You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by re...@apache.org on 2016/01/16 19:55:08 UTC
[01/28] git commit: updated refs/heads/master to 75b68c6
Repository: cloudstack
Updated Branches:
refs/heads/master f79b3e1c2 -> 75b68c682
CLOUDSTACK-9202 Bump ssh timeout
It seems the VR needs more time for some of its commands. Until we figured
out the root cause, this allows the VRs to start again.
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/1c5e899a
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/1c5e899a
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/1c5e899a
Branch: refs/heads/master
Commit: 1c5e899a2d727d8512a28da76a5e49c9d762d295
Parents: 9be76b3
Author: Remi Bergsma <gi...@remi.nl>
Authored: Mon Dec 28 15:54:26 2015 +0100
Committer: Remi Bergsma <gi...@remi.nl>
Committed: Mon Dec 28 15:54:26 2015 +0100
----------------------------------------------------------------------
utils/src/main/java/com/cloud/utils/ssh/SSHCmdHelper.java | 4 +++-
utils/src/main/java/com/cloud/utils/ssh/SshHelper.java | 4 ++--
2 files changed, 5 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1c5e899a/utils/src/main/java/com/cloud/utils/ssh/SSHCmdHelper.java
----------------------------------------------------------------------
diff --git a/utils/src/main/java/com/cloud/utils/ssh/SSHCmdHelper.java b/utils/src/main/java/com/cloud/utils/ssh/SSHCmdHelper.java
index e35a3ea..61d01c4 100644
--- a/utils/src/main/java/com/cloud/utils/ssh/SSHCmdHelper.java
+++ b/utils/src/main/java/com/cloud/utils/ssh/SSHCmdHelper.java
@@ -29,6 +29,8 @@ import com.trilead.ssh2.Session;
public class SSHCmdHelper {
private static final Logger s_logger = Logger.getLogger(SSHCmdHelper.class);
+ private static final int DEFAULT_CONNECT_TIMEOUT = 180000;
+ private static final int DEFAULT_KEX_TIMEOUT = 60000;
public static com.trilead.ssh2.Connection acquireAuthorizedConnection(String ip, String username, String password) {
return acquireAuthorizedConnection(ip, 22, username, password);
@@ -37,7 +39,7 @@ public class SSHCmdHelper {
public static com.trilead.ssh2.Connection acquireAuthorizedConnection(String ip, int port, String username, String password) {
com.trilead.ssh2.Connection sshConnection = new com.trilead.ssh2.Connection(ip, port);
try {
- sshConnection.connect(null, 60000, 60000);
+ sshConnection.connect(null, DEFAULT_CONNECT_TIMEOUT, DEFAULT_KEX_TIMEOUT);
if (!sshConnection.authenticateWithPassword(username, password)) {
String[] methods = sshConnection.getRemainingAuthMethods(username);
StringBuffer mStr = new StringBuffer();
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1c5e899a/utils/src/main/java/com/cloud/utils/ssh/SshHelper.java
----------------------------------------------------------------------
diff --git a/utils/src/main/java/com/cloud/utils/ssh/SshHelper.java b/utils/src/main/java/com/cloud/utils/ssh/SshHelper.java
index 3aac427..d3c88c8 100644
--- a/utils/src/main/java/com/cloud/utils/ssh/SshHelper.java
+++ b/utils/src/main/java/com/cloud/utils/ssh/SshHelper.java
@@ -29,14 +29,14 @@ import com.trilead.ssh2.ChannelCondition;
import com.cloud.utils.Pair;
public class SshHelper {
- private static final int DEFAULT_CONNECT_TIMEOUT = 60000;
+ private static final int DEFAULT_CONNECT_TIMEOUT = 180000;
private static final int DEFAULT_KEX_TIMEOUT = 60000;
private static final Logger s_logger = Logger.getLogger(SshHelper.class);
public static Pair<Boolean, String> sshExecute(String host, int port, String user, File pemKeyFile, String password, String command) throws Exception {
- return sshExecute(host, port, user, pemKeyFile, password, command, 60000, 60000, 120000);
+ return sshExecute(host, port, user, pemKeyFile, password, command, DEFAULT_CONNECT_TIMEOUT, DEFAULT_KEX_TIMEOUT, 120000);
}
public static void scpTo(String host, int port, String user, File pemKeyFile, String password, String remoteTargetDirectory, String localFile, String fileMode)
[02/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
CLOUDSTACK-9181 Prevent syntax error in checkrouter.sh
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/525949e0
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/525949e0
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/525949e0
Branch: refs/heads/master
Commit: 525949e027d89a5c8ef0d1b7012446bb652be659
Parents: 9be76b3
Author: Remi Bergsma <gi...@remi.nl>
Authored: Wed Dec 16 11:27:26 2015 +0100
Committer: Remi Bergsma <gi...@remi.nl>
Committed: Mon Dec 28 17:06:43 2015 +0100
----------------------------------------------------------------------
systemvm/patches/debian/config/opt/cloud/bin/checkrouter.sh | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/525949e0/systemvm/patches/debian/config/opt/cloud/bin/checkrouter.sh
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/checkrouter.sh b/systemvm/patches/debian/config/opt/cloud/bin/checkrouter.sh
index 0ba0ee5..f867a48 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/checkrouter.sh
+++ b/systemvm/patches/debian/config/opt/cloud/bin/checkrouter.sh
@@ -19,19 +19,19 @@
STATUS=UNKNOWN
INTERFACE=eth1
ROUTER_TYPE=$(cat /etc/cloudstack/cmdline.json | grep type | awk '{print $2;}' | sed -e 's/[,\"]//g')
-if [ $ROUTER_TYPE = "router" ]
+if [ "$ROUTER_TYPE" = "router" ]
then
ROUTER_STATE=$(ip addr | grep eth0 | grep inet | wc -l | xargs bash -c 'if [ $0 == 2 ]; then echo "MASTER"; else echo "BACKUP"; fi')
STATUS=$ROUTER_STATE
else
ROUTER_STATE=$(ip addr | grep $INTERFACE | grep state | awk '{print $9;}')
- if [ $ROUTER_STATE = "UP" ]
+ if [ "$ROUTER_STATE" = "UP" ]
then
STATUS=MASTER
- elif [ $ROUTER_STATE = "DOWN" ]
+ elif [ "$ROUTER_STATE" = "DOWN" ]
then
STATUS=BACKUP
fi
fi
-echo "Status: ${STATUS}"
\ No newline at end of file
+echo "Status: ${STATUS}"
[11/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
[MARVIN] Add forceencap field to VpnCustomerGateway class in marvin base
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/0b54871f
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/0b54871f
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/0b54871f
Branch: refs/heads/master
Commit: 0b54871fa3273219910a573fef5e22ce7ac4caaa
Parents: 6da3bc1
Author: Michael Andersen <ma...@schubergphilis.com>
Authored: Wed Dec 23 21:13:40 2015 +0100
Committer: Michael Andersen <ma...@schubergphilis.com>
Committed: Thu Jan 7 19:27:42 2016 +0100
----------------------------------------------------------------------
tools/marvin/marvin/lib/base.py | 4 ++++
1 file changed, 4 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/0b54871f/tools/marvin/marvin/lib/base.py
----------------------------------------------------------------------
diff --git a/tools/marvin/marvin/lib/base.py b/tools/marvin/marvin/lib/base.py
index ab15a78..4e04ba8 100755
--- a/tools/marvin/marvin/lib/base.py
+++ b/tools/marvin/marvin/lib/base.py
@@ -3572,6 +3572,8 @@ class VpnCustomerGateway:
cmd.esplifetime = services["esplifetime"]
if "dpd" in services:
cmd.dpd = services["dpd"]
+ if "forceencap" in services:
+ cmd.forceencap = services["forceencap"]
if account:
cmd.account = account
if domainid:
@@ -3599,6 +3601,8 @@ class VpnCustomerGateway:
cmd.esplifetime = services["esplifetime"]
if "dpd" in services:
cmd.dpd = services["dpd"]
+ if "forceencap" in services:
+ cmd.forceencap = services["forceencap"]
return(apiclient.updateVpnCustomerGateway(cmd))
def delete(self, apiclient):
[13/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
[UI] MADNESS
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/9b9272c0
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/9b9272c0
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/9b9272c0
Branch: refs/heads/master
Commit: 9b9272c019cf8d00846a5211a14ed7ec98ca7002
Parents: 74f670d
Author: Michael Andersen <ma...@schubergphilis.com>
Authored: Wed Jan 6 17:33:03 2016 +0100
Committer: Michael Andersen <ma...@schubergphilis.com>
Committed: Thu Jan 7 19:27:51 2016 +0100
----------------------------------------------------------------------
.../classes/resources/messages.properties | 1 +
.../classes/resources/messages_nl_NL.properties | 1 +
ui/dictionary2.jsp | 3 ++-
ui/scripts/docs.js | 6 +++++-
ui/scripts/network.js | 21 ++++++++++++++++++--
ui/scripts/vpc.js | 6 ++++++
6 files changed, 34 insertions(+), 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/9b9272c0/client/WEB-INF/classes/resources/messages.properties
----------------------------------------------------------------------
diff --git a/client/WEB-INF/classes/resources/messages.properties b/client/WEB-INF/classes/resources/messages.properties
index e7beaa9..93e73fa 100644
--- a/client/WEB-INF/classes/resources/messages.properties
+++ b/client/WEB-INF/classes/resources/messages.properties
@@ -2258,3 +2258,4 @@ message.please.select.ssh.key.pair.use.with.this.vm=Please select a ssh key pair
message.configure.firewall.rules.allow.traffic=Configure the rules to allow Traffic
message.configure.firewall.rules.block.traffic=Configure the rules to block Traffic
message.ldap.group.import=All The users from the given group name will be imported
+label.vpn.force.encapsulation=Force UDP Encapsulation of ESP Packets
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/9b9272c0/client/WEB-INF/classes/resources/messages_nl_NL.properties
----------------------------------------------------------------------
diff --git a/client/WEB-INF/classes/resources/messages_nl_NL.properties b/client/WEB-INF/classes/resources/messages_nl_NL.properties
index 363be5f..a4e1991 100644
--- a/client/WEB-INF/classes/resources/messages_nl_NL.properties
+++ b/client/WEB-INF/classes/resources/messages_nl_NL.properties
@@ -1726,6 +1726,7 @@ label.vpc=VPC
label.VPN.connection=VPN Connectie
label.vpn.customer.gateway=VPN Customer Gateway
label.VPN.customer.gateway=VPN Customer Gateway
+label.vpn.force.encapsulation=Forceer UDP Encapsulatie van ESP Packets
label.VPN.gateway=VPN Gateway
label.vpn=VPN
label.vsmctrlvlanid=Controle VLAN ID
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/9b9272c0/ui/dictionary2.jsp
----------------------------------------------------------------------
diff --git a/ui/dictionary2.jsp b/ui/dictionary2.jsp
index 9d68974..4268104 100644
--- a/ui/dictionary2.jsp
+++ b/ui/dictionary2.jsp
@@ -1124,6 +1124,7 @@ under the License.
'message.desc.create.ssh.key.pair': '<fmt:message key="message.desc.create.ssh.key.pair" />',
'message.removed.ssh.key.pair': '<fmt:message key="message.removed.ssh.key.pair" />',
'message.please.select.ssh.key.pair.use.with.this.vm': '<fmt:message key="message.please.select.ssh.key.pair.use.with.this.vm" />',
-'message.ldap.group.import': '<fmt:message key="message.ldap.group.import" />'
+'message.ldap.group.import': '<fmt:message key="message.ldap.group.import" />',
+'label.vpn.force.encapsulation': '<fmt:message key="label.vpn.force.encapsulation" />'
});
</script>
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/9b9272c0/ui/scripts/docs.js
----------------------------------------------------------------------
diff --git a/ui/scripts/docs.js b/ui/scripts/docs.js
index ed6ab0c..e02cbda 100755
--- a/ui/scripts/docs.js
+++ b/ui/scripts/docs.js
@@ -1118,6 +1118,10 @@ cloudStack.docs = {
desc: 'Check this to make the virtual router query its IKE peer at regular intervals to ensure continued availability. It is recommended to have the same DPD setting on both sides of the VPN connection.',
externalLink: ''
},
+ helpVPNGatewayForceEncapsulation: {
+ desc: 'Force UDP encapsulation for ESP packets even if no NAT situation is detected. This may help to surmount restrictive firewalls. In order to force the peer to encapsulate packets, NAT detection payloads are faked',
+ externalLink: ''
+ },
// Copy template
helpCopyTemplateDestination: {
desc: 'The zone to which you want to copy the template',
@@ -1329,4 +1333,4 @@ cloudStack.docs = {
helpLdapLinkDomainAdmin: {
desc: 'domain admin of the linked domain. Specify a username in GROUP/OU of LDAP'
}
-};
+};
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/9b9272c0/ui/scripts/network.js
----------------------------------------------------------------------
diff --git a/ui/scripts/network.js b/ui/scripts/network.js
index 2831aa0..5fd917a 100755
--- a/ui/scripts/network.js
+++ b/ui/scripts/network.js
@@ -6129,6 +6129,14 @@
docID: 'helpVPNGatewayDeadPeerDetection',
isBoolean: true,
isChecked: false
+ },
+
+ forceencap: {
+ label: 'label.vpn.force.encapsulation',
+ docID: 'helpVPNGatewayForceEncapsulation',
+ docID: 'helpVPNGatewayForceEncapsulation',
+ isBoolean: true,
+ isChecked: false
}
}
},
@@ -6140,7 +6148,8 @@
ipsecpsk: args.data.ipsecpsk,
ikelifetime: args.data.ikelifetime,
esplifetime: args.data.esplifetime,
- dpd: (args.data.dpd == "on")
+ dpd: (args.data.dpd == "on"),
+ forceencap: (args.data.forceencap == "on")
};
var ikepolicy = args.data.ikeEncryption + '-' + args.data.ikeHash;
@@ -6196,7 +6205,8 @@
ipsecpsk: args.data.ipsecpsk,
ikelifetime: args.data.ikelifetime,
esplifetime: args.data.esplifetime,
- dpd: (args.data.dpd == "on")
+ dpd: (args.data.dpd == "on"),
+ forceencap: (args.data.forceencap == "on")
};
var ikepolicy = args.data.ikeEncryption + '-' + args.data.ikeHash;
@@ -6465,6 +6475,13 @@
converter: cloudStack.converters.toBooleanText
},
+ forceencap: {
+ label: 'label.vpn.force.encapsulation',
+ isBoolean: true,
+ isEditable: true,
+ converter: cloudStack.converters.toBooleanText
+ },
+
id: {
label: 'label.id'
},
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/9b9272c0/ui/scripts/vpc.js
----------------------------------------------------------------------
diff --git a/ui/scripts/vpc.js b/ui/scripts/vpc.js
index 4b10d8b..f7f7329 100644
--- a/ui/scripts/vpc.js
+++ b/ui/scripts/vpc.js
@@ -2904,6 +2904,12 @@
return str ? 'Yes' : 'No';
}
},
+ forceencap: {
+ label: 'label.vpn.force.encapsulation',
+ converter: function(str) {
+ return str ? 'Yes' : 'No';
+ }
+ },
state: {
label: 'label.state'
},
[21/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
Merge pull request #1301 from nitin-maharana/CloudStack-Nitin3_4.7
CLOUDSTACK-9186: Root admin cannot see VPC created by Domain admin userIssue:
=====
Root admin cannot see LB rules and Public LB IP addresses created by domain-admin in UI therefore root admin cannot manage those.
Reproducible Steps:
================
Log in as a Domain-Admin account and create a VPC with vpc virtual router as public load balancer provider
click on the newly created VPC -> click on the VPC tier -> click internal LB
Add internal LB,
Logoff domain-admin and login as root admin
Navigate the VPC created previously and click internal LB, internal lb is not showing up.
Same steps for Public LB IP addresses except select the correct Network offering while creating a tier.
Expected Behaviour:
================
Root admin should be able to manage VPC created by Domain admin user .
Actual Behaviour:
==============
Root admin cannot see VPC created by Domain admin user and hence not able to manage it.
Fix:
===
Added the parameter listAll=true in case of Internal LB as well as Public LB IP addresses.
* pr/1301:
CLOUDSTACK-9186: Root admin cannot see VPC created by Domain admin user
Signed-off-by: Remi Bergsma <gi...@remi.nl>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/1b5c6457
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/1b5c6457
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/1b5c6457
Branch: refs/heads/master
Commit: 1b5c64578f393568380e2ef67155a34eb31bff0e
Parents: 5566789 9014cd3
Author: Remi Bergsma <gi...@remi.nl>
Authored: Sat Jan 16 19:40:06 2016 +0100
Committer: Remi Bergsma <gi...@remi.nl>
Committed: Sat Jan 16 19:40:07 2016 +0100
----------------------------------------------------------------------
ui/scripts/vpc.js | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/1b5c6457/ui/scripts/vpc.js
----------------------------------------------------------------------
[14/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
FIX VPN: non-working ipsec commands
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/dfa924bd
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/dfa924bd
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/dfa924bd
Branch: refs/heads/master
Commit: dfa924bdee58a82bac027a122c6ad68c1fd01bd5
Parents: 80703ca
Author: Michael Andersen <ma...@schubergphilis.com>
Authored: Mon Dec 21 16:25:41 2015 +0100
Committer: Michael Andersen <ma...@schubergphilis.com>
Committed: Tue Jan 12 11:24:34 2016 +0100
----------------------------------------------------------------------
systemvm/patches/debian/config/opt/cloud/bin/configure.py | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/dfa924bd/systemvm/patches/debian/config/opt/cloud/bin/configure.py
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/configure.py b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
index deb4a74..3e6d717 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
@@ -538,9 +538,9 @@ class CsSite2SiteVpn(CsDataBag):
file.commit()
logging.info("Configured vpn %s %s", leftpeer, rightpeer)
CsHelper.execute("ipsec auto --rereadall")
- CsHelper.execute("ipsec --add vpn-%s" % rightpeer)
+ CsHelper.execute("ipsec auto --add vpn-%s" % rightpeer)
if not obj['passive']:
- CsHelper.execute("ipsec --up vpn-%s" % rightpeer)
+ CsHelper.execute("ipsec auto --up vpn-%s" % rightpeer)
os.chmod(vpnsecretsfile, 0o400)
def convert_sec_to_h(self, val):
[04/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
CLOUDSTACK-9204 Do not error when staticroute is already gone
When deleting fails because it isn't there any morei (KeyError), it should succeed instead.
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/779f4b36
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/779f4b36
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/779f4b36
Branch: refs/heads/master
Commit: 779f4b36e03738a9eb1ffa4c474e9b4968cd7b72
Parents: 9be76b3
Author: Remi Bergsma <gi...@remi.nl>
Authored: Thu Dec 31 14:08:14 2015 +0100
Committer: Remi Bergsma <gi...@remi.nl>
Committed: Thu Dec 31 14:11:06 2015 +0100
----------------------------------------------------------------------
systemvm/patches/debian/config/opt/cloud/bin/cs_staticroutes.py | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/779f4b36/systemvm/patches/debian/config/opt/cloud/bin/cs_staticroutes.py
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_staticroutes.py b/systemvm/patches/debian/config/opt/cloud/bin/cs_staticroutes.py
index 98244db..d5ffae1 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_staticroutes.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_staticroutes.py
@@ -23,7 +23,10 @@ def merge(dbag, staticroutes):
key = route['ip_address']
revoke = route['revoke']
if revoke:
- del dbag[key]
+ try:
+ del dbag[key]
+ except KeyError:
+ pass
else:
dbag[key] = route
[20/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
Merge pull request #1317 from michaelandersen/vpn/forceencap
[4.7] ADD Force UDP encapsulation option to Site2Site VPNThis PR adds the option to enable forced UDP encapsulation of ESP packets during a setup of a site2site vpn. This options enforces the 'forceencaps' option in the openswan ipsec config:
https://wiki.strongswan.org/projects/strongswan/wiki/ConnSection
* pr/1317:
[UI] MADNESS
[DB] Add force_encap field to s2s_customer_gateway table
[ROUTER] Add forceencaps field to python router ipsec config method
[TEST] unittest needs rework
[MARVIN] Add forceencap field to VpnCustomerGateway class in marvin base
[CORE] Add Force UDP Encapsulation option to Site2Site VPN
Signed-off-by: Remi Bergsma <gi...@remi.nl>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/55667896
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/55667896
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/55667896
Branch: refs/heads/master
Commit: 55667896d0ff9926c81669471ecae94fca43be47
Parents: 80703ca 9b9272c
Author: Remi Bergsma <gi...@remi.nl>
Authored: Sat Jan 16 19:38:40 2016 +0100
Committer: Remi Bergsma <gi...@remi.nl>
Committed: Sat Jan 16 19:38:42 2016 +0100
----------------------------------------------------------------------
.../cloud/network/Site2SiteCustomerGateway.java | 2 ++
.../org/apache/cloudstack/api/ApiConstants.java | 3 ++-
.../user/vpn/CreateVpnCustomerGatewayCmd.java | 5 +++++
.../user/vpn/UpdateVpnCustomerGatewayCmd.java | 5 +++++
.../Site2SiteCustomerGatewayResponse.java | 6 ++++++
.../Site2SiteVpnConnectionResponse.java | 9 +++++++++
.../classes/resources/messages.properties | 1 +
.../classes/resources/messages_nl_NL.properties | 1 +
.../api/routing/Site2SiteVpnCfgCommand.java | 12 ++++++++++-
.../facade/Site2SiteVpnConfigItem.java | 2 +-
.../virtualnetwork/model/Site2SiteVpn.java | 13 ++++++++++--
.../VirtualRoutingResourceTest.java | 6 +++---
.../network/dao/Site2SiteCustomerGatewayVO.java | 15 +++++++++++++-
server/src/com/cloud/api/ApiResponseHelper.java | 3 ++-
.../network/router/CommandSetupHelper.java | 3 ++-
.../network/vpn/Site2SiteVpnManagerImpl.java | 13 +++++++++++-
setup/db/db/schema-470to471.sql | 1 +
.../debian/config/opt/cloud/bin/configure.py | 5 +++--
tools/marvin/marvin/lib/base.py | 4 ++++
ui/dictionary2.jsp | 3 ++-
ui/scripts/docs.js | 6 +++++-
ui/scripts/network.js | 21 ++++++++++++++++++--
ui/scripts/vpc.js | 6 ++++++
23 files changed, 127 insertions(+), 18 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/55667896/ui/scripts/network.js
----------------------------------------------------------------------
[17/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
Fix unable to setup more than one Site2Site VPN Connection
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/435a98cd
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/435a98cd
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/435a98cd
Branch: refs/heads/master
Commit: 435a98cd3f3147ab6b222cd8a265d7101f0a3f12
Parents: 230c9cf
Author: Michael Andersen <ma...@schubergphilis.com>
Authored: Tue Jan 12 10:36:37 2016 +0100
Committer: Michael Andersen <ma...@schubergphilis.com>
Committed: Tue Jan 12 11:24:35 2016 +0100
----------------------------------------------------------------------
.../debian/config/opt/cloud/bin/configure.py | 16 ++++++++++------
.../debian/config/opt/cloud/bin/cs_site2sitevpn.py | 2 +-
2 files changed, 11 insertions(+), 7 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/435a98cd/systemvm/patches/debian/config/opt/cloud/bin/configure.py
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/configure.py b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
index 3e6d717..f616b6b 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
@@ -462,16 +462,20 @@ class CsSite2SiteVpn(CsDataBag):
if m:
self.confips.append(m.group(1))
- for public_ip in self.dbag:
- if public_ip == "id":
+ for vpn in self.dbag:
+ if vpn == "id":
continue
- dev = CsHelper.get_device(public_ip)
+
+ local_ip = self.dbag[vpn]['local_public_ip']
+ dev = CsHelper.get_device(local_ip)
+
if dev == "":
- logging.error("Request for ipsec to %s not possible because ip is not configured", public_ip)
+ logging.error("Request for ipsec to %s not possible because ip is not configured", local_ip)
continue
+
CsHelper.start_if_stopped("ipsec")
- self.configure_iptables(dev, self.dbag[public_ip])
- self.configure_ipsec(self.dbag[public_ip])
+ self.configure_iptables(dev, self.dbag[vpn])
+ self.configure_ipsec(self.dbag[vpn])
# Delete vpns that are no longer in the configuration
for ip in self.confips:
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/435a98cd/systemvm/patches/debian/config/opt/cloud/bin/cs_site2sitevpn.py
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_site2sitevpn.py b/systemvm/patches/debian/config/opt/cloud/bin/cs_site2sitevpn.py
index 02157b4..972c09a 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_site2sitevpn.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_site2sitevpn.py
@@ -19,7 +19,7 @@ from pprint import pprint
def merge(dbag, vpn):
- key = vpn['local_public_ip']
+ key = vpn['peer_gateway_ip']
op = vpn['create']
if key in dbag.keys() and not op:
del(dbag[key])
[05/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
CLOUDSTACK-6485 prevent ip asignment of private gw iface
Prevent ipaddress asignment of gateway to gateway-interface on vpc router by setting vpcid to null in network
Was fixed in 4.4 by 1f209ff226a24979cf3a43ce0c02e05c84dd4dc2
Reimplemented for 4.7
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/2c07ce59
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/2c07ce59
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/2c07ce59
Branch: refs/heads/master
Commit: 2c07ce590d9763033aff2ee895915eefe8a16030
Parents: 9be76b3
Author: Remi Bergsma <gi...@remi.nl>
Authored: Thu Dec 31 14:20:52 2015 +0100
Committer: Remi Bergsma <gi...@remi.nl>
Committed: Thu Dec 31 14:22:52 2015 +0100
----------------------------------------------------------------------
server/src/com/cloud/network/vpc/VpcManagerImpl.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/2c07ce59/server/src/com/cloud/network/vpc/VpcManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/vpc/VpcManagerImpl.java b/server/src/com/cloud/network/vpc/VpcManagerImpl.java
index fe9a86f..e9a2202 100644
--- a/server/src/com/cloud/network/vpc/VpcManagerImpl.java
+++ b/server/src/com/cloud/network/vpc/VpcManagerImpl.java
@@ -1668,7 +1668,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis
// A more permanent solution would be to define a type of 'gatewaynetwork'
// so that handling code is not mixed between the two
final NetworkVO gatewaynet = _ntwkDao.findById(privateNtwk.getId());
- gatewaynet.setVpcId(vpcId);
+ gatewaynet.setVpcId(null);
_ntwkDao.persist(gatewaynet);
}
[15/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
Make integration/smoke/test_vpc_vpn Hypervisor independant
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/fd83ca00
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/fd83ca00
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/fd83ca00
Branch: refs/heads/master
Commit: fd83ca00e35ac2b7b7f39cd86940db0101931d9e
Parents: dfa924b
Author: Michael Andersen <ma...@schubergphilis.com>
Authored: Tue Dec 22 11:16:23 2015 +0100
Committer: Michael Andersen <ma...@schubergphilis.com>
Committed: Tue Jan 12 11:24:34 2016 +0100
----------------------------------------------------------------------
test/integration/smoke/test_vpc_vpn.py | 172 ++++++++++++++++++++--------
1 file changed, 122 insertions(+), 50 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/fd83ca00/test/integration/smoke/test_vpc_vpn.py
----------------------------------------------------------------------
diff --git a/test/integration/smoke/test_vpc_vpn.py b/test/integration/smoke/test_vpc_vpn.py
index c5cc12c..9b78bf8 100644
--- a/test/integration/smoke/test_vpc_vpn.py
+++ b/test/integration/smoke/test_vpc_vpn.py
@@ -71,13 +71,10 @@ class Services:
"firstname": "Test",
"lastname": "User",
"username": "test",
- # Random characters are appended for unique
- # username
"password": "password",
},
"host1": None,
"host2": None,
- "default_hypervisor": "kvm",
"compute_offering": {
"name": "Tiny Instance",
"displaytext": "Tiny Instance",
@@ -132,6 +129,11 @@ class Services:
"egress_policy": "true",
},
"vpc_offering": {
+ "name": 'VPC off',
+ "displaytext": 'VPC off',
+ "supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,Vpn,Lb,UserData,StaticNat',
+ },
+ "redundant_vpc_offering": {
"name": 'Redundant VPC off',
"displaytext": 'Redundant VPC off',
"supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,Vpn,Lb,UserData,StaticNat',
@@ -224,19 +226,40 @@ class Services:
"requireshvm": "True",
},
- "xen": {
+ "xenserver": {
"name": "tiny-xen",
"displaytext": "macchinina xen",
"format": "vhd",
"hypervisor": "xen",
- "ostype": "Other (64-bit)",
+ "ostype": "Other PV (64-bit)",
"url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-xen.vhd.bz2",
"requireshvm": "True",
},
+
+ "hyperv": {
+ "name": "tiny-hyperv",
+ "displaytext": "macchinina xen",
+ "format": "vhd",
+ "hypervisor": "hyperv",
+ "ostype": "Other PV (64-bit)",
+ "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-hyperv.vhd.zip",
+ "requireshvm": "True",
+ },
+
+ "vmware": {
+ "name": "tiny-vmware",
+ "displaytext": "macchinina vmware",
+ "format": "ova",
+ "hypervisor": "vmware",
+ "ostype": "Other PV (64-bit)",
+ "url": "http://dl.openvm.eu/cloudstack/macchinina/x86_64/macchinina-vmware.vmdk.bz2",
+ "requireshvm": "True",
+ }
}
}
+
class TestVpcRemoteAccessVpn(cloudstackTestCase):
@classmethod
@@ -253,6 +276,7 @@ class TestVpcRemoteAccessVpn(cloudstackTestCase):
cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests())
cls.domain = get_domain(cls.apiclient)
+
cls.compute_offering = ServiceOffering.create(
cls.apiclient,
cls.services["compute_offering"]
@@ -260,25 +284,28 @@ class TestVpcRemoteAccessVpn(cloudstackTestCase):
cls.account = Account.create(
cls.apiclient, services=cls.services["account"])
- cls.hypervisor = cls.services["default_hypervisor"]
- cls.logger.debug("Downloading Template: %s from: %s" % (cls.services["template"][
- cls.hypervisor]["name"], cls.services["template"][cls.hypervisor]["url"]))
- cls.template = Template.register(cls.apiclient, cls.services["template"][
- cls.hypervisor], cls.zone.id, hypervisor=cls.hypervisor, account=cls.account.name, domainid=cls.domain.id)
+ cls.hypervisor = testClient.getHypervisorInfo()
+
+ cls.logger.debug("Downloading Template: %s from: %s" %(cls.services["template"][cls.hypervisor.lower()], cls.services["template"][cls.hypervisor.lower()]["url"]))
+ cls.template = Template.register(cls.apiclient, cls.services["template"][cls.hypervisor.lower()], cls.zone.id, hypervisor=cls.hypervisor.lower(), account=cls.account.name, domainid=cls.domain.id)
cls.template.download(cls.apiclient)
if cls.template == FAILED:
- assert False, "get_template() failed to return template with description %s" % cls.services[
- "compute_offering"]
+ assert False, "get_template() failed to return template"
+
+ cls.logger.debug("Successfully created account: %s, id: \
+ %s" % (cls.account.name,
+ cls.account.id))
- cls.services["virtual_machine"][
- "hypervisor"] = cls.services["default_hypervisor"]
- cls.cleanup = [cls.account]
+ cls.cleanup = [cls.template, cls.account, cls.compute_offering]
+ return
@attr(tags=["advanced"], required_hardware="true")
- def test_vpc_remote_access_vpn(self):
+ def test_01_vpc_remote_access_vpn(self):
"""Test Remote Access VPN in VPC"""
+ self.logger.debug("Starting test: test_01_vpc_site2site_vpn")
+
# 0) Get the default network offering for VPC
self.logger.debug("Retrieving default VPC offering")
networkOffering = NetworkOffering.list(
@@ -334,8 +361,7 @@ class TestVpcRemoteAccessVpn(cloudstackTestCase):
domainid=self.domain.id,
serviceofferingid=self.compute_offering.id,
networkids=ntwk.id,
- hypervisor=self.services[
- "virtual_machine"]["hypervisor"]
+ hypervisor=self.hypervisor
)
self.assert_(vm is not None, "VM failed to deploy")
self.assert_(vm.state == 'Running', "VM is not running")
@@ -426,29 +452,32 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests())
cls.domain = get_domain(cls.apiclient)
- cls.service_offering = ServiceOffering.create(
+
+ cls.compute_offering = ServiceOffering.create(
cls.apiclient,
cls.services["compute_offering"]
)
cls.account = Account.create(
cls.apiclient, services=cls.services["account"])
- cls.hypervisor = cls.services["default_hypervisor"]
- cls.logger.debug("Downloading Template: %s from: %s" % (cls.services["template"][
- cls.hypervisor]["name"], cls.services["template"][cls.hypervisor]["url"]))
- cls.template = Template.register(cls.apiclient, cls.services["template"][
- cls.hypervisor], cls.zone.id, hypervisor=cls.hypervisor, account=cls.account.name, domainid=cls.domain.id)
+
+ cls.hypervisor = testClient.getHypervisorInfo()
+
+ cls.logger.debug("Downloading Template: %s from: %s" %(cls.services["template"][cls.hypervisor.lower()], cls.services["template"][cls.hypervisor.lower()]["url"]))
+ cls.template = Template.register(cls.apiclient, cls.services["template"][cls.hypervisor.lower()], cls.zone.id, hypervisor=cls.hypervisor.lower(), account=cls.account.name, domainid=cls.domain.id)
cls.template.download(cls.apiclient)
if cls.template == FAILED:
- assert False, "get_template() failed to return template with description %s" % cls.services[
- "compute_offering"]
+ assert False, "get_template() failed to return template"
+
+ cls.logger.debug("Successfully created account: %s, id: \
+ %s" % (cls.account.name,
+ cls.account.id))
- cls.services["virtual_machine"][
- "hypervisor"] = cls.services["default_hypervisor"]
- cls.cleanup = [cls.account]
+ cls.cleanup = [cls.template, cls.account, cls.compute_offering]
+ return
- def get_ssh_client(self, virtual_machine, services, retries):
+ def _get_ssh_client(self, virtual_machine, services, retries):
""" Setup ssh client connection and return connection
vm requires attributes public_ip, public_port, username, password """
@@ -468,7 +497,7 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
return ssh_client
- def create_natrule(self, vpc, vm, public_port, private_port, public_ip, network, services=None):
+ def _create_natrule(self, vpc, vm, public_port, private_port, public_ip, network, services=None):
self.logger.debug("Creating NAT rule in network for vm with public IP")
if not services:
self.services["natrule"]["privateport"] = private_port
@@ -494,28 +523,67 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
vm.public_port = int(public_port)
return nat_rule
- @attr(tags=["advanced"], required_hardware="true")
- def test_vpc_site2site_vpn(self):
- """Test VPN in VPC"""
+ def _validate_vpc_offering(self, vpc_offering):
+
+ self.logger.debug("Check if the VPC offering is created successfully?")
+ vpc_offs = VpcOffering.list(
+ self.apiclient,
+ id=vpc_offering.id
+ )
+ self.assertEqual(
+ isinstance(vpc_offs, list),
+ True,
+ "List VPC offerings should return a valid list"
+ )
+ self.assertEqual(
+ vpc_offering.name,
+ vpc_offs[0].name,
+ "Name of the VPC offering should match with listVPCOff data"
+ )
+ self.logger.debug(
+ "VPC offering is created successfully - %s" %
+ vpc_offering.name)
+ return
+
+ def _create_vpc_offering(self, offering_name):
+
+ vpc_off = None
+ if offering_name is not None:
+ self.logger.debug("Creating VPC offering: %s", offering_name)
+ vpc_off = VpcOffering.create(
+ self.apiclient,
+ self.services[offering_name]
+ )
+
+ self._validate_vpc_offering(vpc_off)
+ self.cleanup.append(vpc_off)
+
+ return vpc_off
+
+ @attr(tags=["advanced"], required_hardware="true")
+ def test_01_vpc_site2site_vpn(self):
+ """Test Site 2 Site VPN Across VPCs"""
+ self.logger.debug("Starting test: test_01_vpc_site2site_vpn")
# 0) Get the default network offering for VPC
networkOffering = NetworkOffering.list(
self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks")
self.assert_(networkOffering is not None and len(
networkOffering) > 0, "No VPC based network offering")
- # 1) Create VPC offering
- vpcOffering = VpcOffering.list(self.apiclient, isdefault=True)
- self.assert_(vpcOffering is not None and len(
- vpcOffering) > 0, "No VPC offerings found")
+ # Create and Enable VPC offering
+ vpc_offering = self._create_vpc_offering('vpc_offering')
+ self.assert_(vpc_offering is not None, "Failed to create VPC Offering")
+ vpc_offering.update(self.apiclient, state='Enabled')
+ vpc1 = None
# Create VPC 1
try:
vpc1 = VPC.create(
apiclient=self.apiclient,
services=self.services["vpc"],
networkDomain="vpc1.vpn",
- vpcofferingid=vpcOffering[0].id,
+ vpcofferingid=vpc_offering.id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.domain.id
@@ -525,15 +593,16 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
finally:
self.assert_(vpc1 is not None, "VPC1 creation failed")
- self.logger.debug("VPC1 %s created" % (vpc1.id))
+ self.logger.debug("VPC1 %s created" % vpc1.id)
+ vpc2 = None
# Create VPC 2
try:
vpc2 = VPC.create(
apiclient=self.apiclient,
services=self.services["vpc2"],
networkDomain="vpc2.vpn",
- vpcofferingid=vpcOffering[0].id,
+ vpcofferingid=vpc_offering.id,
zoneid=self.zone.id,
account=self.account.name,
domainid=self.account.domainid
@@ -543,11 +612,12 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
finally:
self.assert_(vpc2 is not None, "VPC2 creation failed")
- self.logger.debug("VPC2 %s created" % (vpc2.id))
+ self.logger.debug("VPC2 %s created" % vpc2.id)
default_acl = NetworkACLList.list(
self.apiclient, name="default_allow")[0]
+ ntwk1 = None
# Create network in VPC 1
try:
ntwk1 = Network.create(
@@ -567,6 +637,7 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
self.logger.debug("Network %s created in VPC %s" % (ntwk1.id, vpc1.id))
+ ntwk2 = None
# Create network in VPC 2
try:
ntwk2 = Network.create(
@@ -586,6 +657,7 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
self.logger.debug("Network %s created in VPC %s" % (ntwk2.id, vpc2.id))
+ vm1 = None
# Deploy a vm in network 2
try:
vm1 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
@@ -593,10 +665,9 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
zoneid=self.zone.id,
accountid=self.account.name,
domainid=self.account.domainid,
- serviceofferingid=self.service_offering.id,
+ serviceofferingid=self.compute_offering.id,
networkids=ntwk1.id,
- hypervisor=self.services[
- "virtual_machine"]["hypervisor"]
+ hypervisor=self.hypervisor
)
except Exception as e:
self.fail(e)
@@ -606,6 +677,7 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
self.logger.debug("VM %s deployed in VPC %s" % (vm1.id, vpc1.id))
+ vm2 = None
# Deploy a vm in network 2
try:
vm2 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
@@ -613,10 +685,9 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
zoneid=self.zone.id,
accountid=self.account.name,
domainid=self.account.domainid,
- serviceofferingid=self.service_offering.id,
+ serviceofferingid=self.compute_offering.id,
networkids=ntwk2.id,
- hypervisor=self.services[
- "virtual_machine"]["hypervisor"]
+ hypervisor=self.hypervisor
)
except Exception as e:
self.fail(e)
@@ -696,9 +767,10 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
self.assert_(
vm2.public_ip is not None, "Failed to aqcuire public ip for vm2")
+ natrule = None
# Create port forward to be able to ssh into vm2
try:
- natrule = self.create_natrule(
+ natrule = self._create_natrule(
vpc2, vm2, 22, 22, vm2.public_ip, ntwk2)
except Exception as e:
self.fail(e)
@@ -708,7 +780,7 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
time.sleep(20)
# setup ssh connection to vm2
- ssh_client = self.get_ssh_client(vm2, self.services, 10)
+ ssh_client = self._get_ssh_client(vm2, self.services, 10)
if ssh_client:
# run ping test
[07/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
CLOUDSTACK-9186: Root admin cannot see VPC created by Domain admin user
Added the parameter listAll=true in case of Internal LB as well as Public LB IP addresses.
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/9014cd31
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/9014cd31
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/9014cd31
Branch: refs/heads/master
Commit: 9014cd3101155aed10e4639acc6ece9c768f3929
Parents: d681574
Author: Nitin Kumar Maharana <ni...@gmail.com>
Authored: Fri Dec 18 13:23:50 2015 +0530
Committer: Nitin Kumar Maharana <ni...@gmail.com>
Committed: Wed Jan 6 23:53:07 2016 +0530
----------------------------------------------------------------------
ui/scripts/vpc.js | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/9014cd31/ui/scripts/vpc.js
----------------------------------------------------------------------
diff --git a/ui/scripts/vpc.js b/ui/scripts/vpc.js
index 4b10d8b..f15cc42 100644
--- a/ui/scripts/vpc.js
+++ b/ui/scripts/vpc.js
@@ -748,7 +748,8 @@
$.ajax({
url: createURL('listLoadBalancers'),
data: {
- networkid: args.context.networks[0].id
+ networkid: args.context.networks[0].id,
+ listAll: true
},
success: function(json) {
var items = json.listloadbalancersresponse.loadbalancer;
@@ -1132,7 +1133,8 @@
async: false,
data: {
associatednetworkid: args.context.networks[0].id,
- forloadbalancing: true
+ forloadbalancing: true,
+ listall: true
},
success: function(json) {
var items = json.listpublicipaddressesresponse.publicipaddress;
[23/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
Merge pull request #1299 from remibergsma/CLOUDSTACK-6485
CLOUDSTACK-6485 prevent ip asignment of private gw ifacePrevent ipaddress asignment of gateway to gateway-interface on vpc router by setting vpcid to null in network. This was fixed in 4.4 by 1f209ff226a24979cf3a43ce0c02e05c84dd4dc2, reimplemented for 4.7
* pr/1299:
CLOUDSTACK-6485 prevent ip asignment of private gw iface
Signed-off-by: Remi Bergsma <gi...@remi.nl>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/317c28a7
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/317c28a7
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/317c28a7
Branch: refs/heads/master
Commit: 317c28a7e5d8161bc3e8755dece3f965b7e74662
Parents: 146a6fd 2c07ce5
Author: Remi Bergsma <gi...@remi.nl>
Authored: Sat Jan 16 19:42:17 2016 +0100
Committer: Remi Bergsma <gi...@remi.nl>
Committed: Sat Jan 16 19:42:17 2016 +0100
----------------------------------------------------------------------
server/src/com/cloud/network/vpc/VpcManagerImpl.java | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------
[18/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
PEP8 of integration/smoke/test_vpc_vpn
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/ecc8cc0b
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/ecc8cc0b
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/ecc8cc0b
Branch: refs/heads/master
Commit: ecc8cc0bc958e40b37a4fb7794d6a49deebe3e9b
Parents: a42b046
Author: Michael Andersen <ma...@schubergphilis.com>
Authored: Tue Dec 22 12:29:44 2015 +0100
Committer: Michael Andersen <ma...@schubergphilis.com>
Committed: Tue Jan 12 11:24:35 2016 +0100
----------------------------------------------------------------------
test/integration/smoke/test_vpc_vpn.py | 50 ++++++++++++++++-------------
1 file changed, 28 insertions(+), 22 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/ecc8cc0b/test/integration/smoke/test_vpc_vpn.py
----------------------------------------------------------------------
diff --git a/test/integration/smoke/test_vpc_vpn.py b/test/integration/smoke/test_vpc_vpn.py
index a8195dc..af74e6f 100644
--- a/test/integration/smoke/test_vpc_vpn.py
+++ b/test/integration/smoke/test_vpc_vpn.py
@@ -19,7 +19,8 @@
# Import Local Modules
from marvin.codes import PASS, FAILED
from marvin.cloudstackTestCase import cloudstackTestCase
-from marvin.lib.utils import (cleanup_resources,
+from marvin.lib.utils import (validateList,
+ cleanup_resources,
get_process_status)
from marvin.lib.base import (Domain,
@@ -259,7 +260,6 @@ class Services:
}
-
class TestVpcRemoteAccessVpn(cloudstackTestCase):
@classmethod
@@ -286,8 +286,10 @@ class TestVpcRemoteAccessVpn(cloudstackTestCase):
cls.hypervisor = testClient.getHypervisorInfo()
- cls.logger.debug("Downloading Template: %s from: %s" %(cls.services["template"][cls.hypervisor.lower()], cls.services["template"][cls.hypervisor.lower()]["url"]))
- cls.template = Template.register(cls.apiclient, cls.services["template"][cls.hypervisor.lower()], cls.zone.id, hypervisor=cls.hypervisor.lower(), account=cls.account.name, domainid=cls.domain.id)
+ cls.logger.debug("Downloading Template: %s from: %s" % (cls.services["template"][
+ cls.hypervisor.lower()], cls.services["template"][cls.hypervisor.lower()]["url"]))
+ cls.template = Template.register(cls.apiclient, cls.services["template"][cls.hypervisor.lower(
+ )], cls.zone.id, hypervisor=cls.hypervisor.lower(), account=cls.account.name, domainid=cls.domain.id)
cls.template.download(cls.apiclient)
if cls.template == FAILED:
@@ -463,8 +465,10 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
cls.hypervisor = testClient.getHypervisorInfo()
- cls.logger.debug("Downloading Template: %s from: %s" %(cls.services["template"][cls.hypervisor.lower()], cls.services["template"][cls.hypervisor.lower()]["url"]))
- cls.template = Template.register(cls.apiclient, cls.services["template"][cls.hypervisor.lower()], cls.zone.id, hypervisor=cls.hypervisor.lower(), account=cls.account.name, domainid=cls.domain.id)
+ cls.logger.debug("Downloading Template: %s from: %s" % (cls.services["template"][
+ cls.hypervisor.lower()], cls.services["template"][cls.hypervisor.lower()]["url"]))
+ cls.template = Template.register(cls.apiclient, cls.services["template"][cls.hypervisor.lower(
+ )], cls.zone.id, hypervisor=cls.hypervisor.lower(), account=cls.account.name, domainid=cls.domain.id)
cls.template.download(cls.apiclient)
if cls.template == FAILED:
@@ -530,11 +534,11 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
self.apiclient,
id=vpc_offering.id
)
- self.assertEqual(
- isinstance(vpc_offs, list),
- True,
- "List VPC offerings should return a valid list"
- )
+ offering_list = validateList(vpc_offs)
+ self.assertEqual(offering_list[0],
+ PASS,
+ "List VPC offerings should return a valid list"
+ )
self.assertEqual(
vpc_offering.name,
vpc_offs[0].name,
@@ -824,8 +828,10 @@ class TestRVPCSite2SiteVpn(cloudstackTestCase):
cls.hypervisor = testClient.getHypervisorInfo()
- cls.logger.debug("Downloading Template: %s from: %s" %(cls.services["template"][cls.hypervisor.lower()], cls.services["template"][cls.hypervisor.lower()]["url"]))
- cls.template = Template.register(cls.apiclient, cls.services["template"][cls.hypervisor.lower()], cls.zone.id, hypervisor=cls.hypervisor.lower(), account=cls.account.name, domainid=cls.domain.id)
+ cls.logger.debug("Downloading Template: %s from: %s" % (cls.services["template"][
+ cls.hypervisor.lower()], cls.services["template"][cls.hypervisor.lower()]["url"]))
+ cls.template = Template.register(cls.apiclient, cls.services["template"][cls.hypervisor.lower(
+ )], cls.zone.id, hypervisor=cls.hypervisor.lower(), account=cls.account.name, domainid=cls.domain.id)
cls.template.download(cls.apiclient)
if cls.template == FAILED:
@@ -845,11 +851,11 @@ class TestRVPCSite2SiteVpn(cloudstackTestCase):
self.apiclient,
id=vpc_offering.id
)
- self.assertEqual(
- isinstance(vpc_offs, list),
- True,
- "List VPC offerings should return a valid list"
- )
+ offering_list = validateList(vpc_offs)
+ self.assertEqual(offering_list[0],
+ PASS,
+ "List VPC offerings should return a valid list"
+ )
self.assertEqual(
vpc_offering.name,
vpc_offs[0].name,
@@ -876,7 +882,6 @@ class TestRVPCSite2SiteVpn(cloudstackTestCase):
return vpc_off
-
def _get_ssh_client(self, virtual_machine, services, retries):
""" Setup ssh client connection and return connection
vm requires attributes public_ip, public_port, username, password """
@@ -923,7 +928,6 @@ class TestRVPCSite2SiteVpn(cloudstackTestCase):
vm.public_port = int(public_port)
return nat_rule
-
@attr(tags=["advanced"], required_hardware="true")
def test_01_redundant_vpc_site2site_vpn(self):
"""Test Site 2 Site VPN Across redundant VPCs"""
@@ -936,8 +940,10 @@ class TestRVPCSite2SiteVpn(cloudstackTestCase):
networkOffering) > 0, "No VPC based network offering")
# Create and enable redundant VPC offering
- redundant_vpc_offering = self._create_vpc_offering('redundant_vpc_offering')
- self.assert_(redundant_vpc_offering is not None, "Failed to create redundant VPC Offering")
+ redundant_vpc_offering = self._create_vpc_offering(
+ 'redundant_vpc_offering')
+ self.assert_(redundant_vpc_offering is not None,
+ "Failed to create redundant VPC Offering")
redundant_vpc_offering.update(self.apiclient, state='Enabled')
[27/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
Merge pull request #1276 from michaelandersen/fix/site2sitevpn
[4.7] FIX Site2SiteVPN on redundant VPCThis PR:
- fixes the inability to setup more than one Site2Site VPN connection from a VPC
- fixes starting of Site2Site VPN on redundant VPC
- fixes Site2Site VPN state checking on redundant VPC
- improves the vpc_vpn test to allow multple hypervisors
- adds an integration test for Site2Site VPN on redundant VPC
Tested it on 4.7 single Xen server zone:
command:
```
nosetests --with-marvin --marvin-config=/data/shared/marvin/mct-zone1-xen1.cfg -a tags=advanced,required_hardware=true /tmp/test_vpc_vpn.py
```
results:
```
Test Site 2 Site VPN Across redundant VPCs ... === TestName: test_01_redundant_vpc_site2site_vpn | Status : SUCCESS ===
ok
Test Remote Access VPN in VPC ... === TestName: test_01_vpc_remote_access_vpn | Status : SUCCESS ===
ok
Test Site 2 Site VPN Across VPCs ... === TestName: test_01_vpc_site2site_vpn | Status : SUCCESS ===
ok
----------------------------------------------------------------------
Ran 3 tests in 1490.076s
OK
```
also performed numerous manual inspections of state of VPN connections and connectivity between VPC's
* pr/1276:
Fix unable to setup more than one Site2Site VPN Connection
FIX S2S VPN rVPC: Check only redundant routers in state MASTER
PEP8 of integration/smoke/test_vpc_vpn
Add S2S VPN test for Redundant VPC
Make integration/smoke/test_vpc_vpn Hypervisor independant
FIX VPN: non-working ipsec commands
Signed-off-by: Remi Bergsma <gi...@remi.nl>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/5fdc77e1
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/5fdc77e1
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/5fdc77e1
Branch: refs/heads/master
Commit: 5fdc77e16c227f31705d119ed47df64aa165ae42
Parents: 450db8c 435a98c
Author: Remi Bergsma <gi...@remi.nl>
Authored: Sat Jan 16 19:51:45 2016 +0100
Committer: Remi Bergsma <gi...@remi.nl>
Committed: Sat Jan 16 19:51:46 2016 +0100
----------------------------------------------------------------------
.../VirtualNetworkApplianceManagerImpl.java | 3 +
.../debian/config/opt/cloud/bin/configure.py | 16 +-
.../config/opt/cloud/bin/cs_site2sitevpn.py | 2 +-
test/integration/smoke/test_vpc_vpn.py | 539 +++++++++++++++++--
4 files changed, 505 insertions(+), 55 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/5fdc77e1/systemvm/patches/debian/config/opt/cloud/bin/configure.py
----------------------------------------------------------------------
[25/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
Merge pull request #1296 from remibergsma/fix-checkrouter-script47
CLOUDSTACK-9181 Prevent syntax error in checkrouter.shAdded quotes to prevent syntax errors in weird situations.
Error seen in mgt server:
```
2015-12-15 14:30:32,371 DEBUG [c.c.a.m.AgentManagerImpl] (RedundantRouterStatusMonitor-7:ctx-0dd8ef3e) Details from executing class com.cloud.agent.api.CheckRouterCommand: Status: UNKNOWN
/opt/cloud/bin/checkrouter.sh: line 28: [: =: unary operator expected
/opt/cloud/bin/checkrouter.sh: line 31: [: =: unary operator expected
```
Cause:
```
root@r-1191-VM:/opt/cloud/bin# ./checkrouter.sh
./checkrouter.sh: line 28: [: =: unary operator expected
./checkrouter.sh: line 31: [: =: unary operator expected
Status: UNKNOWN
```
Somehow a nic was missing.
After fix the script can handle this:
```
root@r-1191-VM:/opt/cloud/bin# ./checkrouter.sh
Status: UNKNOWN
```
The other states are also reported fine:
```
root@r-1191-VM:/opt/cloud/bin# ./checkrouter.sh
Status: MASTER
```
```
root@r-1192-VM:/opt/cloud/bin# ./checkrouter.sh
Status: BACKUP
```
While at it, I also removed the INTERFACES variable/constant as it was only used once and hardcoded the second time. Now both are hardcoded and easier to read.
* pr/1296:
make both check lines consistent
CLOUDSTACK-9181 Prevent syntax error in checkrouter.sh
Signed-off-by: Remi Bergsma <gi...@remi.nl>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/66a933af
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/66a933af
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/66a933af
Branch: refs/heads/master
Commit: 66a933afab036da48a287cd5f8f1afab53cbd6be
Parents: b4ebfb6 8fb6770
Author: Remi Bergsma <gi...@remi.nl>
Authored: Sat Jan 16 19:46:06 2016 +0100
Committer: Remi Bergsma <gi...@remi.nl>
Committed: Sat Jan 16 19:46:06 2016 +0100
----------------------------------------------------------------------
.../patches/debian/config/opt/cloud/bin/checkrouter.sh | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
----------------------------------------------------------------------
[22/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
Merge pull request #1300 from nitin-maharana/CloudStack-Nitin10_4.7
CLOUDSTACK-9192: UpdateVpnCustomerGateway is failingReproducible Steps:
================
1.Create a customer gateway for a VPC.
2.Edit it using UI(API call is UpdateVpnCustomerGateway).
3.When we try to update the customer vpn gateway with connection state is not in "Error", we see the API error but that won't be reflected to the user in UI.
Actual Behaviour:
==============
The API throws error. But UI doesn't show it to user.
Expected Behaviour:
================
The UI should show the error to user.
Fix:
===
TypeError: json.updatecustomergatewayresponse is undefined
The response name was wrong so corrected it.
It should be json.updatevpncustomergatewayresponse.
Added the error function.
* pr/1300:
CLOUDSTACK-9192: UpdateVpnCustomerGateway is failing
Signed-off-by: Remi Bergsma <gi...@remi.nl>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/146a6fd3
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/146a6fd3
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/146a6fd3
Branch: refs/heads/master
Commit: 146a6fd3ec9e94dd0715e43a72d9f780d7763b04
Parents: 1b5c645 116b2b6
Author: Remi Bergsma <gi...@remi.nl>
Authored: Sat Jan 16 19:41:04 2016 +0100
Committer: Remi Bergsma <gi...@remi.nl>
Committed: Sat Jan 16 19:41:04 2016 +0100
----------------------------------------------------------------------
ui/scripts/network.js | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/146a6fd3/ui/scripts/network.js
----------------------------------------------------------------------
[12/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
[DB] Add force_encap field to s2s_customer_gateway table
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/74f670dc
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/74f670dc
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/74f670dc
Branch: refs/heads/master
Commit: 74f670dc3ccaf8bf37370616312b4b6d2b49d119
Parents: 21acc95
Author: Michael Andersen <ma...@schubergphilis.com>
Authored: Thu Jan 7 13:59:14 2016 +0100
Committer: Michael Andersen <ma...@schubergphilis.com>
Committed: Thu Jan 7 19:27:43 2016 +0100
----------------------------------------------------------------------
setup/db/db/schema-470to471.sql | 1 +
1 file changed, 1 insertion(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/74f670dc/setup/db/db/schema-470to471.sql
----------------------------------------------------------------------
diff --git a/setup/db/db/schema-470to471.sql b/setup/db/db/schema-470to471.sql
index 08b7f62..d632a72 100644
--- a/setup/db/db/schema-470to471.sql
+++ b/setup/db/db/schema-470to471.sql
@@ -18,3 +18,4 @@
--;
-- Schema upgrade from 4.7.0 to 4.7.1;
--;
+ALTER TABLE cloud.s2s_customer_gateway ADD COLUMN force_encap INT(1) NOT NULL DEFAULT 0 AFTER dpd;
[16/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
Add S2S VPN test for Redundant VPC
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/a42b0469
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/a42b0469
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/a42b0469
Branch: refs/heads/master
Commit: a42b04695fd1bd87421032bafd1402027bdfaed8
Parents: fd83ca0
Author: Michael Andersen <ma...@schubergphilis.com>
Authored: Tue Dec 22 12:00:55 2015 +0100
Committer: Michael Andersen <ma...@schubergphilis.com>
Committed: Tue Jan 12 11:24:34 2016 +0100
----------------------------------------------------------------------
test/integration/smoke/test_vpc_vpn.py | 367 +++++++++++++++++++++++++++-
1 file changed, 366 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/a42b0469/test/integration/smoke/test_vpc_vpn.py
----------------------------------------------------------------------
diff --git a/test/integration/smoke/test_vpc_vpn.py b/test/integration/smoke/test_vpc_vpn.py
index 9b78bf8..a8195dc 100644
--- a/test/integration/smoke/test_vpc_vpn.py
+++ b/test/integration/smoke/test_vpc_vpn.py
@@ -304,7 +304,7 @@ class TestVpcRemoteAccessVpn(cloudstackTestCase):
def test_01_vpc_remote_access_vpn(self):
"""Test Remote Access VPN in VPC"""
- self.logger.debug("Starting test: test_01_vpc_site2site_vpn")
+ self.logger.debug("Starting test: test_01_vpc_remote_access_vpn")
# 0) Get the default network offering for VPC
self.logger.debug("Retrieving default VPC offering")
@@ -796,3 +796,368 @@ class TestVpcSite2SiteVpn(cloudstackTestCase):
cleanup_resources(cls.apiclient, cls.cleanup)
except Exception, e:
raise Exception("Cleanup failed with %s" % e)
+
+
+class TestRVPCSite2SiteVpn(cloudstackTestCase):
+
+ @classmethod
+ def setUpClass(cls):
+ cls.logger = logging.getLogger('TestRVPCSite2SiteVPN')
+ cls.stream_handler = logging.StreamHandler()
+ cls.logger.setLevel(logging.DEBUG)
+ cls.logger.addHandler(cls.stream_handler)
+
+ testClient = super(TestRVPCSite2SiteVpn, cls).getClsTestClient()
+ cls.apiclient = testClient.getApiClient()
+ cls.services = Services().services
+
+ cls.zone = get_zone(cls.apiclient, testClient.getZoneForTests())
+ cls.domain = get_domain(cls.apiclient)
+
+ cls.compute_offering = ServiceOffering.create(
+ cls.apiclient,
+ cls.services["compute_offering"]
+ )
+
+ cls.account = Account.create(
+ cls.apiclient, services=cls.services["account"])
+
+ cls.hypervisor = testClient.getHypervisorInfo()
+
+ cls.logger.debug("Downloading Template: %s from: %s" %(cls.services["template"][cls.hypervisor.lower()], cls.services["template"][cls.hypervisor.lower()]["url"]))
+ cls.template = Template.register(cls.apiclient, cls.services["template"][cls.hypervisor.lower()], cls.zone.id, hypervisor=cls.hypervisor.lower(), account=cls.account.name, domainid=cls.domain.id)
+ cls.template.download(cls.apiclient)
+
+ if cls.template == FAILED:
+ assert False, "get_template() failed to return template"
+
+ cls.logger.debug("Successfully created account: %s, id: \
+ %s" % (cls.account.name,
+ cls.account.id))
+
+ cls.cleanup = [cls.template, cls.account, cls.compute_offering]
+ return
+
+ def _validate_vpc_offering(self, vpc_offering):
+
+ self.logger.debug("Check if the VPC offering is created successfully?")
+ vpc_offs = VpcOffering.list(
+ self.apiclient,
+ id=vpc_offering.id
+ )
+ self.assertEqual(
+ isinstance(vpc_offs, list),
+ True,
+ "List VPC offerings should return a valid list"
+ )
+ self.assertEqual(
+ vpc_offering.name,
+ vpc_offs[0].name,
+ "Name of the VPC offering should match with listVPCOff data"
+ )
+ self.logger.debug(
+ "VPC offering is created successfully - %s" %
+ vpc_offering.name)
+ return
+
+ def _create_vpc_offering(self, offering_name):
+
+ vpc_off = None
+ if offering_name is not None:
+
+ self.logger.debug("Creating VPC offering: %s", offering_name)
+ vpc_off = VpcOffering.create(
+ self.apiclient,
+ self.services[offering_name]
+ )
+
+ self._validate_vpc_offering(vpc_off)
+ self.cleanup.append(vpc_off)
+
+ return vpc_off
+
+
+ def _get_ssh_client(self, virtual_machine, services, retries):
+ """ Setup ssh client connection and return connection
+ vm requires attributes public_ip, public_port, username, password """
+
+ try:
+ ssh_client = SshClient(
+ virtual_machine.public_ip,
+ services["virtual_machine"]["ssh_port"],
+ services["virtual_machine"]["username"],
+ services["virtual_machine"]["password"],
+ retries)
+
+ except Exception as e:
+ self.fail("Unable to create ssh connection: " % e)
+
+ self.assertIsNotNone(
+ ssh_client, "Failed to setup ssh connection to vm=%s on public_ip=%s" % (virtual_machine.name, virtual_machine.public_ip))
+
+ return ssh_client
+
+ def _create_natrule(self, vpc, vm, public_port, private_port, public_ip, network, services=None):
+ self.logger.debug("Creating NAT rule in network for vm with public IP")
+ if not services:
+ self.services["natrule"]["privateport"] = private_port
+ self.services["natrule"]["publicport"] = public_port
+ self.services["natrule"]["startport"] = public_port
+ self.services["natrule"]["endport"] = public_port
+ services = self.services["natrule"]
+
+ nat_rule = NATRule.create(
+ apiclient=self.apiclient,
+ services=services,
+ ipaddressid=public_ip.ipaddress.id,
+ virtual_machine=vm,
+ networkid=network.id
+ )
+ self.assertIsNotNone(
+ nat_rule, "Failed to create NAT Rule for %s" % public_ip.ipaddress.ipaddress)
+ self.logger.debug(
+ "Adding NetworkACL rules to make NAT rule accessible")
+
+ vm.ssh_ip = nat_rule.ipaddress
+ vm.public_ip = nat_rule.ipaddress
+ vm.public_port = int(public_port)
+ return nat_rule
+
+
+ @attr(tags=["advanced"], required_hardware="true")
+ def test_01_redundant_vpc_site2site_vpn(self):
+ """Test Site 2 Site VPN Across redundant VPCs"""
+ self.logger.debug("Starting test: test_02_redundant_vpc_site2site_vpn")
+
+ # 0) Get the default network offering for VPC
+ networkOffering = NetworkOffering.list(
+ self.apiclient, name="DefaultIsolatedNetworkOfferingForVpcNetworks")
+ self.assert_(networkOffering is not None and len(
+ networkOffering) > 0, "No VPC based network offering")
+
+ # Create and enable redundant VPC offering
+ redundant_vpc_offering = self._create_vpc_offering('redundant_vpc_offering')
+ self.assert_(redundant_vpc_offering is not None, "Failed to create redundant VPC Offering")
+
+ redundant_vpc_offering.update(self.apiclient, state='Enabled')
+
+ # Create VPC 1
+ vpc1 = None
+ try:
+ vpc1 = VPC.create(
+ apiclient=self.apiclient,
+ services=self.services["vpc"],
+ networkDomain="vpc1.vpn",
+ vpcofferingid=redundant_vpc_offering.id,
+ zoneid=self.zone.id,
+ account=self.account.name,
+ domainid=self.domain.id
+ )
+ except Exception as e:
+ self.fail(e)
+ finally:
+ self.assert_(vpc1 is not None, "VPC1 creation failed")
+
+ self.logger.debug("VPC1 %s created" % vpc1.id)
+
+ # Create VPC 2
+ vpc2 = None
+ try:
+ vpc2 = VPC.create(
+ apiclient=self.apiclient,
+ services=self.services["vpc2"],
+ networkDomain="vpc2.vpn",
+ vpcofferingid=redundant_vpc_offering.id,
+ zoneid=self.zone.id,
+ account=self.account.name,
+ domainid=self.account.domainid
+ )
+ except Exception as e:
+ self.fail(e)
+ finally:
+ self.assert_(vpc2 is not None, "VPC2 creation failed")
+
+ self.logger.debug("VPC2 %s created" % vpc2.id)
+
+ default_acl = NetworkACLList.list(
+ self.apiclient, name="default_allow")[0]
+
+ # Create network in VPC 1
+ ntwk1 = None
+ try:
+ ntwk1 = Network.create(
+ apiclient=self.apiclient,
+ services=self.services["network_1"],
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ networkofferingid=networkOffering[0].id,
+ zoneid=self.zone.id,
+ vpcid=vpc1.id,
+ aclid=default_acl.id
+ )
+ except Exception as e:
+ self.fail(e)
+ finally:
+ self.assertIsNotNone(ntwk1, "Network failed to create")
+
+ self.logger.debug("Network %s created in VPC %s" % (ntwk1.id, vpc1.id))
+
+ # Create network in VPC 2
+ ntwk2 = None
+ try:
+ ntwk2 = Network.create(
+ apiclient=self.apiclient,
+ services=self.services["network_2"],
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ networkofferingid=networkOffering[0].id,
+ zoneid=self.zone.id,
+ vpcid=vpc2.id,
+ aclid=default_acl.id
+ )
+ except Exception as e:
+ self.fail(e)
+ finally:
+ self.assertIsNotNone(ntwk2, "Network failed to create")
+
+ self.logger.debug("Network %s created in VPC %s" % (ntwk2.id, vpc2.id))
+
+ # Deploy a vm in network 2
+ vm1 = None
+ try:
+ vm1 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
+ templateid=self.template.id,
+ zoneid=self.zone.id,
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ serviceofferingid=self.compute_offering.id,
+ networkids=ntwk1.id,
+ hypervisor=self.hypervisor
+ )
+ except Exception as e:
+ self.fail(e)
+ finally:
+ self.assert_(vm1 is not None, "VM failed to deploy")
+ self.assert_(vm1.state == 'Running', "VM is not running")
+
+ self.logger.debug("VM %s deployed in VPC %s" % (vm1.id, vpc1.id))
+
+ # Deploy a vm in network 2
+ vm2 = None
+ try:
+ vm2 = VirtualMachine.create(self.apiclient, services=self.services["virtual_machine"],
+ templateid=self.template.id,
+ zoneid=self.zone.id,
+ accountid=self.account.name,
+ domainid=self.account.domainid,
+ serviceofferingid=self.compute_offering.id,
+ networkids=ntwk2.id,
+ hypervisor=self.hypervisor
+ )
+ except Exception as e:
+ self.fail(e)
+ finally:
+ self.assert_(vm2 is not None, "VM failed to deploy")
+ self.assert_(vm2.state == 'Running', "VM is not running")
+
+ self.debug("VM %s deployed in VPC %s" % (vm2.id, vpc2.id))
+
+ # 4) Enable Site-to-Site VPN for VPC
+ vpn1_response = Vpn.createVpnGateway(self.apiclient, vpc1.id)
+ self.assert_(
+ vpn1_response is not None, "Failed to enable VPN Gateway 1")
+ self.logger.debug("VPN gateway for VPC %s enabled" % vpc1.id)
+
+ vpn2_response = Vpn.createVpnGateway(self.apiclient, vpc2.id)
+ self.assert_(
+ vpn2_response is not None, "Failed to enable VPN Gateway 2")
+ self.logger.debug("VPN gateway for VPC %s enabled" % vpc2.id)
+
+ # 5) Add VPN Customer gateway info
+ src_nat_list = PublicIPAddress.list(
+ self.apiclient,
+ account=self.account.name,
+ domainid=self.account.domainid,
+ listall=True,
+ issourcenat=True,
+ vpcid=vpc1.id
+ )
+ ip1 = src_nat_list[0]
+ src_nat_list = PublicIPAddress.list(
+ self.apiclient,
+ account=self.account.name,
+ domainid=self.account.domainid,
+ listall=True,
+ issourcenat=True,
+ vpcid=vpc2.id
+ )
+ ip2 = src_nat_list[0]
+
+ services = self.services["vpncustomergateway"]
+ customer1_response = VpnCustomerGateway.create(
+ self.apiclient, services, "Peer VPC1", ip1.ipaddress, vpc1.cidr, self.account.name, self.domain.id)
+ self.debug("VPN customer gateway added for VPC %s enabled" % vpc1.id)
+ self.logger.debug(vars(customer1_response))
+
+ customer2_response = VpnCustomerGateway.create(
+ self.apiclient, services, "Peer VPC2", ip2.ipaddress, vpc2.cidr, self.account.name, self.domain.id)
+ self.debug("VPN customer gateway added for VPC %s enabled" % vpc2.id)
+ self.logger.debug(vars(customer2_response))
+
+ # 6) Connect two VPCs
+ vpnconn1_response = Vpn.createVpnConnection(
+ self.apiclient, customer1_response.id, vpn2_response['id'], True)
+ self.debug("VPN passive connection created for VPC %s" % vpc2.id)
+
+ vpnconn2_response = Vpn.createVpnConnection(
+ self.apiclient, customer2_response.id, vpn1_response['id'])
+ self.debug("VPN connection created for VPC %s" % vpc1.id)
+
+ self.assertEqual(
+ vpnconn2_response['state'], "Connected", "Failed to connect between VPCs!")
+
+ # acquire an extra ip address to use to ssh into vm2
+ try:
+ vm2.public_ip = PublicIPAddress.create(
+ apiclient=self.apiclient,
+ accountid=self.account.name,
+ zoneid=self.zone.id,
+ domainid=self.account.domainid,
+ services=self.services,
+ networkid=ntwk2.id,
+ vpcid=vpc2.id)
+ except Exception as e:
+ self.fail(e)
+ finally:
+ self.assert_(
+ vm2.public_ip is not None, "Failed to aqcuire public ip for vm2")
+
+ # Create port forward to be able to ssh into vm2
+ natrule = None
+ try:
+ natrule = self._create_natrule(
+ vpc2, vm2, 22, 22, vm2.public_ip, ntwk2)
+ except Exception as e:
+ self.fail(e)
+ finally:
+ self.assert_(
+ natrule is not None, "Failed to create portforward for vm2")
+ time.sleep(20)
+
+ # setup ssh connection to vm2
+ ssh_client = self._get_ssh_client(vm2, self.services, 10)
+
+ if ssh_client:
+ # run ping test
+ packet_loss = ssh_client.execute(
+ "/bin/ping -c 3 -t 10 " + vm1.nic[0].ipaddress + " |grep packet|cut -d ' ' -f 7| cut -f1 -d'%'")[0]
+ self.assert_(int(packet_loss) == 0, "Ping did not succeed")
+ else:
+ self.fail("Failed to setup ssh connection to %s" % vm2.public_ip)
+
+ @classmethod
+ def tearDownClass(cls):
+ try:
+ cleanup_resources(cls.apiclient, cls.cleanup)
+ except Exception, e:
+ raise Exception("Cleanup failed with %s" % e)
[26/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
Merge pull request #1291 from remibergsma/bump-ssh-timeout
CLOUDSTACK-9202 Bump ssh timeout for VR commandsIt seems the VR needs more time for some of its commands. Until we figured out the root cause, this allows the VRs to start again.
Error seen:
```
2015-12-28 14:35:18,201 ERROR [c.c.n.r.VirtualNetworkApplianceManagerImpl] (Work-Job-Executor-1:ctx-34ff7f80 job-39723/job-39726 ctx-d63de41b) Timed out in waiting SSH execution result
2015-12-28 14:35:18,201 WARN [c.c.n.r.VirtualNetworkApplianceManagerImpl] (Work-Job-Executor-1:ctx-34ff7f80 job-39723/job-39726 ctx-d63de41b) Command: com.cloud.agent.api.Command failed while starting virtua
l router
2015-12-28 14:35:18,201 INFO [c.c.v.VirtualMachineManagerImpl] (Work-Job-Executor-1:ctx-34ff7f80 job-39723/job-39726 ctx-d63de41b) The guru did not like the answers so stopping VM[DomainRouter|r-1534-VM]
.Answer":{"result":true,"wait":0}},{"com.cloud.agent.api.Answer":{"result":false,"details":"Timed out in waiting SSH execution result","wait":0}}] }
```
* pr/1291:
CLOUDSTACK-9202 Bump ssh timeout
Signed-off-by: Remi Bergsma <gi...@remi.nl>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/450db8c6
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/450db8c6
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/450db8c6
Branch: refs/heads/master
Commit: 450db8c6cd5133c68b00ffa925db9c90fd6cfcf7
Parents: 66a933a 1c5e899
Author: Remi Bergsma <gi...@remi.nl>
Authored: Sat Jan 16 19:47:00 2016 +0100
Committer: Remi Bergsma <gi...@remi.nl>
Committed: Sat Jan 16 19:47:01 2016 +0100
----------------------------------------------------------------------
utils/src/main/java/com/cloud/utils/ssh/SSHCmdHelper.java | 4 +++-
utils/src/main/java/com/cloud/utils/ssh/SshHelper.java | 4 ++--
2 files changed, 5 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
[10/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
[TEST] unittest needs rework
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/4a08dbe2
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/4a08dbe2
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/4a08dbe2
Branch: refs/heads/master
Commit: 4a08dbe235d30ca2ab25a72e6260a3aec629b2db
Parents: 0b54871
Author: Michael Andersen <ma...@schubergphilis.com>
Authored: Wed Dec 23 21:51:54 2015 +0100
Committer: Michael Andersen <ma...@schubergphilis.com>
Committed: Thu Jan 7 19:27:42 2016 +0100
----------------------------------------------------------------------
.../resource/virtualnetwork/VirtualRoutingResourceTest.java | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/4a08dbe2/core/test/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResourceTest.java
----------------------------------------------------------------------
diff --git a/core/test/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResourceTest.java b/core/test/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResourceTest.java
index c4e134b..6b5f1d1 100644
--- a/core/test/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResourceTest.java
+++ b/core/test/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResourceTest.java
@@ -494,17 +494,17 @@ public class VirtualRoutingResourceTest implements VirtualRouterDeployer {
public void testSite2SiteVpnCfgCommand() {
_count = 0;
- Site2SiteVpnCfgCommand cmd = new Site2SiteVpnCfgCommand(true, "64.10.1.10", "64.10.1.1", "192.168.1.1/16", "124.10.1.10", "192.168.100.1/24", "3des-sha1,aes128-sha1;modp1536", "3des-sha1,aes128-md5", "psk", Long.valueOf(1800), Long.valueOf(1800), true, false);
+ Site2SiteVpnCfgCommand cmd = new Site2SiteVpnCfgCommand(true, "64.10.1.10", "64.10.1.1", "192.168.1.1/16", "124.10.1.10", "192.168.100.1/24", "3des-sha1,aes128-sha1;modp1536", "3des-sha1,aes128-md5", "psk", Long.valueOf(1800), Long.valueOf(1800), true, false, false);
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, ROUTERNAME);
Answer answer = _resource.executeRequest(cmd);
assertTrue(answer.getResult());
- cmd = new Site2SiteVpnCfgCommand(true, "64.10.1.10", "64.10.1.1", "192.168.1.1/16", "124.10.1.10", "192.168.100.1/24", "3des-sha1,aes128-sha1;modp1536", "3des-sha1,aes128-md5", "psk", Long.valueOf(1800), Long.valueOf(1800), false, true);
+ cmd = new Site2SiteVpnCfgCommand(true, "64.10.1.10", "64.10.1.1", "192.168.1.1/16", "124.10.1.10", "192.168.100.1/24", "3des-sha1,aes128-sha1;modp1536", "3des-sha1,aes128-md5", "psk", Long.valueOf(1800), Long.valueOf(1800), false, true, false);
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, ROUTERNAME);
answer = _resource.executeRequest(cmd);
assertTrue(answer.getResult());
- cmd = new Site2SiteVpnCfgCommand(false, "64.10.1.10", "64.10.1.1", "192.168.1.1/16", "124.10.1.10", "192.168.100.1/24", "3des-sha1,aes128-sha1;modp1536", "3des-sha1,aes128-md5", "psk", Long.valueOf(1800), Long.valueOf(1800), false, true);
+ cmd = new Site2SiteVpnCfgCommand(false, "64.10.1.10", "64.10.1.1", "192.168.1.1/16", "124.10.1.10", "192.168.100.1/24", "3des-sha1,aes128-sha1;modp1536", "3des-sha1,aes128-md5", "psk", Long.valueOf(1800), Long.valueOf(1800), false, true, false);
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, ROUTERNAME);
answer = _resource.executeRequest(cmd);
assertTrue(answer.getResult());
[28/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
Merge release branch 4.7 to master
* 4.7:
Fix unable to setup more than one Site2Site VPN Connection
FIX S2S VPN rVPC: Check only redundant routers in state MASTER
PEP8 of integration/smoke/test_vpc_vpn
Add S2S VPN test for Redundant VPC
Make integration/smoke/test_vpc_vpn Hypervisor independant
FIX VPN: non-working ipsec commands
[UI] MADNESS
[DB] Add force_encap field to s2s_customer_gateway table
[ROUTER] Add forceencaps field to python router ipsec config method
[TEST] unittest needs rework
[MARVIN] Add forceencap field to VpnCustomerGateway class in marvin base
[CORE] Add Force UDP Encapsulation option to Site2Site VPN
CLOUDSTACK-9186: Root admin cannot see VPC created by Domain admin user
CLOUDSTACK-9192: UpdateVpnCustomerGateway is failing
CLOUDSTACK-6485 prevent ip asignment of private gw iface
CLOUDSTACK-9204 Do not error when staticroute is already gone
make both check lines consistent
CLOUDSTACK-9181 Prevent syntax error in checkrouter.sh
CLOUDSTACK-9202 Bump ssh timeout
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/75b68c68
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/75b68c68
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/75b68c68
Branch: refs/heads/master
Commit: 75b68c68298dab270782be68f8f9f28e551fc5d0
Parents: f79b3e1 5fdc77e
Author: Remi Bergsma <gi...@remi.nl>
Authored: Sat Jan 16 19:54:41 2016 +0100
Committer: Remi Bergsma <gi...@remi.nl>
Committed: Sat Jan 16 19:54:41 2016 +0100
----------------------------------------------------------------------
.../cloud/network/Site2SiteCustomerGateway.java | 2 +
.../org/apache/cloudstack/api/ApiConstants.java | 3 +-
.../user/vpn/CreateVpnCustomerGatewayCmd.java | 5 +
.../user/vpn/UpdateVpnCustomerGatewayCmd.java | 5 +
.../Site2SiteCustomerGatewayResponse.java | 6 +
.../Site2SiteVpnConnectionResponse.java | 9 +
.../classes/resources/messages.properties | 1 +
.../classes/resources/messages_nl_NL.properties | 1 +
.../api/routing/Site2SiteVpnCfgCommand.java | 12 +-
.../facade/Site2SiteVpnConfigItem.java | 2 +-
.../virtualnetwork/model/Site2SiteVpn.java | 13 +-
.../VirtualRoutingResourceTest.java | 6 +-
.../network/dao/Site2SiteCustomerGatewayVO.java | 15 +-
server/src/com/cloud/api/ApiResponseHelper.java | 3 +-
.../network/router/CommandSetupHelper.java | 3 +-
.../VirtualNetworkApplianceManagerImpl.java | 3 +
.../com/cloud/network/vpc/VpcManagerImpl.java | 2 +-
.../network/vpn/Site2SiteVpnManagerImpl.java | 13 +-
setup/db/db/schema-470to471.sql | 1 +
.../debian/config/opt/cloud/bin/checkrouter.sh | 11 +-
.../debian/config/opt/cloud/bin/configure.py | 21 +-
.../config/opt/cloud/bin/cs_site2sitevpn.py | 2 +-
.../config/opt/cloud/bin/cs_staticroutes.py | 5 +-
test/integration/smoke/test_vpc_vpn.py | 539 +++++++++++++++++--
tools/marvin/marvin/lib/base.py | 4 +
ui/dictionary2.jsp | 3 +-
ui/scripts/docs.js | 6 +-
ui/scripts/network.js | 26 +-
ui/scripts/vpc.js | 12 +-
.../java/com/cloud/utils/ssh/SSHCmdHelper.java | 4 +-
.../java/com/cloud/utils/ssh/SshHelper.java | 4 +-
31 files changed, 655 insertions(+), 87 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/75b68c68/api/src/org/apache/cloudstack/api/ApiConstants.java
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/75b68c68/client/WEB-INF/classes/resources/messages.properties
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/75b68c68/server/src/com/cloud/api/ApiResponseHelper.java
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/75b68c68/tools/marvin/marvin/lib/base.py
----------------------------------------------------------------------
[03/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
make both check lines consistent
No need to make a variable, use it on one place and hardcode it on another.
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/8fb67702
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/8fb67702
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/8fb67702
Branch: refs/heads/master
Commit: 8fb677027dc48d034fa9440b125c6bae084266d4
Parents: 525949e
Author: Remi Bergsma <gi...@remi.nl>
Authored: Wed Dec 16 14:45:57 2015 +0100
Committer: Remi Bergsma <gi...@remi.nl>
Committed: Mon Dec 28 17:06:58 2015 +0100
----------------------------------------------------------------------
systemvm/patches/debian/config/opt/cloud/bin/checkrouter.sh | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/8fb67702/systemvm/patches/debian/config/opt/cloud/bin/checkrouter.sh
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/checkrouter.sh b/systemvm/patches/debian/config/opt/cloud/bin/checkrouter.sh
index f867a48..0a9041b 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/checkrouter.sh
+++ b/systemvm/patches/debian/config/opt/cloud/bin/checkrouter.sh
@@ -17,14 +17,13 @@
# under the License.
STATUS=UNKNOWN
-INTERFACE=eth1
ROUTER_TYPE=$(cat /etc/cloudstack/cmdline.json | grep type | awk '{print $2;}' | sed -e 's/[,\"]//g')
if [ "$ROUTER_TYPE" = "router" ]
then
ROUTER_STATE=$(ip addr | grep eth0 | grep inet | wc -l | xargs bash -c 'if [ $0 == 2 ]; then echo "MASTER"; else echo "BACKUP"; fi')
STATUS=$ROUTER_STATE
else
- ROUTER_STATE=$(ip addr | grep $INTERFACE | grep state | awk '{print $9;}')
+ ROUTER_STATE=$(ip addr | grep eth1 | grep state | awk '{print $9;}')
if [ "$ROUTER_STATE" = "UP" ]
then
STATUS=MASTER
[19/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
FIX S2S VPN rVPC: Check only redundant routers in state MASTER
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/230c9cf5
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/230c9cf5
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/230c9cf5
Branch: refs/heads/master
Commit: 230c9cf59e6e3d462a47a3329077ed728ddf5ddf
Parents: ecc8cc0
Author: Michael Andersen <ma...@schubergphilis.com>
Authored: Tue Dec 22 20:38:18 2015 +0100
Committer: Michael Andersen <ma...@schubergphilis.com>
Committed: Tue Jan 12 11:24:35 2016 +0100
----------------------------------------------------------------------
.../cloud/network/router/VirtualNetworkApplianceManagerImpl.java | 3 +++
1 file changed, 3 insertions(+)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/230c9cf5/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
index 41cc558..ac8b868 100644
--- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
+++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
@@ -907,6 +907,9 @@ Configurable, StateListener<VirtualMachine.State, VirtualMachine.Event, VirtualM
if (conns == null || conns.isEmpty()) {
continue;
}
+ if (router.getIsRedundantRouter() && router.getRedundantState() != RedundantState.MASTER){
+ continue;
+ }
if (router.getState() != VirtualMachine.State.Running) {
for (final Site2SiteVpnConnectionVO conn : conns) {
if (conn.getState() != Site2SiteVpnConnection.State.Error) {
[09/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
[ROUTER] Add forceencaps field to python router ipsec config method
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/21acc95d
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/21acc95d
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/21acc95d
Branch: refs/heads/master
Commit: 21acc95d574cf074b22a958946feb34dee9e0c4a
Parents: 4a08dbe
Author: Michael Andersen <ma...@schubergphilis.com>
Authored: Wed Dec 23 21:52:22 2015 +0100
Committer: Michael Andersen <ma...@schubergphilis.com>
Committed: Thu Jan 7 19:27:42 2016 +0100
----------------------------------------------------------------------
systemvm/patches/debian/config/opt/cloud/bin/configure.py | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/21acc95d/systemvm/patches/debian/config/opt/cloud/bin/configure.py
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/configure.py b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
index deb4a74..fb82d80 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
@@ -527,6 +527,7 @@ class CsSite2SiteVpn(CsDataBag):
file.addeq(" pfs=%s" % CsHelper.bool_to_yn(obj['dpd']))
file.addeq(" keyingtries=2")
file.addeq(" auto=start")
+ file.addeq(" forceencaps=%s" % CsHelper.bool_to_yn(obj['encap']))
if obj['dpd']:
file.addeq(" dpddelay=30")
file.addeq(" dpdtimeout=120")
@@ -538,9 +539,9 @@ class CsSite2SiteVpn(CsDataBag):
file.commit()
logging.info("Configured vpn %s %s", leftpeer, rightpeer)
CsHelper.execute("ipsec auto --rereadall")
- CsHelper.execute("ipsec --add vpn-%s" % rightpeer)
+ CsHelper.execute("ipsec auto --add vpn-%s" % rightpeer)
if not obj['passive']:
- CsHelper.execute("ipsec --up vpn-%s" % rightpeer)
+ CsHelper.execute("ipsec auto --up vpn-%s" % rightpeer)
os.chmod(vpnsecretsfile, 0o400)
def convert_sec_to_h(self, val):
[24/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
Merge pull request #1298 from remibergsma/staticroute_delete_47
CLOUDSTACK-9204 Do not error when staticroute is already goneWhen deleting a static route fails because it isn't there any more (KeyError), it should succeed instead.
Error seen:
```
[INFO] Processing JSON file static_routes.json.1451560145
Traceback (most recent call last):
File "/opt/cloud/bin/update_config.py", line 140, in <module>
process_file()
File "/opt/cloud/bin/update_config.py", line 52, in process_file
qf.load(None)
File "/opt/cloud/bin/merge.py", line 258, in load
proc = updateDataBag(self)
File "/opt/cloud/bin/merge.py", line 91, in _init_
self.process()
File "/opt/cloud/bin/merge.py", line 131, in process
dbag = self.process_staticroutes(self.db.getDataBag())
File "/opt/cloud/bin/merge.py", line 179, in process_staticroutes
return cs_staticroutes.merge(dbag, self.qFile.data)
File "/opt/cloud/bin/cs_staticroutes.py", line 26, in merge
del dbag[key]
KeyError: u'192.168.0.3'
```
* pr/1298:
CLOUDSTACK-9204 Do not error when staticroute is already gone
Signed-off-by: Remi Bergsma <gi...@remi.nl>
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/b4ebfb64
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/b4ebfb64
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/b4ebfb64
Branch: refs/heads/master
Commit: b4ebfb640e4514e45190846965b4a6a77bb3ae8a
Parents: 317c28a 779f4b3
Author: Remi Bergsma <gi...@remi.nl>
Authored: Sat Jan 16 19:43:24 2016 +0100
Committer: Remi Bergsma <gi...@remi.nl>
Committed: Sat Jan 16 19:43:24 2016 +0100
----------------------------------------------------------------------
systemvm/patches/debian/config/opt/cloud/bin/cs_staticroutes.py | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
[08/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
[CORE] Add Force UDP Encapsulation option to Site2Site VPN
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/6da3bc12
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/6da3bc12
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/6da3bc12
Branch: refs/heads/master
Commit: 6da3bc123767874fcc58f85a0dd1b51b5c60a497
Parents: 3ee53d3
Author: Michael Andersen <ma...@schubergphilis.com>
Authored: Wed Dec 23 21:12:41 2015 +0100
Committer: Michael Andersen <ma...@schubergphilis.com>
Committed: Thu Jan 7 19:27:37 2016 +0100
----------------------------------------------------------------------
.../com/cloud/network/Site2SiteCustomerGateway.java | 2 ++
api/src/org/apache/cloudstack/api/ApiConstants.java | 3 ++-
.../user/vpn/CreateVpnCustomerGatewayCmd.java | 5 +++++
.../user/vpn/UpdateVpnCustomerGatewayCmd.java | 5 +++++
.../response/Site2SiteCustomerGatewayResponse.java | 6 ++++++
.../api/response/Site2SiteVpnConnectionResponse.java | 9 +++++++++
.../agent/api/routing/Site2SiteVpnCfgCommand.java | 12 +++++++++++-
.../facade/Site2SiteVpnConfigItem.java | 2 +-
.../resource/virtualnetwork/model/Site2SiteVpn.java | 13 +++++++++++--
.../network/dao/Site2SiteCustomerGatewayVO.java | 15 ++++++++++++++-
server/src/com/cloud/api/ApiResponseHelper.java | 3 ++-
.../com/cloud/network/router/CommandSetupHelper.java | 3 ++-
.../cloud/network/vpn/Site2SiteVpnManagerImpl.java | 13 ++++++++++++-
13 files changed, 82 insertions(+), 9 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6da3bc12/api/src/com/cloud/network/Site2SiteCustomerGateway.java
----------------------------------------------------------------------
diff --git a/api/src/com/cloud/network/Site2SiteCustomerGateway.java b/api/src/com/cloud/network/Site2SiteCustomerGateway.java
index 2de4ff2..f9a88bd 100644
--- a/api/src/com/cloud/network/Site2SiteCustomerGateway.java
+++ b/api/src/com/cloud/network/Site2SiteCustomerGateway.java
@@ -39,6 +39,8 @@ public interface Site2SiteCustomerGateway extends ControlledEntity, Identity, In
public Boolean getDpd();
+ public Boolean getEncap();
+
public Date getRemoved();
String getName();
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6da3bc12/api/src/org/apache/cloudstack/api/ApiConstants.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/ApiConstants.java b/api/src/org/apache/cloudstack/api/ApiConstants.java
index 742d2f4..934972c 100644
--- a/api/src/org/apache/cloudstack/api/ApiConstants.java
+++ b/api/src/org/apache/cloudstack/api/ApiConstants.java
@@ -492,6 +492,7 @@ public class ApiConstants {
public static final String IKE_LIFETIME = "ikelifetime";
public static final String ESP_LIFETIME = "esplifetime";
public static final String DPD = "dpd";
+ public static final String FORCE_ENCAP = "forceencap";
public static final String FOR_VPC = "forvpc";
public static final String SHRINK_OK = "shrinkok";
public static final String NICIRA_NVP_DEVICE_ID = "nvpdeviceid";
@@ -641,4 +642,4 @@ public class ApiConstants {
public enum VMDetails {
all, group, nics, stats, secgrp, tmpl, servoff, diskoff, iso, volume, min, affgrp;
}
-}
\ No newline at end of file
+}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6da3bc12/api/src/org/apache/cloudstack/api/command/user/vpn/CreateVpnCustomerGatewayCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/vpn/CreateVpnCustomerGatewayCmd.java b/api/src/org/apache/cloudstack/api/command/user/vpn/CreateVpnCustomerGatewayCmd.java
index 8bd0646..0fb496c 100644
--- a/api/src/org/apache/cloudstack/api/command/user/vpn/CreateVpnCustomerGatewayCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/vpn/CreateVpnCustomerGatewayCmd.java
@@ -75,6 +75,9 @@ public class CreateVpnCustomerGatewayCmd extends BaseAsyncCmd {
@Parameter(name = ApiConstants.DPD, type = CommandType.BOOLEAN, required = false, description = "If DPD is enabled for VPN connection")
private Boolean dpd;
+ @Parameter(name = ApiConstants.FORCE_ENCAP, type = CommandType.BOOLEAN, required = false, description = "Force Encapsulation for NAT traversal")
+ private Boolean encap;
+
@Parameter(name = ApiConstants.ACCOUNT, type = CommandType.STRING, description = "the account associated with the gateway. Must be used with the domainId parameter.")
private String accountName;
@@ -129,6 +132,8 @@ public class CreateVpnCustomerGatewayCmd extends BaseAsyncCmd {
return dpd;
}
+ public Boolean getEncap() { return encap; }
+
public String getAccountName() {
return accountName;
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6da3bc12/api/src/org/apache/cloudstack/api/command/user/vpn/UpdateVpnCustomerGatewayCmd.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/command/user/vpn/UpdateVpnCustomerGatewayCmd.java b/api/src/org/apache/cloudstack/api/command/user/vpn/UpdateVpnCustomerGatewayCmd.java
index ceb67d5..3b188b8 100644
--- a/api/src/org/apache/cloudstack/api/command/user/vpn/UpdateVpnCustomerGatewayCmd.java
+++ b/api/src/org/apache/cloudstack/api/command/user/vpn/UpdateVpnCustomerGatewayCmd.java
@@ -81,6 +81,9 @@ public class UpdateVpnCustomerGatewayCmd extends BaseAsyncCmd {
@Parameter(name = ApiConstants.DPD, type = CommandType.BOOLEAN, required = false, description = "If DPD is enabled for VPN connection")
private Boolean dpd;
+ @Parameter(name = ApiConstants.FORCE_ENCAP, type = CommandType.BOOLEAN, required = false, description = "Force encapsulation for Nat Traversal")
+ private Boolean encap;
+
@Parameter(name = ApiConstants.ACCOUNT, type = CommandType.STRING, description = "the account associated with the gateway. Must be used with the domainId parameter.")
private String accountName;
@@ -135,6 +138,8 @@ public class UpdateVpnCustomerGatewayCmd extends BaseAsyncCmd {
return dpd;
}
+ public Boolean getEncap() { return encap; }
+
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6da3bc12/api/src/org/apache/cloudstack/api/response/Site2SiteCustomerGatewayResponse.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/response/Site2SiteCustomerGatewayResponse.java b/api/src/org/apache/cloudstack/api/response/Site2SiteCustomerGatewayResponse.java
index 2bda8f9..232c3f2 100644
--- a/api/src/org/apache/cloudstack/api/response/Site2SiteCustomerGatewayResponse.java
+++ b/api/src/org/apache/cloudstack/api/response/Site2SiteCustomerGatewayResponse.java
@@ -74,6 +74,10 @@ public class Site2SiteCustomerGatewayResponse extends BaseResponse implements Co
@Param(description = "if DPD is enabled for customer gateway")
private Boolean dpd;
+ @SerializedName(ApiConstants.FORCE_ENCAP)
+ @Param(description = "if Force NAT Encapsulation is enabled for customer gateway")
+ private Boolean encap;
+
@SerializedName(ApiConstants.ACCOUNT)
@Param(description = "the owner")
private String accountName;
@@ -142,6 +146,8 @@ public class Site2SiteCustomerGatewayResponse extends BaseResponse implements Co
this.dpd = dpd;
}
+ public void setEncap(Boolean encap) { this.encap = encap; }
+
public void setRemoved(Date removed) {
this.removed = removed;
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6da3bc12/api/src/org/apache/cloudstack/api/response/Site2SiteVpnConnectionResponse.java
----------------------------------------------------------------------
diff --git a/api/src/org/apache/cloudstack/api/response/Site2SiteVpnConnectionResponse.java b/api/src/org/apache/cloudstack/api/response/Site2SiteVpnConnectionResponse.java
index c00a4d4..c5450a6 100644
--- a/api/src/org/apache/cloudstack/api/response/Site2SiteVpnConnectionResponse.java
+++ b/api/src/org/apache/cloudstack/api/response/Site2SiteVpnConnectionResponse.java
@@ -87,6 +87,11 @@ public class Site2SiteVpnConnectionResponse extends BaseResponse implements Cont
//from CustomerGateway
private Boolean dpd;
+ @SerializedName(ApiConstants.FORCE_ENCAP)
+ @Param(description = "if Force NAT Encapsulation is enabled for customer gateway")
+ //from CustomerGateway
+ private Boolean encap;
+
@SerializedName(ApiConstants.STATE)
@Param(description = "State of vpn connection")
private String state;
@@ -175,6 +180,10 @@ public class Site2SiteVpnConnectionResponse extends BaseResponse implements Cont
this.dpd = dpd;
}
+ public void setEncap(Boolean encap) {
+ this.encap = encap;
+ }
+
public void setState(String state) {
this.state = state;
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6da3bc12/core/src/com/cloud/agent/api/routing/Site2SiteVpnCfgCommand.java
----------------------------------------------------------------------
diff --git a/core/src/com/cloud/agent/api/routing/Site2SiteVpnCfgCommand.java b/core/src/com/cloud/agent/api/routing/Site2SiteVpnCfgCommand.java
index 68b3809..685cf40 100644
--- a/core/src/com/cloud/agent/api/routing/Site2SiteVpnCfgCommand.java
+++ b/core/src/com/cloud/agent/api/routing/Site2SiteVpnCfgCommand.java
@@ -34,6 +34,7 @@ public class Site2SiteVpnCfgCommand extends NetworkElementCommand {
private long espLifetime;
private boolean dpd;
private boolean passive;
+ private boolean encap;
@Override
public boolean executeInSequence() {
@@ -45,7 +46,7 @@ public class Site2SiteVpnCfgCommand extends NetworkElementCommand {
}
public Site2SiteVpnCfgCommand(boolean create, String localPublicIp, String localPublicGateway, String localGuestCidr, String peerGatewayIp, String peerGuestCidrList,
- String ikePolicy, String espPolicy, String ipsecPsk, Long ikeLifetime, Long espLifetime, Boolean dpd, boolean passive) {
+ String ikePolicy, String espPolicy, String ipsecPsk, Long ikeLifetime, Long espLifetime, Boolean dpd, boolean passive, boolean encap) {
this.create = create;
this.setLocalPublicIp(localPublicIp);
this.setLocalPublicGateway(localPublicGateway);
@@ -59,6 +60,7 @@ public class Site2SiteVpnCfgCommand extends NetworkElementCommand {
this.espLifetime = espLifetime;
this.dpd = dpd;
this.passive = passive;
+ this.encap = encap;
}
public boolean isCreate() {
@@ -117,6 +119,14 @@ public class Site2SiteVpnCfgCommand extends NetworkElementCommand {
this.dpd = dpd;
}
+ public Boolean getEncap() {
+ return encap;
+ }
+
+ public void setEncap(Boolean encap) {
+ this.encap = encap;
+ }
+
public String getLocalPublicIp() {
return localPublicIp;
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6da3bc12/core/src/com/cloud/agent/resource/virtualnetwork/facade/Site2SiteVpnConfigItem.java
----------------------------------------------------------------------
diff --git a/core/src/com/cloud/agent/resource/virtualnetwork/facade/Site2SiteVpnConfigItem.java b/core/src/com/cloud/agent/resource/virtualnetwork/facade/Site2SiteVpnConfigItem.java
index 6509b78..5bb466c 100644
--- a/core/src/com/cloud/agent/resource/virtualnetwork/facade/Site2SiteVpnConfigItem.java
+++ b/core/src/com/cloud/agent/resource/virtualnetwork/facade/Site2SiteVpnConfigItem.java
@@ -36,7 +36,7 @@ public class Site2SiteVpnConfigItem extends AbstractConfigItemFacade {
final Site2SiteVpn site2siteVpn = new Site2SiteVpn(command.getLocalPublicIp(), command.getLocalGuestCidr(), command.getLocalPublicGateway(), command.getPeerGatewayIp(),
command.getPeerGuestCidrList(), command.getEspPolicy(), command.getIkePolicy(), command.getIpsecPsk(), command.getIkeLifetime(), command.getEspLifetime(), command.isCreate(), command.getDpd(),
- command.isPassive());
+ command.isPassive(), command.getEncap());
return generateConfigItems(site2siteVpn);
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6da3bc12/core/src/com/cloud/agent/resource/virtualnetwork/model/Site2SiteVpn.java
----------------------------------------------------------------------
diff --git a/core/src/com/cloud/agent/resource/virtualnetwork/model/Site2SiteVpn.java b/core/src/com/cloud/agent/resource/virtualnetwork/model/Site2SiteVpn.java
index 63b04c5..232e99f 100644
--- a/core/src/com/cloud/agent/resource/virtualnetwork/model/Site2SiteVpn.java
+++ b/core/src/com/cloud/agent/resource/virtualnetwork/model/Site2SiteVpn.java
@@ -23,7 +23,7 @@ public class Site2SiteVpn extends ConfigBase {
private String localPublicIp, localGuestCidr, localPublicGateway, peerGatewayIp, peerGuestCidrList, espPolicy, ikePolicy, ipsecPsk;
private Long ikeLifetime, espLifetime;
- private boolean create, dpd, passive;
+ private boolean create, dpd, passive, encap;
public Site2SiteVpn() {
super(ConfigBase.SITE2SITEVPN);
@@ -31,7 +31,7 @@ public class Site2SiteVpn extends ConfigBase {
public Site2SiteVpn(String localPublicIp, String localGuestCidr, String localPublicGateway, String peerGatewayIp, String peerGuestCidrList, String espPolicy,
String ikePolicy,
- String ipsecPsk, Long ikeLifetime, Long espLifetime, boolean create, Boolean dpd, boolean passive) {
+ String ipsecPsk, Long ikeLifetime, Long espLifetime, boolean create, Boolean dpd, boolean passive, boolean encap) {
super(ConfigBase.SITE2SITEVPN);
this.localPublicIp = localPublicIp;
this.localGuestCidr = localGuestCidr;
@@ -46,6 +46,7 @@ public class Site2SiteVpn extends ConfigBase {
this.create = create;
this.dpd = dpd;
this.passive = passive;
+ this.encap = encap;
}
public String getLocalPublicIp() {
@@ -152,4 +153,12 @@ public class Site2SiteVpn extends ConfigBase {
this.passive = passive;
}
+ public boolean getEncap() {
+ return encap;
+ }
+
+ public void setEncap(boolean encap) {
+ this.encap = encap;
+ }
+
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6da3bc12/engine/schema/src/com/cloud/network/dao/Site2SiteCustomerGatewayVO.java
----------------------------------------------------------------------
diff --git a/engine/schema/src/com/cloud/network/dao/Site2SiteCustomerGatewayVO.java b/engine/schema/src/com/cloud/network/dao/Site2SiteCustomerGatewayVO.java
index 5bcf361..f1d3ef3 100644
--- a/engine/schema/src/com/cloud/network/dao/Site2SiteCustomerGatewayVO.java
+++ b/engine/schema/src/com/cloud/network/dao/Site2SiteCustomerGatewayVO.java
@@ -70,6 +70,9 @@ public class Site2SiteCustomerGatewayVO implements Site2SiteCustomerGateway {
@Column(name = "dpd")
private boolean dpd;
+ @Column(name = "force_encap")
+ private boolean encap;
+
@Column(name = "domain_id")
private Long domainId;
@@ -83,7 +86,7 @@ public class Site2SiteCustomerGatewayVO implements Site2SiteCustomerGateway {
}
public Site2SiteCustomerGatewayVO(String name, long accountId, long domainId, String gatewayIp, String guestCidrList, String ipsecPsk, String ikePolicy,
- String espPolicy, long ikeLifetime, long espLifetime, boolean dpd) {
+ String espPolicy, long ikeLifetime, long espLifetime, boolean dpd, boolean encap) {
this.name = name;
this.gatewayIp = gatewayIp;
this.guestCidrList = guestCidrList;
@@ -93,6 +96,7 @@ public class Site2SiteCustomerGatewayVO implements Site2SiteCustomerGateway {
this.ikeLifetime = ikeLifetime;
this.espLifetime = espLifetime;
this.dpd = dpd;
+ this.encap = encap;
uuid = UUID.randomUUID().toString();
this.accountId = accountId;
this.domainId = domainId;
@@ -194,6 +198,15 @@ public class Site2SiteCustomerGatewayVO implements Site2SiteCustomerGateway {
}
@Override
+ public Boolean getEncap() {
+ return encap;
+ }
+
+ public void setEncap(boolean encap) {
+ this.encap = encap;
+ }
+
+ @Override
public String getUuid() {
return uuid;
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6da3bc12/server/src/com/cloud/api/ApiResponseHelper.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/api/ApiResponseHelper.java b/server/src/com/cloud/api/ApiResponseHelper.java
index 5d691c6..c8eb5f4 100644
--- a/server/src/com/cloud/api/ApiResponseHelper.java
+++ b/server/src/com/cloud/api/ApiResponseHelper.java
@@ -3001,7 +3001,7 @@ public class ApiResponseHelper implements ResponseGenerator {
response.setIkeLifetime(result.getIkeLifetime());
response.setEspLifetime(result.getEspLifetime());
response.setDpd(result.getDpd());
-
+ response.setEncap(result.getEncap());
response.setRemoved(result.getRemoved());
response.setObjectName("vpncustomergateway");
@@ -3041,6 +3041,7 @@ public class ApiResponseHelper implements ResponseGenerator {
response.setIkeLifetime(customerGateway.getIkeLifetime());
response.setEspLifetime(customerGateway.getEspLifetime());
response.setDpd(customerGateway.getDpd());
+ response.setEncap(customerGateway.getEncap());
}
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6da3bc12/server/src/com/cloud/network/router/CommandSetupHelper.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/router/CommandSetupHelper.java b/server/src/com/cloud/network/router/CommandSetupHelper.java
index 925961d..04427ba 100644
--- a/server/src/com/cloud/network/router/CommandSetupHelper.java
+++ b/server/src/com/cloud/network/router/CommandSetupHelper.java
@@ -857,9 +857,10 @@ public class CommandSetupHelper {
final Long ikeLifetime = gw.getIkeLifetime();
final Long espLifetime = gw.getEspLifetime();
final Boolean dpd = gw.getDpd();
+ final Boolean encap = gw.getEncap();
final Site2SiteVpnCfgCommand cmd = new Site2SiteVpnCfgCommand(isCreate, localPublicIp, localPublicGateway, localGuestCidr, peerGatewayIp, peerGuestCidrList, ikePolicy,
- espPolicy, ipsecPsk, ikeLifetime, espLifetime, dpd, conn.isPassive());
+ espPolicy, ipsecPsk, ikeLifetime, espLifetime, dpd, conn.isPassive(), encap);
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6da3bc12/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java b/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
index deebc6d..3746526 100644
--- a/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
+++ b/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java
@@ -218,6 +218,11 @@ public class Site2SiteVpnManagerImpl extends ManagerBase implements Site2SiteVpn
dpd = false;
}
+ Boolean encap = cmd.getEncap();
+ if (encap == null) {
+ encap = false;
+ }
+
long accountId = owner.getAccountId();
if (_customerGatewayDao.findByGatewayIpAndAccountId(gatewayIp, accountId) != null) {
throw new InvalidParameterValueException("The customer gateway with ip " + gatewayIp + " already existed in the system!");
@@ -229,7 +234,7 @@ public class Site2SiteVpnManagerImpl extends ManagerBase implements Site2SiteVpn
checkCustomerGatewayCidrList(peerCidrList);
Site2SiteCustomerGatewayVO gw =
- new Site2SiteCustomerGatewayVO(name, accountId, owner.getDomainId(), gatewayIp, peerCidrList, ipsecPsk, ikePolicy, espPolicy, ikeLifetime, espLifetime, dpd);
+ new Site2SiteCustomerGatewayVO(name, accountId, owner.getDomainId(), gatewayIp, peerCidrList, ipsecPsk, ikePolicy, espPolicy, ikeLifetime, espLifetime, dpd, encap);
_customerGatewayDao.persist(gw);
return gw;
}
@@ -467,6 +472,11 @@ public class Site2SiteVpnManagerImpl extends ManagerBase implements Site2SiteVpn
dpd = false;
}
+ Boolean encap = cmd.getEncap();
+ if (encap == null) {
+ encap = false;
+ }
+
checkCustomerGatewayCidrList(guestCidrList);
long accountId = gw.getAccountId();
@@ -488,6 +498,7 @@ public class Site2SiteVpnManagerImpl extends ManagerBase implements Site2SiteVpn
gw.setIkeLifetime(ikeLifetime);
gw.setEspLifetime(espLifetime);
gw.setDpd(dpd);
+ gw.setEncap(encap);
_customerGatewayDao.persist(gw);
return gw;
}
[06/28] git commit: updated refs/heads/master to 75b68c6
Posted by re...@apache.org.
CLOUDSTACK-9192: UpdateVpnCustomerGateway is failing
The response name was wrong so corrected it.
Added the error function.
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/116b2b69
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/116b2b69
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/116b2b69
Branch: refs/heads/master
Commit: 116b2b691ffe73037165507144e7dd7eee150623
Parents: d681574
Author: Nitin Kumar Maharana <ni...@gmail.com>
Authored: Mon Dec 21 16:04:17 2015 +0530
Committer: Nitin Kumar Maharana <ni...@gmail.com>
Committed: Wed Jan 6 23:49:41 2016 +0530
----------------------------------------------------------------------
ui/scripts/network.js | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/116b2b69/ui/scripts/network.js
----------------------------------------------------------------------
diff --git a/ui/scripts/network.js b/ui/scripts/network.js
index 2831aa0..393f440 100755
--- a/ui/scripts/network.js
+++ b/ui/scripts/network.js
@@ -6219,7 +6219,7 @@
url: createURL('updateVpnCustomerGateway'),
data: data,
success: function(json) {
- var jobId = json.updatecustomergatewayresponse.jobid;
+ var jobId = json.updatevpncustomergatewayresponse.jobid;
args.response.success({
_custom: {
jobId: jobId,
@@ -6231,6 +6231,9 @@
}
}
});
+ },
+ error: function(json) {
+ args.response.error(parseXMLHttpResponse(json));
}
});
},