[jira] [Commented] (CLOUDSTACK-9635) fix test_privategw_acl.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9635?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712320#comment-15712320
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9635:


Github user jburwell commented on the issue:

https://github.com/apache/cloudstack/pull/1802
  
@murali-reddy I see failures in the `test_router_dhcp_opts` test case.  Was 
this PR rebased to get the fix from #1801?  If not, I would like to rebase and 
re-run the tests.  Otherwise, we may have a regression to investigate.


> fix test_privategw_acl.py
> -
>
> Key: CLOUDSTACK-9635
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9635
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.8.0, 4.9.0, 4.10.0.0
>Reporter: Murali Reddy
> Fix For: 4.8.1, 4.10.0.0, 4.9.2.0
>
>
> Marvin test cases in test suite test_privategw_acl.py fail intermittently 
> with error 'createprivategateway failed, due to: errorCode: 431, 
> errorText:Network with vlan vlan://549 already exists in zone 1'
> Test cases use a VLAN from the zone VLAN range, to create VPC private 
> gateway. But the VPC private gateway implementation does not book keep the 
> info on op_dc_vent_alloc. So when test case create network they end up using 
> same VLAN, resulting failure of createVpcPrivateGateway



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9635) fix test_privategw_acl.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9635?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712312#comment-15712312
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9635:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1802
  
Trillian test result (tid-517)
Environment: vmware-55u3 (x2), Advanced Networking with Mgmt server 7
Total time taken: 31158 seconds
Marvin logs: 
https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr1802-t517-vmware-55u3.zip
Test completed. 40 look ok, 3 have error(s)


Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_router_dhcp_opts | `Failure` | 21.43 | test_router_dhcphosts.py
test_01_vpc_site2site_vpn | `Error` | 446.21 | test_vpc_vpn.py
test_01_redundant_vpc_site2site_vpn | `Error` | 602.40 | test_vpc_vpn.py
test_01_snapshot_root_disk | `Error` | 25.28 | test_snapshots.py
test_01_vpc_remote_access_vpn | Success | 216.96 | test_vpc_vpn.py
test_02_VPC_default_routes | Success | 317.33 | test_vpc_router_nics.py
test_01_VPC_nics_after_destroy | Success | 676.83 | test_vpc_router_nics.py
test_05_rvpc_multi_tiers | Success | 517.00 | test_vpc_redundant.py
test_04_rvpc_network_garbage_collector_nics | Success | 1525.25 | 
test_vpc_redundant.py
test_03_create_redundant_VPC_1tier_2VMs_2IPs_2PF_ACL_reboot_routers | 
Success | 642.93 | test_vpc_redundant.py
test_02_redundant_VPC_default_routes | Success | 552.02 | 
test_vpc_redundant.py
test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL | Success | 1178.84 | 
test_vpc_redundant.py
test_09_delete_detached_volume | Success | 25.72 | test_volumes.py
test_06_download_detached_volume | Success | 105.76 | test_volumes.py
test_05_detach_volume | Success | 105.30 | test_volumes.py
test_04_delete_attached_volume | Success | 20.26 | test_volumes.py
test_03_download_attached_volume | Success | 25.25 | test_volumes.py
test_02_attach_volume | Success | 65.17 | test_volumes.py
test_01_create_volume | Success | 530.54 | test_volumes.py
test_03_delete_vm_snapshots | Success | 280.32 | test_vm_snapshots.py
test_02_revert_vm_snapshots | Success | 224.75 | test_vm_snapshots.py
test_01_test_vm_volume_snapshot | Success | 156.09 | test_vm_snapshots.py
test_01_create_vm_snapshots | Success | 194.75 | test_vm_snapshots.py
test_deploy_vm_multiple | Success | 254.02 | test_vm_life_cycle.py
test_deploy_vm | Success | 0.05 | test_vm_life_cycle.py
test_advZoneVirtualRouter | Success | 0.03 | test_vm_life_cycle.py
test_10_attachAndDetach_iso | Success | 26.80 | test_vm_life_cycle.py
test_09_expunge_vm | Success | 125.22 | test_vm_life_cycle.py
test_08_migrate_vm | Success | 106.25 | test_vm_life_cycle.py
test_07_restore_vm | Success | 0.14 | test_vm_life_cycle.py
test_06_destroy_vm | Success | 10.17 | test_vm_life_cycle.py
test_03_reboot_vm | Success | 5.13 | test_vm_life_cycle.py
test_02_start_vm | Success | 15.18 | test_vm_life_cycle.py
test_01_stop_vm | Success | 10.19 | test_vm_life_cycle.py
test_CreateTemplateWithDuplicateName | Success | 236.45 | test_templates.py
test_08_list_system_templates | Success | 0.02 | test_templates.py
test_07_list_public_templates | Success | 0.02 | test_templates.py
test_05_template_permissions | Success | 0.04 | test_templates.py
test_04_extract_template | Success | 15.22 | test_templates.py
test_03_delete_template | Success | 5.07 | test_templates.py
test_02_edit_template | Success | 90.32 | test_templates.py
test_01_create_template | Success | 110.86 | test_templates.py
test_10_destroy_cpvm | Success | 236.63 | test_ssvm.py
test_09_destroy_ssvm | Success | 268.42 | test_ssvm.py
test_08_reboot_cpvm | Success | 156.67 | test_ssvm.py
test_07_reboot_ssvm | Success | 158.22 | test_ssvm.py
test_06_stop_cpvm | Success | 206.69 | test_ssvm.py
test_05_stop_ssvm | Success | 233.57 | test_ssvm.py
test_04_cpvm_internals | Success | 1.58 | test_ssvm.py
test_03_ssvm_internals | Success | 3.54 | test_ssvm.py
test_02_list_cpvm_vm | Success | 0.09 | test_ssvm.py
test_01_list_sec_storage_vm | Success | 0.09 | test_ssvm.py
test_04_change_offering_small | Success | 92.78 | test_service_offerings.py
test_03_delete_service_offering | Success | 0.03 | test_service_offerings.py
test_02_edit_service_offering | Success | 0.06 | test_service_offerings.py
test_01_create_service_offering | Success | 0.07 | test_service_offerings.py
test_02_sys_template_ready | Success | 0.08 | test_secondary_storage.py
test_01_sys_vm_start | Success | 0.11 | test_secondary_storage.py
test_09_reboot_router | Success | 135.87 | test_routers.py
test_08_start_router | Success | 166.08 | test_routers.py
test_07_stop_router | Success |

[jira] [Commented] (CLOUDSTACK-9339) Virtual Routers don't handle Multiple Public Interfaces

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712308#comment-15712308
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9339:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1659
  
@jburwell a Trillian-Jenkins test job (centos7 mgmt + xenserver-65sp1) has 
been kicked to run smoke tests


> Virtual Routers don't handle Multiple Public Interfaces
> ---
>
> Key: CLOUDSTACK-9339
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9339
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Virtual Router
>Affects Versions: 4.8.0
>Reporter: dsclose
>Assignee: Murali Reddy
>  Labels: firewall, nat, router
> Fix For: 4.10.0.0, 4.9.1.0
>
>
> There are a series of issues with the way Virtual Routers manage multiple 
> public interfaces. These are more pronounced on redundant virtual router 
> setups. I have not attempted to examine these issues in a VPC context. 
> Outside of a VPC context, however, the following is expected behaviour:
> * eth0 connects the router to the guest network.
> * In RvR setups, keepalived manages the guests' gateway IP as a virtual IP on 
> eth0.
> * eth1 provides a local link to the hypervisor, allowing Cloudstack to issue 
> commands to the router.
> * eth2 is the routers public interface. By default, a single public IP will 
> be setup on eth2 along with the necessary iptables and ip rules to source-NAT 
> guest traffic to that public IP.
> * When a public IP address is assigned to the router that is on a separate 
> subnet to the source-NAT IP, a new interface is configured, such as eth3, and 
> the IP is assigned to that interface.
> * This can result in eth3, eth4, eth5, etc. being created depending upon how 
> many public subnets the router has to work with.
> The above all works. The following, however, is currently not working:
> * Public interfaces should be set to DOWN on backup redundant routers. The 
> master.py script is responsible for setting public interfaces to UP during a 
> keepalived transition. Currently the check_is_up method of the CsIP class 
> brings all interfaces UP on both RvR. A proposed fix for this has been 
> discussed on the mailing list. That fix will leave public interfaces DOWN on 
> RvR allowing the keepalived transition to control the state of public 
> interfaces. Issue #1413 includes a commit that contradicts the proposed fix 
> so it is unclear what the current state of the code should be.
> * Newly created interfaces should be set to UP on master redundant routers. 
> Assuming public interfaces should be default be DOWN on an RvR we need to 
> accommodate the fact that, as interfaces are created, no keepalived 
> transition occurs. This means that assigning an IP from a new public subnet 
> will have no effect (as the interface will be down) until the network is 
> restarted with a "clean up."
> * Public interfaces other than eth2 do not forward traffic. There are two 
> iptables rules in the FORWARD chain of the filter table created for eth2 that 
> allow forwarding between eth2 and eth0. Equivalent rules are not created for 
> other public interfaces so forwarded traffic is dropped.
> * Outbound traffic from guest VMs does not honour static-NAT rules. Instead, 
> outbound traffic is source-NAT'd to the networks default source-NAT IP. New 
> connections from guests that are destined for public networks are processed 
> like so:
> 1. Traffic is matched against the following rule in the mangle table that 
> marks the connection with a 0x0:
> *mangle
> -A PREROUTING -i eth0 -m state --state NEW -j CONNMARK --set-xmark 
> 0x0/0x
> 2. There are no "ip rule" statements that match a connection marked 0x0, so 
> the kernel routes the connection via the default gateway. That gateway is on 
> source-NAT subnet, so the connection is routed out of eth2.
> 3. The following iptables rules are then matched in the filter table:
> *filter
> -A FORWARD -i eth0 -o eth2 -j FW_OUTBOUND
> -A FW_OUTBOUND -j FW_EGRESS_RULES
> -A FW_EGRESS_RULES -j ACCEPT
> 4. Finally, the following rule is matched from the nat table, where the IP 
> address is the source-NAT IP:
> *nat
> -A POSTROUTING -o eth2 -j SNAT --to-source 123.4.5.67
>  



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9339) Virtual Routers don't handle Multiple Public Interfaces

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712307#comment-15712307
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9339:


Github user jburwell commented on the issue:

https://github.com/apache/cloudstack/pull/1659
  
@blueorangutan test centos7 xenserver-65sp1


> Virtual Routers don't handle Multiple Public Interfaces
> ---
>
> Key: CLOUDSTACK-9339
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9339
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Virtual Router
>Affects Versions: 4.8.0
>Reporter: dsclose
>Assignee: Murali Reddy
>  Labels: firewall, nat, router
> Fix For: 4.10.0.0, 4.9.1.0
>
>
> There are a series of issues with the way Virtual Routers manage multiple 
> public interfaces. These are more pronounced on redundant virtual router 
> setups. I have not attempted to examine these issues in a VPC context. 
> Outside of a VPC context, however, the following is expected behaviour:
> * eth0 connects the router to the guest network.
> * In RvR setups, keepalived manages the guests' gateway IP as a virtual IP on 
> eth0.
> * eth1 provides a local link to the hypervisor, allowing Cloudstack to issue 
> commands to the router.
> * eth2 is the routers public interface. By default, a single public IP will 
> be setup on eth2 along with the necessary iptables and ip rules to source-NAT 
> guest traffic to that public IP.
> * When a public IP address is assigned to the router that is on a separate 
> subnet to the source-NAT IP, a new interface is configured, such as eth3, and 
> the IP is assigned to that interface.
> * This can result in eth3, eth4, eth5, etc. being created depending upon how 
> many public subnets the router has to work with.
> The above all works. The following, however, is currently not working:
> * Public interfaces should be set to DOWN on backup redundant routers. The 
> master.py script is responsible for setting public interfaces to UP during a 
> keepalived transition. Currently the check_is_up method of the CsIP class 
> brings all interfaces UP on both RvR. A proposed fix for this has been 
> discussed on the mailing list. That fix will leave public interfaces DOWN on 
> RvR allowing the keepalived transition to control the state of public 
> interfaces. Issue #1413 includes a commit that contradicts the proposed fix 
> so it is unclear what the current state of the code should be.
> * Newly created interfaces should be set to UP on master redundant routers. 
> Assuming public interfaces should be default be DOWN on an RvR we need to 
> accommodate the fact that, as interfaces are created, no keepalived 
> transition occurs. This means that assigning an IP from a new public subnet 
> will have no effect (as the interface will be down) until the network is 
> restarted with a "clean up."
> * Public interfaces other than eth2 do not forward traffic. There are two 
> iptables rules in the FORWARD chain of the filter table created for eth2 that 
> allow forwarding between eth2 and eth0. Equivalent rules are not created for 
> other public interfaces so forwarded traffic is dropped.
> * Outbound traffic from guest VMs does not honour static-NAT rules. Instead, 
> outbound traffic is source-NAT'd to the networks default source-NAT IP. New 
> connections from guests that are destined for public networks are processed 
> like so:
> 1. Traffic is matched against the following rule in the mangle table that 
> marks the connection with a 0x0:
> *mangle
> -A PREROUTING -i eth0 -m state --state NEW -j CONNMARK --set-xmark 
> 0x0/0x
> 2. There are no "ip rule" statements that match a connection marked 0x0, so 
> the kernel routes the connection via the default gateway. That gateway is on 
> source-NAT subnet, so the connection is routed out of eth2.
> 3. The following iptables rules are then matched in the filter table:
> *filter
> -A FORWARD -i eth0 -o eth2 -j FW_OUTBOUND
> -A FW_OUTBOUND -j FW_EGRESS_RULES
> -A FW_EGRESS_RULES -j ACCEPT
> 4. Finally, the following rule is matched from the nat table, where the IP 
> address is the source-NAT IP:
> *nat
> -A POSTROUTING -o eth2 -j SNAT --to-source 123.4.5.67
>  



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9339) Virtual Routers don't handle Multiple Public Interfaces

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712302#comment-15712302
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9339:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1659
  
@jburwell a Trillian-Jenkins test job (centos7 mgmt + vmware-55u3) has been 
kicked to run smoke tests


> Virtual Routers don't handle Multiple Public Interfaces
> ---
>
> Key: CLOUDSTACK-9339
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9339
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Virtual Router
>Affects Versions: 4.8.0
>Reporter: dsclose
>Assignee: Murali Reddy
>  Labels: firewall, nat, router
> Fix For: 4.10.0.0, 4.9.1.0
>
>
> There are a series of issues with the way Virtual Routers manage multiple 
> public interfaces. These are more pronounced on redundant virtual router 
> setups. I have not attempted to examine these issues in a VPC context. 
> Outside of a VPC context, however, the following is expected behaviour:
> * eth0 connects the router to the guest network.
> * In RvR setups, keepalived manages the guests' gateway IP as a virtual IP on 
> eth0.
> * eth1 provides a local link to the hypervisor, allowing Cloudstack to issue 
> commands to the router.
> * eth2 is the routers public interface. By default, a single public IP will 
> be setup on eth2 along with the necessary iptables and ip rules to source-NAT 
> guest traffic to that public IP.
> * When a public IP address is assigned to the router that is on a separate 
> subnet to the source-NAT IP, a new interface is configured, such as eth3, and 
> the IP is assigned to that interface.
> * This can result in eth3, eth4, eth5, etc. being created depending upon how 
> many public subnets the router has to work with.
> The above all works. The following, however, is currently not working:
> * Public interfaces should be set to DOWN on backup redundant routers. The 
> master.py script is responsible for setting public interfaces to UP during a 
> keepalived transition. Currently the check_is_up method of the CsIP class 
> brings all interfaces UP on both RvR. A proposed fix for this has been 
> discussed on the mailing list. That fix will leave public interfaces DOWN on 
> RvR allowing the keepalived transition to control the state of public 
> interfaces. Issue #1413 includes a commit that contradicts the proposed fix 
> so it is unclear what the current state of the code should be.
> * Newly created interfaces should be set to UP on master redundant routers. 
> Assuming public interfaces should be default be DOWN on an RvR we need to 
> accommodate the fact that, as interfaces are created, no keepalived 
> transition occurs. This means that assigning an IP from a new public subnet 
> will have no effect (as the interface will be down) until the network is 
> restarted with a "clean up."
> * Public interfaces other than eth2 do not forward traffic. There are two 
> iptables rules in the FORWARD chain of the filter table created for eth2 that 
> allow forwarding between eth2 and eth0. Equivalent rules are not created for 
> other public interfaces so forwarded traffic is dropped.
> * Outbound traffic from guest VMs does not honour static-NAT rules. Instead, 
> outbound traffic is source-NAT'd to the networks default source-NAT IP. New 
> connections from guests that are destined for public networks are processed 
> like so:
> 1. Traffic is matched against the following rule in the mangle table that 
> marks the connection with a 0x0:
> *mangle
> -A PREROUTING -i eth0 -m state --state NEW -j CONNMARK --set-xmark 
> 0x0/0x
> 2. There are no "ip rule" statements that match a connection marked 0x0, so 
> the kernel routes the connection via the default gateway. That gateway is on 
> source-NAT subnet, so the connection is routed out of eth2.
> 3. The following iptables rules are then matched in the filter table:
> *filter
> -A FORWARD -i eth0 -o eth2 -j FW_OUTBOUND
> -A FW_OUTBOUND -j FW_EGRESS_RULES
> -A FW_EGRESS_RULES -j ACCEPT
> 4. Finally, the following rule is matched from the nat table, where the IP 
> address is the source-NAT IP:
> *nat
> -A POSTROUTING -o eth2 -j SNAT --to-source 123.4.5.67
>  



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9339) Virtual Routers don't handle Multiple Public Interfaces

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712301#comment-15712301
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9339:


Github user jburwell commented on the issue:

https://github.com/apache/cloudstack/pull/1659
  
Tests look good on KVM.  However, it seems like a Good Thing(tm) to test on 
KVM and XenServer as well.

@blueorangutan test centos7 vmware-55u3
@blueorangutan test centos7 xenserver-65sp1


> Virtual Routers don't handle Multiple Public Interfaces
> ---
>
> Key: CLOUDSTACK-9339
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9339
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Virtual Router
>Affects Versions: 4.8.0
>Reporter: dsclose
>Assignee: Murali Reddy
>  Labels: firewall, nat, router
> Fix For: 4.10.0.0, 4.9.1.0
>
>
> There are a series of issues with the way Virtual Routers manage multiple 
> public interfaces. These are more pronounced on redundant virtual router 
> setups. I have not attempted to examine these issues in a VPC context. 
> Outside of a VPC context, however, the following is expected behaviour:
> * eth0 connects the router to the guest network.
> * In RvR setups, keepalived manages the guests' gateway IP as a virtual IP on 
> eth0.
> * eth1 provides a local link to the hypervisor, allowing Cloudstack to issue 
> commands to the router.
> * eth2 is the routers public interface. By default, a single public IP will 
> be setup on eth2 along with the necessary iptables and ip rules to source-NAT 
> guest traffic to that public IP.
> * When a public IP address is assigned to the router that is on a separate 
> subnet to the source-NAT IP, a new interface is configured, such as eth3, and 
> the IP is assigned to that interface.
> * This can result in eth3, eth4, eth5, etc. being created depending upon how 
> many public subnets the router has to work with.
> The above all works. The following, however, is currently not working:
> * Public interfaces should be set to DOWN on backup redundant routers. The 
> master.py script is responsible for setting public interfaces to UP during a 
> keepalived transition. Currently the check_is_up method of the CsIP class 
> brings all interfaces UP on both RvR. A proposed fix for this has been 
> discussed on the mailing list. That fix will leave public interfaces DOWN on 
> RvR allowing the keepalived transition to control the state of public 
> interfaces. Issue #1413 includes a commit that contradicts the proposed fix 
> so it is unclear what the current state of the code should be.
> * Newly created interfaces should be set to UP on master redundant routers. 
> Assuming public interfaces should be default be DOWN on an RvR we need to 
> accommodate the fact that, as interfaces are created, no keepalived 
> transition occurs. This means that assigning an IP from a new public subnet 
> will have no effect (as the interface will be down) until the network is 
> restarted with a "clean up."
> * Public interfaces other than eth2 do not forward traffic. There are two 
> iptables rules in the FORWARD chain of the filter table created for eth2 that 
> allow forwarding between eth2 and eth0. Equivalent rules are not created for 
> other public interfaces so forwarded traffic is dropped.
> * Outbound traffic from guest VMs does not honour static-NAT rules. Instead, 
> outbound traffic is source-NAT'd to the networks default source-NAT IP. New 
> connections from guests that are destined for public networks are processed 
> like so:
> 1. Traffic is matched against the following rule in the mangle table that 
> marks the connection with a 0x0:
> *mangle
> -A PREROUTING -i eth0 -m state --state NEW -j CONNMARK --set-xmark 
> 0x0/0x
> 2. There are no "ip rule" statements that match a connection marked 0x0, so 
> the kernel routes the connection via the default gateway. That gateway is on 
> source-NAT subnet, so the connection is routed out of eth2.
> 3. The following iptables rules are then matched in the filter table:
> *filter
> -A FORWARD -i eth0 -o eth2 -j FW_OUTBOUND
> -A FW_OUTBOUND -j FW_EGRESS_RULES
> -A FW_EGRESS_RULES -j ACCEPT
> 4. Finally, the following rule is matched from the nat table, where the IP 
> address is the source-NAT IP:
> *nat
> -A POSTROUTING -o eth2 -j SNAT --to-source 123.4.5.67
>  



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9453) Optimizing Marvin

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9453?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712286#comment-15712286
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9453:


Github user jburwell commented on the issue:

https://github.com/apache/cloudstack/pull/1675
  
@abhinandanprateek ping re: closing this PR in favor of #1639 


> Optimizing Marvin
> -
>
> Key: CLOUDSTACK-9453
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9453
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: marvin
>Reporter: Abhinandan Prateek
>Assignee: Abhinandan Prateek
> Fix For: 4.10.0.0, 4.9.1.0, 4.8.2.0
>
>
> Currently running all Marvin tests can take upto 4 days. The tests are not 
> optimized for nested cloud setup where most of the test automation runs. 
> There are some simple things that can be done to optimize the runs:
> 1. Have smaller default template: If we install macchinina template by 
> default and use it where there is no specific dependency on OS, then it will 
> result in speeding up many of Marvin tests.
> 2. Most of the tests have template names hard-coded. It will be a good idea 
> to allow some form of configuration so that test writers can use templates 
> that better suit their test scenario.
> 3. Some test timeouts are unnecessary long and a failure can be deducted much 
> early on instead of undergoing several long timeouts.
> 4. Ability to tune service offerings to better suit marvin environments.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9635) fix test_privategw_acl.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9635?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712245#comment-15712245
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9635:


Github user murali-reddy commented on the issue:

https://github.com/apache/cloudstack/pull/1802
  
@jburwell this PR is ready for merge. PR fixes intermittent failures of 
suite of tests in test_privategw_acl.py.

test_04_rvpc_privategw_static_routesSuccess 553.97  
test_privategw_acl.py
test_03_vpc_privategw_restart_vpc_cleanup   Success 536.06  
test_privategw_acl.py
test_02_vpc_privategw_static_routes Success 402.64  test_privategw_acl.py
test_01_vpc_privategw_acl   Success 100.53


> fix test_privategw_acl.py
> -
>
> Key: CLOUDSTACK-9635
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9635
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.8.0, 4.9.0, 4.10.0.0
>Reporter: Murali Reddy
> Fix For: 4.8.1, 4.10.0.0, 4.9.2.0
>
>
> Marvin test cases in test suite test_privategw_acl.py fail intermittently 
> with error 'createprivategateway failed, due to: errorCode: 431, 
> errorText:Network with vlan vlan://549 already exists in zone 1'
> Test cases use a VLAN from the zone VLAN range, to create VPC private 
> gateway. But the VPC private gateway implementation does not book keep the 
> info on op_dc_vent_alloc. So when test case create network they end up using 
> same VLAN, resulting failure of createVpcPrivateGateway



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712153#comment-15712153
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90453536
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/guru/NuageVspGuestNetworkGuru.java
 ---
@@ -339,34 +398,63 @@ private void updateDhcpOptionsForExistingVms(Network 
network, HostVO nuageVspHos
 }
 }
 
+private void checkMultipleSubnetsCombinedWithUseData(Network network){
+if 
(_ntwkOfferingSrvcDao.listServicesForNetworkOffering(network.getNetworkOfferingId()).contains(Network.Service.UserData.getName())
 && _vlanDao.listVlansByNetworkId(network.getId()).size() > 1) {
+List vlanVOs = 
_vlanDao.listVlansByNetworkId(network.getId());
+for(VlanVO vlanVoItem : vlanVOs){
+for(VlanVO VlanVoItem2 : vlanVOs){
+if(!vlanVoItem.equals(VlanVoItem2) && 
!VlanVoItem2.getVlanGateway().equals(vlanVoItem.getVlanGateway())){
+s_logger.error("NuageVsp provider does not support 
multiple subnets in combination with user data.");
--- End diff --

Please add identifying information of the duplicated vlan/subnet and 
network to the error message to assist with forensic debugging.


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
> shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_differentdomain | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for admin user in the same 
> domain but in a ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainadminuser | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for user in the same 
> domain but in a different ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is able to deploy a VM for regular user in a shared 
> network with scope=account ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_user | Status : SUCCESS 
> ===
> ok
> Valiate that ROOT admin is able to deploy a VM for user in

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712168#comment-15712168
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90458374
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/resource/NuageVspResourceConfiguration.java
 ---
@@ -0,0 +1,310 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.network.resource;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.naming.ConfigurationException;
+
+import net.nuage.vsp.acs.client.api.model.NuageVspUser;
+import net.nuage.vsp.acs.client.api.model.VspHost;
+import net.nuage.vsp.acs.client.common.NuageVspApiVersion;
+
+import org.apache.commons.lang.builder.ToStringBuilder;
+
+import com.cloud.util.NuageVspUtil;
+
+public class NuageVspResourceConfiguration {
--- End diff --

What is the purpose of this class?  It seems that a Map 
with a static validation function on `VspHostBuilder` would accomplish the same 
thing with less code and higher cohesion.


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
> shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_differentdomain | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for admin user in the same 
> domain

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712148#comment-15712148
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90451522
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/agent/api/manager/UpdateNuageVspDeviceCommand.java
 ---
@@ -0,0 +1,43 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.agent.api.manager;
+
+import com.cloud.agent.api.Command;
+import com.cloud.network.resource.NuageVspResourceConfiguration;
+
+public class UpdateNuageVspDeviceCommand extends Command {
--- End diff --

Please add `equals`, `hashCode`, and `toString` implementations.


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
> shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_differentdomain | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for admin user in the same 
> domain but in a ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainadminuser | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for user in the same 
> domain but in a different ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is able to deploy a VM for regular user in a

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712169#comment-15712169
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90452834
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/guru/NuageVspGuestNetworkGuru.java
 ---
@@ -317,20 +368,28 @@ private void updateDhcpOptionsForExistingVms(Network 
network, HostVO nuageVspHos
 if(s_logger.isDebugEnabled()) {
 s_logger.debug(String.format("DomainRouter is added to an 
existing network: %s in state: %s", network.getName(), network.getState()));
 }
-List dhcpOptions = Lists.newLinkedList();
-for (NicVO userNic :_nicDao.listByNetworkId(network.getId())) {
-if (userNic.getVmType() != VirtualMachine.Type.DomainRouter) {
-boolean defaultHasDns = 
getDefaultHasDns(networkHasDnsCache, userNic);
-
dhcpOptions.add(_nuageVspEntityBuilder.buildVmDhcpOption(userNic, 
defaultHasDns, networkHasDns));
-}
+
+List userNics = _nicDao.listByNetworkId(network.getId());
+LinkedListMultimap dhcpOptionsPerDomain = 
LinkedListMultimap.create();
+
+for (NicVO userNic : userNics) {
+if (userNic.getVmType() == VirtualMachine.Type.DomainRouter) 
continue;
--- End diff --

Per our coding standards, all `if` blocks must be wrapped in curly braces.


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
> shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_differentdomain | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for admin user in the same 
> domain but in a ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainadminuser | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for user in the same 
> domain but in a different ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is able to deploy a VM for regular user in a shared 
> network with scope=account ... === TestName: 
>

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712164#comment-15712164
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90453232
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/guru/NuageVspGuestNetworkGuru.java
 ---
@@ -339,34 +398,63 @@ private void updateDhcpOptionsForExistingVms(Network 
network, HostVO nuageVspHos
 }
 }
 
+private void checkMultipleSubnetsCombinedWithUseData(Network network){
+if 
(_ntwkOfferingSrvcDao.listServicesForNetworkOffering(network.getNetworkOfferingId()).contains(Network.Service.UserData.getName())
 && _vlanDao.listVlansByNetworkId(network.getId()).size() > 1) {
--- End diff --

Please consider using `isEmpty` rather than a size check to determine 
whether or not a list has elements.  It is more idiomatic/expressive and less 
error-prone.


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
> shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_differentdomain | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for admin user in the same 
> domain but in a ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainadminuser | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for user in the same 
> domain but in a different ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is able to deploy a VM for regular user in a shared 
> network with scope=account ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_user | Status : SUCCESS 
> ===
> ok
> Valiate that ROOT admin is able to deploy a VM for user in ROOT domain in a 
> shared network with scope=all ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_all_ROOTuser | Status : SUCCESS 
> ===
> ok
> Valiate that ROOT admin is able to deploy a VM for a domain admin users in a 
> shared network with scope=all ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_all_domainadminuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712157#comment-15712157
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90451387
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/agent/api/manager/UpdateNuageVspDeviceCommand.java
 ---
@@ -0,0 +1,43 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.agent.api.manager;
+
+import com.cloud.agent.api.Command;
+import com.cloud.network.resource.NuageVspResourceConfiguration;
+
+public class UpdateNuageVspDeviceCommand extends Command {
+
+NuageVspResourceConfiguration configuration;
--- End diff --

Why isn't this attribute declared `private`?  Also, could it be declared 
`final`?


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
> shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_differentdomain | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for admin user in the same 
> domain but in a ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainadminuser | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for user in the same 
> domain but in a different ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainuser | Status : 
> SUCCESS ===

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712150#comment-15712150
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90455401
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/resource/NuageVspResourceConfiguration.java
 ---
@@ -0,0 +1,310 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.network.resource;
--- End diff --

Why is package namespaced to a core package when it is part of the Nuage 
package?  From a reporting/logging perspective, it makes finding the code less 
intuitive.


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
> shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_differentdomain | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for admin user in the same 
> domain but in a ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainadminuser | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for user in the same 
> domain but in a different ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is able to deploy a VM for regular user in a shared 
> network with scope=account ... === TestName: 
>

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712147#comment-15712147
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90451818
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/element/NuageVspElement.java
 ---
@@ -387,41 +400,39 @@ public boolean canEnableIndividualServices() {
 
 @Override
 public boolean destroy(Network network, ReservationContext context) 
throws ConcurrentOperationException, ResourceUnavailableException {
-if (!canHandle(network, Service.Connectivity)) {
-return false;
-}
-
-return true;
+return canHandle(network, Service.Connectivity);
 }
 
 @Override
 public boolean verifyServicesCombination(Set services) {
-// This element can only function in a NuageVsp based
-// SDN network, so Connectivity needs to be present here
-if (!services.contains(Service.Connectivity)) {
-s_logger.warn("Unable to support services combination without 
Connectivity service provided by Nuage VSP.");
-return false;
+final Sets.SetView missingServices = 
Sets.difference(REQUIRED_SERVICES, services);
+final Sets.SetView unsupportedServices = 
Sets.intersection(UNSUPPORTED_SERVICES, services);
+final Sets.SetView wantedServices = 
Sets.intersection(NUAGE_ONLY_SERVICES, new HashSet<>());
+
+if (!missingServices.isEmpty()) {
+throw new UnsupportedServiceException("Provider " + 
Provider.NuageVsp + " requires services: " + missingServices);
 }
 
-if (!services.contains(Service.SourceNat)) {
-s_logger.warn("Unable to support services combination without 
SourceNat service provided by Nuage VSP.");
+if (!unsupportedServices.isEmpty()) {
+// NuageVsp doesn't implement any of these services.
+// So if these services are requested, we can't handle it.
+s_logger.debug("Unable to support services combination. The 
services " + unsupportedServices + " are not supported by Nuage VSP.");
--- End diff --

Should this message logged as at `WARN` instead of `DEBUG`?


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
>

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712161#comment-15712161
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90451456
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/agent/api/manager/UpdateNuageVspDeviceCommand.java
 ---
@@ -0,0 +1,43 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.agent.api.manager;
--- End diff --

This class appears to be Nuage specific.  Why is is being added to core 
CloudStack and not the Nuage plugin?


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
> shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_differentdomain | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for admin user in the same 
> domain but in a ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainadminuser | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for user in the same 
> domain but in a different ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is able to deploy a VM for regular user in a shared 
> network with scope=account ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_user | Status : SUCCESS 
> ===

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712158#comment-15712158
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90455612
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/resource/NuageVspResourceConfiguration.java
 ---
@@ -0,0 +1,310 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.network.resource;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.naming.ConfigurationException;
+
+import net.nuage.vsp.acs.client.api.model.NuageVspUser;
+import net.nuage.vsp.acs.client.api.model.VspHost;
+import net.nuage.vsp.acs.client.common.NuageVspApiVersion;
+
+import org.apache.commons.lang.builder.ToStringBuilder;
+
+import com.cloud.util.NuageVspUtil;
+
+public class NuageVspResourceConfiguration {
+private static final String NAME = "name";
+private static final String GUID = "guid";
+private static final String ZONE_ID = "zoneid";
+private static final String HOST_NAME = "hostname";
+private static final String CMS_USER = "cmsuser";
+private static final String CMS_USER_PASSWORD = "cmsuserpass";
+private static final String PORT = "port";
+private static final String API_VERSION = "apiversion";
+private static final String API_RELATIVE_PATH = "apirelativepath";
+private static final String RETRY_COUNT = "retrycount";
+private static final String RETRY_INTERVAL = "retryinterval";
+private static final String NUAGE_VSP_CMS_ID = "nuagevspcmsid";
+
+private static final String CMS_USER_ENTEPRISE_NAME = "CSP";
+
+private String _name;
+private String _guid;
+private String _zoneId;
+private String _hostName;
+private String _cmsUser;
+private String _cmsUserPassword;
+private String _port;
+private String _apiVersion;
+private String _apiRelativePath;
+private String _retryCount;
+private String _retryInterval;
+private String _nuageVspCmsId;
+
+public String name() {
+return _name;
+}
+
+public String guid() {
+return this._guid;
+}
+
+public NuageVspResourceConfiguration guid(String guid) {
+this._guid = guid;
+return this;
+}
+
+public String zoneId() {
+return this._zoneId;
+}
+
+public NuageVspResourceConfiguration zoneId(String zoneId) {
+this._zoneId = zoneId;
+return this;
+}
+
+public String hostName() {
+return this._hostName;
+}
+
+public NuageVspResourceConfiguration hostName(String hostName) {
+this._hostName = hostName;
+this._name = "Nuage VSD - " + _hostName;
+return this;
+}
+
+public String cmsUser() {
+return this._cmsUser;
+}
+
+public NuageVspResourceConfiguration cmsUser(String cmsUser) {
+this._cmsUser = cmsUser;
+return this;
+}
+
+public String cmsUserPassword() {
+return this._cmsUserPassword;
+}
+
+public NuageVspResourceConfiguration cmsUserPassword(String 
cmsUserPassword) {
+this._cmsUserPassword = cmsUserPassword;
+return this;
+}
+
+public String port() {
+return this._port;
+}
+
+public NuageVspResourceConfiguration port(String port) {
+this._port = port;
+return this;
+}
+
+public String apiVersion() {
+return this._apiVersion;
+}
+
+public NuageVspResourceConfiguration apiVersion(String apiVersion) {
+

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712151#comment-15712151
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90451924
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/element/NuageVspElement.java
 ---
@@ -387,41 +400,39 @@ public boolean canEnableIndividualServices() {
 
 @Override
 public boolean destroy(Network network, ReservationContext context) 
throws ConcurrentOperationException, ResourceUnavailableException {
-if (!canHandle(network, Service.Connectivity)) {
-return false;
-}
-
-return true;
+return canHandle(network, Service.Connectivity);
 }
 
 @Override
 public boolean verifyServicesCombination(Set services) {
--- End diff --

The method assumes that `services` is not `null`.  Therefore, please 
consider adding a `Preconditions.checkArgument` check to verify that `services` 
is not `null`


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
> shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_differentdomain | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for admin user in the same 
> domain but in a ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainadminuser | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for user in the same 
> domain but in a different ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is able to deploy a VM for regular user in a shared 
> network with scope=account ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_user | Status : SUCCESS 
> ===
> ok
> Valiate that ROOT admin is able to deploy a VM for user in ROOT domain in a 
> shared network with scope=all ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_all_ROOTuser | Status : SUCCESS 
> ===
> ok
> Valiate that ROOT admin is able to deploy a VM for a domain admin users in a 
> shared network with scope=all ... === TestName: 
>

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712146#comment-15712146
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90456898
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/resource/NuageVspResourceConfiguration.java
 ---
@@ -0,0 +1,310 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.network.resource;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.naming.ConfigurationException;
+
+import net.nuage.vsp.acs.client.api.model.NuageVspUser;
+import net.nuage.vsp.acs.client.api.model.VspHost;
+import net.nuage.vsp.acs.client.common.NuageVspApiVersion;
+
+import org.apache.commons.lang.builder.ToStringBuilder;
+
+import com.cloud.util.NuageVspUtil;
+
+public class NuageVspResourceConfiguration {
+private static final String NAME = "name";
+private static final String GUID = "guid";
+private static final String ZONE_ID = "zoneid";
+private static final String HOST_NAME = "hostname";
+private static final String CMS_USER = "cmsuser";
+private static final String CMS_USER_PASSWORD = "cmsuserpass";
+private static final String PORT = "port";
+private static final String API_VERSION = "apiversion";
+private static final String API_RELATIVE_PATH = "apirelativepath";
+private static final String RETRY_COUNT = "retrycount";
+private static final String RETRY_INTERVAL = "retryinterval";
+private static final String NUAGE_VSP_CMS_ID = "nuagevspcmsid";
+
+private static final String CMS_USER_ENTEPRISE_NAME = "CSP";
+
+private String _name;
+private String _guid;
+private String _zoneId;
+private String _hostName;
+private String _cmsUser;
+private String _cmsUserPassword;
+private String _port;
+private String _apiVersion;
+private String _apiRelativePath;
+private String _retryCount;
+private String _retryInterval;
+private String _nuageVspCmsId;
+
+public String name() {
+return _name;
+}
+
+public String guid() {
+return this._guid;
+}
+
+public NuageVspResourceConfiguration guid(String guid) {
+this._guid = guid;
+return this;
+}
+
+public String zoneId() {
+return this._zoneId;
+}
+
+public NuageVspResourceConfiguration zoneId(String zoneId) {
+this._zoneId = zoneId;
+return this;
+}
+
+public String hostName() {
+return this._hostName;
+}
+
+public NuageVspResourceConfiguration hostName(String hostName) {
+this._hostName = hostName;
+this._name = "Nuage VSD - " + _hostName;
+return this;
+}
+
+public String cmsUser() {
+return this._cmsUser;
+}
+
+public NuageVspResourceConfiguration cmsUser(String cmsUser) {
+this._cmsUser = cmsUser;
+return this;
+}
+
+public String cmsUserPassword() {
+return this._cmsUserPassword;
+}
+
+public NuageVspResourceConfiguration cmsUserPassword(String 
cmsUserPassword) {
+this._cmsUserPassword = cmsUserPassword;
+return this;
+}
+
+public String port() {
+return this._port;
+}
+
+public NuageVspResourceConfiguration port(String port) {
+this._port = port;
+return this;
+}
+
+public String apiVersion() {
+return this._apiVersion;
+}
+
+public NuageVspResourceConfiguration apiVersion(String apiVersion) {
+

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712159#comment-15712159
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90455021
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/resource/NuageVspRequestWrapper.java
 ---
@@ -0,0 +1,78 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.network.resource;
+
+import java.util.Hashtable;
+import java.util.Set;
+
+import org.reflections.Reflections;
+
+import com.cloud.agent.api.Answer;
+import com.cloud.agent.api.Command;
+import com.cloud.resource.CommandWrapper;
+import com.cloud.resource.RequestWrapper;
+import com.cloud.resource.ServerResource;
+
+public class NuageVspRequestWrapper extends RequestWrapper {
+
+private static NuageVspRequestWrapper instance;
+
+static {
+instance = new NuageVspRequestWrapper();
+}
+
+Reflections baseWrappers = new 
Reflections("com.cloud.network.vsp.resource.wrapper");
+
+@SuppressWarnings("rawtypes")
+Set baseSet = 
baseWrappers.getSubTypesOf(CommandWrapper.class);
--- End diff --

Per previous comment, this attribute seems like it could be `private static 
final`.


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
> shared network with ... ===

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712155#comment-15712155
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90457877
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/resource/NuageVspResourceConfiguration.java
 ---
@@ -0,0 +1,310 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.network.resource;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.naming.ConfigurationException;
+
+import net.nuage.vsp.acs.client.api.model.NuageVspUser;
+import net.nuage.vsp.acs.client.api.model.VspHost;
+import net.nuage.vsp.acs.client.common.NuageVspApiVersion;
+
+import org.apache.commons.lang.builder.ToStringBuilder;
+
+import com.cloud.util.NuageVspUtil;
+
+public class NuageVspResourceConfiguration {
+private static final String NAME = "name";
+private static final String GUID = "guid";
+private static final String ZONE_ID = "zoneid";
+private static final String HOST_NAME = "hostname";
+private static final String CMS_USER = "cmsuser";
+private static final String CMS_USER_PASSWORD = "cmsuserpass";
+private static final String PORT = "port";
+private static final String API_VERSION = "apiversion";
+private static final String API_RELATIVE_PATH = "apirelativepath";
+private static final String RETRY_COUNT = "retrycount";
+private static final String RETRY_INTERVAL = "retryinterval";
+private static final String NUAGE_VSP_CMS_ID = "nuagevspcmsid";
+
+private static final String CMS_USER_ENTEPRISE_NAME = "CSP";
+
+private String _name;
+private String _guid;
+private String _zoneId;
+private String _hostName;
+private String _cmsUser;
+private String _cmsUserPassword;
+private String _port;
+private String _apiVersion;
+private String _apiRelativePath;
+private String _retryCount;
+private String _retryInterval;
+private String _nuageVspCmsId;
+
+public String name() {
+return _name;
+}
+
+public String guid() {
+return this._guid;
+}
+
+public NuageVspResourceConfiguration guid(String guid) {
+this._guid = guid;
+return this;
+}
+
+public String zoneId() {
+return this._zoneId;
+}
+
+public NuageVspResourceConfiguration zoneId(String zoneId) {
+this._zoneId = zoneId;
+return this;
+}
+
+public String hostName() {
+return this._hostName;
+}
+
+public NuageVspResourceConfiguration hostName(String hostName) {
+this._hostName = hostName;
+this._name = "Nuage VSD - " + _hostName;
+return this;
+}
+
+public String cmsUser() {
+return this._cmsUser;
+}
+
+public NuageVspResourceConfiguration cmsUser(String cmsUser) {
+this._cmsUser = cmsUser;
+return this;
+}
+
+public String cmsUserPassword() {
+return this._cmsUserPassword;
+}
+
+public NuageVspResourceConfiguration cmsUserPassword(String 
cmsUserPassword) {
+this._cmsUserPassword = cmsUserPassword;
+return this;
+}
+
+public String port() {
+return this._port;
+}
+
+public NuageVspResourceConfiguration port(String port) {
+this._port = port;
+return this;
+}
+
+public String apiVersion() {
+return this._apiVersion;
+}
+
+public NuageVspResourceConfiguration apiVersion(String apiVersion) {
+

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712145#comment-15712145
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90450632
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/element/NuageVspElement.java
 ---
@@ -128,6 +135,26 @@
 
 private static final Map> 
capabilities = setCapabilities();
 
+private static final Set REQUIRED_SERVICES = Sets.newHashSet(
+Service.Connectivity,
+Service.Dhcp
+);
+private static final Set NUAGE_ONLY_SERVICES = 
Sets.newHashSet(
+Service.SourceNat,
+Service.StaticNat,
+Service.Gateway
+);
+private static final Set UNSUPPORTED_SERVICES = 
Sets.newHashSet(
--- End diff --

Since this value is constant, please use ``ImmutableSet`` rather than 
``HashSet``.


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
> shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_differentdomain | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for admin user in the same 
> domain but in a ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainadminuser | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for user in the same 
> domain but in a different ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is able to deploy a VM for regular user in a shared 
> network with scope=account ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_user | Status : SUCCESS 
> ===
> ok
> Valiate that ROOT admin is able to deploy a VM for user in ROOT domain in a 
> shared network with scope=all ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_all_ROOTuser | Status : SUCCESS 
> ===
> ok
> Valiate that ROOT admin is able to deploy a VM for a domain admin users in a 
> shared network with scope=all ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_all_domainadminuser | Status : 
> SUCCESS

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712163#comment-15712163
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90450606
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/element/NuageVspElement.java
 ---
@@ -128,6 +135,26 @@
 
 private static final Map> 
capabilities = setCapabilities();
 
+private static final Set REQUIRED_SERVICES = Sets.newHashSet(
+Service.Connectivity,
+Service.Dhcp
+);
+private static final Set NUAGE_ONLY_SERVICES = 
Sets.newHashSet(
--- End diff --

Since this value is constant, please use ``ImmutableSet`` rather than 
``HashSet``.


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
> shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_differentdomain | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for admin user in the same 
> domain but in a ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainadminuser | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for user in the same 
> domain but in a different ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is able to deploy a VM for regular user in a shared 
> network with scope=account ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_user | Status : SUCCESS 
> ===
> ok
> Valiate that ROOT admin is able to deploy a VM for user in ROOT domain in a 
> shared network with scope=all ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_all_ROOTuser | Status : SUCCESS 
> ===
> ok
> Valiate that ROOT admin is able to deploy a VM for a domain admin users in a 
> shared network with scope=all ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_all_domainadminuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is able to deploy a VM for other users in a shared 
> network with scope=all ... === TestName: 
>

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712165#comment-15712165
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90454905
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/resource/NuageVspRequestWrapper.java
 ---
@@ -0,0 +1,78 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.network.resource;
+
+import java.util.Hashtable;
+import java.util.Set;
+
+import org.reflections.Reflections;
+
+import com.cloud.agent.api.Answer;
+import com.cloud.agent.api.Command;
+import com.cloud.resource.CommandWrapper;
+import com.cloud.resource.RequestWrapper;
+import com.cloud.resource.ServerResource;
+
+public class NuageVspRequestWrapper extends RequestWrapper {
+
+private static NuageVspRequestWrapper instance;
+
+static {
+instance = new NuageVspRequestWrapper();
+}
+
+Reflections baseWrappers = new 
Reflections("com.cloud.network.vsp.resource.wrapper");
--- End diff --

Why isn't this attribute declared `private static final`?  My understanding 
of reflections, it only needs to instantiated once to scan a package path.  It 
seems unnecessary/expensive to spin it up every time `NuageVspRequestWrapper` 
is instantiated.


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712149#comment-15712149
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90457155
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/resource/NuageVspResourceConfiguration.java
 ---
@@ -0,0 +1,310 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.network.resource;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.naming.ConfigurationException;
+
+import net.nuage.vsp.acs.client.api.model.NuageVspUser;
+import net.nuage.vsp.acs.client.api.model.VspHost;
+import net.nuage.vsp.acs.client.common.NuageVspApiVersion;
+
+import org.apache.commons.lang.builder.ToStringBuilder;
+
+import com.cloud.util.NuageVspUtil;
+
+public class NuageVspResourceConfiguration {
+private static final String NAME = "name";
+private static final String GUID = "guid";
+private static final String ZONE_ID = "zoneid";
+private static final String HOST_NAME = "hostname";
+private static final String CMS_USER = "cmsuser";
+private static final String CMS_USER_PASSWORD = "cmsuserpass";
+private static final String PORT = "port";
+private static final String API_VERSION = "apiversion";
+private static final String API_RELATIVE_PATH = "apirelativepath";
+private static final String RETRY_COUNT = "retrycount";
+private static final String RETRY_INTERVAL = "retryinterval";
+private static final String NUAGE_VSP_CMS_ID = "nuagevspcmsid";
+
+private static final String CMS_USER_ENTEPRISE_NAME = "CSP";
+
+private String _name;
+private String _guid;
+private String _zoneId;
+private String _hostName;
+private String _cmsUser;
+private String _cmsUserPassword;
+private String _port;
+private String _apiVersion;
+private String _apiRelativePath;
+private String _retryCount;
+private String _retryInterval;
+private String _nuageVspCmsId;
+
+public String name() {
+return _name;
+}
+
+public String guid() {
+return this._guid;
+}
+
+public NuageVspResourceConfiguration guid(String guid) {
+this._guid = guid;
+return this;
+}
+
+public String zoneId() {
+return this._zoneId;
+}
+
+public NuageVspResourceConfiguration zoneId(String zoneId) {
+this._zoneId = zoneId;
+return this;
+}
+
+public String hostName() {
+return this._hostName;
+}
+
+public NuageVspResourceConfiguration hostName(String hostName) {
+this._hostName = hostName;
+this._name = "Nuage VSD - " + _hostName;
+return this;
+}
+
+public String cmsUser() {
+return this._cmsUser;
+}
+
+public NuageVspResourceConfiguration cmsUser(String cmsUser) {
+this._cmsUser = cmsUser;
+return this;
+}
+
+public String cmsUserPassword() {
+return this._cmsUserPassword;
+}
+
+public NuageVspResourceConfiguration cmsUserPassword(String 
cmsUserPassword) {
+this._cmsUserPassword = cmsUserPassword;
+return this;
+}
+
+public String port() {
+return this._port;
+}
+
+public NuageVspResourceConfiguration port(String port) {
+this._port = port;
+return this;
+}
+
+public String apiVersion() {
+return this._apiVersion;
+}
+
+public NuageVspResourceConfiguration apiVersion(String apiVersion) {
+

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712160#comment-15712160
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90452488
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/guru/NuageVspGuestNetworkGuru.java
 ---
@@ -255,7 +284,30 @@ public void reserve(NicProfile nic, Network network, 
VirtualMachineProfile vm, D
 }
 
 HostVO nuageVspHost = 
_nuageVspManager.getNuageVspHost(network.getPhysicalNetworkId());
-VspNetwork vspNetwork = 
_nuageVspEntityBuilder.buildVspNetwork(network, false);
+VspNetwork vspNetwork = 
_nuageVspEntityBuilder.buildVspNetwork(vm.getVirtualMachine().getDomainId(), 
network);
+
+if (vspNetwork.isShared()) {
+vspNetwork = 
_nuageVspEntityBuilder.updateVspNetworkByPublicIp(vspNetwork, network, 
nic.getIPv4Address());
+
+if (VirtualMachine.Type.DomainRouter.equals(vm.getType()) 
&& !nic.getIPv4Address().equals(vspNetwork.getVirtualRouterIp())) {
+s_logger.debug("VR got spawned with a different IP, 
releasing the previously allocated public IP " + nic.getIPv4Address());
--- End diff --

Please wrap this `DEBUG` log statement in an `if 
(s_logger.isDebugEnabled())` block to avoid unnecessary string concatenation 
when `DEBUG` logging is not enabled.


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
> shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_differentdomain | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for admin user in the same 
> domain but in a ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainadminuser | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for user in the same 
> domain but in a different ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is able to deploy a VM for regular user in a shared 
> network with scope=account ... === TestName: 
>

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712167#comment-15712167
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90451135
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/agent/api/manager/CleanUpDomainCommand.java
 ---
@@ -0,0 +1,63 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.agent.api.manager;
+
+import com.cloud.agent.api.Command;
+import net.nuage.vsp.acs.client.api.model.VspDomainCleanUp;
+
+public class CleanUpDomainCommand extends Command {
+
+private final VspDomainCleanUp _domainCleanUp;
+
+public CleanUpDomainCommand(VspDomainCleanUp domainCleanUp) {
--- End diff --

Is it acceptable for `domainCleanup` to be `null`?  If not, please consider 
adding a `Preconditions.checkArgument` check to verify that the `domainCleanup` 
is not `null`.  You may also be to remove `null` checks from the `equals` and 
`hashCode` methods if this precondition is added.


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
> shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_differentdomain | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for admin user in the same 
> domain but in a ... === TestName: 
>

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712154#comment-15712154
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90457477
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/resource/NuageVspResourceConfiguration.java
 ---
@@ -0,0 +1,310 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.network.resource;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.naming.ConfigurationException;
+
+import net.nuage.vsp.acs.client.api.model.NuageVspUser;
+import net.nuage.vsp.acs.client.api.model.VspHost;
+import net.nuage.vsp.acs.client.common.NuageVspApiVersion;
+
+import org.apache.commons.lang.builder.ToStringBuilder;
+
+import com.cloud.util.NuageVspUtil;
+
+public class NuageVspResourceConfiguration {
+private static final String NAME = "name";
+private static final String GUID = "guid";
+private static final String ZONE_ID = "zoneid";
+private static final String HOST_NAME = "hostname";
+private static final String CMS_USER = "cmsuser";
+private static final String CMS_USER_PASSWORD = "cmsuserpass";
+private static final String PORT = "port";
+private static final String API_VERSION = "apiversion";
+private static final String API_RELATIVE_PATH = "apirelativepath";
+private static final String RETRY_COUNT = "retrycount";
+private static final String RETRY_INTERVAL = "retryinterval";
+private static final String NUAGE_VSP_CMS_ID = "nuagevspcmsid";
+
+private static final String CMS_USER_ENTEPRISE_NAME = "CSP";
+
+private String _name;
+private String _guid;
+private String _zoneId;
+private String _hostName;
+private String _cmsUser;
+private String _cmsUserPassword;
+private String _port;
+private String _apiVersion;
+private String _apiRelativePath;
+private String _retryCount;
+private String _retryInterval;
+private String _nuageVspCmsId;
+
+public String name() {
+return _name;
+}
+
+public String guid() {
+return this._guid;
+}
+
+public NuageVspResourceConfiguration guid(String guid) {
+this._guid = guid;
+return this;
+}
+
+public String zoneId() {
+return this._zoneId;
+}
+
+public NuageVspResourceConfiguration zoneId(String zoneId) {
+this._zoneId = zoneId;
+return this;
+}
+
+public String hostName() {
+return this._hostName;
+}
+
+public NuageVspResourceConfiguration hostName(String hostName) {
+this._hostName = hostName;
+this._name = "Nuage VSD - " + _hostName;
+return this;
+}
+
+public String cmsUser() {
+return this._cmsUser;
+}
+
+public NuageVspResourceConfiguration cmsUser(String cmsUser) {
+this._cmsUser = cmsUser;
+return this;
+}
+
+public String cmsUserPassword() {
+return this._cmsUserPassword;
+}
+
+public NuageVspResourceConfiguration cmsUserPassword(String 
cmsUserPassword) {
+this._cmsUserPassword = cmsUserPassword;
+return this;
+}
+
+public String port() {
+return this._port;
+}
+
+public NuageVspResourceConfiguration port(String port) {
+this._port = port;
+return this;
+}
+
+public String apiVersion() {
+return this._apiVersion;
+}
+
+public NuageVspResourceConfiguration apiVersion(String apiVersion) {
+

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712166#comment-15712166
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90450815
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/agent/api/manager/CleanUpDomainCommand.java
 ---
@@ -0,0 +1,63 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.agent.api.manager;
+
+import com.cloud.agent.api.Command;
+import net.nuage.vsp.acs.client.api.model.VspDomainCleanUp;
+
+public class CleanUpDomainCommand extends Command {
+
+private final VspDomainCleanUp _domainCleanUp;
+
+public CleanUpDomainCommand(VspDomainCleanUp domainCleanUp) {
+super();
+this._domainCleanUp = domainCleanUp;
+}
+
+public VspDomainCleanUp getDomainCleanUp() {
+return _domainCleanUp;
+}
+
+@Override
+public boolean executeInSequence() {
+return false;
+}
+
+@Override
+public boolean equals(Object o) {
+if (this == o) return true;
+if (!(o instanceof CleanUpDomainCommand)) return false;
+if (!super.equals(o)) return false;
+
+CleanUpDomainCommand that = (CleanUpDomainCommand) o;
+
+if (_domainCleanUp != null ? 
!_domainCleanUp.equals(that._domainCleanUp) : that._domainCleanUp != null)
--- End diff --

Per our coding standards, all `if` blocks must wrapped in curly braces.


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712170#comment-15712170
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90455598
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/resource/NuageVspResourceConfiguration.java
 ---
@@ -0,0 +1,310 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.network.resource;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.naming.ConfigurationException;
+
+import net.nuage.vsp.acs.client.api.model.NuageVspUser;
+import net.nuage.vsp.acs.client.api.model.VspHost;
+import net.nuage.vsp.acs.client.common.NuageVspApiVersion;
+
+import org.apache.commons.lang.builder.ToStringBuilder;
+
+import com.cloud.util.NuageVspUtil;
+
+public class NuageVspResourceConfiguration {
+private static final String NAME = "name";
+private static final String GUID = "guid";
+private static final String ZONE_ID = "zoneid";
+private static final String HOST_NAME = "hostname";
+private static final String CMS_USER = "cmsuser";
+private static final String CMS_USER_PASSWORD = "cmsuserpass";
+private static final String PORT = "port";
+private static final String API_VERSION = "apiversion";
+private static final String API_RELATIVE_PATH = "apirelativepath";
+private static final String RETRY_COUNT = "retrycount";
+private static final String RETRY_INTERVAL = "retryinterval";
+private static final String NUAGE_VSP_CMS_ID = "nuagevspcmsid";
+
+private static final String CMS_USER_ENTEPRISE_NAME = "CSP";
+
+private String _name;
+private String _guid;
+private String _zoneId;
+private String _hostName;
+private String _cmsUser;
+private String _cmsUserPassword;
+private String _port;
+private String _apiVersion;
+private String _apiRelativePath;
+private String _retryCount;
+private String _retryInterval;
+private String _nuageVspCmsId;
+
+public String name() {
+return _name;
+}
+
+public String guid() {
+return this._guid;
+}
+
+public NuageVspResourceConfiguration guid(String guid) {
+this._guid = guid;
+return this;
+}
+
+public String zoneId() {
+return this._zoneId;
+}
+
+public NuageVspResourceConfiguration zoneId(String zoneId) {
+this._zoneId = zoneId;
+return this;
+}
+
+public String hostName() {
+return this._hostName;
+}
+
+public NuageVspResourceConfiguration hostName(String hostName) {
+this._hostName = hostName;
+this._name = "Nuage VSD - " + _hostName;
+return this;
+}
+
+public String cmsUser() {
+return this._cmsUser;
+}
+
+public NuageVspResourceConfiguration cmsUser(String cmsUser) {
+this._cmsUser = cmsUser;
+return this;
+}
+
+public String cmsUserPassword() {
+return this._cmsUserPassword;
+}
+
+public NuageVspResourceConfiguration cmsUserPassword(String 
cmsUserPassword) {
+this._cmsUserPassword = cmsUserPassword;
+return this;
+}
+
+public String port() {
+return this._port;
+}
+
+public NuageVspResourceConfiguration port(String port) {
+this._port = port;
+return this;
+}
+
+public String apiVersion() {
+return this._apiVersion;
+}
+
+public NuageVspResourceConfiguration apiVersion(String apiVersion) {
+

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712152#comment-15712152
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90450669
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/element/NuageVspElement.java
 ---
@@ -128,6 +135,26 @@
 
 private static final Map> 
capabilities = setCapabilities();
 
+private static final Set REQUIRED_SERVICES = Sets.newHashSet(
+Service.Connectivity,
+Service.Dhcp
+);
+private static final Set NUAGE_ONLY_SERVICES = 
Sets.newHashSet(
+Service.SourceNat,
+Service.StaticNat,
+Service.Gateway
+);
+private static final Set UNSUPPORTED_SERVICES = 
Sets.newHashSet(
+Service.Vpn,
+Service.Dns,
+Service.PortForwarding,
+Service.SecurityGroup
+);
+private static final Set> ANY_REQUIRED_SERVICES 
= Sets.newHashSet(
--- End diff --

Since this value is constant, please use ``ImmutableSet`` rather than 
``HashSet``.


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
> shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_differentdomain | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for admin user in the same 
> domain but in a ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainadminuser | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for user in the same 
> domain but in a different ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is able to deploy a VM for regular user in a shared 
> network with scope=account ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_user | Status : SUCCESS 
> ===
> ok
> Valiate that ROOT admin is able to deploy a VM for user in ROOT domain in a 
> shared network with scope=all ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_all_ROOTuser

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712162#comment-15712162
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90450802
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/agent/api/manager/CleanUpDomainCommand.java
 ---
@@ -0,0 +1,63 @@
+//
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+//
+
+package com.cloud.agent.api.manager;
+
+import com.cloud.agent.api.Command;
+import net.nuage.vsp.acs.client.api.model.VspDomainCleanUp;
+
+public class CleanUpDomainCommand extends Command {
+
+private final VspDomainCleanUp _domainCleanUp;
+
+public CleanUpDomainCommand(VspDomainCleanUp domainCleanUp) {
+super();
+this._domainCleanUp = domainCleanUp;
+}
+
+public VspDomainCleanUp getDomainCleanUp() {
+return _domainCleanUp;
+}
+
+@Override
+public boolean executeInSequence() {
+return false;
+}
+
+@Override
+public boolean equals(Object o) {
+if (this == o) return true;
+if (!(o instanceof CleanUpDomainCommand)) return false;
+if (!super.equals(o)) return false;
--- End diff --

Per our coding standards, all `if` blocks must wrapped in curly braces.


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
>

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15712156#comment-15712156
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user jburwell commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r90450578
  
--- Diff: 
plugins/network-elements/nuage-vsp/src/com/cloud/network/element/NuageVspElement.java
 ---
@@ -128,6 +135,26 @@
 
 private static final Map> 
capabilities = setCapabilities();
 
+private static final Set REQUIRED_SERVICES = Sets.newHashSet(
--- End diff --

Since this value is constant, please use ``ImmutableSet`` rather than 
``HashSet``.


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
> shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_differentdomain | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for admin user in the same 
> domain but in a ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainadminuser | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for user in the same 
> domain but in a different ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is able to deploy a VM for regular user in a shared 
> network with scope=account ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_user | Status : SUCCESS 
> ===
> ok
> Valiate that ROOT admin is able to deploy a VM for user in ROOT domain in a 
> shared network with scope=all ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_all_ROOTuser | Status : SUCCESS 
> ===
> ok
> Valiate that ROOT admin is able to deploy a VM for a domain admin users in a 
> shared network with scope=all ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_all_domainadminuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is able to deploy a VM for other users in a shared 
> network with scope=all ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_all_domainuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is able to deploy a VM for admin user in a domain in 
> a shared network with scope=all ... ===

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711974#comment-15711974
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user prashanthvarma commented on the issue:

https://github.com/apache/cloudstack/pull/1579
  
@rhtyd We have now resolved all your review comments including adding of 
the requested unit test coverage, and we have rebased this PR with the latest 
master (i.e. contains PR #1801 fix).

Here is my analysis regarding the following regression test failures:

1) test_06_download_detached_volume -> Failed to access SSVM to 
extractVolume download info.

Above failing test case tries to download a volume unattached to a VM by 
extracting its download info from SSVM, which fails due to failed 
access/connection with SSVM. 

This test case passes in other test environments (e.g. KVM and VMware). 
Thus, most likely, its a test environment (intermittent) issue.

2) test_01_create_template -> Failed to delete the created template during 
test case tearDown

Above failing test case creates a template (adds to cleanup list), does 
some assertions on the returned list of templates, and goes to test case 
tearDown (deletes objects in cleanup list). 

Similar tests pass in other test cases of the same test script 
"test-templates.py" and in other test environments (e.g. xenserver and VMware). 
One major difference between the failing test case and others is that the 
deletion of template is happening right after its creation (bit too quick). 
Thus, most likely, it is a timing related (intermittent) issue.

Let me know, if you need anything from our side.

cc: @jburwell 


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
> shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_differentdomain | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for admin user in the same 
> domain but in a ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainadminuser | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for user in the same 
> domain but in a different ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainuser | Status : 
> SUCCESS ===
> ok
> Valiate

[jira] [Resolved] (CLOUDSTACK-9590) KVM + CentOS 7.2 + Agent in Alert State for long time

2016-12-01 Thread Sven Vogel (JIRA) 

 [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9590?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Sven Vogel resolved CLOUDSTACK-9590.

   Resolution: Fixed
Fix Version/s: 4.9.1.0

> KVM + CentOS 7.2 + Agent in Alert State for long time
> -
>
> Key: CLOUDSTACK-9590
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9590
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: cloudstack-agent
>Affects Versions: 4.9.0
> Environment: entOS Linux release 7.2.1511 (Core)
> cloudstack-agent-4.9.0-1.el7.centos.x86_64
>Reporter: Sven Vogel
> Fix For: 4.9.1.0
>
> Attachments: agent.log, cloudstack-startup.log, management-server.zip
>
>
> Hi,
> When i add a new host to cloudstack management server it take some time to 
> get host out from alert state.
> 1. i add the host and host add not possible
> 2. values are correct set to agent.properties, restart cloustack agent
> 3. agent says connected to server
> 4. management server says "alert"
> management-server.log
> 2016-11-10 13:23:06,783 DEBUG [c.c.h.Status] 
> (AgentConnectTaskPool-49:ctx-c3b72839) (logid:5a86e1fb) Transition:[Resource 
> state = Enabled, Agent event = AgentDisconnected, Host
> id = 51, name = kvm02.oscloud.local]
> 2016-11-10 13:23:06,798 DEBUG [c.c.a.m.ClusteredAgentManagerImpl] 
> (AgentConnectTaskPool-49:ctx-c3b72839) (logid:5a86e1fb) Notifying other nodes 
> of to disconnect
> 2016-11-10 13:23:06,806 DEBUG [c.c.a.m.AgentManagerImpl] 
> (AgentConnectTaskPool-49:ctx-c3b72839) (logid:5a86e1fb) Failed to handle host 
> connection: com.cloud.exception.Connection
> Exception: Unable to get an answer to the CheckNetworkCommand from agent: 51
> is there any way to speed up the alert state? is it normal that it take so 
> long?
> thanks
> Sven



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9590) KVM + CentOS 7.2 + Agent in Alert State for long time

2016-12-01 Thread Sven Vogel (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9590?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711922#comment-15711922
 ] 

Sven Vogel commented on CLOUDSTACK-9590:


i found the solution with help of Dag Sonstebo. I used Java 1.8 and changed it 
to 1.7. After this Agent comes up fast.

> KVM + CentOS 7.2 + Agent in Alert State for long time
> -
>
> Key: CLOUDSTACK-9590
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9590
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: cloudstack-agent
>Affects Versions: 4.9.0
> Environment: entOS Linux release 7.2.1511 (Core)
> cloudstack-agent-4.9.0-1.el7.centos.x86_64
>Reporter: Sven Vogel
> Attachments: agent.log, cloudstack-startup.log, management-server.zip
>
>
> Hi,
> When i add a new host to cloudstack management server it take some time to 
> get host out from alert state.
> 1. i add the host and host add not possible
> 2. values are correct set to agent.properties, restart cloustack agent
> 3. agent says connected to server
> 4. management server says "alert"
> management-server.log
> 2016-11-10 13:23:06,783 DEBUG [c.c.h.Status] 
> (AgentConnectTaskPool-49:ctx-c3b72839) (logid:5a86e1fb) Transition:[Resource 
> state = Enabled, Agent event = AgentDisconnected, Host
> id = 51, name = kvm02.oscloud.local]
> 2016-11-10 13:23:06,798 DEBUG [c.c.a.m.ClusteredAgentManagerImpl] 
> (AgentConnectTaskPool-49:ctx-c3b72839) (logid:5a86e1fb) Notifying other nodes 
> of to disconnect
> 2016-11-10 13:23:06,806 DEBUG [c.c.a.m.AgentManagerImpl] 
> (AgentConnectTaskPool-49:ctx-c3b72839) (logid:5a86e1fb) Failed to handle host 
> connection: com.cloud.exception.Connection
> Exception: Unable to get an answer to the CheckNetworkCommand from agent: 51
> is there any way to speed up the alert state? is it normal that it take so 
> long?
> thanks
> Sven



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9645) Add support for not restarting the management server after setup

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9645?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711908#comment-15711908
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9645:


Github user ProjectMoon commented on the issue:

https://github.com/apache/cloudstack/pull/1566
  
Updated to latest master, and a JIRA ticket now exists.

https://issues.apache.org/jira/browse/CLOUDSTACK-9645


> Add support for not restarting the management server after setup
> 
>
> Key: CLOUDSTACK-9645
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9645
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Management Server
>Affects Versions: 4.9.0
>Reporter: Jeff Hair
> Fix For: 4.10.0.0
>
>
> Enhance the cloudstack-setup-management script to allow the ability to NOT 
> restart the management server. Helps with systemd. This has been implemented 
> already, but there was a bug with it where it would not properly respect the 
> option.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (CLOUDSTACK-9645) Add support for not restarting the management server after setup

2016-12-01 Thread Jeff Hair (JIRA) 
Jeff Hair created CLOUDSTACK-9645:
-

 Summary: Add support for not restarting the management server 
after setup
 Key: CLOUDSTACK-9645
 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9645
 Project: CloudStack
  Issue Type: Improvement
  Security Level: Public (Anyone can view this level - this is the default.)
  Components: Management Server
Affects Versions: 4.9.0
Reporter: Jeff Hair
 Fix For: 4.10.0.0


Enhance the cloudstack-setup-management script to allow the ability to NOT 
restart the management server. Helps with systemd. This has been implemented 
already, but there was a bug with it where it would not properly respect the 
option.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9644) Add bits field to template response

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9644?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711901#comment-15711901
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9644:


Github user ProjectMoon commented on the issue:

https://github.com/apache/cloudstack/pull/1622
  
Updated to latest master, and a JIRA ticket has been created.

https://issues.apache.org/jira/browse/CLOUDSTACK-9644


> Add bits field to template response
> ---
>
> Key: CLOUDSTACK-9644
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9644
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Management Server
>Affects Versions: 4.9.0
>Reporter: Jeff Hair
> Fix For: 4.10.0.0
>
>
> Enhance the list templates command to return the size of the template in bits.
> See: https://github.com/apache/cloudstack/pull/1622



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (CLOUDSTACK-9644) Add bits field to template response

2016-12-01 Thread Jeff Hair (JIRA) 
Jeff Hair created CLOUDSTACK-9644:
-

 Summary: Add bits field to template response
 Key: CLOUDSTACK-9644
 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9644
 Project: CloudStack
  Issue Type: Improvement
  Security Level: Public (Anyone can view this level - this is the default.)
  Components: Management Server
Affects Versions: 4.9.0
Reporter: Jeff Hair
 Fix For: 4.10.0.0


Enhance the list templates command to return the size of the template in bits.

See: https://github.com/apache/cloudstack/pull/1622



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9643) Add OS info to list snapshots response

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9643?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711889#comment-15711889
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9643:


Github user ProjectMoon commented on the issue:

https://github.com/apache/cloudstack/pull/1618
  
Updated to latest master, and now with a JIRA ticket.

https://issues.apache.org/jira/browse/CLOUDSTACK-9643


> Add OS info to list snapshots response
> --
>
> Key: CLOUDSTACK-9643
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9643
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.9.0
>Reporter: Jeff Hair
> Fix For: 4.10.0.0
>
>
> Add OS info to list snapshots response. See 
> https://github.com/apache/cloudstack/pull/1618



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (CLOUDSTACK-9643) Add OS info to list snapshots response

2016-12-01 Thread Jeff Hair (JIRA) 
Jeff Hair created CLOUDSTACK-9643:
-

 Summary: Add OS info to list snapshots response
 Key: CLOUDSTACK-9643
 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9643
 Project: CloudStack
  Issue Type: Improvement
  Security Level: Public (Anyone can view this level - this is the default.)
Affects Versions: 4.9.0
Reporter: Jeff Hair
 Fix For: 4.10.0.0


Add OS info to list snapshots response. See 
https://github.com/apache/cloudstack/pull/1618



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (CLOUDSTACK-9642) API documentation: getVirtualMachineUserData is in the wrong command category 'User'

2016-12-01 Thread Phillip Kent (JIRA) 
Phillip Kent created CLOUDSTACK-9642:


 Summary: API documentation: getVirtualMachineUserData is in the 
wrong command category 'User'
 Key: CLOUDSTACK-9642
 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9642
 Project: CloudStack
  Issue Type: Bug
  Security Level: Public (Anyone can view this level - this is the default.)
  Components: API, Doc
Affects Versions: 4.9.0, 4.8.0, 4.7.1, 4.7.0, 4.6.2
Reporter: Phillip Kent
Priority: Minor
 Fix For: 4.9.0


The API command getVirtualMachineUserData is assigned to the category 'User' in 
the API documentation.  
For example, see: 
http://cloudstack.apache.org/api/apidocs-4.6/TOC_Root_Admin.html 

I think the correct category should be 'Virtual Machine'.

This affects all versions back to 4.6.x and earlier.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9403) Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin test coverage

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9403?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711867#comment-15711867
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9403:


Github user prashanthvarma commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1579#discussion_r9043
  
--- Diff: server/src/com/cloud/network/NetworkModelImpl.java ---
@@ -1558,6 +1558,32 @@ public boolean checkIpForService(IpAddress userIp, 
Service service, Long network
 }
 
 @Override
+public boolean providerSupportsCapability(Set providers, 
Service service, Capability cap) {
--- End diff --

@rhtyd  Unit test coverage added for this at  
server/test/com/cloud/network/MockNetworkModelImpl.java 


> Nuage VSP Plugin : Support for SharedNetwork fuctionality including Marvin 
> test coverage
> 
>
> Key: CLOUDSTACK-9403
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9403
> Project: CloudStack
>  Issue Type: Task
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Automation, Network Controller
>Reporter: Rahul Singal
>Assignee: Nick Livens
>
> This is first phase of support of Shared Network in cloudstack through 
> NuageVsp Network Plugin. A shared network is a type of virtual network that 
> is shared between multiple accounts i.e. a shared network can be accessed by 
> virtual machines that belong to many different accounts. This basic 
> functionality will be supported with the below common use case:
> - shared network can be used for monitoring purposes. A shared network can be 
> assigned to a domain and can be used for monitoring VMs  belonging to all 
> accounts in that domain.
> - Public accessible of shared Network.
> With the current implementation with NuageVsp plugin, It support over-lapping 
> of Ip address, Public Access and also adding Ip ranges in shared Network.
> In VSD, it is implemented in below manner:
> - In order to have tenant isolation for shared networks, we will have to 
> create a Shared L3 Subnet for each shared network, and instantiate it across 
> the relevant enterprises. A shared network will only exist under an 
> enterprise when it is needed, so when the first VM is spinned under that ACS 
> domain inside that shared network.
> - For public shared Network it will also create a floating ip subnet pool in 
> VSD along with all the things mentioned in above point.
> PR contents:
> 1) Support for shared networks with tenant isolation on master with Nuage VSP 
> SDN Plugin.
> 2) Support of shared network with publicly accessible ip ranges.  
> 2) Marvin test coverage for shared networks on master with Nuage VSP SDN 
> Plugin.
> 3) Enhancements on our exiting Marvin test code (nuagevsp plugins directory).
> 4) PEP8 & PyFlakes compliance with our Marvin test code.
> Test Results are:-
> Valiate that ROOT admin is NOT able to deploy a VM for a user in ROOT domain 
> in a shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_ROOTuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for a admin user in a 
> shared network with ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_differentdomain | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for admin user in the same 
> domain but in a ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainadminuser | 
> Status : SUCCESS ===
> ok
> Valiate that ROOT admin is NOT able to deploy a VM for user in the same 
> domain but in a different ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_domainuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is able to deploy a VM for regular user in a shared 
> network with scope=account ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_account_user | Status : SUCCESS 
> ===
> ok
> Valiate that ROOT admin is able to deploy a VM for user in ROOT domain in a 
> shared network with scope=all ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_all_ROOTuser | Status : SUCCESS 
> ===
> ok
> Valiate that ROOT admin is able to deploy a VM for a domain admin users in a 
> shared network with scope=all ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_all_domainadminuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is able to deploy a VM for other users in a shared 
> network with scope=all ... === TestName: 
> test_deployVM_in_sharedNetwork_as_admin_scope_all_domainuser | Status : 
> SUCCESS ===
> ok
> Valiate that ROOT admin is able to deploy a VM for admin user in a domain in 
> a shared

[jira] [Commented] (CLOUDSTACK-9635) fix test_privategw_acl.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9635?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711842#comment-15711842
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9635:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1802
  
Trillian test result (tid-515)
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 26871 seconds
Marvin logs: 
https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr1802-t515-kvm-centos7.zip
Test completed. 40 look ok, 3 have error(s)


Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_02_VPC_default_routes | `Failure` | 794.37 | test_vpc_router_nics.py
test_05_rvpc_multi_tiers | `Failure` | 291.01 | test_vpc_redundant.py
test_router_dhcp_opts | `Failure` | 21.31 | test_router_dhcphosts.py
test_01_vpc_site2site_vpn | Success | 176.43 | test_vpc_vpn.py
test_01_vpc_remote_access_vpn | Success | 82.24 | test_vpc_vpn.py
test_01_redundant_vpc_site2site_vpn | Success | 282.96 | test_vpc_vpn.py
test_01_VPC_nics_after_destroy | Success | 673.18 | test_vpc_router_nics.py
test_04_rvpc_network_garbage_collector_nics | Success | 1376.47 | 
test_vpc_redundant.py
test_03_create_redundant_VPC_1tier_2VMs_2IPs_2PF_ACL_reboot_routers | 
Success | 597.56 | test_vpc_redundant.py
test_02_redundant_VPC_default_routes | Success | 753.01 | 
test_vpc_redundant.py
test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL | Success | 1352.17 | 
test_vpc_redundant.py
test_09_delete_detached_volume | Success | 17.03 | test_volumes.py
test_08_resize_volume | Success | 15.83 | test_volumes.py
test_07_resize_fail | Success | 20.79 | test_volumes.py
test_06_download_detached_volume | Success | 15.56 | test_volumes.py
test_05_detach_volume | Success | 100.68 | test_volumes.py
test_04_delete_attached_volume | Success | 10.36 | test_volumes.py
test_03_download_attached_volume | Success | 16.98 | test_volumes.py
test_02_attach_volume | Success | 74.40 | test_volumes.py
test_01_create_volume | Success | 748.29 | test_volumes.py
test_deploy_vm_multiple | Success | 311.36 | test_vm_life_cycle.py
test_deploy_vm | Success | 0.04 | test_vm_life_cycle.py
test_advZoneVirtualRouter | Success | 0.03 | test_vm_life_cycle.py
test_10_attachAndDetach_iso | Success | 27.87 | test_vm_life_cycle.py
test_09_expunge_vm | Success | 125.59 | test_vm_life_cycle.py
test_08_migrate_vm | Success | 47.33 | test_vm_life_cycle.py
test_07_restore_vm | Success | 0.86 | test_vm_life_cycle.py
test_06_destroy_vm | Success | 132.04 | test_vm_life_cycle.py
test_03_reboot_vm | Success | 127.04 | test_vm_life_cycle.py
test_02_start_vm | Success | 15.67 | test_vm_life_cycle.py
test_01_stop_vm | Success | 50.93 | test_vm_life_cycle.py
test_CreateTemplateWithDuplicateName | Success | 173.19 | test_templates.py
test_08_list_system_templates | Success | 0.08 | test_templates.py
test_07_list_public_templates | Success | 0.04 | test_templates.py
test_05_template_permissions | Success | 0.07 | test_templates.py
test_04_extract_template | Success | 5.24 | test_templates.py
test_03_delete_template | Success | 5.29 | test_templates.py
test_02_edit_template | Success | 90.61 | test_templates.py
test_01_create_template | Success | 35.89 | test_templates.py
test_10_destroy_cpvm | Success | 167.27 | test_ssvm.py
test_09_destroy_ssvm | Success | 164.48 | test_ssvm.py
test_08_reboot_cpvm | Success | 132.05 | test_ssvm.py
test_07_reboot_ssvm | Success | 134.34 | test_ssvm.py
test_06_stop_cpvm | Success | 132.10 | test_ssvm.py
test_05_stop_ssvm | Success | 164.04 | test_ssvm.py
test_04_cpvm_internals | Success | 1.33 | test_ssvm.py
test_03_ssvm_internals | Success | 3.29 | test_ssvm.py
test_02_list_cpvm_vm | Success | 0.12 | test_ssvm.py
test_01_list_sec_storage_vm | Success | 0.12 | test_ssvm.py
test_01_snapshot_root_disk | Success | 11.52 | test_snapshots.py
test_04_change_offering_small | Success | 209.87 | test_service_offerings.py
test_03_delete_service_offering | Success | 0.04 | test_service_offerings.py
test_02_edit_service_offering | Success | 0.08 | test_service_offerings.py
test_01_create_service_offering | Success | 0.10 | test_service_offerings.py
test_02_sys_template_ready | Success | 0.16 | test_secondary_storage.py
test_01_sys_vm_start | Success | 0.20 | test_secondary_storage.py
test_09_reboot_router | Success | 40.47 | test_routers.py
test_08_start_router | Success | 30.30 | test_routers.py
test_07_stop_router | Success | 10.17 | test_routers.py
test_06_router_advanced | Success | 0.05 | test_routers.py
test_05_router_basic | Success | 0.05 | test_routers.py

[jira] [Commented] (CLOUDSTACK-9633) test_snapshot is failing due to incorrect string construction in utils.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711773#comment-15711773
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9633:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1800
  
@mike-tutkowski @nvazquez @syed ping, it seems there were some changes on 
master due to which snapshot file names on xenserver now have `.vhd` extension 
which was not seen in 4.8, 4.9 branches. I think the snapshot file name should 
indeed have the extension, but I wanted to check with you if this is something 
that you may have introduced/wanted? Any thoughts on this? Thanks.


> test_snapshot is failing due to incorrect string construction in utils.py
> -
>
> Key: CLOUDSTACK-9633
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9633
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: marvin
>Affects Versions: 4.10.0.0
> Environment: https://github.com/apache/cloudstack/pull/1800
>Reporter: Boris Stoyanov
> Fix For: 4.10.0.0
>
>
> When searching for the snapshot vhd on the nfs storage it adds 
> ([name].vhd.vhd) I've removed the extension for xenserver and it passed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9633) test_snapshot is failing due to incorrect string construction in utils.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711764#comment-15711764
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9633:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1800
  
Packaging result: ✔centos6 ✔centos7 ✔debian. JID-298


> test_snapshot is failing due to incorrect string construction in utils.py
> -
>
> Key: CLOUDSTACK-9633
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9633
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: marvin
>Affects Versions: 4.10.0.0
> Environment: https://github.com/apache/cloudstack/pull/1800
>Reporter: Boris Stoyanov
> Fix For: 4.10.0.0
>
>
> When searching for the snapshot vhd on the nfs storage it adds 
> ([name].vhd.vhd) I've removed the extension for xenserver and it passed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9633) test_snapshot is failing due to incorrect string construction in utils.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711750#comment-15711750
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9633:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1800
  
LGTM, we found the issue happens only in master branch (ref #1754). The fix 
is applicable only on master, the PR's base branch has been fixed and test has 
been verified manually by @borisstoyanov .


> test_snapshot is failing due to incorrect string construction in utils.py
> -
>
> Key: CLOUDSTACK-9633
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9633
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: marvin
>Affects Versions: 4.10.0.0
> Environment: https://github.com/apache/cloudstack/pull/1800
>Reporter: Boris Stoyanov
> Fix For: 4.10.0.0
>
>
> When searching for the snapshot vhd on the nfs storage it adds 
> ([name].vhd.vhd) I've removed the extension for xenserver and it passed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711719#comment-15711719
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@rhtyd a Trillian-Jenkins matrix job (centos6 mgmt + xs65sp1, centos7 mgmt 
+ vmware55u3, centos7 mgmt + kvmcentos7) has been kicked to run smoke tests


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711715#comment-15711715
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@blueorangutan test matrix


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-4821) SSL offload support in cloudstack

2016-12-01 Thread Wei Zhou (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-4821?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711684#comment-15711684
 ] 

Wei Zhou commented on CLOUDSTACK-4821:
--

[~sahmed] Hi Syed, I donot see the UI change for this ticket. Could you commit 
it ?

> SSL offload support in cloudstack
> -
>
> Key: CLOUDSTACK-4821
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-4821
> Project: CloudStack
>  Issue Type: New Feature
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: API, Network Devices
>Affects Versions: Future
>Reporter: Syed Ahmed
>  Labels: loadbalancer, netscaler, ssl
> Fix For: 4.3.0
>
>
> SSL offloading allows loadbalancers to decrypt SSL traffic and send plaintext 
> HTTP to the backend. This bug is to track the implementation of SSL offload 
> feature for Cloudstack. 
> The initial scope is to implement this for Netscaler.
> Links:
> Design Doc: 
> https://cwiki.apache.org/confluence/display/CLOUDSTACK/SSL+Offloading+Support



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9633) test_snapshot is failing due to incorrect string construction in utils.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711674#comment-15711674
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9633:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1800
  
@borisstoyanov a Jenkins job has been kicked to build packages. I'll keep 
you posted as I make progress.


> test_snapshot is failing due to incorrect string construction in utils.py
> -
>
> Key: CLOUDSTACK-9633
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9633
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: marvin
>Affects Versions: 4.10.0.0
> Environment: https://github.com/apache/cloudstack/pull/1800
>Reporter: Boris Stoyanov
> Fix For: 4.10.0.0
>
>
> When searching for the snapshot vhd on the nfs storage it adds 
> ([name].vhd.vhd) I've removed the extension for xenserver and it passed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711590#comment-15711590
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
Packaging result: ✔centos6 ✔centos7 ✔debian. JID-297


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9633) test_snapshot is failing due to incorrect string construction in utils.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711547#comment-15711547
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9633:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1800
  
@borisstoyanov a Trillian-Jenkins test job (centos7 mgmt + xenserver-65sp1) 
has been kicked to run smoke tests


> test_snapshot is failing due to incorrect string construction in utils.py
> -
>
> Key: CLOUDSTACK-9633
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9633
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: marvin
>Affects Versions: 4.10.0.0
> Environment: https://github.com/apache/cloudstack/pull/1800
>Reporter: Boris Stoyanov
> Fix For: 4.10.0.0
>
>
> When searching for the snapshot vhd on the nfs storage it adds 
> ([name].vhd.vhd) I've removed the extension for xenserver and it passed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9633) test_snapshot is failing due to incorrect string construction in utils.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711545#comment-15711545
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9633:


Github user borisstoyanov commented on the issue:

https://github.com/apache/cloudstack/pull/1800
  
@blueorangutan test centos7 xenserver-65sp1


> test_snapshot is failing due to incorrect string construction in utils.py
> -
>
> Key: CLOUDSTACK-9633
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9633
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: marvin
>Affects Versions: 4.10.0.0
> Environment: https://github.com/apache/cloudstack/pull/1800
>Reporter: Boris Stoyanov
> Fix For: 4.10.0.0
>
>
> When searching for the snapshot vhd on the nfs storage it adds 
> ([name].vhd.vhd) I've removed the extension for xenserver and it passed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9633) test_snapshot is failing due to incorrect string construction in utils.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711544#comment-15711544
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9633:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1800
  
Packaging result: ✔centos6 ✔centos7 ✔debian. JID-296


> test_snapshot is failing due to incorrect string construction in utils.py
> -
>
> Key: CLOUDSTACK-9633
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9633
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: marvin
>Affects Versions: 4.10.0.0
> Environment: https://github.com/apache/cloudstack/pull/1800
>Reporter: Boris Stoyanov
> Fix For: 4.10.0.0
>
>
> When searching for the snapshot vhd on the nfs storage it adds 
> ([name].vhd.vhd) I've removed the extension for xenserver and it passed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (CLOUDSTACK-9633) test_snapshot is failing due to incorrect string construction in utils.py

2016-12-01 Thread Boris Stoyanov (JIRA) 

 [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Boris Stoyanov updated CLOUDSTACK-9633:
---
Affects Version/s: (was: 4.9.0)
   (was: 4.8.0)
   (was: 4.1.0)
   4.10.0.0

> test_snapshot is failing due to incorrect string construction in utils.py
> -
>
> Key: CLOUDSTACK-9633
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9633
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: marvin
>Affects Versions: 4.10.0.0
> Environment: https://github.com/apache/cloudstack/pull/1800
>Reporter: Boris Stoyanov
> Fix For: 4.10.0.0
>
>
> When searching for the snapshot vhd on the nfs storage it adds 
> ([name].vhd.vhd) I've removed the extension for xenserver and it passed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Updated] (CLOUDSTACK-9633) test_snapshot is failing due to incorrect string construction in utils.py

2016-12-01 Thread Boris Stoyanov (JIRA) 

 [ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Boris Stoyanov updated CLOUDSTACK-9633:
---
Fix Version/s: (was: 4.9.2.0)
   (was: 4.8.1)

> test_snapshot is failing due to incorrect string construction in utils.py
> -
>
> Key: CLOUDSTACK-9633
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9633
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: marvin
>Affects Versions: 4.10.0.0
> Environment: https://github.com/apache/cloudstack/pull/1800
>Reporter: Boris Stoyanov
> Fix For: 4.10.0.0
>
>
> When searching for the snapshot vhd on the nfs storage it adds 
> ([name].vhd.vhd) I've removed the extension for xenserver and it passed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711490#comment-15711490
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@rhtyd a Jenkins job has been kicked to build packages. I'll keep you 
posted as I make progress.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711487#comment-15711487
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/1799
  
@jburwell I've fixed couple of more issues, and the issues from your code 
review. Thanks for your comments.
@blueorangutan package



> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9633) test_snapshot is failing due to incorrect string construction in utils.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711430#comment-15711430
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9633:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1800
  
@borisstoyanov a Jenkins job has been kicked to build packages. I'll keep 
you posted as I make progress.


> test_snapshot is failing due to incorrect string construction in utils.py
> -
>
> Key: CLOUDSTACK-9633
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9633
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: marvin
>Affects Versions: 4.1.0, 4.8.0, 4.9.0
> Environment: https://github.com/apache/cloudstack/pull/1800
>Reporter: Boris Stoyanov
> Fix For: 4.8.1, 4.10.0.0, 4.9.2.0
>
>
> When searching for the snapshot vhd on the nfs storage it adds 
> ([name].vhd.vhd) I've removed the extension for xenserver and it passed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9633) test_snapshot is failing due to incorrect string construction in utils.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711429#comment-15711429
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9633:


Github user borisstoyanov commented on the issue:

https://github.com/apache/cloudstack/pull/1800
  
@blueorangutan package 


> test_snapshot is failing due to incorrect string construction in utils.py
> -
>
> Key: CLOUDSTACK-9633
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9633
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: marvin
>Affects Versions: 4.1.0, 4.8.0, 4.9.0
> Environment: https://github.com/apache/cloudstack/pull/1800
>Reporter: Boris Stoyanov
> Fix For: 4.8.1, 4.10.0.0, 4.9.2.0
>
>
> When searching for the snapshot vhd on the nfs storage it adds 
> ([name].vhd.vhd) I've removed the extension for xenserver and it passed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-8854) Apple Mac OS/X VM get created without USB controller in ESXi hypervisors

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-8854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711425#comment-15711425
 ] 

ASF GitHub Bot commented on CLOUDSTACK-8854:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/828
  
@karuturi a Trillian-Jenkins test job (centos6 mgmt + vmware-55u3) has been 
kicked to run smoke tests


> Apple Mac OS/X VM get created without USB controller in ESXi hypervisors
> 
>
> Key: CLOUDSTACK-8854
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8854
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: VMware
>Reporter: Suresh Kumar Anaparti
>Assignee: Suresh Kumar Anaparti
> Fix For: Future
>
>
> ISSUE
> ==
> Apple Mac OS/X VM get created without USB controller. For mouse/keyboard to 
> function in CS Console window VM has to have USB controller. It seems CS 
> doesn't use the same procedure as native vSphere client because natively when 
> OS is specified as OS/X vSphere always adds USB controller to empty VM shell.
> EXPECTED BEHAVIOR
> ==
> USB device added to VM when created on CS
> ACTUAL BEHAVIOR
> ==
> No USB device added



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-8854) Apple Mac OS/X VM get created without USB controller in ESXi hypervisors

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-8854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711423#comment-15711423
 ] 

ASF GitHub Bot commented on CLOUDSTACK-8854:


Github user karuturi commented on the issue:

https://github.com/apache/cloudstack/pull/828
  
@blueorangutan test centos6 vmware-55u3


> Apple Mac OS/X VM get created without USB controller in ESXi hypervisors
> 
>
> Key: CLOUDSTACK-8854
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8854
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: VMware
>Reporter: Suresh Kumar Anaparti
>Assignee: Suresh Kumar Anaparti
> Fix For: Future
>
>
> ISSUE
> ==
> Apple Mac OS/X VM get created without USB controller. For mouse/keyboard to 
> function in CS Console window VM has to have USB controller. It seems CS 
> doesn't use the same procedure as native vSphere client because natively when 
> OS is specified as OS/X vSphere always adds USB controller to empty VM shell.
> EXPECTED BEHAVIOR
> ==
> USB device added to VM when created on CS
> ACTUAL BEHAVIOR
> ==
> No USB device added



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-8854) Apple Mac OS/X VM get created without USB controller in ESXi hypervisors

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-8854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711426#comment-15711426
 ] 

ASF GitHub Bot commented on CLOUDSTACK-8854:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/828
  
Thanks @sureshanaparti 


> Apple Mac OS/X VM get created without USB controller in ESXi hypervisors
> 
>
> Key: CLOUDSTACK-8854
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8854
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: VMware
>Reporter: Suresh Kumar Anaparti
>Assignee: Suresh Kumar Anaparti
> Fix For: Future
>
>
> ISSUE
> ==
> Apple Mac OS/X VM get created without USB controller. For mouse/keyboard to 
> function in CS Console window VM has to have USB controller. It seems CS 
> doesn't use the same procedure as native vSphere client because natively when 
> OS is specified as OS/X vSphere always adds USB controller to empty VM shell.
> EXPECTED BEHAVIOR
> ==
> USB device added to VM when created on CS
> ACTUAL BEHAVIOR
> ==
> No USB device added



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (CLOUDSTACK-9641) In KVM SSVM and CPVM may use the old cmdline data, if we fail to fetch the new cmdline in the first pass.

2016-12-01 Thread Bharat Kumar (JIRA) 
Bharat Kumar created CLOUDSTACK-9641:


 Summary: In KVM SSVM and CPVM may use the old cmdline data, if we 
fail to fetch the new cmdline in the first pass.
 Key: CLOUDSTACK-9641
 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9641
 Project: CloudStack
  Issue Type: Bug
  Security Level: Public (Anyone can view this level - this is the default.)
  Components: Management Server
Affects Versions: 4.9.0
Reporter: Bharat Kumar
Assignee: Bharat Kumar
 Fix For: 4.9.0.1


we backup the old cmdline when we stop the VM, so when the VM starts it will 
try to get the cmdline and will not be able to use the old cmdline data. This 
change will be made in the stop command.

This will not effect the reboots, as reboot command is a separate command.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-8854) Apple Mac OS/X VM get created without USB controller in ESXi hypervisors

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-8854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711421#comment-15711421
 ] 

ASF GitHub Bot commented on CLOUDSTACK-8854:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/828
  
@karuturi I understand these words: "help", "hello", "thanks", "package", 
"test"
Test command usage: test [mgmt os] [hypervisor] [additional tests]
Mgmt OS options: ['centos6', 'centos7', 'ubuntu']
Hypervisor options: ['kvm-centos6', 'kvm-centos7', 'kvm-ubuntu', 
'xenserver-65sp1', 'xenserver-62sp1', 'vmware-60u2', 'vmware-55u3', 
'vmware-51u1', 'vmware-50u1']
Additional tests: list of comma separated tests with paths relative to the 
`test/integration` directory, for example: component/test_acl_listvm.py, 
component/test_volumes.py
Note: when additional tests are passed, you need to specify mgmt server os 
and hypervisor or use the `matrix` command.

Blessed contributors for kicking Trillian test jobs: ['rhtyd', 'jburwell', 
'murali-reddy', 'abhinandanprateek', 'PaulAngus', 'borisstoyanov', 'karuturi']


> Apple Mac OS/X VM get created without USB controller in ESXi hypervisors
> 
>
> Key: CLOUDSTACK-8854
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8854
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: VMware
>Reporter: Suresh Kumar Anaparti
>Assignee: Suresh Kumar Anaparti
> Fix For: Future
>
>
> ISSUE
> ==
> Apple Mac OS/X VM get created without USB controller. For mouse/keyboard to 
> function in CS Console window VM has to have USB controller. It seems CS 
> doesn't use the same procedure as native vSphere client because natively when 
> OS is specified as OS/X vSphere always adds USB controller to empty VM shell.
> EXPECTED BEHAVIOR
> ==
> USB device added to VM when created on CS
> ACTUAL BEHAVIOR
> ==
> No USB device added



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-8854) Apple Mac OS/X VM get created without USB controller in ESXi hypervisors

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-8854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711419#comment-15711419
 ] 

ASF GitHub Bot commented on CLOUDSTACK-8854:


Github user karuturi commented on the issue:

https://github.com/apache/cloudstack/pull/828
  
@blueorangutan help


> Apple Mac OS/X VM get created without USB controller in ESXi hypervisors
> 
>
> Key: CLOUDSTACK-8854
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8854
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: VMware
>Reporter: Suresh Kumar Anaparti
>Assignee: Suresh Kumar Anaparti
> Fix For: Future
>
>
> ISSUE
> ==
> Apple Mac OS/X VM get created without USB controller. For mouse/keyboard to 
> function in CS Console window VM has to have USB controller. It seems CS 
> doesn't use the same procedure as native vSphere client because natively when 
> OS is specified as OS/X vSphere always adds USB controller to empty VM shell.
> EXPECTED BEHAVIOR
> ==
> USB device added to VM when created on CS
> ACTUAL BEHAVIOR
> ==
> No USB device added



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (CLOUDSTACK-9640) In KVM SSVM and CPVM may use the old cmdline data, if we fail to fetch the new cmdline in the first pass.

2016-12-01 Thread Bharat Kumar (JIRA) 
Bharat Kumar created CLOUDSTACK-9640:


 Summary: In KVM SSVM and CPVM may use the old cmdline data, if we 
fail to fetch the new cmdline in the first pass.
 Key: CLOUDSTACK-9640
 URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9640
 Project: CloudStack
  Issue Type: Bug
  Security Level: Public (Anyone can view this level - this is the default.)
  Components: Management Server
Affects Versions: 4.9.0
Reporter: Bharat Kumar
Assignee: Bharat Kumar
 Fix For: 4.9.0.1


we backup the old cmdline when we stop the VM, so when the VM starts it will 
try to get the cmdline and will not be able to use the old cmdline data. This 
change will be made in the stop command.

This will not effect the reboots, as reboot command is a separate command.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-8854) Apple Mac OS/X VM get created without USB controller in ESXi hypervisors

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-8854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711411#comment-15711411
 ] 

ASF GitHub Bot commented on CLOUDSTACK-8854:


Github user sureshanaparti commented on the issue:

https://github.com/apache/cloudstack/pull/828
  
@rhtyd  Changed base branch to 4.9.


> Apple Mac OS/X VM get created without USB controller in ESXi hypervisors
> 
>
> Key: CLOUDSTACK-8854
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8854
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: VMware
>Reporter: Suresh Kumar Anaparti
>Assignee: Suresh Kumar Anaparti
> Fix For: Future
>
>
> ISSUE
> ==
> Apple Mac OS/X VM get created without USB controller. For mouse/keyboard to 
> function in CS Console window VM has to have USB controller. It seems CS 
> doesn't use the same procedure as native vSphere client because natively when 
> OS is specified as OS/X vSphere always adds USB controller to empty VM shell.
> EXPECTED BEHAVIOR
> ==
> USB device added to VM when created on CS
> ACTUAL BEHAVIOR
> ==
> No USB device added



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711401#comment-15711401
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90405628
  
--- Diff: server/test/org/apache/cloudstack/network/lb/CertServiceTest.java 
---
@@ -245,48 +245,48 @@ public void runUploadSslCertSelfSignedNoPassword() 
throws Exception {
 public void runUploadSslCertBadChain() throws IOException, 
IllegalAccessException, NoSuchFieldException {
 Assume.assumeTrue(isOpenJdk() || isJCEInstalled());
 
-String certFile = 
URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.crt").getFile(),Charset.defaultCharset().name());
-String keyFile = 
URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.key").getFile(),Charset.defaultCharset().name());
-String chainFile = 
URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.crt").getFile(),Charset.defaultCharset().name());
+final String certFile = 
URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.crt").getFile(),Charset.defaultCharset().name());
+final String keyFile = 
URLDecoder.decode(getClass().getResource("/certs/rsa_ca_signed.key").getFile(),Charset.defaultCharset().name());
+final String chainFile = 
URLDecoder.decode(getClass().getResource("/certs/rsa_self_signed.crt").getFile(),Charset.defaultCharset().name());
 
-String cert = readFileToString(new File(certFile));
-String key = readFileToString(new File(keyFile));
-String chain = readFileToString(new File(chainFile));
+final String cert = readFileToString(new File(certFile));
+final String key = readFileToString(new File(keyFile));
+final String chain = readFileToString(new File(chainFile));
 
-CertServiceImpl certService = new CertServiceImpl();
+final CertServiceImpl certService = new CertServiceImpl();
 
 //setting mock objects
 certService._accountMgr = Mockito.mock(AccountManager.class);
-Account account = new AccountVO("testaccount", 1, "networkdomain", 
(short)0, UUID.randomUUID().toString());
+final Account account = new AccountVO("testaccount", 1, 
"networkdomain", (short)0, UUID.randomUUID().toString());
 
when(certService._accountMgr.getAccount(anyLong())).thenReturn(account);
 
 certService._domainDao = Mockito.mock(DomainDao.class);
-DomainVO domain = new DomainVO("networkdomain", 1L, 1L, 
"networkdomain");
+final DomainVO domain = new DomainVO("networkdomain", 1L, 1L, 
"networkdomain");
 
when(certService._domainDao.findByIdIncludingRemoved(anyLong())).thenReturn(domain);
 
 certService._sslCertDao = Mockito.mock(SslCertDao.class);
 
when(certService._sslCertDao.persist(any(SslCertVO.class))).thenReturn(new 
SslCertVO());
 
 //creating the command
-UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
-Class _class = uploadCmd.getClass().getSuperclass();
+final UploadSslCertCmd uploadCmd = new UploadSslCertCmdExtn();
+final Class klazz = uploadCmd.getClass().getSuperclass();
 
-Field certField = _class.getDeclaredField("cert");
+final Field certField = klazz.getDeclaredField("cert");
 certField.setAccessible(true);
 certField.set(uploadCmd, cert);
 
-Field keyField = _class.getDeclaredField("key");
+final Field keyField = klazz.getDeclaredField("key");
 keyField.setAccessible(true);
 keyField.set(uploadCmd, key);
 
-Field chainField = _class.getDeclaredField("chain");
+final Field chainField = klazz.getDeclaredField("chain");
 chainField.setAccessible(true);
 chainField.set(uploadCmd, chain);
 
 try {
 certService.uploadSslCert(uploadCmd);
 fail("The chain given is not the correct chain for the 
certificate");
-} catch (Exception e) {
+} catch (final Exception e) {
--- End diff --

`@Test` annotation does not allow for validating the exception message 
without using any `Rule`.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
>

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711402#comment-15711402
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90405645
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -111,37 +116,37 @@ public CertServiceImpl() {
 @DB
 @Override
 @ActionEvent(eventType = EventTypes.EVENT_LB_CERT_UPLOAD, 
eventDescription = "Uploading a certificate to cloudstack", async = false)
-public SslCertResponse uploadSslCert(UploadSslCertCmd certCmd) {
+public SslCertResponse uploadSslCert(final UploadSslCertCmd certCmd) {
--- End diff --

Fixed.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-8896) Allocated percentage of storage can go beyond 100%

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-8896?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711394#comment-15711394
 ] 

ASF GitHub Bot commented on CLOUDSTACK-8896:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/873
  
@rhtyd a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been 
kicked to run smoke tests


> Allocated percentage of storage can go beyond 100%
> --
>
> Key: CLOUDSTACK-8896
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8896
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.5.2, 4.6.0
>Reporter: Rajani Karuturi
>Assignee: Rajani Karuturi
>
> This issue occurs when a volume in Ready state is moved across storage pools.
> Let us say there is a data volume, volume0 in Ready state in a cluster scope 
> primary storage primary0.
> Now, when an operation is attempted to attach this volume to a vm in another 
> cluster, the volume is moved to the new cluster and the asking size is zero 
> at this time.
> you can observe logs like below with asking size 0 in the management server 
> logs.
> 2015-09-22 08:49:02,754 DEBUG [c.c.s.StorageManagerImpl] 
> (Work-Job-Executor-6:ctx-27e0990a job-37/job-38 ctx-985e5ad0) 
> (logid:a0a97129) Checking pool: 1 for volume allocation 
> [Vol[8|vm=null|DATADISK]], maxSize : 3298534883328, totalAllocatedSize : 
> 24096276480, askingSize : 0, allocated disable threshold: 0.85



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-8896) Allocated percentage of storage can go beyond 100%

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-8896?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711391#comment-15711391
 ] 

ASF GitHub Bot commented on CLOUDSTACK-8896:


Github user rhtyd commented on the issue:

https://github.com/apache/cloudstack/pull/873
  
@blueorangutan test


> Allocated percentage of storage can go beyond 100%
> --
>
> Key: CLOUDSTACK-8896
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8896
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.5.2, 4.6.0
>Reporter: Rajani Karuturi
>Assignee: Rajani Karuturi
>
> This issue occurs when a volume in Ready state is moved across storage pools.
> Let us say there is a data volume, volume0 in Ready state in a cluster scope 
> primary storage primary0.
> Now, when an operation is attempted to attach this volume to a vm in another 
> cluster, the volume is moved to the new cluster and the asking size is zero 
> at this time.
> you can observe logs like below with asking size 0 in the management server 
> logs.
> 2015-09-22 08:49:02,754 DEBUG [c.c.s.StorageManagerImpl] 
> (Work-Job-Executor-6:ctx-27e0990a job-37/job-38 ctx-985e5ad0) 
> (logid:a0a97129) Checking pool: 1 for volume allocation 
> [Vol[8|vm=null|DATADISK]], maxSize : 3298534883328, totalAllocatedSize : 
> 24096276480, askingSize : 0, allocated disable threshold: 0.85



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711383#comment-15711383
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90404501
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchProviderException e) {
+} catch (final NoSuchProviderException e) {
 throw new CloudRuntimeException("No provider for certificate 
validation", e);
 }
 
 }
 
-public PrivateKey parsePrivateKey(String key, String password) throws 
IOException {
-
-PasswordFinder pGet = null;
-
-if (password != null)
-pGet = new KeyPassword(password.toCharArray());
-
-PEMReader privateKey = new PEMReader(new StringReader(key), pGet);
-Object obj = null;
-try {
-obj = privateKey.readObject();
-} finally {
-IOUtils.closeQuietly(privateKey);
-}
-
-try {
-
-if (obj instanceof KeyPair)
-return ((KeyPair)obj).getPrivate();
-
-return (PrivateKey)obj;
-
-} catch (Exception e) {
-throw new IOException("Invalid Key format or invalid 
password.", e);
+public PrivateKey parsePrivateKey(final String key) throws IOException 
{
+try (final PemReader pemReader = new PemReader(new 
StringReader(key));) {
+final PemObject pemObject = pemReader.readPemObject();
+final byte[] content = pemObject.getContent();
+final PKCS8EncodedKeySpec privKeySpec = new 
PKCS8EncodedKeySpec(content);
+final KeyFactory factory = KeyFactory.getInstance("RSA", "BC");
+return factory.generatePrivate(privKeySpec);
+} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
+throw new IOException("No encryption provider available.", e);
+} catch (final InvalidKeySpecException e) {
+throw new IOException("Invalid

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711380#comment-15711380
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90404400
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchProviderException e) {
+} catch (final NoSuchProviderException e) {
 throw new CloudRuntimeException("No provider for certificate 
validation", e);
 }
 
 }
 
-public PrivateKey parsePrivateKey(String key, String password) throws 
IOException {
-
-PasswordFinder pGet = null;
-
-if (password != null)
-pGet = new KeyPassword(password.toCharArray());
-
-PEMReader privateKey = new PEMReader(new StringReader(key), pGet);
-Object obj = null;
-try {
-obj = privateKey.readObject();
-} finally {
-IOUtils.closeQuietly(privateKey);
-}
-
-try {
-
-if (obj instanceof KeyPair)
-return ((KeyPair)obj).getPrivate();
-
-return (PrivateKey)obj;
-
-} catch (Exception e) {
-throw new IOException("Invalid Key format or invalid 
password.", e);
+public PrivateKey parsePrivateKey(final String key) throws IOException 
{
+try (final PemReader pemReader = new PemReader(new 
StringReader(key));) {
+final PemObject pemObject = pemReader.readPemObject();
+final byte[] content = pemObject.getContent();
+final PKCS8EncodedKeySpec privKeySpec = new 
PKCS8EncodedKeySpec(content);
+final KeyFactory factory = KeyFactory.getInstance("RSA", "BC");
+return factory.generatePrivate(privKeySpec);
+} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
+throw new IOException("No encryption provider available.", e);
+} catch (final InvalidKeySpecException e) {
+throw new IOException("Invalid

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711377#comment-15711377
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90404197
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchProviderException e) {
+} catch (final NoSuchProviderException e) {
 throw new CloudRuntimeException("No provider for certificate 
validation", e);
 }
 
 }
 
-public PrivateKey parsePrivateKey(String key, String password) throws 
IOException {
-
-PasswordFinder pGet = null;
-
-if (password != null)
-pGet = new KeyPassword(password.toCharArray());
-
-PEMReader privateKey = new PEMReader(new StringReader(key), pGet);
-Object obj = null;
-try {
-obj = privateKey.readObject();
-} finally {
-IOUtils.closeQuietly(privateKey);
-}
-
-try {
-
-if (obj instanceof KeyPair)
-return ((KeyPair)obj).getPrivate();
-
-return (PrivateKey)obj;
-
-} catch (Exception e) {
-throw new IOException("Invalid Key format or invalid 
password.", e);
+public PrivateKey parsePrivateKey(final String key) throws IOException 
{
+try (final PemReader pemReader = new PemReader(new 
StringReader(key));) {
+final PemObject pemObject = pemReader.readPemObject();
+final byte[] content = pemObject.getContent();
+final PKCS8EncodedKeySpec privKeySpec = new 
PKCS8EncodedKeySpec(content);
+final KeyFactory factory = KeyFactory.getInstance("RSA", "BC");
+return factory.generatePrivate(privKeySpec);
+} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
+throw new IOException("No encryption provider available.", e);
+} catch (final InvalidKeySpecException e) {
+throw new IOException("Invalid

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711375#comment-15711375
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90404003
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchProviderException e) {
+} catch (final NoSuchProviderException e) {
 throw new CloudRuntimeException("No provider for certificate 
validation", e);
 }
 
 }
 
-public PrivateKey parsePrivateKey(String key, String password) throws 
IOException {
-
-PasswordFinder pGet = null;
-
-if (password != null)
-pGet = new KeyPassword(password.toCharArray());
-
-PEMReader privateKey = new PEMReader(new StringReader(key), pGet);
-Object obj = null;
-try {
-obj = privateKey.readObject();
-} finally {
-IOUtils.closeQuietly(privateKey);
-}
-
-try {
-
-if (obj instanceof KeyPair)
-return ((KeyPair)obj).getPrivate();
-
-return (PrivateKey)obj;
-
-} catch (Exception e) {
-throw new IOException("Invalid Key format or invalid 
password.", e);
+public PrivateKey parsePrivateKey(final String key) throws IOException 
{
+try (final PemReader pemReader = new PemReader(new 
StringReader(key));) {
+final PemObject pemObject = pemReader.readPemObject();
+final byte[] content = pemObject.getContent();
+final PKCS8EncodedKeySpec privKeySpec = new 
PKCS8EncodedKeySpec(content);
+final KeyFactory factory = KeyFactory.getInstance("RSA", "BC");
+return factory.generatePrivate(privKeySpec);
+} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
+throw new IOException("No encryption provider available.", e);
+} catch (final InvalidKeySpecException e) {
+throw new IOException("Invalid

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711372#comment-15711372
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90403899
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchProviderException e) {
+} catch (final NoSuchProviderException e) {
 throw new CloudRuntimeException("No provider for certificate 
validation", e);
 }
 
 }
 
-public PrivateKey parsePrivateKey(String key, String password) throws 
IOException {
-
-PasswordFinder pGet = null;
-
-if (password != null)
-pGet = new KeyPassword(password.toCharArray());
-
-PEMReader privateKey = new PEMReader(new StringReader(key), pGet);
-Object obj = null;
-try {
-obj = privateKey.readObject();
-} finally {
-IOUtils.closeQuietly(privateKey);
-}
-
-try {
-
-if (obj instanceof KeyPair)
-return ((KeyPair)obj).getPrivate();
-
-return (PrivateKey)obj;
-
-} catch (Exception e) {
-throw new IOException("Invalid Key format or invalid 
password.", e);
+public PrivateKey parsePrivateKey(final String key) throws IOException 
{
--- End diff --

Fixed.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711374#comment-15711374
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90403957
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchProviderException e) {
+} catch (final NoSuchProviderException e) {
 throw new CloudRuntimeException("No provider for certificate 
validation", e);
 }
 
 }
 
-public PrivateKey parsePrivateKey(String key, String password) throws 
IOException {
-
-PasswordFinder pGet = null;
-
-if (password != null)
-pGet = new KeyPassword(password.toCharArray());
-
-PEMReader privateKey = new PEMReader(new StringReader(key), pGet);
-Object obj = null;
-try {
-obj = privateKey.readObject();
-} finally {
-IOUtils.closeQuietly(privateKey);
-}
-
-try {
-
-if (obj instanceof KeyPair)
-return ((KeyPair)obj).getPrivate();
-
-return (PrivateKey)obj;
-
-} catch (Exception e) {
-throw new IOException("Invalid Key format or invalid 
password.", e);
+public PrivateKey parsePrivateKey(final String key) throws IOException 
{
+try (final PemReader pemReader = new PemReader(new 
StringReader(key));) {
+final PemObject pemObject = pemReader.readPemObject();
+final byte[] content = pemObject.getContent();
+final PKCS8EncodedKeySpec privKeySpec = new 
PKCS8EncodedKeySpec(content);
+final KeyFactory factory = KeyFactory.getInstance("RSA", "BC");
+return factory.generatePrivate(privKeySpec);
+} catch (NoSuchAlgorithmException | NoSuchProviderException e) {
+throw new IOException("No encryption provider available.", e);
+} catch (final InvalidKeySpecException e) {
+throw new IOException("Invalid

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711369#comment-15711369
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90403775
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List chain, Certificate cert) {
+private void validateChain(final List chain, final 
Certificate cert) {
 
-List certs = new ArrayList();
-Set anchors = new HashSet();
+final List certs = new ArrayList();
+final Set anchors = new HashSet();
 
 certs.add(cert); // adding for self signed certs
 certs.addAll(chain);
 
-for (Certificate c : certs) {
-if (!(c instanceof X509Certificate))
+for (final Certificate c : certs) {
+if (!(c instanceof X509Certificate)) {
 throw new IllegalArgumentException("Invalid chain format. 
Expected X509 certificate");
+}
 
-X509Certificate xCert = (X509Certificate)c;
+final X509Certificate xCert = (X509Certificate)c;
 
-Principal subject = xCert.getSubjectDN();
-Principal issuer = xCert.getIssuerDN();
+xCert.getSubjectDN();
+xCert.getIssuerDN();
 
-   anchors.add(new TrustAnchor(xCert, null));
+anchors.add(new TrustAnchor(xCert, null));
 }
 
-X509CertSelector target = new X509CertSelector();
+final X509CertSelector target = new X509CertSelector();
 target.setCertificate((X509Certificate)cert);
 
 PKIXBuilderParameters params = null;
 try {
 params = new PKIXBuilderParameters(anchors, target);
 params.setRevocationEnabled(false);
 params.addCertStore(CertStore.getInstance("Collection", new 
CollectionCertStoreParameters(certs)));
-CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", 
"BC");
+final CertPathBuilder builder = 
CertPathBuilder.getInstance("PKIX", "BC");
 builder.build(params);
 
-} catch (InvalidAlgorithmParameterException e) {
+} catch (final InvalidAlgorithmParameterException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (CertPathBuilderException e) {
+} catch (final CertPathBuilderException e) {
 throw new IllegalArgumentException("Invalid certificate 
chain", e);
-} catch (NoSuchAlgorithmException e) {
+} catch (final NoSuchAlgorithmException e) {
--- End diff --

Fixed.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9635) fix test_privategw_acl.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9635?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711366#comment-15711366
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9635:


Github user borisstoyanov commented on the issue:

https://github.com/apache/cloudstack/pull/1802
  
LGTM based on code review.


> fix test_privategw_acl.py
> -
>
> Key: CLOUDSTACK-9635
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9635
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.8.0, 4.9.0, 4.10.0.0
>Reporter: Murali Reddy
> Fix For: 4.8.1, 4.10.0.0, 4.9.2.0
>
>
> Marvin test cases in test suite test_privategw_acl.py fail intermittently 
> with error 'createprivategateway failed, due to: errorCode: 431, 
> errorText:Network with vlan vlan://549 already exists in zone 1'
> Test cases use a VLAN from the zone VLAN range, to create VPC private 
> gateway. But the VPC private gateway implementation does not book keep the 
> info on op_dc_vent_alloc. So when test case create network they end up using 
> same VLAN, resulting failure of createVpcPrivateGateway



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711359#comment-15711359
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90403174
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711354#comment-15711354
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90402863
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711349#comment-15711349
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90402626
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711347#comment-15711347
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90402608
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -339,190 +348,182 @@ public SslCertResponse createCertResponse(SslCertVO 
cert, List Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711342#comment-15711342
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90402383
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -240,68 +245,71 @@ public void deleteSslCert(DeleteSslCertCmd 
deleteSslCertCmd) {
 }
 
 if (projectId != null) {
-Project project = _projectMgr.getProject(projectId);
+final Project project = _projectMgr.getProject(projectId);
 
 if (project == null) {
 throw new InvalidParameterValueException("Found no project 
with id: " + projectId);
 }
 
-List projectCertVOList = 
_sslCertDao.listByAccountId(project.getProjectAccountId());
-if (projectCertVOList == null || projectCertVOList.isEmpty())
+final List projectCertVOList = 
_sslCertDao.listByAccountId(project.getProjectAccountId());
+if (projectCertVOList == null || projectCertVOList.isEmpty()) {
 return certResponseList;
+}
 _accountMgr.checkAccess(caller, 
SecurityChecker.AccessType.UseEntry, true, projectCertVOList.get(0));
 
-for (SslCertVO cert : projectCertVOList) {
+for (final SslCertVO cert : projectCertVOList) {
 certLbMap = _lbCertDao.listByCertId(cert.getId());
 certResponseList.add(createCertResponse(cert, certLbMap));
 }
 return certResponseList;
 }
 
 //reached here look by accountId
-List certVOList = 
_sslCertDao.listByAccountId(accountId);
-if (certVOList == null || certVOList.isEmpty())
+final List certVOList = 
_sslCertDao.listByAccountId(accountId);
+if (certVOList == null || certVOList.isEmpty()) {
 return certResponseList;
+}
 _accountMgr.checkAccess(caller, 
SecurityChecker.AccessType.UseEntry, true, certVOList.get(0));
 
-for (SslCertVO cert : certVOList) {
+for (final SslCertVO cert : certVOList) {
 certLbMap = _lbCertDao.listByCertId(cert.getId());
 certResponseList.add(createCertResponse(cert, certLbMap));
 }
 return certResponseList;
 }
 
-private void validate(String certInput, String keyInput, String 
password, String chainInput) {
+private void validate(final String certInput, final String keyInput, 
final String password, final String chainInput) {
 Certificate cert;
 PrivateKey key;
 List chain = null;
 
 try {
 cert = parseCertificate(certInput);
-key = parsePrivateKey(keyInput, password);
+key = parsePrivateKey(keyInput);
 
 if (chainInput != null) {
-chain = parseChain(chainInput);
+chain = CertificateHelper.parseChain(chainInput);
 }
 
-} catch (IOException e) {
+} catch (final IOException | CertificateException e) {
 throw new IllegalArgumentException("Parsing certificate/key 
failed: " + e.getMessage(), e);
 }
 
 validateCert(cert, chainInput != null ? true : false);
 validateKeys(cert.getPublicKey(), key);
 
-if (chainInput != null)
+if (chainInput != null) {
 validateChain(chain, cert);
+}
 }
 
-public SslCertResponse createCertResponse(SslCertVO cert, 
List lbCertMap) {
-SslCertResponse response = new SslCertResponse();
+public SslCertResponse createCertResponse(final SslCertVO cert, final 
List lbCertMap) {
--- End diff --

Fixed.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9633) test_snapshot is failing due to incorrect string construction in utils.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711339#comment-15711339
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9633:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1800
  
Packaging result: ✖centos6 ✖centos7 ✖debian. JID-295


> test_snapshot is failing due to incorrect string construction in utils.py
> -
>
> Key: CLOUDSTACK-9633
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9633
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: marvin
>Affects Versions: 4.1.0, 4.8.0, 4.9.0
> Environment: https://github.com/apache/cloudstack/pull/1800
>Reporter: Boris Stoyanov
> Fix For: 4.8.1, 4.10.0.0, 4.9.2.0
>
>
> When searching for the snapshot vhd on the nfs storage it adds 
> ([name].vhd.vhd) I've removed the extension for xenserver and it passed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9633) test_snapshot is failing due to incorrect string construction in utils.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711335#comment-15711335
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9633:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1800
  
@borisstoyanov a Jenkins job has been kicked to build packages. I'll keep 
you posted as I make progress.


> test_snapshot is failing due to incorrect string construction in utils.py
> -
>
> Key: CLOUDSTACK-9633
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9633
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: marvin
>Affects Versions: 4.1.0, 4.8.0, 4.9.0
> Environment: https://github.com/apache/cloudstack/pull/1800
>Reporter: Boris Stoyanov
> Fix For: 4.8.1, 4.10.0.0, 4.9.2.0
>
>
> When searching for the snapshot vhd on the nfs storage it adds 
> ([name].vhd.vhd) I've removed the extension for xenserver and it passed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9633) test_snapshot is failing due to incorrect string construction in utils.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711331#comment-15711331
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9633:


Github user borisstoyanov commented on the issue:

https://github.com/apache/cloudstack/pull/1800
  
@blueorangutan package


> test_snapshot is failing due to incorrect string construction in utils.py
> -
>
> Key: CLOUDSTACK-9633
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9633
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: marvin
>Affects Versions: 4.1.0, 4.8.0, 4.9.0
> Environment: https://github.com/apache/cloudstack/pull/1800
>Reporter: Boris Stoyanov
> Fix For: 4.8.1, 4.10.0.0, 4.9.2.0
>
>
> When searching for the snapshot vhd on the nfs storage it adds 
> ([name].vhd.vhd) I've removed the extension for xenserver and it passed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711326#comment-15711326
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90401765
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -150,26 +155,26 @@ public SslCertResponse uploadSslCert(UploadSslCertCmd 
certCmd) {
 @DB
 @Override
 @ActionEvent(eventType = EventTypes.EVENT_LB_CERT_DELETE, 
eventDescription = "Deleting a certificate to cloudstack", async = false)
-public void deleteSslCert(DeleteSslCertCmd deleteSslCertCmd) {
+public void deleteSslCert(final DeleteSslCertCmd deleteSslCertCmd) {
--- End diff --

Fixed.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-8854) Apple Mac OS/X VM get created without USB controller in ESXi hypervisors

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-8854?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711311#comment-15711311
 ] 

ASF GitHub Bot commented on CLOUDSTACK-8854:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/828
  
Packaging result: ✔centos6 ✔centos7 ✔debian. JID-292


> Apple Mac OS/X VM get created without USB controller in ESXi hypervisors
> 
>
> Key: CLOUDSTACK-8854
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8854
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: VMware
>Reporter: Suresh Kumar Anaparti
>Assignee: Suresh Kumar Anaparti
> Fix For: Future
>
>
> ISSUE
> ==
> Apple Mac OS/X VM get created without USB controller. For mouse/keyboard to 
> function in CS Console window VM has to have USB controller. It seems CS 
> doesn't use the same procedure as native vSphere client because natively when 
> OS is specified as OS/X vSphere always adds USB controller to empty VM shell.
> EXPECTED BEHAVIOR
> ==
> USB device added to VM when created on CS
> ACTUAL BEHAVIOR
> ==
> No USB device added



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-8896) Allocated percentage of storage can go beyond 100%

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-8896?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711313#comment-15711313
 ] 

ASF GitHub Bot commented on CLOUDSTACK-8896:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/873
  
Packaging result: ✔centos6 ✔centos7 ✔debian. JID-293


> Allocated percentage of storage can go beyond 100%
> --
>
> Key: CLOUDSTACK-8896
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-8896
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Affects Versions: 4.5.2, 4.6.0
>Reporter: Rajani Karuturi
>Assignee: Rajani Karuturi
>
> This issue occurs when a volume in Ready state is moved across storage pools.
> Let us say there is a data volume, volume0 in Ready state in a cluster scope 
> primary storage primary0.
> Now, when an operation is attempted to attach this volume to a vm in another 
> cluster, the volume is moved to the new cluster and the asking size is zero 
> at this time.
> you can observe logs like below with asking size 0 in the management server 
> logs.
> 2015-09-22 08:49:02,754 DEBUG [c.c.s.StorageManagerImpl] 
> (Work-Job-Executor-6:ctx-27e0990a job-37/job-38 ctx-985e5ad0) 
> (logid:a0a97129) Checking pool: 1 for volume allocation 
> [Vol[8|vm=null|DATADISK]], maxSize : 3298534883328, totalAllocatedSize : 
> 24096276480, askingSize : 0, allocated disable threshold: 0.85



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9633) test_snapshot is failing due to incorrect string construction in utils.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711312#comment-15711312
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9633:


Github user blueorangutan commented on the issue:

https://github.com/apache/cloudstack/pull/1800
  
Packaging result: ✖centos6 ✔centos7 ✔debian. JID-294


> test_snapshot is failing due to incorrect string construction in utils.py
> -
>
> Key: CLOUDSTACK-9633
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9633
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: marvin
>Affects Versions: 4.1.0, 4.8.0, 4.9.0
> Environment: https://github.com/apache/cloudstack/pull/1800
>Reporter: Boris Stoyanov
> Fix For: 4.8.1, 4.10.0.0, 4.9.2.0
>
>
> When searching for the snapshot vhd on the nfs storage it adds 
> ([name].vhd.vhd) I've removed the extension for xenserver and it passed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9633) test_snapshot is failing due to incorrect string construction in utils.py

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9633?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711304#comment-15711304
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9633:


Github user borisstoyanov commented on the issue:

https://github.com/apache/cloudstack/pull/1800
  
I guess that needs to go only in 4.10 then @rhtyd 


> test_snapshot is failing due to incorrect string construction in utils.py
> -
>
> Key: CLOUDSTACK-9633
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9633
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: marvin
>Affects Versions: 4.1.0, 4.8.0, 4.9.0
> Environment: https://github.com/apache/cloudstack/pull/1800
>Reporter: Boris Stoyanov
> Fix For: 4.8.1, 4.10.0.0, 4.9.2.0
>
>
> When searching for the snapshot vhd on the nfs storage it adds 
> ([name].vhd.vhd) I've removed the extension for xenserver and it passed. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711284#comment-15711284
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90399606
  
--- Diff: server/src/org/apache/cloudstack/network/lb/CertServiceImpl.java 
---
@@ -111,37 +116,37 @@ public CertServiceImpl() {
 @DB
 @Override
 @ActionEvent(eventType = EventTypes.EVENT_LB_CERT_UPLOAD, 
eventDescription = "Uploading a certificate to cloudstack", async = false)
-public SslCertResponse uploadSslCert(UploadSslCertCmd certCmd) {
+public SslCertResponse uploadSslCert(final UploadSslCertCmd certCmd) {
 try {
-String cert = certCmd.getCert();
-String key = certCmd.getKey();
-String password = certCmd.getPassword();
-String chain = certCmd.getChain();
+final String cert = certCmd.getCert();
+final String key = certCmd.getKey();
+final String password = certCmd.getPassword();
+final String chain = certCmd.getChain();
 
 validate(cert, key, password, chain);
 s_logger.debug("Certificate Validation succeeded");
 
-String fingerPrint = 
generateFingerPrint(parseCertificate(cert));
+final String fingerPrint = 
generateFingerPrint(parseCertificate(cert));
 
-CallContext ctx = CallContext.current();
-Account caller = ctx.getCallingAccount();
+final CallContext ctx = CallContext.current();
+final Account caller = ctx.getCallingAccount();
 
 Account owner = null;
-if ((certCmd.getAccountName() != null && certCmd.getDomainId() 
!= null) || certCmd.getProjectId() != null) {
+if (certCmd.getAccountName() != null && certCmd.getDomainId() 
!= null || certCmd.getProjectId() != null) {
--- End diff --

Fixed.


> Upgrade bountycastle to 1.55+
> -
>
> Key: CLOUDSTACK-9632
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-9632
> Project: CloudStack
>  Issue Type: Bug
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>Reporter: Rohit Yadav
>Assignee: Rohit Yadav
> Fix For: Future, 4.10.0.0
>
>
> Upgrade bountycastle library to latest versions.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711272#comment-15711272
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90399065
  
--- Diff: 
utils/src/main/java/com/cloud/utils/security/CertificateHelper.java ---
@@ -40,123 +46,122 @@
 import java.util.ArrayList;
 import java.util.List;
 
-import com.cloud.utils.exception.CloudRuntimeException;
-import org.apache.commons.codec.binary.Base64;
-
-import com.cloud.utils.Ternary;
-import org.bouncycastle.openssl.PEMReader;
-
 public class CertificateHelper {
-public static byte[] buildAndSaveKeystore(String alias, String cert, 
String privateKey, String storePassword) throws KeyStoreException, 
CertificateException,
-NoSuchAlgorithmException, InvalidKeySpecException, IOException {
-KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
-
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+public static byte[] buildAndSaveKeystore(final String alias, final 
String cert, final String privateKey, final String storePassword) throws 
KeyStoreException, CertificateException,
+NoSuchAlgorithmException, InvalidKeySpecException, IOException {
+final KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
+
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static byte[] buildAndSaveKeystore(List> certs, String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
-CertificateException, IOException, InvalidKeySpecException {
-KeyStore ks = KeyStore.getInstance("JKS");
+public static byte[] buildAndSaveKeystore(final List> certs, final String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
+CertificateException, IOException, InvalidKeySpecException {
+final KeyStore ks = KeyStore.getInstance("JKS");
 ks.load(null, storePassword != null ? storePassword.toCharArray() 
: null);
 
 //name,cert,key
-for (Ternary cert : certs) {
+for (final Ternary cert : certs) {
 if (cert.third() == null) {
-Certificate c = buildCertificate(cert.second());
+final Certificate c = buildCertificate(cert.second());
 ks.setCertificateEntry(cert.first(), c);
 } else {
-Certificate[] c = new Certificate[certs.size()];
+final Certificate[] c = new Certificate[certs.size()];
 int i = certs.size();
-for (Ternary ct : certs) {
+for (final Ternary ct : certs) {
 c[i - 1] = buildCertificate(ct.second());
 i--;
 }
 ks.setKeyEntry(cert.first(), 
buildPrivateKey(cert.third()), storePassword != null ? 
storePassword.toCharArray() : null, c);
 }
 }
 
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static KeyStore loadKeystore(byte[] ksData, String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
-assert (ksData != null);
-KeyStore ks = KeyStore.getInstance("JKS");
-ks.load(new ByteArrayInputStream(ksData), storePassword != null ? 
storePassword.toCharArray() : null);
+public static KeyStore loadKeystore(final byte[] ksData, final String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
+assert ksData != null;
+final KeyStore ks = KeyStore.getInstance("JKS");
+try (final ByteArrayInputStream is = new

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711270#comment-15711270
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90399018
  
--- Diff: 
utils/src/main/java/com/cloud/utils/security/CertificateHelper.java ---
@@ -40,123 +46,122 @@
 import java.util.ArrayList;
 import java.util.List;
 
-import com.cloud.utils.exception.CloudRuntimeException;
-import org.apache.commons.codec.binary.Base64;
-
-import com.cloud.utils.Ternary;
-import org.bouncycastle.openssl.PEMReader;
-
 public class CertificateHelper {
-public static byte[] buildAndSaveKeystore(String alias, String cert, 
String privateKey, String storePassword) throws KeyStoreException, 
CertificateException,
-NoSuchAlgorithmException, InvalidKeySpecException, IOException {
-KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
-
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+public static byte[] buildAndSaveKeystore(final String alias, final 
String cert, final String privateKey, final String storePassword) throws 
KeyStoreException, CertificateException,
+NoSuchAlgorithmException, InvalidKeySpecException, IOException {
+final KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
+
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static byte[] buildAndSaveKeystore(List> certs, String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
-CertificateException, IOException, InvalidKeySpecException {
-KeyStore ks = KeyStore.getInstance("JKS");
+public static byte[] buildAndSaveKeystore(final List> certs, final String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
+CertificateException, IOException, InvalidKeySpecException {
+final KeyStore ks = KeyStore.getInstance("JKS");
 ks.load(null, storePassword != null ? storePassword.toCharArray() 
: null);
 
 //name,cert,key
-for (Ternary cert : certs) {
+for (final Ternary cert : certs) {
 if (cert.third() == null) {
-Certificate c = buildCertificate(cert.second());
+final Certificate c = buildCertificate(cert.second());
 ks.setCertificateEntry(cert.first(), c);
 } else {
-Certificate[] c = new Certificate[certs.size()];
+final Certificate[] c = new Certificate[certs.size()];
 int i = certs.size();
-for (Ternary ct : certs) {
+for (final Ternary ct : certs) {
 c[i - 1] = buildCertificate(ct.second());
 i--;
 }
 ks.setKeyEntry(cert.first(), 
buildPrivateKey(cert.third()), storePassword != null ? 
storePassword.toCharArray() : null, c);
 }
 }
 
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static KeyStore loadKeystore(byte[] ksData, String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
-assert (ksData != null);
-KeyStore ks = KeyStore.getInstance("JKS");
-ks.load(new ByteArrayInputStream(ksData), storePassword != null ? 
storePassword.toCharArray() : null);
+public static KeyStore loadKeystore(final byte[] ksData, final String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
+assert ksData != null;
+final KeyStore ks = KeyStore.getInstance("JKS");
+try (final ByteArrayInputStream is = new

[jira] [Commented] (CLOUDSTACK-9632) Upgrade bountycastle to 1.55+

2016-12-01 Thread ASF GitHub Bot (JIRA) 

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-9632?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=15711267#comment-15711267
 ] 

ASF GitHub Bot commented on CLOUDSTACK-9632:


Github user rhtyd commented on a diff in the pull request:

https://github.com/apache/cloudstack/pull/1799#discussion_r90398972
  
--- Diff: 
utils/src/main/java/com/cloud/utils/security/CertificateHelper.java ---
@@ -40,123 +46,122 @@
 import java.util.ArrayList;
 import java.util.List;
 
-import com.cloud.utils.exception.CloudRuntimeException;
-import org.apache.commons.codec.binary.Base64;
-
-import com.cloud.utils.Ternary;
-import org.bouncycastle.openssl.PEMReader;
-
 public class CertificateHelper {
-public static byte[] buildAndSaveKeystore(String alias, String cert, 
String privateKey, String storePassword) throws KeyStoreException, 
CertificateException,
-NoSuchAlgorithmException, InvalidKeySpecException, IOException {
-KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
-
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+public static byte[] buildAndSaveKeystore(final String alias, final 
String cert, final String privateKey, final String storePassword) throws 
KeyStoreException, CertificateException,
+NoSuchAlgorithmException, InvalidKeySpecException, IOException {
+final KeyStore ks = buildKeystore(alias, cert, privateKey, 
storePassword);
+
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static byte[] buildAndSaveKeystore(List> certs, String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
-CertificateException, IOException, InvalidKeySpecException {
-KeyStore ks = KeyStore.getInstance("JKS");
+public static byte[] buildAndSaveKeystore(final List> certs, final String storePassword) throws KeyStoreException, 
NoSuchAlgorithmException,
+CertificateException, IOException, InvalidKeySpecException {
+final KeyStore ks = KeyStore.getInstance("JKS");
 ks.load(null, storePassword != null ? storePassword.toCharArray() 
: null);
 
 //name,cert,key
-for (Ternary cert : certs) {
+for (final Ternary cert : certs) {
 if (cert.third() == null) {
-Certificate c = buildCertificate(cert.second());
+final Certificate c = buildCertificate(cert.second());
 ks.setCertificateEntry(cert.first(), c);
 } else {
-Certificate[] c = new Certificate[certs.size()];
+final Certificate[] c = new Certificate[certs.size()];
 int i = certs.size();
-for (Ternary ct : certs) {
+for (final Ternary ct : certs) {
 c[i - 1] = buildCertificate(ct.second());
 i--;
 }
 ks.setKeyEntry(cert.first(), 
buildPrivateKey(cert.third()), storePassword != null ? 
storePassword.toCharArray() : null, c);
 }
 }
 
-ByteArrayOutputStream os = new ByteArrayOutputStream();
-ks.store(os, storePassword != null ? storePassword.toCharArray() : 
null);
-os.close();
-return os.toByteArray();
+try (final ByteArrayOutputStream os = new ByteArrayOutputStream()) 
{
+ks.store(os, storePassword != null ? 
storePassword.toCharArray() : null);
+return os.toByteArray();
+}
 }
 
-public static KeyStore loadKeystore(byte[] ksData, String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
-assert (ksData != null);
-KeyStore ks = KeyStore.getInstance("JKS");
-ks.load(new ByteArrayInputStream(ksData), storePassword != null ? 
storePassword.toCharArray() : null);
+public static KeyStore loadKeystore(final byte[] ksData, final String 
storePassword) throws KeyStoreException, CertificateException, 
NoSuchAlgorithmException, IOException {
+assert ksData != null;
+final KeyStore ks = KeyStore.getInstance("JKS");
+try (final ByteArrayInputStream is = new

<    1   2   3   >