From 12ec5f5c0d6a88779780b15b6ef38a016d6aae4a Mon Sep 17 00:00:00 2001
From: Johannes Erdfelt <johannes.erdfelt@rackspace.com>
Date: Tue, 12 Apr 2011 08:04:55 -0700
Subject: Add new flag 'max_kernel_ramdisk_size' to specify a maximum size of
 kernel or ramdisk so we don't copy large files to dom0 and fill up
 /boot/guest

---
 nova/virt/xenapi/vm_utils.py | 8 ++++++++
 1 file changed, 8 insertions(+)

(limited to 'nova/virt')

diff --git a/nova/virt/xenapi/vm_utils.py b/nova/virt/xenapi/vm_utils.py
index d2045a557..dd1fd9383 100644
--- a/nova/virt/xenapi/vm_utils.py
+++ b/nova/virt/xenapi/vm_utils.py
@@ -51,6 +51,8 @@ FLAGS = flags.FLAGS
 flags.DEFINE_string('default_os_type', 'linux', 'Default OS type')
 flags.DEFINE_integer('block_device_creation_timeout', 10,
                      'time to wait for a block device to be created')
+flags.DEFINE_integer('max_kernel_ramdisk_size', 16 * 1024 * 1024,
+                     'maximum size in bytes of kernel or ramdisk images')
 
 XENAPI_POWER_STATE = {
     'Halted': power_state.SHUTDOWN,
@@ -448,6 +450,12 @@ class VMHelper(HelperBase):
         if image_type == ImageType.DISK:
             # Make room for MBR.
             vdi_size += MBR_SIZE_BYTES
+        elif image_type == ImageType.KERNEL_RAMDISK and \
+             vdi_size > FLAGS.max_kernel_ramdisk_size:
+            max_size = FLAGS.max_kernel_ramdisk_size
+            raise exception.Error(
+                _("Kernel/Ramdisk image is too large, %(vdi_size)d bytes "
+                  "(max %(max_size)d bytes)") % locals())
 
         name_label = get_name_label_for_image(image)
         vdi_ref = cls.create_vdi(session, sr_ref, name_label, vdi_size, False)
-- 
cgit 


From c04b0caca4a725be390271be30bf8a034aa5ca9d Mon Sep 17 00:00:00 2001
From: Johannes Erdfelt <johannes.erdfelt@rackspace.com>
Date: Wed, 13 Apr 2011 10:10:40 -0700
Subject: Minor formatting cleanup

---
 nova/virt/xenapi/vm_utils.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'nova/virt')

diff --git a/nova/virt/xenapi/vm_utils.py b/nova/virt/xenapi/vm_utils.py
index dd1fd9383..32a617ef4 100644
--- a/nova/virt/xenapi/vm_utils.py
+++ b/nova/virt/xenapi/vm_utils.py
@@ -454,8 +454,8 @@ class VMHelper(HelperBase):
              vdi_size > FLAGS.max_kernel_ramdisk_size:
             max_size = FLAGS.max_kernel_ramdisk_size
             raise exception.Error(
-                _("Kernel/Ramdisk image is too large, %(vdi_size)d bytes "
-                  "(max %(max_size)d bytes)") % locals())
+                _("Kernel/Ramdisk image is too large: %(vdi_size)d bytes, "
+                  "max %(max_size)d bytes") % locals())
 
         name_label = get_name_label_for_image(image)
         vdi_ref = cls.create_vdi(session, sr_ref, name_label, vdi_size, False)
-- 
cgit 


From 43fa5afac9e5af74e2e3977a5dafd9640d064cf1 Mon Sep 17 00:00:00 2001
From: Johannes Erdfelt <johannes.erdfelt@rackspace.com>
Date: Wed, 11 May 2011 15:12:12 +0000
Subject: Abstract out IPv6 address generation to pluggable backends

---
 nova/virt/libvirt_conn.py | 3 ++-
 nova/virt/xenapi/vmops.py | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

(limited to 'nova/virt')

diff --git a/nova/virt/libvirt_conn.py b/nova/virt/libvirt_conn.py
index 9780c69a6..4dce3b41f 100644
--- a/nova/virt/libvirt_conn.py
+++ b/nova/virt/libvirt_conn.py
@@ -60,6 +60,7 @@ from nova import flags
 from nova import log as logging
 from nova import utils
 from nova import vnc
+from nova import ipv6
 from nova.auth import manager
 from nova.compute import instance_types
 from nova.compute import power_state
@@ -185,7 +186,7 @@ def _get_network_info(instance):
             prefix = network['cidr_v6']
             mac = instance['mac_address']
             return  {
-                'ip': utils.to_global_ipv6(prefix, mac),
+                'ip': ipv6.to_global(prefix, mac),
                 'netmask': network['netmask_v6'],
                 'enabled': '1'}
 
diff --git a/nova/virt/xenapi/vmops.py b/nova/virt/xenapi/vmops.py
index fe9a74dd6..0b05e702a 100644
--- a/nova/virt/xenapi/vmops.py
+++ b/nova/virt/xenapi/vmops.py
@@ -34,6 +34,7 @@ from nova import log as logging
 from nova import exception
 from nova import utils
 from nova import flags
+from nova import ipv6
 
 from nova.auth.manager import AuthManager
 from nova.compute import power_state
@@ -808,7 +809,7 @@ class VMOps(object):
 
             def ip6_dict():
                 return {
-                    "ip": utils.to_global_ipv6(network['cidr_v6'],
+                    "ip": ipv6.to_global(network['cidr_v6'],
                                                instance['mac_address']),
                     "netmask": network['netmask_v6'],
                     "enabled": "1"}
-- 
cgit 


From d2b8350a026e0f00eae7cadbacaa15d4b44331af Mon Sep 17 00:00:00 2001
From: Johannes Erdfelt <johannes.erdfelt@rackspace.com>
Date: Wed, 11 May 2011 21:04:40 +0000
Subject: Implement IPv6 address generation that includes account identifier

---
 nova/virt/libvirt_conn.py | 3 ++-
 nova/virt/xenapi/vmops.py | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

(limited to 'nova/virt')

diff --git a/nova/virt/libvirt_conn.py b/nova/virt/libvirt_conn.py
index cde864b0d..80e1a1f85 100644
--- a/nova/virt/libvirt_conn.py
+++ b/nova/virt/libvirt_conn.py
@@ -185,8 +185,9 @@ def _get_network_info(instance):
         def ip6_dict():
             prefix = network['cidr_v6']
             mac = instance['mac_address']
+            project_id = instance['project_id']
             return  {
-                'ip': ipv6.to_global(prefix, mac),
+                'ip': ipv6.to_global(prefix, mac, project_id),
                 'netmask': network['netmask_v6'],
                 'enabled': '1'}
 
diff --git a/nova/virt/xenapi/vmops.py b/nova/virt/xenapi/vmops.py
index 0b05e702a..cc2b54331 100644
--- a/nova/virt/xenapi/vmops.py
+++ b/nova/virt/xenapi/vmops.py
@@ -810,7 +810,8 @@ class VMOps(object):
             def ip6_dict():
                 return {
                     "ip": ipv6.to_global(network['cidr_v6'],
-                                               instance['mac_address']),
+                                         instance['mac_address'],
+                                         instance['project_id']),
                     "netmask": network['netmask_v6'],
                     "enabled": "1"}
 
-- 
cgit 


From ad3f578a37001957361014c7400dbe2e8ddd0baf Mon Sep 17 00:00:00 2001
From: Eldar Nugaev <enugaev@griddynamics.com>
Date: Thu, 12 May 2011 17:44:07 +0400
Subject: Added network_info into refresh_security_group_rules

---
 nova/virt/libvirt_conn.py | 20 ++++++++++++++------
 1 file changed, 14 insertions(+), 6 deletions(-)

(limited to 'nova/virt')

diff --git a/nova/virt/libvirt_conn.py b/nova/virt/libvirt_conn.py
index 555e44ce2..1e0a25a17 100644
--- a/nova/virt/libvirt_conn.py
+++ b/nova/virt/libvirt_conn.py
@@ -1612,7 +1612,9 @@ class FirewallDriver(object):
         """
         raise NotImplementedError()
 
-    def refresh_security_group_rules(self, security_group_id):
+    def refresh_security_group_rules(self,
+                                     security_group_id,
+                                     network_info=None):
         """Refresh security group rules from data store
 
         Gets called when a rule has been added to or removed from
@@ -1911,7 +1913,9 @@ class NWFilterFirewall(FirewallDriver):
         self._define_filter(self._filter_container(filter_name,
                                                    filter_children))
 
-    def refresh_security_group_rules(self, security_group_id):
+    def refresh_security_group_rules(self,
+                                     security_group_id,
+                                     network_info=None):
         return self._define_filter(
                    self.security_group_to_nwfilter_xml(security_group_id))
 
@@ -2169,15 +2173,19 @@ class IptablesFirewallDriver(FirewallDriver):
     def refresh_security_group_members(self, security_group):
         pass
 
-    def refresh_security_group_rules(self, security_group):
-        self.do_refresh_security_group_rules(security_group)
+    def refresh_security_group_rules(self, security_group, network_info=None):
+        self.do_refresh_security_group_rules(security_group, network_info)
         self.iptables.apply()
 
     @utils.synchronized('iptables', external=True)
-    def do_refresh_security_group_rules(self, security_group):
+    def do_refresh_security_group_rules(self,
+                                        security_group,
+                                        network_info=None):
         for instance in self.instances.values():
             self.remove_filters_for_instance(instance)
-            self.add_filters_for_instance(instance)
+            if not network_info:
+                network_info = _get_network_info(instance)
+            self.add_filters_for_instance(instance, network_info)
 
     def _security_group_chain_name(self, security_group_id):
         return 'nova-sg-%s' % (security_group_id,)
-- 
cgit 


From e7662bfcead8df8cc1fc655af6da15dc47777565 Mon Sep 17 00:00:00 2001
From: Anthony Young <sleepsonthefloor@gmail.com>
Date: Thu, 12 May 2011 13:42:04 -0700
Subject: fix for lp760921.  Previously, if tune2fs failed, as it does on
 windows hosts, kpartx -d also failed to be called which leaves mapped
 partitions that retain holds on the nbd device.  These holds cause the
 observed errors.

---
 nova/virt/disk.py | 50 ++++++++++++++++++++++++++------------------------
 1 file changed, 26 insertions(+), 24 deletions(-)

(limited to 'nova/virt')

diff --git a/nova/virt/disk.py b/nova/virt/disk.py
index ddea1a1f7..f8aea1f34 100644
--- a/nova/virt/disk.py
+++ b/nova/virt/disk.py
@@ -81,34 +81,36 @@ def inject_data(image, key=None, net=None, partition=None, nbd=False):
         else:
             mapped_device = device
 
-        # We can only loopback mount raw images. If the device isn't there,
-        # it's normally because it's a .vmdk or a .vdi etc
-        if not os.path.exists(mapped_device):
-            raise exception.Error('Mapped device was not found (we can'
-                                  ' only inject raw disk images): %s' %
-                                  mapped_device)
-
-        # Configure ext2fs so that it doesn't auto-check every N boots
-        out, err = utils.execute('sudo', 'tune2fs',
-                                 '-c', 0, '-i', 0, mapped_device)
-
-        tmpdir = tempfile.mkdtemp()
         try:
-            # mount loopback to dir
-            out, err = utils.execute(
-                    'sudo', 'mount', mapped_device, tmpdir)
-            if err:
-                raise exception.Error(_('Failed to mount filesystem: %s')
-                                      % err)
-
+            # We can only loopback mount raw images. If the device isn't there,
+            # it's normally because it's a .vmdk or a .vdi etc
+            if not os.path.exists(mapped_device):
+                raise exception.Error('Mapped device was not found (we can'
+                                      ' only inject raw disk images): %s' %
+                                      mapped_device)
+
+            # Configure ext2fs so that it doesn't auto-check every N boots
+            out, err = utils.execute('sudo', 'tune2fs',
+                                     '-c', 0, '-i', 0, mapped_device)
+
+            tmpdir = tempfile.mkdtemp()
             try:
-                inject_data_into_fs(tmpdir, key, net, utils.execute)
+                # mount loopback to dir
+                out, err = utils.execute(
+                        'sudo', 'mount', mapped_device, tmpdir)
+                if err:
+                    raise exception.Error(_('Failed to mount filesystem: %s')
+                                          % err)
+
+                try:
+                    inject_data_into_fs(tmpdir, key, net, utils.execute)
+                finally:
+                    # unmount device
+                    utils.execute('sudo', 'umount', mapped_device)
             finally:
-                # unmount device
-                utils.execute('sudo', 'umount', mapped_device)
+                # remove temporary directory
+                utils.execute('rmdir', tmpdir)
         finally:
-            # remove temporary directory
-            utils.execute('rmdir', tmpdir)
             if not partition is None:
                 # remove partitions
                 utils.execute('sudo', 'kpartx', '-d', device)
-- 
cgit 


From 1aad930383fa425b88e59929aa1698e31978eb62 Mon Sep 17 00:00:00 2001
From: Johannes Erdfelt <johannes.erdfelt@rackspace.com>
Date: Thu, 12 May 2011 22:19:52 +0000
Subject: Make sure imports are in alphabetical order

---
 nova/virt/libvirt_conn.py | 2 +-
 nova/virt/xenapi/vmops.py | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

(limited to 'nova/virt')

diff --git a/nova/virt/libvirt_conn.py b/nova/virt/libvirt_conn.py
index 80e1a1f85..6ee23d1df 100644
--- a/nova/virt/libvirt_conn.py
+++ b/nova/virt/libvirt_conn.py
@@ -57,10 +57,10 @@ from nova import context
 from nova import db
 from nova import exception
 from nova import flags
+from nova import ipv6
 from nova import log as logging
 from nova import utils
 from nova import vnc
-from nova import ipv6
 from nova.auth import manager
 from nova.compute import instance_types
 from nova.compute import power_state
diff --git a/nova/virt/xenapi/vmops.py b/nova/virt/xenapi/vmops.py
index cc2b54331..13d7d215b 100644
--- a/nova/virt/xenapi/vmops.py
+++ b/nova/virt/xenapi/vmops.py
@@ -28,13 +28,13 @@ import subprocess
 import tempfile
 import uuid
 
-from nova import db
 from nova import context
-from nova import log as logging
+from nova import db
 from nova import exception
-from nova import utils
 from nova import flags
 from nova import ipv6
+from nova import log as logging
+from nova import utils
 
 from nova.auth.manager import AuthManager
 from nova.compute import power_state
-- 
cgit 


From f51bd03c9ce5f4248cb6f10e3ed662ae6ba33ebd Mon Sep 17 00:00:00 2001
From: Johannes Erdfelt <johannes.erdfelt@rackspace.com>
Date: Tue, 17 May 2011 15:49:31 +0000
Subject: Instead of using a temp file with openssl, just write directly to
 stdin

---
 nova/virt/xenapi/vmops.py | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

(limited to 'nova/virt')

diff --git a/nova/virt/xenapi/vmops.py b/nova/virt/xenapi/vmops.py
index 13d7d215b..0074444f8 100644
--- a/nova/virt/xenapi/vmops.py
+++ b/nova/virt/xenapi/vmops.py
@@ -25,7 +25,6 @@ import M2Crypto
 import os
 import pickle
 import subprocess
-import tempfile
 import uuid
 
 from nova import context
@@ -1163,18 +1162,17 @@ class SimpleDH(object):
         return mpi
 
     def _run_ssl(self, text, which):
-        base_cmd = ('cat %(tmpfile)s | openssl enc -aes-128-cbc '
-                '-a -pass pass:%(shared)s -nosalt %(dec_flag)s')
+        base_cmd = ('openssl enc -aes-128-cbc -a -pass pass:%(shared)s '
+                '-nosalt %(dec_flag)s')
         if which.lower()[0] == 'd':
             dec_flag = ' -d'
         else:
             dec_flag = ''
-        fd, tmpfile = tempfile.mkstemp()
-        os.close(fd)
-        file(tmpfile, 'w').write(text)
         shared = self._shared
         cmd = base_cmd % locals()
         proc = _runproc(cmd)
+        proc.stdin.write(text)
+        proc.stdin.close()
         proc.wait()
         err = proc.stderr.read()
         if err:
-- 
cgit 


From 4d025ef1d2b2b97c13d710cb5080b78e246215bc Mon Sep 17 00:00:00 2001
From: Josh Kearney <josh@jk0.org>
Date: Wed, 18 May 2011 11:27:39 -0500
Subject: Added missing xenhost plugin.

---
 nova/virt/xenapi_conn.py | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'nova/virt')

diff --git a/nova/virt/xenapi_conn.py b/nova/virt/xenapi_conn.py
index eb572f295..6d828e109 100644
--- a/nova/virt/xenapi_conn.py
+++ b/nova/virt/xenapi_conn.py
@@ -169,15 +169,15 @@ class XenAPIConnection(driver.ComputeDriver):
 
     def __init__(self, url, user, pw):
         super(XenAPIConnection, self).__init__()
-        session = XenAPISession(url, user, pw)
-        self._vmops = VMOps(session)
-        self._volumeops = VolumeOps(session)
+        self._session = XenAPISession(url, user, pw)
+        self._vmops = VMOps(self._session)
+        self._volumeops = VolumeOps(self._session)
         self._host_state = None
 
     @property
     def HostState(self):
         if not self._host_state:
-            self._host_state = HostState(self.session)
+            self._host_state = HostState(self._session)
         return self._host_state
 
     def init_host(self, host):
-- 
cgit