----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/13992/#review26346 -----------------------------------------------------------
Commit 258118efa67b426611dc87c66b4891924641772b in branch refs/heads/master from Wei Zhou [ https://git-wip-us.apache.org/repos/asf?p=cloudstack.git;h=258118e ] CLOUDSTACK-4405: additional patch for bridge name and firewall rules issues after KVM upgrade to 4.2 There still exist two issues after Edison's commits. (1) Migration from new hosts to old hosts failed. The bridge name on old host is set to cloudVirBr* if network.bridge.name.schema is set to 3.0 in /etc/cloudstack/agent/agent.properties, but the actual bridge name is breth*-* after running cloudstack-agent-upgrade. (2) all ports of vms (Basic zone, or Advanced zone with security groups) on old hosts are open, because the iptables rules are binding to device (bridge) name which is changed by cloudstack-agent-upgrade. After this, the KVM upgrade steps : a. Install 4.2 cloudstack agent on each kvm host b. Run "cloudstack-agent-upgrade". This script will upgrade all the existing bridge name to new bridge name, and update related firewall rules. c. install a libvirt hook: c1. mkdir /etc/libvirt/hooks c2. cp /usr/share/cloudstack-agent/lib/libvirtqemuhook /etc/libvirt/hooks/qemu c3. chmod +x /etc/libvirt/hooks/qemu c4. service libvirtd restart c5. service cloudstack-agent restart Signed-off-by: Wei Zhou <w.z...@leaseweb.com> - ASF Subversion and Git Services On Sept. 9, 2013, 8:09 a.m., Wei Zhou wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/13992/ > ----------------------------------------------------------- > > (Updated Sept. 9, 2013, 8:09 a.m.) > > > Review request for cloudstack and edison su. > > > Bugs: CLOUDSTACK-4405 > > > Repository: cloudstack-git > > > Description > ------- > > There still exist two issues after Edison's commits. > (1) Migration from new hosts to old hosts failed. > The bridge name on old host is set to cloudVirBr* if > network.bridge.name.schema is set to 3.0 in > /etc/cloudstack/agent/agent.properties, but the actual bridge name is > breth*-* after running cloudstack-agent-upgrade. > > (2) all ports of vms (Basic zone, or Advanced zone with security groups) on > old hosts are open, because the iptables rules are binding to device (bridge) > name which is changed by cloudstack-agent-upgrade. > > > Diffs > ----- > > agent/bindir/cloudstack-agent-upgrade.in 4972d39 > debian/cloudstack-agent.postinst 499ae6a > debian/rules 5e3d58c > packaging/centos63/cloud.spec 2b814f8 > > plugins/hypervisors/kvm/src/com/cloud/hypervisor/kvm/resource/BridgeVifDriver.java > e3779a7 > scripts/vm/network/security_group.py 0ac8b74 > > Diff: https://reviews.apache.org/r/13992/diff/ > > > Testing > ------- > > tested ok on my environment. > > After this, the KVM upgrade steps : > a. Install 4.2 cloudstack agent on each kvm host > b. Run "cloudstack-agent-upgrade". This script will upgrade all the existing > bridge name to new bridge name, and update related firewall rules. > c. install a libvirt hook: > c1. mkdir /etc/libvirt/hooks > c2. cp /usr/share/cloudstack-agent/lib/libvirtqemuhook > /etc/libvirt/hooks/qemu > c3. chmod +x /etc/libvirt/hooks/qemu > c4. service libvirtd restart > c5. service cloudstack-agent restart > > > Thanks, > > Wei Zhou > >
