Versions Compared

Old Version 4

changes.mady.by.user Dingane Hlaluku

Saved on

compared with

New Version 5

changes.mady.by.user Dingane Hlaluku

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

%3Ccontroller%20type%3D%27usb%27%20index%3D%271%27%20model%3D%27ehci%27%3E%3C%2Fcontroller%3E


A configurable global config 'additional.vm.configuration.black.list.kvm' is available for Root admin to specify a list options that are disallowed with this feature.

  • Default values are; 'name, uuid, memory, currentMemory'

The keys in the blacklisted commands are used to validate the tags from the user passed XML as extraconfig data. Any tag/element that is found with the name in the blacklist of commands will result to an Exception.

e.g. <name>my vm </name> or <memory unit="KiB">262144</memory> or <currentMemory unit="KiB">262144</currentMemory> will throw an exception by default because this type of XML tags have been blacklisted.



  • XenServer

Similar for this hypervisor, the primary configuration file of the guest VM is built by CloudStack, therefor, the additional metadata will also be parsed and append to the builder.

For XenServer, functionality has only been added to only support the 'vm-param'set' option for 'xe' command and the full list of options is available here xe-full-command-list

Example: Following commands are used to convert a VM from HVM to PV;

...

vm-param-set%20PV-bootloader%3Dpygrub%0Avm-param-set%20PV-args%3Dhvc0%0Avm-param-set%20HVM-boot-policy%3D

  • A configurable global config 'additional.vm.configuration.black.list.xenserver' is available for Root admin to specify a list of 'vm-param-set' options that are disallowed with this feature.
    • Default values are; 'name-label, is-a-template, memory-static-max'

The algorithm for XenServer does the following checks;

  1. Is the command option passed 'vm-param-set' and throws a CloudRuntimeException otherwise. Please not that this check is case sensitive and requires 'vm-param-set' to types as is.
  2. The next algorithm checks if passed command contains any of the items from the blacklisted commands and throws a CloudRountimeException if true. This check is case insensitive. (e.x. vm-param-set is-a-template=true will throw an Exception since 'is-a-template' is blacklisted by default).


  • VMware

Similar for this hypervisor, the primary configuration file of the guest VM is built by CloudStack, therefor, the additional metadata will also be parsed and append to the VMX file builder.

...

        hypervisor.cpuid.v0%3DFALSE

  • A configurable global config 'additional.vm.configuration.black.list.vmware' is available for Root admin to specify a list options that are disallowed with this feature.
    • Default values are; 'guestOS, displayName, virtualHW.version, migrate.hostLog, nvram'

The configuration passed is parsed as key/value pair and every key is validated against against the blacklisted commands set by Root admin. An Exception is thrown if an invalid key is found.


Admin users will be allowed to use this feature with very few restrictions, whilst normal users will be constrained to several restrictions that are controlled by the admin.

...

The ‘deployVirtualMachine’ , and (updateVirtualMachines) API commands are refactored to include a new parameter ‘extraconfig’. This parameter will accept the URL encoded string and CloudStack will store in the 'user_vm_details' under the key 'extraconfig'.

Global configuration settings are added with Account scope  in the Service Layer for the admin user to allow and control passing of additional data;

  • A Boolean setting to allow sending of additional data from the API. This config is not dynamic and requires a restart of the CloudStack management server in order for changes to take effect. This setting is added with Account scope.
    • 'enable.additional.vm.configuration'. False by default


  • 3 new settings A new setting with a list of options that are not allowed to passed as additional data. The admin user will populate this setting with a list of tags/commands that will be used for validating against user supplied additional configuration. All this settings are dynamic and should not requires a restart of the CloudStack management server in order for changes to take effect. Please note that this are only available as global settings for the Root admin only.
    • 'additional.vm.configuration.black.list.kvm'
    • 'additional.vm.configuration.black.list.xenserver'
    • 'additional.vm.configuration.black.list.vmware'


UserVmManageImpl class is refactored to include the new Boolean configuration setting to allow/disallow passing of additional data during VM deployment/updating,  and stores the data in the 'user_vm_details' table.

...