[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16469433#comment-16469433
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime 
during network restart
URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387864439
 
 
   Trillian test result (tid-2651)
   Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
   Total time taken: 31613 seconds
   Marvin logs: 
https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr2508-t2651-kvm-centos7.zip
   Intermitten failure detected: /marvin/tests/smoke/test_privategw_acl.py
   Intermitten failure detected: /marvin/tests/smoke/test_ssvm.py
   Smoke tests completed. 66 look OK, 0 have error(s)
   Only failed tests results shown below:
   
   
   Test | Result | Time (s) | Test File
   --- | --- | --- | ---
   


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-4045) IP address acquired with associateIpAddress is marked as source NAT, causing disassociateIpAddress to fail later

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-4045?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16469064#comment-16469064
 ] 

ASF GitHub Bot commented on CLOUDSTACK-4045:


DaanHoogland commented on issue #2382: CLOUDSTACK-4045 IP address acquired with 
associateIpAddress is marked as source NAT
URL: https://github.com/apache/cloudstack/pull/2382#issuecomment-387801824
 
 
   I think it is a bugfix, but no biggy. tried to just retarget but that pulls 
in unwanted stuff: rebase needed! @houthuis @rhtyd 


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> IP address acquired with associateIpAddress is marked as source NAT, causing 
> disassociateIpAddress to fail later
> 
>
> Key: CLOUDSTACK-4045
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-4045
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.0.0, 4.0.1, 4.0.2, 4.1.0, 4.1.1, 4.2.0
>Reporter: Murali Reddy
>Assignee: Henko Holtzhausen
>Priority: Major
> Fix For: Future
>
>
> When you can create network, network is in allocated state. when network is 
> implemented CloudStack implicitly should acquire a public IP for source nat. 
> But there is assumption that first IP this is associated with network is 
> always for source NAT IP. So when you do
> 1. create network (network is in allocated state)
> 2. acquire a public IP and associate with the network
> 3. disassociate ip address
> #3 will fail because CloudStack marks the IP acquired in #1 to be source NAT. 
> For users this is counter-intutive because when a IP is acquired, he/she 
> should be able to release it as well.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10290) Config drive - only supported for secondary storage

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10290?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16469059#comment-16469059
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10290:
-

DaanHoogland commented on issue #2614: WIP perform config drive creation on 
primary storage (CLOUDSTACK-10290)
URL: https://github.com/apache/cloudstack/pull/2614#issuecomment-387800336
 
 
   @GabrielBrascher it is not fully functional yet. I would like review.
   The problem I am facing is that ConfigDrive is part of network configuration 
and no Primary storage is know yet before creating or (re-)starting a VM, so no 
where to create the ConfigDrive on. I need to solve that. Ideas welcome.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Config drive - only supported for secondary storage
> ---
>
> Key: CLOUDSTACK-10290
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10290
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.11.0.0
>Reporter: Rohit Yadav
>Assignee: Daan Hoogland
>Priority: Major
>
> Userdata disk looks like this:
>  
>    
>     file='/mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266/configdrive.iso'/>
>    
>    
>    
>    
>    
>      
> Mount is:
> root# df /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266
>  Filesystem   1K-blocks   
>  Used Available Use% Mounted on
>  some-nfs-server.com:/nfs/secondary/ConfigDrive/i-2-24-VM  66391040 2973696  
> 63417344   5% /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266
>  
> issue: where to find a primary storage for a VM that is not yet deployed. The 
> configdrive is created before a storage is assigned. This order of execution 
> must be reversed for this to work.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10087) Template registration errors out when template URL is https

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10087?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16469035#comment-16469035
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10087:
-

rhtyd closed pull request #2271: CLOUDSTACK-10087 Template registration errors 
out when template URL i…
URL: https://github.com/apache/cloudstack/pull/2271
 
 
   

This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:

As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):

diff --git a/systemvm/debian/opt/cloud/bin/setup/secstorage.sh 
b/systemvm/debian/opt/cloud/bin/setup/secstorage.sh
index 8b6d4ee5a4b..838c7b2fc9d 100755
--- a/systemvm/debian/opt/cloud/bin/setup/secstorage.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/secstorage.sh
@@ -80,6 +80,17 @@ CORS
   rm -f /etc/logrotate.d/cloud
 }
 
+import_jvm_cacerts(){
+ log_it "importing jvm keystore to realhostip keystore"
+ keyStore=/usr/local/cloud/systemvm/certs/realhostip.keystore
+ storepass="vmops.com"
+ java_home=$(readlink -f $(which java) | sed "s:/bin/java::")
+ java_keystore=$java_home/jre/lib/security/cacerts
+ java_store_pass="changeit"
+ keytool -importkeystore -srckeystore $java_keystore -srcstorepass 
$java_store_pass -destkeystore $keyStore -deststorepass $storepass -noprompt
+ log_it "import of jvm keystore to realhostip keystore completed"
+}
+
 secstorage_svcs
 if [ $? -gt 0 ]
 then
@@ -87,3 +98,4 @@ then
   exit 1
 fi
 setup_secstorage
+import_jvm_cacerts


 


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Template registration errors out when template URL is https
> ---
>
> Key: CLOUDSTACK-10087
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10087
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: sudharma jain
>Priority: Major
>
> *Management server logs:*
> 2017-08-23 08:55:36,706 DEBUG [c.c.a.t.Request] (AgentManager-Handler-5:null) 
> (logid:) Seq 4-7842174326135586819: Processing:  { Ans: , MgmtId: 4278190080, 
> via: 4, Ver: v1, Flags: 110, 
> [{"com.cloud.agent.api.Answer":{"result":false,"details":"com.amazonaws.SdkClientException:
>  Unable to execute HTTP request: sun.security.validator.ValidatorException: 
> PKIX path building failed: 
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find 
> valid certification path to requested target\n\tat 
> com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:972)\n\tat
>  
> com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:676)\n\tat
>  
> com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:650)\n\tat
>  
> com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:633)\n\tat
>  
> com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$300(AmazonHttpClient.java:601)\n\tat
>  
> com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:583)\n\tat
>  com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:447)\n\tat 
> com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:4137)\n\tat
>  
> com.amazonaws.services.s3.AmazonS3Client.getBucketRegionViaHeadRequest(AmazonS3Client.java:4856)\n\tat
>  
> com.amazonaws.services.s3.AmazonS3Client.fetchRegionFromCache(AmazonS3Client.java:4830)\n\tat
>  
> com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:4122)\n\tat
>  
> com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:4079)\n\tat
>  
> com.amazonaws.services.s3.AmazonS3Client.listObjects(AmazonS3Client.java:819)\n\tat
>  com.cloud.utils.storage.S3.S3Utils.listDirectory(S3Utils.java:179)\n\tat 
> org.apache.cloudstack.storage.resource.NfsSecondaryStorageResource.s3ListVolume(NfsSecondaryStorageResource.java:1667)\n\tat
>  
> org.apache.cloudstack.storage.resource.NfsSecondaryStorageResource.execute(NfsSecondaryStorageResource.java:1721)\n\tat
>  
> org.apache.cloudstack.storage.resource.NfsSecondaryStorageResource.executeRequest(NfsSecondaryStorageResource.java:277)\n\tat
>  
> com.cloud.storage.resource.PremiumSecondaryStorageResource.defaultAction(PremiumSecondaryStorageResource.java:64)\n\tat
>  
> com.cloud.storage.resource.PremiumSecondaryStorageResource.executeRequest(PremiumSecondaryStorageResource.java:60)\n\tat
>

[jira] [Commented] (CLOUDSTACK-10087) Template registration errors out when template URL is https

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10087?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16469034#comment-16469034
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10087:
-

rhtyd commented on issue #2271: CLOUDSTACK-10087 Template registration errors 
out when template URL i…
URL: https://github.com/apache/cloudstack/pull/2271#issuecomment-387796819
 
 
   This has been fixed by way of initial systemvm patching in 
https://github.com/apache/cloudstack/commit/ddc8d131c080c363d82eadd75c811faaad81e9f9
   
   Closing this as this is already fixed.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Template registration errors out when template URL is https
> ---
>
> Key: CLOUDSTACK-10087
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10087
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: sudharma jain
>Priority: Major
>
> *Management server logs:*
> 2017-08-23 08:55:36,706 DEBUG [c.c.a.t.Request] (AgentManager-Handler-5:null) 
> (logid:) Seq 4-7842174326135586819: Processing:  { Ans: , MgmtId: 4278190080, 
> via: 4, Ver: v1, Flags: 110, 
> [{"com.cloud.agent.api.Answer":{"result":false,"details":"com.amazonaws.SdkClientException:
>  Unable to execute HTTP request: sun.security.validator.ValidatorException: 
> PKIX path building failed: 
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find 
> valid certification path to requested target\n\tat 
> com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeHelper(AmazonHttpClient.java:972)\n\tat
>  
> com.amazonaws.http.AmazonHttpClient$RequestExecutor.doExecute(AmazonHttpClient.java:676)\n\tat
>  
> com.amazonaws.http.AmazonHttpClient$RequestExecutor.executeWithTimer(AmazonHttpClient.java:650)\n\tat
>  
> com.amazonaws.http.AmazonHttpClient$RequestExecutor.execute(AmazonHttpClient.java:633)\n\tat
>  
> com.amazonaws.http.AmazonHttpClient$RequestExecutor.access$300(AmazonHttpClient.java:601)\n\tat
>  
> com.amazonaws.http.AmazonHttpClient$RequestExecutionBuilderImpl.execute(AmazonHttpClient.java:583)\n\tat
>  com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:447)\n\tat 
> com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:4137)\n\tat
>  
> com.amazonaws.services.s3.AmazonS3Client.getBucketRegionViaHeadRequest(AmazonS3Client.java:4856)\n\tat
>  
> com.amazonaws.services.s3.AmazonS3Client.fetchRegionFromCache(AmazonS3Client.java:4830)\n\tat
>  
> com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:4122)\n\tat
>  
> com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:4079)\n\tat
>  
> com.amazonaws.services.s3.AmazonS3Client.listObjects(AmazonS3Client.java:819)\n\tat
>  com.cloud.utils.storage.S3.S3Utils.listDirectory(S3Utils.java:179)\n\tat 
> org.apache.cloudstack.storage.resource.NfsSecondaryStorageResource.s3ListVolume(NfsSecondaryStorageResource.java:1667)\n\tat
>  
> org.apache.cloudstack.storage.resource.NfsSecondaryStorageResource.execute(NfsSecondaryStorageResource.java:1721)\n\tat
>  
> org.apache.cloudstack.storage.resource.NfsSecondaryStorageResource.executeRequest(NfsSecondaryStorageResource.java:277)\n\tat
>  
> com.cloud.storage.resource.PremiumSecondaryStorageResource.defaultAction(PremiumSecondaryStorageResource.java:64)\n\tat
>  
> com.cloud.storage.resource.PremiumSecondaryStorageResource.executeRequest(PremiumSecondaryStorageResource.java:60)\n\tat
>  com.cloud.agent.Agent.processRequest(Agent.java:525)\n\tat 
> com.cloud.agent.Agent$AgentRequestHandler.doTask(Agent.java:833)\n\tat 
> com.cloud.utils.nio.Task.call(Task.java:83)\n\tat 
> com.cloud.utils.nio.Task.call(Task.java:29)\n\tat 
> java.util.concurrent.FutureTask.run(FutureTask.java:266)\n\tat 
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)\n\tat
>  
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)\n\tat
>  java.lang.Thread.run(Thread.java:745)\nCaused by: 
> javax.net.ssl.SSLHandshakeException: 
> sun.security.validator.ValidatorException: PKIX path building failed: 
> sun.security.provider.certpath.SunCertPathBuilderException: unable to find 
> valid certification path to requested target\n\tat 
> sun.security.ssl.Alerts.getSSLException(Alerts.java:192)\n\tat 
> sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)\n\tat 
> sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)\n\tat 
> sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)\n\tat 
>

[jira] [Commented] (CLOUDSTACK-4045) IP address acquired with associateIpAddress is marked as source NAT, causing disassociateIpAddress to fail later

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-4045?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16469031#comment-16469031
 ] 

ASF GitHub Bot commented on CLOUDSTACK-4045:


rhtyd commented on issue #2382: CLOUDSTACK-4045 IP address acquired with 
associateIpAddress is marked as source NAT
URL: https://github.com/apache/cloudstack/pull/2382#issuecomment-387796184
 
 
   @houthuis @DaanHoogland @nvazquez @PaulAngus @borisstoyanov  ping - can 
anyone advise if this needs to be in 4.11 or we should keep for master?


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> IP address acquired with associateIpAddress is marked as source NAT, causing 
> disassociateIpAddress to fail later
> 
>
> Key: CLOUDSTACK-4045
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-4045
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.0.0, 4.0.1, 4.0.2, 4.1.0, 4.1.1, 4.2.0
>Reporter: Murali Reddy
>Assignee: Henko Holtzhausen
>Priority: Major
> Fix For: Future
>
>
> When you can create network, network is in allocated state. when network is 
> implemented CloudStack implicitly should acquire a public IP for source nat. 
> But there is assumption that first IP this is associated with network is 
> always for source NAT IP. So when you do
> 1. create network (network is in allocated state)
> 2. acquire a public IP and associate with the network
> 3. disassociate ip address
> #3 will fail because CloudStack marks the IP acquired in #1 to be source NAT. 
> For users this is counter-intutive because when a IP is acquired, he/she 
> should be able to release it as well.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10362) Inconsistent method names

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10362?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16469009#comment-16469009
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10362:
-

rhtyd closed pull request #2600: CLOUDSTACK-10362: Change the "getXXX" method 
names to "isXXX".
URL: https://github.com/apache/cloudstack/pull/2600
 
 
   

This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:

As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):

diff --git 
a/api/src/main/java/org/apache/cloudstack/api/command/admin/offering/CreateServiceOfferingCmd.java
 
b/api/src/main/java/org/apache/cloudstack/api/command/admin/offering/CreateServiceOfferingCmd.java
index 0bde79bbd7b..3448698cd37 100644
--- 
a/api/src/main/java/org/apache/cloudstack/api/command/admin/offering/CreateServiceOfferingCmd.java
+++ 
b/api/src/main/java/org/apache/cloudstack/api/command/admin/offering/CreateServiceOfferingCmd.java
@@ -166,15 +166,15 @@ public String getServiceOfferingName() {
 return serviceOfferingName;
 }
 
-public Boolean getOfferHa() {
+public Boolean isOfferHa() {
 return offerHa == null ? Boolean.FALSE : offerHa;
 }
 
-public Boolean GetLimitCpuUse() {
+public Boolean isLimitCpuUse() {
 return limitCpuUse == null ? Boolean.FALSE : limitCpuUse;
 }
 
-public Boolean getVolatileVm() {
+public Boolean isVolatileVm() {
 return isVolatile == null ? Boolean.FALSE : isVolatile;
 }
 
diff --git 
a/api/src/main/java/org/apache/cloudstack/api/command/admin/vlan/ListVlanIpRangesCmd.java
 
b/api/src/main/java/org/apache/cloudstack/api/command/admin/vlan/ListVlanIpRangesCmd.java
index d4f2d5ad611..d5edd301a66 100644
--- 
a/api/src/main/java/org/apache/cloudstack/api/command/admin/vlan/ListVlanIpRangesCmd.java
+++ 
b/api/src/main/java/org/apache/cloudstack/api/command/admin/vlan/ListVlanIpRangesCmd.java
@@ -119,7 +119,7 @@ public Long getNetworkId() {
 return networkId;
 }
 
-public Boolean getForVirtualNetwork() {
+public Boolean isForVirtualNetwork() {
 return forVirtualNetwork;
 }
 
diff --git 
a/api/src/main/java/org/apache/cloudstack/api/command/admin/vpc/UpdateVPCCmdByAdmin.java
 
b/api/src/main/java/org/apache/cloudstack/api/command/admin/vpc/UpdateVPCCmdByAdmin.java
index 8606c32a71e..d7761def204 100644
--- 
a/api/src/main/java/org/apache/cloudstack/api/command/admin/vpc/UpdateVPCCmdByAdmin.java
+++ 
b/api/src/main/java/org/apache/cloudstack/api/command/admin/vpc/UpdateVPCCmdByAdmin.java
@@ -34,7 +34,7 @@
 
 @Override
 public void execute(){
-Vpc result = _vpcService.updateVpc(getId(), getVpcName(), 
getDisplayText(), getCustomId(), getDisplayVpc());
+Vpc result = _vpcService.updateVpc(getId(), getVpcName(), 
getDisplayText(), getCustomId(), isDisplayVpc());
 if (result != null) {
 VpcResponse response = 
_responseGenerator.createVpcResponse(ResponseView.Full, result);
 response.setResponseName(getCommandName());
diff --git 
a/api/src/main/java/org/apache/cloudstack/api/command/user/address/ListPublicIpAddressesCmd.java
 
b/api/src/main/java/org/apache/cloudstack/api/command/user/address/ListPublicIpAddressesCmd.java
index 0a0e7a12076..d590081104a 100644
--- 
a/api/src/main/java/org/apache/cloudstack/api/command/user/address/ListPublicIpAddressesCmd.java
+++ 
b/api/src/main/java/org/apache/cloudstack/api/command/user/address/ListPublicIpAddressesCmd.java
@@ -133,11 +133,11 @@ public Long getAssociatedNetworkId() {
 return associatedNetworkId;
 }
 
-public Boolean getIsSourceNat() {
+public Boolean isSourceNat() {
 return isSourceNat;
 }
 
-public Boolean getIsStaticNat() {
+public Boolean isStaticNat() {
 return isStaticNat;
 }
 
diff --git 
a/api/src/main/java/org/apache/cloudstack/api/command/user/network/ListNetworksCmd.java
 
b/api/src/main/java/org/apache/cloudstack/api/command/user/network/ListNetworksCmd.java
index 041d6417044..a61c59734c6 100644
--- 
a/api/src/main/java/org/apache/cloudstack/api/command/user/network/ListNetworksCmd.java
+++ 
b/api/src/main/java/org/apache/cloudstack/api/command/user/network/ListNetworksCmd.java
@@ -123,11 +123,11 @@ public Long getPhysicalNetworkId() {
 return supportedServices;
 }
 
-public Boolean getRestartRequired() {
+public Boolean isRestartRequired() {
 return restartRequired;
 }
 
-public Boolean getSpecifyIpRanges() {
+public Boolean isSpecifyIpRanges() {
 return specifyIpRanges;
 }
 
diff --git 
a/api/src/main/java/org/apache/cloudstack/api/command/user/vm/DeployVMCmd.java 
b/api/src/main/java/org/apache/cloudstack/api/command/user/vm/DeployVMCmd.java
index 8161fb2564b..7fc54884099

[jira] [Commented] (CLOUDSTACK-10362) Inconsistent method names

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10362?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16469010#comment-16469010
 ] 

ASF subversion and git services commented on CLOUDSTACK-10362:
--

Commit 951f73b10749b1d713ab1d740e6667def4bac212 in cloudstack's branch 
refs/heads/master from [~BruceKuiLIU]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=951f73b ]

CLOUDSTACK-10362: Change the "getXXX" method names to "isXXX" (#2600)

These Boolean-return methods are named "getXXX", but other Boolean-return 
methods are named "isXXX", such as the following two methods. They will return 
boolean values, rename them as "isXXX" should be more clear than "getXXX".

> Inconsistent method names
> -
>
> Key: CLOUDSTACK-10362
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10362
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: KuiLIU
>Priority: Major
>
> Some Boolean-return methods are named "getXXX",
> but other Boolean-return methods are named "isXXX", such as the following two 
> methods.
> They will return boolean values, rename them as "isXXX" should be more clear 
> than "getXXX".
> api/src/main/java/org/apache/cloudstack/api/command/admin/vlan/ListVlanIpRangesCmd.java
> {code:java}
>  public Boolean getForVirtualNetwork() {
>  return forVirtualNetwork;
>  }
> {code}
> api/src/main/java/org/apache/cloudstack/api/command/user/address/ListPublicIpAddressesCmd.java
> {code:java}
> public Boolean isForVirtualNetwork() {
> return forVirtualNetwork;
> }
> {code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10290) Config drive - only supported for secondary storage

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10290?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468845#comment-16468845
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10290:
-

GabrielBrascher commented on issue #2614: WIP perform config drive creation on 
primary storage (CLOUDSTACK-10290)
URL: https://github.com/apache/cloudstack/pull/2614#issuecomment-387741703
 
 
   @DaanHoogland @rhtyd Is this still a work in progress? I can help to review 
if it is ready for testing and review.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Config drive - only supported for secondary storage
> ---
>
> Key: CLOUDSTACK-10290
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10290
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.11.0.0
>Reporter: Rohit Yadav
>Assignee: Daan Hoogland
>Priority: Major
>
> Userdata disk looks like this:
>  
>    
>     file='/mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266/configdrive.iso'/>
>    
>    
>    
>    
>    
>      
> Mount is:
> root# df /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266
>  Filesystem   1K-blocks   
>  Used Available Use% Mounted on
>  some-nfs-server.com:/nfs/secondary/ConfigDrive/i-2-24-VM  66391040 2973696  
> 63417344   5% /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266
>  
> issue: where to find a primary storage for a VM that is not yet deployed. The 
> configdrive is created before a storage is assigned. This order of execution 
> must be reversed for this to work.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10290) Config drive - only supported for secondary storage

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10290?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468803#comment-16468803
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10290:
-

rhtyd commented on issue #2614: WIP perform config drive creation on primary 
storage (CLOUDSTACK-10290)
URL: https://github.com/apache/cloudstack/pull/2614#issuecomment-387725700
 
 
   @DaanHoogland is this ready for testing and review, as per our schedule we 
were hoping to cut RC1 starting next week (mid May) I'm cutting down on the 
scope and limiting to completed PRs and blockers.
   I'll re-add the milestone on your remark.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Config drive - only supported for secondary storage
> ---
>
> Key: CLOUDSTACK-10290
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10290
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.11.0.0
>Reporter: Rohit Yadav
>Assignee: Daan Hoogland
>Priority: Major
>
> Userdata disk looks like this:
>  
>    
>     file='/mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266/configdrive.iso'/>
>    
>    
>    
>    
>    
>      
> Mount is:
> root# df /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266
>  Filesystem   1K-blocks   
>  Used Available Use% Mounted on
>  some-nfs-server.com:/nfs/secondary/ConfigDrive/i-2-24-VM  66391040 2973696  
> 63417344   5% /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266
>  
> issue: where to find a primary storage for a VM that is not yet deployed. The 
> configdrive is created before a storage is assigned. This order of execution 
> must be reversed for this to work.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10290) Config drive - only supported for secondary storage

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10290?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468801#comment-16468801
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10290:
-

rhtyd commented on issue #2614: WIP perform config drive creation on primary 
storage (CLOUDSTACK-10290)
URL: https://github.com/apache/cloudstack/pull/2614#issuecomment-387725700
 
 
   @DaanHoogland is this ready for testing and review, as per our schedule we 
were hoping to cut RC1 starting next week (mid May) I'm cutting down on the 
scope and limiting to completed PRs and blockers.
   -I'll re-add the milestone on your remark.-


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Config drive - only supported for secondary storage
> ---
>
> Key: CLOUDSTACK-10290
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10290
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.11.0.0
>Reporter: Rohit Yadav
>Assignee: Daan Hoogland
>Priority: Major
>
> Userdata disk looks like this:
>  
>    
>     file='/mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266/configdrive.iso'/>
>    
>    
>    
>    
>    
>      
> Mount is:
> root# df /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266
>  Filesystem   1K-blocks   
>  Used Available Use% Mounted on
>  some-nfs-server.com:/nfs/secondary/ConfigDrive/i-2-24-VM  66391040 2973696  
> 63417344   5% /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266
>  
> issue: where to find a primary storage for a VM that is not yet deployed. The 
> configdrive is created before a storage is assigned. This order of execution 
> must be reversed for this to work.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10290) Config drive - only supported for secondary storage

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10290?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468800#comment-16468800
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10290:
-

rhtyd commented on issue #2614: WIP perform config drive creation on primary 
storage (CLOUDSTACK-10290)
URL: https://github.com/apache/cloudstack/pull/2614#issuecomment-387725700
 
 
   @DaanHoogland is this ready for testing and review, as per our schedule we 
were hoping to cut RC1 starting next week (mid May) I'm cutting down on the 
scope and limiting to completed PRs and blockers. --I'll re-add the milestone 
on your remark.-- 


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Config drive - only supported for secondary storage
> ---
>
> Key: CLOUDSTACK-10290
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10290
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.11.0.0
>Reporter: Rohit Yadav
>Assignee: Daan Hoogland
>Priority: Major
>
> Userdata disk looks like this:
>  
>    
>     file='/mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266/configdrive.iso'/>
>    
>    
>    
>    
>    
>      
> Mount is:
> root# df /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266
>  Filesystem   1K-blocks   
>  Used Available Use% Mounted on
>  some-nfs-server.com:/nfs/secondary/ConfigDrive/i-2-24-VM  66391040 2973696  
> 63417344   5% /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266
>  
> issue: where to find a primary storage for a VM that is not yet deployed. The 
> configdrive is created before a storage is assigned. This order of execution 
> must be reversed for this to work.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10290) Config drive - only supported for secondary storage

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10290?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468799#comment-16468799
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10290:
-

rhtyd commented on issue #2614: WIP perform config drive creation on primary 
storage (CLOUDSTACK-10290)
URL: https://github.com/apache/cloudstack/pull/2614#issuecomment-387725700
 
 
   @DaanHoogland is this ready for testing and review, as per our schedule we 
were hoping to cut RC1 starting next week (mid May) I'm cutting down on the 
scope and limiting to completed PRs and blockers. I'll re-add the milestone on 
your remark.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Config drive - only supported for secondary storage
> ---
>
> Key: CLOUDSTACK-10290
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10290
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.11.0.0
>Reporter: Rohit Yadav
>Assignee: Daan Hoogland
>Priority: Major
>
> Userdata disk looks like this:
>  
>    
>     file='/mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266/configdrive.iso'/>
>    
>    
>    
>    
>    
>      
> Mount is:
> root# df /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266
>  Filesystem   1K-blocks   
>  Used Available Use% Mounted on
>  some-nfs-server.com:/nfs/secondary/ConfigDrive/i-2-24-VM  66391040 2973696  
> 63417344   5% /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266
>  
> issue: where to find a primary storage for a VM that is not yet deployed. The 
> configdrive is created before a storage is assigned. This order of execution 
> must be reversed for this to work.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10290) Config drive - only supported for secondary storage

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10290?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468792#comment-16468792
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10290:
-

DaanHoogland commented on issue #2614: WIP perform config drive creation on 
primary storage (CLOUDSTACK-10290)
URL: https://github.com/apache/cloudstack/pull/2614#issuecomment-387724501
 
 
   @rhtyd this is an issue on 4.11 and needs to go in 4.11.1. If it is not done 
on release it is time to remove the milestone, not in advance.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Config drive - only supported for secondary storage
> ---
>
> Key: CLOUDSTACK-10290
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10290
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.11.0.0
>Reporter: Rohit Yadav
>Assignee: Daan Hoogland
>Priority: Major
>
> Userdata disk looks like this:
>  
>    
>     file='/mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266/configdrive.iso'/>
>    
>    
>    
>    
>    
>      
> Mount is:
> root# df /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266
>  Filesystem   1K-blocks   
>  Used Available Use% Mounted on
>  some-nfs-server.com:/nfs/secondary/ConfigDrive/i-2-24-VM  66391040 2973696  
> 63417344   5% /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266
>  
> issue: where to find a primary storage for a VM that is not yet deployed. The 
> configdrive is created before a storage is assigned. This order of execution 
> must be reversed for this to work.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10290) Config drive - only supported for secondary storage

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10290?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468715#comment-16468715
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10290:
-

rhtyd commented on issue #2614: WIP perform config drive creation on primary 
storage (CLOUDSTACK-10290)
URL: https://github.com/apache/cloudstack/pull/2614#issuecomment-387706058
 
 
   This is still in WIP, we are not in a state to test/merge by end of this 
week so I'll move to 4.11.2.0. In case this change we can consider this for 
4.11.1.0 before RC1 is cut.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Config drive - only supported for secondary storage
> ---
>
> Key: CLOUDSTACK-10290
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10290
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.11.0.0
>Reporter: Rohit Yadav
>Assignee: Daan Hoogland
>Priority: Major
>
> Userdata disk looks like this:
>  
>    
>     file='/mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266/configdrive.iso'/>
>    
>    
>    
>    
>    
>      
> Mount is:
> root# df /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266
>  Filesystem   1K-blocks   
>  Used Available Use% Mounted on
>  some-nfs-server.com:/nfs/secondary/ConfigDrive/i-2-24-VM  66391040 2973696  
> 63417344   5% /mnt/eba12ff3-c3a6-394a-bf0f-23291f1f6266
>  
> issue: where to find a primary storage for a VM that is not yet deployed. The 
> configdrive is created before a storage is assigned. This order of execution 
> must be reversed for this to work.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-8609) [VMware] VM is not accessible after a migration across clusters.

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-8609?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468714#comment-16468714
 ] 

ASF GitHub Bot commented on CLOUDSTACK-8609:


rhtyd commented on issue #2091: CLOUDSTACK-8609: [VMware] VM is not accessible 
after migration across clusters
URL: https://github.com/apache/cloudstack/pull/2091#issuecomment-387705746
 
 
   @sureshanaparti can you rebase this against latest 4.11.
   I'll in the interim move this to 4.11.2.0 milestone, if the author does not 
repond I may take over this PR in future.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> [VMware] VM is not accessible after a migration across clusters.
> 
>
> Key: CLOUDSTACK-8609
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8609
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Likitha Shetty
>Assignee: Suresh Kumar Anaparti
>Priority: Major
> Fix For: Future
>
>
> +Steps to reproduce+
> 1. Deploy a VMware zone with 2 clusters (a host each, H1 and H2) and one 
> zone-wide primary storage spanning the two clusters.
> 2. Deploy a VM (VM1) on one of the hosts (H1).
> 3. Stop VM1.
> 4. Make the host that contains the VM unsuitable for further VM deployments
> - host runs out of capacity (cpu/memory)
> - host has maximum VMs deployed on it
> 5. Start VM1.
> 6. VM will be powered on H2 but will not be accessible because the .vmx and 
> other VM files associated with the VM have been deleted.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468706#comment-16468706
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


rhtyd commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime during 
network restart
URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387704470
 
 
   @blueorangutan test


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468707#comment-16468707
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime 
during network restart
URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387704582
 
 
   @rhtyd a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been 
kicked to run smoke tests


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468688#comment-16468688
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime 
during network restart
URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387698731
 
 
   Packaging result: ✔centos6 ✔centos7 ✔debian. JID-2036


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468668#comment-16468668
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime 
during network restart
URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387692475
 
 
   @rhtyd a Jenkins job has been kicked to build packages. I'll keep you posted 
as I make progress.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468667#comment-16468667
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


rhtyd commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime during 
network restart
URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387692217
 
 
   XenServer and Vmware tests are LGTM, 1-2 failure seen in intermittent/env 
related. I've rebase and fixed conflicts against latest 4.11, will kick test 
against KVM after packaging.
   @blueorangutan package


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468664#comment-16468664
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime 
during network restart
URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387401151
 
 
   @rhtyd a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been 
kicked to run smoke tests


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468663#comment-16468663
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime 
during network restart
URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387513278
 
 
   Trillian test result (tid-2642)
   Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
   Total time taken: 19756 seconds
   Marvin logs: 
https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr2508-t2642-kvm-centos7.zip
   Intermitten failure detected: /marvin/tests/smoke/test_privategw_acl.py
   Intermitten failure detected: /marvin/tests/smoke/test_vm_life_cycle.py
   Intermitten failure detected: /marvin/tests/smoke/test_vpc_vpn.py
   Intermitten failure detected: /marvin/tests/smoke/test_host_maintenance.py
   Intermitten failure detected: /marvin/tests/smoke/test_hostha_kvm.py
   Smoke tests completed. 62 look OK, 5 have error(s)
   Only failed tests results shown below:
   
   
   Test | Result | Time (s) | Test File
   --- | --- | --- | ---
   test_03_vpc_privategw_restart_vpc_cleanup | `Error` | 108.80 | 
test_privategw_acl.py
   test_01_secured_vm_migration | `Error` | 1.13 | test_vm_life_cycle.py
   test_02_not_secured_vm_migration | `Error` | 1.11 | test_vm_life_cycle.py
   test_03_secured_to_nonsecured_vm_migration | `Error` | 1.12 | 
test_vm_life_cycle.py
   test_04_nonsecured_to_secured_vm_migration | `Error` | 1.11 | 
test_vm_life_cycle.py
   test_08_migrate_vm | `Error` | 5.30 | test_vm_life_cycle.py
   test_01_redundant_vpc_site2site_vpn | `Failure` | 194.79 | test_vpc_vpn.py
   test_01_vpc_site2site_vpn | `Failure` | 137.51 | test_vpc_vpn.py
   test_01_cancel_host_maintenace_with_no_migration_jobs | `Failure` | 0.11 | 
test_host_maintenance.py
   test_02_cancel_host_maintenace_with_migration_jobs | `Error` | 2.31 | 
test_host_maintenance.py
   test_hostha_enable_ha_when_host_in_maintenance | `Error` | 4.58 | 
test_hostha_kvm.py
   


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468665#comment-16468665
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


rhtyd commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime during 
network restart
URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387400987
 
 
   @blueorangutan test 


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-9114) restartnetwork with cleanup should not update/restart both routers at once

2018-05-09 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9114?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468666#comment-16468666
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9114:


blueorangutan commented on issue #2508: CLOUDSTACK-9114: Reduce VR downtime 
during network restart
URL: https://github.com/apache/cloudstack/pull/2508#issuecomment-387397331
 
 
   Packaging result: ✔centos6 ✔centos7 ✔debian. JID-2029


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> restartnetwork with cleanup should not update/restart both routers at once
> --
>
> Key: CLOUDSTACK-9114
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9114
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Wei Zhou
>Assignee: Wei Zhou
>Priority: Major
>
> for now, restartnetwork with cleanup will stop both RVRs at first, then start 
> two  new RVRs.
> to reduce the downtime of network, we'd better restart the RVRs one by one.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (CLOUDSTACK-10284) Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM.

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10284?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468644#comment-16468644
 ] 

ASF subversion and git services commented on CLOUDSTACK-10284:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/master from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM.
> --
>
> Key: CLOUDSTACK-10284
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10284
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Nitesh Sarda
>Priority: Major
> Fix For: 4.12
>
>
> ISSUE
>

[jira] [Commented] (CLOUDSTACK-10221) Allow specification of IPv6 details when creating Basic Network

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468645#comment-16468645
 ] 

ASF subversion and git services commented on CLOUDSTACK-10221:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/master from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> Allow specification of IPv6 details when creating Basic Network
> ---
>
> Key: CLOUDSTACK-10221
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10221
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Management Server, Network Controller
>Affects Versions: 4.10.0.0, 4.11.0.0
> Environment: Basic

[jira] [Commented] (CLOUDSTACK-9338) updateResourceCount not accounting resources of VMs with custom service offering

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9338?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468649#comment-16468649
 ] 

ASF subversion and git services commented on CLOUDSTACK-9338:
-

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/master from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> updateResourceCount not accounting resources of VMs with custom service 
> offering
> 
>
> Key: CLOUDSTACK-9338
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9338
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: API, Cloudmonkey, UI
>Affects Versions: 4.5.2, 4.8.0
> Environment:

[jira] [Commented] (CLOUDSTACK-10054) Volume download times out in 3600 seconds

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10054?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468647#comment-16468647
 ] 

ASF subversion and git services commented on CLOUDSTACK-10054:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/master from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> Volume download times out in 3600 seconds
> -
>
> Key: CLOUDSTACK-10054
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10054
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: mrunalini
>Priority: Major
>
> Problem Statement -
> When tried to download a volume of type Vmware with large size, it fails in 
> an hour before

[jira] [Commented] (CLOUDSTACK-10259) Missing float part of secondary storage data when calculating secondary storage usage in listAccounts

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10259?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468648#comment-16468648
 ] 

ASF subversion and git services commented on CLOUDSTACK-10259:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/master from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> Missing float part of secondary storage data when calculating secondary 
> storage usage in listAccounts 
> --
>
> Key: CLOUDSTACK-10259
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10259
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rafael Weingärtner
>

[jira] [Commented] (CLOUDSTACK-10230) User is able to change to “Guest OS type” that has been removed

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468651#comment-16468651
 ] 

ASF subversion and git services commented on CLOUDSTACK-10230:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/master from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> User is able to change to “Guest OS type” that has been removed 
> 
>
> Key: CLOUDSTACK-10230
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10230
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rafael Weingärtner
>Assignee: Rafael Weingärtner
>Priority: Critical
> Fix For:

[jira] [Commented] (CLOUDSTACK-10214) Unable to remove local primary storage

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10214?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468646#comment-16468646
 ] 

ASF subversion and git services commented on CLOUDSTACK-10214:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/master from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> Unable to remove local primary storage 
> ---
>
> Key: CLOUDSTACK-10214
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10214
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.10.0.0, 4.9.3.0
>Reporter: Rafael Weingärtner
>Assignee: Rafael Weingärtner
>Priority: Major
> Fix For: 4.12
>
>
>

[jira] [Commented] (CLOUDSTACK-10318) Bug on sorting ACL rules list in chrome

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10318?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468643#comment-16468643
 ] 

ASF subversion and git services commented on CLOUDSTACK-10318:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/master from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> Bug on sorting ACL rules list in chrome 
> 
>
> Key: CLOUDSTACK-10318
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10318
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rafael Weingärtner
>Assignee: Rafael Weingärtner
>Priority: Major
> Fix For: 4.12
>
>
> There is a bug on ACL rules list when a

[jira] [Commented] (CLOUDSTACK-10230) User is able to change to “Guest OS type” that has been removed

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468650#comment-16468650
 ] 

ASF subversion and git services commented on CLOUDSTACK-10230:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/master from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> User is able to change to “Guest OS type” that has been removed 
> 
>
> Key: CLOUDSTACK-10230
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10230
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rafael Weingärtner
>Assignee: Rafael Weingärtner
>Priority: Critical
> Fix For:

[jira] [Commented] (CLOUDSTACK-10147) Disabled Xenserver cluster can still deploy VMs

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468642#comment-16468642
 ] 

ASF subversion and git services commented on CLOUDSTACK-10147:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/master from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> Disabled Xenserver cluster can still deploy VMs 
> 
>
> Key: CLOUDSTACK-10147
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10147
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Management Server, UI
>Affects Versions: 4.10.0.0, 4.9.2.0
> Environment: Xenserver 6.2, 7
>Reporter: Glenn Wagner
>

[jira] [Commented] (CLOUDSTACK-10230) User is able to change to “Guest OS type” that has been removed

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468631#comment-16468631
 ] 

ASF subversion and git services commented on CLOUDSTACK-10230:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/4.11 from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> User is able to change to “Guest OS type” that has been removed 
> 
>
> Key: CLOUDSTACK-10230
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10230
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rafael Weingärtner
>Assignee: Rafael Weingärtner
>Priority: Critical
> Fix For:

[jira] [Commented] (CLOUDSTACK-9338) updateResourceCount not accounting resources of VMs with custom service offering

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9338?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468629#comment-16468629
 ] 

ASF subversion and git services commented on CLOUDSTACK-9338:
-

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/4.11 from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> updateResourceCount not accounting resources of VMs with custom service 
> offering
> 
>
> Key: CLOUDSTACK-9338
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9338
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: API, Cloudmonkey, UI
>Affects Versions: 4.5.2, 4.8.0
> Environment:

[jira] [Commented] (CLOUDSTACK-10054) Volume download times out in 3600 seconds

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10054?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468627#comment-16468627
 ] 

ASF subversion and git services commented on CLOUDSTACK-10054:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/4.11 from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> Volume download times out in 3600 seconds
> -
>
> Key: CLOUDSTACK-10054
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10054
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: mrunalini
>Priority: Major
>
> Problem Statement -
> When tried to download a volume of type Vmware with large size, it fails in 
> an hour before

[jira] [Commented] (CLOUDSTACK-10259) Missing float part of secondary storage data when calculating secondary storage usage in listAccounts

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10259?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468628#comment-16468628
 ] 

ASF subversion and git services commented on CLOUDSTACK-10259:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/4.11 from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> Missing float part of secondary storage data when calculating secondary 
> storage usage in listAccounts 
> --
>
> Key: CLOUDSTACK-10259
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10259
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rafael Weingärtner
>

[jira] [Commented] (CLOUDSTACK-10147) Disabled Xenserver cluster can still deploy VMs

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10147?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468622#comment-16468622
 ] 

ASF subversion and git services commented on CLOUDSTACK-10147:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/4.11 from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> Disabled Xenserver cluster can still deploy VMs 
> 
>
> Key: CLOUDSTACK-10147
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10147
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Management Server, UI
>Affects Versions: 4.10.0.0, 4.9.2.0
> Environment: Xenserver 6.2, 7
>Reporter: Glenn Wagner
>

[jira] [Commented] (CLOUDSTACK-10221) Allow specification of IPv6 details when creating Basic Network

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468625#comment-16468625
 ] 

ASF subversion and git services commented on CLOUDSTACK-10221:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/4.11 from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> Allow specification of IPv6 details when creating Basic Network
> ---
>
> Key: CLOUDSTACK-10221
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10221
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Management Server, Network Controller
>Affects Versions: 4.10.0.0, 4.11.0.0
> Environment: Basic

[jira] [Commented] (CLOUDSTACK-10318) Bug on sorting ACL rules list in chrome

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10318?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468623#comment-16468623
 ] 

ASF subversion and git services commented on CLOUDSTACK-10318:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/4.11 from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> Bug on sorting ACL rules list in chrome 
> 
>
> Key: CLOUDSTACK-10318
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10318
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rafael Weingärtner
>Assignee: Rafael Weingärtner
>Priority: Major
> Fix For: 4.12
>
>
> There is a bug on ACL rules list when a

[jira] [Commented] (CLOUDSTACK-10214) Unable to remove local primary storage

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10214?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468626#comment-16468626
 ] 

ASF subversion and git services commented on CLOUDSTACK-10214:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/4.11 from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> Unable to remove local primary storage 
> ---
>
> Key: CLOUDSTACK-10214
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10214
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.10.0.0, 4.9.3.0
>Reporter: Rafael Weingärtner
>Assignee: Rafael Weingärtner
>Priority: Major
> Fix For: 4.12
>
>
>

[jira] [Commented] (CLOUDSTACK-10230) User is able to change to “Guest OS type” that has been removed

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10230?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468630#comment-16468630
 ] 

ASF subversion and git services commented on CLOUDSTACK-10230:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/4.11 from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> User is able to change to “Guest OS type” that has been removed 
> 
>
> Key: CLOUDSTACK-10230
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10230
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rafael Weingärtner
>Assignee: Rafael Weingärtner
>Priority: Critical
> Fix For:

[jira] [Commented] (CLOUDSTACK-10284) Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM.

2018-05-09 Thread ASF subversion and git services (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10284?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=16468624#comment-16468624
 ] 

ASF subversion and git services commented on CLOUDSTACK-10284:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/4.11 from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> Creating a snapshot from VM Snapshot generates error if hypervisor is not KVM.
> --
>
> Key: CLOUDSTACK-10284
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10284
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Nitesh Sarda
>Priority: Major
> Fix For: 4.12
>
>
> ISSUE
>