[jira] [Commented] (CLOUDSTACK-10221) Allow specification of IPv6 details when creating Basic Network

2018-05-09 Thread ASF subversion and git services (JIRA)

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16468645#comment-16468645
 ] 

ASF subversion and git services commented on CLOUDSTACK-10221:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/master from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> Allow specification of IPv6 details when creating Basic Network
> ---
>
> Key: CLOUDSTACK-10221
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10221
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Management Server, Network Controller
>Affects Versions: 4.10.0.0, 4.11.0.0
> Environment: Basic Networking with IPv6
>Reporter: Wido den Hollander
>Priority: Major
>
> Currently IPv6 details can't be supplied when creating a Basic Network as 
> this will error out.
> Basic Networking does support IPv6 so this rest

[jira] [Commented] (CLOUDSTACK-10221) Allow specification of IPv6 details when creating Basic Network

2018-05-09 Thread ASF subversion and git services (JIRA)

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16468625#comment-16468625
 ] 

ASF subversion and git services commented on CLOUDSTACK-10221:
--

Commit 4534cefa40cf9b4d11402bff86c4484292fa660d in cloudstack's branch 
refs/heads/4.11 from [~rohithsharma]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=4534cef ]

backports for 4.11.1 from master (#2621)

* CLOUDSTACK-10147 Disabled Xenserver Cluster can still deploy VM's. Added code 
to skip disabled clusters when selecting a host (#2442)

(cherry picked from commit c3488a51db4bce4ec32c09e6fef78193d360cf3f)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10318: Bug on sorting ACL rules list in chrome (#2478)

(cherry picked from commit 4412563f19ec8b808fe4c79e2baf658507a84873)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10284:Creating a snapshot from VM Snapshot generates error if 
hypervisor is not KVM.

Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 
(cherry picked from commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10214: Unable to remove local primary storage (#2390)

Allow admins to remove primary storage pool.
Cherry-picked from eba2e1d8a1ce4e86b4df144db03e96739da455e5

Signed-off-by: Rohit Yadav 

* dateutil: constistency of tzdate input and output (#2392)

Signed-off-by: Yoan Blanc 
Signed-off-by: Daan Hoogland 
(cherry picked from commit 2ad520282319da9a03061b8c744e51a4ffdf94a2)
Signed-off-by: Rohit Yadav 

* CLOUDSTACK-10054:Volume download times out in 3600 seconds (#2244)

(cherry picked from commit bb607d07a97476dc4fb934b3d75df6affba47086)
Signed-off-by: Rohit Yadav 

* When creating a new account (via domain admin) it is possible to select “root 
admin” as the role for the new user (#2606)

* create account with domain admin showing 'root admin' role

Domain admins should not be able to assign the role of root admin to new users. 
Therefore, the role ‘root admin’ (or any other of the same type) should not be 
visible to domain admins.

* License and formatting

* Break long sentence into multiple lines

* Fix wording of method 'getCurrentAccount'

* fix typo in variable name

* [CLOUDSTACK-10259] Missing float part of secondary storage data in 
listAccounts

* [CLOUDSTACK-9338] ACS not accounting resources of VMs with custom service 
offering

ACS is accounting the resources properly when deploying VMs with custom service 
offerings. However, there are other methods (such as updateResourceCount) that 
do not execute the resource accounting properly, and these methods update the 
resource count for an account in the database. Therefore, if a user deploys VMs 
with custom service offerings, and later this user calls the 
“updateResourceCount” method, it (the method) will only account for VMs with 
normal service offerings, and update this as the number of resources used by 
the account. This will result in a smaller number of resources to be accounted 
for the given account than the real used value. The problem becomes worse 
because if the user starts to delete these VMs, it is possible to reach 
negative values of resources allocated (breaking all of the resource limiting 
for accounts). This is a very serious attack vector for public cloud providers!

* [CLOUDSTACK-10230] User should not be able to use removed “Guest OS type” 
(#2404)

* [CLOUDSTACK-10230] User is able to change to “Guest OS type” that has been 
removed

Users are able to change the OS type of VMs to “Guest OS type” that has been 
removed. This becomes a security issue when we try to force users to use HVM 
VMs (Meltdown/Spectre thing). A removed “guest os type” should not be usable by 
any users in the cloud.

* Remove trailing lines that are breaking build due to checkstyle compliance

* Remove unused imports

* fix classes that were in the wrong folder structure

* Updates to capacity management


> Allow specification of IPv6 details when creating Basic Network
> ---
>
> Key: CLOUDSTACK-10221
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10221
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Management Server, Network Controller
>Affects Versions: 4.10.0.0, 4.11.0.0
> Environment: Basic Networking with IPv6
>Reporter: Wido den Hollander
>Priority: Major
>
> Currently IPv6 details can't be supplied when creating a Basic Network as 
> this will error out.
> Basic Networking does support IPv6 so this restri

[jira] [Commented] (CLOUDSTACK-10221) Allow specification of IPv6 details when creating Basic Network

2018-03-26 Thread ASF GitHub Bot (JIRA)

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16413510#comment-16413510
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10221:
-

DaanHoogland closed pull request #2397: CLOUDSTACK-10221: Allow IPv6 when 
creating a Basic Network
URL: https://github.com/apache/cloudstack/pull/2397
 
 
   

This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:

As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):

diff --git 
a/engine/orchestration/src/main/java/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
 
b/engine/orchestration/src/main/java/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
index cec2e5926c1..1b707c3979d 100644
--- 
a/engine/orchestration/src/main/java/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
+++ 
b/engine/orchestration/src/main/java/org/apache/cloudstack/engine/orchestration/NetworkOrchestrator.java
@@ -38,6 +38,7 @@
 import javax.inject.Inject;
 import javax.naming.ConfigurationException;
 
+import com.cloud.utils.StringUtils;
 import org.apache.log4j.Logger;
 
 import org.apache.cloudstack.acl.ControlledEntity.ACLType;
@@ -2116,16 +2117,12 @@ public Network createGuestNetwork(final long 
networkOfferingId, final String nam
 
 boolean ipv6 = false;
 
-if (ip6Gateway != null && ip6Cidr != null) {
+if (StringUtils.isNotBlank(ip6Gateway) && 
StringUtils.isNotBlank(ip6Cidr)) {
 ipv6 = true;
 }
 // Validate zone
 final DataCenterVO zone = _dcDao.findById(zoneId);
 if (zone.getNetworkType() == NetworkType.Basic) {
-if (ipv6) {
-throw new InvalidParameterValueException("IPv6 is not 
supported in Basic zone");
-}
-
 // In Basic zone the network should have aclType=Domain, 
domainId=1, subdomainAccess=true
 if (aclType == null || aclType != ACLType.Domain) {
 throw new InvalidParameterValueException("Only AclType=Domain 
can be specified for network creation in Basic zone");
@@ -2188,6 +2185,10 @@ public Network createGuestNetwork(final long 
networkOfferingId, final String nam
 }
 }
 
+if (ipv6 && !NetUtils.isValidIp6Cidr(ip6Cidr)) {
+throw new InvalidParameterValueException("Invalid IPv6 cidr 
specified");
+}
+
 //TODO(VXLAN): Support VNI specified
 // VlanId can be specified only when network offering supports it
 final boolean vlanSpecified = vlanId != null;
@@ -2328,7 +2329,7 @@ public Network doInTransaction(final TransactionStatus 
status) {
 userNetwork.setGateway(gateway);
 }
 
-if (ip6Cidr != null && ip6Gateway != null) {
+if (StringUtils.isNotBlank(ip6Gateway) && 
StringUtils.isNotBlank(ip6Cidr)) {
 userNetwork.setIp6Cidr(ip6Cidr);
 userNetwork.setIp6Gateway(ip6Gateway);
 }


 


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Allow specification of IPv6 details when creating Basic Network
> ---
>
> Key: CLOUDSTACK-10221
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10221
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Management Server, Network Controller
>Affects Versions: 4.10.0.0, 4.11.0.0
> Environment: Basic Networking with IPv6
>Reporter: Wido den Hollander
>Priority: Major
>
> Currently IPv6 details can't be supplied when creating a Basic Network as 
> this will error out.
> Basic Networking does support IPv6 so this restriction can be removed



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)


[jira] [Commented] (CLOUDSTACK-10221) Allow specification of IPv6 details when creating Basic Network

2018-03-26 Thread ASF subversion and git services (JIRA)

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16413511#comment-16413511
 ] 

ASF subversion and git services commented on CLOUDSTACK-10221:
--

Commit 9733a10ecda5f1af0f2c0fa863fc976a3e710946 in cloudstack's branch 
refs/heads/master from [~widodh]
[ https://gitbox.apache.org/repos/asf?p=cloudstack.git;h=9733a10 ]

CLOUDSTACK-10221: Allow IPv6 when creating a Basic Network (#2397)

Since CloudStack 4.10 Basic Networking supports IPv6 and thus
should be allowed to be specified when creating a network.

Signed-off-by: Wido den Hollander 

> Allow specification of IPv6 details when creating Basic Network
> ---
>
> Key: CLOUDSTACK-10221
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10221
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Management Server, Network Controller
>Affects Versions: 4.10.0.0, 4.11.0.0
> Environment: Basic Networking with IPv6
>Reporter: Wido den Hollander
>Priority: Major
>
> Currently IPv6 details can't be supplied when creating a Basic Network as 
> this will error out.
> Basic Networking does support IPv6 so this restriction can be removed



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)


[jira] [Commented] (CLOUDSTACK-10221) Allow specification of IPv6 details when creating Basic Network

2018-03-24 Thread ASF GitHub Bot (JIRA)

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16412903#comment-16412903
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10221:
-

nitin-maharana commented on issue #2397: CLOUDSTACK-10221: Allow IPv6 when 
creating a Basic Network
URL: https://github.com/apache/cloudstack/pull/2397#issuecomment-375947324
 
 
   Code LGTM.


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Allow specification of IPv6 details when creating Basic Network
> ---
>
> Key: CLOUDSTACK-10221
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10221
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Management Server, Network Controller
>Affects Versions: 4.10.0.0, 4.11.0.0
> Environment: Basic Networking with IPv6
>Reporter: Wido den Hollander
>Priority: Major
>
> Currently IPv6 details can't be supplied when creating a Basic Network as 
> this will error out.
> Basic Networking does support IPv6 so this restriction can be removed



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)


[jira] [Commented] (CLOUDSTACK-10221) Allow specification of IPv6 details when creating Basic Network

2018-01-09 Thread ASF GitHub Bot (JIRA)

[ 
https://issues.apache.org/jira/browse/CLOUDSTACK-10221?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16318516#comment-16318516
 ] 

ASF GitHub Bot commented on CLOUDSTACK-10221:
-

wido opened a new pull request #2397: CLOUDSTACK-10221: Allow IPv6 when 
creating a Basic Network
URL: https://github.com/apache/cloudstack/pull/2397
 
 
   Since CloudStack 4.10 Basic Networking supports IPv6 and thus
   should be allowed to be specified when creating a network.
   
   Signed-off-by: Wido den Hollander 


This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org


> Allow specification of IPv6 details when creating Basic Network
> ---
>
> Key: CLOUDSTACK-10221
> URL: https://issues.apache.org/jira/browse/CLOUDSTACK-10221
> Project: CloudStack
>  Issue Type: Improvement
>  Security Level: Public(Anyone can view this level - this is the 
> default.) 
>  Components: Management Server, Network Controller
>Affects Versions: 4.10.0.0, 4.11.0.0
> Environment: Basic Networking with IPv6
>Reporter: Wido den Hollander
>
> Currently IPv6 details can't be supplied when creating a Basic Network as 
> this will error out.
> Basic Networking does support IPv6 so this restriction can be removed



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)