[DISCUSS][PROPOSAL] CA authority plugin definition

Devs, Following a discussion with a client they came up with the idea to create a pluggable CA-framework. A plugin would serve components in cloudstack that so require (management servers, agents, load balancers, SVMs, etc.) with certificates answering certificate requests and validating

[GitHub] cloudstack pull request #2046: CLOUDSTACK-7958: Add configuration for limit ...

GitHub user wido opened a pull request: https://github.com/apache/cloudstack/pull/2046 CLOUDSTACK-7958: Add configuration for limit to CIDRs for Admin API calls The global setting 'management.admin.cidr' is set to 0.0.0.0/0,::/0 by default preserve the current behavior and thus

[GitHub] cloudstack issue #2006: CLOUDSTACK-9833: Move configuration parameters from ...

Github user jayapalu commented on the issue: https://github.com/apache/cloudstack/pull/2006 Code LGTM --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or

[GitHub] cloudstack issue #2006: CLOUDSTACK-9833: Move configuration parameters from ...

Github user harikrishna-patnala commented on the issue: https://github.com/apache/cloudstack/pull/2006 Thanks @jayapalu I have also added some content security policy in HTTP servlet response to detect and mitigate certain type of attacks. Restricted image source, style sheets,

[GitHub] cloudstack pull request #2045: Fix snmptrap alert bug

GitHub user WingkaiHo opened a pull request: https://github.com/apache/cloudstack/pull/2045 Fix snmptrap alert bug Fix snmptrap alerts info omit to send the field of SnmpConstants.sysUpTime. So when standard snmptrapd receive alerts package the field OID will dislocation

Travis CI failures in PR#1996

Hi All, In PR# 1996 travis CI is failing for the 9 tests always. I tried force pushing many times but still the issues are failing. I have gone through the logs[1] for the travis CI. I have observed the below. 1. It seems the deploy datacenter is not up correctly. Connection to localhost 8096

[GitHub] cloudstack issue #1941: CLOUDSTACK-8663: Fixed various issues to allow VM sn...

Github user karuturi commented on the issue: https://github.com/apache/cloudstack/pull/1941 Thanks! will take a look. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and

[GitHub] cloudstack pull request #2044: CLOUDSTACK-9877 Cleanup unlinked templates

GitHub user DaanHoogland opened a pull request: https://github.com/apache/cloudstack/pull/2044 CLOUDSTACK-9877 Cleanup unlinked templates This implements CLOUDSTACK-9877 by marking templates for gc when 1. the template they where created with is deleted from cloudstack 2.

[GitHub] cloudstack issue #1762: CLOUDSTACK-9595 Transactions are not getting retried...

Github user yvsubhash commented on the issue: https://github.com/apache/cloudstack/pull/1762 @serg38 Is the refactoring suggested by rafael taken care by @nvazquez, else I would take it up --- If your project is set up for it, you can reply to this email and have your reply appear

[GitHub] cloudstack issue #2043: CLOUDSTACK-9876: Removed test test_01_test_vm_volume...

Github user karuturi commented on the issue: https://github.com/apache/cloudstack/pull/2043 @rhtyd @serg38 can you review? --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature

[GitHub] cloudstack issue #2030: WIP: CLOUDSTACK-9864 cleanup stale worker VMs after ...

Github user DaanHoogland commented on the issue: https://github.com/apache/cloudstack/pull/2030 show me the money (tm) --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled

[GitHub] cloudstack pull request #2030: WIP: CLOUDSTACK-9864 cleanup stale worker VMs...

Github user DaanHoogland closed the pull request at: https://github.com/apache/cloudstack/pull/2030 --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your project does not have this feature enabled and wishes so, or if the

[GitHub] cloudstack issue #2030: WIP: CLOUDSTACK-9864 cleanup stale worker VMs after ...

Github user DaanHoogland commented on the issue: https://github.com/apache/cloudstack/pull/2030 renaming and close-opening for retests. "it works on my laptop (tm)" --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your

[GitHub] cloudstack pull request #2030: WIP: CLOUDSTACK-9864 cleanup stale worker VMs...

GitHub user DaanHoogland reopened a pull request: https://github.com/apache/cloudstack/pull/2030 WIP: CLOUDSTACK-9864 cleanup stale worker VMs after job expiry time You can merge this pull request into a Git repository by running: $ git pull

[GitHub] cloudstack issue #1762: CLOUDSTACK-9595 Transactions are not getting retried...

Github user serg38 commented on the issue: https://github.com/apache/cloudstack/pull/1762 @yvsubhash Please, take this up. So far this PR hasn't moved forward. --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your

[GitHub] cloudstack issue #2044: CLOUDSTACK-9877 Cleanup unlinked templates

Github user DaanHoogland commented on the issue: https://github.com/apache/cloudstack/pull/2044 @serg38 ad 1. yes they can, if you look in the ticket there is a part of description that describes this possibility. But that said I don't see how restore is going to be hindered if

[GitHub] cloudstack issue #2043: CLOUDSTACK-9876: Removed test test_01_test_vm_volume...

Github user serg38 commented on the issue: https://github.com/apache/cloudstack/pull/2043 LGTM on the code change. @borisstoyanov @rhtyd @DaanHoogland Can we re-kick vmware test for this PR? --- If your project is set up for it, you can reply to this email and have your reply

[GitHub] cloudstack issue #2044: CLOUDSTACK-9877 Cleanup unlinked templates

Github user serg38 commented on the issue: https://github.com/apache/cloudstack/pull/2044 @DaanHoogland Can you clarify few questions/concerns 1. This change will likely to break restoreVirtualMachine functions. At the very least users should be able to turn off new behavior with

Re: [DISCUSS][PROPOSAL] CA authority plugin definition

Daan, What about integrating some like Vault (https://github.com/hashicorp/vault)? - Si From: Daan Hoogland Sent: Friday, April 14, 2017 5:46 AM To: dev@cloudstack.apache.org Subject: [DISCUSS][PROPOSAL] CA authority plugin

[GitHub] cloudstack pull request #2046: CLOUDSTACK-7958: Add configuration for limit ...

Github user DaanHoogland commented on a diff in the pull request: https://github.com/apache/cloudstack/pull/2046#discussion_r111568225 --- Diff: core/src/com/cloud/network/HAProxyConfigurator.java --- @@ -538,7 +536,7 @@ private String getLbSubRuleForStickiness(final

[GitHub] cloudstack pull request #2046: CLOUDSTACK-7958: Add configuration for limit ...

Github user DaanHoogland commented on a diff in the pull request: https://github.com/apache/cloudstack/pull/2046#discussion_r111568764 --- Diff: api/src/org/apache/cloudstack/config/ApiServiceConfiguration.java --- @@ -28,6 +28,8 @@ "API end point. Can be used by

[GitHub] cloudstack pull request #2046: CLOUDSTACK-7958: Add configuration for limit ...

Github user DaanHoogland commented on a diff in the pull request: https://github.com/apache/cloudstack/pull/2046#discussion_r11156 --- Diff: server/src/com/cloud/api/ApiServlet.java --- @@ -290,6 +292,17 @@ void processRequestInContext(final HttpServletRequest req, final

[GitHub] cloudstack pull request #2046: CLOUDSTACK-7958: Add configuration for limit ...

Github user DaanHoogland commented on a diff in the pull request: https://github.com/apache/cloudstack/pull/2046#discussion_r111568831 --- Diff: server/src/com/cloud/api/ApiServlet.java --- @@ -290,6 +292,17 @@ void processRequestInContext(final HttpServletRequest req, final

[GitHub] cloudstack issue #2044: CLOUDSTACK-9877 Cleanup unlinked templates

Github user DaanHoogland commented on the issue: https://github.com/apache/cloudstack/pull/2044 ah ok, I was not aware of that @serg38 . I'll look it up, except from not enabling the feature, how would you handle this? a. To not allow restore b. To recognise that the disk is

Re: [DISCUSS][PROPOSAL] CA authority plugin definition

Yeah, I agree it would be better as a plugin. We feel a big thing missing in ACS right now is a KMS style service. From: Daan Hoogland Sent: Friday, April 14, 2017 10:05 AM To: dev@cloudstack.apache.org Subject: Re:

[GitHub] cloudstack issue #2044: CLOUDSTACK-9877 Cleanup unlinked templates

Github user serg38 commented on the issue: https://github.com/apache/cloudstack/pull/2044 @DaanHoogland Not for us since we still use link clones but I am sure tons of other might be affected. Interestingly enough that with PR 1773 merged the default behavior in API is not to allow

[GitHub] cloudstack issue #2044: CLOUDSTACK-9877 Cleanup unlinked templates

Github user serg38 commented on the issue: https://github.com/apache/cloudstack/pull/2044 @DaanHoogland Thanks. But for #1 the requirement for the code changes is that the template is deleted from cloudstack. In this condition restoreVirtualMachines when template ID is not specified

Re:Re: [4.10] VPN disconnected while network changes taken

Sure, Karuturi Logged a bug in Jira, thanks! CLOUDSTACK-9878 Remote Access VPN that losing connection when new network configs are introduced https://issues.apache.org/jira/browse/CLOUDSTACK-9878 在2017年04月14 13时14分, "Rajani Karuturi"写道: Hi Haijiao, Thanks for

Re: [DISCUSS][PROPOSAL] CA authority plugin definition

Simon, I can think of use cases for that and it is an interesting topic. I can also see it as being implemented in a CA-plugin. I do not think it should be in the base of this framework though. That would complicate cloudstack for simple users to much I think. On the other hand, it would have

[GitHub] cloudstack pull request #2046: CLOUDSTACK-7958: Add configuration for limit ...

Github user wido commented on a diff in the pull request: https://github.com/apache/cloudstack/pull/2046#discussion_r111589567 --- Diff: core/src/com/cloud/network/HAProxyConfigurator.java --- @@ -538,7 +536,7 @@ private String getLbSubRuleForStickiness(final LoadBalancerTO lbTO)

[GitHub] cloudstack pull request #2046: CLOUDSTACK-7958: Add configuration for limit ...

Github user wido commented on a diff in the pull request: https://github.com/apache/cloudstack/pull/2046#discussion_r111589627 --- Diff: api/src/org/apache/cloudstack/config/ApiServiceConfiguration.java --- @@ -28,6 +28,8 @@ "API end point. Can be used by CS

[GitHub] cloudstack pull request #2046: CLOUDSTACK-7958: Add configuration for limit ...

Github user wido commented on a diff in the pull request: https://github.com/apache/cloudstack/pull/2046#discussion_r111589656 --- Diff: server/src/com/cloud/api/ApiServlet.java --- @@ -290,6 +292,17 @@ void processRequestInContext(final HttpServletRequest req, final

[GitHub] cloudstack pull request #2046: CLOUDSTACK-7958: Add configuration for limit ...

Github user wido commented on a diff in the pull request: https://github.com/apache/cloudstack/pull/2046#discussion_r111589706 --- Diff: server/src/com/cloud/api/ApiServlet.java --- @@ -290,6 +292,17 @@ void processRequestInContext(final HttpServletRequest req, final

[GitHub] cloudstack pull request #2046: CLOUDSTACK-7958: Add configuration for limit ...

Github user DaanHoogland commented on a diff in the pull request: https://github.com/apache/cloudstack/pull/2046#discussion_r111591078 --- Diff: server/src/com/cloud/api/ApiServlet.java --- @@ -290,6 +292,17 @@ void processRequestInContext(final HttpServletRequest req, final

[GitHub] cloudstack issue #2046: CLOUDSTACK-7958: Add configuration for limit to CIDR...

Github user wido commented on the issue: https://github.com/apache/cloudstack/pull/2046 @DaanHoogland: I improved the logging as you suggested/requested. A TRACE for every request and WARN when a request is denied. Tried this locally: 2017-04-14 15:45:58,901

[GitHub] cloudstack issue #1722: CLOUDSTACK-9558 Cleanup the snapshots on the primary...

Github user cloudmonger commented on the issue: https://github.com/apache/cloudstack/pull/1722 ### ACS CI BVT Run **Sumarry:** Build Number 534 Hypervisor xenserver NetworkType Advanced Passed=111 Failed=1 Skipped=7 _Link to logs Folder

[GitHub] cloudstack issue #2046: CLOUDSTACK-7958: Add configuration for limit to CIDR...

Github user wido commented on the issue: https://github.com/apache/cloudstack/pull/2046 @PaulAngus This is what we talked about in Prague. Mind taking a look? --- If your project is set up for it, you can reply to this email and have your reply appear on GitHub as well. If your

IMPORTANT: Moving to Gitbox/Github

Hi, At the moment the people from Infra [0] are busy with moving the CloudStack repositories to Gitbox/Github [1]. This means that we will be able to label PRs on Github, but only people who are in the right group on Github are able to do so. Any committer should be able to be added to that

Re: IMPORTANT: Moving to Gitbox/Github

> Op 14 april 2017 om 21:26 schreef Wido den Hollander : > > > Hi, > > At the moment the people from Infra [0] are busy with moving the CloudStack > repositories to Gitbox/Github [1]. > > This means that we will be able to label PRs on Github, but only people who > are in

Re: [DISCUSS][PROPOSAL] CA authority plugin definition

I’d suggest taking a look at using Dogtag[1] as well. Actually, that’s what the Other Guys also suggest[2]. 1: http://pki.fedoraproject.org/wiki/PKI_Main_Page 2: https://wiki.openstack.org/wiki/PKI > On