Re: Review Request 25685: Fixed the test_usage.py script bug - CLOUDSTACK-7555

2014-09-25 Thread SrikanteswaraRao Talluri 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/25685/#review54520
---

Ship it!


f3252db797a6d53a1922a60b29cd6b4914de7d51 master

- SrikanteswaraRao Talluri


On Sept. 16, 2014, 6:46 a.m., Chandan Purushothama wrote:
 
 ---
 This is an automatically generated e-mail. To reply, visit:
 https://reviews.apache.org/r/25685/
 ---
 
 (Updated Sept. 16, 2014, 6:46 a.m.)
 
 
 Review request for cloudstack, sangeetha hariharan, sanjeev n, and 
 SrikanteswaraRao Talluri.
 
 
 Bugs: CLOUDSTACK-7555
 https://issues.apache.org/jira/browse/CLOUDSTACK-7555
 
 
 Repository: cloudstack-git
 
 
 Description
 ---
 
 
 TestTemplateUsage.test_01_template_usage fails with the following error 
 message  Stack Trace
 
 Stacktrace
 
   File /usr/lib/python2.7/unittest/case.py, line 332, in run
 testMethod()
   File /root/cloudstack/test/integration/component/test_usage.py, line 802, 
 in test_01_template_usage
 Check TEMPLATE.CREATE event in events table
   File /usr/lib/python2.7/unittest/case.py, line 516, in assertEqual
 assertion_func(first, second, msg=msg)
   File /usr/lib/python2.7/unittest/case.py, line 509, in _baseAssertEqual
 raise self.failureException(msg)
 'Check TEMPLATE.CREATE event in events table\n
 
 This is because the Template is being created as admin and it belongs to the 
 admin account. The template should belong to the Regular User in order to 
 check for the TEMPLATE.CREATE Event.
 
 Fixed the script such that the Template now belongs to the regular account.
 
 
 Diffs
 -
 
   test/integration/component/test_usage.py e99bb81 
 
 Diff: https://reviews.apache.org/r/25685/diff/
 
 
 Testing
 ---
 
 No testing is done.
 
 
 Thanks,
 
 Chandan Purushothama

Review Request 26023: CLOUDSTACK-7603: Fixed test_escalations_network.py - test suite should use its own vpc offering

2014-09-25 Thread Gaurav Aradhye 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/26023/
---

Review request for cloudstack, Santhosh Edukulla and SrikanteswaraRao Talluri.


Bugs: CLOUDSTACK-7603
https://issues.apache.org/jira/browse/CLOUDSTACK-7603


Repository: cloudstack-git


Description
---

Few test cases in test suite test_escalations_network.py were using VPC 
offering already present in the setup to create the VPC. They should create 
their own VPC offering and remove it after the run has completed.

Changes:
1. Create VPC offering in setUpClass and used it in test cases.
2. Removed import *
3. Fixed pep8 issues


Diffs
-

  test/integration/component/test_escalations_networks.py 5fad43a 

Diff: https://reviews.apache.org/r/26023/diff/


Testing
---

Yes.

One test case failed due to site to site VPN issue, it is already being tracked 
under different Bug.

Log:
@Desc: Test List Networks pagination ... === TestName: 
test_01_list_networks_pagination | Status : SUCCESS ===
ok
@Desc: Test create network if supported services doesn't have sourcenat ... === 
TestName: test_02_create_network_without_sourcenat | Status : SUCCESS ===
ok
@Desc: Test create vpc with network domain as parameter ... === TestName: 
test_03_list_vpc_pagination | Status : SUCCESS ===
ok
@Desc: Test create vpc with network domain as parameter ... === TestName: 
test_04_create_vpc_with_networkdomain | Status : SUCCESS ===
ok
@Desc: Test list network offerings for vpc true and false parameters ... === 
TestName: test_05_list_network_offerings_with_and_without_vpc | Status : 
SUCCESS ===
ok
@Desc: Test create network in vpc and verify VPC name ... === TestName: 
test_06_create_network_in_vpc | Status : SUCCESS ===
ok
@Desc: Test delete network ... === TestName: test_07_create_delete_network | 
Status : SUCCESS ===
ok
@Desc: Test update network ... === TestName: test_08_update_network | Status : 
SUCCESS ===
ok
@Desc: Test update network ... === TestName: 
test_09_list_virtual_machines_single_network | Status : SUCCESS ===
ok
@Desc: Test list networks in vpc and verify VPC name ... === TestName: 
test_10_list_networks_in_vpc | Status : SUCCESS ===
ok
@Desc: Test create vpc with network domain as parameter ... === TestName: 
test_11_update_vpc | Status : SUCCESS ===
ok
@Desc: Test create network in vpc and verify VPC name ... === TestName: 
test_12_list_create_delete_networkACL | Status : SUCCESS ===
ok
@summary: Test List VPC with Id ... === TestName: test_13_list_vpc_byid | 
Status : SUCCESS ===
ok
@summary: Test List Public IPAddress with associatednetworkid ... === TestName: 
test_14_list_public_ipadress_by_associated_networkid | Status : SUCCESS ===
ok
@summary: Test List PrivateGateway by vpcid ... === TestName: 
test_15_list_privategateway_byvpcid | Status : SUCCESS ===
ok
@summary: Test Create List Delete Egress Firewall Rule by Network ID ... === 
TestName: test_16_create_list_delete_egressfirewallrule_bynetworkid | Status : 
SUCCESS ===
ok
@summary: Test to restart VPC ... === TestName: test_17_restart_vpc | Status : 
SUCCESS ===
ok
@Desc: Test to Create and list Vpn Gateway by VPCid ... === TestName: 
test_18_create_list_vpn_gateway | Status : SUCCESS ===
ok
@Desc: Test to List Create Reset and Delete VPN Customer ... === TestName: 
test_19_create_list_reset_delete_vpnconnections | Status : EXCEPTION ===
ERROR
@summary: Test List Capabilities ... === TestName: test_20_list_capabilities | 
Status : SUCCESS ===
ok
@summary: Test to list Networkacllists by private gateway aclid ... === 
TestName: test_21_listNetworkacls_by_privategateway_aclid | Status : SUCCESS ===
ok


Thanks,

Gaurav Aradhye

Re: 4.5 build failing inconsistently while executing SAMLUtilsTest

2014-09-25 Thread Rohit Yadav 
Can you share the log where it would actually fail while executing 
SAMLUtilsTest? The JIRA issue you shared has failure in: 
com.cloud.utils.backoff.impl.ConstantTimeBackoffTest

On 25-Sep-2014, at 12:36 am, Rayees Namathponnan 
rayees.namathpon...@citrix.com wrote:
 Hi All.

 4.5 build failing inconsistently while running SAMLUtilsTest,  if we re-run 
 the build it works fine, anyone observed this

 Defect https://issues.apache.org/jira/browse/CLOUDSTACK-7626 created for this.

 Regards,
 Rayees

Regards,
Rohit Yadav
Software Architect, ShapeBlue
M. +41 779015219 | rohit.ya...@shapeblue.com
Blog: bhaisaab.org | Twitter: @_bhaisaab



Find out more about ShapeBlue and our range of CloudStack related services

IaaS Cloud Design  Buildhttp://shapeblue.com/iaas-cloud-design-and-build//
CSForge – rapid IaaS deployment frameworkhttp://shapeblue.com/csforge/
CloudStack Consultinghttp://shapeblue.com/cloudstack-consultancy/
CloudStack Infrastructure 
Supporthttp://shapeblue.com/cloudstack-infrastructure-support/
CloudStack Bootcamp Training Courseshttp://shapeblue.com/cloudstack-training/

This email and any attachments to it may be confidential and are intended 
solely for the use of the individual to whom it is addressed. Any views or 
opinions expressed are solely those of the author and do not necessarily 
represent those of Shape Blue Ltd or related companies. If you are not the 
intended recipient of this email, you must neither take any action based upon 
its contents, nor copy or show it to anyone. Please contact the sender if you 
believe you have received this email in error. Shape Blue Ltd is a company 
incorporated in England  Wales. ShapeBlue Services India LLP is a company 
incorporated in India and is operated under license from Shape Blue Ltd. Shape 
Blue Brasil Consultoria Ltda is a company incorporated in Brasil and is 
operated under license from Shape Blue Ltd. ShapeBlue SA Pty Ltd is a company 
registered by The Republic of South Africa and is traded under license from 
Shape Blue Ltd. ShapeBlue is a registered trademark.

Review Request 26025: CLOUDSTACK-7616: Fixed test_escalations_ipaddress.py - test suite should use its own vpc offering

2014-09-25 Thread Gaurav Aradhye 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/26025/
---

Review request for cloudstack, Santhosh Edukulla and SrikanteswaraRao Talluri.


Bugs: CLOUDSTACK-7616
https://issues.apache.org/jira/browse/CLOUDSTACK-7616


Repository: cloudstack-git


Description
---

Few test cases in test suite test_escalations_ipaddresses.py were using VPC 
offering already present in the setup to create the VPC. They should create 
their own VPC offering and remove it after the run has completed.

Changes:
1. Created VPC offering in setUpClass and used it in the test cases.
2. Fixed pep8 issues


Diffs
-

  test/integration/component/test_escalations_ipaddresses.py 00aacbf 

Diff: https://reviews.apache.org/r/26025/diff/


Testing
---

Yes.

Log:
@summary: Test List IP Addresses pagination ... === TestName: 
test_01_list_ipaddresses_pagination | Status : SUCCESS ===
ok
@summary: Test List IP Addresses details by ID ... === TestName: 
test_02_list_ipaddresses_byid | Status : SUCCESS ===
ok
@summary: Test to Associate IP Address for VPC ... === TestName: 
test_03_associate_ipaddress_for_vpc | Status : SUCCESS ===
ok
@summary: Test to list, create and delete Load Balancer Rule ... === TestName: 
test_04_create_delete_lbrule_fornonvpc | Status : SUCCESS ===
ok
@summary: Test to list, create and delete Load Balancer Rule for IP ... === 
TestName: test_05_create_delete_lbrule_forvpc | Status : SUCCESS ===
ok
@summary: Test to Update Load Balancer Rule Name for ... === TestName: 
test_06_update_lbrule_name | Status : SUCCESS ===
ok
@summary: Test to Assign and Remove Load Balancer Rule to an Instance ... === 
TestName: test_07_assign_remove_lbrule_toinstance | Status : SUCCESS ===
ok
@summary: Test to List, Create, Delete Load Balancer Stickyness Policy ... === 
TestName: test_08_list_create_delete_lbsticky_policy | Status : SUCCESS ===
ok
@summary: Test to list, create and delete Port Forwarding for ... === TestName: 
test_09_create_delete_portforwarding_fornonvpc | Status : SUCCESS ===
ok
@summary: Test to list, create and delete Port Forwarding Rule ... === 
TestName: test_10_create_delete_portforwarding_forvpc | Status : SUCCESS ===
ok
@summary: Test to list, create and delete Firewall Rule for ... === TestName: 
test_11_create_delete_firewallrule | Status : SUCCESS ===
ok
@summary: Test to list, create and delete Remote Access VPNs ... === TestName: 
test_12_create_delete_remoteaccessvpn | Status : SUCCESS ===
ok
@summary: Test to list, add and remove VPN Users ... === TestName: 
test_13_add_remove_vpnusers | Status : SUCCESS ===
ok
@summary: Test to Enable and Disable StaticNat for ... === TestName: 
test_14_enable_disable_staticnat_fornonvpc | Status : SUCCESS ===
ok
@summary: Test to Enable and Disable StaticNat for ... === TestName: 
test_15_enable_disable_staticnat_forvpc | Status : SUCCESS ===
ok
@summary: Test to list, create and ... === TestName: 
test_16_create_delete_ipforwardingrule | Status : SUCCESS ===
ok
@summary: Test to list, create and update Autoscale Policy ... SKIP: ScaleVM is 
not supported on KVM. Hence, skipping the test
@summary: Test to list, create and update Autoscale VM Profiles ... SKIP: 
ScaleVM is not supported on KVM. Hence, skipping the test
@summary: Test to list, create, update, enable,disable 
Autoscale VM Profiles ... SKIP: ScaleVM is not supported on KVM. Hence, 
skipping the test

--
Ran 19 tests in 2700.975s

OK (SKIP=3)


Thanks,

Gaurav Aradhye

RE: Regarding commit 7f440854f7bcd41a1bd6581c0239cde2e98261b7

2014-09-25 Thread Devdeep Singh 
Yes, I have made a similar fix and committed the changes.

Regards,
Devdeep

 -Original Message-
 From: Daan Hoogland [mailto:daan.hoogl...@gmail.com]
 Sent: Thursday, September 25, 2014 1:05 AM
 To: Devdeep Singh
 Cc: dev@cloudstack.apache.org
 Subject: Re: Regarding commit
 7f440854f7bcd41a1bd6581c0239cde2e98261b7
 
 Devdeep,
 
 Guess I made a booboo. It should have read like this , agree?
 
 cmd = resource.getCurrentStatus(_id);
 while ( cmd == null  ++retried 
 _HostPingRetryCount.value())
 {
 cmd = resource.getCurrentStatus(_id);
 Thread.sleep(1000*_HostPingRetryTimer.value());
 }
 
 
 On Wed, Sep 24, 2014 at 4:22 PM, Devdeep Singh
 devdeep.si...@citrix.com
 wrote:
 
  Hi Daan,
 
  I am looking into bug [1] which reports that the vmsync functionality
  is broken on master. If a vm deployed by cloudstack is stopped
  directly on the hypervisor, its state is not updated in cloudstack. I
  see that in commit 7f440854f7bcd41a1bd6581c0239cde2e98261b7, a
 change
  was made to retry retrieving the resource status (PingCommand) to deal
 with network glitches.
  However, there is an issue with the commit and it has caused a
  regression with the vmsync functionality. Now, by default, the
  PingTask is not checking for the status of the resource. This breaks
  vmsync for all direct connected agents, which includes xenserver, hyper-v
 etc.
 
  I'll be submitting a fix for this issue. Do let me know if you have
  any concerns with it.
 
  [1] https://issues.apache.org/jira/browse/CLOUDSTACK-7598
 
  Regards,
  Devdeep
 
 
 
 
 --
 Daan

Re: SystemVM file name changes

2014-09-25 Thread Ian Duffy 
 Did this. Next builds _should_ be back to their old urls.

Great! Thanks Leo. :)

On 25 September 2014 00:04, Leo Simons lsim...@schubergphilis.com wrote:

 On Sep 24, 2014, at 5:33 PM, Ian Duffy i...@ianduffy.ie wrote:
  Aren’t they published to S3 somewhere? It’d probably be better if users
  fetch systemvms from S3……
 
  Both not a clue what the S3 urls are though.

 Based on

 http://mail-archives.apache.org/mod_mbox/cloudstack-dev/201402.mbox/%3c3f6b7b36-32a2-4f11-aeff-36a400d67...@gmail.com%3E

 It ought to be

 https://s3.amazonaws.com/systemvm-templates.cloudstack.org/master/32/systemvmtemplate-master-xen.vhd.bz2

 https://s3.amazonaws.com/systemvm-templates.cloudstack.org/master/64/systemvm64template-master-xen.vhd.bz2

 and so forth but I’m getting permission denied. Hugo, any idea?

  Isn't this what we use /etc/cloudstack-release for?
  You could include extra information in there if you wish, version,
  branch,
  git sha1, etc. which would give great traceability.
 
  Sounds like a plan. I’ll see about submitting a patch tonight. The issue
  is that /etc/cloudstack-release is parsed in a location or two (I forget
  the details) so it kind-of has to match existing regexes.

 Grmbl is all I have to say.

  In the meantime...
   export BUILD_NUMBER=
  at the right place in the relevant build job should fix the immediate
  issue...

 Did this. Next builds _should_ be back to their old urls.


 g’night!


 Leo

Re: conf values for 4.4 from master

2014-09-25 Thread Daan Hoogland 
ok, I see in master these two lines are in a different place. I missed them
completely.

On Wed, Sep 24, 2014 at 10:40 PM, Sheng Yang sh...@yasker.org wrote:

 Sorry I don't understand why you cannot find them in 4.4. As I pointed out
 before, here are the two lines in 4.4 release, in schema-430to440.sql.


 https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=blob;f=setup/db/db/schema-430to440.sql;h=cd4ba3603f2d1ff67d973afef8caf9be005a4965;hb=c9672d8b5710e597bca3a81a7b06dc90c7f5b1f7#l1660
 INSERT INTO `cloud`.`configuration`(category, instance, component,
 name, value, description, default_value) VALUES ('Advanced',
 'DEFAULT', 'NetworkOrchestrationService',
 'router.redundant.vrrp.interval', '1', 'seconds between VRRP
 broadcast. It would 3 times broadcast fail to trigger fail-over
 mechanism of redundant router', '1') ON DUPLICATE KEY UPDATE
 category='Advanced';


 https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;a=blob;f=setup/db/db/schema-430to440.sql;h=cd4ba3603f2d1ff67d973afef8caf9be005a4965;hb=c9672d8b5710e597bca3a81a7b06dc90c7f5b1f7#l1670
 INSERT INTO `cloud`.`configuration`(category, instance, component,
 name, value, description, default_value) VALUES ('Advanced',
 'DEFAULT', 'NetworkOrchestrationService',
 'router.aggregation.command.each.timeout', '3', 'timeout in seconds
 for each Virtual Router command being aggregated. The final
 aggregation command timeout would be determined by this timeout *
 commands counts ', '3') ON DUPLICATE KEY UPDATE category='Advanced';

 --Sheng

 On Wed, Sep 24, 2014 at 3:16 AM, Daan Hoogland daan.hoogl...@gmail.com
 wrote:

  On Tue, Sep 23, 2014 at 8:13 PM, Sheng Yang sh...@yasker.org wrote:
 
   Hi Daan,
  
   These are already added for 4.4's schema-430to440.sql (and your second
  mail
   is the same as the first case of first mail...)
  
  ​The last line is no issue indeed. the lines 797 and 798 from master are
  not in the 4.4 branch:
 
  INSERT INTO `cloud`.`configuration`(category, instance, component, name,
  value, description, default_value) VALUES ('Advanced', 'DEFAULT',
  'NetworkOrchestrationService', 'router.redundant.vrrp.interval', '1',
  'seconds between VRRP broadcast. It would 3 times broadcast fail to
 trigger
  fail-over mechanism of redundant router', '1') ON DUPLICATE KEY UPDATE
  category='Advanced';
  INSERT INTO `cloud`.`configuration`(category, instance, component, name,
  value, description, default_value) VALUES ('Advanced', 'DEFAULT',
  'NetworkOrchestrationService', 'router.aggregation.command.each.timeout',
  '3', 'timeout in seconds for each Virtual Router command being
 aggregated.
  The final aggregation command timeout would be determined by this
 timeout *
  commands counts ', '3') ON DUPLICATE KEY UPDATE category='Advanced';
  ​
 
 
these two lines where added by you to the file schema-430to440.sql in
master but not in 4.4
 
  --
  Daan
 




-- 
Daan

Re: Regarding commit 7f440854f7bcd41a1bd6581c0239cde2e98261b7

2014-09-25 Thread Daan Hoogland 
thanks

On Thu, Sep 25, 2014 at 10:08 AM, Devdeep Singh devdeep.si...@citrix.com
wrote:

 Yes, I have made a similar fix and committed the changes.

 Regards,
 Devdeep

  -Original Message-
  From: Daan Hoogland [mailto:daan.hoogl...@gmail.com]
  Sent: Thursday, September 25, 2014 1:05 AM
  To: Devdeep Singh
  Cc: dev@cloudstack.apache.org
  Subject: Re: Regarding commit
  7f440854f7bcd41a1bd6581c0239cde2e98261b7
 
  Devdeep,
 
  Guess I made a booboo. It should have read like this , agree?
 
  cmd = resource.getCurrentStatus(_id);
  while ( cmd == null  ++retried 
  _HostPingRetryCount.value())
  {
  cmd = resource.getCurrentStatus(_id);
  Thread.sleep(1000*_HostPingRetryTimer.value());
  }
 
 
  On Wed, Sep 24, 2014 at 4:22 PM, Devdeep Singh
  devdeep.si...@citrix.com
  wrote:
 
   Hi Daan,
  
   I am looking into bug [1] which reports that the vmsync functionality
   is broken on master. If a vm deployed by cloudstack is stopped
   directly on the hypervisor, its state is not updated in cloudstack. I
   see that in commit 7f440854f7bcd41a1bd6581c0239cde2e98261b7, a
  change
   was made to retry retrieving the resource status (PingCommand) to deal
  with network glitches.
   However, there is an issue with the commit and it has caused a
   regression with the vmsync functionality. Now, by default, the
   PingTask is not checking for the status of the resource. This breaks
   vmsync for all direct connected agents, which includes xenserver,
 hyper-v
  etc.
  
   I'll be submitting a fix for this issue. Do let me know if you have
   any concerns with it.
  
   [1] https://issues.apache.org/jira/browse/CLOUDSTACK-7598
  
   Regards,
   Devdeep
  
 
 
 
  --
  Daan




-- 
Daan

Review Request 26030: CLOUDSTACK-7617: test_custom_hostnames.py - Removed hard coded VM names and skipped test cases according to the hypervisor support

2014-09-25 Thread Gaurav Aradhye 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/26030/
---

Review request for cloudstack, Santhosh Edukulla and SrikanteswaraRao Talluri.


Bugs: master
https://issues.apache.org/jira/browse/master


Repository: cloudstack-git


Description
---

The instance.name configuration value is effective only on VMware hypervisor. 
Hence test cases which reads the value should be skipped on other hypervisors.

Changes:
1. Replaced hard coded VM names with random strings to avoid deploying VMs with 
same names.
2. Skipped the test cases according to hypervisor support
3. Fixed pep8 issues


Diffs
-

  test/integration/component/test_custom_hostname.py 9d9008a 

Diff: https://reviews.apache.org/r/26030/diff/


Testing
---

Yes. Tested on KVM and VMware.
On Vmware, one test case failed with Exceptio not raised, this is a different 
issue and not addressed in this patch.

Log:
Verify custom hostname for the instance when ... === TestName: 
test_01_custom_hostname_instancename_false | Status : SUCCESS ===
ok
Verify user provided hostname to an instance ... SKIP: vm.instancename.flag 
should be true. skipping
Verify for globally set instancename ... SKIP: vm.instancename.flag should be 
true. skipping
Test the duplicate name when old VM is in non-expunged state ... SKIP: 
vm.instancename.flag should be true. skipping
Test Edit the Display name Through the UI. ... === TestName: 
test_04_edit_display_name | Status : SUCCESS ===
ok
Test Unsupported chars in the display name ... === TestName: 
test_05_unsupported_chars_in_display_name | Status : FAILED ===
FAIL
Test the instance  name with hyphens ... SKIP: vm.instancename.flag should be 
true. skipping
@Desc: Test whether cloudstack allows duplicate vm instance ... SKIP: 
vm.instancename.flag should be true. skipping

==
FAIL: Test Unsupported chars in the display name
--
Traceback (most recent call last):
  File /root/test/test_custom_hostname.py, line 773, in 
test_05_unsupported_chars_in_display_name
serviceofferingid=self.service_offering.id,
AssertionError: Exception not raised
  begin captured stdout  -
=== TestName: test_05_unsupported_chars_in_display_name | Status : FAILED ===

--
Ran 8 tests in 627.421s

FAILED (SKIP=5, failures=1)


Thanks,

Gaurav Aradhye

Re: Urgent. Importing certificate to CS 4.3.1 using GUI

2014-09-25 Thread France 
Tnx Amogh,

i have checked management-server.log and no new entries or errors regarding 
certificate operation are written at the time when i get Failed to update SSL 
Certificate. error message. I tried it a couple of times. I also used 
somedomain.tld in the GUI. Certificate is for *.somedomain.tld.
I will go thru whole create CA and certificate process again and retry.
There must be some simple mistake in my process somewhere. Lack of errors in 
logs, is also strange. :-/

Regards,
F.

On 24 Sep 2014, at 21:10, Amogh Vasekar amogh.vase...@citrix.com wrote:

 Hi,
 
 Couple of things :
 
 1. The error will be logged to the cloudstack management server log file
 (management-server.log) and would really help to know what it is.
 2. While uploading the certificate, the domain_suffix should be
 somedomain.tld and not *.somedomain.tld (the asterisk is only for global
 config so that cloudstack can distinguish between HTTP and HTTPS modes)
 
 Thanks
 Amogh
 
 On 9/24/14 7:40 AM, France mailingli...@isg.si wrote:
 
 Hi guys,
 
 i want to migrate away from realhostip.com. I have set up DNS service in
 no time, but am having problems importing certificates to ACS 3.4.1.
 
 I created my own CA like this:
 
 cd /etc/pki/CA
 touch index.txt
 echo 1000  serial
 openssl genrsa -aes256 -out /etc/pki/CA/private/ca.key.pem 4096
 chmod 400 /etc/pki/CA/private/ca.key.pem
 nano -w /etc/pki/tls/openssl.cnf
 openssl req -new -x509 -days 63650 -key /etc/pki/CA/private/ca.key.pem
 -sha256 -extensions v3_ca -out /etc/pki/CA/certs/ca.cert.pem
 
 
 Signed my own keys and converted them to pkcs8 format like this:
 
 cd /etc/pki/CA
 openssl genrsa -out private/vse.somedomain.tld.key.pem 4096
 chmod 400 private/vse.somedomain.tld.key.pem
 openssl req -sha256 -new -key private/vse.somedomain.tld.key.pem  -out
 certs/vse.somedomain.tld.csr.pem
 openssl ca -keyfile private/ca.key.pem -cert certs/ca.cert.pem
 -extensions usr_cert -notext -md sha256 -days 63649 -in
 certs/vse.somedomain.tld.csr.pem -out certs/vse.somedomain.tld.cert.pem
 openssl pkcs8 -topk8 -in private/vse.somedomain.tld.key.pem -out
 private/vse.somedomain.tld.key.encrypted.pkcs8
 openssl pkcs8 -in private/vse.somedomain.tld.key.encrypted.pkcs8 -out
 private/vse.somedomain.tld.key.pkcs8
 chmod 400 private/vse.somedomain.tld.key.encrypted.pkcs8
 chmod 400 private/vse.somedomain.tld.key.pkcs8
 
 
 
 But when trying to import it via GUI: infrastructure - SSL Certificate:
 Certificate from vse.somedomain.tld.cert.pem
 PKCS8 from private/vse.somedomain.tld.key.pkcs8
 DNS domain suffix to: *.somedomain.tld
 
 But it fails with:
 Failed to update SSL Certificate.
 
 Please help me upload the new certificate.
 Catalina.out shows no error. I have no idea what else to check.
 
 Thank you.
 F.

Build failed in Jenkins: simulator-singlerun #445

2014-09-25 Thread jenkins 
See http://jenkins.buildacloud.org/job/simulator-singlerun/445/

--
[...truncated 8848 lines...]
[INFO] Apache CloudStack Developer Mode .. SUCCESS [3.947s]
[INFO] Apache CloudStack Developer Tools . SUCCESS [3.175s]
[INFO] Apache CloudStack apidocs . SUCCESS [2:43.878s]
[INFO] Apache CloudStack marvin .. SUCCESS [22.737s]
[INFO] Apache CloudStack DevCloud  SUCCESS [5.190s]
[INFO] Apache CloudStack DevCloud-KVM  SUCCESS [1.876s]
[INFO] 
[INFO] BUILD SUCCESS
[INFO] 
[INFO] Total time: 12:34.737s (Wall Clock)
[INFO] Finished at: Thu Sep 25 08:06:33 EDT 2014
[INFO] Final Memory: 82M/408M
[INFO] 
[simulator-singlerun] $ mvn -P developer,simulator -Ddeploydb -pl developer
[INFO] Scanning for projects...
[INFO] 
[INFO] 
[INFO] Building Apache CloudStack Developer Mode 4.5.0-SNAPSHOT
[INFO] 
[INFO] 
[INFO] --- maven-checkstyle-plugin:2.11:check (cloudstack-checkstyle) @ 
cloud-developer ---
[INFO] Starting audit...
Audit done.

[INFO] 
[INFO] --- properties-maven-plugin:1.0-alpha-2:read-project-properties 
(default) @ cloud-developer ---
[WARNING] Ignoring missing properties file: 
http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/../utils/conf/db.properties.override
[INFO] 
[INFO] --- maven-remote-resources-plugin:1.3:process (default) @ 
cloud-developer ---
[INFO] 
[INFO] --- maven-antrun-plugin:1.7:run (default) @ cloud-developer ---
[INFO] Executing tasks

main:
[INFO] Executed tasks
[INFO] 
[INFO]  exec-maven-plugin:1.2.1:java (create-schema) @ cloud-developer 
[INFO] 
[INFO] --- maven-checkstyle-plugin:2.11:check (cloudstack-checkstyle) @ 
cloud-developer ---
[INFO] Starting audit...
Audit done.

[INFO] 
[INFO]  exec-maven-plugin:1.2.1:java (create-schema) @ cloud-developer 
[INFO] 
[INFO] --- exec-maven-plugin:1.2.1:java (create-schema) @ cloud-developer ---
log4j:WARN No appenders could be found for logger 
(org.springframework.core.env.StandardEnvironment).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more 
info.
 WARNING: Provided file does not exist: 
http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/../utils/conf/db.properties.override
 WARNING: Provided file does not exist: 
http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/developer-prefill.sql.override
 Initializing database=cloud with host=localhost port=3306 
username=cloud password=cloud
 Running query: drop database if exists `cloud`
 Running query: create database `cloud`
 Running query: GRANT ALL ON cloud.* to 'cloud'@`localhost` 
identified by 'cloud'
 Running query: GRANT ALL ON cloud.* to 'cloud'@`%` identified by 
'cloud'
 Initializing database=cloud_usage with host=localhost port=3306 
username=cloud password=cloud
 Running query: drop database if exists `cloud_usage`
 Running query: create database `cloud_usage`
 Running query: GRANT ALL ON cloud_usage.* to 'cloud'@`localhost` 
identified by 'cloud'
 Running query: GRANT ALL ON cloud_usage.* to 'cloud'@`%` 
identified by 'cloud'
 Initializing database=cloudbridge with host=localhost port=3306 
username=cloud password=cloud
 Running query: drop database if exists `cloudbridge`
 Running query: create database `cloudbridge`
 Running query: GRANT ALL ON cloudbridge.* to 'cloud'@`localhost` 
identified by 'cloud'
 Running query: GRANT ALL ON cloudbridge.* to 'cloud'@`%` 
identified by 'cloud'
 Processing SQL file at 
http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/target/db/create-schema.sql
 Processing SQL file at 
http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/target/db/create-schema-premium.sql
 Processing SQL file at 
http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/target/db/templates.sql
 Processing SQL file at 
http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/target/db/cloudbridge_schema.sql
 Processing SQL file at 
http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/target/db/cloudbridge_multipart.sql
 Processing SQL file at 
http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/target/db/cloudbridge_index.sql

Re: Urgent. Importing certificate to CS 4.3.1 using GUI

2014-09-25 Thread France 
I have created new key and csr. Signed it, converted key to pkcs8 format 
without encryption and added in ACS GUI with *.domain.tld and again with 
domain.tld. I did copy paste the crt and key with and without -BEGIN 
CERTIFICATE—— tags. Nothing works. I have the same GUI error message as before. 
Management-log shows no errors or even logs regarding certificate manipulation. 
I have not created CA key and certs again. I have confirmed certificate before 
importing to ACS using: openssl x509 -in private/vse.somedomain.tls.crt -noout 
-text (result below).

Maybe i could just insert new certs straight into the database, destroy console 
proxy and see what happens.
Any more ideas?

Also there is a bug in 4.3 documentation, because it says one must enter 
*.domain.tld while you say, it should be just domain.tld

“
In the Update SSL Certificate screen of the CloudStack UI, paste the following:

• The certificate you’ve just generated.
• The private key you’ve just generated.
• The desired domain name, prefixed with *.; for example, 
*.consoleproxy.company.com
“


[root@mc1 private]# openssl x509 -in vse.somedomain.si.crt -noout -text
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4097 (0x1001)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=SI, ST=Slovenia, L=Ljubljana, O=XXX d.o.o., OU=IT department, 
CN=optimus.si/emailAddress=sis...@xxxb.si
Validity
Not Before: Sep 25 12:25:32 2014 GMT
Not After : Jun  3 12:25:32 2028 GMT
Subject: C=SI, ST=Slovenia, O=XXX d.o.o., OU=IT department, 
CN=*.somedomain.si/emailAddress=sis...@xxxb.si
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a8:50:02:21:7a:49:b1:48:07:96:21:87:69:1d:
94:6f:d8:4f:0b:31:f4:8f:6f:e4:b2:78:94:38:d4:
72:92:5b:d5:43:73:aa:e4:33:48:31:11:5a:62:7e:
95:2b:e1:78:11:81:f0:ef:1a:0d:d0:52:90:47:2b:
fd:ab:0d:89:57:fa:ee:6b:3b:d1:24:c9:a9:6d:d6:
fb:0f:14:e3:72:63:a7:75:3d:3e:f5:57:45:09:7e:
83:18:f1:77:c9:3a:1e:de:6f:cd:43:0f:84:11:08:
05:3b:da:ed:3e:a6:65:7c:e9:3f:3b:b9:73:b3:87:
b6:a2:14:af:fd:3e:a9:6f:0f:e4:fb:4d:91:70:d6:
9a:78:b8:00:2e:f0:ad:24:07:01:64:b8:1f:ce:62:
f6:83:e3:fb:45:b9:3e:a1:c3:e6:de:87:d9:37:d3:
28:cf:20:6c:f9:78:5f:24:64:fb:d4:dd:79:90:87:
69:36:ad:83:3d:bd:ab:fd:aa:1d:6a:a6:b8:d5:8a:
f9:d6:e4:f0:db:9a:81:d4:41:e9:19:bf:a5:e8:fb:
d9:f5:e2:50:3c:4d:01:6d:3d:96:26:59:76:70:99:
8c:2e:c0:cf:dd:09:3b:fb:6f:8d:43:29:0c:7e:8a:
5c:8d:49:f4:9a:96:ba:54:72:44:d8:fa:aa:64:71:
27:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: 
CA:FALSE
X509v3 Key Usage: 
Digital Signature, Non Repudiation, Key Encipherment
Netscape Comment: 
OpenSSL Generated Certificate
X509v3 Subject Key Identifier: 
13:B4:E9:B7:EA:67:BC:00:BA:20:F9:9D:AB:02:14:0D:22:B4:F7:5B
X509v3 Authority Key Identifier: 

keyid:B9:4F:AC:D0:CA:A4:32:E0:A0:49:48:8D:D4:C9:6A:6D:6F:6C:8F:42

Signature Algorithm: sha256WithRSAEncryption
 a9:f2:77:c2:10:9b:87:f4:44:9c:57:52:1b:dc:70:a7:e2:bf:
 97:8d:bb:3d:bc:b7:a9:90:55:75:43:47:ac:bf:6f:2a:5e:90:
 b1:5b:8c:41:e7:5a:51:2a:f7:db:2e:6a:37:e5:6e:18:3a:88:
 ae:10:42:1e:97:4c:75:e9:8a:51:37:8f:e9:99:bc:40:46:18:
 85:18:ce:6f:03:24:c7:b3:43:f2:53:51:34:36:70:d8:3b:84:
 09:70:91:13:51:a9:b7:30:e4:d3:f7:1a:34:f4:6b:25:b7:46:
 a1:dd:b7:eb:19:b3:03:be:b5:3d:12:b7:ee:a9:47:26:17:89:
 ef:06:9e:90:b4:78:5d:d9:52:1c:b4:0d:14:f2:37:64:9a:d8:
 4d:89:95:1e:c0:6b:14:93:e8:ea:91:84:69:c5:22:1f:d2:82:
 54:bd:fe:06:f8:ea:f3:66:a1:27:41:72:88:25:78:eb:2b:1b:
 73:fb:98:0f:00:58:b0:43:22:5b:3b:ea:89:b5:4f:3e:2a:ed:
 92:5f:48:37:39:ec:39:6c:b5:73:d3:0d:9c:ff:3b:37:92:5b:
 c6:ef:64:65:7a:99:1a:be:09:0e:bb:62:1b:9f:9e:ad:5d:cf:
 32:8c:81:42:c2:d9:11:65:64:8d:ce:5e:f5:b4:77:66:74:eb:
 10:d5:7e:58:d7:ba:70:fe:96:4b:94:f5:66:5c:af:57:ae:e0:
 ad:72:7a:ef:04:80:7e:4b:6d:ee:13:e2:de:20:94:4e:bb:7b:
 a6:87:0f:92:d8:c4:01:9b:50:fd:b4:0b:60:b2:93:91:32:ce:
 31:f9:b7:4f:a0:72:71:a1:87:b4:02:ff:5b:49:c1:2f:a1:6d:
 13:98:c1:81:9c:33:f6:61:b9:f9:47:7b:7b:2a:b2:e0:7b:21:
 4b:67:c0:23:04:b7:08:e5:7d:a3:44:b5:a5:aa:ce:03:be:93:
 cb:78:fe:2d:e5:a7:61:20:03:b2:a1:ac:92:41:54:c0:25:b5:
 32:c6:c5:83:49:7a:cd:a8:16:4e:80:f2:05:9c:47:17:74:1f:

Review Request 26035: CLOUDSTACK-7633: fix Provides in most LSB headers

2014-09-25 Thread Vincent Bernat 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/26035/
---

Review request for cloudstack.


Bugs: CLOUDSTACK-7633
https://issues.apache.org/jira/browse/CLOUDSTACK-7633


Repository: cloudstack-git


Description
---

CLOUDSTACK-7633: fix Provides in most LSB headers

In init.d scripts, the LSB header may specify what kind of service is
provided by an init script. If spaces are used, this means the init
script is providing several boot facilities. We fix that by using an
hyphen.


Diffs
-

  agent/distro/opensuse/sles/SYSCONFDIR/init.d/cloud-agent.in 741317bde439 
  agent/distro/sles/SYSCONFDIR/init.d/cloud-agent.in 741317bde439 
  agent/distro/ubuntu/SYSCONFDIR/init.d/cloud-agent.in 0e8705307e8b 
  packaging/centos63/cloud-usage.rc 8434e4d568a0 
  packaging/debian/init/cloud-agent eb2c3d14754b 
  packaging/debian/init/cloud-usage 06b1142172aa 
  python/distro/opensuse/SYSCONFDIR/init.d/cloud-ipallocator.in 558f5a2ee986 
  python/distro/sles/SYSCONFDIR/init.d/cloud-ipallocator.in 558f5a2ee986 
  usage/distro/centos/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
  usage/distro/fedora/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
  usage/distro/opensuse/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
  usage/distro/rhel/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
  usage/distro/sles/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
  usage/distro/ubuntu/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 

Diff: https://reviews.apache.org/r/26035/diff/


Testing
---


Thanks,

Vincent Bernat

Re: Urgent. Importing certificate to CS 4.3.1 using GUI

2014-09-25 Thread France 
There is a bug in ACS 4.3.1 GUI.
The before mentioned process did not work with Firefox 32.0.2, while it worked 
on latest Chrome.
Because the problem is on the browser side, it did not reach management server 
logs at all.
I have done everything correct. Even a couple of times. ;-)

Hopefully this mail will help someone in the future. I would also advise to 
update the documentation on the issue.

Do you want me to open a bug report for this? I am a little reluctant to do so, 
because some of the bug reports i made previously just sit there for years to 
come.

FYI also got contacted off the mailing list by Steve Roles from ShapeBlue who 
kindly offered to sell annual 24/7 support to help me sort this issue.
Too bad they did not want to provide help/support for this one incident, which 
which they have come across already. They could get payed well for telling me 
to use another browser. :-)
While i appreciate what ShapeBlue does for ACS, they could easily just have 
told us publicly on the mailing list to use a different browser.

Many thanks to anyone else who actually tried to help on the issue. 
Realhostip.com migration is now officially complete.

Regards,
F.

On 25 Sep 2014, at 14:54, France mailingli...@isg.si wrote:

 I have created new key and csr. Signed it, converted key to pkcs8 format 
 without encryption and added in ACS GUI with *.domain.tld and again with 
 domain.tld. I did copy paste the crt and key with and without -BEGIN 
 CERTIFICATE—— tags. Nothing works. I have the same GUI error message as 
 before. Management-log shows no errors or even logs regarding certificate 
 manipulation. I have not created CA key and certs again. I have confirmed 
 certificate before importing to ACS using: openssl x509 -in 
 private/vse.somedomain.tls.crt -noout -text (result below).
 
 Maybe i could just insert new certs straight into the database, destroy 
 console proxy and see what happens.
 Any more ideas?
 
 Also there is a bug in 4.3 documentation, because it says one must enter 
 *.domain.tld while you say, it should be just domain.tld
 
 “
 In the Update SSL Certificate screen of the CloudStack UI, paste the 
 following:
 
   • The certificate you’ve just generated.
   • The private key you’ve just generated.
   • The desired domain name, prefixed with *.; for example, 
 *.consoleproxy.company.com
 “
 
 
 [root@mc1 private]# openssl x509 -in vse.somedomain.si.crt -noout -text
 Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4097 (0x1001)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=SI, ST=Slovenia, L=Ljubljana, O=XXX d.o.o., OU=IT 
 department, CN=optimus.si/emailAddress=sis...@xxxb.si
Validity
Not Before: Sep 25 12:25:32 2014 GMT
Not After : Jun  3 12:25:32 2028 GMT
Subject: C=SI, ST=Slovenia, O=XXX d.o.o., OU=IT department, 
 CN=*.somedomain.si/emailAddress=sis...@xxxb.si
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a8:50:02:21:7a:49:b1:48:07:96:21:87:69:1d:
94:6f:d8:4f:0b:31:f4:8f:6f:e4:b2:78:94:38:d4:
72:92:5b:d5:43:73:aa:e4:33:48:31:11:5a:62:7e:
95:2b:e1:78:11:81:f0:ef:1a:0d:d0:52:90:47:2b:
fd:ab:0d:89:57:fa:ee:6b:3b:d1:24:c9:a9:6d:d6:
fb:0f:14:e3:72:63:a7:75:3d:3e:f5:57:45:09:7e:
83:18:f1:77:c9:3a:1e:de:6f:cd:43:0f:84:11:08:
05:3b:da:ed:3e:a6:65:7c:e9:3f:3b:b9:73:b3:87:
b6:a2:14:af:fd:3e:a9:6f:0f:e4:fb:4d:91:70:d6:
9a:78:b8:00:2e:f0:ad:24:07:01:64:b8:1f:ce:62:
f6:83:e3:fb:45:b9:3e:a1:c3:e6:de:87:d9:37:d3:
28:cf:20:6c:f9:78:5f:24:64:fb:d4:dd:79:90:87:
69:36:ad:83:3d:bd:ab:fd:aa:1d:6a:a6:b8:d5:8a:
f9:d6:e4:f0:db:9a:81:d4:41:e9:19:bf:a5:e8:fb:
d9:f5:e2:50:3c:4d:01:6d:3d:96:26:59:76:70:99:
8c:2e:c0:cf:dd:09:3b:fb:6f:8d:43:29:0c:7e:8a:
5c:8d:49:f4:9a:96:ba:54:72:44:d8:fa:aa:64:71:
27:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: 
CA:FALSE
X509v3 Key Usage: 
Digital Signature, Non Repudiation, Key Encipherment
Netscape Comment: 
OpenSSL Generated Certificate
X509v3 Subject Key Identifier: 
13:B4:E9:B7:EA:67:BC:00:BA:20:F9:9D:AB:02:14:0D:22:B4:F7:5B
X509v3 Authority Key Identifier: 

 keyid:B9:4F:AC:D0:CA:A4:32:E0:A0:49:48:8D:D4:C9:6A:6D:6F:6C:8F:42
 
Signature Algorithm: sha256WithRSAEncryption
 a9:f2:77:c2:10:9b:87:f4:44:9c:57:52:1b:dc:70:a7:e2:bf:
 97:8d:bb:3d:bc:b7:a9:90:55:75:43:47:ac:bf:6f:2a:5e:90:

Re: Review Request 26035: CLOUDSTACK-7633: fix Provides in most LSB headers

2014-09-25 Thread Rohit Yadav 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/26035/#review54536
---


I think they all should start with a cloudstack-, I'm not sure but does this 
cause any issue for you? And I think they would be applicable on master, 4.4 
branches as well.

- Rohit Yadav


On Sept. 25, 2014, 1:31 p.m., Vincent Bernat wrote:
 
 ---
 This is an automatically generated e-mail. To reply, visit:
 https://reviews.apache.org/r/26035/
 ---
 
 (Updated Sept. 25, 2014, 1:31 p.m.)
 
 
 Review request for cloudstack.
 
 
 Bugs: CLOUDSTACK-7633
 https://issues.apache.org/jira/browse/CLOUDSTACK-7633
 
 
 Repository: cloudstack-git
 
 
 Description
 ---
 
 CLOUDSTACK-7633: fix Provides in most LSB headers
 
 In init.d scripts, the LSB header may specify what kind of service is
 provided by an init script. If spaces are used, this means the init
 script is providing several boot facilities. We fix that by using an
 hyphen.
 
 
 Diffs
 -
 
   agent/distro/opensuse/sles/SYSCONFDIR/init.d/cloud-agent.in 741317bde439 
   agent/distro/sles/SYSCONFDIR/init.d/cloud-agent.in 741317bde439 
   agent/distro/ubuntu/SYSCONFDIR/init.d/cloud-agent.in 0e8705307e8b 
   packaging/centos63/cloud-usage.rc 8434e4d568a0 
   packaging/debian/init/cloud-agent eb2c3d14754b 
   packaging/debian/init/cloud-usage 06b1142172aa 
   python/distro/opensuse/SYSCONFDIR/init.d/cloud-ipallocator.in 558f5a2ee986 
   python/distro/sles/SYSCONFDIR/init.d/cloud-ipallocator.in 558f5a2ee986 
   usage/distro/centos/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
   usage/distro/fedora/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
   usage/distro/opensuse/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
   usage/distro/rhel/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
   usage/distro/sles/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
   usage/distro/ubuntu/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
 
 Diff: https://reviews.apache.org/r/26035/diff/
 
 
 Testing
 ---
 
 
 Thanks,
 
 Vincent Bernat

RE: Urgent. Importing certificate to CS 4.3.1 using GUI

2014-09-25 Thread Suresh Sadhu 
HI France,

Did you import  the certificate in firefox . In firefox we need to explicitly 
import the certificate

Please check below procedure to import the certificate in firefox:

go to the Tools menu and select Options In the Options window, go to the 
Advanced section - Encryption tab and click the View certificates button.
In the Certificate Manager window, switch to the Authorities tab and click the 
Import... button to import your  .crt certificate
In the Downloading Certificate window ,check the trust the CA identity to 
identify websites and clickOK button.

Then open the new firefox session and try to  check the console view.hope you 
will see the same result what you seen with chrome browser.

Regards
sadhu



-Original Message-
From: France [mailto:mailingli...@isg.si] 
Sent: 25 September 2014 19:22
To: dev@cloudstack.apache.org
Subject: Re: Urgent. Importing certificate to CS 4.3.1 using GUI

There is a bug in ACS 4.3.1 GUI.
The before mentioned process did not work with Firefox 32.0.2, while it worked 
on latest Chrome.
Because the problem is on the browser side, it did not reach management server 
logs at all.
I have done everything correct. Even a couple of times. ;-)

Hopefully this mail will help someone in the future. I would also advise to 
update the documentation on the issue.

Do you want me to open a bug report for this? I am a little reluctant to do so, 
because some of the bug reports i made previously just sit there for years to 
come.

FYI also got contacted off the mailing list by Steve Roles from ShapeBlue who 
kindly offered to sell annual 24/7 support to help me sort this issue.
Too bad they did not want to provide help/support for this one incident, which 
which they have come across already. They could get payed well for telling me 
to use another browser. :-) While i appreciate what ShapeBlue does for ACS, 
they could easily just have told us publicly on the mailing list to use a 
different browser.

Many thanks to anyone else who actually tried to help on the issue. 
Realhostip.com migration is now officially complete.

Regards,
F.

On 25 Sep 2014, at 14:54, France mailingli...@isg.si wrote:

 I have created new key and csr. Signed it, converted key to pkcs8 format 
 without encryption and added in ACS GUI with *.domain.tld and again with 
 domain.tld. I did copy paste the crt and key with and without -BEGIN 
 CERTIFICATE-- tags. Nothing works. I have the same GUI error message as 
 before. Management-log shows no errors or even logs regarding certificate 
 manipulation. I have not created CA key and certs again. I have confirmed 
 certificate before importing to ACS using: openssl x509 -in 
 private/vse.somedomain.tls.crt -noout -text (result below).
 
 Maybe i could just insert new certs straight into the database, destroy 
 console proxy and see what happens.
 Any more ideas?
 
 Also there is a bug in 4.3 documentation, because it says one must 
 enter *.domain.tld while you say, it should be just domain.tld
 
 
 In the Update SSL Certificate screen of the CloudStack UI, paste the 
 following:
 
   * The certificate you've just generated.
   * The private key you've just generated.
   * The desired domain name, prefixed with *.; for example, 
 *.consoleproxy.company.com 
 
 
 [root@mc1 private]# openssl x509 -in vse.somedomain.si.crt -noout 
 -text
 Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4097 (0x1001)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=SI, ST=Slovenia, L=Ljubljana, O=XXX d.o.o., OU=IT 
 department, CN=optimus.si/emailAddress=sis...@xxxb.si
Validity
Not Before: Sep 25 12:25:32 2014 GMT
Not After : Jun  3 12:25:32 2028 GMT
Subject: C=SI, ST=Slovenia, O=XXX d.o.o., OU=IT department, 
 CN=*.somedomain.si/emailAddress=sis...@xxxb.si
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a8:50:02:21:7a:49:b1:48:07:96:21:87:69:1d:
94:6f:d8:4f:0b:31:f4:8f:6f:e4:b2:78:94:38:d4:
72:92:5b:d5:43:73:aa:e4:33:48:31:11:5a:62:7e:
95:2b:e1:78:11:81:f0:ef:1a:0d:d0:52:90:47:2b:
fd:ab:0d:89:57:fa:ee:6b:3b:d1:24:c9:a9:6d:d6:
fb:0f:14:e3:72:63:a7:75:3d:3e:f5:57:45:09:7e:
83:18:f1:77:c9:3a:1e:de:6f:cd:43:0f:84:11:08:
05:3b:da:ed:3e:a6:65:7c:e9:3f:3b:b9:73:b3:87:
b6:a2:14:af:fd:3e:a9:6f:0f:e4:fb:4d:91:70:d6:
9a:78:b8:00:2e:f0:ad:24:07:01:64:b8:1f:ce:62:
f6:83:e3:fb:45:b9:3e:a1:c3:e6:de:87:d9:37:d3:
28:cf:20:6c:f9:78:5f:24:64:fb:d4:dd:79:90:87:
69:36:ad:83:3d:bd:ab:fd:aa:1d:6a:a6:b8:d5:8a:
f9:d6:e4:f0:db:9a:81:d4:41:e9:19:bf:a5:e8:fb:

Re: Review Request 26035: CLOUDSTACK-7633: fix Provides in most LSB headers

2014-09-25 Thread Vincent Bernat 


 On Sept. 25, 2014, 2:12 p.m., Rohit Yadav wrote:
  I think they all should start with a cloudstack-, I'm not sure but does 
  this cause any issue for you? And I think they would be applicable on 
  master, 4.4 branches as well.

No problem with them starting with cloudstack- instead. I'll update the patch.


- Vincent


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/26035/#review54536
---


On Sept. 25, 2014, 1:31 p.m., Vincent Bernat wrote:
 
 ---
 This is an automatically generated e-mail. To reply, visit:
 https://reviews.apache.org/r/26035/
 ---
 
 (Updated Sept. 25, 2014, 1:31 p.m.)
 
 
 Review request for cloudstack.
 
 
 Bugs: CLOUDSTACK-7633
 https://issues.apache.org/jira/browse/CLOUDSTACK-7633
 
 
 Repository: cloudstack-git
 
 
 Description
 ---
 
 CLOUDSTACK-7633: fix Provides in most LSB headers
 
 In init.d scripts, the LSB header may specify what kind of service is
 provided by an init script. If spaces are used, this means the init
 script is providing several boot facilities. We fix that by using an
 hyphen.
 
 
 Diffs
 -
 
   agent/distro/opensuse/sles/SYSCONFDIR/init.d/cloud-agent.in 741317bde439 
   agent/distro/sles/SYSCONFDIR/init.d/cloud-agent.in 741317bde439 
   agent/distro/ubuntu/SYSCONFDIR/init.d/cloud-agent.in 0e8705307e8b 
   packaging/centos63/cloud-usage.rc 8434e4d568a0 
   packaging/debian/init/cloud-agent eb2c3d14754b 
   packaging/debian/init/cloud-usage 06b1142172aa 
   python/distro/opensuse/SYSCONFDIR/init.d/cloud-ipallocator.in 558f5a2ee986 
   python/distro/sles/SYSCONFDIR/init.d/cloud-ipallocator.in 558f5a2ee986 
   usage/distro/centos/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
   usage/distro/fedora/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
   usage/distro/opensuse/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
   usage/distro/rhel/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
   usage/distro/sles/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
   usage/distro/ubuntu/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
 
 Diff: https://reviews.apache.org/r/26035/diff/
 
 
 Testing
 ---
 
 
 Thanks,
 
 Vincent Bernat

Re: Review Request 26035: CLOUDSTACK-7633: fix Provides in most LSB headers

2014-09-25 Thread Vincent Bernat 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/26035/
---

(Updated Sept. 25, 2014, 2:31 p.m.)


Review request for cloudstack.


Bugs: CLOUDSTACK-7633
https://issues.apache.org/jira/browse/CLOUDSTACK-7633


Repository: cloudstack-git


Description
---

CLOUDSTACK-7633: fix Provides in most LSB headers

In init.d scripts, the LSB header may specify what kind of service is
provided by an init script. If spaces are used, this means the init
script is providing several boot facilities. We fix that by using an
hyphen.


Diffs (updated)
-

  agent/distro/opensuse/sles/SYSCONFDIR/init.d/cloud-agent.in 741317bde439 
  agent/distro/sles/SYSCONFDIR/init.d/cloud-agent.in 741317bde439 
  agent/distro/ubuntu/SYSCONFDIR/init.d/cloud-agent.in 0e8705307e8b 
  packaging/centos63/cloud-usage.rc 8434e4d568a0 
  packaging/debian/init/cloud-agent eb2c3d14754b 
  packaging/debian/init/cloud-usage 06b1142172aa 
  python/distro/opensuse/SYSCONFDIR/init.d/cloud-ipallocator.in 558f5a2ee986 
  python/distro/sles/SYSCONFDIR/init.d/cloud-ipallocator.in 558f5a2ee986 
  usage/distro/centos/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
  usage/distro/fedora/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
  usage/distro/opensuse/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
  usage/distro/rhel/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
  usage/distro/sles/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
  usage/distro/ubuntu/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 

Diff: https://reviews.apache.org/r/26035/diff/


Testing
---


Thanks,

Vincent Bernat

Re: Urgent. Importing certificate to CS 4.3.1 using GUI

2014-09-25 Thread France 
You are talking about importing CA root certificate into client machine, while 
i was clearly talking about importing certificate into the ACS 3.2.1 install to 
be used by console proxy.

Of course you need to import the CA root certificate not to get warnings on the 
client side, but only _after_ the server certificate is installed/changed via 
ACS GUI - infrastructure - SSL Certificate. This procedure does not work with 
Firefox, but does work in Chrome.

Regards,
F.

On 25 Sep 2014, at 16:26, Suresh Sadhu suresh.sa...@citrix.com wrote:

 HI France,
 
 Did you import  the certificate in firefox . In firefox we need to explicitly 
 import the certificate
 
 Please check below procedure to import the certificate in firefox:
 
 go to the Tools menu and select Options In the Options window, go to the 
 Advanced section - Encryption tab and click the View certificates button.
 In the Certificate Manager window, switch to the Authorities tab and click 
 the Import... button to import your  .crt certificate
 In the Downloading Certificate window ,check the trust the CA identity to 
 identify websites and clickOK button.
 
 Then open the new firefox session and try to  check the console view.hope you 
 will see the same result what you seen with chrome browser.
 
 Regards
 sadhu
 
 
 
 -Original Message-
 From: France [mailto:mailingli...@isg.si] 
 Sent: 25 September 2014 19:22
 To: dev@cloudstack.apache.org
 Subject: Re: Urgent. Importing certificate to CS 4.3.1 using GUI
 
 There is a bug in ACS 4.3.1 GUI.
 The before mentioned process did not work with Firefox 32.0.2, while it 
 worked on latest Chrome.
 Because the problem is on the browser side, it did not reach management 
 server logs at all.
 I have done everything correct. Even a couple of times. ;-)
 
 Hopefully this mail will help someone in the future. I would also advise to 
 update the documentation on the issue.
 
 Do you want me to open a bug report for this? I am a little reluctant to do 
 so, because some of the bug reports i made previously just sit there for 
 years to come.
 
 FYI also got contacted off the mailing list by Steve Roles from ShapeBlue who 
 kindly offered to sell annual 24/7 support to help me sort this issue.
 Too bad they did not want to provide help/support for this one incident, 
 which which they have come across already. They could get payed well for 
 telling me to use another browser. :-) While i appreciate what ShapeBlue does 
 for ACS, they could easily just have told us publicly on the mailing list to 
 use a different browser.
 
 Many thanks to anyone else who actually tried to help on the issue. 
 Realhostip.com migration is now officially complete.
 
 Regards,
 F.
 
 On 25 Sep 2014, at 14:54, France mailingli...@isg.si wrote:
 
 I have created new key and csr. Signed it, converted key to pkcs8 format 
 without encryption and added in ACS GUI with *.domain.tld and again with 
 domain.tld. I did copy paste the crt and key with and without -BEGIN 
 CERTIFICATE-- tags. Nothing works. I have the same GUI error message as 
 before. Management-log shows no errors or even logs regarding certificate 
 manipulation. I have not created CA key and certs again. I have confirmed 
 certificate before importing to ACS using: openssl x509 -in 
 private/vse.somedomain.tls.crt -noout -text (result below).
 
 Maybe i could just insert new certs straight into the database, destroy 
 console proxy and see what happens.
 Any more ideas?
 
 Also there is a bug in 4.3 documentation, because it says one must 
 enter *.domain.tld while you say, it should be just domain.tld
 
 
 In the Update SSL Certificate screen of the CloudStack UI, paste the 
 following:
 
  * The certificate you've just generated.
  * The private key you've just generated.
  * The desired domain name, prefixed with *.; for example, 
 *.consoleproxy.company.com 
 
 
 [root@mc1 private]# openssl x509 -in vse.somedomain.si.crt -noout 
 -text
 Certificate:
   Data:
   Version: 3 (0x2)
   Serial Number: 4097 (0x1001)
   Signature Algorithm: sha256WithRSAEncryption
   Issuer: C=SI, ST=Slovenia, L=Ljubljana, O=XXX d.o.o., OU=IT 
 department, CN=optimus.si/emailAddress=sis...@xxxb.si
   Validity
   Not Before: Sep 25 12:25:32 2014 GMT
   Not After : Jun  3 12:25:32 2028 GMT
   Subject: C=SI, ST=Slovenia, O=XXX d.o.o., OU=IT department, 
 CN=*.somedomain.si/emailAddress=sis...@xxxb.si
   Subject Public Key Info:
   Public Key Algorithm: rsaEncryption
   Public-Key: (2048 bit)
   Modulus:
   00:a8:50:02:21:7a:49:b1:48:07:96:21:87:69:1d:
   94:6f:d8:4f:0b:31:f4:8f:6f:e4:b2:78:94:38:d4:
   72:92:5b:d5:43:73:aa:e4:33:48:31:11:5a:62:7e:
   95:2b:e1:78:11:81:f0:ef:1a:0d:d0:52:90:47:2b:
   fd:ab:0d:89:57:fa:ee:6b:3b:d1:24:c9:a9:6d:d6:
   fb:0f:14:e3:72:63:a7:75:3d:3e:f5:57:45:09:7e:

Re: Review Request 26035: CLOUDSTACK-7633: fix Provides in most LSB headers

2014-09-25 Thread Rohit Yadav 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/26035/#review54539
---


Thanks for your quick fix, it's more consistent with the cloudstack- prefix 
now. LGTM, merging on master and 4.3 branch. For 4.4 branch, please drop a note 
to Daan or add him to the reviewers.

- Rohit Yadav


On Sept. 25, 2014, 2:31 p.m., Vincent Bernat wrote:
 
 ---
 This is an automatically generated e-mail. To reply, visit:
 https://reviews.apache.org/r/26035/
 ---
 
 (Updated Sept. 25, 2014, 2:31 p.m.)
 
 
 Review request for cloudstack.
 
 
 Bugs: CLOUDSTACK-7633
 https://issues.apache.org/jira/browse/CLOUDSTACK-7633
 
 
 Repository: cloudstack-git
 
 
 Description
 ---
 
 CLOUDSTACK-7633: fix Provides in most LSB headers
 
 In init.d scripts, the LSB header may specify what kind of service is
 provided by an init script. If spaces are used, this means the init
 script is providing several boot facilities. We fix that by using an
 hyphen.
 
 
 Diffs
 -
 
   agent/distro/opensuse/sles/SYSCONFDIR/init.d/cloud-agent.in 741317bde439 
   agent/distro/sles/SYSCONFDIR/init.d/cloud-agent.in 741317bde439 
   agent/distro/ubuntu/SYSCONFDIR/init.d/cloud-agent.in 0e8705307e8b 
   packaging/centos63/cloud-usage.rc 8434e4d568a0 
   packaging/debian/init/cloud-agent eb2c3d14754b 
   packaging/debian/init/cloud-usage 06b1142172aa 
   python/distro/opensuse/SYSCONFDIR/init.d/cloud-ipallocator.in 558f5a2ee986 
   python/distro/sles/SYSCONFDIR/init.d/cloud-ipallocator.in 558f5a2ee986 
   usage/distro/centos/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
   usage/distro/fedora/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
   usage/distro/opensuse/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
   usage/distro/rhel/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
   usage/distro/sles/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
   usage/distro/ubuntu/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
 
 Diff: https://reviews.apache.org/r/26035/diff/
 
 
 Testing
 ---
 
 
 Thanks,
 
 Vincent Bernat

Re: Review Request 26035: CLOUDSTACK-7633: fix Provides in most LSB headers

2014-09-25 Thread Rohit Yadav 

---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/26035/#review54540
---

Ship it!


Ship It!

- Rohit Yadav


On Sept. 25, 2014, 2:31 p.m., Vincent Bernat wrote:
 
 ---
 This is an automatically generated e-mail. To reply, visit:
 https://reviews.apache.org/r/26035/
 ---
 
 (Updated Sept. 25, 2014, 2:31 p.m.)
 
 
 Review request for cloudstack.
 
 
 Bugs: CLOUDSTACK-7633
 https://issues.apache.org/jira/browse/CLOUDSTACK-7633
 
 
 Repository: cloudstack-git
 
 
 Description
 ---
 
 CLOUDSTACK-7633: fix Provides in most LSB headers
 
 In init.d scripts, the LSB header may specify what kind of service is
 provided by an init script. If spaces are used, this means the init
 script is providing several boot facilities. We fix that by using an
 hyphen.
 
 
 Diffs
 -
 
   agent/distro/opensuse/sles/SYSCONFDIR/init.d/cloud-agent.in 741317bde439 
   agent/distro/sles/SYSCONFDIR/init.d/cloud-agent.in 741317bde439 
   agent/distro/ubuntu/SYSCONFDIR/init.d/cloud-agent.in 0e8705307e8b 
   packaging/centos63/cloud-usage.rc 8434e4d568a0 
   packaging/debian/init/cloud-agent eb2c3d14754b 
   packaging/debian/init/cloud-usage 06b1142172aa 
   python/distro/opensuse/SYSCONFDIR/init.d/cloud-ipallocator.in 558f5a2ee986 
   python/distro/sles/SYSCONFDIR/init.d/cloud-ipallocator.in 558f5a2ee986 
   usage/distro/centos/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
   usage/distro/fedora/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
   usage/distro/opensuse/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
   usage/distro/rhel/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
   usage/distro/sles/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
   usage/distro/ubuntu/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
 
 Diff: https://reviews.apache.org/r/26035/diff/
 
 
 Testing
 ---
 
 
 Thanks,
 
 Vincent Bernat

Re: Review Request 26035: CLOUDSTACK-7633: fix Provides in most LSB headers

2014-09-25 Thread Rohit Yadav 


 On Sept. 25, 2014, 2:55 p.m., Rohit Yadav wrote:
  Ship It!

Merged on 4.3: 08cb7ef7fa0417ea1d9799a0757f459abc5a9883
Merged on master: 2401eb927bbda69f0376d1f34ef20631e1188540

Once your fix lands on 4.4, please close as submitted.


- Rohit


---
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/26035/#review54540
---


On Sept. 25, 2014, 2:31 p.m., Vincent Bernat wrote:
 
 ---
 This is an automatically generated e-mail. To reply, visit:
 https://reviews.apache.org/r/26035/
 ---
 
 (Updated Sept. 25, 2014, 2:31 p.m.)
 
 
 Review request for cloudstack.
 
 
 Bugs: CLOUDSTACK-7633
 https://issues.apache.org/jira/browse/CLOUDSTACK-7633
 
 
 Repository: cloudstack-git
 
 
 Description
 ---
 
 CLOUDSTACK-7633: fix Provides in most LSB headers
 
 In init.d scripts, the LSB header may specify what kind of service is
 provided by an init script. If spaces are used, this means the init
 script is providing several boot facilities. We fix that by using an
 hyphen.
 
 
 Diffs
 -
 
   agent/distro/opensuse/sles/SYSCONFDIR/init.d/cloud-agent.in 741317bde439 
   agent/distro/sles/SYSCONFDIR/init.d/cloud-agent.in 741317bde439 
   agent/distro/ubuntu/SYSCONFDIR/init.d/cloud-agent.in 0e8705307e8b 
   packaging/centos63/cloud-usage.rc 8434e4d568a0 
   packaging/debian/init/cloud-agent eb2c3d14754b 
   packaging/debian/init/cloud-usage 06b1142172aa 
   python/distro/opensuse/SYSCONFDIR/init.d/cloud-ipallocator.in 558f5a2ee986 
   python/distro/sles/SYSCONFDIR/init.d/cloud-ipallocator.in 558f5a2ee986 
   usage/distro/centos/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
   usage/distro/fedora/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
   usage/distro/opensuse/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
   usage/distro/rhel/SYSCONFDIR/rc.d/init.d/cloud-usage.in cb5beb5cff1a 
   usage/distro/sles/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
   usage/distro/ubuntu/SYSCONFDIR/init.d/cloud-usage.in f9682635b1e9 
 
 Diff: https://reviews.apache.org/r/26035/diff/
 
 
 Testing
 ---
 
 
 Thanks,
 
 Vincent Bernat

Shellshock

2014-09-25 Thread Abhinandan Prateek 

After heart bleed we are Shell shocked 
http://www.bbc.com/news/technology-29361794 !
It may not affect cloudstack directly as it is a vulnerability that affects 
bash, and allows the attacker to take control of the system running bash shell.

-abhi

Jenkins build is back to normal : simulator-singlerun #446

2014-09-25 Thread jenkins 
See http://jenkins.buildacloud.org/job/simulator-singlerun/446/changes

Re: Urgent. Importing certificate to CS 4.3.1 using GUI

2014-09-25 Thread Amogh Vasekar 
Thanks for letting us know, I will follow-up with the doc folks to fix the
notes published.
Funny that the GUI is not working right with FF 32.0.2.
I know they changed the pkix libraries they use (I hit it while testing
something on ACS), but this bug may call for more testing on FF to see if
anything else is broken.

Thanks
Amogh 

On 9/25/14 6:52 AM, France mailingli...@isg.si wrote:

There is a bug in ACS 4.3.1 GUI.
The before mentioned process did not work with Firefox 32.0.2, while it
worked on latest Chrome.
Because the problem is on the browser side, it did not reach management
server logs at all.
I have done everything correct. Even a couple of times. ;-)

Hopefully this mail will help someone in the future. I would also advise
to update the documentation on the issue.

Do you want me to open a bug report for this? I am a little reluctant to
do so, because some of the bug reports i made previously just sit there
for years to come.

FYI also got contacted off the mailing list by Steve Roles from ShapeBlue
who kindly offered to sell annual 24/7 support to help me sort this issue.
Too bad they did not want to provide help/support for this one incident,
which which they have come across already. They could get payed well
for telling me to use another browser. :-)
While i appreciate what ShapeBlue does for ACS, they could easily just
have told us publicly on the mailing list to use a different browser.

Many thanks to anyone else who actually tried to help on the issue.
Realhostip.com migration is now officially complete.

Regards,
F.

On 25 Sep 2014, at 14:54, France mailingli...@isg.si wrote:

 I have created new key and csr. Signed it, converted key to pkcs8
format without encryption and added in ACS GUI with *.domain.tld and
again with domain.tld. I did copy paste the crt and key with and without
-BEGIN CERTIFICATE‹‹ tags. Nothing works. I have the same GUI error
message as before. Management-log shows no errors or even logs regarding
certificate manipulation. I have not created CA key and certs again. I
have confirmed certificate before importing to ACS using: openssl x509
-in private/vse.somedomain.tls.crt -noout -text (result below).
 
 Maybe i could just insert new certs straight into the database, destroy
console proxy and see what happens.
 Any more ideas?
 
 Also there is a bug in 4.3 documentation, because it says one must
enter *.domain.tld while you say, it should be just domain.tld
 
 ³
 In the Update SSL Certificate screen of the CloudStack UI, paste the
following:
 
  € The certificate you¹ve just generated.
  € The private key you¹ve just generated.
  € The desired domain name, prefixed with *.; for example,
*.consoleproxy.company.com
 ³
 
 
 [root@mc1 private]# openssl x509 -in vse.somedomain.si.crt -noout -text
 Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4097 (0x1001)
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=SI, ST=Slovenia, L=Ljubljana, O=XXX d.o.o., OU=IT
department, CN=optimus.si/emailAddress=sis...@xxxb.si
Validity
Not Before: Sep 25 12:25:32 2014 GMT
Not After : Jun  3 12:25:32 2028 GMT
Subject: C=SI, ST=Slovenia, O=XXX d.o.o., OU=IT department,
CN=*.somedomain.si/emailAddress=sis...@xxxb.si
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a8:50:02:21:7a:49:b1:48:07:96:21:87:69:1d:
94:6f:d8:4f:0b:31:f4:8f:6f:e4:b2:78:94:38:d4:
72:92:5b:d5:43:73:aa:e4:33:48:31:11:5a:62:7e:
95:2b:e1:78:11:81:f0:ef:1a:0d:d0:52:90:47:2b:
fd:ab:0d:89:57:fa:ee:6b:3b:d1:24:c9:a9:6d:d6:
fb:0f:14:e3:72:63:a7:75:3d:3e:f5:57:45:09:7e:
83:18:f1:77:c9:3a:1e:de:6f:cd:43:0f:84:11:08:
05:3b:da:ed:3e:a6:65:7c:e9:3f:3b:b9:73:b3:87:
b6:a2:14:af:fd:3e:a9:6f:0f:e4:fb:4d:91:70:d6:
9a:78:b8:00:2e:f0:ad:24:07:01:64:b8:1f:ce:62:
f6:83:e3:fb:45:b9:3e:a1:c3:e6:de:87:d9:37:d3:
28:cf:20:6c:f9:78:5f:24:64:fb:d4:dd:79:90:87:
69:36:ad:83:3d:bd:ab:fd:aa:1d:6a:a6:b8:d5:8a:
f9:d6:e4:f0:db:9a:81:d4:41:e9:19:bf:a5:e8:fb:
d9:f5:e2:50:3c:4d:01:6d:3d:96:26:59:76:70:99:
8c:2e:c0:cf:dd:09:3b:fb:6f:8d:43:29:0c:7e:8a:
5c:8d:49:f4:9a:96:ba:54:72:44:d8:fa:aa:64:71:
27:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage:
Digital Signature, Non Repudiation, Key Encipherment
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:

Build failed in Jenkins: simulator-singlerun #448

2014-09-25 Thread jenkins 
See http://jenkins.buildacloud.org/job/simulator-singlerun/448/changes

Changes:

[Frank Zhang] CLOUDSTACK-6278

--
[...truncated 8818 lines...]
[INFO] Apache CloudStack Plugin - Storage Allocator Random  SUCCESS [10.038s]
[INFO] Apache CloudStack Plugin - User Authenticator LDAP  SUCCESS [19.693s]
[INFO] Apache CloudStack Plugin - User Authenticator MD5 . SUCCESS [19.645s]
[INFO] Apache CloudStack Plugin - User Authenticator Plain Text  SUCCESS 
[11.742s]
[INFO] Apache CloudStack Plugin - User Authenticator SAML2  SUCCESS [50.926s]
[INFO] Apache CloudStack Plugin - User Authenticator SHA256 Salted  SUCCESS 
[20.855s]
[INFO] Apache CloudStack Plugin - Dns Notifier Example ... SUCCESS [9.987s]
[INFO] Apache CloudStack Plugin - Storage Image S3 ... SUCCESS [11.617s]
[INFO] Apache CloudStack Plugin - Storage Image Swift provider  SUCCESS 
[10.843s]
[INFO] Apache CloudStack Plugin - Storage Image default provider  SUCCESS 
[11.185s]
[INFO] Apache CloudStack Plugin - Storage Image sample provider  SUCCESS 
[9.882s]
[INFO] Apache CloudStack Plugin - Storage Volume Nexenta Provider  SUCCESS 
[18.771s]
[INFO] Apache CloudStack Plugin - Storage Volume CloudByte Provider  SUCCESS 
[16.545s]
[INFO] Apache CloudStack Plugin - Storage Volume sample provider  SUCCESS 
[11.986s]
[INFO] Apache CloudStack Plugin - SNMP Alerts  SUCCESS [20.225s]
[INFO] Apache CloudStack Plugin - Syslog Alerts .. SUCCESS [17.884s]
[INFO] Apache CloudStack Plugin - Network VXLAN .. SUCCESS [20.278s]
[INFO] Apache CloudStack Plugin - GloboDNS ... SUCCESS [38.452s]
[INFO] Apache CloudStack Plugin - Hypervisor Simulator ... SUCCESS [22.701s]
[INFO] Apache CloudStack Framework - Spring Module ... SUCCESS [27.545s]
[INFO] Apache CloudStack Secondary Storage Controller  SUCCESS [17.248s]
[INFO] Apache CloudStack Console Proxy - RDP Client .. SUCCESS [40.481s]
[INFO] Apache CloudStack Console Proxy ... SUCCESS [4.825s]
[INFO] Apache CloudStack Console Proxy - Server .. SUCCESS [22.558s]
[INFO] Apache CloudStack System VM ... SUCCESS [40.643s]
[INFO] Apache CloudStack Client UI ... SUCCESS [22.976s]
[INFO] Apache CloudStack Framework - QuickCloud .. SUCCESS [3.527s]
[INFO] Apache CloudStack Test  SUCCESS [3.291s]
[INFO] Apache CloudStack Developer Mode .. SUCCESS [5.849s]
[INFO] Apache CloudStack Developer Tools . SUCCESS [2.545s]
[INFO] Apache CloudStack apidocs . SUCCESS [2:44.570s]
[INFO] Apache CloudStack marvin .. SUCCESS [22.949s]
[INFO] Apache CloudStack DevCloud  SUCCESS [3.700s]
[INFO] Apache CloudStack DevCloud-KVM  SUCCESS [1.845s]
[INFO] 
[INFO] BUILD SUCCESS
[INFO] 
[INFO] Total time: 12:46.361s (Wall Clock)
[INFO] Finished at: Thu Sep 25 13:56:24 EDT 2014
[INFO] Final Memory: 79M/406M
[INFO] 
[simulator-singlerun] $ mvn -P developer,simulator -Ddeploydb -pl developer
[INFO] Scanning for projects...
[INFO] 
[INFO] 
[INFO] Building Apache CloudStack Developer Mode 4.5.0-SNAPSHOT
[INFO] 
[INFO] 
[INFO] --- maven-checkstyle-plugin:2.11:check (cloudstack-checkstyle) @ 
cloud-developer ---
[INFO] Starting audit...
Audit done.

[INFO] 
[INFO] --- properties-maven-plugin:1.0-alpha-2:read-project-properties 
(default) @ cloud-developer ---
[WARNING] Ignoring missing properties file: 
http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/../utils/conf/db.properties.override
[INFO] 
[INFO] --- maven-remote-resources-plugin:1.3:process (default) @ 
cloud-developer ---
[INFO] 
[INFO] --- maven-antrun-plugin:1.7:run (default) @ cloud-developer ---
[INFO] Executing tasks

main:
[INFO] Executed tasks
[INFO] 
[INFO]  exec-maven-plugin:1.2.1:java (create-schema) @ cloud-developer 
[INFO] 
[INFO] --- maven-checkstyle-plugin:2.11:check (cloudstack-checkstyle) @ 
cloud-developer ---
[INFO] Starting audit...
Audit done.

[INFO] 
[INFO]  exec-maven-plugin:1.2.1:java (create-schema) @ cloud-developer 
[INFO] 
[INFO] --- exec-maven-plugin:1.2.1:java (create-schema) @ cloud-developer ---
log4j:WARN No appenders could be found for logger 
(org.springframework.core.env.StandardEnvironment).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more 
info.
 WARNING: Provided file does not exist:

Jenkins build is back to normal : simulator-singlerun #449

2014-09-25 Thread jenkins 
See http://jenkins.buildacloud.org/job/simulator-singlerun/449/

Build failed in Jenkins: simulator-singlerun #451

2014-09-25 Thread jenkins 
See http://jenkins.buildacloud.org/job/simulator-singlerun/451/changes

Changes:

[brian.federle] Fixed Encoding issue to message_ja_JP  message_zh_CN 
properties files.

--
[...truncated 8818 lines...]
[INFO] Apache CloudStack Plugin - Storage Allocator Random  SUCCESS [12.173s]
[INFO] Apache CloudStack Plugin - User Authenticator LDAP  SUCCESS [19.367s]
[INFO] Apache CloudStack Plugin - User Authenticator MD5 . SUCCESS [20.103s]
[INFO] Apache CloudStack Plugin - User Authenticator Plain Text  SUCCESS 
[12.237s]
[INFO] Apache CloudStack Plugin - User Authenticator SAML2  SUCCESS [51.721s]
[INFO] Apache CloudStack Plugin - User Authenticator SHA256 Salted  SUCCESS 
[20.581s]
[INFO] Apache CloudStack Plugin - Dns Notifier Example ... SUCCESS [9.944s]
[INFO] Apache CloudStack Plugin - Storage Image S3 ... SUCCESS [10.658s]
[INFO] Apache CloudStack Plugin - Storage Image Swift provider  SUCCESS 
[11.435s]
[INFO] Apache CloudStack Plugin - Storage Image default provider  SUCCESS 
[7.910s]
[INFO] Apache CloudStack Plugin - Storage Image sample provider  SUCCESS 
[9.664s]
[INFO] Apache CloudStack Plugin - Storage Volume Nexenta Provider  SUCCESS 
[21.657s]
[INFO] Apache CloudStack Plugin - Storage Volume CloudByte Provider  SUCCESS 
[16.618s]
[INFO] Apache CloudStack Plugin - Storage Volume sample provider  SUCCESS 
[10.231s]
[INFO] Apache CloudStack Plugin - SNMP Alerts  SUCCESS [22.244s]
[INFO] Apache CloudStack Plugin - Syslog Alerts .. SUCCESS [17.685s]
[INFO] Apache CloudStack Plugin - Network VXLAN .. SUCCESS [19.721s]
[INFO] Apache CloudStack Plugin - GloboDNS ... SUCCESS [38.201s]
[INFO] Apache CloudStack Plugin - Hypervisor Simulator ... SUCCESS [23.424s]
[INFO] Apache CloudStack Framework - Spring Module ... SUCCESS [27.697s]
[INFO] Apache CloudStack Secondary Storage Controller  SUCCESS [17.483s]
[INFO] Apache CloudStack Console Proxy - RDP Client .. SUCCESS [36.827s]
[INFO] Apache CloudStack Console Proxy ... SUCCESS [7.037s]
[INFO] Apache CloudStack Console Proxy - Server .. SUCCESS [21.438s]
[INFO] Apache CloudStack System VM ... SUCCESS [38.287s]
[INFO] Apache CloudStack Client UI ... SUCCESS [20.454s]
[INFO] Apache CloudStack Framework - QuickCloud .. SUCCESS [4.060s]
[INFO] Apache CloudStack Test  SUCCESS [4.670s]
[INFO] Apache CloudStack Developer Mode .. SUCCESS [6.098s]
[INFO] Apache CloudStack Developer Tools . SUCCESS [3.237s]
[INFO] Apache CloudStack apidocs . SUCCESS [2:46.897s]
[INFO] Apache CloudStack marvin .. SUCCESS [19.103s]
[INFO] Apache CloudStack DevCloud  SUCCESS [3.537s]
[INFO] Apache CloudStack DevCloud-KVM  SUCCESS [1.723s]
[INFO] 
[INFO] BUILD SUCCESS
[INFO] 
[INFO] Total time: 12:35.852s (Wall Clock)
[INFO] Finished at: Thu Sep 25 16:16:10 EDT 2014
[INFO] Final Memory: 81M/426M
[INFO] 
[simulator-singlerun] $ mvn -P developer,simulator -Ddeploydb -pl developer
[INFO] Scanning for projects...
[INFO] 
[INFO] 
[INFO] Building Apache CloudStack Developer Mode 4.5.0-SNAPSHOT
[INFO] 
[INFO] 
[INFO] --- maven-checkstyle-plugin:2.11:check (cloudstack-checkstyle) @ 
cloud-developer ---
[INFO] Starting audit...
Audit done.

[INFO] 
[INFO] --- properties-maven-plugin:1.0-alpha-2:read-project-properties 
(default) @ cloud-developer ---
[WARNING] Ignoring missing properties file: 
http://jenkins.buildacloud.org/job/simulator-singlerun/ws/developer/../utils/conf/db.properties.override
[INFO] 
[INFO] --- maven-remote-resources-plugin:1.3:process (default) @ 
cloud-developer ---
[INFO] 
[INFO] --- maven-antrun-plugin:1.7:run (default) @ cloud-developer ---
[INFO] Executing tasks

main:
[INFO] Executed tasks
[INFO] 
[INFO]  exec-maven-plugin:1.2.1:java (create-schema) @ cloud-developer 
[INFO] 
[INFO] --- maven-checkstyle-plugin:2.11:check (cloudstack-checkstyle) @ 
cloud-developer ---
[INFO] Starting audit...
Audit done.

[INFO] 
[INFO]  exec-maven-plugin:1.2.1:java (create-schema) @ cloud-developer 
[INFO] 
[INFO] --- exec-maven-plugin:1.2.1:java (create-schema) @ cloud-developer ---
log4j:WARN No appenders could be found for logger 
(org.springframework.core.env.StandardEnvironment).
log4j:WARN Please initialize the log4j system properly.
log4j:WARN See http://logging.apache.org/log4j/1.2/faq.html#noconfig for more 
info.
 WARNING: Provided

Jenkins build is back to normal : simulator-singlerun #452

2014-09-25 Thread jenkins 
See http://jenkins.buildacloud.org/job/simulator-singlerun/452/

Re: Realhostip service extended till Sep 30th

2014-09-25 Thread Chiradeep Vittal 
I checked the DNS logs and still see quite a few requests for 
xx-yy-zz-aa.realhostip.com
Please work on removing the realhostip.com domain in your installation ASAP.

https://cwiki.apache.org/confluence/x/rAZ_Ag

From: Mihaela Stoica 
mihaela.sto...@citrix.commailto:mihaela.sto...@citrix.com
Reply-To: dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.org 
dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.org
Date: Wednesday, September 3, 2014 at 4:04 AM
To: dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.org 
dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.org, 
us...@cloudstack.apache.orgmailto:us...@cloudstack.apache.org 
us...@cloudstack.apache.orgmailto:us...@cloudstack.apache.org, 
users...@cloudstack.apache.orgmailto:users...@cloudstack.apache.org 
users...@cloudstack.apache.orgmailto:users...@cloudstack.apache.org
Subject: RE: Realhostip service extended till Sep 30th

If you are using the latest cloudstack build from master or 4.4 branch, you can 
upload custom certificates via the UI, instead of invoking the 
UploadCustomCertificate API directly.

We changed the SSL Certificate dialog to allow uploading chained SSL 
certificates, see 
CLOUDSTACK-6695https://issues.apache.org/jira/browse/CLOUDSTACK-6695.



Thanks,

Mihaela



-Original Message-
From: Nitin Mehta [mailto:nitin.me...@citrix.com]
Sent: 02 September 2014 22:26
To: dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.org; Animesh 
Chaturvedi; us...@cloudstack.apache.orgmailto:us...@cloudstack.apache.org; 
users...@cloudstack.apache.orgmailto:users...@cloudstack.apache.org
Cc: Amogh Vasekar
Subject: Re: Realhostip service extended till Sep 30th



Created another wiki [1] for troubleshooting and information on the 
implementation details.

[1]

https://cwiki.apache.org/confluence/display/CLOUDSTACK/Troubleshooting+-+up

loading+custom+domain+certificate+instead+of+using+realhostip.com







Thanks,

-Nitin



On 05/06/14 7:03 PM, Nitin Mehta 
nitin.me...@citrix.commailto:nitin.me...@citrix.commailto:nitin.me...@citrix.com
 wrote:



Please find wiki [1] containing the procedure to replace realhostip.com

with Your own custom domain name.



[1]

https://cwiki.apache.org/confluence/display/CLOUDSTACK/Procedure+to+Replac

e

+realhostip.com+with+Your+Own+Domain+Name





Thanks,

-Nitin



On 05/06/14 4:23 PM, Animesh Chaturvedi 
animesh.chaturv...@citrix.commailto:animesh.chaturv...@citrix.commailto:animesh.chaturv...@citrix.com

wrote:





Folks



I wanted to provide an update on shutting down of RealhostIp service.

Citrix has decided to move the date by one quarter and the new date will

be Sep 30th.  The new dates allow users of CloudStack additional time for

updating their infrastructure. While testing Realhostip fixes additional

product issues were found which are tracked in following three defects

CLOUDSTACK-6499 [1], CLOUDSTACK-6599 [2], CLOUDSTACK-6824 [3] . These

defects are fixed in 4.4 and master branch. Please verify in your setups.

If you are on older version of CloudStack do plan on upgrading to 4.4 .

Additional details on fixes are available in JIRA.  Updated wiki with

steps will be published shortly.



[1] https://issues.apache.org/jira/browse/CLOUDSTACK-6499

[2] https://issues.apache.org/jira/browse/CLOUDSTACK-6599

[3] https://issues.apache.org/jira/browse/CLOUDSTACK-6824





Thanks

Animesh









-Original Message-

From: John Kinsella [mailto:j...@stratosec.co]

Sent: Thursday, April 17, 2014 8:35 AM

To: 
us...@cloudstack.apache.orgmailto:us...@cloudstack.apache.orgmailto:us...@cloudstack.apache.org;
 
users...@cloudstack.apache.orgmailto:users...@cloudstack.apache.orgmailto:users...@cloudstack.apache.org;

dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.orgmailto:dev@cloudstack.apache.org

Subject: REMINDER RealhostIP going away



Reminder, folks - please migrate off RealhostIP.com or you¹re going to

get a

nasty surprise this summer. More info at link below.





https://blogs.apache.org/cloudstack/entry/RealhostIP_service_is_being_re

t

ired

CI improvment part 1

2014-09-25 Thread Edison Su 
Highlights the improvements on marvin I made in these days on pytest branch:
1. Switch test framework from nose to pytest, while also maintain the 
back-compatibility for existing test cases.
pytest is more flexible than nose, more enjoyable to work with. 
2. Speed up test speed a LOT: It only takes 250-300 seconds for a single run 
for all the test cases under test/integration/smoke folder, while it usually 
takes 40 minutes to run before.
   The speed up is coming from running test cases in parallel. pytest-xdist is 
modified to fix the issue: 
https://bitbucket.org/hpk42/pytest/issue/175/way-to-control-how-pytest-xdist-runs-tests.
 we have a lot of existing test cases have to run in sequence per test class.
3. Add a new Jenkins job at 
http://jenkins.buildacloud.org/job/fastsimulatorbuild/, which only takes 22 
minutes for a full cycle buildtest.
A new VM is created on digitalocean: 4G memory, 40G SSD, and added into 
Jenkins.buildacloud.org. SSD is life saver, it really makes big difference 
during build/test.
A new docker image is created, which has all the tools installed in order 
to build and test: e.g. java/mysql/python/git/ installed. 
A new Jenkins job is created to build and test periodically in every 20 
minutes. 

So far, the Jenkins job works very well, if everybody ok with what I am doing, 
I want to merge pytest branch into master later. With a quick CI in hand, we 
then can start to think about how to add gerrit into our system.