Merging trunk

8 files changed, 997 insertions, 0 deletions

diff --git a/plugins/xenserver/doc/networking.rst b/plugins/xenserver/doc/networking.rst
new file mode 100644
index 000000000..67f2d9af3
--- /dev/null
+++ b/plugins/xenserver/doc/networking.rst
@@ -0,0 +1,144 @@
+Multi Tenancy Networking Protections in XenServer
+=================================================
+
+The purpose of the vif_rules script is to allow multi-tenancy on a XenServer
+host.  In a multi-tenant cloud environment a host machine needs to be able to
+enforce network isolation amongst guest instances, at both layer two and layer
+three. The rules prevent guests from taking and using unauthorized IP addresses,
+sniffing other guests traffic, and prevents ARP poisoning attacks.  This current
+revision only supports IPv4, but will support IPv6 in the future.
+
+Kernel Requirements
+===================
+
+- physdev module
+- arptables support
+- ebtables support
+- iptables support
+
+If the kernel doesn't support these, you will need to obtain the Source RPMS for
+the proper version of XenServer to recompile the dom0 kernel.
+
+XenServer Requirements (32-bit dom0)
+====================================
+
+- arptables 32-bit rpm 
+- ebtables 32-bit rpm
+- python-simplejson
+
+XenServer Environment Specific Notes 
+====================================
+
+- XenServer 5.5 U1 based on the 2.6.18 kernel didn't include physdev module
+  support.  Support for this had to be recompiled into the kernel.
+- XenServer 5.6 based on the 2.6.27 kernel didn't include physdev, ebtables, or
+  arptables.
+- XenServer 5.6 FP1 didn't include physdev, ebtables, or arptables but they do
+  have a Cloud Supplemental pack available to partners which swaps out the
+  kernels for kernels that support the networking rules.  
+
+How it works - tl;dr
+====================
+
+iptables, ebtables, and arptables drop rules are applied to all forward chains
+on the host.  These are applied at boot time with an init script.  They ensure
+all forwarded packets are dropped by default.  Allow rules are then applied to
+the instances to ensure they have permission to talk on the internet.
+
+How it works - Long
+===================
+
+Any time an underprivileged domain or domU is started or stopped, it gets a
+unique domain id (dom_id).  This dom_id is utilized in a number of places, one
+of which is it's assigned to the virtual interface (vif).  The vifs are attached
+to the bridge that is attached to the physical network.  For instance, if you
+had a public bridge attached to eth0 and your domain id was 5, your vif would be
+vif5.0.  
+
+The networking rules are applied to the VIF directly so they apply at the lowest
+level of the networking stack.  Because the VIF changes along with the domain id
+on any start, stop, or reboot of the instance, the rules need to be removed and
+re-added any time that occurs.   
+
+Because the dom_id can change often, the vif_rules script is hooked into the
+/etc/xensource/scripts/vif script that gets called anytime an instance is
+started, or stopped, which includes pauses and resumes.
+
+Examples of the rules ran for the host on boot:
+
+iptables -P FORWARD DROP 
+iptables -A FORWARD -m physdev --physdev-in eth0 -j ACCEPT
+ebtables -P FORWARD DROP
+ebtables -A FORWARD -o eth0 -j ACCEPT
+arptables -P FORWARD DROP 
+arptables -A FORWARD --opcode Request --in-interface eth0 -j ACCEPT
+arptables -A FORWARD --opcode Reply --in-interface eth0 -j ACCEPT
+
+Examples of the rules that are ran per instance state change:
+
+iptables -A FORWARD -m physdev --physdev-in vif1.0 -s 10.1.135.22/32 -j ACCEPT
+arptables -A FORWARD --opcode Request --in-interface "vif1.0" \
+          --source-ip 10.1.135.22 -j ACCEPT
+arptables -A FORWARD --opcode Reply --in-interface "vif1.0" \
+          --source-ip 10.1.135.22 --source-mac 9e:6e:cc:19:7f:fe -j ACCEPT
+ebtables -A FORWARD -p 0806 -o vif1.0 --arp-ip-dst 10.1.135.22 -j ACCEPT
+ebtables -A FORWARD -p 0800 -o vif1.0 --ip-dst 10.1.135.22 -j ACCEPT 
+ebtables -I FORWARD 1 -s ! 9e:6e:cc:19:7f:fe -i vif1.0 -j DROP
+
+Typically when you see a vif, it'll look like vif<domain id>.<network bridge>.
+vif2.1 for example would be domain 2 on the second interface.
+
+The vif_rules.py script needs to pull information about the IPs and MAC
+addresses assigned to the instance.  The current implementation assumes that
+information is put into the VM Record into the xenstore-data key in a JSON
+string.  The vif_rules.py script reads out of the JSON string to determine the
+IPs, and MAC addresses to protect.  
+
+An example format is given below:
+
+# xe vm-param-get uuid=<uuid> param-name=xenstore-data 
+xenstore-data (MRW):
+vm-data/networking/4040fa7292e4:
+{"label": "public",
+ "ips": [{"netmask":"255.255.255.0", 
+          "enabled":"1", 
+          "ip":"173.200.100.10"}], 
+ "mac":"40:40:fa:72:92:e4",
+ "gateway":"173.200.100.1", 
+ "vm_id":"123456",
+ "dns":["72.3.128.240","72.3.128.241"]};
+
+vm-data/networking/40402321c9b8:
+{"label":"private",
+ "ips":[{"netmask":"255.255.224.0",
+         "enabled":"1", 
+         "ip":"10.177.10.10"}],
+ "routes":[{"route":"10.176.0.0",
+            "netmask":"255.248.0.0",
+            "gateway":"10.177.10.1"},
+           {"route":"10.191.192.0",
+            "netmask":"255.255.192.0",
+            "gateway":"10.177.10.1"}],
+ "mac":"40:40:23:21:c9:b8"}
+
+The key is used for two purposes.  One, the vif_rules.py script will read from
+it to apply the rules needed after parsing the JSON.  The second is that because
+it's put into the xenstore-data field, the xenstore will be populated with this
+data on boot.  This allows a guest agent the ability to read out data about the
+instance and apply configurations as needed.  
+
+Installation
+============
+
+- Copy host-rules into /etc/init.d/ and make sure to chmod +x host-rules.
+- Run 'chkconfig host-rules on' to add the init script to start up.
+- Copy vif_rules.py into /etc/xensource/scripts
+- Patch /etc/xensource/scripts/vif using the supplied patch file.  It may vary
+  for different versions of XenServer but it should be pretty self explanatory.
+  It calls the vif_rules.py script on domain creation and tear down.
+- Run '/etc/init.d/host-rules start' to start up the host based rules.
+- The instance rules will then fire on creation of the VM as long as the correct
+  JSON is in place.
+- You can check to see if the rules are in place with: iptables --list,
+  arptables --list, or ebtables --list
+
diff --git a/plugins/xenserver/networking/etc/init.d/host-rules b/plugins/xenserver/networking/etc/init.d/host-rules
new file mode 100755
index 000000000..798da9552
--- /dev/null
+++ b/plugins/xenserver/networking/etc/init.d/host-rules
@@ -0,0 +1,106 @@
+#!/bin/bash
+#
+# host-rules          Start/Stop the networking host rules
+#
+# chkconfig: 2345 85 15
+# description: Networking Host Rules for Multi Tenancy Protections
+
+# Copyright 2010 OpenStack LLC.
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+IPTABLES=/sbin/iptables
+EBTABLES=/sbin/ebtables
+ARPTABLES=/sbin/arptables
+
+iptables-up()
+{
+        $IPTABLES -P FORWARD DROP
+        $IPTABLES -A FORWARD -m physdev --physdev-in eth0 -j ACCEPT
+        $IPTABLES -A FORWARD -m physdev --physdev-in eth1 -j ACCEPT
+}
+
+ebtables-up()
+{
+        $EBTABLES -P FORWARD DROP
+        $EBTABLES -A FORWARD -o eth0 -j ACCEPT
+        $EBTABLES -A FORWARD -o eth1 -j ACCEPT
+}
+
+arptables-up()
+{
+        $ARPTABLES -P FORWARD DROP
+        $ARPTABLES -A FORWARD --opcode Request --in-interface eth0 -j ACCEPT
+        $ARPTABLES -A FORWARD --opcode Reply --in-interface eth0 -j ACCEPT
+        $ARPTABLES -A FORWARD --opcode Request --in-interface eth1 -j ACCEPT
+        $ARPTABLES -A FORWARD --opcode Reply --in-interface eth1 -j ACCEPT
+}
+
+iptables-down()
+{
+        $IPTABLES -P FORWARD ACCEPT
+        $IPTABLES -D FORWARD -m physdev --physdev-in eth0 -j ACCEPT
+        $IPTABLES -D FORWARD -m physdev --physdev-in eth1 -j ACCEPT
+}
+
+ebtables-down()
+{
+        $EBTABLES -P FORWARD ACCEPT
+        $EBTABLES -D FORWARD -o eth0 -j ACCEPT
+        $EBTABLES -D FORWARD -o eth1 -j ACCEPT
+}
+
+arptables-down()
+{
+        $ARPTABLES -P FORWARD ACCEPT
+        $ARPTABLES -D FORWARD --opcode Request --in-interface eth0 -j ACCEPT
+        $ARPTABLES -D FORWARD --opcode Reply --in-interface eth0 -j ACCEPT
+        $ARPTABLES -D FORWARD --opcode Request --in-interface eth1 -j ACCEPT
+        $ARPTABLES -D FORWARD --opcode Reply --in-interface eth1 -j ACCEPT
+}
+
+start()
+{
+        iptables-up
+        ebtables-up
+        arptables-up
+}
+
+stop()
+{
+        iptables-down
+        ebtables-down
+        arptables-down
+}
+
+case "$1" in
+        start)
+                start
+                RETVAL=$?
+                ;;
+        stop)
+                stop
+                RETVAL=$?
+                ;;
+        restart)
+                stop
+                start
+                RETVAL=$?
+                ;;
+        *)
+                echo $"Usage: $0 {start|stop|restart}"
+                exit 1
+                ;;
+esac
+exit $RETVAL
diff --git a/plugins/xenserver/networking/etc/xensource/scripts/vif_5.6-fp1.patch b/plugins/xenserver/networking/etc/xensource/scripts/vif_5.6-fp1.patch
new file mode 100644
index 000000000..feaf1312d
--- /dev/null
+++ b/plugins/xenserver/networking/etc/xensource/scripts/vif_5.6-fp1.patch
@@ -0,0 +1,22 @@
+--- vif     2010-12-20 16:39:46.000000000 +0000
++++ vif_modified 2010-11-19 23:24:37.000000000 +0000
+@@ -213,6 +213,7 @@
+ 
+         # xs-xen.pq.hq:91e986b8e49f netback-wait-for-hotplug
+         xenstore-write "/local/domain/0/backend/vif/${DOMID}/${DEVID}/hotplug-status" "connected"
++       python /etc/xensource/scripts/vif_rules.py ${DOMID} online 2>&1 > /dev/null
+     fi
+     ;;
+ 
+@@ -224,9 +225,11 @@
+ 
+ remove)
+     if [ "${TYPE}" = "vif" ] ;then
++       python /etc/xensource/scripts/vif_rules.py ${DOMID} offline 2>&1 > /dev/null
+         xenstore-rm "${HOTPLUG}/hotplug"
+     fi
+     logger -t scripts-vif "${dev} has been removed"
+     remove_from_bridge
+     ;;
+ esac
++
diff --git a/plugins/xenserver/networking/etc/xensource/scripts/vif_rules.py b/plugins/xenserver/networking/etc/xensource/scripts/vif_rules.py
new file mode 100755
index 000000000..d60816ce7
--- /dev/null
+++ b/plugins/xenserver/networking/etc/xensource/scripts/vif_rules.py
@@ -0,0 +1,119 @@
+#!/usr/bin/env python
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright 2010 OpenStack LLC.
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+"""
+This script is used to configure iptables, ebtables, and arptables rules on
+XenServer hosts.
+"""
+
+import os
+import subprocess
+import sys
+
+# This is written to Python 2.4, since that is what is available on XenServer
+import simplejson as json
+
+
+def main(dom_id, command, only_this_vif=None):
+    xsls = execute("/usr/bin/xenstore-ls /local/domain/%s/vm-data/networking" \
+                  % dom_id, True)
+    macs = [line.split("=")[0].strip() for line in xsls.splitlines()]
+
+    for mac in macs:
+        xsr = "/usr/bin/xenstore-read /local/domain/%s/vm-data/networking/%s"
+        xsread = execute(xsr % (dom_id, mac), True)
+        data = json.loads(xsread)
+        for ip in data['ips']:
+            if data["label"] == "public":
+                vif = "vif%s.0" % dom_id
+            else:
+                vif = "vif%s.1" % dom_id
+
+            if (only_this_vif is None) or (vif == only_this_vif):
+                params = dict(IP=ip['ip'], VIF=vif, MAC=data['mac'])
+                apply_ebtables_rules(command, params)
+                apply_arptables_rules(command, params)
+                apply_iptables_rules(command, params)
+
+
+def execute(command, return_stdout=False):
+    devnull = open(os.devnull, 'w')
+    proc = subprocess.Popen(command, shell=True, close_fds=True,
+                            stdout=subprocess.PIPE, stderr=devnull)
+    devnull.close()
+    if return_stdout:
+        return proc.stdout.read()
+    else:
+        return None
+
+# A note about adding rules:
+#   Whenever we add any rule to iptables, arptables or ebtables we first
+#   delete the same rule to ensure the rule only exists once.
+
+
+def apply_iptables_rules(command, params):
+    iptables = lambda rule: execute("/sbin/iptables %s" % rule)
+
+    iptables("-D FORWARD -m physdev --physdev-in %(VIF)s -s %(IP)s \
+              -j ACCEPT" % params)
+    if command == 'online':
+        iptables("-A FORWARD -m physdev --physdev-in %(VIF)s -s %(IP)s \
+                  -j ACCEPT" % params)
+
+
+def apply_arptables_rules(command, params):
+    arptables = lambda rule: execute("/sbin/arptables %s" % rule)
+
+    arptables("-D FORWARD --opcode Request --in-interface %(VIF)s \
+               --source-ip %(IP)s --source-mac %(MAC)s -j ACCEPT" % params)
+    arptables("-D FORWARD --opcode Reply --in-interface %(VIF)s \
+               --source-ip %(IP)s --source-mac %(MAC)s -j ACCEPT" % params)
+    if command == 'online':
+        arptables("-A FORWARD --opcode Request --in-interface %(VIF)s \
+                  --source-ip %(IP)s --source-mac %(MAC)s -j ACCEPT" % params)
+        arptables("-A FORWARD --opcode Reply --in-interface %(VIF)s \
+                  --source-ip %(IP)s --source-mac %(MAC)s -j ACCEPT" % params)
+
+
+def apply_ebtables_rules(command, params):
+    ebtables = lambda rule: execute("/sbin/ebtables %s" % rule)
+
+    ebtables("-D FORWARD -p 0806 -o %(VIF)s --arp-ip-dst %(IP)s -j ACCEPT" %
+             params)
+    ebtables("-D FORWARD -p 0800 -o %(VIF)s --ip-dst %(IP)s -j ACCEPT" %
+             params)
+    if command == 'online':
+        ebtables("-A FORWARD -p 0806 -o %(VIF)s --arp-ip-dst %(IP)s \
+                  -j ACCEPT" % params)
+        ebtables("-A FORWARD -p 0800 -o %(VIF)s --ip-dst %(IP)s \
+                  -j ACCEPT" % params)
+
+    ebtables("-D FORWARD -s ! %(MAC)s -i %(VIF)s -j DROP" % params)
+    if command == 'online':
+        ebtables("-I FORWARD 1 -s ! %(MAC)s -i %(VIF)s -j DROP" % params)
+
+
+if __name__ == "__main__":
+    if len(sys.argv) < 3:
+        print "usage: %s dom_id online|offline [vif]" % \
+               os.path.basename(sys.argv[0])
+        sys.exit(1)
+    else:
+        dom_id, command = sys.argv[1:3]
+        vif = len(sys.argv) == 4 and sys.argv[3] or None
+        main(dom_id, command, vif)
diff --git a/plugins/xenserver/xenapi/README b/plugins/xenserver/xenapi/README
new file mode 100644
index 000000000..fbd471035
--- /dev/null
+++ b/plugins/xenserver/xenapi/README
@@ -0,0 +1,6 @@
+This directory contains files that are required for the XenAPI support.  They
+should be installed in the XenServer / Xen Cloud Platform domain 0.
+
+Also, you need to
+
+chmod u+x /etc/xapi.d/plugins/objectstore
diff --git a/plugins/xenserver/xenapi/etc/xapi.d/plugins/glance b/plugins/xenserver/xenapi/etc/xapi.d/plugins/glance
new file mode 100644
index 000000000..5e648b970
--- /dev/null
+++ b/plugins/xenserver/xenapi/etc/xapi.d/plugins/glance
@@ -0,0 +1,132 @@
+#!/usr/bin/env python
+
+# Copyright (c) 2010 Citrix Systems, Inc.
+# Copyright 2010 United States Government as represented by the
+# Administrator of the National Aeronautics and Space Administration.
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+#
+# XenAPI plugin for putting images into glance
+#
+
+import base64
+import errno
+import hmac
+import httplib
+import os
+import os.path
+import pickle
+import sha
+import subprocess
+import time
+import urlparse
+
+import XenAPIPlugin
+
+#FIXME(sirp): should this use pluginlib from 5.6?
+from pluginlib_nova import *
+configure_logging('glance')
+
+CHUNK_SIZE = 8192
+FILE_SR_PATH = '/var/run/sr-mount'
+
+def put_vdis(session, args):
+    params = pickle.loads(exists(args, 'params'))
+    vdi_uuids = params["vdi_uuids"]
+    image_name = params["image_name"]
+    glance_host = params["glance_host"]
+    glance_port = params["glance_port"]
+    
+    sr_path = get_sr_path(session)
+    #FIXME(sirp): writing to a temp file until Glance supports chunked-PUTs
+    tmp_file = "%s.tar.gz" % os.path.join('/tmp', image_name) 
+    tar_cmd = ['tar', '-zcf', tmp_file, '--directory=%s' % sr_path]
+    paths = [ "%s.vhd" % vdi_uuid for vdi_uuid in vdi_uuids ]
+    tar_cmd.extend(paths)
+    logging.debug("Bundling image with cmd: %s", tar_cmd)
+    subprocess.call(tar_cmd)
+    logging.debug("Writing to test file %s", tmp_file) 
+    put_bundle_in_glance(tmp_file, image_name, glance_host, glance_port)
+    return "" # FIXME(sirp): return anything useful here?
+
+
+def put_bundle_in_glance(tmp_file, image_name, glance_host, glance_port):
+    size = os.path.getsize(tmp_file) 
+    basename = os.path.basename(tmp_file)
+
+    bundle = open(tmp_file, 'r')
+    try:
+        headers = {
+            'x-image-meta-store': 'file',
+            'x-image-meta-is_public': 'True',
+            'x-image-meta-type': 'raw',
+            'x-image-meta-name': image_name,
+            'x-image-meta-size': size,
+            'content-length': size,
+            'content-type': 'application/octet-stream',
+         }
+        conn = httplib.HTTPConnection(glance_host, glance_port)
+        #NOTE(sirp): httplib under python2.4 won't accept a file-like object
+        # to request
+        conn.putrequest('POST', '/images')
+
+        for header, value in headers.iteritems():
+            conn.putheader(header, value)
+        conn.endheaders()
+        
+        chunk = bundle.read(CHUNK_SIZE)
+        while chunk:
+            conn.send(chunk)
+            chunk = bundle.read(CHUNK_SIZE)
+        
+
+        res = conn.getresponse()
+        #FIXME(sirp): should this be 201 Created?
+        if res.status != httplib.OK:
+            raise Exception("Unexpected response from Glance %i" % res.status)
+    finally:
+        bundle.close()
+
+def get_sr_path(session):
+    sr_ref = find_sr(session)
+
+    if sr_ref is None:
+        raise Exception('Cannot find SR to read VDI from')
+
+    sr_rec = session.xenapi.SR.get_record(sr_ref)
+    sr_uuid = sr_rec["uuid"]
+    sr_path = os.path.join(FILE_SR_PATH, sr_uuid)
+    return sr_path
+
+
+#TODO(sirp): both objectstore and glance need this, should this be refactored
+#into common lib
+def find_sr(session):
+    host = get_this_host(session)
+    srs = session.xenapi.SR.get_all()
+    for sr in srs:
+        sr_rec = session.xenapi.SR.get_record(sr)
+        if not ('i18n-key' in sr_rec['other_config'] and
+                sr_rec['other_config']['i18n-key'] == 'local-storage'):
+            continue
+        for pbd in sr_rec['PBDs']:
+            pbd_rec = session.xenapi.PBD.get_record(pbd)
+            if pbd_rec['host'] == host:
+                return sr
+    return None
+
+
+if __name__ == '__main__':
+    XenAPIPlugin.dispatch({'put_vdis': put_vdis})
diff --git a/plugins/xenserver/xenapi/etc/xapi.d/plugins/objectstore b/plugins/xenserver/xenapi/etc/xapi.d/plugins/objectstore
new file mode 100644
index 000000000..8ee2f748d
--- /dev/null
+++ b/plugins/xenserver/xenapi/etc/xapi.d/plugins/objectstore
@@ -0,0 +1,252 @@
+#!/usr/bin/env python
+
+# Copyright (c) 2010 Citrix Systems, Inc.
+# Copyright 2010 United States Government as represented by the
+# Administrator of the National Aeronautics and Space Administration.
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+#
+# XenAPI plugin for fetching images from nova-objectstore.
+#
+
+import base64
+import errno
+import hmac
+import os
+import os.path
+import sha
+import time
+import urlparse
+
+import XenAPIPlugin
+
+from pluginlib_nova import *
+configure_logging('objectstore')
+
+
+KERNEL_DIR = '/boot/guest'
+
+DOWNLOAD_CHUNK_SIZE = 2 * 1024 * 1024
+SECTOR_SIZE = 512
+MBR_SIZE_SECTORS = 63
+MBR_SIZE_BYTES = MBR_SIZE_SECTORS * SECTOR_SIZE
+
+def is_vdi_pv(session,args):
+    logging.debug("Checking wheter VDI has PV kernel")
+    vdi = exists(args, 'vdi-ref')
+    pv=with_vdi_in_dom0(session, vdi, False,
+                     lambda dev: _is_vdi_pv('/dev/%s' % dev))
+    if pv:
+        return 'true'
+    else:
+        return 'false'
+
+def _is_vdi_pv(dest):
+    logging.debug("Running pygrub against %s",dest)
+    output=os.popen('pygrub -qn %s' % dest)
+    pv=False
+    for line in output.readlines():
+        #try to find kernel string
+        m=re.search('(?<=kernel:)/.*(?:>)',line)
+        if m:
+            if m.group(0).find('xen')!=-1:
+                pv=True
+    logging.debug("PV:%d",pv)
+    return pv 
+        
+def get_vdi(session, args):
+    src_url = exists(args, 'src_url')
+    username = exists(args, 'username')
+    password = exists(args, 'password')
+    raw_image=validate_bool(args, 'raw', 'false')
+    add_partition = validate_bool(args, 'add_partition', 'false')
+    (proto, netloc, url_path, _, _, _) = urlparse.urlparse(src_url)
+    sr = find_sr(session)
+    if sr is None:
+        raise Exception('Cannot find SR to write VDI to')
+    virtual_size = \
+        get_content_length(proto, netloc, url_path, username, password)
+    if virtual_size < 0:
+        raise Exception('Cannot get VDI size')
+    vdi_size = virtual_size
+    if add_partition:
+        # Make room for MBR.
+        vdi_size += MBR_SIZE_BYTES
+
+    vdi = create_vdi(session, sr, src_url, vdi_size, False)
+    with_vdi_in_dom0(session, vdi, False,
+                     lambda dev: get_vdi_(proto, netloc, url_path,
+                                          username, password, add_partition,raw_image,
+                                          virtual_size, '/dev/%s' % dev))
+    return session.xenapi.VDI.get_uuid(vdi)
+
+
+def get_vdi_(proto, netloc, url_path, username, password, add_partition,raw_image,
+             virtual_size, dest):
+
+    #Salvatore: vdi should not be partitioned for raw images
+    if (add_partition and not raw_image):
+        write_partition(virtual_size, dest)
+
+    offset = (add_partition and not raw_image and MBR_SIZE_BYTES) or 0
+    get(proto, netloc, url_path, username, password, dest, offset)
+
+
+def write_partition(virtual_size, dest):
+    mbr_last = MBR_SIZE_SECTORS - 1
+    primary_first = MBR_SIZE_SECTORS
+    primary_last = MBR_SIZE_SECTORS + (virtual_size / SECTOR_SIZE) - 1
+
+    logging.debug('Writing partition table %d %d to %s...',
+                  primary_first, primary_last, dest)
+
+    result = os.system('parted --script %s mklabel msdos' % dest)
+    if result != 0:
+        raise Exception('Failed to mklabel')
+    result = os.system('parted --script %s mkpart primary %ds %ds' %
+                       (dest, primary_first, primary_last))
+    if result != 0:
+        raise Exception('Failed to mkpart')
+
+    logging.debug('Writing partition table %s done.', dest)
+
+
+def find_sr(session):
+    host = get_this_host(session)
+    srs = session.xenapi.SR.get_all()
+    for sr in srs:
+        sr_rec = session.xenapi.SR.get_record(sr)
+        if not ('i18n-key' in sr_rec['other_config'] and
+                sr_rec['other_config']['i18n-key'] == 'local-storage'):
+            continue
+        for pbd in sr_rec['PBDs']:
+            pbd_rec = session.xenapi.PBD.get_record(pbd)
+            if pbd_rec['host'] == host:
+                return sr
+    return None
+
+
+def get_kernel(session, args):
+    src_url = exists(args, 'src_url')
+    username = exists(args, 'username')
+    password = exists(args, 'password')
+
+    (proto, netloc, url_path, _, _, _) = urlparse.urlparse(src_url)
+    
+    dest = os.path.join(KERNEL_DIR, url_path[1:])
+
+    # Paranoid check against people using ../ to do rude things.
+    if os.path.commonprefix([KERNEL_DIR, dest]) != KERNEL_DIR:
+        raise Exception('Illegal destination %s %s', (url_path, dest))
+
+    dirname = os.path.dirname(dest)
+    try:
+        os.makedirs(dirname)
+    except os.error, e: 
+        if e.errno != errno.EEXIST: 
+            raise
+        if not os.path.isdir(dirname):
+            raise Exception('Cannot make directory %s', dirname)
+
+    try:
+        os.remove(dest)
+    except:
+        pass
+
+    get(proto, netloc, url_path, username, password, dest, 0)
+
+    return dest
+
+
+def get_content_length(proto, netloc, url_path, username, password):
+    headers = make_headers('HEAD', url_path, username, password)
+    return with_http_connection(
+        proto, netloc,
+        lambda conn: get_content_length_(url_path, headers, conn))
+
+
+def get_content_length_(url_path, headers, conn):
+    conn.request('HEAD', url_path, None, headers)
+    response = conn.getresponse()
+    if response.status != 200:
+        raise Exception('%d %s' % (response.status, response.reason))
+
+    return long(response.getheader('Content-Length', -1))
+
+
+def get(proto, netloc, url_path, username, password, dest, offset):
+    headers = make_headers('GET', url_path, username, password)
+    download(proto, netloc, url_path, headers, dest, offset)
+
+
+def make_headers(verb, url_path, username, password):
+    headers = {}
+    headers['Date'] = \
+        time.strftime("%a, %d %b %Y %H:%M:%S GMT", time.gmtime())
+    headers['Authorization'] = \
+        'AWS %s:%s' % (username,
+                       s3_authorization(verb, url_path, password, headers))
+    return headers
+
+
+def s3_authorization(verb, path, password, headers):
+    sha1 = hmac.new(password, digestmod=sha)
+    sha1.update(plaintext(verb, path, headers))
+    return base64.encodestring(sha1.digest()).strip()
+
+
+def plaintext(verb, path, headers):
+    return '%s\n\n\n%s\n%s' % (verb,
+                           "\n".join([headers[h] for h in headers]),
+                           path)
+
+
+def download(proto, netloc, url_path, headers, dest, offset):
+    with_http_connection(
+        proto, netloc,
+        lambda conn: download_(url_path, dest, offset, headers, conn))
+
+
+def download_(url_path, dest, offset, headers, conn):
+    conn.request('GET', url_path, None, headers)
+    response = conn.getresponse()
+    if response.status != 200:
+        raise Exception('%d %s' % (response.status, response.reason))
+
+    length = response.getheader('Content-Length', -1)
+
+    with_file(
+        dest, 'a',
+        lambda dest_file: download_all(response, length, dest_file, offset))
+
+
+def download_all(response, length, dest_file, offset):
+    dest_file.seek(offset)
+    i = 0
+    while True:
+        buf = response.read(DOWNLOAD_CHUNK_SIZE)
+        if buf:
+            dest_file.write(buf)
+        else:
+            return
+        i += len(buf)
+        if length != -1 and i >= length:
+            return
+
+
+if __name__ == '__main__':
+    XenAPIPlugin.dispatch({'get_vdi': get_vdi,
+                           'get_kernel': get_kernel, 
+                           'is_vdi_pv': is_vdi_pv})
diff --git a/plugins/xenserver/xenapi/etc/xapi.d/plugins/pluginlib_nova.py b/plugins/xenserver/xenapi/etc/xapi.d/plugins/pluginlib_nova.py
new file mode 100755
index 000000000..2d323a016
--- /dev/null
+++ b/plugins/xenserver/xenapi/etc/xapi.d/plugins/pluginlib_nova.py
@@ -0,0 +1,216 @@
+# Copyright (c) 2010 Citrix Systems, Inc.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+
+#
+# Helper functions for the Nova xapi plugins.  In time, this will merge
+# with the pluginlib.py shipped with xapi, but for now, that file is not
+# very stable, so it's easiest just to have a copy of all the functions
+# that we need.
+#
+
+import httplib
+import logging
+import logging.handlers
+import re
+import time
+
+
+##### Logging setup
+
+def configure_logging(name):
+    log = logging.getLogger()
+    log.setLevel(logging.DEBUG)
+    sysh = logging.handlers.SysLogHandler('/dev/log')
+    sysh.setLevel(logging.DEBUG)
+    formatter = logging.Formatter('%s: %%(levelname)-8s %%(message)s' % name)
+    sysh.setFormatter(formatter)
+    log.addHandler(sysh)
+
+
+##### Exceptions
+
+class PluginError(Exception):
+    """Base Exception class for all plugin errors."""
+    def __init__(self, *args):
+        Exception.__init__(self, *args)
+
+class ArgumentError(PluginError):
+    """Raised when required arguments are missing, argument values are invalid,
+    or incompatible arguments are given.
+    """
+    def __init__(self, *args):
+        PluginError.__init__(self, *args)
+
+
+##### Helpers
+
+def ignore_failure(func, *args, **kwargs):
+    try:
+        return func(*args, **kwargs)
+    except XenAPI.Failure, e:
+        logging.error('Ignoring XenAPI.Failure %s', e)
+        return None
+
+
+##### Argument validation
+
+ARGUMENT_PATTERN = re.compile(r'^[a-zA-Z0-9_:\.\-,]+$')
+
+def validate_exists(args, key, default=None):
+    """Validates that a string argument to a RPC method call is given, and
+    matches the shell-safe regex, with an optional default value in case it
+    does not exist.
+
+    Returns the string.
+    """
+    if key in args:
+        if len(args[key]) == 0:
+            raise ArgumentError('Argument %r value %r is too short.' % (key, args[key]))
+        if not ARGUMENT_PATTERN.match(args[key]):
+            raise ArgumentError('Argument %r value %r contains invalid characters.' % (key, args[key]))
+        if args[key][0] == '-':
+            raise ArgumentError('Argument %r value %r starts with a hyphen.' % (key, args[key]))
+        return args[key]
+    elif default is not None:
+        return default
+    else:
+        raise ArgumentError('Argument %s is required.' % key)
+
+def validate_bool(args, key, default=None):
+    """Validates that a string argument to a RPC method call is a boolean string,
+    with an optional default value in case it does not exist.
+
+    Returns the python boolean value.
+    """
+    value = validate_exists(args, key, default)
+    if value.lower() == 'true':
+        return True
+    elif value.lower() == 'false':
+        return False
+    else:
+        raise ArgumentError("Argument %s may not take value %r. Valid values are ['true', 'false']." % (key, value))
+
+def exists(args, key):
+    """Validates that a freeform string argument to a RPC method call is given.
+    Returns the string.
+    """
+    if key in args:
+        return args[key]
+    else:
+        raise ArgumentError('Argument %s is required.' % key)
+
+def optional(args, key):
+    """If the given key is in args, return the corresponding value, otherwise
+    return None"""
+    return key in args and args[key] or None
+
+
+def get_this_host(session):
+    return session.xenapi.session.get_this_host(session.handle)
+
+
+def get_domain_0(session):
+    this_host_ref = get_this_host(session)
+    expr = 'field "is_control_domain" = "true" and field "resident_on" = "%s"' % this_host_ref
+    return session.xenapi.VM.get_all_records_where(expr).keys()[0]
+
+
+def create_vdi(session, sr_ref, name_label, virtual_size, read_only):
+    vdi_ref = session.xenapi.VDI.create(
+        { 'name_label': name_label,
+          'name_description': '',
+          'SR': sr_ref,
+          'virtual_size': str(virtual_size),
+          'type': 'User',
+          'sharable': False,
+          'read_only': read_only,
+          'xenstore_data': {},
+          'other_config': {},
+          'sm_config': {},
+          'tags': [] })
+    logging.debug('Created VDI %s (%s, %s, %s) on %s.', vdi_ref, name_label,
+                  virtual_size, read_only, sr_ref)
+    return vdi_ref
+
+
+def with_vdi_in_dom0(session, vdi, read_only, f):
+    dom0 = get_domain_0(session)
+    vbd_rec = {}
+    vbd_rec['VM'] = dom0
+    vbd_rec['VDI'] = vdi
+    vbd_rec['userdevice'] = 'autodetect'
+    vbd_rec['bootable'] = False
+    vbd_rec['mode'] = read_only and 'RO' or 'RW'
+    vbd_rec['type'] = 'disk'
+    vbd_rec['unpluggable'] = True
+    vbd_rec['empty'] = False
+    vbd_rec['other_config'] = {}
+    vbd_rec['qos_algorithm_type'] = ''
+    vbd_rec['qos_algorithm_params'] = {}
+    vbd_rec['qos_supported_algorithms'] = []
+    logging.debug('Creating VBD for VDI %s ... ', vdi)
+    vbd = session.xenapi.VBD.create(vbd_rec)
+    logging.debug('Creating VBD for VDI %s done.', vdi)
+    try:
+        logging.debug('Plugging VBD %s ... ', vbd)
+        session.xenapi.VBD.plug(vbd)
+        logging.debug('Plugging VBD %s done.', vbd)
+        return f(session.xenapi.VBD.get_device(vbd))
+    finally:
+        logging.debug('Destroying VBD for VDI %s ... ', vdi)
+        vbd_unplug_with_retry(session, vbd)
+        ignore_failure(session.xenapi.VBD.destroy, vbd)
+        logging.debug('Destroying VBD for VDI %s done.', vdi)
+
+
+def vbd_unplug_with_retry(session, vbd):
+    """Call VBD.unplug on the given VBD, with a retry if we get
+    DEVICE_DETACH_REJECTED.  For reasons which I don't understand, we're
+    seeing the device still in use, even when all processes using the device
+    should be dead."""
+    while True:
+        try:
+            session.xenapi.VBD.unplug(vbd)
+            logging.debug('VBD.unplug successful first time.')
+            return
+        except XenAPI.Failure, e:
+            if (len(e.details) > 0 and
+                e.details[0] == 'DEVICE_DETACH_REJECTED'):
+                logging.debug('VBD.unplug rejected: retrying...')
+                time.sleep(1)
+            elif (len(e.details) > 0 and
+                  e.details[0] == 'DEVICE_ALREADY_DETACHED'):
+                logging.debug('VBD.unplug successful eventually.')
+                return
+            else:
+                logging.error('Ignoring XenAPI.Failure in VBD.unplug: %s', e)
+                return
+
+
+def with_http_connection(proto, netloc, f):
+    conn = (proto == 'https' and
+            httplib.HTTPSConnection(netloc) or
+            httplib.HTTPConnection(netloc))
+    try:
+        return f(conn)
+    finally:
+        conn.close()
+
+
+def with_file(dest_path, mode, f):
+    dest = open(dest_path, mode)
+    try:
+        return f(dest)
+    finally:
+        dest.close()