diff --git a/dicos/29_one-master.xml b/dicos/29_one-master.xml
index 94807fe..0e6bdd0 100644
--- a/dicos/29_one-master.xml
+++ b/dicos/29_one-master.xml
@@ -4,7 +4,7 @@
-
+
opennebula
diff --git a/tmpl/OpenNebulaNetwork.conf b/tmpl/OpenNebulaNetwork.conf
index b0aefed..3ab10a6 100644
--- a/tmpl/OpenNebulaNetwork.conf
+++ b/tmpl/OpenNebulaNetwork.conf
@@ -1,5 +1,5 @@
# -------------------------------------------------------------------------- #
-# Copyright 2002-2017, OpenNebula Project, OpenNebula Systems #
+# Copyright 2002-2018, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
@@ -23,6 +23,7 @@
#
# CONF="vxlan_mc=239.0.100.0,test=false,validate_vlan_id=true"
# BRIDGE_CONF="sethello=6"
+# OVS_BRIDGE_CONF="stp_enable=true"
# IP_LINK_CONF="tos=10,udpcsum=,udp6zerocsumrx=__delete__"
#
# Options can have empty value when they don't need a parameter. Also the
@@ -61,11 +62,20 @@
# Default MTU for the VXLAN interface
:vxlan_mtu: 1500
+################################################################################
+# Security Group Options
+################################################################################
+
+# Maximal number of entries in the IP set
+:ipset_maxelem: 65536
################################################################################
# Bridge and Interface Creation Options
################################################################################
+# Don't delete bridge with no virtual interfaces left
+:keep_empty_bridge: false
+
# These options will execute brctl commands with these values. For example,
# this option will execute:
#
@@ -75,6 +85,15 @@
# :stp: on
+# These options are set on the OvS bridge. For example,
+# this command will be trigged for the following option:
+#
+# ovs-vsctl set-bridge stp_enable=true
+#
+# :ovs_bridge_conf:
+# :stp_enable: true
+
+
# These options will be added to the ip link add command. For example:
#
# sudo ip link add lxcbr0.260 type vxlan id 260 group 239.0.101.4 \
diff --git a/tmpl/ldap_auth.conf b/tmpl/ldap_auth.conf
index 6e64e70..3269ee4 100644
--- a/tmpl/ldap_auth.conf
+++ b/tmpl/ldap_auth.conf
@@ -1,5 +1,5 @@
# ---------------------------------------------------------------------------- #
-# Copyright 2002-2017, OpenNebula Project, OpenNebula Systems #
+# Copyright 2002-2018, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
@@ -49,7 +49,7 @@ server 1:
# field name for group membership, by default it is 'member'
#:group_field: 'member'
- # user field that that is in in the group group_field, if not set 'dn' will be used
+ # user field that is in the group group_field, if not set 'dn' will be used
#:user_group_field: 'dn'
# Generate mapping file from group template info
diff --git a/tmpl/oned.conf b/tmpl/oned.conf
index 575d6de..4ae093f 100644
--- a/tmpl/oned.conf
+++ b/tmpl/oned.conf
@@ -38,6 +38,7 @@
# user : (mysql) user's MySQL login ID
# passwd : (mysql) the password for user
# db_name : (mysql) the database name
+# connections: (mysql) number of max. connections to mysql server
#
# VNC_PORTS: VNC port pool for automatic VNC port assignment, if possible the
# port will be set to ``START`` + ``VMID``
@@ -87,7 +88,8 @@ DB = [ BACKEND = "sqlite" ]
# PORT = 0,
# USER = "oneadmin",
# PASSWD = "oneadmin",
-# DB_NAME = "opennebula" ]
+# DB_NAME = "opennebula",
+# CONNECTIONS = 50 ]
VNC_PORTS = [
START = 5900
@@ -118,6 +120,7 @@ VNC_PORTS = [
#
#
# RAFT: Algorithm attributes
+# LIMIT_PURGE: Number of logs that will be deleted on each purge.
# LOG_RETENTION: Number of DB log records kept, it determines the
# synchronization window across servers and extra storage space needed.
# LOG_PURGE_TIMEOUT: How often applied records are purged according the log
@@ -153,11 +156,12 @@ FEDERATION = [
]
RAFT = [
+ LIMIT_PURGE = 100000,
LOG_RETENTION = 500000,
LOG_PURGE_TIMEOUT = 600,
ELECTION_TIMEOUT_MS = 2500,
BROADCAST_TIMEOUT_MS = 500,
- XMLRPC_TIMEOUT_MS = 2000
+ XMLRPC_TIMEOUT_MS = 450
]
# Executed when a server transits from follower->leader
@@ -218,7 +222,8 @@ DEFAULT_COST = [
# %m -- method name
# %u -- user id
# %U -- user name
-# %l -- param list
+# %l[number] -- param list and number of characters (optional) to print
+# each parameter, default is 20. Example: %l300
# %p -- user password
# %g -- group id
# %G -- group name
@@ -233,7 +238,7 @@ DEFAULT_COST = [
#TIMEOUT = 15
#RPC_LOG = NO
#MESSAGE_SIZE = 1073741824
-#LOG_CALL_FORMAT = "Req:%i UID:%u %m invoked %l"
+#LOG_CALL_FORMAT = "Req:%i UID:%u %m invoked %l20"
#*******************************************************************************
# Physical Networks configuration
@@ -368,7 +373,7 @@ IM_MAD = [
NAME = "kvm",
SUNSTONE_NAME = "KVM",
EXECUTABLE = "one_im_ssh",
- ARGUMENTS = "-r 3 -t 15 kvm" ]
+ ARGUMENTS = "-r 3 -t 15 -w 90 kvm" ]
#-------------------------------------------------------------------------------
#-------------------------------------------------------------------------------
@@ -381,7 +386,7 @@ IM_MAD = [
# NAME = "kvm",
# SUNSTONE_NAME = "kvm-ssh",
# EXECUTABLE = "one_im_ssh",
-# ARGUMENTS = "-r 3 -t 15 kvm-probes" ]
+# ARGUMENTS = "-r 3 -t 15 -w 90 kvm-probes" ]
#-------------------------------------------------------------------------------
#-------------------------------------------------------------------------------
@@ -423,6 +428,18 @@ IM_MAD = [
# ARGUMENTS = "-c -t 1 -r 0 az" ]
#-------------------------------------------------------------------------------
+#-------------------------------------------------------------------------------
+# Hybrid OpenNebula Information Driver Manager Configuration
+# -r number of retries when monitoring a host
+# -t number of threads, i.e. number of hosts monitored at the same time
+#-------------------------------------------------------------------------------
+# IM_MAD = [
+# NAME = "one",
+# SUNSTONE_NAME = "OpenNebula",
+# EXECUTABLE = "one_im_sh",
+# ARGUMENTS = "-c -t 1 -r 0 one" ]
+#-------------------------------------------------------------------------------
+
#-------------------------------------------------------------------------------
# Dummy Information Driver Manager Configuration
#-------------------------------------------------------------------------------
@@ -532,7 +549,7 @@ VM_MAD = [
IMPORTED_VMS_ACTIONS = "terminate, terminate-hard, hold, release, suspend,
resume, delete, reboot, reboot-hard, resched, unresched, poweroff,
poweroff-hard, disk-attach, disk-detach, nic-attach, nic-detach,
- snap-create, snap-delete"
+ snap-create, snap-delete, migrate, live-migrate"
]
#-------------------------------------------------------------------------------
@@ -577,6 +594,25 @@ VM_MAD = [
#]
#-------------------------------------------------------------------------------
+#-------------------------------------------------------------------------------
+# Hybrid OpenNebula Virtualization Driver Manager Configuration
+# -r number of retries when monitoring a host
+# -t number of threads, i.e. number of actions performed at the same time
+#-------------------------------------------------------------------------------
+# VM_MAD = [
+# NAME = "one",
+# SUNSTONE_NAME = "OpenNebula",
+# EXECUTABLE = "one_vmm_sh",
+# ARGUMENTS = "-t 15 -r 0 one",
+# TYPE = "xml",
+# KEEP_SNAPSHOTS = "no",
+# IMPORTED_VMS_ACTIONS = "terminate, terminate-hard, hold, release, suspend,
+# resume, delete, reboot, reboot-hard, resched, unresched, poweroff,
+# poweroff-hard"
+# ]
+#-------------------------------------------------------------------------------
+
+
#-------------------------------------------------------------------------------
# Dummy Virtualization Driver Configuration
#-------------------------------------------------------------------------------
@@ -1003,6 +1039,57 @@ VM_MANAGE_OPERATIONS = "undeploy, hold, release, stop, suspend, resume, reboot,
VM_USE_OPERATIONS = ""
+#*******************************************************************************
+# Default Permissions for VDC ACL rules
+#*******************************************************************************
+# Default ACL rules created when resource is added to a VDC. The following
+# attributes configures the permissions granted to the VDC group for each
+# resource types:
+# DEFAULT_VDC_HOST_ACL: permissions granted on hosts added to a VDC.
+# DEFAULT_VDC_NET_ACL: permissions granted on vnets added to a VDC.
+# DEFAULT_VDC_DATASTORE_ACL: permissions granted on datastores to a VDC.
+#
+# DEFAULT_VDC_CLUSTER_HOST_ACL: permissions granted to cluster hosts when a
+# cluster is added to the VDC.
+# DEFAULT_VDC_CLUSTER_NET_ACL: permissions granted to cluster vnets when a
+# cluster is added to the VDC.
+# DEFAULT_VDC_CLUSTER_DATASTORE_ACL: permissions granted to cluster datastores
+# when a cluster is added to the VDC.
+#
+# When defining the permissions you can use "" or "-" to not add any rule to
+# that specific resource. Also you can combine several permissions with "+",
+# for exampl "MANAGE+USE". Valid permissions are USE, MANAGE or ADMIN.
+#
+# Example:
+# DEFAULT_VDC_HOST_ACL = "MANAGE"
+# Adds @ HOST/# MANAGE # when a host is added to the VDC,
+# eg. onevdc addhost
+#
+# DEFAULT_VDC_VNET_ACL = "USE"
+# Adds @ NET/# USE # when a vnet is added to the VDC,
+# eg. onevdc addvnet
+#
+# DEFAULT_VDC_DATASTORE_ACL = "USE"
+# Adds @ DATASTORE/# USE # when a vnet is added to the VDC,
+# eg. onevdc adddatastore
+#
+# DEFAULT_VDC_CLUSTER_HOST_ACL = "MANAGE"
+# DEFAULT_VDC_CLUSTER_NET_ACL = "USE"
+# DEFAULT_VDC_CLUSTER_DATASTORE_ACL = "USE"
+# Adds:
+# @ HOST/% MANAGE #
+# @ DATASTORE+NET/% USE #
+# when a cluster is added to the VDC, e.g. onevdc addcluster
+#*******************************************************************************
+
+DEFAULT_VDC_HOST_ACL = "MANAGE"
+DEFAULT_VDC_VNET_ACL = "USE"
+DEFAULT_VDC_DATASTORE_ACL = "USE"
+
+DEFAULT_VDC_CLUSTER_HOST_ACL = "MANAGE"
+DEFAULT_VDC_CLUSTER_NET_ACL = "USE"
+DEFAULT_VDC_CLUSTER_DATASTORE_ACL = "USE"
+
#*******************************************************************************
# Restricted Attributes Configuration
#*******************************************************************************
@@ -1013,31 +1100,43 @@ VM_RESTRICTED_ATTR = "CONTEXT/FILES"
VM_RESTRICTED_ATTR = "NIC/MAC"
VM_RESTRICTED_ATTR = "NIC/VLAN_ID"
VM_RESTRICTED_ATTR = "NIC/BRIDGE"
-#VM_RESTRICTED_ATTR = "NIC/INBOUND_AVG_BW"
-#VM_RESTRICTED_ATTR = "NIC/INBOUND_PEAK_BW"
-#VM_RESTRICTED_ATTR = "NIC/INBOUND_PEAK_KB"
-#VM_RESTRICTED_ATTR = "NIC/OUTBOUND_AVG_BW"
-#VM_RESTRICTED_ATTR = "NIC/OUTBOUND_PEAK_BW"
-#VM_RESTRICTED_ATTR = "NIC/OUTBOUND_PEAK_KB"
-#VM_RESTRICTED_ATTR = "NIC/OPENNEBULA_MANAGED"
-#VM_RESTRICTED_ATTR = "NIC/VCENTER_INSTANCE_ID"
-#VM_RESTRICTED_ATTR = "NIC/VCENTER_NET_REF"
-#VM_RESTRICTED_ATTR = "NIC/VCENTER_PORTGROUP_TYPE"
+VM_RESTRICTED_ATTR = "NIC/INBOUND_AVG_BW"
+VM_RESTRICTED_ATTR = "NIC/INBOUND_PEAK_BW"
+VM_RESTRICTED_ATTR = "NIC/INBOUND_PEAK_KB"
+VM_RESTRICTED_ATTR = "NIC/OUTBOUND_AVG_BW"
+VM_RESTRICTED_ATTR = "NIC/OUTBOUND_PEAK_BW"
+VM_RESTRICTED_ATTR = "NIC/OUTBOUND_PEAK_KB"
+VM_RESTRICTED_ATTR = "NIC/OPENNEBULA_MANAGED"
+VM_RESTRICTED_ATTR = "NIC/VCENTER_INSTANCE_ID"
+VM_RESTRICTED_ATTR = "NIC/VCENTER_NET_REF"
+VM_RESTRICTED_ATTR = "NIC/VCENTER_PORTGROUP_TYPE"
VM_RESTRICTED_ATTR = "NIC_DEFAULT/MAC"
VM_RESTRICTED_ATTR = "NIC_DEFAULT/VLAN_ID"
VM_RESTRICTED_ATTR = "NIC_DEFAULT/BRIDGE"
-#VM_RESTRICTED_ATTR = "DISK/TOTAL_BYTES_SEC"
-#VM_RESTRICTED_ATTR = "DISK/READ_BYTES_SEC"
-#VM_RESTRICTED_ATTR = "DISK/WRITE_BYTES_SEC"
-#VM_RESTRICTED_ATTR = "DISK/TOTAL_IOPS_SEC"
-#VM_RESTRICTED_ATTR = "DISK/READ_IOPS_SEC"
-#VM_RESTRICTED_ATTR = "DISK/WRITE_IOPS_SEC"
-#VM_RESTRICTED_ATTR = "DISK/OPENNEBULA_MANAGED"
-#VM_RESTRICTED_ATTR = "DISK/VCENTER_DS_REF"
-#VM_RESTRICTED_ATTR = "DISK/VCENTER_INSTANCE_ID"
+VM_RESTRICTED_ATTR = "DISK/TOTAL_BYTES_SEC"
+VM_RESTRICTED_ATTR = "DISK/TOTAL_BYTES_SEC_MAX_LENGTH"
+VM_RESTRICTED_ATTR = "DISK/TOTAL_BYTES_SEC_MAX"
+VM_RESTRICTED_ATTR = "DISK/READ_BYTES_SEC"
+VM_RESTRICTED_ATTR = "DISK/READ_BYTES_SEC_MAX_LENGTH"
+VM_RESTRICTED_ATTR = "DISK/READ_BYTES_SEC_MAX"
+VM_RESTRICTED_ATTR = "DISK/WRITE_BYTES_SEC"
+VM_RESTRICTED_ATTR = "DISK/WRITE_BYTES_SEC_MAX_LENGTH"
+VM_RESTRICTED_ATTR = "DISK/WRITE_BYTES_SEC_MAX"
+VM_RESTRICTED_ATTR = "DISK/TOTAL_IOPS_SEC"
+VM_RESTRICTED_ATTR = "DISK/TOTAL_IOPS_SEC_MAX_LENGTH"
+VM_RESTRICTED_ATTR = "DISK/TOTAL_IOPS_SEC_MAX"
+VM_RESTRICTED_ATTR = "DISK/READ_IOPS_SEC"
+VM_RESTRICTED_ATTR = "DISK/READ_IOPS_SEC_MAX_LENGTH"
+VM_RESTRICTED_ATTR = "DISK/READ_IOPS_SEC_MAX"
+VM_RESTRICTED_ATTR = "DISK/WRITE_IOPS_SEC"
+VM_RESTRICTED_ATTR = "DISK/WRITE_IOPS_SEC_MAX_LENGTH"
+VM_RESTRICTED_ATTR = "DISK/WRITE_IOPS_SEC_MAX"
+VM_RESTRICTED_ATTR = "DISK/OPENNEBULA_MANAGED"
+VM_RESTRICTED_ATTR = "DISK/VCENTER_DS_REF"
+VM_RESTRICTED_ATTR = "DISK/VCENTER_INSTANCE_ID"
#VM_RESTRICTED_ATTR = "DISK/SIZE"
-#VM_RESTRICTED_ATTR = "DISK/ORIGINAL_SIZE"
-#VM_RESTRICTED_ATTR = "DISK/SIZE_PREV"
+VM_RESTRICTED_ATTR = "DISK/ORIGINAL_SIZE"
+VM_RESTRICTED_ATTR = "DISK/SIZE_PREV"
VM_RESTRICTED_ATTR = "CPU_COST"
VM_RESTRICTED_ATTR = "MEMORY_COST"
VM_RESTRICTED_ATTR = "DISK_COST"
@@ -1045,10 +1144,10 @@ VM_RESTRICTED_ATTR = "PCI"
VM_RESTRICTED_ATTR = "EMULATOR"
VM_RESTRICTED_ATTR = "RAW"
VM_RESTRICTED_ATTR = "USER_PRIORITY"
-#VM_RESTRICTED_ATTR = "USER_INPUTS/CPU"
-#VM_RESTRICTED_ATTR = "USER_INPUTS/MEMORY"
-#VM_RESTRICTED_ATTR = "USER_INPUTS/VCPU"
-#VM_RESTRICTED_ATTR = "TEMPLATE/VCENTER_VM_FOLDER"
+VM_RESTRICTED_ATTR = "USER_INPUTS/CPU"
+VM_RESTRICTED_ATTR = "USER_INPUTS/MEMORY"
+VM_RESTRICTED_ATTR = "USER_INPUTS/VCPU"
+VM_RESTRICTED_ATTR = "VCENTER_VM_FOLDER"
#VM_RESTRICTED_ATTR = "RANK"
#VM_RESTRICTED_ATTR = "SCHED_RANK"
@@ -1056,7 +1155,7 @@ VM_RESTRICTED_ATTR = "USER_PRIORITY"
#VM_RESTRICTED_ATTR = "SCHED_REQUIREMENTS"
IMAGE_RESTRICTED_ATTR = "SOURCE"
-#IMAGE_RESTRICTED_ATTR = "TEMPLATE/VCENTER_IMPORTED"
+IMAGE_RESTRICTED_ATTR = "VCENTER_IMPORTED"
#*******************************************************************************
# The following restricted attributes only apply to VNets that are a reservation.
@@ -1069,6 +1168,7 @@ VNET_RESTRICTED_ATTR = "VLAN_ID"
VNET_RESTRICTED_ATTR = "BRIDGE"
VNET_RESTRICTED_ATTR = "CONF"
VNET_RESTRICTED_ATTR = "BRIDGE_CONF"
+VNET_RESTRICTED_ATTR = "OVS_BRIDGE_CONF"
VNET_RESTRICTED_ATTR = "IP_LINK_CONF"
VNET_RESTRICTED_ATTR = "AR/VN_MAD"
@@ -1142,6 +1242,7 @@ INHERIT_VNET_ATTR = "OUTBOUND_PEAK_BW"
INHERIT_VNET_ATTR = "OUTBOUND_PEAK_KB"
INHERIT_VNET_ATTR = "CONF"
INHERIT_VNET_ATTR = "BRIDGE_CONF"
+INHERIT_VNET_ATTR = "OVS_BRIDGE_CONF"
INHERIT_VNET_ATTR = "IP_LINK_CONF"
INHERIT_VNET_ATTR = "VCENTER_NET_REF"
@@ -1187,7 +1288,8 @@ TM_MAD_CONF = [
TM_MAD_CONF = [
NAME = "shared", LN_TARGET = "NONE", CLONE_TARGET = "SYSTEM", SHARED = "YES",
- DS_MIGRATE = "YES"
+ DS_MIGRATE = "YES", TM_MAD_SYSTEM = "ssh", LN_TARGET_SSH = "SYSTEM",
+ CLONE_TARGET_SSH = "SYSTEM", DISK_TYPE_SSH = "FILE"
]
TM_MAD_CONF = [
@@ -1207,7 +1309,8 @@ TM_MAD_CONF = [
TM_MAD_CONF = [
NAME = "ceph", LN_TARGET = "NONE", CLONE_TARGET = "SELF", SHARED = "YES",
- DS_MIGRATE = "NO", DRIVER = "raw", ALLOW_ORPHANS="yes"
+ DS_MIGRATE = "NO", DRIVER = "raw", ALLOW_ORPHANS="yes", TM_MAD_SYSTEM = "ssh",
+ LN_TARGET_SSH = "SYSTEM", CLONE_TARGET_SSH = "SYSTEM", DISK_TYPE_SSH = "FILE"
]
TM_MAD_CONF = [
@@ -1269,7 +1372,7 @@ DS_MAD_CONF = [
DS_MAD_CONF = [
NAME = "vcenter",
- REQUIRED_ATTRS = "VCENTER_INSTANCE_ID, VCENTER_DS_REF, VCENTER_DC_REF",
+ REQUIRED_ATTRS = "VCENTER_INSTANCE_ID,VCENTER_DS_REF,VCENTER_DC_REF",
PERSISTENT_ONLY = "NO",
MARKETPLACE_ACTIONS = "export"
]
@@ -1377,3 +1480,4 @@ AUTH_MAD_CONF = [
DRIVER_MANAGED_GROUPS = "NO",
MAX_TOKEN_TIME = "-1"
]
+
diff --git a/tmpl/vmm_exec_kvm.conf b/tmpl/vmm_exec_kvm.conf
index 0bbbdb7..e856119 100644
--- a/tmpl/vmm_exec_kvm.conf
+++ b/tmpl/vmm_exec_kvm.conf
@@ -1,5 +1,5 @@
# -------------------------------------------------------------------------- #
-# Copyright 2002-2017, OpenNebula Project, OpenNebula Systems #
+# Copyright 2002-2018, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
@@ -35,18 +35,7 @@ OS = [ arch = "x86_64" ]
FEATURES = [ PAE = "no", ACPI = "yes", APIC = "no", HYPERV = "no", GUEST_AGENT = "no",
VIRTIO_SCSI_QUEUES = "0" ]
-%if %%getVar('activer_onesinglenode','non') == 'oui'
- %if %%getVar('one_disk_cache','non') == 'oui'
-DISK = [ driver = "qcow2" , cache = "writeback", DEV_PREFIX="vd" ]
- %else
-DISK = [ driver = "qcow2" , cache = "none", DEV_PREFIX="vd" ]
- %end if
- %if %%getVar('one_video_driver', False)
-RAW = ""
- %end if
-%end if
-
-NIC = [ model = "virtio" ]
+DISK = [ driver = "raw" , cache = "none"]
#NIC = [ filter = "clean-traffic", model="virtio" ]
#RAW = ""