_svcs
- echo "cloud-passwd-srvr haproxy dnsmasq apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
- mkdir -p /var/log/cloud
-}
-
-secstorage_svcs() {
- systemctl enable cloud on
- systemctl enable postinit on
- systemctl disable cloud-passwd-srvr
- systemctl disable haproxy
- systemctl disable dnsmasq
- systemctl enable portmap
- systemctl enable nfs-common
- systemctl enable ssh
- systemctl disable apache2
- systemctl disable keepalived
- systemctl disable conntrackd
- echo "cloud postinit ssh nfs-common portmap" > /var/cache/cloud/enabled_svcs
- echo "cloud-passwd-srvr haproxy dnsmasq" > /var/cache/cloud/disabled_svcs
- mkdir -p /var/log/cloud
-}
-
-routing_svcs() {
- grep "redundant_router=1" /var/cache/cloud/cmdline > /dev/null
- RROUTER=$?
- systemctl disable cloud
- systemctl disable haproxy
- systemctl enable ssh
- systemctl disable nfs-common
- systemctl disable portmap
- echo "ssh haproxy apache2" > /var/cache/cloud/enabled_svcs
- echo "cloud nfs-common portmap" > /var/cache/cloud/disabled_svcs
- if [ $RROUTER -eq 0 ]
- then
- systemctl disable dnsmasq
- systemctl disable cloud-passwd-srvr
- systemctl enable keepalived
- systemctl enable conntrackd
- systemctl enable postinit
- echo "keepalived conntrackd postinit" >> /var/cache/cloud/enabled_svcs
- echo "dnsmasq cloud-passwd-srvr" >> /var/cache/cloud/disabled_svcs
- else
- systemctl enable dnsmasq
- systemctl enable cloud-passwd-srvr
- systemctl disable keepalived
- systemctl disable conntrackd
- echo "dnsmasq cloud-passwd-srvr " >> /var/cache/cloud/enabled_svcs
- echo "keepalived conntrackd " >> /var/cache/cloud/disabled_svcs
- fi
-}
-
-dhcpsrvr_svcs() {
- systemctl disable cloud
- systemctl enable cloud-passwd-srvr
- systemctl disable haproxy
- systemctl enable dnsmasq
- systemctl enable ssh
- systemctl disable nfs-common
- systemctl disable portmap
- systemctl disable keepalived
- systemctl disable conntrackd
- echo "ssh dnsmasq cloud-passwd-srvr apache2" > /var/cache/cloud/enabled_svcs
- echo "cloud nfs-common haproxy portmap" > /var/cache/cloud/disabled_svcs
-}
-
-elbvm_svcs() {
- systemctl disable cloud
- systemctl disable haproxy
- systemctl enable ssh
- systemctl disable nfs-common
- systemctl disable portmap
- systemctl disable keepalived
- systemctl disable conntrackd
- echo "ssh haproxy" > /var/cache/cloud/enabled_svcs
- echo "cloud dnsmasq cloud-passwd-srvr apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
-}
-
-
-ilbvm_svcs() {
- systemctl disable cloud
- systemctl enable haproxy
- systemctl enable ssh
- systemctl disable nfs-common
- systemctl disable portmap
- systemctl disable keepalived
- systemctl disable conntrackd
- echo "ssh haproxy" > /var/cache/cloud/enabled_svcs
- echo "cloud dnsmasq cloud-passwd-srvr apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
-}
-
-enable_pcihotplug() {
- sed -i -e "/acpiphp/d" /etc/modules
- sed -i -e "/pci_hotplug/d" /etc/modules
- echo acpiphp >> /etc/modules
- echo pci_hotplug >> /etc/modules
-}
-
-enable_serial_console() {
- #sed -i -e "/^serial.*/d" /boot/grub/grub.conf
- #sed -i -e "/^terminal.*/d" /boot/grub/grub.conf
- #sed -i -e "/^default.*/a\serial --unit=0 --speed=115200 --parity=no --stop=1" /boot/grub/grub.conf
- #sed -i -e "/^serial.*/a\terminal --timeout=0 serial console" /boot/grub/grub.conf
- #sed -i -e "s/\(^kernel.* ro\) \(console.*\)/\1 console=tty0 console=ttyS0,115200n8/" /boot/grub/grub.conf
- sed -i -e "/^s0:2345:respawn.*/d" /etc/inittab
- sed -i -e "/6:23:respawn/a\s0:2345:respawn:/sbin/getty -L 115200 ttyS0 vt102" /etc/inittab
-}
-
-
-CMDLINE=$(cat /var/cache/cloud/cmdline)
-TYPE="router"
-PATCH_MOUNT=$1
-Hypervisor=$2
-
-for i in $CMDLINE
- do
- # search for foo=bar pattern and cut out foo
- KEY=$(echo $i | cut -d= -f1)
- VALUE=$(echo $i | cut -d= -f2)
- case $KEY in
- type)
- TYPE=$VALUE
- ;;
- *)
- ;;
- esac
-done
-
-if [ "$TYPE" == "consoleproxy" ] || [ "$TYPE" == "secstorage" ] && [ -f ${PATCH_MOUNT}/systemvm.zip ]
-then
- patch_console_proxy ${PATCH_MOUNT}/systemvm.zip
- if [ $? -gt 0 ]
- then
- printf "Failed to apply patch systemvm\n" >$logfile
- exit 5
- fi
-fi
-
-
-#empty known hosts
-echo "" > /root/.ssh/known_hosts
-
-if [ "$Hypervisor" == "kvm" ]
-then
- enable_pcihotplug
- enable_serial_console
-fi
-
-if [ "$TYPE" == "router" ] || [ "$TYPE" == "vpcrouter" ]
-then
- routing_svcs
- if [ $? -gt 0 ]
- then
- printf "Failed to execute routing_svcs\n" >$logfile
- exit 6
- fi
-fi
-
-if [ "$TYPE" == "dhcpsrvr" ]
-then
- dhcpsrvr_svcs
- if [ $? -gt 0 ]
- then
- printf "Failed to execute dhcpsrvr_svcs\n" >$logfile
- exit 6
- fi
-fi
-
-
-if [ "$TYPE" == "consoleproxy" ]
-then
- consoleproxy_svcs
- if [ $? -gt 0 ]
- then
- printf "Failed to execute consoleproxy_svcs\n" >$logfile
- exit 7
- fi
-fi
-
-if [ "$TYPE" == "secstorage" ]
-then
- secstorage_svcs
- if [ $? -gt 0 ]
- then
- printf "Failed to execute secstorage_svcs\n" >$logfile
- exit 8
- fi
-fi
-
-if [ "$TYPE" == "elbvm" ]
-then
- elbvm_svcs
- if [ $? -gt 0 ]
- then
- printf "Failed to execute elbvm svcs\n" >$logfile
- exit 9
- fi
-fi
-
-if [ "$TYPE" == "ilbvm" ]
-then
- ilbvm_svcs
- if [ $? -gt 0 ]
- then
- printf "Failed to execute ilbvm svcs\n" >$logfile
- exit 9
- fi
-fi
-
-exit $?
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/common.sh b/systemvm/patches/debian/config/opt/cloud/bin/setup/common.sh
new file mode 100755
index 0000000..3b766ef
--- /dev/null
+++ b/systemvm/patches/debian/config/opt/cloud/bin/setup/common.sh
@@ -0,0 +1,862 @@
+#!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin"
+
+. /lib/lsb/init-functions
+
+log_it() {
+ echo "$(date) $@" >> /var/log/cloud.log
+ log_action_msg "$@"
+}
+
+init_interfaces_orderby_macs() {
+ macs=( $(echo $1 | sed "s/|/ /g") )
+ total_nics=${#macs[@]}
+ interface_file=${2:-"/etc/network/interfaces"}
+ rule_file=${3:-"/etc/udev/rules.d/70-persistent-net.rules"}
+
+ echo -n "auto lo" > $interface_file
+ for((i=0; i<total_nics; i++))
+ do
+ if [[ $i < 3 ]]
+ then
+ echo -n " eth$i" >> $interface_file
+ fi
+ done
+ cat >> $interface_file << EOF
+
+iface lo inet loopback
+
+EOF
+
+ echo "" > $rule_file
+ for((i=0; i < ${#macs[@]}; i++))
+ do
+ echo "SUBSYSTEM==\"net\", ACTION==\"add\", DRIVERS==\"?*\", ATTR{address}==\"${macs[$i]}\", NAME=\"eth$i\"" >> $rule_file
+ done
+}
+
+init_interfaces() {
+ if [ "$NIC_MACS" == "" ]
+ then
+ cat > /etc/network/interfaces << EOF
+auto lo $1 $2 $3
+iface lo inet loopback
+
+EOF
+ else
+ init_interfaces_orderby_macs "$NIC_MACS"
+ fi
+}
+
+setup_interface() {
+ local intfnum=$1
+ local ip=$2
+ local mask=$3
+ local gw=$4
+ local force=$5
+ local intf=eth${intfnum}
+ local bootproto="static"
+
+ if [ "$BOOTPROTO" == "dhcp" ]
+ then
+ if [ "$intfnum" != "0" ]
+ then
+ bootproto="dhcp"
+ fi
+ fi
+
+ if [ "$ip" != "0.0.0.0" -a "$ip" != "" -o "$force" == "force" ]
+ then
+ echo "iface $intf inet $bootproto" >> /etc/network/interfaces
+ if [ "$bootproto" == "static" ]
+ then
+ echo " address $ip " >> /etc/network/interfaces
+ echo " netmask $mask" >> /etc/network/interfaces
+ fi
+ fi
+
+ if [ "$ip" == "0.0.0.0" -o "$ip" == "" ]
+ then
+ ifconfig $intf down
+ fi
+
+ if [ "$force" == "force" ]
+ then
+ ifdown $intf
+ else
+ ifdown $intf
+ if [ "$RROUTER" != "1" -o "$1" != "2" ]
+ then
+ ifup $intf
+ fi
+ fi
+}
+
+setup_interface_ipv6() {
+ sysctl net.ipv6.conf.all.disable_ipv6=0
+ sysctl net.ipv6.conf.all.forwarding=1
+ sysctl net.ipv6.conf.all.accept_ra=1
+
+ sed -i "s/net.ipv6.conf.all.disable_ipv6 =.*$/net.ipv6.conf.all.disable_ipv6 = 0/" /etc/sysctl.conf
+ sed -i "s/net.ipv6.conf.all.forwarding =.*$/net.ipv6.conf.all.forwarding = 1/" /etc/sysctl.conf
+ sed -i "s/net.ipv6.conf.all.accept_ra =.*$/net.ipv6.conf.all.accept_ra = 1/" /etc/sysctl.conf
+
+ local intfnum=$1
+ local ipv6="$2"
+ local prelen="$3"
+ local intf=eth${intfnum}
+
+ echo "iface $intf inet6 static" >> /etc/network/interfaces
+ echo " address $ipv6 " >> /etc/network/interfaces
+ echo " netmask $prelen" >> /etc/network/interfaces
+ echo " accept_ra 1" >> /etc/network/interfaces
+ ifdown $intf
+ ifup $intf
+}
+
+
+enable_fwding() {
+ local enabled=$1
+ log_it "cloud: enable_fwding = $1"
+ log_it "enable_fwding = $1"
+ echo "$1" > /proc/sys/net/ipv4/ip_forward
+ [ -f /etc/iptables/iptables.conf ] && sed -i "s/ENABLE_ROUTING=.*$/ENABLE_ROUTING=$enabled/" /etc/iptables/iptables.conf && return
+}
+
+disable_rpfilter() {
+ log_it "cloud: disable rp_filter"
+ log_it "disable rpfilter"
+ sed -i "s/net.ipv4.conf.default.rp_filter.*$/net.ipv4.conf.default.rp_filter = 0/" /etc/sysctl.conf
+}
+
+get_public_vif_list() {
+ local vif_list=""
+ for i in /sys/class/net/eth*; do
+ vif=$(basename $i);
+ if [ "$vif" != "eth0" ] && [ "$vif" != "eth1" ]
+ then
+ vif_list="$vif_list $vif";
+ fi
+ done
+
+ echo $vif_list
+}
+
+disable_rpfilter_domR() {
+ log_it "cloud: Tuning rp_filter on public interfaces"
+
+ VIF_LIST=$(get_public_vif_list)
+ log_it "rpfilter public interfaces : $VIF_LIST"
+ if [ "$DISABLE_RP_FILTER" == "true" ]
+ then
+ log_it "cloud: disable rp_filter on public interfaces"
+ sed -i "s/net.ipv4.conf.default.rp_filter.*$/net.ipv4.conf.default.rp_filter = 0/" /etc/sysctl.conf
+ echo "0" > /proc/sys/net/ipv4/conf/default/rp_filter
+ for vif in $VIF_LIST; do
+ log_it "cloud: disable rp_filter on public interface: $vif"
+ sed -i "s/net.ipv4.conf.$vif.rp_filter.*$/net.ipv4.conf.$vif.rp_filter = 0/" /etc/sysctl.conf
+ echo "0" > /proc/sys/net/ipv4/conf/$vif/rp_filter
+ done
+ else
+ log_it "cloud: enable rp_filter on public interfaces"
+ sed -i "s/net.ipv4.conf.default.rp_filter.*$/net.ipv4.conf.default.rp_filter = 1/" /etc/sysctl.conf
+ echo "1" > /proc/sys/net/ipv4/conf/default/rp_filter
+ for vif in $VIF_LIST; do
+ log_it "cloud: enable rp_filter on public interface: $vif"
+ sed -i "s/net.ipv4.conf.$vif.rp_filter.*$/net.ipv4.conf.$vif.rp_filter = 1/" /etc/sysctl.conf
+ echo "1" > /proc/sys/net/ipv4/conf/$vif/rp_filter
+ done
+ fi
+ log_it "cloud: Enabling rp_filter on Non-public interfaces(eth0,eth1,lo)"
+ echo "1" > /proc/sys/net/ipv4/conf/eth0/rp_filter
+ echo "1" > /proc/sys/net/ipv4/conf/eth1/rp_filter
+ echo "1" > /proc/sys/net/ipv4/conf/lo/rp_filter
+}
+
+enable_irqbalance() {
+ local enabled=$1
+ local proc=0
+
+ proc=$(cat /proc/cpuinfo | grep "processor" | wc -l)
+ if [ $proc -le 1 ] && [ $enabled -eq 1 ]
+ then
+ enabled=0
+ fi
+
+ log_it "Processors = $proc Enable service ${svc} = $enabled"
+ local cfg=/etc/default/irqbalance
+ [ -f $cfg ] && sed -i "s/ENABLED=.*$/ENABLED=$enabled/" $cfg && return
+}
+
+enable_vpc_rpsrfs() {
+ local enable=$1
+ if [ $enable -eq 0 ]
+ then
+ echo 0 > /etc/rpsrfsenable
+ else
+ echo 1 > /etc/rpsrfsenable
+ fi
+
+ return 0
+}
+
+enable_rpsrfs() {
+ local enable=$1
+
+ if [ $enable -eq 0 ]
+ then
+ echo 0 > /etc/rpsrfsenable
+ return 0
+ fi
+
+ if [ ! -f /sys/class/net/eth0/queues/rx-0/rps_cpus ]
+ then
+ echo "rps is not enabled in the kernel"
+ echo 0 > /etc/rpsrfsenable
+ return 0
+ fi
+
+ proc=$(cat /proc/cpuinfo | grep "processor" | wc -l)
+ if [ $proc -le 1 ]
+ then
+ echo 0 > /etc/rpsrfsenable
+ return 0;
+ fi
+
+ echo 1 > /etc/rpsrfsenable
+ num=1
+ num=$(($num<<$proc))
+ num=$(($num-1));
+ echo $num;
+ hex=$(printf "%x\n" $num)
+ echo $hex;
+ #enable rps
+ echo $hex > /sys/class/net/eth0/queues/rx-0/rps_cpus
+ echo $hex > /sys/class/net/eth2/queues/rx-0/rps_cpus
+
+ #enble rfs
+ echo 256 > /proc/sys/net/core/rps_sock_flow_entries
+ echo 256 > /sys/class/net/eth0/queues/rx-0/rps_flow_cnt
+ echo 256 > /sys/class/net/eth2/queues/rx-0/rps_flow_cnt
+}
+
+setup_common() {
+ init_interfaces $1 $2 $3
+ if [ -n "$ETH0_IP" ]
+ then
+ setup_interface "0" $ETH0_IP $ETH0_MASK $GW
+ fi
+ if [ -n "$ETH0_IP6" ]
+ then
+ setup_interface_ipv6 "0" $ETH0_IP6 $ETH0_IP6_PRELEN
+ fi
+ setup_interface "1" $ETH1_IP $ETH1_MASK $GW
+ if [ -n "$ETH2_IP" ]
+ then
+ setup_interface "2" $ETH2_IP $ETH2_MASK $GW
+ fi
+
+ echo $NAME > /etc/hostname
+ echo 'AVAHI_DAEMON_DETECT_LOCAL=0' > /etc/default/avahi-daemon
+ hostnamectl set-hostname $NAME
+
+ #Nameserver
+ sed -i -e "/^nameserver.*$/d" /etc/resolv.conf # remove previous entries
+ sed -i -e "/^nameserver.*$/d" /etc/dnsmasq-resolv.conf # remove previous entries
+ if [ -n "$internalNS1" ]
+ then
+ echo "nameserver $internalNS1" > /etc/dnsmasq-resolv.conf
+ echo "nameserver $internalNS1" > /etc/resolv.conf
+ fi
+
+ if [ -n "$internalNS2" ]
+ then
+ echo "nameserver $internalNS2" >> /etc/dnsmasq-resolv.conf
+ echo "nameserver $internalNS2" >> /etc/resolv.conf
+ fi
+ if [ -n "$NS1" ]
+ then
+ echo "nameserver $NS1" >> /etc/dnsmasq-resolv.conf
+ echo "nameserver $NS1" >> /etc/resolv.conf
+ fi
+
+ if [ -n "$NS2" ]
+ then
+ echo "nameserver $NS2" >> /etc/dnsmasq-resolv.conf
+ echo "nameserver $NS2" >> /etc/resolv.conf
+ fi
+
+ if [ -n "$IP6_NS1" ]
+ then
+ echo "nameserver $IP6_NS1" >> /etc/dnsmasq-resolv.conf
+ echo "nameserver $IP6_NS1" >> /etc/resolv.conf
+ fi
+ if [ -n "$IP6_NS2" ]
+ then
+ echo "nameserver $IP6_NS2" >> /etc/dnsmasq-resolv.conf
+ echo "nameserver $IP6_NS2" >> /etc/resolv.conf
+ fi
+
+ if [ -n "$MGMTNET" -a -n "$LOCAL_GW" ]
+ then
+ ip route add $MGMTNET via $LOCAL_GW dev eth1
+ fi
+
+ ip route delete default
+ if [ "$RROUTER" != "1" ]
+ then
+ gwdev=$3
+ if [ -z "$gwdev" ]
+ then
+ gwdev="eth0"
+ fi
+
+ ip route add default via $GW dev $gwdev
+ fi
+
+ # a hacking way to activate vSwitch under VMware
+ ping -n -c 3 $GW &
+ if [ -n "$MGMTNET" -a -n "$LOCAL_GW" ]
+ then
+ ping -n -c 3 $LOCAL_GW &
+ #This code is added to address ARP issue by pinging MGMT_GW
+ MGMT_GW=$(echo $MGMTNET | awk -F "." '{print $1"."$2"."$3".1"}')
+ ping -n -c 3 $MGMT_GW &
+ fi
+
+ if [ "$HYPERVISOR" == "vmware" ]; then
+ ntpq -p &> /dev/null || vmware-toolbox-cmd timesync enable
+ fi
+}
+
+setup_dnsmasq() {
+ log_it "Setting up dnsmasq"
+
+ touch /etc/dhcpopts.txt
+
+ [ -z $DHCP_RANGE ] && [ $ETH0_IP ] && DHCP_RANGE=$ETH0_IP
+ [ $ETH0_IP6 ] && DHCP_RANGE_IP6=$ETH0_IP6
+ [ -z $DOMAIN ] && DOMAIN="cloudnine.internal"
+ #removing the dnsmasq multiple ranges config file.
+ rm /etc/dnsmasq.d/multiple_ranges.conf
+
+ #get the template
+ cp /etc/dnsmasq.conf.tmpl /etc/dnsmasq.conf
+
+ if [ -n "$DOMAIN" ]
+ then
+ #send domain name to dhcp clients
+ sed -i s/[#]*dhcp-option=15.*$/dhcp-option=15,\"$DOMAIN\"/ /etc/dnsmasq.conf
+ #DNS server will append $DOMAIN to local queries
+ sed -r -i s/^[#]?domain=.*$/domain=$DOMAIN/ /etc/dnsmasq.conf
+ #answer all local domain queries
+ sed -i -e "s/^[#]*local=.*$/local=\/$DOMAIN\//" /etc/dnsmasq.conf
+ fi
+
+ if [ -n "$DNS_SEARCH_ORDER" ]
+ then
+ sed -i -e "/^[#]*dhcp-option.*=119.*$/d" /etc/dnsmasq.conf
+ echo "dhcp-option-force=119,$DNS_SEARCH_ORDER" >> /etc/dnsmasq.conf
+ # set the domain search order as a space seprated list for option 15
+ DNS_SEARCH_ORDER=$(echo $DNS_SEARCH_ORDER | sed 's/,/ /g')
+ #send domain name to dhcp clients
+ sed -i s/[#]*dhcp-option=15.*$/dhcp-option=15,\""$DNS_SEARCH_ORDER"\"/ /etc/dnsmasq.conf
+ fi
+
+ if [ $DHCP_RANGE ]
+ then
+ sed -i -e "s/^dhcp-range_ip4=.*$/dhcp-range=$DHCP_RANGE,static/" /etc/dnsmasq.conf
+ else
+ sed -i -e "s/^dhcp-range_ip4=.*$//" /etc/dnsmasq.conf
+ fi
+ if [ $DHCP_RANGE_IP6 ]
+ then
+ sed -i -e "s/^dhcp-range_ip6=.*$/dhcp-range=$DHCP_RANGE_IP6,static/" /etc/dnsmasq.conf
+ # For nondefault6 tagged host, don't send dns-server information
+ sed -i /nondefault6/d /etc/dnsmasq.conf
+ echo "dhcp-option=nondefault6,option6:dns-server" >> /etc/dnsmasq.conf
+ else
+ sed -i -e "s/^dhcp-range_ip6=.*$//" /etc/dnsmasq.conf
+ fi
+
+ if [ "$RROUTER" == "1" ]
+ then
+ DEFAULT_GW=$GUEST_GW
+ INTERNAL_DNS=$GUEST_GW
+ else
+ if [ "$TYPE" == "dhcpsrvr" ]
+ then
+ DEFAULT_GW=$GW
+ else
+ DEFAULT_GW=$ETH0_IP
+ fi
+ INTERNAL_DNS=$ETH0_IP
+ fi
+ sed -i -e "/^[#]*dhcp-option=option:router.*$/d" /etc/dnsmasq.conf
+ [ $DEFAULT_GW ] && echo "dhcp-option=option:router,$DEFAULT_GW" >> /etc/dnsmasq.conf
+
+ [ $ETH0_IP ] && [ $NS1 ] && NS="$NS1,"
+ [ $ETH0_IP ] && [ $NS2 ] && NS="$NS$NS2,"
+ [ $ETH0_IP6 ] && [ $IP6_NS1 ] && NS6="[$IP6_NS1],"
+ [ $ETH0_IP6 ] && [ $IP6_NS2 ] && NS6="$NS6[$IP6_NS2],"
+ #for now set up ourself as the dns server as well
+ sed -i -e "/^[#]*dhcp-option=6,.*$/d" /etc/dnsmasq.conf
+ sed -i -e "/^[#]*dhcp-option=option6:dns-server,.*$/d" /etc/dnsmasq.conf
+ if [ "$USE_EXTERNAL_DNS" != "true" ]
+ then
+ [ $ETH0_IP ] && NS="$INTERNAL_DNS,$NS"
+ [ $ETH0_IP6 ] && NS6="[::],$NS6"
+ # enable dns
+ sed -i -e "/^[#]*port=.*$/d" /etc/dnsmasq.conf
+ else
+ # disable dns
+ sed -i -e "/^[#]*port=.*$/d" /etc/dnsmasq.conf
+ echo "port=0" >> /etc/dnsmasq.conf
+ fi
+ NS=${NS%?}
+ NS6=${NS6%?}
+ [ $ETH0_IP ] && echo "dhcp-option=6,$NS" >> /etc/dnsmasq.conf
+ [ $ETH0_IP6 ] && echo "dhcp-option=option6:dns-server,$NS6" >> /etc/dnsmasq.conf
+ #adding the name data-server to the /etc/hosts for allowing the access to user-data service and ssh-key reset in every subnet.
+ #removing the existing entires to avoid duplicates on restarts.
+ sed -i '/data-server/d' /etc/hosts
+ if [ -n "$ETH0_IP" ]
+ then
+ echo "$ETH0_IP data-server" >> /etc/hosts
+ fi
+ if [ -n "$ETH0_IP6" ]
+ then
+ echo "$ETH0_IP6 data-server" >> /etc/hosts
+ fi
+ #add the dhcp-client-update only if dnsmasq version is 2.6 and above
+ dnsmasqVersion=$(dnsmasq -v | grep version -m 1 | grep -o "[[:digit:]]\.[[:digit:]]")
+ major=$(echo "$dnsmasqVersion" | cut -d '.' -f 1)
+ minor=$(echo "$dnsmasqVersion" | cut -d '.' -f 2)
+ if [ "$major" -eq '2' -a "$minor" -ge '6' ] || [ "$major" -gt '2' ]
+ then
+ sed -i -e "/^dhcp-client-update/d" /etc/dnsmasq.conf
+ echo 'dhcp-client-update' >> /etc/dnsmasq.conf
+ fi
+
+ command -v dhcp_release > /dev/null 2>&1
+ no_dhcp_release=$?
+ if [ $no_dhcp_release -eq 0 -a -z "$ETH0_IP6" ]
+ then
+ echo 1 > /var/cache/cloud/dnsmasq_managed_lease
+ sed -i -e "/^leasefile-ro/d" /etc/dnsmasq.conf
+ else
+ echo 0 > /var/cache/cloud/dnsmasq_managed_lease
+ fi
+}
+
+setup_sshd(){
+ local ip=$1
+ local eth=$2
+ [ -f /etc/ssh/sshd_config ] && sed -i -e "s/^[#]*ListenAddress.*$/ListenAddress $ip/" /etc/ssh/sshd_config
+ sed -i "/3922/s/eth./$eth/" /etc/iptables/rules.v4
+ sed -i "/3922/s/eth./$eth/" /etc/iptables/rules
+}
+
+setup_vpc_apache2() {
+ log_it "Setting up apache web server for VPC"
+ systemctl disable apache2
+ clean_ipalias_config
+ setup_apache2_common
+}
+
+clean_ipalias_config() {
+ # Old
+ rm -f /etc/apache2/conf.d/ports.*.meta-data.conf
+ rm -f /etc/apache2/sites-available/ipAlias*
+ rm -f /etc/apache2/sites-enabled/ipAlias*
+ rm -f /etc/apache2/conf.d/vhost*.conf
+ rm -f /etc/apache2/ports.conf
+ rm -f /etc/apache2/vhostexample.conf
+ rm -f /etc/apache2/sites-available/default
+ rm -f /etc/apache2/sites-available/default-ssl
+ rm -f /etc/apache2/sites-enabled/default
+ rm -f /etc/apache2/sites-enabled/default-ssl
+
+ # New
+ rm -f /etc/apache2/sites-enabled/vhost-*.conf
+ rm -f /etc/apache2/sites-enabled/000-default
+
+ rm -rf /etc/failure_config
+}
+
+setup_apache2_common() {
+ sed -i 's/^Include ports.conf.*/# CS: Done by Python CsApp config\n#Include ports.conf/g' /etc/apache2/apache2.conf
+ [ -f /etc/apache2/conf.d/security ] && sed -i -e "s/^ServerTokens .*/ServerTokens Prod/g" /etc/apache2/conf.d/security
+ [ -f /etc/apache2/conf.d/security ] && sed -i -e "s/^ServerSignature .*/ServerSignature Off/g" /etc/apache2/conf.d/security
+
+ # Disable listing of http://SSVM-IP/icons folder for security issue. see article http://www.i-lateral.com/tutorials/disabling-the-icons-folder-on-an-ubuntu-web-server/
+ [ -f /etc/apache2/mods-available/alias.conf ] && sed -i s/"Options Indexes MultiViews"/"Options -Indexes MultiViews"/ /etc/apache2/mods-available/alias.conf
+
+ echo "Options -Indexes" > /var/www/html/.htaccess
+}
+
+setup_apache2() {
+ log_it "Setting up apache web server"
+ clean_ipalias_config
+ setup_apache2_common
+ local ip=$1
+}
+
+setup_aesni() {
+ if [ `grep aes /proc/cpuinfo | wc -l` -gt 0 ]
+ then
+ modprobe aesni_intel
+ fi
+}
+
+setup_storage_network() {
+ if [ x"$STORAGE_IP" == "x" -o x"$STORAGE_NETMASK" == "x" ]
+ then
+ log_it "Incompleted parameters STORAGE_IP:$STORAGE_IP, STORAGE_NETMASK:$STORAGE_NETMASK, STORAGE_CIDR:$STORAGE_CIDR. Cannot setup storage network"
+ return
+ fi
+
+ echo "" >> /etc/network/interfaces
+ echo "auto eth3" >> /etc/network/interfaces
+
+ setup_interface "3" "$STORAGE_IP" "$STORAGE_NETMASK"
+ [ -n "$MTU" ] && ifconfig eth3 mtu $MTU && echo " mtu $MTU" >> /etc/network/interfaces
+ #ip route add "$STORAGE_CIDR" via "$STORAGE_IP"
+ log_it "Successfully setup storage network with STORAGE_IP:$STORAGE_IP, STORAGE_NETMASK:$STORAGE_NETMASK, STORAGE_CIDR:$STORAGE_CIDR"
+}
+
+setup_system_rfc1918_internal() {
+ public_ip=`getPublicIp`
+ echo "$public_ip" | grep -E "^((127\.)|(10\.)|(172\.1[6-9]\.)|(172\.2[0-9]\.)|(172\.3[0-1]\.)|(192\.168\.))"
+ if [ "$?" == "0" ]; then
+ log_it "Not setting up route of RFC1918 space to $LOCAL_GW befause $public_ip is RFC1918."
+ else
+ log_it "Setting up route of RFC1918 space to $LOCAL_GW"
+ # Setup general route for RFC 1918 space, as otherwise it will be sent to
+ # the public gateway and not work
+ # More specific routes that may be set have preference over this generic route.
+ ip route add 10.0.0.0/8 via $LOCAL_GW
+ ip route add 172.16.0.0/12 via $LOCAL_GW
+ ip route add 192.168.0.0/16 via $LOCAL_GW
+ fi
+}
+
+getPublicIp() {
+ public_ip=$ETH2_IP
+ [ "$ETH2_IP" == "0.0.0.0" ] && public_ip=$ETH1_IP
+ echo $public_ip
+}
+
+setup_ntp() {
+ log_it "Setting up NTP"
+ NTP_CONF_FILE="/etc/ntp.conf"
+ if [ -f $NTP_CONF_FILE ]
+ then
+ IFS=',' read -a server_list <<< "$NTP_SERVER_LIST"
+ for (( iterator=${#server_list[@]}-1 ; iterator>=0 ; iterator-- ))
+ do
+ server=$(echo ${server_list[iterator]} | tr -d '\r')
+ PATTERN="server $server"
+ if grep -q "^$PATTERN$" $NTP_CONF_FILE ; then
+ sed -i "/^$PATTERN$/d" $NTP_CONF_FILE
+ fi
+ sed -i "0,/^server/s//$PATTERN\nserver/" $NTP_CONF_FILE
+ done
+ systemctl enable ntp
+ else
+ log_it "NTP configuration file not found"
+ fi
+}
+
+routing_svcs() {
+ systemctl disable --now cloud
+ systemctl disable --now nfs-common
+ systemctl disable --now portmap
+ systemctl enable apache2
+ systemctl enable haproxy
+ systemctl enable ssh
+ echo "ssh haproxy apache2" > /var/cache/cloud/enabled_svcs
+ echo "cloud nfs-common portmap" > /var/cache/cloud/disabled_svcs
+ if [ $RROUTER -eq 1 ]
+ then
+ systemctl disable --now cloud-passwd-srvr
+ systemctl disable --now dnsmasq
+ systemctl enable conntrackd
+ systemctl enable keepalived
+ echo "keepalived conntrackd" >> /var/cache/cloud/enabled_svcs
+ echo "dnsmasq cloud-passwd-srvr" >> /var/cache/cloud/disabled_svcs
+ else
+ systemctl disable --now conntrackd
+ systemctl disable --now keepalived
+ systemctl enable cloud-passwd-srvr
+ systemctl enable dnsmasq
+ echo "dnsmasq cloud-passwd-srvr " >> /var/cache/cloud/enabled_svcs
+ echo "keepalived conntrackd " >> /var/cache/cloud/disabled_svcs
+ fi
+}
+
+setup_redundant_router() {
+ rrouter_bin_path="/ramdisk/rrouter"
+ rrouter_log="/ramdisk/rrouter/keepalived.log"
+ rrouter_bin_path_str="\/ramdisk\/rrouter"
+ rrouter_log_str="\/ramdisk\/rrouter\/keepalived.log"
+ mkdir -p /ramdisk
+ mount tmpfs /ramdisk -t tmpfs
+ mkdir -p /ramdisk/rrouter
+ ip route delete default
+ cp /root/redundant_router/keepalived.conf.templ /etc/keepalived/keepalived.conf
+ cp /root/redundant_router/conntrackd.conf.templ /etc/conntrackd/conntrackd.conf
+ cp /root/redundant_router/enable_pubip.sh.templ $rrouter_bin_path/enable_pubip.sh
+ cp /root/redundant_router/master.sh.templ $rrouter_bin_path/master.sh
+ cp /root/redundant_router/backup.sh.templ $rrouter_bin_path/backup.sh
+ cp /root/redundant_router/fault.sh.templ $rrouter_bin_path/fault.sh
+ cp /root/redundant_router/primary-backup.sh.templ $rrouter_bin_path/primary-backup.sh
+ cp /root/redundant_router/heartbeat.sh.templ $rrouter_bin_path/heartbeat.sh
+ cp /root/redundant_router/check_heartbeat.sh.templ $rrouter_bin_path/check_heartbeat.sh
+ cp /root/redundant_router/arping_gateways.sh.templ $rrouter_bin_path/arping_gateways.sh
+ cp /root/redundant_router/check_bumpup.sh $rrouter_bin_path/
+ cp /root/redundant_router/disable_pubip.sh $rrouter_bin_path/
+ cp /root/redundant_router/checkrouter.sh.templ /opt/cloud/bin/checkrouter.sh
+ cp /root/redundant_router/services.sh $rrouter_bin_path/
+ sed -i "s/\[ROUTER_ID\]/$NAME/g" /etc/keepalived/keepalived.conf
+ sed -i "s/\[ROUTER_IP\]/$GUEST_GW\/$GUEST_CIDR_SIZE/g" /etc/keepalived/keepalived.conf
+ sed -i "s/\[BOARDCAST\]/$GUEST_BRD/g" /etc/keepalived/keepalived.conf
+ sed -i "s/\[PRIORITY\]/$ROUTER_PR/g" /etc/keepalived/keepalived.conf
+ sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" /etc/keepalived/keepalived.conf
+ sed -i "s/\[DELTA\]/2/g" /etc/keepalived/keepalived.conf
+ sed -i "s/\[LINK_IF\]/eth0/g" /etc/conntrackd/conntrackd.conf
+ sed -i "s/\[LINK_IP\]/$ETH0_IP/g" /etc/conntrackd/conntrackd.conf
+ sed -i "s/\[IGNORE_IP1\]/$GUEST_GW/g" /etc/conntrackd/conntrackd.conf
+ sed -i "s/\[IGNORE_IP2\]/$ETH0_IP/g" /etc/conntrackd/conntrackd.conf
+ sed -i "s/\[IGNORE_IP3\]/$ETH1_IP/g" /etc/conntrackd/conntrackd.conf
+ sed -i "s/\[ETH2IP\]/$ETH2_IP/g" $rrouter_bin_path/enable_pubip.sh
+ sed -i "s/\[ETH2MASK\]/$ETH2_MASK/g" $rrouter_bin_path/enable_pubip.sh
+ sed -i "s/\[GATEWAY\]/$GW/g" $rrouter_bin_path/enable_pubip.sh
+ sed -i "s/\[GATEWAY\]/$GW/g" $rrouter_bin_path/master.sh
+ sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" $rrouter_bin_path/master.sh
+ sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" $rrouter_bin_path/backup.sh
+ sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" $rrouter_bin_path/fault.sh
+ sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" $rrouter_bin_path/heartbeat.sh
+ sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" $rrouter_bin_path/check_heartbeat.sh
+ sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/master.sh
+ sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/backup.sh
+ sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/fault.sh
+ sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/primary-backup.sh
+ sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/check_heartbeat.sh
+ sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/arping_gateways.sh
+ sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" /opt/cloud/bin/checkrouter.sh
+ if [ $ADVERT_INT ]
+ then
+ sed -i "s/advert_int 1/advert_int $ADVERT_INT/g" /etc/keepalived/keepalived.conf
+ fi
+ chmod a+x $rrouter_bin_path/*.sh
+ sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived
+ crontab -l|grep "check_heartbeat.sh"
+ if [ $? -ne 0 ]
+ then
+ (crontab -l; echo -e "SHELL=/bin/bash\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n*/1 * * * * $rrouter_bin_path/check_heartbeat.sh 2>&1 > /dev/null") | crontab
+ fi
+}
+
+parse_cmd_line() {
+ CMDLINE=$(cat /var/cache/cloud/cmdline)
+ TYPE="unknown"
+ BOOTPROTO="static"
+ DISABLE_RP_FILTER="false"
+ STORAGE_IP=""
+ STORAGE_NETMASK=""
+ STORAGE_CIDR=""
+ VM_PASSWORD=""
+
+ CHEF_TMP_FILE=/tmp/cmdline.json
+ COMMA="\t"
+ echo -e "{\n\"type\": \"cmdline\"," > ${CHEF_TMP_FILE}
+ echo -e "\"cmd_line\": {" >> ${CHEF_TMP_FILE}
+
+ for i in $CMDLINE
+ do
+ # search for foo=bar pattern and cut out foo
+ KEY=$(echo $i | cut -d= -f1)
+ VALUE=$(echo $i | cut -d= -f2)
+ echo -en ${COMMA} >> ${CHEF_TMP_FILE}
+ # Two lines so values do not accidently interpretted as escapes!!
+ echo -n \"${KEY}\"': '\"${VALUE}\" >> ${CHEF_TMP_FILE}
+ COMMA=",\n\t"
+ case $KEY in
+ disable_rp_filter)
+ export DISABLE_RP_FILTER=$VALUE
+ ;;
+ eth0ip)
+ export ETH0_IP=$VALUE
+ ;;
+ eth1ip)
+ export ETH1_IP=$VALUE
+ ;;
+ eth2ip)
+ export ETH2_IP=$VALUE
+ ;;
+ host)
+ export MGMT_HOST=$VALUE
+ ;;
+ gateway)
+ export GW=$VALUE
+ ;;
+ ip6gateway)
+ export IP6GW=$VALUE
+ ;;
+ eth0mask)
+ export ETH0_MASK=$VALUE
+ ;;
+ eth1mask)
+ export ETH1_MASK=$VALUE
+ ;;
+ eth2mask)
+ export ETH2_MASK=$VALUE
+ ;;
+ eth0ip6)
+ export ETH0_IP6=$VALUE
+ ;;
+ eth0ip6prelen)
+ export ETH0_IP6_PRELEN=$VALUE
+ ;;
+ internaldns1)
+ export internalNS1=$VALUE
+ ;;
+ internaldns2)
+ export internalNS2=$VALUE
+ ;;
+ dns1)
+ export NS1=$VALUE
+ ;;
+ dns2)
+ export NS2=$VALUE
+ ;;
+ ip6dns1)
+ export IP6_NS1=$VALUE
+ ;;
+ ip6dns2)
+ export IP6_NS2=$VALUE
+ ;;
+ domain)
+ export DOMAIN=$VALUE
+ ;;
+ dnssearchorder)
+ export DNS_SEARCH_ORDER=$VALUE
+ ;;
+ useextdns)
+ export USE_EXTERNAL_DNS=$VALUE
+ ;;
+ mgmtcidr)
+ export MGMTNET=$VALUE
+ ;;
+ localgw)
+ export LOCAL_GW=$VALUE
+ ;;
+ template)
+ export TEMPLATE=$VALUE
+ ;;
+ sshonguest)
+ export SSHONGUEST=$VALUE
+ ;;
+ name)
+ export NAME=$VALUE
+ ;;
+ dhcprange)
+ export DHCP_RANGE=$(echo $VALUE | tr ':' ',')
+ ;;
+ bootproto)
+ export BOOTPROTO=$VALUE
+ ;;
+ type)
+ export TYPE=$VALUE
+ ;;
+ defaultroute)
+ export DEFAULTROUTE=$VALUE
+ ;;
+ redundant_router)
+ export RROUTER=$VALUE
+ ;;
+ guestgw)
+ export GUEST_GW=$VALUE
+ ;;
+ guestbrd)
+ export GUEST_BRD=$VALUE
+ ;;
+ guestcidrsize)
+ export GUEST_CIDR_SIZE=$VALUE
+ ;;
+ router_pr)
+ export ROUTER_PR=$VALUE
+ ;;
+ extra_pubnics)
+ export EXTRA_PUBNICS=$VALUE
+ ;;
+ nic_macs)
+ export NIC_MACS=$VALUE
+ ;;
+ mtu)
+ export MTU=$VALUE
+ ;;
+ storageip)
+ export STORAGE_IP=$VALUE
+ ;;
+ storagenetmask)
+ export STORAGE_NETMASK=$VALUE
+ ;;
+ storagecidr)
+ export STORAGE_CIDR=$VALUE
+ ;;
+ vmpassword)
+ export VM_PASSWORD=$VALUE
+ ;;
+ vpccidr)
+ export VPCCIDR=$VALUE
+ ;;
+ cidrsize)
+ export CIDR_SIZE=$VALUE
+ ;;
+ advert_int)
+ export ADVERT_INT=$VALUE
+ ;;
+ ntpserverlist)
+ export NTP_SERVER_LIST=$VALUE
+ ;;
+ esac
+ done
+ echo -e "\n\t}\n}" >> ${CHEF_TMP_FILE}
+ if [ "$TYPE" != "unknown" ]
+ then
+ mv ${CHEF_TMP_FILE} /var/cache/cloud/cmd_line.json
+ fi
+
+ [ $ETH0_IP ] && export LOCAL_ADDRS=$ETH0_IP
+ [ $ETH0_IP6 ] && export LOCAL_ADDRS=$ETH0_IP6
+ [ $ETH0_IP ] && [ $ETH0_IP6 ] && export LOCAL_ADDRS="$ETH0_IP,$ETH0_IP6"
+
+ # Randomize cloud password so only ssh login is allowed
+ echo "cloud:`openssl rand -base64 32`" | chpasswd
+
+ if [ x"$VM_PASSWORD" != x"" ]
+ then
+ echo "root:$VM_PASSWORD" | chpasswd
+ fi
+}
+
+parse_cmd_line
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/consoleproxy.sh b/systemvm/patches/debian/config/opt/cloud/bin/setup/consoleproxy.sh
new file mode 100755
index 0000000..36c1fa4
--- /dev/null
+++ b/systemvm/patches/debian/config/opt/cloud/bin/setup/consoleproxy.sh
@@ -0,0 +1,61 @@
+#!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+. /opt/cloud/bin/setup/common.sh
+
+consoleproxy_svcs() {
+ echo "cloud ssh" > /var/cache/cloud/enabled_svcs
+ echo "cloud-passwd-srvr haproxy dnsmasq apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
+ mkdir -p /var/log/cloud
+}
+
+setup_console_proxy() {
+ log_it "Setting up console proxy system vm"
+ setup_common eth0 eth1 eth2
+ setup_system_rfc1918_internal
+
+ log_it "Setting up entry in hosts"
+ sed -i /$NAME/d /etc/hosts
+ public_ip=`getPublicIp`
+ echo "$public_ip $NAME" >> /etc/hosts
+
+ log_it "Applying iptables rules"
+ cp /etc/iptables/iptables-consoleproxy /etc/iptables/rules.v4
+ cp /etc/iptables/iptables-consoleproxy /etc/iptables/rules
+
+ log_it "Configuring sshd"
+ local hyp=$HYPERVISOR
+ if [ "$hyp" == "vmware" ] || [ "$hyp" == "hyperv" ]; then
+ setup_sshd $ETH1_IP "eth1"
+ else
+ setup_sshd $ETH0_IP "eth0"
+ fi
+
+ disable_rpfilter
+ enable_fwding 0
+ enable_irqbalance 0
+ rm -f /etc/logrotate.d/cloud
+}
+
+consoleproxy_svcs
+if [ $? -gt 0 ]
+then
+ log_it "Failed to execute consoleproxy_svcs"
+ exit 1
+fi
+setup_console_proxy
diff --git a/systemvm/patches/debian/config/etc/default/cloud b/systemvm/patches/debian/config/opt/cloud/bin/setup/default.sh
old mode 100644
new mode 100755
similarity index 78%
rename from systemvm/patches/debian/config/etc/default/cloud
rename to systemvm/patches/debian/config/opt/cloud/bin/setup/default.sh
index 0b85c63..4272e64
--- a/systemvm/patches/debian/config/etc/default/cloud
+++ b/systemvm/patches/debian/config/opt/cloud/bin/setup/default.sh
@@ -1,3 +1,4 @@
+#!/bin/bash
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
@@ -15,5 +16,14 @@
# specific language governing permissions and limitations
# under the License.
-#set ENABLED to 1 if you want the init script to start the password server
-ENABLED=0
+. /opt/cloud/bin/setup/common.sh
+
+setup_default() {
+ cat > /etc/network/interfaces << EOF
+auto lo
+iface lo inet loopback
+EOF
+ cp -f /etc/iptables/rt_tables_init /etc/iproute2/rt_tables
+}
+
+setup_default
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/dhcpsrvr.sh b/systemvm/patches/debian/config/opt/cloud/bin/setup/dhcpsrvr.sh
new file mode 100755
index 0000000..1e28ab4
--- /dev/null
+++ b/systemvm/patches/debian/config/opt/cloud/bin/setup/dhcpsrvr.sh
@@ -0,0 +1,62 @@
+#!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+. /opt/cloud/bin/setup/common.sh
+
+dhcpsrvr_svcs() {
+ echo "ssh dnsmasq cloud-passwd-srvr apache2" > /var/cache/cloud/enabled_svcs
+ echo "cloud nfs-common conntrackd keepalived haproxy portmap" > /var/cache/cloud/disabled_svcs
+}
+
+setup_dhcpsrvr() {
+ log_it "Setting up dhcp server system vm"
+ setup_common eth0 eth1
+ setup_dnsmasq
+ setup_apache2 $ETH0_IP
+
+ sed -i /$NAME/d /etc/hosts
+ [ $ETH0_IP ] && echo "$ETH0_IP $NAME" >> /etc/hosts
+ [ $ETH0_IP6 ] && echo "$ETH0_IP6 $NAME" >> /etc/hosts
+
+ enable_irqbalance 0
+ enable_fwding 0
+
+ cp /etc/iptables/iptables-router /etc/iptables/rules.v4
+ cp /etc/iptables/iptables-router /etc/iptables/rules
+
+ #Only allow DNS service for current network
+ sed -i "s/-A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p udp -m udp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules.v4
+ sed -i "s/-A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p udp -m udp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules
+ sed -i "s/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules.v4
+ sed -i "s/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules
+
+ if [ "$SSHONGUEST" == "true" ]
+ then
+ setup_sshd $ETH0_IP "eth0"
+ else
+ setup_sshd $ETH1_IP "eth1"
+ fi
+}
+
+dhcpsrvr_svcs
+if [ $? -gt 0 ]
+then
+ log_it "Failed to execute dhcpsrvr_svcs"
+ exit 1
+fi
+setup_dhcpsrvr
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/elbvm.sh b/systemvm/patches/debian/config/opt/cloud/bin/setup/elbvm.sh
new file mode 100755
index 0000000..23a2607
--- /dev/null
+++ b/systemvm/patches/debian/config/opt/cloud/bin/setup/elbvm.sh
@@ -0,0 +1,53 @@
+#!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+. /opt/cloud/bin/setup/common.sh
+
+elbvm_svcs() {
+ echo "ssh haproxy" > /var/cache/cloud/enabled_svcs
+ echo "cloud dnsmasq conntrackd keepalived cloud-passwd-srvr apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
+}
+
+setup_elbvm() {
+ log_it "Setting up Elastic Load Balancer system vm"
+ setup_common eth0 eth1
+ sed -i /$NAME/d /etc/hosts
+ public_ip=$ETH2_IP
+ [ "$ETH2_IP" == "0.0.0.0" ] || [ "$ETH2_IP" == "" ] && public_ip=$ETH0_IP
+ echo "$public_ip $NAME" >> /etc/hosts
+
+ cp /etc/iptables/iptables-elbvm /etc/iptables/rules.v4
+ cp /etc/iptables/iptables-elbvm /etc/iptables/rules
+ if [ "$SSHONGUEST" == "true" ]
+ then
+ setup_sshd $ETH0_IP "eth0"
+ else
+ setup_sshd $ETH1_IP "eth1"
+ fi
+
+ enable_fwding 0
+ enable_irqbalance 0
+}
+
+elbvm_svcs
+if [ $? -gt 0 ]
+then
+ log_it "Failed to execute elbvm svcs"
+ exit 1
+fi
+setup_elbvm
diff --git a/tools/appliance/definitions/systemvmtemplate/cleanup.sh b/systemvm/patches/debian/config/opt/cloud/bin/setup/ilbvm.sh
old mode 100644
new mode 100755
similarity index 53%
copy from tools/appliance/definitions/systemvmtemplate/cleanup.sh
copy to systemvm/patches/debian/config/opt/cloud/bin/setup/ilbvm.sh
index 67d6c23..4cd599f
--- a/tools/appliance/definitions/systemvmtemplate/cleanup.sh
+++ b/systemvm/patches/debian/config/opt/cloud/bin/setup/ilbvm.sh
@@ -16,33 +16,33 @@
# specific language governing permissions and limitations
# under the License.
-set -e
-set -x
+. /opt/cloud/bin/setup/common.sh
-function cleanup_apt() {
- apt-get -y remove dictionaries-common busybox
- apt-get -y autoremove
- apt-get autoclean
- apt-get clean
+ilbvm_svcs() {
+ echo "ssh haproxy" > /var/cache/cloud/enabled_svcs
+ echo "cloud dnsmasq conntrackd keepalived cloud-passwd-srvr apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
}
-# Removing leftover leases and persistent rules
-function cleanup_dhcp() {
- rm -f /var/lib/dhcp/*
-}
+setup_ilbvm() {
+ log_it "Setting up Internal Load Balancer system vm"
+ setup_common eth0 eth1
+ #eth0 = guest network, eth1=control network
-# Make sure Udev doesn't block our network
-function cleanup_dev() {
- echo "cleaning up udev rules"
- rm -f /etc/udev/rules.d/70-persistent-net.rules
- rm -rf /dev/.udev/
- rm -f /lib/udev/rules.d/75-persistent-net-generator.rules
-}
+ sed -i /$NAME/d /etc/hosts
+ echo "$ETH0_IP $NAME" >> /etc/hosts
+
+ cp /etc/iptables/iptables-ilbvm /etc/iptables/rules.v4
+ cp /etc/iptables/iptables-ilbvm /etc/iptables/rules
+ setup_sshd $ETH1_IP "eth1"
-function cleanup() {
- cleanup_apt
- cleanup_dhcp
- cleanup_dev
+ enable_fwding 0
+ enable_irqbalance 1
}
-return 2>/dev/null || cleanup
+ilbvm_svcs
+if [ $? -gt 0 ]
+then
+ log_it "Failed to execute ilbvm svcs"
+ exit 1
+fi
+setup_ilbvm
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/patchsystemvm.sh b/systemvm/patches/debian/config/opt/cloud/bin/setup/patchsystemvm.sh
new file mode 100755
index 0000000..43c3c92
--- /dev/null
+++ b/systemvm/patches/debian/config/opt/cloud/bin/setup/patchsystemvm.sh
@@ -0,0 +1,57 @@
+#/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+#set -x
+logfile="/var/log/patchsystemvm.log"
+
+# To use existing console proxy .zip-based package file
+patch_systemvm() {
+ local patchfile=$1
+ local backupfolder="/tmp/.conf.backup"
+ if [ -f /usr/local/cloud/systemvm/conf/cloud.jks ]; then
+ rm -fr $backupfolder
+ mkdir -p $backupfolder
+ cp -r /usr/local/cloud/systemvm/conf/* $backupfolder/
+ fi
+ rm /usr/local/cloud/systemvm -rf
+ mkdir -p /usr/local/cloud/systemvm
+ echo "All" | unzip $patchfile -d /usr/local/cloud/systemvm >$logfile 2>&1
+ find /usr/local/cloud/systemvm/ -name \*.sh | xargs chmod 555
+ if [ -f $backupfolder/cloud.jks ]; then
+ cp -r $backupfolder/* /usr/local/cloud/systemvm/conf/
+ echo "Restored keystore file and certs using backup" >> $logfile
+ fi
+ rm -fr $backupfolder
+ return 0
+}
+
+CMDLINE=/var/cache/cloud/cmdline
+PATCH_MOUNT=$1
+TYPE=$2
+
+echo "Patching systemvm for cloud service with mount=$PATCH_MOUNT for type=$TYPE" >> $logfile
+
+if [ "$TYPE" == "consoleproxy" ] || [ "$TYPE" == "secstorage" ] && [ -f ${PATCH_MOUNT}/systemvm.zip ]
+then
+ patch_systemvm ${PATCH_MOUNT}/systemvm.zip
+ if [ $? -gt 0 ]
+ then
+ echo "Failed to apply patch systemvm\n" >> $logfile
+ exit 1
+ fi
+fi
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/router.sh b/systemvm/patches/debian/config/opt/cloud/bin/setup/router.sh
new file mode 100755
index 0000000..d9fadfe
--- /dev/null
+++ b/systemvm/patches/debian/config/opt/cloud/bin/setup/router.sh
@@ -0,0 +1,106 @@
+#!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+. /opt/cloud/bin/setup/common.sh
+
+setup_router() {
+ log_it "Setting up virtual router system vm"
+
+ #To save router public interface and gw ip information
+ touch /var/cache/cloud/ifaceGwIp
+
+ oldmd5=
+ [ -f "/etc/udev/rules.d/70-persistent-net.rules" ] && oldmd5=$(md5sum "/etc/udev/rules.d/70-persistent-net.rules" | awk '{print $1}')
+
+ if [ -n "$ETH2_IP" ]
+ then
+ setup_common eth0 eth1 eth2
+
+ if [ -n "$EXTRA_PUBNICS" ]
+ then
+ for((i = 3; i < 3 + $EXTRA_PUBNICS; i++))
+ do
+ setup_interface "$i" "0.0.0.0" "255.255.255.255" $GW "force"
+ done
+ fi
+ else
+ setup_common eth0 eth1
+ if [ -n "$EXTRA_PUBNICS" ]
+ then
+ for((i = 2; i < 2 + $EXTRA_PUBNICS; i++))
+ do
+ setup_interface "$i" "0.0.0.0" "255.255.255.255" $GW "force"
+ done
+ fi
+ fi
+
+ if [ -n "$ETH2_IP" -a "$RROUTER" == "1" ]
+ then
+ setup_redundant_router
+ fi
+
+ log_it "Checking udev NIC assignment order changes"
+ if [ "$NIC_MACS" != "" ]
+ then
+ init_interfaces_orderby_macs "$NIC_MACS" "/tmp/interfaces" "/tmp/udev-rules"
+ newmd5=$(md5sum "/tmp/udev-rules" | awk '{print $1}')
+ rm /tmp/interfaces
+ rm /tmp/udev-rules
+
+ if [ "$oldmd5" != "$newmd5" ]
+ then
+ log_it "udev NIC assignment requires reboot to take effect"
+ sync
+ sleep 2
+ reboot
+ fi
+ fi
+
+ setup_aesni
+ setup_dnsmasq
+ setup_apache2 $ETH0_IP
+
+ sed -i /$NAME/d /etc/hosts
+ echo "$ETH0_IP $NAME" >> /etc/hosts
+
+ enable_irqbalance 1
+ disable_rpfilter_domR
+ enable_fwding 1
+ enable_rpsrfs 1
+ cp /etc/iptables/iptables-router /etc/iptables/rules.v4
+ #for old templates
+ cp /etc/iptables/iptables-router /etc/iptables/rules
+ setup_sshd $ETH1_IP "eth1"
+
+ #Only allow DNS service for current network
+ sed -i "s/-A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p udp -m udp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules.v4
+ sed -i "s/-A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p udp -m udp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules
+ sed -i "s/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules.v4
+ sed -i "s/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules
+
+ #setup hourly logrotate
+ mv -n /etc/cron.daily/logrotate /etc/cron.hourly 2>&1
+}
+
+routing_svcs
+if [ $? -gt 0 ]
+then
+ log_it "Failed to execute routing_svcs"
+ exit 1
+fi
+setup_router
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/secstorage.sh b/systemvm/patches/debian/config/opt/cloud/bin/setup/secstorage.sh
new file mode 100755
index 0000000..327353c
--- /dev/null
+++ b/systemvm/patches/debian/config/opt/cloud/bin/setup/secstorage.sh
@@ -0,0 +1,90 @@
+#!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+. /opt/cloud/bin/setup/common.sh
+
+secstorage_svcs() {
+ echo "apache2 cloud ssh nfs-common portmap" > /var/cache/cloud/enabled_svcs
+ echo "cloud-passwd-srvr conntrackd keepalived haproxy dnsmasq" > /var/cache/cloud/disabled_svcs
+ mkdir -p /var/log/cloud
+}
+
+setup_secstorage() {
+ log_it "Setting up secondary storage system vm"
+ sysctl vm.min_free_kbytes=8192
+
+ setup_common eth0 eth1 eth2
+ setup_storage_network
+ setup_system_rfc1918_internal
+
+ log_it "Setting up entry in hosts"
+ sed -i /$NAME/d /etc/hosts
+ public_ip=`getPublicIp`
+ echo "$public_ip $NAME" >> /etc/hosts
+
+ log_it "Applying iptables rules"
+ cp /etc/iptables/iptables-secstorage /etc/iptables/rules.v4
+ cp /etc/iptables/iptables-secstorage /etc/iptables/rules
+
+ log_it "Configuring sshd"
+ local hyp=$HYPERVISOR
+ if [ "$hyp" == "vmware" ] || [ "$hyp" == "hyperv" ]; then
+ setup_sshd $ETH1_IP "eth1"
+ else
+ setup_sshd $ETH0_IP "eth0"
+ fi
+
+ log_it "Configuring apache2"
+ setup_apache2 $ETH2_IP
+
+ # Deprecated, should move to Cs Python all of it
+ sed -e "s/<VirtualHost .*:80>/<VirtualHost $ETH2_IP:80>/" \
+ -e "s/<VirtualHost .*:443>/<VirtualHost $ETH2_IP:443>/" \
+ -e "s/Listen .*:80/Listen $ETH2_IP:80/g" \
+ -e "s/Listen .*:443/Listen $ETH2_IP:443/g" /etc/apache2/vhost.template > /etc/apache2/sites-enabled/vhost-${ETH2_IP}.conf
+
+ log_it "Setting up apache2 for post upload of volume/template"
+ a2enmod proxy
+ a2enmod proxy_http
+ a2enmod headers
+
+ cat >/etc/apache2/cors.conf <<CORS
+RewriteEngine On
+RewriteCond %{HTTPS} =on
+RewriteCond %{REQUEST_METHOD} =POST
+RewriteRule ^/upload/(.*) http://127.0.0.1:8210/upload?uuid=\$1 [P,L]
+Header always set Access-Control-Allow-Origin "*"
+Header always set Access-Control-Allow-Methods "POST, OPTIONS"
+Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token, x-signature, x-metadata, x-expires"
+CORS
+
+ disable_rpfilter
+ enable_fwding 0
+ enable_irqbalance 0
+ setup_ntp
+
+ rm -f /etc/logrotate.d/cloud
+}
+
+secstorage_svcs
+if [ $? -gt 0 ]
+then
+ log_it "Failed to execute secstorage_svcs"
+ exit 1
+fi
+setup_secstorage
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/vpcrouter.sh b/systemvm/patches/debian/config/opt/cloud/bin/setup/vpcrouter.sh
new file mode 100755
index 0000000..bd1181f
--- /dev/null
+++ b/systemvm/patches/debian/config/opt/cloud/bin/setup/vpcrouter.sh
@@ -0,0 +1,129 @@
+#!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+. /opt/cloud/bin/setup/common.sh
+
+setup_vpcrouter() {
+ log_it "Setting up VPC virtual router system vm"
+
+ if [ -f /etc/hosts ]; then
+ grep -q $NAME /etc/hosts || echo "127.0.0.1 $NAME" >> /etc/hosts;
+ fi
+
+ cat > /etc/network/interfaces << EOF
+auto lo eth0
+iface lo inet loopback
+EOF
+ setup_interface "0" $ETH0_IP $ETH0_MASK $GW
+
+ echo $NAME > /etc/hostname
+ echo 'AVAHI_DAEMON_DETECT_LOCAL=0' > /etc/default/avahi-daemon
+ hostnamectl set-hostname $NAME
+
+ #Nameserver
+ sed -i -e "/^nameserver.*$/d" /etc/resolv.conf # remove previous entries
+ sed -i -e "/^nameserver.*$/d" /etc/dnsmasq-resolv.conf # remove previous entries
+ if [ -n "$internalNS1" ]
+ then
+ echo "nameserver $internalNS1" > /etc/dnsmasq-resolv.conf
+ echo "nameserver $internalNS1" > /etc/resolv.conf
+ fi
+
+ if [ -n "$internalNS2" ]
+ then
+ echo "nameserver $internalNS2" >> /etc/dnsmasq-resolv.conf
+ echo "nameserver $internalNS2" >> /etc/resolv.conf
+ fi
+ if [ -n "$NS1" ]
+ then
+ echo "nameserver $NS1" >> /etc/dnsmasq-resolv.conf
+ echo "nameserver $NS1" >> /etc/resolv.conf
+ fi
+
+ if [ -n "$NS2" ]
+ then
+ echo "nameserver $NS2" >> /etc/dnsmasq-resolv.conf
+ echo "nameserver $NS2" >> /etc/resolv.conf
+ fi
+ if [ -n "$MGMTNET" -a -n "$LOCAL_GW" ]
+ then
+ if [ "$HYPERVISOR" == "vmware" ] || [ "$HYPERVISOR" == "hyperv" ];
+ then
+ ip route add $MGMTNET via $LOCAL_GW dev eth0
+
+ # a hacking way to activate vSwitch under VMware
+ ping -n -c 3 $LOCAL_GW &
+ sleep 3
+ pkill ping
+ fi
+ fi
+
+ if [ "$RROUTER" == "1" ]
+ then
+ setup_redundant_router
+ fi
+
+ ip route delete default
+ # create route table for static route
+
+ sudo echo "252 static_route" >> /etc/iproute2/rt_tables 2>/dev/null
+ sudo echo "251 static_route_back" >> /etc/iproute2/rt_tables 2>/dev/null
+ sudo ip rule add from $VPCCIDR table static_route 2>/dev/null
+ sudo ip rule add from $VPCCIDR table static_route_back 2>/dev/null
+
+ setup_vpc_apache2
+
+ enable_irqbalance 1
+ enable_vpc_rpsrfs 1
+ disable_rpfilter
+ enable_fwding 1
+ cp /etc/iptables/iptables-vpcrouter /etc/iptables/rules.v4
+ cp /etc/iptables/iptables-vpcrouter /etc/iptables/rules
+ setup_sshd $ETH0_IP "eth0"
+ cp /etc/vpcdnsmasq.conf /etc/dnsmasq.conf
+ cp /etc/cloud-nic.rules /etc/udev/rules.d/cloud-nic.rules
+ echo "" > /etc/dnsmasq.d/dhcphosts.txt
+ echo "dhcp-hostsfile=/etc/dhcphosts.txt" > /etc/dnsmasq.d/cloud.conf
+
+ [ -z $DOMAIN ] && DOMAIN="cloudnine.internal"
+ #DNS server will append $DOMAIN to local queries
+ sed -r -i s/^[#]?domain=.*$/domain=$DOMAIN/ /etc/dnsmasq.conf
+ #answer all local domain queries
+ sed -i -e "s/^[#]*local=.*$/local=\/$DOMAIN\//" /etc/dnsmasq.conf
+
+ command -v dhcp_release > /dev/null 2>&1
+ no_dhcp_release=$?
+ if [ $no_dhcp_release -eq 0 ]
+ then
+ echo 1 > /var/cache/cloud/dnsmasq_managed_lease
+ sed -i -e "/^leasefile-ro/d" /etc/dnsmasq.conf
+ else
+ echo 0 > /var/cache/cloud/dnsmasq_managed_lease
+ fi
+
+ #setup hourly logrotate
+ mv -n /etc/cron.daily/logrotate /etc/cron.hourly 2>&1
+}
+
+routing_svcs
+if [ $? -gt 0 ]
+then
+ log_it "Failed to execute routing_svcs"
+ exit 1
+fi
+setup_vpcrouter
diff --git a/systemvm/patches/debian/config/opt/cloud/templates/check_heartbeat.sh.templ b/systemvm/patches/debian/config/opt/cloud/templates/check_heartbeat.sh.templ
index 6a0d8a9..a9cbf30 100755
--- a/systemvm/patches/debian/config/opt/cloud/templates/check_heartbeat.sh.templ
+++ b/systemvm/patches/debian/config/opt/cloud/templates/check_heartbeat.sh.templ
@@ -47,9 +47,9 @@ then
if [ $s -gt 2 ]
then
echo Keepalived process is dead! >> $ROUTER_LOG
- service keepalived stop >> $ROUTER_LOG 2>&1
- service conntrackd stop >> $ROUTER_LOG 2>&1
-
+ systemctl stop keepalived >> $ROUTER_LOG 2>&1
+ systemctl stop conntrackd >> $ROUTER_LOG 2>&1
+
#Set fault so we have the same effect as a KeepaliveD fault.
python /opt/cloud/bin/master.py --fault
diff --git a/systemvm/patches/debian/config/root/.ssh/authorized_keys b/systemvm/patches/debian/config/root/.ssh/authorized_keys
index 7286760..c09f637 100644
--- a/systemvm/patches/debian/config/root/.ssh/authorized_keys
+++ b/systemvm/patches/debian/config/root/.ssh/authorized_keys
@@ -1 +1 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvFu3MLSPphFRBR1yM7nBukXWS9gPdAXfqq9cfC8ZqQN9ybi531aj44CybZ4BVT4kLfzbAs7+7nJeSIpPHxjv9XFqbxjIxoFeGYkj7s0RrJgtsEmvAAubZ3mYboUAYUivMgnJFLnv4VqyAbpjix6CfECUiU4ygwo24F3F6bAmhl4Vo1R5TSUdDIX876YePJTFtuVkLl4lu/+xw1QRWrgaSFosGICT37IKY7RjE79Ozb0GjNHyJPPgVAGkUVO4LawroL9dYOBlzdHpmqqA9Kc44oQBpvcU7s1+ezRTt7fZNnP7TG9ninZtrvnP4qmwAc4iUJ7N1bwh0mCblnoTfZ28hw== anthony@mobl-ant
+ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEA2RIE3hgSAD8zULuyE7KDW9EKh2oVbNGY7iSL/VI5xHLISKh4e8ksTshWjlGBtrUCnuzR7y2BUxZ65RI8XkB1fEDxcOU4/0lVPvJYDSsGveXoOgpLwOtKRoGLgjFUGzBQlj2s6YaYQxoNTqtBVkDIH6ekPNq0Q38hRrFcsVIk1sFo5ejuvFxt2wx6APcFIQtHSNezEDO0GVUScDU1N1YEMMv1PU3M/SrcezkXrGl/efF3kWtY9L5xm7sojHMCCqsI38r8ogof67F7JdWRXM6Nl3VzkdCBzWGcyAl+cYfjzgOiBGXyAyYBk8qqzJjKwUOtdjfRvCyowA/0xBwMW1T7PQ==
diff --git a/systemvm/scripts/_run.sh b/systemvm/scripts/_run.sh
index 6d77002..96cc88b 100755
--- a/systemvm/scripts/_run.sh
+++ b/systemvm/scripts/_run.sh
@@ -16,24 +16,16 @@
# specific language governing permissions and limitations
# under the License.
+# run.sh runs the cloud service
+#set -x
+# make sure we delete the old files from the original template
+rm -f console-proxy.jar
+rm -f console-common.jar
+rm -f conf/cloud.properties
-
+CP="./:./conf:$(ls *.jar | tr '\n' ':' | sed s'/.$//')"
-#run.sh runs the console proxy.
-
-# make sure we delete the old files from the original template
-rm console-proxy.jar
-rm console-common.jar
-rm conf/cloud.properties
-
-set -x
-
-CP=./:./conf
-for file in *.jar
-do
- CP=${CP}:$file
-done
keyvalues=
LOGHOME=/var/log/cloud/
@@ -50,7 +42,7 @@ for i in $CMDLINE
keyvalues="${keyvalues} $KEY=$VALUE"
esac
done
-
+
tot_mem_k=$(cat /proc/meminfo | grep MemTotal | awk '{print $2}')
let "tot_mem_m=tot_mem_k>>10"
let "eightypcnt=$tot_mem_m*8/10"
diff --git a/systemvm/scripts/config_ssl.sh b/systemvm/scripts/config_ssl.sh
index 8635887..931c1a5 100755
--- a/systemvm/scripts/config_ssl.sh
+++ b/systemvm/scripts/config_ssl.sh
@@ -49,7 +49,6 @@ config_apache2_conf() {
sed -i -e "s/<VirtualHost.*>/<VirtualHost $ip:443>/" /etc/apache2/sites-available/default-ssl
sed -i -e "s/Listen .*:80/Listen $ip:80/g" /etc/apache2/ports.conf
sed -i -e "s/Listen .*:443/Listen $ip:443/g" /etc/apache2/ports.conf
- sed -i -e "s/NameVirtualHost .*:80/NameVirtualHost $ip:80/g" /etc/apache2/ports.conf
sed -i 's/ssl-cert-snakeoil.key/cert_apache.key/' /etc/apache2/sites-available/default-ssl
sed -i 's/ssl-cert-snakeoil.pem/cert_apache.crt/' /etc/apache2/sites-available/default-ssl
sed -i 's/SSLProtocol.*$/SSLProtocol all -SSLv2 -SSLv3/' /etc/apache2/sites-available/default-ssl
diff --git a/systemvm/scripts/run.sh b/systemvm/scripts/run.sh
index 1e12f12..7923a34 100755
--- a/systemvm/scripts/run.sh
+++ b/systemvm/scripts/run.sh
@@ -16,10 +16,6 @@
# specific language governing permissions and limitations
# under the License.
-
-
-
-
#_run.sh runs the agent client.
# set -x
diff --git a/systemvm/systemvm-descriptor.xml b/systemvm/systemvm-descriptor.xml
index eec916e..ce5ae4b 100644
--- a/systemvm/systemvm-descriptor.xml
+++ b/systemvm/systemvm-descriptor.xml
@@ -58,8 +58,8 @@
<fileMode>555</fileMode>
<includes>
<include>log4j-cloud.xml</include>
- <include>consoleproxy.properties</include>
- <include>agent.properties</include>
+ <include>consoleproxy.properties</include>
+ <include>agent.properties</include>
</includes>
</fileSet>
<fileSet>
@@ -69,7 +69,7 @@
<fileMode>555</fileMode>
<includes>
<include>*.jpg</include>
- <include>*.gif</include>
+ <include>*.gif</include>
<include>*.png</include>
<include>*.cur</include>
</includes>
diff --git a/test/integration/component/test_browse_templates.py b/test/integration/component/test_browse_templates.py
index 445fae8..0875d01 100644
--- a/test/integration/component/test_browse_templates.py
+++ b/test/integration/component/test_browse_templates.py
@@ -856,7 +856,7 @@ class TestBrowseUploadVolume(cloudstackTestCase):
self.apiclient.connection.user,
self.apiclient.connection.passwd,
ssvm.privateip,
- "service cloud status",
+ "systemctl is-active cloud",
hypervisor=self.hypervisor
)
else:
@@ -868,7 +868,7 @@ class TestBrowseUploadVolume(cloudstackTestCase):
host.user,
host.passwd,
ssvm.linklocalip,
- "service cloud status"
+ "systemctl is-active cloud"
)
except KeyError:
self.skipTest("Marvin configuration has no host credentials to check router services")
@@ -876,7 +876,7 @@ class TestBrowseUploadVolume(cloudstackTestCase):
self.debug("Cloud Process status: %s" % res)
# Apache CloudStack service (type=secstorage) is running: process id: 2346
self.assertEqual(
- res.count("is running"),
+ res.count("active"),
1,
"Check cloud service is running or not"
)
diff --git a/test/integration/component/test_browse_volumes.py b/test/integration/component/test_browse_volumes.py
index 390d0ab..08a41b4 100644
--- a/test/integration/component/test_browse_volumes.py
+++ b/test/integration/component/test_browse_volumes.py
@@ -1288,7 +1288,7 @@ class TestBrowseUploadVolume(cloudstackTestCase):
self.apiclient.connection.user,
self.apiclient.connection.passwd,
ssvm.privateip,
- "service cloud status",
+ "systemctl is-active cloud",
hypervisor=self.hypervisor
)
else:
@@ -1300,7 +1300,7 @@ class TestBrowseUploadVolume(cloudstackTestCase):
host.user,
host.passwd,
ssvm.linklocalip,
- "service cloud status"
+ "systemctl is-active cloud"
)
except KeyError:
self.skipTest("Marvin configuration has no host credentials to check router services")
@@ -1308,7 +1308,7 @@ class TestBrowseUploadVolume(cloudstackTestCase):
self.debug("Cloud Process status: %s" % res)
# Apache CloudStack service (type=secstorage) is running: process id: 2346
self.assertEqual(
- res.count("is running"),
+ res.count("active"),
1,
"Check cloud service is running or not"
)
diff --git a/test/integration/component/test_security_groups.py b/test/integration/component/test_security_groups.py
index b3620be..f95bd74 100755
--- a/test/integration/component/test_security_groups.py
+++ b/test/integration/component/test_security_groups.py
@@ -767,13 +767,13 @@ class TestDhcpOnlyRouter(cloudstackTestCase):
self.testdata['configurableData']['host']["username"],
self.testdata['configurableData']['host']["password"],
router.linklocalip,
- "service dnsmasq status"
+ "systemctl is-active dnsmasq"
)
res = str(result)
self.debug("Dnsmasq process status: %s" % res)
self.assertEqual(
- res.count("running"),
+ res.count("active"),
1,
"Check dnsmasq service is running or not"
)
diff --git a/test/integration/smoke/test_list_ids_parameter.py b/test/integration/smoke/test_list_ids_parameter.py
index f679aed..cc45ce3 100755
--- a/test/integration/smoke/test_list_ids_parameter.py
+++ b/test/integration/smoke/test_list_ids_parameter.py
@@ -105,20 +105,20 @@ class TestListIdsParams(cloudstackTestCase):
mode=cls.services["mode"]
)
- #Take 3 VM1 Snapshots
- #PLEASE UNCOMMENT ONCE VM SNAPSHOT DELAY BUG AFTER VM CREATION IS FIXED
- """cls.vmsnapshot_1 = VmSnapshot.create(
- cls.apiclient,
- cls.virtual_machine_1.id
- )
- cls.vmsnapshot_2 = VmSnapshot.create(
- cls.apiclient,
- cls.virtual_machine_1.id
- )
- cls.vmsnapshot_3 = VmSnapshot.create(
- cls.apiclient,
- cls.virtual_machine_1.id
- )"""
+# Take 3 VM1 Snapshots
+# PLEASE UNCOMMENT ONCE VM SNAPSHOT DELAY BUG AFTER VM CREATION IS FIXED
+# cls.vmsnapshot_1 = VmSnapshot.create(
+# cls.apiclient,
+# cls.virtual_machine_1.id
+# )
+# cls.vmsnapshot_2 = VmSnapshot.create(
+# cls.apiclient,
+# cls.virtual_machine_1.id
+# )
+# cls.vmsnapshot_3 = VmSnapshot.create(
+# cls.apiclient,
+# cls.virtual_machine_1.id
+# )
#Stop VMs
cls.virtual_machine_1.stop(cls.apiclient)
@@ -229,7 +229,7 @@ class TestListIdsParams(cloudstackTestCase):
3,
"ListVolumes response expected 3 Volumes, received %s" % len(list_volume_response)
)
-
+
@attr(tags = ["advanced", "advancedns", "smoke", "basic"], required_hardware="false")
def test_02_list_templates(self):
"""Test listing Templates using 'ids' parameter
@@ -273,23 +273,23 @@ class TestListIdsParams(cloudstackTestCase):
"ListSnapshots response expected 3 Snapshots, received %s" % len(list_snapshot_response)
)
- #PLEASE UNCOMMENT ONCE VM SNAPSHOT DELAY BUG AFTER VM CREATION IS FIXED
- #@attr(tags = ["advanced", "advancedns", "smoke", "basic"], required_hardware="false")
- #def test_04_list_vm_snapshots(self):
- """Test listing VMSnapshots using 'vmsnapshotids' parameter
- """
- """list_vm_snapshot_response = VmSnapshot.list(
- self.apiclient,
- vmsnapshotids=[self.vmsnapshot_1.id, self.vmsnapshot_2.id, self.vmsnapshot_3.id],
- listall=True
- )
- self.assertEqual(
- isinstance(list_vm_snapshot_response, list),
- True,
- "ListVMSnapshots response was not a valid list"
- )
- self.assertEqual(
- len(list_vm_snapshot_response),
- 3,
- "ListVMSnapshots response expected 3 VMSnapshots, received %s" % len(list_vm_snapshot_response)
- )"""
+# PLEASE UNCOMMENT ONCE VM SNAPSHOT DELAY BUG AFTER VM CREATION IS FIXED
+# @attr(tags = ["advanced", "advancedns", "smoke", "basic"], required_hardware="false")
+# def test_04_list_vm_snapshots(self):
+# """Test listing VMSnapshots using 'vmsnapshotids' parameter
+# """
+# list_vm_snapshot_response = VmSnapshot.list(
+# self.apiclient,
+# vmsnapshotids=[self.vmsnapshot_1.id, self.vmsnapshot_2.id, self.vmsnapshot_3.id],
+# listall=True
+# )
+# self.assertEqual(
+# isinstance(list_vm_snapshot_response, list),
+# True,
+# "ListVMSnapshots response was not a valid list"
+# )
+# self.assertEqual(
+# len(list_vm_snapshot_response),
+# 3,
+# "ListVMSnapshots response expected 3 VMSnapshots, received %s" % len(list_vm_snapshot_response)
+# )
diff --git a/test/integration/smoke/test_loadbalance.py b/test/integration/smoke/test_loadbalance.py
index 7ca5cf8..8e958a9 100644
--- a/test/integration/smoke/test_loadbalance.py
+++ b/test/integration/smoke/test_loadbalance.py
@@ -120,29 +120,30 @@ class TestLoadBalance(cloudstackTestCase):
cleanup_resources(cls.apiclient, cls._cleanup)
return
- def try_ssh(self, ip_addr, unameCmd):
+ def try_ssh(self, ip_addr, unameCmd, firstAttempt=False):
try:
self.debug(
"SSH into VM (IPaddress: %s) & NAT Rule (Public IP: %s)" %
(self.vm_1.ipaddress, ip_addr)
)
- # If Round Robin Algorithm is chosen,
+ retries = 3
+ if firstAttempt:
+ retries = 30
+ # If Round Robin Algorithm is chosen,
# each ssh command should alternate between VMs
-
ssh_1 = SshClient(
ip_addr,
self.services['lbrule']["publicport"],
self.vm_1.username,
self.vm_1.password,
- retries=10
+ retries=retries
)
unameCmd.append(ssh_1.execute("uname")[0])
self.debug(unameCmd)
except Exception as e:
self.fail("%s: SSH failed for VM with IP Address: %s" %
(e, ip_addr))
- time.sleep(10)
- return
+ time.sleep(5)
@attr(tags = ["advanced", "advancedns", "smoke"], required_hardware="true")
def test_01_create_lb_rule_src_nat(self):
@@ -256,7 +257,7 @@ class TestLoadBalance(cloudstackTestCase):
unameResults = []
- self.try_ssh(src_nat_ip_addr.ipaddress, unameResults)
+ self.try_ssh(src_nat_ip_addr.ipaddress, unameResults, True)
self.try_ssh(src_nat_ip_addr.ipaddress, unameResults)
self.try_ssh(src_nat_ip_addr.ipaddress, unameResults)
self.try_ssh(src_nat_ip_addr.ipaddress, unameResults)
diff --git a/test/integration/smoke/test_router_dns.py b/test/integration/smoke/test_router_dns.py
index ef77224..9b4ca7e 100644
--- a/test/integration/smoke/test_router_dns.py
+++ b/test/integration/smoke/test_router_dns.py
@@ -256,7 +256,7 @@ class TestRouterDns(cloudstackTestCase):
result = None
try:
self.logger.debug("SSH into guest VM with IP: %s" % nat_rule1.ipaddress)
- ssh = self.vm.get_ssh_client(ipaddress=nat_rule1.ipaddress, port=self.services['natrule1']["publicport"], retries=8)
+ ssh = self.vm.get_ssh_client(ipaddress=nat_rule1.ipaddress, port=self.services['natrule1']["publicport"], retries=15)
result = str(ssh.execute("nslookup google.com"))
except Exception as e:
self.fail("Failed to SSH into VM - %s due to exception: %s" % (nat_rule1.ipaddress, e))
diff --git a/test/integration/smoke/test_router_dnsservice.py b/test/integration/smoke/test_router_dnsservice.py
index 436d9e4..ffadec7 100644
--- a/test/integration/smoke/test_router_dnsservice.py
+++ b/test/integration/smoke/test_router_dnsservice.py
@@ -92,8 +92,8 @@ class TestRouterDnsService(cloudstackTestCase):
zoneid=cls.zone.id)
cls.logger.debug("Creating guest VM for Account %s using offering %s" % (cls.account.name, cls.service_offering.id))
- cls.services["virtual_machine"]["displayname"] = VM1_NAME;
- cls.services["virtual_machine"]["name"] = VM1_NAME;
+ cls.services["virtual_machine"]["displayname"] = VM1_NAME
+ cls.services["virtual_machine"]["name"] = VM1_NAME
cls.vm1 = VirtualMachine.create(cls.api_client,
cls.services["virtual_machine"],
templateid=cls.template.id,
@@ -102,10 +102,10 @@ class TestRouterDnsService(cloudstackTestCase):
serviceofferingid=cls.service_offering.id,
networkids=[str(cls.network.id)])
cls.vm1.password = "password"
- cls.logger.debug("Created VM named %s" % VM1_NAME);
-
- cls.services["virtual_machine"]["displayname"] = VM2_NAME;
- cls.services["virtual_machine"]["name"] = VM2_NAME;
+ cls.logger.debug("Created VM named %s" % VM1_NAME)
+
+ cls.services["virtual_machine"]["displayname"] = VM2_NAME
+ cls.services["virtual_machine"]["name"] = VM2_NAME
cls.vm2 = VirtualMachine.create(cls.api_client,
cls.services["virtual_machine"],
templateid=cls.template.id,
@@ -114,7 +114,7 @@ class TestRouterDnsService(cloudstackTestCase):
serviceofferingid=cls.service_offering.id,
networkids=[str(cls.network.id)])
cls.vm2.password = "password"
- cls.logger.debug("Created VM named %s" % VM2_NAME);
+ cls.logger.debug("Created VM named %s" % VM2_NAME)
cls.services["natrule1"] = {
"privateport": 22,
@@ -256,7 +256,7 @@ class TestRouterDnsService(cloudstackTestCase):
result1 = None
try:
self.logger.debug("SSH into guest VM with IP: %s" % nat_rule1.ipaddress)
- ssh = self.vm1.get_ssh_client(ipaddress=nat_rule1.ipaddress, port=self.services['natrule1']["publicport"], retries=8)
+ ssh = self.vm1.get_ssh_client(ipaddress=nat_rule1.ipaddress, port=self.services['natrule1']["publicport"], retries=15)
result1 = str(ssh.execute("nslookup %s" % VM1_NAME))
self.logger.debug("nslookup %s: %s " % (VM1_NAME, result1))
result2 = str(ssh.execute("nslookup %s" % VM2_NAME))
diff --git a/test/integration/smoke/test_routers.py b/test/integration/smoke/test_routers.py
index c6aa496..070841e 100644
--- a/test/integration/smoke/test_routers.py
+++ b/test/integration/smoke/test_routers.py
@@ -171,7 +171,7 @@ class TestRouterServices(cloudstackTestCase):
self.apiclient.connection.user,
self.apiclient.connection.passwd,
router.linklocalip,
- "service dnsmasq status",
+ "systemctl is-active dnsmasq",
hypervisor=self.hypervisor
)
else:
@@ -184,7 +184,7 @@ class TestRouterServices(cloudstackTestCase):
host.user,
host.passwd,
router.linklocalip,
- "service dnsmasq status"
+ "systemctl is-active dnsmasq"
)
except KeyError:
@@ -195,7 +195,7 @@ class TestRouterServices(cloudstackTestCase):
self.debug("Dnsmasq process status: %s" % res)
self.assertEqual(
- res.count("running"),
+ res.count("active"),
1,
"Check dnsmasq service is running or not"
)
@@ -251,7 +251,7 @@ class TestRouterServices(cloudstackTestCase):
self.apiclient.connection.user,
self.apiclient.connection.passwd,
router.linklocalip,
- "service dnsmasq status",
+ "systemctl is-active dnsmasq",
hypervisor=self.hypervisor
)
else:
@@ -264,7 +264,7 @@ class TestRouterServices(cloudstackTestCase):
host.user,
host.passwd,
router.linklocalip,
- "service dnsmasq status"
+ "systemctl is-active dnsmasq"
)
except KeyError:
self.skipTest(
@@ -273,7 +273,7 @@ class TestRouterServices(cloudstackTestCase):
res = str(result)
self.debug("Dnsmasq process status: %s" % res)
self.assertEqual(
- res.count("running"),
+ res.count("active"),
1,
"Check dnsmasq service is running or not"
)
@@ -285,7 +285,7 @@ class TestRouterServices(cloudstackTestCase):
self.apiclient.connection.user,
self.apiclient.connection.passwd,
router.linklocalip,
- "service haproxy status",
+ "systemctl is-active haproxy",
hypervisor=self.hypervisor
)
else:
@@ -298,7 +298,7 @@ class TestRouterServices(cloudstackTestCase):
host.user,
host.passwd,
router.linklocalip,
- "service haproxy status"
+ "systemctl is-active haproxy"
)
except KeyError:
self.skipTest(
@@ -306,7 +306,7 @@ class TestRouterServices(cloudstackTestCase):
to check router services")
res = str(result)
self.assertEqual(
- res.count("running"),
+ res.count("active"),
1,
"Check haproxy service is running or not"
)
diff --git a/test/integration/smoke/test_ssvm.py b/test/integration/smoke/test_ssvm.py
index 616f8b3..41db1ab 100644
--- a/test/integration/smoke/test_ssvm.py
+++ b/test/integration/smoke/test_ssvm.py
@@ -44,7 +44,7 @@ _multiprocess_shared_ = True
class TestSSVMs(cloudstackTestCase):
def setUp(self):
- test_case = super(TestSSVMs, self)
+ test_case = super(TestSSVMs, self)
self.apiclient = self.testClient.getApiClient()
self.hypervisor = self.testClient.getHypervisorInfo()
self.cleanup = []
@@ -57,40 +57,52 @@ class TestSSVMs(cloudstackTestCase):
self.logger.setLevel(logging.DEBUG)
self.logger.addHandler(self.stream_handler)
- # Default sleep is set to 90 seconds, which is too long if the SSVM takes up to 2min to start.
- # Second sleep in the loop will waste test time.
- self.services["sleep"] = 30
- # Default value is 120 seconds. That's just too much.
- self.services["configurableData"]["systemVmDelay"] = 60
-
- return
-
def tearDown(self):
try:
- # Clean up, terminate the created templates
cleanup_resources(self.apiclient, self.cleanup)
-
except Exception as e:
raise Exception("Warning: Exception during cleanup : %s" % e)
- return
def waitForSystemVMAgent(self, vmname):
- timeout = 120
-
- while True:
+ def checkRunningAgent():
list_host_response = list_hosts(
self.apiclient,
name=vmname
)
+ if isinstance(list_host_response, list):
+ return list_host_response[0].state == 'Up', None
+ return False, None
- if list_host_response and list_host_response[0].state == 'Up':
- break
+ res, _ = wait_until(3, self.services["sleep"], checkRunningAgent)
+ if not res:
+ raise Exception("Failed to wait for SSVM agent to be Up")
+
+ def checkForRunningSystemVM(self, ssvm, ssvm_type=None):
+ if not ssvm:
+ return None
+
+ def checkRunningState():
+ if not ssvm_type:
+ response = list_ssvms(
+ self.apiclient,
+ id=ssvm.id
+ )
+ else:
+ response = list_ssvms(
+ self.apiclient,
+ zoneid=self.zone.id,
+ systemvmtype=ssvm_type
+ )
- if timeout == 0:
- raise Exception("Timed out waiting for SSVM agent to be Up")
+ if isinstance(response, list):
+ ssvm_response = response[0]
+ return ssvm_response.state == 'Running', ssvm_response
+ return False, None
- time.sleep(1)
- timeout = timeout - 1
+ res, ssvm_response = wait_until(3, self.services["sleep"], checkRunningState)
+ if not res:
+ self.fail("Failed to reach systemvm state to Running")
+ return ssvm_response
@attr(
tags=[
@@ -228,7 +240,6 @@ class TestSSVMs(cloudstackTestCase):
zone_response[0].dns2,
"Check DNS2 with that of corresponding zone"
)
- return
@attr(
tags=[
@@ -360,7 +371,6 @@ class TestSSVMs(cloudstackTestCase):
zone_response[0].dns2,
"Check DNS2 with that of corresponding zone"
)
- return
@attr(
tags=[
@@ -459,7 +469,7 @@ class TestSSVMs(cloudstackTestCase):
self.apiclient.connection.user,
self.apiclient.connection.passwd,
ssvm.privateip,
- "service cloud status",
+ "systemctl is-active cloud",
hypervisor=self.hypervisor
)
else:
@@ -472,7 +482,7 @@ class TestSSVMs(cloudstackTestCase):
host.user,
host.passwd,
ssvm.linklocalip,
- "service cloud status"
+ "systemctl is-active cloud"
)
except KeyError:
self.skipTest(
@@ -482,11 +492,11 @@ class TestSSVMs(cloudstackTestCase):
self.debug("Cloud Process status: %s" % res)
# Apache CloudStack service (type=secstorage) is running: process id: 2346
self.assertEqual(
- res.count("is running"),
+ res.count("active"),
1,
"Check cloud service is running or not"
)
-
+
linklocal_ip = None
# Check status of cloud service
if self.hypervisor.lower() in ('vmware', 'hyperv'):
@@ -526,8 +536,6 @@ class TestSSVMs(cloudstackTestCase):
res,
"The cached Link Local should be the same as the current Link Local IP, but they are different! Current ==> %s; Cached ==> %s " % (linklocal_ip, res)
)
-
- return
@attr(
tags=[
@@ -595,7 +603,7 @@ class TestSSVMs(cloudstackTestCase):
self.apiclient.connection.user,
self.apiclient.connection.passwd,
cpvm.privateip,
- "service cloud status",
+ "systemctl is-active cloud",
hypervisor=self.hypervisor
)
else:
@@ -608,7 +616,7 @@ class TestSSVMs(cloudstackTestCase):
host.user,
host.passwd,
cpvm.linklocalip,
- "service cloud status"
+ "systemctl is-active cloud"
)
except KeyError:
self.skipTest(
@@ -617,7 +625,7 @@ class TestSSVMs(cloudstackTestCase):
res = str(result)
self.debug("Cloud Process status: %s" % res)
self.assertEqual(
- res.count("is running"),
+ res.count("active"),
1,
"Check cloud service is running or not"
)
@@ -662,8 +670,6 @@ class TestSSVMs(cloudstackTestCase):
"The cached Link Local should be the same as the current Link Local IP, but they are different! Current ==> %s; Cached ==> %s " % (linklocal_ip, res)
)
- return
-
@attr(
tags=[
"advanced",
@@ -711,45 +717,21 @@ class TestSSVMs(cloudstackTestCase):
cmd.id = ssvm.id
self.apiclient.stopSystemVm(cmd)
- timeout = self.services["timeout"]
- while True:
- list_ssvm_response = list_ssvms(
- self.apiclient,
- id=ssvm.id
- )
- if isinstance(list_ssvm_response, list):
- if list_ssvm_response[0].state == 'Running':
- break
- if timeout == 0:
- raise Exception("List SSVM call failed!")
-
- time.sleep(self.services["sleep"])
- timeout = timeout - 1
-
- self.assertEqual(
- isinstance(list_ssvm_response, list),
- True,
- "Check list response returns a valid list"
- )
- ssvm_response = list_ssvm_response[0]
+ ssvm_response = self.checkForRunningSystemVM(ssvm)
self.debug("SSVM state after debug: %s" % ssvm_response.state)
self.assertEqual(
ssvm_response.state,
'Running',
"Check whether SSVM is running or not"
)
+
# Wait for the agent to be up
self.waitForSystemVMAgent(ssvm_response.name)
# Call above tests to ensure SSVM is properly running
self.test_01_list_sec_storage_vm()
- # Wait for some time before running diagnostic scripts on SSVM
- # as it may take some time to start all service properly
- time.sleep(int(self.services["configurableData"]["systemVmDelay"]))
-
self.test_03_ssvm_internals()
- return
@attr(
tags=[
@@ -798,23 +780,7 @@ class TestSSVMs(cloudstackTestCase):
cmd.id = cpvm.id
self.apiclient.stopSystemVm(cmd)
- timeout = 120
- while True:
- list_cpvm_response = list_ssvms(
- self.apiclient,
- id=cpvm.id
- )
- if isinstance(list_cpvm_response, list):
- if list_cpvm_response[0].state == 'Running':
- break
- if timeout == 0:
- raise Exception("List CPVM call failed!")
-
- time.sleep(1)
- timeout = timeout - 1
-
- cpvm_response = list_cpvm_response[0]
-
+ cpvm_response = self.checkForRunningSystemVM(cpvm)
self.debug("CPVM state after debug: %s" % cpvm_response.state)
self.assertEqual(
@@ -829,12 +795,7 @@ class TestSSVMs(cloudstackTestCase):
# Call above tests to ensure CPVM is properly running
self.test_02_list_cpvm_vm()
- # Wait for some time before running diagnostic scripts on SSVM
- # as it may take some time to start all service properly
- time.sleep(int(self.services["configurableData"]["systemVmDelay"]))
-
self.test_04_cpvm_internals()
- return
@attr(
tags=[
@@ -887,22 +848,7 @@ class TestSSVMs(cloudstackTestCase):
cmd.id = ssvm_response.id
self.apiclient.rebootSystemVm(cmd)
- timeout = self.services["timeout"]
- while True:
- list_ssvm_response = list_ssvms(
- self.apiclient,
- id=ssvm_response.id
- )
- if isinstance(list_ssvm_response, list):
- if list_ssvm_response[0].state == 'Running':
- break
- if timeout == 0:
- raise Exception("List SSVM call failed!")
-
- time.sleep(self.services["sleep"])
- timeout = timeout - 1
-
- ssvm_response = list_ssvm_response[0]
+ ssvm_response = self.checkForRunningSystemVM(ssvm_response)
self.debug("SSVM State: %s" % ssvm_response.state)
self.assertEqual(
'Running',
@@ -921,13 +867,8 @@ class TestSSVMs(cloudstackTestCase):
# Wait for the agent to be up
self.waitForSystemVMAgent(ssvm_response.name)
- # Wait for some time before running diagnostic scripts on SSVM
- # as it may take some time to start all service properly
- time.sleep(int(self.services["configurableData"]["systemVmDelay"]))
-
# Call to verify cloud process is running
self.test_03_ssvm_internals()
- return
@attr(
tags=[
@@ -979,23 +920,7 @@ class TestSSVMs(cloudstackTestCase):
cmd.id = cpvm_response.id
self.apiclient.rebootSystemVm(cmd)
- timeout = self.services["timeout"]
- while True:
- list_cpvm_response = list_ssvms(
- self.apiclient,
- id=cpvm_response.id
- )
- if isinstance(list_cpvm_response, list):
- if list_cpvm_response[0].state == 'Running':
- break
- if timeout == 0:
- raise Exception("List CPVM call failed!")
-
- time.sleep(self.services["sleep"])
- timeout = timeout - 1
-
- cpvm_response = list_cpvm_response[0]
-
+ cpvm_response = self.checkForRunningSystemVM(cpvm_response)
self.debug("CPVM state: %s" % cpvm_response.state)
self.assertEqual(
'Running',
@@ -1010,17 +935,12 @@ class TestSSVMs(cloudstackTestCase):
)
# Private IP Address of System VMs are allowed to change after reboot - CLOUDSTACK-7745
-
+
# Wait for the agent to be up
self.waitForSystemVMAgent(cpvm_response.name)
- # Wait for some time before running diagnostic scripts on SSVM
- # as it may take some time to start all service properly
- time.sleep(int(self.services["configurableData"]["systemVmDelay"]))
-
# Call to verify cloud process is running
self.test_04_cpvm_internals()
- return
@attr(
tags=[
@@ -1061,23 +981,7 @@ class TestSSVMs(cloudstackTestCase):
cmd.id = ssvm_response.id
self.apiclient.destroySystemVm(cmd)
- timeout = self.services["timeout"]
- while True:
- list_ssvm_response = list_ssvms(
- self.apiclient,
- zoneid=self.zone.id,
- systemvmtype='secondarystoragevm'
- )
- if isinstance(list_ssvm_response, list):
- if list_ssvm_response[0].state == 'Running':
- break
- if timeout == 0:
- raise Exception("List SSVM call failed!")
-
- time.sleep(self.services["sleep"])
- timeout = timeout - 1
-
- ssvm_response = list_ssvm_response[0]
+ ssvm_response = self.checkForRunningSystemVM(ssvm_response, 'secondarystoragevm')
# Verify Name, Public IP, Private IP and Link local IP
# for newly created SSVM
@@ -1107,13 +1011,8 @@ class TestSSVMs(cloudstackTestCase):
# Wait for the agent to be up
self.waitForSystemVMAgent(ssvm_response.name)
- # Wait for some time before running diagnostic scripts on SSVM
- # as it may take some time to start all service properly
- time.sleep(int(self.services["configurableData"]["systemVmDelay"]))
-
# Call to verify cloud process is running
self.test_03_ssvm_internals()
- return
@attr(
tags=[
@@ -1153,23 +1052,7 @@ class TestSSVMs(cloudstackTestCase):
cmd.id = cpvm_response.id
self.apiclient.destroySystemVm(cmd)
- timeout = self.services["timeout"]
- while True:
- list_cpvm_response = list_ssvms(
- self.apiclient,
- systemvmtype='consoleproxy',
- zoneid=self.zone.id
- )
- if isinstance(list_cpvm_response, list):
- if list_cpvm_response[0].state == 'Running':
- break
- if timeout == 0:
- raise Exception("List CPVM call failed!")
-
- time.sleep(self.services["sleep"])
- timeout = timeout - 1
-
- cpvm_response = list_cpvm_response[0]
+ cpvm_response = self.checkForRunningSystemVM(cpvm_response, 'consoleproxy')
# Verify Name, Public IP, Private IP and Link local IP
# for newly created CPVM
@@ -1199,13 +1082,8 @@ class TestSSVMs(cloudstackTestCase):
# Wait for the agent to be up
self.waitForSystemVMAgent(cpvm_response.name)
- # Wait for some time before running diagnostic scripts on SSVM
- # as it may take some time to start all service properly
- time.sleep(int(self.services["configurableData"]["systemVmDelay"]))
-
# Call to verify cloud process is running
self.test_04_cpvm_internals()
- return
@attr(
tags=[
@@ -1300,22 +1178,7 @@ class TestSSVMs(cloudstackTestCase):
cmd.id = ssvm.id
self.apiclient.stopSystemVm(cmd)
- def checkForRunningSSVM():
- new_list_ssvm_response = list_ssvms(
- self.apiclient,
- id=ssvm.id
- )
- if isinstance(new_list_ssvm_response, list):
- return new_list_ssvm_response[0].state == 'Running', None
-
- res, _ = wait_until(self.services["sleep"], self.services["timeout"], checkForRunningSSVM)
- if not res:
- self.fail("List SSVM call failed!")
-
- new_list_ssvm_response = list_ssvms(
- self.apiclient,
- id=ssvm.id
- )
+ new_list_ssvm_response = self.checkForRunningSystemVM(ssvm)
self.assertNotEqual(
new_list_ssvm_response,
@@ -1363,5 +1226,3 @@ class TestSSVMs(cloudstackTestCase):
int(nfs_version),
"Check mounted NFS version to be the same as provided"
)
-
- return
diff --git a/tools/appliance/definitions/systemvmtemplate/authorized_keys.sh b/tools/appliance/definitions/systemvmtemplate/authorized_keys.sh
index d185723..721e04d 100644
--- a/tools/appliance/definitions/systemvmtemplate/authorized_keys.sh
+++ b/tools/appliance/definitions/systemvmtemplate/authorized_keys.sh
@@ -16,15 +16,10 @@
# specific language governing permissions and limitations
# under the License.
-# override this file during build to inject /root/.ssh/authorized_keys
-
set -e
set -x
-# the key that we have in ../patches/debian/config/root/.ssh/authorized_keys for some reason
-key='ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvFu3MLSPphFRBR1yM7nBukXWS9gPdAXfqq9cfC8ZqQN9ybi531aj44CybZ4BVT4kLfzbAs7+7nJeSIpPHxjv9XFqbxjIxoFeGYkj7s0RrJgtsEmvAAubZ3mYboUAYUivMgnJFLnv4VqyAbpjix6CfECUiU4ygwo24F3F6bAmhl4Vo1R5TSUdDIX876YePJTFtuVkLl4lu/+xw1QRWrgaSFosGICT37IKY7RjE79Ozb0GjNHyJPPgVAGkUVO4LawroL9dYOBlzdHpmqqA9Kc44oQBpvcU7s1+ezRTt7fZNnP7TG9ninZtrvnP4qmwAc4iUJ7N1bwh0mCblnoTfZ28hw== anthony@mobl-ant'
mkdir -p /root/.ssh
chmod 644 /root/.ssh
-#touch /root/.ssh/authorized_keys
-echo ${key} > /root/.ssh/authorized_keys
+touch /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
diff --git a/tools/appliance/definitions/systemvmtemplate/cleanup.sh b/tools/appliance/definitions/systemvmtemplate/cleanup.sh
index 67d6c23..444cc94 100644
--- a/tools/appliance/definitions/systemvmtemplate/cleanup.sh
+++ b/tools/appliance/definitions/systemvmtemplate/cleanup.sh
@@ -20,7 +20,7 @@ set -e
set -x
function cleanup_apt() {
- apt-get -y remove dictionaries-common busybox
+ apt-get -y remove dictionaries-common busybox isc-dhcp-client isc-dhcp-common
apt-get -y autoremove
apt-get autoclean
apt-get clean
@@ -39,10 +39,21 @@ function cleanup_dev() {
rm -f /lib/udev/rules.d/75-persistent-net-generator.rules
}
+function cleanup_misc() {
+ rm -fr /home/cloud/cloud_scripts*
+ rm -f /root/.rnd
+ rm -f /var/www/html/index.html
+ rm -f /var/log/*.log
+ rm -f /var/log/apache2/*
+ rm -f /var/log/messages
+ rm -f /var/log/syslog
+}
+
function cleanup() {
cleanup_apt
cleanup_dhcp
cleanup_dev
+ cleanup_misc
}
return 2>/dev/null || cleanup
diff --git a/tools/appliance/definitions/systemvmtemplate/configure_conntrack.sh b/tools/appliance/definitions/systemvmtemplate/configure_conntrack.sh
index c898afc..7202717 100644
--- a/tools/appliance/definitions/systemvmtemplate/configure_conntrack.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_conntrack.sh
@@ -38,6 +38,9 @@ nf_conntrack_ipv4
nf_conntrack_ipv6
nf_conntrack
nf_conntrack_ftp
+nf_conntrack_pptp
+nf_conntrack_proto_gre
+nf_nat_tftp
nf_nat_ftp
EOF
}
diff --git a/tools/appliance/definitions/systemvmtemplate/configure_grub.sh b/tools/appliance/definitions/systemvmtemplate/configure_grub.sh
index ec40b7c..eb2692e 100644
--- a/tools/appliance/definitions/systemvmtemplate/configure_grub.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_grub.sh
@@ -19,19 +19,17 @@
set -e
set -x
-# Remove 5s grub timeout to speed up booting
function configure_grub() {
- grep GRUB_TIMEOUT=0 /etc/default/grub && return
-
cat <<EOF > /etc/default/grub
# If you change this file, run 'update-grub' afterwards to update
# /boot/grub/grub.cfg.
GRUB_DEFAULT=0
GRUB_TIMEOUT=0
-GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
+GRUB_DISTRIBUTOR=Debian
GRUB_CMDLINE_LINUX_DEFAULT="quiet"
-GRUB_CMDLINE_LINUX="console=tty1 console=ttyS0,115200n8 net.ifnames=0 biosdevname=0 debian-installer=en_US"
+GRUB_CMDLINE_LINUX="console=tty0 console=ttyS0,115200n8 console=hvc0 earlyprintk=xen net.ifnames=0 biosdevname=0 debian-installer=en_US"
+GRUB_CMDLINE_XEN="com1=115200 console=com1"
GRUB_TERMINAL="console serial"
GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1"
diff --git a/tools/appliance/definitions/systemvmtemplate/configure_login.sh b/tools/appliance/definitions/systemvmtemplate/configure_login.sh
index 1735b81..d5f80b1 100644
--- a/tools/appliance/definitions/systemvmtemplate/configure_login.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_login.sh
@@ -73,6 +73,7 @@ function configure_login() {
configure_sudoers
configure_user
rm -fv /home/cloud/configure_login.sh
+ sync
halt -p
}
diff --git a/tools/appliance/definitions/systemvmtemplate/configure_networking.sh b/tools/appliance/definitions/systemvmtemplate/configure_networking.sh
index 2ebd3a2..ab68cdf 100644
--- a/tools/appliance/definitions/systemvmtemplate/configure_networking.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_networking.sh
@@ -56,7 +56,6 @@ iface lo inet loopback
# The primary network interface
auto eth0
iface eth0 inet dhcp
-pre-up sleep 2
EOF
}
diff --git a/tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh b/tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh
index 1386465..791f2ea 100644
--- a/tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh
@@ -36,14 +36,19 @@ function install_cloud_scripts() {
rsync -av ./cloud_scripts/ /
chmod +x /opt/cloud/bin/* \
/root/{clearUsageRules.sh,reconfigLB.sh,monitorServices.py} \
- /etc/init.d/{cloud-early-config,cloud-passwd-srvr,postinit} \
+ /etc/init.d/{cloud-early-config,cloud-passwd-srvr} \
/etc/profile.d/cloud.sh
cat > /etc/systemd/system/cloud-early-config.service << EOF
[Unit]
-Description=cloud-early-config: configure according to cmdline
+Description=cloud-early-config: configures systemvm using cmdline
DefaultDependencies=no
-After=local-fs.target apparmor.service systemd-sysctl.service systemd-modules-load.service
+
+Before=network-pre.target
+Wants=network-pre.target
+
+Requires=local-fs.target
+After=local-fs.target
[Install]
WantedBy=multi-user.target
@@ -85,30 +90,14 @@ WantedBy=multi-user.target
Type=forking
ExecStart=/etc/init.d/cloud-passwd-srvr start
ExecStop=/etc/init.d/cloud-passwd-srvr stop
-RemainAfterExit=true
-TimeoutStartSec=5min
-EOF
-
- cat > /etc/systemd/system/postinit.service << EOF
-[Unit]
-Description=cloud post-init service
-After=cloud-early-config.service network.target local-fs.target
-
-[Install]
-WantedBy=multi-user.target
-
-[Service]
-Type=forking
-ExecStart=/etc/init.d/postinit start
-ExecStop=/etc/init.d/postinit stop
-RemainAfterExit=true
-TimeoutStartSec=5min
+Restart=always
+RestartSec=5
EOF
systemctl daemon-reload
systemctl enable cloud-early-config
- systemctl disable cloud-passwd-srvr
systemctl disable cloud
+ systemctl disable cloud-passwd-srvr
}
function do_signature() {
@@ -130,6 +119,9 @@ function configure_services() {
mkdir -p /usr/share/cloud
mkdir -p /usr/local/cloud
+ # Fix dnsmasq directory issue
+ mkdir -p /opt/tftpboot
+
# Fix haproxy directory issue
mkdir -p /var/lib/haproxy
@@ -137,21 +129,21 @@ function configure_services() {
do_signature
systemctl daemon-reload
- systemctl disable xl2tpd
+ systemctl disable apt-daily.service
+ systemctl disable apt-daily.timer
+ systemctl disable apt-daily-upgrade.timer
# Disable services that slow down boot and are not used anyway
- systemctl disable x11-common
- systemctl disable console-setup
- systemctl disable haproxy
systemctl disable apache2
+ systemctl disable conntrackd
+ systemctl disable console-setup
systemctl disable dnsmasq
-
- # Hyperv kvp daemon - 64bit only
- local arch=`dpkg --print-architecture`
- if [ "${arch}" == "amd64" ]; then
- systemctl disable hv_kvp_daemon
- fi
+ systemctl disable haproxy
+ systemctl disable keepalived
systemctl disable radvd
+ systemctl disable strongswan
+ systemctl disable x11-common
+ systemctl disable xl2tpd
configure_apache2
configure_strongswan
diff --git a/tools/appliance/definitions/systemvmtemplate/definition.rb b/tools/appliance/definitions/systemvmtemplate/definition.rb
index cea7bd2..33c8e8b 100644
--- a/tools/appliance/definitions/systemvmtemplate/definition.rb
+++ b/tools/appliance/definitions/systemvmtemplate/definition.rb
@@ -27,9 +27,9 @@ arch = 'amd64'
architectures = {
:amd64 => {
:os_type_id => 'Debian_64',
- :iso_file => 'debian-9.1.0-amd64-netinst.iso',
- :iso_src => 'https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-9.1.0-amd64-netinst.iso',
- :iso_md5 => 'ddd8f6542dae8baf410e90b9ae0fe986'
+ :iso_file => 'debian-9.2.1-amd64-netinst.iso',
+ :iso_src => 'https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-9.2.1-amd64-netinst.iso',
+ :iso_sha512 => 'ebfe25dc593967e39349b205480b0ec0103ef4a0468c602f4857e13d06d407bfe876162399e0e8d4dea5675953dc37ab585316f307ccf9f4440124b4f719df04'
}
}
diff --git a/tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh b/tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh
index 227f533..2cceb98 100644
--- a/tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh
+++ b/tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh
@@ -22,7 +22,7 @@ set -x
function install_vhd_util() {
[[ -f /bin/vhd-util ]] && return
- wget --no-check-certificate http://download.cloudstack.org/tools/vhd-util -O /bin/vhd-util
+ wget --no-check-certificate https://github.com/rhtyd/cloudstack-nonoss/raw/master/vhd-util -O /bin/vhd-util
chmod a+x /bin/vhd-util
}
@@ -52,12 +52,12 @@ function install_packages() {
${apt_get} install links:i386 libuuid1:i386 libc6:i386
fi
- ${apt_get} install \
- rsyslog logrotate cron insserv net-tools ifupdown vim netbase iptables \
- openssh-server e2fsprogs isc-dhcp-client tcpdump socat wget \
+ ${apt_get} install grub-legacy \
+ rsyslog logrotate cron net-tools ifupdown vim tmux netbase iptables \
+ openssh-server e2fsprogs tcpdump socat wget \
python bzip2 sed gawk diffutils grep gzip less tar telnet ftp rsync traceroute psmisc lsof procps \
inetutils-ping iputils-arping httping curl \
- dnsutils zip unzip ethtool uuid file iproute acpid virt-what sudo \
+ dnsutils zip unzip ethtool uuid file iproute acpid sudo \
sysstat python-netaddr \
apache2 ssl-cert \
dnsmasq dnsmasq-utils \
@@ -65,7 +65,9 @@ function install_packages() {
samba-common cifs-utils \
xl2tpd bcrelay ppp ipsec-tools tdb-tools \
xenstore-utils libxenstore3.0 \
- conntrackd ipvsadm libnetfilter-conntrack3 libnl-3-200 libnl-genl-3-200 \
+ ipvsadm conntrackd libnetfilter-conntrack3 \
+ keepalived irqbalance \
+ libnl-3-200 libnl-genl-3-200 \
ipcalc \
openjdk-8-jre-headless \
ipset \
@@ -75,22 +77,19 @@ function install_packages() {
haproxy \
radvd \
sharutils \
- keepalived irqbalance open-vm-tools qemu-guest-agent \
- strongswan libcharon-extra-plugins libstrongswan-extra-plugins
+ strongswan libcharon-extra-plugins libstrongswan-extra-plugins \
+ virt-what open-vm-tools qemu-guest-agent hyperv-daemons
+
+ # Install xenserver guest utilities as debian repos don't have it
+ wget https://mirrors.kernel.org/ubuntu/pool/universe/x/xe-guest-utilities/xe-guest-utilities_7.4.0-0ubuntu1_amd64.deb
+ dpkg -i xe-guest-utilities_7.4.0-0ubuntu1_amd64.deb
+ rm -f xe-guest-utilities_7.4.0-0ubuntu1_amd64.deb
apt-get autoclean
apt-get clean
apt-get update
apt-get -y upgrade
-
- if [ "${arch}" == "amd64" ]; then
- # Hyperv kvp daemon - 64bit only
- # Download the hv kvp daemon
- wget http://people.apache.org/~rajeshbattala/hv-kvp-daemon_3.1_amd64.deb
- dpkg -i hv-kvp-daemon_3.1_amd64.deb
- rm -f hv-kvp-daemon_3.1_amd64.deb
- fi
}
return 2>/dev/null || install_packages
diff --git a/tools/appliance/definitions/systemvmtemplate/preseed.cfg b/tools/appliance/definitions/systemvmtemplate/preseed.cfg
index 6d56b76..99bd6eb 100644
--- a/tools/appliance/definitions/systemvmtemplate/preseed.cfg
+++ b/tools/appliance/definitions/systemvmtemplate/preseed.cfg
@@ -57,10 +57,10 @@ d-i partman-auto/method string regular
d-i partman-auto/choose_recipe select atomic
d-i partman-auto/expert_recipe string \
boot-root :: \
- 80 50 100 ext4 \
+ 80 50 100 ext2 \
$primary{ } $bootable{ } \
method{ format } format{ } \
- use_filesystem{ } filesystem{ ext4 } \
+ use_filesystem{ } filesystem{ ext2 } \
mountpoint{ /boot } \
. \
1500 40 1600 ext4 \
diff --git a/tools/appliance/definitions/systemvmtemplate/zerodisk.sh b/tools/appliance/definitions/systemvmtemplate/zerodisk.sh
index 7adea8a..d002316 100644
--- a/tools/appliance/definitions/systemvmtemplate/zerodisk.sh
+++ b/tools/appliance/definitions/systemvmtemplate/zerodisk.sh
@@ -39,6 +39,11 @@ function zero_disk() {
sync
rm -f ${path}/zero
done
+
+ for partition in $(blkid -o list | grep ext | awk '{print $1}')
+ do
+ tune2fs -m0 $partition
+ done
}
return 2>/dev/null || zero_disk
diff --git a/utils/src/main/java/com/cloud/utils/ReflectUtil.java b/utils/src/main/java/com/cloud/utils/ReflectUtil.java
index c8ae954..1d31093 100644
--- a/utils/src/main/java/com/cloud/utils/ReflectUtil.java
+++ b/utils/src/main/java/com/cloud/utils/ReflectUtil.java
@@ -29,6 +29,8 @@ import java.beans.PropertyDescriptor;
import java.lang.annotation.Annotation;
import java.lang.reflect.Field;
import java.lang.reflect.InvocationTargetException;
+import java.net.URL;
+import java.net.URLClassLoader;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
@@ -210,4 +212,23 @@ public class ReflectUtil {
}
}
+ /**
+ * Finds and returns class loader based on the provided module/jar name
+ * @param name
+ * @return returns ClassLoader
+ */
+ public static ClassLoader getClassLoaderForName(final String name) {
+ final URL[] urls = ((URLClassLoader) (Thread.currentThread().getContextClassLoader())).getURLs();
+ final List<URL> searchUrls = new ArrayList<>();
+ for (final URL url: urls) {
+ if (url.toString().contains(name)) {
+ if (s_logger.isDebugEnabled()) {
+ s_logger.debug("Search URL: " + url.toString());
+ }
+ searchUrls.add(url);
+ }
+ }
+ return new URLClassLoader(searchUrls.toArray(new URL[searchUrls.size()]));
+ }
+
}
diff --git a/utils/src/main/java/com/cloud/utils/nio/Link.java b/utils/src/main/java/com/cloud/utils/nio/Link.java
index 7848d53..8f1b811 100644
--- a/utils/src/main/java/com/cloud/utils/nio/Link.java
+++ b/utils/src/main/java/com/cloud/utils/nio/Link.java
@@ -503,7 +503,7 @@ public class Link {
s_logger.error(String.format("SSL error caught during unwrap data: %s, for local address=%s, remote address=%s. The client may have invalid ca-certificates.",
sslException.getMessage(), socketChannel.getLocalAddress(), socketChannel.getRemoteAddress()));
sslEngine.closeOutbound();
- return true;
+ return false;
}
switch (result.getStatus()) {
case OK:
@@ -545,7 +545,7 @@ public class Link {
s_logger.error(String.format("SSL error caught during wrap data: %s, for local address=%s, remote address=%s.",
sslException.getMessage(), socketChannel.getLocalAddress(), socketChannel.getRemoteAddress()));
sslEngine.closeOutbound();
- return true;
+ return false;
}
switch (result.getStatus()) {
case OK :
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 01/34: CLOUDSTACK-10013: Migrate systemvmtemplate to
Debian9
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit c72ca39e9a592c7afffa44c71a0ee530692c73c9
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Sun Jul 23 18:01:35 2017 +0200
CLOUDSTACK-10013: Migrate systemvmtemplate to Debian9
SystemVM changes to work on Debian 9
- Migrate away from chkconfig to systemctl
- Remove xenstore-utils override deb pkg
- Fix runlevel in sysv scripts for systemd
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
systemvm/patches/debian/buildsystemvm.sh | 577 ---------------------
systemvm/patches/debian/config/etc/init.d/cloud | 10 +-
.../debian/config/etc/init.d/cloud-early-config | 23 +-
.../debian/config/etc/init.d/cloud-passwd-srvr | 10 +-
systemvm/patches/debian/config/etc/init.d/postinit | 6 +-
systemvm/patches/debian/config/etc/rc.local | 2 +-
systemvm/patches/debian/config/etc/ssh/sshd_config | 1 -
.../debian/config/opt/cloud/bin/patchsystemvm.sh | 128 ++---
tools/appliance/build.sh | 2 +-
.../definitions/systemvmtemplate/apt_upgrade.sh | 9 +-
.../systemvmtemplate/authorized_keys.sh | 1 +
.../definitions/systemvmtemplate/build_time.sh | 26 -
.../definitions/systemvmtemplate/cleanup.sh | 1 -
.../definitions/systemvmtemplate/configure_grub.sh | 6 +-
.../systemvmtemplate/configure_login.sh | 15 +-
.../systemvmtemplate/configure_networking.sh | 25 +-
.../configure_systemvm_services.sh | 94 +++-
.../definitions/systemvmtemplate/definition.rb | 36 +-
.../systemvmtemplate/install_systemvm_packages.sh | 32 +-
.../definitions/systemvmtemplate/preseed.cfg | 69 ++-
.../definitions/systemvmtemplate/zerodisk.sh | 9 +-
21 files changed, 267 insertions(+), 815 deletions(-)
diff --git a/systemvm/patches/debian/buildsystemvm.sh b/systemvm/patches/debian/buildsystemvm.sh
deleted file mode 100755
index a34b1dd..0000000
--- a/systemvm/patches/debian/buildsystemvm.sh
+++ /dev/null
@@ -1,577 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-echo "####################################################"
-echo " Note there is a new systemvm build script based on "
-echo " Veewee(Vagrant) under tools/appliance."
-echo "####################################################"
-
-set -e
-set -x
-
-IMAGENAME=systemvm
-LOCATION=/var/lib/images/systemvm
-PASSWORD=password
-#APT_PROXY=192.168.1.115:3142/
-APT_PROXY=
-HOSTNAME=systemvm
-SIZE=2000
-DEBIAN_MIRROR=ftp.us.debian.org/debian
-MINIMIZE=true
-CLOUDSTACK_RELEASE=4.0
-offset=4096
-baseimage() {
- mkdir -p $LOCATION
- #dd if=/dev/zero of=$IMAGELOC bs=1M count=$SIZE
- dd if=/dev/zero of=$IMAGELOC bs=1M seek=$((SIZE - 1)) count=1
- loopdev=$(losetup -f)
- losetup $loopdev $IMAGELOC
- parted $loopdev -s 'mklabel msdos'
- parted $loopdev -s 'mkpart primary ext3 4096B -1'
- sleep 2
- losetup -d $loopdev
- loopdev=$(losetup --show -o $offset -f $IMAGELOC )
- mkfs.ext3 -L ROOT $loopdev
- mkdir -p $MOUNTPOINT
- tune2fs -c 100 -i 0 $loopdev
- sleep 2
- losetup -d $loopdev
-
- mount -o loop,offset=$offset $IMAGELOC $MOUNTPOINT
-
- #debootstrap --variant=minbase --keyring=/usr/share/keyrings/debian-archive-keyring.gpg wheezy $MOUNTPOINT http://${APT_PROXY}${DEBIAN_MIRROR}
- debootstrap --variant=minbase --arch=i386 wheezy $MOUNTPOINT http://${APT_PROXY}${DEBIAN_MIRROR}
-}
-
-
-fixapt() {
- if [ "$APT_PROXY" != "" ]; then
- cat >> etc/apt/apt.conf.d/01proxy << EOF
-Acquire::http::Proxy "http://${APT_PROXY}";
-EOF
- fi
-
- cat > etc/apt/sources.list << EOF
-deb http://http.debian.net/debian/ wheezy main contrib non-free
-deb-src http://http.debian.net/debian/ wheezy main contrib non-free
-
-deb http://security.debian.org/ wheezy/updates main
-deb-src http://security.debian.org/ wheezy/updates main
-
-deb http://http.debian.net/debian/ wheezy-backports main
-deb-src http://http.debian.net/debian/ wheezy-backports main
-EOF
-
- cat >> etc/apt/apt.conf << EOF
-APT::Default-Release "stable";
-EOF
-
- cat >> etc/apt/preferences << EOF
-Package: *
-Pin: release o=Debian,a=stable
-Pin-Priority: 900
-EOF
-
- #apt-key exportall | chroot . apt-key add - &&
- chroot . apt-get update &&
- echo "Apt::Install-Recommends 0;" > etc/apt/apt.conf.d/local-recommends
-
- cat >> usr/sbin/policy-rc.d << EOF
-#!/bin/sh
-exit 101
-EOF
- chmod a+x usr/sbin/policy-rc.d
-
- cat >> etc/default/locale << EOF
-LANG=en_US.UTF-8
-LC_ALL=en_US.UTF-8
-EOF
-
- cat >> etc/locale.gen << EOF
-en_US.UTF-8 UTF-8
-EOF
-
- DEBIAN_FRONTEND=noninteractive
- DEBIAN_PRIORITY=critical
- export DEBIAN_FRONTEND DEBIAN_PRIORITY
- chroot . dpkg-reconfigure debconf --frontend=noninteractive
- chroot . apt-get -q -y install locales
-}
-
-network() {
-
- echo "$HOSTNAME" > etc/hostname &&
- cat > etc/hosts << EOF
-127.0.0.1 localhost
-# The following lines are desirable for IPv6 capable hosts
-::1 localhost ip6-localhost ip6-loopback
-fe00::0 ip6-localnet
-ff00::0 ip6-mcastprefix
-ff02::1 ip6-allnodes
-ff02::2 ip6-allrouters
-ff02::3 ip6-allhosts
-EOF
-
- cat >> etc/network/interfaces << EOF
-auto lo eth0
-iface lo inet loopback
-
-# The primary network interface
-iface eth0 inet static
-
-EOF
-}
-
-install_kernel() {
- DEBIAN_FRONTEND=noninteractive
- DEBIAN_PRIORITY=critical
- export DEBIAN_FRONTEND DEBIAN_PRIORITY
-
- chroot . apt-get -qq -y --force-yes install grub-legacy &&
- cp -av usr/lib/grub/i386-pc boot/grub
- #for some reason apt-get install grub does not install grub/stage1 etc
- #loopd=$(losetup -f --show $1)
- #grub-install $loopd --root-directory=$MOUNTPOINT
- #losetup -d $loopd
- grub << EOF &&
-device (hd0) $1
-root (hd0,0)
-setup (hd0)
-quit
-EOF
- # install a kernel image
- cat > etc/kernel-img.conf << EOF &&
-do_symlinks = yes
-link_in_boot = yes
-do_initrd = yes
-EOF
- touch /mnt/systemvm/boot/grub/default
- chroot . apt-get install -qq -y --force-yes linux-image-686-bigmem
- cat >> etc/kernel-img.conf << EOF
-postinst_hook = /usr/sbin/update-grub
-postrm_hook = /usr/sbin/update-grub
-EOF
-}
-
-
-fixgrub() {
- kern=$(basename $(ls boot/vmlinuz-*))
- ver=${kern#vmlinuz-}
- cat > boot/grub/menu.lst << EOF
-default 0
-timeout 2
-color cyan/blue white/blue
-
-### BEGIN AUTOMAGIC KERNELS LIST
-# kopt=root=LABEL=ROOT ro
-
-## ## End Default Options ##
-title Debian GNU/Linux, kernel $ver
-root (hd0,0)
-kernel /boot/$kern root=LABEL=ROOT ro console=tty0 xencons=ttyS0,115200 console=hvc0 quiet
-initrd /boot/initrd.img-$ver
-
-### END DEBIAN AUTOMAGIC KERNELS LIST
-EOF
- (cd boot/grub; ln -s menu.lst grub.conf)
-}
-
-fixinittab() {
- cat >> etc/inittab << EOF
-
-vc:2345:respawn:/sbin/getty 38400 hvc0
-EOF
-}
-
-fixfstab() {
- cat > etc/fstab << EOF
-# <file system> <mount point> <type> <options> <dump> <pass>
-proc /proc proc defaults 0 0
-LABEL=ROOT / ext3 errors=remount-ro,sync,noatime 0 1
-EOF
-}
-
-fixacpid() {
- mkdir -p etc/acpi/events
- cat >> etc/acpi/events/power << EOF
-event=button/power.*
-action=/usr/local/sbin/power.sh "%e"
-EOF
- cat >> usr/local/sbin/power.sh << EOF
-#!/bin/bash
-/sbin/poweroff
-EOF
- chmod a+x usr/local/sbin/power.sh
-}
-
-fixiptables() {
-cat >> etc/modules << EOF
-nf_conntrack
-nf_conntrack_ipv4
-EOF
-cat > etc/init.d/iptables-persistent << EOF
-#!/bin/sh
-### BEGIN INIT INFO
-# Provides: iptables
-# Required-Start: mountkernfs $local_fs
-# Required-Stop: $local_fs
-# Should-Start: cloud-early-config
-# Default-Start: S
-# Default-Stop:
-# Short-Description: Set up iptables rules
-### END INIT INFO
-
-PATH="/sbin:/bin:/usr/sbin:/usr/bin"
-
-# Include config file for iptables-persistent
-. /etc/iptables/iptables.conf
-
-case "\$1" in
-start)
- if [ -e /var/run/iptables ]; then
- echo "iptables is already started!"
- exit 1
- else
- touch /var/run/iptables
- fi
-
- if [ \$ENABLE_ROUTING -ne 0 ]; then
- # Enable Routing
- echo 1 > /proc/sys/net/ipv4/ip_forward
- fi
-
- # Load Modules
- modprobe -a \$MODULES
-
- # Load saved rules
- if [ -f /etc/iptables/rules ]; then
- iptables-restore </etc/iptables/rules
- fi
- ;;
-stop|force-stop)
- if [ ! -e /var/run/iptables ]; then
- echo "iptables is already stopped!"
- exit 1
- else
- rm /var/run/iptables
- fi
-
- if [ \$SAVE_NEW_RULES -ne 0 ]; then
- # Backup old rules
- cp /etc/iptables/rules /etc/iptables/rules.bak
- # Save new rules
- iptables-save >/etc/iptables/rules
- fi
-
- # Restore Default Policies
- iptables -P INPUT ACCEPT
- iptables -P FORWARD ACCEPT
- iptables -P OUTPUT ACCEPT
-
- # Flush rules on default tables
- iptables -F
- iptables -t nat -F
- iptables -t mangle -F
-
- # Unload previously loaded modules
- modprobe -r \$MODULES
-
- # Disable Routing if enabled
- if [ \$ENABLE_ROUTING -ne 0 ]; then
- # Disable Routing
- echo 0 > /proc/sys/net/ipv4/ip_forward
- fi
-
- ;;
-restart|force-reload)
- \$0 stop
- \$0 start
- ;;
-status)
- echo "Filter Rules:"
- echo "--------------"
- iptables -L -v
- echo ""
- echo "NAT Rules:"
- echo "-------------"
- iptables -t nat -L -v
- echo ""
- echo "Mangle Rules:"
- echo "----------------"
- iptables -t mangle -L -v
- ;;
-*)
- echo "Usage: \$0 {start|stop|force-stop|restart|force-reload|status}" >&2
- exit 1
- ;;
-esac
-
-exit 0
-EOF
- chmod a+x etc/init.d/iptables-persistent
-
-
- touch etc/iptables/iptables.conf
- cat > etc/iptables/iptables.conf << EOF
-# A basic config file for the /etc/init.d/iptable-persistent script
-
-# Should new manually added rules from command line be saved on reboot? Assign to a value different that 0 if you want this enabled.
-SAVE_NEW_RULES=0
-
-# Modules to load:
-MODULES="nf_nat_ftp nf_conntrack_ftp"
-
-# Enable Routing?
-ENABLE_ROUTING=1
-EOF
- chmod a+x etc/iptables/iptables.conf
-
-}
-
-vpn_config() {
- cp -r ${scriptdir}/vpn/* ./
-}
-
-#
-# IMPORTANT REMARK
-# Package intallation is no longer done via this script. We are not removing the code yet, but we want to
-# make sure that everybody willing to install/update packages should refer to the file:
-# ==> cloud-tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh
-#
-packages() {
- DEBIAN_FRONTEND=noninteractive
- DEBIAN_PRIORITY=critical
- DEBCONF_DB_OVERRIDE=’File{/root/config.dat}’
- export DEBIAN_FRONTEND DEBIAN_PRIORITY DEBCONF_DB_OVERRIDE
-
- #basic stuff
- chroot . apt-get --no-install-recommends -q -y --force-yes install rsyslog logrotate cron chkconfig insserv net-tools ifupdown vim-tiny netbase iptables openssh-server grub-legacy e2fsprogs dhcp3-client dnsmasq tcpdump socat wget python bzip2 sed gawk diffutils grep gzip less tar telnet ftp rsync traceroute psmisc lsof procps monit inetutils-ping iputils-arping httping dnsutils zip unzip ethtool uuid file iproute acpid iptables-persistent virt-what sudo
- #fix hostname in openssh-server generated keys
- sed -i "s/root@\(.*\)$/root@systemvm/g" etc/ssh/ssh_host_*.pub
-
- #sysstat
- chroot . echo 'sysstat sysstat/enable boolean true' | chroot . debconf-set-selections
- chroot . apt-get --no-install-recommends -q -y --force-yes install sysstat
- #apache
- chroot . apt-get --no-install-recommends -q -y --force-yes install apache2 ssl-cert
- #haproxy
- chroot . apt-get --no-install-recommends -q -y --force-yes install haproxy
- #dnsmasq
- chroot . apt-get --no-install-recommends -q -y --force-yes install dnsmasq
- #nfs client
- chroot . apt-get --no-install-recommends -q -y --force-yes install nfs-common
- #vpn stuff
- chroot . apt-get --no-install-recommends -q -y --force-yes install xl2tpd openswan bcrelay ppp ipsec-tools tdb-tools
- #vmware tools
- chroot . apt-get --no-install-recommends -q -y --force-yes install open-vm-tools
- #xenstore utils
- chroot . apt-get --no-install-recommends -q -y --force-yes install xenstore-utils libxenstore3.0
- #keepalived - install version 1.2.13 from wheezy backports
- chroot . apt-get --no-install-recommends -q -y --force-yes -t wheezy-backports install keepalived
- #conntrackd
- chroot . apt-get --no-install-recommends -q -y --force-yes install conntrackd ipvsadm libnetfilter-conntrack3 libnl1
- #ipcalc
- chroot . apt-get --no-install-recommends -q -y --force-yes install ipcalc
- #irqbalance from wheezy-backports
- chroot . apt-get --no-install-recommends -q -y --force-yes -t wheezy-backports install irqbalance
-
- echo "***** getting jre 7 *********"
- chroot . apt-get --no-install-recommends -q -y install openjdk-7-jre-headless
-}
-
-
-password() {
- chroot . echo "root:$PASSWORD" | chroot . chpasswd
-}
-
-apache2() {
- chroot . a2enmod ssl rewrite auth_basic auth_digest
- chroot . a2ensite default-ssl
- cp etc/apache2/sites-available/default etc/apache2/sites-available/default.orig
- cp etc/apache2/sites-available/default-ssl etc/apache2/sites-available/default-ssl.orig
-}
-
-services() {
- mkdir -p ./var/www/html
- mkdir -p ./opt/cloud/bin
- mkdir -p ./var/cache/cloud
- mkdir -p ./usr/share/cloud
- mkdir -p ./usr/local/cloud
- mkdir -p ./root/.ssh
- #Fix haproxy directory issue
- mkdir -p ./var/lib/haproxy
-
- /bin/cp -r ${scriptdir}/config/* ./
- chroot . chkconfig xl2tpd off
- chroot . chkconfig --add cloud-early-config
- chroot . chkconfig cloud-early-config on
- chroot . chkconfig --add iptables-persistent
- chroot . chkconfig iptables-persistent off
- chroot . chkconfig --force --add cloud-passwd-srvr
- chroot . chkconfig cloud-passwd-srvr off
- chroot . chkconfig --add cloud
- chroot . chkconfig cloud off
- chroot . chkconfig monit off
-}
-
-dhcp_fix() {
- #deal with virtio DHCP issue, copy and install customized kernel module and iptables
- mkdir -p tmp
- cp /tmp/systemvm/xt_CHECKSUM.ko lib/modules/2.6.32-5-686-bigmem/kernel/net/netfilter
- chroot . depmod -a 2.6.32-5-686-bigmem
- cp /tmp/systemvm/iptables_1.4.8-3local1checksum1_i386.deb tmp/
- chroot . dpkg -i tmp/iptables_1.4.8-3local1checksum1_i386.deb
- rm tmp/iptables_1.4.8-3local1checksum1_i386.deb
-}
-
-install_xs_tool() {
- #deal with virtio DHCP issue, copy and install customized kernel module and iptables
- mkdir -p tmp
- cp /tmp/systemvm/xe-guest-utilities_5.6.0-595_i386.deb tmp/
- chroot . dpkg -i tmp/xe-guest-utilities_5.6.0-595_i386.deb
- rm tmp/xe-guest-utilities_5.6.0-595_i386.deb
-}
-
-cleanup() {
- rm -f usr/sbin/policy-rc.d
- rm -f root/config.dat
- rm -f etc/apt/apt.conf.d/01proxy
-
- if [ "$MINIMIZE" == "true" ]
- then
- rm -rf var/cache/apt/*
- rm -rf var/lib/apt/*
- rm -rf usr/share/locale/[a-d]*
- rm -rf usr/share/locale/[f-z]*
- rm -rf usr/share/doc/*
- size=$(df $MOUNTPOINT | awk '{print $4}' | grep -v Available)
- dd if=/dev/zero of=$MOUNTPOINT/zeros.img bs=1M count=$((((size-150000)) / 1000))
- rm -f $MOUNTPOINT/zeros.img
- fi
-}
-
-signature() {
- (cd ${scriptdir}/config; tar cvf ${MOUNTPOINT}/usr/share/cloud/cloud-scripts.tar *)
- (cd ${scriptdir}/vpn; tar rvf ${MOUNTPOINT}/usr/share/cloud/cloud-scripts.tar *)
- gzip -c ${MOUNTPOINT}/usr/share/cloud/cloud-scripts.tar > ${MOUNTPOINT}/usr/share/cloud/cloud-scripts.tgz
- md5sum ${MOUNTPOINT}/usr/share/cloud/cloud-scripts.tgz |awk '{print $1}' > ${MOUNTPOINT}/var/cache/cloud/cloud-scripts-signature
- echo "Cloudstack Release $CLOUDSTACK_RELEASE $(date)" > ${MOUNTPOINT}/etc/cloudstack-release
-}
-
-#check grub version
-
-grub --version | grep "0.9" > /dev/null
-if [ $? -ne 0 ]
-then
- echo You need grub 0.9x\(grub-legacy\) to use this script!
- exit 1
-fi
-
-mkdir -p $IMAGENAME
-mkdir -p $LOCATION
-MOUNTPOINT=/mnt/$IMAGENAME/
-IMAGELOC=$LOCATION/$IMAGENAME.img
-scriptdir=$(dirname $PWD/$0)
-
-rm -rf /tmp/systemvm
-mkdir -p /tmp/systemvm
-#cp ./xt_CHECKSUM.ko /tmp/systemvm
-#cp ./iptables_1.4.8-3local1checksum1_i386.deb /tmp/systemvm
-#cp ./xe-guest-utilities_5.6.0-595_i386.deb /tmp/systemvm
-
-rm -f $IMAGELOC
-begin=$(date +%s)
-echo "*************INSTALLING BASEIMAGE********************"
-baseimage
-
-cp $scriptdir/config.dat $MOUNTPOINT/root/
-cd $MOUNTPOINT
-
-mount -o bind /proc $MOUNTPOINT/proc
-mount -o bind /dev $MOUNTPOINT/dev
-
-echo "*************CONFIGURING APT********************"
-fixapt
-echo "*************DONE CONFIGURING APT********************"
-
-echo "*************CONFIGURING NETWORK********************"
-network
-echo "*************DONE CONFIGURING NETWORK********************"
-
-echo "*************INSTALLING KERNEL********************"
-install_kernel $IMAGELOC
-echo "*************DONE INSTALLING KERNEL********************"
-
-echo "*************CONFIGURING GRUB********************"
-fixgrub $IMAGELOC
-echo "*************DONE CONFIGURING GRUB********************"
-
-
-echo "*************CONFIGURING INITTAB********************"
-fixinittab
-echo "*************DONE CONFIGURING INITTAB********************"
-
-echo "*************CONFIGURING FSTAB********************"
-fixfstab
-echo "*************DONE CONFIGURING FSTAB********************"
-
-echo "*************CONFIGURING ACPID********************"
-fixacpid
-echo "*************DONE CONFIGURING ACPID********************"
-
-echo "*************INSTALLING PACKAGES********************"
-packages
-echo "*************DONE INSTALLING PACKAGES********************"
-
-echo "*************CONFIGURING IPTABLES********************"
-fixiptables
-echo "*************DONE CONFIGURING IPTABLES********************"
-
-echo "*************CONFIGURING PASSWORD********************"
-password
-
-echo "*************CONFIGURING SERVICES********************"
-services
-
-echo "*************CONFIGURING APACHE********************"
-apache2
-
-echo "*************CONFIGURING VPN********************"
-vpn_config
-
-echo "*************FIX DHCP ISSUE********************"
-#dhcp_fix
-
-echo "*************INSTALL XS TOOLS********************"
-#install_xs_tool
-
-echo "*************CLEANING UP********************"
-cleanup
-
-echo "*************GENERATING SIGNATURE********************"
-signature
-
-cd $scriptdir
-
-umount $MOUNTPOINT/proc
-umount $MOUNTPOINT/dev
-umount $MOUNTPOINT
-fin=$(date +%s)
-t=$((fin-begin))
-echo "Finished building image $IMAGELOC in $t seconds"
-
diff --git a/systemvm/patches/debian/config/etc/init.d/cloud b/systemvm/patches/debian/config/etc/init.d/cloud
index f9a9915..9b3a63b 100755
--- a/systemvm/patches/debian/config/etc/init.d/cloud
+++ b/systemvm/patches/debian/config/etc/init.d/cloud
@@ -1,13 +1,11 @@
-#!/bin/bash
+#!/bin/bash
### BEGIN INIT INFO
# Provides: cloud
-# Required-Start: mountkernfs $local_fs cloud-early-config
+# Required-Start: $local_fs cloud-early-config
# Required-Stop: $local_fs
-# Should-Start:
-# Should-Stop:
-# Default-Start:
+# Default-Start: 3 4 5
# Default-Stop: 0 1 6
-# Short-Description: Start up the CloudStack cloud service
+# Short-Description: Start up the CloudStack cloud service
### END INIT INFO
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
diff --git a/systemvm/patches/debian/config/etc/init.d/cloud-early-config b/systemvm/patches/debian/config/etc/init.d/cloud-early-config
index 3bdebdb..1d3a890 100755
--- a/systemvm/patches/debian/config/etc/init.d/cloud-early-config
+++ b/systemvm/patches/debian/config/etc/init.d/cloud-early-config
@@ -1,10 +1,8 @@
#!/bin/bash
### BEGIN INIT INFO
# Provides: cloud-early-config
-# Required-Start: mountkernfs $local_fs
+# Required-Start: $local_fs
# Required-Stop: $local_fs
-# Should-Start:
-# Should-Stop:
# Default-Start: S
# Default-Stop: 0 6
# Short-Description: configure according to cmdline
@@ -38,6 +36,9 @@ mkdir -p /var/lib/haproxy
# Clear boot up flag, it would be created by rc.local after boot up done
rm -f /var/cache/cloud/boot_up_done
+# Randomize cloud password so only ssh login is allowed
+echo "cloud:`openssl rand -base64 32`" | chpasswd
+
[ -x /sbin/ifup ] || exit 0
. /lib/lsb/init-functions
@@ -807,7 +808,7 @@ setup_sshd(){
setup_vpc_apache2() {
log_it "Setting up apache web server for VPC"
- chkconfig apache2 off
+ systemctl disable apache2
clean_ipalias_config
setup_apache2_common
}
@@ -942,7 +943,7 @@ setup_router() {
disable_rpfilter_domR
enable_fwding 1
enable_rpsrfs 1
- chkconfig nfs-common off
+ systemctl disable nfs-common
cp /etc/iptables/iptables-router /etc/iptables/rules.v4
#for old templates
cp /etc/iptables/iptables-router /etc/iptables/rules
@@ -1083,7 +1084,7 @@ setup_dhcpsrvr() {
enable_svc cloud-passwd-srvr 1
enable_svc cloud 0
enable_fwding 0
- chkconfig nfs-common off
+ systemctl disable nfs-common
cp /etc/iptables/iptables-router /etc/iptables/rules.v4
cp /etc/iptables/iptables-router /etc/iptables/rules
@@ -1239,7 +1240,7 @@ setup_console_proxy() {
enable_svc dnsmasq 0
enable_svc cloud-passwd-srvr 0
enable_svc cloud 1
- chkconfig nfs-common off
+ systemctl disable nfs-common
rm /etc/logrotate.d/cloud
}
@@ -1267,8 +1268,8 @@ setup_elbvm() {
enable_svc dnsmasq 0
enable_svc cloud-passwd-srvr 0
enable_svc cloud 0
- chkconfig nfs-common off
- chkconfig portmap off
+ systemctl disable nfs-common
+ systemctl disable portmap
}
setup_ilbvm() {
@@ -1290,8 +1291,8 @@ setup_ilbvm() {
enable_svc dnsmasq 0
enable_svc cloud-passwd-srvr 0
enable_svc cloud 0
- chkconfig nfs-common off
- chkconfig portmap off
+ systemctl disable nfs-common
+ systemctl disable portmap
}
setup_default() {
diff --git a/systemvm/patches/debian/config/etc/init.d/cloud-passwd-srvr b/systemvm/patches/debian/config/etc/init.d/cloud-passwd-srvr
index 33b0ea3..c089e72 100755
--- a/systemvm/patches/debian/config/etc/init.d/cloud-passwd-srvr
+++ b/systemvm/patches/debian/config/etc/init.d/cloud-passwd-srvr
@@ -1,12 +1,10 @@
-#!/bin/bash
+#!/bin/bash
### BEGIN INIT INFO
# Provides: cloud-passwd-srvr
-# Required-Start: mountkernfs $local_fs cloud-early-config iptables-persistent
+# Required-Start: $local_fs cloud-early-config
# Required-Stop: $local_fs
-# Should-Start:
-# Should-Stop:
-# Default-Start:
-# Default-Stop: 0 6
+# Default-Start: 3 4 5
+# Default-Stop: 0 1 6
# Short-Description: Web server that sends passwords to User VMs
### END INIT INFO
# Licensed to the Apache Software Foundation (ASF) under one
diff --git a/systemvm/patches/debian/config/etc/init.d/postinit b/systemvm/patches/debian/config/etc/init.d/postinit
index 818959f..ddbcb08 100755
--- a/systemvm/patches/debian/config/etc/init.d/postinit
+++ b/systemvm/patches/debian/config/etc/init.d/postinit
@@ -1,13 +1,11 @@
#!/bin/bash -e
### BEGIN INIT INFO
# Provides: postinit
-# Required-Start: mountkernfs $local_fs cloud-early-config
+# Required-Start: $local_fs cloud-early-config
# Required-Stop: $local_fs
-# Should-Start:
-# Should-Stop:
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
-# Short-Description: post-init
+# Short-Description: post-init
### END INIT INFO
# Licensed to the Apache Software Foundation (ASF) under one
diff --git a/systemvm/patches/debian/config/etc/rc.local b/systemvm/patches/debian/config/etc/rc.local
index 3b19218..c0b1939 100755
--- a/systemvm/patches/debian/config/etc/rc.local
+++ b/systemvm/patches/debian/config/etc/rc.local
@@ -1,4 +1,4 @@
-#/bin/bash
+#!/bin/bash
#Licensed to the Apache Software Foundation (ASF) under one
#or more contributor license agreements. See the NOTICE file
diff --git a/systemvm/patches/debian/config/etc/ssh/sshd_config b/systemvm/patches/debian/config/etc/ssh/sshd_config
index 6c64719..75f30cc 100644
--- a/systemvm/patches/debian/config/etc/ssh/sshd_config
+++ b/systemvm/patches/debian/config/etc/ssh/sshd_config
@@ -13,7 +13,6 @@
Port 3922
#AddressFamily any
#ListenAddress 0.0.0.0
-#ListenAddress ::
# Disable legacy (protocol version 1) support in the server for new
# installations. In future the default will change to require explicit
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/patchsystemvm.sh b/systemvm/patches/debian/config/opt/cloud/bin/patchsystemvm.sh
index 34450dc..81a1b14 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/patchsystemvm.sh
+++ b/systemvm/patches/debian/config/opt/cloud/bin/patchsystemvm.sh
@@ -40,34 +40,34 @@ patch_console_proxy() {
}
consoleproxy_svcs() {
- chkconfig cloud on
- chkconfig postinit on
- chkconfig cloud-passwd-srvr off
- chkconfig haproxy off ;
- chkconfig dnsmasq off
- chkconfig ssh on
- chkconfig apache2 off
- chkconfig nfs-common off
- chkconfig portmap off
- chkconfig keepalived off
- chkconfig conntrackd off
+ systemctl enable cloud
+ systemctl enable postinit
+ systemctl disable cloud-passwd-srvr
+ systemctl disable haproxy
+ systemctl disable dnsmasq
+ systemctl enable ssh
+ systemctl disable apache2
+ systemctl disable nfs-common
+ systemctl disable portmap
+ systemctl disable keepalived
+ systemctl disable conntrackd
echo "cloud postinit ssh" > /var/cache/cloud/enabled_svcs
echo "cloud-passwd-srvr haproxy dnsmasq apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
mkdir -p /var/log/cloud
}
secstorage_svcs() {
- chkconfig cloud on
- chkconfig postinit on
- chkconfig cloud-passwd-srvr off
- chkconfig haproxy off ;
- chkconfig dnsmasq off
- chkconfig portmap on
- chkconfig nfs-common on
- chkconfig ssh on
- chkconfig apache2 off
- chkconfig keepalived off
- chkconfig conntrackd off
+ systemctl enable cloud on
+ systemctl enable postinit on
+ systemctl disable cloud-passwd-srvr
+ systemctl disable haproxy
+ systemctl disable dnsmasq
+ systemctl enable portmap
+ systemctl enable nfs-common
+ systemctl enable ssh
+ systemctl disable apache2
+ systemctl disable keepalived
+ systemctl disable conntrackd
echo "cloud postinit ssh nfs-common portmap" > /var/cache/cloud/enabled_svcs
echo "cloud-passwd-srvr haproxy dnsmasq" > /var/cache/cloud/disabled_svcs
mkdir -p /var/log/cloud
@@ -76,67 +76,67 @@ secstorage_svcs() {
routing_svcs() {
grep "redundant_router=1" /var/cache/cloud/cmdline > /dev/null
RROUTER=$?
- chkconfig cloud off
- chkconfig haproxy on ;
- chkconfig ssh on
- chkconfig nfs-common off
- chkconfig portmap off
+ systemctl disable cloud
+ systemctl disable haproxy
+ systemctl enable ssh
+ systemctl disable nfs-common
+ systemctl disable portmap
echo "ssh haproxy apache2" > /var/cache/cloud/enabled_svcs
echo "cloud nfs-common portmap" > /var/cache/cloud/disabled_svcs
if [ $RROUTER -eq 0 ]
then
- chkconfig dnsmasq off
- chkconfig cloud-passwd-srvr off
- chkconfig keepalived on
- chkconfig conntrackd on
- chkconfig postinit on
+ systemctl disable dnsmasq
+ systemctl disable cloud-passwd-srvr
+ systemctl enable keepalived
+ systemctl enable conntrackd
+ systemctl enable postinit
echo "keepalived conntrackd postinit" >> /var/cache/cloud/enabled_svcs
echo "dnsmasq cloud-passwd-srvr" >> /var/cache/cloud/disabled_svcs
else
- chkconfig dnsmasq on
- chkconfig cloud-passwd-srvr on
- chkconfig keepalived off
- chkconfig conntrackd off
+ systemctl enable dnsmasq
+ systemctl enable cloud-passwd-srvr
+ systemctl disable keepalived
+ systemctl disable conntrackd
echo "dnsmasq cloud-passwd-srvr " >> /var/cache/cloud/enabled_svcs
echo "keepalived conntrackd " >> /var/cache/cloud/disabled_svcs
fi
}
dhcpsrvr_svcs() {
- chkconfig cloud off
- chkconfig cloud-passwd-srvr on ;
- chkconfig haproxy off ;
- chkconfig dnsmasq on
- chkconfig ssh on
- chkconfig nfs-common off
- chkconfig portmap off
- chkconfig keepalived off
- chkconfig conntrackd off
+ systemctl disable cloud
+ systemctl enable cloud-passwd-srvr
+ systemctl disable haproxy
+ systemctl enable dnsmasq
+ systemctl enable ssh
+ systemctl disable nfs-common
+ systemctl disable portmap
+ systemctl disable keepalived
+ systemctl disable conntrackd
echo "ssh dnsmasq cloud-passwd-srvr apache2" > /var/cache/cloud/enabled_svcs
echo "cloud nfs-common haproxy portmap" > /var/cache/cloud/disabled_svcs
}
elbvm_svcs() {
- chkconfig cloud off
- chkconfig haproxy on ;
- chkconfig ssh on
- chkconfig nfs-common off
- chkconfig portmap off
- chkconfig keepalived off
- chkconfig conntrackd off
+ systemctl disable cloud
+ systemctl disable haproxy
+ systemctl enable ssh
+ systemctl disable nfs-common
+ systemctl disable portmap
+ systemctl disable keepalived
+ systemctl disable conntrackd
echo "ssh haproxy" > /var/cache/cloud/enabled_svcs
echo "cloud dnsmasq cloud-passwd-srvr apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
}
ilbvm_svcs() {
- chkconfig cloud off
- chkconfig haproxy on ;
- chkconfig ssh on
- chkconfig nfs-common off
- chkconfig portmap off
- chkconfig keepalived off
- chkconfig conntrackd off
+ systemctl disable cloud
+ systemctl enable haproxy
+ systemctl enable ssh
+ systemctl disable nfs-common
+ systemctl disable portmap
+ systemctl disable keepalived
+ systemctl disable conntrackd
echo "ssh haproxy" > /var/cache/cloud/enabled_svcs
echo "cloud dnsmasq cloud-passwd-srvr apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
}
@@ -149,11 +149,11 @@ enable_pcihotplug() {
}
enable_serial_console() {
- sed -i -e "/^serial.*/d" /boot/grub/grub.conf
- sed -i -e "/^terminal.*/d" /boot/grub/grub.conf
- sed -i -e "/^default.*/a\serial --unit=0 --speed=115200 --parity=no --stop=1" /boot/grub/grub.conf
- sed -i -e "/^serial.*/a\terminal --timeout=0 serial console" /boot/grub/grub.conf
- sed -i -e "s/\(^kernel.* ro\) \(console.*\)/\1 console=tty0 console=ttyS0,115200n8/" /boot/grub/grub.conf
+ #sed -i -e "/^serial.*/d" /boot/grub/grub.conf
+ #sed -i -e "/^terminal.*/d" /boot/grub/grub.conf
+ #sed -i -e "/^default.*/a\serial --unit=0 --speed=115200 --parity=no --stop=1" /boot/grub/grub.conf
+ #sed -i -e "/^serial.*/a\terminal --timeout=0 serial console" /boot/grub/grub.conf
+ #sed -i -e "s/\(^kernel.* ro\) \(console.*\)/\1 console=tty0 console=ttyS0,115200n8/" /boot/grub/grub.conf
sed -i -e "/^s0:2345:respawn.*/d" /etc/inittab
sed -i -e "/6:23:respawn/a\s0:2345:respawn:/sbin/getty -L 115200 ttyS0 vt102" /etc/inittab
}
diff --git a/tools/appliance/build.sh b/tools/appliance/build.sh
index 0b31cc1..45f4728 100755
--- a/tools/appliance/build.sh
+++ b/tools/appliance/build.sh
@@ -594,7 +594,7 @@ function main() {
add_on_exit veewee_destroy
veewee_build
save_mac_address
- veewee_halt
+ veewee_halt || true
retry 10 check_appliance_shutdown
retry 10 check_appliance_disk_ready
retry 10 remove_shares
diff --git a/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh b/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
index f98c6b5..eb9b790 100644
--- a/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
+++ b/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
@@ -23,20 +23,23 @@ function add_backports() {
sed -i '/cdrom/d' /etc/apt/sources.list
sed -i '/deb-src/d' /etc/apt/sources.list
sed -i '/backports/d' /etc/apt/sources.list
- echo 'deb http://http.debian.net/debian wheezy-backports main' >> /etc/apt/sources.list
+ echo 'deb http://http.debian.net/debian stretch-backports main' >> /etc/apt/sources.list
}
function apt_upgrade() {
DEBIAN_FRONTEND=noninteractive
DEBIAN_PRIORITY=critical
+ # Setup sudo
+ echo 'cloud ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/cloud
+
add_backports
rm -fv /root/*.iso
apt-get -y autoremove
apt-get autoclean
- apt-get -q -y --force-yes update
- apt-get -q -y --force-yes upgrade
+ apt-get -q -y update
+ apt-get -q -y upgrade
df -h
}
diff --git a/tools/appliance/definitions/systemvmtemplate/authorized_keys.sh b/tools/appliance/definitions/systemvmtemplate/authorized_keys.sh
index 63da2f4..d185723 100644
--- a/tools/appliance/definitions/systemvmtemplate/authorized_keys.sh
+++ b/tools/appliance/definitions/systemvmtemplate/authorized_keys.sh
@@ -25,5 +25,6 @@ set -x
key='ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvFu3MLSPphFRBR1yM7nBukXWS9gPdAXfqq9cfC8ZqQN9ybi531aj44CybZ4BVT4kLfzbAs7+7nJeSIpPHxjv9XFqbxjIxoFeGYkj7s0RrJgtsEmvAAubZ3mYboUAYUivMgnJFLnv4VqyAbpjix6CfECUiU4ygwo24F3F6bAmhl4Vo1R5TSUdDIX876YePJTFtuVkLl4lu/+xw1QRWrgaSFosGICT37IKY7RjE79Ozb0GjNHyJPPgVAGkUVO4LawroL9dYOBlzdHpmqqA9Kc44oQBpvcU7s1+ezRTt7fZNnP7TG9ninZtrvnP4qmwAc4iUJ7N1bwh0mCblnoTfZ28hw== anthony@mobl-ant'
mkdir -p /root/.ssh
chmod 644 /root/.ssh
+#touch /root/.ssh/authorized_keys
echo ${key} > /root/.ssh/authorized_keys
chmod 600 /root/.ssh/authorized_keys
diff --git a/tools/appliance/definitions/systemvmtemplate/build_time.sh b/tools/appliance/definitions/systemvmtemplate/build_time.sh
deleted file mode 100644
index c25644b..0000000
--- a/tools/appliance/definitions/systemvmtemplate/build_time.sh
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-set -e
-set -x
-
-function build_time() {
- date > /etc/vagrant_box_build_time
-}
-
-return 2>/dev/null || build_time
diff --git a/tools/appliance/definitions/systemvmtemplate/cleanup.sh b/tools/appliance/definitions/systemvmtemplate/cleanup.sh
index cd32d5b..67d6c23 100644
--- a/tools/appliance/definitions/systemvmtemplate/cleanup.sh
+++ b/tools/appliance/definitions/systemvmtemplate/cleanup.sh
@@ -20,7 +20,6 @@ set -e
set -x
function cleanup_apt() {
- #apt-get -y remove linux-headers-$(uname -r) build-essential
apt-get -y remove dictionaries-common busybox
apt-get -y autoremove
apt-get autoclean
diff --git a/tools/appliance/definitions/systemvmtemplate/configure_grub.sh b/tools/appliance/definitions/systemvmtemplate/configure_grub.sh
index 5b6a80a..ec40b7c 100644
--- a/tools/appliance/definitions/systemvmtemplate/configure_grub.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_grub.sh
@@ -31,9 +31,13 @@ GRUB_DEFAULT=0
GRUB_TIMEOUT=0
GRUB_DISTRIBUTOR=`lsb_release -i -s 2> /dev/null || echo Debian`
GRUB_CMDLINE_LINUX_DEFAULT="quiet"
-GRUB_CMDLINE_LINUX="debian-installer=en_US"
+GRUB_CMDLINE_LINUX="console=tty1 console=ttyS0,115200n8 net.ifnames=0 biosdevname=0 debian-installer=en_US"
+GRUB_TERMINAL="console serial"
+GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1"
+
EOF
+ grub-mkconfig -o /boot/grub/grub.cfg
update-grub
}
diff --git a/tools/appliance/definitions/systemvmtemplate/configure_login.sh b/tools/appliance/definitions/systemvmtemplate/configure_login.sh
index 36fccab..1735b81 100644
--- a/tools/appliance/definitions/systemvmtemplate/configure_login.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_login.sh
@@ -23,11 +23,12 @@ function add_admin_group() {
groupadd -f -r admin
}
-function configure_cloud_user() {
+function configure_user() {
usermod -a -G admin cloud
mkdir -p /home/cloud/.ssh
chmod 700 /home/cloud/.ssh
echo "cloud:`openssl rand -base64 32`" | chpasswd
+ echo "root:password" | chpasswd
}
function configure_sudoers() {
@@ -42,7 +43,7 @@ root ALL=(ALL:ALL) ALL
#includedir /etc/sudoers.d
END
- echo 'cloud ALL=NOPASSWD:/bin/chmod, /bin/cp, /bin/mkdir, /bin/mount, /bin/umount' > /etc/sudoers.d/cloud
+ echo 'cloud ALL=NOPASSWD:/bin/chmod, /bin/cp, /bin/mkdir, /bin/mount, /bin/umount, /sbin/halt' > /etc/sudoers.d/cloud
}
# sshd_config is overwritten from cloud_scripts
@@ -58,8 +59,6 @@ END
#}
function configure_inittab() {
- grep "vc:2345:respawn:/sbin/getty" /etc/inittab && return
-
# Fix inittab
cat >> /etc/inittab << EOF
@@ -68,11 +67,13 @@ EOF
}
function configure_login() {
- add_admin_group
- configure_cloud_user
- configure_sudoers
# configure_sshd
configure_inittab
+ add_admin_group
+ configure_sudoers
+ configure_user
+ rm -fv /home/cloud/configure_login.sh
+ halt -p
}
return 2>/dev/null || configure_login
diff --git a/tools/appliance/definitions/systemvmtemplate/configure_networking.sh b/tools/appliance/definitions/systemvmtemplate/configure_networking.sh
index bddcd6c..2ebd3a2 100644
--- a/tools/appliance/definitions/systemvmtemplate/configure_networking.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_networking.sh
@@ -21,13 +21,6 @@ set -x
HOSTNAME=systemvm
-# Adding a 2 sec delay to the interface up, to make the dhclient happy
-function set_interface_sleep() {
- grep "pre-up sleep 2" /etc/network/interfaces && return
-
- echo "pre-up sleep 2" >> /etc/network/interfaces
-}
-
function configure_resolv_conf() {
grep 8.8.8.8 /etc/resolv.conf && grep 8.8.4.4 /etc/resolv.conf && return
@@ -52,8 +45,24 @@ function configure_hostname() {
hostname $HOSTNAME
}
+function configure_interfaces() {
+ cat > /etc/network/interfaces << EOF
+source /etc/network/interfaces.d/*
+
+# The loopback network interface
+auto lo
+iface lo inet loopback
+
+# The primary network interface
+auto eth0
+iface eth0 inet dhcp
+pre-up sleep 2
+
+EOF
+}
+
function configure_networking() {
- set_interface_sleep
+ configure_interfaces
configure_resolv_conf
delete_dhcp_ip
configure_hostname
diff --git a/tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh b/tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh
index 60082e3..f3bd52a 100644
--- a/tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh
@@ -19,15 +19,15 @@
set -e
set -x
-CLOUDSTACK_RELEASE=4.6.0
+CLOUDSTACK_RELEASE=4.11.0
function configure_apache2() {
# Enable ssl, rewrite and auth
a2enmod ssl rewrite auth_basic auth_digest
a2ensite default-ssl
# Backup stock apache configuration since we may modify it in Secondary Storage VM
- cp /etc/apache2/sites-available/default /etc/apache2/sites-available/default.orig
- cp /etc/apache2/sites-available/default-ssl /etc/apache2/sites-available/default-ssl.orig
+ cp /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-available/default.orig
+ cp /etc/apache2/sites-available/default-ssl.conf /etc/apache2/sites-available/default-ssl.orig
sed -i 's/SSLProtocol all -SSLv2$/SSLProtocol all -SSLv2 -SSLv3/g' /etc/apache2/mods-available/ssl.conf
}
@@ -39,12 +39,76 @@ function install_cloud_scripts() {
/etc/init.d/{cloud,cloud-early-config,cloud-passwd-srvr,postinit} \
/etc/profile.d/cloud.sh
- chkconfig --add cloud-early-config
- chkconfig cloud-early-config on
- chkconfig --add cloud-passwd-srvr
- chkconfig cloud-passwd-srvr off
- chkconfig --add cloud
- chkconfig cloud off
+ cat > /lib/systemd/system/cloud-early-config.service << EOF
+[Unit]
+Description=cloud-early-config: configure according to cmdline
+DefaultDependencies=no
+After=local-fs.target apparmor.service systemd-sysctl.service systemd-modules-load.service
+
+[Install]
+WantedBy=multi-user.target
+
+[Service]
+Type=oneshot
+ExecStart=/etc/init.d/cloud-early-config start
+ExecStop=/etc/init.d/cloud-early-config stop
+RemainAfterExit=true
+TimeoutStartSec=5min
+
+EOF
+
+ cat > /lib/systemd/system/cloud.service << EOF
+[Unit]
+Description=cloud: startup cloud service
+After=cloud-early-config.service network.target local-fs.target
+
+[Install]
+WantedBy=multi-user.target
+
+[Service]
+Type=forking
+ExecStart=/etc/init.d/cloud start
+ExecStop=/etc/init.d/cloud stop
+RemainAfterExit=true
+TimeoutStartSec=5min
+EOF
+
+ cat > /lib/systemd/system/cloud-passwd-srvr.service << EOF
+[Unit]
+Description=cloud-passwd-srvr: cloud password server
+After=network.target local-fs.target
+
+[Install]
+WantedBy=multi-user.target
+
+[Service]
+Type=forking
+ExecStart=/etc/init.d/cloud-passwd-srvr start
+ExecStop=/etc/init.d/cloud-passwd-srvr stop
+RemainAfterExit=true
+TimeoutStartSec=5min
+EOF
+
+ cat > /lib/systemd/system/postinit.service << EOF
+[Unit]
+Description=cloud post-init service
+After=cloud-early-config.service network.target local-fs.target
+
+[Install]
+WantedBy=multi-user.target
+
+[Service]
+Type=forking
+ExecStart=/etc/init.d/postinit start
+ExecStop=/etc/init.d/postinit stop
+RemainAfterExit=true
+TimeoutStartSec=5min
+EOF
+
+ systemctl daemon-reload
+ systemctl enable cloud-early-config
+ systemctl disable cloud-passwd-srvr
+ systemctl disable cloud
}
function do_signature() {
@@ -72,18 +136,20 @@ function configure_services() {
install_cloud_scripts
do_signature
- chkconfig xl2tpd off
+ systemctl daemon-reload
+ systemctl disable xl2tpd
# Disable services that slow down boot and are not used anyway
- chkconfig x11-common off
- chkconfig console-setup off
+ systemctl disable x11-common
+ systemctl disable console-setup
+ systemctl disable haproxy
# Hyperv kvp daemon - 64bit only
local arch=`dpkg --print-architecture`
if [ "${arch}" == "amd64" ]; then
- chkconfig hv_kvp_daemon off
+ systemctl disable hv_kvp_daemon
fi
- chkconfig radvd off
+ systemctl disable radvd
configure_apache2
configure_strongswan
diff --git a/tools/appliance/definitions/systemvmtemplate/definition.rb b/tools/appliance/definitions/systemvmtemplate/definition.rb
index e0c44e2..cea7bd2 100644
--- a/tools/appliance/definitions/systemvmtemplate/definition.rb
+++ b/tools/appliance/definitions/systemvmtemplate/definition.rb
@@ -15,7 +15,7 @@
# specific language governing permissions and limitations
# under the License.
-arch = ENV['VM_ARCH'] || 'i386'
+arch = 'amd64'
#
# NOTE: Before changing the version of the debian image make
@@ -25,25 +25,19 @@ arch = ENV['VM_ARCH'] || 'i386'
# removed from the debian mirrors
#
architectures = {
- :i386 => {
- :os_type_id => 'Debian',
- :iso_file => 'debian-7.11.0-i386-netinst.iso',
- :iso_src => 'http://cdimage.debian.org/cdimage/archive/7.11.0/i386/iso-cd/debian-7.11.0-i386-netinst.iso',
- :iso_md5 => '75055a694508f5b891038ec12d703c9e',
- },
:amd64 => {
:os_type_id => 'Debian_64',
- :iso_file => 'debian-7.11.0-amd64-netinst.iso',
- :iso_src => 'http://cdimage.debian.org/cdimage/archive/7.11.0/amd64/iso-cd/debian-7.11.0-amd64-netinst.iso',
- :iso_md5 => '096c1c18b44c269808bd815d58c53c8f'
+ :iso_file => 'debian-9.1.0-amd64-netinst.iso',
+ :iso_src => 'https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-9.1.0-amd64-netinst.iso',
+ :iso_md5 => 'ddd8f6542dae8baf410e90b9ae0fe986'
}
}
config = {
:cpu_count => '1',
- :memory_size => '256',
- :disk_size => '3200', :disk_format => 'VDI', :hostiocache => 'off',
- :iso_download_timeout => '1200',
+ :memory_size => '512',
+ :disk_size => '2000', :disk_format => 'VDI', :hostiocache => 'off',
+ :iso_download_timeout => '1000',
:boot_wait => '10',
:boot_cmd_sequence => [
'<Esc>',
@@ -63,11 +57,11 @@ config = {
'<Enter>'
],
:kickstart_port => '7122',
- :kickstart_timeout => '1200',
+ :kickstart_timeout => '1000',
:kickstart_file => 'preseed.cfg',
- :ssh_login_timeout => '1200',
- :ssh_user => 'root',
- :ssh_password => 'password',
+ :ssh_login_timeout => '10000',
+ :ssh_user => 'cloud',
+ :ssh_password => 'cloud',
:ssh_key => '',
:ssh_host_port => '7222',
:ssh_guest_port => '22',
@@ -75,11 +69,9 @@ config = {
:shutdown_cmd => 'halt -p',
:postinstall_files => [
# basic minimal vm creation
- 'build_time.sh',
'apt_upgrade.sh',
'configure_grub.sh',
'configure_locale.sh',
- 'configure_login.sh',
'configure_networking.sh',
'configure_acpid.sh',
# turning it into a systemvm
@@ -91,9 +83,11 @@ config = {
'configure_persistent_config.sh',
# cleanup & space-saving
'cleanup.sh',
- 'zerodisk.sh'
+ 'zerodisk.sh',
+ # setup login stuff
+ 'configure_login.sh'
],
- :postinstall_timeout => '1200'
+ :postinstall_timeout => '10000'
}
config.merge! architectures[arch.to_sym]
diff --git a/tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh b/tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh
index 9daa2d8..227f533 100644
--- a/tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh
+++ b/tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh
@@ -43,7 +43,7 @@ function install_packages() {
debconf_packages
install_vhd_util
- local apt_get="apt-get --no-install-recommends -q -y --force-yes"
+ local apt_get="apt-get --no-install-recommends -q -y"
#32 bit architecture support:: not required for 32 bit template
if [ "${arch}" != "i386" ]; then
@@ -53,8 +53,8 @@ function install_packages() {
fi
${apt_get} install \
- rsyslog logrotate cron chkconfig insserv net-tools ifupdown vim-tiny netbase iptables \
- openssh-server e2fsprogs dhcp3-client tcpdump socat wget \
+ rsyslog logrotate cron insserv net-tools ifupdown vim netbase iptables \
+ openssh-server e2fsprogs isc-dhcp-client tcpdump socat wget \
python bzip2 sed gawk diffutils grep gzip less tar telnet ftp rsync traceroute psmisc lsof procps \
inetutils-ping iputils-arping httping curl \
dnsutils zip unzip ethtool uuid file iproute acpid virt-what sudo \
@@ -67,19 +67,22 @@ function install_packages() {
xenstore-utils libxenstore3.0 \
conntrackd ipvsadm libnetfilter-conntrack3 libnl-3-200 libnl-genl-3-200 \
ipcalc \
+ openjdk-8-jre-headless \
ipset \
iptables-persistent \
libtcnative-1 libssl-dev libapr1-dev \
python-flask \
haproxy \
radvd \
- sharutils
+ sharutils \
+ keepalived irqbalance open-vm-tools qemu-guest-agent \
+ strongswan libcharon-extra-plugins libstrongswan-extra-plugins
- ${apt_get} -t wheezy-backports install keepalived irqbalance open-vm-tools qemu-guest-agent
- ${apt_get} -t wheezy-backports install strongswan libcharon-extra-plugins libstrongswan-extra-plugins
+ apt-get autoclean
+ apt-get clean
apt-get update
- apt-get -y --force-yes upgrade
+ apt-get -y upgrade
if [ "${arch}" == "amd64" ]; then
# Hyperv kvp daemon - 64bit only
@@ -87,22 +90,7 @@ function install_packages() {
wget http://people.apache.org/~rajeshbattala/hv-kvp-daemon_3.1_amd64.deb
dpkg -i hv-kvp-daemon_3.1_amd64.deb
rm -f hv-kvp-daemon_3.1_amd64.deb
- # XS tools
- wget --no-check-certificate https://raw.githubusercontent.com/rhtyd/cloudstack-nonoss/master/xe-guest-utilities_6.5.0_amd64.deb
- md5sum xe-guest-utilities_6.5.0_amd64.deb
- dpkg -i xe-guest-utilities_6.5.0_amd64.deb
- rm -f xe-guest-utilities_6.5.0_amd64.deb
fi
-
- # Install OpenJDK8 pkgs maintained by Azul
- apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 0x219BD9C9
- echo 'deb http://repos.azulsystems.com/debian stable main' > /etc/apt/sources.list.d/zulu.list
- apt-get -y autoremove
- apt-get autoclean
- apt-get clean
- apt-get update
- ${apt_get} install zulu-8
- java -version
}
return 2>/dev/null || install_packages
diff --git a/tools/appliance/definitions/systemvmtemplate/preseed.cfg b/tools/appliance/definitions/systemvmtemplate/preseed.cfg
index 77402d7..6d56b76 100644
--- a/tools/appliance/definitions/systemvmtemplate/preseed.cfg
+++ b/tools/appliance/definitions/systemvmtemplate/preseed.cfg
@@ -17,22 +17,35 @@
### Localization
# Locale sets language and country.
-d-i debian-installer/locale string en_US
+d-i debian-installer/locale string en_US.UTF-8
# Keyboard selection.
-d-i console-keymaps-at/keymap select us
+d-i keyboard-configuration/xkb-keymap select us
### Network configuration
d-i netcfg/choose_interface select auto
d-i netcfg/get_hostname string systemvm
-d-i netcfg/get_domain string cloudstack.org
+d-i netcfg/get_domain string apache.org
+d-i netcfg/wireless_wep string
+
+d-i hw-detect/load_firmware boolean true
### Mirror settings
d-i mirror/country string manual
-d-i mirror/http/hostname string http.us.debian.org
+d-i mirror/http/hostname string http.debian.net
d-i mirror/http/directory string /debian
d-i mirror/http/proxy string
+### Apt setup
+d-i apt-setup/cdrom/set-first false
+#d-i apt-setup/non-free boolean true
+#d-i apt-setup/contrib boolean true
+#d-i apt-setup/use_mirror boolean true
+d-i apt-setup/services-select multiselect security, updates
+d-i apt-setup/security_host string security.debian.org
+d-i apt-setup/local0/source boolean false
+d-i apt-setup/multiarch string i386
+
### Clock and time zone setup
d-i clock-setup/utc boolean true
d-i time/zone string UTC
@@ -44,51 +57,33 @@ d-i partman-auto/method string regular
d-i partman-auto/choose_recipe select atomic
d-i partman-auto/expert_recipe string \
boot-root :: \
- 80 50 160 ext4 \
+ 80 50 100 ext4 \
$primary{ } $bootable{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /boot } \
. \
- 500 40 800 ext4 \
+ 1500 40 1600 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ / } \
. \
- 50 100 100 ext4 \
- method{ format } format{ } \
- use_filesystem{ } filesystem{ ext4 } \
- mountpoint{ /home } \
- . \
- 1000 60 1400 ext4 \
- method{ format } format{ } \
- use_filesystem{ } filesystem{ ext4 } \
- mountpoint{ /usr } \
- . \
- 200 40 300 ext4 \
- method{ format } format{ } \
- use_filesystem{ } filesystem{ ext4 } \
- mountpoint{ /opt } \
- . \
- 600 70 1200 ext4 \
- method{ format } format{ } \
- use_filesystem{ } filesystem{ ext4 } \
- mountpoint{ /var } \
- . \
- 400 50 500 ext4 \
+ 300 50 300 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /var/log } \
. \
- 100 90 200 ext4 \
+ 100 90 100 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /tmp } \
. \
- 256 100 1024 linux-swap \
+ 100 100 200 linux-swap \
method{ swap } format{ } \
.
-d-i partman/confirm_write_new_label boolean true
+
+d-i partman-md/confirm boolean true
+d-i partman-partitioning/confirm_write_new_label boolean true
d-i partman/choose_partition select finish
d-i partman/confirm boolean true
d-i partman/confirm_nooverwrite boolean true
@@ -97,10 +92,10 @@ d-i partman/confirm_nooverwrite boolean true
# ...
### Account setup
-d-i passwd/root-login boolean true
+d-i passwd/root-login boolean false
d-i passwd/root-password password password
d-i passwd/root-password-again password password
-d-i passwd/user-fullname string Cloud Stack
+d-i passwd/user-fullname string Cloud User
d-i passwd/username string cloud
d-i passwd/user-password password cloud
d-i passwd/user-password-again password cloud
@@ -108,12 +103,14 @@ d-i user-setup/encrypt-home boolean false
d-i user-setup/allow-password-weak boolean true
d-i passwd/user-default-groups string audio cdrom video admin
+#openssh-server openssh-server/permit-root-login boolean true
+
### Apt setup
# ...
### Package selection
tasksel tasksel/first multiselect ssh-server
-d-i pkgsel/include string openssh-server ntp acpid sudo bzip2 openssl
+d-i pkgsel/include string openssh-server ntp acpid sudo bzip2 openssl
# Allowed values: none, safe-upgrade, full-upgrade
d-i pkgsel/upgrade select none
@@ -121,12 +118,10 @@ popularity-contest popularity-contest/participate boolean false
### Boot loader installation
d-i grub-installer/only_debian boolean true
+d-i grub-installer/with_other_os boolean true
+d-i grub-installer/bootdev string default
d-i finish-install/reboot_in_progress note
-### Preseeding other packages
-libssl1.0.0 libssl1.0.0/restart-services string
-libssl1.0.0 libssl1.0.0/restart-failed error
-
#### Advanced options
# Prevent packaged version of VirtualBox Guest Additions being installed:
d-i preseed/early_command string sed -i \
diff --git a/tools/appliance/definitions/systemvmtemplate/zerodisk.sh b/tools/appliance/definitions/systemvmtemplate/zerodisk.sh
index d0cc131..7adea8a 100644
--- a/tools/appliance/definitions/systemvmtemplate/zerodisk.sh
+++ b/tools/appliance/definitions/systemvmtemplate/zerodisk.sh
@@ -22,9 +22,10 @@ set -x
# clean up stuff copied in by veewee
function cleanup_veewee() {
# this has to be here since it is the last file to run (and we remove ourselves)
- rm -fv /root/*.iso
- rm -fv /root/{apt_upgrade,authorized_keys,build_time,cleanup,install_systemvm_packages,zerodisk}.sh
- rm -fv /root/configure_{acpid,conntrack,grub,locale,login,networking,systemvm_services}.sh
+ cd /home/cloud
+ rm -fv *.iso
+ rm -fv {apt_upgrade,authorized_keys,cleanup,install_systemvm_packages,zerodisk}.sh
+ rm -fv configure_{acpid,conntrack,grub,locale,networking,persistent_config,systemvm_services}.sh /home/cloud/install_systemvm_packages.sh
rm -fv .veewee_version .veewee_params .vbox_version
}
@@ -32,7 +33,7 @@ function cleanup_veewee() {
function zero_disk() {
cleanup_veewee
- for path in / /boot /usr /var /var/log /opt /tmp /home
+ for path in / /boot /var/log /tmp
do
dd if=/dev/zero of=${path}/zero bs=1M || true
sync
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 31/34: don't skip rvr tests for vmware
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit aa51d5b623a3c8212973acff928a7f7b6928e27b
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Wed Dec 13 16:24:08 2017 +0530
don't skip rvr tests for vmware
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
test/integration/smoke/test_internal_lb.py | 10 ----------
test/integration/smoke/test_privategw_acl.py | 8 --------
test/integration/smoke/test_routers_network_ops.py | 10 ----------
test/integration/smoke/test_vpc_redundant.py | 10 ----------
test/integration/smoke/test_vpc_vpn.py | 10 ----------
5 files changed, 48 deletions(-)
diff --git a/test/integration/smoke/test_internal_lb.py b/test/integration/smoke/test_internal_lb.py
index 21a6f40..ba555aa 100644
--- a/test/integration/smoke/test_internal_lb.py
+++ b/test/integration/smoke/test_internal_lb.py
@@ -50,8 +50,6 @@ from marvin.lib.common import (get_zone,
get_test_template,
list_network_offerings)
-from marvin.lib.decoratorGenerators import skipTestIf
-
from nose.plugins.attrib import attr
import logging
@@ -269,12 +267,6 @@ class TestInternalLb(cloudstackTestCase):
%s" % (cls.account.name,
cls.account.id))
- # Skip rVR related test cases for VMware, for details see
- # https://issues.apache.org/jira/browse/CLOUDSTACK-10181
- cls.rvrNotSupported = False
- if cls.hypervisor.lower() in ['vmware']:
- cls.rvrNotSupported = True
-
cls._cleanup = [cls.account, cls.compute_offering]
return
@@ -571,7 +563,6 @@ class TestInternalLb(cloudstackTestCase):
self.cleanup.insert(0, vpc_offering)
self.execute_internallb_roundrobin_tests(vpc_offering)
- @skipTestIf("rvrNotSupported")
@attr(tags=["smoke", "advanced"], required_hardware="true")
def test_02_internallb_roundrobin_1RVPC_3VM_HTTP_port80(self):
"""
@@ -740,7 +731,6 @@ class TestInternalLb(cloudstackTestCase):
self.execute_internallb_haproxy_tests(vpc_offering)
- @skipTestIf("rvrNotSupported")
@attr(tags=["smoke", "advanced"], required_hardware="true")
def test_04_rvpc_internallb_haproxy_stats_on_all_interfaces(self):
""" Test to verify access to loadbalancer haproxy admin stats page
diff --git a/test/integration/smoke/test_privategw_acl.py b/test/integration/smoke/test_privategw_acl.py
index 09d3fa4..72c3080 100644
--- a/test/integration/smoke/test_privategw_acl.py
+++ b/test/integration/smoke/test_privategw_acl.py
@@ -184,12 +184,6 @@ class TestPrivateGwACL(cloudstackTestCase):
cls.services["service_offering"])
cls._cleanup = [cls.service_offering]
- # Skip rVR related test cases for VMware, for details see
- # https://issues.apache.org/jira/browse/CLOUDSTACK-10181
- cls.rvrNotSupported = False
- if cls.hypervisor.lower() in ['vmware']:
- cls.rvrNotSupported = True
-
cls.logger = logging.getLogger('TestPrivateGwACL')
cls.stream_handler = logging.StreamHandler()
cls.logger.setLevel(logging.DEBUG)
@@ -297,7 +291,6 @@ class TestPrivateGwACL(cloudstackTestCase):
self.performVPCTests(vpc_off, restart_with_cleanup = True)
- @skipTestIf("rvrNotSupported")
@attr(tags=["advanced"], required_hardware="true")
def test_04_rvpc_privategw_static_routes(self):
self.logger.debug("Creating a Redundant VPC offering..")
@@ -310,7 +303,6 @@ class TestPrivateGwACL(cloudstackTestCase):
self.performVPCTests(vpc_off)
- @skipTestIf("rvrNotSupported")
@attr(tags=["advanced"], required_hardware="true")
def _test_05_rvpc_privategw_check_interface(self):
self.logger.debug("Creating a Redundant VPC offering..")
diff --git a/test/integration/smoke/test_routers_network_ops.py b/test/integration/smoke/test_routers_network_ops.py
index c189437..2f122a2 100644
--- a/test/integration/smoke/test_routers_network_ops.py
+++ b/test/integration/smoke/test_routers_network_ops.py
@@ -88,13 +88,6 @@ class TestRedundantIsolateNetworks(cloudstackTestCase):
cls.hypervisor = cls.testClient.getHypervisorInfo()
- # Skip rVR related test cases for VMware, for details see
- # https://issues.apache.org/jira/browse/CLOUDSTACK-10181
- cls.rvrNotSupported = False
- if cls.hypervisor.lower() in ['vmware']:
- cls.rvrNotSupported = True
- return
-
cls.template = get_test_template(cls.api_client, cls.zone.id, cls.hypervisor)
if cls.template == FAILED:
assert False, "get_test_template() failed to return template"
@@ -150,9 +143,6 @@ class TestRedundantIsolateNetworks(cloudstackTestCase):
return
def setUp(self):
- if self.rvrNotSupported:
- self.skipTest("Redundant VRs are not supported for this hypervisor, skipping test")
-
self.apiclient = self.testClient.getApiClient()
self.cleanup = []
return
diff --git a/test/integration/smoke/test_vpc_redundant.py b/test/integration/smoke/test_vpc_redundant.py
index e7b29b1..2fde8d9 100644
--- a/test/integration/smoke/test_vpc_redundant.py
+++ b/test/integration/smoke/test_vpc_redundant.py
@@ -214,13 +214,6 @@ class TestVPCRedundancy(cloudstackTestCase):
cls.hypervisor = cls.testClient.getHypervisorInfo()
- # Skip rVR related test cases for VMware, for details see
- # https://issues.apache.org/jira/browse/CLOUDSTACK-10181
- cls.rvrNotSupported = False
- if cls.hypervisor.lower() in ['vmware']:
- cls.rvrNotSupported = True
- return
-
cls.template = get_test_template(cls.api_client, cls.zone.id, cls.hypervisor)
if cls.template == FAILED:
assert False, "get_test_template() failed to return template"
@@ -248,9 +241,6 @@ class TestVPCRedundancy(cloudstackTestCase):
raise Exception("Warning: Exception during cleanup : %s" % e)
def setUp(self):
- if self.rvrNotSupported:
- self.skipTest("RVR not supported on this hypervisor, skipping")
-
self.routers = []
self.networks = []
self.ips = []
diff --git a/test/integration/smoke/test_vpc_vpn.py b/test/integration/smoke/test_vpc_vpn.py
index 4ab5971..8e1a73d 100644
--- a/test/integration/smoke/test_vpc_vpn.py
+++ b/test/integration/smoke/test_vpc_vpn.py
@@ -789,13 +789,6 @@ class TestRVPCSite2SiteVpn(cloudstackTestCase):
cls.hypervisor = testClient.getHypervisorInfo()
- # Skip rVR related test cases for VMware, for details see
- # https://issues.apache.org/jira/browse/CLOUDSTACK-10181
- cls.rvrNotSupported = False
- if cls.hypervisor.lower() in ['vmware']:
- cls.rvrNotSupported = True
- return
-
cls.template = get_test_template(cls.apiclient, cls.zone.id, cls.hypervisor)
if cls.template == FAILED:
assert False, "get_test_template() failed to return template"
@@ -896,9 +889,6 @@ class TestRVPCSite2SiteVpn(cloudstackTestCase):
"""Test Site 2 Site VPN Across redundant VPCs"""
self.logger.debug("Starting test: test_02_redundant_vpc_site2site_vpn")
- if self.rvrNotSupported:
- self.skipTest("Hypervisor not supported for rVR, skipping test")
-
# 0) Get the default network offering for VPC
networkOffering = NetworkOffering.list(
self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks")
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 14/34: update per new macchinina template
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit dc4b7ab2739612904b6e92dfc1988d1c46be658a
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Sun Dec 10 21:26:24 2017 +0530
update per new macchinina template
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
server/src/com/cloud/resource/ResourceManagerImpl.java | 2 +-
.../storage/secondary/SecondaryStorageVmManager.java | 6 +++---
.../secondarystorage/SecondaryStorageManagerImpl.java | 2 +-
systemvm/debian/opt/cloud/bin/setup/common.sh | 11 ++++++++++-
.../debian/opt/cloud/templates/keepalived.conf.templ | 8 ++++++++
test/integration/smoke/test_templates.py | 18 +++++++++---------
tools/appliance/build.sh | 2 +-
.../definitions/systemvmtemplate/configure_grub.sh | 2 +-
8 files changed, 34 insertions(+), 17 deletions(-)
diff --git a/server/src/com/cloud/resource/ResourceManagerImpl.java b/server/src/com/cloud/resource/ResourceManagerImpl.java
index 33c36de..c9916e9 100755
--- a/server/src/com/cloud/resource/ResourceManagerImpl.java
+++ b/server/src/com/cloud/resource/ResourceManagerImpl.java
@@ -2274,7 +2274,7 @@ public class ResourceManagerImpl extends ManagerBase implements ResourceManager,
}
try {
- SSHCmdHelper.SSHCmdResult result = SSHCmdHelper.sshExecuteCmdOneShot(connection, "service cloudstack-agent restart || systemctl restart cloudstack-agent");
+ SSHCmdHelper.SSHCmdResult result = SSHCmdHelper.sshExecuteCmdOneShot(connection, "service cloudstack-agent restart");
s_logger.debug("cloudstack-agent restart result: " + result.toString());
} catch (final SshException e) {
return false;
diff --git a/server/src/com/cloud/storage/secondary/SecondaryStorageVmManager.java b/server/src/com/cloud/storage/secondary/SecondaryStorageVmManager.java
index 3b32c85..99073f7 100644
--- a/server/src/com/cloud/storage/secondary/SecondaryStorageVmManager.java
+++ b/server/src/com/cloud/storage/secondary/SecondaryStorageVmManager.java
@@ -27,11 +27,11 @@ import com.cloud.vm.SecondaryStorageVmVO;
public interface SecondaryStorageVmManager extends Manager {
- public static final int DEFAULT_SS_VM_RAMSIZE = 512; // 512M
- public static final int DEFAULT_SS_VM_CPUMHZ = 500; // 500 MHz
+ public static final int DEFAULT_SS_VM_RAMSIZE = 1024; // 1024M
+ public static final int DEFAULT_SS_VM_CPUMHZ = 500; // 500 MHz
public static final int DEFAULT_SS_VM_MTUSIZE = 1500;
public static final int DEFAULT_SS_VM_CAPACITY = 50; // max command execution session per SSVM
- public static final int DEFAULT_STANDBY_CAPACITY = 10; // standy capacity to reserve per zone
+ public static final int DEFAULT_STANDBY_CAPACITY = 10; // standy capacity to reserve per zone
public static final String ALERT_SUBJECT = "secondarystoragevm-alert";
diff --git a/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java b/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
index 273fdd0..bed0313 100644
--- a/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
+++ b/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
@@ -951,7 +951,7 @@ public class SecondaryStorageManagerImpl extends ManagerBase implements Secondar
int ramSize = NumbersUtil.parseInt(_configDao.getValue("ssvm.ram.size"), DEFAULT_SS_VM_RAMSIZE);
int cpuFreq = NumbersUtil.parseInt(_configDao.getValue("ssvm.cpu.mhz"), DEFAULT_SS_VM_CPUMHZ);
List<ServiceOfferingVO> offerings = _offeringDao.createSystemServiceOfferings("System Offering For Secondary Storage VM",
- ServiceOffering.ssvmDefaultOffUniqueName, 1, ramSize, cpuFreq, null, null, false, null,
+ ServiceOffering.ssvmDefaultOffUniqueName, 2, ramSize, cpuFreq, null, null, false, null,
Storage.ProvisioningType.THIN, true, null, true, VirtualMachine.Type.SecondaryStorageVm, true);
// this can sometimes happen, if DB is manually or programmatically manipulated
if (offerings == null || offerings.size() < 2) {
diff --git a/systemvm/debian/opt/cloud/bin/setup/common.sh b/systemvm/debian/opt/cloud/bin/setup/common.sh
index e6a4417..76ec826 100755
--- a/systemvm/debian/opt/cloud/bin/setup/common.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/common.sh
@@ -620,12 +620,18 @@ setup_redundant_router() {
ip route delete default
# Seed keepalived
+ if [ "$RROUTER_STATE" == "MASTER" ]
+ then
+ sed -i "s/priority.*/priority 100/g" /opt/cloud/templates/keepalived.conf.templ
+ else
+ sed -i "s/priority.*/priority 50/g" /opt/cloud/templates/keepalived.conf.templ
+ fi
cp /opt/cloud/templates/keepalived.conf.templ /etc/keepalived/keepalived.conf # changes!
sed -i "s/\[ROUTER_ID\]/$NAME/g" /etc/keepalived/keepalived.conf
sed -i "s/\[ROUTER_IP\]/$GUEST_GW\/$GUEST_CIDR_SIZE/g" /etc/keepalived/keepalived.conf #fixme, multiple ips?
sed -i "s/\[BOARDCAST\]/$GUEST_BRD/g" /etc/keepalived/keepalived.conf
sed -i "s/\[PRIORITY\]/$ROUTER_PR/g" /etc/keepalived/keepalived.conf
- sed -i "s/\[PASS\]/$VM_PASSWORD/g" /etc/keepalived/keepalived.conf #FIXME, router password?
+ sed -i "s/\[PASS\]/$VM_PASSWORD/g" /etc/keepalived/keepalived.conf
sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" /etc/keepalived/keepalived.conf
sed -i "s/\[DELTA\]/2/g" /etc/keepalived/keepalived.conf
sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived
@@ -782,6 +788,9 @@ parse_cmd_line() {
redundant_router)
export RROUTER=$VALUE
;;
+ redundant_state)
+ export RROUTER_STATE=$VALUE
+ ;;
guestgw)
export GUEST_GW=$VALUE
;;
diff --git a/systemvm/debian/opt/cloud/templates/keepalived.conf.templ b/systemvm/debian/opt/cloud/templates/keepalived.conf.templ
index 5434ec5..bf896f9 100644
--- a/systemvm/debian/opt/cloud/templates/keepalived.conf.templ
+++ b/systemvm/debian/opt/cloud/templates/keepalived.conf.templ
@@ -28,9 +28,17 @@ vrrp_instance inside_network {
state BACKUP
interface eth2
virtual_router_id 51
+ priority 50
nopreempt
advert_int 1
+ garp_master_delay 1
+ garp_master_repeat 10
+ garp_master_refresh 5
+
+ #use_vmac
+ #vmac_xmit_base
+
authentication {
auth_type AH
auth_pass PASS
diff --git a/test/integration/smoke/test_templates.py b/test/integration/smoke/test_templates.py
index 8d76de3..955fe6e 100644
--- a/test/integration/smoke/test_templates.py
+++ b/test/integration/smoke/test_templates.py
@@ -106,7 +106,7 @@ class TestCreateTemplateWithChecksum(cloudstackTestCase):
if "kvm" in self.hypervisor.lower():
self.test_template = registerTemplate.registerTemplateCmd()
self.test_template = registerTemplate.registerTemplateCmd()
- self.test_template.checksum = "{SHA-1}" + "bf580a13f791d86acf3449a7b457a91a14389264"
+ self.test_template.checksum = "{SHA-1}" + "6952e58f39b470bd166ace11ffd20bf479bed936"
self.test_template.hypervisor = self.hypervisor
self.test_template.zoneid = self.zone.id
self.test_template.name = 'test sha-2333'
@@ -114,13 +114,13 @@ class TestCreateTemplateWithChecksum(cloudstackTestCase):
self.test_template.url = "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-kvm.qcow2.bz2"
self.test_template.format = "QCOW2"
self.test_template.ostypeid = self.getOsType("Other Linux (64-bit)")
- self.md5 = "ada77653dcf1e59495a9e1ac670ad95f"
- self.sha256 = "0efc03633f2b8f5db08acbcc5dc1be9028572dfd8f1c6c8ea663f0ef94b458c5"
+ self.md5 = "88c60fd500ce7ced985cf845df0db9da"
+ self.sha256 = "bc4cc040bbab843000fab78db6cb4a33f3a06ae1ced2cf563d36b38c7fee3049"
if "vmware" in self.hypervisor.lower():
self.test_template = registerTemplate.registerTemplateCmd()
self.test_template = registerTemplate.registerTemplateCmd()
- self.test_template.checksum = "{SHA-1}" + "b25d404de8335b4348ff01e49a95b403c90df466"
+ self.test_template.checksum = "{SHA-1}" + "178639bd5ec089a27f6d39025be28c3de5d9393b"
self.test_template.hypervisor = self.hypervisor
self.test_template.zoneid = self.zone.id
self.test_template.name = 'test sha-2333'
@@ -128,13 +128,13 @@ class TestCreateTemplateWithChecksum(cloudstackTestCase):
self.test_template.url = "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-vmware.ova"
self.test_template.format = "OVA"
self.test_template.ostypeid = self.getOsType("Other Linux (64-bit)")
- self.md5 = "d6d97389b129c7d898710195510bf4fb"
- self.sha256 = "f57b59f118ab59284a70d6c63229d1de8f2d69bffc5a82b773d6c47e769c12d9"
+ self.md5 = "3c23ac66bac7888dc7c972783646c644"
+ self.sha256 = "97aaa096d419522158c54f83eb61d9242d9f6bca9166fd4030d73683d647c7e7"
if "xen" in self.hypervisor.lower():
self.test_template = registerTemplate.registerTemplateCmd()
self.test_template = registerTemplate.registerTemplateCmd()
- self.test_template.checksum = "{SHA-1}" + "427fad501d0d8a1d63b8600a9a469fbf91191314"
+ self.test_template.checksum = "{SHA-1}" + "80af2c18f96e94273188808c3d56e561a1cda717"
self.test_template.hypervisor = self.hypervisor
self.test_template.zoneid = self.zone.id
self.test_template.name = 'test sha-2333'
@@ -142,8 +142,8 @@ class TestCreateTemplateWithChecksum(cloudstackTestCase):
self.test_template.url = "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-xen.vhd.bz2"
self.test_template.format = "VHD"
self.test_template.ostypeid = self.getOsType("Other Linux (64-bit)")
- self.md5 = "54ebc933e6e07ae58c0dc97dfd37c824"
- self.sha256 = "bddd9876021d33df9792b71ae4b776598680ac68ecf55e9d9af33c80904cc1f3"
+ self.md5 = "1662bbf224e41bb62b1dee043d785731"
+ self.sha256 = "80fba5a7a83842ec4e5f67cc6755d61d4fca46ae170d59b0c6ed47ebf7162722"
if self.unsupportedHypervisor:
self.skipTest("Skipping test because unsupported hypervisor\
diff --git a/tools/appliance/build.sh b/tools/appliance/build.sh
index 6f2ab6b..ab3cac8 100755
--- a/tools/appliance/build.sh
+++ b/tools/appliance/build.sh
@@ -611,8 +611,8 @@ function main() {
ovm_export "${hdd_path}"
kvm_export "${hdd_path}"
vmware_export "${machine_uuid}" "${hdd_uuid}"
- vagrant_export "${machine_uuid}"
hyperv_export "${hdd_uuid}"
+ #vagrant_export "${machine_uuid}"
md5sum dist/* > dist/md5sum.txt
add_on_exit log INFO "BUILD SUCCESSFUL"
}
diff --git a/tools/appliance/definitions/systemvmtemplate/configure_grub.sh b/tools/appliance/definitions/systemvmtemplate/configure_grub.sh
index eb2692e..85f9da2 100644
--- a/tools/appliance/definitions/systemvmtemplate/configure_grub.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_grub.sh
@@ -28,7 +28,7 @@ GRUB_DEFAULT=0
GRUB_TIMEOUT=0
GRUB_DISTRIBUTOR=Debian
GRUB_CMDLINE_LINUX_DEFAULT="quiet"
-GRUB_CMDLINE_LINUX="console=tty0 console=ttyS0,115200n8 console=hvc0 earlyprintk=xen net.ifnames=0 biosdevname=0 debian-installer=en_US"
+GRUB_CMDLINE_LINUX="console=tty0 console=ttyS0,115200n8 console=hvc0 earlyprintk=xen net.ifnames=0 biosdevname=0 debian-installer=en_US nomodeset"
GRUB_CMDLINE_XEN="com1=115200 console=com1"
GRUB_TERMINAL="console serial"
GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1"
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 02/34: CLOUDSTACK-10013: Make Debian9
systemvmtemplates work with systemd
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit d5680adb1d63560abb439be035cf18aae10c0bdb
Author: Wido den Hollander <wi...@widodh.nl>
AuthorDate: Thu Aug 10 13:51:11 2017 +0200
CLOUDSTACK-10013: Make Debian9 systemvmtemplates work with systemd
- Load the nf_conntrack_ipv6 module for IPv6 connection tracking on SSVM
- Move systemd services to /etc and enable services after they have been
installed
- Disable most services by default and enable in cloud-early-config
- Start services after enabling them using systemd
- In addition remove /etc/init.d/cloud as this is no longer needed and
done by systemd
- Accept DOS/MBR as file format for ISO images as well
Under Debian 7 the 'file' command would return:
debian-9.1.0-amd64-netinst.iso: ISO 9660 CD-ROM filesystem data UDF filesystem data
Under Debian 9 however it will return
debian-9.1.0-amd64-netinst.iso: DOS/MBR boot sector
This would make the HTTPTemplateDownloader in the Secondary Storage VM refuse the ISO as
a valid template because it's not a correct format.
Changes this behavior so that it accepts both.
This allows us to use Debian 9 as a System VM template.
Not sure though if enabling them is enough for systemd to still start them
on first boot
Signed-off-by: Wido den Hollander <wi...@widodh.nl>
---
.gitignore | 2 +
systemvm/patches/debian/config/etc/init.d/cloud | 155 ---------------------
.../debian/config/etc/init.d/cloud-early-config | 55 ++------
.../systemvmtemplate/configure_conntrack.sh | 1 +
.../configure_systemvm_services.sh | 22 +--
.../utils/imagestore/ImageStoreUtil.java | 2 +-
6 files changed, 30 insertions(+), 207 deletions(-)
diff --git a/.gitignore b/.gitignore
index 29b4ffc..1a73724 100644
--- a/.gitignore
+++ b/.gitignore
@@ -97,3 +97,5 @@ systemvm/.pydevproject
test/.pydevprojec
plugins/hypervisors/kvm/.pydevproject
scripts/.pydevproject
+*.qcow2
+*.raw
diff --git a/systemvm/patches/debian/config/etc/init.d/cloud b/systemvm/patches/debian/config/etc/init.d/cloud
deleted file mode 100755
index 9b3a63b..0000000
--- a/systemvm/patches/debian/config/etc/init.d/cloud
+++ /dev/null
@@ -1,155 +0,0 @@
-#!/bin/bash
-### BEGIN INIT INFO
-# Provides: cloud
-# Required-Start: $local_fs cloud-early-config
-# Required-Stop: $local_fs
-# Default-Start: 3 4 5
-# Default-Stop: 0 1 6
-# Short-Description: Start up the CloudStack cloud service
-### END INIT INFO
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-#set -x
-
-ENABLED=0
-[ -e /etc/default/cloud ] && . /etc/default/cloud
-
-CMDLINE=$(cat /var/cache/cloud/cmdline)
-
-if [ ! -z $CLOUD_DEBUG ];then
- LOG_FILE=/var/log/cloud/cloud.out
-else
- LOG_FILE=/dev/null
-fi
-
-TYPE="router"
-for i in $CMDLINE
- do
- # search for foo=bar pattern and cut out foo
- FIRSTPATTERN=$(echo $i | cut -d= -f1)
- case $FIRSTPATTERN in
- type)
- TYPE=$(echo $i | cut -d= -f2)
- ;;
- esac
-done
-
-# Source function library.
-if [ -f /etc/init.d/functions ]
-then
- . /etc/init.d/functions
-fi
-
-if [ -f ./lib/lsb/init-functions ]
-then
- . /lib/lsb/init-functions
-fi
-
-_success() {
- if [ -f /etc/init.d/functions ]
- then
- success
- else
- echo "Success"
- fi
-}
-
-_failure() {
- if [ -f /etc/init.d/functions ]
- then
- failure
- else
- echo "Failed"
- fi
-}
-RETVAL=$?
-CLOUDSTACK_HOME="/usr/local/cloud"
-if [ -f $CLOUDSTACK_HOME/systemvm/utils.sh ];
-then
- . $CLOUDSTACK_HOME/systemvm/utils.sh
-else
- _failure
-fi
-
-# mkdir -p /var/log/vmops
-
-start() {
- local pid=$(get_pids)
- if [ "$pid" != "" ]; then
- echo "CloudStack cloud sevice is already running, PID = $pid"
- return 0
- fi
-
- echo -n "Starting CloudStack cloud service (type=$TYPE) "
- if [ -f $CLOUDSTACK_HOME/systemvm/run.sh ];
- then
- if [ "$pid" == "" ]
- then
- (cd $CLOUDSTACK_HOME/systemvm; nohup ./run.sh > $LOG_FILE 2>&1 & )
- pid=$(get_pids)
- echo $pid > /var/run/cloud.pid
- fi
- _success
- else
- _failure
- fi
- echo
- echo 'start' > $CLOUDSTACK_HOME/systemvm/user_request
-}
-
-stop() {
- local pid
- echo -n "Stopping CloudStack cloud service (type=$TYPE): "
- for pid in $(get_pids)
- do
- kill $pid
- done
- _success
- echo
- echo 'stop' > $CLOUDSTACK_HOME/systemvm/user_request
-}
-
-status() {
- local pids=$(get_pids)
- if [ "$pids" == "" ]
- then
- echo "CloudStack cloud service is not running"
- return 1
- fi
- echo "CloudStack cloud service (type=$TYPE) is running: process id: $pids"
- return 0
-}
-
-[ "$ENABLED" != 0 ] || exit 0
-
-case "$1" in
- start) start
- ;;
- stop) stop
- ;;
- status) status
- ;;
- restart) stop
- start
- ;;
- *) echo "Usage: $0 {start|stop|status|restart}"
- exit 1
- ;;
-esac
-
-exit $RETVAL
diff --git a/systemvm/patches/debian/config/etc/init.d/cloud-early-config b/systemvm/patches/debian/config/etc/init.d/cloud-early-config
index 1d3a890..6eaed91 100755
--- a/systemvm/patches/debian/config/etc/init.d/cloud-early-config
+++ b/systemvm/patches/debian/config/etc/init.d/cloud-early-config
@@ -497,16 +497,6 @@ disable_rpfilter_domR() {
echo "1" > /proc/sys/net/ipv4/conf/lo/rp_filter
}
-enable_svc() {
- local svc=$1
- local enabled=$2
-
- log_it "Enable service ${svc} = $enabled"
- local cfg=/etc/default/${svc}
- [ -f $cfg ] && sed -i "s/ENABLED=.*$/ENABLED=$enabled/" $cfg && return
-}
-
-
enable_irqbalance() {
local enabled=$1
local proc=0
@@ -803,6 +793,7 @@ setup_sshd(){
[ -f /etc/ssh/sshd_config ] && sed -i -e "s/^[#]*ListenAddress.*$/ListenAddress $ip/" /etc/ssh/sshd_config
sed -i "/3922/s/eth./$eth/" /etc/iptables/rules.v4
sed -i "/3922/s/eth./$eth/" /etc/iptables/rules
+ systemctl restart sshd
}
@@ -935,11 +926,9 @@ setup_router() {
echo "$ETH0_IP $NAME" >> /etc/hosts
- enable_svc dnsmasq 1
- enable_svc haproxy 1
+ systemctl enable dnsmasq haproxy cloud-passwd-srvr
+ systemctl restart dnsmasq haproxy cloud-passwd-srvr
enable_irqbalance 1
- enable_svc cloud-passwd-srvr 1
- enable_svc cloud 0
disable_rpfilter_domR
enable_fwding 1
enable_rpsrfs 1
@@ -1028,12 +1017,9 @@ EOF
setup_vpc_apache2
- enable_svc dnsmasq 1
- enable_svc haproxy 1
+ systemctl enable dnsmasq haproxy cloud-passwd-srvr
enable_irqbalance 1
enable_vpc_rpsrfs 1
- enable_svc cloud 0
- enable_svc cloud-passwd-srvr 1
disable_rpfilter
enable_fwding 1
cp /etc/iptables/iptables-vpcrouter /etc/iptables/rules.v4
@@ -1061,6 +1047,8 @@ EOF
fi
load_modules
+ systemctl restart dnsmasq haproxy cloud-passwd-srvr
+
#setup hourly logrotate
mv -n /etc/cron.daily/logrotate /etc/cron.hourly 2>&1
@@ -1078,11 +1066,9 @@ setup_dhcpsrvr() {
[ $ETH0_IP ] && echo "$ETH0_IP $NAME" >> /etc/hosts
[ $ETH0_IP6 ] && echo "$ETH0_IP6 $NAME" >> /etc/hosts
- enable_svc dnsmasq 1
- enable_svc haproxy 0
+ systemctl enable dnsmasq cloud-passwd-srvr
+ systemctl restart dnsmasq cloud-passwd-srvr
enable_irqbalance 0
- enable_svc cloud-passwd-srvr 1
- enable_svc cloud 0
enable_fwding 0
systemctl disable nfs-common
@@ -1156,7 +1142,7 @@ setup_ntp() {
fi
sed -i "0,/^server/s//$PATTERN\nserver/" $NTP_CONF_FILE
done
- service ntp restart
+ systemctl restart ntp
else
log_it "NTP configuration file not found"
fi
@@ -1204,15 +1190,12 @@ Header always set Access-Control-Allow-Methods "POST, OPTIONS"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token, x-signature, x-metadata, x-expires"
CORS
- service apache2 restart
-
disable_rpfilter
enable_fwding 0
- enable_svc haproxy 0
+ systemctl disable haproxy dnsmasq cloud-passwd-srvr
+ systemctl enable cloud apache2
+ systemctl restart cloud apache2
enable_irqbalance 0
- enable_svc dnsmasq 0
- enable_svc cloud-passwd-srvr 0
- enable_svc cloud 1
rm /etc/logrotate.d/cloud
setup_ntp
}
@@ -1233,13 +1216,10 @@ setup_console_proxy() {
setup_sshd $ETH0_IP "eth0"
fi
+ systemctl enable cloud
disable_rpfilter
enable_fwding 0
- enable_svc haproxy 0
enable_irqbalance 0
- enable_svc dnsmasq 0
- enable_svc cloud-passwd-srvr 0
- enable_svc cloud 1
systemctl disable nfs-common
rm /etc/logrotate.d/cloud
}
@@ -1263,11 +1243,7 @@ setup_elbvm() {
fi
enable_fwding 0
- enable_svc haproxy 0
enable_irqbalance 0
- enable_svc dnsmasq 0
- enable_svc cloud-passwd-srvr 0
- enable_svc cloud 0
systemctl disable nfs-common
systemctl disable portmap
}
@@ -1286,11 +1262,8 @@ setup_ilbvm() {
setup_sshd $ETH1_IP "eth1"
enable_fwding 0
- enable_svc haproxy 1
+ systemctl enable haproxy
enable_irqbalance 1
- enable_svc dnsmasq 0
- enable_svc cloud-passwd-srvr 0
- enable_svc cloud 0
systemctl disable nfs-common
systemctl disable portmap
}
diff --git a/tools/appliance/definitions/systemvmtemplate/configure_conntrack.sh b/tools/appliance/definitions/systemvmtemplate/configure_conntrack.sh
index 54ec41b..c898afc 100644
--- a/tools/appliance/definitions/systemvmtemplate/configure_conntrack.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_conntrack.sh
@@ -35,6 +35,7 @@ function load_conntrack_modules() {
cat >> /etc/modules << EOF
nf_conntrack_ipv4
+nf_conntrack_ipv6
nf_conntrack
nf_conntrack_ftp
nf_nat_ftp
diff --git a/tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh b/tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh
index f3bd52a..1386465 100644
--- a/tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh
@@ -36,10 +36,10 @@ function install_cloud_scripts() {
rsync -av ./cloud_scripts/ /
chmod +x /opt/cloud/bin/* \
/root/{clearUsageRules.sh,reconfigLB.sh,monitorServices.py} \
- /etc/init.d/{cloud,cloud-early-config,cloud-passwd-srvr,postinit} \
+ /etc/init.d/{cloud-early-config,cloud-passwd-srvr,postinit} \
/etc/profile.d/cloud.sh
- cat > /lib/systemd/system/cloud-early-config.service << EOF
+ cat > /etc/systemd/system/cloud-early-config.service << EOF
[Unit]
Description=cloud-early-config: configure according to cmdline
DefaultDependencies=no
@@ -57,7 +57,7 @@ TimeoutStartSec=5min
EOF
- cat > /lib/systemd/system/cloud.service << EOF
+ cat > /etc/systemd/system/cloud.service << EOF
[Unit]
Description=cloud: startup cloud service
After=cloud-early-config.service network.target local-fs.target
@@ -66,14 +66,14 @@ After=cloud-early-config.service network.target local-fs.target
WantedBy=multi-user.target
[Service]
-Type=forking
-ExecStart=/etc/init.d/cloud start
-ExecStop=/etc/init.d/cloud stop
-RemainAfterExit=true
-TimeoutStartSec=5min
+Type=simple
+WorkingDirectory=/usr/local/cloud/systemvm
+ExecStart=/usr/local/cloud/systemvm/_run.sh
+Restart=always
+RestartSec=5
EOF
- cat > /lib/systemd/system/cloud-passwd-srvr.service << EOF
+ cat > /etc/systemd/system/cloud-passwd-srvr.service << EOF
[Unit]
Description=cloud-passwd-srvr: cloud password server
After=network.target local-fs.target
@@ -89,7 +89,7 @@ RemainAfterExit=true
TimeoutStartSec=5min
EOF
- cat > /lib/systemd/system/postinit.service << EOF
+ cat > /etc/systemd/system/postinit.service << EOF
[Unit]
Description=cloud post-init service
After=cloud-early-config.service network.target local-fs.target
@@ -143,6 +143,8 @@ function configure_services() {
systemctl disable x11-common
systemctl disable console-setup
systemctl disable haproxy
+ systemctl disable apache2
+ systemctl disable dnsmasq
# Hyperv kvp daemon - 64bit only
local arch=`dpkg --print-architecture`
diff --git a/utils/src/main/java/org/apache/cloudstack/utils/imagestore/ImageStoreUtil.java b/utils/src/main/java/org/apache/cloudstack/utils/imagestore/ImageStoreUtil.java
index ed13360..e754a8e 100644
--- a/utils/src/main/java/org/apache/cloudstack/utils/imagestore/ImageStoreUtil.java
+++ b/utils/src/main/java/org/apache/cloudstack/utils/imagestore/ImageStoreUtil.java
@@ -81,7 +81,7 @@ public class ImageStoreUtil {
return "";
}
- if (output.contains("ISO 9660") && isCorrectExtension(uripath, "iso")) {
+ if ((output.startsWith("ISO 9660") || output.startsWith("DOS/MBR")) && isCorrectExtension(uripath, "iso")) {
s_logger.debug("File at path " + path + " looks like an iso : " + output);
return "";
}
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 11/34: CLOUDSTACK-10013: SystemVM codebase
refactorings and improvements
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 795963b13c49a45c3e2fef3ed30918681138fd3d
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Sun Dec 3 22:32:13 2017 +0530
CLOUDSTACK-10013: SystemVM codebase refactorings and improvements
- Refactors and simplifies systemvm codebase file structures keeping
the same resultant systemvm.iso packaging
- Password server systemd script and new postinit script that runs
before sshd starts
- Fixes to keepalived and conntrackd config to make rVRs work again
- New /etc/issue featuring ascii based cloudmonkey logo/message and
systemvmtemplate version
- SystemVM python codebase linted and tested. Added pylint/pep to
Travis.
- iptables re-application fixes for non-VR systemvms.
- SystemVM template build fixes.
- Default secondary storage vm service offering boosted to have 2vCPUs
and RAM equal to console proxy.
- Fixes to several marvin based smoke tests, especially rVR related
tests. rVR tests to consider 3*advert_int+skew timeout before status
is checked.
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
.travis.yml | 1 -
LICENSE | 8 +-
.../consoleproxy/ConsoleProxyResource.java | 5 -
.../kvm/resource/LibvirtComputingResource.java | 11 +-
pom.xml | 3 +-
setup/db/db/schema-41000to41100.sql | 3 +
.../{patches => }/debian/etc/apache2/httpd.conf | 0
.../debian/etc/apache2/vhost.template | 0
systemvm/{patches => }/debian/etc/cloud-nic.rules | 0
.../{patches => }/debian/etc/dnsmasq.conf.tmpl | 0
.../{patches => }/debian/etc/haproxy/haproxy.cfg | 0
systemvm/{patches/vpn => debian}/etc/ipsec.conf | 0
.../{patches/vpn => debian}/etc/ipsec.d/l2tp.conf | 0
systemvm/{patches/vpn => debian}/etc/ipsec.secrets | 0
.../debian/etc/iptables/iptables-consoleproxy | 0
.../debian/etc/iptables/iptables-dhcpsrvr | 0
.../debian/etc/iptables/iptables-elbvm | 0
.../debian/etc/iptables/iptables-ilbvm | 0
.../debian/etc/iptables/iptables-router | 0
.../debian/etc/iptables/iptables-secstorage | 0
.../debian/etc/iptables/iptables-vpcrouter | 0
.../debian/etc/iptables/rt_tables_init | 0
systemvm/{patches => }/debian/etc/iptables/rules | 0
systemvm/debian/etc/issue | 3 +
systemvm/{patches => }/debian/etc/logrotate.conf | 0
.../{patches => }/debian/etc/logrotate.d/apache2 | 0
.../{patches => }/debian/etc/logrotate.d/cloud | 0
.../debian/etc/logrotate.d/conntrackd | 0
.../{patches => }/debian/etc/logrotate.d/dnsmasq | 0
.../{patches => }/debian/etc/logrotate.d/haproxy | 0
systemvm/{patches => }/debian/etc/logrotate.d/ppp | 0
.../{patches => }/debian/etc/logrotate.d/rsyslog | 0
.../debian/etc/modprobe.d/aesni_intel.conf | 0
.../debian/etc/modprobe.d/pcspkr.conf | 0
.../{patches/vpn => debian}/etc/ppp/options.xl2tpd | 0
.../{patches => }/debian/etc/profile.d/cloud.sh | 0
.../bin/savepassword.sh => debian/etc/rc.local} | 45 +--
systemvm/{patches => }/debian/etc/rsyslog.conf | 0
systemvm/{patches => }/debian/etc/ssh/sshd_config | 1 -
systemvm/{patches => }/debian/etc/sysctl.conf | 0
.../etc/systemd/system/cloud-early-config.service | 18 +
.../systemd/system/cloud-password-server@.service | 12 +
.../etc/systemd/system/cloud-postinit.service | 14 +
systemvm/debian/etc/systemd/system/cloud.service | 13 +
systemvm/{patches => }/debian/etc/vpcdnsmasq.conf | 0
.../{patches/vpn => debian}/etc/xl2tpd/xl2tpd.conf | 0
.../debian/opt/cloud/bin/baremetal-vr.py | 2 -
.../debian/opt/cloud/bin/baremetal_snat.sh | 0
.../debian/opt/cloud/bin/bumpup_priority.sh | 0
.../debian/opt/cloud/bin/checkbatchs2svpn.sh | 0
.../debian/opt/cloud/bin/checkrouter.sh | 0
.../debian/opt/cloud/bin/checks2svpn.sh | 0
.../debian/opt/cloud/bin/cloud-nic.sh | 0
.../debian/opt/cloud/bin/configure.py | 235 ++++++------
.../debian/opt/cloud/bin/cs/CsAddress.py | 4 +-
.../{patches => }/debian/opt/cloud/bin/cs/CsApp.py | 14 +-
.../debian/opt/cloud/bin/cs/CsConfig.py | 0
.../debian/opt/cloud/bin/cs/CsDatabag.py | 4 +-
.../debian/opt/cloud/bin/cs/CsDhcp.py | 5 +-
.../debian/opt/cloud/bin/cs/CsFile.py | 6 +-
.../debian/opt/cloud/bin/cs/CsGuestNetwork.py | 2 +-
.../debian/opt/cloud/bin/cs/CsHelper.py | 12 +-
.../debian/opt/cloud/bin/cs/CsLoadBalancer.py | 0
.../debian/opt/cloud/bin/cs/CsMonitor.py | 0
.../debian/opt/cloud/bin/cs/CsNetfilter.py | 12 +-
.../debian/opt/cloud/bin/cs/CsProcess.py | 0
.../debian/opt/cloud/bin/cs/CsRedundant.py | 19 +-
.../debian/opt/cloud/bin/cs/CsRoute.py | 9 +-
.../debian/opt/cloud/bin/cs/CsRule.py | 2 +-
.../debian/opt/cloud/bin/cs/CsStaticRoutes.py | 0
.../debian/opt/cloud/bin/cs/__init__.py | 0
.../debian/opt/cloud/bin/cs_cmdline.py | 0
.../{patches => }/debian/opt/cloud/bin/cs_dhcp.py | 0
.../debian/opt/cloud/bin/cs_firewallrules.py | 0
.../debian/opt/cloud/bin/cs_forwardingrules.py | 0
.../debian/opt/cloud/bin/cs_guestnetwork.py | 0
.../{patches => }/debian/opt/cloud/bin/cs_ip.py | 5 +-
.../debian/opt/cloud/bin/cs_loadbalancer.py | 0
.../debian/opt/cloud/bin/cs_monitorservice.py | 0
.../debian/opt/cloud/bin/cs_network_acl.py | 0
.../debian/opt/cloud/bin/cs_remoteaccessvpn.py | 0
.../debian/opt/cloud/bin/cs_site2sitevpn.py | 0
.../debian/opt/cloud/bin/cs_staticroutes.py | 0
.../debian/opt/cloud/bin/cs_vmdata.py | 0
.../{patches => }/debian/opt/cloud/bin/cs_vmp.py | 1 +
.../debian/opt/cloud/bin/cs_vpnusers.py | 4 +-
.../{patches => }/debian/opt/cloud/bin/dnsmasq.sh | 0
.../debian/opt/cloud/bin/edithosts.sh | 0
.../debian/opt/cloud/bin/getRouterAlerts.sh | 0
.../debian/opt/cloud/bin/get_template_version.sh | 0
systemvm/{patches => }/debian/opt/cloud/bin/ilb.sh | 0
.../{patches => }/debian/opt/cloud/bin/ipassoc.sh | 0
.../debian/opt/cloud/bin/ipsectunnel.sh | 0
.../debian/opt/cloud/bin/line_edit.py | 0
.../debian/opt/cloud/bin/loadbalancer.sh | 0
.../{patches => }/debian/opt/cloud/bin/master.py | 2 +-
.../{patches => }/debian/opt/cloud/bin/merge.py | 13 +-
.../debian/opt/cloud/bin/monitor_service.sh | 0
.../{patches => }/debian/opt/cloud/bin/netusage.sh | 0
.../debian/opt/cloud/bin/passwd_server | 0
.../debian/opt/cloud/bin/passwd_server_ip | 0
.../debian/opt/cloud/bin/passwd_server_ip.py | 0
.../debian/opt/cloud/bin/prepare_pxe.sh | 0
.../debian/opt/cloud/bin/savepassword.sh | 0
.../debian/opt/cloud/bin/set_redundant.py | 7 +-
.../opt/cloud/bin/setup}/cloud-early-config | 61 +--
.../debian/opt/cloud/bin/setup/common.sh | 8 +-
.../debian/opt/cloud/bin/setup/consoleproxy.sh | 3 +-
.../debian/opt/cloud/bin/setup/default.sh | 0
.../debian/opt/cloud/bin/setup/dhcpsrvr.sh | 5 +-
.../debian/opt/cloud/bin/setup/elbvm.sh | 3 +-
.../debian/opt/cloud/bin/setup/ilbvm.sh | 3 +-
.../debian/opt/cloud/bin/setup/patchsystemvm.sh | 2 +-
.../opt/cloud/bin/setup/postinit.sh} | 47 +--
.../debian/opt/cloud/bin/setup/router.sh | 4 -
.../debian/opt/cloud/bin/setup/secstorage.sh | 3 +-
.../debian/opt/cloud/bin/setup/vpcrouter.sh | 1 -
.../debian/opt/cloud/bin/update_config.py | 16 +-
.../{patches => }/debian/opt/cloud/bin/vmdata.py | 2 +-
.../{patches => }/debian/opt/cloud/bin/vpc_func.sh | 0
.../debian/opt/cloud/bin/vpc_netusage.sh | 0
.../debian/opt/cloud/bin/vpc_passwd_server | 0
.../{patches => }/debian/opt/cloud/bin/vpc_snat.sh | 0
.../debian/opt/cloud/bin/vpc_staticroute.sh | 0
.../vpn => debian}/opt/cloud/bin/vpn_l2tp.sh | 0
.../{patches => }/debian/opt/cloud/bin/vr_cfg.sh | 0
.../debian/opt/cloud/templates/README | 0
.../opt/cloud/templates/arping_gateways.sh.templ | 0
.../debian/opt/cloud/templates/check_bumpup.sh | 0
.../opt/cloud/templates/check_heartbeat.sh.templ | 0
.../opt/cloud/templates/checkrouter.sh.templ | 0
.../opt/cloud/templates/conntrackd.conf.templ | 419 +++++++++++++++++++++
.../debian/opt/cloud/templates/heartbeat.sh.templ | 0
.../opt/cloud/templates/keepalived.conf.templ | 5 +-
.../{patches => }/debian/opt/cloud/testdata/README | 0
.../debian/opt/cloud/testdata/acl0001.json | 0
.../debian/opt/cloud/testdata/dhcp0001.json | 0
.../debian/opt/cloud/testdata/gn0001.json | 0
.../debian/opt/cloud/testdata/ips0001.json | 0
.../debian/opt/cloud/testdata/ips0002.json | 0
.../debian/opt/cloud/testdata/ips0003.json | 0
.../debian/opt/cloud/testdata/s2s0001.json | 0
.../debian/opt/cloud/testdata/test.sh | 0
.../debian/opt/cloud/testdata/vmp0001.json | 0
.../{patches => }/debian/root/.ssh/authorized_keys | 0
.../{patches => }/debian/root/clearUsageRules.sh | 0
systemvm/{patches => }/debian/root/func.sh | 0
.../{patches => }/debian/root/monitorServices.py | 0
systemvm/{patches => }/debian/root/reconfigLB.sh | 0
.../debian/var/www/html/latest/.htaccess | 0
.../debian/var/www/html/userdata/.htaccess | 0
.../patches/debian/etc/init.d/cloud-passwd-srvr | 118 ------
systemvm/patches/debian/etc/rc.local | 69 ----
.../opt/cloud/templates/conntrackd.conf.templ | 417 --------------------
systemvm/pom.xml | 7 +-
systemvm/{patches => }/test/TestCsAddress.py | 0
systemvm/{patches => }/test/TestCsApp.py | 0
systemvm/{patches => }/test/TestCsCmdLine.py | 0
systemvm/{patches => }/test/TestCsConfig.py | 0
systemvm/{patches => }/test/TestCsDatabag.py | 0
systemvm/{patches => }/test/TestCsDhcp.py | 0
systemvm/{patches => }/test/TestCsFile.py | 0
systemvm/{patches => }/test/TestCsGuestNetwork.py | 3 +-
systemvm/{patches => }/test/TestCsHelper.py | 0
systemvm/{patches => }/test/TestCsInterface.py | 0
systemvm/{patches => }/test/TestCsNetfilter.py | 0
systemvm/{patches => }/test/TestCsProcess.py | 0
systemvm/{patches => }/test/TestCsRedundant.py | 0
systemvm/{patches => }/test/TestCsRoute.py | 5 +-
systemvm/{patches => }/test/TestCsRule.py | 0
systemvm/{patches => }/test/runtests.sh | 19 +-
.../smoke/test_deploy_virtio_scsi_vm.py | 1 -
test/integration/smoke/test_deploy_vm_iso.py | 2 +-
test/integration/smoke/test_hosts.py | 170 ---------
test/integration/smoke/test_privategw_acl.py | 55 ++-
test/integration/smoke/test_vpc_redundant.py | 33 +-
.../definitions/systemvmtemplate/apt_upgrade.sh | 12 +-
.../definitions/systemvmtemplate/cleanup.sh | 22 +-
.../systemvmtemplate/configure_login.sh | 34 +-
.../configure_systemvm_services.sh | 61 +--
.../definitions/systemvmtemplate/definition.rb | 6 +-
.../systemvmtemplate/{zerodisk.sh => finalize.sh} | 37 +-
.../systemvmtemplate/install_systemvm_packages.sh | 13 +-
.../definitions/systemvmtemplate/preseed.cfg | 11 +-
tools/appliance/shar_cloud_scripts.sh | 7 +-
tools/marvin/marvin/config/test_data.py | 14 +-
tools/travis/before_install.sh | 2 +-
tools/travis/install.sh | 4 +
tools/whisker/LICENSE | 8 +-
tools/whisker/descriptor-for-packaging.xml | 8 +-
tools/whisker/descriptor.xml | 8 +-
utils/src/main/java/com/cloud/utils/nio/Link.java | 2 +-
192 files changed, 926 insertions(+), 1299 deletions(-)
diff --git a/.travis.yml b/.travis.yml
index 30549d2..a206cbe 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -50,7 +50,6 @@ env:
smoke/test_hostha_simulator
smoke/test_host_annotations
smoke/test_host_maintenance
- smoke/test_hosts
smoke/test_internal_lb
smoke/test_iso
smoke/test_list_ids_parameter
diff --git a/LICENSE b/LICENSE
index 982b158..c30d859 100644
--- a/LICENSE
+++ b/LICENSE
@@ -208,7 +208,7 @@ Within the console-proxy/js directory
jquery.js
-Within the patches/systemvm/debian/config/etc directory
+Within the systemvm/debian/etc directory
placed in the public domain
by Adiscon GmbH http://www.adiscon.com/
rsyslog.conf
@@ -216,14 +216,14 @@ Within the patches/systemvm/debian/config/etc directory
dnsmasq.conf
vpcdnsmasq.conf
-Within the patches/systemvm/debian/config/etc/apache2 directory
+Within the systemvm/debian/etc/apache2 directory
licensed under the Apache License, Version 2 http://www.apache.org/licenses/LICENSE-2.0.txt (as above)
Copyright (c) 2012 The Apache Software Foundation
from The Apache Software Foundation http://www.apache.org/
httpd.conf
vhost.template
-Within the patches/systemvm/debian/config/etc/ssh/ directory
+Within the systemvm/debian/etc/ssh/ directory
licensed under the BSD (2-clause) http://www.opensource.org/licenses/BSD-2-Clause (as follows)
@@ -254,7 +254,7 @@ Within the patches/systemvm/debian/config/etc/ssh/ directory
from OpenSSH Project http://www.openssh.org/
sshd_config
-Within the patches/systemvm/debian/config/root/redundant_router directory
+Within the systemvm/debian/root/redundant_router directory
placed in the public domain
by The netfilter.org project http://www.netfilter.org/
conntrackd.conf.templ
diff --git a/agent/src/com/cloud/agent/resource/consoleproxy/ConsoleProxyResource.java b/agent/src/com/cloud/agent/resource/consoleproxy/ConsoleProxyResource.java
index 24e8257..86d3beb 100644
--- a/agent/src/com/cloud/agent/resource/consoleproxy/ConsoleProxyResource.java
+++ b/agent/src/com/cloud/agent/resource/consoleproxy/ConsoleProxyResource.java
@@ -441,11 +441,6 @@ public class ConsoleProxyResource extends ServerResourceBase implements ServerRe
}
@Override
- public boolean stop() {
- return true;
- }
-
- @Override
public void setName(String name) {
}
diff --git a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
index 2e5d571..5a4c4e8 100644
--- a/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
+++ b/plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java
@@ -341,17 +341,18 @@ public class LibvirtComputingResource extends ServerResourceBase implements Serv
@Override
public ExecutionResult createFileInVR(final String routerIp, final String path, final String filename, final String content) {
final File permKey = new File("/root/.ssh/id_rsa.cloud");
- String error = null;
-
- s_logger.debug("Creating file in VR, with ip: " + routerIp + ", file: " + filename);
+ boolean success = true;
+ String details = "Creating file in VR, with ip: " + routerIp + ", file: " + filename;
+ s_logger.debug(details);
try {
SshHelper.scpTo(routerIp, 3922, "root", permKey, null, path, content.getBytes(), filename, null);
} catch (final Exception e) {
s_logger.warn("Fail to create file " + path + filename + " in VR " + routerIp, e);
- error = e.getMessage();
+ details = e.getMessage();
+ success = false;
}
- return new ExecutionResult(error == null, error);
+ return new ExecutionResult(success, details);
}
@Override
diff --git a/pom.xml b/pom.xml
index d4d1a37..57e3adf 100644
--- a/pom.xml
+++ b/pom.xml
@@ -929,8 +929,7 @@
<exclude>systemvm/agent/conf/environment.properties</exclude>
<exclude>systemvm/agent/js/jquery.js</exclude>
<exclude>systemvm/agent/js/jquery.flot.navigate.js</exclude>
- <exclude>systemvm/patches/debian/**</exclude>
- <exclude>systemvm/patches/vpn/**</exclude>
+ <exclude>systemvm/debian/**</exclude>
<exclude>tools/transifex/.tx/config</exclude>
<exclude>tools/logo/apache_cloudstack.png</exclude>
<exclude>tools/marvin/marvin/sandbox/advanced/sandbox.cfg</exclude>
diff --git a/setup/db/db/schema-41000to41100.sql b/setup/db/db/schema-41000to41100.sql
index 5f7eff2..2a2fe2d 100644
--- a/setup/db/db/schema-41000to41100.sql
+++ b/setup/db/db/schema-41000to41100.sql
@@ -492,3 +492,6 @@ INSERT IGNORE INTO `cloud`.`guest_os_hypervisor` (uuid,hypervisor_type, hypervis
-- Change monitor patch for apache2 in systemvm
UPDATE `cloud`.`monitoring_services` SET pidfile="/var/run/apache2/apache2.pid" WHERE process_name="apache2" AND service_name="apache2";
+
+-- Boost secondary storage systemvm
+UPDATE `cloud`.`service_offering` SET ram_size=1024, cpu=2 WHERE vm_type="secondarystoragevm" and cpu=1 and ram_size=512;
diff --git a/systemvm/patches/debian/etc/apache2/httpd.conf b/systemvm/debian/etc/apache2/httpd.conf
similarity index 100%
rename from systemvm/patches/debian/etc/apache2/httpd.conf
rename to systemvm/debian/etc/apache2/httpd.conf
diff --git a/systemvm/patches/debian/etc/apache2/vhost.template b/systemvm/debian/etc/apache2/vhost.template
similarity index 100%
rename from systemvm/patches/debian/etc/apache2/vhost.template
rename to systemvm/debian/etc/apache2/vhost.template
diff --git a/systemvm/patches/debian/etc/cloud-nic.rules b/systemvm/debian/etc/cloud-nic.rules
similarity index 100%
rename from systemvm/patches/debian/etc/cloud-nic.rules
rename to systemvm/debian/etc/cloud-nic.rules
diff --git a/systemvm/patches/debian/etc/dnsmasq.conf.tmpl b/systemvm/debian/etc/dnsmasq.conf.tmpl
similarity index 100%
rename from systemvm/patches/debian/etc/dnsmasq.conf.tmpl
rename to systemvm/debian/etc/dnsmasq.conf.tmpl
diff --git a/systemvm/patches/debian/etc/haproxy/haproxy.cfg b/systemvm/debian/etc/haproxy/haproxy.cfg
similarity index 100%
rename from systemvm/patches/debian/etc/haproxy/haproxy.cfg
rename to systemvm/debian/etc/haproxy/haproxy.cfg
diff --git a/systemvm/patches/vpn/etc/ipsec.conf b/systemvm/debian/etc/ipsec.conf
similarity index 100%
rename from systemvm/patches/vpn/etc/ipsec.conf
rename to systemvm/debian/etc/ipsec.conf
diff --git a/systemvm/patches/vpn/etc/ipsec.d/l2tp.conf b/systemvm/debian/etc/ipsec.d/l2tp.conf
similarity index 100%
rename from systemvm/patches/vpn/etc/ipsec.d/l2tp.conf
rename to systemvm/debian/etc/ipsec.d/l2tp.conf
diff --git a/systemvm/patches/vpn/etc/ipsec.secrets b/systemvm/debian/etc/ipsec.secrets
similarity index 100%
rename from systemvm/patches/vpn/etc/ipsec.secrets
rename to systemvm/debian/etc/ipsec.secrets
diff --git a/systemvm/patches/debian/etc/iptables/iptables-consoleproxy b/systemvm/debian/etc/iptables/iptables-consoleproxy
similarity index 100%
rename from systemvm/patches/debian/etc/iptables/iptables-consoleproxy
rename to systemvm/debian/etc/iptables/iptables-consoleproxy
diff --git a/systemvm/patches/debian/etc/iptables/iptables-dhcpsrvr b/systemvm/debian/etc/iptables/iptables-dhcpsrvr
similarity index 100%
rename from systemvm/patches/debian/etc/iptables/iptables-dhcpsrvr
rename to systemvm/debian/etc/iptables/iptables-dhcpsrvr
diff --git a/systemvm/patches/debian/etc/iptables/iptables-elbvm b/systemvm/debian/etc/iptables/iptables-elbvm
similarity index 100%
rename from systemvm/patches/debian/etc/iptables/iptables-elbvm
rename to systemvm/debian/etc/iptables/iptables-elbvm
diff --git a/systemvm/patches/debian/etc/iptables/iptables-ilbvm b/systemvm/debian/etc/iptables/iptables-ilbvm
similarity index 100%
rename from systemvm/patches/debian/etc/iptables/iptables-ilbvm
rename to systemvm/debian/etc/iptables/iptables-ilbvm
diff --git a/systemvm/patches/debian/etc/iptables/iptables-router b/systemvm/debian/etc/iptables/iptables-router
similarity index 100%
rename from systemvm/patches/debian/etc/iptables/iptables-router
rename to systemvm/debian/etc/iptables/iptables-router
diff --git a/systemvm/patches/debian/etc/iptables/iptables-secstorage b/systemvm/debian/etc/iptables/iptables-secstorage
similarity index 100%
rename from systemvm/patches/debian/etc/iptables/iptables-secstorage
rename to systemvm/debian/etc/iptables/iptables-secstorage
diff --git a/systemvm/patches/debian/etc/iptables/iptables-vpcrouter b/systemvm/debian/etc/iptables/iptables-vpcrouter
similarity index 100%
rename from systemvm/patches/debian/etc/iptables/iptables-vpcrouter
rename to systemvm/debian/etc/iptables/iptables-vpcrouter
diff --git a/systemvm/patches/debian/etc/iptables/rt_tables_init b/systemvm/debian/etc/iptables/rt_tables_init
similarity index 100%
rename from systemvm/patches/debian/etc/iptables/rt_tables_init
rename to systemvm/debian/etc/iptables/rt_tables_init
diff --git a/systemvm/patches/debian/etc/iptables/rules b/systemvm/debian/etc/iptables/rules
similarity index 100%
rename from systemvm/patches/debian/etc/iptables/rules
rename to systemvm/debian/etc/iptables/rules
diff --git a/systemvm/debian/etc/issue b/systemvm/debian/etc/issue
new file mode 100644
index 0000000..2d2b7c0
--- /dev/null
+++ b/systemvm/debian/etc/issue
@@ -0,0 +1,3 @@
+ __?.o/ Apache CloudStack SystemVM 4.11
+ ( )# https://cloudstack.apache.org
+ (___(_) \s \r \n \l
diff --git a/systemvm/patches/debian/etc/logrotate.conf b/systemvm/debian/etc/logrotate.conf
similarity index 100%
rename from systemvm/patches/debian/etc/logrotate.conf
rename to systemvm/debian/etc/logrotate.conf
diff --git a/systemvm/patches/debian/etc/logrotate.d/apache2 b/systemvm/debian/etc/logrotate.d/apache2
similarity index 100%
rename from systemvm/patches/debian/etc/logrotate.d/apache2
rename to systemvm/debian/etc/logrotate.d/apache2
diff --git a/systemvm/patches/debian/etc/logrotate.d/cloud b/systemvm/debian/etc/logrotate.d/cloud
similarity index 100%
rename from systemvm/patches/debian/etc/logrotate.d/cloud
rename to systemvm/debian/etc/logrotate.d/cloud
diff --git a/systemvm/patches/debian/etc/logrotate.d/conntrackd b/systemvm/debian/etc/logrotate.d/conntrackd
similarity index 100%
rename from systemvm/patches/debian/etc/logrotate.d/conntrackd
rename to systemvm/debian/etc/logrotate.d/conntrackd
diff --git a/systemvm/patches/debian/etc/logrotate.d/dnsmasq b/systemvm/debian/etc/logrotate.d/dnsmasq
similarity index 100%
rename from systemvm/patches/debian/etc/logrotate.d/dnsmasq
rename to systemvm/debian/etc/logrotate.d/dnsmasq
diff --git a/systemvm/patches/debian/etc/logrotate.d/haproxy b/systemvm/debian/etc/logrotate.d/haproxy
similarity index 100%
rename from systemvm/patches/debian/etc/logrotate.d/haproxy
rename to systemvm/debian/etc/logrotate.d/haproxy
diff --git a/systemvm/patches/debian/etc/logrotate.d/ppp b/systemvm/debian/etc/logrotate.d/ppp
similarity index 100%
rename from systemvm/patches/debian/etc/logrotate.d/ppp
rename to systemvm/debian/etc/logrotate.d/ppp
diff --git a/systemvm/patches/debian/etc/logrotate.d/rsyslog b/systemvm/debian/etc/logrotate.d/rsyslog
similarity index 100%
rename from systemvm/patches/debian/etc/logrotate.d/rsyslog
rename to systemvm/debian/etc/logrotate.d/rsyslog
diff --git a/systemvm/patches/debian/etc/modprobe.d/aesni_intel.conf b/systemvm/debian/etc/modprobe.d/aesni_intel.conf
similarity index 100%
rename from systemvm/patches/debian/etc/modprobe.d/aesni_intel.conf
rename to systemvm/debian/etc/modprobe.d/aesni_intel.conf
diff --git a/systemvm/patches/debian/etc/modprobe.d/pcspkr.conf b/systemvm/debian/etc/modprobe.d/pcspkr.conf
similarity index 100%
rename from systemvm/patches/debian/etc/modprobe.d/pcspkr.conf
rename to systemvm/debian/etc/modprobe.d/pcspkr.conf
diff --git a/systemvm/patches/vpn/etc/ppp/options.xl2tpd b/systemvm/debian/etc/ppp/options.xl2tpd
similarity index 100%
rename from systemvm/patches/vpn/etc/ppp/options.xl2tpd
rename to systemvm/debian/etc/ppp/options.xl2tpd
diff --git a/systemvm/patches/debian/etc/profile.d/cloud.sh b/systemvm/debian/etc/profile.d/cloud.sh
similarity index 100%
rename from systemvm/patches/debian/etc/profile.d/cloud.sh
rename to systemvm/debian/etc/profile.d/cloud.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/savepassword.sh b/systemvm/debian/etc/rc.local
similarity index 52%
copy from systemvm/patches/debian/opt/cloud/bin/savepassword.sh
copy to systemvm/debian/etc/rc.local
index 079b26f..94c6466 100755
--- a/systemvm/patches/debian/opt/cloud/bin/savepassword.sh
+++ b/systemvm/debian/etc/rc.local
@@ -16,31 +16,32 @@
# specific language governing permissions and limitations
# under the License.
-# Usage
-# save_password -v <user VM IP> -p <password>
+[ ! -f /var/cache/cloud/enabled_svcs ] && touch /var/cache/cloud/enabled_svcs
+for svc in $(cat /var/cache/cloud/enabled_svcs)
+do
+ logger -t cloud "Starting $svc"
+ systemctl enable --no-block --now $svc
+done
-while getopts 'v:p:' OPTION
+[ ! -f /var/cache/cloud/disabled_svcs ] && touch /var/cache/cloud/disabled_svcs
+for svc in $(cat /var/cache/cloud/disabled_svcs)
do
- case $OPTION in
- v) VM_IP="$OPTARG"
- ;;
- p) PASSWORD="$OPTARG"
- ;;
- ?) echo "Incorrect usage"
- ;;
- esac
+ logger -t cloud "Stopping $svc"
+ systemctl disable --no-block --now $svc
done
-TOKEN_FILE="/tmp/passwdsrvrtoken"
-TOKEN=""
-if [ -f $TOKEN_FILE ]; then
- TOKEN=$(cat $TOKEN_FILE)
+
+# Restore the persistent iptables nat, rules and filters for IPv4 and IPv6 if they exist
+ipv4="/etc/iptables/rules.v4"
+if [ -e $ipv4 ]
+then
+ iptables-restore < $ipv4
fi
-ps aux | grep passwd_server_ip.py |grep -v grep 2>&1 > /dev/null
-if [ $? -eq 0 ]
+
+ipv6="/etc/iptables/rules.v6"
+if [ -e $ipv6 ]
then
- ips=$(ip addr show | grep inet | awk '{print $2}')
- for ip in $ips; do
- server_ip=$(echo $ip | awk -F'/' '{print $1}')
- curl --header "DomU_Request: save_password" "http://$server_ip:8080/" -F "ip=$VM_IP" -F "password=$PASSWORD" -F "token=$TOKEN" >/dev/null 2>/dev/null &
- done
+ iptables-restore < $ipv6
fi
+
+date > /var/cache/cloud/boot_up_done
+logger -t cloud "Boot up process done"
diff --git a/systemvm/patches/debian/etc/rsyslog.conf b/systemvm/debian/etc/rsyslog.conf
similarity index 100%
rename from systemvm/patches/debian/etc/rsyslog.conf
rename to systemvm/debian/etc/rsyslog.conf
diff --git a/systemvm/patches/debian/etc/ssh/sshd_config b/systemvm/debian/etc/ssh/sshd_config
similarity index 99%
rename from systemvm/patches/debian/etc/ssh/sshd_config
rename to systemvm/debian/etc/ssh/sshd_config
index 4931cdb..f277574 100644
--- a/systemvm/patches/debian/etc/ssh/sshd_config
+++ b/systemvm/debian/etc/ssh/sshd_config
@@ -57,7 +57,6 @@ AuthorizedKeysFile .ssh/authorized_keys
#IgnoreRhosts yes
# To disable tunneled clear text passwords, change to no here!
-#PasswordAuthentication yes
#PermitEmptyPasswords no
PasswordAuthentication no
diff --git a/systemvm/patches/debian/etc/sysctl.conf b/systemvm/debian/etc/sysctl.conf
similarity index 100%
rename from systemvm/patches/debian/etc/sysctl.conf
rename to systemvm/debian/etc/sysctl.conf
diff --git a/systemvm/debian/etc/systemd/system/cloud-early-config.service b/systemvm/debian/etc/systemd/system/cloud-early-config.service
new file mode 100644
index 0000000..2af5276
--- /dev/null
+++ b/systemvm/debian/etc/systemd/system/cloud-early-config.service
@@ -0,0 +1,18 @@
+[Unit]
+Description=CloudStack post-boot patching service using cmdline
+DefaultDependencies=no
+
+Before=network-pre.target
+Wants=network-pre.target
+
+Requires=local-fs.target
+After=local-fs.target
+
+[Install]
+WantedBy=multi-user.target
+
+[Service]
+Type=oneshot
+ExecStart=/opt/cloud/bin/setup/cloud-early-config
+RemainAfterExit=true
+TimeoutStartSec=5min
diff --git a/systemvm/debian/etc/systemd/system/cloud-password-server@.service b/systemvm/debian/etc/systemd/system/cloud-password-server@.service
new file mode 100644
index 0000000..2fe8bec
--- /dev/null
+++ b/systemvm/debian/etc/systemd/system/cloud-password-server@.service
@@ -0,0 +1,12 @@
+[Unit]
+Description=Cloud password server on %I
+After=network.target local-fs.target
+
+[Install]
+WantedBy=multi-user.target
+
+[Service]
+Type=simple
+WorkingDirectory=/opt/cloud/bin
+ExecStart=/opt/cloud/bin/passwd_server_ip.py %I
+Restart=on-failure
diff --git a/systemvm/debian/etc/systemd/system/cloud-postinit.service b/systemvm/debian/etc/systemd/system/cloud-postinit.service
new file mode 100644
index 0000000..83f0636
--- /dev/null
+++ b/systemvm/debian/etc/systemd/system/cloud-postinit.service
@@ -0,0 +1,14 @@
+[Unit]
+Description=CloudStack post-patching init script
+After=cloud-early-config.service network.target local-fs.target
+Before=ssh.service
+Requires=network.service
+
+[Install]
+WantedBy=multi-user.target
+
+[Service]
+Type=oneshot
+ExecStart=/opt/cloud/bin/setup/postinit.sh
+RemainAfterExit=true
+TimeoutStartSec=1min
diff --git a/systemvm/debian/etc/systemd/system/cloud.service b/systemvm/debian/etc/systemd/system/cloud.service
new file mode 100644
index 0000000..9c61be4
--- /dev/null
+++ b/systemvm/debian/etc/systemd/system/cloud.service
@@ -0,0 +1,13 @@
+[Unit]
+Description=CloudStack Agent service
+After=cloud-early-config.service network.target local-fs.target
+
+[Install]
+WantedBy=multi-user.target
+
+[Service]
+Type=simple
+WorkingDirectory=/usr/local/cloud/systemvm
+ExecStart=/usr/local/cloud/systemvm/_run.sh
+Restart=always
+RestartSec=5
diff --git a/systemvm/patches/debian/etc/vpcdnsmasq.conf b/systemvm/debian/etc/vpcdnsmasq.conf
similarity index 100%
rename from systemvm/patches/debian/etc/vpcdnsmasq.conf
rename to systemvm/debian/etc/vpcdnsmasq.conf
diff --git a/systemvm/patches/vpn/etc/xl2tpd/xl2tpd.conf b/systemvm/debian/etc/xl2tpd/xl2tpd.conf
similarity index 100%
rename from systemvm/patches/vpn/etc/xl2tpd/xl2tpd.conf
rename to systemvm/debian/etc/xl2tpd/xl2tpd.conf
diff --git a/systemvm/patches/debian/opt/cloud/bin/baremetal-vr.py b/systemvm/debian/opt/cloud/bin/baremetal-vr.py
similarity index 99%
rename from systemvm/patches/debian/opt/cloud/bin/baremetal-vr.py
rename to systemvm/debian/opt/cloud/bin/baremetal-vr.py
index e5b6aca..20352dd 100755
--- a/systemvm/patches/debian/opt/cloud/bin/baremetal-vr.py
+++ b/systemvm/debian/opt/cloud/bin/baremetal-vr.py
@@ -15,8 +15,6 @@
#specific language governing permissions and limitations
#under the License.
-__author__ = 'frank'
-
import subprocess
import urllib
import hmac
diff --git a/systemvm/patches/debian/opt/cloud/bin/baremetal_snat.sh b/systemvm/debian/opt/cloud/bin/baremetal_snat.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/baremetal_snat.sh
rename to systemvm/debian/opt/cloud/bin/baremetal_snat.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/bumpup_priority.sh b/systemvm/debian/opt/cloud/bin/bumpup_priority.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/bumpup_priority.sh
rename to systemvm/debian/opt/cloud/bin/bumpup_priority.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/checkbatchs2svpn.sh b/systemvm/debian/opt/cloud/bin/checkbatchs2svpn.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/checkbatchs2svpn.sh
rename to systemvm/debian/opt/cloud/bin/checkbatchs2svpn.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/checkrouter.sh b/systemvm/debian/opt/cloud/bin/checkrouter.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/checkrouter.sh
rename to systemvm/debian/opt/cloud/bin/checkrouter.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/checks2svpn.sh b/systemvm/debian/opt/cloud/bin/checks2svpn.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/checks2svpn.sh
rename to systemvm/debian/opt/cloud/bin/checks2svpn.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/cloud-nic.sh b/systemvm/debian/opt/cloud/bin/cloud-nic.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cloud-nic.sh
rename to systemvm/debian/opt/cloud/bin/cloud-nic.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/configure.py b/systemvm/debian/opt/cloud/bin/configure.py
similarity index 85%
rename from systemvm/patches/debian/opt/cloud/bin/configure.py
rename to systemvm/debian/opt/cloud/bin/configure.py
index 3b39e6d..95f0015 100755
--- a/systemvm/patches/debian/opt/cloud/bin/configure.py
+++ b/systemvm/debian/opt/cloud/bin/configure.py
@@ -16,16 +16,14 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-import sys
import base64
-
-from collections import OrderedDict
-
import logging
+import os
import re
+import sys
+import time
-import os.path
-import os
+from collections import OrderedDict
from fcntl import flock, LOCK_EX, LOCK_UN
from cs.CsDatabag import CsDataBag
@@ -39,11 +37,10 @@ from cs.CsConfig import CsConfig
from cs.CsProcess import CsProcess
from cs.CsStaticRoutes import CsStaticRoutes
-OCCURRENCES = 1
class CsPassword(CsDataBag):
- TOKEN_FILE="/tmp/passwdsrvrtoken"
+ TOKEN_FILE = "/tmp/passwdsrvrtoken"
def process(self):
for item in self.dbag:
@@ -66,7 +63,7 @@ class CsPassword(CsDataBag):
proc = CsProcess(['/opt/cloud/bin/passwd_server_ip.py', server_ip])
if proc.find():
update_command = 'curl --header "DomU_Request: save_password" "http://{SERVER_IP}:8080/" -F "ip={VM_IP}" -F "password={PASSWORD}" ' \
- '-F "token={TOKEN}" >/dev/null 2>/dev/null &'.format(SERVER_IP=server_ip, VM_IP=vm_ip, PASSWORD=password, TOKEN=token)
+ '-F "token={TOKEN}" >/dev/null 2>/dev/null &'.format(SERVER_IP=server_ip, VM_IP=vm_ip, PASSWORD=password, TOKEN=token)
result = CsHelper.execute(update_command)
logging.debug("Update password server result ==> %s" % result)
@@ -96,7 +93,7 @@ class CsAcl(CsDataBag):
self.rule['allowed'] = True
self.rule['action'] = "ACCEPT"
- if self.rule['type'] == 'all' and obj['source_cidr_list']:
+ if self.rule['type'] == 'all' and obj['source_cidr_list']:
self.rule['cidr'] = []
else:
self.rule['cidr'] = obj['source_cidr_list']
@@ -127,7 +124,7 @@ class CsAcl(CsDataBag):
rnge = ''
if "first_port" in self.rule.keys() and \
self.rule['first_port'] == self.rule['last_port']:
- rnge = " --dport %s " %self.rule['first_port']
+ rnge = " --dport %s " % self.rule['first_port']
if "first_port" in self.rule.keys() and \
self.rule['first_port'] != self.rule['last_port']:
rnge = " --dport %s:%s" % (rule['first_port'], rule['last_port'])
@@ -149,21 +146,21 @@ class CsAcl(CsDataBag):
" -p %s " % rule['protocol'] +
" %s -j %s" % (rnge, self.rule['action'])])
- sflag=False
- dflag=False
+ sflag = False
+ dflag = False
if self.direction == 'egress':
ruleId = self.rule['id']
- sourceIpsetName = 'sourceCidrIpset-%d' %ruleId
- destIpsetName = 'destCidrIpset-%d' %ruleId
+ sourceIpsetName = 'sourceCidrIpset-%d' % ruleId
+ destIpsetName = 'destCidrIpset-%d' % ruleId
- #create source cidr ipset
+ # Create source cidr ipset
srcIpset = 'ipset create '+sourceIpsetName + ' hash:net '
dstIpset = 'ipset create '+destIpsetName + ' hash:net '
CsHelper.execute(srcIpset)
CsHelper.execute(dstIpset)
for cidr in self.rule['cidr']:
- ipsetAddCmd = 'ipset add '+ sourceIpsetName + ' '+cidr
+ ipsetAddCmd = 'ipset add ' + sourceIpsetName + ' ' + cidr
CsHelper.execute(ipsetAddCmd)
sflag = True
@@ -171,7 +168,7 @@ class CsAcl(CsDataBag):
for cidr in self.rule['dcidr']:
if cidr == CIDR_ALL:
continue
- ipsetAddCmd = 'ipset add '+ destIpsetName + ' '+cidr
+ ipsetAddCmd = 'ipset add ' + destIpsetName + ' ' + cidr
CsHelper.execute(ipsetAddCmd)
dflag = True
@@ -196,13 +193,13 @@ class CsAcl(CsDataBag):
else:
self.rule['action'] = "ACCEPT"
- egressIpsetStr=''
- if sflag == True and dflag == True:
+ egressIpsetStr = ''
+ if sflag and dflag:
egressIpsetStr = " -m set --match-set %s src " % sourceIpsetName + \
" -m set --match-set %s dst " % destIpsetName
- elif sflag == True:
+ elif sflag:
egressIpsetStr = " -m set --match-set %s src " % sourceIpsetName
- elif dflag == True:
+ elif dflag:
egressIpsetStr = " -m set --match-set %s dst " % destIpsetName
if rule['protocol'] == "icmp":
@@ -359,7 +356,7 @@ class CsVmMetadata(CsDataBag):
if data is not None:
# need to pad data if it is not valid base 64
if len(data) % 4 != 0:
- data += (4-(len(data) % 4)) * "="
+ data += (4 - (len(data) % 4)) * "="
data = base64.b64decode(data)
fh = open(dest, "w")
@@ -466,7 +463,7 @@ class CsVmMetadata(CsDataBag):
def __unflock(self, file):
try:
flock(file, LOCK_UN)
- except IOError:
+ except IOError as e:
print "failed to unlock file" + file.name + " due to : " + e.strerror
sys.exit(1) # FIXME
return True
@@ -539,8 +536,8 @@ class CsSite2SiteVpn(CsDataBag):
peerlist = obj['peer_guest_cidr_list'].replace(' ', '')
vpnconffile = "%s/ipsec.vpn-%s.conf" % (self.VPNCONFDIR, rightpeer)
vpnsecretsfile = "%s/ipsec.vpn-%s.secrets" % (self.VPNCONFDIR, rightpeer)
- ikepolicy=obj['ike_policy'].replace(';','-')
- esppolicy=obj['esp_policy'].replace(';','-')
+ ikepolicy = obj['ike_policy'].replace(';', '-')
+ esppolicy = obj['esp_policy'].replace(';', '-')
if rightpeer in self.confips:
self.confips.remove(rightpeer)
@@ -561,7 +558,7 @@ class CsSite2SiteVpn(CsDataBag):
file.addeq(" keyingtries=2")
file.addeq(" auto=route")
if 'encap' not in obj:
- obj['encap']=False
+ obj['encap'] = False
file.addeq(" forceencaps=%s" % CsHelper.bool_to_yn(obj['encap']))
if obj['dpd']:
file.addeq(" dpddelay=30")
@@ -595,14 +592,14 @@ class CsSite2SiteVpn(CsDataBag):
class CsVpnUser(CsDataBag):
- PPP_CHAP='/etc/ppp/chap-secrets'
+ PPP_CHAP = '/etc/ppp/chap-secrets'
def process(self):
for user in self.dbag:
if user == 'id':
continue
- userconfig=self.dbag[user]
+ userconfig = self.dbag[user]
if userconfig['add']:
self.add_l2tp_ipsec_user(user, userconfig)
else:
@@ -612,7 +609,7 @@ class CsVpnUser(CsDataBag):
userfound = False
password = obj['password']
- userAddEntry = "%s * %s *" %(user,password)
+ userAddEntry = "%s * %s *" % (user, password)
logging.debug("Adding vpn user '%s'" % user)
file = CsFile(self.PPP_CHAP)
@@ -626,7 +623,7 @@ class CsVpnUser(CsDataBag):
def del_l2tp_ipsec_user(self, user, obj):
userfound = False
password = obj['password']
- userentry = "%s * %s *" % (user,password)
+ userentry = "%s * %s *" % (user, password)
logging.debug("Deleting the user '%s'" % user)
file = CsFile(self.PPP_CHAP)
@@ -647,7 +644,7 @@ class CsVpnUser(CsDataBag):
if pppd == 'PPPD_PID':
pid = str.split('=')[1]
if pid:
- logging.debug("killing process %s" %pid)
+ logging.debug("killing process %s" % pid)
CsHelper.execute('kill -9 %s' % pid)
@@ -662,12 +659,11 @@ class CsRemoteAccessVpn(CsDataBag):
for public_ip in self.dbag:
if public_ip == "id":
continue
- vpnconfig=self.dbag[public_ip]
+ vpnconfig = self.dbag[public_ip]
# Enable remote access vpn
if vpnconfig['create']:
- shutdownIpsec = False
- logging.debug("Enabling remote access vpn on "+ public_ip)
+ logging.debug("Enabling remote access vpn on " + public_ip)
CsHelper.start_if_stopped("ipsec")
self.configure_l2tpIpsec(public_ip, self.dbag[public_ip])
@@ -682,20 +678,19 @@ class CsRemoteAccessVpn(CsDataBag):
CsHelper.execute("ipsec down L2TP-PSK")
CsHelper.execute("systemctl stop xl2tpd")
+ def configure_l2tpIpsec(self, left, obj):
+ l2tpconffile = "%s/l2tp.conf" % (self.VPNCONFDIR)
+ vpnsecretfilte = "%s/ipsec.any.secrets" % (self.VPNCONFDIR)
+ xl2tpdconffile = "/etc/xl2tpd/xl2tpd.conf"
+ xl2tpoptionsfile = "/etc/ppp/options.xl2tpd"
- def configure_l2tpIpsec(self, left, obj):
- l2tpconffile="%s/l2tp.conf" % (self.VPNCONFDIR)
- vpnsecretfilte="%s/ipsec.any.secrets" % (self.VPNCONFDIR)
- xl2tpdconffile="/etc/xl2tpd/xl2tpd.conf"
- xl2tpoptionsfile='/etc/ppp/options.xl2tpd'
-
- localip=obj['local_ip']
- localcidr=obj['local_cidr']
- publicIface=obj['public_interface']
- iprange=obj['ip_range']
- psk=obj['preshared_key']
+ localip = obj['local_ip']
+ localcidr = obj['local_cidr']
+ publicIface = obj['public_interface']
+ iprange = obj['ip_range']
+ psk = obj['preshared_key']
- #left
+ # Left
l2tpfile = CsFile(l2tpconffile)
l2tpfile.addeq(" left=%s" % left)
l2tpfile.commit()
@@ -706,19 +701,18 @@ class CsRemoteAccessVpn(CsDataBag):
secret.commit()
xl2tpdconf = CsFile(xl2tpdconffile)
- xl2tpdconf.addeq("ip range = %s" %iprange)
- xl2tpdconf.addeq("local ip = %s" %localip)
+ xl2tpdconf.addeq("ip range = %s" % iprange)
+ xl2tpdconf.addeq("local ip = %s" % localip)
xl2tpdconf.commit()
- xl2tpoptions=CsFile(xl2tpoptionsfile)
- xl2tpoptions.search("ms-dns ", "ms-dns %s" %localip)
+ xl2tpoptions = CsFile(xl2tpoptionsfile)
+ xl2tpoptions.search("ms-dns ", "ms-dns %s" % localip)
xl2tpoptions.commit()
def remoteaccessvpn_iptables(self, publicip, obj):
- publicdev=obj['public_interface']
- localcidr=obj['local_cidr']
- local_ip=obj['local_ip']
-
+ publicdev = obj['public_interface']
+ localcidr = obj['local_cidr']
+ local_ip = obj['local_ip']
self.fw.append(["", "", "-A INPUT -i %s --dst %s -p udp -m udp --dport 500 -j ACCEPT" % (publicdev, publicip)])
self.fw.append(["", "", "-A INPUT -i %s --dst %s -p udp -m udp --dport 4500 -j ACCEPT" % (publicdev, publicip)])
@@ -729,31 +723,30 @@ class CsRemoteAccessVpn(CsDataBag):
self.fw.append(["", "", "-A OUTPUT -p esp -j ACCEPT"])
if self.config.is_vpc():
- self.fw.append(["", ""," -N VPN_FORWARD"])
- self.fw.append(["", "","-I FORWARD -i ppp+ -j VPN_FORWARD"])
- self.fw.append(["", "","-I FORWARD -o ppp+ -j VPN_FORWARD"])
- self.fw.append(["", "","-I FORWARD -o ppp+ -j VPN_FORWARD"])
- self.fw.append(["", "","-A VPN_FORWARD -s %s -j RETURN" %localcidr])
- self.fw.append(["", "","-A VPN_FORWARD -i ppp+ -d %s -j RETURN" %localcidr])
- self.fw.append(["", "","-A VPN_FORWARD -i ppp+ -o ppp+ -j RETURN"])
+ self.fw.append(["", "", " -N VPN_FORWARD"])
+ self.fw.append(["", "", "-I FORWARD -i ppp+ -j VPN_FORWARD"])
+ self.fw.append(["", "", "-I FORWARD -o ppp+ -j VPN_FORWARD"])
+ self.fw.append(["", "", "-I FORWARD -o ppp+ -j VPN_FORWARD"])
+ self.fw.append(["", "", "-A VPN_FORWARD -s %s -j RETURN" % localcidr])
+ self.fw.append(["", "", "-A VPN_FORWARD -i ppp+ -d %s -j RETURN" % localcidr])
+ self.fw.append(["", "", "-A VPN_FORWARD -i ppp+ -o ppp+ -j RETURN"])
else:
- self.fw.append(["", "","-A FORWARD -i ppp+ -o ppp+ -j ACCEPT"])
- self.fw.append(["", "","-A FORWARD -s %s -o ppp+ -j ACCEPT" % localcidr])
- self.fw.append(["", "","-A FORWARD -i ppp+ -d %s -j ACCEPT" % localcidr])
-
+ self.fw.append(["", "", "-A FORWARD -i ppp+ -o ppp+ -j ACCEPT"])
+ self.fw.append(["", "", "-A FORWARD -s %s -o ppp+ -j ACCEPT" % localcidr])
+ self.fw.append(["", "", "-A FORWARD -i ppp+ -d %s -j ACCEPT" % localcidr])
- self.fw.append(["", "","-A INPUT -i ppp+ -m udp -p udp --dport 53 -j ACCEPT"])
- self.fw.append(["", "","-A INPUT -i ppp+ -m tcp -p tcp --dport 53 -j ACCEPT"])
- self.fw.append(["nat", "","-I PREROUTING -i ppp+ -m tcp --dport 53 -j DNAT --to-destination %s" % local_ip])
+ self.fw.append(["", "", "-A INPUT -i ppp+ -m udp -p udp --dport 53 -j ACCEPT"])
+ self.fw.append(["", "", "-A INPUT -i ppp+ -m tcp -p tcp --dport 53 -j ACCEPT"])
+ self.fw.append(["nat", "", "-I PREROUTING -i ppp+ -m tcp --dport 53 -j DNAT --to-destination %s" % local_ip])
if self.config.is_vpc():
return
- self.fw.append(["mangle", "","-N VPN_%s " %publicip])
- self.fw.append(["mangle", "","-A VPN_%s -j RETURN " % publicip])
- self.fw.append(["mangle", "","-I VPN_%s -p ah -j ACCEPT " % publicip])
- self.fw.append(["mangle", "","-I VPN_%s -p esp -j ACCEPT " % publicip])
- self.fw.append(["mangle", "","-I PREROUTING -d %s -j VPN_%s " % (publicip, publicip)])
+ self.fw.append(["mangle", "", "-N VPN_%s " % publicip])
+ self.fw.append(["mangle", "", "-A VPN_%s -j RETURN " % publicip])
+ self.fw.append(["mangle", "", "-I VPN_%s -p ah -j ACCEPT " % publicip])
+ self.fw.append(["mangle", "", "-I VPN_%s -p esp -j ACCEPT " % publicip])
+ self.fw.append(["mangle", "", "-I PREROUTING -d %s -j VPN_%s " % (publicip, publicip)])
class CsForwardingRules(CsDataBag):
@@ -768,7 +761,7 @@ class CsForwardingRules(CsDataBag):
elif rule["type"] == "staticnat":
self.processStaticNatRule(rule)
- #return the VR guest interface ip
+ # Return the VR guest interface ip
def getGuestIp(self):
interfaces = []
ipAddr = None
@@ -814,7 +807,7 @@ class CsForwardingRules(CsDataBag):
self.forward_vr(rule)
def forward_vr(self, rule):
- #prefetch iptables variables
+ # Prefetch iptables variables
public_fwinterface = self.getDeviceByIp(rule['public_ip'])
internal_fwinterface = self.getDeviceByIp(rule['internal_ip'])
public_fwports = self.portsToString(rule['public_ports'], ':')
@@ -930,10 +923,10 @@ class CsForwardingRules(CsDataBag):
raise Exception("Ip address %s has no device in the ips databag" % rule["public_ip"])
self.fw.append(["mangle", "",
- "-I PREROUTING -s %s/32 -m state --state NEW -j CONNMARK --save-mark --nfmask 0xffffffff --ctmask 0xffffffff" % \
+ "-I PREROUTING -s %s/32 -m state --state NEW -j CONNMARK --save-mark --nfmask 0xffffffff --ctmask 0xffffffff" %
rule["internal_ip"]])
self.fw.append(["mangle", "",
- "-I PREROUTING -s %s/32 -m state --state NEW -j MARK --set-xmark 0x%s/0xffffffff" % \
+ "-I PREROUTING -s %s/32 -m state --state NEW -j MARK --set-xmark 0x%s/0xffffffff" %
(rule["internal_ip"], device[len("eth"):])])
self.fw.append(["nat", "front",
"-A PREROUTING -d %s/32 -j DNAT --to-destination %s" % (rule["public_ip"], rule["internal_ip"])])
@@ -944,11 +937,12 @@ class CsForwardingRules(CsDataBag):
self.fw.append(["filter", "",
"-A FORWARD -i %s -o eth0 -d %s -m state --state NEW -j ACCEPT " % (device, rule["internal_ip"])])
- #configure the hairpin nat
+ # Configure the hairpin nat
self.fw.append(["nat", "front",
"-A PREROUTING -d %s -i eth0 -j DNAT --to-destination %s" % (rule["public_ip"], rule["internal_ip"])])
- self.fw.append(["nat", "front", "-A POSTROUTING -s %s -d %s -j SNAT -o eth0 --to-source %s" % (self.getNetworkByIp(rule['internal_ip']),rule["internal_ip"], self.getGuestIp())])
+ self.fw.append(["nat", "front", "-A POSTROUTING -s %s -d %s -j SNAT -o eth0 --to-source %s" %
+ (self.getNetworkByIp(rule['internal_ip']), rule["internal_ip"], self.getGuestIp())])
class IpTablesExecutor:
@@ -984,8 +978,9 @@ class IpTablesExecutor:
logging.debug("Configuring iptables rules done ...saving rules")
# Save iptables configuration - will be loaded on reboot by the iptables-restore that is configured on /etc/rc.local
- CsHelper.save_iptables("iptables-save", "/etc/iptables/router_rules.v4")
- CsHelper.save_iptables("ip6tables-save", "/etc/iptables/router_rules.v6")
+ CsHelper.save_iptables("iptables-save", "/etc/iptables/rules.v4")
+ CsHelper.save_iptables("ip6tables-save", "/etc/iptables/rules.v6")
+
def main(argv):
# The file we are currently processing, if it is "cmd_line.json" everything will be processed.
@@ -995,6 +990,8 @@ def main(argv):
logging.debug("No file was received, do not go on processing the other actions. Just leave for now.")
return
+ json_type = os.path.basename(process_file).split('.json')[0]
+
# The "GLOBAL" Configuration object
config = CsConfig()
@@ -1008,53 +1005,51 @@ def main(argv):
config.address().compare()
config.address().process()
- databag_map = OrderedDict([("guest_network.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
- ("vm_password.json", {"process_iptables" : False, "executor" : CsPassword("vmpassword", config)}),
- ("vm_metadata.json", {"process_iptables" : False, "executor" : CsVmMetadata('vmdata', config)}),
- ("network_acl.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
- ("firewall_rules.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
- ("forwarding_rules.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
- ("staticnat_rules.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
- ("site_2_site_vpn.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
- ("remote_access_vpn.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
- ("vpn_user_list.json", {"process_iptables" : False, "executor" : CsVpnUser("vpnuserlist", config)}),
- ("vm_dhcp_entry.json", {"process_iptables" : False, "executor" : CsDhcp("dhcpentry", config)}),
- ("dhcp.json", {"process_iptables" : False, "executor" : CsDhcp("dhcpentry", config)}),
- ("load_balancer.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
- ("monitor_service.json", {"process_iptables" : False, "executor" : CsMonitor("monitorservice", config)}),
- ("static_routes.json", {"process_iptables" : False, "executor" : CsStaticRoutes("staticroutes", config)})
+ databag_map = OrderedDict([("guest_network", {"process_iptables": True, "executor": []}),
+ ("vm_password", {"process_iptables": False, "executor": [CsPassword("vmpassword", config)]}),
+ ("vm_metadata", {"process_iptables": False, "executor": [CsVmMetadata('vmdata', config)]}),
+ ("network_acl", {"process_iptables": True, "executor": []}),
+ ("firewall_rules", {"process_iptables": True, "executor": []}),
+ ("forwarding_rules", {"process_iptables": True, "executor": []}),
+ ("staticnat_rules", {"process_iptables": True, "executor": []}),
+ ("site_2_site_vpn", {"process_iptables": True, "executor": []}),
+ ("remote_access_vpn", {"process_iptables": True, "executor": []}),
+ ("vpn_user_list", {"process_iptables": False, "executor": [CsVpnUser("vpnuserlist", config)]}),
+ ("vm_dhcp_entry", {"process_iptables": False, "executor": [CsDhcp("dhcpentry", config)]}),
+ ("dhcp", {"process_iptables": False, "executor": [CsDhcp("dhcpentry", config)]}),
+ ("load_balancer", {"process_iptables": True, "executor": []}),
+ ("monitor_service", {"process_iptables": False, "executor": [CsMonitor("monitorservice", config)]}),
+ ("static_routes", {"process_iptables": False, "executor": [CsStaticRoutes("staticroutes", config)]})
])
- if process_file.count("cmd_line.json") == OCCURRENCES:
- logging.debug("cmd_line.json changed. All other files will be processed as well.")
-
- while databag_map:
- item = databag_map.popitem(last = False)
- item_name = item[0]
- item_dict = item[1]
- if not item_dict["process_iptables"]:
- executor = item_dict["executor"]
- executor.process()
+ def execDatabag(key, db):
+ if key not in db.keys() or 'executor' not in db[key]:
+ logging.warn("Unable to find config or executor(s) for the databag type %s" % key)
+ return
+ for executor in db[key]['executor']:
+ logging.debug("Processing for databag type: %s" % key)
+ executor.process()
+ def execIptables(config):
+ logging.debug("Processing iptables rules")
iptables_executor = IpTablesExecutor(config)
iptables_executor.process()
- else:
- while databag_map:
- item = databag_map.popitem(last = False)
- item_name = item[0]
- item_dict = item[1]
- if process_file.count(item_name) == OCCURRENCES:
- executor = item_dict["executor"]
- executor.process()
-
- if item_dict["process_iptables"]:
- iptables_executor = IpTablesExecutor(config)
- iptables_executor.process()
- break
+ if json_type == "cmd_line":
+ logging.debug("cmd_line.json changed. All other files will be processed as well.")
+ for key in databag_map.keys():
+ execDatabag(key, databag_map)
+ execIptables(config)
+ elif json_type in databag_map.keys():
+ execDatabag(json_type, databag_map)
+ if databag_map[json_type]['process_iptables']:
+ execIptables(config)
+ else:
+ logging.warn("Unable to find and process databag for file: %s, for json type=%s" % (process_file, json_type))
red = CsRedundant(config)
red.set()
+ return 0
if __name__ == "__main__":
main(sys.argv)
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs/CsAddress.py b/systemvm/debian/opt/cloud/bin/cs/CsAddress.py
similarity index 99%
rename from systemvm/patches/debian/opt/cloud/bin/cs/CsAddress.py
rename to systemvm/debian/opt/cloud/bin/cs/CsAddress.py
index d190a72..6ad5045 100755
--- a/systemvm/patches/debian/opt/cloud/bin/cs/CsAddress.py
+++ b/systemvm/debian/opt/cloud/bin/cs/CsAddress.py
@@ -27,6 +27,7 @@ from CsRule import CsRule
VRRP_TYPES = ['guest']
+
class CsAddress(CsDataBag):
def compare(self):
@@ -359,7 +360,6 @@ class CsIP:
self.fw.append(["filter", "", "-P INPUT DROP"])
self.fw.append(["filter", "", "-P FORWARD DROP"])
-
def fw_router(self):
if self.config.is_vpc():
return
@@ -439,7 +439,7 @@ class CsIP:
if self.get_type() in ["guest"]:
self.fw.append(["mangle", "front", "-A PREROUTING " +
- " -i %s -m state --state RELATED,ESTABLISHED " % self.dev +
+ " -i %s -m state --state RELATED,ESTABLISHED " % self.dev +
"-j CONNMARK --restore-mark --nfmask 0xffffffff --ctmask 0xffffffff"])
guestNetworkCidr = self.address['network']
self.fw.append(["filter", "", "-A FORWARD -d %s -o %s -j ACL_INBOUND_%s" %
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs/CsApp.py b/systemvm/debian/opt/cloud/bin/cs/CsApp.py
similarity index 87%
rename from systemvm/patches/debian/opt/cloud/bin/cs/CsApp.py
rename to systemvm/debian/opt/cloud/bin/cs/CsApp.py
index 496a0e7..2085088 100755
--- a/systemvm/patches/debian/opt/cloud/bin/cs/CsApp.py
+++ b/systemvm/debian/opt/cloud/bin/cs/CsApp.py
@@ -16,7 +16,6 @@
# specific language governing permissions and limitations
# under the License.
import os
-import CsHelper
from CsFile import CsFile
from CsProcess import CsProcess
import CsHelper
@@ -74,20 +73,13 @@ class CsPasswdSvc():
self.ip = ip
def start(self):
- proc = CsProcess(["dummy"])
- if proc.grep("passwd_server_ip %s" % self.ip) == -1:
- proc.start("/opt/cloud/bin/passwd_server_ip %s >> /var/log/cloud.log 2>&1" % self.ip, "&")
+ CsHelper.service("cloud-password-server@%s" % self.ip, "start")
def stop(self):
- proc = CsProcess(["Password Service"])
- pid = proc.grep("passwd_server_ip %s" % self.ip)
- proc.kill(pid)
- pid = proc.grep("8080,reuseaddr,fork,crnl,bind=%s" % self.ip)
- proc.kill(pid)
+ CsHelper.service("cloud-password-server@%s" % self.ip, "stop")
def restart(self):
- self.stop()
- self.start()
+ CsHelper.service("cloud-password-server@%s" % self.ip, "restart")
class CsDnsmasq(CsApp):
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs/CsConfig.py b/systemvm/debian/opt/cloud/bin/cs/CsConfig.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cs/CsConfig.py
rename to systemvm/debian/opt/cloud/bin/cs/CsConfig.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs/CsDatabag.py b/systemvm/debian/opt/cloud/bin/cs/CsDatabag.py
similarity index 97%
rename from systemvm/patches/debian/opt/cloud/bin/cs/CsDatabag.py
rename to systemvm/debian/opt/cloud/bin/cs/CsDatabag.py
index 9ccb768..adb9a1a 100755
--- a/systemvm/patches/debian/opt/cloud/bin/cs/CsDatabag.py
+++ b/systemvm/debian/opt/cloud/bin/cs/CsDatabag.py
@@ -136,8 +136,8 @@ class CsCmdLine(CsDataBag):
This is slightly difficult to happen, but if it does, destroy the router with the password generated with the
code below and restart the VPC with out the clean up option.
'''
- if(self.get_type()=='router'):
- passwd="%s-%s" % (self.get_eth2_ip(), self.get_router_id())
+ if self.get_type() == 'router':
+ passwd = "%s-%s" % (self.get_eth2_ip(), self.get_router_id())
else:
passwd = "%s-%s" % (self.get_vpccidr(), self.get_router_id())
md5 = hashlib.md5()
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs/CsDhcp.py b/systemvm/debian/opt/cloud/bin/cs/CsDhcp.py
similarity index 98%
rename from systemvm/patches/debian/opt/cloud/bin/cs/CsDhcp.py
rename to systemvm/debian/opt/cloud/bin/cs/CsDhcp.py
index b645679..6680b94 100755
--- a/systemvm/patches/debian/opt/cloud/bin/cs/CsDhcp.py
+++ b/systemvm/debian/opt/cloud/bin/cs/CsDhcp.py
@@ -135,13 +135,13 @@ class CsDhcp(CsDataBag):
# with a splay of 60 hours to prevent storms
lease = randint(700, 760)
- if entry['default_entry'] == True:
+ if entry['default_entry']:
self.cloud.add("%s,%s,%s,%sh" % (entry['mac_address'],
entry['ipv4_adress'],
entry['host_name'],
lease))
else:
- tag = entry['ipv4_adress'].replace(".","_")
+ tag = entry['ipv4_adress'].replace(".", "_")
self.cloud.add("%s,set:%s,%s,%s,%sh" % (entry['mac_address'],
tag,
entry['ipv4_adress'],
@@ -159,6 +159,5 @@ class CsDhcp(CsDataBag):
# Virtual Router
v['gateway'] = entry['default_gateway']
-
def add_host(self, ip, hosts):
self.hosts[ip] = hosts
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs/CsFile.py b/systemvm/debian/opt/cloud/bin/cs/CsFile.py
similarity index 99%
rename from systemvm/patches/debian/opt/cloud/bin/cs/CsFile.py
rename to systemvm/debian/opt/cloud/bin/cs/CsFile.py
index 334e631..b0a2591 100755
--- a/systemvm/patches/debian/opt/cloud/bin/cs/CsFile.py
+++ b/systemvm/debian/opt/cloud/bin/cs/CsFile.py
@@ -67,7 +67,6 @@ class CsFile:
self.config = list(self.new_config)
logging.info("Updated file in-cache configuration")
-
def dump(self):
for line in self.new_config:
print line
@@ -134,13 +133,12 @@ class CsFile:
return True
return False
-
def searchString(self, search, ignoreLinesStartWith):
found = False
logging.debug("Searching for %s string " % search)
for index, line in enumerate(self.new_config):
- print ' line = ' +line
+ print ' line = ' + line
if line.lstrip().startswith(ignoreLinesStartWith):
continue
if search in line:
@@ -149,7 +147,6 @@ class CsFile:
return found
-
def deleteLine(self, search):
found = False
logging.debug("Searching for %s to remove the line " % search)
@@ -162,7 +159,6 @@ class CsFile:
self.new_config = list(temp_config)
-
def compare(self, o):
result = (isinstance(o, self.__class__) and set(self.config) == set(o.config))
logging.debug("Comparison of CsFiles content is ==> %s" % result)
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs/CsGuestNetwork.py b/systemvm/debian/opt/cloud/bin/cs/CsGuestNetwork.py
similarity index 96%
rename from systemvm/patches/debian/opt/cloud/bin/cs/CsGuestNetwork.py
rename to systemvm/debian/opt/cloud/bin/cs/CsGuestNetwork.py
index d23a870..9a94dc6 100755
--- a/systemvm/patches/debian/opt/cloud/bin/cs/CsGuestNetwork.py
+++ b/systemvm/debian/opt/cloud/bin/cs/CsGuestNetwork.py
@@ -40,7 +40,7 @@ class CsGuestNetwork:
return self.config.get_dns()
dns = []
- if not self.config.use_extdns() and 'router_guest_gateway' in self.data:
+ if 'router_guest_gateway' in self.data and not self.config.use_extdns():
dns.append(self.data['router_guest_gateway'])
if 'dns' in self.data:
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs/CsHelper.py b/systemvm/debian/opt/cloud/bin/cs/CsHelper.py
similarity index 93%
rename from systemvm/patches/debian/opt/cloud/bin/cs/CsHelper.py
rename to systemvm/debian/opt/cloud/bin/cs/CsHelper.py
index 7ff32ee..ad8480d 100755
--- a/systemvm/patches/debian/opt/cloud/bin/cs/CsHelper.py
+++ b/systemvm/debian/opt/cloud/bin/cs/CsHelper.py
@@ -21,16 +21,18 @@ for use in the configuration process
"""
import subprocess
import logging
+import sys
import os.path
import re
import shutil
from netaddr import *
from pprint import pprint
-PUBLIC_INTERFACES = {"router" : "eth2", "vpcrouter" : "eth1"}
+PUBLIC_INTERFACES = {"router": "eth2", "vpcrouter": "eth1"}
+
+STATE_COMMANDS = {"router": "ip addr | grep eth0 | grep inet | wc -l | xargs bash -c 'if [ $0 == 2 ]; then echo \"MASTER\"; else echo \"BACKUP\"; fi'",
+ "vpcrouter": "ip addr | grep eth1 | grep state | awk '{print $9;}' | xargs bash -c 'if [ $0 == \"UP\" ]; then echo \"MASTER\"; else echo \"BACKUP\"; fi'"}
-STATE_COMMANDS = {"router" : "ip addr | grep eth0 | grep inet | wc -l | xargs bash -c 'if [ $0 == 2 ]; then echo \"MASTER\"; else echo \"BACKUP\"; fi'",
- "vpcrouter" : "ip addr | grep eth1 | grep state | awk '{print $9;}' | xargs bash -c 'if [ $0 == \"UP\" ]; then echo \"MASTER\"; else echo \"BACKUP\"; fi'"}
def reconfigure_interfaces(router_config, interfaces):
for interface in interfaces:
@@ -52,6 +54,7 @@ def reconfigure_interfaces(router_config, interfaces):
else:
execute(cmd)
+
def is_mounted(name):
for i in execute("mount"):
vals = i.lstrip().split()
@@ -242,6 +245,7 @@ def copy_if_needed(src, dest):
return
copy(src, dest)
+
def copy(src, dest):
"""
copy source to destination.
@@ -249,6 +253,6 @@ def copy(src, dest):
try:
shutil.copy2(src, dest)
except IOError:
- logging.Error("Could not copy %s to %s" % (src, dest))
+ logging.error("Could not copy %s to %s" % (src, dest))
else:
logging.info("Copied %s to %s" % (src, dest))
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs/CsLoadBalancer.py b/systemvm/debian/opt/cloud/bin/cs/CsLoadBalancer.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cs/CsLoadBalancer.py
rename to systemvm/debian/opt/cloud/bin/cs/CsLoadBalancer.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs/CsMonitor.py b/systemvm/debian/opt/cloud/bin/cs/CsMonitor.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cs/CsMonitor.py
rename to systemvm/debian/opt/cloud/bin/cs/CsMonitor.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs/CsNetfilter.py b/systemvm/debian/opt/cloud/bin/cs/CsNetfilter.py
similarity index 96%
rename from systemvm/patches/debian/opt/cloud/bin/cs/CsNetfilter.py
rename to systemvm/debian/opt/cloud/bin/cs/CsNetfilter.py
index 035125e..c3c7962 100755
--- a/systemvm/patches/debian/opt/cloud/bin/cs/CsNetfilter.py
+++ b/systemvm/debian/opt/cloud/bin/cs/CsNetfilter.py
@@ -143,7 +143,7 @@ class CsNetfilters(object):
# PASS 2: Create rules
for fw in list:
tupledFw = tuple(fw)
- if tupledFw in ruleSet :
+ if tupledFw in ruleSet:
logging.debug("Already processed : %s", tupledFw)
continue
@@ -173,12 +173,12 @@ class CsNetfilters(object):
else:
cpy = cpy.replace("-A %s" % new_rule.get_chain(), '-I %s %s' % (new_rule.get_chain(), fw[1]))
ret = CsHelper.execute2("iptables -t %s %s" % (new_rule.get_table(), cpy))
- #There are some issues in this framework causing failures .. like adding a chain without checking it is present causing
+ # There are some issues in this framework causing failures .. like adding a chain without checking it is present causing
# the failures. Also some of the rule like removeFromLoadBalancerRule is deleting rule and deleteLoadBalancerRule
- #trying to delete which causes the failure.
- #For now raising the log.
- #TODO: Need to fix in the framework.
- if ret.returncode != 0 :
+ # trying to delete which causes the failure.
+ # For now raising the log.
+ # TODO: Need to fix in the framework.
+ if ret.returncode != 0:
error = ret.communicate()[0]
logging.debug("iptables command got failed ... continuing")
ruleSet.add(tupledFw)
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs/CsProcess.py b/systemvm/debian/opt/cloud/bin/cs/CsProcess.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cs/CsProcess.py
rename to systemvm/debian/opt/cloud/bin/cs/CsProcess.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs/CsRedundant.py b/systemvm/debian/opt/cloud/bin/cs/CsRedundant.py
similarity index 96%
rename from systemvm/patches/debian/opt/cloud/bin/cs/CsRedundant.py
rename to systemvm/debian/opt/cloud/bin/cs/CsRedundant.py
index 99c7458..108f337 100755
--- a/systemvm/patches/debian/opt/cloud/bin/cs/CsRedundant.py
+++ b/systemvm/debian/opt/cloud/bin/cs/CsRedundant.py
@@ -42,6 +42,7 @@ from CsStaticRoutes import CsStaticRoutes
import socket
from time import sleep
+
class CsRedundant(object):
CS_RAMDISK_DIR = "/ramdisk"
@@ -74,10 +75,6 @@ class CsRedundant(object):
def _redundant_off(self):
CsHelper.service("conntrackd", "stop")
CsHelper.service("keepalived", "stop")
- #CsHelper.umount_tmpfs(self.CS_RAMDISK_DIR)
- #CsHelper.rmdir(self.CS_RAMDISK_DIR)
- CsHelper.rm(self.CONNTRACKD_CONF)
- CsHelper.rm(self.KEEPALIVED_CONF)
def _redundant_on(self):
guest = self.address.get_guest_if()
@@ -110,9 +107,10 @@ class CsRedundant(object):
CsHelper.service("keepalived", "stop")
return
- #CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False)
- #CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR)
- #CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False)
+ # setup_router should execute this already:
+ # CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False)
+ # CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR)
+ # CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False)
for s in self.CS_TEMPLATES:
d = s
if s.endswith(".templ"):
@@ -143,7 +141,7 @@ class CsRedundant(object):
keepalived_conf.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR)
keepalived_conf.section("authentication {", "}", [
- " auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()])
+ " auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()[:8]])
keepalived_conf.section(
"virtual_ipaddress {", "}", self._collect_ips())
@@ -195,6 +193,7 @@ class CsRedundant(object):
proc = CsProcess(['/usr/sbin/keepalived'])
if not proc.find() or keepalived_conf.is_changed() or force_keepalived_restart:
keepalived_conf.commit()
+ os.chmod(self.KEEPALIVED_CONF, 0o644)
CsHelper.service("keepalived", "restart")
def release_lock(self):
@@ -371,10 +370,10 @@ class CsRedundant(object):
lines = []
for interface in self.address.get_interfaces():
if interface.needs_vrrp():
- cmdline=self.config.get_cmdline_instance()
+ cmdline = self.config.get_cmdline_instance()
if not interface.is_added():
continue
- if(cmdline.get_type()=='router'):
+ if cmdline.get_type() == 'router':
str = " %s brd %s dev %s\n" % (cmdline.get_guest_gw(), interface.get_broadcast(), interface.get_device())
else:
str = " %s brd %s dev %s\n" % (interface.get_gateway_cidr(), interface.get_broadcast(), interface.get_device())
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs/CsRoute.py b/systemvm/debian/opt/cloud/bin/cs/CsRoute.py
similarity index 93%
rename from systemvm/patches/debian/opt/cloud/bin/cs/CsRoute.py
rename to systemvm/debian/opt/cloud/bin/cs/CsRoute.py
index 56096c8..02cc881 100755
--- a/systemvm/patches/debian/opt/cloud/bin/cs/CsRoute.py
+++ b/systemvm/debian/opt/cloud/bin/cs/CsRoute.py
@@ -34,14 +34,13 @@ class CsRoute:
tablename = self.get_tablename(devicename)
str = "%s %s" % (tablenumber, tablename)
filename = "/etc/iproute2/rt_tables"
- logging.info(
- "Adding route table: " + str + " to " + filename + " if not present ")
+ logging.info("Adding route table: " + str + " to " + filename + " if not present ")
if not CsHelper.definedinfile(filename, str):
- CsHelper.execute("sudo echo " + str + " >> /etc/iproute2/rt_tables")
+ CsHelper.execute("sudo echo " + str + " >> /etc/iproute2/rt_tables")
# remove "from all table tablename" if exists, else it will interfer with
# routing of unintended traffic
if self.findRule("from all lookup " + tablename):
- CsHelper.execute("sudo ip rule delete from all table " + tablename)
+ CsHelper.execute("sudo ip rule delete from all table " + tablename)
def flush_table(self, tablename):
CsHelper.execute("ip route flush table %s" % (tablename))
@@ -115,4 +114,4 @@ class CsRoute:
for i in CsHelper.execute("ip rule show"):
if rule in i.strip():
return True
- return False
\ No newline at end of file
+ return False
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs/CsRule.py b/systemvm/debian/opt/cloud/bin/cs/CsRule.py
similarity index 98%
rename from systemvm/patches/debian/opt/cloud/bin/cs/CsRule.py
rename to systemvm/debian/opt/cloud/bin/cs/CsRule.py
index 9c48768..85953fe 100755
--- a/systemvm/patches/debian/opt/cloud/bin/cs/CsRule.py
+++ b/systemvm/debian/opt/cloud/bin/cs/CsRule.py
@@ -49,7 +49,7 @@ class CsRule:
logging.info("Added fwmark rule for %s" % (self.table))
def delMark(self):
- if self.findMark():
+ if self.findMark():
cmd = "ip rule delete fwmark %s table %s" % (self.tableNo, self.table)
CsHelper.execute(cmd)
logging.info("Deleting fwmark rule for %s" % (self.table))
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs/CsStaticRoutes.py b/systemvm/debian/opt/cloud/bin/cs/CsStaticRoutes.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cs/CsStaticRoutes.py
rename to systemvm/debian/opt/cloud/bin/cs/CsStaticRoutes.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs/__init__.py b/systemvm/debian/opt/cloud/bin/cs/__init__.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cs/__init__.py
rename to systemvm/debian/opt/cloud/bin/cs/__init__.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs_cmdline.py b/systemvm/debian/opt/cloud/bin/cs_cmdline.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cs_cmdline.py
rename to systemvm/debian/opt/cloud/bin/cs_cmdline.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs_dhcp.py b/systemvm/debian/opt/cloud/bin/cs_dhcp.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cs_dhcp.py
rename to systemvm/debian/opt/cloud/bin/cs_dhcp.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs_firewallrules.py b/systemvm/debian/opt/cloud/bin/cs_firewallrules.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cs_firewallrules.py
rename to systemvm/debian/opt/cloud/bin/cs_firewallrules.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs_forwardingrules.py b/systemvm/debian/opt/cloud/bin/cs_forwardingrules.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cs_forwardingrules.py
rename to systemvm/debian/opt/cloud/bin/cs_forwardingrules.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs_guestnetwork.py b/systemvm/debian/opt/cloud/bin/cs_guestnetwork.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cs_guestnetwork.py
rename to systemvm/debian/opt/cloud/bin/cs_guestnetwork.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs_ip.py b/systemvm/debian/opt/cloud/bin/cs_ip.py
similarity index 92%
rename from systemvm/patches/debian/opt/cloud/bin/cs_ip.py
rename to systemvm/debian/opt/cloud/bin/cs_ip.py
index f83bf29..1e7b326 100755
--- a/systemvm/patches/debian/opt/cloud/bin/cs_ip.py
+++ b/systemvm/debian/opt/cloud/bin/cs_ip.py
@@ -18,6 +18,7 @@
from netaddr import *
+
def merge(dbag, ip):
nic_dev_id = None
for dev in dbag:
@@ -31,7 +32,7 @@ def merge(dbag, ip):
ipo = IPNetwork(ip['public_ip'] + '/' + ip['netmask'])
if 'nic_dev_id' in ip:
- nic_dev_id = ip['nic_dev_id']
+ nic_dev_id = ip['nic_dev_id']
ip['device'] = 'eth' + str(nic_dev_id)
ip['broadcast'] = str(ipo.broadcast)
ip['cidr'] = str(ipo.ip) + '/' + str(ipo.prefixlen)
@@ -45,7 +46,7 @@ def merge(dbag, ip):
dbag[ip['device']] = [ip]
else:
if 'source_nat' in ip and ip['source_nat'] and ip['device'] in dbag and len(dbag[ip['device']]) > 0:
- dbag[ip['device']].insert(0, ip) # make sure the source_nat ip is first (primary) on the device
+ dbag[ip['device']].insert(0, ip) # Make sure the source_nat ip is first (primary) on the device
else:
dbag.setdefault(ip['device'], []).append(ip)
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs_loadbalancer.py b/systemvm/debian/opt/cloud/bin/cs_loadbalancer.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cs_loadbalancer.py
rename to systemvm/debian/opt/cloud/bin/cs_loadbalancer.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs_monitorservice.py b/systemvm/debian/opt/cloud/bin/cs_monitorservice.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cs_monitorservice.py
rename to systemvm/debian/opt/cloud/bin/cs_monitorservice.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs_network_acl.py b/systemvm/debian/opt/cloud/bin/cs_network_acl.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cs_network_acl.py
rename to systemvm/debian/opt/cloud/bin/cs_network_acl.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs_remoteaccessvpn.py b/systemvm/debian/opt/cloud/bin/cs_remoteaccessvpn.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cs_remoteaccessvpn.py
rename to systemvm/debian/opt/cloud/bin/cs_remoteaccessvpn.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs_site2sitevpn.py b/systemvm/debian/opt/cloud/bin/cs_site2sitevpn.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cs_site2sitevpn.py
rename to systemvm/debian/opt/cloud/bin/cs_site2sitevpn.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs_staticroutes.py b/systemvm/debian/opt/cloud/bin/cs_staticroutes.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cs_staticroutes.py
rename to systemvm/debian/opt/cloud/bin/cs_staticroutes.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs_vmdata.py b/systemvm/debian/opt/cloud/bin/cs_vmdata.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/cs_vmdata.py
rename to systemvm/debian/opt/cloud/bin/cs_vmdata.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs_vmp.py b/systemvm/debian/opt/cloud/bin/cs_vmp.py
similarity index 99%
rename from systemvm/patches/debian/opt/cloud/bin/cs_vmp.py
rename to systemvm/debian/opt/cloud/bin/cs_vmp.py
index 7873fe8..d0169f7 100755
--- a/systemvm/patches/debian/opt/cloud/bin/cs_vmp.py
+++ b/systemvm/debian/opt/cloud/bin/cs_vmp.py
@@ -18,6 +18,7 @@
from pprint import pprint
from netaddr import *
+
def merge(dbag, data):
"""
create a dictionary of values new in data ignoring those in dbag and return it
diff --git a/systemvm/patches/debian/opt/cloud/bin/cs_vpnusers.py b/systemvm/debian/opt/cloud/bin/cs_vpnusers.py
similarity index 96%
rename from systemvm/patches/debian/opt/cloud/bin/cs_vpnusers.py
rename to systemvm/debian/opt/cloud/bin/cs_vpnusers.py
index 316fabc..8dc4548 100755
--- a/systemvm/patches/debian/opt/cloud/bin/cs_vpnusers.py
+++ b/systemvm/debian/opt/cloud/bin/cs_vpnusers.py
@@ -38,8 +38,8 @@ def merge(dbag, data):
del(dbagc[user])
for user in data['vpn_users']:
- username=user['user']
- add=user['add']
+ username = user['user']
+ add = user['add']
if username not in dbagc.keys():
dbagc[username] = user
elif username in dbagc.keys() and not add:
diff --git a/systemvm/patches/debian/opt/cloud/bin/dnsmasq.sh b/systemvm/debian/opt/cloud/bin/dnsmasq.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/dnsmasq.sh
rename to systemvm/debian/opt/cloud/bin/dnsmasq.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/edithosts.sh b/systemvm/debian/opt/cloud/bin/edithosts.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/edithosts.sh
rename to systemvm/debian/opt/cloud/bin/edithosts.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/getRouterAlerts.sh b/systemvm/debian/opt/cloud/bin/getRouterAlerts.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/getRouterAlerts.sh
rename to systemvm/debian/opt/cloud/bin/getRouterAlerts.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/get_template_version.sh b/systemvm/debian/opt/cloud/bin/get_template_version.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/get_template_version.sh
rename to systemvm/debian/opt/cloud/bin/get_template_version.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/ilb.sh b/systemvm/debian/opt/cloud/bin/ilb.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/ilb.sh
rename to systemvm/debian/opt/cloud/bin/ilb.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/ipassoc.sh b/systemvm/debian/opt/cloud/bin/ipassoc.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/ipassoc.sh
rename to systemvm/debian/opt/cloud/bin/ipassoc.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/ipsectunnel.sh b/systemvm/debian/opt/cloud/bin/ipsectunnel.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/ipsectunnel.sh
rename to systemvm/debian/opt/cloud/bin/ipsectunnel.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/line_edit.py b/systemvm/debian/opt/cloud/bin/line_edit.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/line_edit.py
rename to systemvm/debian/opt/cloud/bin/line_edit.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/loadbalancer.sh b/systemvm/debian/opt/cloud/bin/loadbalancer.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/loadbalancer.sh
rename to systemvm/debian/opt/cloud/bin/loadbalancer.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/master.py b/systemvm/debian/opt/cloud/bin/master.py
similarity index 95%
rename from systemvm/patches/debian/opt/cloud/bin/master.py
rename to systemvm/debian/opt/cloud/bin/master.py
index 3d1dcd7..26de8b9 100755
--- a/systemvm/patches/debian/opt/cloud/bin/master.py
+++ b/systemvm/debian/opt/cloud/bin/master.py
@@ -42,7 +42,7 @@ logging.basicConfig(filename=config.get_logger(),
format=config.get_format())
config.cmdline()
cl = CsCmdLine("cmdline", config)
-#Update the configuration to set state as backup and let keepalived decide who the real Master is!
+# Update the configuration to set state as backup and let keepalived decide who the real Master is!
cl.set_master_state(False)
cl.save()
diff --git a/systemvm/patches/debian/opt/cloud/bin/merge.py b/systemvm/debian/opt/cloud/bin/merge.py
similarity index 98%
rename from systemvm/patches/debian/opt/cloud/bin/merge.py
rename to systemvm/debian/opt/cloud/bin/merge.py
index ef20d0b..0aaa340 100755
--- a/systemvm/patches/debian/opt/cloud/bin/merge.py
+++ b/systemvm/debian/opt/cloud/bin/merge.py
@@ -271,6 +271,7 @@ class updateDataBag:
dbag = cs_ip.merge(dbag, ip)
return dbag
+
class QueueFile:
fileName = ''
@@ -284,15 +285,15 @@ class QueueFile:
self.type = self.data["type"]
updateDataBag(self)
return
- filename = '{cache_location}/{json_file}'.format(cache_location = self.configCache, json_file = self.fileName)
+ filename = '{cache_location}/{json_file}'.format(cache_location=self.configCache, json_file=self.fileName)
try:
handle = open(filename)
except IOError as exception:
- error_message = ("Exception occurred with the following exception error '{error}'. Could not open '{file}'. "
- "It seems that the file has already been moved.".format(error = exception, file = filename))
+ error_message = ("Exception occurred with the following exception error '{error}'. Could not open '{filename}'. "
+ "It seems that the file has already been moved.".format(error=exception, filename=filename))
logging.error(error_message)
else:
- logging.info("Continuing with the processing of file '{file}'".format(file = filename))
+ logging.info("Continuing with the processing of file '{filename}'".format(filename=filename))
self.data = json.load(handle)
self.type = self.data["type"]
@@ -331,7 +332,6 @@ class QueueFile:
class PrivateGatewayHack:
-
@classmethod
def update_network_type_for_privategateway(cls, dbag, data):
ip = data['router_guest_ip'] if 'router_guest_ip' in data.keys() else data['public_ip']
@@ -347,12 +347,10 @@ class PrivateGatewayHack:
logging.debug("Not updating nw_type for ip %s because has_private_gw_ip = %s and private_gw_matches = %s " % (ip, has_private_gw_ip, private_gw_matches))
return data
-
@classmethod
def if_config_has_privategateway(cls, dbag):
return 'privategateway' in dbag['config'].keys() and dbag['config']['privategateway'] != "None"
-
@classmethod
def ip_matches_private_gateway_ip(cls, ip, private_gateway_ip):
new_ip_matches_private_gateway_ip = False
@@ -360,7 +358,6 @@ class PrivateGatewayHack:
new_ip_matches_private_gateway_ip = True
return new_ip_matches_private_gateway_ip
-
@classmethod
def load_inital_data(cls):
initial_data_bag = DataBag()
diff --git a/systemvm/patches/debian/opt/cloud/bin/monitor_service.sh b/systemvm/debian/opt/cloud/bin/monitor_service.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/monitor_service.sh
rename to systemvm/debian/opt/cloud/bin/monitor_service.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/netusage.sh b/systemvm/debian/opt/cloud/bin/netusage.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/netusage.sh
rename to systemvm/debian/opt/cloud/bin/netusage.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/passwd_server b/systemvm/debian/opt/cloud/bin/passwd_server
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/passwd_server
rename to systemvm/debian/opt/cloud/bin/passwd_server
diff --git a/systemvm/patches/debian/opt/cloud/bin/passwd_server_ip b/systemvm/debian/opt/cloud/bin/passwd_server_ip
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/passwd_server_ip
rename to systemvm/debian/opt/cloud/bin/passwd_server_ip
diff --git a/systemvm/patches/debian/opt/cloud/bin/passwd_server_ip.py b/systemvm/debian/opt/cloud/bin/passwd_server_ip.py
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/passwd_server_ip.py
rename to systemvm/debian/opt/cloud/bin/passwd_server_ip.py
diff --git a/systemvm/patches/debian/opt/cloud/bin/prepare_pxe.sh b/systemvm/debian/opt/cloud/bin/prepare_pxe.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/prepare_pxe.sh
rename to systemvm/debian/opt/cloud/bin/prepare_pxe.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/savepassword.sh b/systemvm/debian/opt/cloud/bin/savepassword.sh
similarity index 100%
copy from systemvm/patches/debian/opt/cloud/bin/savepassword.sh
copy to systemvm/debian/opt/cloud/bin/savepassword.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/set_redundant.py b/systemvm/debian/opt/cloud/bin/set_redundant.py
similarity index 91%
rename from systemvm/patches/debian/opt/cloud/bin/set_redundant.py
rename to systemvm/debian/opt/cloud/bin/set_redundant.py
index 7a8dad0..4d3ca24 100755
--- a/systemvm/patches/debian/opt/cloud/bin/set_redundant.py
+++ b/systemvm/debian/opt/cloud/bin/set_redundant.py
@@ -37,11 +37,10 @@ config = CsConfig()
logging.basicConfig(filename=config.get_logger(),
level=config.get_level(),
format=config.get_format())
-config.set_cl()
if options.enable:
- config.get_cmdline().set_redundant("true")
+ config.cmdline().set_redundant("true")
if options.disable:
- config.get_cmdline().set_redundant("false")
+ config.cmdline().set_redundant("false")
-config.get_cmdline().save()
+config.cmdline().save()
diff --git a/systemvm/patches/debian/etc/init.d/cloud-early-config b/systemvm/debian/opt/cloud/bin/setup/cloud-early-config
similarity index 80%
rename from systemvm/patches/debian/etc/init.d/cloud-early-config
rename to systemvm/debian/opt/cloud/bin/setup/cloud-early-config
index 9964f90..cec2d3c 100755
--- a/systemvm/patches/debian/etc/init.d/cloud-early-config
+++ b/systemvm/debian/opt/cloud/bin/setup/cloud-early-config
@@ -1,12 +1,4 @@
#!/bin/bash
-### BEGIN INIT INFO
-# Provides: cloud-early-config
-# Required-Start: $local_fs
-# Required-Stop: $local_fs
-# Default-Start: S
-# Default-Stop: 0 6
-# Short-Description: configures systemvm using cmdline
-### END INIT INFO
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
@@ -30,6 +22,7 @@ PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin"
CMDLINE=/var/cache/cloud/cmdline
# Clear boot up flag, it would be created by rc.local after boot up done
+mkdir -p /var/cache/cloud
rm -f /var/cache/cloud/boot_up_done
[ -x /sbin/ifup ] || exit 0
@@ -62,12 +55,6 @@ config_guest() {
# Configure hot-plug
modprobe acpiphp || true
modprobe pci_hotplug || true
- # Configure serial console FIXME: remove during build we enable it?
- #sed -i -e "/^serial.*/d" /boot/grub/grub.conf
- #sed -i -e "/^terminal.*/d" /boot/grub/grub.conf
- #sed -i -e "/^default.*/a\serial --unit=0 --speed=115200 --parity=no --stop=1" /boot/grub/grub.conf
- #sed -i -e "/^serial.*/a\terminal --timeout=0 serial console" /boot/grub/grub.conf
- #sed -i -e "s/\(^kernel.* ro\) \(console.*\)/\1 console=tty0 console=ttyS0,115200n8/" /boot/grub/grub.conf
sed -i -e "/^s0:2345:respawn.*/d" /etc/inittab
sed -i -e "/6:23:respawn/a\s0:2345:respawn:/sbin/getty -L 115200 ttyS0 vt102" /etc/inittab
fi
@@ -192,10 +179,10 @@ patch() {
tar xzf $patchfile -C /
echo ${newmd5} > ${md5file}
log_it "Patched scripts using $patchfile"
- fi
- log_it "Patching cloud service"
- /opt/cloud/bin/setup/patchsystemvm.sh $PATCH_MOUNT $TYPE
+ log_it "Patching cloud service"
+ /opt/cloud/bin/setup/patchsystemvm.sh $PATCH_MOUNT $TYPE
+ fi
[ -f $privkey ] && cp -f $privkey /root/.ssh/ && chmod go-rwx /root/.ssh/authorized_keys
umount $PATCH_MOUNT
@@ -209,6 +196,8 @@ patch() {
}
start() {
+ log_it "Executing cloud-early-config"
+
# Clear /tmp for file lock
rm -f /tmp/*.lock
rm -f /tmp/rrouter_bumped
@@ -236,41 +225,7 @@ start() {
log_it "Finished setting up systemvm"
- return 0
+ exit 0
}
-case "$1" in
- start)
- log_action_begin_msg "Executing cloud-early-config"
- log_it "Executing cloud-early-config"
- if start; then
- log_action_end_msg $?
- else
- log_action_end_msg $?
- fi
- ;;
-
- stop)
- log_action_begin_msg "Stopping cloud-early-config"
- #Override old system's interface setting
- setup_default;
- log_action_end_msg 0
- ;;
-
- force-reload|restart)
- log_warning_msg "Running $0 is deprecated because it may not enable again some interfaces"
- log_action_begin_msg "Executing cloud-early-config"
- if start; then
- log_action_end_msg $?
- else
- log_action_end_msg $?
- fi
- ;;
-
- *)
- echo "Usage: /etc/init.d/cloud-early-config {start|stop}"
- exit 1
- ;;
-esac
-
-exit 0
+start
diff --git a/systemvm/patches/debian/opt/cloud/bin/setup/common.sh b/systemvm/debian/opt/cloud/bin/setup/common.sh
similarity index 98%
rename from systemvm/patches/debian/opt/cloud/bin/setup/common.sh
rename to systemvm/debian/opt/cloud/bin/setup/common.sh
index e476745..e6a4417 100755
--- a/systemvm/patches/debian/opt/cloud/bin/setup/common.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/common.sh
@@ -471,7 +471,6 @@ setup_sshd(){
local eth=$2
[ -f /etc/ssh/sshd_config ] && sed -i -e "s/^[#]*ListenAddress.*$/ListenAddress $ip/" /etc/ssh/sshd_config
sed -i "/3922/s/eth./$eth/" /etc/iptables/rules.v4
- sed -i "/3922/s/eth./$eth/" /etc/iptables/rules
}
setup_vpc_apache2() {
@@ -596,18 +595,16 @@ routing_svcs() {
echo "cloud nfs-common portmap" > /var/cache/cloud/disabled_svcs
if [ $RROUTER -eq 1 ]
then
- systemctl disable --now cloud-passwd-srvr
systemctl disable --now dnsmasq
systemctl enable conntrackd
systemctl enable keepalived
echo "keepalived conntrackd" >> /var/cache/cloud/enabled_svcs
- echo "dnsmasq cloud-passwd-srvr" >> /var/cache/cloud/disabled_svcs
+ echo "dnsmasq" >> /var/cache/cloud/disabled_svcs
else
systemctl disable --now conntrackd
systemctl disable --now keepalived
- systemctl enable cloud-passwd-srvr
systemctl enable dnsmasq
- echo "dnsmasq cloud-passwd-srvr " >> /var/cache/cloud/enabled_svcs
+ echo "dnsmasq" >> /var/cache/cloud/enabled_svcs
echo "keepalived conntrackd " >> /var/cache/cloud/disabled_svcs
fi
}
@@ -636,6 +633,7 @@ setup_redundant_router() {
then
sed -i "s/advert_int 1/advert_int $ADVERT_INT/g" /etc/keepalived/keepalived.conf
fi
+ chmod -x /etc/keepalived/keepalived.conf
# Seed conntrackd
cp /opt/cloud/templates/conntrackd.conf.templ /etc/conntrackd/conntrackd.conf
diff --git a/systemvm/patches/debian/opt/cloud/bin/setup/consoleproxy.sh b/systemvm/debian/opt/cloud/bin/setup/consoleproxy.sh
similarity index 91%
rename from systemvm/patches/debian/opt/cloud/bin/setup/consoleproxy.sh
rename to systemvm/debian/opt/cloud/bin/setup/consoleproxy.sh
index 36c1fa4..a3b2797 100755
--- a/systemvm/patches/debian/opt/cloud/bin/setup/consoleproxy.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/consoleproxy.sh
@@ -20,7 +20,7 @@
consoleproxy_svcs() {
echo "cloud ssh" > /var/cache/cloud/enabled_svcs
- echo "cloud-passwd-srvr haproxy dnsmasq apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
+ echo "haproxy dnsmasq apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
mkdir -p /var/log/cloud
}
@@ -36,7 +36,6 @@ setup_console_proxy() {
log_it "Applying iptables rules"
cp /etc/iptables/iptables-consoleproxy /etc/iptables/rules.v4
- cp /etc/iptables/iptables-consoleproxy /etc/iptables/rules
log_it "Configuring sshd"
local hyp=$HYPERVISOR
diff --git a/systemvm/patches/debian/opt/cloud/bin/setup/default.sh b/systemvm/debian/opt/cloud/bin/setup/default.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/setup/default.sh
rename to systemvm/debian/opt/cloud/bin/setup/default.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/setup/dhcpsrvr.sh b/systemvm/debian/opt/cloud/bin/setup/dhcpsrvr.sh
similarity index 80%
rename from systemvm/patches/debian/opt/cloud/bin/setup/dhcpsrvr.sh
rename to systemvm/debian/opt/cloud/bin/setup/dhcpsrvr.sh
index 1e28ab4..467bb56 100755
--- a/systemvm/patches/debian/opt/cloud/bin/setup/dhcpsrvr.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/dhcpsrvr.sh
@@ -19,7 +19,7 @@
. /opt/cloud/bin/setup/common.sh
dhcpsrvr_svcs() {
- echo "ssh dnsmasq cloud-passwd-srvr apache2" > /var/cache/cloud/enabled_svcs
+ echo "ssh dnsmasq apache2" > /var/cache/cloud/enabled_svcs
echo "cloud nfs-common conntrackd keepalived haproxy portmap" > /var/cache/cloud/disabled_svcs
}
@@ -37,13 +37,10 @@ setup_dhcpsrvr() {
enable_fwding 0
cp /etc/iptables/iptables-router /etc/iptables/rules.v4
- cp /etc/iptables/iptables-router /etc/iptables/rules
#Only allow DNS service for current network
sed -i "s/-A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p udp -m udp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules.v4
- sed -i "s/-A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p udp -m udp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules
sed -i "s/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules.v4
- sed -i "s/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules
if [ "$SSHONGUEST" == "true" ]
then
diff --git a/systemvm/patches/debian/opt/cloud/bin/setup/elbvm.sh b/systemvm/debian/opt/cloud/bin/setup/elbvm.sh
similarity index 89%
rename from systemvm/patches/debian/opt/cloud/bin/setup/elbvm.sh
rename to systemvm/debian/opt/cloud/bin/setup/elbvm.sh
index 23a2607..600fb0d 100755
--- a/systemvm/patches/debian/opt/cloud/bin/setup/elbvm.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/elbvm.sh
@@ -20,7 +20,7 @@
elbvm_svcs() {
echo "ssh haproxy" > /var/cache/cloud/enabled_svcs
- echo "cloud dnsmasq conntrackd keepalived cloud-passwd-srvr apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
+ echo "cloud dnsmasq conntrackd keepalived apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
}
setup_elbvm() {
@@ -32,7 +32,6 @@ setup_elbvm() {
echo "$public_ip $NAME" >> /etc/hosts
cp /etc/iptables/iptables-elbvm /etc/iptables/rules.v4
- cp /etc/iptables/iptables-elbvm /etc/iptables/rules
if [ "$SSHONGUEST" == "true" ]
then
setup_sshd $ETH0_IP "eth0"
diff --git a/systemvm/patches/debian/opt/cloud/bin/setup/ilbvm.sh b/systemvm/debian/opt/cloud/bin/setup/ilbvm.sh
similarity index 88%
rename from systemvm/patches/debian/opt/cloud/bin/setup/ilbvm.sh
rename to systemvm/debian/opt/cloud/bin/setup/ilbvm.sh
index 4cd599f..58a711c 100755
--- a/systemvm/patches/debian/opt/cloud/bin/setup/ilbvm.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/ilbvm.sh
@@ -20,7 +20,7 @@
ilbvm_svcs() {
echo "ssh haproxy" > /var/cache/cloud/enabled_svcs
- echo "cloud dnsmasq conntrackd keepalived cloud-passwd-srvr apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
+ echo "cloud dnsmasq conntrackd keepalived apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
}
setup_ilbvm() {
@@ -32,7 +32,6 @@ setup_ilbvm() {
echo "$ETH0_IP $NAME" >> /etc/hosts
cp /etc/iptables/iptables-ilbvm /etc/iptables/rules.v4
- cp /etc/iptables/iptables-ilbvm /etc/iptables/rules
setup_sshd $ETH1_IP "eth1"
enable_fwding 0
diff --git a/systemvm/patches/debian/opt/cloud/bin/setup/patchsystemvm.sh b/systemvm/debian/opt/cloud/bin/setup/patchsystemvm.sh
similarity index 99%
rename from systemvm/patches/debian/opt/cloud/bin/setup/patchsystemvm.sh
rename to systemvm/debian/opt/cloud/bin/setup/patchsystemvm.sh
index d09cc03..8642945 100755
--- a/systemvm/patches/debian/opt/cloud/bin/setup/patchsystemvm.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/patchsystemvm.sh
@@ -1,4 +1,4 @@
-#/bin/bash
+#!/bin/bash
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
diff --git a/systemvm/patches/debian/opt/cloud/bin/savepassword.sh b/systemvm/debian/opt/cloud/bin/setup/postinit.sh
similarity index 53%
rename from systemvm/patches/debian/opt/cloud/bin/savepassword.sh
rename to systemvm/debian/opt/cloud/bin/setup/postinit.sh
index 079b26f..efd1b4b 100755
--- a/systemvm/patches/debian/opt/cloud/bin/savepassword.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/postinit.sh
@@ -16,31 +16,36 @@
# specific language governing permissions and limitations
# under the License.
-# Usage
-# save_password -v <user VM IP> -p <password>
+# This scripts before ssh.service but after cloud-early-config
-while getopts 'v:p:' OPTION
-do
- case $OPTION in
- v) VM_IP="$OPTARG"
+CMDLINE=/var/cache/cloud/cmdline
+for str in $(cat $CMDLINE)
+ do
+ KEY=$(echo $str | cut -d= -f1)
+ VALUE=$(echo $str | cut -d= -f2)
+ case $KEY in
+ type)
+ export TYPE=$VALUE
;;
- p) PASSWORD="$OPTARG"
+ *)
;;
- ?) echo "Incorrect usage"
- ;;
- esac
+ esac
done
-TOKEN_FILE="/tmp/passwdsrvrtoken"
-TOKEN=""
-if [ -f $TOKEN_FILE ]; then
- TOKEN=$(cat $TOKEN_FILE)
+
+chmod -x /etc/systemd/system/cloud*.service
+systemctl daemon-reload
+
+if [ "$TYPE" == "router" ] || [ "$TYPE" == "vpcrouter" ] || [ "$TYPE" == "dhcpsrvr" ]
+then
+ if [ -x /opt/cloud/bin/update_config.py ]
+ then
+ /opt/cloud/bin/update_config.py cmd_line.json
+ logger -t cloud "Updated config: cmd_line.json"
+ fi
fi
-ps aux | grep passwd_server_ip.py |grep -v grep 2>&1 > /dev/null
-if [ $? -eq 0 ]
+
+if [ "$TYPE" == "router" ]
then
- ips=$(ip addr show | grep inet | awk '{print $2}')
- for ip in $ips; do
- server_ip=$(echo $ip | awk -F'/' '{print $1}')
- curl --header "DomU_Request: save_password" "http://$server_ip:8080/" -F "ip=$VM_IP" -F "password=$PASSWORD" -F "token=$TOKEN" >/dev/null 2>/dev/null &
- done
+ python /opt/cloud/bin/baremetal-vr.py &
+ logger -t cloud "Started baremetal-vr service"
fi
diff --git a/systemvm/patches/debian/opt/cloud/bin/setup/router.sh b/systemvm/debian/opt/cloud/bin/setup/router.sh
similarity index 88%
rename from systemvm/patches/debian/opt/cloud/bin/setup/router.sh
rename to systemvm/debian/opt/cloud/bin/setup/router.sh
index d9fadfe..3bd4224 100755
--- a/systemvm/patches/debian/opt/cloud/bin/setup/router.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/router.sh
@@ -83,15 +83,11 @@ setup_router() {
enable_fwding 1
enable_rpsrfs 1
cp /etc/iptables/iptables-router /etc/iptables/rules.v4
- #for old templates
- cp /etc/iptables/iptables-router /etc/iptables/rules
setup_sshd $ETH1_IP "eth1"
#Only allow DNS service for current network
sed -i "s/-A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p udp -m udp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules.v4
- sed -i "s/-A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p udp -m udp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules
sed -i "s/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules.v4
- sed -i "s/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT/-A INPUT -i eth0 -p tcp -m tcp --dport 53 -s $DHCP_RANGE\/$CIDR_SIZE -j ACCEPT/g" /etc/iptables/rules
#setup hourly logrotate
mv -n /etc/cron.daily/logrotate /etc/cron.hourly 2>&1
diff --git a/systemvm/patches/debian/opt/cloud/bin/setup/secstorage.sh b/systemvm/debian/opt/cloud/bin/setup/secstorage.sh
similarity index 94%
rename from systemvm/patches/debian/opt/cloud/bin/setup/secstorage.sh
rename to systemvm/debian/opt/cloud/bin/setup/secstorage.sh
index 327353c..b890d77 100755
--- a/systemvm/patches/debian/opt/cloud/bin/setup/secstorage.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/secstorage.sh
@@ -20,7 +20,7 @@
secstorage_svcs() {
echo "apache2 cloud ssh nfs-common portmap" > /var/cache/cloud/enabled_svcs
- echo "cloud-passwd-srvr conntrackd keepalived haproxy dnsmasq" > /var/cache/cloud/disabled_svcs
+ echo "conntrackd keepalived haproxy dnsmasq" > /var/cache/cloud/disabled_svcs
mkdir -p /var/log/cloud
}
@@ -39,7 +39,6 @@ setup_secstorage() {
log_it "Applying iptables rules"
cp /etc/iptables/iptables-secstorage /etc/iptables/rules.v4
- cp /etc/iptables/iptables-secstorage /etc/iptables/rules
log_it "Configuring sshd"
local hyp=$HYPERVISOR
diff --git a/systemvm/patches/debian/opt/cloud/bin/setup/vpcrouter.sh b/systemvm/debian/opt/cloud/bin/setup/vpcrouter.sh
similarity index 98%
rename from systemvm/patches/debian/opt/cloud/bin/setup/vpcrouter.sh
rename to systemvm/debian/opt/cloud/bin/setup/vpcrouter.sh
index bd1181f..5ed09c7 100755
--- a/systemvm/patches/debian/opt/cloud/bin/setup/vpcrouter.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/vpcrouter.sh
@@ -93,7 +93,6 @@ EOF
disable_rpfilter
enable_fwding 1
cp /etc/iptables/iptables-vpcrouter /etc/iptables/rules.v4
- cp /etc/iptables/iptables-vpcrouter /etc/iptables/rules
setup_sshd $ETH0_IP "eth0"
cp /etc/vpcdnsmasq.conf /etc/dnsmasq.conf
cp /etc/cloud-nic.rules /etc/udev/rules.d/cloud-nic.rules
diff --git a/systemvm/patches/debian/opt/cloud/bin/update_config.py b/systemvm/debian/opt/cloud/bin/update_config.py
similarity index 92%
rename from systemvm/patches/debian/opt/cloud/bin/update_config.py
rename to systemvm/debian/opt/cloud/bin/update_config.py
index e36980a..a603f47 100755
--- a/systemvm/patches/debian/opt/cloud/bin/update_config.py
+++ b/systemvm/debian/opt/cloud/bin/update_config.py
@@ -26,8 +26,6 @@ import os.path
import configure
import json
-OCCURRENCES = 1
-
logging.basicConfig(filename='/var/log/cloud.log', level=logging.INFO, format='%(asctime)s %(filename)s %(funcName)s:%(lineno)d %(message)s')
# first commandline argument should be the file to process
@@ -37,10 +35,10 @@ if (len(sys.argv) != 2):
# FIXME we should get this location from a configuration class
jsonPath = "/var/cache/cloud/%s"
-jsonCmdConfigPath = jsonPath % sys.argv[1]
+jsonFilename = sys.argv[1]
+jsonConfigFile = jsonPath % jsonFilename
currentGuestNetConfig = "/etc/cloudstack/guestnetwork.json"
-
# If the command line json file is unprocessed process it
# This is important or, the control interfaces will get deleted!
if os.path.isfile(jsonPath % "cmd_line.json"):
@@ -82,7 +80,7 @@ def is_guestnet_configured(guestnet_dict, keys):
print "[WARN] update_config.py :: Reconfiguring guest network..."
return False
- file = open(jsonCmdConfigPath)
+ file = open(jsonConfigFile)
new_guestnet_dict = json.load(file)
if not new_guestnet_dict['add']:
@@ -121,13 +119,13 @@ def is_guestnet_configured(guestnet_dict, keys):
return exists
-filename = jsonCmdConfigPath
-if not (os.path.isfile(filename) and os.access(filename, os.R_OK)):
- print "[ERROR] update_config.py :: You are telling me to process %s, but i can't access it" % jsonCmdConfigPath
+
+if not (os.path.isfile(jsonConfigFile) and os.access(jsonConfigFile, os.R_OK)):
+ print "[ERROR] update_config.py :: Unable to read and access %s to process it" % jsonConfigFile
sys.exit(1)
# If the guest network is already configured and have the same IP, do not try to configure it again otherwise it will break
-if sys.argv[1] and sys.argv[1].count("guest_network.json") == OCCURRENCES:
+if jsonFilename.startswith("guest_network.json"):
if os.path.isfile(currentGuestNetConfig):
file = open(currentGuestNetConfig)
guestnet_dict = json.load(file)
diff --git a/systemvm/patches/debian/opt/cloud/bin/vmdata.py b/systemvm/debian/opt/cloud/bin/vmdata.py
similarity index 99%
rename from systemvm/patches/debian/opt/cloud/bin/vmdata.py
rename to systemvm/debian/opt/cloud/bin/vmdata.py
index b9127a1..65f5278 100755
--- a/systemvm/patches/debian/opt/cloud/bin/vmdata.py
+++ b/systemvm/debian/opt/cloud/bin/vmdata.py
@@ -159,7 +159,7 @@ def exflock(file):
def unflock(file):
try:
flock(file, LOCK_UN)
- except IOError:
+ except IOError as e:
print "failed to unlock file" + file.name + " due to : " + e.strerror
sys.exit(1)
return True
diff --git a/systemvm/patches/debian/opt/cloud/bin/vpc_func.sh b/systemvm/debian/opt/cloud/bin/vpc_func.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/vpc_func.sh
rename to systemvm/debian/opt/cloud/bin/vpc_func.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/vpc_netusage.sh b/systemvm/debian/opt/cloud/bin/vpc_netusage.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/vpc_netusage.sh
rename to systemvm/debian/opt/cloud/bin/vpc_netusage.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/vpc_passwd_server b/systemvm/debian/opt/cloud/bin/vpc_passwd_server
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/vpc_passwd_server
rename to systemvm/debian/opt/cloud/bin/vpc_passwd_server
diff --git a/systemvm/patches/debian/opt/cloud/bin/vpc_snat.sh b/systemvm/debian/opt/cloud/bin/vpc_snat.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/vpc_snat.sh
rename to systemvm/debian/opt/cloud/bin/vpc_snat.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/vpc_staticroute.sh b/systemvm/debian/opt/cloud/bin/vpc_staticroute.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/vpc_staticroute.sh
rename to systemvm/debian/opt/cloud/bin/vpc_staticroute.sh
diff --git a/systemvm/patches/vpn/opt/cloud/bin/vpn_l2tp.sh b/systemvm/debian/opt/cloud/bin/vpn_l2tp.sh
similarity index 100%
rename from systemvm/patches/vpn/opt/cloud/bin/vpn_l2tp.sh
rename to systemvm/debian/opt/cloud/bin/vpn_l2tp.sh
diff --git a/systemvm/patches/debian/opt/cloud/bin/vr_cfg.sh b/systemvm/debian/opt/cloud/bin/vr_cfg.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/bin/vr_cfg.sh
rename to systemvm/debian/opt/cloud/bin/vr_cfg.sh
diff --git a/systemvm/patches/debian/opt/cloud/templates/README b/systemvm/debian/opt/cloud/templates/README
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/templates/README
rename to systemvm/debian/opt/cloud/templates/README
diff --git a/systemvm/patches/debian/opt/cloud/templates/arping_gateways.sh.templ b/systemvm/debian/opt/cloud/templates/arping_gateways.sh.templ
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/templates/arping_gateways.sh.templ
rename to systemvm/debian/opt/cloud/templates/arping_gateways.sh.templ
diff --git a/systemvm/patches/debian/opt/cloud/templates/check_bumpup.sh b/systemvm/debian/opt/cloud/templates/check_bumpup.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/templates/check_bumpup.sh
rename to systemvm/debian/opt/cloud/templates/check_bumpup.sh
diff --git a/systemvm/patches/debian/opt/cloud/templates/check_heartbeat.sh.templ b/systemvm/debian/opt/cloud/templates/check_heartbeat.sh.templ
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/templates/check_heartbeat.sh.templ
rename to systemvm/debian/opt/cloud/templates/check_heartbeat.sh.templ
diff --git a/systemvm/patches/debian/opt/cloud/templates/checkrouter.sh.templ b/systemvm/debian/opt/cloud/templates/checkrouter.sh.templ
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/templates/checkrouter.sh.templ
rename to systemvm/debian/opt/cloud/templates/checkrouter.sh.templ
diff --git a/systemvm/debian/opt/cloud/templates/conntrackd.conf.templ b/systemvm/debian/opt/cloud/templates/conntrackd.conf.templ
new file mode 100644
index 0000000..9443db2
--- /dev/null
+++ b/systemvm/debian/opt/cloud/templates/conntrackd.conf.templ
@@ -0,0 +1,419 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# Synchronizer settings
+#
+Sync {
+ Mode FTFW {
+ #
+ # Size of the resend queue (in objects). This is the maximum
+ # number of objects that can be stored waiting to be confirmed
+ # via acknoledgment. If you keep this value low, the daemon
+ # will have less chances to recover state-changes under message
+ # omission. On the other hand, if you keep this value high,
+ # the daemon will consume more memory to store dead objects.
+ # Default is 131072 objects.
+ #
+ # ResendQueueSize 131072
+
+ #
+ # This parameter allows you to set an initial fixed timeout
+ # for the committed entries when this node goes from backup
+ # to primary. This mechanism provides a way to purge entries
+ # that were not recovered appropriately after the specified
+ # fixed timeout. If you set a low value, TCP entries in
+ # Established states with no traffic may hang. For example,
+ # an SSH connection without KeepAlive enabled. If not set,
+ # the daemon uses an approximate timeout value calculation
+ # mechanism. By default, this option is not set.
+ #
+ # CommitTimeout 180
+
+ #
+ # If the firewall replica goes from primary to backup,
+ # the conntrackd -t command is invoked in the script.
+ # This command schedules a flush of the table in N seconds.
+ # This is useful to purge the connection tracking table of
+ # zombie entries and avoid clashes with old entries if you
+ # trigger several consecutive hand-overs. Default is 60 seconds.
+ #
+ # PurgeTimeout 60
+
+ # Set the acknowledgement window size. If you decrease this
+ # value, the number of acknowlegdments increases. More
+ # acknowledgments means more overhead as conntrackd has to
+ # handle more control messages. On the other hand, if you
+ # increase this value, the resend queue gets more populated.
+ # This results in more overhead in the queue releasing.
+ # The following value is based on some practical experiments
+ # measuring the cycles spent by the acknowledgment handling
+ # with oprofile. If not set, default window size is 300.
+ #
+ # ACKWindowSize 300
+
+ #
+ # This clause allows you to disable the external cache. Thus,
+ # the state entries are directly injected into the kernel
+ # conntrack table. As a result, you save memory in user-space
+ # but you consume slots in the kernel conntrack table for
+ # backup state entries. Moreover, disabling the external cache
+ # means more CPU consumption. You need a Linux kernel
+ # >= 2.6.29 to use this feature. By default, this clause is
+ # set off. If you are installing conntrackd for first time,
+ # please read the user manual and I encourage you to consider
+ # using the fail-over scripts instead of enabling this option!
+ #
+ # DisableExternalCache Off
+ }
+
+ #
+ # Multicast IP and interface where messages are
+ # broadcasted (dedicated link). IMPORTANT: Make sure
+ # that iptables accepts traffic for destination
+ # 225.0.0.50, eg:
+ #
+ # iptables -I INPUT -d 225.0.0.50 -j ACCEPT
+ # iptables -I OUTPUT -d 225.0.0.50 -j ACCEPT
+ #
+ Multicast {
+ #
+ # Multicast address: The address that you use as destination
+ # in the synchronization messages. You do not have to add
+ # this IP to any of your existing interfaces. If any doubt,
+ # do not modify this value.
+ #
+ IPv4_address 225.0.0.50
+
+ #
+ # The multicast group that identifies the cluster. If any
+ # doubt, do not modify this value.
+ #
+ Group 3780
+
+ #
+ # IP address of the interface that you are going to use to
+ # send the synchronization messages. Remember that you must
+ # use a dedicated link for the synchronization messages.
+ #
+ IPv4_interface [LINK_IP]
+
+ #
+ # The name of the interface that you are going to use to
+ # send the synchronization messages.
+ #
+ Interface [LINK_IF]
+
+ # The multicast sender uses a buffer to enqueue the packets
+ # that are going to be transmitted. The default size of this
+ # socket buffer is available at /proc/sys/net/core/wmem_default.
+ # This value determines the chances to have an overrun in the
+ # sender queue. The overrun results packet loss, thus, losing
+ # state information that would have to be retransmitted. If you
+ # notice some packet loss, you may want to increase the size
+ # of the sender buffer. The default size is usually around
+ # ~100 KBytes which is fairly small for busy firewalls.
+ #
+ SndSocketBuffer 1249280
+
+ # The multicast receiver uses a buffer to enqueue the packets
+ # that the socket is pending to handle. The default size of this
+ # socket buffer is available at /proc/sys/net/core/rmem_default.
+ # This value determines the chances to have an overrun in the
+ # receiver queue. The overrun results packet loss, thus, losing
+ # state information that would have to be retransmitted. If you
+ # notice some packet loss, you may want to increase the size of
+ # the receiver buffer. The default size is usually around
+ # ~100 KBytes which is fairly small for busy firewalls.
+ #
+ RcvSocketBuffer 1249280
+
+ #
+ # Enable/Disable message checksumming. This is a good
+ # property to achieve fault-tolerance. In case of doubt, do
+ # not modify this value.
+ #
+ Checksum on
+ }
+ #
+ # You can specify more than one dedicated link. Thus, if one dedicated
+ # link fails, conntrackd can fail-over to another. Note that adding
+ # more than one dedicated link does not mean that state-updates will
+ # be sent to all of them. There is only one active dedicated link at
+ # a given moment. The `Default' keyword indicates that this interface
+ # will be selected as the initial dedicated link. You can have
+ # up to 4 redundant dedicated links. Note: Use different multicast
+ # groups for every redundant link.
+ #
+ # Multicast Default {
+ # IPv4_address 225.0.0.51
+ # Group 3781
+ # IPv4_interface 192.168.100.101
+ # Interface eth3
+ # # SndSocketBuffer 1249280
+ # # RcvSocketBuffer 1249280
+ # Checksum on
+ # }
+
+ #
+ # You can use Unicast UDP instead of Multicast to propagate events.
+ # Note that you cannot use unicast UDP and Multicast at the same
+ # time, you can only select one.
+ #
+ # UDP {
+ #
+ # UDP address that this firewall uses to listen to events.
+ #
+ # IPv4_address 192.168.2.100
+ #
+ # or you may want to use an IPv6 address:
+ #
+ # IPv6_address fe80::215:58ff:fe28:5a27
+
+ #
+ # Destination UDP address that receives events, ie. the other
+ # firewall's dedicated link address.
+ #
+ # IPv4_Destination_Address 192.168.2.101
+ #
+ # or you may want to use an IPv6 address:
+ #
+ # IPv6_Destination_Address fe80::2d0:59ff:fe2a:775c
+
+ #
+ # UDP port used
+ #
+ # Port 3780
+
+ #
+ # The name of the interface that you are going to use to
+ # send the synchronization messages.
+ #
+ # Interface eth2
+
+ #
+ # The sender socket buffer size
+ #
+ # SndSocketBuffer 1249280
+
+ #
+ # The receiver socket buffer size
+ #
+ # RcvSocketBuffer 1249280
+
+ #
+ # Enable/Disable message checksumming.
+ #
+ # Checksum on
+ # }
+
+}
+
+#
+# General settings
+#
+General {
+ #
+ # Set the nice value of the daemon, this value goes from -20
+ # (most favorable scheduling) to 19 (least favorable). Using a
+ # very low value reduces the chances to lose state-change events.
+ # Default is 0 but this example file sets it to most favourable
+ # scheduling as this is generally a good idea. See man nice(1) for
+ # more information.
+ #
+ Nice -20
+
+ #
+ # Select a different scheduler for the daemon, you can select between
+ # RR and FIFO and the process priority (minimum is 0, maximum is 99).
+ # See man sched_setscheduler(2) for more information. Using a RT
+ # scheduler reduces the chances to overrun the Netlink buffer.
+ #
+ # Scheduler {
+ # Type FIFO
+ # Priority 99
+ # }
+
+ #
+ # Number of buckets in the cache hashtable. The bigger it is,
+ # the closer it gets to O(1) at the cost of consuming more memory.
+ # Read some documents about tuning hashtables for further reference.
+ #
+ HashSize 32768
+
+ #
+ # Maximum number of conntracks, it should be double of:
+ # $ cat /proc/sys/net/netfilter/nf_conntrack_max
+ # since the daemon may keep some dead entries cached for possible
+ # retransmission during state synchronization.
+ #
+ HashLimit 131072
+
+ LogFile on
+
+ #
+ # Syslog: on, off or a facility name (daemon (default) or local0..7)
+ # Default: off
+ #
+ Syslog on
+
+ #
+ # Lockfile
+ #
+ LockFile /var/lock/conntrackd.lock
+
+ #
+ # Unix socket configuration
+ #
+ UNIX {
+ Path /var/run/conntrackd.sock
+ Backlog 20
+ }
+
+ SocketBufferSize 2097152
+ SocketBufferSizeMaxGrown 8388608
+
+ #
+ # Netlink event socket buffer size. If you do not specify this clause,
+ # the default buffer size value in /proc/net/core/rmem_default is
+ # used. This default value is usually around 100 Kbytes which is
+ # fairly small for busy firewalls. This leads to event message dropping
+ # and high CPU consumption. This example configuration file sets the
+ # size to 2 MBytes to avoid this sort of problems.
+ #
+ NetlinkBufferSize 2097152
+
+ #
+ # The daemon doubles the size of the netlink event socket buffer size
+ # if it detects netlink event message dropping. This clause sets the
+ # maximum buffer size growth that can be reached. This example file
+ # sets the size to 8 MBytes.
+ #
+ NetlinkBufferSizeMaxGrowth 8388608
+
+ #
+ # If the daemon detects that Netlink is dropping state-change events,
+ # it automatically schedules a resynchronization against the Kernel
+ # after 30 seconds (default value). Resynchronizations are expensive
+ # in terms of CPU consumption since the daemon has to get the full
+ # kernel state-table and purge state-entries that do not exist anymore.
+ # Be careful of setting a very small value here. You have the following
+ # choices: On (enabled, use default 30 seconds value), Off (disabled)
+ # or Value (in seconds, to set a specific amount of time). If not
+ # specified, the daemon assumes that this option is enabled.
+ #
+ # NetlinkOverrunResync On
+
+ #
+ # If you want reliable event reporting over Netlink, set on this
+ # option. If you set on this clause, it is a good idea to set off
+ # NetlinkOverrunResync. This option is off by default and you need
+ # a Linux kernel >= 2.6.31.
+ #
+ # NetlinkEventsReliable Off
+
+ #
+ # By default, the daemon receives state updates following an
+ # event-driven model. You can modify this behaviour by switching to
+ # polling mode with the PollSecs clause. This clause tells conntrackd
+ # to dump the states in the kernel every N seconds. With regards to
+ # synchronization mode, the polling mode can only guarantee that
+ # long-lifetime states are recovered. The main advantage of this method
+ # is the reduction in the state replication at the cost of reducing the
+ # chances of recovering connections.
+ #
+ # PollSecs 15
+
+ #
+ # The daemon prioritizes the handling of state-change events coming
+ # from the core. With this clause, you can set the maximum number of
+ # state-change events (those coming from kernel-space) that the daemon
+ # will handle after which it will handle other events coming from the
+ # network or userspace. A low value improves interactivity (in terms of
+ # real-time behaviour) at the cost of extra CPU consumption.
+ # Default (if not set) is 100.
+ #
+ # EventIterationLimit 100
+
+ #
+ # Event filtering: This clause allows you to filter certain traffic,
+ # There are currently three filter-sets: Protocol, Address and
+ # State. The filter is attached to an action that can be: Accept or
+ # Ignore. Thus, you can define the event filtering policy of the
+ # filter-sets in positive or negative logic depending on your needs.
+ # You can select if conntrackd filters the event messages from
+ # user-space or kernel-space. The kernel-space event filtering
+ # saves some CPU cycles by avoiding the copy of the event message
+ # from kernel-space to user-space. The kernel-space event filtering
+ # is prefered, however, you require a Linux kernel >= 2.6.29 to
+ # filter from kernel-space. If you want to select kernel-space
+ # event filtering, use the keyword 'Kernelspace' instead of
+ # 'Userspace'.
+ #
+ Filter From Userspace {
+ #
+ # Accept only certain protocols: You may want to replicate
+ # the state of flows depending on their layer 4 protocol.
+ #
+ Protocol Accept {
+ TCP
+ SCTP
+ DCCP
+ UDP
+ ICMP # This requires a Linux kernel >= 2.6.31
+ }
+
+ #
+ # Ignore traffic for a certain set of IP's: Usually all the
+ # IP assigned to the firewall since local traffic must be
+ # ignored, only forwarded connections are worth to replicate.
+ # Note that these values depends on the local IPs that are
+ # assigned to the firewall.
+ #
+ Address Ignore {
+ IPv4_address 127.0.0.1 # loopback
+ IPv4_address [IGNORE_IP1]
+ IPv4_address [IGNORE_IP2]
+ IPv4_address [IGNORE_IP3]
+ #IPv4_address 192.168.0.100 # virtual IP 1
+ #IPv4_address 192.168.1.100 # virtual IP 2
+ #IPv4_address 192.168.0.1
+ #IPv4_address 192.168.1.1
+ #IPv4_address 192.168.100.100 # dedicated link ip
+ #
+ # You can also specify networks in format IP/cidr.
+ # IPv4_address 192.168.0.0/24
+ #
+ # You can also specify an IPv6 address
+ # IPv6_address ::1
+ }
+
+ #
+ # Uncomment this line below if you want to filter by flow state.
+ # This option introduces a trade-off in the replication: it
+ # reduces CPU consumption at the cost of having lazy backup
+ # firewall replicas. The existing TCP states are: SYN_SENT,
+ # SYN_RECV, ESTABLISHED, FIN_WAIT, CLOSE_WAIT, LAST_ACK,
+ # TIME_WAIT, CLOSED, LISTEN.
+ #
+ # State Accept {
+ # ESTABLISHED CLOSED TIME_WAIT CLOSE_WAIT for TCP
+ # }
+ }
+
+ # default debian service unit file is of Type=notify
+ Systemd on
+}
diff --git a/systemvm/patches/debian/opt/cloud/templates/heartbeat.sh.templ b/systemvm/debian/opt/cloud/templates/heartbeat.sh.templ
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/templates/heartbeat.sh.templ
rename to systemvm/debian/opt/cloud/templates/heartbeat.sh.templ
diff --git a/systemvm/patches/debian/opt/cloud/templates/keepalived.conf.templ b/systemvm/debian/opt/cloud/templates/keepalived.conf.templ
similarity index 94%
rename from systemvm/patches/debian/opt/cloud/templates/keepalived.conf.templ
rename to systemvm/debian/opt/cloud/templates/keepalived.conf.templ
index d14611d..5434ec5 100644
--- a/systemvm/patches/debian/opt/cloud/templates/keepalived.conf.templ
+++ b/systemvm/debian/opt/cloud/templates/keepalived.conf.templ
@@ -21,11 +21,11 @@ global_defs {
vrrp_script heartbeat {
script "[RROUTER_BIN_PATH]/heartbeat.sh"
- interval 5
+ interval 4
}
vrrp_instance inside_network {
- state EQUAL
+ state BACKUP
interface eth2
virtual_router_id 51
nopreempt
@@ -44,7 +44,6 @@ vrrp_instance inside_network {
heartbeat
}
- !That's the correct path of the master.py file.
notify_backup "/opt/cloud/bin/master.py --backup"
notify_master "/opt/cloud/bin/master.py --master"
notify_fault "/opt/cloud/bin/master.py --fault"
diff --git a/systemvm/patches/debian/opt/cloud/testdata/README b/systemvm/debian/opt/cloud/testdata/README
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/testdata/README
rename to systemvm/debian/opt/cloud/testdata/README
diff --git a/systemvm/patches/debian/opt/cloud/testdata/acl0001.json b/systemvm/debian/opt/cloud/testdata/acl0001.json
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/testdata/acl0001.json
rename to systemvm/debian/opt/cloud/testdata/acl0001.json
diff --git a/systemvm/patches/debian/opt/cloud/testdata/dhcp0001.json b/systemvm/debian/opt/cloud/testdata/dhcp0001.json
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/testdata/dhcp0001.json
rename to systemvm/debian/opt/cloud/testdata/dhcp0001.json
diff --git a/systemvm/patches/debian/opt/cloud/testdata/gn0001.json b/systemvm/debian/opt/cloud/testdata/gn0001.json
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/testdata/gn0001.json
rename to systemvm/debian/opt/cloud/testdata/gn0001.json
diff --git a/systemvm/patches/debian/opt/cloud/testdata/ips0001.json b/systemvm/debian/opt/cloud/testdata/ips0001.json
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/testdata/ips0001.json
rename to systemvm/debian/opt/cloud/testdata/ips0001.json
diff --git a/systemvm/patches/debian/opt/cloud/testdata/ips0002.json b/systemvm/debian/opt/cloud/testdata/ips0002.json
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/testdata/ips0002.json
rename to systemvm/debian/opt/cloud/testdata/ips0002.json
diff --git a/systemvm/patches/debian/opt/cloud/testdata/ips0003.json b/systemvm/debian/opt/cloud/testdata/ips0003.json
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/testdata/ips0003.json
rename to systemvm/debian/opt/cloud/testdata/ips0003.json
diff --git a/systemvm/patches/debian/opt/cloud/testdata/s2s0001.json b/systemvm/debian/opt/cloud/testdata/s2s0001.json
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/testdata/s2s0001.json
rename to systemvm/debian/opt/cloud/testdata/s2s0001.json
diff --git a/systemvm/patches/debian/opt/cloud/testdata/test.sh b/systemvm/debian/opt/cloud/testdata/test.sh
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/testdata/test.sh
rename to systemvm/debian/opt/cloud/testdata/test.sh
diff --git a/systemvm/patches/debian/opt/cloud/testdata/vmp0001.json b/systemvm/debian/opt/cloud/testdata/vmp0001.json
similarity index 100%
rename from systemvm/patches/debian/opt/cloud/testdata/vmp0001.json
rename to systemvm/debian/opt/cloud/testdata/vmp0001.json
diff --git a/systemvm/patches/debian/root/.ssh/authorized_keys b/systemvm/debian/root/.ssh/authorized_keys
similarity index 100%
rename from systemvm/patches/debian/root/.ssh/authorized_keys
rename to systemvm/debian/root/.ssh/authorized_keys
diff --git a/systemvm/patches/debian/root/clearUsageRules.sh b/systemvm/debian/root/clearUsageRules.sh
similarity index 100%
rename from systemvm/patches/debian/root/clearUsageRules.sh
rename to systemvm/debian/root/clearUsageRules.sh
diff --git a/systemvm/patches/debian/root/func.sh b/systemvm/debian/root/func.sh
similarity index 100%
rename from systemvm/patches/debian/root/func.sh
rename to systemvm/debian/root/func.sh
diff --git a/systemvm/patches/debian/root/monitorServices.py b/systemvm/debian/root/monitorServices.py
similarity index 100%
rename from systemvm/patches/debian/root/monitorServices.py
rename to systemvm/debian/root/monitorServices.py
diff --git a/systemvm/patches/debian/root/reconfigLB.sh b/systemvm/debian/root/reconfigLB.sh
similarity index 100%
rename from systemvm/patches/debian/root/reconfigLB.sh
rename to systemvm/debian/root/reconfigLB.sh
diff --git a/systemvm/patches/debian/var/www/html/latest/.htaccess b/systemvm/debian/var/www/html/latest/.htaccess
similarity index 100%
rename from systemvm/patches/debian/var/www/html/latest/.htaccess
rename to systemvm/debian/var/www/html/latest/.htaccess
diff --git a/systemvm/patches/debian/var/www/html/userdata/.htaccess b/systemvm/debian/var/www/html/userdata/.htaccess
similarity index 100%
rename from systemvm/patches/debian/var/www/html/userdata/.htaccess
rename to systemvm/debian/var/www/html/userdata/.htaccess
diff --git a/systemvm/patches/debian/etc/init.d/cloud-passwd-srvr b/systemvm/patches/debian/etc/init.d/cloud-passwd-srvr
deleted file mode 100755
index ffd0ec8..0000000
--- a/systemvm/patches/debian/etc/init.d/cloud-passwd-srvr
+++ /dev/null
@@ -1,118 +0,0 @@
-#!/bin/bash
-### BEGIN INIT INFO
-# Provides: cloud-passwd-srvr
-# Required-Start: $local_fs cloud-early-config
-# Required-Stop: $local_fs
-# Default-Start: 3 4 5
-# Default-Stop: 0 1 6
-# Short-Description: Web server that sends passwords to User VMs
-### END INIT INFO
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-add_iptables_rules()
-{
- #Delete any old iptables rule for port 8080 on eth0
- remove_iptables_rules
-
- #For all cidrs on eth0 for port 8080 accept only if source is withing that cidr
- for cidr in $(ip addr | grep eth0 | grep inet | awk '{print $2}');
- do
- count=1
- #Try for 10 times, if it still fails then bail
- while [ $count -le 10 ];
- do
- (( count++ ))
- iptables -A INPUT -i eth0 -p tcp -m state --state NEW -m tcp -s $cidr --dport 8080 -j ACCEPT
- if [ `iptables -L INPUT -n -v | grep eth0 | grep 8080 | grep ACCEPT | wc -l` -gt 0 ]
- then
- break
- else
- sleep 2
- fi
- done
- done
- echo "Added cloud-passwd-srvr iptables rules" && return 0
-}
-
-remove_iptables_rules()
-{
- #Change the Internal Field Separator so the for loop, loops on lines and not spaces
- OIFS="${IFS}"
- NIFS=$'\n'
- IFS="${NIFS}"
-
- #Removed all iptable rules for port 8080 on eth0, they were added in start()
- for srcdest in `iptables -L -n -v | grep eth0 | grep 8080 | grep ACCEPT | awk '{print "--source "$8" --destination "$9}'`;
- do
- eval "iptables -D INPUT -i eth0 -p tcp -m state --state NEW -m tcp $srcdest --dport 8080 -j ACCEPT";
- done
-
- #Restore IFS
- IFS="${OIFS}"
-
- echo "Removed cloud-passwd-srvr iptables rules" && return 0
-}
-
-start() {
- pid=$(getpid)
- [ "$pid" != "" ] && echo "Password server is already running (pid=$pid)" && return 0
- add_iptables_rules
- nohup bash /opt/cloud/bin/passwd_server &
-}
-
-getpid() {
- pid=$(ps -ef | grep passwd_server_ip | grep -v grep | awk '{print $2}')
- echo $pid
-}
-
-stop_password_server() {
- spid=$(pidof -s python passwd_server_ip.py)
- [ "$spid" != "" ] && kill -9 $spid && echo "Killed password server (pid=$spid)"
- return 0
-}
-
-stop () {
- stop_password_server
- pid=$(getpid)
- [ "$pid" != "" ] && kill -9 $pid && remove_iptables_rules && echo "Stopped password server (pid=$pid)" && stop_password_server && return 0
-
- echo "Password server is not running" && return 0
-}
-
-status () {
- pid=$(getpid)
- [ "$pid" != "" ] && echo "Password server is running (pid=$pid)" && return 0
- echo "Password server is not running" && return 0
-}
-
-case "$1" in
- start) start
- ;;
- stop) stop
- ;;
- status) status
- ;;
- restart) stop
- start
- ;;
- *) echo "Usage: $0 {start|stop|status|restart}"
- exit 1
- ;;
-esac
-
-exit 0
diff --git a/systemvm/patches/debian/etc/rc.local b/systemvm/patches/debian/etc/rc.local
deleted file mode 100755
index 895c120..0000000
--- a/systemvm/patches/debian/etc/rc.local
+++ /dev/null
@@ -1,69 +0,0 @@
-#!/bin/bash
-
-#Licensed to the Apache Software Foundation (ASF) under one
-#or more contributor license agreements. See the NOTICE file
-#distributed with this work for additional information
-#regarding copyright ownership. The ASF licenses this file
-#to you under the Apache License, Version 2.0 (the
-#"License"); you may not use this file except in compliance
-#with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-#Unless required by applicable law or agreed to in writing,
-#software distributed under the License is distributed on an
-#"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-#KIND, either express or implied. See the License for the
-#specific language governing permissions and limitations
-#under the License.
-
-[ ! -f /var/cache/cloud/enabled_svcs ] && touch /var/cache/cloud/enabled_svcs
-for svc in $(cat /var/cache/cloud/enabled_svcs)
-do
- logger -t cloud "Starting $svc"
- systemctl enable --now $svc
-done
-
-[ ! -f /var/cache/cloud/disabled_svcs ] && touch /var/cache/cloud/disabled_svcs
-for svc in $(cat /var/cache/cloud/disabled_svcs)
-do
- logger -t cloud "Stopping $svc"
- systemctl disable --now $svc
-done
-
-
-#Restore the persistent iptables nat, rules and filters for IPv4 and IPv6 if they exist
-ipv4="/etc/iptables/router_rules.v4"
-if [ -e $ipv4 ]
-then
- iptables-restore < $ipv4
-fi
-
-ipv6="/etc/iptables/router_rules.v6"
-if [ -e $ipv6 ]
-then
- iptables-restore < $ipv6
-fi
-
-date > /var/cache/cloud/boot_up_done
-logger -t cloud "Boot up process done"
-
-CMDLINE=/var/cache/cloud/cmdline
-for str in $(cat $CMDLINE)
- do
- KEY=$(echo $str | cut -d= -f1)
- VALUE=$(echo $str | cut -d= -f2)
- case $KEY in
- type)
- export TYPE=$VALUE
- ;;
- *)
- ;;
- esac
-done
-
-if [ "$TYPE" == "router" ]
-then
- python /opt/cloud/bin/baremetal-vr.py &
- logger -t cloud "Started baremetal-vr service"
-fi
diff --git a/systemvm/patches/debian/opt/cloud/templates/conntrackd.conf.templ b/systemvm/patches/debian/opt/cloud/templates/conntrackd.conf.templ
deleted file mode 100644
index 3e38af1..0000000
--- a/systemvm/patches/debian/opt/cloud/templates/conntrackd.conf.templ
+++ /dev/null
@@ -1,417 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-#
-# Synchronizer settings
-#
-Sync {
- Mode FTFW {
- #
- # Size of the resend queue (in objects). This is the maximum
- # number of objects that can be stored waiting to be confirmed
- # via acknoledgment. If you keep this value low, the daemon
- # will have less chances to recover state-changes under message
- # omission. On the other hand, if you keep this value high,
- # the daemon will consume more memory to store dead objects.
- # Default is 131072 objects.
- #
- # ResendQueueSize 131072
-
- #
- # This parameter allows you to set an initial fixed timeout
- # for the committed entries when this node goes from backup
- # to primary. This mechanism provides a way to purge entries
- # that were not recovered appropriately after the specified
- # fixed timeout. If you set a low value, TCP entries in
- # Established states with no traffic may hang. For example,
- # an SSH connection without KeepAlive enabled. If not set,
- # the daemon uses an approximate timeout value calculation
- # mechanism. By default, this option is not set.
- #
- # CommitTimeout 180
-
- #
- # If the firewall replica goes from primary to backup,
- # the conntrackd -t command is invoked in the script.
- # This command schedules a flush of the table in N seconds.
- # This is useful to purge the connection tracking table of
- # zombie entries and avoid clashes with old entries if you
- # trigger several consecutive hand-overs. Default is 60 seconds.
- #
- # PurgeTimeout 60
-
- # Set the acknowledgement window size. If you decrease this
- # value, the number of acknowlegdments increases. More
- # acknowledgments means more overhead as conntrackd has to
- # handle more control messages. On the other hand, if you
- # increase this value, the resend queue gets more populated.
- # This results in more overhead in the queue releasing.
- # The following value is based on some practical experiments
- # measuring the cycles spent by the acknowledgment handling
- # with oprofile. If not set, default window size is 300.
- #
- # ACKWindowSize 300
-
- #
- # This clause allows you to disable the external cache. Thus,
- # the state entries are directly injected into the kernel
- # conntrack table. As a result, you save memory in user-space
- # but you consume slots in the kernel conntrack table for
- # backup state entries. Moreover, disabling the external cache
- # means more CPU consumption. You need a Linux kernel
- # >= 2.6.29 to use this feature. By default, this clause is
- # set off. If you are installing conntrackd for first time,
- # please read the user manual and I encourage you to consider
- # using the fail-over scripts instead of enabling this option!
- #
- # DisableExternalCache Off
- }
-
- #
- # Multicast IP and interface where messages are
- # broadcasted (dedicated link). IMPORTANT: Make sure
- # that iptables accepts traffic for destination
- # 225.0.0.50, eg:
- #
- # iptables -I INPUT -d 225.0.0.50 -j ACCEPT
- # iptables -I OUTPUT -d 225.0.0.50 -j ACCEPT
- #
- Multicast {
- #
- # Multicast address: The address that you use as destination
- # in the synchronization messages. You do not have to add
- # this IP to any of your existing interfaces. If any doubt,
- # do not modify this value.
- #
- IPv4_address 225.0.0.50
-
- #
- # The multicast group that identifies the cluster. If any
- # doubt, do not modify this value.
- #
- Group 3780
-
- #
- # IP address of the interface that you are going to use to
- # send the synchronization messages. Remember that you must
- # use a dedicated link for the synchronization messages.
- #
- IPv4_interface [LINK_IP]
-
- #
- # The name of the interface that you are going to use to
- # send the synchronization messages.
- #
- Interface [LINK_IF]
-
- # The multicast sender uses a buffer to enqueue the packets
- # that are going to be transmitted. The default size of this
- # socket buffer is available at /proc/sys/net/core/wmem_default.
- # This value determines the chances to have an overrun in the
- # sender queue. The overrun results packet loss, thus, losing
- # state information that would have to be retransmitted. If you
- # notice some packet loss, you may want to increase the size
- # of the sender buffer. The default size is usually around
- # ~100 KBytes which is fairly small for busy firewalls.
- #
- SndSocketBuffer 1249280
-
- # The multicast receiver uses a buffer to enqueue the packets
- # that the socket is pending to handle. The default size of this
- # socket buffer is available at /proc/sys/net/core/rmem_default.
- # This value determines the chances to have an overrun in the
- # receiver queue. The overrun results packet loss, thus, losing
- # state information that would have to be retransmitted. If you
- # notice some packet loss, you may want to increase the size of
- # the receiver buffer. The default size is usually around
- # ~100 KBytes which is fairly small for busy firewalls.
- #
- RcvSocketBuffer 1249280
-
- #
- # Enable/Disable message checksumming. This is a good
- # property to achieve fault-tolerance. In case of doubt, do
- # not modify this value.
- #
- Checksum on
- }
- #
- # You can specify more than one dedicated link. Thus, if one dedicated
- # link fails, conntrackd can fail-over to another. Note that adding
- # more than one dedicated link does not mean that state-updates will
- # be sent to all of them. There is only one active dedicated link at
- # a given moment. The `Default' keyword indicates that this interface
- # will be selected as the initial dedicated link. You can have
- # up to 4 redundant dedicated links. Note: Use different multicast
- # groups for every redundant link.
- #
- # Multicast Default {
- # IPv4_address 225.0.0.51
- # Group 3781
- # IPv4_interface 192.168.100.101
- # Interface eth3
- # # SndSocketBuffer 1249280
- # # RcvSocketBuffer 1249280
- # Checksum on
- # }
-
- #
- # You can use Unicast UDP instead of Multicast to propagate events.
- # Note that you cannot use unicast UDP and Multicast at the same
- # time, you can only select one.
- #
- # UDP {
- #
- # UDP address that this firewall uses to listen to events.
- #
- # IPv4_address 192.168.2.100
- #
- # or you may want to use an IPv6 address:
- #
- # IPv6_address fe80::215:58ff:fe28:5a27
-
- #
- # Destination UDP address that receives events, ie. the other
- # firewall's dedicated link address.
- #
- # IPv4_Destination_Address 192.168.2.101
- #
- # or you may want to use an IPv6 address:
- #
- # IPv6_Destination_Address fe80::2d0:59ff:fe2a:775c
-
- #
- # UDP port used
- #
- # Port 3780
-
- #
- # The name of the interface that you are going to use to
- # send the synchronization messages.
- #
- # Interface eth2
-
- #
- # The sender socket buffer size
- #
- # SndSocketBuffer 1249280
-
- #
- # The receiver socket buffer size
- #
- # RcvSocketBuffer 1249280
-
- #
- # Enable/Disable message checksumming.
- #
- # Checksum on
- # }
-
-}
-
-#
-# General settings
-#
-General {
- #
- # Set the nice value of the daemon, this value goes from -20
- # (most favorable scheduling) to 19 (least favorable). Using a
- # very low value reduces the chances to lose state-change events.
- # Default is 0 but this example file sets it to most favourable
- # scheduling as this is generally a good idea. See man nice(1) for
- # more information.
- #
- Nice -20
-
- #
- # Select a different scheduler for the daemon, you can select between
- # RR and FIFO and the process priority (minimum is 0, maximum is 99).
- # See man sched_setscheduler(2) for more information. Using a RT
- # scheduler reduces the chances to overrun the Netlink buffer.
- #
- # Scheduler {
- # Type FIFO
- # Priority 99
- # }
-
- #
- # Number of buckets in the cache hashtable. The bigger it is,
- # the closer it gets to O(1) at the cost of consuming more memory.
- # Read some documents about tuning hashtables for further reference.
- #
- HashSize 32768
-
- #
- # Maximum number of conntracks, it should be double of:
- # $ cat /proc/sys/net/netfilter/nf_conntrack_max
- # since the daemon may keep some dead entries cached for possible
- # retransmission during state synchronization.
- #
- HashLimit 131072
-
- #
- # Logfile: on (/var/log/conntrackd.log), off, or a filename
- # Default: off
- #
- LogFile on
-
- #
- # Syslog: on, off or a facility name (daemon (default) or local0..7)
- # Default: off
- #
- #Syslog on
-
- #
- # Lockfile
- #
- LockFile /var/lock/conntrack.lock
-
- #
- # Unix socket configuration
- #
- UNIX {
- Path /var/run/conntrackd.ctl
- Backlog 20
- }
-
- #
- # Netlink event socket buffer size. If you do not specify this clause,
- # the default buffer size value in /proc/net/core/rmem_default is
- # used. This default value is usually around 100 Kbytes which is
- # fairly small for busy firewalls. This leads to event message dropping
- # and high CPU consumption. This example configuration file sets the
- # size to 2 MBytes to avoid this sort of problems.
- #
- NetlinkBufferSize 2097152
-
- #
- # The daemon doubles the size of the netlink event socket buffer size
- # if it detects netlink event message dropping. This clause sets the
- # maximum buffer size growth that can be reached. This example file
- # sets the size to 8 MBytes.
- #
- NetlinkBufferSizeMaxGrowth 8388608
-
- #
- # If the daemon detects that Netlink is dropping state-change events,
- # it automatically schedules a resynchronization against the Kernel
- # after 30 seconds (default value). Resynchronizations are expensive
- # in terms of CPU consumption since the daemon has to get the full
- # kernel state-table and purge state-entries that do not exist anymore.
- # Be careful of setting a very small value here. You have the following
- # choices: On (enabled, use default 30 seconds value), Off (disabled)
- # or Value (in seconds, to set a specific amount of time). If not
- # specified, the daemon assumes that this option is enabled.
- #
- # NetlinkOverrunResync On
-
- #
- # If you want reliable event reporting over Netlink, set on this
- # option. If you set on this clause, it is a good idea to set off
- # NetlinkOverrunResync. This option is off by default and you need
- # a Linux kernel >= 2.6.31.
- #
- # NetlinkEventsReliable Off
-
- #
- # By default, the daemon receives state updates following an
- # event-driven model. You can modify this behaviour by switching to
- # polling mode with the PollSecs clause. This clause tells conntrackd
- # to dump the states in the kernel every N seconds. With regards to
- # synchronization mode, the polling mode can only guarantee that
- # long-lifetime states are recovered. The main advantage of this method
- # is the reduction in the state replication at the cost of reducing the
- # chances of recovering connections.
- #
- # PollSecs 15
-
- #
- # The daemon prioritizes the handling of state-change events coming
- # from the core. With this clause, you can set the maximum number of
- # state-change events (those coming from kernel-space) that the daemon
- # will handle after which it will handle other events coming from the
- # network or userspace. A low value improves interactivity (in terms of
- # real-time behaviour) at the cost of extra CPU consumption.
- # Default (if not set) is 100.
- #
- # EventIterationLimit 100
-
- #
- # Event filtering: This clause allows you to filter certain traffic,
- # There are currently three filter-sets: Protocol, Address and
- # State. The filter is attached to an action that can be: Accept or
- # Ignore. Thus, you can define the event filtering policy of the
- # filter-sets in positive or negative logic depending on your needs.
- # You can select if conntrackd filters the event messages from
- # user-space or kernel-space. The kernel-space event filtering
- # saves some CPU cycles by avoiding the copy of the event message
- # from kernel-space to user-space. The kernel-space event filtering
- # is prefered, however, you require a Linux kernel >= 2.6.29 to
- # filter from kernel-space. If you want to select kernel-space
- # event filtering, use the keyword 'Kernelspace' instead of
- # 'Userspace'.
- #
- Filter From Userspace {
- #
- # Accept only certain protocols: You may want to replicate
- # the state of flows depending on their layer 4 protocol.
- #
- Protocol Accept {
- TCP
- SCTP
- DCCP
- # UDP
- # ICMP # This requires a Linux kernel >= 2.6.31
- }
-
- #
- # Ignore traffic for a certain set of IP's: Usually all the
- # IP assigned to the firewall since local traffic must be
- # ignored, only forwarded connections are worth to replicate.
- # Note that these values depends on the local IPs that are
- # assigned to the firewall.
- #
- Address Ignore {
- IPv4_address 127.0.0.1 # loopback
- IPv4_address [IGNORE_IP1]
- IPv4_address [IGNORE_IP2]
- IPv4_address [IGNORE_IP3]
- #IPv4_address 192.168.0.100 # virtual IP 1
- #IPv4_address 192.168.1.100 # virtual IP 2
- #IPv4_address 192.168.0.1
- #IPv4_address 192.168.1.1
- #IPv4_address 192.168.100.100 # dedicated link ip
- #
- # You can also specify networks in format IP/cidr.
- # IPv4_address 192.168.0.0/24
- #
- # You can also specify an IPv6 address
- # IPv6_address ::1
- }
-
- #
- # Uncomment this line below if you want to filter by flow state.
- # This option introduces a trade-off in the replication: it
- # reduces CPU consumption at the cost of having lazy backup
- # firewall replicas. The existing TCP states are: SYN_SENT,
- # SYN_RECV, ESTABLISHED, FIN_WAIT, CLOSE_WAIT, LAST_ACK,
- # TIME_WAIT, CLOSED, LISTEN.
- #
- # State Accept {
- # ESTABLISHED CLOSED TIME_WAIT CLOSE_WAIT for TCP
- # }
- }
-}
diff --git a/systemvm/pom.xml b/systemvm/pom.xml
index 0ae3e02..e5d2523 100644
--- a/systemvm/pom.xml
+++ b/systemvm/pom.xml
@@ -88,7 +88,7 @@
</includes>
</resource>
<resource>
- <directory>patches/debian/root/.ssh</directory>
+ <directory>debian/root/.ssh</directory>
<includes>
<include>authorized_keys</include>
</includes>
@@ -112,10 +112,7 @@
<mkdir dir="${basedir}/dist" />
<mkdir dir="${basedir}/target/build-patch" />
<copy overwrite="true" todir="${basedir}/target/build-patch">
- <fileset dir="${basedir}/patches/debian/">
- <include name="**/*" />
- </fileset>
- <fileset dir="${basedir}/patches/vpn/">
+ <fileset dir="${basedir}/debian/">
<include name="**/*" />
</fileset>
</copy>
diff --git a/systemvm/patches/test/TestCsAddress.py b/systemvm/test/TestCsAddress.py
similarity index 100%
rename from systemvm/patches/test/TestCsAddress.py
rename to systemvm/test/TestCsAddress.py
diff --git a/systemvm/patches/test/TestCsApp.py b/systemvm/test/TestCsApp.py
similarity index 100%
rename from systemvm/patches/test/TestCsApp.py
rename to systemvm/test/TestCsApp.py
diff --git a/systemvm/patches/test/TestCsCmdLine.py b/systemvm/test/TestCsCmdLine.py
similarity index 100%
rename from systemvm/patches/test/TestCsCmdLine.py
rename to systemvm/test/TestCsCmdLine.py
diff --git a/systemvm/patches/test/TestCsConfig.py b/systemvm/test/TestCsConfig.py
similarity index 100%
rename from systemvm/patches/test/TestCsConfig.py
rename to systemvm/test/TestCsConfig.py
diff --git a/systemvm/patches/test/TestCsDatabag.py b/systemvm/test/TestCsDatabag.py
similarity index 100%
rename from systemvm/patches/test/TestCsDatabag.py
rename to systemvm/test/TestCsDatabag.py
diff --git a/systemvm/patches/test/TestCsDhcp.py b/systemvm/test/TestCsDhcp.py
similarity index 100%
rename from systemvm/patches/test/TestCsDhcp.py
rename to systemvm/test/TestCsDhcp.py
diff --git a/systemvm/patches/test/TestCsFile.py b/systemvm/test/TestCsFile.py
similarity index 100%
rename from systemvm/patches/test/TestCsFile.py
rename to systemvm/test/TestCsFile.py
diff --git a/systemvm/patches/test/TestCsGuestNetwork.py b/systemvm/test/TestCsGuestNetwork.py
similarity index 94%
rename from systemvm/patches/test/TestCsGuestNetwork.py
rename to systemvm/test/TestCsGuestNetwork.py
index 08a6b37..06e2d16 100644
--- a/systemvm/patches/test/TestCsGuestNetwork.py
+++ b/systemvm/test/TestCsGuestNetwork.py
@@ -17,6 +17,7 @@
import unittest
from cs.CsGuestNetwork import CsGuestNetwork
+from cs.CsConfig import CsConfig
import merge
@@ -30,7 +31,7 @@ class TestCsGuestNetwork(unittest.TestCase):
self.assertTrue(csguestnetwork is not None)
def test_get_dns(self):
- csguestnetwork = CsGuestNetwork({}, {})
+ csguestnetwork = CsGuestNetwork({}, CsConfig())
csguestnetwork.guest = True
csguestnetwork.set_dns("1.1.1.1,2.2.2.2")
csguestnetwork.set_router("3.3.3.3")
diff --git a/systemvm/patches/test/TestCsHelper.py b/systemvm/test/TestCsHelper.py
similarity index 100%
rename from systemvm/patches/test/TestCsHelper.py
rename to systemvm/test/TestCsHelper.py
diff --git a/systemvm/patches/test/TestCsInterface.py b/systemvm/test/TestCsInterface.py
similarity index 100%
rename from systemvm/patches/test/TestCsInterface.py
rename to systemvm/test/TestCsInterface.py
diff --git a/systemvm/patches/test/TestCsNetfilter.py b/systemvm/test/TestCsNetfilter.py
similarity index 100%
rename from systemvm/patches/test/TestCsNetfilter.py
rename to systemvm/test/TestCsNetfilter.py
diff --git a/systemvm/patches/test/TestCsProcess.py b/systemvm/test/TestCsProcess.py
similarity index 100%
rename from systemvm/patches/test/TestCsProcess.py
rename to systemvm/test/TestCsProcess.py
diff --git a/systemvm/patches/test/TestCsRedundant.py b/systemvm/test/TestCsRedundant.py
similarity index 100%
rename from systemvm/patches/test/TestCsRedundant.py
rename to systemvm/test/TestCsRedundant.py
diff --git a/systemvm/patches/test/TestCsRoute.py b/systemvm/test/TestCsRoute.py
similarity index 87%
rename from systemvm/patches/test/TestCsRoute.py
rename to systemvm/test/TestCsRoute.py
index 6035258..f9982fe 100644
--- a/systemvm/patches/test/TestCsRoute.py
+++ b/systemvm/test/TestCsRoute.py
@@ -31,11 +31,12 @@ class TestCsRoute(unittest.TestCase):
def test_defaultroute_exists(self):
csroute = CsRoute()
- self.assertFalse(csroute.defaultroute_exists())
+ self.assertTrue(csroute.defaultroute_exists())
def test_add_defaultroute(self):
csroute = CsRoute()
- self.assertTrue(csroute.add_defaultroute("192.168.1.1"))
+ # Default route would exist on any test environment with network
+ self.assertFalse(csroute.add_defaultroute("192.168.1.1"))
def test_get_tablename(self):
csroute = CsRoute()
diff --git a/systemvm/patches/test/TestCsRule.py b/systemvm/test/TestCsRule.py
similarity index 100%
rename from systemvm/patches/test/TestCsRule.py
rename to systemvm/test/TestCsRule.py
diff --git a/systemvm/patches/test/runtests.sh b/systemvm/test/runtests.sh
similarity index 67%
rename from systemvm/patches/test/runtests.sh
rename to systemvm/test/runtests.sh
index e64f867..04290e7 100644
--- a/systemvm/patches/test/runtests.sh
+++ b/systemvm/test/runtests.sh
@@ -21,7 +21,24 @@
export PYTHONPATH="../debian/opt/cloud/bin/"
export PYTHONDONTWRITEBYTECODE=False
-pep8 --max-line-length=179 --exclude=monitorServices.py,baremetal-vr.py,passwd_server_ip.py `find ../../patches -name \*.py`
+echo "Running pep8 to check systemvm/python code for errors"
pep8 --max-line-length=179 *py
+pep8 --max-line-length=179 --exclude=monitorServices.py,baremetal-vr.py,passwd_server_ip.py `find ../debian -name \*.py`
+if [ $? -gt 0 ]
+then
+ echo "Pylint failed, please check your code"
+ exit 1
+fi
+echo "Running pylint to check systemvm/python code for errors"
+pylint --disable=R,C,W *.py
+pylint --disable=R,C,W `find ../debian -name \*.py`
+if [ $? -gt 0 ]
+then
+ echo "Pylint failed, please check your code"
+ exit 1
+fi
+
+echo "Running systemvm/python unit tests"
nosetests .
+exit $?
diff --git a/test/integration/smoke/test_deploy_virtio_scsi_vm.py b/test/integration/smoke/test_deploy_virtio_scsi_vm.py
index fbff31c..52ef254 100644
--- a/test/integration/smoke/test_deploy_virtio_scsi_vm.py
+++ b/test/integration/smoke/test_deploy_virtio_scsi_vm.py
@@ -130,7 +130,6 @@ class TestDeployVirtioSCSIVM(cloudstackTestCase):
cls.services["service_offerings"]["small"]
)
-
cls.sparse_disk_offering = DiskOffering.create(
cls.apiclient,
cls.services["sparse_disk_offering"]
diff --git a/test/integration/smoke/test_deploy_vm_iso.py b/test/integration/smoke/test_deploy_vm_iso.py
index 76ba2b7..5298c48 100644
--- a/test/integration/smoke/test_deploy_vm_iso.py
+++ b/test/integration/smoke/test_deploy_vm_iso.py
@@ -130,7 +130,7 @@ class TestDeployVMFromISO(cloudstackTestCase):
)
try:
# Download the ISO
- self.iso.download(self.apiclient)
+ self.iso.download(self.apiclient, retries=150)
except Exception as e:
raise Exception("Exception while downloading ISO %s: %s"
diff --git a/test/integration/smoke/test_hosts.py b/test/integration/smoke/test_hosts.py
deleted file mode 100644
index 952f160..0000000
--- a/test/integration/smoke/test_hosts.py
+++ /dev/null
@@ -1,170 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-""" BVT tests for Hosts and Clusters
-"""
-#Import Local Modules
-import marvin
-from marvin.cloudstackTestCase import *
-from marvin.cloudstackAPI import *
-from marvin.lib.utils import *
-from marvin.lib.base import *
-from marvin.lib.common import *
-from marvin.lib.utils import (random_gen)
-from nose.plugins.attrib import attr
-
-#Import System modules
-import time
-
-_multiprocess_shared_ = True
-
-class TestHosts(cloudstackTestCase):
-
- def setUp(self):
- self.apiclient = self.testClient.getApiClient()
- self.hypervisor = self.testClient.getHypervisorInfo()
- self.dbclient = self.testClient.getDbConnection()
- self.services = self.testClient.getParsedTestDataConfig()
- self.zone = get_zone(self.apiclient, self.testClient.getZoneForTests())
- self.pod = get_pod(self.apiclient, self.zone.id)
- self.cleanup = []
-
- return
-
- def tearDown(self):
- try:
- #Clean up, terminate the created templates
- cleanup_resources(self.apiclient, self.cleanup)
-
- except Exception as e:
- raise Exception("Warning: Exception during cleanup : %s" % e)
- return
-
- #@attr(tags=["selfservice"])
- def test_01_clusters(self):
- """Test Add clusters & hosts - simulator
-
-
- # Validate the following:
- # 1. Verify hypervisortype returned by API is Simulator/Xen/KVM/VWare
- # 2. Verify that the cluster is in 'Enabled' allocation state
- # 3. Verify that the host is added successfully and in Up state
- # with listHosts API response
-
- #Create clusters with Hypervisor type Simulator/XEN/KVM/VWare
- """
- for k, v in self.services["clusters"].items():
- v["clustername"] = v["clustername"] + "-" + random_gen()
- cluster = Cluster.create(
- self.apiclient,
- v,
- zoneid=self.zone.id,
- podid=self.pod.id,
- hypervisor=v["hypervisor"].lower()
- )
- self.debug(
- "Created Cluster for hypervisor type %s & ID: %s" %(
- v["hypervisor"],
- cluster.id
- ))
- self.assertEqual(
- cluster.hypervisortype.lower(),
- v["hypervisor"].lower(),
- "Check hypervisor type is " + v["hypervisor"] + " or not"
- )
- self.assertEqual(
- cluster.allocationstate,
- 'Enabled',
- "Check whether allocation state of cluster is enabled"
- )
-
- #If host is externally managed host is already added with cluster
- response = list_hosts(
- self.apiclient,
- clusterid=cluster.id
- )
-
- if not response:
- hypervisor_type = str(cluster.hypervisortype.lower())
- host = Host.create(
- self.apiclient,
- cluster,
- self.services["hosts"][hypervisor_type],
- zoneid=self.zone.id,
- podid=self.pod.id,
- hypervisor=v["hypervisor"].lower()
- )
- if host == FAILED:
- self.fail("Host Creation Failed")
- self.debug(
- "Created host (ID: %s) in cluster ID %s" %(
- host.id,
- cluster.id
- ))
- #Cleanup Host & Cluster
- self.cleanup.append(host)
- self.cleanup.append(cluster)
-
- list_hosts_response = list_hosts(
- self.apiclient,
- clusterid=cluster.id
- )
- self.assertEqual(
- isinstance(list_hosts_response, list),
- True,
- "Check list response returns a valid list"
- )
- self.assertNotEqual(
- len(list_hosts_response),
- 0,
- "Check list Hosts response"
- )
-
- host_response = list_hosts_response[0]
- #Check if host is Up and running
- self.assertEqual(
- host_response.state,
- 'Up',
- "Check if state of host is Up or not"
- )
- #Verify List Cluster Response has newly added cluster
- list_cluster_response = list_clusters(
- self.apiclient,
- id=cluster.id
- )
- self.assertEqual(
- isinstance(list_cluster_response, list),
- True,
- "Check list response returns a valid list"
- )
- self.assertNotEqual(
- len(list_cluster_response),
- 0,
- "Check list Hosts response"
- )
-
- cluster_response = list_cluster_response[0]
- self.assertEqual(
- cluster_response.id,
- cluster.id,
- "Check cluster ID with list clusters response"
- )
- self.assertEqual(
- cluster_response.hypervisortype.lower(),
- cluster.hypervisortype.lower(),
- "Check hypervisor type with is " + v["hypervisor"] + " or not"
- )
- return
diff --git a/test/integration/smoke/test_privategw_acl.py b/test/integration/smoke/test_privategw_acl.py
index bba33eb..b86b96e 100644
--- a/test/integration/smoke/test_privategw_acl.py
+++ b/test/integration/smoke/test_privategw_acl.py
@@ -28,6 +28,8 @@ from marvin.codes import PASS
import time
import logging
+import random
+
class Services:
"""Test VPC network services - Port Forwarding Rules Test Data Class.
@@ -243,14 +245,19 @@ class TestPrivateGwACL(cloudstackTestCase):
qresultset = self.dbclient.execute(
"select vnet from op_dc_vnet_alloc where physical_network_id=\
- (select id from physical_network where uuid='%s' ) and taken is NULL and reservation_id is NULL and account_id is NULL ORDER BY id DESC;" % physical_network.id
- )
+ (select id from physical_network where uuid='%s');" % physical_network.id)
self.assertEqual(validateList(qresultset)[0],
PASS,
"Invalid sql query response"
)
- vlans = qresultset
- vlan_1 = int(vlans[0][0])
+
+ # Find all the vlans that are for dynamic vlan allocation
+ dc_vlans = sorted(map(lambda x: x[0], qresultset))
+
+ # Use VLAN id that is not in physical network vlan range for dynamic vlan allocation
+ vlan_1 = int(physical_network.vlan.split('-')[-1]) + 1
+ if vlan_1 in dc_vlans:
+ vlan_1 = dc_vlans[-1] + random.randint(1, 5)
acl = self.createACL(vpc)
self.createACLItem(acl.id)
@@ -328,14 +335,19 @@ class TestPrivateGwACL(cloudstackTestCase):
qresultset = self.dbclient.execute(
"select vnet from op_dc_vnet_alloc where physical_network_id=\
- (select id from physical_network where uuid='%s' ) and taken is NULL and reservation_id is NULL and account_id is NULL ORDER BY id DESC;" % physical_network.id
- )
+ (select id from physical_network where uuid='%s');" % physical_network.id)
self.assertEqual(validateList(qresultset)[0],
PASS,
"Invalid sql query response"
- )
- vlans = qresultset
- vlan_1 = int(vlans[0][0])
+ )
+
+ # Find all the vlans that are for dynamic vlan allocation
+ dc_vlans = sorted(map(lambda x: x[0], qresultset))
+
+ # Use VLAN id that is not in physical network vlan range for dynamic vlan allocation
+ vlan_1 = int(physical_network.vlan.split('-')[-1]) + 1
+ if vlan_1 in dc_vlans:
+ vlan_1 = dc_vlans[-1] + random.randint(1, 5)
acl1 = self.createACL(vpc_1)
self.createACLItem(acl1.id, cidr = "0.0.0.0/0")
@@ -376,13 +388,25 @@ class TestPrivateGwACL(cloudstackTestCase):
physical_network = self.get_guest_traffic_physical_network(self.apiclient, self.zone.id)
if not physical_network:
self.fail("No Physical Networks found!")
+
qresultset = self.dbclient.execute(
"select vnet from op_dc_vnet_alloc where physical_network_id=\
- (select id from physical_network where uuid='%s' ) and taken is NULL and reservation_id is NULL and account_id is NULL ORDER BY id DESC;" % physical_network.id
- )
- vlans = qresultset
- vlan_1 = int(vlans[0][0])
+ (select id from physical_network where uuid='%s');" % physical_network.id)
+ self.assertEqual(validateList(qresultset)[0],
+ PASS,
+ "Invalid sql query response"
+ )
+ # Find all the vlans that are for dynamic vlan allocation
+ dc_vlans = sorted(map(lambda x: x[0], qresultset))
+
+ # Use VLAN id that is not in physical network vlan range for dynamic vlan allocation
+ vlan_1 = int(physical_network.vlan.split('-')[-1]) + 1
+ if vlan_1 in dc_vlans:
+ vlan_1 = dc_vlans[-1] + random.randint(1, 5)
+
+ acl1 = self.createACL(vpc_1)
+ self.createACLItem(acl1.id, cidr = "0.0.0.0/0")
net_offering_no_lb = "network_offering_no_lb"
network_1 = self.createNetwork(vpc_1, gateway = '10.0.0.1')
@@ -706,18 +730,17 @@ class TestPrivateGwACL(cloudstackTestCase):
self.logger.debug("Sleeping for %s seconds in order to get the firewall applied..." % sleep_time)
time.sleep(sleep_time)
- sleep_time += sleep_time
self.logger.debug("Ping to VM inside another Network Tier")
result = str(ssh.execute(ssh_command))
- self.logger.debug("SSH result: %s; COUNT is ==> %s" % (result, result.count("3 received")))
+ self.logger.debug("SSH result: %s; COUNT is ==> %s" % (result, result.count("0% packet loss")))
except Exception as e:
self.fail("SSH Access failed for %s: %s" % \
(virtual_machine, e)
)
- succeeded_pings += result.count("3 received")
+ succeeded_pings += result.count("0% packet loss")
self.assertTrue(succeeded_pings >= minimum_vms_to_pass,
diff --git a/test/integration/smoke/test_vpc_redundant.py b/test/integration/smoke/test_vpc_redundant.py
index 2c7f4ae..372d847 100644
--- a/test/integration/smoke/test_vpc_redundant.py
+++ b/test/integration/smoke/test_vpc_redundant.py
@@ -275,7 +275,7 @@ class TestVPCRedundancy(cloudstackTestCase):
cls.logger.setLevel(logging.DEBUG)
cls.logger.addHandler(cls.stream_handler)
- return
+ cls.advert_int = int(Configurations.list(cls.api_client, name="router.redundant.vrrp.interval")[0].value)
@classmethod
def tearDownClass(cls):
@@ -283,7 +283,6 @@ class TestVPCRedundancy(cloudstackTestCase):
cleanup_resources(cls.api_client, cls._cleanup)
except Exception as e:
raise Exception("Warning: Exception during cleanup : %s" % e)
- return
def setUp(self):
self.routers = []
@@ -344,10 +343,16 @@ class TestVPCRedundancy(cloudstackTestCase):
len(self.routers), count,
"Check that %s routers were indeed created" % count)
+ def wait_for_vrrp(self):
+ # Wait until 3*advert_int+skew time to get one of the routers as MASTER
+ time.sleep(3 * self.advert_int + 5)
+
def check_routers_state(self,count=2, status_to_check="MASTER", expected_count=1, showall=False):
vals = ["MASTER", "BACKUP", "UNKNOWN"]
cnts = [0, 0, 0]
+ self.wait_for_vrrp()
+
result = "UNKNOWN"
self.query_routers(count, showall)
for router in self.routers:
@@ -404,6 +409,7 @@ class TestVPCRedundancy(cloudstackTestCase):
self.logger.debug('Stopping router %s' % router.id)
cmd = stopRouter.stopRouterCmd()
cmd.id = router.id
+ cmd.forced = True
self.apiclient.stopRouter(cmd)
def reboot_router(self, router):
@@ -657,7 +663,7 @@ class TestVPCRedundancy(cloudstackTestCase):
@attr(tags=["advanced", "intervlan"], required_hardware="true")
def test_05_rvpc_multi_tiers(self):
""" Create a redundant VPC with 1 Tier, 1 VM, 1 ACL, 1 PF and test Network GC Nics"""
- self.logger.debug("Starting test_04_rvpc_network_garbage_collector_nics")
+ self.logger.debug("Starting test_05_rvpc_multi_tiers")
self.query_routers()
network = self.create_network(self.services["network_offering"], "10.1.1.1", nr_vms=1, mark_net_cleanup=False)
@@ -732,7 +738,7 @@ class TestVPCRedundancy(cloudstackTestCase):
ssh_command = "ping -c 3 8.8.8.8"
# Should be able to SSH VM
- result = 'failed'
+ packet_loss = 100
try:
vm = vmObj.get_vm()
public_ip = vmObj.get_ip()
@@ -741,19 +747,22 @@ class TestVPCRedundancy(cloudstackTestCase):
ssh = vm.get_ssh_client(ipaddress=public_ip.ipaddress.ipaddress)
self.logger.debug("Ping to google.com from VM")
- result = str(ssh.execute(ssh_command))
+ result = ssh.execute(ssh_command)
- self.logger.debug("SSH result: %s; COUNT is ==> %s" % (result, result.count(" 0% packet loss")))
+ for line in result:
+ if "packet loss" in line:
+ packet_loss = int(line.split("% packet loss")[0].split(" ")[-1])
+ break
+
+ self.logger.debug("SSH result: %s; packet loss is ==> %s" % (result, packet_loss))
except Exception as e:
self.fail("SSH Access failed for %s: %s" % \
(vmObj.get_ip(), e)
)
-
- self.assertEqual(
- result.count(" 0% packet loss"),
- 1,
- "Ping to outside world from VM should be successful"
- )
+
+ # Most pings should be successful
+ self.assertTrue(packet_loss < 50,
+ "Ping to outside world from VM should be successful")
class networkO(object):
diff --git a/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh b/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
index eb9b790..6f37e34 100644
--- a/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
+++ b/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
@@ -19,6 +19,15 @@
set -e
set -x
+function remove_reserved_blocks() {
+ for partition in $(blkid -o list | grep ext | awk '{print $1}')
+ do
+ tune2fs -m0 $partition
+ done
+ fdisk -l
+ df -h
+}
+
function add_backports() {
sed -i '/cdrom/d' /etc/apt/sources.list
sed -i '/deb-src/d' /etc/apt/sources.list
@@ -33,6 +42,7 @@ function apt_upgrade() {
# Setup sudo
echo 'cloud ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/cloud
+ remove_reserved_blocks
add_backports
rm -fv /root/*.iso
@@ -40,8 +50,6 @@ function apt_upgrade() {
apt-get autoclean
apt-get -q -y update
apt-get -q -y upgrade
-
- df -h
}
return 2>/dev/null || apt_upgrade
diff --git a/tools/appliance/definitions/systemvmtemplate/cleanup.sh b/tools/appliance/definitions/systemvmtemplate/cleanup.sh
index 444cc94..00f068d 100644
--- a/tools/appliance/definitions/systemvmtemplate/cleanup.sh
+++ b/tools/appliance/definitions/systemvmtemplate/cleanup.sh
@@ -20,8 +20,11 @@ set -e
set -x
function cleanup_apt() {
- apt-get -y remove dictionaries-common busybox isc-dhcp-client isc-dhcp-common
- apt-get -y autoremove
+ apt-get -y remove --purge dictionaries-common busybox isc-dhcp-client isc-dhcp-common \
+ task-english task-ssh-server tasksel tasksel-data laptop-detect nano wamerican \
+ debconf-i18n sharutils gnupg gnupg-agent keyboard-configuration
+
+ apt-get -y autoremove --purge
apt-get autoclean
apt-get clean
}
@@ -40,13 +43,28 @@ function cleanup_dev() {
}
function cleanup_misc() {
+ # Scripts
rm -fr /home/cloud/cloud_scripts*
+ rm -f /usr/share/cloud/cloud-scripts.tar
rm -f /root/.rnd
rm -f /var/www/html/index.html
+ # Logs
rm -f /var/log/*.log
rm -f /var/log/apache2/*
rm -f /var/log/messages
rm -f /var/log/syslog
+ rm -f /var/log/messages
+ rm -fr /var/log/apt
+ rm -fr /var/log/installer
+ # Docs and data files
+ rm -fr /var/lib/apt/*
+ rm -fr /var/cache/apt/*
+ rm -fr /usr/lib/gnupg*
+ rm -fr /usr/share/doc
+ rm -fr /usr/share/man
+ rm -fr /usr/share/info
+ rm -fr /usr/share/lintian
+ find /usr/share/locale -type f | grep -v en | xargs rm -fr
}
function cleanup() {
diff --git a/tools/appliance/definitions/systemvmtemplate/configure_login.sh b/tools/appliance/definitions/systemvmtemplate/configure_login.sh
index d5f80b1..1d9de06 100644
--- a/tools/appliance/definitions/systemvmtemplate/configure_login.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_login.sh
@@ -27,54 +27,22 @@ function configure_user() {
usermod -a -G admin cloud
mkdir -p /home/cloud/.ssh
chmod 700 /home/cloud/.ssh
- echo "cloud:`openssl rand -base64 32`" | chpasswd
echo "root:password" | chpasswd
}
-function configure_sudoers() {
- cat >/etc/sudoers <<END
-Defaults env_reset
-Defaults exempt_group=admin
-Defaults mail_badpass
-Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
-
-root ALL=(ALL:ALL) ALL
-%admin ALL=NOPASSWD:/bin/chmod, /bin/cp, /bin/mkdir, /bin/mount, /bin/umount
-
-#includedir /etc/sudoers.d
-END
- echo 'cloud ALL=NOPASSWD:/bin/chmod, /bin/cp, /bin/mkdir, /bin/mount, /bin/umount, /sbin/halt' > /etc/sudoers.d/cloud
-}
-
-# sshd_config is overwritten from cloud_scripts
-#function configure_sshd() {
-# grep "UseDNS no" /etc/ssh/sshd_config && \
-# grep "PasswordAuthentication no" /etc/ssh/sshd_config && \
-# return
-# # Tweak sshd to prevent DNS resolution (speed up logins)
-# echo 'UseDNS no' >> /etc/ssh/sshd_config
-#
-# # Require ssh keys for login
-# sed -i -e 's/^.*PasswordAuthentication .*$/PasswordAuthentication no/g' /etc/ssh/sshd_config
-#}
-
function configure_inittab() {
# Fix inittab
cat >> /etc/inittab << EOF
+0:2345:respawn:/sbin/getty -L 115200 ttyS0 vt102
vc:2345:respawn:/sbin/getty 38400 hvc0
EOF
}
function configure_login() {
- # configure_sshd
configure_inittab
add_admin_group
- configure_sudoers
configure_user
- rm -fv /home/cloud/configure_login.sh
- sync
- halt -p
}
return 2>/dev/null || configure_login
diff --git a/tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh b/tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh
index 791f2ea..84cb590 100644
--- a/tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_systemvm_services.sh
@@ -34,70 +34,15 @@ function configure_apache2() {
function install_cloud_scripts() {
# ./cloud_scripts/ has been put there by ../../cloud_scripts_shar_archive.sh
rsync -av ./cloud_scripts/ /
- chmod +x /opt/cloud/bin/* \
+ chmod +x /opt/cloud/bin/* /opt/cloud/bin/setup/* \
/root/{clearUsageRules.sh,reconfigLB.sh,monitorServices.py} \
- /etc/init.d/{cloud-early-config,cloud-passwd-srvr} \
/etc/profile.d/cloud.sh
- cat > /etc/systemd/system/cloud-early-config.service << EOF
-[Unit]
-Description=cloud-early-config: configures systemvm using cmdline
-DefaultDependencies=no
-
-Before=network-pre.target
-Wants=network-pre.target
-
-Requires=local-fs.target
-After=local-fs.target
-
-[Install]
-WantedBy=multi-user.target
-
-[Service]
-Type=oneshot
-ExecStart=/etc/init.d/cloud-early-config start
-ExecStop=/etc/init.d/cloud-early-config stop
-RemainAfterExit=true
-TimeoutStartSec=5min
-
-EOF
-
- cat > /etc/systemd/system/cloud.service << EOF
-[Unit]
-Description=cloud: startup cloud service
-After=cloud-early-config.service network.target local-fs.target
-
-[Install]
-WantedBy=multi-user.target
-
-[Service]
-Type=simple
-WorkingDirectory=/usr/local/cloud/systemvm
-ExecStart=/usr/local/cloud/systemvm/_run.sh
-Restart=always
-RestartSec=5
-EOF
-
- cat > /etc/systemd/system/cloud-passwd-srvr.service << EOF
-[Unit]
-Description=cloud-passwd-srvr: cloud password server
-After=network.target local-fs.target
-
-[Install]
-WantedBy=multi-user.target
-
-[Service]
-Type=forking
-ExecStart=/etc/init.d/cloud-passwd-srvr start
-ExecStop=/etc/init.d/cloud-passwd-srvr stop
-Restart=always
-RestartSec=5
-EOF
+ chmod -x /etc/systemd/system/*
systemctl daemon-reload
systemctl enable cloud-early-config
- systemctl disable cloud
- systemctl disable cloud-passwd-srvr
+ systemctl enable cloud-postinit
}
function do_signature() {
diff --git a/tools/appliance/definitions/systemvmtemplate/definition.rb b/tools/appliance/definitions/systemvmtemplate/definition.rb
index 33c8e8b..03be568 100644
--- a/tools/appliance/definitions/systemvmtemplate/definition.rb
+++ b/tools/appliance/definitions/systemvmtemplate/definition.rb
@@ -81,11 +81,11 @@ config = {
'configure_systemvm_services.sh',
'authorized_keys.sh',
'configure_persistent_config.sh',
+ # setup login stuff
+ 'configure_login.sh',
# cleanup & space-saving
'cleanup.sh',
- 'zerodisk.sh',
- # setup login stuff
- 'configure_login.sh'
+ 'finalize.sh'
],
:postinstall_timeout => '10000'
}
diff --git a/tools/appliance/definitions/systemvmtemplate/zerodisk.sh b/tools/appliance/definitions/systemvmtemplate/finalize.sh
similarity index 68%
rename from tools/appliance/definitions/systemvmtemplate/zerodisk.sh
rename to tools/appliance/definitions/systemvmtemplate/finalize.sh
index d002316..1a25e39 100644
--- a/tools/appliance/definitions/systemvmtemplate/zerodisk.sh
+++ b/tools/appliance/definitions/systemvmtemplate/finalize.sh
@@ -19,6 +19,26 @@
set -e
set -x
+function configure_misc() {
+ rm -fv /home/cloud/*.sh
+ echo "cloud:`openssl rand -base64 32`" | chpasswd
+}
+
+function configure_sudoers() {
+ cat >/etc/sudoers <<END
+Defaults env_reset
+Defaults exempt_group=admin
+Defaults mail_badpass
+Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+
+root ALL=(ALL:ALL) ALL
+%admin ALL=NOPASSWD:/bin/chmod, /bin/cp, /bin/mkdir, /bin/mount, /bin/umount
+
+#includedir /etc/sudoers.d
+END
+ echo 'cloud ALL=NOPASSWD:/bin/chmod, /bin/cp, /bin/mkdir, /bin/mount, /bin/umount, /sbin/halt' > /etc/sudoers.d/cloud
+}
+
# clean up stuff copied in by veewee
function cleanup_veewee() {
# this has to be here since it is the last file to run (and we remove ourselves)
@@ -31,19 +51,22 @@ function cleanup_veewee() {
# Zero out the free space to save space in the final image:
function zero_disk() {
- cleanup_veewee
-
for path in / /boot /var/log /tmp
do
dd if=/dev/zero of=${path}/zero bs=1M || true
sync
rm -f ${path}/zero
done
+ df -h
+}
- for partition in $(blkid -o list | grep ext | awk '{print $1}')
- do
- tune2fs -m0 $partition
- done
+function finalize() {
+ configure_misc
+ configure_sudoers
+ cleanup_veewee
+ sync
+ zero_disk
+ halt -p
}
-return 2>/dev/null || zero_disk
+return 2>/dev/null || finalize
diff --git a/tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh b/tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh
index 2cceb98..40ff6df 100644
--- a/tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh
+++ b/tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh
@@ -53,7 +53,7 @@ function install_packages() {
fi
${apt_get} install grub-legacy \
- rsyslog logrotate cron net-tools ifupdown vim tmux netbase iptables \
+ rsyslog logrotate cron net-tools ifupdown vim netbase iptables \
openssh-server e2fsprogs tcpdump socat wget \
python bzip2 sed gawk diffutils grep gzip less tar telnet ftp rsync traceroute psmisc lsof procps \
inetutils-ping iputils-arping httping curl \
@@ -67,7 +67,6 @@ function install_packages() {
xenstore-utils libxenstore3.0 \
ipvsadm conntrackd libnetfilter-conntrack3 \
keepalived irqbalance \
- libnl-3-200 libnl-genl-3-200 \
ipcalc \
openjdk-8-jre-headless \
ipset \
@@ -80,16 +79,14 @@ function install_packages() {
strongswan libcharon-extra-plugins libstrongswan-extra-plugins \
virt-what open-vm-tools qemu-guest-agent hyperv-daemons
+ apt-get -y autoremove --purge
+ apt-get autoclean
+ apt-get clean
+
# Install xenserver guest utilities as debian repos don't have it
wget https://mirrors.kernel.org/ubuntu/pool/universe/x/xe-guest-utilities/xe-guest-utilities_7.4.0-0ubuntu1_amd64.deb
dpkg -i xe-guest-utilities_7.4.0-0ubuntu1_amd64.deb
rm -f xe-guest-utilities_7.4.0-0ubuntu1_amd64.deb
-
- apt-get autoclean
- apt-get clean
-
- apt-get update
- apt-get -y upgrade
}
return 2>/dev/null || install_packages
diff --git a/tools/appliance/definitions/systemvmtemplate/preseed.cfg b/tools/appliance/definitions/systemvmtemplate/preseed.cfg
index 99bd6eb..5a8e2d9 100644
--- a/tools/appliance/definitions/systemvmtemplate/preseed.cfg
+++ b/tools/appliance/definitions/systemvmtemplate/preseed.cfg
@@ -57,7 +57,7 @@ d-i partman-auto/method string regular
d-i partman-auto/choose_recipe select atomic
d-i partman-auto/expert_recipe string \
boot-root :: \
- 80 50 100 ext2 \
+ 50 50 50 ext2 \
$primary{ } $bootable{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext2 } \
@@ -68,17 +68,12 @@ d-i partman-auto/expert_recipe string \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ / } \
. \
- 300 50 300 ext4 \
+ 350 50 400 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /var/log } \
. \
- 100 90 100 ext4 \
- method{ format } format{ } \
- use_filesystem{ } filesystem{ ext4 } \
- mountpoint{ /tmp } \
- . \
- 100 100 200 linux-swap \
+ 100 100 100 linux-swap \
method{ swap } format{ } \
.
diff --git a/tools/appliance/shar_cloud_scripts.sh b/tools/appliance/shar_cloud_scripts.sh
index 5504d16..30ae2cb 100755
--- a/tools/appliance/shar_cloud_scripts.sh
+++ b/tools/appliance/shar_cloud_scripts.sh
@@ -37,14 +37,11 @@ TEMP_DIR=`mktemp -d ${TMPDIR}/shar_cloud.XXXXXXXX`
cd ${TEMP_DIR}
mkdir cloud_scripts
mkdir -p cloud_scripts/opt/cloudstack
-cp -r ${CLOUDSTACK_DIR}/systemvm/patches/debian/config/* cloud_scripts/
-cp -r ${CLOUDSTACK_DIR}/systemvm/patches/debian/vpn/* cloud_scripts/
+cp -r ${CLOUDSTACK_DIR}/systemvm/debian/* cloud_scripts/
mkdir -p cloud_scripts/usr/share/cloud
-cd ${CLOUDSTACK_DIR}/systemvm/patches/debian/config
+cd ${CLOUDSTACK_DIR}/systemvm/debian
tar -cf ${TEMP_DIR}/cloud_scripts/usr/share/cloud/cloud-scripts.tar *
-cd ${CLOUDSTACK_DIR}/systemvm/patches/debian/vpn
-tar -rf ${TEMP_DIR}/cloud_scripts/usr/share/cloud/cloud-scripts.tar *
cd ${TEMP_DIR}
shar `find . -print` > ${CURR_DIR}/cloud_scripts_shar_archive.sh
diff --git a/tools/marvin/marvin/config/test_data.py b/tools/marvin/marvin/config/test_data.py
index da74cb5..b2a969c 100644
--- a/tools/marvin/marvin/config/test_data.py
+++ b/tools/marvin/marvin/config/test_data.py
@@ -1721,24 +1721,24 @@ test_data = {
"VHD": {
"templatename": "XenUploadtemplate",
"displaytext": "XenUploadtemplate",
- "url": "http://people.apache.org/~sanjeev/centos56-x86_64.vhd.bz2",
+ "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-xen.vhd.bz2",
"hypervisor":"XenServer",
- "checksum": "09b08b6abb1b903fca7711d3ac8d6598",
+ "checksum": "54ebc933e6e07ae58c0dc97dfd37c824",
"ostypeid":"74affaea-c658-11e4-ad38-a6d1374244b4"
},
"OVA": {
"templatename": "VMwareUploadtemplate",
"displaytext": "VMwareUploadtemplate",
- "url": "http://people.apache.org/~sanjeev/CentOS5.3-x86_64.ova",
- "checksum": "02de0576dd3a61ab59c03fd795fc86ac",
+ "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-vmware.ova",
+ "checksum": "d6d97389b129c7d898710195510bf4fb",
"hypervisor":"VMware",
"ostypeid":"74affaea-c658-11e4-ad38-a6d1374244b4"
},
"QCOW2": {
"templatename": "KVMUploadtemplate",
"displaytext": "VMwareUploadtemplate",
- "url": "http://people.apache.org/~sanjeev/eec2209b-9875-3c8d-92be-c001bd8a0faf.qcow2.bz2",
- "checksum": "da997b697feaa2f1f6e0d4785b0cece2",
+ "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-kvm.qcow2.bz2",
+ "checksum": "ada77653dcf1e59495a9e1ac670ad95f",
"hypervisor":"KVM",
"ostypeid":"2e02e376-cdf3-11e4-beb3-8aa6272b57ef"
},
@@ -1824,7 +1824,7 @@ test_data = {
"name": "testISO",
"bootable": True,
"ispublic": False,
- "url": "http://people.apache.org/~sanjeev/CentOS-6.3-x86_64-bin-DVD1.iso",
+ "url": "http://dl.openvm.eu/cloudstack/iso/TinyCore-8.0.iso",
"ostype": 'CentOS 6.3 (64-bit)',
"mode": 'HTTP_DOWNLOAD'
},
diff --git a/tools/travis/before_install.sh b/tools/travis/before_install.sh
index 409bf8a..c31213e 100755
--- a/tools/travis/before_install.sh
+++ b/tools/travis/before_install.sh
@@ -100,7 +100,7 @@ pip install --user --upgrade pip
for ((i=0;i<$RETRY_COUNT;i++))
do
- pip install --user --upgrade lxml paramiko nose texttable ipmisim pyopenssl > /tmp/piplog
+ pip install --user --upgrade lxml paramiko nose texttable ipmisim pyopenssl mock flask netaddr pylint pep8 > /tmp/piplog
if [[ $? -eq 0 ]]; then
echo -e "\npython packages installed successfully"
break;
diff --git a/tools/travis/install.sh b/tools/travis/install.sh
index d759528..6744979 100755
--- a/tools/travis/install.sh
+++ b/tools/travis/install.sh
@@ -25,9 +25,13 @@ export MAVEN_OPTS="-Xmx4096m -XX:MaxPermSize=800m -Djava.security.egd=file:/dev/
set -e
if [ $TEST_SEQUENCE_NUMBER -eq 1 ]; then
+ # Pylint/pep8 systemvm python codebase
+ cd systemvm/test && bash -x runtests.sh && cd ../..
+ # Build noredist
git clone https://github.com/rhtyd/cloudstack-nonoss.git nonoss
cd nonoss && bash -x install-non-oss.sh && cd ..
git clean -fdx .
+ # Perform rat checks
mvn -P developer,systemvm -Dsimulator -Dnoredist --projects='org.apache.cloudstack:cloudstack' org.apache.rat:apache-rat-plugin:0.12:check
mvn -q -B -P developer,systemvm -Dsimulator -Dnoredist clean install
else
diff --git a/tools/whisker/LICENSE b/tools/whisker/LICENSE
index d14a974..e107c4f 100644
--- a/tools/whisker/LICENSE
+++ b/tools/whisker/LICENSE
@@ -2758,7 +2758,7 @@ Within the deps/awsapi-lib directory
from VMware, Inc http://www.vmware.com/
rabbitmq-client.jar from http://www.rabbitmq.com/java-client.html
-Within the patches/systemvm/debian/config/etc directory
+Within the systemvm/debian/etc directory
placed in the public domain
by Adiscon GmbH http://www.adiscon.com/
rsyslog.conf
@@ -2766,14 +2766,14 @@ Within the patches/systemvm/debian/config/etc directory
dnsmasq.conf
vpcdnsmasq.conf
-Within the patches/systemvm/debian/config/etc/apache2 directory
+Within the systemvm/debian/config/etc/apache2 directory
licensed under the Apache License, Version 2 http://www.apache.org/licenses/LICENSE-2.0.txt (as above)
Copyright (c) 2012 The Apache Software Foundation
from The Apache Software Foundation http://www.apache.org/
httpd.conf
vhost.template
-Within the patches/systemvm/debian/config/etc/ssh/ directory
+Within the systemvm/debian/etc/ssh/ directory
licensed under the BSD (2-clause) http://www.opensource.org/licenses/BSD-2-Clause (as follows)
@@ -2804,7 +2804,7 @@ Within the patches/systemvm/debian/config/etc/ssh/ directory
from OpenSSH Project http://www.openssh.org/
sshd_config
-Within the patches/systemvm/debian/config/root/redundant_router directory
+Within the systemvm/debian/root/redundant_router directory
placed in the public domain
by The netfilter.org project http://www.netfilter.org/
conntrackd.conf.templ
diff --git a/tools/whisker/descriptor-for-packaging.xml b/tools/whisker/descriptor-for-packaging.xml
index 579e9d7..2d2e719 100644
--- a/tools/whisker/descriptor-for-packaging.xml
+++ b/tools/whisker/descriptor-for-packaging.xml
@@ -2452,7 +2452,7 @@ This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).
</primary-notice>
<primary-organisation id='apache.org'/>
- <within dir='patches/systemvm/debian/config/etc/apache2'>
+ <within dir='systemvm/debian/etc/apache2'>
<with-license id='ApacheLicenseVersion2'>
<copyright-notice>
Copyright (c) 2012 The Apache Software Foundation
@@ -2463,7 +2463,7 @@ Copyright (c) 2012 The Apache Software Foundation
</by-organisation>
</with-license>
</within>
- <within dir='patches/systemvm/debian/config/etc'>
+ <within dir='systemvm/debian/etc'>
<public-domain>
<by-organisation id='adiscon.com'>
<resource name='rsyslog.conf' />
@@ -2474,14 +2474,14 @@ Copyright (c) 2012 The Apache Software Foundation
</by-organisation>
</public-domain>
</within>
- <within dir='patches/systemvm/debian/config/root/redundant_router'>
+ <within dir='systemvm/debian/root/redundant_router'>
<public-domain>
<by-organisation id='netfilter.org'>
<resource name='conntrackd.conf.templ' />
</by-organisation>
</public-domain>
</within>
- <within dir='patches/systemvm/debian/config/etc/ssh/'>
+ <within dir='systemvm/debian/etc/ssh/'>
<with-license id='BSD2ClauseGeneric'>
<copyright-notice />
<by-organisation id='openssh.org'>
diff --git a/tools/whisker/descriptor.xml b/tools/whisker/descriptor.xml
index 0b6ded5..fdd8da2 100644
--- a/tools/whisker/descriptor.xml
+++ b/tools/whisker/descriptor.xml
@@ -2436,7 +2436,7 @@ This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).
</primary-notice>
<primary-organisation id='apache.org'/>
- <within dir='patches/systemvm/debian/config/etc/apache2'>
+ <within dir='systemvm/debian/etc/apache2'>
<with-license id='ApacheLicenseVersion2'>
<copyright-notice>
Copyright (c) 2012 The Apache Software Foundation
@@ -2447,7 +2447,7 @@ Copyright (c) 2012 The Apache Software Foundation
</by-organisation>
</with-license>
</within>
- <within dir='patches/systemvm/debian/config/etc'>
+ <within dir='systemvm/debian/etc'>
<public-domain>
<by-organisation id='adiscon.com'>
<resource name='rsyslog.conf' />
@@ -2458,14 +2458,14 @@ Copyright (c) 2012 The Apache Software Foundation
</by-organisation>
</public-domain>
</within>
- <within dir='patches/systemvm/debian/config/root/redundant_router'>
+ <within dir='systemvm/debian/root/redundant_router'>
<public-domain>
<by-organisation id='netfilter.org'>
<resource name='conntrackd.conf.templ' />
</by-organisation>
</public-domain>
</within>
- <within dir='patches/systemvm/debian/config/etc/ssh/'>
+ <within dir='systemvm/debian/etc/ssh/'>
<with-license id='BSD2ClauseGeneric'>
<copyright-notice />
<by-organisation id='openssh.org'>
diff --git a/utils/src/main/java/com/cloud/utils/nio/Link.java b/utils/src/main/java/com/cloud/utils/nio/Link.java
index 35211c8..25f6662 100644
--- a/utils/src/main/java/com/cloud/utils/nio/Link.java
+++ b/utils/src/main/java/com/cloud/utils/nio/Link.java
@@ -505,7 +505,7 @@ public class Link {
s_logger.error(String.format("SSL error caught during unwrap data: %s, for local address=%s, remote address=%s. The client may have invalid ca-certificates.",
sslException.getMessage(), socketChannel.getLocalAddress(), socketChannel.getRemoteAddress()));
sslEngine.closeOutbound();
- return new HandshakeHolder(peerAppData, peerNetData, true);
+ return new HandshakeHolder(peerAppData, peerNetData, false);
}
if (result == null) {
return new HandshakeHolder(peerAppData, peerNetData, false);
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 16/34: refactor tests,
introduce a new get_test_template that returns a small testing
template such as macchinina etc.
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 83b5e1e6b755b4b84e3ccbe721bd298dce9f4271
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Mon Dec 11 02:09:46 2017 +0530
refactor tests, introduce a new get_test_template that returns a small testing template such as macchinina etc.
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
.../smoke/test_deploy_vm_with_userdata.py | 11 +--
...st_deploy_vms_with_varied_deploymentplanners.py | 9 +-
test/integration/smoke/test_internal_lb.py | 53 ++----------
test/integration/smoke/test_loadbalance.py | 10 +--
test/integration/smoke/test_metrics_api.py | 4 +-
test/integration/smoke/test_multipleips_per_nic.py | 7 +-
test/integration/smoke/test_network_acl.py | 9 +-
test/integration/smoke/test_nic_adapter_type.py | 6 +-
test/integration/smoke/test_password_server.py | 7 +-
test/integration/smoke/test_portforwardingrules.py | 6 +-
test/integration/smoke/test_privategw_acl.py | 7 +-
test/integration/smoke/test_router_dns.py | 11 ++-
test/integration/smoke/test_router_dnsservice.py | 11 +--
test/integration/smoke/test_routers.py | 12 ++-
.../smoke/test_routers_iptables_default_policy.py | 15 ++--
test/integration/smoke/test_routers_network_ops.py | 71 ++--------------
test/integration/smoke/test_service_offerings.py | 9 +-
test/integration/smoke/test_snapshots.py | 65 +--------------
test/integration/smoke/test_vpc_redundant.py | 55 ++-----------
test/integration/smoke/test_vpc_vpn.py | 92 ++-------------------
.../definitions/systemvmtemplate/cleanup.sh | 1 -
tools/marvin/marvin/lib/base.py | 7 +-
tools/marvin/marvin/lib/common.py | 95 ++++++++++++++++++++++
23 files changed, 203 insertions(+), 370 deletions(-)
diff --git a/test/integration/smoke/test_deploy_vm_with_userdata.py b/test/integration/smoke/test_deploy_vm_with_userdata.py
index 96c9986..52b71f7 100644
--- a/test/integration/smoke/test_deploy_vm_with_userdata.py
+++ b/test/integration/smoke/test_deploy_vm_with_userdata.py
@@ -19,7 +19,7 @@ from marvin.cloudstackTestCase import cloudstackTestCase
from marvin.lib.base import (ServiceOffering,
VirtualMachine,
Account)
-from marvin.lib.common import get_template, get_zone, list_virtual_machines
+from marvin.lib.common import get_test_template, get_zone, list_virtual_machines
from marvin.lib.utils import cleanup_resources
from nose.plugins.attrib import attr
from marvin.codes import FAILED
@@ -37,6 +37,7 @@ class TestDeployVmWithUserData(cloudstackTestCase):
cls.services = testClient.getParsedTestDataConfig()
cls.zone = get_zone(cls.apiClient, testClient.getZoneForTests())
+ cls.hypervisor = testClient.getHypervisorInfo()
if cls.zone.localstorageenabled:
#For devcloud since localstroage is enabled
cls.services["service_offerings"]["tiny"]["storagetype"] = "local"
@@ -46,14 +47,14 @@ class TestDeployVmWithUserData(cloudstackTestCase):
)
cls.account = Account.create(cls.apiClient, services=cls.services["account"])
cls.cleanup = [cls.account]
- cls.template = get_template(
+ cls.template = get_test_template(
cls.apiClient,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
if cls.template == FAILED:
- assert False, "get_template() failed to return template with description %s" % cls.services["ostype"]
+ assert False, "get_test_template() failed to return template"
cls.debug("Successfully created account: %s, id: \
%s" % (cls.account.name,\
@@ -68,7 +69,7 @@ class TestDeployVmWithUserData(cloudstackTestCase):
cls.services["virtual_machine"]["userdata"] = user_data
def setup(self):
- self.hypervisor = self.testClient.getHypervisorInfo()
+ self.hypervisor = self.testClient.getHypervisorInfo()
@attr(tags=["devcloud", "basic", "advanced", "post"], required_hardware="true")
def test_deployvm_userdata_post(self):
diff --git a/test/integration/smoke/test_deploy_vms_with_varied_deploymentplanners.py b/test/integration/smoke/test_deploy_vms_with_varied_deploymentplanners.py
index 1ef6af9..62ba1a4 100644
--- a/test/integration/smoke/test_deploy_vms_with_varied_deploymentplanners.py
+++ b/test/integration/smoke/test_deploy_vms_with_varied_deploymentplanners.py
@@ -18,7 +18,7 @@
from marvin.codes import FAILED
from marvin.cloudstackTestCase import cloudstackTestCase
from marvin.lib.base import Account, VirtualMachine, ServiceOffering, Host, Cluster
-from marvin.lib.common import get_zone, get_domain, get_template
+from marvin.lib.common import get_zone, get_domain, get_test_template
from marvin.lib.utils import cleanup_resources
from nose.plugins.attrib import attr
@@ -36,14 +36,15 @@ class TestDeployVmWithVariedPlanners(cloudstackTestCase):
# Get Zone, Domain and templates
cls.domain = get_domain(cls.apiclient)
cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests())
- cls.template = get_template(
+ cls.hypervisor = testClient.getHypervisorInfo()
+ cls.template = get_test_template(
cls.apiclient,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
if cls.template == FAILED:
- assert False, "get_template() failed to return template with description %s" % cls.services["ostype"]
+ assert False, "get_test_template() failed to return template"
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
cls.services["template"] = cls.template.id
diff --git a/test/integration/smoke/test_internal_lb.py b/test/integration/smoke/test_internal_lb.py
index 379bbb0..21a6f40 100644
--- a/test/integration/smoke/test_internal_lb.py
+++ b/test/integration/smoke/test_internal_lb.py
@@ -47,7 +47,7 @@ from marvin.sshClient import SshClient
from marvin.lib.common import (get_zone,
get_domain,
- get_template,
+ get_test_template,
list_network_offerings)
from marvin.lib.decoratorGenerators import skipTestIf
@@ -221,44 +221,6 @@ class Services:
"privateport": 22,
"publicport": 22,
"protocol": 'TCP',
- },
- "template": {
- "kvm": {
- "name": "tiny-kvm",
- "displaytext": "macchinina kvm",
- "format": "qcow2",
- "hypervisor": "kvm",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-kvm.qcow2.bz2",
- "requireshvm": "True"
- },
- "xenserver": {
- "name": "tiny-xen",
- "displaytext": "macchinina xen",
- "format": "vhd",
- "hypervisor": "xenserver",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-xen.vhd.bz2",
- "requireshvm": "True",
- },
- "hyperv": {
- "name": "tiny-hyperv",
- "displaytext": "macchinina xen",
- "format": "vhd",
- "hypervisor": "hyperv",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-hyperv.vhd.zip",
- "requireshvm": "True",
- },
- "vmware": {
- "name": "tiny-vmware",
- "displaytext": "macchinina vmware",
- "format": "ova",
- "hypervisor": "vmware",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-vmware.ova",
- "requireshvm": "True",
- }
}
}
@@ -294,12 +256,14 @@ class TestInternalLb(cloudstackTestCase):
cls.hypervisor = testClient.getHypervisorInfo()
- cls.logger.debug("Downloading Template: %s from: %s" %(cls.services["template"][cls.hypervisor.lower()], cls.services["template"][cls.hypervisor.lower()]["url"]))
- cls.template = Template.register(cls.apiclient, cls.services["template"][cls.hypervisor.lower()], cls.zone.id, hypervisor=cls.hypervisor.lower(), account=cls.account.name, domainid=cls.domain.id)
- cls.template.download(cls.apiclient)
+ cls.template = get_test_template(
+ cls.apiclient,
+ cls.zone.id,
+ cls.hypervisor
+ )
if cls.template == FAILED:
- assert False, "get_template() failed to return template"
+ assert False, "get_test_template() failed to return template"
cls.logger.debug("Successfully created account: %s, id: \
%s" % (cls.account.name,
@@ -857,9 +821,6 @@ class TestInternalLb(cloudstackTestCase):
def tearDownClass(cls):
try:
cls.logger.debug("Cleaning up class resources")
- try:
- cls.template.delete(cls.apiclient)
- except Exception: pass
cleanup_resources(cls.apiclient, cls._cleanup)
except Exception as e:
raise Exception("Cleanup failed with %s" % e)
diff --git a/test/integration/smoke/test_loadbalance.py b/test/integration/smoke/test_loadbalance.py
index 8e958a9..53047f9 100644
--- a/test/integration/smoke/test_loadbalance.py
+++ b/test/integration/smoke/test_loadbalance.py
@@ -40,14 +40,14 @@ class TestLoadBalance(cloudstackTestCase):
# Get Zone, Domain and templates
cls.domain = get_domain(cls.apiclient)
cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests())
- template = get_template(
+ cls.hypervisor = testClient.getHypervisorInfo()
+ template = get_test_template(
cls.apiclient,
cls.zone.id,
- cls.services["ostype"]
- )
+ cls.hypervisor)
if template == FAILED:
- assert False, "get_template() failed to return template with description %s" % cls.services["ostype"]
-
+ assert False, "get_test_template() failed to return template"
+
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
#Create an account, network, VM and IP addresses
diff --git a/test/integration/smoke/test_metrics_api.py b/test/integration/smoke/test_metrics_api.py
index 27c4a1b..7cd09b4 100644
--- a/test/integration/smoke/test_metrics_api.py
+++ b/test/integration/smoke/test_metrics_api.py
@@ -49,10 +49,10 @@ class TestMetrics(cloudstackTestCase):
self.apiclient,
self.services["service_offering"]
)
- self.template = get_template(
+ self.template = get_test_template(
self.apiclient,
self.zone.id,
- self.services["ostype"]
+ self.hypervisor
)
self.cleanup = []
diff --git a/test/integration/smoke/test_multipleips_per_nic.py b/test/integration/smoke/test_multipleips_per_nic.py
index 4093356..3078328 100644
--- a/test/integration/smoke/test_multipleips_per_nic.py
+++ b/test/integration/smoke/test_multipleips_per_nic.py
@@ -30,7 +30,7 @@ from marvin.lib.base import Account, VirtualMachine, ServiceOffering
from marvin.lib.utils import cleanup_resources
#common - commonly used methods for all tests are listed here
-from marvin.lib.common import get_zone, get_domain, get_template
+from marvin.lib.common import get_zone, get_domain, get_test_template
from marvin.cloudstackAPI.addIpToNic import addIpToNicCmd
from marvin.cloudstackAPI.removeIpFromNic import removeIpFromNicCmd
@@ -50,11 +50,12 @@ class TestDeployVM(cloudstackTestCase):
# Get Zone, Domain and Default Built-in template
self.domain = get_domain(self.apiclient)
self.zone = get_zone(self.apiclient, self.testClient.getZoneForTests())
+ self.hypervisor = self.testClient.getHypervisorInfo()
self.testdata["mode"] = self.zone.networktype
- self.template = get_template(self.apiclient, self.zone.id, self.testdata["ostype"])
+ self.template = get_test_template(self.apiclient, self.zone.id, self.hypervisor)
if self.template == FAILED:
- assert False, "get_template() failed to return template with description %s" % self.testdata["ostype"]
+ assert False, "get_test_template() failed to return template"
#create a user account
self.account = Account.create(
diff --git a/test/integration/smoke/test_network_acl.py b/test/integration/smoke/test_network_acl.py
index 734c312..7b8aa36 100644
--- a/test/integration/smoke/test_network_acl.py
+++ b/test/integration/smoke/test_network_acl.py
@@ -34,20 +34,21 @@ class TestNetworkACL(cloudstackTestCase):
cls.services = testClient.getParsedTestDataConfig()
cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests())
+ cls.hypervisor = testClient.getHypervisorInfo()
cls.domain = get_domain(cls.apiclient)
cls.service_offering = ServiceOffering.create(
cls.apiclient,
cls.services["service_offerings"]["tiny"]
)
cls.account = Account.create(cls.apiclient, services=cls.services["account"])
- cls.template = get_template(
+ cls.template = get_test_template(
cls.apiclient,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
-
+
if cls.template == FAILED:
- assert False, "get_template() failed to return template with description %s" % cls.services["ostype"]
+ assert False, "get_test_template() failed to return template"
cls.debug("Successfully created account: %s, id: \
%s" % (cls.account.name,\
diff --git a/test/integration/smoke/test_nic_adapter_type.py b/test/integration/smoke/test_nic_adapter_type.py
index 91492eb..933b8d9 100644
--- a/test/integration/smoke/test_nic_adapter_type.py
+++ b/test/integration/smoke/test_nic_adapter_type.py
@@ -33,7 +33,7 @@ from marvin.lib.base import (
)
from marvin.lib.common import (get_domain,
get_zone,
- get_template
+ get_test_template
)
from marvin.lib.utils import (
get_hypervisor_type,
@@ -57,10 +57,10 @@ class TestAdapterTypeForNic(cloudstackTestCase):
cls.domain = get_domain(cls.api_client)
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
- cls.template = get_template(
+ cls.template = get_test_template(
cls.api_client,
cls.zone.id,
- cls.testdata["ostype"])
+ cls.hypervisor)
# Create Accounts & networks
cls.testdata["isolated_network"]["zoneid"] = cls.zone.id
diff --git a/test/integration/smoke/test_password_server.py b/test/integration/smoke/test_password_server.py
index 98c5ced..b623313 100644
--- a/test/integration/smoke/test_password_server.py
+++ b/test/integration/smoke/test_password_server.py
@@ -35,7 +35,7 @@ from marvin.lib.base import (ServiceOffering,
Network,
Router)
from marvin.lib.common import (get_zone,
- get_template,
+ get_test_template,
get_domain,
list_virtual_machines,
list_networks,
@@ -69,11 +69,12 @@ class TestIsolatedNetworksPasswdServer(cloudstackTestCase):
# Get Zone, Domain and templates
cls.domain = get_domain(cls.api_client)
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
cls.services['mode'] = cls.zone.networktype
- template = get_template(
+ template = get_test_template(
cls.api_client,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
diff --git a/test/integration/smoke/test_portforwardingrules.py b/test/integration/smoke/test_portforwardingrules.py
index fbac0b4..11901bd 100644
--- a/test/integration/smoke/test_portforwardingrules.py
+++ b/test/integration/smoke/test_portforwardingrules.py
@@ -38,7 +38,7 @@ from marvin.lib.base import (PublicIPAddress,
User)
from marvin.lib.common import (get_domain,
get_zone,
- get_template)
+ get_test_template)
from marvin.lib.utils import validateList, cleanup_resources
from marvin.codes import PASS
from nose.plugins.attrib import attr
@@ -58,10 +58,10 @@ class TestPortForwardingRules(cloudstackTestCase):
cls.zone = get_zone(
cls.api_client,
cls.testClient.getZoneForTests())
- cls.template = get_template(
+ cls.template = get_test_template(
cls.api_client,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
if cls.zone.localstorageenabled:
cls.storagetype = 'local'
diff --git a/test/integration/smoke/test_privategw_acl.py b/test/integration/smoke/test_privategw_acl.py
index d48eb42..09d3fa4 100644
--- a/test/integration/smoke/test_privategw_acl.py
+++ b/test/integration/smoke/test_privategw_acl.py
@@ -168,11 +168,12 @@ class TestPrivateGwACL(cloudstackTestCase):
# Get Zone, Domain and templates
cls.domain = get_domain(cls.api_client)
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
cls.services['mode'] = cls.zone.networktype
- cls.template = get_template(
+ cls.template = get_test_template(
cls.api_client,
cls.zone.id,
- cls.services["ostype"])
+ cls.hypervisor)
cls.hostConfig = cls.config.__dict__["zones"][0].__dict__["pods"][0].__dict__["clusters"][0].__dict__["hosts"][0].__dict__
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
@@ -183,8 +184,6 @@ class TestPrivateGwACL(cloudstackTestCase):
cls.services["service_offering"])
cls._cleanup = [cls.service_offering]
- cls.hypervisor = cls.testClient.getHypervisorInfo()
-
# Skip rVR related test cases for VMware, for details see
# https://issues.apache.org/jira/browse/CLOUDSTACK-10181
cls.rvrNotSupported = False
diff --git a/test/integration/smoke/test_router_dns.py b/test/integration/smoke/test_router_dns.py
index 9b4ca7e..ec1d275 100644
--- a/test/integration/smoke/test_router_dns.py
+++ b/test/integration/smoke/test_router_dns.py
@@ -29,7 +29,7 @@ from marvin.lib.base import (ServiceOffering,
NetworkOffering,
Network)
from marvin.lib.common import (get_zone,
- get_template,
+ get_test_template,
get_domain,
list_routers,
list_nat_rules,
@@ -51,12 +51,15 @@ class TestRouterDns(cloudstackTestCase):
cls.domain = get_domain(cls.api_client)
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
+
cls.services['mode'] = cls.zone.networktype
- cls.template = get_template(
+ cls.template = get_test_template(
cls.api_client,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
+
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
cls.logger.debug("Creating Admin Account for domain %s on zone %s" % (cls.domain.id, cls.zone.id))
@@ -264,5 +267,5 @@ class TestRouterDns(cloudstackTestCase):
if not result:
self.fail("Did not to receive any response from the guest VM, failing.")
- self.assertTrue("google.com" in result and "#53" in result,
+ self.assertTrue("google.com" in result and "10.1.1.1" in result,
"VR DNS should serve requests from guest network, unable to get valid nslookup result from guest VM.")
diff --git a/test/integration/smoke/test_router_dnsservice.py b/test/integration/smoke/test_router_dnsservice.py
index ffadec7..d0c5a67 100644
--- a/test/integration/smoke/test_router_dnsservice.py
+++ b/test/integration/smoke/test_router_dnsservice.py
@@ -29,7 +29,7 @@ from marvin.lib.base import (ServiceOffering,
NetworkOffering,
Network)
from marvin.lib.common import (get_zone,
- get_template,
+ get_test_template,
get_domain,
list_routers,
list_nat_rules,
@@ -54,11 +54,12 @@ class TestRouterDnsService(cloudstackTestCase):
cls.domain = get_domain(cls.api_client)
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
cls.services['mode'] = cls.zone.networktype
- cls.template = get_template(
+ cls.template = get_test_template(
cls.api_client,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
@@ -267,9 +268,9 @@ class TestRouterDnsService(cloudstackTestCase):
if not result1:
self.fail("Did not to receive any response from the guest VM, failing.")
- self.assertTrue(VM1_NAME in result1 and "#53" in result1,
+ self.assertTrue(VM1_NAME in result1 and "10.1.1.1" in result1,
"VR DNS should serve requests from guest network, ping for %s successful." % VM1_NAME)
- self.assertTrue(VM2_NAME in result2 and "#53" in result2,
+ self.assertTrue(VM2_NAME in result2 and "10.1.1.1" in result2,
"VR DNS should serve requests from guest network, ping for %s successful." % VM2_NAME)
return
diff --git a/test/integration/smoke/test_routers.py b/test/integration/smoke/test_routers.py
index 070841e..dfd5916 100644
--- a/test/integration/smoke/test_routers.py
+++ b/test/integration/smoke/test_routers.py
@@ -31,7 +31,7 @@ from marvin.lib.base import (Account,
VirtualMachine)
from marvin.lib.common import (get_domain,
get_zone,
- get_template,
+ get_test_template,
list_hosts,
list_routers,
list_networks,
@@ -57,17 +57,15 @@ class TestRouterServices(cloudstackTestCase):
# Get Zone, Domain and templates
cls.domain = get_domain(cls.apiclient)
cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests())
+ cls.hypervisor = testClient.getHypervisorInfo()
cls.services['mode'] = cls.zone.networktype
- template = get_template(
+ template = get_test_template(
cls.apiclient,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
if template == FAILED:
- cls.fail(
- "get_template() failed to return template\
- with description %s" %
- cls.services["ostype"])
+ cls.fail("get_test_template() failed to return template")
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
diff --git a/test/integration/smoke/test_routers_iptables_default_policy.py b/test/integration/smoke/test_routers_iptables_default_policy.py
index ec35396..c077b56 100644
--- a/test/integration/smoke/test_routers_iptables_default_policy.py
+++ b/test/integration/smoke/test_routers_iptables_default_policy.py
@@ -35,7 +35,7 @@ from marvin.lib.base import (stopRouter,
LoadBalancerRule)
from marvin.lib.common import (get_domain,
get_zone,
- get_template,
+ get_test_template,
list_routers,
list_hosts)
from marvin.lib.utils import (cleanup_resources,
@@ -214,10 +214,12 @@ class TestVPCIpTablesPolicies(cloudstackTestCase):
# Get Zone, Domain and templates
cls.domain = get_domain(cls.apiclient)
cls.zone = get_zone(cls.apiclient, cls.testClient.getZoneForTests())
- cls.template = get_template(
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
+ cls.template = get_test_template(
cls.apiclient,
cls.zone.id,
- cls.services["ostype"])
+ cls.hypervisor)
+
cls.hostConfig = cls.config.__dict__["zones"][0].__dict__["pods"][0].__dict__["clusters"][0].__dict__["hosts"][0].__dict__
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
@@ -366,11 +368,12 @@ class TestRouterIpTablesPolicies(cloudstackTestCase):
# Get Zone, Domain and templates
cls.domain = get_domain(cls.apiclient)
cls.zone = get_zone(cls.apiclient, cls.testClient.getZoneForTests())
- cls.template = get_template(
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
+ cls.template = get_test_template(
cls.apiclient,
cls.zone.id,
- cls.services["ostype"])
-
+ cls.hypervisor)
+
cls.hostConfig = cls.config.__dict__["zones"][0].__dict__["pods"][0].__dict__["clusters"][0].__dict__["hosts"][0].__dict__
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
cls.services["virtual_machine"]["template"] = cls.template.id
diff --git a/test/integration/smoke/test_routers_network_ops.py b/test/integration/smoke/test_routers_network_ops.py
index 09eb4f3..c189437 100644
--- a/test/integration/smoke/test_routers_network_ops.py
+++ b/test/integration/smoke/test_routers_network_ops.py
@@ -39,7 +39,7 @@ from marvin.lib.base import (ServiceOffering,
Router,
EgressFireWallRule)
from marvin.lib.common import (get_zone,
- get_template,
+ get_test_template,
get_domain,
list_virtual_machines,
list_networks,
@@ -67,57 +67,6 @@ def check_router_command(virtual_machine, public_ip, ssh_command, check_string,
return result.count(check_string)
-class Templates:
- """Test data for templates
- """
-
- def __init__(self):
- self.templates = {
- "macchinina": {
- "kvm": {
- "name": "tiny-kvm",
- "displaytext": "macchinina kvm",
- "format": "qcow2",
- "hypervisor": "kvm",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-kvm.qcow2.bz2",
- "requireshvm": "True",
- "ispublic": "True",
- },
- "xenserver": {
- "name": "tiny-xen",
- "displaytext": "macchinina xen",
- "format": "vhd",
- "hypervisor": "xen",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-xen.vhd.bz2",
- "requireshvm": "True",
- "ispublic": "True",
- },
- "hyperv": {
- "name": "tiny-hyperv",
- "displaytext": "macchinina xen",
- "format": "vhd",
- "hypervisor": "hyperv",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-hyperv.vhd.zip",
- "requireshvm": "True",
- "ispublic": "True",
- },
- "vmware": {
- "name": "tiny-vmware",
- "displaytext": "macchinina vmware",
- "format": "ova",
- "hypervisor": "vmware",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-vmware.ova",
- "requireshvm": "True",
- "ispublic": "True",
- },
- }
- }
-
-
class TestRedundantIsolateNetworks(cloudstackTestCase):
@classmethod
@@ -146,15 +95,9 @@ class TestRedundantIsolateNetworks(cloudstackTestCase):
cls.rvrNotSupported = True
return
- macchinina = Templates().templates["macchinina"]
- cls.logger.debug("Downloading Template: %s from: %s" % (macchinina[cls.hypervisor.lower()],
- macchinina[cls.hypervisor.lower()]["url"]))
- cls.template = Template.register(cls.api_client, macchinina[cls.hypervisor.lower()],
- cls.zone.id, hypervisor=cls.hypervisor.lower(), domainid=cls.domain.id)
- cls.template.download(cls.api_client)
-
+ cls.template = get_test_template(cls.api_client, cls.zone.id, cls.hypervisor)
if cls.template == FAILED:
- assert False, "get_template() failed to return template"
+ assert False, "get_test_template() failed to return template"
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
cls.services["virtual_machine"]["template"] = cls.template.id
@@ -193,8 +136,7 @@ class TestRedundantIsolateNetworks(cloudstackTestCase):
cls._cleanup = [
cls.service_offering,
- cls.account,
- cls.template
+ cls.account
]
return
@@ -723,11 +665,12 @@ class TestIsolatedNetworks(cloudstackTestCase):
# Get Zone, Domain and templates
cls.domain = get_domain(cls.api_client)
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
cls.services['mode'] = cls.zone.networktype
- cls.template = get_template(
+ cls.template = get_test_template(
cls.api_client,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
diff --git a/test/integration/smoke/test_service_offerings.py b/test/integration/smoke/test_service_offerings.py
index 519b5ae..42bebe0 100644
--- a/test/integration/smoke/test_service_offerings.py
+++ b/test/integration/smoke/test_service_offerings.py
@@ -31,7 +31,7 @@ from marvin.lib.common import (list_service_offering,
list_virtual_machines,
get_domain,
get_zone,
- get_template)
+ get_test_template)
from nose.plugins.attrib import attr
@@ -163,14 +163,13 @@ class TestServiceOfferings(cloudstackTestCase):
cls.apiclient,
cls.services["service_offerings"]["tiny"]
)
- template = get_template(
+ template = get_test_template(
cls.apiclient,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
if template == FAILED:
- assert False, "get_template() failed to return\
- template with description %s" % cls.services["ostype"]
+ assert False, "get_test_template() failed to return template"
# Set Zones and disk offerings
cls.services["small"]["zoneid"] = cls.zone.id
diff --git a/test/integration/smoke/test_snapshots.py b/test/integration/smoke/test_snapshots.py
index 5761262..a75a1e9 100644
--- a/test/integration/smoke/test_snapshots.py
+++ b/test/integration/smoke/test_snapshots.py
@@ -30,7 +30,7 @@ from marvin.lib.base import (VirtualMachine,
Volume,
DiskOffering)
from marvin.lib.common import (get_domain,
- get_template,
+ get_test_template,
get_zone,
get_pod,
list_volumes,
@@ -41,57 +41,6 @@ from marvin.lib.decoratorGenerators import skipTestIf
from marvin.codes import PASS
-class Templates:
- """Test data for templates
- """
-
- def __init__(self):
- self.templates = {
- "macchinina": {
- "kvm": {
- "name": "tiny-kvm",
- "displaytext": "macchinina kvm",
- "format": "qcow2",
- "hypervisor": "kvm",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-kvm.qcow2.bz2",
- "requireshvm": "True",
- "ispublic": "True",
- },
- "xenserver": {
- "name": "tiny-xen",
- "displaytext": "macchinina xen",
- "format": "vhd",
- "hypervisor": "xen",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-xen.vhd.bz2",
- "requireshvm": "True",
- "ispublic": "True",
- },
- "hyperv": {
- "name": "tiny-hyperv",
- "displaytext": "macchinina xen",
- "format": "vhd",
- "hypervisor": "hyperv",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-hyperv.vhd.zip",
- "requireshvm": "True",
- "ispublic": "True",
- },
- "vmware": {
- "name": "tiny-vmware",
- "displaytext": "macchinina vmware",
- "format": "ova",
- "hypervisor": "vmware",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-vmware.ova",
- "requireshvm": "True",
- "ispublic": "True",
- },
- }
- }
-
-
class TestSnapshotRootDisk(cloudstackTestCase):
@classmethod
@@ -113,14 +62,9 @@ class TestSnapshotRootDisk(cloudstackTestCase):
cls._cleanup = []
if not cls.hypervisorNotSupported:
- macchinina = Templates().templates["macchinina"]
- cls.template = Template.register(cls.apiclient, macchinina[cls.hypervisor.lower()],
- cls.zone.id, hypervisor=cls.hypervisor.lower(), domainid=cls.domain.id)
- cls.template.download(cls.apiclient)
-
+ cls.template = get_test_template(cls.apiclient, cl.zone.id, cls.hypervisor)
if cls.template == FAILED:
- assert False, "get_template() failed to return template"
-
+ assert False, "get_test_template() failed to return template"
cls.services["domainid"] = cls.domain.id
cls.services["small"]["zoneid"] = cls.zone.id
@@ -155,7 +99,6 @@ class TestSnapshotRootDisk(cloudstackTestCase):
cls._cleanup.append(cls.service_offering)
cls._cleanup.append(cls.account)
- cls._cleanup.append(cls.template)
cls._cleanup.append(cls.disk_offering)
return
@@ -430,4 +373,4 @@ class TestSnapshotRootDisk(cloudstackTestCase):
"Check list Snapshot response"
)
- return
\ No newline at end of file
+ return
diff --git a/test/integration/smoke/test_vpc_redundant.py b/test/integration/smoke/test_vpc_redundant.py
index 915736d..b87ce43 100644
--- a/test/integration/smoke/test_vpc_redundant.py
+++ b/test/integration/smoke/test_vpc_redundant.py
@@ -40,7 +40,7 @@ from marvin.lib.base import (stopRouter,
Configurations)
from marvin.lib.common import (get_domain,
get_zone,
- get_template,
+ get_test_template,
list_routers,
list_hosts)
from marvin.lib.utils import (cleanup_resources,
@@ -193,49 +193,7 @@ class Services:
"publicport": 22,
"protocol": 'TCP',
},
- "timeout": 10,
- "template": {
- "kvm": {
- "name": "tiny-kvm",
- "displaytext": "macchinina kvm",
- "format": "qcow2",
- "hypervisor": "kvm",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-kvm.qcow2.bz2",
- "requireshvm": "True",
- "ispublic": "True",
- },
- "xenserver": {
- "name": "tiny-xen",
- "displaytext": "macchinina xen",
- "format": "vhd",
- "hypervisor": "xen",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-xen.vhd.bz2",
- "requireshvm": "True",
- "ispublic": "True",
- },
- "hyperv": {
- "name": "tiny-hyperv",
- "displaytext": "macchinina xen",
- "format": "vhd",
- "hypervisor": "hyperv",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-hyperv.vhd.zip",
- "requireshvm": "True",
- "ispublic": "True",
- },
- "vmware": {
- "name": "tiny-vmware",
- "displaytext": "macchinina vmware",
- "format": "ova",
- "hypervisor": "vmware",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-vmware.ova",
- "requireshvm": "True",
- "ispublic": "True",
- }
- }
+ "timeout": 10
}
@@ -263,12 +221,9 @@ class TestVPCRedundancy(cloudstackTestCase):
cls.rvrNotSupported = True
return
- cls.template = Template.register(cls.api_client, cls.services["template"][cls.hypervisor.lower(
- )], cls.zone.id, hypervisor=cls.hypervisor.lower(), domainid=cls.domain.id)
- cls.template.download(cls.api_client)
-
+ cls.template = get_test_template(cls.api_client, cls.zone.id, cls.hypervisor)
if cls.template == FAILED:
- assert False, "get_template() failed to return template"
+ assert False, "get_test_template() failed to return template"
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
cls.services["virtual_machine"]["template"] = cls.template.id
@@ -276,7 +231,7 @@ class TestVPCRedundancy(cloudstackTestCase):
cls.service_offering = ServiceOffering.create(
cls.api_client,
cls.services["service_offering"])
- cls._cleanup = [cls.service_offering, cls.template]
+ cls._cleanup = [cls.service_offering]
cls.logger = logging.getLogger('TestVPCRedundancy')
cls.stream_handler = logging.StreamHandler()
diff --git a/test/integration/smoke/test_vpc_vpn.py b/test/integration/smoke/test_vpc_vpn.py
index 1c4d418..4ab5971 100644
--- a/test/integration/smoke/test_vpc_vpn.py
+++ b/test/integration/smoke/test_vpc_vpn.py
@@ -52,7 +52,7 @@ from marvin.sshClient import SshClient
from marvin.lib.common import (get_zone,
get_domain,
- get_template,
+ get_test_template,
list_network_offerings)
from nose.plugins.attrib import attr
@@ -215,48 +215,6 @@ class Services:
"privateport": 22,
"publicport": 22,
"protocol": 'TCP',
- },
- "template": {
-
- "kvm": {
- "name": "tiny-kvm",
- "displaytext": "macchinina kvm",
- "format": "qcow2",
- "hypervisor": "kvm",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-kvm.qcow2.bz2",
- "requireshvm": "True",
- },
-
- "xenserver": {
- "name": "tiny-xen",
- "displaytext": "macchinina xen",
- "format": "vhd",
- "hypervisor": "xen",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-xen.vhd.bz2",
- "requireshvm": "True",
- },
-
- "hyperv": {
- "name": "tiny-hyperv",
- "displaytext": "macchinina xen",
- "format": "vhd",
- "hypervisor": "hyperv",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-hyperv.vhd.zip",
- "requireshvm": "True",
- },
-
- "vmware": {
- "name": "tiny-vmware",
- "displaytext": "macchinina vmware",
- "format": "ova",
- "hypervisor": "vmware",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-vmware.ova",
- "requireshvm": "True",
- }
}
}
@@ -287,14 +245,9 @@ class TestVpcRemoteAccessVpn(cloudstackTestCase):
cls.hypervisor = testClient.getHypervisorInfo()
- cls.logger.debug("Downloading Template: %s from: %s" % (cls.services["template"][
- cls.hypervisor.lower()], cls.services["template"][cls.hypervisor.lower()]["url"]))
- cls.template = Template.register(cls.apiclient, cls.services["template"][cls.hypervisor.lower(
- )], cls.zone.id, hypervisor=cls.hypervisor.lower(), account=cls.account.name, domainid=cls.domain.id)
- cls.template.download(cls.apiclient)
-
+ cls.template = get_test_template(cls.apiclient, cls.zone.id, cls.hypervisor)
if cls.template == FAILED:
- assert False, "get_template() failed to return template"
+ assert False, "get_test_template() failed to return template"
cls.logger.debug("Successfully created account: %s, id: \
%s" % (cls.account.name,
@@ -436,9 +389,6 @@ class TestVpcRemoteAccessVpn(cloudstackTestCase):
try:
cls.logger.debug("Cleaning up resources")
- try:
- cls.template.delete(cls.apiclient)
- except Exception: pass
cleanup_resources(cls.apiclient, cls.cleanup)
except Exception, e:
raise Exception("Cleanup failed with %s" % e)
@@ -470,14 +420,9 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
cls.hypervisor = testClient.getHypervisorInfo()
- cls.logger.debug("Downloading Template: %s from: %s" % (cls.services["template"][
- cls.hypervisor.lower()], cls.services["template"][cls.hypervisor.lower()]["url"]))
- cls.template = Template.register(cls.apiclient, cls.services["template"][cls.hypervisor.lower(
- )], cls.zone.id, hypervisor=cls.hypervisor.lower(), account=cls.account.name, domainid=cls.domain.id)
- cls.template.download(cls.apiclient)
-
+ cls.template = get_test_template(cls.apiclient, cls.zone.id, cls.hypervisor)
if cls.template == FAILED:
- assert False, "get_template() failed to return template"
+ assert False, "get_test_template() failed to return template"
cls.logger.debug("Successfully created account: %s, id: \
%s" % (cls.account.name,
@@ -813,9 +758,6 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
@classmethod
def tearDownClass(cls):
try:
- try:
- cls.template.delete(cls.apiclient)
- except Exception: pass
cleanup_resources(cls.apiclient, cls.cleanup)
except Exception, e:
raise Exception("Cleanup failed with %s" % e)
@@ -854,14 +796,9 @@ class TestRVPCSite2SiteVpn(cloudstackTestCase):
cls.rvrNotSupported = True
return
- cls.logger.debug("Downloading Template: %s from: %s" % (cls.services["template"][
- cls.hypervisor.lower()], cls.services["template"][cls.hypervisor.lower()]["url"]))
- cls.template = Template.register(cls.apiclient, cls.services["template"][cls.hypervisor.lower(
- )], cls.zone.id, hypervisor=cls.hypervisor.lower(), account=cls.account.name, domainid=cls.domain.id)
- cls.template.download(cls.apiclient)
-
+ cls.template = get_test_template(cls.apiclient, cls.zone.id, cls.hypervisor)
if cls.template == FAILED:
- assert False, "get_template() failed to return template"
+ assert False, "get_test_template() failed to return template"
cls.logger.debug("Successfully created account: %s, id: \
%s" % (cls.account.name,
@@ -1203,9 +1140,6 @@ class TestRVPCSite2SiteVpn(cloudstackTestCase):
@classmethod
def tearDownClass(cls):
try:
- try:
- cls.template.delete(cls.apiclient)
- except Exception: pass
cleanup_resources(cls.apiclient, cls.cleanup)
except Exception, e:
raise Exception("Cleanup failed with %s" % e)
@@ -1237,14 +1171,9 @@ class TestVPCSite2SiteVPNMultipleOptions(cloudstackTestCase):
cls.hypervisor = testClient.getHypervisorInfo()
- cls.logger.debug("Downloading Template: %s from: %s" % (cls.services["template"][
- cls.hypervisor.lower()], cls.services["template"][cls.hypervisor.lower()]["url"]))
- cls.template = Template.register(cls.apiclient, cls.services["template"][cls.hypervisor.lower(
- )], cls.zone.id, hypervisor=cls.hypervisor.lower(), account=cls.account.name, domainid=cls.domain.id)
- cls.template.download(cls.apiclient)
-
+ cls.template = get_test_template(cls.apiclient, cls.zone.id, cls.hypervisor)
if cls.template == FAILED:
- assert False, "get_template() failed to return template"
+ assert False, "get_test_template() failed to return template"
cls.logger.debug("Successfully created account: %s, id: \
%s" % (cls.account.name,
@@ -1651,9 +1580,6 @@ class TestVPCSite2SiteVPNMultipleOptions(cloudstackTestCase):
@classmethod
def tearDownClass(cls):
try:
- try:
- cls.template.delete(cls.apiclient)
- except Exception: pass
cleanup_resources(cls.apiclient, cls.cleanup)
except Exception, e:
raise Exception("Cleanup failed with %s" % e)
diff --git a/tools/appliance/definitions/systemvmtemplate/cleanup.sh b/tools/appliance/definitions/systemvmtemplate/cleanup.sh
index f1591ac..00f068d 100644
--- a/tools/appliance/definitions/systemvmtemplate/cleanup.sh
+++ b/tools/appliance/definitions/systemvmtemplate/cleanup.sh
@@ -64,7 +64,6 @@ function cleanup_misc() {
rm -fr /usr/share/man
rm -fr /usr/share/info
rm -fr /usr/share/lintian
- rm -fr /usr/share/vim
find /usr/share/locale -type f | grep -v en | xargs rm -fr
}
diff --git a/tools/marvin/marvin/lib/base.py b/tools/marvin/marvin/lib/base.py
index 340419a..6f26009 100755
--- a/tools/marvin/marvin/lib/base.py
+++ b/tools/marvin/marvin/lib/base.py
@@ -1225,13 +1225,16 @@ class Template:
@classmethod
def register(cls, apiclient, services, zoneid=None,
account=None, domainid=None, hypervisor=None,
- projectid=None, details=None):
+ projectid=None, details=None, randomize_name=True):
"""Create template from URL"""
# Create template from Virtual machine and Volume ID
cmd = registerTemplate.registerTemplateCmd()
cmd.displaytext = services["displaytext"]
- cmd.name = "-".join([services["name"], random_gen()])
+ if randomize_name:
+ cmd.name = "-".join([services["name"], random_gen()])
+ else:
+ cmd.name = services["name"]
cmd.format = services["format"]
if hypervisor:
cmd.hypervisor = hypervisor
diff --git a/tools/marvin/marvin/lib/common.py b/tools/marvin/marvin/lib/common.py
index d1b872a..32abda7 100644
--- a/tools/marvin/marvin/lib/common.py
+++ b/tools/marvin/marvin/lib/common.py
@@ -76,6 +76,7 @@ from marvin.lib.base import (PhysicalNetwork,
NATRule,
StaticNATRule,
Volume,
+ Template,
Account,
Project,
Snapshot,
@@ -296,6 +297,7 @@ def get_pod(apiclient, zone_id=None, pod_id=None, pod_name=None):
if validateList(cmd_out)[0] != PASS:
return FAILED
return cmd_out[0]
+
def get_template(
apiclient, zone_id=None, ostype_desc=None, template_filter="featured", template_type='BUILTIN',
template_id=None, template_name=None, account=None, domain_id=None, project_id=None,
@@ -342,6 +344,99 @@ def get_template(
return list_templatesout[0]
+def get_test_template(apiclient, zone_id=None, hypervisor=None):
+ """
+ @Name : get_test_template
+ @Desc : Retrieves the test template used to running tests. When the template
+ is missing it will be download at most one in a zone for a hypervisor.
+ @Input : returns a template
+ """
+ test_templates = {
+ "kvm": {
+ "name": "tiny-kvm",
+ "displaytext": "tiny kvm",
+ "format": "qcow2",
+ "hypervisor": "kvm",
+ "ostype": "Other Linux (64-bit)",
+ "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-kvm.qcow2.bz2",
+ "requireshvm": "True",
+ "ispublic": "True",
+ "isextractable": "True"
+ },
+ "xenserver": {
+ "name": "tiny-xen",
+ "displaytext": "tiny xen",
+ "format": "vhd",
+ "hypervisor": "xenserver",
+ "ostype": "Other Linux (64-bit)",
+ "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-xen.vhd.bz2",
+ "requireshvm": "True",
+ "ispublic": "True",
+ "isextractable": "True"
+ },
+ "hyperv": {
+ "name": "tiny-hyperv",
+ "displaytext": "tiny hyperv",
+ "format": "vhd",
+ "hypervisor": "hyperv",
+ "ostype": "Other Linux (64-bit)",
+ "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-hyperv.vhd.zip",
+ "requireshvm": "True",
+ "ispublic": "True",
+ "isextractable": "True"
+ },
+ "vmware": {
+ "name": "tiny-vmware",
+ "displaytext": "tiny vmware",
+ "format": "ova",
+ "hypervisor": "vmware",
+ "ostype": "Other Linux (64-bit)",
+ "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-vmware.ova",
+ "requireshvm": "True",
+ "ispublic": "True"
+ },
+ "simulator": {
+ "name": "tiny-simulator",
+ "displaytext": "tiny simulator",
+ "format": "vhd",
+ "hypervisor": "simulator",
+ "ostype": "Other Linux (64-bit)",
+ "url": "http://fake.url/tiny.vhd.bz2",
+ "requireshvm": "True",
+ "ispublic": "True"
+ }
+ }
+
+ if hypervisor is None:
+ return FAILED
+
+ hypervisor = hypervisor.lower()
+ if hypervisor not in test_templates.keys():
+ print "Provided hypervisor has no test template"
+ return FAILED
+
+ test_template = test_templates[hypervisor]
+
+ cmd = listTemplates.listTemplatesCmd()
+ cmd.name = test_template['name']
+ cmd.templatefilter = 'all'
+ if zone_id is not None:
+ cmd.zoneid = zone_id
+ if hypervisor is not None:
+ cmd.hypervisor = hypervisor
+ templates = apiclient.listTemplates(cmd)
+
+ if validateList(templates)[0] != PASS:
+ template = Template.register(apiclient, test_template, zoneid=zone_id, hypervisor=hypervisor.lower(), randomize_name=False)
+ template.download(apiclient)
+ return template
+
+ for template in templates:
+ if template.isready and template.ispublic:
+ return template
+
+ return FAILED
+
def get_windows_template(
apiclient, zone_id=None, ostype_desc=None, template_filter="featured", template_type='USER',
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 22/34: use new get_test_templates
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 5b2c68e38a2c549e9e0eb5b35606a8442672ea91
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Mon Dec 11 21:40:49 2017 +0530
use new get_test_templates
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
test/integration/smoke/test_accounts.py | 22 +++++++------
test/integration/smoke/test_affinity_groups.py | 10 +++---
.../smoke/test_affinity_groups_projects.py | 11 ++++---
test/integration/smoke/test_deploy_vm_iso.py | 7 +++--
test/integration/smoke/test_host_maintenance.py | 6 ++--
test/integration/smoke/test_hostha_kvm.py | 4 +--
test/integration/smoke/test_list_ids_parameter.py | 10 +++---
.../smoke/test_nested_virtualization.py | 15 +++++----
test/integration/smoke/test_network.py | 36 +++++++++++-----------
test/integration/smoke/test_nic.py | 6 ++--
test/integration/smoke/test_projects.py | 7 +++--
test/integration/smoke/test_reset_vm_on_reboot.py | 7 +++--
test/integration/smoke/test_router_dhcphosts.py | 12 +++++---
test/integration/smoke/test_vpc_router_nics.py | 30 ++++++++++--------
14 files changed, 98 insertions(+), 85 deletions(-)
diff --git a/test/integration/smoke/test_accounts.py b/test/integration/smoke/test_accounts.py
index a64d922..00047bf 100644
--- a/test/integration/smoke/test_accounts.py
+++ b/test/integration/smoke/test_accounts.py
@@ -32,7 +32,7 @@ from marvin.lib.base import (Domain,
PublicIPAddress)
from marvin.lib.common import (get_domain,
get_zone,
- get_template,
+ get_test_template,
list_accounts,
list_virtual_machines,
list_service_offering,
@@ -128,11 +128,12 @@ class TestAccounts(cloudstackTestCase):
cls.services = Services().services
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
cls.services['mode'] = cls.zone.networktype
- cls.template = get_template(
+ cls.template = get_test_template(
cls.api_client,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
cls.services["virtual_machine"]["template"] = cls.template.id
@@ -270,11 +271,12 @@ class TestRemoveUserFromAccount(cloudstackTestCase):
cls.services = Services().services
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
cls.services['mode'] = cls.zone.networktype
- cls.template = get_template(
+ cls.template = get_test_template(
cls.api_client,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
cls.services["virtual_machine"]["template"] = cls.template.id
@@ -948,6 +950,7 @@ class TestAddVmToSubDomain(cloudstackTestCase):
cls.services = Services().services
cls.domain = get_domain(cls.api_client)
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
cls.services['mode'] = cls.zone.networktype
cls.sub_domain = Domain.create(
cls.api_client,
@@ -983,10 +986,10 @@ class TestAddVmToSubDomain(cloudstackTestCase):
cls.sub_domain,
cls.service_offering
]
- cls.template = get_template(
+ cls.template = get_test_template(
cls.api_client,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
cls.vm_1 = VirtualMachine.create(
@@ -1717,12 +1720,13 @@ class TestDomainForceRemove(cloudstackTestCase):
cls.services = Services().services
cls.domain = get_domain(cls.api_client)
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
cls.services['mode'] = cls.zone.networktype
- cls.template = get_template(
+ cls.template = get_test_template(
cls.api_client,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
diff --git a/test/integration/smoke/test_affinity_groups.py b/test/integration/smoke/test_affinity_groups.py
index 3f78a84..64ec8ae 100644
--- a/test/integration/smoke/test_affinity_groups.py
+++ b/test/integration/smoke/test_affinity_groups.py
@@ -40,15 +40,16 @@ class TestDeployVmWithAffinityGroup(cloudstackTestCase):
cls.services = cls.testClient.getParsedTestDataConfig()
# Get Zone, Domain and templates
cls.zone = get_zone(cls.apiclient, cls.testClient.getZoneForTests())
-
- cls.template = get_template(
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
+
+ cls.template = get_test_template(
cls.apiclient,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
if cls.template == FAILED:
- assert False, "get_template() failed to return template with description %s" % cls.services["ostype"]
+ assert False, "get_test_template() failed to return template"
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
@@ -155,7 +156,6 @@ class TestDeployVmWithAffinityGroup(cloudstackTestCase):
@classmethod
def tearDownClass(cls):
try:
- #Clean up, terminate the created templates
cleanup_resources(cls.apiclient, cls._cleanup)
except Exception as e:
raise Exception("Warning: Exception during cleanup : %s" % e)
diff --git a/test/integration/smoke/test_affinity_groups_projects.py b/test/integration/smoke/test_affinity_groups_projects.py
index 2e971c5..76401c6 100644
--- a/test/integration/smoke/test_affinity_groups_projects.py
+++ b/test/integration/smoke/test_affinity_groups_projects.py
@@ -40,16 +40,17 @@ class TestDeployVmWithAffinityGroup(cloudstackTestCase):
cls.services = cls.testClient.getParsedTestDataConfig()
# Get Zone, Domain and templates
cls.zone = get_zone(cls.apiclient, cls.testClient.getZoneForTests())
-
- cls.template = get_template(
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
+
+ cls.template = get_test_template(
cls.apiclient,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
if cls.template == FAILED:
- assert False, "get_template() failed to return template with description %s" % cls.services["ostype"]
-
+ assert False, "get_test_template() failed to return template"
+
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
cls.services["template"] = cls.template.id
diff --git a/test/integration/smoke/test_deploy_vm_iso.py b/test/integration/smoke/test_deploy_vm_iso.py
index 5298c48..f2273cb 100644
--- a/test/integration/smoke/test_deploy_vm_iso.py
+++ b/test/integration/smoke/test_deploy_vm_iso.py
@@ -28,7 +28,7 @@ from marvin.lib.base import (Account,
DiskOffering)
from marvin.lib.common import (get_zone,
get_domain,
- get_template)
+ get_test_template)
from marvin.codes import PASS
@@ -44,11 +44,12 @@ class TestDeployVMFromISO(cloudstackTestCase):
# Get Zone, Domain and templates
cls.domain = get_domain(cls.api_client)
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
- cls.template = get_template(
+ cls.template = get_test_template(
cls.api_client,
cls.zone.id,
- cls.testdata["ostype"]
+ cls.hypervisor
)
# Create service, disk offerings etc
diff --git a/test/integration/smoke/test_host_maintenance.py b/test/integration/smoke/test_host_maintenance.py
index 94f964c..7fc2139 100644
--- a/test/integration/smoke/test_host_maintenance.py
+++ b/test/integration/smoke/test_host_maintenance.py
@@ -89,14 +89,14 @@ class TestHostMaintenance(cloudstackTestCase):
def createVMs(self, hostId, number):
- self.template = get_template(
+ self.template = get_test_template(
self.apiclient,
self.zone.id,
- self.services["ostype"]
+ self.hypervisor
)
if self.template == FAILED:
- assert False, "get_template() failed to return template with description %s" % self.services["ostype"]
+ assert False, "get_test_template() failed to return template"
self.logger.debug("Using template %s " % self.template.id)
diff --git a/test/integration/smoke/test_hostha_kvm.py b/test/integration/smoke/test_hostha_kvm.py
index cc44426..a153e15 100644
--- a/test/integration/smoke/test_hostha_kvm.py
+++ b/test/integration/smoke/test_hostha_kvm.py
@@ -80,10 +80,10 @@ class TestHAKVM(cloudstackTestCase):
self.services["service_offerings"]["hasmall"]
)
- self.template = get_template(
+ self.template = get_test_template(
self.apiclient,
self.zone.id,
- self.services["ostype"]
+ self.hypervisor
)
self.configureAndDisableHostHa()
diff --git a/test/integration/smoke/test_list_ids_parameter.py b/test/integration/smoke/test_list_ids_parameter.py
index cc45ce3..e5053cb 100755
--- a/test/integration/smoke/test_list_ids_parameter.py
+++ b/test/integration/smoke/test_list_ids_parameter.py
@@ -29,7 +29,7 @@ from marvin.lib.base import (Account,
VmSnapshot,
VirtualMachine)
from marvin.lib.common import (get_domain,
- get_zone, get_template)
+ get_zone, get_test_template)
from marvin.codes import FAILED, PASS
from nose.plugins.attrib import attr
#Import System modules
@@ -62,14 +62,14 @@ class TestListIdsParams(cloudstackTestCase):
cls.services["service_offerings"]["tiny"]
)
- template = get_template(
+ template = get_test_template(
cls.apiclient,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
if template == FAILED:
- assert False, "get_template() failed to return template with description %s" % cls.services["ostype"]
-
+ assert False, "get_test_template() failed to return template"
+
cls.services["template"]["ostypeid"] = template.ostypeid
cls.services["template_2"]["ostypeid"] = template.ostypeid
cls.services["ostypeid"] = template.ostypeid
diff --git a/test/integration/smoke/test_nested_virtualization.py b/test/integration/smoke/test_nested_virtualization.py
index 3b03f77..c10dd2f 100755
--- a/test/integration/smoke/test_nested_virtualization.py
+++ b/test/integration/smoke/test_nested_virtualization.py
@@ -30,7 +30,7 @@ from marvin.lib.base import (Account,
Network)
from marvin.lib.common import (get_zone,
get_domain,
- get_template)
+ get_test_template)
from nose.plugins.attrib import attr
from marvin.sshClient import SshClient
import logging
@@ -49,6 +49,7 @@ class TestNestedVirtualization(cloudstackTestCase):
cls.logger.addHandler(cls.stream_handler)
cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests())
+ cls.hypervisor = get_hypervisor_type(cls.apiclient)
cls.services['mode'] = cls.zone.networktype
cls.services["isolated_network"]["zoneid"] = cls.zone.id
cls.domain = get_domain(cls.apiclient)
@@ -57,13 +58,12 @@ class TestNestedVirtualization(cloudstackTestCase):
cls.services["service_offerings"]["tiny"]
)
cls.account = Account.create(cls.apiclient, services=cls.services["account"])
- cls.template = get_template(
+ cls.template = get_test_template(
cls.apiclient,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
- cls.hypervisor = get_hypervisor_type(cls.apiclient)
-
+
cls.isolated_network_offering = NetworkOffering.create(
cls.apiclient,
cls.services["isolated_network_offering"])
@@ -71,8 +71,8 @@ class TestNestedVirtualization(cloudstackTestCase):
cls.isolated_network_offering.update(cls.apiclient, state='Enabled')
if cls.template == FAILED:
- assert False, "get_template() failed to return template with description %s" % cls.services["ostype"]
-
+ assert False, "get_test_template() failed to return template"
+
cls.services["small"]["zoneid"] = cls.zone.id
cls.services["small"]["template"] = cls.template.id
@@ -149,4 +149,3 @@ class TestNestedVirtualization(cloudstackTestCase):
cleanup_resources(cls.apiclient, cls.cleanup)
except Exception, e:
raise Exception("Cleanup failed with %s" % e)
-
\ No newline at end of file
diff --git a/test/integration/smoke/test_network.py b/test/integration/smoke/test_network.py
index bb1e14b..f01f7bf 100644
--- a/test/integration/smoke/test_network.py
+++ b/test/integration/smoke/test_network.py
@@ -37,7 +37,7 @@ from marvin.lib.base import (Account,
Router)
from marvin.lib.common import (get_domain,
get_zone,
- get_template,
+ get_test_template,
list_hosts,
list_publicIP,
list_nat_rules,
@@ -258,14 +258,13 @@ class TestPortForwarding(cloudstackTestCase):
# Get Zone, Domain and templates
cls.domain = get_domain(cls.apiclient)
cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests())
- template = get_template(
+ template = get_test_template(
cls.apiclient,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
if template == FAILED:
- assert False, "get_template() failed to return template with description %s" % cls.services[
- "ostype"]
+ assert False, "get_test_template() failed to return template"
# Create an account, network, VM and IP addresses
cls.account = Account.create(
@@ -583,15 +582,15 @@ class TestRebootRouter(cloudstackTestCase):
# Get Zone, Domain and templates
self.domain = get_domain(self.apiclient)
self.zone = get_zone(self.apiclient, self.testClient.getZoneForTests())
- template = get_template(
+ self.hypervisor = self.testClient.getHypervisorInfo()
+ template = get_test_template(
self.apiclient,
self.zone.id,
- self.services["ostype"]
+ self.hypervisor
)
if template == FAILED:
- self.fail(
- "get_template() failed to return template with description %s" %
- self.services["ostype"])
+ self.fail("get_test_template() failed to return template")
+
self.services["virtual_machine"]["zoneid"] = self.zone.id
# Create an account, network, VM and IP addresses
@@ -756,10 +755,11 @@ class TestReleaseIP(cloudstackTestCase):
# Get Zone, Domain and templates
self.domain = get_domain(self.apiclient)
self.zone = get_zone(self.apiclient, self.testClient.getZoneForTests())
- template = get_template(
+ self.hypervisor = self.testClient.getHypervisorInfo()
+ template = get_test_template(
self.apiclient,
self.zone.id,
- self.services["ostype"]
+ self.hypervisor
)
self.services["virtual_machine"]["zoneid"] = self.zone.id
@@ -897,10 +897,11 @@ class TestDeleteAccount(cloudstackTestCase):
# Get Zone, Domain and templates
self.domain = get_domain(self.apiclient)
self.zone = get_zone(self.apiclient, self.testClient.getZoneForTests())
- template = get_template(
+ self.hypervisor = self.testClient.getHypervisorInfo()
+ template = get_test_template(
self.apiclient,
self.zone.id,
- self.services["ostype"]
+ self.hypervisor
)
self.services["virtual_machine"]["zoneid"] = self.zone.id
@@ -1040,14 +1041,13 @@ class TestRouterRules(cloudstackTestCase):
cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests())
cls.hypervisor = testClient.getHypervisorInfo()
cls.hostConfig = cls.config.__dict__["zones"][0].__dict__["pods"][0].__dict__["clusters"][0].__dict__["hosts"][0].__dict__
- template = get_template(
+ template = get_test_template(
cls.apiclient,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
if template == FAILED:
- assert False, "get_template() failed to return template\
- with description %s" % cls.services["ostype"]
+ assert False, "get_test_template() failed to return template"
# Create an account, network, VM and IP addresses
cls.account = Account.create(
diff --git a/test/integration/smoke/test_nic.py b/test/integration/smoke/test_nic.py
index c7f8468..584ccf5 100644
--- a/test/integration/smoke/test_nic.py
+++ b/test/integration/smoke/test_nic.py
@@ -22,7 +22,7 @@ from marvin.lib.base import (Account,
VirtualMachine,
NetworkOffering)
from marvin.lib.common import (get_zone,
- get_template,
+ get_test_template,
get_domain)
from marvin.lib.utils import validateList
from marvin.codes import PASS
@@ -76,10 +76,10 @@ class TestNic(cloudstackTestCase):
self.services["service_offerings"][
"tiny"]["storagetype"] = 'local'
- template = get_template(
+ template = get_test_template(
self.apiclient,
self.zone.id,
- self.services["ostype"]
+ self.hypervisor
)
# Set Zones and disk offerings
self.services["small"]["zoneid"] = self.zone.id
diff --git a/test/integration/smoke/test_projects.py b/test/integration/smoke/test_projects.py
index e38bccc..173e81d 100644
--- a/test/integration/smoke/test_projects.py
+++ b/test/integration/smoke/test_projects.py
@@ -30,7 +30,7 @@ from marvin.lib.base import (Account,
Domain)
from marvin.lib.common import (get_domain,
get_zone,
- get_template,
+ get_test_template,
list_configurations)
import time
@@ -1532,12 +1532,13 @@ class TestProjectSuspendActivate(cloudstackTestCase):
cls.services = Services().services
# Get Zone
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
cls.domain = get_domain(cls.api_client)
cls.services['mode'] = cls.zone.networktype
- cls.template = get_template(
+ cls.template = get_test_template(
cls.api_client,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
cls._cleanup = []
cls.isGlobalSettingInvalid = False
diff --git a/test/integration/smoke/test_reset_vm_on_reboot.py b/test/integration/smoke/test_reset_vm_on_reboot.py
index 668c77f..5c1e93d 100644
--- a/test/integration/smoke/test_reset_vm_on_reboot.py
+++ b/test/integration/smoke/test_reset_vm_on_reboot.py
@@ -38,15 +38,16 @@ class TestResetVmOnReboot(cloudstackTestCase):
# Get Zone, Domain and templates
domain = get_domain(cls.apiclient)
zone = get_zone(cls.apiclient, testClient.getZoneForTests())
+ hypervisor = testClient.getHypervisorInfo()
cls.services['mode'] = zone.networktype
- template = get_template(
+ template = get_test_template(
cls.apiclient,
zone.id,
- cls.services["ostype"]
+ hypervisor
)
if template == FAILED:
- assert False, "get_template() failed to return template with description %s" % cls.services["ostype"]
+ assert False, "get_test_template() failed to return template"
# Set Zones and disk offerings ??
cls.services["small"]["zoneid"] = zone.id
diff --git a/test/integration/smoke/test_router_dhcphosts.py b/test/integration/smoke/test_router_dhcphosts.py
index 668475e..aff50bc 100644
--- a/test/integration/smoke/test_router_dhcphosts.py
+++ b/test/integration/smoke/test_router_dhcphosts.py
@@ -35,7 +35,7 @@ from marvin.lib.base import (ServiceOffering,
Network,
Router)
from marvin.lib.common import (get_zone,
- get_template,
+ get_test_template,
get_domain,
list_virtual_machines,
list_networks,
@@ -68,11 +68,12 @@ class TestRouterDHCPHosts(cloudstackTestCase):
# Get Zone, Domain and templates
cls.domain = get_domain(cls.api_client)
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
cls.services['mode'] = cls.zone.networktype
- cls.template = get_template(
+ cls.template = get_test_template(
cls.api_client,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
cls.hostConfig = cls.config.__dict__["zones"][0].__dict__["pods"][0].__dict__["clusters"][0].__dict__["hosts"][0].__dict__
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
@@ -407,11 +408,12 @@ class TestRouterDHCPOpts(cloudstackTestCase):
# Get Zone, Domain and templates
cls.domain = get_domain(cls.api_client)
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
cls.services['mode'] = cls.zone.networktype
- cls.template = get_template(
+ cls.template = get_test_template(
cls.api_client,
cls.zone.id,
- cls.services["ostype"]
+ cls.hypervisor
)
cls.hostConfig = cls.config.__dict__["zones"][0].__dict__["pods"][0].__dict__["clusters"][0].__dict__["hosts"][0].__dict__
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
diff --git a/test/integration/smoke/test_vpc_router_nics.py b/test/integration/smoke/test_vpc_router_nics.py
index 39a9214..092a70f 100644
--- a/test/integration/smoke/test_vpc_router_nics.py
+++ b/test/integration/smoke/test_vpc_router_nics.py
@@ -35,7 +35,7 @@ from marvin.lib.base import (stopRouter,
LoadBalancerRule)
from marvin.lib.common import (get_domain,
get_zone,
- get_template,
+ get_test_template,
list_routers)
from marvin.lib.utils import cleanup_resources
import socket
@@ -186,10 +186,11 @@ class TestVPCNics(cloudstackTestCase):
# Get Zone, Domain and templates
cls.domain = get_domain(cls.api_client)
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
- cls.template = get_template(
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
+ cls.template = get_test_template(
cls.api_client,
cls.zone.id,
- cls.services["ostype"])
+ cls.hypervisor)
cls.services["virtual_machine"]["zoneid"] = cls.zone.id
cls.services["virtual_machine"]["template"] = cls.template.id
@@ -450,10 +451,10 @@ class TestVPCNics(cloudstackTestCase):
def do_default_routes_test(self):
for o in self.networks:
for vmObj in o.get_vms():
- ssh_command = "ping -c 3 8.8.8.8"
+ ssh_command = "ping -c 5 8.8.8.8"
# Should be able to SSH VM
- result = 'failed'
+ packet_loss = 100
try:
vm = vmObj.get_vm()
public_ip = vmObj.get_ip()
@@ -462,19 +463,22 @@ class TestVPCNics(cloudstackTestCase):
ssh = vm.get_ssh_client(ipaddress=public_ip.ipaddress.ipaddress)
self.logger.debug("Ping to google.com from VM")
- result = str(ssh.execute(ssh_command))
+ result = ssh.execute(ssh_command)
- self.logger.debug("SSH result: %s; COUNT is ==> %s" % (result, result.count(" 0% packet loss")))
+ for line in result:
+ if "packet loss" in line:
+ packet_loss = int(line.split("% packet loss")[0].split(" ")[-1])
+ break
+
+ self.logger.debug("SSH result: %s; packet loss is ==> %s" % (result, packet_loss))
except Exception as e:
self.fail("SSH Access failed for %s: %s" % \
(vmObj.get_ip(), e)
)
-
- self.assertEqual(
- result.count(" 0% packet loss"),
- 1,
- "Ping to outside world from VM should be successful"
- )
+
+ # Most pings should be successful
+ self.assertTrue(packet_loss < 50,
+ "Ping to outside world from VM should be successful")
class networkO(object):
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 15/34: using debian 9.3.0 now :)
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 6607ba9778f6bd26b905835cfa820ae7eb6f8dd5
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Sun Dec 10 21:41:55 2017 +0530
using debian 9.3.0 now :)
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
tools/appliance/definitions/systemvmtemplate/definition.rb | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/tools/appliance/definitions/systemvmtemplate/definition.rb b/tools/appliance/definitions/systemvmtemplate/definition.rb
index 03be568..917dd77 100644
--- a/tools/appliance/definitions/systemvmtemplate/definition.rb
+++ b/tools/appliance/definitions/systemvmtemplate/definition.rb
@@ -27,9 +27,9 @@ arch = 'amd64'
architectures = {
:amd64 => {
:os_type_id => 'Debian_64',
- :iso_file => 'debian-9.2.1-amd64-netinst.iso',
- :iso_src => 'https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-9.2.1-amd64-netinst.iso',
- :iso_sha512 => 'ebfe25dc593967e39349b205480b0ec0103ef4a0468c602f4857e13d06d407bfe876162399e0e8d4dea5675953dc37ab585316f307ccf9f4440124b4f719df04'
+ :iso_file => 'debian-9.3.0-amd64-netinst.iso',
+ :iso_src => 'https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-9.3.0-amd64-netinst.iso',
+ :iso_sha512 => '8775231d6f56a3d8f116eb64fe048f5cbd2ea0f8c092a1cb7608bcb4106f9c85cb69ce68f53bd381019ab40f1c0316843036daf3fd9107c81c58a240334cc747'
}
}
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 09/34: CLOUDSTACK-10010: Port marvin test from #2190
by @swill
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit efc63d6405f54185d239697cd73b52fa12bf12eb
Author: Will Stevens <wi...@gmail.com>
AuthorDate: Sat Dec 2 21:11:40 2017 +0530
CLOUDSTACK-10010: Port marvin test from #2190 by @swill
This ports the S2S config test by @swill from #2190 with additional
changes to make robust and environment agnostic.
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
test/integration/smoke/test_vpc_vpn.py | 468 ++++++++++++++++++++++++++++++++-
1 file changed, 463 insertions(+), 5 deletions(-)
diff --git a/test/integration/smoke/test_vpc_vpn.py b/test/integration/smoke/test_vpc_vpn.py
index 83c244b..b3dfab2 100644
--- a/test/integration/smoke/test_vpc_vpn.py
+++ b/test/integration/smoke/test_vpc_vpn.py
@@ -1138,8 +1138,19 @@ class TestRVPCSite2SiteVpn(cloudstackTestCase):
self.apiclient, customer2_response.id, vpn1_response['id'])
self.debug("VPN connection created for VPC %s" % vpc1.id)
- self.assertEqual(
- vpnconn2_response['state'], "Connected", "Failed to connect between VPCs!")
+ def checkVpnConnected():
+ connections = Vpn.listVpnConnection(
+ self.apiclient,
+ listall='true',
+ vpcid=vpc2.id)
+ if isinstance(connections, list):
+ return connections[0].state == 'Connected', None
+ return False, None
+
+ # Wait up to 60 seconds for passive connection to show up as Connected
+ res, _ = wait_until(2, 30, checkVpnConnected)
+ if not res:
+ self.fail("Failed to connect between VPCs, see VPN state as Connected")
# acquire an extra ip address to use to ssh into vm2
try:
@@ -1174,9 +1185,8 @@ class TestRVPCSite2SiteVpn(cloudstackTestCase):
if ssh_client:
# run ping test
- packet_loss = ssh_client.execute(
- "/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress + " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0]
- self.assert_(int(packet_loss) == 0, "Ping did not succeed")
+ packet_loss = ssh_client.execute("/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress + " | grep packet | sed 's/.*received, //g' | sed 's/[% ]*packet.*//g'")[0]
+ self.assert_(int(packet_loss) < 50, "Ping did not succeed")
else:
self.fail("Failed to setup ssh connection to %s" % vm2.public_ip)
@@ -1189,3 +1199,451 @@ class TestRVPCSite2SiteVpn(cloudstackTestCase):
cleanup_resources(cls.apiclient, cls.cleanup)
except Exception, e:
raise Exception("Cleanup failed with %s" % e)
+
+
+class TestVPCSite2SiteVPNMultipleOptions(cloudstackTestCase):
+
+ @classmethod
+ def setUpClass(cls):
+ cls.logger = logging.getLogger('TestVPCSite2SiteVPNMultipleOptions')
+ cls.stream_handler = logging.StreamHandler()
+ cls.logger.setLevel(logging.DEBUG)
+ cls.logger.addHandler(cls.stream_handler)
+
+ testClient = super(TestVPCSite2SiteVPNMultipleOptions, cls).getClsTestClient()
+ cls.apiclient = testClient.getApiClient()
+ cls.services = Services().services
+
+ cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests())
+ cls.domain = get_domain(cls.apiclient)
+
+ cls.compute_offering = ServiceOffering.create(
+ cls.apiclient,
+ cls.services["compute_offering"]
+ )
+
+ cls.account = Account.create(
+ cls.apiclient, services=cls.services["account"])
+
+ cls.hypervisor = testClient.getHypervisorInfo()
+
+ cls.logger.debug("Downloading Template: %s from: %s" % (cls.services["template"][
+ cls.hypervisor.lower()], cls.services["template"][cls.hypervisor.lower()]["url"]))
+ cls.template = Template.register(cls.apiclient, cls.services["template"][cls.hypervisor.lower(
+ )], cls.zone.id, hypervisor=cls.hypervisor.lower(), account=cls.account.name, domainid=cls.domain.id)
+ cls.template.download(cls.apiclient)
+
+ if cls.template == FAILED:
+ assert False, "get_template() failed to return template"
+
+ cls.logger.debug("Successfully created account: %s, id: \
+ %s" % (cls.account.name,
+ cls.account.id))
+
+ cls.cleanup = [cls.account, cls.compute_offering]
+ return
+
+ def _get_ssh_client(self, virtual_machine, services, retries):
+ """ Setup ssh client connection and return connection
+ vm requires attributes public_ip, public_port, username, password """
+
+ try:
+ ssh_client = SshClient(
+ virtual_machine.public_ip,
+ services["virtual_machine"]["ssh_port"],
+ services["virtual_machine"]["username"],
+ services["virtual_machine"]["password"],
+ retries)
+
+ except Exception as e:
+ self.fail("Unable to create ssh connection: " % e)
+
+ self.assertIsNotNone(
+ ssh_client, "Failed to setup ssh connection to vm=%s on public_ip=%s" % (virtual_machine.name, virtual_machine.public_ip))
+
+ return ssh_client
+
+ def _create_natrule(self, vpc, vm, public_port, private_port, public_ip, network, services=None):
+ self.logger.debug("Creating NAT rule in network for vm with public IP")
+ if not services:
+ self.services["natrule"]["privateport"] = private_port
+ self.services["natrule"]["publicport"] = public_port
+ self.services["natrule"]["startport"] = public_port
+ self.services["natrule"]["endport"] = public_port
+ services = self.services["natrule"]
+
+ nat_rule = NATRule.create(
+ apiclient=self.apiclient,
+ services=services,
+ ipaddressid=public_ip.ipaddress.id,
+ virtual_machine=vm,
+ networkid=network.id
+ )
+ self.assertIsNotNone(
+ nat_rule, "Failed to create NAT Rule for %s" % public_ip.ipaddress.ipaddress)
+ self.logger.debug(
+ "Adding NetworkACL rules to make NAT rule accessible")
+
+ vm.ssh_ip = nat_rule.ipaddress
+ vm.public_ip = nat_rule.ipaddress
+ vm.public_port = int(public_port)
+ return nat_rule
+
+ def _validate_vpc_offering(self, vpc_offering):
+
+ self.logger.debug("Check if the VPC offering is created successfully?")
+ vpc_offs = VpcOffering.list(
+ self.apiclient,
+ id=vpc_offering.id
+ )
+ offering_list = validateList(vpc_offs)
+ self.assertEqual(offering_list[0],
+ PASS,
+ "List VPC offerings should return a valid list"
+ )
+ self.assertEqual(
+ vpc_offering.name,
+ vpc_offs[0].name,
+ "Name of the VPC offering should match with listVPCOff data"
+ )
+ self.logger.debug(
+ "VPC offering is created successfully - %s" %
+ vpc_offering.name)
+ return
+
+ def _create_vpc_offering(self, offering_name):
+
+ vpc_off = None
+ if offering_name is not None:
+
+ self.logger.debug("Creating VPC offering: %s", offering_name)
+ vpc_off = VpcOffering.create(
+ self.apiclient,
+ self.services[offering_name]
+ )
+
+ self._validate_vpc_offering(vpc_off)
+ self.cleanup.append(vpc_off)
+
+ return vpc_off
+
+ @attr(tags=["advanced"], required_hardware="true")
+ def test_01_vpc_site2site_vpn_multiple_options(self):
+ """Test Site 2 Site VPN Across VPCs"""
+ self.logger.debug("Starting test: test_01_vpc_site2site_vpn_multiple_options")
+ # 0) Get the default network offering for VPC
+ networkOffering = NetworkOffering.list(
+ self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks")
+ self.assert_(networkOffering is not None and len(
+ networkOffering) > 0, "No VPC based network offering")
+
+ # Create and Enable VPC offering
+ vpc_offering = self._create_vpc_offering('vpc_offering')
+ self.assert_(vpc_offering is not None, "Failed to create VPC Offering")
+ vpc_offering.update(self.apiclient, state='Enabled')
+
+ vpc1 = None
+ # Create VPC 1
+ try:
+ vpc1 = VPC.create(
+ apiclient=self.apiclient,
+ services=self.services["vpc"],
+ networkDomain="vpc1.vpn",
+ vpcofferingid=vpc_offering.id,
+ zoneid=self.zone.id,
+ account=self.account.name,
+ domainid=self.domain.id
+ )
+ except Exception as e:
+ self.fail(e)
+ finally:
+ self.assert_(vpc1 is not None, "VPC1 creation failed")
+
+ self.logger.debug("VPC1 %s created" % vpc1.id)
+
+ vpc2 = None
+ # Create VPC 2
+ try:
+ vpc2 = VPC.create(
+ apiclient=self.apiclient,
+ services=self.services["vpc2"],
+ networkDomain="vpc2.vpn",
+ vpcofferingid=vpc_offering.id,
+ zoneid=self.zone.id,
+ account=self.account.name,
+ domainid=self.domain.id
+ )
+ except Exception as e:
+ self.fail(e)
+ finally:
+ self.assert_(vpc2 is not None, "VPC2 creation failed")
+
+ self.logger.debug("VPC2 %s created" % vpc2.id)
+
+ default_acl = NetworkACLList.list(
+ self.apiclient, name="default_allow")[0]
+
+ ntwk1 = None
+ # Create network in VPC 1
+ try:
+ ntwk1 = Network.create(
+ apiclient=self.apiclient,
+ services=self.services["network_1"],
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ networkofferingid=networkOffering[0].id,
+ zoneid=self.zone.id,
+ vpcid=vpc1.id,
+ aclid=default_acl.id
+ )
+ except Exception as e:
+ self.fail(e)
+ finally:
+ self.assertIsNotNone(ntwk1, "Network failed to create")
+
+ self.logger.debug("Network %s created in VPC %s" % (ntwk1.id, vpc1.id))
+
+ ntwk2 = None
+ # Create network in VPC 2
+ try:
+ ntwk2 = Network.create(
+ apiclient=self.apiclient,
+ services=self.services["network_2"],
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ networkofferingid=networkOffering[0].id,
+ zoneid=self.zone.id,
+ vpcid=vpc2.id,
+ aclid=default_acl.id
+ )
+ except Exception as e:
+ self.fail(e)
+ finally:
+ self.assertIsNotNone(ntwk2, "Network failed to create")
+
+ self.logger.debug("Network %s created in VPC %s" % (ntwk2.id, vpc2.id))
+
+ vm1 = None
+ # Deploy a vm in network 2
+ try:
+ vm1 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
+ templateid=self.template.id,
+ zoneid=self.zone.id,
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ serviceofferingid=self.compute_offering.id,
+ networkids=ntwk1.id,
+ hypervisor=self.hypervisor
+ )
+ except Exception as e:
+ self.fail(e)
+ finally:
+ self.assert_(vm1 is not None, "VM failed to deploy")
+ self.assert_(vm1.state == 'Running', "VM is not running")
+
+ self.logger.debug("VM %s deployed in VPC %s" % (vm1.id, vpc1.id))
+
+ vm2 = None
+ # Deploy a vm in network 2
+ try:
+ vm2 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
+ templateid=self.template.id,
+ zoneid=self.zone.id,
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ serviceofferingid=self.compute_offering.id,
+ networkids=ntwk2.id,
+ hypervisor=self.hypervisor
+ )
+ except Exception as e:
+ self.fail(e)
+ finally:
+ self.assert_(vm2 is not None, "VM failed to deploy")
+ self.assert_(vm2.state == 'Running', "VM is not running")
+
+ self.debug("VM %s deployed in VPC %s" % (vm2.id, vpc2.id))
+
+ # default config
+ config = {
+ 'ike_enc' :'aes128',
+ 'ike_hash' :'sha1',
+ 'ike_dh' :'modp1536',
+ 'esp_enc' :'aes128',
+ 'esp_hash' :'sha1',
+ 'esp_pfs' :'modp1536',
+ 'psk' :'secreatKey',
+ 'ike_life' :86400,
+ 'esp_life' :3600,
+ 'dpd' :True,
+ 'force_encap' :False,
+ 'passive_1' :False,
+ 'passive_2' :False
+ }
+ test_confs = [
+ {}, # default
+ {'force_encap': True},
+ {'ike_life': ''},
+ {'esp_life': ''},
+ {'ike_life': '', 'esp_life': ''},
+ {'passive_1': True, 'passive_2': True},
+ {'passive_1': False, 'passive_2': True},
+ {'passive_1': True, 'passive_2': False},
+ {'passive_1': False, 'passive_2': False, 'dpd': False},
+ {'passive_1': True, 'passive_2': True, 'dpd': False},
+ {'passive_1': True, 'passive_2': False, 'dpd': False},
+ {'passive_1': False, 'passive_2': True, 'dpd': False},
+ {'passive_1': True, 'passive_2': False, 'esp_pfs': ''},
+ {'ike_dh': 'modp3072', 'ike_hash': 'sha256', 'esp_pfs': 'modp2048', 'esp_hash':'sha384'},
+ {'ike_dh': 'modp4096', 'ike_hash': 'sha384', 'esp_pfs': 'modp6144', 'esp_hash':'sha512'},
+ {'ike_dh': 'modp8192', 'ike_hash': 'sha512', 'esp_pfs': 'modp8192', 'esp_hash':'sha384'}
+ ]
+
+ # 4) Enable Site-to-Site VPN for VPC
+ vpn1_response = Vpn.createVpnGateway(self.apiclient, vpc1.id)
+ self.assert_(
+ vpn1_response is not None, "Failed to enable VPN Gateway 1")
+ self.logger.debug("VPN gateway for VPC %s enabled" % vpc1.id)
+
+ vpn2_response = Vpn.createVpnGateway(self.apiclient, vpc2.id)
+ self.assert_(
+ vpn2_response is not None, "Failed to enable VPN Gateway 2")
+ self.logger.debug("VPN gateway for VPC %s enabled" % vpc2.id)
+
+ # 5) Add VPN Customer gateway info
+ src_nat_list = PublicIPAddress.list(
+ self.apiclient,
+ account=self.account.name,
+ domainid=self.account.domainid,
+ listall=True,
+ issourcenat=True,
+ vpcid=vpc1.id
+ )
+ ip1 = src_nat_list[0]
+ src_nat_list = PublicIPAddress.list(
+ self.apiclient,
+ account=self.account.name,
+ domainid=self.account.domainid,
+ listall=True,
+ issourcenat=True,
+ vpcid=vpc2.id
+ )
+ ip2 = src_nat_list[0]
+
+ # acquire an extra ip address to use to ssh into vm2
+ try:
+ vm2.public_ip = PublicIPAddress.create(
+ apiclient=self.apiclient,
+ accountid=self.account.name,
+ zoneid=self.zone.id,
+ domainid=self.account.domainid,
+ services=self.services,
+ networkid=ntwk2.id,
+ vpcid=vpc2.id)
+ except Exception as e:
+ self.fail(e)
+ finally:
+ self.assert_(
+ vm2.public_ip is not None, "Failed to aqcuire public ip for vm2")
+
+ natrule = None
+ # Create port forward to be able to ssh into vm2
+ try:
+ natrule = self._create_natrule(
+ vpc2, vm2, 22, 22, vm2.public_ip, ntwk2)
+ except Exception as e:
+ self.fail(e)
+ finally:
+ self.assert_(
+ natrule is not None, "Failed to create portforward for vm2")
+ time.sleep(20)
+
+ # setup ssh connection to vm2
+ ssh_client = self._get_ssh_client(vm2, self.services, 10)
+ if not ssh_client:
+ self.fail("Failed to setup ssh connection to %s" % vm2.public_ip)
+
+ for test_c in test_confs:
+ c = config.copy()
+ c.update(test_c)
+ services = self._get_vpn_config(c)
+ self.logger.debug(services)
+ customer1_response = VpnCustomerGateway.create(
+ self.apiclient,
+ services,
+ "Peer VPC1",
+ ip1.ipaddress,
+ vpc1.cidr,
+ account=self.account.name,
+ domainid=self.account.domainid)
+ self.logger.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id)
+
+ customer2_response = VpnCustomerGateway.create(
+ self.apiclient,
+ services,
+ "Peer VPC2",
+ ip2.ipaddress,
+ vpc2.cidr,
+ account=self.account.name,
+ domainid=self.account.domainid)
+ self.logger.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id)
+
+ # 6) Connect two VPCs
+ vpnconn1_response = Vpn.createVpnConnection(
+ self.apiclient, customer1_response.id, vpn2_response['id'], c['passive_1'])
+ self.logger.debug("VPN connection created for VPC %s" % vpc2.id)
+ time.sleep(5)
+ vpnconn2_response = Vpn.createVpnConnection(
+ self.apiclient, customer2_response.id, vpn1_response['id'], c['passive_2'])
+ self.logger.debug("VPN connection created for VPC %s" % vpc1.id)
+
+ def checkVpnConnected():
+ connections = Vpn.listVpnConnection(
+ self.apiclient,
+ listall='true',
+ vpcid=vpc2.id)
+ if isinstance(connections, list):
+ return connections[0].state == 'Connected', None
+ return False, None
+
+ # Wait up to 60 seconds for passive connection to show up as Connected
+ res, _ = wait_until(2, 30, checkVpnConnected)
+ if not res:
+ self.logger.debug("Failed to see VPN state as Connected, we'll attempt ssh+pinging")
+
+ # run ping test
+ packet_loss = ssh_client.execute("/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress + " | grep packet | sed 's/.*received, //g' | sed 's/[% ]*packet.*//g'")[0]
+ self.logger.debug("Packet loss %s" % packet_loss)
+ self.assert_(int(packet_loss) < 50, "Ping did not succeed")
+
+ # Cleanup
+ Vpn.deleteVpnConnection(self.apiclient, vpnconn1_response['id'])
+ Vpn.deleteVpnConnection(self.apiclient, vpnconn2_response['id'])
+ customer1_response.delete(self.apiclient)
+ customer2_response.delete(self.apiclient)
+
+ def _get_vpn_config(self, c):
+ ike_policy = '%s-%s;%s' % (c['ike_enc'], c['ike_hash'], c['ike_dh']) if c['ike_dh'] else '%s-%s' % (c['ike_enc'], c['ike_hash'])
+ esp_policy = '%s-%s;%s' % (c['esp_enc'], c['esp_hash'], c['esp_pfs']) if c['esp_pfs'] else '%s-%s' % (c['esp_enc'], c['esp_hash'])
+ out = {
+ 'ipsecpsk': c['psk'],
+ 'ikepolicy':ike_policy,
+ 'esppolicy':esp_policy,
+ 'dpd':c['dpd'],
+ 'forceencap':c['force_encap']
+ }
+ if c['ike_life']:
+ out['ikelifetime'] = c['ike_life']
+ if c['esp_life']:
+ out['esplifetime'] = c['esp_life']
+ return out
+
+
+ @classmethod
+ def tearDownClass(cls):
+ try:
+ try:
+ cls.template.delete(cls.apiclient)
+ except Exception: pass
+ cleanup_resources(cls.apiclient, cls.cleanup)
+ except Exception, e:
+ raise Exception("Cleanup failed with %s" % e)
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 23/34: fixes
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 7ed696aa351a4ff97f3105ad944dbf6c973f2452
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Tue Dec 12 10:24:39 2017 +0530
fixes
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
.travis.yml | 11 ++---
.../etc/systemd/system/cloud-postinit.service | 2 +-
systemvm/debian/opt/cloud/bin/cs/CsApp.py | 2 +-
systemvm/debian/opt/cloud/bin/passwd_server | 26 ------------
systemvm/debian/opt/cloud/bin/passwd_server_ip | 29 -------------
systemvm/debian/opt/cloud/bin/update_config.py | 14 +++----
systemvm/debian/opt/cloud/bin/vpc_passwd_server | 32 ---------------
.../opt/cloud/templates/keepalived.conf.templ | 4 +-
.../definitions/systemvmtemplate/apt_upgrade.sh | 13 ++----
.../definitions/systemvmtemplate/configure_grub.sh | 2 +-
.../definitions/systemvmtemplate/finalize.sh | 9 ++++
tools/marvin/marvin/config/test_data.py | 48 +++++++++++++++++++++-
tools/marvin/marvin/lib/common.py | 47 +--------------------
13 files changed, 79 insertions(+), 160 deletions(-)
diff --git a/.travis.yml b/.travis.yml
index a206cbe..b4749c0 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -115,8 +115,7 @@ env:
component/test_acl_sharednetwork_deployVM-impersonation
component/test_affinity_groups_projects
component/test_cpu_domain_limits
- component/test_cpu_limits
- component/test_volumes"
+ component/test_cpu_limits"
- TESTS="component/test_cpu_max_limits
component/test_acl_isolatednetwork
@@ -144,10 +143,12 @@ env:
component/test_snapshots
component/test_stopped_vm"
- - TESTS="component/test_resource_limits
- component/test_tags
+ - TESTS="component/test_resource_limits"
+
+ - TESTS="component/test_tags
component/test_templates
- component/test_update_vm"
+ component/test_update_vm
+ component/test_volumes"
- TESTS="component/test_vpc
component/test_vpc_network
diff --git a/systemvm/debian/etc/systemd/system/cloud-postinit.service b/systemvm/debian/etc/systemd/system/cloud-postinit.service
index 83f0636..04f71a3 100644
--- a/systemvm/debian/etc/systemd/system/cloud-postinit.service
+++ b/systemvm/debian/etc/systemd/system/cloud-postinit.service
@@ -11,4 +11,4 @@ WantedBy=multi-user.target
Type=oneshot
ExecStart=/opt/cloud/bin/setup/postinit.sh
RemainAfterExit=true
-TimeoutStartSec=1min
+TimeoutStartSec=5min
diff --git a/systemvm/debian/opt/cloud/bin/cs/CsApp.py b/systemvm/debian/opt/cloud/bin/cs/CsApp.py
index 2085088..031ac05 100755
--- a/systemvm/debian/opt/cloud/bin/cs/CsApp.py
+++ b/systemvm/debian/opt/cloud/bin/cs/CsApp.py
@@ -66,7 +66,7 @@ class CsApache(CsApp):
class CsPasswdSvc():
"""
- nohup bash /opt/cloud/bin/vpc_passwd_server $ip >/dev/null 2>&1 &
+ CloudStack VR password server
"""
def __init__(self, ip):
diff --git a/systemvm/debian/opt/cloud/bin/passwd_server b/systemvm/debian/opt/cloud/bin/passwd_server
deleted file mode 100755
index 295e720..0000000
--- a/systemvm/debian/opt/cloud/bin/passwd_server
+++ /dev/null
@@ -1,26 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-#we have intentionally split the ip gathering command into two.
-#This was done to avoid getting a SIGPIPE during certain load conditions.
-ipInfo=$(ip addr show dev eth0 | grep inet | grep eth0 )
-ips=$(echo "$ipInfo" | awk '{print $2}' ); echo $ips
-for ip in $ips; do
- addr=$(echo $ip | awk -F'/' '{print $1}')
- /opt/cloud/bin/passwd_server_ip $addr >> /var/log/cloud.log 2>&1 &
-done;
diff --git a/systemvm/debian/opt/cloud/bin/passwd_server_ip b/systemvm/debian/opt/cloud/bin/passwd_server_ip
deleted file mode 100755
index ce21b53..0000000
--- a/systemvm/debian/opt/cloud/bin/passwd_server_ip
+++ /dev/null
@@ -1,29 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-addr=$1;
-while true
-do
- python /opt/cloud/bin/passwd_server_ip.py $addr >/dev/null 2>/dev/null
- rc=$?
- if [ $rc -ne 0 ]
- then
- logger -t cloud "Password server failed with error code $rc. Restarting it..."
- sleep 3
- fi
-done
diff --git a/systemvm/debian/opt/cloud/bin/update_config.py b/systemvm/debian/opt/cloud/bin/update_config.py
index db47c53..b63cd0e 100755
--- a/systemvm/debian/opt/cloud/bin/update_config.py
+++ b/systemvm/debian/opt/cloud/bin/update_config.py
@@ -39,13 +39,6 @@ jsonFilename = sys.argv[1]
jsonConfigFile = jsonPath % jsonFilename
currentGuestNetConfig = "/etc/cloudstack/guestnetwork.json"
-# If the command line json file is unprocessed process it
-# This is important or, the control interfaces will get deleted!
-if jsonFilename != "cmd_line.json" and os.path.isfile(jsonPath % "cmd_line.json"):
- qf = QueueFile()
- qf.setFile("cmd_line.json")
- qf.load(None)
-
def finish_config():
# Converge
@@ -124,6 +117,13 @@ if not (os.path.isfile(jsonConfigFile) and os.access(jsonConfigFile, os.R_OK)):
print "[ERROR] update_config.py :: Unable to read and access %s to process it" % jsonConfigFile
sys.exit(1)
+# If the command line json file is unprocessed process it
+# This is important or, the control interfaces will get deleted!
+if jsonFilename != "cmd_line.json" and os.path.isfile(jsonPath % "cmd_line.json"):
+ qf = QueueFile()
+ qf.setFile("cmd_line.json")
+ qf.load(None)
+
# If the guest network is already configured and have the same IP, do not try to configure it again otherwise it will break
if jsonFilename.startswith("guest_network.json"):
if os.path.isfile(currentGuestNetConfig):
diff --git a/systemvm/debian/opt/cloud/bin/vpc_passwd_server b/systemvm/debian/opt/cloud/bin/vpc_passwd_server
deleted file mode 100755
index 3e201cb..0000000
--- a/systemvm/debian/opt/cloud/bin/vpc_passwd_server
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-ip=$1
-result=$ip
-while [ -n "$result" ]
-do
- python /opt/cloud/bin/passwd_server_ip.py $ip >/dev/null 2>/dev/null
- rc=$?
- if [ $rc -ne 0 ]
- then
- logger -t cloud "Password server failed with error code $rc. Restarting password server..."
- sleep 3
- fi
- result=`ip addr show | grep $ip`
-done &
\ No newline at end of file
diff --git a/systemvm/debian/opt/cloud/templates/keepalived.conf.templ b/systemvm/debian/opt/cloud/templates/keepalived.conf.templ
index 722a9e7..5412fd9 100644
--- a/systemvm/debian/opt/cloud/templates/keepalived.conf.templ
+++ b/systemvm/debian/opt/cloud/templates/keepalived.conf.templ
@@ -21,11 +21,11 @@ global_defs {
vrrp_script heartbeat {
script "[RROUTER_BIN_PATH]/heartbeat.sh"
- interval 4
+ interval 5
}
vrrp_instance inside_network {
- state BACKUP
+ state EQUAL
interface eth2
virtual_router_id 51
nopreempt
diff --git a/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh b/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
index 4a408c3..1a72b3a 100644
--- a/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
+++ b/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
@@ -19,15 +19,6 @@
set -e
set -x
-function fix_tune2fs() {
- for partition in $(blkid -o list | grep ext | awk '{print $1}')
- do
- tune2fs -c 1 $partition
- done
- fdisk -l
- df -h
-}
-
function add_backports() {
sed -i '/cdrom/d' /etc/apt/sources.list
sed -i '/deb-src/d' /etc/apt/sources.list
@@ -39,10 +30,12 @@ function apt_upgrade() {
DEBIAN_FRONTEND=noninteractive
DEBIAN_PRIORITY=critical
+ fdisk -l
+ df -h
+
# Setup sudo
echo 'cloud ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/cloud
- fix_tune2fs
add_backports
rm -fv /root/*.iso
diff --git a/tools/appliance/definitions/systemvmtemplate/configure_grub.sh b/tools/appliance/definitions/systemvmtemplate/configure_grub.sh
index c0a2596..5d80e46 100644
--- a/tools/appliance/definitions/systemvmtemplate/configure_grub.sh
+++ b/tools/appliance/definitions/systemvmtemplate/configure_grub.sh
@@ -28,7 +28,7 @@ GRUB_DEFAULT=0
GRUB_TIMEOUT=0
GRUB_DISTRIBUTOR=Debian
GRUB_CMDLINE_LINUX_DEFAULT=""
-GRUB_CMDLINE_LINUX="console=tty0 console=ttyS0,115200n8 console=hvc0 earlyprintk=xen net.ifnames=0 biosdevname=0 debian-installer=en_US fsck.mode=force nomodeset"
+GRUB_CMDLINE_LINUX="console=tty0 console=ttyS0,115200n8 console=hvc0 earlyprintk=xen net.ifnames=0 biosdevname=0 debian-installer=en_US nomodeset"
GRUB_CMDLINE_XEN="com1=115200 console=com1"
GRUB_TERMINAL="console serial"
GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1"
diff --git a/tools/appliance/definitions/systemvmtemplate/finalize.sh b/tools/appliance/definitions/systemvmtemplate/finalize.sh
index fb8c8f3..82d17b9 100644
--- a/tools/appliance/definitions/systemvmtemplate/finalize.sh
+++ b/tools/appliance/definitions/systemvmtemplate/finalize.sh
@@ -49,6 +49,14 @@ function cleanup_veewee() {
rm -fv .veewee_version .veewee_params .vbox_version
}
+# Perform fsck check on every 2nd boot
+function fix_tune2fs() {
+ for partition in $(blkid -o list | grep ext | awk '{print $1}')
+ do
+ tune2fs -c 2 $partition
+ done
+}
+
# Zero out the free space to save space in the final image:
function zero_disk() {
df -h
@@ -65,6 +73,7 @@ function finalize() {
configure_misc
configure_sudoers
cleanup_veewee
+ fix_tune2fs
sync
zero_disk
halt -p
diff --git a/tools/marvin/marvin/config/test_data.py b/tools/marvin/marvin/config/test_data.py
index b2a969c..d55ea36 100644
--- a/tools/marvin/marvin/config/test_data.py
+++ b/tools/marvin/marvin/config/test_data.py
@@ -1,4 +1,4 @@
-#t Licensed to the Apache Software Foundation (ASF) under one
+# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
@@ -897,8 +897,54 @@ test_data = {
"name": "xs",
"passwordenabled": False,
"ostype": "CentOS 5.6 (64-bit)"
+ },
+ "test_templates": {
+ "kvm": {
+ "name": "tiny-kvm",
+ "displaytext": "tiny kvm",
+ "format": "qcow2",
+ "hypervisor": "kvm",
+ "ostype": "Other Linux (64-bit)",
+ "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-kvm.qcow2.bz2",
+ "requireshvm": "True",
+ "ispublic": "True",
+ "isextractable": "True"
+ },
+ "xenserver": {
+ "name": "tiny-xen",
+ "displaytext": "tiny xen",
+ "format": "vhd",
+ "hypervisor": "xenserver",
+ "ostype": "Other Linux (64-bit)",
+ "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-xen.vhd.bz2",
+ "requireshvm": "True",
+ "ispublic": "True",
+ "isextractable": "True"
+ },
+ "hyperv": {
+ "name": "tiny-hyperv",
+ "displaytext": "tiny hyperv",
+ "format": "vhd",
+ "hypervisor": "hyperv",
+ "ostype": "Other Linux (64-bit)",
+ "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-hyperv.vhd.zip",
+ "requireshvm": "True",
+ "ispublic": "True",
+ "isextractable": "True"
+ },
+ "vmware": {
+ "name": "tiny-vmware",
+ "displaytext": "tiny vmware",
+ "format": "ova",
+ "hypervisor": "vmware",
+ "ostype": "Other Linux (64-bit)",
+ "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-vmware.ova",
+ "requireshvm": "True",
+ "ispublic": "True"
+ }
},
+
"coreos_volume": {
"diskname": "Volume_core",
"urlvmware":"http://dl.openvm.eu/cloudstack/coreos/x86_64/coreos_production_cloudstack_image-vmware.ova",
diff --git a/tools/marvin/marvin/lib/common.py b/tools/marvin/marvin/lib/common.py
index 73fdf2a..86203d6 100644
--- a/tools/marvin/marvin/lib/common.py
+++ b/tools/marvin/marvin/lib/common.py
@@ -18,6 +18,7 @@
"""
# Import Local Modules
+from marvin.config.test_data import test_data
from marvin.cloudstackAPI import (listConfigurations,
listPhysicalNetworks,
listRegions,
@@ -351,51 +352,7 @@ def get_test_template(apiclient, zone_id=None, hypervisor=None):
is missing it will be download at most one in a zone for a hypervisor.
@Input : returns a template
"""
- test_templates = {
- "kvm": {
- "name": "tiny-kvm",
- "displaytext": "tiny kvm",
- "format": "qcow2",
- "hypervisor": "kvm",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-kvm.qcow2.bz2",
- "requireshvm": "True",
- "ispublic": "True",
- "isextractable": "True"
- },
- "xenserver": {
- "name": "tiny-xen",
- "displaytext": "tiny xen",
- "format": "vhd",
- "hypervisor": "xenserver",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-xen.vhd.bz2",
- "requireshvm": "True",
- "ispublic": "True",
- "isextractable": "True"
- },
- "hyperv": {
- "name": "tiny-hyperv",
- "displaytext": "tiny hyperv",
- "format": "vhd",
- "hypervisor": "hyperv",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-hyperv.vhd.zip",
- "requireshvm": "True",
- "ispublic": "True",
- "isextractable": "True"
- },
- "vmware": {
- "name": "tiny-vmware",
- "displaytext": "tiny vmware",
- "format": "ova",
- "hypervisor": "vmware",
- "ostype": "Other Linux (64-bit)",
- "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-vmware.ova",
- "requireshvm": "True",
- "ispublic": "True"
- }
- }
+ test_templates = test_data["test_templates"]
if hypervisor is None:
return FAILED
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 05/34: CLOUDSTACK-9348: Improve Nio SSH handshake
buffers
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit b62ea9e98151e6c7745c91a9e8e0c9e7504cab5b
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Thu Nov 30 16:51:48 2017 +0530
CLOUDSTACK-9348: Improve Nio SSH handshake buffers
Use a holder class to pass buffers, fixes potential leak.
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
.../agent/manager/ClusteredAgentManagerImpl.java | 2 +-
utils/src/main/java/com/cloud/utils/nio/Link.java | 72 +++++++++++++++++-----
.../main/java/com/cloud/utils/nio/NioClient.java | 2 +-
.../java/com/cloud/utils/nio/NioConnection.java | 2 +-
4 files changed, 58 insertions(+), 20 deletions(-)
diff --git a/engine/orchestration/src/com/cloud/agent/manager/ClusteredAgentManagerImpl.java b/engine/orchestration/src/com/cloud/agent/manager/ClusteredAgentManagerImpl.java
index 2ebfeb5..0b9899e 100644
--- a/engine/orchestration/src/com/cloud/agent/manager/ClusteredAgentManagerImpl.java
+++ b/engine/orchestration/src/com/cloud/agent/manager/ClusteredAgentManagerImpl.java
@@ -519,7 +519,7 @@ public class ClusteredAgentManagerImpl extends AgentManagerImpl implements Clust
sslEngine.setUseClientMode(true);
sslEngine.setEnabledProtocols(SSLUtils.getSupportedProtocols(sslEngine.getEnabledProtocols()));
sslEngine.beginHandshake();
- if (!Link.doHandshake(ch1, sslEngine, true)) {
+ if (!Link.doHandshake(ch1, sslEngine)) {
ch1.close();
throw new IOException(String.format("SSL: Handshake failed with peer management server '%s' on %s:%d ", peerName, ip, port));
}
diff --git a/utils/src/main/java/com/cloud/utils/nio/Link.java b/utils/src/main/java/com/cloud/utils/nio/Link.java
index 8f1b811..35211c8 100644
--- a/utils/src/main/java/com/cloud/utils/nio/Link.java
+++ b/utils/src/main/java/com/cloud/utils/nio/Link.java
@@ -32,6 +32,8 @@ import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.concurrent.ConcurrentLinkedQueue;
+import java.util.concurrent.Executor;
+import java.util.concurrent.Executors;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
@@ -462,7 +464,7 @@ public class Link {
return buffer;
}
- public static ByteBuffer handleBufferUnderflow(final SSLEngine engine, ByteBuffer buffer) {
+ public static ByteBuffer handleBufferUnderflow(final SSLEngine engine, final ByteBuffer buffer) {
if (engine == null || buffer == null) {
return buffer;
}
@@ -475,14 +477,14 @@ public class Link {
return replaceBuffer;
}
- private static boolean doHandshakeUnwrap(final SocketChannel socketChannel, final SSLEngine sslEngine,
+ private static HandshakeHolder doHandshakeUnwrap(final SocketChannel socketChannel, final SSLEngine sslEngine,
ByteBuffer peerAppData, ByteBuffer peerNetData, final int appBufferSize) throws IOException {
if (socketChannel == null || sslEngine == null || peerAppData == null || peerNetData == null || appBufferSize < 0) {
- return false;
+ return new HandshakeHolder(peerAppData, peerNetData, false);
}
if (socketChannel.read(peerNetData) < 0) {
if (sslEngine.isInboundDone() && sslEngine.isOutboundDone()) {
- return false;
+ return new HandshakeHolder(peerAppData, peerNetData, false);
}
try {
sslEngine.closeInbound();
@@ -492,7 +494,7 @@ public class Link {
sslEngine.closeOutbound();
// After closeOutbound the engine will be set to WRAP state,
// in order to try to send a close message to the client.
- return true;
+ return new HandshakeHolder(peerAppData, peerNetData, true);
}
peerNetData.flip();
SSLEngineResult result = null;
@@ -503,7 +505,10 @@ public class Link {
s_logger.error(String.format("SSL error caught during unwrap data: %s, for local address=%s, remote address=%s. The client may have invalid ca-certificates.",
sslException.getMessage(), socketChannel.getLocalAddress(), socketChannel.getRemoteAddress()));
sslEngine.closeOutbound();
- return false;
+ return new HandshakeHolder(peerAppData, peerNetData, true);
+ }
+ if (result == null) {
+ return new HandshakeHolder(peerAppData, peerNetData, false);
}
switch (result.getStatus()) {
case OK:
@@ -519,23 +524,23 @@ public class Link {
break;
case CLOSED:
if (sslEngine.isOutboundDone()) {
- return false;
+ return new HandshakeHolder(peerAppData, peerNetData, false);
} else {
sslEngine.closeOutbound();
- break;
}
+ break;
default:
throw new IllegalStateException("Invalid SSL status: " + result.getStatus());
}
- return true;
+ return new HandshakeHolder(peerAppData, peerNetData, true);
}
- private static boolean doHandshakeWrap(final SocketChannel socketChannel, final SSLEngine sslEngine,
+ private static HandshakeHolder doHandshakeWrap(final SocketChannel socketChannel, final SSLEngine sslEngine,
ByteBuffer myAppData, ByteBuffer myNetData, ByteBuffer peerNetData,
final int netBufferSize) throws IOException {
if (socketChannel == null || sslEngine == null || myNetData == null || peerNetData == null
|| myAppData == null || netBufferSize < 0) {
- return false;
+ return new HandshakeHolder(myAppData, myNetData, false);
}
myNetData.clear();
SSLEngineResult result = null;
@@ -545,7 +550,10 @@ public class Link {
s_logger.error(String.format("SSL error caught during wrap data: %s, for local address=%s, remote address=%s.",
sslException.getMessage(), socketChannel.getLocalAddress(), socketChannel.getRemoteAddress()));
sslEngine.closeOutbound();
- return false;
+ return new HandshakeHolder(myAppData, myNetData, true);
+ }
+ if (result == null) {
+ return new HandshakeHolder(myAppData, myNetData, false);
}
switch (result.getStatus()) {
case OK :
@@ -579,10 +587,10 @@ public class Link {
default:
throw new IllegalStateException("Invalid SSL status: " + result.getStatus());
}
- return true;
+ return new HandshakeHolder(myAppData, myNetData, true);
}
- public static boolean doHandshake(final SocketChannel socketChannel, final SSLEngine sslEngine, final boolean isClient) throws IOException {
+ public static boolean doHandshake(final SocketChannel socketChannel, final SSLEngine sslEngine) throws IOException {
if (socketChannel == null || sslEngine == null) {
return false;
}
@@ -593,6 +601,7 @@ public class Link {
ByteBuffer myNetData = ByteBuffer.allocate(netBufferSize);
ByteBuffer peerNetData = ByteBuffer.allocate(netBufferSize);
+ final Executor executor = Executors.newSingleThreadExecutor();
final long startTimeMills = System.currentTimeMillis();
HandshakeStatus handshakeStatus = sslEngine.getHandshakeStatus();
@@ -606,12 +615,17 @@ public class Link {
}
switch (handshakeStatus) {
case NEED_UNWRAP:
- if (!doHandshakeUnwrap(socketChannel, sslEngine, peerAppData, peerNetData, appBufferSize)) {
+ final HandshakeHolder unwrapResult = doHandshakeUnwrap(socketChannel, sslEngine, peerAppData, peerNetData, appBufferSize);
+ peerAppData = unwrapResult.getAppDataBuffer();
+ peerNetData = unwrapResult.getNetDataBuffer();
+ if (!unwrapResult.isSuccess()) {
return false;
}
break;
case NEED_WRAP:
- if (!doHandshakeWrap(socketChannel, sslEngine, myAppData, myNetData, peerNetData, netBufferSize)) {
+ final HandshakeHolder wrapResult = doHandshakeWrap(socketChannel, sslEngine, myAppData, myNetData, peerNetData, netBufferSize);
+ myNetData = wrapResult.getNetDataBuffer();
+ if (!wrapResult.isSuccess()) {
return false;
}
break;
@@ -621,7 +635,7 @@ public class Link {
if (s_logger.isTraceEnabled()) {
s_logger.trace("SSL: Running delegated task!");
}
- task.run();
+ executor.execute(task);
}
break;
case FINISHED:
@@ -636,4 +650,28 @@ public class Link {
return true;
}
+ private static class HandshakeHolder {
+ private ByteBuffer appData;
+ private ByteBuffer netData;
+ private boolean success = true;
+
+ HandshakeHolder(ByteBuffer appData, ByteBuffer netData, boolean success) {
+ this.appData = appData;
+ this.netData = netData;
+ this.success = success;
+ }
+
+ ByteBuffer getAppDataBuffer() {
+ return appData;
+ }
+
+ ByteBuffer getNetDataBuffer() {
+ return netData;
+ }
+
+ boolean isSuccess() {
+ return success;
+ }
+ }
+
}
diff --git a/utils/src/main/java/com/cloud/utils/nio/NioClient.java b/utils/src/main/java/com/cloud/utils/nio/NioClient.java
index 1c29b0c..d4a1e02 100644
--- a/utils/src/main/java/com/cloud/utils/nio/NioClient.java
+++ b/utils/src/main/java/com/cloud/utils/nio/NioClient.java
@@ -61,7 +61,7 @@ public class NioClient extends NioConnection {
sslEngine.setUseClientMode(true);
sslEngine.setEnabledProtocols(SSLUtils.getSupportedProtocols(sslEngine.getEnabledProtocols()));
sslEngine.beginHandshake();
- if (!Link.doHandshake(_clientConnection, sslEngine, true)) {
+ if (!Link.doHandshake(_clientConnection, sslEngine)) {
s_logger.error("SSL Handshake failed while connecting to host: " + _host + " port: " + _port);
_selector.close();
throw new IOException("SSL Handshake failed while connecting to host: " + _host + " port: " + _port);
diff --git a/utils/src/main/java/com/cloud/utils/nio/NioConnection.java b/utils/src/main/java/com/cloud/utils/nio/NioConnection.java
index 30000cf..9a5bf7e 100644
--- a/utils/src/main/java/com/cloud/utils/nio/NioConnection.java
+++ b/utils/src/main/java/com/cloud/utils/nio/NioConnection.java
@@ -213,7 +213,7 @@ public abstract class NioConnection implements Callable<Boolean> {
_selector.wakeup();
try {
sslEngine.beginHandshake();
- if (!Link.doHandshake(socketChannel, sslEngine, false)) {
+ if (!Link.doHandshake(socketChannel, sslEngine)) {
throw new IOException("SSL handshake timed out with " + socketChannel.getRemoteAddress());
}
if (s_logger.isTraceEnabled()) {
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 13/34: more systemvmtemplate optimizations
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit e0c2f0042f5c1144be3a8b112a4994ffb1ac0b6c
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Sat Dec 9 16:37:31 2017 +0530
more systemvmtemplate optimizations
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
systemvm/debian/opt/cloud/bin/setup/postinit.sh | 15 ++++++++++-----
tools/appliance/build.sh | 2 +-
tools/appliance/definitions/systemvmtemplate/cleanup.sh | 1 +
tools/appliance/definitions/systemvmtemplate/finalize.sh | 1 +
.../systemvmtemplate/install_systemvm_packages.sh | 2 +-
tools/appliance/definitions/systemvmtemplate/preseed.cfg | 6 +++---
6 files changed, 17 insertions(+), 10 deletions(-)
diff --git a/systemvm/debian/opt/cloud/bin/setup/postinit.sh b/systemvm/debian/opt/cloud/bin/setup/postinit.sh
index efd1b4b..9a16966 100755
--- a/systemvm/debian/opt/cloud/bin/setup/postinit.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/postinit.sh
@@ -15,9 +15,17 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-
+#
# This scripts before ssh.service but after cloud-early-config
+# Eject cdrom if any
+eject || true
+
+# Refresh and setup systemd
+chmod -x /etc/systemd/system/cloud*.service
+systemctl daemon-reload
+
+# Setup router
CMDLINE=/var/cache/cloud/cmdline
for str in $(cat $CMDLINE)
do
@@ -32,15 +40,12 @@ for str in $(cat $CMDLINE)
esac
done
-chmod -x /etc/systemd/system/cloud*.service
-systemctl daemon-reload
-
if [ "$TYPE" == "router" ] || [ "$TYPE" == "vpcrouter" ] || [ "$TYPE" == "dhcpsrvr" ]
then
if [ -x /opt/cloud/bin/update_config.py ]
then
/opt/cloud/bin/update_config.py cmd_line.json
- logger -t cloud "Updated config: cmd_line.json"
+ logger -t cloud "postinit: Updated config cmd_line.json"
fi
fi
diff --git a/tools/appliance/build.sh b/tools/appliance/build.sh
index 45f4728..6f2ab6b 100755
--- a/tools/appliance/build.sh
+++ b/tools/appliance/build.sh
@@ -397,7 +397,7 @@ function stage_vmx (){
displayname = "${1}"
annotation = "${1}"
guestos = "otherlinux-64"
-virtualhw.version = "7"
+virtualHW.version = "8"
config.version = "8"
numvcpus = "1"
cpuid.coresPerSocket = "1"
diff --git a/tools/appliance/definitions/systemvmtemplate/cleanup.sh b/tools/appliance/definitions/systemvmtemplate/cleanup.sh
index 00f068d..f1591ac 100644
--- a/tools/appliance/definitions/systemvmtemplate/cleanup.sh
+++ b/tools/appliance/definitions/systemvmtemplate/cleanup.sh
@@ -64,6 +64,7 @@ function cleanup_misc() {
rm -fr /usr/share/man
rm -fr /usr/share/info
rm -fr /usr/share/lintian
+ rm -fr /usr/share/vim
find /usr/share/locale -type f | grep -v en | xargs rm -fr
}
diff --git a/tools/appliance/definitions/systemvmtemplate/finalize.sh b/tools/appliance/definitions/systemvmtemplate/finalize.sh
index 1a25e39..912887c 100644
--- a/tools/appliance/definitions/systemvmtemplate/finalize.sh
+++ b/tools/appliance/definitions/systemvmtemplate/finalize.sh
@@ -57,6 +57,7 @@ function zero_disk() {
sync
rm -f ${path}/zero
done
+ fstrim -av
df -h
}
diff --git a/tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh b/tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh
index 40ff6df..b60f908 100644
--- a/tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh
+++ b/tools/appliance/definitions/systemvmtemplate/install_systemvm_packages.sh
@@ -53,7 +53,7 @@ function install_packages() {
fi
${apt_get} install grub-legacy \
- rsyslog logrotate cron net-tools ifupdown vim netbase iptables \
+ rsyslog logrotate cron net-tools ifupdown tmux vim netbase iptables \
openssh-server e2fsprogs tcpdump socat wget \
python bzip2 sed gawk diffutils grep gzip less tar telnet ftp rsync traceroute psmisc lsof procps \
inetutils-ping iputils-arping httping curl \
diff --git a/tools/appliance/definitions/systemvmtemplate/preseed.cfg b/tools/appliance/definitions/systemvmtemplate/preseed.cfg
index 5a8e2d9..7fbe2a1 100644
--- a/tools/appliance/definitions/systemvmtemplate/preseed.cfg
+++ b/tools/appliance/definitions/systemvmtemplate/preseed.cfg
@@ -57,7 +57,7 @@ d-i partman-auto/method string regular
d-i partman-auto/choose_recipe select atomic
d-i partman-auto/expert_recipe string \
boot-root :: \
- 50 50 50 ext2 \
+ 100 50 100 ext2 \
$primary{ } $bootable{ } \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext2 } \
@@ -68,12 +68,12 @@ d-i partman-auto/expert_recipe string \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ / } \
. \
- 350 50 400 ext4 \
+ 350 60 400 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ /var/log } \
. \
- 100 100 100 linux-swap \
+ 50 100 200 linux-swap \
method{ swap } format{ } \
.
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 26/34: fix volume usage test case
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 2716ede1133db78fb82f5d70a30d7dcce5b84081
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Tue Dec 12 20:52:24 2017 +0530
fix volume usage test case
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
server/src/com/cloud/server/StatsCollector.java | 2 +-
test/integration/smoke/test_usage.py | 22 ++++------------------
2 files changed, 5 insertions(+), 19 deletions(-)
diff --git a/server/src/com/cloud/server/StatsCollector.java b/server/src/com/cloud/server/StatsCollector.java
index 96b51f5..d32ed98 100644
--- a/server/src/com/cloud/server/StatsCollector.java
+++ b/server/src/com/cloud/server/StatsCollector.java
@@ -937,7 +937,7 @@ public class StatsCollector extends ManagerBase implements ComponentMethodInterc
}
public VolumeStats getVolumeStats(String volumeLocator) {
- if (_volumeStats.containsKey(volumeLocator)) {
+ if (volumeLocator != null && _volumeStats.containsKey(volumeLocator)) {
return _volumeStats.get(volumeLocator);
}
return null;
diff --git a/test/integration/smoke/test_usage.py b/test/integration/smoke/test_usage.py
index e6c6565..4419835 100644
--- a/test/integration/smoke/test_usage.py
+++ b/test/integration/smoke/test_usage.py
@@ -680,26 +680,12 @@ class TestVolumeUsage(cloudstackTestCase):
"Check VOLUME.DELETE in events table"
)
self.hypervisor = str(get_hypervisor_type(self.apiclient)).lower()
- if self.hypervisor == "vmware":
- self.testdata["coreos_volume"][
- "url"] = self.testdata["coreos_volume"]["urlvmware"]
- self.testdata["coreos_volume"]["format"] = "OVA"
- elif self.hypervisor == "xenserver":
- self.testdata["coreos_volume"][
- "url"] = self.testdata["coreos_volume"]["urlxen"]
- self.testdata["coreos_volume"]["format"] = "VHD"
- elif self.hypervisor == "kvm":
- self.testdata["coreos_volume"][
- "url"] = self.testdata["coreos_volume"]["urlkvm"]
- self.testdata["coreos_volume"]["format"] = "QCOW2"
- elif self.hypervisor == "hyperv":
- self.testdata["coreos_volume"][
- "url"] = self.testdata["coreos_volume"]["urlxen"]
- self.testdata["coreos_volume"]["format"] = "VHD"
-
+ volume_template = self.testdata["test_templates"][self.hypervisor]
+ volume_template["diskname"] = "Volume_tiny"
+ volume_template["format"] = volume_template["format"].upper()
volume_uploaded = Volume.upload(
self.apiclient,
- self.testdata["coreos_volume"],
+ volume_template,
self.zone.id,
account=self.account.name,
domainid=self.account.domainid)
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 07/34: CLOUDSTACK-10013: SystemVM.iso refactoring and
cleanups
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 9f7fdb6326125e317cf5e44d4bab45d76848b25b
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Sun Nov 26 13:32:33 2017 +0530
CLOUDSTACK-10013: SystemVM.iso refactoring and cleanups
- Removes old/dead files
- Refactors file path/location, backward compatible to filepaths in
systemvm.isoa
- Fixes failures around apache2
---
.../tomcatconf/commands-simulator.properties.in | 21 --
client/pom.xml | 1 -
developer/developer-prefill.sql | 2 +-
pom.xml | 35 +-
setup/dev/advanced.cfg | 2 +-
systemvm/{ => agent}/certs/localhost.crt | 0
systemvm/{ => agent}/certs/localhost.key | 0
systemvm/{ => agent}/certs/realhostip.crt | 0
systemvm/{ => agent}/certs/realhostip.csr | 0
systemvm/{ => agent}/certs/realhostip.key | 0
systemvm/{ => agent}/certs/realhostip.keystore | Bin
systemvm/{ => agent}/conf/agent.properties | 4 +-
systemvm/{ => agent}/conf/consoleproxy.properties | 4 +-
systemvm/{ => agent}/conf/environment.properties | 0
systemvm/{ => agent}/conf/log4j-cloud.xml | 0
systemvm/{ => agent}/css/ajaxviewer.css | 74 ++--
systemvm/{ => agent}/css/logger.css | 21 +-
systemvm/{ => agent}/images/back.gif | Bin
systemvm/{ => agent}/images/bright-green.png | Bin
systemvm/{ => agent}/images/cad.gif | Bin
systemvm/{ => agent}/images/cannotconnect.jpg | Bin
systemvm/{ => agent}/images/clr_button.gif | Bin
systemvm/{ => agent}/images/clr_button_hover.gif | Bin
systemvm/{ => agent}/images/dot.cur | Bin
systemvm/{ => agent}/images/gray-green.png | Bin
systemvm/{ => agent}/images/grid_headerbg.gif | Bin
systemvm/{ => agent}/images/left.png | Bin
systemvm/{ => agent}/images/minimize_button.gif | Bin
.../{ => agent}/images/minimize_button_hover.gif | Bin
systemvm/{ => agent}/images/notready.jpg | Bin
systemvm/{ => agent}/images/play_button.gif | Bin
systemvm/{ => agent}/images/play_button_hover.gif | Bin
systemvm/{ => agent}/images/right.png | Bin
systemvm/{ => agent}/images/right2.png | Bin
systemvm/{ => agent}/images/shrink_button.gif | Bin
.../{ => agent}/images/shrink_button_hover.gif | Bin
systemvm/{ => agent}/images/stop_button.gif | Bin
systemvm/{ => agent}/images/stop_button_hover.gif | Bin
systemvm/{ => agent}/images/winlog.png | Bin
systemvm/{ => agent}/js/ajaxkeys.js | 0
systemvm/{ => agent}/js/ajaxviewer.js | 395 ++++++++++----------
systemvm/{ => agent}/js/cloud.logger.js | 135 ++++---
systemvm/{ => agent}/js/handler.js | 4 +-
systemvm/{ => agent}/js/jquery.flot.navigate.js | 58 +--
systemvm/{ => agent}/js/jquery.js | 0
systemvm/{ => agent}/scripts/_run.sh | 4 +-
systemvm/{ => agent}/scripts/config_auth.sh | 10 +-
systemvm/{ => agent}/scripts/config_ssl.sh | 17 +-
systemvm/{ => agent}/scripts/consoleproxy.sh | 4 +-
systemvm/{ => agent}/scripts/ipfirewall.sh | 5 +-
systemvm/{ => agent}/scripts/run-proxy.sh | 10 +-
systemvm/{ => agent}/scripts/run.sh | 4 +-
systemvm/{ => agent}/scripts/secstorage.sh | 4 +-
systemvm/{ => agent}/scripts/ssvm-check.sh | 10 +-
systemvm/{ => agent}/scripts/utils.sh | 0
systemvm/{ => agent}/ui/viewer-bad-sid.ftl | 4 +-
systemvm/{ => agent}/ui/viewer-connect-failed.ftl | 4 +-
systemvm/{ => agent}/ui/viewer-update.ftl | 3 +-
systemvm/{ => agent}/ui/viewer.ftl | 28 +-
systemvm/bindir/cloud-setup-console-proxy.in | 220 -----------
systemvm/conf.dom0/agent.properties.in | 46 ---
systemvm/conf.dom0/consoleproxy.properties.in | 23 --
systemvm/conf.dom0/log4j-cloud.xml.in | 111 ------
systemvm/conf/agent.properties.ssvm | 21 --
.../SYSCONFDIR/rc.d/init.d/cloud-console-proxy.in | 96 -----
.../SYSCONFDIR/rc.d/init.d/cloud-console-proxy.in | 96 -----
.../SYSCONFDIR/rc.d/init.d/cloud-console-proxy.in | 96 -----
.../SYSCONFDIR/init.d/cloud-console-proxy.in | 110 ------
systemvm/libexec/console-proxy-runner.in | 90 -----
systemvm/patches/debian/README | 34 --
systemvm/patches/debian/config.dat | 398 --------------------
systemvm/patches/debian/config/etc/chef/node.json | 5 -
systemvm/patches/debian/config/etc/chef/solo.rb | 21 --
.../debian/config/opt/cloud/templates/README | 2 -
.../opt/cloud/templates/arping_gateways.sh.templ | 29 --
.../config/opt/cloud/templates/check_bumpup.sh | 19 -
.../debian/config/opt/cloud/testdata/acl0001.json | 54 ---
.../config/root/redundant_router/backup.sh.templ | 39 --
.../root/redundant_router/check_heartbeat.sh.templ | 60 ---
.../root/redundant_router/checkrouter.sh.templ | 56 ---
.../root/redundant_router/conntrackd.conf.templ | 401 ---------------------
.../config/root/redundant_router/disable_pubip.sh | 23 --
.../root/redundant_router/enable_pubip.sh.templ | 50 ---
.../config/root/redundant_router/fault.sh.templ | 37 --
.../root/redundant_router/heartbeat.sh.templ | 20 -
.../root/redundant_router/keepalived.conf.templ | 57 ---
.../config/root/redundant_router/master.sh.templ | 60 ---
.../root/redundant_router/primary-backup.sh.templ | 126 -------
.../config/root/redundant_router/services.sh | 68 ----
systemvm/patches/debian/convert.sh | 64 ----
.../debian/{config => }/etc/apache2/httpd.conf | 0
.../debian/{config => }/etc/apache2/vhost.template | 1 -
.../debian/{config => }/etc/cloud-nic.rules | 1 -
.../debian/{config => }/etc/dnsmasq.conf.tmpl | 16 +-
.../debian/{config => }/etc/haproxy/haproxy.cfg | 6 +-
.../{config => }/etc/init.d/cloud-early-config | 0
.../{config => }/etc/init.d/cloud-passwd-srvr | 6 +-
.../etc/iptables/iptables-consoleproxy | 12 +-
.../{config => }/etc/iptables/iptables-dhcpsrvr | 2 +-
.../{config => }/etc/iptables/iptables-elbvm | 3 +-
.../{config => }/etc/iptables/iptables-ilbvm | 3 +-
.../{config => }/etc/iptables/iptables-router | 2 +-
.../{config => }/etc/iptables/iptables-secstorage | 12 +-
.../{config => }/etc/iptables/iptables-vpcrouter | 2 +-
.../{config => }/etc/iptables/rt_tables_init | 2 +-
.../patches/debian/{config => }/etc/iptables/rules | 3 +-
.../patches/debian/{config => }/etc/logrotate.conf | 1 -
.../debian/{config => }/etc/logrotate.d/apache2 | 0
.../debian/{config => }/etc/logrotate.d/cloud | 0
.../debian/{config => }/etc/logrotate.d/conntrackd | 0
.../debian/{config => }/etc/logrotate.d/dnsmasq | 1 -
.../debian/{config => }/etc/logrotate.d/haproxy | 0
.../debian/{config => }/etc/logrotate.d/ppp | 1 -
.../debian/{config => }/etc/logrotate.d/rsyslog | 0
.../{config => }/etc/modprobe.d/aesni_intel.conf | 0
.../debian/{config => }/etc/modprobe.d/pcspkr.conf | 0
.../debian/{config => }/etc/profile.d/cloud.sh | 2 +-
systemvm/patches/debian/{config => }/etc/rc.local | 0
.../patches/debian/{config => }/etc/rsyslog.conf | 0
.../debian/{config => }/etc/ssh/sshd_config | 14 +-
.../patches/debian/{config => }/etc/sysctl.conf | 2 +-
.../debian/{config => }/etc/vpcdnsmasq.conf | 22 +-
.../{config => }/opt/cloud/bin/baremetal-vr.py | 322 ++++++++---------
.../{config => }/opt/cloud/bin/baremetal_snat.sh | 3 +-
.../{config => }/opt/cloud/bin/bumpup_priority.sh | 0
.../{config => }/opt/cloud/bin/checkbatchs2svpn.sh | 0
.../{config => }/opt/cloud/bin/checkrouter.sh | 0
.../{config => }/opt/cloud/bin/checks2svpn.sh | 0
.../debian/{config => }/opt/cloud/bin/cloud-nic.sh | 2 +-
.../debian/{config => }/opt/cloud/bin/configure.py | 0
.../{config => }/opt/cloud/bin/cs/CsAddress.py | 1 -
.../debian/{config => }/opt/cloud/bin/cs/CsApp.py | 0
.../{config => }/opt/cloud/bin/cs/CsConfig.py | 0
.../{config => }/opt/cloud/bin/cs/CsDatabag.py | 0
.../debian/{config => }/opt/cloud/bin/cs/CsDhcp.py | 0
.../debian/{config => }/opt/cloud/bin/cs/CsFile.py | 0
.../opt/cloud/bin/cs/CsGuestNetwork.py | 0
.../{config => }/opt/cloud/bin/cs/CsHelper.py | 0
.../opt/cloud/bin/cs/CsLoadBalancer.py | 0
.../{config => }/opt/cloud/bin/cs/CsMonitor.py | 0
.../{config => }/opt/cloud/bin/cs/CsNetfilter.py | 0
.../{config => }/opt/cloud/bin/cs/CsProcess.py | 0
.../{config => }/opt/cloud/bin/cs/CsRedundant.py | 14 +-
.../{config => }/opt/cloud/bin/cs/CsRoute.py | 0
.../debian/{config => }/opt/cloud/bin/cs/CsRule.py | 0
.../opt/cloud/bin/cs/CsStaticRoutes.py | 5 +-
.../{config => }/opt/cloud/bin/cs/__init__.py | 0
.../{config => }/opt/cloud/bin/cs_cmdline.py | 0
.../debian/{config => }/opt/cloud/bin/cs_dhcp.py | 1 -
.../{config => }/opt/cloud/bin/cs_firewallrules.py | 0
.../opt/cloud/bin/cs_forwardingrules.py | 0
.../{config => }/opt/cloud/bin/cs_guestnetwork.py | 0
.../debian/{config => }/opt/cloud/bin/cs_ip.py | 0
.../{config => }/opt/cloud/bin/cs_loadbalancer.py | 0
.../opt/cloud/bin/cs_monitorservice.py | 0
.../{config => }/opt/cloud/bin/cs_network_acl.py | 0
.../opt/cloud/bin/cs_remoteaccessvpn.py | 0
.../{config => }/opt/cloud/bin/cs_site2sitevpn.py | 0
.../{config => }/opt/cloud/bin/cs_staticroutes.py | 0
.../debian/{config => }/opt/cloud/bin/cs_vmdata.py | 0
.../debian/{config => }/opt/cloud/bin/cs_vmp.py | 0
.../{config => }/opt/cloud/bin/cs_vpnusers.py | 0
.../debian/{config => }/opt/cloud/bin/dnsmasq.sh | 0
.../debian/{config => }/opt/cloud/bin/edithosts.sh | 2 +-
.../{config => }/opt/cloud/bin/getRouterAlerts.sh | 0
.../opt/cloud/bin/get_template_version.sh | 0
.../debian/{config => }/opt/cloud/bin/ilb.sh | 34 +-
.../debian/{config => }/opt/cloud/bin/ipassoc.sh | 43 ++-
.../{config => }/opt/cloud/bin/ipsectunnel.sh | 0
.../debian/{config => }/opt/cloud/bin/line_edit.py | 0
.../{config => }/opt/cloud/bin/loadbalancer.sh | 80 ++--
.../debian/{config => }/opt/cloud/bin/master.py | 0
.../debian/{config => }/opt/cloud/bin/merge.py | 0
.../{config => }/opt/cloud/bin/monitor_service.sh | 1 -
.../debian/{config => }/opt/cloud/bin/netusage.sh | 23 +-
.../{config => }/opt/cloud/bin/passwd_server | 0
.../{config => }/opt/cloud/bin/passwd_server_ip | 0
.../{config => }/opt/cloud/bin/passwd_server_ip.py | 0
.../{config => }/opt/cloud/bin/prepare_pxe.sh | 6 +-
.../{config => }/opt/cloud/bin/savepassword.sh | 0
.../{config => }/opt/cloud/bin/set_redundant.py | 0
.../{config => }/opt/cloud/bin/setup/common.sh | 59 ++-
.../opt/cloud/bin/setup/consoleproxy.sh | 0
.../{config => }/opt/cloud/bin/setup/default.sh | 0
.../{config => }/opt/cloud/bin/setup/dhcpsrvr.sh | 0
.../{config => }/opt/cloud/bin/setup/elbvm.sh | 0
.../{config => }/opt/cloud/bin/setup/ilbvm.sh | 0
.../opt/cloud/bin/setup/patchsystemvm.sh | 4 +-
.../{config => }/opt/cloud/bin/setup/router.sh | 0
.../{config => }/opt/cloud/bin/setup/secstorage.sh | 0
.../{config => }/opt/cloud/bin/setup/vpcrouter.sh | 0
.../{config => }/opt/cloud/bin/update_config.py | 0
.../debian/{config => }/opt/cloud/bin/vmdata.py | 0
.../debian/{config => }/opt/cloud/bin/vpc_func.sh | 2 +-
.../{config => }/opt/cloud/bin/vpc_netusage.sh | 26 +-
.../{config => }/opt/cloud/bin/vpc_passwd_server | 0
.../debian/{config => }/opt/cloud/bin/vpc_snat.sh | 0
.../{config => }/opt/cloud/bin/vpc_staticroute.sh | 5 +-
.../debian/{config => }/opt/cloud/bin/vr_cfg.sh | 0
systemvm/patches/debian/opt/cloud/templates/README | 2 +
.../cloud/templates}/arping_gateways.sh.templ | 0
.../cloud/templates}/check_bumpup.sh | 0
.../opt/cloud/templates/check_heartbeat.sh.templ | 2 +-
.../opt/cloud/templates/checkrouter.sh.templ | 2 +-
.../opt/cloud/templates/conntrackd.conf.templ | 34 +-
.../opt/cloud/templates/heartbeat.sh.templ | 0
.../opt/cloud/templates/keepalived.conf.templ | 2 +-
.../debian/{config => }/opt/cloud/testdata/README | 0
.../patches/debian/opt/cloud/testdata/acl0001.json | 54 +++
.../{config => }/opt/cloud/testdata/dhcp0001.json | 0
.../{config => }/opt/cloud/testdata/gn0001.json | 0
.../{config => }/opt/cloud/testdata/ips0001.json | 0
.../{config => }/opt/cloud/testdata/ips0002.json | 0
.../{config => }/opt/cloud/testdata/ips0003.json | 0
.../{config => }/opt/cloud/testdata/s2s0001.json | 0
.../opt/cloud/bin => opt/cloud/testdata}/test.sh | 1 -
.../{config => }/opt/cloud/testdata/vmp0001.json | 0
systemvm/patches/debian/qemuconvert.sh | 32 --
.../debian/{config => }/root/.ssh/authorized_keys | 0
.../debian/{config => }/root/clearUsageRules.sh | 2 +-
systemvm/patches/debian/{config => }/root/func.sh | 0
.../debian/{config => }/root/monitorServices.py | 7 -
.../patches/debian/{config => }/root/reconfigLB.sh | 1 -
systemvm/patches/debian/systemvm.vmx | 37 --
systemvm/patches/debian/systemvm.xml | 53 ---
.../{config => }/var/www/html/latest/.htaccess | 1 -
.../{config => }/var/www/html/userdata/.htaccess | 0
systemvm/patches/debian/vhdconvert.sh | 40 --
systemvm/patches/debian/xe/xe-daemon | 65 ----
systemvm/patches/debian/xe/xe-linux-distribution | 267 --------------
systemvm/patches/debian/xe/xe-update-guest-attrs | 226 ------------
.../{test/python => patches/test}/TestCsAddress.py | 0
.../{test/python => patches/test}/TestCsApp.py | 0
.../{test/python => patches/test}/TestCsCmdLine.py | 0
.../{test/python => patches/test}/TestCsConfig.py | 0
.../{test/python => patches/test}/TestCsDatabag.py | 0
.../{test/python => patches/test}/TestCsDhcp.py | 0
.../{test/python => patches/test}/TestCsFile.py | 0
.../python => patches/test}/TestCsGuestNetwork.py | 0
.../{test/python => patches/test}/TestCsHelper.py | 0
.../python => patches/test}/TestCsInterface.py | 0
.../python => patches/test}/TestCsNetfilter.py | 0
.../{test/python => patches/test}/TestCsProcess.py | 0
.../python => patches/test}/TestCsRedundant.py | 0
.../{test/python => patches/test}/TestCsRoute.py | 0
.../{test/python => patches/test}/TestCsRule.py | 0
systemvm/{test/python => patches/test}/runtests.sh | 2 +-
systemvm/patches/{debian => }/vpn/etc/ipsec.conf | 0
.../patches/{debian => }/vpn/etc/ipsec.d/l2tp.conf | 0
.../patches/{debian => }/vpn/etc/ipsec.secrets | 0
.../{debian => }/vpn/etc/ppp/options.xl2tpd | 0
.../{debian => }/vpn/etc/xl2tpd/xl2tpd.conf | 0
.../{debian => }/vpn/opt/cloud/bin/vpn_l2tp.sh | 8 +-
systemvm/pom.xml | 26 +-
systemvm/scripts/run.bat | 18 -
...escriptor.xml => systemvm-agent-descriptor.xml} | 16 +-
systemvm/vm-script/vmops | 119 ------
257 files changed, 861 insertions(+), 4298 deletions(-)
diff --git a/agent-simulator/tomcatconf/commands-simulator.properties.in b/agent-simulator/tomcatconf/commands-simulator.properties.in
deleted file mode 100644
index 4350bb7..0000000
--- a/agent-simulator/tomcatconf/commands-simulator.properties.in
+++ /dev/null
@@ -1,21 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-configureSimulator=com.cloud.api.commands.ConfigureSimulatorCmd;1
-querySimulatorMock=com.cloud.api.commands.QuerySimulatorMockCmd;1
-cleanupSimulatorMock=com.cloud.api.commands.CleanupSimulatorMockCmd;1
diff --git a/client/pom.xml b/client/pom.xml
index 63980b9..6bf0552 100644
--- a/client/pom.xml
+++ b/client/pom.xml
@@ -798,7 +798,6 @@
<target>
<copy todir="${basedir}/target/common/vms">
<fileset dir="${basedir}/../systemvm/dist">
- <include name="systemvm.zip"/>
<include name="systemvm.iso"/>
</fileset>
</copy>
diff --git a/developer/developer-prefill.sql b/developer/developer-prefill.sql
index cc67748..c9ab468 100644
--- a/developer/developer-prefill.sql
+++ b/developer/developer-prefill.sql
@@ -112,7 +112,7 @@ INSERT INTO `cloud`.`configuration` (category, instance, component, name, value)
INSERT INTO `cloud`.`configuration` (category, instance, component, name, value)
VALUES ('Advanced', 'DEFAULT', 'management-server',
- 'ping.timeout', '1.5');
+ 'ping.timeout', '2.0');
-- Enable dynamic RBAC by default for fresh deployments
INSERT INTO `cloud`.`configuration` (category, instance, component, name, value)
diff --git a/pom.xml b/pom.xml
index caa26cd..d4d1a37 100644
--- a/pom.xml
+++ b/pom.xml
@@ -925,35 +925,12 @@
<exclude>ui/lib/reset.css</exclude>
<exclude>ui/lib/require.js</exclude>
<exclude>utils/testsmallfileinactive</exclude>
- <exclude>systemvm/conf/agent.properties</exclude>
- <exclude>systemvm/conf/environment.properties</exclude>
- <exclude>systemvm/js/jquery.js</exclude>
- <exclude>systemvm/js/jquery.flot.navigate.js</exclude>
- <exclude>systemvm/patches/debian/systemvm.vmx</exclude>
- <exclude>systemvm/patches/debian/config/root/.ssh/authorized_keys</exclude>
- <exclude>systemvm/patches/debian/config/etc/apache2/httpd.conf</exclude>
- <exclude>systemvm/patches/debian/config/etc/apache2/vhost.template</exclude>
- <exclude>systemvm/patches/debian/config/etc/dnsmasq.conf.tmpl</exclude>
- <exclude>systemvm/patches/debian/config/etc/vpcdnsmasq.conf</exclude>
- <exclude>systemvm/patches/debian/config/etc/ssh/sshd_config</exclude>
- <exclude>systemvm/patches/debian/config/etc/rsyslog.conf</exclude>
- <exclude>systemvm/patches/debian/config/etc/logrotate.conf</exclude>
- <exclude>systemvm/patches/debian/config/etc/logrotate.d/*</exclude>
- <exclude>systemvm/patches/debian/config/etc/sysctl.conf</exclude>
- <exclude>systemvm/patches/debian/config/root/redundant_router/keepalived.conf.templ</exclude>
- <exclude>systemvm/patches/debian/config/root/redundant_router/arping_gateways.sh.templ</exclude>
- <exclude>systemvm/patches/debian/config/root/redundant_router/conntrackd.conf.templ</exclude>
- <exclude>systemvm/patches/debian/vpn/etc/ipsec.conf</exclude>
- <exclude>systemvm/patches/debian/vpn/etc/ppp/options.xl2tpd</exclude>
- <exclude>systemvm/patches/debian/vpn/etc/xl2tpd/xl2tpd.conf</exclude>
- <exclude>systemvm/patches/debian/vpn/etc/ipsec.secrets</exclude>
- <exclude>systemvm/patches/debian/config/etc/haproxy/haproxy.cfg</exclude>
- <exclude>systemvm/patches/debian/config/etc/cloud-nic.rules</exclude>
- <exclude>systemvm/patches/debian/config/etc/modprobe.d/aesni_intel</exclude>
- <exclude>systemvm/patches/debian/config/etc/rc.local</exclude>
- <exclude>systemvm/patches/debian/config/var/www/html/userdata/.htaccess</exclude>
- <exclude>systemvm/patches/debian/config/var/www/html/latest/.htaccess</exclude>
- <exclude>systemvm/patches/debian/vpn/etc/ipsec.d/l2tp.conf</exclude>
+ <exclude>systemvm/agent/conf/agent.properties</exclude>
+ <exclude>systemvm/agent/conf/environment.properties</exclude>
+ <exclude>systemvm/agent/js/jquery.js</exclude>
+ <exclude>systemvm/agent/js/jquery.flot.navigate.js</exclude>
+ <exclude>systemvm/patches/debian/**</exclude>
+ <exclude>systemvm/patches/vpn/**</exclude>
<exclude>tools/transifex/.tx/config</exclude>
<exclude>tools/logo/apache_cloudstack.png</exclude>
<exclude>tools/marvin/marvin/sandbox/advanced/sandbox.cfg</exclude>
diff --git a/setup/dev/advanced.cfg b/setup/dev/advanced.cfg
index bdb25e5..d5762c3 100644
--- a/setup/dev/advanced.cfg
+++ b/setup/dev/advanced.cfg
@@ -231,7 +231,7 @@
},
{
"name": "ping.timeout",
- "value": "1.5"
+ "value": "2.0"
}
],
"mgtSvr": [
diff --git a/systemvm/certs/localhost.crt b/systemvm/agent/certs/localhost.crt
similarity index 100%
rename from systemvm/certs/localhost.crt
rename to systemvm/agent/certs/localhost.crt
diff --git a/systemvm/certs/localhost.key b/systemvm/agent/certs/localhost.key
similarity index 100%
rename from systemvm/certs/localhost.key
rename to systemvm/agent/certs/localhost.key
diff --git a/systemvm/certs/realhostip.crt b/systemvm/agent/certs/realhostip.crt
similarity index 100%
rename from systemvm/certs/realhostip.crt
rename to systemvm/agent/certs/realhostip.crt
diff --git a/systemvm/certs/realhostip.csr b/systemvm/agent/certs/realhostip.csr
similarity index 100%
rename from systemvm/certs/realhostip.csr
rename to systemvm/agent/certs/realhostip.csr
diff --git a/systemvm/certs/realhostip.key b/systemvm/agent/certs/realhostip.key
similarity index 100%
rename from systemvm/certs/realhostip.key
rename to systemvm/agent/certs/realhostip.key
diff --git a/systemvm/certs/realhostip.keystore b/systemvm/agent/certs/realhostip.keystore
similarity index 100%
rename from systemvm/certs/realhostip.keystore
rename to systemvm/agent/certs/realhostip.keystore
diff --git a/systemvm/conf/agent.properties b/systemvm/agent/conf/agent.properties
similarity index 99%
rename from systemvm/conf/agent.properties
rename to systemvm/agent/conf/agent.properties
index 051cf61..9bc4dca 100644
--- a/systemvm/conf/agent.properties
+++ b/systemvm/agent/conf/agent.properties
@@ -5,9 +5,9 @@
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
diff --git a/systemvm/conf/consoleproxy.properties b/systemvm/agent/conf/consoleproxy.properties
similarity index 99%
rename from systemvm/conf/consoleproxy.properties
rename to systemvm/agent/conf/consoleproxy.properties
index a3cddbc..96a345b 100644
--- a/systemvm/conf/consoleproxy.properties
+++ b/systemvm/agent/conf/consoleproxy.properties
@@ -5,9 +5,9 @@
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
diff --git a/systemvm/conf/environment.properties b/systemvm/agent/conf/environment.properties
similarity index 100%
rename from systemvm/conf/environment.properties
rename to systemvm/agent/conf/environment.properties
diff --git a/systemvm/conf/log4j-cloud.xml b/systemvm/agent/conf/log4j-cloud.xml
similarity index 100%
rename from systemvm/conf/log4j-cloud.xml
rename to systemvm/agent/conf/log4j-cloud.xml
diff --git a/systemvm/css/ajaxviewer.css b/systemvm/agent/css/ajaxviewer.css
similarity index 80%
rename from systemvm/css/ajaxviewer.css
rename to systemvm/agent/css/ajaxviewer.css
index 3e068140..73dee4a 100644
--- a/systemvm/css/ajaxviewer.css
+++ b/systemvm/agent/css/ajaxviewer.css
@@ -6,9 +6,9 @@ regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
-
+
http://www.apache.org/licenses/LICENSE-2.0
-
+
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -21,7 +21,7 @@ body {
margin:0 0;
text-align: center;
}
-
+
#main_panel {
clear:both;
margin: 0 auto;
@@ -33,57 +33,57 @@ body {
}
#toolbar {
- font:normal 12px 'Trebuchet MS','Arial';
- margin:0 auto;
+ font:normal 12px 'Trebuchet MS','Arial';
+ margin:0 auto;
text-align: left;
- padding:0 0;
+ padding:0 0;
height:32px;
- background-image:url(/resource/images/back.gif);
- background-repeat:repeat-x;
+ background-image:url(/resource/images/back.gif);
+ background-repeat:repeat-x;
}
-#toolbar ul {
- margin:0 0;
- padding:0 10px 0 10px;
+#toolbar ul {
+ margin:0 0;
+ padding:0 10px 0 10px;
float:left;
display:block;
line-height:32px;
- list-style:none;
+ list-style:none;
}
#toolbar li {
- float:left;
- display:inline;
+ float:left;
+ display:inline;
padding:0;
height:32px;
}
-#toolbar a {
- color:white;
+#toolbar a {
+ color:white;
float:left;
display:block;
- padding:0 3px 0 3px;
+ padding:0 3px 0 3px;
text-decoration:none;
line-height:32px;
}
-#toolbar a span {
- display:block;
- float:none;
- padding:0 10px 0 7px;
-}
+#toolbar a span {
+ display:block;
+ float:none;
+ padding:0 10px 0 7px;
+}
-#toolbar a span img {
- border:none;
- margin:8px 4px 0 0;
-}
+#toolbar a span img {
+ border:none;
+ margin:8px 4px 0 0;
+}
-#toolbar a:hover {
- background: url(/resource/images/left.png) no-repeat left center;
-}
+#toolbar a:hover {
+ background: url(/resource/images/left.png) no-repeat left center;
+}
-#toolbar a:hover span {
- background:url(/resource/images/right.png) no-repeat right center;
+#toolbar a:hover span {
+ background:url(/resource/images/right.png) no-repeat right center;
}
@@ -106,23 +106,23 @@ body {
}
#toolbar ul li ul li.current {
- background: url(/resource/images/cad.gif) no-repeat left center;
+ background: url(/resource/images/cad.gif) no-repeat left center;
}
#toolbar ul li ul li a {
display:block;
- padding:0 3px 0 3px;
+ padding:0 3px 0 3px;
text-decoration:none;
line-height:32px;
vertical-align: bottom; /* this is to fix the list gap in IE */
}
#toolbar ul li ul li a:hover {
- background: url(/resource/images/left.png) no-repeat left center;
+ background: url(/resource/images/left.png) no-repeat left center;
}
#toolbar ul li ul li a:hover span {
- background: url(/resource/images/right2.png) no-repeat right center;
+ background: url(/resource/images/right2.png) no-repeat right center;
}
span.dark {
@@ -131,7 +131,7 @@ span.dark {
display:block;
width:32px;
height:30px;
- background:url(/resource/images/gray-green.png) no-repeat center center;
+ background:url(/resource/images/gray-green.png) no-repeat center center;
}
span.bright {
@@ -140,5 +140,5 @@ span.bright {
display:block;
width:32px;
height:30px;
- background:url(/resource/images/bright-green.png) no-repeat center center;
+ background:url(/resource/images/bright-green.png) no-repeat center center;
}
diff --git a/systemvm/css/logger.css b/systemvm/agent/css/logger.css
similarity index 93%
rename from systemvm/css/logger.css
rename to systemvm/agent/css/logger.css
index 42ac807..40629d3 100644
--- a/systemvm/css/logger.css
+++ b/systemvm/agent/css/logger.css
@@ -6,9 +6,9 @@ regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
-
+
http://www.apache.org/licenses/LICENSE-2.0
-
+
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -45,14 +45,14 @@ under the License.
.logwin_title_actionbox .select {
- background: #424242;
- font: normal 10px Arial, Helvetica, sans-serif;
- float:left;
- border: 1px solid #6e6e6e;
- height: 16px;
- width: 100px;
- margin-left:3px;
- padding:0 0 0 3px;
+ background: #424242;
+ font: normal 10px Arial, Helvetica, sans-serif;
+ float:left;
+ border: 1px solid #6e6e6e;
+ height: 16px;
+ width: 100px;
+ margin-left:3px;
+ padding:0 0 0 3px;
color:#CCC;
}
@@ -136,4 +136,3 @@ a:hover.logwin_minimizebutton {
height: 477px;
background: white;
}
-
diff --git a/systemvm/images/back.gif b/systemvm/agent/images/back.gif
similarity index 100%
rename from systemvm/images/back.gif
rename to systemvm/agent/images/back.gif
diff --git a/systemvm/images/bright-green.png b/systemvm/agent/images/bright-green.png
similarity index 100%
rename from systemvm/images/bright-green.png
rename to systemvm/agent/images/bright-green.png
diff --git a/systemvm/images/cad.gif b/systemvm/agent/images/cad.gif
similarity index 100%
rename from systemvm/images/cad.gif
rename to systemvm/agent/images/cad.gif
diff --git a/systemvm/images/cannotconnect.jpg b/systemvm/agent/images/cannotconnect.jpg
similarity index 100%
rename from systemvm/images/cannotconnect.jpg
rename to systemvm/agent/images/cannotconnect.jpg
diff --git a/systemvm/images/clr_button.gif b/systemvm/agent/images/clr_button.gif
similarity index 100%
rename from systemvm/images/clr_button.gif
rename to systemvm/agent/images/clr_button.gif
diff --git a/systemvm/images/clr_button_hover.gif b/systemvm/agent/images/clr_button_hover.gif
similarity index 100%
rename from systemvm/images/clr_button_hover.gif
rename to systemvm/agent/images/clr_button_hover.gif
diff --git a/systemvm/images/dot.cur b/systemvm/agent/images/dot.cur
similarity index 100%
rename from systemvm/images/dot.cur
rename to systemvm/agent/images/dot.cur
diff --git a/systemvm/images/gray-green.png b/systemvm/agent/images/gray-green.png
similarity index 100%
rename from systemvm/images/gray-green.png
rename to systemvm/agent/images/gray-green.png
diff --git a/systemvm/images/grid_headerbg.gif b/systemvm/agent/images/grid_headerbg.gif
similarity index 100%
rename from systemvm/images/grid_headerbg.gif
rename to systemvm/agent/images/grid_headerbg.gif
diff --git a/systemvm/images/left.png b/systemvm/agent/images/left.png
similarity index 100%
rename from systemvm/images/left.png
rename to systemvm/agent/images/left.png
diff --git a/systemvm/images/minimize_button.gif b/systemvm/agent/images/minimize_button.gif
similarity index 100%
rename from systemvm/images/minimize_button.gif
rename to systemvm/agent/images/minimize_button.gif
diff --git a/systemvm/images/minimize_button_hover.gif b/systemvm/agent/images/minimize_button_hover.gif
similarity index 100%
rename from systemvm/images/minimize_button_hover.gif
rename to systemvm/agent/images/minimize_button_hover.gif
diff --git a/systemvm/images/notready.jpg b/systemvm/agent/images/notready.jpg
similarity index 100%
rename from systemvm/images/notready.jpg
rename to systemvm/agent/images/notready.jpg
diff --git a/systemvm/images/play_button.gif b/systemvm/agent/images/play_button.gif
similarity index 100%
rename from systemvm/images/play_button.gif
rename to systemvm/agent/images/play_button.gif
diff --git a/systemvm/images/play_button_hover.gif b/systemvm/agent/images/play_button_hover.gif
similarity index 100%
rename from systemvm/images/play_button_hover.gif
rename to systemvm/agent/images/play_button_hover.gif
diff --git a/systemvm/images/right.png b/systemvm/agent/images/right.png
similarity index 100%
rename from systemvm/images/right.png
rename to systemvm/agent/images/right.png
diff --git a/systemvm/images/right2.png b/systemvm/agent/images/right2.png
similarity index 100%
rename from systemvm/images/right2.png
rename to systemvm/agent/images/right2.png
diff --git a/systemvm/images/shrink_button.gif b/systemvm/agent/images/shrink_button.gif
similarity index 100%
rename from systemvm/images/shrink_button.gif
rename to systemvm/agent/images/shrink_button.gif
diff --git a/systemvm/images/shrink_button_hover.gif b/systemvm/agent/images/shrink_button_hover.gif
similarity index 100%
rename from systemvm/images/shrink_button_hover.gif
rename to systemvm/agent/images/shrink_button_hover.gif
diff --git a/systemvm/images/stop_button.gif b/systemvm/agent/images/stop_button.gif
similarity index 100%
rename from systemvm/images/stop_button.gif
rename to systemvm/agent/images/stop_button.gif
diff --git a/systemvm/images/stop_button_hover.gif b/systemvm/agent/images/stop_button_hover.gif
similarity index 100%
rename from systemvm/images/stop_button_hover.gif
rename to systemvm/agent/images/stop_button_hover.gif
diff --git a/systemvm/images/winlog.png b/systemvm/agent/images/winlog.png
similarity index 100%
rename from systemvm/images/winlog.png
rename to systemvm/agent/images/winlog.png
diff --git a/systemvm/js/ajaxkeys.js b/systemvm/agent/js/ajaxkeys.js
similarity index 100%
rename from systemvm/js/ajaxkeys.js
rename to systemvm/agent/js/ajaxkeys.js
diff --git a/systemvm/js/ajaxviewer.js b/systemvm/agent/js/ajaxviewer.js
similarity index 94%
rename from systemvm/js/ajaxviewer.js
rename to systemvm/agent/js/ajaxviewer.js
index b085f99..f160abc 100644
--- a/systemvm/js/ajaxviewer.js
+++ b/systemvm/agent/js/ajaxviewer.js
@@ -6,9 +6,9 @@ regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
-
+
http://www.apache.org/licenses/LICENSE-2.0
-
+
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -34,12 +34,12 @@ StringBuilder.prototype = {
}
return this;
},
-
+
clear : function() {
this.strings.length = 1;
return this;
},
-
+
toString: function() {
return this.strings.join("");
}
@@ -51,7 +51,7 @@ function getCurrentLanguage() {
var tokens = acceptLanguages.split(',');
if(tokens.length > 0)
return tokens[0];
-
+
return "en-us";
} else {
return "en-us";
@@ -74,11 +74,11 @@ function KeyboardMapper() {
//
// For KeyPress event, it translates it only if there exist a mapping entry
// in jsX11KeysymMap map and the entry meets the condition
-//
+//
// COOKED keyboard
// Primarily translates KeyPress event, either as is or through mapped result
// It translates KeyDown/KeyUp only there exists a mapping entry, or if there
-// is no mapping entry, translate when certain modifier key is pressed (i.e.,
+// is no mapping entry, translate when certain modifier key is pressed (i.e.,
// CTRL or ALT key
//
// Mapping entry types
@@ -86,10 +86,10 @@ function KeyboardMapper() {
// boolean : only valid for jsX11KeysymMap, existence of this type, no matter true or false
// in value, corresponding KeyDown/KeyUp event will be masked
// array : contains a set of conditional mapping entry
-//
+//
// Conditional mapping entry
//
-// {
+// {
// type: <event type>, code: <mapped key code>, modifiers: <modifiers>,
// shift : <shift state match condition>, -- match on shift state
// guestos : <guest os match condition>, -- match on guestos type
@@ -152,7 +152,7 @@ KeyboardMapper.prototype = {
},
RawkeyboardInputHandler : function(eventType, code, modifiers, guestos, browser, browserVersion) {
if(eventType == AjaxViewer.KEY_DOWN || eventType == AjaxViewer.KEY_UP) {
-
+
// special handling for Alt + Ctrl + Ins, convert it into Alt-Ctrl-Del
if(code == AjaxViewer.JS_KEY_INSERT) {
if((modifiers & AjaxViewer.ALT_KEY_MASK) != 0 && (modifiers & AjaxViewer.CTRL_KEY_MASK) != 0) {
@@ -160,7 +160,7 @@ KeyboardMapper.prototype = {
return;
}
}
-
+
var X11Keysym = code;
if(this.jsX11KeysymMap[code] != undefined && (guestos == 'windows' || modifiers != AjaxViewer.SHIFT_KEY_MASK || code == AjaxViewer.JS_KEY_CAPSLOCK)) {
X11Keysym = this.jsX11KeysymMap[code];
@@ -183,7 +183,7 @@ KeyboardMapper.prototype = {
// special handling for ALT/CTRL key
if(eventType == AjaxViewer.KEY_UP && (code == AjaxViewer.JS_KEY_ALT || code == AjaxViewer.JS_KEY_CTRL))
this.mappedInput.push({type : eventType, code: this.jsX11KeysymMap[code], modifiers: modifiers});
-
+
} else if(eventType == AjaxViewer.KEY_PRESS && guestos == 'null') {
// ENTER/BACKSPACE key should already have been sent through KEY DOWN/KEY UP event
if(code == AjaxViewer.JS_KEY_ENTER || code == AjaxViewer.JS_KEY_BACKSPACE)
@@ -207,10 +207,10 @@ KeyboardMapper.prototype = {
}
}
},
-
+
CookedKeyboardInputHandler : function(eventType, code, modifiers, guestos, browser, browserVersion) {
if(eventType == AjaxViewer.KEY_DOWN || eventType == AjaxViewer.KEY_UP) {
-
+
// special handling for Alt + Ctrl + Ins, convert it into Alt-Ctrl-Del
if(code == AjaxViewer.JS_KEY_INSERT) {
if((modifiers & AjaxViewer.ALT_KEY_MASK) != 0 && (modifiers & AjaxViewer.CTRL_KEY_MASK) != 0) {
@@ -218,7 +218,7 @@ KeyboardMapper.prototype = {
return;
}
}
-
+
var X11Keysym = code;
if(this.jsX11KeysymMap[code] != undefined) {
X11Keysym = this.jsX11KeysymMap[code];
@@ -252,7 +252,7 @@ KeyboardMapper.prototype = {
this.mappedInput.push({type : AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_SHIFT, modifiers: modifiers});
return;
}
-
+
if(code == AjaxViewer.JS_NUMPAD_PLUS) {
this.mappedInput.push({type : AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_SHIFT, modifiers: modifiers});
this.mappedInput.push({type : AjaxViewer.KEY_DOWN, code: 43, modifiers: modifiers});
@@ -260,7 +260,7 @@ KeyboardMapper.prototype = {
this.mappedInput.push({type : AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_SHIFT, modifiers: modifiers});
return;
}
-
+
// ENTER/BACKSPACE key should already have been sent through KEY DOWN/KEY UP event
if(code == AjaxViewer.JS_KEY_ENTER || code == AjaxViewer.JS_KEY_BACKSPACE)
return;
@@ -285,20 +285,20 @@ KeyboardMapper.prototype = {
}
}
},
-
+
inputFeed : function(eventType, code, modifiers, guestos, browser, browserVersion) {
if(this.keyboardType == KeyboardMapper.KEYBOARD_TYPE_RAW)
this.RawkeyboardInputHandler(eventType, code, modifiers, guestos, browser, browserVersion);
else
this.CookedKeyboardInputHandler(eventType, code, modifiers, guestos, browser, browserVersion);
},
-
+
getMappedInput : function() {
var mappedInput = this.mappedInput;
this.mappedInput = [];
return mappedInput;
},
-
+
isConditionalEntryMatched : function(eventType, code, modifiers, entry, guestos, browser, browserVersion) {
if(eventType == AjaxViewer.KEY_DOWN || eventType == AjaxViewer.KEY_UP) {
// for KeyDown/KeyUp events, we require that the type in entry should match with
@@ -306,10 +306,10 @@ KeyboardMapper.prototype = {
if(entry.type != eventType)
return false;
}
-
+
// check conditional match
if(entry.shift != undefined) {
- var shift = ((modifiers & AjaxViewer.SHIFT_KEY_MASK) != 0 ? true : false);
+ var shift = ((modifiers & AjaxViewer.SHIFT_KEY_MASK) != 0 ? true : false);
if(entry.shift ^ shift)
return false;
}
@@ -325,20 +325,20 @@ KeyboardMapper.prototype = {
if(entry.guestos != guestos)
return false;
}
-
+
if(entry.browser != undefined) {
if(entry.browser != browser)
return false;
}
-
+
if(entry.browserVersion != undefined) {
if(entry.browserVersion != browserVersion)
return false;
}
-
+
return true;
},
-
+
isModifierInput : function(code) {
return $.inArray(code, [AjaxViewer.ALT_KEY_MASK, AjaxViewer.SHIFT_KEY_MASK, AjaxViewer.CTRL_KEY_MASK, AjaxViewer.META_KEY_MASK]) >= 0;
}
@@ -352,10 +352,10 @@ function AjaxViewer(panelId, imageUrl, updateUrl, locale, guestos, tileMap, widt
// however, a back door key-sequence can trigger to open the logger window, it is designed to help
// trouble-shooting
g_logger = new Logger();
-
+
// g_logger.enable(true);
// g_logger.open();
-
+
var ajaxViewer = this;
this.imageLoaded = false;
this.fullImage = true;
@@ -364,7 +364,7 @@ function AjaxViewer(panelId, imageUrl, updateUrl, locale, guestos, tileMap, widt
$(this.img).attr('src', imageUrl).load(function() {
ajaxViewer.imageLoaded = true;
});
-
+
this.updateUrl = updateUrl;
this.tileMap = tileMap;
this.guestos = guestos;
@@ -381,16 +381,16 @@ function AjaxViewer(panelId, imageUrl, updateUrl, locale, guestos, tileMap, widt
this.currentKeyboard = AjaxViewer.KEYBOARD_TYPE_ENGLISH;
this.keyboardMappers = [];
-
+
this.timer = 0;
this.eventQueue = [];
this.sendingEventInProgress = false;
-
+
this.lastClickEvent = { x: 0, y: 0, button: 0, modifiers: 0, time: new Date().getTime() };
-
+
if(window.onStatusNotify == undefined)
window.onStatusNotify = function(status) {};
-
+
this.panel = this.generateCanvas(panelId, width, height, tileWidth, tileHeight);
// this.setupKeyboardTranslationle();
this.setupKeyboardTranslationTable(this.keyboardMappers);
@@ -408,7 +408,7 @@ AjaxViewer.EVENT_BAG = 7;
AjaxViewer.MOUSE_DBLCLK = 8;
AjaxViewer.MOUSE_SCROLL = 9;
-// use java AWT key modifier masks
+// use java AWT key modifier masks
AjaxViewer.SHIFT_KEY_MASK = 64;
AjaxViewer.CTRL_KEY_MASK = 128;
AjaxViewer.META_KEY_MASK = 256;
@@ -487,7 +487,7 @@ AjaxViewer.JS_KEY_COMMA = 188; // ,
AjaxViewer.JS_KEY_DASH = 189; // -
AjaxViewer.JS_KEY_PERIOD = 190; // .
AjaxViewer.JS_KEY_FORWARD_SLASH = 191; // /
-AjaxViewer.JS_KEY_GRAVE_ACCENT = 192; // `
+AjaxViewer.JS_KEY_GRAVE_ACCENT = 192; // `
AjaxViewer.JS_KEY_OPEN_BRACKET = 219; // [
AjaxViewer.JS_KEY_BACK_SLASH = 220; // \
AjaxViewer.JS_KEY_CLOSE_BRACKET = 221; // ]
@@ -574,29 +574,29 @@ AjaxViewer.getEventName = function(type) {
switch(type) {
case AjaxViewer.MOUSE_MOVE :
return "MOUSE_MOVE";
-
+
case AjaxViewer.MOUSE_DOWN :
return "MOUSE_DOWN";
-
+
case AjaxViewer.MOUSE_UP :
return "MOUSE_UP";
-
+
case AjaxViewer.KEY_PRESS :
return "KEY_PRESS";
-
+
case AjaxViewer.KEY_DOWN :
return "KEY_DOWN";
-
+
case AjaxViewer.KEY_UP :
return "KEY_UP";
-
+
case AjaxViewer.EVENT_BAG :
return "EVENT_BAG";
-
+
case AjaxViewer.MOUSE_DBLCLK :
return "MOUSE_DBLCLK";
}
-
+
return "N/A";
};
@@ -604,18 +604,18 @@ AjaxViewer.prototype = {
setDirty: function(value) {
this.dirty = value;
},
-
+
isDirty: function() {
return this.dirty;
},
-
+
isImageLoaded: function() {
return this.imageLoaded;
},
-
+
refresh: function(imageUrl, tileMap, fullImage) {
var ajaxViewer = this;
- var img = $(this.img);
+ var img = $(this.img);
this.fullImage = fullImage;
this.imgUrl=imageUrl;
@@ -624,28 +624,28 @@ AjaxViewer.prototype = {
});
this.tileMap = tileMap;
},
-
+
resize: function(panelId, width, height, tileWidth, tileHeight) {
$(".canvas_tile", document.body).each(function() {
$(this).remove();
});
$("table", $("#" + panelId)).remove();
-
+
this.width = width;
this.height = height;
this.tileWidth = tileWidth;
this.tileHeight = tileHeight;
this.panel = this.generateCanvas(panelId, width, height, tileWidth, tileHeight);
},
-
+
start: function() {
var ajaxViewer = this;
this.timer = setInterval(function() { ajaxViewer.heartbeat(); }, 50);
-
+
$(document).bind("ajaxError", function(event, XMLHttpRequest, ajaxOptions, thrownError) {
ajaxViewer.onAjaxError(event, XMLHttpRequest, ajaxOptions, thrownError);
});
-
+
this.eventQueue = []; // reset event queue
this.sendingEventInProgress = false;
ajaxViewer.installMouseHook();
@@ -656,20 +656,20 @@ AjaxViewer.prototype = {
ajaxViewer.onWindowResize();
});
},
-
+
stop: function() {
clearInterval(this.timer);
this.deleteCanvas();
this.uninstallMouseHook();
- this.uninstallKeyboardHook();
+ this.uninstallKeyboardHook();
this.eventQueue = [];
this.sendingEventInProgress = false;
$(document).unbind("ajaxError");
$(window).unbind("resize");
},
-
+
sendMouseEvent: function(event, x, y, whichButton, modifiers) {
this.eventQueue.push({
type: AjaxViewer.EVENT_QUEUE_MOUSE_EVENT,
@@ -686,7 +686,7 @@ AjaxViewer.prototype = {
setupKeyboardTranslationTable : function() {
this.keyboardMappers = [];
-
+
var mapper = new KeyboardMapper();
this.keyboardMappers[AjaxViewer.KEYBOARD_TYPE_ENGLISH] = mapper;
mapper.setKeyboardType(KeyboardMapper.KEYBOARD_TYPE_COOKED);
@@ -704,7 +704,7 @@ AjaxViewer.prototype = {
mapper.setKeyboardType(KeyboardMapper.KEYBOARD_TYPE_FR);
// JP keyboard plugged in a English host OS
-/*
+/*
mapper.jsX11KeysymMap[AjaxViewer.JS_KEY_JP_COLON] = AjaxViewer.X11_KEY_COLON;
mapper.jsX11KeysymMap[AjaxViewer.JS_KEY_JP_CLOSE_BRACKET] = AjaxViewer.X11_KEY_CLOSE_BRACKET;
mapper.jsX11KeysymMap[AjaxViewer.JS_KEY_JP_AT_SIGN] = AjaxViewer.X11_KEY_GRAVE_ACCENT;
@@ -712,17 +712,17 @@ AjaxViewer.prototype = {
mapper.jsX11KeysymMap[AjaxViewer.JS_KEY_JP_BACK_SLASH] = AjaxViewer.X11_KEY_REVERSE_SOLIUS; // X11 REVERSE SOLIDUS
mapper.jsX11KeysymMap[AjaxViewer.JS_KEY_JP_YEN_MARK] = AjaxViewer.X11_KEY_YEN_MARK; // X11 YEN SIGN
mapper.jsKeyPressX11KeysymMap[61] = [
- {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_CIRCUMFLEX_ACCENT, modifiers: 0 },
- {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_CIRCUMFLEX_ACCENT, modifiers: 0 },
- ];
-
+ {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_CIRCUMFLEX_ACCENT, modifiers: 0 },
+ {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_CIRCUMFLEX_ACCENT, modifiers: 0 },
+ ];
+
mapper.jsKeyPressX11KeysymMap[43] = [
- {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_SHIFT, modifiers: 0, shift: false },
- {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: false },
- {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: false },
- {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_SHIFT, modifiers: 0, shift: false },
- {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_TILDE, modifiers: 0, shift: true },
- {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_TILDE, modifiers: 0, shift: true }
+ {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_SHIFT, modifiers: 0, shift: false },
+ {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: false },
+ {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: false },
+ {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_SHIFT, modifiers: 0, shift: false },
+ {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_TILDE, modifiers: 0, shift: true },
+ {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_TILDE, modifiers: 0, shift: true }
];
*/
@@ -736,24 +736,24 @@ AjaxViewer.prototype = {
mapper.jsX11KeysymMap[186] = AjaxViewer.X11_KEY_COLON; // Chrome
mapper.jsX11KeysymMap[226] = AjaxViewer.X11_KEY_REVERSE_SOLIUS; // \| key left to right SHIFT on JP keyboard
mapper.jsX11KeysymMap[240] = [
- {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_CAPSLOCK, modifiers: 0 },
- {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_CAPSLOCK, modifiers: 0 },
- ];
-
+ {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_CAPSLOCK, modifiers: 0 },
+ {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_CAPSLOCK, modifiers: 0 },
+ ];
+
// for keycode 107, keypress 59
mapper.jsKeyPressX11KeysymMap[59] = [
- {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_SEMI_COLON, modifiers: 0 },
- {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_SEMI_COLON, modifiers: 0 },
- ];
-
+ {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_SEMI_COLON, modifiers: 0 },
+ {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_SEMI_COLON, modifiers: 0 },
+ ];
+
// for keycode 107, keypress 43
mapper.jsKeyPressX11KeysymMap[43] = [
- {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_SHIFT, modifiers: 0, shift: false },
- {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: false },
- {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: false },
- {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_SHIFT, modifiers: 0, shift: false },
- {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: true },
- {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: true },
+ {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_SHIFT, modifiers: 0, shift: false },
+ {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: false },
+ {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: false },
+ {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_SHIFT, modifiers: 0, shift: false },
+ {type: AjaxViewer.KEY_DOWN, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: true },
+ {type: AjaxViewer.KEY_UP, code: AjaxViewer.X11_KEY_ADD, modifiers: 0, shift: true },
];
*/
@@ -784,11 +784,11 @@ AjaxViewer.prototype = {
}
}, // end of the setupKeyboardTranslationTable function
-
+
getCurrentKeyboardMapper : function() {
return this.keyboardMappers[this.currentKeyboard];
},
-
+
setupUIController : function() {
var ajaxViewer = this;
var pullDownElement = $("#toolbar").find(".pulldown");
@@ -797,13 +797,13 @@ AjaxViewer.prototype = {
var subMenu = pullDownElement.find("ul");
var offset = subMenu.parent().offset();
subMenu.css("left", offset.left);
-
+
$("li.current").removeClass("current");
$("li:has(a[cmd$=" + ajaxViewer.currentKeyboard + "])", subMenu).addClass("current");
subMenu.css("z-index", "" + ajaxViewer.maxTileZIndex + 1).show();
return false;
},
-
+
function(e) {
pullDownElement.find("ul").hide();
return false;
@@ -814,10 +814,10 @@ AjaxViewer.prototype = {
$(val).click(function(e) {
var cmd = $(e.target).attr("cmd");
if(cmd)
- ajaxViewer.onCommand(cmd);
+ ajaxViewer.onCommand(cmd);
else {
var cmdLink = $(e.target).closest("a");
-
+
if(cmdLink.attr("cmd")) {
var cmd = cmdLink.attr("cmd");
ajaxViewer.onCommand(cmd);
@@ -826,7 +826,7 @@ AjaxViewer.prototype = {
});
});
},
-
+
onCommand : function(cmd) {
if(cmd == "keyboard_jp") {
$("#toolbar").find(".pulldown").find("ul").hide();
@@ -862,12 +862,12 @@ AjaxViewer.prototype = {
}
}
},
-
+
sendKeyboardEvent: function(event, code, modifiers) {
// back door to open logger window - CTRL-ATL-SHIFT+SPACE
- if(code == 32 &&
+ if(code == 32 &&
(modifiers & AjaxViewer.SHIFT_KEY_MASK | AjaxViewer.CTRL_KEY_MASK | AjaxViewer.ALT_KEY_MASK) == (AjaxViewer.SHIFT_KEY_MASK | AjaxViewer.CTRL_KEY_MASK | AjaxViewer.ALT_KEY_MASK)) {
-
+
if(!g_logger.isOpen()) {
g_logger.enable(true);
g_logger.open();
@@ -876,7 +876,7 @@ AjaxViewer.prototype = {
g_logger.close();
}
}
-
+
var len;
g_logger.log(Logger.LEVEL_INFO, "Keyboard event: " + AjaxViewer.getEventName(event) + ", code: " + code + ", modifiers: " + modifiers + ', char: ' + String.fromCharCode(code));
this.eventQueue.push({
@@ -889,11 +889,11 @@ AjaxViewer.prototype = {
if(event != AjaxViewer.KEY_DOWN)
this.checkEventQueue();
},
-
+
aggregateEvents: function() {
var ajaxViewer = this;
var aggratedQueue = [];
-
+
var aggregating = false;
var mouseX;
var mouseY;
@@ -924,13 +924,13 @@ AjaxViewer.prototype = {
modifiers: 0
});
aggregating = false;
-
+
aggratedQueue.push(item);
}
}
}
});
-
+
if(aggregating) {
aggratedQueue.push({
type: AjaxViewer.EVENT_QUEUE_MOUSE_EVENT,
@@ -941,13 +941,13 @@ AjaxViewer.prototype = {
modifiers: 0
});
}
-
- this.eventQueue = aggratedQueue;
+
+ this.eventQueue = aggratedQueue;
},
-
+
checkEventQueue: function() {
var ajaxViewer = this;
-
+
if(!this.sendingEventInProgress && this.eventQueue.length > 0) {
var sb = new StringBuilder();
sb.append(""+this.eventQueue.length).append("|");
@@ -968,41 +968,41 @@ AjaxViewer.prototype = {
}
});
this.eventQueue.length = 0;
-
+
var url = ajaxViewer.updateUrl + "&event=" + AjaxViewer.EVENT_BAG;
-
+
g_logger.log(Logger.LEVEL_TRACE, "Posting client event " + sb.toString() + "...");
-
+
ajaxViewer.sendingEventInProgress = true;
window.onStatusNotify(AjaxViewer.STATUS_SENDING);
$.post(url, {data: sb.toString()}, function(data, textStatus) {
g_logger.log(Logger.LEVEL_TRACE, "Client event " + sb.toString() + " is posted");
-
+
ajaxViewer.sendingEventInProgress = false;
window.onStatusNotify(AjaxViewer.STATUS_SENT);
-
+
ajaxViewer.checkUpdate();
}, 'html');
}
},
-
+
onAjaxError: function(event, XMLHttpRequest, ajaxOptions, thrownError) {
if(window.onClientError != undefined && jQuery.isFunction(window.onClientError)) {
window.onClientError();
}
},
-
+
onWindowResize: function() {
var offset = this.panel.offset();
-
+
var row = $('tr:first', this.panel);
var cell = $('td:first', row);
var tile = this.getTile(cell, 'tile');
-
+
var tileOffset = tile.offset();
var deltaX = offset.left - tileOffset.left;
var deltaY = offset.top - tileOffset.top;
-
+
if(deltaX != 0 || deltaY != 0) {
$(".canvas_tile").each(function() {
var offsetFrom = $(this).offset();
@@ -1010,28 +1010,28 @@ AjaxViewer.prototype = {
});
}
},
-
+
deleteCanvas: function() {
$('.canvas_tile', $(document.body)).each(function() {
$(this).remove();
});
},
-
+
generateCanvas: function(wrapperDivId, width, height, tileWidth, tileHeight) {
var canvasParent = $('#' + wrapperDivId);
canvasParent.width(width);
canvasParent.height(height);
-
+
if(window.onCanvasSizeChange != undefined && jQuery.isFunction(window.onCanvasSizeChange))
window.onCanvasSizeChange(width, height);
-
+
var tableDef = '<table cellpadding="0px" cellspacing="0px">\r\n';
var i = 0;
var j = 0;
for(i = 0; i < Math.ceil((height + tileHeight - 1) / tileHeight); i++) {
var rowHeight = Math.min(height - i*tileHeight, tileHeight);
tableDef += '<tr style="height:' + rowHeight + 'px">\r\n';
-
+
for(j = 0; j < Math.ceil((width + tileWidth - 1) / tileWidth); j++) {
var colWidth = Math.min(width - j*tileWidth, tileWidth);
tableDef += '<td width="' + colWidth + 'px"></td>\r\n';
@@ -1039,40 +1039,40 @@ AjaxViewer.prototype = {
tableDef += '</tr>\r\n';
}
tableDef += '</table>\r\n';
-
+
return $(tableDef).appendTo(canvasParent);
},
-
+
getTile: function(cell, name) {
var clonedDiv = cell.data(name);
if(!clonedDiv) {
var offset = cell.offset();
- var divDef = "<div class=\"canvas_tile\" style=\"z-index:1;position:absolute;overflow:hidden;width:" + cell.width() + "px;height:"
+ var divDef = "<div class=\"canvas_tile\" style=\"z-index:1;position:absolute;overflow:hidden;width:" + cell.width() + "px;height:"
+ cell.height() + "px;left:" + offset.left + "px;top:" + offset.top+"px\"></div>";
-
+
clonedDiv = $(divDef).appendTo($(document.body));
cell.data(name, clonedDiv);
}
-
+
return clonedDiv;
},
-
+
initCell: function(cell) {
if(!cell.data("init")) {
cell.data("init", true);
-
+
cell.data("current", 0);
this.getTile(cell, "tile2");
this.getTile(cell, "tile");
}
},
-
+
displayCell: function(cell, bg) {
var div;
var divPrev;
if(!cell.data("current")) {
cell.data("current", 1);
-
+
divPrev = this.getTile(cell, "tile");
div = this.getTile(cell, "tile2");
} else {
@@ -1080,13 +1080,13 @@ AjaxViewer.prototype = {
divPrev = this.getTile(cell, "tile2");
div = this.getTile(cell, "tile");
}
-
+
var zIndex = parseInt(divPrev.css("z-index")) + 1;
this.maxTileZIndex = Math.max(this.maxTileZIndex, zIndex);
div.css("z-index", zIndex);
div.css("background", bg);
},
-
+
updateTile: function() {
if(this.dirty) {
var ajaxViewer = this;
@@ -1094,7 +1094,7 @@ AjaxViewer.prototype = {
var tileHeight = this.tileHeight;
var imgUrl = this.imgUrl;
var panel = this.panel;
-
+
if(this.fullImage) {
$.each(this.tileMap, function() {
var i = $(this)[0];
@@ -1102,7 +1102,7 @@ AjaxViewer.prototype = {
var row = $("TR:eq("+i+")", panel);
var cell = $("TD:eq("+j+")", row);
var attr = "url(" + imgUrl + ") -"+j*tileWidth+"px -"+i*tileHeight + "px";
-
+
ajaxViewer.initCell(cell);
ajaxViewer.displayCell(cell, attr);
});
@@ -1114,25 +1114,25 @@ AjaxViewer.prototype = {
var attr = "url(" + imgUrl + ") no-repeat -"+offset+"px 0px";
var row = $("TR:eq("+i+")", panel);
var cell = $("TD:eq("+j+")", row);
-
+
ajaxViewer.initCell(cell);
ajaxViewer.displayCell(cell, attr);
});
}
-
+
this.dirty = false;
}
},
-
+
heartbeat: function() {
this.checkEventQueue();
this.checkUpdate();
},
-
+
checkUpdate: function() {
if(!this.isDirty())
return;
-
+
if(this.isImageLoaded()) {
this.updateTile();
var url = this.updateUrl;
@@ -1147,84 +1147,84 @@ AjaxViewer.prototype = {
eval(data);
ajaxViewer.setDirty(true);
window.onStatusNotify(AjaxViewer.STATUS_RECEIVED);
-
+
ajaxViewer.checkUpdate();
}
});
- }
+ }
},
-
+
ptInPanel: function(pageX, pageY) {
var mainPanel = this.panel;
-
+
var offset = mainPanel.offset();
var x = pageX - offset.left;
var y = pageY - offset.top;
-
+
if(x < 0 || y < 0 || x > mainPanel.width() - 1 || y > mainPanel.height() - 1)
return false;
return true;
},
-
+
pageToPanel: function(pageX, pageY) {
var mainPanel = this.panel;
-
+
var offset = mainPanel.offset();
var x = pageX - offset.left;
var y = pageY - offset.top;
-
+
if(x < 0)
x = 0;
if(x > mainPanel.width() - 1)
x = mainPanel.width() - 1;
-
+
if(y < 0)
y = 0;
if(y > mainPanel.height() - 1)
y = mainPanel.height() - 1;
-
+
return { x: Math.ceil(x), y: Math.ceil(y) };
},
-
+
installMouseHook: function() {
var ajaxViewer = this;
var target = $(document.body);
-
+
target.mousemove(function(e) {
if(!ajaxViewer.ptInPanel(e.pageX, e.pageY))
return true;
-
- var pt = ajaxViewer.pageToPanel(e.pageX, e.pageY);
+
+ var pt = ajaxViewer.pageToPanel(e.pageX, e.pageY);
ajaxViewer.onMouseMove(pt.x, pt.y);
-
+
e.stopPropagation();
return false;
});
-
+
target.mousedown(function(e) {
ajaxViewer.panel.parent().focus();
-
+
if(!ajaxViewer.ptInPanel(e.pageX, e.pageY))
return true;
-
+
var modifiers = ajaxViewer.getKeyModifiers(e);
var whichButton = e.button;
-
- var pt = ajaxViewer.pageToPanel(e.pageX, e.pageY);
+
+ var pt = ajaxViewer.pageToPanel(e.pageX, e.pageY);
ajaxViewer.onMouseDown(pt.x, pt.y, whichButton, modifiers);
-
+
e.stopPropagation();
return false;
});
-
+
target.mouseup(function(e) {
if(!ajaxViewer.ptInPanel(e.pageX, e.pageY))
return true;
-
+
var modifiers = ajaxViewer.getKeyModifiers(e);
var whichButton = e.button;
-
- var pt = ajaxViewer.pageToPanel(e.pageX, e.pageY);
+
+ var pt = ajaxViewer.pageToPanel(e.pageX, e.pageY);
ajaxViewer.onMouseUp(pt.x, pt.y, whichButton, modifiers);
e.stopPropagation();
@@ -1247,11 +1247,11 @@ AjaxViewer.prototype = {
e.stopPropagation();
return false;
});
-
+
// disable browser right-click context menu
target.bind("contextmenu", function() { return false; });
},
-
+
uninstallMouseHook : function() {
var target = $(document);
target.unbind("mousemove");
@@ -1259,7 +1259,7 @@ AjaxViewer.prototype = {
target.unbind("mouseup");
target.unbind("contextmenu");
},
-
+
requiresDefaultKeyProcess : function(e) {
switch(e.which) {
case 8 : // backspace
@@ -1281,16 +1281,16 @@ AjaxViewer.prototype = {
case 47 : // FORWARD SLASH // Added to stop Firefox's quick search from opening
return false;
}
-
+
if(this.getKeyModifiers(e) == AjaxViewer.SHIFT_KEY_MASK)
return true;
-
+
if(this.getKeyModifiers(e) != 0)
return false;
-
+
return true;
},
-
+
installKeyboardHook: function() {
var ajaxViewer = this;
var target = $(document);
@@ -1301,65 +1301,65 @@ AjaxViewer.prototype = {
e.stopPropagation();
if(ajaxViewer.requiresDefaultKeyProcess(e))
return true;
-
+
e.preventDefault();
return false;
});
-
+
target.keydown(function(e) {
ajaxViewer.onKeyDown(e.which, ajaxViewer.getKeyModifiers(e));
-
+
e.stopPropagation();
if(ajaxViewer.requiresDefaultKeyProcess(e))
return true;
-
+
e.preventDefault();
return false;
});
-
+
target.keyup(function(e) {
ajaxViewer.onKeyUp(e.which, ajaxViewer.getKeyModifiers(e));
e.stopPropagation();
if(ajaxViewer.requiresDefaultKeyProcess(e))
return true;
-
+
e.preventDefault();
return false;
});
},
-
+
uninstallKeyboardHook : function() {
var target = $(document);
target.unbind("keypress");
target.unbind("keydown");
target.unbind("keyup");
},
-
+
onMouseMove: function(x, y) {
this.sendMouseEvent(AjaxViewer.MOUSE_MOVE, x, y, 0, 0);
},
-
+
onMouseDown: function(x, y, whichButton, modifiers) {
this.sendMouseEvent(AjaxViewer.MOUSE_DOWN, x, y, whichButton, modifiers);
},
-
+
onMouseUp: function(x, y, whichButton, modifiers) {
this.sendMouseEvent(AjaxViewer.MOUSE_UP, x, y, whichButton, modifiers);
-
+
var curTick = new Date().getTime();
if(this.lastClickEvent.time && (curTick - this.lastClickEvent.time < 300)) {
- this.onMouseDblClick(this.lastClickEvent.x, this.lastClickEvent.y,
+ this.onMouseDblClick(this.lastClickEvent.x, this.lastClickEvent.y,
this.lastClickEvent.button, this.lastClickEvent.modifiers);
}
-
+
this.lastClickEvent.x = x;
this.lastClickEvent.y = y;
this.lastClickEvent.button = whichButton;
this.lastClickEvent.modifiers = modifiers;
this.lastClickEvent.time = curTick;
},
-
+
onMouseDblClick: function(x, y, whichButton, modifiers) {
this.sendMouseEvent(AjaxViewer.MOUSE_DBLCLK, x, y, whichButton, modifiers);
},
@@ -1368,73 +1368,72 @@ AjaxViewer.prototype = {
this.sendMouseEvent(AjaxViewer.MOUSE_SCROLL, x, y, whichButton, modifiers);
},
-
+
onKeyPress: function(code, modifiers) {
g_logger.log(Logger.LEVEL_WARN, "RAW KEYBOARD EVENT. KEY-PRESS: " + code + ", modifers: " + modifiers);
-
+
this.dispatchKeyboardInput(AjaxViewer.KEY_PRESS, code, modifiers);
},
-
+
onKeyDown: function(code, modifiers) {
g_logger.log(Logger.LEVEL_WARN, "RAW KEYBOARD EVENT. KEY-DOWN: " + code + ", modifers: " + modifiers);
-
+
this.dispatchKeyboardInput(AjaxViewer.KEY_DOWN, code, modifiers);
},
-
+
onKeyUp: function(code, modifiers) {
g_logger.log(Logger.LEVEL_WARN, "RAW KEYBOARD EVENT. KEY-UP: " + code + ", modifers: " + modifiers);
-
+
this.dispatchKeyboardInput(AjaxViewer.KEY_UP, code, modifiers);
},
-
+
dispatchKeyboardInput : function(event, code, modifiers) {
var keyboardMapper = ajaxViewer.getCurrentKeyboardMapper();
keyboardMapper.inputFeed(event, code, modifiers, this.guestos, $.browser, $.browser.version);
this.dispatchMappedKeyboardInput(keyboardMapper.getMappedInput());
},
-
+
dispatchMappedKeyboardInput : function(mappedInput) {
for(var i = 0; i < mappedInput.length; i++) {
switch(mappedInput[i].type) {
case AjaxViewer.KEY_DOWN :
this.sendKeyboardEvent(AjaxViewer.KEY_DOWN, mappedInput[i].code, mappedInput[i].modifiers);
break;
-
+
case AjaxViewer.KEY_UP :
this.sendKeyboardEvent(AjaxViewer.KEY_UP, mappedInput[i].code, mappedInput[i].modifiers);
break;
-
+
case AjaxViewer.KEY_PRESS :
this.sendKeyboardEvent(AjaxViewer.KEY_PRESS, mappedInput[i].code, mappedInput[i].modifiers);
break;
}
}
},
-
+
getKeyModifiers: function(e) {
var modifiers = 0;
if(e.altKey)
modifiers |= AjaxViewer.ALT_KEY_MASK;
-
+
if(e.altLeft)
modifiers |= AjaxViewer.LEFT_ALT_MASK;
-
+
if(e.ctrlKey)
modifiers |= AjaxViewer.CTRL_KEY_MASK;
-
+
if(e.ctrlLeft)
modifiers |= AjaxViewer.LEFT_CTRL_MASK;
-
+
if(e.shiftKey)
modifiers |= AjaxViewer.SHIFT_KEY_MASK;
-
+
if(e.shiftLeft)
modifiers |= AjaxViewer.LEFT_SHIFT_MASK;
-
+
if(e.metaKey)
modifiers |= AjaxViewer.META_KEY_MASK;
-
+
return modifiers;
}
};
-
diff --git a/systemvm/js/cloud.logger.js b/systemvm/agent/js/cloud.logger.js
similarity index 91%
rename from systemvm/js/cloud.logger.js
rename to systemvm/agent/js/cloud.logger.js
index 5e61acc..d2f2079 100644
--- a/systemvm/js/cloud.logger.js
+++ b/systemvm/agent/js/cloud.logger.js
@@ -6,9 +6,9 @@ regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
-
+
http://www.apache.org/licenses/LICENSE-2.0
-
+
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -28,14 +28,14 @@ under the License.
function Logger() {
this.bDockEnabled = true;
-
+
this.logWin = null;
this.logger = null;
this.header = null;
-
+
this.bEnabled = true;
this.level = 0;
-
+
this.bMoving = false;
this.offsetStart = {left: 0, top: 0};
this.ptStart = {x: 0, y: 0};
@@ -51,24 +51,24 @@ Logger.LEVEL_FATAL = 5;
Logger.LEVEL_SYS = 100;
Logger.prototype = {
-
+
open: function() {
if(this.logWin) {
this.logWin.show();
-
+
this.log(Logger.LEVEL_SYS, "Logger is open in browser: " + this.objectToString($.browser));
return;
}
-
+
var logger = this;
- var logWinMarkup = [
+ var logWinMarkup = [
'<div class="logwin">',
'<div class="logwin_title">',
'<div class="logwin_title_actionbox">',
- '<a class="logwin_playbutton" href="#" cmd="1"></a>',
- '<a class="logwin_stopbutton" href="#" cmd="2"></a>',
- '<a class="logwin_clrbutton" href="#" cmd="3"></a>',
- '<form action="#">',
+ '<a class="logwin_playbutton" href="#" cmd="1"></a>',
+ '<a class="logwin_stopbutton" href="#" cmd="2"></a>',
+ '<a class="logwin_clrbutton" href="#" cmd="3"></a>',
+ '<form action="#">',
'<select class="select" id="template_type">',
'<option value="0">TRACE</option>',
'<option value="1">DEBUG</option>',
@@ -76,18 +76,18 @@ Logger.prototype = {
'<option value="3">WARN</option>',
'<option value="4">ERROR</option>',
'<option value="5">FATAL</option>',
- '</select>',
- '</form>',
+ '</select>',
+ '</form>',
'</div>',
'<div class="logwin_title_rgtactionbox">',
- '<a class="logwin_minimizebutton" href="#" cmd="4"></a>',
+ '<a class="logwin_minimizebutton" href="#" cmd="4"></a>',
'<a class="logwin_shrinkbutton" href="#" cmd="5"></a>',
'</div>',
'</div>',
'<div class="logwin_content"></div>',
'</div>'
].join('');
-
+
this.logWin = $(logWinMarkup).appendTo(document.body);
this.header = $('.logwin_title:first', this.logWin);
this.logger = $('.logwin_content:first', this.logWin);
@@ -95,22 +95,22 @@ Logger.prototype = {
$(".logwin_title", this.logWin).mousedown(function(e) {
if($(e.target).attr('cmd'))
return true;
-
+
if(!logger.bMoving) {
logger.bMoving = true;
logger.offsetStart = logger.logWin.offset();
logger.ptStart = {x: e.pageX, y: e.pageY};
-
+
$(document).bind("mousemove", function(e) {
if(logger.bMoving) {
logger.enableDocking(false);
-
+
var logWinNewLeft = logger.offsetStart.left + e.pageX - logger.ptStart.x;
var logWinNewTop = logger.offsetStart.top + e.pageY - logger.ptStart.y;
-
+
logger.logWin.css("left", logWinNewLeft + "px").css("top", logWinNewTop + "px");
}
- return false;
+ return false;
});
$(document).bind("mouseup", function(e) {
@@ -118,98 +118,98 @@ Logger.prototype = {
logger.bMoving = false;
$(document).unbind("mousemove", arguments.callee.name);
$(document).unbind("mouseup", arguments.callee.name);
-
+
return false;
}
return true;
});
}
-
+
// prevent default handling
return false;
}).dblclick(function(e) {
logger.expand(!logger.isExpanded());
});
-
+
this.logWin.click(function(e) {
if($(e.target).attr('cmd')) {
switch($(e.target).attr('cmd')) {
case '1' :
logger.enable(true);
break;
-
+
case '2' :
logger.enable(false);
break;
-
+
case '3' :
logger.clear();
break;
-
+
case '4' :
logger.enableDocking(true);
logger.dockIn();
break;
-
+
case '5' :
logger.expand(!logger.isExpanded());
break;
-
+
default :
break;
}
}
});
-
+
$("#template_type", this.logWin).change(function(e) {
logger.setLevel(parseInt($(this).val()));
});
-
+
this.logWin.css("left", (($(document.body).width() - this.logWin.width()) / 2) + "px");
this.dockIn();
-
+
this.log(Logger.LEVEL_SYS, "Logger is open in browser: " + this.objectToString($.browser));
},
-
+
close: function() {
if(this.logWin)
this.logWin.hide();
},
-
+
isOpen: function() {
if(this.logWin)
return this.logWin.is(":visible");
return false;
},
-
+
dockIn: function() {
var logger = this;
var offset = this.logWin.offset();
var bottom = offset.top + this.logWin.height();
var delta = bottom - 2;
-
- this.logWin.animate({top: (offset.top - delta) + "px"}, 200,
+
+ this.logWin.animate({top: (offset.top - delta) + "px"}, 200,
function() {
logger.logWin.unbind("mouseleave");
logger.logWin.bind("mouseenter", function(e) {
if(logger.bDockEnabled)
logger.dockOut();
});
- }
+ }
);
},
-
+
dockOut: function() {
var logger = this;
- this.logWin.animate({top: "0px"}, 200,
+ this.logWin.animate({top: "0px"}, 200,
function() {
logger.logWin.unbind("mouseenter");
logger.logWin.bind("mouseleave", function(e) {
if(logger.bDockEnabled) {
var xPosInLogWin = e.pageX - logger.logWin.offset().left;
var yPosInLogWin = e.pageY - logger.logWin.offset().top;
-
- if(xPosInLogWin < 0 || yPosInLogWin < 0 ||
+
+ if(xPosInLogWin < 0 || yPosInLogWin < 0 ||
xPosInLogWin > logger.logWin.width() || yPosInLogWin > logger.logWin.height()) {
logger.dockIn();
}
@@ -218,11 +218,11 @@ Logger.prototype = {
}
);
},
-
+
enableDocking: function(bEnable) {
this.bDockEnabled = bEnable;
},
-
+
log: function(level, message) {
// Note : LEVEL_SYS message will always be logged
if(this.logger && (level == Logger.LEVEL_SYS || this.bEnabled && level >= this.level)) {
@@ -236,33 +236,33 @@ Logger.prototype = {
':', curTime.getMinutes(),
":", curTime.getSeconds(),
".", curTime.getMilliseconds()].join('');
-
+
this.logger.append(this.getLevelDisplayString(level) + " - " + curTimeString + " - " + message + '<br>');
}
},
-
+
clear: function() {
if(this.logger) {
this.logger.empty();
this.log(Logger.LEVEL_SYS, "Logger is cleared");
}
},
-
+
setLevel: function(level) {
this.level = level;
-
+
this.log(Logger.LEVEL_SYS, "Set logger trace level to " + this.getLevelDisplayString(level));
},
-
+
enable: function(bEnabled) {
this.bEnabled = bEnabled;
-
+
if(bEnabled)
this.log(Logger.LEVEL_SYS, "Logger is enabled");
else
this.log(Logger.LEVEL_SYS, "Logger is disabled");
},
-
+
expand: function(bExpand) {
if(bExpand) {
this.logWin.height(Logger.DEFAULT_WIN_HEIGHT);
@@ -272,59 +272,59 @@ Logger.prototype = {
this.logger.height(0);
}
},
-
+
isExpanded: function() {
return this.logWin.height() > this.header.height();
},
-
+
getLevelDisplayString: function(level) {
switch(level) {
case Logger.LEVEL_TRACE :
return "TRACE";
-
+
case Logger.LEVEL_DEBUG :
return "DEBUG";
-
+
case Logger.LEVEL_INFO :
return "INFO";
-
+
case Logger.LEVEL_WARN :
return "WARN";
-
+
case Logger.LEVEL_ERROR :
return "ERROR";
-
+
case Logger.LEVEL_FATAL :
return "FATAL";
-
+
case Logger.LEVEL_SYS :
return "SYSINFO";
}
-
+
return "LEVEL " + level;
},
-
+
// this is a util function which actually can be put elsewhere instead of in this class
objectToString : function(object) {
if(object) {
if(object instanceof Object) {
var sb = ['{' ];
-
+
$.each(object, function(name, val) {
sb.push('' + name + ': ');
-
+
if(val instanceof Object) {
sb.push(this.objectToString(val));
} else {
sb.push('' + val);
}
-
+
sb.push(',');
});
-
+
if(sb[sb.length - 1] == ',' )
sb.length = sb.length - 1;
-
+
sb.push('}');
return sb.join("");
} else {
@@ -335,4 +335,3 @@ Logger.prototype = {
}
}
};
-
diff --git a/systemvm/js/handler.js b/systemvm/agent/js/handler.js
similarity index 99%
rename from systemvm/js/handler.js
rename to systemvm/agent/js/handler.js
index d22ff07..b820f1e 100644
--- a/systemvm/js/handler.js
+++ b/systemvm/agent/js/handler.js
@@ -6,9 +6,9 @@ regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
-
+
http://www.apache.org/licenses/LICENSE-2.0
-
+
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
diff --git a/systemvm/js/jquery.flot.navigate.js b/systemvm/agent/js/jquery.flot.navigate.js
similarity index 96%
rename from systemvm/js/jquery.flot.navigate.js
rename to systemvm/agent/js/jquery.flot.navigate.js
index 02d189f..a7bb023 100644
--- a/systemvm/js/jquery.flot.navigate.js
+++ b/systemvm/agent/js/jquery.flot.navigate.js
@@ -17,7 +17,7 @@ Options:
trigger: "dblclick" // or "click" for single click
amount: 1.5 // 2 = 200% (zoom in), 0.5 = 50% (zoom out)
}
-
+
pan: {
interactive: false
cursor: "move" // CSS mouse cursor value used when dragging, e.g. "pointer"
@@ -28,7 +28,7 @@ Options:
zoomRange: null // or [number, number] (min range, max range) or false
panRange: null // or [number, number] (min, max) or false
}
-
+
"interactive" enables the built-in drag/click behaviour. If you enable
interactive for pan, then you'll have a basic plot that supports
moving around; the same for zoom.
@@ -58,16 +58,16 @@ panRange to false, panning on that axis will be disabled.
Example API usage:
plot = $.plot(...);
-
- // zoom default amount in on the pixel (10, 20)
+
+ // zoom default amount in on the pixel (10, 20)
plot.zoom({ center: { left: 10, top: 20 } });
// zoom out again
plot.zoomOut({ center: { left: 10, top: 20 } });
- // zoom 200% in on the pixel (10, 20)
+ // zoom 200% in on the pixel (10, 20)
plot.zoom({ amount: 2, center: { left: 10, top: 20 } });
-
+
// pan 100 pixels to the left and 20 down
plot.pan({ left: -100, top: 20 })
@@ -79,7 +79,7 @@ you convert between these).
"amount" is the amount to zoom the viewport relative to the current
range, so 1 is 100% (i.e. no change), 1.5 is 150% (zoom in), 0.7 is
70% (zoom out). You can set the default in the options.
-
+
*/
@@ -88,7 +88,7 @@ range, so 1 is 100% (i.e. no change), 1.5 is 150% (zoom in), 0.7 is
// effort of downloading them.
/*
-jquery.event.drag.js ~ v1.5 ~ Copyright (c) 2008, Three Dub Media (http://threedubmedia.com)
+jquery.event.drag.js ~ v1.5 ~ Copyright (c) 2008, Three Dub Media (http://threedubmedia.com)
Licensed under the MIT License ~ http://threedubmedia.googlecode.com/files/MIT-LICENSE.txt
*/
(function(E){E.fn.drag=function(L,K,J){if(K){this.bind("dragstart",L)}if(J){this.bind("dragend",J)}return !L?this.trigger("drag"):this.bind("drag",K?K:L)};var A=E.event,B=A.special,F=B.drag={not:":input",distance:0,which:1,dragging:false,setup:function(J){J=E.extend({distance:F.distance,which:F.which,not:F.not},J||{});J.distance=I(J.distance);A.add(this,"mousedown",H,J);if(this.attachEvent){this.attachEvent("ondragstart",D)}},teardown:function(){A.remove(this,"mousedown",H);if(this===F.d [...]
@@ -102,7 +102,7 @@ Licensed under the MIT License ~ http://threedubmedia.googlecode.com/files/MIT-L
* Thanks to: Mathias Bank(http://www.mathias-bank.de) for a scope bug fix.
*
* Version: 3.0.2
- *
+ *
* Requires: 1.2.2+
*/
(function(c){var a=["DOMMouseScroll","mousewheel"];c.event.special.mousewheel={setup:function(){if(this.addEventListener){for(var d=a.length;d;){this.addEventListener(a[--d],b,false)}}else{this.onmousewheel=b}},teardown:function(){if(this.removeEventListener){for(var d=a.length;d;){this.removeEventListener(a[--d],b,false)}}else{this.onmousewheel=null}}};c.fn.extend({mousewheel:function(d){return d?this.bind("mousewheel",d):this.trigger("mousewheel")},unmousewheel:function(d){return this. [...]
@@ -143,7 +143,7 @@ Licensed under the MIT License ~ http://threedubmedia.googlecode.com/files/MIT-L
onZoomClick(e, delta < 0);
return false;
}
-
+
var prevCursor = 'default', prevPageX = 0, prevPageY = 0,
panTimeout = null;
@@ -157,7 +157,7 @@ Licensed under the MIT License ~ http://threedubmedia.googlecode.com/files/MIT-L
prevPageX = e.pageX;
prevPageY = e.pageY;
}
-
+
function onDrag(e) {
var frameRate = plot.getOptions().pan.frameRate;
if (panTimeout || !frameRate)
@@ -168,7 +168,7 @@ Licensed under the MIT License ~ http://threedubmedia.googlecode.com/files/MIT-L
top: prevPageY - e.pageY });
prevPageX = e.pageX;
prevPageY = e.pageY;
-
+
panTimeout = null;
}, 1 / frameRate * 1000);
}
@@ -178,12 +178,12 @@ Licensed under the MIT License ~ http://threedubmedia.googlecode.com/files/MIT-L
clearTimeout(panTimeout);
panTimeout = null;
}
-
+
plot.getPlaceholder().css('cursor', prevCursor);
plot.pan({ left: prevPageX - e.pageX,
top: prevPageY - e.pageY });
}
-
+
function bindEvents(plot, eventHolder) {
var o = plot.getOptions();
if (o.zoom.interactive) {
@@ -201,25 +201,25 @@ Licensed under the MIT License ~ http://threedubmedia.googlecode.com/files/MIT-L
plot.zoomOut = function (args) {
if (!args)
args = {};
-
+
if (!args.amount)
args.amount = plot.getOptions().zoom.amount
args.amount = 1 / args.amount;
plot.zoom(args);
}
-
+
plot.zoom = function (args) {
if (!args)
args = {};
-
+
var c = args.center,
amount = args.amount || plot.getOptions().zoom.amount,
w = plot.width(), h = plot.height();
if (!c)
c = { left: w / 2, top: h / 2 };
-
+
var xf = c.left / w,
yf = c.top / h,
minmax = {
@@ -241,7 +241,7 @@ Licensed under the MIT License ~ http://threedubmedia.googlecode.com/files/MIT-L
if (zr === false) // no zooming on this axis
return;
-
+
min = axis.c2p(min);
max = axis.c2p(max);
if (min > max) {
@@ -256,14 +256,14 @@ Licensed under the MIT License ~ http://threedubmedia.googlecode.com/files/MIT-L
((zr[0] != null && range < zr[0]) ||
(zr[1] != null && range > zr[1])))
return;
-
+
opts.min = min;
opts.max = max;
});
-
+
plot.setupGrid();
plot.draw();
-
+
if (!args.preventEvent)
plot.getPlaceholder().trigger("plotzoom", [ plot ]);
}
@@ -289,7 +289,7 @@ Licensed under the MIT License ~ http://threedubmedia.googlecode.com/files/MIT-L
var pr = opts.panRange;
if (pr === false) // no panning on this axis
return;
-
+
if (pr) {
// check whether we hit the wall
if (pr[0] != null && pr[0] > min) {
@@ -297,21 +297,21 @@ Licensed under the MIT License ~ http://threedubmedia.googlecode.com/files/MIT-L
min += d;
max += d;
}
-
+
if (pr[1] != null && pr[1] < max) {
d = pr[1] - max;
min += d;
max += d;
}
}
-
+
opts.min = min;
opts.max = max;
});
-
+
plot.setupGrid();
plot.draw();
-
+
if (!args.preventEvent)
plot.getPlaceholder().trigger("plotpan", [ plot ]);
}
@@ -325,11 +325,11 @@ Licensed under the MIT License ~ http://threedubmedia.googlecode.com/files/MIT-L
if (panTimeout)
clearTimeout(panTimeout);
}
-
+
plot.hooks.bindEvents.push(bindEvents);
plot.hooks.shutdown.push(shutdown);
}
-
+
$.plot.plugins.push({
init: init,
options: options,
diff --git a/systemvm/js/jquery.js b/systemvm/agent/js/jquery.js
similarity index 100%
rename from systemvm/js/jquery.js
rename to systemvm/agent/js/jquery.js
diff --git a/systemvm/scripts/_run.sh b/systemvm/agent/scripts/_run.sh
similarity index 99%
rename from systemvm/scripts/_run.sh
rename to systemvm/agent/scripts/_run.sh
index 96cc88b..1b473f6 100755
--- a/systemvm/scripts/_run.sh
+++ b/systemvm/agent/scripts/_run.sh
@@ -6,9 +6,9 @@
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
diff --git a/systemvm/scripts/config_auth.sh b/systemvm/agent/scripts/config_auth.sh
similarity index 97%
rename from systemvm/scripts/config_auth.sh
rename to systemvm/agent/scripts/config_auth.sh
index 4b74f8e..b5781fe 100755
--- a/systemvm/scripts/config_auth.sh
+++ b/systemvm/agent/scripts/config_auth.sh
@@ -6,9 +6,9 @@
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -18,7 +18,7 @@
-
+
BASE_DIR="/var/www/html/copy/template/"
@@ -43,7 +43,7 @@ config_htaccess() {
let "result=$result+$?"
echo "Require valid-user" >> $HTACCESS
let "result=$result+$?"
- return $result
+ return $result
}
write_passwd() {
@@ -65,5 +65,5 @@ then
exit 2
fi
-config_htaccess
+config_htaccess
exit $?
diff --git a/systemvm/scripts/config_ssl.sh b/systemvm/agent/scripts/config_ssl.sh
similarity index 95%
rename from systemvm/scripts/config_ssl.sh
rename to systemvm/agent/scripts/config_ssl.sh
index 931c1a5..b8cf47c 100755
--- a/systemvm/scripts/config_ssl.sh
+++ b/systemvm/agent/scripts/config_ssl.sh
@@ -6,9 +6,9 @@
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -47,8 +47,6 @@ config_apache2_conf() {
cp -f /etc/apache2/sites-available/default-ssl.orig /etc/apache2/sites-available/default-ssl
sed -i -e "s/<VirtualHost.*>/<VirtualHost $ip:80>/" /etc/apache2/sites-available/default
sed -i -e "s/<VirtualHost.*>/<VirtualHost $ip:443>/" /etc/apache2/sites-available/default-ssl
- sed -i -e "s/Listen .*:80/Listen $ip:80/g" /etc/apache2/ports.conf
- sed -i -e "s/Listen .*:443/Listen $ip:443/g" /etc/apache2/ports.conf
sed -i 's/ssl-cert-snakeoil.key/cert_apache.key/' /etc/apache2/sites-available/default-ssl
sed -i 's/ssl-cert-snakeoil.pem/cert_apache.crt/' /etc/apache2/sites-available/default-ssl
sed -i 's/SSLProtocol.*$/SSLProtocol all -SSLv2 -SSLv3/' /etc/apache2/sites-available/default-ssl
@@ -90,7 +88,7 @@ copy_certs() {
return $?
fi
if [ ! -z customCertChain ] && [ -f $customCertChain ] ; then
- cp $customCertChain /etc/httpd/ssl/certs
+ cp $customCertChain /etc/httpd/ssl/certs
fi
return 1
}
@@ -158,7 +156,7 @@ fi
if [ "$cflag" == "1" ]
then
- if [ "$cpkflag$cpcflag" != "11" ]
+ if [ "$cpkflag$cpcflag" != "11" ]
then
help
exit 1
@@ -175,7 +173,7 @@ then
exit 3
fi
- if [ "$cccflag" == "1" ]
+ if [ "$cccflag" == "1" ]
then
if [ ! -f "$customCertChain" ]
then
@@ -208,10 +206,7 @@ fi
if [ -d /etc/apache2 ]
then
config_apache2_conf $publicIp $hostName
- /etc/init.d/apache2 stop
- /etc/init.d/apache2 start
+ systemctl restart apache2
else
config_httpd_conf $publicIp $hostName
fi
-
-
diff --git a/systemvm/scripts/consoleproxy.sh b/systemvm/agent/scripts/consoleproxy.sh
similarity index 99%
rename from systemvm/scripts/consoleproxy.sh
rename to systemvm/agent/scripts/consoleproxy.sh
index 294d597..1adbcc1 100755
--- a/systemvm/scripts/consoleproxy.sh
+++ b/systemvm/agent/scripts/consoleproxy.sh
@@ -6,9 +6,9 @@
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
diff --git a/systemvm/scripts/ipfirewall.sh b/systemvm/agent/scripts/ipfirewall.sh
similarity index 99%
rename from systemvm/scripts/ipfirewall.sh
rename to systemvm/agent/scripts/ipfirewall.sh
index 4711b8a..7450f7f 100755
--- a/systemvm/scripts/ipfirewall.sh
+++ b/systemvm/agent/scripts/ipfirewall.sh
@@ -6,9 +6,9 @@
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -47,4 +47,3 @@ do
ips "$i"
done
exit $?
-
diff --git a/systemvm/scripts/run-proxy.sh b/systemvm/agent/scripts/run-proxy.sh
similarity index 94%
rename from systemvm/scripts/run-proxy.sh
rename to systemvm/agent/scripts/run-proxy.sh
index d6ccf7c..f26f54b 100644
--- a/systemvm/scripts/run-proxy.sh
+++ b/systemvm/agent/scripts/run-proxy.sh
@@ -6,9 +6,9 @@
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -18,11 +18,11 @@
-
+
#run.sh runs the console proxy.
-# make sure we delete the old files from the original template
+# make sure we delete the old files from the original template
rm console-proxy.jar
rm console-common.jar
rm conf/cloud.properties
@@ -44,5 +44,5 @@ done
# ;;
# esac
# done
-
+
java -mx700m -cp $CP:./conf com.cloud.consoleproxy.ConsoleProxy $@
diff --git a/systemvm/scripts/run.sh b/systemvm/agent/scripts/run.sh
similarity index 99%
rename from systemvm/scripts/run.sh
rename to systemvm/agent/scripts/run.sh
index 7923a34..3ef001b 100755
--- a/systemvm/scripts/run.sh
+++ b/systemvm/agent/scripts/run.sh
@@ -6,9 +6,9 @@
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
diff --git a/systemvm/scripts/secstorage.sh b/systemvm/agent/scripts/secstorage.sh
similarity index 99%
rename from systemvm/scripts/secstorage.sh
rename to systemvm/agent/scripts/secstorage.sh
index b45afc2..f210bb7 100755
--- a/systemvm/scripts/secstorage.sh
+++ b/systemvm/agent/scripts/secstorage.sh
@@ -6,9 +6,9 @@
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
diff --git a/systemvm/scripts/ssvm-check.sh b/systemvm/agent/scripts/ssvm-check.sh
similarity index 97%
rename from systemvm/scripts/ssvm-check.sh
rename to systemvm/agent/scripts/ssvm-check.sh
index ffd3d95..2abab81 100644
--- a/systemvm/scripts/ssvm-check.sh
+++ b/systemvm/agent/scripts/ssvm-check.sh
@@ -6,16 +6,16 @@
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-
+
# Health check script for the Secondary Storage VM
@@ -29,7 +29,7 @@ do
value=`echo $i | cut -d= -f2`
case $key in
host)
- MGMTSERVER=$value
+ MGMTSERVER=$value
;;
esac
done
@@ -141,6 +141,6 @@ else
fi
echo ================================================
-echo Tests Complete. Look for ERROR or WARNING above.
+echo Tests Complete. Look for ERROR or WARNING above.
exit 0
diff --git a/systemvm/scripts/utils.sh b/systemvm/agent/scripts/utils.sh
similarity index 100%
rename from systemvm/scripts/utils.sh
rename to systemvm/agent/scripts/utils.sh
diff --git a/systemvm/ui/viewer-bad-sid.ftl b/systemvm/agent/ui/viewer-bad-sid.ftl
similarity index 99%
rename from systemvm/ui/viewer-bad-sid.ftl
rename to systemvm/agent/ui/viewer-bad-sid.ftl
index 2f30ec3..fa1625a 100644
--- a/systemvm/ui/viewer-bad-sid.ftl
+++ b/systemvm/agent/ui/viewer-bad-sid.ftl
@@ -6,9 +6,9 @@ regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
-
+
http://www.apache.org/licenses/LICENSE-2.0
-
+
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
diff --git a/systemvm/ui/viewer-connect-failed.ftl b/systemvm/agent/ui/viewer-connect-failed.ftl
similarity index 99%
rename from systemvm/ui/viewer-connect-failed.ftl
rename to systemvm/agent/ui/viewer-connect-failed.ftl
index 9d907ca..eb715ad 100644
--- a/systemvm/ui/viewer-connect-failed.ftl
+++ b/systemvm/agent/ui/viewer-connect-failed.ftl
@@ -6,9 +6,9 @@ regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
-
+
http://www.apache.org/licenses/LICENSE-2.0
-
+
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
diff --git a/systemvm/ui/viewer-update.ftl b/systemvm/agent/ui/viewer-update.ftl
similarity index 97%
rename from systemvm/ui/viewer-update.ftl
rename to systemvm/agent/ui/viewer-update.ftl
index 6bf9ab3..6de7033 100644
--- a/systemvm/ui/viewer-update.ftl
+++ b/systemvm/agent/ui/viewer-update.ftl
@@ -18,7 +18,6 @@ under the License.
-->
tileMap = [ ${tileSequence} ];
<#if resized == true>
- ajaxViewer.resize('main_panel', ${width}, ${height}, ${tileWidth}, ${tileHeight});
+ ajaxViewer.resize('main_panel', ${width}, ${height}, ${tileWidth}, ${tileHeight});
</#if>
ajaxViewer.refresh('${imgUrl}', tileMap, false);
-
diff --git a/systemvm/ui/viewer.ftl b/systemvm/agent/ui/viewer.ftl
similarity index 84%
rename from systemvm/ui/viewer.ftl
rename to systemvm/agent/ui/viewer.ftl
index 62de193..e6b1207 100644
--- a/systemvm/ui/viewer.ftl
+++ b/systemvm/agent/ui/viewer.ftl
@@ -6,9 +6,9 @@ regarding copyright ownership. The ASF licenses this file
to you under the Apache License, Version 2.0 (the
"License"); you may not use this file except in compliance
with the License. You may obtain a copy of the License at
-
+
http://www.apache.org/licenses/LICENSE-2.0
-
+
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -28,26 +28,26 @@ under the License.
<body>
<div id="toolbar">
<ul>
- <li>
- <a href="#" onclick="javascript:sendCtrlAltDel();">
- <span><img align="left" src="/resource/images/cad.gif" alt="Ctrl-Alt-Del" />Ctrl-Alt-Del</span>
- </a>
+ <li>
+ <a href="#" onclick="javascript:sendCtrlAltDel();">
+ <span><img align="left" src="/resource/images/cad.gif" alt="Ctrl-Alt-Del" />Ctrl-Alt-Del</span>
+ </a>
</li>
- <li>
- <a href="#" onclick="javascript:sendCtrlEsc();">
- <span><img align="left" src="/resource/images/winlog.png" alt="Ctrl-Esc" style="width:16px;height:16px"/>Ctrl-Esc</span>
- </a>
+ <li>
+ <a href="#" onclick="javascript:sendCtrlEsc();">
+ <span><img align="left" src="/resource/images/winlog.png" alt="Ctrl-Esc" style="width:16px;height:16px"/>Ctrl-Esc</span>
+ </a>
</li>
</ul>
-<span id="light" class="dark"></span>
+<span id="light" class="dark"></span>
</div>
<div id="main_panel" tabindex="1"></div>
-
+
<script language="javascript">
var tileMap = [ ${tileSequence} ];
-var ajaxViewer = new AjaxViewer('main_panel', '${imgUrl}', '${updateUrl}', tileMap,
+var ajaxViewer = new AjaxViewer('main_panel', '${imgUrl}', '${updateUrl}', tileMap,
${width}, ${height}, ${tileWidth}, ${tileHeight}, ${rawKeyboard});
$(function() {
@@ -57,4 +57,4 @@ $(function() {
</script>
</body>
-</html>
+</html>
diff --git a/systemvm/bindir/cloud-setup-console-proxy.in b/systemvm/bindir/cloud-setup-console-proxy.in
deleted file mode 100755
index 6439c0f..0000000
--- a/systemvm/bindir/cloud-setup-console-proxy.in
+++ /dev/null
@@ -1,220 +0,0 @@
-#!/usr/bin/env python
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-import sys, os, subprocess, errno, re, getopt
-
-# ---- This snippet of code adds the sources path and the waf configured PYTHONDIR to the Python path ----
-# ---- We do this so cloud_utils can be looked up in the following order:
-# ---- 1) Sources directory
-# ---- 2) waf configured PYTHONDIR
-# ---- 3) System Python path
-for pythonpath in (
- "@PYTHONDIR@",
- os.path.join(os.path.dirname(__file__),os.path.pardir,os.path.pardir,"python","lib"),
- ):
- if os.path.isdir(pythonpath): sys.path.insert(0,pythonpath)
-# ---- End snippet of code ----
-import cloud_utils
-from cloud_utils import stderr
-
-E_GENERIC= 1
-E_NOKVM = 2
-E_NODEFROUTE = 3
-E_DHCP = 4
-E_NOPERSISTENTNET = 5
-E_NETRECONFIGFAILED = 6
-E_VIRTRECONFIGFAILED = 7
-E_FWRECONFIGFAILED = 8
-E_CPRECONFIGFAILED = 9
-E_CPFAILEDTOSTART = 10
-E_NOFQDN = 11
-
-def bail(errno=E_GENERIC,message=None,*args):
- if message: stderr(message,*args)
- stderr("Cloud Console Proxy setup aborted")
- sys.exit(errno)
-
-
-#---------------- boilerplate for python 2.4 support
-
-
-# CENTOS does not have this -- we have to put this here
-try:
- from subprocess import check_call
- from subprocess import CalledProcessError
-except ImportError:
- def check_call(*popenargs, **kwargs):
- import subprocess
- retcode = subprocess.call(*popenargs, **kwargs)
- cmd = kwargs.get("args")
- if cmd is None: cmd = popenargs[0]
- if retcode: raise CalledProcessError(retcode, cmd)
- return retcode
-
- class CalledProcessError(Exception):
- def __init__(self, returncode, cmd):
- self.returncode = returncode ; self.cmd = cmd
- def __str__(self): return "Command '%s' returned non-zero exit status %d" % (self.cmd, self.returncode)
-
-# ------------ end boilerplate -------------------------
-
-def check_hostname(): return check_call(["hostname",'--fqdn'])
-
-class Command:
- def __init__(self,name,parent=None):
- self.__name = name
- self.__parent = parent
- def __getattr__(self,name):
- if name == "_print": name = "print"
- return Command(name,self)
- def __call__(self,*args):
- cmd = self.__get_recursive_name() + list(args)
- #print " ",cmd
- popen = subprocess.Popen(cmd,stdout=subprocess.PIPE,stderr=subprocess.PIPE)
- m = popen.communicate()
- ret = popen.wait()
- if ret:
- e = CalledProcessError(ret,cmd)
- e.stdout,e.stderr = m
- raise e
- class CommandOutput:
- def __init__(self,stdout,stderr):
- self.stdout = stdout
- self.stderr = stderr
- return CommandOutput(*m)
- def __lt__(self,other):
- cmd = self.__get_recursive_name()
- #print " ",cmd,"<",other
- popen = subprocess.Popen(cmd,stdin=subprocess.PIPE,stdout=subprocess.PIPE,stderr=subprocess.PIPE)
- m = popen.communicate(other)
- ret = popen.wait()
- if ret:
- e = CalledProcessError(ret,cmd)
- e.stdout,e.stderr = m
- raise e
- class CommandOutput:
- def __init__(self,stdout,stderr):
- self.stdout = stdout
- self.stderr = stderr
- return CommandOutput(*m)
-
- def __get_recursive_name(self,sep=None):
- m = self
- l = []
- while m is not None:
- l.append(m.__name)
- m = m.__parent
- l.reverse()
- if sep: return sep.join(l)
- else: return l
- def __str__(self):
- return '<Command %r>'%self.__get_recursive_name(sep=" ")
-
- def __repr__(self): return self.__str__()
-
-ip = Command("ip")
-service = Command("service")
-chkconfig = Command("chkconfig")
-ufw = Command("ufw")
-iptables = Command("iptables")
-augtool = Command("augtool")
-ifconfig = Command("ifconfig")
-uuidgen = Command("uuidgen")
-
-Fedora = os.path.exists("/etc/fedora-release")
-CentOS = os.path.exists("/etc/centos-release") or ( os.path.exists("/etc/redhat-release") and not os.path.exists("/etc/fedora-release") )
-
-#--------------- procedure starts here ------------
-
-def main():
- # parse cmd line
- opts, args = getopt.getopt(sys.argv[1:], "a", ["host=", "zone=", "pod="])
- host=None
- zone=None
- pod=None
- autoMode=False
- do_check_kvm = True
- for opt, arg in opts:
- if opt == "--host":
- if arg != "":
- host = arg
- elif opt == "--zone":
- if arg != "":
- zone = arg
- elif opt == "--pod":
- if arg != "":
- pod = arg
- elif opt == "-a":
- autoMode=True
- servicename = "@PACKAGE@-console-proxy"
-
- if autoMode:
- cloud_utils.setLogFile("/var/log/cloud/setupConsoleProxy.log")
-
- stderr("Welcome to the Cloud Console Proxy setup")
- stderr("")
-
- try:
- check_hostname()
- stderr("The hostname of this machine is properly set up")
- except CalledProcessError,e:
- bail(E_NOFQDN,"This machine does not have an FQDN (fully-qualified domain name) for a hostname")
-
- stderr("Stopping the Cloud Console Proxy")
- cloud_utils.stop_service(servicename)
- stderr("Cloud Console Proxy stopped")
-
- ports = "8002".split()
- if Fedora or CentOS:
- try:
- o = chkconfig("--list","iptables")
- if ":on" in o.stdout and os.path.exists("/etc/sysconfig/iptables"):
- stderr("Setting up firewall rules to permit traffic to Cloud services")
- service.iptables.start() ; print o.stdout + o.stderr
- for p in ports: iptables("-I","INPUT","1","-p","tcp","--dport",p,'-j','ACCEPT')
- o = service.iptables.save() ; print o.stdout + o.stderr
- except CalledProcessError,e:
- print e.stdout+e.stderr
- bail(E_FWRECONFIGFAILED,"Firewall rules could not be set")
- else:
- stderr("Setting up firewall rules to permit traffic to Cloud services")
- try:
- for p in ports: ufw.allow(p)
- stderr("Rules set")
- except CalledProcessError,e:
- print e.stdout+e.stderr
- bail(E_FWRECONFIGFAILED,"Firewall rules could not be set")
-
- stderr("We are going to enable ufw now. This may disrupt network connectivity and service availability. See the ufw documentation for information on how to manage ufw firewall policies.")
- try:
- o = ufw.enable < "y\n" ; print o.stdout + o.stderr
- except CalledProcessError,e:
- print e.stdout+e.stderr
- bail(E_FWRECONFIGFAILED,"Firewall could not be enabled")
-
- cloud_utils.setup_consoleproxy_config("@CPSYSCONFDIR@/agent.properties", host, zone, pod)
- stderr("Enabling and starting the Cloud Console Proxy")
- cloud_utils.enable_service(servicename)
- stderr("Cloud Console Proxy restarted")
-
-if __name__ == "__main__":
- main()
-
-# FIXMES: 1) nullify networkmanager on ubuntu (asking the user first) and enable the networking service permanently
diff --git a/systemvm/conf.dom0/agent.properties.in b/systemvm/conf.dom0/agent.properties.in
deleted file mode 100644
index 1920481..0000000
--- a/systemvm/conf.dom0/agent.properties.in
+++ /dev/null
@@ -1,46 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# Sample configuration file for VMOPS console proxy
-
-instance=ConsoleProxy
-consoleproxy.httpListenPort=8002
-
-#resource= the java class, which agent load to execute
-resource=com.cloud.agent.resource.consoleproxy.ConsoleProxyResource
-
-#host= The IP address of management server
-host=localhost
-
-#port = The port management server listening on, default is 8250
-port=8250
-
-#pod= The pod, which agent belonged to
-pod=default
-
-#zone= The zone, which agent belonged to
-zone=default
-
-#private.network.device= the private nic device
-# if this is commented, it is autodetected on service startup
-# private.network.device=cloudbr0
-
-#public.network.device= the public nic device
-# if this is commented, it is autodetected on service startup
-# public.network.device=cloudbr0
-
-#guid= a GUID to identify the agent
diff --git a/systemvm/conf.dom0/consoleproxy.properties.in b/systemvm/conf.dom0/consoleproxy.properties.in
deleted file mode 100644
index a3cddbc..0000000
--- a/systemvm/conf.dom0/consoleproxy.properties.in
+++ /dev/null
@@ -1,23 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-consoleproxy.tcpListenPort=0
-consoleproxy.httpListenPort=80
-consoleproxy.httpCmdListenPort=8001
-consoleproxy.jarDir=./applet/
-consoleproxy.viewerLinger=180
-consoleproxy.reconnectMaxRetry=5
diff --git a/systemvm/conf.dom0/log4j-cloud.xml.in b/systemvm/conf.dom0/log4j-cloud.xml.in
deleted file mode 100644
index 0d78a95..0000000
--- a/systemvm/conf.dom0/log4j-cloud.xml.in
+++ /dev/null
@@ -1,111 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
-Licensed to the Apache Software Foundation (ASF) under one
-or more contributor license agreements. See the NOTICE file
-distributed with this work for additional information
-regarding copyright ownership. The ASF licenses this file
-to you under the Apache License, Version 2.0 (the
-"License"); you may not use this file except in compliance
-with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
-Unless required by applicable law or agreed to in writing,
-software distributed under the License is distributed on an
-"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-KIND, either express or implied. See the License for the
-specific language governing permissions and limitations
-under the License.
--->
-<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
-
-<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/" debug="false">
-
- <!-- ================================= -->
- <!-- Preserve messages in a local file -->
- <!-- ================================= -->
-
- <!-- A time/date based rolling appender -->
- <appender name="FILE" class="org.apache.log4j.rolling.RollingFileAppender">
- <param name="Append" value="true"/>
- <param name="Threshold" value="WARN"/>
- <rollingPolicy class="org.apache.log4j.rolling.TimeBasedRollingPolicy">
- <param name="FileNamePattern" value="@CPLOG@.%d{yyyy-MM-dd}.gz"/>
- <param name="ActiveFileName" value="@CPLOG@"/>
- </rollingPolicy>
- <layout class="org.apache.log4j.EnhancedPatternLayout">
- <param name="ConversionPattern" value="%d{ISO8601} %-5p [%c{3}] (%t:%x) (logid:%X{logcontextid}) %m%n"/>
- </layout>
- </appender>
-
- <!-- ============================== -->
- <!-- Append messages to the console -->
- <!-- ============================== -->
-
- <appender name="CONSOLE" class="org.apache.log4j.ConsoleAppender">
- <param name="Target" value="System.out"/>
- <param name="Threshold" value="WARN"/>
-
- <layout class="org.apache.log4j.PatternLayout">
- <param name="ConversionPattern" value="%d{ABSOLUTE} %5p %c{1}:%L - %m%n"/>
- </layout>
- </appender>
-
- <!-- ================ -->
- <!-- Limit categories -->
- <!-- ================ -->
-
- <category name="com.cloud.console.ConsoleCanvas">
- <priority value="WARN"/>
- </category>
-
- <category name="com.cloud.consoleproxy.ConsoleProxyAjaxImageHandler">
- <priority value="WARN"/>
- </category>
-
- <category name="com.cloud.consoleproxy.ConsoleProxyViwer">
- <priority value="WARN"/>
- </category>
-
- <category name="com.cloud.consoleproxy">
- <priority value="INFO"/>
- </category>
-
- <category name="com.cloud">
- <priority value="DEBUG"/>
- </category>
-
- <!-- Limit the org.apache category to INFO as its DEBUG is verbose -->
- <category name="org.apache">
- <priority value="INFO"/>
- </category>
-
- <category name="org">
- <priority value="INFO"/>
- </category>
-
- <category name="net">
- <priority value="INFO"/>
- </category>
-
- <!-- Limit the com.amazonaws category to INFO as its DEBUG is verbose -->
- <category name="com.amazonaws">
- <priority value="INFO"/>
- </category>
-
- <!-- Limit the httpclient.wire category to INFO as its DEBUG is verbose -->
- <category name="httpclient.wire">
- <priority value="INFO"/>
- </category>
-
- <!-- ======================= -->
- <!-- Setup the Root category -->
- <!-- ======================= -->
-
- <root>
- <level value="INFO"/>
- <appender-ref ref="CONSOLE"/>
- <appender-ref ref="FILE"/>
- </root>
-
-</log4j:configuration>
diff --git a/systemvm/conf/agent.properties.ssvm b/systemvm/conf/agent.properties.ssvm
deleted file mode 100644
index 2f87b88..0000000
--- a/systemvm/conf/agent.properties.ssvm
+++ /dev/null
@@ -1,21 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-#mount.path=~/secondary-storage/
-resource=org.apache.cloudstack.storage.resource.NfsSecondaryStorageResource
-testCifsMount=cifs://192.168.1.1/CSHV3?user=administrator&password=1pass%40word1
-#testLocalRoot=test
diff --git a/systemvm/distro/centos/SYSCONFDIR/rc.d/init.d/cloud-console-proxy.in b/systemvm/distro/centos/SYSCONFDIR/rc.d/init.d/cloud-console-proxy.in
deleted file mode 100644
index 3ec4d06..0000000
--- a/systemvm/distro/centos/SYSCONFDIR/rc.d/init.d/cloud-console-proxy.in
+++ /dev/null
@@ -1,96 +0,0 @@
-#!/bin/bash
-
-# chkconfig: 35 99 10
-# description: Cloud Console Proxy
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# WARNING: if this script is changed, then all other initscripts MUST BE changed to match it as well
-
-. /etc/rc.d/init.d/functions
-
-# set environment variables
-
-SHORTNAME=`basename $0`
-PIDFILE=@PIDDIR@/"$SHORTNAME".pid
-LOCKFILE=@LOCKDIR@/"$SHORTNAME"
-LOGFILE=@CPLOG@
-PROGNAME="Cloud Console Proxy"
-
-unset OPTIONS
-[ -r @SYSCONFDIR@/sysconfig/"$SHORTNAME" ] && source @SYSCONFDIR@/sysconfig/"$SHORTNAME"
-DAEMONIZE=@BINDIR@/@PACKAGE@-daemonize
-PROG=@LIBEXECDIR@/console-proxy-runner
-
-start() {
- echo -n $"Starting $PROGNAME: "
- if hostname --fqdn >/dev/null 2>&1 ; then
- daemon --check=$SHORTNAME --pidfile=${PIDFILE} "$DAEMONIZE" \
- -n "$SHORTNAME" -p "$PIDFILE" -l "$LOGFILE" "$PROG" $OPTIONS
- RETVAL=$?
- echo
- else
- failure
- echo
- echo The host name does not resolve properly to an IP address. Cannot start "$PROGNAME". > /dev/stderr
- RETVAL=9
- fi
- [ $RETVAL = 0 ] && touch ${LOCKFILE}
- return $RETVAL
-}
-
-stop() {
- echo -n $"Stopping $PROGNAME: "
- killproc -p ${PIDFILE} $SHORTNAME # -d 10 $SHORTNAME
- RETVAL=$?
- echo
- [ $RETVAL = 0 ] && rm -f ${LOCKFILE} ${PIDFILE}
-}
-
-
-# See how we were called.
-case "$1" in
- start)
- start
- ;;
- stop)
- stop
- ;;
- status)
- status -p ${PIDFILE} $SHORTNAME
- RETVAL=$?
- ;;
- restart)
- stop
- sleep 3
- start
- ;;
- condrestart)
- if status -p ${PIDFILE} $SHORTNAME >&/dev/null; then
- stop
- sleep 3
- start
- fi
- ;;
- *)
- echo $"Usage: $SHORTNAME {start|stop|restart|condrestart|status|help}"
- RETVAL=3
-esac
-
-exit $RETVAL
-
diff --git a/systemvm/distro/fedora/SYSCONFDIR/rc.d/init.d/cloud-console-proxy.in b/systemvm/distro/fedora/SYSCONFDIR/rc.d/init.d/cloud-console-proxy.in
deleted file mode 100644
index 3ec4d06..0000000
--- a/systemvm/distro/fedora/SYSCONFDIR/rc.d/init.d/cloud-console-proxy.in
+++ /dev/null
@@ -1,96 +0,0 @@
-#!/bin/bash
-
-# chkconfig: 35 99 10
-# description: Cloud Console Proxy
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# WARNING: if this script is changed, then all other initscripts MUST BE changed to match it as well
-
-. /etc/rc.d/init.d/functions
-
-# set environment variables
-
-SHORTNAME=`basename $0`
-PIDFILE=@PIDDIR@/"$SHORTNAME".pid
-LOCKFILE=@LOCKDIR@/"$SHORTNAME"
-LOGFILE=@CPLOG@
-PROGNAME="Cloud Console Proxy"
-
-unset OPTIONS
-[ -r @SYSCONFDIR@/sysconfig/"$SHORTNAME" ] && source @SYSCONFDIR@/sysconfig/"$SHORTNAME"
-DAEMONIZE=@BINDIR@/@PACKAGE@-daemonize
-PROG=@LIBEXECDIR@/console-proxy-runner
-
-start() {
- echo -n $"Starting $PROGNAME: "
- if hostname --fqdn >/dev/null 2>&1 ; then
- daemon --check=$SHORTNAME --pidfile=${PIDFILE} "$DAEMONIZE" \
- -n "$SHORTNAME" -p "$PIDFILE" -l "$LOGFILE" "$PROG" $OPTIONS
- RETVAL=$?
- echo
- else
- failure
- echo
- echo The host name does not resolve properly to an IP address. Cannot start "$PROGNAME". > /dev/stderr
- RETVAL=9
- fi
- [ $RETVAL = 0 ] && touch ${LOCKFILE}
- return $RETVAL
-}
-
-stop() {
- echo -n $"Stopping $PROGNAME: "
- killproc -p ${PIDFILE} $SHORTNAME # -d 10 $SHORTNAME
- RETVAL=$?
- echo
- [ $RETVAL = 0 ] && rm -f ${LOCKFILE} ${PIDFILE}
-}
-
-
-# See how we were called.
-case "$1" in
- start)
- start
- ;;
- stop)
- stop
- ;;
- status)
- status -p ${PIDFILE} $SHORTNAME
- RETVAL=$?
- ;;
- restart)
- stop
- sleep 3
- start
- ;;
- condrestart)
- if status -p ${PIDFILE} $SHORTNAME >&/dev/null; then
- stop
- sleep 3
- start
- fi
- ;;
- *)
- echo $"Usage: $SHORTNAME {start|stop|restart|condrestart|status|help}"
- RETVAL=3
-esac
-
-exit $RETVAL
-
diff --git a/systemvm/distro/rhel/SYSCONFDIR/rc.d/init.d/cloud-console-proxy.in b/systemvm/distro/rhel/SYSCONFDIR/rc.d/init.d/cloud-console-proxy.in
deleted file mode 100644
index 3ec4d06..0000000
--- a/systemvm/distro/rhel/SYSCONFDIR/rc.d/init.d/cloud-console-proxy.in
+++ /dev/null
@@ -1,96 +0,0 @@
-#!/bin/bash
-
-# chkconfig: 35 99 10
-# description: Cloud Console Proxy
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# WARNING: if this script is changed, then all other initscripts MUST BE changed to match it as well
-
-. /etc/rc.d/init.d/functions
-
-# set environment variables
-
-SHORTNAME=`basename $0`
-PIDFILE=@PIDDIR@/"$SHORTNAME".pid
-LOCKFILE=@LOCKDIR@/"$SHORTNAME"
-LOGFILE=@CPLOG@
-PROGNAME="Cloud Console Proxy"
-
-unset OPTIONS
-[ -r @SYSCONFDIR@/sysconfig/"$SHORTNAME" ] && source @SYSCONFDIR@/sysconfig/"$SHORTNAME"
-DAEMONIZE=@BINDIR@/@PACKAGE@-daemonize
-PROG=@LIBEXECDIR@/console-proxy-runner
-
-start() {
- echo -n $"Starting $PROGNAME: "
- if hostname --fqdn >/dev/null 2>&1 ; then
- daemon --check=$SHORTNAME --pidfile=${PIDFILE} "$DAEMONIZE" \
- -n "$SHORTNAME" -p "$PIDFILE" -l "$LOGFILE" "$PROG" $OPTIONS
- RETVAL=$?
- echo
- else
- failure
- echo
- echo The host name does not resolve properly to an IP address. Cannot start "$PROGNAME". > /dev/stderr
- RETVAL=9
- fi
- [ $RETVAL = 0 ] && touch ${LOCKFILE}
- return $RETVAL
-}
-
-stop() {
- echo -n $"Stopping $PROGNAME: "
- killproc -p ${PIDFILE} $SHORTNAME # -d 10 $SHORTNAME
- RETVAL=$?
- echo
- [ $RETVAL = 0 ] && rm -f ${LOCKFILE} ${PIDFILE}
-}
-
-
-# See how we were called.
-case "$1" in
- start)
- start
- ;;
- stop)
- stop
- ;;
- status)
- status -p ${PIDFILE} $SHORTNAME
- RETVAL=$?
- ;;
- restart)
- stop
- sleep 3
- start
- ;;
- condrestart)
- if status -p ${PIDFILE} $SHORTNAME >&/dev/null; then
- stop
- sleep 3
- start
- fi
- ;;
- *)
- echo $"Usage: $SHORTNAME {start|stop|restart|condrestart|status|help}"
- RETVAL=3
-esac
-
-exit $RETVAL
-
diff --git a/systemvm/distro/ubuntu/SYSCONFDIR/init.d/cloud-console-proxy.in b/systemvm/distro/ubuntu/SYSCONFDIR/init.d/cloud-console-proxy.in
deleted file mode 100755
index 0c7be73..0000000
--- a/systemvm/distro/ubuntu/SYSCONFDIR/init.d/cloud-console-proxy.in
+++ /dev/null
@@ -1,110 +0,0 @@
-#!/bin/bash
-
-# chkconfig: 35 99 10
-# description: Cloud Console Proxy
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# WARNING: if this script is changed, then all other initscripts MUST BE changed to match it as well
-
-. /lib/lsb/init-functions
-. /etc/default/rcS
-
-# set environment variables
-
-SHORTNAME=`basename $0`
-PIDFILE=@PIDDIR@/"$SHORTNAME".pid
-LOCKFILE=@LOCKDIR@/"$SHORTNAME"
-LOGFILE=@CPLOG@
-PROGNAME="Cloud Console Proxy"
-
-unset OPTIONS
-[ -r @SYSCONFDIR@/default/"$SHORTNAME" ] && source @SYSCONFDIR@/default/"$SHORTNAME"
-DAEMONIZE=@BINDIR@/@PACKAGE@-daemonize
-PROG=@LIBEXECDIR@/console-proxy-runner
-
-start() {
- log_daemon_msg $"Starting $PROGNAME" "$SHORTNAME"
- if [ -s "$PIDFILE" ] && kill -0 $(cat "$PIDFILE") >/dev/null 2>&1; then
- log_progress_msg "apparently already running"
- log_end_msg 0
- exit 0
- fi
- if hostname --fqdn >/dev/null 2>&1 ; then
- true
- else
- log_failure_msg "The host name does not resolve properly to an IP address. Cannot start $PROGNAME"
- log_end_msg 1
- exit 1
- fi
-
- if start-stop-daemon --start --quiet \
- --pidfile "$PIDFILE" \
- --exec "$DAEMONIZE" -- -n "$SHORTNAME" -p "$PIDFILE" -l "$LOGFILE" "$PROG" $OPTIONS
- RETVAL=$?
- then
- rc=0
- sleep 1
- if ! kill -0 $(cat "$PIDFILE") >/dev/null 2>&1; then
- log_failure_msg "$PROG failed to start"
- rc=1
- fi
- else
- rc=1
- fi
-
- if [ $rc -eq 0 ]; then
- log_end_msg 0
- else
- log_end_msg 1
- rm -f "$PIDFILE"
- fi
-}
-
-stop() {
- echo -n $"Stopping $PROGNAME" "$SHORTNAME"
- start-stop-daemon --stop --quiet --oknodo --pidfile "$PIDFILE"
- log_end_msg $?
- rm -f "$PIDFILE"
-}
-
-
-# See how we were called.
-case "$1" in
- start)
- start
- ;;
- stop)
- stop
- ;;
- status)
- status_of_proc -p "$PIDFILE" "$PROG" "$SHORTNAME"
- RETVAL=$?
- ;;
- restart)
- stop
- sleep 3
- start
- ;;
- *)
- echo $"Usage: $SHORTNAME {start|stop|restart|status|help}"
- RETVAL=3
-esac
-
-exit $RETVAL
-
diff --git a/systemvm/libexec/console-proxy-runner.in b/systemvm/libexec/console-proxy-runner.in
deleted file mode 100755
index 4f18aab..0000000
--- a/systemvm/libexec/console-proxy-runner.in
+++ /dev/null
@@ -1,90 +0,0 @@
-#!/usr/bin/env bash
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-#run.sh runs the agent client.
-
-cd `dirname "$0"`
-
-SYSTEMJARS="@SYSTEMJARS@"
-SCP=$(build-classpath $SYSTEMJARS) ; if [ $? != 0 ] ; then SCP="@SYSTEMCLASSPATH@" ; fi
-DCP="@DEPSCLASSPATH@"
-ACP="@AGENTCLASSPATH@"
-export CLASSPATH=$SCP:$DCP:$ACP:@CPSYSCONFDIR@
-for jarfile in "@PREMIUMJAVADIR@"/* ; do
- if [ ! -e "$jarfile" ] ; then continue ; fi
- CLASSPATH=$jarfile:$CLASSPATH
-done
-for plugin in "@PLUGINJAVADIR@"/* ; do
- if [ ! -e "$plugin" ] ; then continue ; fi
- CLASSPATH=$plugin:$CLASSPATH
-done
-export CLASSPATH
-
-set -e
-cd "@CPLIBDIR@"
-echo Current directory is "$PWD"
-echo CLASSPATH to run the console proxy: "$CLASSPATH"
-
-export PATH=/sbin:/usr/sbin:"$PATH"
-SERVICEARGS=
-for x in private public ; do
- configuration=`grep -q "^$x.network.device" "@CPSYSCONFDIR@"/agent.properties || true`
- if [ -n "$CONFIGURATION" ] ; then
- echo "Using manually-configured network device $CONFIGURATION"
- else
- defaultroute=`ip route | grep ^default | cut -d ' ' -f 5`
- test -n "$defaultroute"
- echo "Using auto-discovered network device $defaultroute which is the default route"
- SERVICEARGS="$SERVICEARGS $x.network.device="$defaultroute
- fi
-done
-
-function termagent() {
- if [ "$agentpid" != "" ] ; then
- echo Killing VMOps Console Proxy "(PID $agentpid)" with SIGTERM >&2
- kill -TERM $agentpid
- echo Waiting for agent to exit >&2
- wait $agentpid
- ex=$?
- echo Agent exited with return code $ex >&2
- else
- echo Agent PID is unknown >&2
- fi
-}
-
-trap termagent TERM
-while true ; do
- java -Xms128M -Xmx384M -cp "$CLASSPATH" "$@" com.cloud.agent.AgentShell $SERVICEARGS &
- agentpid=$!
- echo "Console Proxy started. PID: $!" >&2
- wait $agentpid
- ex=$?
- if [ $ex -gt 128 ]; then
- echo "wait on console proxy process interrupted by SIGTERM" >&2
- exit $ex
- fi
- echo "Console proxy exited with return code $ex" >&2
- if [ $ex -eq 0 ] || [ $ex -eq 1 ] || [ $ex -eq 66 ] || [ $ex -gt 128 ]; then
- echo "Exiting..." > /dev/stderr
- exit $ex
- fi
- echo "Restarting console proxy..." > /dev/stderr
- sleep 1
-done
diff --git a/systemvm/patches/debian/README b/systemvm/patches/debian/README
deleted file mode 100644
index 5d79c35..0000000
--- a/systemvm/patches/debian/README
+++ /dev/null
@@ -1,34 +0,0 @@
-####################################################
- Note there is a new systemvm build script based on
- Veewee(Vagrant) under tools/appliance.
-####################################################
-
-1. The buildsystemvm.sh script builds a 32-bit system vm disk based on the Debian Squeeze distro. This system vm can boot on any hypervisor thanks to the pvops support in the kernel. It is fully automated
-2. The files under config/ are the specific tweaks to the default Debian configuration that are required for CloudStack operation.
-3. The variables at the top of the buildsystemvm.sh script can be customized:
- IMAGENAME=systemvm # dont touch this
- LOCATION=/var/lib/images/systemvm #
- MOUNTPOINT=/mnt/$IMAGENAME/ # this is where the image is mounted on your host while the vm image is built
- IMAGELOC=$LOCATION/$IMAGENAME.img
- PASSWORD=password # password for the vm
- APT_PROXY= #you can put in an APT cacher such as apt-cacher-ng
- HOSTNAME=systemvm # dont touch this
- SIZE=2000 # dont touch this for now
- DEBIAN_MIRROR=ftp.us.debian.org/debian
- MINIMIZE=true # if this is true, a lot of docs, fonts, locales and apt cache is wiped out
-
-4. The systemvm includes the (non-free) Sun JRE. You can put in the standard debian jre-headless package instead but it pulls in X and bloats the image.
-5. You need to be 'root' to run the buildsystemvm.sh script
-6. The image is a raw image. You can run the convert.sh tool to produce images suitable for Citrix Xenserver, VMWare and KVM.
- * Conversion to Citrix Xenserver VHD format requires the vhd-util tool. You can use the
- -- checked in config/bin/vhd-util) OR
- -- build the vhd-util tool yourself as follows:
- a. The xen repository has a tool called vhd-util that compiles and runs on any linux system (http://xenbits.xensource.com/xen-4.0-testing.hg?file/8e8dd38374e9/tools/blktap2/vhd/ or full Xen source at http://www.xen.org/products/xen_source.html).
- b. Apply this patch: http://lists.xensource.com/archives/cgi-bin/mesg.cgi?a=xen-devel&i=006101cb22f6%242004dd40%24600e97c0%24%40zhuo%40cloudex.cn.
- c. Build the vhd-util tool
- cd tools/blktap2
- make
- sudo make install
- * Conversion to ova (VMWare) requires the ovf tool, available from
- http://communities.vmware.com/community/vmtn/server/vsphere/automationtools/ovf
- * Conversion to QCOW2 requires qemu-img
diff --git a/systemvm/patches/debian/config.dat b/systemvm/patches/debian/config.dat
deleted file mode 100644
index b16638f..0000000
--- a/systemvm/patches/debian/config.dat
+++ /dev/null
@@ -1,398 +0,0 @@
-Name: adduser/homedir-permission
-Template: adduser/homedir-permission
-Value: true
-Owners: adduser
-
-Name: ca-certificates/enable_crts
-Template: ca-certificates/enable_crts
-Value: brasil.gov.br/brasil.gov.br.crt, cacert.org/cacert.org.crt, cacert.org/class3.crt, cacert.org/root.crt, debconf.org/ca.crt, gouv.fr/cert_igca_dsa.crt, gouv.fr/cert_igca_rsa.crt, mozilla/ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.crt, mozilla/AddTrust_External_Root.crt, mozilla/AddTrust_Low-Value_Services_Root.crt, mozilla/AddTrust_Public_Services_Root.crt, mozilla/AddTrust_Qualified_Certificates_Root.crt, mozilla/America_Online_Root_Certification_Authority_1.crt, mozilla/America_On [...]
-Owners: ca-certificates
-Variables:
- enable_crts = brasil.gov.br/brasil.gov.br.crt, cacert.org/cacert.org.crt, cacert.org/class3.crt, cacert.org/root.crt, debconf.org/ca.crt, gouv.fr/cert_igca_dsa.crt, gouv.fr/cert_igca_rsa.crt, mozilla/ABAecom_=sub.__Am._Bankers_Assn.=_Root_CA.crt, mozilla/AddTrust_External_Root.crt, mozilla/AddTrust_Low-Value_Services_Root.crt, mozilla/AddTrust_Public_Services_Root.crt, mozilla/AddTrust_Qualified_Certificates_Root.crt, mozilla/America_Online_Root_Certification_Authority_1.crt, mozilla/Am [...]
-
-Name: ca-certificates/new_crts
-Template: ca-certificates/new_crts
-Owners: ca-certificates
-Variables:
- new_crts =
-
-Name: ca-certificates/trust_new_crts
-Template: ca-certificates/trust_new_crts
-Value: yes
-Owners: ca-certificates
-
-Name: debconf-apt-progress/info
-Template: debconf-apt-progress/info
-Owners: debconf
-
-Name: debconf-apt-progress/media-change
-Template: debconf-apt-progress/media-change
-Owners: debconf
-
-Name: debconf-apt-progress/preparing
-Template: debconf-apt-progress/preparing
-Owners: debconf
-
-Name: debconf-apt-progress/title
-Template: debconf-apt-progress/title
-Owners: debconf
-
-Name: debconf/frontend
-Template: debconf/frontend
-Value: noninteractive
-Owners: debconf
-
-Name: debconf/priority
-Template: debconf/priority
-Value: high
-Owners: debconf
-
-Name: dhcp3-client/dhclient-needs-restarting
-Template: dhcp3-client/dhclient-needs-restarting
-Owners: dhcp3-client
-
-Name: dhcp3-client/dhclient-script_moved
-Template: dhcp3-client/dhclient-script_moved
-Owners: dhcp3-client
-
-Name: glibc/restart-failed
-Template: glibc/restart-failed
-Owners: libc6
-
-Name: glibc/restart-services
-Template: glibc/restart-services
-Owners: libc6
-
-Name: glibc/upgrade
-Template: glibc/upgrade
-Owners: libc6
-
-Name: libpam-modules/disable-screensaver
-Template: libpam-modules/disable-screensaver
-Owners: libpam-modules
-
-Name: libpam0g/restart-failed
-Template: libpam0g/restart-failed
-Owners: libpam0g
-
-Name: libpam0g/restart-services
-Template: libpam0g/restart-services
-Owners: libpam0g
-
-Name: libpam0g/xdm-needs-restart
-Template: libpam0g/xdm-needs-restart
-Owners: libpam0g
-
-Name: libssl0.9.8/restart-failed
-Template: libssl0.9.8/restart-failed
-Owners: libssl0.9.8
-
-Name: libssl0.9.8/restart-services
-Template: libssl0.9.8/restart-services
-Owners: libssl0.9.8
-
-Name: linux-base/disk-id-convert-auto
-Template: linux-base/disk-id-convert-auto
-Owners: linux-base
-
-Name: linux-base/disk-id-convert-plan
-Template: linux-base/disk-id-convert-plan
-Owners: linux-base
-
-Name: linux-base/disk-id-convert-plan-no-relabel
-Template: linux-base/disk-id-convert-plan-no-relabel
-Owners: linux-base
-
-Name: linux-base/disk-id-manual
-Template: linux-base/disk-id-manual
-Owners: linux-base
-
-Name: linux-base/disk-id-manual-boot-loader
-Template: linux-base/disk-id-manual-boot-loader
-Owners: linux-base
-
-Name: linux-image-2.6.32-bpo.5-686/postinst/bootloader-error-2.6.32-bpo.5-686
-Template: linux-image-2.6.32-bpo.5-686/postinst/bootloader-error-2.6.32-bpo.5-686
-Owners: linux-image-2.6.32-bpo.5-686
-
-Name: linux-image-2.6.32-bpo.5-686/postinst/bootloader-test-error-2.6.32-bpo.5-686
-Template: linux-image-2.6.32-bpo.5-686/postinst/bootloader-test-error-2.6.32-bpo.5-686
-Owners: linux-image-2.6.32-bpo.5-686
-
-Name: linux-image-2.6.32-bpo.5-686/postinst/depmod-error-initrd-2.6.32-bpo.5-686
-Template: linux-image-2.6.32-bpo.5-686/postinst/depmod-error-initrd-2.6.32-bpo.5-686
-Owners: linux-image-2.6.32-bpo.5-686
-
-Name: linux-image-2.6.32-bpo.5-686/postinst/missing-firmware-2.6.32-bpo.5-686
-Template: linux-image-2.6.32-bpo.5-686/postinst/missing-firmware-2.6.32-bpo.5-686
-Owners: linux-image-2.6.32-bpo.5-686
-
-Name: linux-image-2.6.32-bpo.5-686/prerm/removing-running-kernel-2.6.32-bpo.5-686
-Template: linux-image-2.6.32-bpo.5-686/prerm/removing-running-kernel-2.6.32-bpo.5-686
-Owners: linux-image-2.6.32-bpo.5-686
-
-Name: linux-image-2.6.32-bpo.5-686/prerm/would-invalidate-boot-loader-2.6.32-bpo.5-686
-Template: linux-image-2.6.32-bpo.5-686/prerm/would-invalidate-boot-loader-2.6.32-bpo.5-686
-Owners: linux-image-2.6.32-bpo.5-686
-
-Name: linux-image-2.6.32-bpo.5-xen-686/postinst/bootloader-error-2.6.32-bpo.5-xen-686
-Template: linux-image-2.6.32-bpo.5-xen-686/postinst/bootloader-error-2.6.32-bpo.5-xen-686
-Owners: linux-image-2.6.32-bpo.5-xen-686
-
-Name: linux-image-2.6.32-bpo.5-xen-686/postinst/bootloader-test-error-2.6.32-bpo.5-xen-686
-Template: linux-image-2.6.32-bpo.5-xen-686/postinst/bootloader-test-error-2.6.32-bpo.5-xen-686
-Owners: linux-image-2.6.32-bpo.5-xen-686
-
-Name: linux-image-2.6.32-bpo.5-xen-686/postinst/depmod-error-initrd-2.6.32-bpo.5-xen-686
-Template: linux-image-2.6.32-bpo.5-xen-686/postinst/depmod-error-initrd-2.6.32-bpo.5-xen-686
-Owners: linux-image-2.6.32-bpo.5-xen-686
-
-Name: linux-image-2.6.32-bpo.5-xen-686/postinst/missing-firmware-2.6.32-bpo.5-xen-686
-Template: linux-image-2.6.32-bpo.5-xen-686/postinst/missing-firmware-2.6.32-bpo.5-xen-686
-Owners: linux-image-2.6.32-bpo.5-xen-686
-
-Name: linux-image-2.6.32-bpo.5-xen-686/prerm/removing-running-kernel-2.6.32-bpo.5-xen-686
-Template: linux-image-2.6.32-bpo.5-xen-686/prerm/removing-running-kernel-2.6.32-bpo.5-xen-686
-Owners: linux-image-2.6.32-bpo.5-xen-686
-
-Name: linux-image-2.6.32-bpo.5-xen-686/prerm/would-invalidate-boot-loader-2.6.32-bpo.5-xen-686
-Template: linux-image-2.6.32-bpo.5-xen-686/prerm/would-invalidate-boot-loader-2.6.32-bpo.5-xen-686
-Owners: linux-image-2.6.32-bpo.5-xen-686
-
-Name: locales/default_environment_locale
-Template: locales/default_environment_locale
-Value: en_US.UTF-8
-Owners: locales
-Variables:
- locales = en_US.UTF-8
-
-Name: locales/locales_to_be_generated
-Template: locales/locales_to_be_generated
-Value: en_US.UTF-8 UTF-8
-Owners: locales
-Variables:
- locales = aa_DJ ISO-8859-1, aa_DJ.UTF-8 UTF-8, aa_ER UTF-8, aa_ER@saaho UTF-8, aa_ET UTF-8, af_ZA ISO-8859-1, af_ZA.UTF-8 UTF-8, am_ET UTF-8, an_ES ISO-8859-15, an_ES.UTF-8 UTF-8, ar_AE ISO-8859-6, ar_AE.UTF-8 UTF-8, ar_BH ISO-8859-6, ar_BH.UTF-8 UTF-8, ar_DZ ISO-8859-6, ar_DZ.UTF-8 UTF-8, ar_EG ISO-8859-6, ar_EG.UTF-8 UTF-8, ar_IN UTF-8, ar_IQ ISO-8859-6, ar_IQ.UTF-8 UTF-8, ar_JO ISO-8859-6, ar_JO.UTF-8 UTF-8, ar_KW ISO-8859-6, ar_KW.UTF-8 UTF-8, ar_LB ISO-8859-6, ar_LB.UTF-8 UTF-8, ar [...]
-
-Name: openswan/create_rsa_key
-Template: openswan/create_rsa_key
-Value: true
-Owners: openswan
-Flags: seen
-
-Name: openswan/enable-oe
-Template: openswan/enable-oe
-Value: false
-Owners: openswan
-Flags: seen
-
-Name: openswan/existing_x509_certificate
-Template: openswan/existing_x509_certificate
-Value: false
-Owners: openswan
-Flags: seen
-
-Name: openswan/existing_x509_certificate_filename
-Template: openswan/existing_x509_certificate_filename
-Owners: openswan
-
-Name: openswan/existing_x509_key_filename
-Template: openswan/existing_x509_key_filename
-Owners: openswan
-
-Name: openswan/restart
-Template: openswan/restart
-Value: true
-Owners: openswan
-
-Name: openswan/rsa_key_length
-Template: openswan/rsa_key_length
-Value: 2048
-Owners: openswan
-
-Name: openswan/rsa_key_type
-Template: openswan/rsa_key_type
-Value: x509
-Owners: openswan
-Flags: seen
-
-Name: openswan/start_level
-Template: openswan/start_level
-Value: earliest
-Owners: openswan
-
-Name: openswan/x509_common_name
-Template: openswan/x509_common_name
-Value:
-Owners: openswan
-
-Name: openswan/x509_country_code
-Template: openswan/x509_country_code
-Value: AT
-Owners: openswan
-
-Name: openswan/x509_email_address
-Template: openswan/x509_email_address
-Value:
-Owners: openswan
-
-Name: openswan/x509_locality_name
-Template: openswan/x509_locality_name
-Value:
-Owners: openswan
-
-Name: openswan/x509_organization_name
-Template: openswan/x509_organization_name
-Value:
-Owners: openswan
-
-Name: openswan/x509_organizational_unit
-Template: openswan/x509_organizational_unit
-Value:
-Owners: openswan
-
-Name: openswan/x509_self_signed
-Template: openswan/x509_self_signed
-Value: true
-Owners: openswan
-Flags: seen
-
-Name: openswan/x509_state_name
-Template: openswan/x509_state_name
-Value:
-Owners: openswan
-
-Name: portmap/loopback
-Template: portmap/loopback
-Value: false
-Owners: portmap
-
-Name: shared/accepted-sun-dlj-v1-1
-Template: shared/accepted-sun-dlj-v1-1
-Value: true
-Owners: sun-java6-bin, sun-java6-jre
-Flags: seen
-
-Name: shared/error-sun-dlj-v1-1
-Template: shared/error-sun-dlj-v1-1
-Owners: sun-java6-bin, sun-java6-jre
-
-Name: shared/kernel-image/really-run-bootloader
-Template: shared/kernel-image/really-run-bootloader
-Owners: linux-image-2.6.32-bpo.5-686, linux-image-2.6.32-bpo.5-xen-686
-
-Name: shared/present-sun-dlj-v1-1
-Template: shared/present-sun-dlj-v1-1
-Value: true
-Owners: sun-java6-bin, sun-java6-jre
-Flags: seen
-
-Name: ssh/disable_cr_auth
-Template: ssh/disable_cr_auth
-Owners: openssh-server
-
-Name: ssh/encrypted_host_key_but_no_keygen
-Template: ssh/encrypted_host_key_but_no_keygen
-Owners: openssh-server
-
-Name: ssh/new_config
-Template: ssh/new_config
-Owners: openssh-server
-
-Name: ssh/use_old_init_script
-Template: ssh/use_old_init_script
-Value: true
-Owners: openssh-server
-Flags: seen
-
-Name: ssh/vulnerable_host_keys
-Template: ssh/vulnerable_host_keys
-Owners: openssh-server
-
-Name: sun-java6-jre/jcepolicy
-Template: sun-java6-jre/jcepolicy
-Owners: sun-java6-jre
-
-Name: sun-java6-jre/stopthread
-Template: sun-java6-jre/stopthread
-Owners: sun-java6-jre
-
-Name: tzdata/Areas
-Template: tzdata/Areas
-Value: Etc
-Owners: tzdata
-Flags: seen
-
-Name: tzdata/Zones/Africa
-Template: tzdata/Zones/Africa
-Owners: tzdata
-
-Name: tzdata/Zones/America
-Template: tzdata/Zones/America
-Owners: tzdata
-
-Name: tzdata/Zones/Antarctica
-Template: tzdata/Zones/Antarctica
-Owners: tzdata
-
-Name: tzdata/Zones/Arctic
-Template: tzdata/Zones/Arctic
-Owners: tzdata
-
-Name: tzdata/Zones/Asia
-Template: tzdata/Zones/Asia
-Owners: tzdata
-
-Name: tzdata/Zones/Atlantic
-Template: tzdata/Zones/Atlantic
-Owners: tzdata
-
-Name: tzdata/Zones/Australia
-Template: tzdata/Zones/Australia
-Owners: tzdata
-
-Name: tzdata/Zones/Etc
-Template: tzdata/Zones/Etc
-Value: UTC
-Owners: tzdata
-Flags: seen
-
-Name: tzdata/Zones/Europe
-Template: tzdata/Zones/Europe
-Owners: tzdata
-
-Name: tzdata/Zones/Indian
-Template: tzdata/Zones/Indian
-Owners: tzdata
-
-Name: tzdata/Zones/Pacific
-Template: tzdata/Zones/Pacific
-Owners: tzdata
-
-Name: tzdata/Zones/SystemV
-Template: tzdata/Zones/SystemV
-Owners: tzdata
-
-Name: ucf/changeprompt
-Template: ucf/changeprompt
-Owners: ucf
-
-Name: ucf/changeprompt_threeway
-Template: ucf/changeprompt_threeway
-Owners: ucf
-
-Name: ucf/show_diff
-Template: ucf/show_diff
-Owners: ucf
-
-Name: ucf/title
-Template: ucf/title
-Owners: ucf
-
-Name: udev/new_kernel_needed
-Template: udev/new_kernel_needed
-Owners: udev
-
-Name: udev/reboot_needed
-Template: udev/reboot_needed
-Owners: udev
-
diff --git a/systemvm/patches/debian/config/etc/chef/node.json b/systemvm/patches/debian/config/etc/chef/node.json
deleted file mode 100644
index 1b23e33..0000000
--- a/systemvm/patches/debian/config/etc/chef/node.json
+++ /dev/null
@@ -1,5 +0,0 @@
-{
- "run_list": [
- "recipe[csip::default]"
- ]
-}
diff --git a/systemvm/patches/debian/config/etc/chef/solo.rb b/systemvm/patches/debian/config/etc/chef/solo.rb
deleted file mode 100644
index 3207dd1..0000000
--- a/systemvm/patches/debian/config/etc/chef/solo.rb
+++ /dev/null
@@ -1,21 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-data_bags_path "/var/chef/data_bags"
-cookbook_path "/var/chef/cookbooks"
-log_level :debug
-log_location STDOUT
diff --git a/systemvm/patches/debian/config/opt/cloud/templates/README b/systemvm/patches/debian/config/opt/cloud/templates/README
deleted file mode 100644
index ffd68a9..0000000
--- a/systemvm/patches/debian/config/opt/cloud/templates/README
+++ /dev/null
@@ -1,2 +0,0 @@
-These are the templates for the redundant router
-and redundant vpc_router
diff --git a/systemvm/patches/debian/config/opt/cloud/templates/arping_gateways.sh.templ b/systemvm/patches/debian/config/opt/cloud/templates/arping_gateways.sh.templ
deleted file mode 100644
index 931c959..0000000
--- a/systemvm/patches/debian/config/opt/cloud/templates/arping_gateways.sh.templ
+++ /dev/null
@@ -1,29 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-ip link|grep BROADCAST|grep -v eth0|grep -v eth1|cut -d ":" -f 2 > /tmp/iflist
-while read i
-do
- ip addr show $i|grep "inet " > /tmp/iplist_$i
- while read line
- do
- ip=`echo $line|cut -d " " -f 2|cut -d "/" -f 1`
- arping -I $i -A $ip -c 1 >> [RROUTER_LOG] 2>&1
- arping -I $i -A $ip -c 1 >> [RROUTER_LOG] 2>&1
- done < /tmp/iplist_$i
-done < /tmp/iflist
-sleep 1
diff --git a/systemvm/patches/debian/config/opt/cloud/templates/check_bumpup.sh b/systemvm/patches/debian/config/opt/cloud/templates/check_bumpup.sh
deleted file mode 100644
index 7682bad..0000000
--- a/systemvm/patches/debian/config/opt/cloud/templates/check_bumpup.sh
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-cat /tmp/rrouter_bumped
diff --git a/systemvm/patches/debian/config/opt/cloud/testdata/acl0001.json b/systemvm/patches/debian/config/opt/cloud/testdata/acl0001.json
deleted file mode 100644
index 4a07b40..0000000
--- a/systemvm/patches/debian/config/opt/cloud/testdata/acl0001.json
+++ /dev/null
@@ -1,54 +0,0 @@
-{
- "eth2": {
- "device": "eth2",
- "egress_rules": [
- {
- "allowed": false,
- "cidr": "10.0.6.0/8",
- "first_port": 60,
- "last_port": 60,
- "type": "tcp"
- }
- ],
- "ingress_rules": [
- {
- "allowed": true,
- "cidr": "10.0.1.0/8",
- "protocol": 41,
- "type": "protocol"
- },
- {
- "allowed": true,
- "cidr": "10.0.4.0/8",
- "type": "all"
- },
- {
- "allowed": true,
- "cidr": "10.0.3.0/8",
- "icmp_code": -1,
- "icmp_type": -1,
- "type": "icmp"
- },
- {
- "allowed": true,
- "cidr": "10.0.2.0/8",
- "first_port": 40,
- "last_port": 40,
- "type": "udp"
- },
- {
- "allowed": true,
- "cidr": "10.0.1.0/8",
- "first_port": 30,
- "last_port": 30,
- "type": "tcp"
- }
- ],
- "mac_address": "02:00:0d:7b:00:04",
- "nic_ip": "172.16.1.1",
- "nic_netmask": "24",
- "private_gateway_acl": false,
- "type": "networkacl"
- },
- "id": "networkacl"
-}
diff --git a/systemvm/patches/debian/config/root/redundant_router/backup.sh.templ b/systemvm/patches/debian/config/root/redundant_router/backup.sh.templ
deleted file mode 100644
index 32c811b..0000000
--- a/systemvm/patches/debian/config/root/redundant_router/backup.sh.templ
+++ /dev/null
@@ -1,39 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-sleep 1
-
-source /root/func.sh
-
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
- exit 1
-fi
-
-echo To backup called >> [RROUTER_LOG]
-[RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1
-echo Disable public ip $? >> [RROUTER_LOG]
-[RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1
-[RROUTER_BIN_PATH]/primary-backup.sh backup >> [RROUTER_LOG] 2>&1
-echo Switch conntrackd mode backup $? >> [RROUTER_LOG]
-echo Status: BACKUP >> [RROUTER_LOG]
-
-releaseLockFile $lock $locked
-exit 0
diff --git a/systemvm/patches/debian/config/root/redundant_router/check_heartbeat.sh.templ b/systemvm/patches/debian/config/root/redundant_router/check_heartbeat.sh.templ
deleted file mode 100755
index 4253b29..0000000
--- a/systemvm/patches/debian/config/root/redundant_router/check_heartbeat.sh.templ
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-ROUTER_BIN_PATH=/ramdisk/rrouter
-STRIKE_FILE="$ROUTER_BIN_PATH/keepalived.strikes"
-
-if [ -e [RROUTER_BIN_PATH]/keepalived.ts2 ]
-then
- lasttime=$(cat [RROUTER_BIN_PATH]/keepalived.ts2)
- thistime=$(cat [RROUTER_BIN_PATH]/keepalived.ts)
- diff=$(($thistime - $lasttime))
- s=0
- if [ $diff -lt 30 ]
- then
- if [ -e $STRIKE_FILE ]
- then
- s=`cat $STRIKE_FILE 2>/dev/null`
- fi
- s=$(($s+1))
- echo $s > $STRIKE_FILE
- else
- if [ -e $STRIKE_FILE ]
- then
- rm $STRIKE_FILE
- else
- echo keepalived.strikes file does not exist! >> $ROUTER_LOG
- fi
- fi
- #3 strikes rule
- if [ $s -gt 2 ]
- then
- echo Keepalived process is dead! >> [RROUTER_LOG]
- [RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1
- [RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1
- [RROUTER_BIN_PATH]/primary-backup.sh fault >> [RROUTER_LOG] 2>&1
- service keepalived stop >> [RROUTER_LOG] 2>&1
- service conntrackd stop >> [RROUTER_LOG] 2>&1
- pkill -9 keepalived >> [RROUTER_LOG] 2>&1
- pkill -9 conntrackd >> [RROUTER_LOG] 2>&1
- echo Status: FAULT \(keepalived process is dead\) >> [RROUTER_LOG]
- exit
- fi
-fi
-
-cp [RROUTER_BIN_PATH]/keepalived.ts [RROUTER_BIN_PATH]/keepalived.ts2
diff --git a/systemvm/patches/debian/config/root/redundant_router/checkrouter.sh.templ b/systemvm/patches/debian/config/root/redundant_router/checkrouter.sh.templ
deleted file mode 100755
index fbf4f0f..0000000
--- a/systemvm/patches/debian/config/root/redundant_router/checkrouter.sh.templ
+++ /dev/null
@@ -1,56 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-source /root/func.sh
-
-nolock=0
-if [ $# -eq 1 ]
-then
- if [ $1 == "--no-lock" ]
- then
- nolock=1
- fi
-fi
-
-if [ $nolock -eq 0 ]
-then
- lock="biglock"
- locked=$(getLockFile $lock)
- if [ "$locked" != "1" ]
- then
- exit 1
- fi
-fi
-
-bumped="Bumped: NO"
-if [ -e /tmp/rrouter_bumped ]
-then
- bumped="Bumped: YES"
-fi
-
-stat=`tail -n 1 [RROUTER_LOG] | grep "Status"`
-if [ $? -eq 0 ]
-then
- echo "$stat&$bumped"
-fi
-
-if [ $nolock -eq 0 ]
-then
- unlock_exit $? $lock $locked
-fi
diff --git a/systemvm/patches/debian/config/root/redundant_router/conntrackd.conf.templ b/systemvm/patches/debian/config/root/redundant_router/conntrackd.conf.templ
deleted file mode 100644
index 091de10..0000000
--- a/systemvm/patches/debian/config/root/redundant_router/conntrackd.conf.templ
+++ /dev/null
@@ -1,401 +0,0 @@
-#
-# Synchronizer settings
-#
-Sync {
- Mode FTFW {
- #
- # Size of the resend queue (in objects). This is the maximum
- # number of objects that can be stored waiting to be confirmed
- # via acknoledgment. If you keep this value low, the daemon
- # will have less chances to recover state-changes under message
- # omission. On the other hand, if you keep this value high,
- # the daemon will consume more memory to store dead objects.
- # Default is 131072 objects.
- #
- # ResendQueueSize 131072
-
- #
- # This parameter allows you to set an initial fixed timeout
- # for the committed entries when this node goes from backup
- # to primary. This mechanism provides a way to purge entries
- # that were not recovered appropriately after the specified
- # fixed timeout. If you set a low value, TCP entries in
- # Established states with no traffic may hang. For example,
- # an SSH connection without KeepAlive enabled. If not set,
- # the daemon uses an approximate timeout value calculation
- # mechanism. By default, this option is not set.
- #
- # CommitTimeout 180
-
- #
- # If the firewall replica goes from primary to backup,
- # the conntrackd -t command is invoked in the script.
- # This command schedules a flush of the table in N seconds.
- # This is useful to purge the connection tracking table of
- # zombie entries and avoid clashes with old entries if you
- # trigger several consecutive hand-overs. Default is 60 seconds.
- #
- # PurgeTimeout 60
-
- # Set the acknowledgement window size. If you decrease this
- # value, the number of acknowlegdments increases. More
- # acknowledgments means more overhead as conntrackd has to
- # handle more control messages. On the other hand, if you
- # increase this value, the resend queue gets more populated.
- # This results in more overhead in the queue releasing.
- # The following value is based on some practical experiments
- # measuring the cycles spent by the acknowledgment handling
- # with oprofile. If not set, default window size is 300.
- #
- # ACKWindowSize 300
-
- #
- # This clause allows you to disable the external cache. Thus,
- # the state entries are directly injected into the kernel
- # conntrack table. As a result, you save memory in user-space
- # but you consume slots in the kernel conntrack table for
- # backup state entries. Moreover, disabling the external cache
- # means more CPU consumption. You need a Linux kernel
- # >= 2.6.29 to use this feature. By default, this clause is
- # set off. If you are installing conntrackd for first time,
- # please read the user manual and I encourage you to consider
- # using the fail-over scripts instead of enabling this option!
- #
- # DisableExternalCache Off
- }
-
- #
- # Multicast IP and interface where messages are
- # broadcasted (dedicated link). IMPORTANT: Make sure
- # that iptables accepts traffic for destination
- # 225.0.0.50, eg:
- #
- # iptables -I INPUT -d 225.0.0.50 -j ACCEPT
- # iptables -I OUTPUT -d 225.0.0.50 -j ACCEPT
- #
- Multicast {
- #
- # Multicast address: The address that you use as destination
- # in the synchronization messages. You do not have to add
- # this IP to any of your existing interfaces. If any doubt,
- # do not modify this value.
- #
- IPv4_address 225.0.0.50
-
- #
- # The multicast group that identifies the cluster. If any
- # doubt, do not modify this value.
- #
- Group 3780
-
- #
- # IP address of the interface that you are going to use to
- # send the synchronization messages. Remember that you must
- # use a dedicated link for the synchronization messages.
- #
- IPv4_interface [LINK_IP]
-
- #
- # The name of the interface that you are going to use to
- # send the synchronization messages.
- #
- Interface [LINK_IF]
-
- # The multicast sender uses a buffer to enqueue the packets
- # that are going to be transmitted. The default size of this
- # socket buffer is available at /proc/sys/net/core/wmem_default.
- # This value determines the chances to have an overrun in the
- # sender queue. The overrun results packet loss, thus, losing
- # state information that would have to be retransmitted. If you
- # notice some packet loss, you may want to increase the size
- # of the sender buffer. The default size is usually around
- # ~100 KBytes which is fairly small for busy firewalls.
- #
- SndSocketBuffer 1249280
-
- # The multicast receiver uses a buffer to enqueue the packets
- # that the socket is pending to handle. The default size of this
- # socket buffer is available at /proc/sys/net/core/rmem_default.
- # This value determines the chances to have an overrun in the
- # receiver queue. The overrun results packet loss, thus, losing
- # state information that would have to be retransmitted. If you
- # notice some packet loss, you may want to increase the size of
- # the receiver buffer. The default size is usually around
- # ~100 KBytes which is fairly small for busy firewalls.
- #
- RcvSocketBuffer 1249280
-
- #
- # Enable/Disable message checksumming. This is a good
- # property to achieve fault-tolerance. In case of doubt, do
- # not modify this value.
- #
- Checksum on
- }
- #
- # You can specify more than one dedicated link. Thus, if one dedicated
- # link fails, conntrackd can fail-over to another. Note that adding
- # more than one dedicated link does not mean that state-updates will
- # be sent to all of them. There is only one active dedicated link at
- # a given moment. The `Default' keyword indicates that this interface
- # will be selected as the initial dedicated link. You can have
- # up to 4 redundant dedicated links. Note: Use different multicast
- # groups for every redundant link.
- #
- # Multicast Default {
- # IPv4_address 225.0.0.51
- # Group 3781
- # IPv4_interface 192.168.100.101
- # Interface eth3
- # # SndSocketBuffer 1249280
- # # RcvSocketBuffer 1249280
- # Checksum on
- # }
-
- #
- # You can use Unicast UDP instead of Multicast to propagate events.
- # Note that you cannot use unicast UDP and Multicast at the same
- # time, you can only select one.
- #
- # UDP {
- #
- # UDP address that this firewall uses to listen to events.
- #
- # IPv4_address 192.168.2.100
- #
- # or you may want to use an IPv6 address:
- #
- # IPv6_address fe80::215:58ff:fe28:5a27
-
- #
- # Destination UDP address that receives events, ie. the other
- # firewall's dedicated link address.
- #
- # IPv4_Destination_Address 192.168.2.101
- #
- # or you may want to use an IPv6 address:
- #
- # IPv6_Destination_Address fe80::2d0:59ff:fe2a:775c
-
- #
- # UDP port used
- #
- # Port 3780
-
- #
- # The name of the interface that you are going to use to
- # send the synchronization messages.
- #
- # Interface eth2
-
- #
- # The sender socket buffer size
- #
- # SndSocketBuffer 1249280
-
- #
- # The receiver socket buffer size
- #
- # RcvSocketBuffer 1249280
-
- #
- # Enable/Disable message checksumming.
- #
- # Checksum on
- # }
-
-}
-
-#
-# General settings
-#
-General {
- #
- # Set the nice value of the daemon, this value goes from -20
- # (most favorable scheduling) to 19 (least favorable). Using a
- # very low value reduces the chances to lose state-change events.
- # Default is 0 but this example file sets it to most favourable
- # scheduling as this is generally a good idea. See man nice(1) for
- # more information.
- #
- Nice -20
-
- #
- # Select a different scheduler for the daemon, you can select between
- # RR and FIFO and the process priority (minimum is 0, maximum is 99).
- # See man sched_setscheduler(2) for more information. Using a RT
- # scheduler reduces the chances to overrun the Netlink buffer.
- #
- # Scheduler {
- # Type FIFO
- # Priority 99
- # }
-
- #
- # Number of buckets in the cache hashtable. The bigger it is,
- # the closer it gets to O(1) at the cost of consuming more memory.
- # Read some documents about tuning hashtables for further reference.
- #
- HashSize 32768
-
- #
- # Maximum number of conntracks, it should be double of:
- # $ cat /proc/sys/net/netfilter/nf_conntrack_max
- # since the daemon may keep some dead entries cached for possible
- # retransmission during state synchronization.
- #
- HashLimit 131072
-
- #
- # Logfile: on (/var/log/conntrackd.log), off, or a filename
- # Default: off
- #
- LogFile on
-
- #
- # Syslog: on, off or a facility name (daemon (default) or local0..7)
- # Default: off
- #
- #Syslog on
-
- #
- # Lockfile
- #
- LockFile /var/lock/conntrack.lock
-
- #
- # Unix socket configuration
- #
- UNIX {
- Path /var/run/conntrackd.ctl
- Backlog 20
- }
-
- #
- # Netlink event socket buffer size. If you do not specify this clause,
- # the default buffer size value in /proc/net/core/rmem_default is
- # used. This default value is usually around 100 Kbytes which is
- # fairly small for busy firewalls. This leads to event message dropping
- # and high CPU consumption. This example configuration file sets the
- # size to 2 MBytes to avoid this sort of problems.
- #
- NetlinkBufferSize 2097152
-
- #
- # The daemon doubles the size of the netlink event socket buffer size
- # if it detects netlink event message dropping. This clause sets the
- # maximum buffer size growth that can be reached. This example file
- # sets the size to 8 MBytes.
- #
- NetlinkBufferSizeMaxGrowth 8388608
-
- #
- # If the daemon detects that Netlink is dropping state-change events,
- # it automatically schedules a resynchronization against the Kernel
- # after 30 seconds (default value). Resynchronizations are expensive
- # in terms of CPU consumption since the daemon has to get the full
- # kernel state-table and purge state-entries that do not exist anymore.
- # Be careful of setting a very small value here. You have the following
- # choices: On (enabled, use default 30 seconds value), Off (disabled)
- # or Value (in seconds, to set a specific amount of time). If not
- # specified, the daemon assumes that this option is enabled.
- #
- # NetlinkOverrunResync On
-
- #
- # If you want reliable event reporting over Netlink, set on this
- # option. If you set on this clause, it is a good idea to set off
- # NetlinkOverrunResync. This option is off by default and you need
- # a Linux kernel >= 2.6.31.
- #
- # NetlinkEventsReliable Off
-
- #
- # By default, the daemon receives state updates following an
- # event-driven model. You can modify this behaviour by switching to
- # polling mode with the PollSecs clause. This clause tells conntrackd
- # to dump the states in the kernel every N seconds. With regards to
- # synchronization mode, the polling mode can only guarantee that
- # long-lifetime states are recovered. The main advantage of this method
- # is the reduction in the state replication at the cost of reducing the
- # chances of recovering connections.
- #
- # PollSecs 15
-
- #
- # The daemon prioritizes the handling of state-change events coming
- # from the core. With this clause, you can set the maximum number of
- # state-change events (those coming from kernel-space) that the daemon
- # will handle after which it will handle other events coming from the
- # network or userspace. A low value improves interactivity (in terms of
- # real-time behaviour) at the cost of extra CPU consumption.
- # Default (if not set) is 100.
- #
- # EventIterationLimit 100
-
- #
- # Event filtering: This clause allows you to filter certain traffic,
- # There are currently three filter-sets: Protocol, Address and
- # State. The filter is attached to an action that can be: Accept or
- # Ignore. Thus, you can define the event filtering policy of the
- # filter-sets in positive or negative logic depending on your needs.
- # You can select if conntrackd filters the event messages from
- # user-space or kernel-space. The kernel-space event filtering
- # saves some CPU cycles by avoiding the copy of the event message
- # from kernel-space to user-space. The kernel-space event filtering
- # is prefered, however, you require a Linux kernel >= 2.6.29 to
- # filter from kernel-space. If you want to select kernel-space
- # event filtering, use the keyword 'Kernelspace' instead of
- # 'Userspace'.
- #
- Filter From Userspace {
- #
- # Accept only certain protocols: You may want to replicate
- # the state of flows depending on their layer 4 protocol.
- #
- Protocol Accept {
- TCP
- SCTP
- DCCP
- # UDP
- # ICMP # This requires a Linux kernel >= 2.6.31
- }
-
- #
- # Ignore traffic for a certain set of IP's: Usually all the
- # IP assigned to the firewall since local traffic must be
- # ignored, only forwarded connections are worth to replicate.
- # Note that these values depends on the local IPs that are
- # assigned to the firewall.
- #
- Address Ignore {
- IPv4_address 127.0.0.1 # loopback
- IPv4_address [IGNORE_IP1]
- IPv4_address [IGNORE_IP2]
- IPv4_address [IGNORE_IP3]
- #IPv4_address 192.168.0.100 # virtual IP 1
- #IPv4_address 192.168.1.100 # virtual IP 2
- #IPv4_address 192.168.0.1
- #IPv4_address 192.168.1.1
- #IPv4_address 192.168.100.100 # dedicated link ip
- #
- # You can also specify networks in format IP/cidr.
- # IPv4_address 192.168.0.0/24
- #
- # You can also specify an IPv6 address
- # IPv6_address ::1
- }
-
- #
- # Uncomment this line below if you want to filter by flow state.
- # This option introduces a trade-off in the replication: it
- # reduces CPU consumption at the cost of having lazy backup
- # firewall replicas. The existing TCP states are: SYN_SENT,
- # SYN_RECV, ESTABLISHED, FIN_WAIT, CLOSE_WAIT, LAST_ACK,
- # TIME_WAIT, CLOSED, LISTEN.
- #
- # State Accept {
- # ESTABLISHED CLOSED TIME_WAIT CLOSE_WAIT for TCP
- # }
- }
-}
diff --git a/systemvm/patches/debian/config/root/redundant_router/disable_pubip.sh b/systemvm/patches/debian/config/root/redundant_router/disable_pubip.sh
deleted file mode 100644
index ee4e894..0000000
--- a/systemvm/patches/debian/config/root/redundant_router/disable_pubip.sh
+++ /dev/null
@@ -1,23 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-ip link|grep BROADCAST|grep -v eth0|grep -v eth1|cut -d ":" -f 2 > /tmp/iflist
-while read i
-do
- ifconfig $i down
-done < /tmp/iflist
diff --git a/systemvm/patches/debian/config/root/redundant_router/enable_pubip.sh.templ b/systemvm/patches/debian/config/root/redundant_router/enable_pubip.sh.templ
deleted file mode 100644
index a59cd66..0000000
--- a/systemvm/patches/debian/config/root/redundant_router/enable_pubip.sh.templ
+++ /dev/null
@@ -1,50 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-ip link|grep BROADCAST|grep -v eth0|grep -v eth1|cut -d ":" -f 2 > /tmp/iflist
-ip addr show eth2 | grep "inet" 2>&1 > /dev/null
-is_init=$?
-
-set -e
-
-while read i
-do
- # if eth2'ip has already been configured, we would use ifconfig rather than ifdown/ifup
- if [ "$i" == "eth2" -a "$is_init" != "0" ]
- then
- ifdown $i
- ifup $i
- else
- ifconfig $i down
- ifconfig $i up
- fi
-done < /tmp/iflist
-ip route add default via [GATEWAY] dev eth2
-
-while read line
-do
-dev=$(echo $line | awk '{print $1'})
-gw=$(echo $line | awk '{print $2'})
-
-if [ "$dev" == "eth2" ]
-then
- continue;
-fi
-ip route add default via $gw table Table_$dev proto static
-
-done < /var/cache/cloud/ifaceGwIp
diff --git a/systemvm/patches/debian/config/root/redundant_router/fault.sh.templ b/systemvm/patches/debian/config/root/redundant_router/fault.sh.templ
deleted file mode 100644
index c008a9c..0000000
--- a/systemvm/patches/debian/config/root/redundant_router/fault.sh.templ
+++ /dev/null
@@ -1,37 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-source /root/func.sh
-
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
- exit 1
-fi
-
-echo To fault called >> [RROUTER_LOG]
-[RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1
-echo Disable public ip >> [RROUTER_LOG]
-[RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1
-echo Stop services $? >> [RROUTER_LOG]
-[RROUTER_BIN_PATH]/primary-backup.sh fault >> [RROUTER_LOG] 2>&1
-echo Switch conntrackd mode fault $? >> [RROUTER_LOG]
-echo Status: FAULT >> [RROUTER_LOG]
-
-releaseLockFile $lock $locked
diff --git a/systemvm/patches/debian/config/root/redundant_router/heartbeat.sh.templ b/systemvm/patches/debian/config/root/redundant_router/heartbeat.sh.templ
deleted file mode 100755
index e064c1a..0000000
--- a/systemvm/patches/debian/config/root/redundant_router/heartbeat.sh.templ
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-t=$(date +%s)
-echo $t > [RROUTER_BIN_PATH]/keepalived.ts
diff --git a/systemvm/patches/debian/config/root/redundant_router/keepalived.conf.templ b/systemvm/patches/debian/config/root/redundant_router/keepalived.conf.templ
deleted file mode 100644
index a4969a5..0000000
--- a/systemvm/patches/debian/config/root/redundant_router/keepalived.conf.templ
+++ /dev/null
@@ -1,57 +0,0 @@
-! Licensed to the Apache Software Foundation (ASF) under one
-! or more contributor license agreements. See the NOTICE file
-! distributed with this work for additional information
-! regarding copyright ownership. The ASF licenses this file
-! to you under the Apache License, Version 2.0 (the
-! "License"); you may not use this file except in compliance
-! with the License. You may obtain a copy of the License at
-!
-! http://www.apache.org/licenses/LICENSE-2.0
-!
-! Unless required by applicable law or agreed to in writing,
-! software distributed under the License is distributed on an
-! "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-! KIND, either express or implied. See the License for the
-! specific language governing permissions and limitations
-! under the License.
-
-global_defs {
- router_id [ROUTER_ID]
-}
-
-vrrp_script check_bumpup {
- script "[RROUTER_BIN_PATH]/check_bumpup.sh"
- interval 5
- weight [DELTA]
-}
-
-vrrp_script heartbeat {
- script "[RROUTER_BIN_PATH]/heartbeat.sh"
- interval 10
-}
-
-vrrp_instance inside_network {
- state BACKUP
- interface eth0
- virtual_router_id 51
- priority [PRIORITY]
-
- advert_int 1
- authentication {
- auth_type PASS
- auth_pass WORD
- }
-
- virtual_ipaddress {
- [ROUTER_IP] brd [BOARDCAST] dev eth0
- }
-
- track_script {
- check_bumpup
- heartbeat
- }
-
- notify_master "[RROUTER_BIN_PATH]/master.sh"
- notify_backup "[RROUTER_BIN_PATH]/backup.sh"
- notify_fault "[RROUTER_BIN_PATH]/fault.sh"
-}
diff --git a/systemvm/patches/debian/config/root/redundant_router/master.sh.templ b/systemvm/patches/debian/config/root/redundant_router/master.sh.templ
deleted file mode 100644
index 11ca628..0000000
--- a/systemvm/patches/debian/config/root/redundant_router/master.sh.templ
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-source /root/func.sh
-
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
- exit 1
-fi
-
-echo To master called >> [RROUTER_LOG]
-[RROUTER_BIN_PATH]/enable_pubip.sh >> [RROUTER_LOG] 2>&1
-ret=$?
-if [ $ret -eq 0 ]
-then
- [RROUTER_BIN_PATH]/services.sh restart >> [RROUTER_LOG] 2>&1
- ret=$?
-fi
-last_msg=`tail -n 1 [RROUTER_LOG]`
-echo Enable public ip returned $ret >> [RROUTER_LOG]
-if [ $ret -ne 0 ]
-then
- echo Fail to enable public ip! >> [RROUTER_LOG]
- [RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1
- [RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1
- service keepalived stop >> [RROUTER_LOG] 2>&1
- service conntrackd stop >> [RROUTER_LOG] 2>&1
- echo Status: FAULT \($last_msg\) >> [RROUTER_LOG]
- releaseLockFile $lock $locked
- exit
-fi
-[RROUTER_BIN_PATH]/primary-backup.sh primary >> [RROUTER_LOG] 2>&1
-ret=$?
-echo Switch conntrackd mode primary returned $ret >> [RROUTER_LOG]
-if [ $ret -ne 0 ]
-then
- echo Fail to switch conntrackd mode, but try to continue working >> [RROUTER_LOG]
-fi
-[RROUTER_BIN_PATH]/arping_gateways.sh
-echo Status: MASTER >> [RROUTER_LOG]
-
-releaseLockFile $lock $locked
-exit 0
diff --git a/systemvm/patches/debian/config/root/redundant_router/primary-backup.sh.templ b/systemvm/patches/debian/config/root/redundant_router/primary-backup.sh.templ
deleted file mode 100644
index 4eb9eaf..0000000
--- a/systemvm/patches/debian/config/root/redundant_router/primary-backup.sh.templ
+++ /dev/null
@@ -1,126 +0,0 @@
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-CONNTRACKD_BIN=/usr/sbin/conntrackd
-CONNTRACKD_LOCK=/var/lock/conntrack.lock
-CONNTRACKD_CONFIG=/etc/conntrackd/conntrackd.conf
-CONNTRACKD_LOG=[RROUTER_LOG]
-
-case "$1" in
- primary)
- #
- # commit the external cache into the kernel table
- #
- $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -c
- if [ $? -eq 1 ]
- then
- logger "ERROR: failed to invoke conntrackd -c"
- fi
-
- #
- # flush the internal and the external caches
- #
- $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -f
- if [ $? -eq 1 ]
- then
- logger "ERROR: failed to invoke conntrackd -f"
- fi
-
- #
- # resynchronize my internal cache to the kernel table
- #
- $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -R
- if [ $? -eq 1 ]
- then
- logger "ERROR: failed to invoke conntrackd -R"
- fi
-
- #
- # send a bulk update to backups
- #
- $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -B
- if [ $? -eq 1 ]
- then
- logger "ERROR: failed to invoke conntrackd -B"
- fi
- echo Conntrackd switch to primary done >> $CONNTRACKD_LOG
- ;;
- backup)
- #
- # is conntrackd running? request some statistics to check it
- #
- $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -s
- if [ $? -eq 1 ]
- then
- #
- # something's wrong, do we have a lock file?
- #
- if [ -f $CONNTRACKD_LOCK ]
- then
- logger "WARNING: conntrackd was not cleanly stopped."
- logger "If you suspect that it has crashed:"
- logger "1) Enable coredumps"
- logger "2) Try to reproduce the problem"
- logger "3) Post the coredump to netfilter-devel@vger.kernel.org"
- rm -f $CONNTRACKD_LOCK
- fi
- $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -d
- if [ $? -eq 1 ]
- then
- logger "ERROR: cannot launch conntrackd"
- exit 1
- fi
- fi
- #
- # shorten kernel conntrack timers to remove the zombie entries.
- #
- $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -t
- if [ $? -eq 1 ]
- then
- logger "ERROR: failed to invoke conntrackd -t"
- fi
-
- #
- # request resynchronization with master firewall replica (if any)
- # Note: this does nothing in the alarm approach.
- #
- $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -n
- if [ $? -eq 1 ]
- then
- logger "ERROR: failed to invoke conntrackd -n"
- fi
- echo Conntrackd switch to backup done >> $CONNTRACKD_LOG
- ;;
- fault)
- #
- # shorten kernel conntrack timers to remove the zombie entries.
- #
- $CONNTRACKD_BIN -C $CONNTRACKD_CONFIG -t
- if [ $? -eq 1 ]
- then
- logger "ERROR: failed to invoke conntrackd -t"
- fi
- echo Conntrackd switch to fault done >> $CONNTRACKD_LOG
- ;;
- *)
- logger "conntrackd: ERROR: unknown state transition: " $1
- echo "Usage: primary-backup.sh {primary|backup|fault}"
- exit 1
- ;;
-esac
-
-exit 0
diff --git a/systemvm/patches/debian/config/root/redundant_router/services.sh b/systemvm/patches/debian/config/root/redundant_router/services.sh
deleted file mode 100644
index b7ebeed..0000000
--- a/systemvm/patches/debian/config/root/redundant_router/services.sh
+++ /dev/null
@@ -1,68 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-vpn_service() {
- ps aux|grep ipsec | grep -v grep > /dev/null
- no_vpn=$?
- if [ $no_vpn -eq 1 ]
- then
- return 0
- fi
- r=0
- case "$1" in
- stop)
- service ipsec stop && \
- service xl2tpd stop
- r=$?
- ;;
- restart)
- service ipsec restart && \
- service xl2tpd restart
- r=$?
- ;;
- esac
- return $r
-}
-
-ret=0
-case "$1" in
- start)
- vpn_service restart && \
- service cloud-passwd-srvr start && \
- service dnsmasq start
- ret=$?
- ;;
- stop)
- vpn_service stop && \
- service cloud-passwd-srvr stop && \
- service dnsmasq stop
- ret=$?
- ;;
- restart)
- vpn_service restart && \
- service cloud-passwd-srvr restart && \
- service dnsmasq restart
- ret=$?
- ;;
- *)
- echo "Usage: services {start|stop|restart}"
- exit 1
- ;;
-esac
-
-exit $ret
diff --git a/systemvm/patches/debian/convert.sh b/systemvm/patches/debian/convert.sh
deleted file mode 100755
index 27098a1..0000000
--- a/systemvm/patches/debian/convert.sh
+++ /dev/null
@@ -1,64 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-
-
-
-
-begin=$(date +%s)
-echo "Backing up systemvm.img"
-cp systemvm.img systemvm.img.tmp
-echo "Converting raw image to fixed vhd"
-vhd-util convert -s 0 -t 1 -i systemvm.img.tmp -o systemvm.vhd &> /dev/null
-echo "Converting fixed vhd to dynamic vhd"
-vhd-util convert -s 1 -t 2 -i systemvm.vhd -o systemvm.vhd &> /dev/null
-echo "Compressing vhd..."
-bzip2 -c systemvm.vhd > systemvm.vhd.bz2
-echo "Done VHD"
-
-echo "Converting raw image to qcow2"
-qemu-img convert -f raw -O qcow2 systemvm.img systemvm.qcow2
-echo "Compressing qcow2..."
-bzip2 -c systemvm.qcow2 > systemvm.qcow2.bz2
-echo "Done qcow2"
-echo "Converting raw image to vmdk"
-qemu-img convert -f raw -O vmdk systemvm.img systemvm.vmdk
-echo "Done creating vmdk"
-echo "Creating ova appliance "
-ovftool systemvm.vmx systemvm.ova
-echo "Done creating OVA"
-echo "Cleaning up..."
-rm -vf systemvm.vmdk
-rm -vf systemvm.vhd.bak
-
-echo "Compressing raw image..."
-bzip2 -c systemvm.img > systemvm.img.bz2
-echo "Done compressing raw image"
-
-echo "Generating md5sums"
-md5sum systemvm.img > md5sum
-md5sum systemvm.img.bz2 >> md5sum
-md5sum systemvm.vhd >> md5sum
-md5sum systemvm.vhd.bz2 >> md5sum
-md5sum systemvm.qcow2 >> md5sum
-md5sum systemvm.qcow2.bz2 >> md5sum
-md5sum systemvm.ova >> md5sum
-fin=$(date +%s)
-t=$((fin-begin))
-echo "Finished compressing/converting image in $t seconds"
diff --git a/systemvm/patches/debian/config/etc/apache2/httpd.conf b/systemvm/patches/debian/etc/apache2/httpd.conf
similarity index 100%
rename from systemvm/patches/debian/config/etc/apache2/httpd.conf
rename to systemvm/patches/debian/etc/apache2/httpd.conf
diff --git a/systemvm/patches/debian/config/etc/apache2/vhost.template b/systemvm/patches/debian/etc/apache2/vhost.template
similarity index 99%
rename from systemvm/patches/debian/config/etc/apache2/vhost.template
rename to systemvm/patches/debian/etc/apache2/vhost.template
index 7b89c3b..f393db5 100644
--- a/systemvm/patches/debian/config/etc/apache2/vhost.template
+++ b/systemvm/patches/debian/etc/apache2/vhost.template
@@ -235,4 +235,3 @@ Listen 10.1.1.1:80
<IfModule mod_gnutls.c>
Listen 10.1.1.1:443
</IfModule>
-
diff --git a/systemvm/patches/debian/config/etc/cloud-nic.rules b/systemvm/patches/debian/etc/cloud-nic.rules
similarity index 98%
rename from systemvm/patches/debian/config/etc/cloud-nic.rules
rename to systemvm/patches/debian/etc/cloud-nic.rules
index 56e74ec..e34e0c2 100644
--- a/systemvm/patches/debian/config/etc/cloud-nic.rules
+++ b/systemvm/patches/debian/etc/cloud-nic.rules
@@ -1,2 +1 @@
SUBSYSTEM=="net" KERNEL=="eth*" RUN+="/opt/cloud/bin/cloud-nic.sh $env{ACTION} %k"
-
diff --git a/systemvm/patches/debian/config/etc/dnsmasq.conf.tmpl b/systemvm/patches/debian/etc/dnsmasq.conf.tmpl
similarity index 99%
rename from systemvm/patches/debian/config/etc/dnsmasq.conf.tmpl
rename to systemvm/patches/debian/etc/dnsmasq.conf.tmpl
index 403e2041..4e9d249 100644
--- a/systemvm/patches/debian/config/etc/dnsmasq.conf.tmpl
+++ b/systemvm/patches/debian/etc/dnsmasq.conf.tmpl
@@ -172,11 +172,11 @@ dhcp-hostsfile=/etc/dhcphosts.txt
#dhcp-range=1234::2, 1234::500, 64, 12h
# Do Router Advertisements, BUT NOT DHCP for this subnet.
-#dhcp-range=1234::, ra-only
+#dhcp-range=1234::, ra-only
# Do Router Advertisements, BUT NOT DHCP for this subnet, also try and
-# add names to the DNS for the IPv6 address of SLAAC-configured dual-stack
-# hosts. Use the DHCPv4 lease to derive the name, network segment and
+# add names to the DNS for the IPv6 address of SLAAC-configured dual-stack
+# hosts. Use the DHCPv4 lease to derive the name, network segment and
# MAC address and assume that the host will also have an
# IPv6 address calculated using the SLAAC alogrithm.
#dhcp-range=1234::, ra-names
@@ -199,9 +199,9 @@ dhcp-hostsfile=/etc/dhcphosts.txt
#dhcp-range=1234::, ra-stateless, ra-names
# Do router advertisements for all subnets where we're doing DHCPv6
-# Unless overriden by ra-stateless, ra-names, et al, the router
+# Unless overriden by ra-stateless, ra-names, et al, the router
# advertisements will have the M and O bits set, so that the clients
-# get addresses and configuration from DHCPv6, and the A bit reset, so the
+# get addresses and configuration from DHCPv6, and the A bit reset, so the
# clients don't use SLAAC addresses.
#enable-ra
@@ -267,11 +267,11 @@ dhcp-hostsfile=/etc/dhcphosts.txt
# any machine with Ethernet address starting 11:22:33:
#dhcp-host=11:22:33:*:*:*,set:red
-# Give a fixed IPv6 address and name to client with
+# Give a fixed IPv6 address and name to client with
# DUID 00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2
# Note the MAC addresses CANNOT be used to identify DHCPv6 clients.
# Note also the they [] around the IPv6 address are obilgatory.
-#dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5]
+#dhcp-host=id:00:01:00:01:16:d2:83:fc:92:d4:19:e2:d8:b2, fred, [1234::5]
# Ignore any clients which are not specified in dhcp-host lines
# or /etc/ethers. Equivalent to ISC "deny unknown-clients".
@@ -329,7 +329,7 @@ dhcp-ignore=tag:!known
# Send DHCPv6 option. Note [] around IPv6 addresses.
#dhcp-option=option6:dns-server,[1234::77],[1234::88]
-# Send DHCPv6 option for namservers as the machine running
+# Send DHCPv6 option for namservers as the machine running
# dnsmasq and another.
#dhcp-option=option6:dns-server,[::],[1234::88]
diff --git a/systemvm/patches/debian/config/etc/haproxy/haproxy.cfg b/systemvm/patches/debian/etc/haproxy/haproxy.cfg
similarity index 98%
rename from systemvm/patches/debian/config/etc/haproxy/haproxy.cfg
rename to systemvm/patches/debian/etc/haproxy/haproxy.cfg
index 0adbfc6..63da1ea 100644
--- a/systemvm/patches/debian/config/etc/haproxy/haproxy.cfg
+++ b/systemvm/patches/debian/etc/haproxy/haproxy.cfg
@@ -4,7 +4,7 @@ global
user haproxy
group haproxy
daemon
-
+
defaults
log global
mode tcp
@@ -20,8 +20,8 @@ defaults
timeout connect 5000
timeout client 50000
timeout server 50000
-
-
+
+
listen cloud-default
bind 0.0.0.0:35999
option transparent
diff --git a/systemvm/patches/debian/config/etc/init.d/cloud-early-config b/systemvm/patches/debian/etc/init.d/cloud-early-config
similarity index 100%
rename from systemvm/patches/debian/config/etc/init.d/cloud-early-config
rename to systemvm/patches/debian/etc/init.d/cloud-early-config
diff --git a/systemvm/patches/debian/config/etc/init.d/cloud-passwd-srvr b/systemvm/patches/debian/etc/init.d/cloud-passwd-srvr
similarity index 99%
rename from systemvm/patches/debian/config/etc/init.d/cloud-passwd-srvr
rename to systemvm/patches/debian/etc/init.d/cloud-passwd-srvr
index 05e2f37..ffd0ec8 100755
--- a/systemvm/patches/debian/config/etc/init.d/cloud-passwd-srvr
+++ b/systemvm/patches/debian/etc/init.d/cloud-passwd-srvr
@@ -104,12 +104,12 @@ case "$1" in
start) start
;;
stop) stop
- ;;
+ ;;
status) status
- ;;
+ ;;
restart) stop
start
- ;;
+ ;;
*) echo "Usage: $0 {start|stop|status|restart}"
exit 1
;;
diff --git a/systemvm/patches/debian/config/etc/iptables/iptables-consoleproxy b/systemvm/patches/debian/etc/iptables/iptables-consoleproxy
similarity index 84%
rename from systemvm/patches/debian/config/etc/iptables/iptables-consoleproxy
rename to systemvm/patches/debian/etc/iptables/iptables-consoleproxy
index ae5d14d..9a1c985 100644
--- a/systemvm/patches/debian/config/etc/iptables/iptables-consoleproxy
+++ b/systemvm/patches/debian/etc/iptables/iptables-consoleproxy
@@ -7,7 +7,7 @@
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -24,12 +24,12 @@ COMMIT
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
--A INPUT -i lo -j ACCEPT
--A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
--A INPUT -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
--A INPUT -i eth2 -m state --state RELATED,ESTABLISHED -j ACCEPT
+-A INPUT -i lo -j ACCEPT
+-A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
+-A INPUT -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
+-A INPUT -i eth2 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp --icmp-type 13 -j DROP
--A INPUT -p icmp -j ACCEPT
+-A INPUT -p icmp -j ACCEPT
-A INPUT -i eth1 -p tcp -m state --state NEW -m tcp --dport 3922 -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state NEW -m tcp --dport 8001 -j ACCEPT
-A INPUT -i eth1 -p tcp -m state --state NEW -m tcp --dport 8001 -j ACCEPT
diff --git a/systemvm/patches/debian/config/etc/iptables/iptables-dhcpsrvr b/systemvm/patches/debian/etc/iptables/iptables-dhcpsrvr
similarity index 99%
rename from systemvm/patches/debian/config/etc/iptables/iptables-dhcpsrvr
rename to systemvm/patches/debian/etc/iptables/iptables-dhcpsrvr
index b49b6b2..9851ee7 100644
--- a/systemvm/patches/debian/config/etc/iptables/iptables-dhcpsrvr
+++ b/systemvm/patches/debian/etc/iptables/iptables-dhcpsrvr
@@ -7,7 +7,7 @@
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
diff --git a/systemvm/patches/debian/config/etc/iptables/iptables-elbvm b/systemvm/patches/debian/etc/iptables/iptables-elbvm
similarity index 99%
rename from systemvm/patches/debian/config/etc/iptables/iptables-elbvm
rename to systemvm/patches/debian/etc/iptables/iptables-elbvm
index 17baef5..21c5d4b 100755
--- a/systemvm/patches/debian/config/etc/iptables/iptables-elbvm
+++ b/systemvm/patches/debian/etc/iptables/iptables-elbvm
@@ -7,7 +7,7 @@
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -31,4 +31,3 @@ COMMIT
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth1 -p tcp -m state --state NEW --dport 3922 -j ACCEPT
COMMIT
-
diff --git a/systemvm/patches/debian/config/etc/iptables/iptables-ilbvm b/systemvm/patches/debian/etc/iptables/iptables-ilbvm
similarity index 99%
rename from systemvm/patches/debian/config/etc/iptables/iptables-ilbvm
rename to systemvm/patches/debian/etc/iptables/iptables-ilbvm
index 8d5ca65..05e7f5b 100755
--- a/systemvm/patches/debian/config/etc/iptables/iptables-ilbvm
+++ b/systemvm/patches/debian/etc/iptables/iptables-ilbvm
@@ -7,7 +7,7 @@
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -30,4 +30,3 @@ COMMIT
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth1 -p tcp -m state --state NEW --dport 3922 -j ACCEPT
COMMIT
-
diff --git a/systemvm/patches/debian/config/etc/iptables/iptables-router b/systemvm/patches/debian/etc/iptables/iptables-router
similarity index 99%
rename from systemvm/patches/debian/config/etc/iptables/iptables-router
rename to systemvm/patches/debian/etc/iptables/iptables-router
index b49b6b2..9851ee7 100644
--- a/systemvm/patches/debian/config/etc/iptables/iptables-router
+++ b/systemvm/patches/debian/etc/iptables/iptables-router
@@ -7,7 +7,7 @@
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
diff --git a/systemvm/patches/debian/config/etc/iptables/iptables-secstorage b/systemvm/patches/debian/etc/iptables/iptables-secstorage
similarity index 81%
rename from systemvm/patches/debian/config/etc/iptables/iptables-secstorage
rename to systemvm/patches/debian/etc/iptables/iptables-secstorage
index 3139924..019aaa0 100755
--- a/systemvm/patches/debian/config/etc/iptables/iptables-secstorage
+++ b/systemvm/patches/debian/etc/iptables/iptables-secstorage
@@ -7,7 +7,7 @@
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -25,12 +25,12 @@ COMMIT
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:HTTP - [0:0]
--A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
--A INPUT -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
+-A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
+-A INPUT -i eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i eth2 -m state --state RELATED,ESTABLISHED -j ACCEPT
--A INPUT -i eth3 -m state --state RELATED,ESTABLISHED -j ACCEPT
--A INPUT -i lo -j ACCEPT
+-A INPUT -i eth3 -m state --state RELATED,ESTABLISHED -j ACCEPT
+-A INPUT -i lo -j ACCEPT
-A INPUT -p icmp --icmp-type 13 -j DROP
--A INPUT -p icmp -j ACCEPT
+-A INPUT -p icmp -j ACCEPT
-A INPUT -i eth0 -p tcp -m state --state NEW --dport 3922 -j ACCEPT
COMMIT
diff --git a/systemvm/patches/debian/config/etc/iptables/iptables-vpcrouter b/systemvm/patches/debian/etc/iptables/iptables-vpcrouter
similarity index 99%
rename from systemvm/patches/debian/config/etc/iptables/iptables-vpcrouter
rename to systemvm/patches/debian/etc/iptables/iptables-vpcrouter
index 1c40493..e6237c5 100644
--- a/systemvm/patches/debian/config/etc/iptables/iptables-vpcrouter
+++ b/systemvm/patches/debian/etc/iptables/iptables-vpcrouter
@@ -7,7 +7,7 @@
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
diff --git a/systemvm/patches/debian/config/etc/iptables/rt_tables_init b/systemvm/patches/debian/etc/iptables/rt_tables_init
similarity index 99%
rename from systemvm/patches/debian/config/etc/iptables/rt_tables_init
rename to systemvm/patches/debian/etc/iptables/rt_tables_init
index c7f086b..9a265c1 100644
--- a/systemvm/patches/debian/config/etc/iptables/rt_tables_init
+++ b/systemvm/patches/debian/etc/iptables/rt_tables_init
@@ -7,7 +7,7 @@
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
diff --git a/systemvm/patches/debian/config/etc/iptables/rules b/systemvm/patches/debian/etc/iptables/rules
similarity index 99%
rename from systemvm/patches/debian/config/etc/iptables/rules
rename to systemvm/patches/debian/etc/iptables/rules
index 7c57761..ecd905d 100644
--- a/systemvm/patches/debian/config/etc/iptables/rules
+++ b/systemvm/patches/debian/etc/iptables/rules
@@ -7,7 +7,7 @@
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -39,4 +39,3 @@ COMMIT
-A FORWARD -i eth0 -o eth2 -j ACCEPT
-A FORWARD -i eth2 -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
COMMIT
-
diff --git a/systemvm/patches/debian/config/etc/logrotate.conf b/systemvm/patches/debian/etc/logrotate.conf
similarity index 99%
rename from systemvm/patches/debian/config/etc/logrotate.conf
rename to systemvm/patches/debian/etc/logrotate.conf
index a44abf9..d213d4e 100644
--- a/systemvm/patches/debian/config/etc/logrotate.conf
+++ b/systemvm/patches/debian/etc/logrotate.conf
@@ -23,4 +23,3 @@ include /etc/logrotate.d
create 0600 root utmp
rotate 1
}
-
diff --git a/systemvm/patches/debian/config/etc/logrotate.d/apache2 b/systemvm/patches/debian/etc/logrotate.d/apache2
similarity index 100%
rename from systemvm/patches/debian/config/etc/logrotate.d/apache2
rename to systemvm/patches/debian/etc/logrotate.d/apache2
diff --git a/systemvm/patches/debian/config/etc/logrotate.d/cloud b/systemvm/patches/debian/etc/logrotate.d/cloud
similarity index 100%
rename from systemvm/patches/debian/config/etc/logrotate.d/cloud
rename to systemvm/patches/debian/etc/logrotate.d/cloud
diff --git a/systemvm/patches/debian/config/etc/logrotate.d/conntrackd b/systemvm/patches/debian/etc/logrotate.d/conntrackd
similarity index 100%
rename from systemvm/patches/debian/config/etc/logrotate.d/conntrackd
rename to systemvm/patches/debian/etc/logrotate.d/conntrackd
diff --git a/systemvm/patches/debian/config/etc/logrotate.d/dnsmasq b/systemvm/patches/debian/etc/logrotate.d/dnsmasq
similarity index 99%
rename from systemvm/patches/debian/config/etc/logrotate.d/dnsmasq
rename to systemvm/patches/debian/etc/logrotate.d/dnsmasq
index 8a797e9..27b6ebc 100644
--- a/systemvm/patches/debian/config/etc/logrotate.d/dnsmasq
+++ b/systemvm/patches/debian/etc/logrotate.d/dnsmasq
@@ -10,4 +10,3 @@
endscript
create 0640 dnsmasq root
}
-
diff --git a/systemvm/patches/debian/config/etc/logrotate.d/haproxy b/systemvm/patches/debian/etc/logrotate.d/haproxy
similarity index 100%
rename from systemvm/patches/debian/config/etc/logrotate.d/haproxy
rename to systemvm/patches/debian/etc/logrotate.d/haproxy
diff --git a/systemvm/patches/debian/config/etc/logrotate.d/ppp b/systemvm/patches/debian/etc/logrotate.d/ppp
similarity index 98%
rename from systemvm/patches/debian/config/etc/logrotate.d/ppp
rename to systemvm/patches/debian/etc/logrotate.d/ppp
index ce02c17..37af2f2 100644
--- a/systemvm/patches/debian/config/etc/logrotate.d/ppp
+++ b/systemvm/patches/debian/etc/logrotate.d/ppp
@@ -6,4 +6,3 @@
compress
nocreate
}
-
diff --git a/systemvm/patches/debian/config/etc/logrotate.d/rsyslog b/systemvm/patches/debian/etc/logrotate.d/rsyslog
similarity index 100%
rename from systemvm/patches/debian/config/etc/logrotate.d/rsyslog
rename to systemvm/patches/debian/etc/logrotate.d/rsyslog
diff --git a/systemvm/patches/debian/config/etc/modprobe.d/aesni_intel.conf b/systemvm/patches/debian/etc/modprobe.d/aesni_intel.conf
similarity index 100%
rename from systemvm/patches/debian/config/etc/modprobe.d/aesni_intel.conf
rename to systemvm/patches/debian/etc/modprobe.d/aesni_intel.conf
diff --git a/systemvm/patches/debian/config/etc/modprobe.d/pcspkr.conf b/systemvm/patches/debian/etc/modprobe.d/pcspkr.conf
similarity index 100%
rename from systemvm/patches/debian/config/etc/modprobe.d/pcspkr.conf
rename to systemvm/patches/debian/etc/modprobe.d/pcspkr.conf
diff --git a/systemvm/patches/debian/config/etc/profile.d/cloud.sh b/systemvm/patches/debian/etc/profile.d/cloud.sh
similarity index 99%
rename from systemvm/patches/debian/config/etc/profile.d/cloud.sh
rename to systemvm/patches/debian/etc/profile.d/cloud.sh
index 844527f..fdc1600 100755
--- a/systemvm/patches/debian/config/etc/profile.d/cloud.sh
+++ b/systemvm/patches/debian/etc/profile.d/cloud.sh
@@ -14,7 +14,7 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-
+
if [ "`id -u`" -eq 0 ]; then
PATH=${PATH}:/opt/cloud/bin
diff --git a/systemvm/patches/debian/config/etc/rc.local b/systemvm/patches/debian/etc/rc.local
similarity index 100%
rename from systemvm/patches/debian/config/etc/rc.local
rename to systemvm/patches/debian/etc/rc.local
diff --git a/systemvm/patches/debian/config/etc/rsyslog.conf b/systemvm/patches/debian/etc/rsyslog.conf
similarity index 100%
rename from systemvm/patches/debian/config/etc/rsyslog.conf
rename to systemvm/patches/debian/etc/rsyslog.conf
diff --git a/systemvm/patches/debian/config/etc/ssh/sshd_config b/systemvm/patches/debian/etc/ssh/sshd_config
similarity index 96%
rename from systemvm/patches/debian/config/etc/ssh/sshd_config
rename to systemvm/patches/debian/etc/ssh/sshd_config
index 75f30cc..4931cdb 100644
--- a/systemvm/patches/debian/config/etc/ssh/sshd_config
+++ b/systemvm/patches/debian/etc/ssh/sshd_config
@@ -43,8 +43,8 @@ PermitRootLogin yes
#MaxAuthTries 6
#RSAAuthentication yes
-#PubkeyAuthentication yes
-#AuthorizedKeysFile .ssh/authorized_keys
+PubkeyAuthentication yes
+AuthorizedKeysFile .ssh/authorized_keys
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
@@ -77,8 +77,8 @@ GSSAPIAuthentication no
#GSSAPICleanupCredentials yes
GSSAPICleanupCredentials yes
-# Set this to 'yes' to enable PAM authentication, account processing,
-# and session processing. If this is enabled, PAM authentication will
+# Set this to 'yes' to enable PAM authentication, account processing,
+# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication. Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
@@ -90,8 +90,8 @@ GSSAPICleanupCredentials yes
UsePAM yes
# Accept locale-related environment variables
-AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
-AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
+AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
+AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL
#AllowTcpForwarding yes
#GatewayPorts no
@@ -101,7 +101,7 @@ AcceptEnv LC_IDENTIFICATION LC_ALL
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
-#TCPKeepAlive yes
+TCPKeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#PermitUserEnvironment no
diff --git a/systemvm/patches/debian/config/etc/sysctl.conf b/systemvm/patches/debian/etc/sysctl.conf
similarity index 97%
rename from systemvm/patches/debian/config/etc/sysctl.conf
rename to systemvm/patches/debian/etc/sysctl.conf
index 91baa5d..8e6d752 100644
--- a/systemvm/patches/debian/config/etc/sysctl.conf
+++ b/systemvm/patches/debian/etc/sysctl.conf
@@ -1,4 +1,4 @@
-# Kernel sysctl configuration file
+# Kernel sysctl configuration file
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.
diff --git a/systemvm/patches/debian/config/etc/vpcdnsmasq.conf b/systemvm/patches/debian/etc/vpcdnsmasq.conf
similarity index 97%
rename from systemvm/patches/debian/config/etc/vpcdnsmasq.conf
rename to systemvm/patches/debian/etc/vpcdnsmasq.conf
index 7c29e65..1a4b0c2 100644
--- a/systemvm/patches/debian/config/etc/vpcdnsmasq.conf
+++ b/systemvm/patches/debian/etc/vpcdnsmasq.conf
@@ -48,7 +48,7 @@ resolv-file=/etc/dnsmasq-resolv.conf
# non-public domains.
#server=/localnet/192.168.0.1
-# Example of routing PTR queries to nameservers: this will send all
+# Example of routing PTR queries to nameservers: this will send all
# address->name queries for 192.168.3/24 to nameserver 10.1.2.3
#server=/3.168.192.in-addr.arpa/10.1.2.3
@@ -186,7 +186,7 @@ expand-hosts
# Ignore any clients which are specified in dhcp-host lines
# or /etc/ethers. Equivalent to ISC "deny unkown-clients".
-# This relies on the special "known" tag which is set when
+# This relies on the special "known" tag which is set when
# a host is matched.
#dhcp-ignore=#known
@@ -210,11 +210,11 @@ expand-hosts
# Send options to hosts which ask for a DHCP lease.
# See RFC 2132 for details of available options.
-# Common options can be given to dnsmasq by name:
+# Common options can be given to dnsmasq by name:
# run "dnsmasq --help dhcp" to get a list.
# Note that all the common settings, such as netmask and
# broadcast address, DNS server and default route, are given
-# sane defaults by dnsmasq. You very likely will not need
+# sane defaults by dnsmasq. You very likely will not need
# any dhcp-options. If you use Windows clients and Samba, there
# are some options which are recommended, they are detailed at the
# end of this section.
@@ -228,7 +228,7 @@ expand-hosts
# Override the default route supplied by dnsmasq and send no default
# route at all. Note that this only works for the options sent by
-# default (1, 3, 6, 12, 28) the same line will send a zero-length option
+# default (1, 3, 6, 12, 28) the same line will send a zero-length option
# for all other option numbers.
#dhcp-option=3
@@ -279,10 +279,10 @@ dhcp-option=15,"2.vmops-test.vmops.com"
# Send RFC-3442 classless static routes (note the netmask encoding)
#dhcp-option=121,192.168.1.0/24,1.2.3.4,10.0.0.0/8,5.6.7.8
-# Send vendor-class specific options encapsulated in DHCP option 43.
+# Send vendor-class specific options encapsulated in DHCP option 43.
# The meaning of the options is defined by the vendor-class so
# options are sent only when the client supplied vendor class
-# matches the class given here. (A substring match is OK, so "MSFT"
+# matches the class given here. (A substring match is OK, so "MSFT"
# matches "MSFT" and "MSFT 5.0"). This example sets the
# mtftp address to 0.0.0.0 for PXEClients.
#dhcp-option=vendor:PXEClient,1,0.0.0.0
@@ -299,7 +299,7 @@ dhcp-option=vendor:MSFT,2,1i
# Send options to PXELinux. Note that we need to send the options even
# though they don't appear in the parameter request list, so we need
-# to use dhcp-option-force here.
+# to use dhcp-option-force here.
# See http://syslinux.zytor.com/pxe.php#special for details.
# Magic number - needed before anything else is recognised
#dhcp-option-force=208,f1:00:74:7e
@@ -310,7 +310,7 @@ dhcp-option=vendor:MSFT,2,1i
# Reboot time. (Note 'i' to send 32-bit value)
#dhcp-option-force=211,30i
-# Set the boot filename for BOOTP. You will only need
+# Set the boot filename for BOOTP. You will only need
# this is you want to boot machines over the network and you will need
# a TFTP server; either dnsmasq's built in TFTP server or an
# external one. (See below for how to enable the TFTP server.)
@@ -353,9 +353,9 @@ leasefile-ro
#dhcp-authoritative
# Run an executable when a DHCP lease is created or destroyed.
-# The arguments sent to the script are "add" or "del",
+# The arguments sent to the script are "add" or "del",
# then the MAC address, the IP address and finally the hostname
-# if there is one.
+# if there is one.
#dhcp-script=/bin/echo
# Set the cachesize here.
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/baremetal-vr.py b/systemvm/patches/debian/opt/cloud/bin/baremetal-vr.py
similarity index 97%
rename from systemvm/patches/debian/config/opt/cloud/bin/baremetal-vr.py
rename to systemvm/patches/debian/opt/cloud/bin/baremetal-vr.py
index 51ab582..e5b6aca 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/baremetal-vr.py
+++ b/systemvm/patches/debian/opt/cloud/bin/baremetal-vr.py
@@ -1,161 +1,161 @@
-#Licensed to the Apache Software Foundation (ASF) under one
-#or more contributor license agreements. See the NOTICE file
-#distributed with this work for additional information
-#regarding copyright ownership. The ASF licenses this file
-#to you under the Apache License, Version 2.0 (the
-#"License"); you may not use this file except in compliance
-#with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-#Unless required by applicable law or agreed to in writing,
-#software distributed under the License is distributed on an
-#"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-#KIND, either express or implied. See the License for the
-#specific language governing permissions and limitations
-#under the License.
-
-__author__ = 'frank'
-
-import subprocess
-import urllib
-import hmac
-import hashlib
-import base64
-import traceback
-import logging
-
-from flask import Flask
-
-app = Flask(__name__)
-
-logger = logging.getLogger('baremetal-vr')
-hdlr = logging.FileHandler('/var/log/baremetal-vr.log')
-formatter = logging.Formatter('%(asctime)s %(levelname)s %(message)s')
-hdlr.setFormatter(formatter)
-logger.addHandler(hdlr)
-logger.setLevel(logging.WARNING)
-
-class ShellCmd(object):
- '''
- classdocs
- '''
- def __init__(self, cmd, workdir=None, pipe=True):
- '''
- Constructor
- '''
- self.cmd = cmd
- if pipe:
- self.process = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.PIPE, executable='/bin/sh', cwd=workdir)
- else:
- self.process = subprocess.Popen(cmd, shell=True, executable='/bin/sh', cwd=workdir)
-
- self.stdout = None
- self.stderr = None
- self.return_code = None
-
- def __call__(self, is_exception=True):
- (self.stdout, self.stderr) = self.process.communicate()
- if is_exception and self.process.returncode != 0:
- err = []
- err.append('failed to execute shell command: %s' % self.cmd)
- err.append('return code: %s' % self.process.returncode)
- err.append('stdout: %s' % self.stdout)
- err.append('stderr: %s' % self.stderr)
- raise Exception('\n'.join(err))
-
- self.return_code = self.process.returncode
- return self.stdout
-
-def shell(cmd):
- return ShellCmd(cmd)()
-
-
-class Server(object):
- CMDLINE = '/var/cache/cloud/cmdline'
- def __init__(self):
- self.apikey = None
- self.secretkey = None
- self.mgmtIp = None
- self.mgmtPort = None
-
- def _get_credentials(self):
- if not self.apikey or not self.secretkey:
- with open(self.CMDLINE, 'r') as fd:
- cmdline = fd.read()
- for p in cmdline.split():
- if 'baremetalnotificationsecuritykey' in p:
- self.secretkey = p.split("=")[1]
- if 'baremetalnotificationapikey' in p:
- self.apikey = p.split("=")[1]
-
- if not self.apikey:
- raise Exception('cannot find baremetalnotificationapikey in %s' % Server.CMDLINE)
- if not self.secretkey:
- raise Exception('cannot find baremetalnotificationsecuritykey in %s' % Server.CMDLINE)
-
- return self.apikey, self.secretkey
-
- def _get_mgmt_ip(self):
- if not self.mgmtIp:
- with open(self.CMDLINE, 'r') as fd:
- cmdline = fd.read()
- for p in cmdline.split():
- if 'host' in p:
- self.mgmtIp = p.split("=")[1]
- break
-
- if not self.mgmtIp:
- raise Exception('cannot find host in %s' % Server.CMDLINE)
-
- return self.mgmtIp
-
- def _get_mgmt_port(self):
- if not self.mgmtPort:
- with open(self.CMDLINE, 'r') as fd:
- cmdline = fd.read()
- for p in cmdline.split():
- if 'port' in p:
- self.mgmtPort = p.split("=")[1]
- break
-
- if not self.mgmtIp:
- raise Exception('cannot find port in %s' % Server.CMDLINE)
-
- return self.mgmtPort
-
- def _make_sign(self, mac):
- apikey, secretkey = self._get_credentials()
- reqs = {
- "apiKey": apikey,
- "command": 'notifyBaremetalProvisionDone',
- "mac": mac
- }
-
- request = zip(reqs.keys(), reqs.values())
- request.sort(key=lambda x: str.lower(x[0]))
- hashStr = "&".join(["=".join([str.lower(r[0]), str.lower(urllib.quote_plus(str(r[1]))).replace("+", "%20").replace('=', '%3d')]) for r in request])
- sig = urllib.quote_plus(base64.encodestring(hmac.new(secretkey, hashStr, hashlib.sha1).digest()).strip())
- return sig
-
- def notify_provisioning_done(self, mac):
- sig = self._make_sign(mac)
- cmd = 'http://%s:%s/client/api?command=notifyBaremetalProvisionDone&mac=%s&apiKey=%s&signature=%s' % (self._get_mgmt_ip(), self._get_mgmt_port(), mac, self.apikey, sig)
- shell("curl -X GET '%s'" % cmd)
- return ''
-
-server = None
-
-@app.route('/baremetal/provisiondone/<mac>', methods=['GET'])
-def notify_provisioning_done(mac):
- try:
- return server.notify_provisioning_done(mac)
- except:
- logger.warn(traceback.format_exc())
- return ''
-
-
-if __name__ == '__main__':
- server = Server()
- shell("iptables-save | grep -- '-A INPUT -i eth0 -p tcp -m tcp --dport 10086 -j ACCEPT' > /dev/null || iptables -I INPUT -i eth0 -p tcp -m tcp --dport 10086 -j ACCEPT")
- app.run(host='0.0.0.0', port=10086, debug=True)
+#Licensed to the Apache Software Foundation (ASF) under one
+#or more contributor license agreements. See the NOTICE file
+#distributed with this work for additional information
+#regarding copyright ownership. The ASF licenses this file
+#to you under the Apache License, Version 2.0 (the
+#"License"); you may not use this file except in compliance
+#with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+#Unless required by applicable law or agreed to in writing,
+#software distributed under the License is distributed on an
+#"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+#KIND, either express or implied. See the License for the
+#specific language governing permissions and limitations
+#under the License.
+
+__author__ = 'frank'
+
+import subprocess
+import urllib
+import hmac
+import hashlib
+import base64
+import traceback
+import logging
+
+from flask import Flask
+
+app = Flask(__name__)
+
+logger = logging.getLogger('baremetal-vr')
+hdlr = logging.FileHandler('/var/log/baremetal-vr.log')
+formatter = logging.Formatter('%(asctime)s %(levelname)s %(message)s')
+hdlr.setFormatter(formatter)
+logger.addHandler(hdlr)
+logger.setLevel(logging.WARNING)
+
+class ShellCmd(object):
+ '''
+ classdocs
+ '''
+ def __init__(self, cmd, workdir=None, pipe=True):
+ '''
+ Constructor
+ '''
+ self.cmd = cmd
+ if pipe:
+ self.process = subprocess.Popen(cmd, shell=True, stdout=subprocess.PIPE, stdin=subprocess.PIPE, stderr=subprocess.PIPE, executable='/bin/sh', cwd=workdir)
+ else:
+ self.process = subprocess.Popen(cmd, shell=True, executable='/bin/sh', cwd=workdir)
+
+ self.stdout = None
+ self.stderr = None
+ self.return_code = None
+
+ def __call__(self, is_exception=True):
+ (self.stdout, self.stderr) = self.process.communicate()
+ if is_exception and self.process.returncode != 0:
+ err = []
+ err.append('failed to execute shell command: %s' % self.cmd)
+ err.append('return code: %s' % self.process.returncode)
+ err.append('stdout: %s' % self.stdout)
+ err.append('stderr: %s' % self.stderr)
+ raise Exception('\n'.join(err))
+
+ self.return_code = self.process.returncode
+ return self.stdout
+
+def shell(cmd):
+ return ShellCmd(cmd)()
+
+
+class Server(object):
+ CMDLINE = '/var/cache/cloud/cmdline'
+ def __init__(self):
+ self.apikey = None
+ self.secretkey = None
+ self.mgmtIp = None
+ self.mgmtPort = None
+
+ def _get_credentials(self):
+ if not self.apikey or not self.secretkey:
+ with open(self.CMDLINE, 'r') as fd:
+ cmdline = fd.read()
+ for p in cmdline.split():
+ if 'baremetalnotificationsecuritykey' in p:
+ self.secretkey = p.split("=")[1]
+ if 'baremetalnotificationapikey' in p:
+ self.apikey = p.split("=")[1]
+
+ if not self.apikey:
+ raise Exception('cannot find baremetalnotificationapikey in %s' % Server.CMDLINE)
+ if not self.secretkey:
+ raise Exception('cannot find baremetalnotificationsecuritykey in %s' % Server.CMDLINE)
+
+ return self.apikey, self.secretkey
+
+ def _get_mgmt_ip(self):
+ if not self.mgmtIp:
+ with open(self.CMDLINE, 'r') as fd:
+ cmdline = fd.read()
+ for p in cmdline.split():
+ if 'host' in p:
+ self.mgmtIp = p.split("=")[1]
+ break
+
+ if not self.mgmtIp:
+ raise Exception('cannot find host in %s' % Server.CMDLINE)
+
+ return self.mgmtIp
+
+ def _get_mgmt_port(self):
+ if not self.mgmtPort:
+ with open(self.CMDLINE, 'r') as fd:
+ cmdline = fd.read()
+ for p in cmdline.split():
+ if 'port' in p:
+ self.mgmtPort = p.split("=")[1]
+ break
+
+ if not self.mgmtIp:
+ raise Exception('cannot find port in %s' % Server.CMDLINE)
+
+ return self.mgmtPort
+
+ def _make_sign(self, mac):
+ apikey, secretkey = self._get_credentials()
+ reqs = {
+ "apiKey": apikey,
+ "command": 'notifyBaremetalProvisionDone',
+ "mac": mac
+ }
+
+ request = zip(reqs.keys(), reqs.values())
+ request.sort(key=lambda x: str.lower(x[0]))
+ hashStr = "&".join(["=".join([str.lower(r[0]), str.lower(urllib.quote_plus(str(r[1]))).replace("+", "%20").replace('=', '%3d')]) for r in request])
+ sig = urllib.quote_plus(base64.encodestring(hmac.new(secretkey, hashStr, hashlib.sha1).digest()).strip())
+ return sig
+
+ def notify_provisioning_done(self, mac):
+ sig = self._make_sign(mac)
+ cmd = 'http://%s:%s/client/api?command=notifyBaremetalProvisionDone&mac=%s&apiKey=%s&signature=%s' % (self._get_mgmt_ip(), self._get_mgmt_port(), mac, self.apikey, sig)
+ shell("curl -X GET '%s'" % cmd)
+ return ''
+
+server = None
+
+@app.route('/baremetal/provisiondone/<mac>', methods=['GET'])
+def notify_provisioning_done(mac):
+ try:
+ return server.notify_provisioning_done(mac)
+ except:
+ logger.warn(traceback.format_exc())
+ return ''
+
+
+if __name__ == '__main__':
+ server = Server()
+ shell("iptables-save | grep -- '-A INPUT -i eth0 -p tcp -m tcp --dport 10086 -j ACCEPT' > /dev/null || iptables -I INPUT -i eth0 -p tcp -m tcp --dport 10086 -j ACCEPT")
+ app.run(host='0.0.0.0', port=10086, debug=True)
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/baremetal_snat.sh b/systemvm/patches/debian/opt/cloud/bin/baremetal_snat.sh
similarity index 98%
rename from systemvm/patches/debian/config/opt/cloud/bin/baremetal_snat.sh
rename to systemvm/patches/debian/opt/cloud/bin/baremetal_snat.sh
index 22e5669..2092ded 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/baremetal_snat.sh
+++ b/systemvm/patches/debian/opt/cloud/bin/baremetal_snat.sh
@@ -48,7 +48,6 @@ fi
rule="-A FORWARD -d $internal_server_ip/32 -i eth0 -o eth1 -j ACCEPT"
iptables-save | grep -- "$rule" > /dev/null
-if [ $? -ne 0 ]; then
+if [ $? -ne 0 ]; then
iptables -I FORWARD -d $internal_server_ip/32 -i eth0 -o eth1 -j ACCEPT
fi
-
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/bumpup_priority.sh b/systemvm/patches/debian/opt/cloud/bin/bumpup_priority.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/bumpup_priority.sh
rename to systemvm/patches/debian/opt/cloud/bin/bumpup_priority.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/checkbatchs2svpn.sh b/systemvm/patches/debian/opt/cloud/bin/checkbatchs2svpn.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/checkbatchs2svpn.sh
rename to systemvm/patches/debian/opt/cloud/bin/checkbatchs2svpn.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/checkrouter.sh b/systemvm/patches/debian/opt/cloud/bin/checkrouter.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/checkrouter.sh
rename to systemvm/patches/debian/opt/cloud/bin/checkrouter.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/checks2svpn.sh b/systemvm/patches/debian/opt/cloud/bin/checks2svpn.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/checks2svpn.sh
rename to systemvm/patches/debian/opt/cloud/bin/checks2svpn.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cloud-nic.sh b/systemvm/patches/debian/opt/cloud/bin/cloud-nic.sh
similarity index 97%
rename from systemvm/patches/debian/config/opt/cloud/bin/cloud-nic.sh
rename to systemvm/patches/debian/opt/cloud/bin/cloud-nic.sh
index 871b789..ad7e6e5 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cloud-nic.sh
+++ b/systemvm/patches/debian/opt/cloud/bin/cloud-nic.sh
@@ -46,7 +46,7 @@ unplug_nic() {
rule=$(echo $rule | sed 's/\-A/\-D/')
sudo iptables -t mangle $rule
done
- sudo iptables -t mangle -X VPN_STATS_$dev 2>/dev/null
+ sudo iptables -t mangle -X VPN_STATS_$dev 2>/dev/null
# remove rules on this dev
iptables-save -t mangle | grep $dev | grep "\-A" | while read rule
do
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/configure.py b/systemvm/patches/debian/opt/cloud/bin/configure.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/configure.py
rename to systemvm/patches/debian/opt/cloud/bin/configure.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py b/systemvm/patches/debian/opt/cloud/bin/cs/CsAddress.py
similarity index 99%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py
rename to systemvm/patches/debian/opt/cloud/bin/cs/CsAddress.py
index 071a7b2..d190a72 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py
+++ b/systemvm/patches/debian/opt/cloud/bin/cs/CsAddress.py
@@ -717,4 +717,3 @@ class CsRpsrfs:
if count < 2:
logging.debug("Single CPU machine")
return count
-
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsApp.py b/systemvm/patches/debian/opt/cloud/bin/cs/CsApp.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs/CsApp.py
rename to systemvm/patches/debian/opt/cloud/bin/cs/CsApp.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsConfig.py b/systemvm/patches/debian/opt/cloud/bin/cs/CsConfig.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs/CsConfig.py
rename to systemvm/patches/debian/opt/cloud/bin/cs/CsConfig.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py b/systemvm/patches/debian/opt/cloud/bin/cs/CsDatabag.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py
rename to systemvm/patches/debian/opt/cloud/bin/cs/CsDatabag.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDhcp.py b/systemvm/patches/debian/opt/cloud/bin/cs/CsDhcp.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs/CsDhcp.py
rename to systemvm/patches/debian/opt/cloud/bin/cs/CsDhcp.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsFile.py b/systemvm/patches/debian/opt/cloud/bin/cs/CsFile.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs/CsFile.py
rename to systemvm/patches/debian/opt/cloud/bin/cs/CsFile.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsGuestNetwork.py b/systemvm/patches/debian/opt/cloud/bin/cs/CsGuestNetwork.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs/CsGuestNetwork.py
rename to systemvm/patches/debian/opt/cloud/bin/cs/CsGuestNetwork.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsHelper.py b/systemvm/patches/debian/opt/cloud/bin/cs/CsHelper.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs/CsHelper.py
rename to systemvm/patches/debian/opt/cloud/bin/cs/CsHelper.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsLoadBalancer.py b/systemvm/patches/debian/opt/cloud/bin/cs/CsLoadBalancer.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs/CsLoadBalancer.py
rename to systemvm/patches/debian/opt/cloud/bin/cs/CsLoadBalancer.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsMonitor.py b/systemvm/patches/debian/opt/cloud/bin/cs/CsMonitor.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs/CsMonitor.py
rename to systemvm/patches/debian/opt/cloud/bin/cs/CsMonitor.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsNetfilter.py b/systemvm/patches/debian/opt/cloud/bin/cs/CsNetfilter.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs/CsNetfilter.py
rename to systemvm/patches/debian/opt/cloud/bin/cs/CsNetfilter.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsProcess.py b/systemvm/patches/debian/opt/cloud/bin/cs/CsProcess.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs/CsProcess.py
rename to systemvm/patches/debian/opt/cloud/bin/cs/CsProcess.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRedundant.py b/systemvm/patches/debian/opt/cloud/bin/cs/CsRedundant.py
similarity index 98%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs/CsRedundant.py
rename to systemvm/patches/debian/opt/cloud/bin/cs/CsRedundant.py
index f8d2bc2..99c7458 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRedundant.py
+++ b/systemvm/patches/debian/opt/cloud/bin/cs/CsRedundant.py
@@ -74,8 +74,8 @@ class CsRedundant(object):
def _redundant_off(self):
CsHelper.service("conntrackd", "stop")
CsHelper.service("keepalived", "stop")
- CsHelper.umount_tmpfs(self.CS_RAMDISK_DIR)
- CsHelper.rmdir(self.CS_RAMDISK_DIR)
+ #CsHelper.umount_tmpfs(self.CS_RAMDISK_DIR)
+ #CsHelper.rmdir(self.CS_RAMDISK_DIR)
CsHelper.rm(self.CONNTRACKD_CONF)
CsHelper.rm(self.KEEPALIVED_CONF)
@@ -103,16 +103,16 @@ class CsRedundant(object):
if devUp:
logging.info("Device %s is present, let's start keepalive now." % dev)
isDeviceReady = True
-
+
if not isDeviceReady:
logging.info("Guest network not configured yet, let's stop router redundancy for now.")
CsHelper.service("conntrackd", "stop")
CsHelper.service("keepalived", "stop")
return
- CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False)
- CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR)
- CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False)
+ #CsHelper.mkdir(self.CS_RAMDISK_DIR, 0755, False)
+ #CsHelper.mount_tmpfs(self.CS_RAMDISK_DIR)
+ #CsHelper.mkdir(self.CS_ROUTER_DIR, 0755, False)
for s in self.CS_TEMPLATES:
d = s
if s.endswith(".templ"):
@@ -150,7 +150,7 @@ class CsRedundant(object):
# conntrackd configuration
conntrackd_template_conf = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ")
conntrackd_temp_bkp = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ.bkp")
-
+
CsHelper.copy(conntrackd_template_conf, conntrackd_temp_bkp)
conntrackd_tmpl = CsFile(conntrackd_template_conf)
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRoute.py b/systemvm/patches/debian/opt/cloud/bin/cs/CsRoute.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs/CsRoute.py
rename to systemvm/patches/debian/opt/cloud/bin/cs/CsRoute.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRule.py b/systemvm/patches/debian/opt/cloud/bin/cs/CsRule.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs/CsRule.py
rename to systemvm/patches/debian/opt/cloud/bin/cs/CsRule.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsStaticRoutes.py b/systemvm/patches/debian/opt/cloud/bin/cs/CsStaticRoutes.py
similarity index 95%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs/CsStaticRoutes.py
rename to systemvm/patches/debian/opt/cloud/bin/cs/CsStaticRoutes.py
index 57b259a..df98b2e 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsStaticRoutes.py
+++ b/systemvm/patches/debian/opt/cloud/bin/cs/CsStaticRoutes.py
@@ -17,8 +17,9 @@
# specific language governing permissions and limitations
# under the License.
+import logging
+import CsHelper
from CsDatabag import CsDataBag
-from CsRedundant import *
class CsStaticRoutes(CsDataBag):
@@ -39,4 +40,4 @@ class CsStaticRoutes(CsDataBag):
result = CsHelper.execute(command)
if not result:
route_command = "ip route add %s via %s" % (route['network'], route['gateway'])
- CsHelper.execute(route_command)
\ No newline at end of file
+ CsHelper.execute(route_command)
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/__init__.py b/systemvm/patches/debian/opt/cloud/bin/cs/__init__.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs/__init__.py
rename to systemvm/patches/debian/opt/cloud/bin/cs/__init__.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_cmdline.py b/systemvm/patches/debian/opt/cloud/bin/cs_cmdline.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs_cmdline.py
rename to systemvm/patches/debian/opt/cloud/bin/cs_cmdline.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_dhcp.py b/systemvm/patches/debian/opt/cloud/bin/cs_dhcp.py
similarity index 99%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs_dhcp.py
rename to systemvm/patches/debian/opt/cloud/bin/cs_dhcp.py
index 41a8d7e..64d8f8d 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_dhcp.py
+++ b/systemvm/patches/debian/opt/cloud/bin/cs_dhcp.py
@@ -31,4 +31,3 @@ def merge(dbag, data):
else:
dbag[data['ipv4_adress']] = data
return dbag
-
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_firewallrules.py b/systemvm/patches/debian/opt/cloud/bin/cs_firewallrules.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs_firewallrules.py
rename to systemvm/patches/debian/opt/cloud/bin/cs_firewallrules.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_forwardingrules.py b/systemvm/patches/debian/opt/cloud/bin/cs_forwardingrules.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs_forwardingrules.py
rename to systemvm/patches/debian/opt/cloud/bin/cs_forwardingrules.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_guestnetwork.py b/systemvm/patches/debian/opt/cloud/bin/cs_guestnetwork.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs_guestnetwork.py
rename to systemvm/patches/debian/opt/cloud/bin/cs_guestnetwork.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_ip.py b/systemvm/patches/debian/opt/cloud/bin/cs_ip.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs_ip.py
rename to systemvm/patches/debian/opt/cloud/bin/cs_ip.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_loadbalancer.py b/systemvm/patches/debian/opt/cloud/bin/cs_loadbalancer.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs_loadbalancer.py
rename to systemvm/patches/debian/opt/cloud/bin/cs_loadbalancer.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_monitorservice.py b/systemvm/patches/debian/opt/cloud/bin/cs_monitorservice.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs_monitorservice.py
rename to systemvm/patches/debian/opt/cloud/bin/cs_monitorservice.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_network_acl.py b/systemvm/patches/debian/opt/cloud/bin/cs_network_acl.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs_network_acl.py
rename to systemvm/patches/debian/opt/cloud/bin/cs_network_acl.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_remoteaccessvpn.py b/systemvm/patches/debian/opt/cloud/bin/cs_remoteaccessvpn.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs_remoteaccessvpn.py
rename to systemvm/patches/debian/opt/cloud/bin/cs_remoteaccessvpn.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_site2sitevpn.py b/systemvm/patches/debian/opt/cloud/bin/cs_site2sitevpn.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs_site2sitevpn.py
rename to systemvm/patches/debian/opt/cloud/bin/cs_site2sitevpn.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_staticroutes.py b/systemvm/patches/debian/opt/cloud/bin/cs_staticroutes.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs_staticroutes.py
rename to systemvm/patches/debian/opt/cloud/bin/cs_staticroutes.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_vmdata.py b/systemvm/patches/debian/opt/cloud/bin/cs_vmdata.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs_vmdata.py
rename to systemvm/patches/debian/opt/cloud/bin/cs_vmdata.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_vmp.py b/systemvm/patches/debian/opt/cloud/bin/cs_vmp.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs_vmp.py
rename to systemvm/patches/debian/opt/cloud/bin/cs_vmp.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_vpnusers.py b/systemvm/patches/debian/opt/cloud/bin/cs_vpnusers.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/cs_vpnusers.py
rename to systemvm/patches/debian/opt/cloud/bin/cs_vpnusers.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/dnsmasq.sh b/systemvm/patches/debian/opt/cloud/bin/dnsmasq.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/dnsmasq.sh
rename to systemvm/patches/debian/opt/cloud/bin/dnsmasq.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/edithosts.sh b/systemvm/patches/debian/opt/cloud/bin/edithosts.sh
similarity index 99%
rename from systemvm/patches/debian/config/opt/cloud/bin/edithosts.sh
rename to systemvm/patches/debian/opt/cloud/bin/edithosts.sh
index ab3f539..6f66331 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/edithosts.sh
+++ b/systemvm/patches/debian/opt/cloud/bin/edithosts.sh
@@ -17,7 +17,7 @@
# under the License.
-
+
# edithosts.sh -- edit the dhcphosts file on the routing domain
usage() {
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/getRouterAlerts.sh b/systemvm/patches/debian/opt/cloud/bin/getRouterAlerts.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/getRouterAlerts.sh
rename to systemvm/patches/debian/opt/cloud/bin/getRouterAlerts.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/get_template_version.sh b/systemvm/patches/debian/opt/cloud/bin/get_template_version.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/get_template_version.sh
rename to systemvm/patches/debian/opt/cloud/bin/get_template_version.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/ilb.sh b/systemvm/patches/debian/opt/cloud/bin/ilb.sh
similarity index 93%
rename from systemvm/patches/debian/config/opt/cloud/bin/ilb.sh
rename to systemvm/patches/debian/opt/cloud/bin/ilb.sh
index 86c261e..9c76277 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/ilb.sh
+++ b/systemvm/patches/debian/opt/cloud/bin/ilb.sh
@@ -34,7 +34,7 @@ usage() {
fw_remove_backup() {
logger -t cloud "$(basename $0): Entering fw_remove_backup"
local lb_vif_list=eth0
- for vif in $lb_vif_list; do
+ for vif in $lb_vif_list; do
sudo iptables -F back_load_balancer_$vif 2> /dev/null
sudo iptables -D INPUT -i $vif -p tcp -j back_load_balancer_$vif 2> /dev/null
sudo iptables -X back_load_balancer_$vif 2> /dev/null
@@ -47,7 +47,7 @@ fw_remove_backup() {
fw_restore() {
logger -t cloud "$(basename $0): Entering fw_restore"
local lb_vif_list="eth0"
- for vif in $lb_vif_list; do
+ for vif in $lb_vif_list; do
sudo iptables -F load_balancer_$vif 2> /dev/null
sudo iptables -D INPUT -i $vif -p tcp -j load_balancer_$vif 2> /dev/null
sudo iptables -X load_balancer_$vif 2> /dev/null
@@ -65,23 +65,23 @@ fw_entry() {
local added=$1
local removed=$2
local stats=$3
-
+
if [ "$added" == "none" ]
then
- added=""
+ added=""
fi
-
+
if [ "$removed" == "none" ]
then
- removed=""
+ removed=""
fi
-
+
local a=$(echo $added | cut -d, -f1- --output-delimiter=" ")
local r=$(echo $removed | cut -d, -f1- --output-delimiter=" ")
-# back up the iptable rules by renaming before creating new.
+# back up the iptable rules by renaming before creating new.
local lb_vif_list=eth0
- for vif in $lb_vif_list; do
+ for vif in $lb_vif_list; do
sudo iptables -E load_balancer_$vif back_load_balancer_$vif 2> /dev/null
sudo iptables -N load_balancer_$vif 2> /dev/null
sudo iptables -A INPUT -i $vif -p tcp -j load_balancer_$vif
@@ -93,21 +93,21 @@ fw_entry() {
for i in $a
do
local pubIp=$(echo $i | cut -d: -f1)
- local dport=$(echo $i | cut -d: -f2)
+ local dport=$(echo $i | cut -d: -f2)
local lb_vif_list="eth0"
- for vif in $lb_vif_list; do
+ for vif in $lb_vif_list; do
sudo iptables -A load_balancer_$vif -p tcp -d $pubIp --dport $dport -j ACCEPT
if [ $? -gt 0 ]
then
return 1
fi
- done
+ done
done
local pubIp=$(echo $stats | cut -d: -f1)
- local dport=$(echo $stats | cut -d: -f2)
+ local dport=$(echo $stats | cut -d: -f2)
local cidrs=$(echo $stats | cut -d: -f3 | sed 's/-/,/')
sudo iptables -A lb_stats -s $cidrs -p tcp -m state --state NEW -d $pubIp --dport $dport -j ACCEPT
-
+
return 0
}
@@ -123,7 +123,7 @@ restore_lb() {
logger -t cloud "Restoring HA Proxy to previous state"
# Copy the old version of haproxy.cfg into the file that reconfigLB.sh uses
cp /etc/haproxy/haproxy.cfg.old /etc/haproxy/haproxy.cfg.new
-
+
if [ $? -eq 0 ]
then
# Run reconfigLB.sh again
@@ -195,7 +195,7 @@ logger -t cloud "HAProxy reconfigured successfully, configuring firewall"
# iptables entry to ensure that haproxy receives traffic
fw_entry $addedIps $removedIps $statsIp
-
+
if [ $? -gt 0 ]
then
logger -t cloud "Failed to apply firewall rules for internal load balancing, reverting HA Proxy config"
@@ -211,5 +211,5 @@ else
logger -t cloud "Firewall configured successfully, deleting backup firewall config"
fw_remove_backup
fi
-
+
unlock_exit 0 $lock $locked
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/ipassoc.sh b/systemvm/patches/debian/opt/cloud/bin/ipassoc.sh
similarity index 97%
rename from systemvm/patches/debian/config/opt/cloud/bin/ipassoc.sh
rename to systemvm/patches/debian/opt/cloud/bin/ipassoc.sh
index ad50d4e..e2f95a3 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/ipassoc.sh
+++ b/systemvm/patches/debian/opt/cloud/bin/ipassoc.sh
@@ -16,7 +16,7 @@
# specific language governing permissions and limitations
# under the License.
-
+
# $Id: ipassoc.sh 9804 2010-06-22 18:36:49Z alex $ $HeadURL: svn://svn.lab.vmops.com/repos/vmdev/java/scripts/network/domr/ipassoc.sh $
# ipassoc.sh -- associate/disassociate a public ip with an instance
@@ -73,7 +73,7 @@ del_fw_chain_for_ip () {
logger -t cloud "$(basename $0): destroying firewall chain for $pubIp"
sudo iptables -t mangle -D PREROUTING -d $pubIp -j FIREWALL_$pubIp
sudo iptables -t mangle -F FIREWALL_$pubIp
- sudo iptables -t mangle -X FIREWALL_$pubIp
+ sudo iptables -t mangle -X FIREWALL_$pubIp
return $?
fi
# firewall chain got created as a result of testing for the chain, cleanup
@@ -89,7 +89,7 @@ del_vpn_chain_for_ip () {
logger -t cloud "$(basename $0): destroying vpn chain for $pubIp"
sudo iptables -t mangle -D PREROUTING -d $pubIp -j VPN_$pubIp
sudo iptables -t mangle -F VPN_$pubIp
- sudo iptables -t mangle -X VPN_$pubIp
+ sudo iptables -t mangle -X VPN_$pubIp
return $?
fi
# vpn chain got created as a result of testing for the chain, cleanup
@@ -112,7 +112,7 @@ remove_routing() {
# rules and routes will be deleted for the last ip of the interface.
sudo ip rule delete fwmark $tableNo table $tableName
sudo ip rule delete table $tableName
- sudo ip route flush table $tableName
+ sudo ip route flush table $tableName
sudo ip route flush cache
logger -t cloud "$(basename $0):Remove routing $pubIp - routes and rules deleted"
fi
@@ -127,10 +127,10 @@ copy_routes_from_main() {
local eth1Mask=$(ip route list scope link dev eth1 | awk '{print $1}')
local ethMask=$(getcidr $ethDev)
-# eth0,eth1 and other know routes will be skipped, so as main routing table will decide the route. This will be useful if the interface is down and up.
- sudo ip route add throw $eth0Mask table $tableName proto static
- sudo ip route add throw $eth1Mask table $tableName proto static
- sudo ip route add throw $ethMask table $tableName proto static
+# eth0,eth1 and other know routes will be skipped, so as main routing table will decide the route. This will be useful if the interface is down and up.
+ sudo ip route add throw $eth0Mask table $tableName proto static
+ sudo ip route add throw $eth1Mask table $tableName proto static
+ sudo ip route add throw $ethMask table $tableName proto static
return 0;
}
@@ -168,7 +168,7 @@ add_routing() {
local rulePresent=$(ip rule show | grep $ethMask)
if [ "$rulePresent" == "" ]
then
-# rules will be added while adding the first ip of the interface
+# rules will be added while adding the first ip of the interface
sudo ip rule add from $ethMask table $tableName
sudo ip rule add fwmark $tableNo table $tableName
logger -t cloud "$(basename $0):Add routing $pubIp rules added"
@@ -209,7 +209,7 @@ add_first_ip() {
local mask=$(echo $1 | awk -F'/' '{print $2}')
sudo ip link show $ethDev | grep "state DOWN" > /dev/null
local old_state=$?
-
+
ip_addr_add $ethDev $pubIp
sudo iptables -D FORWARD -i $ethDev -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
@@ -255,7 +255,7 @@ remove_first_ip() {
sudo iptables -D FORWARD -i $ethDev -o eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
sudo iptables -D FORWARD -i eth0 -o $ethDev -j FW_OUTBOUND
remove_snat $1
-
+
sudo ip addr del dev $ethDev "$ipNoMask/$mask"
if [ $? -gt 0 -a $? -ne 2 ]
then
@@ -297,7 +297,7 @@ add_an_ip () {
fi
add_routing $1
return $?
-
+
}
remove_an_ip () {
@@ -394,11 +394,11 @@ do
publicIp="$OPTARG"
;;
c) cflag=1
- ethDev="$OPTARG"
- ;;
+ ethDev="$OPTARG"
+ ;;
g) gflag=1
- defaultGwIP="$OPTARG"
- ;;
+ defaultGwIP="$OPTARG"
+ ;;
n) nflag=1
;;
?) usage
@@ -414,7 +414,7 @@ then
unlock_exit 2 $lock $locked
fi
-if [ "$lflag$cflag" != "11" ]
+if [ "$lflag$cflag" != "11" ]
then
usage
unlock_exit 2 $lock $locked
@@ -432,14 +432,14 @@ if [ "$fflag" == "1" ] && [ "$Aflag" == "1" ]
then
add_first_ip $publicIp &&
add_vpn_chain_for_ip $publicIp &&
- add_fw_chain_for_ip $publicIp
+ add_fw_chain_for_ip $publicIp
unlock_exit $? $lock $locked
fi
if [ "$Aflag" == "1" ]
-then
+then
add_an_ip $publicIp &&
- add_fw_chain_for_ip $publicIp
+ add_fw_chain_for_ip $publicIp
unlock_exit $? $lock $locked
fi
@@ -454,9 +454,8 @@ fi
if [ "$Dflag" == "1" ]
then
remove_an_ip $publicIp &&
- del_fw_chain_for_ip $publicIp
+ del_fw_chain_for_ip $publicIp
unlock_exit $? $lock $locked
fi
unlock_exit 0 $lock $locked
-
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh b/systemvm/patches/debian/opt/cloud/bin/ipsectunnel.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/ipsectunnel.sh
rename to systemvm/patches/debian/opt/cloud/bin/ipsectunnel.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/line_edit.py b/systemvm/patches/debian/opt/cloud/bin/line_edit.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/line_edit.py
rename to systemvm/patches/debian/opt/cloud/bin/line_edit.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/loadbalancer.sh b/systemvm/patches/debian/opt/cloud/bin/loadbalancer.sh
similarity index 92%
rename from systemvm/patches/debian/config/opt/cloud/bin/loadbalancer.sh
rename to systemvm/patches/debian/opt/cloud/bin/loadbalancer.sh
index e22bf94..34b3bf7 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/loadbalancer.sh
+++ b/systemvm/patches/debian/opt/cloud/bin/loadbalancer.sh
@@ -16,7 +16,7 @@
# specific language governing permissions and limitations
# under the License.
-
+
# $Id: loadbalancer.sh 9947 2010-06-25 19:34:24Z manuel $ $HeadURL: svn://svn.lab.vmops.com/repos/vmdev/java/patches/xenserver/root/loadbalancer.sh $
# loadbalancer.sh -- reconfigure loadbalancer rules
@@ -41,40 +41,40 @@ usage() {
ip_entry() {
local added=$1
local removed=$2
-
+
if [ "$added" == "none" ]
then
- added=""
+ added=""
fi
-
+
if [ "$removed" == "none" ]
then
- removed=""
+ removed=""
fi
-
+
local a=$(echo $added | cut -d, -f1- --output-delimiter=" ")
local r=$(echo $removed | cut -d, -f1- --output-delimiter=" ")
-
+
for i in $a
do
local pubIp=$(echo $i | cut -d: -f1)
- logger -t cloud "Adding public ip $pubIp for load balancing"
- for vif in $VIF_LIST; do
+ logger -t cloud "Adding public ip $pubIp for load balancing"
+ for vif in $VIF_LIST; do
sudo ip addr add dev $vif $pubIp/32
#ignore error since it is because the ip is already there
- done
+ done
done
for i in $r
do
- logger -t cloud "Removing public ips for deleted loadbalancers"
+ logger -t cloud "Removing public ips for deleted loadbalancers"
local pubIp=$(echo $i | cut -d: -f1)
- logger -t cloud "Removing public ip $pubIp for deleted loadbalancers"
- for vif in $VIF_LIST; do
- sudo ip addr del $pubIp/32 dev $vif
+ logger -t cloud "Removing public ip $pubIp for deleted loadbalancers"
+ for vif in $VIF_LIST; do
+ sudo ip addr del $pubIp/32 dev $vif
done
done
-
+
return 0
}
get_lb_vif_list() {
@@ -85,7 +85,7 @@ get_lb_vif_list() {
}
fw_remove_backup() {
local lb_vif_list=$(get_lb_vif_list)
- for vif in $lb_vif_list; do
+ for vif in $lb_vif_list; do
sudo iptables -F back_load_balancer_$vif 2> /dev/null
sudo iptables -D INPUT -i $vif -p tcp -j back_load_balancer_$vif 2> /dev/null
sudo iptables -X back_load_balancer_$vif 2> /dev/null
@@ -96,7 +96,7 @@ fw_remove_backup() {
}
fw_restore() {
local lb_vif_list=$(get_lb_vif_list)
- for vif in $lb_vif_list; do
+ for vif in $lb_vif_list; do
sudo iptables -F load_balancer_$vif 2> /dev/null
sudo iptables -D INPUT -i $vif -p tcp -j load_balancer_$vif 2> /dev/null
sudo iptables -X load_balancer_$vif 2> /dev/null
@@ -112,23 +112,23 @@ fw_entry() {
local added=$1
local removed=$2
local stats=$3
-
+
if [ "$added" == "none" ]
then
- added=""
+ added=""
fi
-
+
if [ "$removed" == "none" ]
then
- removed=""
+ removed=""
fi
-
+
local a=$(echo $added | cut -d, -f1- --output-delimiter=" ")
local r=$(echo $removed | cut -d, -f1- --output-delimiter=" ")
-# back up the iptable rules by renaming before creating new.
+# back up the iptable rules by renaming before creating new.
local lb_vif_list=$(get_lb_vif_list)
- for vif in $lb_vif_list; do
+ for vif in $lb_vif_list; do
sudo iptables -E load_balancer_$vif back_load_balancer_$vif 2> /dev/null
sudo iptables -N load_balancer_$vif 2> /dev/null
sudo iptables -A INPUT -i $vif -p tcp -j load_balancer_$vif
@@ -140,38 +140,38 @@ fw_entry() {
for i in $a
do
local pubIp=$(echo $i | cut -d: -f1)
- local dport=$(echo $i | cut -d: -f2)
+ local dport=$(echo $i | cut -d: -f2)
local lb_vif_list=$(get_lb_vif_list)
- for vif in $lb_vif_list; do
+ for vif in $lb_vif_list; do
#TODO : The below delete will be used only when we upgrade the from older verion to the newer one , the below delete become obsolute in the future.
sudo iptables -D INPUT -i $vif -p tcp -d $pubIp --dport $dport -j ACCEPT 2> /dev/null
sudo iptables -A load_balancer_$vif -p tcp -d $pubIp --dport $dport -j ACCEPT
-
+
if [ $? -gt 0 ]
then
return 1
fi
- done
+ done
done
local pubIp=$(echo $stats | cut -d: -f1)
- local dport=$(echo $stats | cut -d: -f2)
+ local dport=$(echo $stats | cut -d: -f2)
local cidrs=$(echo $stats | cut -d: -f3 | sed 's/-/,/')
sudo iptables -A lb_stats -s $cidrs -p tcp -m state --state NEW -d $pubIp --dport $dport -j ACCEPT
-
+
#TODO : The below delete in the for-loop will be used only when we upgrade the from older verion to the newer one , the below delete become obsolute in the future.
for i in $r
do
local pubIp=$(echo $i | cut -d: -f1)
- local dport=$(echo $i | cut -d: -f2)
-
- for vif in $VIF_LIST; do
+ local dport=$(echo $i | cut -d: -f2)
+
+ for vif in $VIF_LIST; do
sudo iptables -D INPUT -i $vif -p tcp -d $pubIp --dport $dport -j ACCEPT 2> /dev/null
done
done
-
+
return 0
}
@@ -187,7 +187,7 @@ restore_lb() {
logger -t cloud "Restoring HA Proxy to previous state"
# Copy the old version of haproxy.cfg into the file that reconfigLB.sh uses
cp /etc/haproxy/haproxy.cfg.old /etc/haproxy/haproxy.cfg.new
-
+
if [ $? -eq 0 ]
then
# Run reconfigLB.sh again
@@ -197,7 +197,7 @@ restore_lb() {
get_vif_list() {
local vif_list=""
- for i in /sys/class/net/eth*; do
+ for i in /sys/class/net/eth*; do
vif=$(basename $i);
if [ "$vif" != "eth0" ] && [ "$vif" != "eth1" ]
then
@@ -208,7 +208,7 @@ get_vif_list() {
then
vif_list="eth0"
fi
-
+
logger -t cloud "Loadbalancer public interfaces = $vif_list"
echo $vif_list
}
@@ -290,7 +290,7 @@ fi
# iptables entry to ensure that haproxy receives traffic
fw_entry $addedIps $removedIps $statsIp
-
+
if [ $? -gt 0 ]
then
logger -t cloud "Failed to apply firewall rules for load balancing, reverting HA Proxy config"
@@ -313,7 +313,5 @@ else
# Remove backedup iptable rules
fw_remove_backup
fi
-
-unlock_exit 0 $lock $locked
-
+unlock_exit 0 $lock $locked
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/master.py b/systemvm/patches/debian/opt/cloud/bin/master.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/master.py
rename to systemvm/patches/debian/opt/cloud/bin/master.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/merge.py b/systemvm/patches/debian/opt/cloud/bin/merge.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/merge.py
rename to systemvm/patches/debian/opt/cloud/bin/merge.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/monitor_service.sh b/systemvm/patches/debian/opt/cloud/bin/monitor_service.sh
similarity index 99%
rename from systemvm/patches/debian/config/opt/cloud/bin/monitor_service.sh
rename to systemvm/patches/debian/opt/cloud/bin/monitor_service.sh
index dfc6463..d9d8ec8 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/monitor_service.sh
+++ b/systemvm/patches/debian/opt/cloud/bin/monitor_service.sh
@@ -91,4 +91,3 @@ fi
unlock_exit 0 $lock $locked
-
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/netusage.sh b/systemvm/patches/debian/opt/cloud/bin/netusage.sh
similarity index 92%
rename from systemvm/patches/debian/config/opt/cloud/bin/netusage.sh
rename to systemvm/patches/debian/opt/cloud/bin/netusage.sh
index 3cf808e..5e20b0c 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/netusage.sh
+++ b/systemvm/patches/debian/opt/cloud/bin/netusage.sh
@@ -16,7 +16,7 @@
# specific language governing permissions and limitations
# under the License.
-
+
# netusage.sh -- create iptable rules to gather network stats, running within DomR
@@ -121,35 +121,34 @@ do
esac
done
-if [ "$cflag" == "1" ]
+if [ "$cflag" == "1" ]
then
- #create_usage_rules
+ #create_usage_rules
unlock_exit $? $lock $locked
fi
-if [ "$gflag" == "1" ]
+if [ "$gflag" == "1" ]
then
- get_usage
+ get_usage
unlock_exit $? $lock $locked
fi
-if [ "$rflag" == "1" ]
+if [ "$rflag" == "1" ]
then
- reset_usage
+ reset_usage
unlock_exit $? $lock $locked
fi
-if [ "$aflag" == "1" ]
+if [ "$aflag" == "1" ]
then
- #add_public_interface $publicIf
+ #add_public_interface $publicIf
unlock_exit $? $lock $locked
fi
-if [ "$dflag" == "1" ]
+if [ "$dflag" == "1" ]
then
- #delete_public_interface $publicIf
+ #delete_public_interface $publicIf
unlock_exit $? $lock $locked
fi
unlock_exit 0 $lock $locked
-
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/passwd_server b/systemvm/patches/debian/opt/cloud/bin/passwd_server
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/passwd_server
rename to systemvm/patches/debian/opt/cloud/bin/passwd_server
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/passwd_server_ip b/systemvm/patches/debian/opt/cloud/bin/passwd_server_ip
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/passwd_server_ip
rename to systemvm/patches/debian/opt/cloud/bin/passwd_server_ip
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/passwd_server_ip.py b/systemvm/patches/debian/opt/cloud/bin/passwd_server_ip.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/passwd_server_ip.py
rename to systemvm/patches/debian/opt/cloud/bin/passwd_server_ip.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/prepare_pxe.sh b/systemvm/patches/debian/opt/cloud/bin/prepare_pxe.sh
similarity index 99%
rename from systemvm/patches/debian/config/opt/cloud/bin/prepare_pxe.sh
rename to systemvm/patches/debian/opt/cloud/bin/prepare_pxe.sh
index 5bc1a93..9c4c18e 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/prepare_pxe.sh
+++ b/systemvm/patches/debian/opt/cloud/bin/prepare_pxe.sh
@@ -7,9 +7,9 @@
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
-#
+#
# http://www.apache.org/licenses/LICENSE-2.0
-#
+#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@@ -73,5 +73,3 @@ cp -f $mnt_path/$initrd_file_name $tmpt_dir/$initrd_file_name
umount $mnt_path
success
-
-
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/savepassword.sh b/systemvm/patches/debian/opt/cloud/bin/savepassword.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/savepassword.sh
rename to systemvm/patches/debian/opt/cloud/bin/savepassword.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/set_redundant.py b/systemvm/patches/debian/opt/cloud/bin/set_redundant.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/set_redundant.py
rename to systemvm/patches/debian/opt/cloud/bin/set_redundant.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/common.sh b/systemvm/patches/debian/opt/cloud/bin/setup/common.sh
similarity index 92%
rename from systemvm/patches/debian/config/opt/cloud/bin/setup/common.sh
rename to systemvm/patches/debian/opt/cloud/bin/setup/common.sh
index 3b766ef..e476745 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/setup/common.sh
+++ b/systemvm/patches/debian/opt/cloud/bin/setup/common.sh
@@ -621,57 +621,48 @@ setup_redundant_router() {
mount tmpfs /ramdisk -t tmpfs
mkdir -p /ramdisk/rrouter
ip route delete default
- cp /root/redundant_router/keepalived.conf.templ /etc/keepalived/keepalived.conf
- cp /root/redundant_router/conntrackd.conf.templ /etc/conntrackd/conntrackd.conf
- cp /root/redundant_router/enable_pubip.sh.templ $rrouter_bin_path/enable_pubip.sh
- cp /root/redundant_router/master.sh.templ $rrouter_bin_path/master.sh
- cp /root/redundant_router/backup.sh.templ $rrouter_bin_path/backup.sh
- cp /root/redundant_router/fault.sh.templ $rrouter_bin_path/fault.sh
- cp /root/redundant_router/primary-backup.sh.templ $rrouter_bin_path/primary-backup.sh
- cp /root/redundant_router/heartbeat.sh.templ $rrouter_bin_path/heartbeat.sh
- cp /root/redundant_router/check_heartbeat.sh.templ $rrouter_bin_path/check_heartbeat.sh
- cp /root/redundant_router/arping_gateways.sh.templ $rrouter_bin_path/arping_gateways.sh
- cp /root/redundant_router/check_bumpup.sh $rrouter_bin_path/
- cp /root/redundant_router/disable_pubip.sh $rrouter_bin_path/
- cp /root/redundant_router/checkrouter.sh.templ /opt/cloud/bin/checkrouter.sh
- cp /root/redundant_router/services.sh $rrouter_bin_path/
+
+ # Seed keepalived
+ cp /opt/cloud/templates/keepalived.conf.templ /etc/keepalived/keepalived.conf # changes!
sed -i "s/\[ROUTER_ID\]/$NAME/g" /etc/keepalived/keepalived.conf
- sed -i "s/\[ROUTER_IP\]/$GUEST_GW\/$GUEST_CIDR_SIZE/g" /etc/keepalived/keepalived.conf
+ sed -i "s/\[ROUTER_IP\]/$GUEST_GW\/$GUEST_CIDR_SIZE/g" /etc/keepalived/keepalived.conf #fixme, multiple ips?
sed -i "s/\[BOARDCAST\]/$GUEST_BRD/g" /etc/keepalived/keepalived.conf
sed -i "s/\[PRIORITY\]/$ROUTER_PR/g" /etc/keepalived/keepalived.conf
+ sed -i "s/\[PASS\]/$VM_PASSWORD/g" /etc/keepalived/keepalived.conf #FIXME, router password?
sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" /etc/keepalived/keepalived.conf
sed -i "s/\[DELTA\]/2/g" /etc/keepalived/keepalived.conf
+ sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived
+ if [ $ADVERT_INT ]
+ then
+ sed -i "s/advert_int 1/advert_int $ADVERT_INT/g" /etc/keepalived/keepalived.conf
+ fi
+
+ # Seed conntrackd
+ cp /opt/cloud/templates/conntrackd.conf.templ /etc/conntrackd/conntrackd.conf
sed -i "s/\[LINK_IF\]/eth0/g" /etc/conntrackd/conntrackd.conf
sed -i "s/\[LINK_IP\]/$ETH0_IP/g" /etc/conntrackd/conntrackd.conf
- sed -i "s/\[IGNORE_IP1\]/$GUEST_GW/g" /etc/conntrackd/conntrackd.conf
+ sed -i "s/\[IGNORE_IP1\]/$GUEST_GW/g" /etc/conntrackd/conntrackd.conf # checkme?
sed -i "s/\[IGNORE_IP2\]/$ETH0_IP/g" /etc/conntrackd/conntrackd.conf
sed -i "s/\[IGNORE_IP3\]/$ETH1_IP/g" /etc/conntrackd/conntrackd.conf
- sed -i "s/\[ETH2IP\]/$ETH2_IP/g" $rrouter_bin_path/enable_pubip.sh
- sed -i "s/\[ETH2MASK\]/$ETH2_MASK/g" $rrouter_bin_path/enable_pubip.sh
- sed -i "s/\[GATEWAY\]/$GW/g" $rrouter_bin_path/enable_pubip.sh
- sed -i "s/\[GATEWAY\]/$GW/g" $rrouter_bin_path/master.sh
- sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" $rrouter_bin_path/master.sh
- sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" $rrouter_bin_path/backup.sh
- sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" $rrouter_bin_path/fault.sh
+
+ # ramdisk scripts
+ cp /opt/cloud/templates/heartbeat.sh.templ $rrouter_bin_path/heartbeat.sh
+ cp /opt/cloud/templates/check_heartbeat.sh.templ $rrouter_bin_path/check_heartbeat.sh
+ cp /opt/cloud/templates/arping_gateways.sh.templ $rrouter_bin_path/arping_gateways.sh
+ cp /opt/cloud/templates/check_bumpup.sh $rrouter_bin_path/
+ cp /opt/cloud/templates/checkrouter.sh.templ /opt/cloud/bin/checkrouter.sh # changes!
+ #sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" /opt/cloud/bin/checkrouter.sh
+
sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" $rrouter_bin_path/heartbeat.sh
sed -i "s/\[RROUTER_BIN_PATH\]/$rrouter_bin_path_str/g" $rrouter_bin_path/check_heartbeat.sh
- sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/master.sh
- sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/backup.sh
- sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/fault.sh
- sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/primary-backup.sh
sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/check_heartbeat.sh
sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" $rrouter_bin_path/arping_gateways.sh
- sed -i "s/\[RROUTER_LOG\]/$rrouter_log_str/g" /opt/cloud/bin/checkrouter.sh
- if [ $ADVERT_INT ]
- then
- sed -i "s/advert_int 1/advert_int $ADVERT_INT/g" /etc/keepalived/keepalived.conf
- fi
chmod a+x $rrouter_bin_path/*.sh
- sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived
+
crontab -l|grep "check_heartbeat.sh"
if [ $? -ne 0 ]
then
- (crontab -l; echo -e "SHELL=/bin/bash\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n*/1 * * * * $rrouter_bin_path/check_heartbeat.sh 2>&1 > /dev/null") | crontab
+ (crontab -l; echo -e "SHELL=/bin/bash\nPATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin\n* * * * * $rrouter_bin_path/check_heartbeat.sh 2>&1 > /dev/null") | crontab
fi
}
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/consoleproxy.sh b/systemvm/patches/debian/opt/cloud/bin/setup/consoleproxy.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/setup/consoleproxy.sh
rename to systemvm/patches/debian/opt/cloud/bin/setup/consoleproxy.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/default.sh b/systemvm/patches/debian/opt/cloud/bin/setup/default.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/setup/default.sh
rename to systemvm/patches/debian/opt/cloud/bin/setup/default.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/dhcpsrvr.sh b/systemvm/patches/debian/opt/cloud/bin/setup/dhcpsrvr.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/setup/dhcpsrvr.sh
rename to systemvm/patches/debian/opt/cloud/bin/setup/dhcpsrvr.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/elbvm.sh b/systemvm/patches/debian/opt/cloud/bin/setup/elbvm.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/setup/elbvm.sh
rename to systemvm/patches/debian/opt/cloud/bin/setup/elbvm.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/ilbvm.sh b/systemvm/patches/debian/opt/cloud/bin/setup/ilbvm.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/setup/ilbvm.sh
rename to systemvm/patches/debian/opt/cloud/bin/setup/ilbvm.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/patchsystemvm.sh b/systemvm/patches/debian/opt/cloud/bin/setup/patchsystemvm.sh
similarity index 95%
rename from systemvm/patches/debian/config/opt/cloud/bin/setup/patchsystemvm.sh
rename to systemvm/patches/debian/opt/cloud/bin/setup/patchsystemvm.sh
index 43c3c92..d09cc03 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/setup/patchsystemvm.sh
+++ b/systemvm/patches/debian/opt/cloud/bin/setup/patchsystemvm.sh
@@ -46,9 +46,9 @@ TYPE=$2
echo "Patching systemvm for cloud service with mount=$PATCH_MOUNT for type=$TYPE" >> $logfile
-if [ "$TYPE" == "consoleproxy" ] || [ "$TYPE" == "secstorage" ] && [ -f ${PATCH_MOUNT}/systemvm.zip ]
+if [ "$TYPE" == "consoleproxy" ] || [ "$TYPE" == "secstorage" ] && [ -f ${PATCH_MOUNT}/agent.zip ]
then
- patch_systemvm ${PATCH_MOUNT}/systemvm.zip
+ patch_systemvm ${PATCH_MOUNT}/agent.zip
if [ $? -gt 0 ]
then
echo "Failed to apply patch systemvm\n" >> $logfile
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/router.sh b/systemvm/patches/debian/opt/cloud/bin/setup/router.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/setup/router.sh
rename to systemvm/patches/debian/opt/cloud/bin/setup/router.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/secstorage.sh b/systemvm/patches/debian/opt/cloud/bin/setup/secstorage.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/setup/secstorage.sh
rename to systemvm/patches/debian/opt/cloud/bin/setup/secstorage.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/setup/vpcrouter.sh b/systemvm/patches/debian/opt/cloud/bin/setup/vpcrouter.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/setup/vpcrouter.sh
rename to systemvm/patches/debian/opt/cloud/bin/setup/vpcrouter.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/update_config.py b/systemvm/patches/debian/opt/cloud/bin/update_config.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/update_config.py
rename to systemvm/patches/debian/opt/cloud/bin/update_config.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/vmdata.py b/systemvm/patches/debian/opt/cloud/bin/vmdata.py
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/vmdata.py
rename to systemvm/patches/debian/opt/cloud/bin/vmdata.py
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/vpc_func.sh b/systemvm/patches/debian/opt/cloud/bin/vpc_func.sh
similarity index 99%
rename from systemvm/patches/debian/config/opt/cloud/bin/vpc_func.sh
rename to systemvm/patches/debian/opt/cloud/bin/vpc_func.sh
index 2f88351..8edcba6 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/vpc_func.sh
+++ b/systemvm/patches/debian/opt/cloud/bin/vpc_func.sh
@@ -30,7 +30,7 @@ getEthByIp (){
fi
done
return 1
-}
+}
getVPCcidr () {
CMDLINE=$(cat /var/cache/cloud/cmdline)
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/vpc_netusage.sh b/systemvm/patches/debian/opt/cloud/bin/vpc_netusage.sh
similarity index 93%
rename from systemvm/patches/debian/config/opt/cloud/bin/vpc_netusage.sh
rename to systemvm/patches/debian/opt/cloud/bin/vpc_netusage.sh
index 7aa75cb..5f5dc3e 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/vpc_netusage.sh
+++ b/systemvm/patches/debian/opt/cloud/bin/vpc_netusage.sh
@@ -35,19 +35,19 @@ usage() {
create_usage_rules () {
iptables-save|grep "NETWORK_STATS_$ethDev" > /dev/null
if [ $? -gt 0 ]
- then
+ then
iptables -N NETWORK_STATS_$ethDev > /dev/null;
iptables -I FORWARD -j NETWORK_STATS_$ethDev > /dev/null;
iptables -A NETWORK_STATS_$ethDev -o $ethDev -s $vcidr > /dev/null;
iptables -A NETWORK_STATS_$ethDev -i $ethDev -d $vcidr > /dev/null;
- fi
+ fi
return $?
}
create_vpn_usage_rules () {
iptables-save|grep "VPN_STATS_$ethDev" > /dev/null
if [ $? -gt 0 ]
- then
+ then
iptables -t mangle -N VPN_STATS_$ethDev > /dev/null;
iptables -t mangle -I FORWARD -j VPN_STATS_$ethDev > /dev/null;
iptables -t mangle -A VPN_STATS_$ethDev -o $ethDev -m mark --mark $vpnoutmark > /dev/null;
@@ -110,7 +110,7 @@ do
n) nflag=1
;;
d) dflag=1
- ;;
+ ;;
i) #Do nothing, since it's parameter for host script
;;
?) usage
@@ -120,37 +120,37 @@ do
done
ethDev=$(getEthByIp $publicIp)
-if [ "$cflag" == "1" ]
+if [ "$cflag" == "1" ]
then
if [ "$ethDev" != "" ]
then
create_usage_rules
create_vpn_usage_rules
unlock_exit 0 $lock $locked
- fi
+ fi
fi
-if [ "$gflag" == "1" ]
+if [ "$gflag" == "1" ]
then
- get_usage
+ get_usage
unlock_exit $? $lock $locked
fi
-if [ "$nflag" == "1" ]
+if [ "$nflag" == "1" ]
then
- #get_vpn_usage
+ #get_vpn_usage
unlock_exit $? $lock $locked
fi
-if [ "$dflag" == "1" ]
+if [ "$dflag" == "1" ]
then
#remove_usage_rules
unlock_exit 0 $lock $locked
fi
-if [ "$rflag" == "1" ]
+if [ "$rflag" == "1" ]
then
- reset_usage
+ reset_usage
unlock_exit $? $lock $locked
fi
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/vpc_passwd_server b/systemvm/patches/debian/opt/cloud/bin/vpc_passwd_server
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/vpc_passwd_server
rename to systemvm/patches/debian/opt/cloud/bin/vpc_passwd_server
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/vpc_snat.sh b/systemvm/patches/debian/opt/cloud/bin/vpc_snat.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/vpc_snat.sh
rename to systemvm/patches/debian/opt/cloud/bin/vpc_snat.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/vpc_staticroute.sh b/systemvm/patches/debian/opt/cloud/bin/vpc_staticroute.sh
similarity index 97%
rename from systemvm/patches/debian/config/opt/cloud/bin/vpc_staticroute.sh
rename to systemvm/patches/debian/opt/cloud/bin/vpc_staticroute.sh
index 2a9f50a..4721f5d 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/vpc_staticroute.sh
+++ b/systemvm/patches/debian/opt/cloud/bin/vpc_staticroute.sh
@@ -72,7 +72,7 @@ static_route() {
local gateway=$(echo $rule | cut -d: -f2)
local cidr=$(echo $rule | cut -d: -f3)
logger -t cloud "$(basename $0): static route: public ip=$ip \
- gateway=$gateway cidr=$cidr"
+ gateway=$gateway cidr=$cidr"
local dev=$(getEthByIp $ip)
if [ $? -gt 0 ]
then
@@ -81,7 +81,7 @@ static_route() {
sudo ip route add $cidr dev $dev via $gateway table static_route &>/dev/null
result=$?
logger -t cloud "$(basename $0): done static route: public ip=$ip \
- gateway=$gateway cidr=$cidr"
+ gateway=$gateway cidr=$cidr"
return $result
}
@@ -131,4 +131,3 @@ else
flush_table_backup
fi
unlock_exit $success $lock $locked
-
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/vr_cfg.sh b/systemvm/patches/debian/opt/cloud/bin/vr_cfg.sh
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/bin/vr_cfg.sh
rename to systemvm/patches/debian/opt/cloud/bin/vr_cfg.sh
diff --git a/systemvm/patches/debian/opt/cloud/templates/README b/systemvm/patches/debian/opt/cloud/templates/README
new file mode 100644
index 0000000..8d7df47
--- /dev/null
+++ b/systemvm/patches/debian/opt/cloud/templates/README
@@ -0,0 +1,2 @@
+These are the templates for the redundant router
+and redundant vpc_router
diff --git a/systemvm/patches/debian/config/root/redundant_router/arping_gateways.sh.templ b/systemvm/patches/debian/opt/cloud/templates/arping_gateways.sh.templ
similarity index 100%
rename from systemvm/patches/debian/config/root/redundant_router/arping_gateways.sh.templ
rename to systemvm/patches/debian/opt/cloud/templates/arping_gateways.sh.templ
diff --git a/systemvm/patches/debian/config/root/redundant_router/check_bumpup.sh b/systemvm/patches/debian/opt/cloud/templates/check_bumpup.sh
similarity index 100%
rename from systemvm/patches/debian/config/root/redundant_router/check_bumpup.sh
rename to systemvm/patches/debian/opt/cloud/templates/check_bumpup.sh
diff --git a/systemvm/patches/debian/config/opt/cloud/templates/check_heartbeat.sh.templ b/systemvm/patches/debian/opt/cloud/templates/check_heartbeat.sh.templ
similarity index 99%
rename from systemvm/patches/debian/config/opt/cloud/templates/check_heartbeat.sh.templ
rename to systemvm/patches/debian/opt/cloud/templates/check_heartbeat.sh.templ
index a9cbf30..2ab9aba 100755
--- a/systemvm/patches/debian/config/opt/cloud/templates/check_heartbeat.sh.templ
+++ b/systemvm/patches/debian/opt/cloud/templates/check_heartbeat.sh.templ
@@ -52,7 +52,7 @@ then
#Set fault so we have the same effect as a KeepaliveD fault.
python /opt/cloud/bin/master.py --fault
-
+
pkill -9 keepalived >> $ROUTER_LOG 2>&1
pkill -9 conntrackd >> $ROUTER_LOG 2>&1
echo Status: FAULT \(keepalived process is dead\) >> $ROUTER_LOG
diff --git a/systemvm/patches/debian/config/opt/cloud/templates/checkrouter.sh.templ b/systemvm/patches/debian/opt/cloud/templates/checkrouter.sh.templ
similarity index 98%
rename from systemvm/patches/debian/config/opt/cloud/templates/checkrouter.sh.templ
rename to systemvm/patches/debian/opt/cloud/templates/checkrouter.sh.templ
index 0ba0ee5..fcfc58d 100755
--- a/systemvm/patches/debian/config/opt/cloud/templates/checkrouter.sh.templ
+++ b/systemvm/patches/debian/opt/cloud/templates/checkrouter.sh.templ
@@ -34,4 +34,4 @@ else
fi
fi
-echo "Status: ${STATUS}"
\ No newline at end of file
+echo "Status: ${STATUS}"
diff --git a/systemvm/patches/debian/config/opt/cloud/templates/conntrackd.conf.templ b/systemvm/patches/debian/opt/cloud/templates/conntrackd.conf.templ
similarity index 96%
rename from systemvm/patches/debian/config/opt/cloud/templates/conntrackd.conf.templ
rename to systemvm/patches/debian/opt/cloud/templates/conntrackd.conf.templ
index 40f92a0..3e38af1 100644
--- a/systemvm/patches/debian/config/opt/cloud/templates/conntrackd.conf.templ
+++ b/systemvm/patches/debian/opt/cloud/templates/conntrackd.conf.templ
@@ -45,7 +45,7 @@ Sync {
#
# If the firewall replica goes from primary to backup,
- # the conntrackd -t command is invoked in the script.
+ # the conntrackd -t command is invoked in the script.
# This command schedules a flush of the table in N seconds.
# This is useful to purge the connection tracking table of
# zombie entries and avoid clashes with old entries if you
@@ -90,7 +90,7 @@ Sync {
# iptables -I OUTPUT -d 225.0.0.50 -j ACCEPT
#
Multicast {
- #
+ #
# Multicast address: The address that you use as destination
# in the synchronization messages. You do not have to add
# this IP to any of your existing interfaces. If any doubt,
@@ -141,7 +141,7 @@ Sync {
#
RcvSocketBuffer 1249280
- #
+ #
# Enable/Disable message checksumming. This is a good
# property to achieve fault-tolerance. In case of doubt, do
# not modify this value.
@@ -154,8 +154,8 @@ Sync {
# more than one dedicated link does not mean that state-updates will
# be sent to all of them. There is only one active dedicated link at
# a given moment. The `Default' keyword indicates that this interface
- # will be selected as the initial dedicated link. You can have
- # up to 4 redundant dedicated links. Note: Use different multicast
+ # will be selected as the initial dedicated link. You can have
+ # up to 4 redundant dedicated links. Note: Use different multicast
# groups for every redundant link.
#
# Multicast Default {
@@ -172,9 +172,9 @@ Sync {
# You can use Unicast UDP instead of Multicast to propagate events.
# Note that you cannot use unicast UDP and Multicast at the same
# time, you can only select one.
- #
+ #
# UDP {
- #
+ #
# UDP address that this firewall uses to listen to events.
#
# IPv4_address 192.168.2.100
@@ -204,7 +204,7 @@ Sync {
#
# Interface eth2
- #
+ #
# The sender socket buffer size
#
# SndSocketBuffer 1249280
@@ -214,8 +214,8 @@ Sync {
#
# RcvSocketBuffer 1249280
- #
- # Enable/Disable message checksumming.
+ #
+ # Enable/Disable message checksumming.
#
# Checksum on
# }
@@ -255,7 +255,7 @@ General {
HashSize 32768
#
- # Maximum number of conntracks, it should be double of:
+ # Maximum number of conntracks, it should be double of:
# $ cat /proc/sys/net/netfilter/nf_conntrack_max
# since the daemon may keep some dead entries cached for possible
# retransmission during state synchronization.
@@ -276,7 +276,7 @@ General {
#
# Lockfile
- #
+ #
LockFile /var/lock/conntrack.lock
#
@@ -326,7 +326,7 @@ General {
#
# NetlinkEventsReliable Off
- #
+ #
# By default, the daemon receives state updates following an
# event-driven model. You can modify this behaviour by switching to
# polling mode with the PollSecs clause. This clause tells conntrackd
@@ -355,13 +355,13 @@ General {
# State. The filter is attached to an action that can be: Accept or
# Ignore. Thus, you can define the event filtering policy of the
# filter-sets in positive or negative logic depending on your needs.
- # You can select if conntrackd filters the event messages from
+ # You can select if conntrackd filters the event messages from
# user-space or kernel-space. The kernel-space event filtering
# saves some CPU cycles by avoiding the copy of the event message
# from kernel-space to user-space. The kernel-space event filtering
# is prefered, however, you require a Linux kernel >= 2.6.29 to
- # filter from kernel-space. If you want to select kernel-space
- # event filtering, use the keyword 'Kernelspace' instead of
+ # filter from kernel-space. If you want to select kernel-space
+ # event filtering, use the keyword 'Kernelspace' instead of
# 'Userspace'.
#
Filter From Userspace {
@@ -405,7 +405,7 @@ General {
#
# Uncomment this line below if you want to filter by flow state.
# This option introduces a trade-off in the replication: it
- # reduces CPU consumption at the cost of having lazy backup
+ # reduces CPU consumption at the cost of having lazy backup
# firewall replicas. The existing TCP states are: SYN_SENT,
# SYN_RECV, ESTABLISHED, FIN_WAIT, CLOSE_WAIT, LAST_ACK,
# TIME_WAIT, CLOSED, LISTEN.
diff --git a/systemvm/patches/debian/config/opt/cloud/templates/heartbeat.sh.templ b/systemvm/patches/debian/opt/cloud/templates/heartbeat.sh.templ
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/templates/heartbeat.sh.templ
rename to systemvm/patches/debian/opt/cloud/templates/heartbeat.sh.templ
diff --git a/systemvm/patches/debian/config/opt/cloud/templates/keepalived.conf.templ b/systemvm/patches/debian/opt/cloud/templates/keepalived.conf.templ
similarity index 99%
rename from systemvm/patches/debian/config/opt/cloud/templates/keepalived.conf.templ
rename to systemvm/patches/debian/opt/cloud/templates/keepalived.conf.templ
index c843939..d14611d 100644
--- a/systemvm/patches/debian/config/opt/cloud/templates/keepalived.conf.templ
+++ b/systemvm/patches/debian/opt/cloud/templates/keepalived.conf.templ
@@ -48,4 +48,4 @@ vrrp_instance inside_network {
notify_backup "/opt/cloud/bin/master.py --backup"
notify_master "/opt/cloud/bin/master.py --master"
notify_fault "/opt/cloud/bin/master.py --fault"
-}
\ No newline at end of file
+}
diff --git a/systemvm/patches/debian/config/opt/cloud/testdata/README b/systemvm/patches/debian/opt/cloud/testdata/README
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/testdata/README
rename to systemvm/patches/debian/opt/cloud/testdata/README
diff --git a/systemvm/patches/debian/opt/cloud/testdata/acl0001.json b/systemvm/patches/debian/opt/cloud/testdata/acl0001.json
new file mode 100644
index 0000000..ee068dc
--- /dev/null
+++ b/systemvm/patches/debian/opt/cloud/testdata/acl0001.json
@@ -0,0 +1,54 @@
+{
+ "eth2": {
+ "device": "eth2",
+ "egress_rules": [
+ {
+ "allowed": false,
+ "cidr": "10.0.6.0/8",
+ "first_port": 60,
+ "last_port": 60,
+ "type": "tcp"
+ }
+ ],
+ "ingress_rules": [
+ {
+ "allowed": true,
+ "cidr": "10.0.1.0/8",
+ "protocol": 41,
+ "type": "protocol"
+ },
+ {
+ "allowed": true,
+ "cidr": "10.0.4.0/8",
+ "type": "all"
+ },
+ {
+ "allowed": true,
+ "cidr": "10.0.3.0/8",
+ "icmp_code": -1,
+ "icmp_type": -1,
+ "type": "icmp"
+ },
+ {
+ "allowed": true,
+ "cidr": "10.0.2.0/8",
+ "first_port": 40,
+ "last_port": 40,
+ "type": "udp"
+ },
+ {
+ "allowed": true,
+ "cidr": "10.0.1.0/8",
+ "first_port": 30,
+ "last_port": 30,
+ "type": "tcp"
+ }
+ ],
+ "mac_address": "02:00:0d:7b:00:04",
+ "nic_ip": "172.16.1.1",
+ "nic_netmask": "24",
+ "private_gateway_acl": false,
+ "type": "networkacl"
+ },
+ "id": "networkacl"
+}
diff --git a/systemvm/patches/debian/config/opt/cloud/testdata/dhcp0001.json b/systemvm/patches/debian/opt/cloud/testdata/dhcp0001.json
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/testdata/dhcp0001.json
rename to systemvm/patches/debian/opt/cloud/testdata/dhcp0001.json
diff --git a/systemvm/patches/debian/config/opt/cloud/testdata/gn0001.json b/systemvm/patches/debian/opt/cloud/testdata/gn0001.json
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/testdata/gn0001.json
rename to systemvm/patches/debian/opt/cloud/testdata/gn0001.json
diff --git a/systemvm/patches/debian/config/opt/cloud/testdata/ips0001.json b/systemvm/patches/debian/opt/cloud/testdata/ips0001.json
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/testdata/ips0001.json
rename to systemvm/patches/debian/opt/cloud/testdata/ips0001.json
diff --git a/systemvm/patches/debian/config/opt/cloud/testdata/ips0002.json b/systemvm/patches/debian/opt/cloud/testdata/ips0002.json
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/testdata/ips0002.json
rename to systemvm/patches/debian/opt/cloud/testdata/ips0002.json
diff --git a/systemvm/patches/debian/config/opt/cloud/testdata/ips0003.json b/systemvm/patches/debian/opt/cloud/testdata/ips0003.json
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/testdata/ips0003.json
rename to systemvm/patches/debian/opt/cloud/testdata/ips0003.json
diff --git a/systemvm/patches/debian/config/opt/cloud/testdata/s2s0001.json b/systemvm/patches/debian/opt/cloud/testdata/s2s0001.json
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/testdata/s2s0001.json
rename to systemvm/patches/debian/opt/cloud/testdata/s2s0001.json
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/test.sh b/systemvm/patches/debian/opt/cloud/testdata/test.sh
similarity index 99%
rename from systemvm/patches/debian/config/opt/cloud/bin/test.sh
rename to systemvm/patches/debian/opt/cloud/testdata/test.sh
index 0ffd4e5..8410e24 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/test.sh
+++ b/systemvm/patches/debian/opt/cloud/testdata/test.sh
@@ -22,4 +22,3 @@ cp /opt/cloud/testdata/* /etc/cloudstack
/opt/cloud/bin/update_config.py ips0001.json
/opt/cloud/bin/update_config.py ips0002.json
/opt/cloud/bin/update_config.py ips0003.json
-
diff --git a/systemvm/patches/debian/config/opt/cloud/testdata/vmp0001.json b/systemvm/patches/debian/opt/cloud/testdata/vmp0001.json
similarity index 100%
rename from systemvm/patches/debian/config/opt/cloud/testdata/vmp0001.json
rename to systemvm/patches/debian/opt/cloud/testdata/vmp0001.json
diff --git a/systemvm/patches/debian/qemuconvert.sh b/systemvm/patches/debian/qemuconvert.sh
deleted file mode 100755
index dc8eb15..0000000
--- a/systemvm/patches/debian/qemuconvert.sh
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-
-
-
-echo "Converting raw image to qcow2"
-qemu-img convert -f raw -O qcow2 systemvm.img systemvm.qcow2
-echo "Compressing qcow2..."
-bzip2 -c systemvm.qcow2 > systemvm.qcow2.bz2
-echo "Done qcow2"
-echo "Converting raw image to vmdk"
-qemu-img convert -f raw -O vmdk systemvm.img systemvm.vmdk
-echo "Compressing vmdk..."
-bzip2 -c systemvm.vmdk > systemvm.vmdk.bz2
-echo "Done vmdk"
diff --git a/systemvm/patches/debian/config/root/.ssh/authorized_keys b/systemvm/patches/debian/root/.ssh/authorized_keys
similarity index 100%
rename from systemvm/patches/debian/config/root/.ssh/authorized_keys
rename to systemvm/patches/debian/root/.ssh/authorized_keys
diff --git a/systemvm/patches/debian/config/root/clearUsageRules.sh b/systemvm/patches/debian/root/clearUsageRules.sh
similarity index 99%
rename from systemvm/patches/debian/config/root/clearUsageRules.sh
rename to systemvm/patches/debian/root/clearUsageRules.sh
index 061688b..393bc64 100755
--- a/systemvm/patches/debian/config/root/clearUsageRules.sh
+++ b/systemvm/patches/debian/root/clearUsageRules.sh
@@ -15,7 +15,7 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-
+
# clearUsageRules.sh - remove iptable rules for removed public interfaces
# @VERSION@
diff --git a/systemvm/patches/debian/config/root/func.sh b/systemvm/patches/debian/root/func.sh
similarity index 100%
rename from systemvm/patches/debian/config/root/func.sh
rename to systemvm/patches/debian/root/func.sh
diff --git a/systemvm/patches/debian/config/root/monitorServices.py b/systemvm/patches/debian/root/monitorServices.py
similarity index 99%
rename from systemvm/patches/debian/config/root/monitorServices.py
rename to systemvm/patches/debian/root/monitorServices.py
index c1dfba2..75d1004 100755
--- a/systemvm/patches/debian/config/root/monitorServices.py
+++ b/systemvm/patches/debian/root/monitorServices.py
@@ -378,10 +378,3 @@ def main():
if __name__ == "__main__":
main()
-
-
-
-
-
-
-
diff --git a/systemvm/patches/debian/config/root/reconfigLB.sh b/systemvm/patches/debian/root/reconfigLB.sh
similarity index 99%
rename from systemvm/patches/debian/config/root/reconfigLB.sh
rename to systemvm/patches/debian/root/reconfigLB.sh
index e68cc3d..a641939 100755
--- a/systemvm/patches/debian/config/root/reconfigLB.sh
+++ b/systemvm/patches/debian/root/reconfigLB.sh
@@ -37,4 +37,3 @@ new_config=$1
fi
exit $ret
-
diff --git a/systemvm/patches/debian/systemvm.vmx b/systemvm/patches/debian/systemvm.vmx
deleted file mode 100644
index 9b93449..0000000
--- a/systemvm/patches/debian/systemvm.vmx
+++ /dev/null
@@ -1,37 +0,0 @@
-config.version = "8"
-displayname = "systemvm"
-ethernet0.addressType = "generated"
-ethernet0.connectionType = "bridged"
-ethernet0.present = "true"
-ethernet0.startConnected = "true"
-ethernet0.virtualDev = "e1000"
-floppy0.autodetect = "false"
-floppy0.fileType = "device"
-floppy0.present = "true"
-floppy0.startConnected = "false"
-guestos = "debian5"
-ide0:0.deviceType = "disk"
-ide0:0.fileName = "systemvm.vmdk"
-ide0:0.present = "true"
-ide1:0.autodetect = "true"
-ide1:0.deviceType = "atapi-cdrom"
-ide1:0.present = "true"
-ide1:0.startConnected = "false"
-memsize = "256"
-numvcpus = "1"
-pciBridge0.present = "TRUE"
-pciBridge4.functions = "8"
-pciBridge4.present = "TRUE"
-pciBridge4.virtualDev = "pcieRootPort"
-pciBridge5.functions = "8"
-pciBridge5.present = "TRUE"
-pciBridge5.virtualDev = "pcieRootPort"
-pciBridge6.functions = "8"
-pciBridge6.present = "TRUE"
-pciBridge6.virtualDev = "pcieRootPort"
-pciBridge7.functions = "8"
-pciBridge7.present = "TRUE"
-pciBridge7.virtualDev = "pcieRootPort"
-svga.autodetect = "true"
-virtualhw.version = "7"
-vmci0.present = "TRUE"
diff --git a/systemvm/patches/debian/systemvm.xml b/systemvm/patches/debian/systemvm.xml
deleted file mode 100644
index fffc077..0000000
--- a/systemvm/patches/debian/systemvm.xml
+++ /dev/null
@@ -1,53 +0,0 @@
-<!--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-<domain type='kvm' id='4'>
- <name>systemvm2</name>
- <memory>1572864</memory>
- <currentMemory>1572864</currentMemory>
- <vcpu>1</vcpu>
- <os>
- <type arch='i686' >hvm</type>
- </os>
- <features>
- <acpi/>
- <apic/>
- <pae/>
- </features>
- <clock offset='utc'/>
- <on_poweroff>destroy</on_poweroff>
- <on_reboot>restart</on_reboot>
- <on_crash>restart</on_crash>
- <devices>
- <!--<emulator>/usr/bin/qemu-system-x86_64</emulator>-->
- <emulator>/usr/bin/qemu-kvm</emulator>
- <disk type='file' device='disk'>
- <driver name='qemu' type='raw' cache='writeback'/>
- <source file='/var/lib/images/systemvm2/systemvm.img'/>
- <!-- <target dev='hda' bus='ide'/> -->
- <target dev='vda' bus='virtio'/>
- </disk>
- <interface type='network'>
- <mac address='52:54:00:65:a8:eb'/>
- <source network='default'/>
- <target dev='vnet0'/>
- <model type='virtio' />
- </interface>
- <input type='mouse' bus='ps2'/>
- <graphics type='vnc' port='5900' autoport='yes'/>
- </devices>
-</domain>
-
diff --git a/systemvm/patches/debian/config/var/www/html/latest/.htaccess b/systemvm/patches/debian/var/www/html/latest/.htaccess
similarity index 99%
rename from systemvm/patches/debian/config/var/www/html/latest/.htaccess
rename to systemvm/patches/debian/var/www/html/latest/.htaccess
index 5c9da02..725e7e1 100644
--- a/systemvm/patches/debian/config/var/www/html/latest/.htaccess
+++ b/systemvm/patches/debian/var/www/html/latest/.htaccess
@@ -21,4 +21,3 @@ RewriteRule ^public-ipv4/?$ ../metadata/%{REMOTE_ADDR}/public-ipv4 [L,NC,QSA]
RewriteRule ^public-keys/?$ ../metadata/%{REMOTE_ADDR}/public-keys [L,NC,QSA]
RewriteRule ^service-offering/?$ ../metadata/%{REMOTE_ADDR}/service-offering [L,NC,QSA]
RewriteRule ^vm-id/?$ ../metadata/%{REMOTE_ADDR}/vm-id [L,NC,QSA]
-
diff --git a/systemvm/patches/debian/config/var/www/html/userdata/.htaccess b/systemvm/patches/debian/var/www/html/userdata/.htaccess
similarity index 100%
rename from systemvm/patches/debian/config/var/www/html/userdata/.htaccess
rename to systemvm/patches/debian/var/www/html/userdata/.htaccess
diff --git a/systemvm/patches/debian/vhdconvert.sh b/systemvm/patches/debian/vhdconvert.sh
deleted file mode 100755
index 0b0dbfb..0000000
--- a/systemvm/patches/debian/vhdconvert.sh
+++ /dev/null
@@ -1,40 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-
-
-
-# BUILDING vhd-util on Linux
-# The xen repository has a tool called vhd-util that compiles and runs on any linux system
-# (http://xenbits.xensource.com/xen-4.0-testing.hg?file/8e8dd38374e9/tools/blktap2/vhd/ or full Xen source at http://www.xen.org/products/xen_source.html).
-# Apply this patch: http://lists.xensource.com/archives/cgi-bin/mesg.cgi?a=xen-devel&i=006101cb22f6%242004dd40%24600e97c0%24%40zhuo%40cloudex.cn.
-# Build the vhd-util tool:
-# cd tools/blktap2
-# make
-# sudo make install
-
-echo "Backing up systemvm.img"
-cp systemvm.img systemvm.img.tmp
-echo "Converting raw image to fixed vhd"
-vhd-util convert -s 0 -t 1 -i systemvm.img.tmp -o systemvm.vhd
-echo "Converting fixed vhd to dynamic vhd"
-vhd-util convert -s 1 -t 2 -i systemvm.vhd -o systemvm.vhd
-echo "Compressing..."
-bzip2 -c systemvm.vhd > systemvm.vhd.bz2
-echo "Done"
diff --git a/systemvm/patches/debian/xe/xe-daemon b/systemvm/patches/debian/xe/xe-daemon
deleted file mode 100644
index bc514d7..0000000
--- a/systemvm/patches/debian/xe/xe-daemon
+++ /dev/null
@@ -1,65 +0,0 @@
-#!/bin/bash
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-LANG="C"
-export LANG
-
-usage() {
- echo "$0 [ -p <pidfile> ]" >&2
- exit 1
-}
-
-# Parse command line opts
-while [ $# -ne 0 ] ; do
- arg="$1"
- shift
- case "$arg" in
- "-p")
- [ $# -eq 0 ] && usage
- pidfile="$1"
- shift
- mkdir -p "$(dirname "$pidfile")"
- echo $$ > "$pidfile"
- ;;
- *)
- usage
- ;;
- esac
-done
-
-XE_UPDATE_GUEST_ATTRS=${XE_UPDATE_GUEST_ATTRS:-/usr/sbin/xe-update-guest-attrs}
-XE_DAEMON_RATE=${XE_DAEMON_RATE:-60} # run once a minute by default
-XE_MEMORY_UPDATE_DIVISOR=${XE_MEMORY_UPDATE_DIVISOR:-2} # update mem stats 1/2 as often by dflt
-
-# Delete xenstore cache following each reboot
-rm -rf /var/cache/xenstore
-
-MEMORY_UPDATE_COUNTER=0
-while true ; do
- if [ ${MEMORY_UPDATE_COUNTER} -eq 0 ] ; then
- MEMORY=--memory
- MEMORY_UPDATE_COUNTER=${XE_MEMORY_UPDATE_DIVISOR}
- else
- MEMORY=
- fi
- MEMORY_UPDATE_COUNTER=$((${MEMORY_UPDATE_COUNTER} - 1))
- ${XE_UPDATE_GUEST_ATTRS} ${MEMORY}
-
- sleep ${XE_DAEMON_RATE}
-done
diff --git a/systemvm/patches/debian/xe/xe-linux-distribution b/systemvm/patches/debian/xe/xe-linux-distribution
deleted file mode 100644
index 774f1c7..0000000
--- a/systemvm/patches/debian/xe/xe-linux-distribution
+++ /dev/null
@@ -1,267 +0,0 @@
-#! /bin/sh
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# Script to write information about the current distribution to stdout or a file.
-# Information collected:
-# - Distribution name
-# - Distribution version (major and minor)
-# - Kernel version (uname)
-
-LANG="C"
-export LANG
-
-
-write_to_output()
-{
- local distro="$1"
- local major="$2"
- local minor="$3"
- local name="$4"
- local uname=$(uname -r)
-
- if [ -n "${TEST_RESULT}" ] ; then
- MAJOR=$major
- MINOR=$minor
- DISTRO=$distro
- UNAME=$uname
- return 0
- fi
-
- echo "os_distro=\"${distro}\""
- echo "os_majorver=\"${major}\""
- echo "os_minorver=\"${minor}\""
- echo "os_uname=\"${uname}\""
- echo "os_name=\"${name}\""
-
- return 0
-}
-
-identify_debian()
-{
- local debian_version="$1"
- local major
- local minor
-
- # 3.1
- # 4.0
- # Ignores testing and unstable which contain ".*/sid".
-
- if [ ! -f "${debian_version}" ] ; then
- return 1
- fi
-
- eval $(awk -F. '/^[0-9]*\.[0-9]*/ \
- { print "major="$1 ; print "minor="$2 ; exit 0 }' \
- "${debian_version}")
-
- if [ -z "${major}" ] && [ -z "${minor}" ] && ! grep -q /sid "${debian_version}" ; then
- return 1
- fi
-
- write_to_output "debian" "${major}" "${minor}" "Debian $(head -n 1 $debian_version)"
-
- return 0
-}
-
-identify_redhat()
-{
- redhat_release="$1"
- local distro
- local major
- local minor
- local beta
-
- # distro=rhel
- # Red Hat Enterprise Linux AS release 3 (Taroon Update 6)
- # Red Hat Enterprise Linux AS release 3 (Taroon Update 8)
- # Red Hat Enterprise Linux AS release 4 (Nahant)
- # Red Hat Enterprise Linux AS release 4 (Nahant Update 1)
- # Red Hat Enterprise Linux AS release 4 (Nahant Update 2)
- # Red Hat Enterprise Linux AS release 4 (Nahant Update 3)
- # Red Hat Enterprise Linux AS release 4 (Nahant Update 4)
- # Red Hat Enterprise Linux Server release 4.92 (Tikanga)
- # Red Hat Enterprise Linux Server release 5 (Tikanga)
- # Red Hat Enterprise Linux Server release 5.1 Beta (Tikanga)
-
- # distro=xe-ddk
- # \@PRODUCT_BRAND\@ DDK release \@PRODUCT_VERSION\@-\@BUILD_NUMBER\@ (\@PRODUCT_NAME\@)
- # Rio DDK release 0.5.6-2991c (xenenterprise)
-
- # distro=xe-sdk
- # \@PRODUCT_BRAND\@ SDK release \@PRODUCT_VERSION\@-\@BUILD_NUMBER\@ (\@PRODUCT_NAME\@)
- # Rio SDK release 0.5.6-2991c (xenenterprise)
-
- # distro=fedora
- # Fedora Core release 3 (Heidelberg)
-
- # distro=centos
- # CentOS release 4.0 (Final)
- # CentOS release 5 (Final)
-
- # distro=oracle
- # Enterprise Linux Enterprise Linux Server release 5 (Carthage)
-
- if [ ! -f "${redhat_release}" ] ; then
- return 1
- fi
-
- eval $(sed -n \
- -e 's/^\(.*\) DDK release \(.*\)-\(.*\) (.*)$/distro=xe-ddk;major=\2;minor=\3/gp;' \
- -e 's/^\(.*\) SDK release \(.*\)-\(.*\) (.*)$/distro=xe-sdk;major=\2;minor=\3/gp;' \
- -e 's/^Red Hat Enterprise Linux .* release \([0-9]*\) (.* Update \(.*\))$/distro=rhel;major=\1;minor=\2/gp;'\
- -e 's/^Red Hat Enterprise Linux .* release \([0-9]*\) (.*)$/distro=rhel;major=\1/gp;' \
- -e 's/^Red Hat Enterprise Linux .* release \([0-9]*\)\.\([0-9]*\) \([Bb]eta \)\?(.*)$/distro=rhel;major=\1;minor=\2;beta=\3;/gp;' \
- -e 's/^Fedora.*release \([0-9]*\) (.*)$/distro=fedora;major=\1/gp;' \
- -e 's/^CentOS release \([0-9]*\)\.\([0-9]*\) (.*)/distro=centos;major=\1;minor=\2/gp;' \
- -e 's/^CentOS release \([0-9]*\) (.*)/distro=centos;major=\1/gp;' \
- -e 's/^Enterprise Linux Enterprise Linux .* release \([0-9]*\)\.\([0-9]*\) (.*)$/distro=oracle;major=\1;minor=\2;/gp;' \
- -e 's/^Enterprise Linux Enterprise Linux .* release \([0-9]*\) (.*)$/distro=oracle;major=\1/gp;' \
- "${redhat_release}")
-
- if [ -z "${major}" -o -z "${distro}" ] ; then
- return 1
- fi
-
- if [ -z "${minor}" ] ; then
- minor=0
- fi
-
- # HACK to handle RHEL betas
- if [ "${distro}" == "rhel" ] && [ ${minor} -gt 90 ] ; then
- major=$(expr ${major} + 1 )
- minor=0
- beta=Beta
- fi
-
- if [ -n "${beta}" ] ; then
- minor="${minor}beta"
- fi
-
- write_to_output "${distro}" "${major}" "${minor}" "$(head -n 1 ${redhat_release})"
-
-}
-
-identify_sles()
-{
- suse_release="$1"
- local major
- local minor
- local _major
-
- # SUSE LINUX Enterprise Server 9 (i586)
- # VERSION = 9
- #
- # SUSE LINUX Enterprise Server 9 (i586)
- # VERSION = 9
- # PATCHLEVEL = 2
- #
- # SUSE LINUX Enterprise Server 9 (i586)
- # VERSION = 9
- # PATCHLEVEL = 3
- #
- # SUSE Linux Enterprise Server 10 (i586)
- # VERSION = 10
- #
- # SUSE Linux Enterprise Server 10 (i586)
- # VERSION = 10
- # PATCHLEVEL = 1
- #
- # SUSE Linux Enterprise Server 11 (i586)
- # VERSION = 11
- # PATCHLEVEL = 0
-
- if [ ! -f "${suse_release}" ] ; then
- return 1
- fi
-
- eval $(sed -n \
- -e 's/^SUSE L\(inux\|INUX\) Enterprise Server \([0-9]*\) (.*)/_major=\2;/gp;' \
- -e 's/^VERSION = \([0-9]*\)$/major=\1;/gp;' \
- -e 's/^PATCHLEVEL = \([0-9]*\)$/minor=\1;/gp;' \
- "${suse_release}")
-
- if [ -z "${major}" -o -z "${_major}" ] ; then
- return 1
- fi
-
- if [ "${major}" != "${_major}" ] ; then
- return 1
- fi
-
- if [ -z "${minor}" ] ; then
- minor=0
- fi
-
- write_to_output "sles" "${major}" "${minor}" "$(head -n 1 ${suse_release})"
-
-}
-
-identify_lsb()
-{
- lsb_release="$1"
-
- if [ ! -x "${lsb_release}" ] ; then
- saved_IFS=$IFS
- IFS=:
- for i in $PATH ; do
- if [ -x "${i}/${lsb_release}" ] ; then
- lsb_release="${i}/${lsb_release}"
- break
- fi
- done
- IFS=$saved_IFS
- fi
-
- if [ ! -x "${lsb_release}" ] ; then
- return 1
- fi
-
- distro=$(${lsb_release} --short --id | tr 'A-Z' 'a-z')
- description=$(${lsb_release} --short --description | sed -e 's/^"\(.*\)"$/\1/g')
- release=$(${lsb_release} --short --release)
-
- if [ -z "${distro}" -o -z "${release}" ] ; then
- return 1
- fi
-
- eval $(echo $release | awk -F. -- '{ print "major=" $1 ; print "minor=" $2 }')
-
- if [ -z "${major}" -o -z "${distro}" ] ; then
- return 1
- fi
-
- write_to_output "${distro}" "${major}" "${minor}" "${description}"
-}
-
-if [ $# -eq 1 ] ; then
- exec 1>"$1"
-fi
-
-if [ -z "${TEST}" ] ; then
- identify_redhat /etc/redhat-release && exit 0
- identify_sles /etc/SuSE-release && exit 0
- identify_lsb lsb_release && exit 0
- identify_debian /etc/debian_version && exit 0
-
- if [ $# -eq 1 ] ; then
- rm -f "$1"
- fi
-
- exit 1
-fi
diff --git a/systemvm/patches/debian/xe/xe-update-guest-attrs b/systemvm/patches/debian/xe/xe-update-guest-attrs
deleted file mode 100644
index 6c605be..0000000
--- a/systemvm/patches/debian/xe/xe-update-guest-attrs
+++ /dev/null
@@ -1,226 +0,0 @@
-#!/bin/sh
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# Script to write information about the guest to XenStore.
-#
-# Information collected (if --memory NOT passed in):
-# - Distribution name
-# - Distribution version (major and minor)
-# - Kernel version (uname)
-# - IP address for each Ethernet interface
-#
-# Information collected (if --memory IS passed in):
-# - memtotal
-# - memfree
-#
-# Memory stats are separated out because they change all the time
-# and so we may not want to update them as frequently
-
-LANG="C"
-export LANG
-
-
-XE_LINUX_DISTRIBUTION_CACHE=/var/cache/xe-linux-distribution
-
-IPADDR_RE="\([[:digit:]]\{1,3\}\.\)\{3\}[[:digit:]]\{1,3\}"
-
-export PATH=/usr/sbin:/usr/bin:/sbin:/bin
-XENSTORE=${XENSTORE:-xenstore}
-
-XENSTORE_UPDATED=0
-
-# parse command line opts
-
-MEMORY_MODE=0 # do not update memory stats
-while [ $# -ge 1 ] ; do
- if [ "$1" = "--memory" ] ; then
- MEMORY_MODE=1 # update only memory stats
- fi
- shift
-done
-
-xenstore_write_cached() {
- key="$1" newval="$2"
- cache=/var/cache/xenstore/$key
- if [ -f $cache ] ; then
- # cache exists
- oldval=$(cat "$cache")
- if [ "$oldval" = "$newval" ] ; then
- # value unchanged
- return 0
- fi
- else
- # cache does not exist
- if [ -e $cache ] ; then
- # something (directory?) in its way
- rm -rf $cache
- fi
- fi
-
- # try to write and update cache if successfull
- if $XENSTORE-write "$key" "$newval" ; then
- mkdir -p $(dirname "$cache")
- echo -n "$newval" > "$cache"
- XENSTORE_UPDATED=1
- return 0
- fi
- return 1
-}
-
-# If we detect a domain change then delete our cache and force a refresh
-domid=$(xenstore-read "domid")
-cache=/var/cache/xenstore/unique-domain-id
-newval=$(xenstore-read "/local/domain/${domid}/unique-domain-id")
-if [ -e $cache ]; then
- oldval=$(cat "$cache")
- if [ "$oldval" != "$newval" ]; then
- # domain changed
- rm -rf /var/cache/xenstore
- fi
-fi
-mkdir -p $(dirname "$cache")
-echo -n "$newval" > "$cache"
-
-xenstore_rm_cached() {
- key="$1"
- cache=/var/cache/xenstore/$key
- if [ ! -e $cache ] ; then
- return 1
- fi
- # try to write and update cache if successfull
- if $XENSTORE-rm "$key" ; then
- rm -rf "$cache"
- XENSTORE_UPDATED=1
- return 0
- fi
- return 1
-}
-
-xenstore_list_interfaces_cached() {
- topdir=/var/cache/xenstore/attr
- if [ -d $topdir ] ; then
- cd $topdir
- for dir in * ; do
- [ -f $dir/ip ] && echo $dir
- done
- fi
-}
-
-if [ $MEMORY_MODE -eq 1 ] ; then
- # Update the memory information
- eval $(cat /proc/meminfo | \
- sed -n -e 's/MemTotal\: *\([0-9]*\)[^$]*/memtotal=\1/gp;' \
- -e 's/MemFree\: *\([0-9]*\)[^$]*/memfree=\1/gp;')
-
- xenstore_write_cached "data/meminfo_total" "${memtotal}"
- xenstore_write_cached "data/meminfo_free" "${memfree}"
-fi
-
-
-
-# e.g.
-# $ ip addr show
-# 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
-# link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
-# inet 127.0.0.1/8 scope host lo
-# inet6 ::1/128 scope host
-# valid_lft forever preferred_lft forever
-# 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
-# link/ether 00:13:20:95:e8:74 brd ff:ff:ff:ff:ff:ff
-# inet 172.31.0.57/20 brd 172.31.15.255 scope global eth0
-# inet6 fe80::213:20ff:fe95:e874/64 scope link
-# valid_lft forever preferred_lft forever
-# 3: sit0: <NOARP> mtu 1480 qdisc noop
-# link/sit 0.0.0.0 brd 0.0.0.0
-
-#eval $(ip addr show | \
-# sed -n -e 's/^[[:digit:]]*: \([a-z0-9]*\): .*/ifs="\$ifs \1"; current="\1"; /gp;' \
-# -e 's/^[[:space:]]\{4\}inet \('${IPADDR_RE}'\)\/.*/eval inet_\${current}="\1"; /gp;')
-
-# e.g.
-# eth0 Link encap:Ethernet HWaddr 00:13:20:95:E8:74
-# inet addr:172.31.0.57 Bcast:172.31.15.255 Mask:255.255.240.0
-# inet6 addr: fe80::213:20ff:fe95:e874/64 Scope:Link
-# UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
-# RX packets:98001128 errors:0 dropped:0 overruns:0 frame:0
-# TX packets:87728920 errors:0 dropped:0 overruns:0 carrier:0
-# collisions:0 txqueuelen:1000
-# RX bytes:35864034092 (33.4 GiB) TX bytes:27544025180 (25.6 GiB)
-# Interrupt:177
-#
-# lo Link encap:Local Loopback
-# inet addr:127.0.0.1 Mask:255.0.0.0
-# inet6 addr: ::1/128 Scope:Host
-# UP LOOPBACK RUNNING MTU:16436 Metric:1
-# RX packets:32928 errors:0 dropped:0 overruns:0 frame:0
-# TX packets:32928 errors:0 dropped:0 overruns:0 carrier:0
-# collisions:0 txqueuelen:0
-# RX bytes:3604609 (3.4 MiB) TX bytes:3604609 (3.4 MiB)
-
-eval $(/sbin/ifconfig | \
- sed -n -e '/^[0-9a-z][0-9a-z]*\:/,/^$/d' \
- -e 's/^\([0-9a-z][0-9a-z]*\) .*/ifs="\$ifs \1"; current="\1"; /gp;' \
- -e 's/ *inet addr:\('$IPADDR_RE'\) .*/eval inet_\${current}="\1"; /gp;')
-
-# network
-for if in $ifs ; do
-
- [ "${if}" = "lo" ] && continue
- inet=$(eval echo \${inet_${if}})
- [ -z "${inet}" ] && continue
-
- xenstore_write_cached "attr/${if}/ip" "${inet}"
-done
-
-# remove any interfaces that have been unplugged or downed
-for at in $(xenstore_list_interfaces_cached) ; do
- for if in $ifs ; do
- [ "${if}" = "${at}" ] && continue 2
- done
- xenstore_rm_cached "attr/${at}"
-done
-
-# distro
-if [ -f ${XE_LINUX_DISTRIBUTION_CACHE} ] ; then
- . ${XE_LINUX_DISTRIBUTION_CACHE}
- for key in os_name os_majorver os_minorver os_uname os_distro ; do
- new=$(eval echo \${${key}})
- [ -n "${new}" ] || continue
- xenstore_write_cached "data/${key}" "${new}"
- done
-fi
-
-# whether I support ballooning or not
-xenstore_write_cached "control/feature-balloon" "1"
-
-# whether I support ballooning or not
-xenstore_write_cached "control/feature-balloon" "1"
-
-# build time addons
-xenstore_write_cached "attr/PVAddons/MajorVersion" "5"
-xenstore_write_cached "attr/PVAddons/MinorVersion" "6"
-xenstore_write_cached "attr/PVAddons/MicroVersion" "0"
-xenstore_write_cached "attr/PVAddons/BuildVersion" "31188"
-xenstore_write_cached "attr/PVAddons/Installed" "1"
-
-# update xenstore if necc
-if [ $XENSTORE_UPDATED -eq 1 ] ; then
- xenstore_write_cached "data/updated" "$(date)"
-fi
-
diff --git a/systemvm/test/python/TestCsAddress.py b/systemvm/patches/test/TestCsAddress.py
similarity index 100%
rename from systemvm/test/python/TestCsAddress.py
rename to systemvm/patches/test/TestCsAddress.py
diff --git a/systemvm/test/python/TestCsApp.py b/systemvm/patches/test/TestCsApp.py
similarity index 100%
rename from systemvm/test/python/TestCsApp.py
rename to systemvm/patches/test/TestCsApp.py
diff --git a/systemvm/test/python/TestCsCmdLine.py b/systemvm/patches/test/TestCsCmdLine.py
similarity index 100%
rename from systemvm/test/python/TestCsCmdLine.py
rename to systemvm/patches/test/TestCsCmdLine.py
diff --git a/systemvm/test/python/TestCsConfig.py b/systemvm/patches/test/TestCsConfig.py
similarity index 100%
rename from systemvm/test/python/TestCsConfig.py
rename to systemvm/patches/test/TestCsConfig.py
diff --git a/systemvm/test/python/TestCsDatabag.py b/systemvm/patches/test/TestCsDatabag.py
similarity index 100%
rename from systemvm/test/python/TestCsDatabag.py
rename to systemvm/patches/test/TestCsDatabag.py
diff --git a/systemvm/test/python/TestCsDhcp.py b/systemvm/patches/test/TestCsDhcp.py
similarity index 100%
rename from systemvm/test/python/TestCsDhcp.py
rename to systemvm/patches/test/TestCsDhcp.py
diff --git a/systemvm/test/python/TestCsFile.py b/systemvm/patches/test/TestCsFile.py
similarity index 100%
rename from systemvm/test/python/TestCsFile.py
rename to systemvm/patches/test/TestCsFile.py
diff --git a/systemvm/test/python/TestCsGuestNetwork.py b/systemvm/patches/test/TestCsGuestNetwork.py
similarity index 100%
rename from systemvm/test/python/TestCsGuestNetwork.py
rename to systemvm/patches/test/TestCsGuestNetwork.py
diff --git a/systemvm/test/python/TestCsHelper.py b/systemvm/patches/test/TestCsHelper.py
similarity index 100%
rename from systemvm/test/python/TestCsHelper.py
rename to systemvm/patches/test/TestCsHelper.py
diff --git a/systemvm/test/python/TestCsInterface.py b/systemvm/patches/test/TestCsInterface.py
similarity index 100%
rename from systemvm/test/python/TestCsInterface.py
rename to systemvm/patches/test/TestCsInterface.py
diff --git a/systemvm/test/python/TestCsNetfilter.py b/systemvm/patches/test/TestCsNetfilter.py
similarity index 100%
rename from systemvm/test/python/TestCsNetfilter.py
rename to systemvm/patches/test/TestCsNetfilter.py
diff --git a/systemvm/test/python/TestCsProcess.py b/systemvm/patches/test/TestCsProcess.py
similarity index 100%
rename from systemvm/test/python/TestCsProcess.py
rename to systemvm/patches/test/TestCsProcess.py
diff --git a/systemvm/test/python/TestCsRedundant.py b/systemvm/patches/test/TestCsRedundant.py
similarity index 100%
rename from systemvm/test/python/TestCsRedundant.py
rename to systemvm/patches/test/TestCsRedundant.py
diff --git a/systemvm/test/python/TestCsRoute.py b/systemvm/patches/test/TestCsRoute.py
similarity index 100%
rename from systemvm/test/python/TestCsRoute.py
rename to systemvm/patches/test/TestCsRoute.py
diff --git a/systemvm/test/python/TestCsRule.py b/systemvm/patches/test/TestCsRule.py
similarity index 100%
rename from systemvm/test/python/TestCsRule.py
rename to systemvm/patches/test/TestCsRule.py
diff --git a/systemvm/test/python/runtests.sh b/systemvm/patches/test/runtests.sh
similarity index 94%
rename from systemvm/test/python/runtests.sh
rename to systemvm/patches/test/runtests.sh
index 6d6a196..e64f867 100644
--- a/systemvm/test/python/runtests.sh
+++ b/systemvm/patches/test/runtests.sh
@@ -18,7 +18,7 @@
# requires netaddr
-export PYTHONPATH="../../patches/debian/config/opt/cloud/bin/"
+export PYTHONPATH="../debian/opt/cloud/bin/"
export PYTHONDONTWRITEBYTECODE=False
pep8 --max-line-length=179 --exclude=monitorServices.py,baremetal-vr.py,passwd_server_ip.py `find ../../patches -name \*.py`
diff --git a/systemvm/patches/debian/vpn/etc/ipsec.conf b/systemvm/patches/vpn/etc/ipsec.conf
similarity index 100%
rename from systemvm/patches/debian/vpn/etc/ipsec.conf
rename to systemvm/patches/vpn/etc/ipsec.conf
diff --git a/systemvm/patches/debian/vpn/etc/ipsec.d/l2tp.conf b/systemvm/patches/vpn/etc/ipsec.d/l2tp.conf
similarity index 100%
rename from systemvm/patches/debian/vpn/etc/ipsec.d/l2tp.conf
rename to systemvm/patches/vpn/etc/ipsec.d/l2tp.conf
diff --git a/systemvm/patches/debian/vpn/etc/ipsec.secrets b/systemvm/patches/vpn/etc/ipsec.secrets
similarity index 100%
rename from systemvm/patches/debian/vpn/etc/ipsec.secrets
rename to systemvm/patches/vpn/etc/ipsec.secrets
diff --git a/systemvm/patches/debian/vpn/etc/ppp/options.xl2tpd b/systemvm/patches/vpn/etc/ppp/options.xl2tpd
similarity index 100%
rename from systemvm/patches/debian/vpn/etc/ppp/options.xl2tpd
rename to systemvm/patches/vpn/etc/ppp/options.xl2tpd
diff --git a/systemvm/patches/debian/vpn/etc/xl2tpd/xl2tpd.conf b/systemvm/patches/vpn/etc/xl2tpd/xl2tpd.conf
similarity index 100%
rename from systemvm/patches/debian/vpn/etc/xl2tpd/xl2tpd.conf
rename to systemvm/patches/vpn/etc/xl2tpd/xl2tpd.conf
diff --git a/systemvm/patches/debian/vpn/opt/cloud/bin/vpn_l2tp.sh b/systemvm/patches/vpn/opt/cloud/bin/vpn_l2tp.sh
similarity index 98%
rename from systemvm/patches/debian/vpn/opt/cloud/bin/vpn_l2tp.sh
rename to systemvm/patches/vpn/opt/cloud/bin/vpn_l2tp.sh
index 83cf4de..60ee8a6 100755
--- a/systemvm/patches/debian/vpn/opt/cloud/bin/vpn_l2tp.sh
+++ b/systemvm/patches/vpn/opt/cloud/bin/vpn_l2tp.sh
@@ -16,7 +16,7 @@
# specific language governing permissions and limitations
# under the License.
-
+
#set -x
@@ -142,7 +142,7 @@ create_l2tp_ipsec_vpn_server() {
ipsec_server "restart"
- ipsec auto --rereadsecrets
+ ipsec auto --rereadsecrets
ipsec auto --replace L2TP-PSK
}
@@ -152,7 +152,7 @@ destroy_l2tp_ipsec_vpn_server() {
ipsec auto --down L2TP-PSK
iptables_ "-D" $public_ip
-
+
ipsec_server "stop"
}
@@ -254,6 +254,6 @@ if [ "$useradd" == "1" ]; then
exit $?
fi
if [ "$userdel" == "1" ]; then
- remove_l2tp_ipsec_user $user
+ remove_l2tp_ipsec_user $user
exit $?
fi
diff --git a/systemvm/pom.xml b/systemvm/pom.xml
index 4d657b7..0ae3e02 100644
--- a/systemvm/pom.xml
+++ b/systemvm/pom.xml
@@ -52,10 +52,10 @@
<plugin>
<artifactId>maven-assembly-plugin</artifactId>
<configuration>
- <finalName>systemvm</finalName>
+ <finalName>agent</finalName>
<appendAssemblyId>false</appendAssemblyId>
<descriptors>
- <descriptor>systemvm-descriptor.xml</descriptor>
+ <descriptor>systemvm-agent-descriptor.xml</descriptor>
</descriptors>
</configuration>
<executions>
@@ -84,11 +84,11 @@
<resource>
<directory>target</directory>
<includes>
- <include>systemvm.zip</include>
+ <include>agent.zip</include>
</includes>
</resource>
<resource>
- <directory>patches/debian/config/root/.ssh</directory>
+ <directory>patches/debian/root/.ssh</directory>
<includes>
<include>authorized_keys</include>
</includes>
@@ -111,31 +111,19 @@
<target>
<mkdir dir="${basedir}/dist" />
<mkdir dir="${basedir}/target/build-patch" />
- <mkdir dir="${basedir}/target/build-patch/usr/sbin" />
<copy overwrite="true" todir="${basedir}/target/build-patch">
- <fileset dir="${basedir}/patches/debian/config/">
+ <fileset dir="${basedir}/patches/debian/">
<include name="**/*" />
</fileset>
- <fileset dir="${basedir}/patches/debian/vpn/">
+ <fileset dir="${basedir}/patches/vpn/">
<include name="**/*" />
</fileset>
- <fileset dir="${basedir}/patches/debian/xe/">
- <include name="**/*" />
- <exclude name="**/xe-*" />
- <exclude name="**/xen-*" />
- </fileset>
</copy>
<copy overwrite="true" todir="${basedir}/target/build-patch/opt/cloud/bin/">
<fileset dir="${basedir}/../scripts/util/">
<include name="**/keystore-*" />
</fileset>
</copy>
- <copy overwrite="true" todir="${basedir}/target/build-patch/usr/sbin/">
- <fileset dir="${basedir}/patches/debian/xe/">
- <include name="**/xe-*" />
- <include name="**/xen-*" />
- </fileset>
- </copy>
<tar destfile="${basedir}/target/patch.tar">
<tarfileset dir="${basedir}/target/build-patch/"
filemode="755">
@@ -180,7 +168,7 @@
<argument>-r</argument>
<argument>-o</argument>
<argument>systemvm.iso</argument>
- <argument>systemvm.zip</argument>
+ <argument>agent.zip</argument>
<argument>cloud-scripts.tgz</argument>
<argument>authorized_keys</argument>
</arguments>
diff --git a/systemvm/scripts/run.bat b/systemvm/scripts/run.bat
deleted file mode 100644
index ce6dc40..0000000
--- a/systemvm/scripts/run.bat
+++ /dev/null
@@ -1,18 +0,0 @@
-rem Licensed to the Apache Software Foundation (ASF) under one
-rem or more contributor license agreements. See the NOTICE file
-rem distributed with this work for additional information
-rem regarding copyright ownership. The ASF licenses this file
-rem to you under the Apache License, Version 2.0 (the
-rem "License"); you may not use this file except in compliance
-rem with the License. You may obtain a copy of the License at
-rem
-rem http://www.apache.org/licenses/LICENSE-2.0
-rem
-rem Unless required by applicable law or agreed to in writing,
-rem software distributed under the License is distributed on an
-rem "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-rem KIND, either express or implied. See the License for the
-rem specific language governing permissions and limitations
-rem under the License.
-
-java -mx700m -cp cloud-console-proxy.jar;;cloud-console-common.jar;log4j-1.2.15.jar;apache-log4j-extras-1.0.jar;gson-1.3.jar;commons-logging-1.1.1.jar;.;.\conf; com.cloud.consoleproxy.ConsoleProxy %*
diff --git a/systemvm/systemvm-descriptor.xml b/systemvm/systemvm-agent-descriptor.xml
similarity index 92%
rename from systemvm/systemvm-descriptor.xml
rename to systemvm/systemvm-agent-descriptor.xml
index ce5ae4b..a3f0453 100644
--- a/systemvm/systemvm-descriptor.xml
+++ b/systemvm/systemvm-agent-descriptor.xml
@@ -19,7 +19,7 @@
<assembly xmlns="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/plugins/maven-assembly-plugin/assembly/1.1.2 http://maven.apache.org/xsd/assembly-1.1.2.xsd">
- <id>systemvm</id>
+ <id>agent</id>
<formats>
<format>zip</format>
</formats>
@@ -46,13 +46,13 @@
<fileMode>555</fileMode>
</fileSet>
<fileSet>
- <directory>scripts</directory>
+ <directory>agent/scripts</directory>
<outputDirectory></outputDirectory>
<directoryMode>555</directoryMode>
<fileMode>555</fileMode>
</fileSet>
<fileSet>
- <directory>conf</directory>
+ <directory>agent/conf</directory>
<outputDirectory>conf</outputDirectory>
<directoryMode>555</directoryMode>
<fileMode>555</fileMode>
@@ -63,7 +63,7 @@
</includes>
</fileSet>
<fileSet>
- <directory>images</directory>
+ <directory>agent/images</directory>
<outputDirectory>images</outputDirectory>
<directoryMode>555</directoryMode>
<fileMode>555</fileMode>
@@ -75,7 +75,7 @@
</includes>
</fileSet>
<fileSet>
- <directory>js</directory>
+ <directory>agent/js</directory>
<outputDirectory>js</outputDirectory>
<directoryMode>555</directoryMode>
<fileMode>555</fileMode>
@@ -84,7 +84,7 @@
</includes>
</fileSet>
<fileSet>
- <directory>ui</directory>
+ <directory>agent/ui</directory>
<outputDirectory>ui</outputDirectory>
<directoryMode>555</directoryMode>
<fileMode>555</fileMode>
@@ -93,7 +93,7 @@
</includes>
</fileSet>
<fileSet>
- <directory>css</directory>
+ <directory>agent/css</directory>
<outputDirectory>css</outputDirectory>
<directoryMode>555</directoryMode>
<fileMode>555</fileMode>
@@ -102,7 +102,7 @@
</includes>
</fileSet>
<fileSet>
- <directory>certs</directory>
+ <directory>agent/certs</directory>
<outputDirectory>certs</outputDirectory>
<directoryMode>555</directoryMode>
<fileMode>555</fileMode>
diff --git a/systemvm/vm-script/vmops b/systemvm/vm-script/vmops
deleted file mode 100644
index a9f70c8..0000000
--- a/systemvm/vm-script/vmops
+++ /dev/null
@@ -1,119 +0,0 @@
-#!/bin/bash
-#
-# vmops Script to start and stop the VMOps Agent.
-#
-# Author: Chiradeep Vittal <ch...@vmops.com>
-# chkconfig: 2345 99 01
-# description: Start up the VMOps agent
-
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-# Source function library.
-if [ -f /etc/init.d/functions ]
-then
- . /etc/init.d/functions
-fi
-
-_success() {
- if [ -f /etc/init.d/functions ]
- then
- success
- else
- echo "Success"
- fi
-}
-
-_failure() {
- if [ -f /etc/init.d/functions ]
- then
- failure
- else
- echo "Failed"
- fi
-}
-RETVAL=$?
-VMOPS_HOME="/usr/local/vmops"
-
-mkdir -p /var/log/vmops
-
-get_pids() {
- local i
- for i in $(ps -ef| grep java | grep -v grep | awk '{print $2}');
- do
- echo $(pwdx $i) | grep "$VMOPS_HOME" | grep -i console | awk -F: '{print $1}';
- done
-}
-
-start() {
- local pid=$(get_pids)
- echo -n "Starting VMOps Console Proxy: "
- if [ -f $VMOPS_HOME/consoleproxy/run.sh ];
- then
- if [ "$pid" == "" ]
- then
- (cd $VMOPS_HOME/consoleproxy; nohup ./run.sh > /var/log/vmops/vmops.out 2>&1 & )
- pid=$(get_pids)
- echo $pid > /var/run/vmops.pid
- fi
- _success
- else
- _failure
- fi
- echo
-}
-
-stop() {
- local pid
- echo -n "Stopping VMOps agent: "
- for pid in $(get_pids)
- do
- kill $pid
- done
- _success
- echo
-}
-
-status() {
- local pids=$(get_pids)
- if [ "$pids" == "" ]
- then
- echo "VMOps agent is not running"
- return 1
- fi
- echo "VMOps agent is running: process id: $pids"
- return 0
-}
-
-
-case "$1" in
- start) start
- ;;
- stop) stop
- ;;
- status) status
- ;;
- restart) stop
- start
- ;;
- *) echo $"Usage: $0 {start|stop|status|restart}"
- exit 1
- ;;
-esac
-
-exit $RETVAL
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 12/34: CLOUDSTACK-10181: Skip rVR test cases for
VMware until supported
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 779f2b18d021a2ea491a870be13a4016dff31381
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Sat Dec 9 00:43:25 2017 +0530
CLOUDSTACK-10181: Skip rVR test cases for VMware until supported
With this change, rVR related test cases will be skipped for VMware
where this feature is not properly supported.
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
test/integration/smoke/test_internal_lb.py | 11 +++++++++++
test/integration/smoke/test_privategw_acl.py | 11 +++++++++++
test/integration/smoke/test_routers_network_ops.py | 13 ++++++++++++-
test/integration/smoke/test_vpc_redundant.py | 11 +++++++++++
test/integration/smoke/test_vpc_vpn.py | 10 ++++++++++
5 files changed, 55 insertions(+), 1 deletion(-)
diff --git a/test/integration/smoke/test_internal_lb.py b/test/integration/smoke/test_internal_lb.py
index 5b4c663..379bbb0 100644
--- a/test/integration/smoke/test_internal_lb.py
+++ b/test/integration/smoke/test_internal_lb.py
@@ -50,6 +50,8 @@ from marvin.lib.common import (get_zone,
get_template,
list_network_offerings)
+from marvin.lib.decoratorGenerators import skipTestIf
+
from nose.plugins.attrib import attr
import logging
@@ -280,6 +282,7 @@ class TestInternalLb(cloudstackTestCase):
cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests())
cls.domain = get_domain(cls.apiclient)
+
cls.logger.debug("Creating compute offering: %s" %cls.services["compute_offering"]["name"])
cls.compute_offering = ServiceOffering.create(
cls.apiclient,
@@ -302,6 +305,12 @@ class TestInternalLb(cloudstackTestCase):
%s" % (cls.account.name,
cls.account.id))
+ # Skip rVR related test cases for VMware, for details see
+ # https://issues.apache.org/jira/browse/CLOUDSTACK-10181
+ cls.rvrNotSupported = False
+ if cls.hypervisor.lower() in ['vmware']:
+ cls.rvrNotSupported = True
+
cls._cleanup = [cls.account, cls.compute_offering]
return
@@ -598,6 +607,7 @@ class TestInternalLb(cloudstackTestCase):
self.cleanup.insert(0, vpc_offering)
self.execute_internallb_roundrobin_tests(vpc_offering)
+ @skipTestIf("rvrNotSupported")
@attr(tags=["smoke", "advanced"], required_hardware="true")
def test_02_internallb_roundrobin_1RVPC_3VM_HTTP_port80(self):
"""
@@ -766,6 +776,7 @@ class TestInternalLb(cloudstackTestCase):
self.execute_internallb_haproxy_tests(vpc_offering)
+ @skipTestIf("rvrNotSupported")
@attr(tags=["smoke", "advanced"], required_hardware="true")
def test_04_rvpc_internallb_haproxy_stats_on_all_interfaces(self):
""" Test to verify access to loadbalancer haproxy admin stats page
diff --git a/test/integration/smoke/test_privategw_acl.py b/test/integration/smoke/test_privategw_acl.py
index b86b96e..d48eb42 100644
--- a/test/integration/smoke/test_privategw_acl.py
+++ b/test/integration/smoke/test_privategw_acl.py
@@ -25,6 +25,7 @@ from marvin.lib.base import *
from marvin.lib.common import *
from nose.plugins.attrib import attr
from marvin.codes import PASS
+from marvin.lib.decoratorGenerators import skipTestIf
import time
import logging
@@ -182,6 +183,14 @@ class TestPrivateGwACL(cloudstackTestCase):
cls.services["service_offering"])
cls._cleanup = [cls.service_offering]
+ cls.hypervisor = cls.testClient.getHypervisorInfo()
+
+ # Skip rVR related test cases for VMware, for details see
+ # https://issues.apache.org/jira/browse/CLOUDSTACK-10181
+ cls.rvrNotSupported = False
+ if cls.hypervisor.lower() in ['vmware']:
+ cls.rvrNotSupported = True
+
cls.logger = logging.getLogger('TestPrivateGwACL')
cls.stream_handler = logging.StreamHandler()
cls.logger.setLevel(logging.DEBUG)
@@ -289,6 +298,7 @@ class TestPrivateGwACL(cloudstackTestCase):
self.performVPCTests(vpc_off, restart_with_cleanup = True)
+ @skipTestIf("rvrNotSupported")
@attr(tags=["advanced"], required_hardware="true")
def test_04_rvpc_privategw_static_routes(self):
self.logger.debug("Creating a Redundant VPC offering..")
@@ -301,6 +311,7 @@ class TestPrivateGwACL(cloudstackTestCase):
self.performVPCTests(vpc_off)
+ @skipTestIf("rvrNotSupported")
@attr(tags=["advanced"], required_hardware="true")
def _test_05_rvpc_privategw_check_interface(self):
self.logger.debug("Creating a Redundant VPC offering..")
diff --git a/test/integration/smoke/test_routers_network_ops.py b/test/integration/smoke/test_routers_network_ops.py
index 93563e2..09eb4f3 100644
--- a/test/integration/smoke/test_routers_network_ops.py
+++ b/test/integration/smoke/test_routers_network_ops.py
@@ -137,8 +137,16 @@ class TestRedundantIsolateNetworks(cloudstackTestCase):
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
cls.services['mode'] = cls.zone.networktype
- macchinina = Templates().templates["macchinina"]
cls.hypervisor = cls.testClient.getHypervisorInfo()
+
+ # Skip rVR related test cases for VMware, for details see
+ # https://issues.apache.org/jira/browse/CLOUDSTACK-10181
+ cls.rvrNotSupported = False
+ if cls.hypervisor.lower() in ['vmware']:
+ cls.rvrNotSupported = True
+ return
+
+ macchinina = Templates().templates["macchinina"]
cls.logger.debug("Downloading Template: %s from: %s" % (macchinina[cls.hypervisor.lower()],
macchinina[cls.hypervisor.lower()]["url"]))
cls.template = Template.register(cls.api_client, macchinina[cls.hypervisor.lower()],
@@ -200,6 +208,9 @@ class TestRedundantIsolateNetworks(cloudstackTestCase):
return
def setUp(self):
+ if self.rvrNotSupported:
+ self.skipTest("Redundant VRs are not supported for this hypervisor, skipping test")
+
self.apiclient = self.testClient.getApiClient()
self.cleanup = []
return
diff --git a/test/integration/smoke/test_vpc_redundant.py b/test/integration/smoke/test_vpc_redundant.py
index 372d847..915736d 100644
--- a/test/integration/smoke/test_vpc_redundant.py
+++ b/test/integration/smoke/test_vpc_redundant.py
@@ -255,6 +255,14 @@ class TestVPCRedundancy(cloudstackTestCase):
cls.zone = get_zone(cls.api_client, cls.testClient.getZoneForTests())
cls.hypervisor = cls.testClient.getHypervisorInfo()
+
+ # Skip rVR related test cases for VMware, for details see
+ # https://issues.apache.org/jira/browse/CLOUDSTACK-10181
+ cls.rvrNotSupported = False
+ if cls.hypervisor.lower() in ['vmware']:
+ cls.rvrNotSupported = True
+ return
+
cls.template = Template.register(cls.api_client, cls.services["template"][cls.hypervisor.lower(
)], cls.zone.id, hypervisor=cls.hypervisor.lower(), domainid=cls.domain.id)
cls.template.download(cls.api_client)
@@ -285,6 +293,9 @@ class TestVPCRedundancy(cloudstackTestCase):
raise Exception("Warning: Exception during cleanup : %s" % e)
def setUp(self):
+ if self.rvrNotSupported:
+ self.skipTest("RVR not supported on this hypervisor, skipping")
+
self.routers = []
self.networks = []
self.ips = []
diff --git a/test/integration/smoke/test_vpc_vpn.py b/test/integration/smoke/test_vpc_vpn.py
index b3dfab2..1c4d418 100644
--- a/test/integration/smoke/test_vpc_vpn.py
+++ b/test/integration/smoke/test_vpc_vpn.py
@@ -847,6 +847,13 @@ class TestRVPCSite2SiteVpn(cloudstackTestCase):
cls.hypervisor = testClient.getHypervisorInfo()
+ # Skip rVR related test cases for VMware, for details see
+ # https://issues.apache.org/jira/browse/CLOUDSTACK-10181
+ cls.rvrNotSupported = False
+ if cls.hypervisor.lower() in ['vmware']:
+ cls.rvrNotSupported = True
+ return
+
cls.logger.debug("Downloading Template: %s from: %s" % (cls.services["template"][
cls.hypervisor.lower()], cls.services["template"][cls.hypervisor.lower()]["url"]))
cls.template = Template.register(cls.apiclient, cls.services["template"][cls.hypervisor.lower(
@@ -952,6 +959,9 @@ class TestRVPCSite2SiteVpn(cloudstackTestCase):
"""Test Site 2 Site VPN Across redundant VPCs"""
self.logger.debug("Starting test: test_02_redundant_vpc_site2site_vpn")
+ if self.rvrNotSupported:
+ self.skipTest("Hypervisor not supported for rVR, skipping test")
+
# 0) Get the default network offering for VPC
networkOffering = NetworkOffering.list(
self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks")
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.
[cloudstack] 25/34: systemvm fixes
Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
rohit pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit 4b4cec6e7634cfdb99732a288353383da8e170f6
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Tue Dec 12 13:13:57 2017 +0530
systemvm fixes
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
.../appliance/definitions/systemvmtemplate/apt_upgrade.sh | 14 ++++++++++++--
tools/appliance/definitions/systemvmtemplate/cleanup.sh | 2 +-
tools/appliance/definitions/systemvmtemplate/definition.rb | 2 +-
tools/appliance/definitions/systemvmtemplate/finalize.sh | 11 +----------
tools/appliance/definitions/systemvmtemplate/preseed.cfg | 7 +------
5 files changed, 16 insertions(+), 20 deletions(-)
diff --git a/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh b/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
index 1a72b3a..4d5ff26 100644
--- a/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
+++ b/tools/appliance/definitions/systemvmtemplate/apt_upgrade.sh
@@ -19,6 +19,17 @@
set -e
set -x
+# Perform fsck check on every 2nd boot
+function fix_tune2fs() {
+ for partition in $(blkid -o list | grep ext | awk '{print $1}')
+ do
+ tune2fs -m 1 $partition
+ tune2fs -c 2 $partition
+ done
+ fdisk -l
+ df -h
+}
+
function add_backports() {
sed -i '/cdrom/d' /etc/apt/sources.list
sed -i '/deb-src/d' /etc/apt/sources.list
@@ -30,8 +41,7 @@ function apt_upgrade() {
DEBIAN_FRONTEND=noninteractive
DEBIAN_PRIORITY=critical
- fdisk -l
- df -h
+ fix_tune2fs
# Setup sudo
echo 'cloud ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/cloud
diff --git a/tools/appliance/definitions/systemvmtemplate/cleanup.sh b/tools/appliance/definitions/systemvmtemplate/cleanup.sh
index fd7d9f3..eed29af 100644
--- a/tools/appliance/definitions/systemvmtemplate/cleanup.sh
+++ b/tools/appliance/definitions/systemvmtemplate/cleanup.sh
@@ -21,7 +21,7 @@ set -x
function cleanup_apt() {
apt-get -y remove --purge dictionaries-common busybox isc-dhcp-client isc-dhcp-common \
- task-english task-ssh-server tasksel tasksel-data laptop-detect nano wamerican \
+ task-english task-ssh-server tasksel tasksel-data laptop-detect wamerican \
debconf-i18n sharutils gnupg gnupg-agent
apt-get -y autoremove --purge
diff --git a/tools/appliance/definitions/systemvmtemplate/definition.rb b/tools/appliance/definitions/systemvmtemplate/definition.rb
index b5e4da2..52cb7df 100644
--- a/tools/appliance/definitions/systemvmtemplate/definition.rb
+++ b/tools/appliance/definitions/systemvmtemplate/definition.rb
@@ -36,7 +36,7 @@ architectures = {
config = {
:cpu_count => '1',
:memory_size => '512',
- :disk_size => '2500', :disk_format => 'VDI', :hostiocache => 'off',
+ :disk_size => '2100', :disk_format => 'VDI', :hostiocache => 'off',
:iso_download_timeout => '1000',
:boot_wait => '10',
:boot_cmd_sequence => [
diff --git a/tools/appliance/definitions/systemvmtemplate/finalize.sh b/tools/appliance/definitions/systemvmtemplate/finalize.sh
index 82d17b9..febae7b 100644
--- a/tools/appliance/definitions/systemvmtemplate/finalize.sh
+++ b/tools/appliance/definitions/systemvmtemplate/finalize.sh
@@ -49,19 +49,11 @@ function cleanup_veewee() {
rm -fv .veewee_version .veewee_params .vbox_version
}
-# Perform fsck check on every 2nd boot
-function fix_tune2fs() {
- for partition in $(blkid -o list | grep ext | awk '{print $1}')
- do
- tune2fs -c 2 $partition
- done
-}
-
# Zero out the free space to save space in the final image:
function zero_disk() {
df -h
fstrim -av
- for path in / /boot /var /var/log /tmp
+ for path in / /boot /var/log /tmp
do
dd if=/dev/zero of=${path}/zero bs=1M || true
sync
@@ -73,7 +65,6 @@ function finalize() {
configure_misc
configure_sudoers
cleanup_veewee
- fix_tune2fs
sync
zero_disk
halt -p
diff --git a/tools/appliance/definitions/systemvmtemplate/preseed.cfg b/tools/appliance/definitions/systemvmtemplate/preseed.cfg
index 60bd9a8..d218172 100644
--- a/tools/appliance/definitions/systemvmtemplate/preseed.cfg
+++ b/tools/appliance/definitions/systemvmtemplate/preseed.cfg
@@ -63,16 +63,11 @@ d-i partman-auto/expert_recipe string \
use_filesystem{ } filesystem{ ext2 } \
mountpoint{ /boot } \
. \
- 1300 40 1500 ext4 \
+ 1450 40 1600 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
mountpoint{ / } \
. \
- 550 70 800 ext4 \
- method{ format } format{ } \
- use_filesystem{ } filesystem{ ext4 } \
- mountpoint{ /var } \
- . \
350 60 500 ext4 \
method{ format } format{ } \
use_filesystem{ } filesystem{ ext4 } \
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.