[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once
[ https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16469433#comment-16469433 ] ASF GitHub Bot commented on CLOUDSTACK-9114: blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime during network restart URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387864439 Trillian test result (tid-2651) Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7 Total time taken: 31613 seconds Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr2508-t2651-kvm-centos7.zip Intermitten failure detected: /marvin/tests/smoke/test_privategw_acl.py Intermitten failure detected: /marvin/tests/smoke/test_ssvm.py Smoke tests completed. 66 look OK, 0 have error(s) Only failed tests results shown below: Test | Result | Time (s) | Test File --- | --- | --- | --- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > restartnetwork with cleanup should not update/restart both routers at once > -- > > Key: CLOUDSTACK-9114 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114 > Project: CloudStack > Issue Type: Improvement > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Wei Zhou >Assignee: Wei Zhou >Priority: Major > > for now, restartnetwork with cleanup will stop both RVRs at first, then start > two new RVRs. > to reduce the downtime of network, we'd better restart the RVRs one by one. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-4045) IP address acquired with associateIpAddress is marked as source NAT, causing disassociateIpAddress to fail later
[ https://issues.apache.org/jira/browse/CLOUDSTACK-4045?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16469064#comment-16469064 ] ASF GitHub Bot commented on CLOUDSTACK-4045: DaanHoogland commented on issue #2382: CLOUDSTACK-4045 IP address acquired with associateIpAddress is marked as source NAT URL: https://github.com/apache/cloudstack/pull/2382#issuecomment-387801824 I think it is a bugfix, but no biggy. tried to just retarget but that pulls in unwanted stuff: rebase needed! @houthuis @rhtyd This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > IP address acquired with associateIpAddress is marked as source NAT, causing > disassociateIpAddress to fail later > > > Key: CLOUDSTACK-4045 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-4045 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Affects Versions: 4.0.0, 4.0.1, 4.0.2, 4.1.0, 4.1.1, 4.2.0 >Reporter: Murali Reddy >Assignee: Henko Holtzhausen >Priority: Major > Fix For: Future > > > When you can create network, network is in allocated state. when network is > implemented CloudStack implicitly should acquire a public IP for source nat. > But there is assumption that first IP this is associated with network is > always for source NAT IP. So when you do > 1. create network (network is in allocated state) > 2. acquire a public IP and associate with the network > 3. disassociate ip address > #3 will fail because CloudStack marks the IP acquired in #1 to be source NAT. > For users this is counter-intutive because when a IP is acquired, he/she > should be able to release it as well. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-10290) Config drive - only supported for secondary storage
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10290?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16469059#comment-16469059 ] ASF GitHub Bot commented on CLOUDSTACK-10290: - DaanHoogland commented on issue #2614: WIP perform config drive creation on primary storage (CLOUDSTACK-10290) URL: https://github.com/apache/cloudstack/pull/2614#issuecomment-387800336 @GabrielBrascher it is not fully functional yet. I would like review. The problem I am facing is that ConfigDrive is part of network configuration and no Primary storage is know yet before creating or (re-)starting a VM, so no where to create the ConfigDrive on. I need to solve that. Ideas welcome. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > Config drive - only supported for secondary storage > --- > > Key: CLOUDSTACK-10290 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10290 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Affects Versions: 4.11.0.0 >Reporter: Rohit Yadav >Assignee: Daan Hoogland >Priority: Major > > Userdata disk looks like this: > > > file='/mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266/configdrive.iso'/> > > > > > > > Mount is: > root# df /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266 > Filesystem 1K-blocks > Used Available Use% Mounted on > some-nfs-server.com:/nfs/secondary/ConfigDrive/i-2-24-VM 66391040 2973696 > 63417344 5% /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266 > > issue: where to find a primary storage for a VM that is not yet deployed. The > configdrive is created before a storage is assigned. This order of execution > must be reversed for this to work. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-10087) Template registration errors out when template URL is https
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10087?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16469035#comment-16469035 ] ASF GitHub Bot commented on CLOUDSTACK-10087: - rhtyd closed pull request #2271: CLOUDSTACK-10087 Template registration errors out when template URL i… URL: https://github.com/apache/cloudstack/pull/2271 This is a PR merged from a forked repository. As GitHub hides the original diff on merge, it is displayed below for the sake of provenance: As this is a foreign pull request (from a fork), the diff is supplied below (as it won't show otherwise due to GitHub magic): diff --git a/systemvm/debian/opt/cloud/bin/setup/secstorage.sh b/systemvm/debian/opt/cloud/bin/setup/secstorage.sh index 8b6d4ee5a4b..838c7b2fc9d 100755 --- a/systemvm/debian/opt/cloud/bin/setup/secstorage.sh +++ b/systemvm/debian/opt/cloud/bin/setup/secstorage.sh @@ -80,6 +80,17 @@ CORS rm -f /etc/logrotate.d/cloud } +import_jvm_cacerts(){ + log_it "importing jvm keystore to realhostip keystore" + keyStore=/usr/local/cloud/systemvm/certs/realhostip.keystore + storepass="vmops.com" + java_home=$(readlink -f $(which java) | sed "s:/bin/java::") + java_keystore=$java_home/jre/lib/security/cacerts + java_store_pass="changeit" + keytool -importkeystore -srckeystore $java_keystore -srcstorepass $java_store_pass -destkeystore $keyStore -deststorepass $storepass -noprompt + log_it "import of jvm keystore to realhostip keystore completed" +} + secstorage_svcs if [ $? -gt 0 ] then @@ -87,3 +98,4 @@ then exit 1 fi setup_secstorage +import_jvm_cacerts This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > Template registration errors out when template URL is https > --- > > Key: CLOUDSTACK-10087 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10087 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: sudharma jain >Priority: Major > > *Management server logs:* > 2017-08-23 08:55:36,706 DEBUG [c.c.a.t.Request] (AgentManager-Handler-5:null) > (logid:) Seq 4-7842174326135586819: Processing: { Ans: , MgmtId: 4278190080, > via: 4, Ver: v1, Flags: 110, > [{"com.cloud.agent.api.Answer":{"result":false,"details":"com.amazonaws.SdkClientException: > Unable to execute HTTP request: sun.security.validator.ValidatorException: > PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target\n\tat > com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:972)\n\tat > > com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:676)\n\tat > > com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:650)\n\tat > > com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:633)\n\tat > > com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$300(AmazonHttpClient.java:601)\n\tat > > com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:583)\n\tat > com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:447)\n\tat > com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:4137)\n\tat > > com.amazonaws.services.s3.AmazonS3Client.getBucketRegionViaHeadRequest(AmazonS3Client.java:4856)\n\tat > > com.amazonaws.services.s3.AmazonS3Client.fetchRegionFromCache(AmazonS3Client.java:4830)\n\tat > > com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:4122)\n\tat > > com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:4079)\n\tat > > com.amazonaws.services.s3.AmazonS3Client.listObjects(AmazonS3Client.java:819)\n\tat > com.cloud.utils.storage.S3.S3Utils.listDirectory(S3Utils.java:179)\n\tat > org.apache.cloudstack.storage.resource.NfsSecondaryStorageResource.s3ListVolume(NfsSecondaryStorageResource.java:1667)\n\tat > > org.apache.cloudstack.storage.resource.NfsSecondaryStorageResource.execute(NfsSecondaryStorageResource.java:1721)\n\tat > > org.apache.cloudstack.storage.resource.NfsSecondaryStorageResource.executeRequest(NfsSecondaryStorageResource.java:277)\n\tat > > com.cloud.storage.resource.PremiumSecondaryStorageResource.defaultAction(PremiumSecondaryStorageResource.java:64)\n\tat > > com.cloud.storage.resource.PremiumSecondaryStorageResource.executeRequest(PremiumSecondaryStorageResource.java:60)\n\tat >
[jira] [Commented] (CLOUDSTACK-10087) Template registration errors out when template URL is https
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10087?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16469034#comment-16469034 ] ASF GitHub Bot commented on CLOUDSTACK-10087: - rhtyd commented on issue #2271: CLOUDSTACK-10087 Template registration errors out when template URL i… URL: https://github.com/apache/cloudstack/pull/2271#issuecomment-387796819 This has been fixed by way of initial systemvm patching in https://github.com/apache/cloudstack/commit/ddc8d131c080c363d82eadd75c811faaad81e9f9 Closing this as this is already fixed. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > Template registration errors out when template URL is https > --- > > Key: CLOUDSTACK-10087 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10087 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: sudharma jain >Priority: Major > > *Management server logs:* > 2017-08-23 08:55:36,706 DEBUG [c.c.a.t.Request] (AgentManager-Handler-5:null) > (logid:) Seq 4-7842174326135586819: Processing: { Ans: , MgmtId: 4278190080, > via: 4, Ver: v1, Flags: 110, > [{"com.cloud.agent.api.Answer":{"result":false,"details":"com.amazonaws.SdkClientException: > Unable to execute HTTP request: sun.security.validator.ValidatorException: > PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target\n\tat > com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:972)\n\tat > > com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:676)\n\tat > > com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:650)\n\tat > > com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:633)\n\tat > > com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$300(AmazonHttpClient.java:601)\n\tat > > com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:583)\n\tat > com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:447)\n\tat > com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:4137)\n\tat > > com.amazonaws.services.s3.AmazonS3Client.getBucketRegionViaHeadRequest(AmazonS3Client.java:4856)\n\tat > > com.amazonaws.services.s3.AmazonS3Client.fetchRegionFromCache(AmazonS3Client.java:4830)\n\tat > > com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:4122)\n\tat > > com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:4079)\n\tat > > com.amazonaws.services.s3.AmazonS3Client.listObjects(AmazonS3Client.java:819)\n\tat > com.cloud.utils.storage.S3.S3Utils.listDirectory(S3Utils.java:179)\n\tat > org.apache.cloudstack.storage.resource.NfsSecondaryStorageResource.s3ListVolume(NfsSecondaryStorageResource.java:1667)\n\tat > > org.apache.cloudstack.storage.resource.NfsSecondaryStorageResource.execute(NfsSecondaryStorageResource.java:1721)\n\tat > > org.apache.cloudstack.storage.resource.NfsSecondaryStorageResource.executeRequest(NfsSecondaryStorageResource.java:277)\n\tat > > com.cloud.storage.resource.PremiumSecondaryStorageResource.defaultAction(PremiumSecondaryStorageResource.java:64)\n\tat > > com.cloud.storage.resource.PremiumSecondaryStorageResource.executeRequest(PremiumSecondaryStorageResource.java:60)\n\tat > com.cloud.agent.Agent.processRequest(Agent.java:525)\n\tat > com.cloud.agent.Agent$AgentRequestHandler.doTask(Agent.java:833)\n\tat > com.cloud.utils.nio.Task.call(Task.java:83)\n\tat > com.cloud.utils.nio.Task.call(Task.java:29)\n\tat > java.util.concurrent.FutureTask.run(FutureTask.java:266)\n\tat > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)\n\tat > > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)\n\tat > java.lang.Thread.run(Thread.java:745)\nCaused by: > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target\n\tat > sun.security.ssl.Alerts.getSSLException(Alerts.java:192)\n\tat > sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)\n\tat > sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)\n\tat > sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)\n\tat >
[jira] [Commented] (CLOUDSTACK-4045) IP address acquired with associateIpAddress is marked as source NAT, causing disassociateIpAddress to fail later
[ https://issues.apache.org/jira/browse/CLOUDSTACK-4045?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16469031#comment-16469031 ] ASF GitHub Bot commented on CLOUDSTACK-4045: rhtyd commented on issue #2382: CLOUDSTACK-4045 IP address acquired with associateIpAddress is marked as source NAT URL: https://github.com/apache/cloudstack/pull/2382#issuecomment-387796184 @houthuis @DaanHoogland @nvazquez @PaulAngus @borisstoyanov ping - can anyone advise if this needs to be in 4.11 or we should keep for master? This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > IP address acquired with associateIpAddress is marked as source NAT, causing > disassociateIpAddress to fail later > > > Key: CLOUDSTACK-4045 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-4045 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Affects Versions: 4.0.0, 4.0.1, 4.0.2, 4.1.0, 4.1.1, 4.2.0 >Reporter: Murali Reddy >Assignee: Henko Holtzhausen >Priority: Major > Fix For: Future > > > When you can create network, network is in allocated state. when network is > implemented CloudStack implicitly should acquire a public IP for source nat. > But there is assumption that first IP this is associated with network is > always for source NAT IP. So when you do > 1. create network (network is in allocated state) > 2. acquire a public IP and associate with the network > 3. disassociate ip address > #3 will fail because CloudStack marks the IP acquired in #1 to be source NAT. > For users this is counter-intutive because when a IP is acquired, he/she > should be able to release it as well. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-10362) Inconsistent method names
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10362?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16469009#comment-16469009 ] ASF GitHub Bot commented on CLOUDSTACK-10362: - rhtyd closed pull request #2600: CLOUDSTACK-10362: Change the "getXXX" method names to "isXXX". URL: https://github.com/apache/cloudstack/pull/2600 This is a PR merged from a forked repository. As GitHub hides the original diff on merge, it is displayed below for the sake of provenance: As this is a foreign pull request (from a fork), the diff is supplied below (as it won't show otherwise due to GitHub magic): diff --git a/api/src/main/java/org/apache/cloudstack/api/command/admin/offering/CreateServiceOfferingCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/admin/offering/CreateServiceOfferingCmd.java index 0bde79bbd7b..3448698cd37 100644 --- a/api/src/main/java/org/apache/cloudstack/api/command/admin/offering/CreateServiceOfferingCmd.java +++ b/api/src/main/java/org/apache/cloudstack/api/command/admin/offering/CreateServiceOfferingCmd.java @@ -166,15 +166,15 @@ public String getServiceOfferingName() { return serviceOfferingName; } -public Boolean getOfferHa() { +public Boolean isOfferHa() { return offerHa == null ? Boolean.FALSE : offerHa; } -public Boolean GetLimitCpuUse() { +public Boolean isLimitCpuUse() { return limitCpuUse == null ? Boolean.FALSE : limitCpuUse; } -public Boolean getVolatileVm() { +public Boolean isVolatileVm() { return isVolatile == null ? Boolean.FALSE : isVolatile; } diff --git a/api/src/main/java/org/apache/cloudstack/api/command/admin/vlan/ListVlanIpRangesCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/admin/vlan/ListVlanIpRangesCmd.java index d4f2d5ad611..d5edd301a66 100644 --- a/api/src/main/java/org/apache/cloudstack/api/command/admin/vlan/ListVlanIpRangesCmd.java +++ b/api/src/main/java/org/apache/cloudstack/api/command/admin/vlan/ListVlanIpRangesCmd.java @@ -119,7 +119,7 @@ public Long getNetworkId() { return networkId; } -public Boolean getForVirtualNetwork() { +public Boolean isForVirtualNetwork() { return forVirtualNetwork; } diff --git a/api/src/main/java/org/apache/cloudstack/api/command/admin/vpc/UpdateVPCCmdByAdmin.java b/api/src/main/java/org/apache/cloudstack/api/command/admin/vpc/UpdateVPCCmdByAdmin.java index 8606c32a71e..d7761def204 100644 --- a/api/src/main/java/org/apache/cloudstack/api/command/admin/vpc/UpdateVPCCmdByAdmin.java +++ b/api/src/main/java/org/apache/cloudstack/api/command/admin/vpc/UpdateVPCCmdByAdmin.java @@ -34,7 +34,7 @@ @Override public void execute(){ -Vpc result = _vpcService.updateVpc(getId(), getVpcName(), getDisplayText(), getCustomId(), getDisplayVpc()); +Vpc result = _vpcService.updateVpc(getId(), getVpcName(), getDisplayText(), getCustomId(), isDisplayVpc()); if (result != null) { VpcResponse response = _responseGenerator.createVpcResponse(ResponseView.Full, result); response.setResponseName(getCommandName()); diff --git a/api/src/main/java/org/apache/cloudstack/api/command/user/address/ListPublicIpAddressesCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/user/address/ListPublicIpAddressesCmd.java index 0a0e7a12076..d590081104a 100644 --- a/api/src/main/java/org/apache/cloudstack/api/command/user/address/ListPublicIpAddressesCmd.java +++ b/api/src/main/java/org/apache/cloudstack/api/command/user/address/ListPublicIpAddressesCmd.java @@ -133,11 +133,11 @@ public Long getAssociatedNetworkId() { return associatedNetworkId; } -public Boolean getIsSourceNat() { +public Boolean isSourceNat() { return isSourceNat; } -public Boolean getIsStaticNat() { +public Boolean isStaticNat() { return isStaticNat; } diff --git a/api/src/main/java/org/apache/cloudstack/api/command/user/network/ListNetworksCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/user/network/ListNetworksCmd.java index 041d6417044..a61c59734c6 100644 --- a/api/src/main/java/org/apache/cloudstack/api/command/user/network/ListNetworksCmd.java +++ b/api/src/main/java/org/apache/cloudstack/api/command/user/network/ListNetworksCmd.java @@ -123,11 +123,11 @@ public Long getPhysicalNetworkId() { return supportedServices; } -public Boolean getRestartRequired() { +public Boolean isRestartRequired() { return restartRequired; } -public Boolean getSpecifyIpRanges() { +public Boolean isSpecifyIpRanges() { return specifyIpRanges; } diff --git a/api/src/main/java/org/apache/cloudstack/api/command/user/vm/DeployVMCmd.java b/api/src/main/java/org/apache/cloudstack/api/command/user/vm/DeployVMCmd.java index 8161fb2564b..7fc54884099
[jira] [Commented] (CLOUDSTACK-10362) Inconsistent method names
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10362?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16469010#comment-16469010 ] ASF subversion and git services commented on CLOUDSTACK-10362: -- Commit 951f73b10749b1d713ab1d740e6667def4bac212 in cloudstack's branch refs/heads/master from [~BruceKuiLIU] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=951f73b ] CLOUDSTACK-10362: Change the "getXXX" method names to "isXXX" (#2600) These Boolean-return methods are named "getXXX", but other Boolean-return methods are named "isXXX", such as the following two methods. They will return boolean values, rename them as "isXXX" should be more clear than "getXXX". > Inconsistent method names > - > > Key: CLOUDSTACK-10362 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10362 > Project: CloudStack > Issue Type: Improvement > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: KuiLIU >Priority: Major > > Some Boolean-return methods are named "getXXX", > but other Boolean-return methods are named "isXXX", such as the following two > methods. > They will return boolean values, rename them as "isXXX" should be more clear > than "getXXX". > api/src/main/java/org/apache/cloudstack/api/command/admin/vlan/ListVlanIpRangesCmd.java > {code:java} > public Boolean getForVirtualNetwork() { > return forVirtualNetwork; > } > {code} > api/src/main/java/org/apache/cloudstack/api/command/user/address/ListPublicIpAddressesCmd.java > {code:java} > public Boolean isForVirtualNetwork() { > return forVirtualNetwork; > } > {code} -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-10290) Config drive - only supported for secondary storage
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10290?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468845#comment-16468845 ] ASF GitHub Bot commented on CLOUDSTACK-10290: - GabrielBrascher commented on issue #2614: WIP perform config drive creation on primary storage (CLOUDSTACK-10290) URL: https://github.com/apache/cloudstack/pull/2614#issuecomment-387741703 @DaanHoogland @rhtyd Is this still a work in progress? I can help to review if it is ready for testing and review. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > Config drive - only supported for secondary storage > --- > > Key: CLOUDSTACK-10290 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10290 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Affects Versions: 4.11.0.0 >Reporter: Rohit Yadav >Assignee: Daan Hoogland >Priority: Major > > Userdata disk looks like this: > > > file='/mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266/configdrive.iso'/> > > > > > > > Mount is: > root# df /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266 > Filesystem 1K-blocks > Used Available Use% Mounted on > some-nfs-server.com:/nfs/secondary/ConfigDrive/i-2-24-VM 66391040 2973696 > 63417344 5% /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266 > > issue: where to find a primary storage for a VM that is not yet deployed. The > configdrive is created before a storage is assigned. This order of execution > must be reversed for this to work. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-10290) Config drive - only supported for secondary storage
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10290?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468803#comment-16468803 ] ASF GitHub Bot commented on CLOUDSTACK-10290: - rhtyd commented on issue #2614: WIP perform config drive creation on primary storage (CLOUDSTACK-10290) URL: https://github.com/apache/cloudstack/pull/2614#issuecomment-387725700 @DaanHoogland is this ready for testing and review, as per our schedule we were hoping to cut RC1 starting next week (mid May) I'm cutting down on the scope and limiting to completed PRs and blockers. I'll re-add the milestone on your remark. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > Config drive - only supported for secondary storage > --- > > Key: CLOUDSTACK-10290 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10290 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Affects Versions: 4.11.0.0 >Reporter: Rohit Yadav >Assignee: Daan Hoogland >Priority: Major > > Userdata disk looks like this: > > > file='/mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266/configdrive.iso'/> > > > > > > > Mount is: > root# df /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266 > Filesystem 1K-blocks > Used Available Use% Mounted on > some-nfs-server.com:/nfs/secondary/ConfigDrive/i-2-24-VM 66391040 2973696 > 63417344 5% /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266 > > issue: where to find a primary storage for a VM that is not yet deployed. The > configdrive is created before a storage is assigned. This order of execution > must be reversed for this to work. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-10290) Config drive - only supported for secondary storage
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10290?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468801#comment-16468801 ] ASF GitHub Bot commented on CLOUDSTACK-10290: - rhtyd commented on issue #2614: WIP perform config drive creation on primary storage (CLOUDSTACK-10290) URL: https://github.com/apache/cloudstack/pull/2614#issuecomment-387725700 @DaanHoogland is this ready for testing and review, as per our schedule we were hoping to cut RC1 starting next week (mid May) I'm cutting down on the scope and limiting to completed PRs and blockers. -I'll re-add the milestone on your remark.- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > Config drive - only supported for secondary storage > --- > > Key: CLOUDSTACK-10290 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10290 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Affects Versions: 4.11.0.0 >Reporter: Rohit Yadav >Assignee: Daan Hoogland >Priority: Major > > Userdata disk looks like this: > > > file='/mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266/configdrive.iso'/> > > > > > > > Mount is: > root# df /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266 > Filesystem 1K-blocks > Used Available Use% Mounted on > some-nfs-server.com:/nfs/secondary/ConfigDrive/i-2-24-VM 66391040 2973696 > 63417344 5% /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266 > > issue: where to find a primary storage for a VM that is not yet deployed. The > configdrive is created before a storage is assigned. This order of execution > must be reversed for this to work. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-10290) Config drive - only supported for secondary storage
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10290?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468800#comment-16468800 ] ASF GitHub Bot commented on CLOUDSTACK-10290: - rhtyd commented on issue #2614: WIP perform config drive creation on primary storage (CLOUDSTACK-10290) URL: https://github.com/apache/cloudstack/pull/2614#issuecomment-387725700 @DaanHoogland is this ready for testing and review, as per our schedule we were hoping to cut RC1 starting next week (mid May) I'm cutting down on the scope and limiting to completed PRs and blockers. --I'll re-add the milestone on your remark.-- This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > Config drive - only supported for secondary storage > --- > > Key: CLOUDSTACK-10290 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10290 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Affects Versions: 4.11.0.0 >Reporter: Rohit Yadav >Assignee: Daan Hoogland >Priority: Major > > Userdata disk looks like this: > > > file='/mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266/configdrive.iso'/> > > > > > > > Mount is: > root# df /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266 > Filesystem 1K-blocks > Used Available Use% Mounted on > some-nfs-server.com:/nfs/secondary/ConfigDrive/i-2-24-VM 66391040 2973696 > 63417344 5% /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266 > > issue: where to find a primary storage for a VM that is not yet deployed. The > configdrive is created before a storage is assigned. This order of execution > must be reversed for this to work. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-10290) Config drive - only supported for secondary storage
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10290?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468799#comment-16468799 ] ASF GitHub Bot commented on CLOUDSTACK-10290: - rhtyd commented on issue #2614: WIP perform config drive creation on primary storage (CLOUDSTACK-10290) URL: https://github.com/apache/cloudstack/pull/2614#issuecomment-387725700 @DaanHoogland is this ready for testing and review, as per our schedule we were hoping to cut RC1 starting next week (mid May) I'm cutting down on the scope and limiting to completed PRs and blockers. I'll re-add the milestone on your remark. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > Config drive - only supported for secondary storage > --- > > Key: CLOUDSTACK-10290 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10290 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Affects Versions: 4.11.0.0 >Reporter: Rohit Yadav >Assignee: Daan Hoogland >Priority: Major > > Userdata disk looks like this: > > > file='/mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266/configdrive.iso'/> > > > > > > > Mount is: > root# df /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266 > Filesystem 1K-blocks > Used Available Use% Mounted on > some-nfs-server.com:/nfs/secondary/ConfigDrive/i-2-24-VM 66391040 2973696 > 63417344 5% /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266 > > issue: where to find a primary storage for a VM that is not yet deployed. The > configdrive is created before a storage is assigned. This order of execution > must be reversed for this to work. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-10290) Config drive - only supported for secondary storage
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10290?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468792#comment-16468792 ] ASF GitHub Bot commented on CLOUDSTACK-10290: - DaanHoogland commented on issue #2614: WIP perform config drive creation on primary storage (CLOUDSTACK-10290) URL: https://github.com/apache/cloudstack/pull/2614#issuecomment-387724501 @rhtyd this is an issue on 4.11 and needs to go in 4.11.1. If it is not done on release it is time to remove the milestone, not in advance. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > Config drive - only supported for secondary storage > --- > > Key: CLOUDSTACK-10290 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10290 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Affects Versions: 4.11.0.0 >Reporter: Rohit Yadav >Assignee: Daan Hoogland >Priority: Major > > Userdata disk looks like this: > > > file='/mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266/configdrive.iso'/> > > > > > > > Mount is: > root# df /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266 > Filesystem 1K-blocks > Used Available Use% Mounted on > some-nfs-server.com:/nfs/secondary/ConfigDrive/i-2-24-VM 66391040 2973696 > 63417344 5% /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266 > > issue: where to find a primary storage for a VM that is not yet deployed. The > configdrive is created before a storage is assigned. This order of execution > must be reversed for this to work. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-10290) Config drive - only supported for secondary storage
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10290?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468715#comment-16468715 ] ASF GitHub Bot commented on CLOUDSTACK-10290: - rhtyd commented on issue #2614: WIP perform config drive creation on primary storage (CLOUDSTACK-10290) URL: https://github.com/apache/cloudstack/pull/2614#issuecomment-387706058 This is still in WIP, we are not in a state to test/merge by end of this week so I'll move to 4.11.2.0. In case this change we can consider this for 4.11.1.0 before RC1 is cut. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > Config drive - only supported for secondary storage > --- > > Key: CLOUDSTACK-10290 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10290 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Affects Versions: 4.11.0.0 >Reporter: Rohit Yadav >Assignee: Daan Hoogland >Priority: Major > > Userdata disk looks like this: > > > file='/mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266/configdrive.iso'/> > > > > > > > Mount is: > root# df /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266 > Filesystem 1K-blocks > Used Available Use% Mounted on > some-nfs-server.com:/nfs/secondary/ConfigDrive/i-2-24-VM 66391040 2973696 > 63417344 5% /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266 > > issue: where to find a primary storage for a VM that is not yet deployed. The > configdrive is created before a storage is assigned. This order of execution > must be reversed for this to work. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-8609) [VMware] VM is not accessible after a migration across clusters.
[ https://issues.apache.org/jira/browse/CLOUDSTACK-8609?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468714#comment-16468714 ] ASF GitHub Bot commented on CLOUDSTACK-8609: rhtyd commented on issue #2091: CLOUDSTACK-8609: [VMware] VM is not accessible after migration across clusters URL: https://github.com/apache/cloudstack/pull/2091#issuecomment-387705746 @sureshanaparti can you rebase this against latest 4.11. I'll in the interim move this to 4.11.2.0 milestone, if the author does not repond I may take over this PR in future. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > [VMware] VM is not accessible after a migration across clusters. > > > Key: CLOUDSTACK-8609 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8609 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Likitha Shetty >Assignee: Suresh Kumar Anaparti >Priority: Major > Fix For: Future > > > +Steps to reproduce+ > 1. Deploy a VMware zone with 2 clusters (a host each, H1 and H2) and one > zone-wide primary storage spanning the two clusters. > 2. Deploy a VM (VM1) on one of the hosts (H1). > 3. Stop VM1. > 4. Make the host that contains the VM unsuitable for further VM deployments > - host runs out of capacity (cpu/memory) > - host has maximum VMs deployed on it > 5. Start VM1. > 6. VM will be powered on H2 but will not be accessible because the .vmx and > other VM files associated with the VM have been deleted. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once
[ https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468706#comment-16468706 ] ASF GitHub Bot commented on CLOUDSTACK-9114: rhtyd commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime during network restart URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387704470 @blueorangutan test This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > restartnetwork with cleanup should not update/restart both routers at once > -- > > Key: CLOUDSTACK-9114 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114 > Project: CloudStack > Issue Type: Improvement > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Wei Zhou >Assignee: Wei Zhou >Priority: Major > > for now, restartnetwork with cleanup will stop both RVRs at first, then start > two new RVRs. > to reduce the downtime of network, we'd better restart the RVRs one by one. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once
[ https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468707#comment-16468707 ] ASF GitHub Bot commented on CLOUDSTACK-9114: blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime during network restart URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387704582 @rhtyd a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > restartnetwork with cleanup should not update/restart both routers at once > -- > > Key: CLOUDSTACK-9114 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114 > Project: CloudStack > Issue Type: Improvement > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Wei Zhou >Assignee: Wei Zhou >Priority: Major > > for now, restartnetwork with cleanup will stop both RVRs at first, then start > two new RVRs. > to reduce the downtime of network, we'd better restart the RVRs one by one. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once
[ https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468688#comment-16468688 ] ASF GitHub Bot commented on CLOUDSTACK-9114: blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime during network restart URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387698731 Packaging result: ✔centos6 ✔centos7 ✔debian. JID-2036 This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > restartnetwork with cleanup should not update/restart both routers at once > -- > > Key: CLOUDSTACK-9114 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114 > Project: CloudStack > Issue Type: Improvement > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Wei Zhou >Assignee: Wei Zhou >Priority: Major > > for now, restartnetwork with cleanup will stop both RVRs at first, then start > two new RVRs. > to reduce the downtime of network, we'd better restart the RVRs one by one. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once
[ https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468668#comment-16468668 ] ASF GitHub Bot commented on CLOUDSTACK-9114: blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime during network restart URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387692475 @rhtyd a Jenkins job has been kicked to build packages. I'll keep you posted as I make progress. This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > restartnetwork with cleanup should not update/restart both routers at once > -- > > Key: CLOUDSTACK-9114 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114 > Project: CloudStack > Issue Type: Improvement > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Wei Zhou >Assignee: Wei Zhou >Priority: Major > > for now, restartnetwork with cleanup will stop both RVRs at first, then start > two new RVRs. > to reduce the downtime of network, we'd better restart the RVRs one by one. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once
[ https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468667#comment-16468667 ] ASF GitHub Bot commented on CLOUDSTACK-9114: rhtyd commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime during network restart URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387692217 XenServer and Vmware tests are LGTM, 1-2 failure seen in intermittent/env related. I've rebase and fixed conflicts against latest 4.11, will kick test against KVM after packaging. @blueorangutan package This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > restartnetwork with cleanup should not update/restart both routers at once > -- > > Key: CLOUDSTACK-9114 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114 > Project: CloudStack > Issue Type: Improvement > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Wei Zhou >Assignee: Wei Zhou >Priority: Major > > for now, restartnetwork with cleanup will stop both RVRs at first, then start > two new RVRs. > to reduce the downtime of network, we'd better restart the RVRs one by one. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once
[ https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468664#comment-16468664 ] ASF GitHub Bot commented on CLOUDSTACK-9114: blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime during network restart URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387401151 @rhtyd a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > restartnetwork with cleanup should not update/restart both routers at once > -- > > Key: CLOUDSTACK-9114 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114 > Project: CloudStack > Issue Type: Improvement > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Wei Zhou >Assignee: Wei Zhou >Priority: Major > > for now, restartnetwork with cleanup will stop both RVRs at first, then start > two new RVRs. > to reduce the downtime of network, we'd better restart the RVRs one by one. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once
[ https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468663#comment-16468663 ] ASF GitHub Bot commented on CLOUDSTACK-9114: blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime during network restart URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387513278 Trillian test result (tid-2642) Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7 Total time taken: 19756 seconds Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr2508-t2642-kvm-centos7.zip Intermitten failure detected: /marvin/tests/smoke/test_privategw_acl.py Intermitten failure detected: /marvin/tests/smoke/test_vm_life_cycle.py Intermitten failure detected: /marvin/tests/smoke/test_vpc_vpn.py Intermitten failure detected: /marvin/tests/smoke/test_host_maintenance.py Intermitten failure detected: /marvin/tests/smoke/test_hostha_kvm.py Smoke tests completed. 62 look OK, 5 have error(s) Only failed tests results shown below: Test | Result | Time (s) | Test File --- | --- | --- | --- test_03_vpc_privategw_restart_vpc_cleanup | `Error` | 108.80 | test_privategw_acl.py test_01_secured_vm_migration | `Error` | 1.13 | test_vm_life_cycle.py test_02_not_secured_vm_migration | `Error` | 1.11 | test_vm_life_cycle.py test_03_secured_to_nonsecured_vm_migration | `Error` | 1.12 | test_vm_life_cycle.py test_04_nonsecured_to_secured_vm_migration | `Error` | 1.11 | test_vm_life_cycle.py test_08_migrate_vm | `Error` | 5.30 | test_vm_life_cycle.py test_01_redundant_vpc_site2site_vpn | `Failure` | 194.79 | test_vpc_vpn.py test_01_vpc_site2site_vpn | `Failure` | 137.51 | test_vpc_vpn.py test_01_cancel_host_maintenace_with_no_migration_jobs | `Failure` | 0.11 | test_host_maintenance.py test_02_cancel_host_maintenace_with_migration_jobs | `Error` | 2.31 | test_host_maintenance.py test_hostha_enable_ha_when_host_in_maintenance | `Error` | 4.58 | test_hostha_kvm.py This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > restartnetwork with cleanup should not update/restart both routers at once > -- > > Key: CLOUDSTACK-9114 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114 > Project: CloudStack > Issue Type: Improvement > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Wei Zhou >Assignee: Wei Zhou >Priority: Major > > for now, restartnetwork with cleanup will stop both RVRs at first, then start > two new RVRs. > to reduce the downtime of network, we'd better restart the RVRs one by one. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once
[ https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468665#comment-16468665 ] ASF GitHub Bot commented on CLOUDSTACK-9114: rhtyd commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime during network restart URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387400987 @blueorangutan test This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > restartnetwork with cleanup should not update/restart both routers at once > -- > > Key: CLOUDSTACK-9114 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114 > Project: CloudStack > Issue Type: Improvement > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Wei Zhou >Assignee: Wei Zhou >Priority: Major > > for now, restartnetwork with cleanup will stop both RVRs at first, then start > two new RVRs. > to reduce the downtime of network, we'd better restart the RVRs one by one. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once
[ https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468666#comment-16468666 ] ASF GitHub Bot commented on CLOUDSTACK-9114: blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime during network restart URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387397331 Packaging result: ✔centos6 ✔centos7 ✔debian. JID-2029 This is an automated message from the Apache Git Service. To respond to the message, please log on GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org > restartnetwork with cleanup should not update/restart both routers at once > -- > > Key: CLOUDSTACK-9114 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114 > Project: CloudStack > Issue Type: Improvement > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Wei Zhou >Assignee: Wei Zhou >Priority: Major > > for now, restartnetwork with cleanup will stop both RVRs at first, then start > two new RVRs. > to reduce the downtime of network, we'd better restart the RVRs one by one. -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (CLOUDSTACK-10284) Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM.
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10284?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468644#comment-16468644 ] ASF subversion and git services commented on CLOUDSTACK-10284: -- Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/master from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. > -- > > Key: CLOUDSTACK-10284 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10284 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Nitesh Sarda >Priority: Major > Fix For: 4.12 > > > ISSUE >
[jira] [Commented] (CLOUDSTACK-10221) Allow specification of IPv6 details when creating Basic Network
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468645#comment-16468645 ] ASF subversion and git services commented on CLOUDSTACK-10221: -- Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/master from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > Allow specification of IPv6 details when creating Basic Network > --- > > Key: CLOUDSTACK-10221 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10221 > Project: CloudStack > Issue Type: Improvement > Security Level: Public(Anyone can view this level - this is the > default.) > Components: Management Server, Network Controller >Affects Versions: 4.10.0.0, 4.11.0.0 > Environment: Basic
[jira] [Commented] (CLOUDSTACK-9338) updateResourceCount not accounting resources of VMs with custom service offering
[ https://issues.apache.org/jira/browse/CLOUDSTACK-9338?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468649#comment-16468649 ] ASF subversion and git services commented on CLOUDSTACK-9338: - Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/master from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > updateResourceCount not accounting resources of VMs with custom service > offering > > > Key: CLOUDSTACK-9338 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9338 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Components: API, Cloudmonkey, UI >Affects Versions: 4.5.2, 4.8.0 > Environment:
[jira] [Commented] (CLOUDSTACK-10054) Volume download times out in 3600 seconds
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10054?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468647#comment-16468647 ] ASF subversion and git services commented on CLOUDSTACK-10054: -- Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/master from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > Volume download times out in 3600 seconds > - > > Key: CLOUDSTACK-10054 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10054 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: mrunalini >Priority: Major > > Problem Statement - > When tried to download a volume of type Vmware with large size, it fails in > an hour before
[jira] [Commented] (CLOUDSTACK-10259) Missing float part of secondary storage data when calculating secondary storage usage in listAccounts
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10259?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468648#comment-16468648 ] ASF subversion and git services commented on CLOUDSTACK-10259: -- Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/master from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > Missing float part of secondary storage data when calculating secondary > storage usage in listAccounts > -- > > Key: CLOUDSTACK-10259 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10259 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Rafael Weingärtner >
[jira] [Commented] (CLOUDSTACK-10230) User is able to change to “Guest OS type” that has been removed
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468651#comment-16468651 ] ASF subversion and git services commented on CLOUDSTACK-10230: -- Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/master from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > User is able to change to “Guest OS type” that has been removed > > > Key: CLOUDSTACK-10230 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10230 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Rafael Weingärtner >Assignee: Rafael Weingärtner >Priority: Critical > Fix For:
[jira] [Commented] (CLOUDSTACK-10214) Unable to remove local primary storage
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10214?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468646#comment-16468646 ] ASF subversion and git services commented on CLOUDSTACK-10214: -- Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/master from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > Unable to remove local primary storage > --- > > Key: CLOUDSTACK-10214 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10214 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Affects Versions: 4.10.0.0, 4.9.3.0 >Reporter: Rafael Weingärtner >Assignee: Rafael Weingärtner >Priority: Major > Fix For: 4.12 > > >
[jira] [Commented] (CLOUDSTACK-10318) Bug on sorting ACL rules list in chrome
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10318?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468643#comment-16468643 ] ASF subversion and git services commented on CLOUDSTACK-10318: -- Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/master from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > Bug on sorting ACL rules list in chrome > > > Key: CLOUDSTACK-10318 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10318 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Rafael Weingärtner >Assignee: Rafael Weingärtner >Priority: Major > Fix For: 4.12 > > > There is a bug on ACL rules list when a
[jira] [Commented] (CLOUDSTACK-10230) User is able to change to “Guest OS type” that has been removed
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468650#comment-16468650 ] ASF subversion and git services commented on CLOUDSTACK-10230: -- Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/master from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > User is able to change to “Guest OS type” that has been removed > > > Key: CLOUDSTACK-10230 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10230 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Rafael Weingärtner >Assignee: Rafael Weingärtner >Priority: Critical > Fix For:
[jira] [Commented] (CLOUDSTACK-10147) Disabled Xenserver cluster can still deploy VMs
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468642#comment-16468642 ] ASF subversion and git services commented on CLOUDSTACK-10147: -- Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/master from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > Disabled Xenserver cluster can still deploy VMs > > > Key: CLOUDSTACK-10147 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10147 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Components: Management Server, UI >Affects Versions: 4.10.0.0, 4.9.2.0 > Environment: Xenserver 6.2, 7 >Reporter: Glenn Wagner >
[jira] [Commented] (CLOUDSTACK-10230) User is able to change to “Guest OS type” that has been removed
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468631#comment-16468631 ] ASF subversion and git services commented on CLOUDSTACK-10230: -- Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/4.11 from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > User is able to change to “Guest OS type” that has been removed > > > Key: CLOUDSTACK-10230 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10230 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Rafael Weingärtner >Assignee: Rafael Weingärtner >Priority: Critical > Fix For:
[jira] [Commented] (CLOUDSTACK-9338) updateResourceCount not accounting resources of VMs with custom service offering
[ https://issues.apache.org/jira/browse/CLOUDSTACK-9338?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468629#comment-16468629 ] ASF subversion and git services commented on CLOUDSTACK-9338: - Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/4.11 from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > updateResourceCount not accounting resources of VMs with custom service > offering > > > Key: CLOUDSTACK-9338 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9338 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Components: API, Cloudmonkey, UI >Affects Versions: 4.5.2, 4.8.0 > Environment:
[jira] [Commented] (CLOUDSTACK-10054) Volume download times out in 3600 seconds
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10054?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468627#comment-16468627 ] ASF subversion and git services commented on CLOUDSTACK-10054: -- Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/4.11 from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > Volume download times out in 3600 seconds > - > > Key: CLOUDSTACK-10054 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10054 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: mrunalini >Priority: Major > > Problem Statement - > When tried to download a volume of type Vmware with large size, it fails in > an hour before
[jira] [Commented] (CLOUDSTACK-10259) Missing float part of secondary storage data when calculating secondary storage usage in listAccounts
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10259?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468628#comment-16468628 ] ASF subversion and git services commented on CLOUDSTACK-10259: -- Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/4.11 from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > Missing float part of secondary storage data when calculating secondary > storage usage in listAccounts > -- > > Key: CLOUDSTACK-10259 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10259 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Rafael Weingärtner >
[jira] [Commented] (CLOUDSTACK-10147) Disabled Xenserver cluster can still deploy VMs
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468622#comment-16468622 ] ASF subversion and git services commented on CLOUDSTACK-10147: -- Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/4.11 from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > Disabled Xenserver cluster can still deploy VMs > > > Key: CLOUDSTACK-10147 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10147 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) > Components: Management Server, UI >Affects Versions: 4.10.0.0, 4.9.2.0 > Environment: Xenserver 6.2, 7 >Reporter: Glenn Wagner >
[jira] [Commented] (CLOUDSTACK-10221) Allow specification of IPv6 details when creating Basic Network
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468625#comment-16468625 ] ASF subversion and git services commented on CLOUDSTACK-10221: -- Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/4.11 from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > Allow specification of IPv6 details when creating Basic Network > --- > > Key: CLOUDSTACK-10221 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10221 > Project: CloudStack > Issue Type: Improvement > Security Level: Public(Anyone can view this level - this is the > default.) > Components: Management Server, Network Controller >Affects Versions: 4.10.0.0, 4.11.0.0 > Environment: Basic
[jira] [Commented] (CLOUDSTACK-10318) Bug on sorting ACL rules list in chrome
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10318?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468623#comment-16468623 ] ASF subversion and git services commented on CLOUDSTACK-10318: -- Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/4.11 from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > Bug on sorting ACL rules list in chrome > > > Key: CLOUDSTACK-10318 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10318 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Rafael Weingärtner >Assignee: Rafael Weingärtner >Priority: Major > Fix For: 4.12 > > > There is a bug on ACL rules list when a
[jira] [Commented] (CLOUDSTACK-10214) Unable to remove local primary storage
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10214?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468626#comment-16468626 ] ASF subversion and git services commented on CLOUDSTACK-10214: -- Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/4.11 from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > Unable to remove local primary storage > --- > > Key: CLOUDSTACK-10214 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10214 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Affects Versions: 4.10.0.0, 4.9.3.0 >Reporter: Rafael Weingärtner >Assignee: Rafael Weingärtner >Priority: Major > Fix For: 4.12 > > >
[jira] [Commented] (CLOUDSTACK-10230) User is able to change to “Guest OS type” that has been removed
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468630#comment-16468630 ] ASF subversion and git services commented on CLOUDSTACK-10230: -- Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/4.11 from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > User is able to change to “Guest OS type” that has been removed > > > Key: CLOUDSTACK-10230 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10230 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Rafael Weingärtner >Assignee: Rafael Weingärtner >Priority: Critical > Fix For:
[jira] [Commented] (CLOUDSTACK-10284) Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM.
[ https://issues.apache.org/jira/browse/CLOUDSTACK-10284?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468624#comment-16468624 ] ASF subversion and git services commented on CLOUDSTACK-10284: -- Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch refs/heads/4.11 from [~rohithsharma] [ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ] backports for 4.11.1 from master (#2621) * CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code to skip disabled clusters when selecting a host (#2442) (cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f) Signed-off-by: Rohit Yadav* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478) (cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873) Signed-off-by: Rohit Yadav * CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. Signed-off-by: Rohit Yadav * CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397) Since CloudStack 4.10 Basic Networking supports IPv6 and thus should be allowed to be specified when creating a network. Signed-off-by: Wido den Hollander (cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946) Signed-off-by: Rohit Yadav * CLOUDSTACK-10214: Unable to remove local primary storage (#2390) Allow admins to remove primary storage pool. Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5 Signed-off-by: Rohit Yadav * dateutil: constistency of tzdate input and output (#2392) Signed-off-by: Yoan Blanc Signed-off-by: Daan Hoogland (cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2) Signed-off-by: Rohit Yadav * CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244) (cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086) Signed-off-by: Rohit Yadav * When creating a new account (via domain admin) it is possible to select “root admin” as the role for the new user (#2606) * create account with domain admin showing 'root admin' role Domain admins should not be able to assign the role of root admin to new users. Therefore, the role ‘root admin’ (or any other of the same type) should not be visible to domain admins. * License and formatting * Break long sentence into multiple lines * Fix wording of method 'getCurrentAccount' * fix typo in variable name * [CLOUDSTACK-10259] Missing float part of secondary storage data in listAccounts * [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service offering ACS is accounting the resources properly when deploying VMs with custom service offerings. However, there are other methods (such as updateResourceCount) that do not execute the resource accounting properly, and these methods update the resource count for an account in the database. Therefore, if a user deploys VMs with custom service offerings, and later this user calls the “updateResourceCount” method, it (the method) will only account for VMs with normal service offerings, and update this as the number of resources used by the account. This will result in a smaller number of resources to be accounted for the given account than the real used value. The problem becomes worse because if the user starts to delete these VMs, it is possible to reach negative values of resources allocated (breaking all of the resource limiting for accounts). This is a very serious attack vector for public cloud providers! * [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” (#2404) * [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been removed Users are able to change the OS type of VMs to “Guest OS type” that has been removed. This becomes a security issue when we try to force users to use HVM VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by any users in the cloud. * Remove trailing lines that are breaking build due to checkstyle compliance * Remove unused imports * fix classes that were in the wrong folder structure * Updates to capacity management > Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM. > -- > > Key: CLOUDSTACK-10284 > URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10284 > Project: CloudStack > Issue Type: Bug > Security Level: Public(Anyone can view this level - this is the > default.) >Reporter: Nitesh Sarda >Priority: Major > Fix For: 4.12 > > > ISSUE >