[jira] [Commented] (CLOUDSTACK-10304) SystemVM - Apache Web Server Version Number Information Disclosure

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10304?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16436501#comment-16436501
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10304:
-

blueorangutan commented on issue #2563: CLOUDSTACK-10304: turn off apache2 
server tokens and signature in systemvms
URL: https://github.com/apache/cloudstack/pull/2563#issuecomment-380978801
 
 
   Trillian test result (tid-2496)
   Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
   Total time taken: 91764 seconds
   Marvin logs: 
https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr2563-t2496-kvm-centos7.zip
   Intermitten failure detected: /marvin/tests/smoke/test_routers.py
   Smoke tests completed. 66 look OK, 1 have error(s)
   Only failed tests results shown below:
   
   
   Test | Result | Time (s) | Test File
   --- | --- | --- | ---
   test_04_restart_network_wo_cleanup | `Failure` | 3.98 | test_routers.py
   


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> SystemVM - Apache Web Server Version Number Information Disclosure
> --
>
> Key: CLOUDSTACK-10304
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10304
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: SystemVM
>Affects Versions: 4.11.0.0
>Reporter: Julian Gilbert
>Assignee: Rohit Yadav
>Priority: Major
> Fix For: 4.12.0.0, 4.11.1.0
>
>
> {color:#00}The Secondary Storage System VM discloses its Apache Web 
> Server version number in HTTP headers and error pages. This type of 
> information disclosure can lead to medium vulnerabilities being reported in 
> web vulnerability scanners and reveals the Apache server version 
> unnecessarily.{color}
> {color:#00}The apache2 directory structure no longer contains 
> /etc/apache2/conf.d/ in Debian 9 and therefore the appropriate apache2 
> security configuration file is in another location. The 
> /opt/cloud/bin/setup/common.sh script has not been updated to reflect 
> this.{color}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10346) Problem with NAT configuration and VMs not accessing each other via public IPs

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10346?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16436411#comment-16436411
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10346:
-

rafaelweingartner commented on issue #2514: [CLOUDSTACK-10346] Problem with NAT 
configuration and VMs not accessing each other via public IPs
URL: https://github.com/apache/cloudstack/pull/2514#issuecomment-380965556
 
 
   @ustcweizhou, @rhtyd and others. Are you ok with changes introduce in this 
PR?


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Problem with NAT configuration and VMs not accessing each other via public IPs
> --
>
> Key: CLOUDSTACK-10346
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10346
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rafael Weingärtner
>Assignee: Rafael Weingärtner
>Priority: Major
>
> When users create a VPC, and configure a NAT from a public IP to application 
> in a VM. This VM(applications) are not accessible via public IP for other VMs 
> in the same VPC.
>  
> The problem is in the NAT table. If you take a closer look at rules, you will 
> see something like:
> {code:java}
> -A PREROUTING -d publicIP/32 -i eth1 -p tcp -m tcp --dport 80 -j DNAT 
> --to-destination internalIp:80
> {code}
> The problem is that according to this rule only packets coming via 
> eth1(public interface), will be “redirected” to the internal IP. We need an 
> extra entry to each one of the NAT configurations. For the presented rule, we 
> would need something like:
> {code:java}
> -A PREROUTING -d publicIP/32 -i eth2 -p tcp -m tcp --dport 80 -j DNAT 
> --to-destination internalIp:80
> {code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (CLOUDSTACK-10214) Unable to remove local primary storage

2018-04-12 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10214?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Rafael Weingärtner resolved CLOUDSTACK-10214.
-
   Resolution: Fixed
Fix Version/s: 4.12

> Unable to remove local primary storage 
> ---
>
> Key: CLOUDSTACK-10214
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10214
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.10.0.0, 4.9.3.0
>Reporter: Rafael Weingärtner
>Assignee: Rafael Weingärtner
>Priority: Major
> Fix For: 4.12
>
>
> When enabling the use of local storage ACS will automatically load all local 
> storage configured in the Host and start using them as primary storage to 
> deploy user VMs (if the service offering allows to do so). However, if the 
> operator wants to remove the local storage ACS will throw an exception saying 
> that the removal of local storage is not allowed.Therefore, if one wants to 
> remove a local storage, he/she needs to do a manual intervention in the 
> database and hosts.
> This limitation was removed, as it was only a logical restriction.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10288) Config drive - Usedata corruption when gzipped

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10288?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16436012#comment-16436012
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10288:
-

rhtyd commented on a change in pull request #2566: ConfigDrive fixes: 
CLOUDSTACK-10288, CLOUDSTACK-10289
URL: https://github.com/apache/cloudstack/pull/2566#discussion_r181163582
 
 

 ##
 File path: 
services/secondary-storage/server/src/org/apache/cloudstack/storage/resource/NfsSecondaryStorageResource.java
 ##
 @@ -480,7 +480,7 @@ public Answer 
createConfigDriveIsoForVM(HandleConfigDriveIsoCommand cmd) {
 for (String[] item : cmd.getVmData()) {
 String dataType = item[CONFIGDATA_DIR];
 String fileName = item[CONFIGDATA_FILE];
-String content = item[CONFIGDATA_CONTENT];
+String content = item[CONFIGDATA_CONTENT]; // base64
 
 Review comment:
   you can rename the variable to `base64Content`


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Config drive - Usedata corruption when gzipped 
> ---
>
> Key: CLOUDSTACK-10288
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10288
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.11.0.0
>Reporter: Rohit Yadav
>Assignee: Frank Maximus
>Priority: Major
>
> Should be able to create userdata via "echo hi | gzip | base64 -w0" and read 
> it back in VM via "mount -o loop /dev/sr1 /mnt/tmp; cat 
> /mnt/tmp/cloudstack/userdata/user_data.txt | gunzip" 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10214) Unable to remove local primary storage

2018-04-12 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10214?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16436010#comment-16436010
 ] 

ASF subversion and git services commented on CLOUDSTACK-10214:
--

Commit eba2e1d8a1ce4e86b4df144db03e96739da455e5 in cloudstack's branch 
refs/heads/master from [~rafaelweingartner]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=eba2e1d ]

[CLOUDSTACK-10214] Unable to remove local primary storage (#2390)



> Unable to remove local primary storage 
> ---
>
> Key: CLOUDSTACK-10214
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10214
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.10.0.0, 4.9.3.0
>Reporter: Rafael Weingärtner
>Assignee: Rafael Weingärtner
>Priority: Major
>
> When enabling the use of local storage ACS will automatically load all local 
> storage configured in the Host and start using them as primary storage to 
> deploy user VMs (if the service offering allows to do so). However, if the 
> operator wants to remove the local storage ACS will throw an exception saying 
> that the removal of local storage is not allowed.Therefore, if one wants to 
> remove a local storage, he/she needs to do a manual intervention in the 
> database and hosts.
> This limitation was removed, as it was only a logical restriction.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10214) Unable to remove local primary storage

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10214?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16436009#comment-16436009
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10214:
-

rafaelweingartner closed pull request #2390: [CLOUDSTACK-10214] Unable to 
remove local primary storage
URL: https://github.com/apache/cloudstack/pull/2390
 
 
   

This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:

As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):

diff --git a/api/src/main/java/com/cloud/storage/StorageService.java 
b/api/src/main/java/com/cloud/storage/StorageService.java
index e40b1e6e14c..aebbbcd4bd0 100644
--- a/api/src/main/java/com/cloud/storage/StorageService.java
+++ b/api/src/main/java/com/cloud/storage/StorageService.java
@@ -90,23 +90,16 @@
 
 boolean deleteSecondaryStagingStore(DeleteSecondaryStagingStoreCmd cmd);
 
-ImageStore discoverImageStore(String name, String url, String 
providerName, Long zoneId, Map details) throws IllegalArgumentException, 
DiscoveryException,
-InvalidParameterValueException;
+ImageStore discoverImageStore(String name, String url, String 
providerName, Long zoneId, Map details) throws IllegalArgumentException, 
DiscoveryException, InvalidParameterValueException;
 
-
-/**
+/**
  * Migrate existing NFS to use object store.
  * @param name object store name.
- * @param url object store url.
+ * @param url object store URL.
  * @param providerName object store provider Name.
  * @param details object store other details
  * @return Object store created.
- * @throws IllegalArgumentException
- * @throws DiscoveryException
- * @throws InvalidParameterValueException
  */
-ImageStore migrateToObjectStore(String name, String url, String 
providerName, Map details) throws IllegalArgumentException, DiscoveryException,
-InvalidParameterValueException;
-
+ImageStore migrateToObjectStore(String name, String url, String 
providerName, Map details) throws DiscoveryException;
 
 }
diff --git a/server/src/main/java/com/cloud/storage/StorageManagerImpl.java 
b/server/src/main/java/com/cloud/storage/StorageManagerImpl.java
index a179f8d65c9..749450c135f 100644
--- a/server/src/main/java/com/cloud/storage/StorageManagerImpl.java
+++ b/server/src/main/java/com/cloud/storage/StorageManagerImpl.java
@@ -344,7 +344,6 @@ public boolean share(VMInstanceVO vm, List vols, 
HostVO host, boolean
 return false;
 }
 }
-
 // ok to share
 return true;
 }
@@ -891,11 +890,6 @@ public boolean deletePool(DeletePoolCmd cmd) {
 s_logger.warn("Unable to delete storage id: " + id + " due to it 
is not in Maintenance state");
 throw new InvalidParameterValueException("Unable to delete storage 
due to it is not in Maintenance state, id: " + id);
 }
-if (sPool.isLocal()) {
-s_logger.warn("Unable to delete local storage id:" + id);
-throw new InvalidParameterValueException("Unable to delete local 
storage id: " + id);
-}
-
 Pair vlms = _volsDao.getCountAndTotalByPool(id);
 if (forced) {
 if (vlms.first() > 0) {
@@ -1126,7 +1120,6 @@ public void cleanupStorage(boolean recurring) {
 s_logger.debug("Failed to delete snapshot: " + 
ssSnapshotVO.getId() + " from storage");
 }
 }
-
 cleanupSecondaryStorage(recurring);
 
 List vols = 
_volsDao.listVolumesToBeDestroyed(new Date(System.currentTimeMillis() - 
((long)StorageCleanupDelay.value() << 10)));
@@ -1931,19 +1924,16 @@ public synchronized boolean registerHostListener(String 
providerName, Hypervisor
 
 @Override
 public Answer sendToPool(long poolId, Command cmd) throws 
StorageUnavailableException {
-// TODO Auto-generated method stub
 return null;
 }
 
 @Override
 public Answer[] sendToPool(long poolId, Commands cmd) throws 
StorageUnavailableException {
-// TODO Auto-generated method stub
 return null;
 }
 
 @Override
 public String getName() {
-// TODO Auto-generated method stub
 return null;
 }
 
@@ -2044,7 +2034,7 @@ public ImageStore discoverImageStore(String name, String 
url, String providerNam
 }
 
 @Override
-public ImageStore migrateToObjectStore(String name, String url, String 
providerName, Map details) throws IllegalArgumentException, DiscoveryException, 
InvalidParameterValueException {
+public ImageStore migrateToObjectStore(String name, String url, String 
providerName, Map details) throws DiscoveryException,

[jira] [Commented] (CLOUDSTACK-10333) Secure VM Live migration for KVM

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10333?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435897#comment-16435897
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10333:
-

blueorangutan commented on issue #2505: CLOUDSTACK-10333: Secure Live VM 
Migration for KVM
URL: https://github.com/apache/cloudstack/pull/2505#issuecomment-380870819
 
 
   Trillian test result (tid-2494)
   Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
   Total time taken: 101305 seconds
   Marvin logs: 
https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr2505-t2494-kvm-centos7.zip
   Intermitten failure detected: /marvin/tests/smoke/test_routers.py
   Intermitten failure detected: /marvin/tests/smoke/test_vm_life_cycle.py
   Intermitten failure detected: /marvin/tests/smoke/test_vpc_redundant.py
   Intermitten failure detected: /marvin/tests/smoke/test_hostha_kvm.py
   Smoke tests completed. 63 look OK, 4 have error(s)
   Only failed tests results shown below:
   
   
   Test | Result | Time (s) | Test File
   --- | --- | --- | ---
   test_04_restart_network_wo_cleanup | `Failure` | 3.99 | test_routers.py
   test_01_secured_vm_migration | `Failure` | 1033.48 | test_vm_life_cycle.py
   test_02_not_secured_vm_migration | `Failure` | 193.32 | test_vm_life_cycle.py
   test_04_rvpc_network_garbage_collector_nics | `Failure` | 287.33 | 
test_vpc_redundant.py
   test_hostha_enable_ha_when_host_in_maintenance | `Error` | 1.39 | 
test_hostha_kvm.py
   


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Secure VM Live migration for KVM
> 
>
> Key: CLOUDSTACK-10333
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10333
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
>Priority: Major
> Fix For: 4.12.0.0, 4.11.1.0
>
>
> With use of CA framework to secure hosts, the current mechanisms don't secure 
> libvirtd to use those certificates (used by agent to connect to mgmt server). 
> This causes insecure vm migration over tcp instead of tls. The aim is to use 
> the same framework and certificates to secure live VM migration. This could 
> be coupled with securing of a host and renewal/provisioning of certificates 
> to host.
>  
> FS: 
> https://cwiki.apache.org/confluence/display/CLOUDSTACK/Secure+Live+VM+Migration+for+KVM



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10288) Config drive - Usedata corruption when gzipped

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10288?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435833#comment-16435833
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10288:
-

blueorangutan commented on issue #2566: ConfigDrive fixes: CLOUDSTACK-10288, 
CLOUDSTACK-10289
URL: https://github.com/apache/cloudstack/pull/2566#issuecomment-380856699
 
 
   Packaging result: ✔centos6 ✔centos7 ✔debian. JID-1911


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Config drive - Usedata corruption when gzipped 
> ---
>
> Key: CLOUDSTACK-10288
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10288
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.11.0.0
>Reporter: Rohit Yadav
>Assignee: Frank Maximus
>Priority: Major
>
> Should be able to create userdata via "echo hi | gzip | base64 -w0" and read 
> it back in VM via "mount -o loop /dev/sr1 /mnt/tmp; cat 
> /mnt/tmp/cloudstack/userdata/user_data.txt | gunzip" 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10352) XenServer: Support online storage migration from non-managed to managed storage

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10352?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435426#comment-16435426
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10352:
-

blueorangutan commented on issue #2502: [CLOUDSTACK-10352] XenServer: Support 
online migration of a virtual disk from non-managed to managed storage
URL: https://github.com/apache/cloudstack/pull/2502#issuecomment-380780893
 
 
   Trillian test result (tid-2500)
   Environment: xenserver-71 (x2), Advanced Networking with Mgmt server 6
   Total time taken: 591 seconds
   Marvin logs: 
https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr2502-t2500-xenserver-71.zip
   Intermitten failure detected: 
/marvin/tests/smoke/test_affinity_groups_projects.py
   Intermitten failure detected: /marvin/tests/smoke/test_affinity_groups.py
   Intermitten failure detected: 
/marvin/tests/smoke/test_deploy_vgpu_enabled_vm.py
   Intermitten failure detected: /marvin/tests/smoke/test_deploy_vm_iso.py
   Intermitten failure detected: 
/marvin/tests/smoke/test_deploy_vm_root_resize.py
   Intermitten failure detected: 
/marvin/tests/smoke/test_deploy_vms_with_varied_deploymentplanners.py
   Intermitten failure detected: 
/marvin/tests/smoke/test_deploy_vm_with_userdata.py
   Intermitten failure detected: /marvin/tests/smoke/test_disk_offerings.py
   Intermitten failure detected: /marvin/tests/smoke/test_dynamicroles.py
   Intermitten failure detected: /marvin/tests/smoke/test_global_settings.py
   Intermitten failure detected: /marvin/tests/smoke/test_guest_vlan_range.py
   Intermitten failure detected: /marvin/tests/smoke/test_internal_lb.py
   Intermitten failure detected: /marvin/tests/smoke/test_iso.py
   Intermitten failure detected: /marvin/tests/smoke/test_list_ids_parameter.py
   Intermitten failure detected: /marvin/tests/smoke/test_loadbalance.py
   Intermitten failure detected: /marvin/tests/smoke/test_login.py
   Intermitten failure detected: /marvin/tests/smoke/test_multipleips_per_nic.py
   Intermitten failure detected: /marvin/tests/smoke/test_network_acl.py
   Intermitten failure detected: /marvin/tests/smoke/test_network.py
   Intermitten failure detected: /marvin/tests/smoke/test_nic_adapter_type.py
   Intermitten failure detected: /marvin/tests/smoke/test_nic.py
   Intermitten failure detected: /marvin/tests/smoke/test_non_contigiousvlan.py
   Intermitten failure detected: /marvin/tests/smoke/test_outofbandmanagement.py
   Intermitten failure detected: /marvin/tests/smoke/test_over_provisioning.py
   Intermitten failure detected: /marvin/tests/smoke/test_password_server.py
   Intermitten failure detected: /marvin/tests/smoke/test_portable_publicip.py
   Intermitten failure detected: /marvin/tests/smoke/test_primary_storage.py
   Intermitten failure detected: /marvin/tests/smoke/test_privategw_acl.py
   Intermitten failure detected: /marvin/tests/smoke/test_public_ip_range.py
   Intermitten failure detected: /marvin/tests/smoke/test_pvlan.py
   Intermitten failure detected: /marvin/tests/smoke/test_regions.py
   Intermitten failure detected: /marvin/tests/smoke/test_reset_vm_on_reboot.py
   Intermitten failure detected: /marvin/tests/smoke/test_resource_detail.py
   Intermitten failure detected: /marvin/tests/smoke/test_router_dhcphosts.py
   Intermitten failure detected: /marvin/tests/smoke/test_router_dns.py
   Intermitten failure detected: 
/marvin/tests/smoke/test_routers_iptables_default_policy.py
   Intermitten failure detected: /marvin/tests/smoke/test_routers_network_ops.py
   Intermitten failure detected: /marvin/tests/smoke/test_routers.py
   Intermitten failure detected: /marvin/tests/smoke/test_scale_vm.py
   Intermitten failure detected: /marvin/tests/smoke/test_secondary_storage.py
   Intermitten failure detected: /marvin/tests/smoke/test_service_offerings.py
   Intermitten failure detected: /marvin/tests/smoke/test_snapshots.py
   Intermitten failure detected: /marvin/tests/smoke/test_ssvm.py
   Intermitten failure detected: /marvin/tests/smoke/test_staticroles.py
   Intermitten failure detected: /marvin/tests/smoke/test_templates.py
   Intermitten failure detected: /marvin/tests/smoke/test_vm_life_cycle.py
   Intermitten failure detected: /marvin/tests/smoke/test_vm_snapshots.py
   Intermitten failure detected: /marvin/tests/smoke/test_volumes.py
   Intermitten failure detected: /marvin/tests/smoke/test_vpc_redundant.py
   Intermitten failure detected: /marvin/tests/smoke/test_vpc_router_nics.py
   Intermitten failure detected: /marvin/tests/smoke/test_vpc_vpn.py
   Smoke tests completed. 2 look OK, 51 have error(s)
   Only failed tests results shown below:
   
   
   Test | Result | Time (s) | Test File
   --- | --- | --- | ---
   ContextSuite context=TestListIdsParams>:setup | `Error` | 0.00 | 
test_list_ids_parameter.py
   ContextSuite context=TestNetworkACL>:setup | `Error` | 0.00 | 
test_network_acl.py
   ContextSuite

[jira] [Commented] (CLOUDSTACK-10304) SystemVM - Apache Web Server Version Number Information Disclosure

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10304?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435410#comment-16435410
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10304:
-

rhtyd commented on issue #2563: CLOUDSTACK-10304: turn off apache2 server 
tokens and signature in systemvms
URL: https://github.com/apache/cloudstack/pull/2563#issuecomment-380778512
 
 
   @jgilbert35 I checked debian9's apache2 filesystem layout, we don't see to 
sed stuff, we can remove the change and simply include a file as done in this 
PR.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> SystemVM - Apache Web Server Version Number Information Disclosure
> --
>
> Key: CLOUDSTACK-10304
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10304
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: SystemVM
>Affects Versions: 4.11.0.0
>Reporter: Julian Gilbert
>Assignee: Rohit Yadav
>Priority: Major
> Fix For: 4.12.0.0, 4.11.1.0
>
>
> {color:#00}The Secondary Storage System VM discloses its Apache Web 
> Server version number in HTTP headers and error pages. This type of 
> information disclosure can lead to medium vulnerabilities being reported in 
> web vulnerability scanners and reveals the Apache server version 
> unnecessarily.{color}
> {color:#00}The apache2 directory structure no longer contains 
> /etc/apache2/conf.d/ in Debian 9 and therefore the appropriate apache2 
> security configuration file is in another location. The 
> /opt/cloud/bin/setup/common.sh script has not been updated to reflect 
> this.{color}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10304) SystemVM - Apache Web Server Version Number Information Disclosure

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10304?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435397#comment-16435397
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10304:
-

jgilbert35 commented on issue #2563: CLOUDSTACK-10304: turn off apache2 server 
tokens and signature in systemvms
URL: https://github.com/apache/cloudstack/pull/2563#issuecomment-380775957
 
 
   Should cloudstack/systemvm/debian/opt/cloud/bin/setup/common.sh also be 
considered? The setup_apache2_common() function contains references to 
ServerTokens and ServerSignature.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> SystemVM - Apache Web Server Version Number Information Disclosure
> --
>
> Key: CLOUDSTACK-10304
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10304
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: SystemVM
>Affects Versions: 4.11.0.0
>Reporter: Julian Gilbert
>Assignee: Rohit Yadav
>Priority: Major
> Fix For: 4.12.0.0, 4.11.1.0
>
>
> {color:#00}The Secondary Storage System VM discloses its Apache Web 
> Server version number in HTTP headers and error pages. This type of 
> information disclosure can lead to medium vulnerabilities being reported in 
> web vulnerability scanners and reveals the Apache server version 
> unnecessarily.{color}
> {color:#00}The apache2 directory structure no longer contains 
> /etc/apache2/conf.d/ in Debian 9 and therefore the appropriate apache2 
> security configuration file is in another location. The 
> /opt/cloud/bin/setup/common.sh script has not been updated to reflect 
> this.{color}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435364#comment-16435364
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


rhtyd commented on a change in pull request #2508: CLOUDSTACK-9114: Reduce VR 
downtime during network restart
URL: https://github.com/apache/cloudstack/pull/2508#discussion_r181045084
 
 

 ##
 File path: 
api/src/org/apache/cloudstack/api/command/user/network/RestartNetworkCmd.java
 ##
 @@ -77,6 +80,13 @@ public Boolean getCleanup() {
 return true;
 }
 
+public Boolean getMakeRedundant() {
+if (makeRedundant != null) {
+return makeRedundant;
+}
+return true;
 
 Review comment:
   Will fix that.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435368#comment-16435368
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


rhtyd commented on a change in pull request #2508: CLOUDSTACK-9114: Reduce VR 
downtime during network restart
URL: https://github.com/apache/cloudstack/pull/2508#discussion_r181045243
 
 

 ##
 File path: ui/scripts/network.js
 ##
 @@ -1100,11 +1100,23 @@
 });
 
args.$form.find('.form-item[rel=cleanup]').find('input').attr('checked', 
'checked'); //checked
 
args.$form.find('.form-item[rel=cleanup]').css('display', 'inline-block'); 
//shown
+
args.$form.find('.form-item[rel=makeredundant]').find('input').attr('checked', 
'checked'); //checked
+
args.$form.find('.form-item[rel=makeredundant]').css('display', 
'inline-block'); //shown
+
+if 
(Boolean(args.context.networks[0].redundantrouter)) {
 
 Review comment:
   This code will show option to make network redundant during restart, we hide 
the checkbox/label for networks that are already redundant.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435362#comment-16435362
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


rhtyd commented on a change in pull request #2508: CLOUDSTACK-9114: Reduce VR 
downtime during network restart
URL: https://github.com/apache/cloudstack/pull/2508#discussion_r181044905
 
 

 ##
 File path: 
engine/orchestration/src/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
 ##
 @@ -2868,6 +2849,89 @@ public boolean restartNetwork(final Long networkId, 
final Account callerAccount,
 }
 }
 
+@Override
+public void destroyExpendableRouters(final List 
routers, final ReservationContext context) throws ResourceUnavailableException {
+final List remainingRouters = new ArrayList<>();
+// Purge invalid routers
+for (final VirtualRouter router : routers) {
+if (router.getState() == VirtualMachine.State.Stopped ||
+router.getState() == VirtualMachine.State.Error ||
+router.getState() == VirtualMachine.State.Shutdowned ||
+router.getState() == VirtualMachine.State.Unknown) {
+s_logger.debug("Destroying old router " + router);
+_routerService.destroyRouter(router.getId(), 
context.getAccount(), context.getCaller().getId());
+} else {
+remainingRouters.add(router);
+}
+}
+
+if (remainingRouters.size() < 2) {
+return;
+}
+
+// Purge any backup router
+VirtualRouter backupRouter = null;
+for (final VirtualRouter router : remainingRouters) {
+if (router.getRedundantState() == 
VirtualRouter.RedundantState.BACKUP) {
+backupRouter = router;
+}
+}
+if (backupRouter == null) {
+backupRouter = routers.get(routers.size() - 1);
+}
+if (backupRouter != null) {
+_routerService.destroyRouter(backupRouter.getId(), 
context.getAccount(), context.getCaller().getId());
+}
+}
+
+@Override
+public boolean validateNewRouters(final List 
routers, final boolean isRedundant) {
+for (final VirtualRouter router : routers) {
+if (router.getState() != VirtualMachine.State.Running) {
+s_logger.debug("Found new router " + router.getInstanceName() 
+ " to be in non-Running state: " + router.getState() + ". Please try 
restarting network again.");
+return false;
+}
+if (!isRedundant) {
+
router.setRedundantState(VirtualRouter.RedundantState.REDUNDANT_CAPABLE);
+_routerDao.update(router.getId(), (DomainRouterVO) router);
+}
+}
+return true;
+}
+
+private boolean rollingRestartRouters(final NetworkVO network, final 
NetworkOffering offering, final DeployDestination dest, final 
ReservationContext context) throws ResourceUnavailableException, 
ConcurrentOperationException, InsufficientCapacityException {
+s_logger.debug("Performing rolling restart of routers of network " + 
network);
+destroyExpendableRouters(_routerDao.findByNetwork(network.getId()), 
context);
+
+final List providersToImplement = 
getNetworkProviders(network.getId());
+final List oldRouters = 
_routerDao.findByNetwork(network.getId());
+
+// Deploy a new router
+final boolean originalRedundancy = network.isRedundant();
+network.setRedundant(true);
+implementNetworkElements(dest, context, network, offering, 
providersToImplement);
+network.setRedundant(originalRedundancy);
+
+// For redundant network wait for 3*advert_int+skew_seconds for VRRP 
to kick in
+if (network.isRedundant() || (oldRouters.size() == 1 && 
oldRouters.get(0).getIsRedundantRouter())) {
+try {
+Thread.sleep(1L);
+} catch (final InterruptedException ignored) {}
+}
+
+// Destroy old routers
+for (final DomainRouterVO oldRouter : oldRouters) {
+_routerService.destroyRouter(oldRouter.getId(), 
context.getAccount(), context.getCaller().getId());
 
 Review comment:
   @nitin-maharana if you read the code again we're deploying a new VR first. 
If it fails, the method will fail at that point and won't fallthrough to this 
code that destroys the old VRs.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
>

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435359#comment-16435359
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


nitin-maharana commented on a change in pull request #2508: CLOUDSTACK-9114: 
Reduce VR downtime during network restart
URL: https://github.com/apache/cloudstack/pull/2508#discussion_r181044136
 
 

 ##
 File path: ui/scripts/network.js
 ##
 @@ -1100,11 +1100,23 @@
 });
 
args.$form.find('.form-item[rel=cleanup]').find('input').attr('checked', 
'checked'); //checked
 
args.$form.find('.form-item[rel=cleanup]').css('display', 'inline-block'); 
//shown
+
args.$form.find('.form-item[rel=makeredundant]').find('input').attr('checked', 
'checked'); //checked
+
args.$form.find('.form-item[rel=makeredundant]').css('display', 
'inline-block'); //shown
+
+if 
(Boolean(args.context.networks[0].redundantrouter)) {
 
 Review comment:
   As I understand, for RVR also the rolling upgrade will be applicable, any 
reason we hide the button.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435352#comment-16435352
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


nitin-maharana commented on a change in pull request #2508: CLOUDSTACK-9114: 
Reduce VR downtime during network restart
URL: https://github.com/apache/cloudstack/pull/2508#discussion_r181043216
 
 

 ##
 File path: 
engine/orchestration/src/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
 ##
 @@ -2868,6 +2849,89 @@ public boolean restartNetwork(final Long networkId, 
final Account callerAccount,
 }
 }
 
+@Override
+public void destroyExpendableRouters(final List 
routers, final ReservationContext context) throws ResourceUnavailableException {
+final List remainingRouters = new ArrayList<>();
+// Purge invalid routers
+for (final VirtualRouter router : routers) {
+if (router.getState() == VirtualMachine.State.Stopped ||
+router.getState() == VirtualMachine.State.Error ||
+router.getState() == VirtualMachine.State.Shutdowned ||
+router.getState() == VirtualMachine.State.Unknown) {
+s_logger.debug("Destroying old router " + router);
+_routerService.destroyRouter(router.getId(), 
context.getAccount(), context.getCaller().getId());
+} else {
+remainingRouters.add(router);
+}
+}
+
+if (remainingRouters.size() < 2) {
+return;
+}
+
+// Purge any backup router
+VirtualRouter backupRouter = null;
+for (final VirtualRouter router : remainingRouters) {
+if (router.getRedundantState() == 
VirtualRouter.RedundantState.BACKUP) {
+backupRouter = router;
+}
+}
+if (backupRouter == null) {
+backupRouter = routers.get(routers.size() - 1);
+}
+if (backupRouter != null) {
+_routerService.destroyRouter(backupRouter.getId(), 
context.getAccount(), context.getCaller().getId());
+}
+}
+
+@Override
+public boolean validateNewRouters(final List 
routers, final boolean isRedundant) {
+for (final VirtualRouter router : routers) {
+if (router.getState() != VirtualMachine.State.Running) {
+s_logger.debug("Found new router " + router.getInstanceName() 
+ " to be in non-Running state: " + router.getState() + ". Please try 
restarting network again.");
+return false;
+}
+if (!isRedundant) {
+
router.setRedundantState(VirtualRouter.RedundantState.REDUNDANT_CAPABLE);
+_routerDao.update(router.getId(), (DomainRouterVO) router);
+}
+}
+return true;
+}
+
+private boolean rollingRestartRouters(final NetworkVO network, final 
NetworkOffering offering, final DeployDestination dest, final 
ReservationContext context) throws ResourceUnavailableException, 
ConcurrentOperationException, InsufficientCapacityException {
+s_logger.debug("Performing rolling restart of routers of network " + 
network);
+destroyExpendableRouters(_routerDao.findByNetwork(network.getId()), 
context);
+
+final List providersToImplement = 
getNetworkProviders(network.getId());
+final List oldRouters = 
_routerDao.findByNetwork(network.getId());
+
+// Deploy a new router
+final boolean originalRedundancy = network.isRedundant();
+network.setRedundant(true);
+implementNetworkElements(dest, context, network, offering, 
providersToImplement);
+network.setRedundant(originalRedundancy);
+
+// For redundant network wait for 3*advert_int+skew_seconds for VRRP 
to kick in
+if (network.isRedundant() || (oldRouters.size() == 1 && 
oldRouters.get(0).getIsRedundantRouter())) {
+try {
+Thread.sleep(1L);
+} catch (final InterruptedException ignored) {}
+}
+
+// Destroy old routers
+for (final DomainRouterVO oldRouter : oldRouters) {
+_routerService.destroyRouter(oldRouter.getId(), 
context.getAccount(), context.getCaller().getId());
 
 Review comment:
   Here, before validating the new routers, we are destroying the old ones. If 
the new routers don't come up properly, we won't have old routers to roll back.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
>

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435331#comment-16435331
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


nitin-maharana commented on a change in pull request #2508: CLOUDSTACK-9114: 
Reduce VR downtime during network restart
URL: https://github.com/apache/cloudstack/pull/2508#discussion_r181038001
 
 

 ##
 File path: 
api/src/org/apache/cloudstack/api/command/user/network/RestartNetworkCmd.java
 ##
 @@ -77,6 +80,13 @@ public Boolean getCleanup() {
 return true;
 }
 
+public Boolean getMakeRedundant() {
+if (makeRedundant != null) {
+return makeRedundant;
+}
+return true;
 
 Review comment:
   If we don't pass anything, I think it should be false, it would continue 
with normal restart instead of this blue-green deployment.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Resolved] (CLOUDSTACK-10230) User is able to change to “Guest OS type” that has been removed

2018-04-12 Thread JIRA 

 [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10230?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Rafael Weingärtner resolved CLOUDSTACK-10230.
-
   Resolution: Fixed
Fix Version/s: 4.12

> User is able to change to “Guest OS type” that has been removed 
> 
>
> Key: CLOUDSTACK-10230
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10230
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rafael Weingärtner
>Assignee: Rafael Weingärtner
>Priority: Critical
> Fix For: 4.12
>
>
> Users are able to change the OS type of VMs to “Guest OS type” that has been 
> removed. This becomes a security issue when we try to force users to use HVM 
> VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable 
> by any users in the cloud.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10352) XenServer: Support online storage migration from non-managed to managed storage

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10352?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435203#comment-16435203
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10352:
-

blueorangutan commented on issue #2502: [CLOUDSTACK-10352] XenServer: Support 
online migration of a virtual disk from non-managed to managed storage
URL: https://github.com/apache/cloudstack/pull/2502#issuecomment-380730840
 
 
   Packaging result: ✔centos6 ✔centos7 ✔debian. JID-1909


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> XenServer: Support online storage migration from non-managed to managed 
> storage
> ---
>
> Key: CLOUDSTACK-10352
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10352
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Management Server, XenServer
> Environment: XenServer
>Reporter: Mike Tutkowski
>Assignee: Mike Tutkowski
>Priority: Major
> Fix For: 4.12.0.0
>
>
> Allow a user to online migrate a volume from non-managed storage to managed 
> storage.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10352) XenServer: Support online storage migration from non-managed to managed storage

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10352?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435196#comment-16435196
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10352:
-

blueorangutan commented on issue #2502: [CLOUDSTACK-10352] XenServer: Support 
online migration of a virtual disk from non-managed to managed storage
URL: https://github.com/apache/cloudstack/pull/2502#issuecomment-380729866
 
 
   Packaging result: ✔centos6 ✔centos7 ✔debian. JID-1907


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> XenServer: Support online storage migration from non-managed to managed 
> storage
> ---
>
> Key: CLOUDSTACK-10352
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10352
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Management Server, XenServer
> Environment: XenServer
>Reporter: Mike Tutkowski
>Assignee: Mike Tutkowski
>Priority: Major
> Fix For: 4.12.0.0
>
>
> Allow a user to online migrate a volume from non-managed storage to managed 
> storage.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435182#comment-16435182
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


rhtyd commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime during 
network restart
URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-376589266
 
 
   @blueorangutan test matrix


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435180#comment-16435180
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime 
during network restart
URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-376713942
 
 
   Trillian test result (tid-2432)
   Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
   Total time taken: 25160 seconds
   Marvin logs: 
https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr2508-t2432-kvm-centos7.zip
   Intermitten failure detected: /marvin/tests/smoke/test_volumes.py
   Intermitten failure detected: /marvin/tests/smoke/test_vpc_redundant.py
   Intermitten failure detected: /marvin/tests/smoke/test_vpc_vpn.py
   Intermitten failure detected: /marvin/tests/smoke/test_hostha_kvm.py
   Smoke tests completed. 65 look OK, 2 have error(s)
   Only failed tests results shown below:
   
   
   Test | Result | Time (s) | Test File
   --- | --- | --- | ---
   test_04_rvpc_network_garbage_collector_nics | `Failure` | 462.96 | 
test_vpc_redundant.py
   test_hostha_enable_ha_when_host_in_maintenance | `Error` | 3.61 | 
test_hostha_kvm.py
   


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435181#comment-16435181
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime 
during network restart
URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-376589438
 
 
   @rhtyd a Trillian-Jenkins matrix job (centos6 mgmt + xs71, centos7 mgmt + 
vmware65, centos7 mgmt + kvmcentos7) has been kicked to run smoke tests


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435183#comment-16435183
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime 
during network restart
URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-376525033
 
 
   Packaging result: ✔centos6 ✔centos7 ✔debian. JID-1841


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435186#comment-16435186
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


rhtyd commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime during 
network restart
URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-376510465
 
 
   @blueorangutan package


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435178#comment-16435178
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime 
during network restart
URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-376710639
 
 
   Trillian test result (tid-2431)
   Environment: xenserver-71 (x2), Advanced Networking with Mgmt server 6
   Total time taken: 24159 seconds
   Marvin logs: 
https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr2508-t2431-xenserver-71.zip
   Intermitten failure detected: /marvin/tests/smoke/test_network.py
   Intermitten failure detected: /marvin/tests/smoke/test_outofbandmanagement.py
   Intermitten failure detected: /marvin/tests/smoke/test_projects.py
   Intermitten failure detected: /marvin/tests/smoke/test_public_ip_range.py
   Intermitten failure detected: /marvin/tests/smoke/test_reset_vm_on_reboot.py
   Intermitten failure detected: /marvin/tests/smoke/test_router_dhcphosts.py
   Intermitten failure detected: /marvin/tests/smoke/test_router_dns.py
   Intermitten failure detected: /marvin/tests/smoke/test_router_dnsservice.py
   Intermitten failure detected: 
/marvin/tests/smoke/test_routers_iptables_default_policy.py
   Intermitten failure detected: /marvin/tests/smoke/test_routers_network_ops.py
   Intermitten failure detected: /marvin/tests/smoke/test_routers.py
   Intermitten failure detected: /marvin/tests/smoke/test_scale_vm.py
   Intermitten failure detected: /marvin/tests/smoke/test_secondary_storage.py
   Intermitten failure detected: /marvin/tests/smoke/test_service_offerings.py
   Intermitten failure detected: /marvin/tests/smoke/test_snapshots.py
   Intermitten failure detected: /marvin/tests/smoke/test_ssvm.py
   Intermitten failure detected: /marvin/tests/smoke/test_templates.py
   Intermitten failure detected: /marvin/tests/smoke/test_usage.py
   Intermitten failure detected: /marvin/tests/smoke/test_vm_life_cycle.py
   Intermitten failure detected: /marvin/tests/smoke/test_vm_snapshots.py
   Intermitten failure detected: /marvin/tests/smoke/test_volumes.py
   Intermitten failure detected: /marvin/tests/smoke/test_vpc_redundant.py
   Intermitten failure detected: /marvin/tests/smoke/test_vpc_router_nics.py
   Intermitten failure detected: /marvin/tests/smoke/test_vpc_vpn.py
   Intermitten failure detected: /marvin/tests/smoke/test_host_maintenance.py
   Smoke tests completed. 44 look OK, 23 have error(s)
   Only failed tests results shown below:
   
   
   Test | Result | Time (s) | Test File
   --- | --- | --- | ---
   test_reboot_router | `Error` | 1538.22 | test_network.py
   test_10_project_activation | `Error` | 2684.95 | test_projects.py
   ContextSuite context=TestResetVmOnReboot>:setup | `Error` | 0.00 | 
test_reset_vm_on_reboot.py
   ContextSuite context=TestRouterDHCPHosts>:setup | `Error` | 0.00 | 
test_router_dhcphosts.py
   ContextSuite context=TestRouterDHCPOpts>:setup | `Error` | 0.00 | 
test_router_dhcphosts.py
   ContextSuite context=TestRouterDns>:setup | `Error` | 0.00 | 
test_router_dns.py
   ContextSuite context=TestRouterDnsService>:setup | `Error` | 0.00 | 
test_router_dnsservice.py
   ContextSuite context=TestRouterIpTablesPolicies>:setup | `Error` | 0.00 | 
test_routers_iptables_default_policy.py
   ContextSuite context=TestVPCIpTablesPolicies>:setup | `Error` | 0.00 | 
test_routers_iptables_default_policy.py
   test_01_isolate_network_FW_PF_default_routes_egress_true | `Error` | 0.24 | 
test_routers_network_ops.py
   test_02_isolate_network_FW_PF_default_routes_egress_false | `Error` | 0.25 | 
test_routers_network_ops.py
   ContextSuite context=TestRedundantIsolateNetworks>:setup | `Error` | 1.58 | 
test_routers_network_ops.py
   ContextSuite context=TestRouterServices>:setup | `Error` | 0.00 | 
test_routers.py
   ContextSuite context=TestScaleVm>:setup | `Error` | 0.00 | test_scale_vm.py
   test_01_sys_vm_start | `Failure` | 0.26 | test_secondary_storage.py
   test_02_sys_template_ready | `Failure` | 0.21 | test_secondary_storage.py
   ContextSuite context=TestCpuCapServiceOfferings>:teardown | `Error` | 0.00 | 
test_service_offerings.py
   ContextSuite context=TestServiceOfferings>:setup | `Error` | 0.47 | 
test_service_offerings.py
   ContextSuite context=TestSnapshotRootDisk>:setup | `Error` | 0.00 | 
test_snapshots.py
   test_01_list_sec_storage_vm | `Failure` | 0.03 | test_ssvm.py
   test_02_list_cpvm_vm | `Failure` | 0.02 | test_ssvm.py
   test_03_ssvm_internals | `Failure` | 0.02 | test_ssvm.py
   test_04_cpvm_internals | `Failure` | 0.02 | test_ssvm.py
   test_05_stop_ssvm | `Failure` | 0.03 | test_ssvm.py
   test_06_stop_cpvm | `Failure` | 0.02 | test_ssvm.py
   test_07_reboot_ssvm | `Failure` | 0.02 | test_ssvm.py
   test_08_reboot_cpvm | `Failure` | 0.02 | test_ssvm.py
   test_09_destroy_ssvm |

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435185#comment-16435185
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime 
during network restart
URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-376510749
 
 
   @rhtyd a Jenkins job has been kicked to build packages. I'll keep you posted 
as I make progress.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435176#comment-16435176
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime 
during network restart
URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-376708510
 
 
   Trillian test result (tid-2433)
   Environment: vmware-65 (x2), Advanced Networking with Mgmt server 7
   Total time taken: 23516 seconds
   Marvin logs: 
https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr2508-t2433-vmware-65.zip
   Intermitten failure detected: /marvin/tests/smoke/test_service_offerings.py
   Intermitten failure detected: /marvin/tests/smoke/test_ssvm.py
   Intermitten failure detected: /marvin/tests/smoke/test_templates.py
   Intermitten failure detected: /marvin/tests/smoke/test_usage.py
   Intermitten failure detected: /marvin/tests/smoke/test_vm_life_cycle.py
   Intermitten failure detected: /marvin/tests/smoke/test_vm_snapshots.py
   Intermitten failure detected: /marvin/tests/smoke/test_volumes.py
   Intermitten failure detected: /marvin/tests/smoke/test_vpc_redundant.py
   Intermitten failure detected: /marvin/tests/smoke/test_vpc_router_nics.py
   Intermitten failure detected: /marvin/tests/smoke/test_vpc_vpn.py
   Intermitten failure detected: /marvin/tests/smoke/test_host_maintenance.py
   Smoke tests completed. 56 look OK, 11 have error(s)
   Only failed tests results shown below:
   
   
   Test | Result | Time (s) | Test File
   --- | --- | --- | ---
   ContextSuite context=TestCpuCapServiceOfferings>:teardown | `Error` | 0.00 | 
test_service_offerings.py
   test_01_list_sec_storage_vm | `Failure` | 0.03 | test_ssvm.py
   test_02_list_cpvm_vm | `Failure` | 0.03 | test_ssvm.py
   test_03_ssvm_internals | `Failure` | 0.03 | test_ssvm.py
   test_04_cpvm_internals | `Failure` | 0.03 | test_ssvm.py
   test_05_stop_ssvm | `Failure` | 0.03 | test_ssvm.py
   test_06_stop_cpvm | `Failure` | 0.02 | test_ssvm.py
   test_07_reboot_ssvm | `Failure` | 0.02 | test_ssvm.py
   test_08_reboot_cpvm | `Failure` | 0.03 | test_ssvm.py
   test_09_destroy_ssvm | `Failure` | 0.03 | test_ssvm.py
   test_10_destroy_cpvm | `Failure` | 0.03 | test_ssvm.py
   test_02_create_template_with_checksum_sha1 | `Error` | 65.35 | 
test_templates.py
   test_03_create_template_with_checksum_sha256 | `Error` | 65.34 | 
test_templates.py
   test_04_create_template_with_checksum_md5 | `Error` | 65.59 | 
test_templates.py
   test_05_create_template_with_no_checksum | `Error` | 65.50 | 
test_templates.py
   ContextSuite context=TestTemplates>:setup | `Error` | 5.64 | 
test_templates.py
   ContextSuite context=TestISOUsage>:setup | `Error` | 0.00 | test_usage.py
   ContextSuite context=TestLBRuleUsage>:setup | `Error` | 0.00 | test_usage.py
   ContextSuite context=TestNatRuleUsage>:setup | `Error` | 0.00 | test_usage.py
   ContextSuite context=TestPublicIPUsage>:setup | `Error` | 0.00 | 
test_usage.py
   ContextSuite context=TestSnapshotUsage>:setup | `Error` | 0.00 | 
test_usage.py
   ContextSuite context=TestVmUsage>:setup | `Error` | 0.00 | test_usage.py
   ContextSuite context=TestVolumeUsage>:setup | `Error` | 0.00 | test_usage.py
   ContextSuite context=TestVpnUsage>:setup | `Error` | 0.00 | test_usage.py
   test_01_VPC_nics_after_destroy | `Error` | 2.63 | test_vpc_router_nics.py
   test_02_VPC_default_routes | `Error` | 1.61 | test_vpc_router_nics.py
   ContextSuite context=TestDeployVM>:setup | `Error` | 0.00 | 
test_vm_life_cycle.py
   ContextSuite context=TestVMLifeCycle>:setup | `Error` | 0.00 | 
test_vm_life_cycle.py
   test_change_service_offering_for_vm_with_snapshots | `Error` | 4.26 | 
test_vm_snapshots.py
   ContextSuite context=TestVmSnapshot>:setup | `Error` | 12.29 | 
test_vm_snapshots.py
   test_01_redundant_vpc_site2site_vpn | `Failure` | 3.28 | test_vpc_vpn.py
   test_01_vpc_site2site_vpn_multiple_options | `Failure` | 2.29 | 
test_vpc_vpn.py
   test_01_vpc_remote_access_vpn | `Failure` | 1.21 | test_vpc_vpn.py
   test_01_vpc_site2site_vpn | `Failure` | 2.30 | test_vpc_vpn.py
   ContextSuite context=TestCreateVolume>:setup | `Error` | 0.00 | 
test_volumes.py
   ContextSuite context=TestVolumes>:setup | `Error` | 0.00 | test_volumes.py
   test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL | `Error` | 3.68 | 
test_vpc_redundant.py
   test_02_redundant_VPC_default_routes | `Error` | 3.71 | test_vpc_redundant.py
   test_03_create_redundant_VPC_1tier_2VMs_2IPs_2PF_ACL_reboot_routers | 
`Error` | 2.68 | test_vpc_redundant.py
   test_04_rvpc_network_garbage_collector_nics | `Error` | 3.72 | 
test_vpc_redundant.py
   test_05_rvpc_multi_tiers | `Error` | 3.69 | test_vpc_redundant.py
   test_02_cancel_host_maintenace_with_migration_jobs | `Error` | 3.28 | 
test_host_maintenance.py
   


This is

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435174#comment-16435174
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


rhtyd commented on a change in pull request #2508: CLOUDSTACK-9114: Reduce VR 
downtime during network restart
URL: https://github.com/apache/cloudstack/pull/2508#discussion_r181008868
 
 

 ##
 File path: 
api/src/org/apache/cloudstack/api/command/user/network/RestartNetworkCmd.java
 ##
 @@ -57,6 +57,9 @@
 @Parameter(name = ApiConstants.CLEANUP, type = CommandType.BOOLEAN, 
required = false, description = "If cleanup old network elements")
 private Boolean cleanup;
 
+@Parameter(name = ApiConstants.MAKEREDUNDANTE, type = CommandType.BOOLEAN, 
required = false, description = "Turn the network into a network with redundant 
routers.", since = "4.11.1")
 
 Review comment:
   Thanks for spotting @nitin-maharana, will fix the typo


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10352) XenServer: Support online storage migration from non-managed to managed storage

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10352?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435131#comment-16435131
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10352:
-

blueorangutan commented on issue #2502: [CLOUDSTACK-10352] XenServer: Support 
online migration of a virtual disk from non-managed to managed storage
URL: https://github.com/apache/cloudstack/pull/2502#issuecomment-380717583
 
 
   @mike-tutkowski a Jenkins job has been kicked to build packages. I'll keep 
you posted as I make progress.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> XenServer: Support online storage migration from non-managed to managed 
> storage
> ---
>
> Key: CLOUDSTACK-10352
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10352
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Management Server, XenServer
> Environment: XenServer
>Reporter: Mike Tutkowski
>Assignee: Mike Tutkowski
>Priority: Major
> Fix For: 4.12.0.0
>
>
> Allow a user to online migrate a volume from non-managed storage to managed 
> storage.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10352) XenServer: Support online storage migration from non-managed to managed storage

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10352?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435129#comment-16435129
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10352:
-

mike-tutkowski opened a new pull request #2502: [CLOUDSTACK-10352] XenServer: 
Support online migration of a virtual disk from non-managed to managed storage
URL: https://github.com/apache/cloudstack/pull/2502
 
 
   https://issues.apache.org/jira/browse/CLOUDSTACK-10352
   
   ## Description
   Allow on XenServer for a volume on non-managed storage to be online migrated 
to managed storage.
   
   ## Types of changes
   
   - [ ] Breaking change (fix or feature that would cause existing 
functionality to change)
   - [ ] New feature (non-breaking change which adds functionality)
   - [ ] Bug fix (non-breaking change which fixes an issue)
   - [x] Enhancement (improves an existing feature and functionality)
   - [ ] Cleanup (Code refactoring and cleanup, that may add test cases)
   
   ## How Has This Been Tested?
   Previously if you tried to online migrate a volume on XenServer from 
non-managed storage to managed storage, the operation failed. Now the operation 
succeeds.
   
   ## Checklist:
   - [x] I have read the 
[CONTRIBUTING](https://github.com/apache/cloudstack/blob/master/CONTRIBUTING.md)
 document.
   - [x] My code follows the code style of this project.
   - [ ] My change requires a change to the documentation.
   - [ ] I have updated the documentation accordingly.
   - [ ] I have added tests to cover my changes.
   - [ ] All new and existing tests passed.
   
   
   @blueorangutan package
   


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> XenServer: Support online storage migration from non-managed to managed 
> storage
> ---
>
> Key: CLOUDSTACK-10352
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10352
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Management Server, XenServer
> Environment: XenServer
>Reporter: Mike Tutkowski
>Assignee: Mike Tutkowski
>Priority: Major
> Fix For: 4.12.0.0
>
>
> Allow a user to online migrate a volume from non-managed storage to managed 
> storage.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10352) XenServer: Support online storage migration from non-managed to managed storage

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10352?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435119#comment-16435119
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10352:
-

blueorangutan commented on issue #2502: [CLOUDSTACK-10352] XenServer: Support 
online migration of a virtual disk from non-managed to managed storage
URL: https://github.com/apache/cloudstack/pull/2502#issuecomment-380715425
 
 
   @mike-tutkowski a Jenkins job has been kicked to build packages. I'll keep 
you posted as I make progress.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> XenServer: Support online storage migration from non-managed to managed 
> storage
> ---
>
> Key: CLOUDSTACK-10352
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10352
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Management Server, XenServer
> Environment: XenServer
>Reporter: Mike Tutkowski
>Assignee: Mike Tutkowski
>Priority: Major
> Fix For: 4.12.0.0
>
>
> Allow a user to online migrate a volume from non-managed storage to managed 
> storage.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10352) XenServer: Support online storage migration from non-managed to managed storage

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10352?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435117#comment-16435117
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10352:
-

DaanHoogland closed pull request #2502: [CLOUDSTACK-10352] XenServer: Support 
online migration of a virtual disk from non-managed to managed storage
URL: https://github.com/apache/cloudstack/pull/2502
 
 
   

This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:

As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):

diff --git 
a/core/src/main/java/com/cloud/agent/api/storage/MigrateVolumeCommand.java 
b/core/src/main/java/com/cloud/agent/api/storage/MigrateVolumeCommand.java
index 77430c39808..e5838451dd0 100644
--- a/core/src/main/java/com/cloud/agent/api/storage/MigrateVolumeCommand.java
+++ b/core/src/main/java/com/cloud/agent/api/storage/MigrateVolumeCommand.java
@@ -97,10 +97,18 @@ public DataTO getDestData() {
 return destData;
 }
 
+public void setSrcDetails(Map details) {
+srcDetails = details;
+}
+
 public Map getSrcDetails() {
 return srcDetails;
 }
 
+public void setDestDetails(Map details) {
+destDetails = details;
+}
+
 public Map getDestDetails() {
 return destDetails;
 }
diff --git 
a/engine/api/src/main/java/org/apache/cloudstack/engine/subsystem/api/storage/PrimaryDataStoreDriver.java
 
b/engine/api/src/main/java/org/apache/cloudstack/engine/subsystem/api/storage/PrimaryDataStoreDriver.java
index 8749589f12c..6021a439178 100644
--- 
a/engine/api/src/main/java/org/apache/cloudstack/engine/subsystem/api/storage/PrimaryDataStoreDriver.java
+++ 
b/engine/api/src/main/java/org/apache/cloudstack/engine/subsystem/api/storage/PrimaryDataStoreDriver.java
@@ -25,9 +25,12 @@
 import com.cloud.storage.StoragePool;
 
 public interface PrimaryDataStoreDriver extends DataStoreDriver {
+enum QualityOfServiceState { MIGRATION, NO_MIGRATION }
+
 String BASIC_CREATE = "basicCreate";
 String BASIC_DELETE = "basicDelete";
 String BASIC_DELETE_FAILURE = "basicDeleteFailure";
+String BASIC_DELETE_BY_FOLDER = "basicDeleteByFolder";
 String BASIC_GRANT_ACCESS = "basicGrantAccess";
 String BASIC_REVOKE_ACCESS = "basicRevokeAccess";
 String BASIC_IQN = "basicIqn";
@@ -67,4 +70,6 @@
 void takeSnapshot(SnapshotInfo snapshot, 
AsyncCompletionCallback callback);
 
 void revertSnapshot(SnapshotInfo snapshotOnImageStore, SnapshotInfo 
snapshotOnPrimaryStore, AsyncCompletionCallback callback);
+
+void handleQualityOfServiceForVolumeMigration(VolumeInfo volumeInfo, 
QualityOfServiceState qualityOfServiceState);
 }
diff --git 
a/engine/storage/datamotion/src/main/java/org/apache/cloudstack/storage/motion/StorageSystemDataMotionStrategy.java
 
b/engine/storage/datamotion/src/main/java/org/apache/cloudstack/storage/motion/StorageSystemDataMotionStrategy.java
index 30cff850c88..e08c3063b40 100644
--- 
a/engine/storage/datamotion/src/main/java/org/apache/cloudstack/storage/motion/StorageSystemDataMotionStrategy.java
+++ 
b/engine/storage/datamotion/src/main/java/org/apache/cloudstack/storage/motion/StorageSystemDataMotionStrategy.java
@@ -49,6 +49,7 @@
 import com.cloud.storage.SnapshotVO;
 import com.cloud.storage.Storage.ImageFormat;
 import com.cloud.storage.StorageManager;
+import com.cloud.storage.StoragePool;
 import com.cloud.storage.VMTemplateVO;
 import com.cloud.storage.VolumeDetailVO;
 import com.cloud.storage.Volume;
@@ -84,8 +85,10 @@
 import org.apache.cloudstack.engine.subsystem.api.storage.EndPointSelector;
 import org.apache.cloudstack.engine.subsystem.api.storage.HostScope;
 import 
org.apache.cloudstack.engine.subsystem.api.storage.ObjectInDataStoreStateMachine.Event;
+import 
org.apache.cloudstack.engine.subsystem.api.storage.PrimaryDataStoreDriver;
 import org.apache.cloudstack.engine.subsystem.api.storage.Scope;
 import org.apache.cloudstack.engine.subsystem.api.storage.SnapshotInfo;
+import org.apache.cloudstack.engine.subsystem.api.storage.StorageAction;
 import org.apache.cloudstack.engine.subsystem.api.storage.StorageCacheManager;
 import org.apache.cloudstack.engine.subsystem.api.storage.StrategyPriority;
 import org.apache.cloudstack.engine.subsystem.api.storage.TemplateInfo;
@@ -288,7 +291,7 @@ public void copyAsync(DataObject srcData, DataObject 
destData, Host destHost, As
 VolumeInfo srcVolumeInfo = (VolumeInfo)srcData;
 TemplateInfo destTemplateInfo = (TemplateInfo)destData;
 
-handleCreateTemplateFromVolume(srcVolumeInfo, destTemplateInfo, 
callback);
+handleCreateTemplateFromManagedVolume(srcVolumeInfo, 
destTemplateInfo, callback);
 }

[jira] [Commented] (CLOUDSTACK-10214) Unable to remove local primary storage

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10214?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435118#comment-16435118
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10214:
-

blueorangutan commented on issue #2390: [CLOUDSTACK-10214] Unable to remove 
local primary storage
URL: https://github.com/apache/cloudstack/pull/2390#issuecomment-380715348
 
 
   Trillian test result (tid-2489)
   Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
   Total time taken: 87341 seconds
   Marvin logs: 
https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr2390-t2489-kvm-centos7.zip
   Intermitten failure detected: /marvin/tests/smoke/test_certauthority_root.py
   Intermitten failure detected: /marvin/tests/smoke/test_routers.py
   Intermitten failure detected: /marvin/tests/smoke/test_vpc_redundant.py
   Intermitten failure detected: /marvin/tests/smoke/test_vpc_vpn.py
   Smoke tests completed. 65 look OK, 2 have error(s)
   Only failed tests results shown below:
   
   
   Test | Result | Time (s) | Test File
   --- | --- | --- | ---
   test_04_restart_network_wo_cleanup | `Failure` | 4.03 | test_routers.py
   test_05_rvpc_multi_tiers | `Failure` | 319.70 | test_vpc_redundant.py
   test_05_rvpc_multi_tiers | `Error` | 342.76 | test_vpc_redundant.py
   


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Unable to remove local primary storage 
> ---
>
> Key: CLOUDSTACK-10214
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10214
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.10.0.0, 4.9.3.0
>Reporter: Rafael Weingärtner
>Assignee: Rafael Weingärtner
>Priority: Major
>
> When enabling the use of local storage ACS will automatically load all local 
> storage configured in the Host and start using them as primary storage to 
> deploy user VMs (if the service offering allows to do so). However, if the 
> operator wants to remove the local storage ACS will throw an exception saying 
> that the removal of local storage is not allowed.Therefore, if one wants to 
> remove a local storage, he/she needs to do a manual intervention in the 
> database and hosts.
> This limitation was removed, as it was only a logical restriction.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10352) XenServer: Support online storage migration from non-managed to managed storage

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10352?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435116#comment-16435116
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10352:
-

DaanHoogland commented on issue #2502: [CLOUDSTACK-10352] XenServer: Support 
online migration of a virtual disk from non-managed to managed storage
URL: https://github.com/apache/cloudstack/pull/2502#issuecomment-380715225
 
 
   want to see some ci passing


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> XenServer: Support online storage migration from non-managed to managed 
> storage
> ---
>
> Key: CLOUDSTACK-10352
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10352
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Management Server, XenServer
> Environment: XenServer
>Reporter: Mike Tutkowski
>Assignee: Mike Tutkowski
>Priority: Major
> Fix For: 4.12.0.0
>
>
> Allow a user to online migrate a volume from non-managed storage to managed 
> storage.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10230) User is able to change to “Guest OS type” that has been removed

2018-04-12 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435104#comment-16435104
 ] 

ASF subversion and git services commented on CLOUDSTACK-10230:
--

Commit 91d98211496a482e6882acd6528f9b8dbeefe3bf in cloudstack's branch 
refs/heads/master from [~rafaelweingartner]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=91d9821 ]

[CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

> User is able to change to “Guest OS type” that has been removed 
> 
>
> Key: CLOUDSTACK-10230
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10230
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rafael Weingärtner
>Assignee: Rafael Weingärtner
>Priority: Critical
>
> Users are able to change the OS type of VMs to “Guest OS type” that has been 
> removed. This becomes a security issue when we try to force users to use HVM 
> VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable 
> by any users in the cloud.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10230) User is able to change to “Guest OS type” that has been removed

2018-04-12 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435103#comment-16435103
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10230:
-

DaanHoogland closed pull request #2404: [CLOUDSTACK-10230] User should not be 
able to use removed “Guest OS type”
URL: https://github.com/apache/cloudstack/pull/2404
 
 
   

This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:

As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):

diff --git a/server/src/main/java/com/cloud/vm/UserVmManagerImpl.java 
b/server/src/main/java/com/cloud/vm/UserVmManagerImpl.java
index f2f764b3dc7..df81dd3ff2b 100644
--- a/server/src/main/java/com/cloud/vm/UserVmManagerImpl.java
+++ b/server/src/main/java/com/cloud/vm/UserVmManagerImpl.java
@@ -39,10 +39,6 @@
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
-import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.lang.StringUtils;
-import org.apache.log4j.Logger;
-
 import org.apache.cloudstack.acl.ControlledEntity.ACLType;
 import org.apache.cloudstack.acl.SecurityChecker.AccessType;
 import org.apache.cloudstack.affinity.AffinityGroupService;
@@ -80,7 +76,6 @@
 import org.apache.cloudstack.engine.subsystem.api.storage.DataStore;
 import org.apache.cloudstack.engine.subsystem.api.storage.DataStoreManager;
 import org.apache.cloudstack.engine.subsystem.api.storage.PrimaryDataStore;
-import org.apache.cloudstack.engine.subsystem.api.storage.TemplateDataFactory;
 import org.apache.cloudstack.engine.subsystem.api.storage.VolumeDataFactory;
 import org.apache.cloudstack.engine.subsystem.api.storage.VolumeInfo;
 import org.apache.cloudstack.engine.subsystem.api.storage.VolumeService;
@@ -89,7 +84,6 @@
 import org.apache.cloudstack.framework.config.ConfigKey;
 import org.apache.cloudstack.framework.config.Configurable;
 import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
-import org.apache.cloudstack.framework.jobs.AsyncJobManager;
 import org.apache.cloudstack.managed.context.ManagedContextRunnable;
 import org.apache.cloudstack.storage.command.DeleteCommand;
 import org.apache.cloudstack.storage.command.DettachCommand;
@@ -97,6 +91,10 @@
 import org.apache.cloudstack.storage.datastore.db.StoragePoolVO;
 import org.apache.cloudstack.storage.datastore.db.TemplateDataStoreDao;
 import org.apache.cloudstack.storage.datastore.db.TemplateDataStoreVO;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.collections.MapUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.log4j.Logger;
 
 import com.cloud.agent.AgentManager;
 import com.cloud.agent.api.Answer;
@@ -125,7 +123,6 @@
 import com.cloud.agent.manager.Commands;
 import com.cloud.alert.AlertManager;
 import com.cloud.api.ApiDBUtils;
-import com.cloud.api.query.dao.UserVmJoinDao;
 import com.cloud.capacity.Capacity;
 import com.cloud.capacity.CapacityManager;
 import com.cloud.configuration.Config;
@@ -136,14 +133,14 @@
 import com.cloud.dc.DataCenterVO;
 import com.cloud.dc.DedicatedResourceVO;
 import com.cloud.dc.HostPodVO;
+import com.cloud.dc.Vlan;
+import com.cloud.dc.Vlan.VlanType;
+import com.cloud.dc.VlanVO;
 import com.cloud.dc.dao.ClusterDao;
 import com.cloud.dc.dao.DataCenterDao;
 import com.cloud.dc.dao.DedicatedResourceDao;
 import com.cloud.dc.dao.HostPodDao;
 import com.cloud.dc.dao.VlanDao;
-import com.cloud.dc.Vlan;
-import com.cloud.dc.Vlan.VlanType;
-import com.cloud.dc.VlanVO;
 import com.cloud.deploy.DataCenterDeployment;
 import com.cloud.deploy.DeployDestination;
 import com.cloud.deploy.DeploymentPlanner;
@@ -211,9 +208,7 @@
 import com.cloud.network.security.SecurityGroup;
 import com.cloud.network.security.SecurityGroupManager;
 import com.cloud.network.security.dao.SecurityGroupDao;
-import com.cloud.network.security.dao.SecurityGroupVMMapDao;
 import com.cloud.network.vpc.VpcManager;
-import com.cloud.network.vpc.dao.VpcDao;
 import com.cloud.offering.DiskOffering;
 import com.cloud.offering.NetworkOffering;
 import com.cloud.offering.NetworkOffering.Availability;
@@ -222,10 +217,8 @@
 import com.cloud.offerings.dao.NetworkOfferingDao;
 import com.cloud.org.Cluster;
 import com.cloud.org.Grouping;
-import com.cloud.projects.ProjectManager;
 import com.cloud.resource.ResourceManager;
 import com.cloud.resource.ResourceState;
-import com.cloud.server.ConfigurationServer;
 import com.cloud.server.ManagementService;
 import com.cloud.service.ServiceOfferingVO;
 import com.cloud.service.dao.ServiceOfferingDao;
@@ -234,15 +227,15 @@
 import com.cloud.storage.DiskOfferingVO;
 import com.cloud.storage.GuestOSCategoryVO;
 import com.cloud.storage.GuestOSVO;
+import com.cloud.storage.Snapshot;
 import com.cloud.storage.SnapshotVO;
 import

[jira] [Commented] (CLOUDSTACK-10230) User is able to change to “Guest OS type” that has been removed

2018-04-12 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16435105#comment-16435105
 ] 

ASF subversion and git services commented on CLOUDSTACK-10230:
--

Commit 91d98211496a482e6882acd6528f9b8dbeefe3bf in cloudstack's branch 
refs/heads/master from [~rafaelweingartner]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=91d9821 ]

[CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

> User is able to change to “Guest OS type” that has been removed 
> 
>
> Key: CLOUDSTACK-10230
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10230
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rafael Weingärtner
>Assignee: Rafael Weingärtner
>Priority: Critical
>
> Users are able to change the OS type of VMs to “Guest OS type” that has been 
> removed. This becomes a security issue when we try to force users to use HVM 
> VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable 
> by any users in the cloud.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)