-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade to JRE17 and Upgrade System VMs/VRs to Python3 and Debian 12 #8497
Conversation
for f in `find systemvm/ -name *.py`;do if grep "print " $f >/dev/null;then 2to3-2.7 -w $f else 2to3-2.7 -p -w $f fi done
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
``` root@r-1037-VM:~# /opt/cloud/bin/passwd_server_ip.py 10.1.1.1 Traceback (most recent call last): File "/opt/cloud/bin/passwd_server_ip.py", line 201, in <module> serve() File "/opt/cloud/bin/passwd_server_ip.py", line 187, in serve initToken() File "/opt/cloud/bin/passwd_server_ip.py", line 60, in initToken f.write(secureToken) TypeError: write() argument must be str, not bytes root@r-1037-VM:~# ```
``` root@r-1037-VM:~# /opt/cloud/bin/passwd_server_ip.py 10.1.1.1 Traceback (most recent call last): File "/opt/cloud/bin/passwd_server_ip.py", line 201, in <module> serve() File "/opt/cloud/bin/passwd_server_ip.py", line 188, in serve loadPasswordFile() File "/opt/cloud/bin/passwd_server_ip.py", line 67, in loadPasswordFile with file(getPasswordFile()) as f: NameError: name 'file' is not defined ```
@blueorangutan package |
@weizhouapache a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress. |
Codecov ReportAttention:
Additional details and impacted files@@ Coverage Diff @@
## main #8497 +/- ##
============================================
+ Coverage 30.90% 30.99% +0.08%
- Complexity 33382 33491 +109
============================================
Files 5355 5355
Lines 375727 375729 +2
Branches 54915 54916 +1
============================================
+ Hits 116109 116444 +335
+ Misses 244219 243822 -397
- Partials 15399 15463 +64
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
Packaging result [SF]: ✔️ el7 ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 8288 |
@blueorangutan test |
@DaanHoogland a [SL] Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests |
@DaanHoogland
|
@weizhouapache a [SL] Trillian-Jenkins test job (ubuntu22 mgmt + kvm-ubuntu22) has been kicked to run smoke tests |
[SF] Trillian test result (tid-9291)
|
[SF] Trillian test result (tid-9290)
|
[SF] Trillian test result (tid-9292)
|
@blueorangutan test rocky8 vmware-80u1 |
@weizhouapache a [SL] Trillian-Jenkins test job (rocky8 mgmt + vmware-80u1) has been kicked to run smoke tests |
@blueorangutan test rocky8 vmware-80u1 |
@weizhouapache a [SL] Trillian-Jenkins test job (rocky8 mgmt + vmware-80u1) has been kicked to run smoke tests |
bcc0707
to
05d030c
Compare
@blueorangutan package |
@borisstoyanov a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress. |
Packaging result [SF]: ✔️ el7 ✔️ el8 ✔️ el9 ✔️ debian ✔️ suse15. SL-JID 8723 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
clgtm mostly python compatible changes, but extensive regression testing needed anyway
if (data != null) { | ||
def hypervisor = template.tokenize('-')[-1] | ||
pom.properties["$hypervisor" + ".checksum"] = data[0].tokenize(' ')[0] | ||
if (data.size() > 0) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
these can be one compound condition
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I tried it at the beginning, unfortunately it did not work...
It uses XML, not Java.
@@ -50,7 +50,7 @@ | |||
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> | |||
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding> | |||
<project.systemvm.template.location>https://download.cloudstack.org/systemvm</project.systemvm.template.location> | |||
<project.systemvm.template.version>4.19.0.0</project.systemvm.template.version> | |||
<project.systemvm.template.version>4.20.0.0</project.systemvm.template.version> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
maybe (pending vote) should we go for
<project.systemvm.template.version>4.20.0.0</project.systemvm.template.version> | |
<project.systemvm.template.version>20.0.0</project.systemvm.template.version> |
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We need to make lots of other changes for 4.20.0 -> 20.0. It can be a separated PR.
For now, let it be consistent with the version in pom.xml
[SF] Trillian test result (tid-9305)
|
[SF] Trillian test result (tid-9309)
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
This PR has been tested well by the author and QA. When it is merged, the new systemvm template will be uploaded to https://download.cloudstack.org/systemvm/ |
LGTM - This is ready for merging now - but let's wait until early next week if anybody has any further remarks. While this is largely maintenance work, smoketests and manual tests were done - one big implication will be that VRs will consume 2x more RAM then they were using earlier. I'm hoping for most users this would be manageable. pinging some random active/diverse set of folks cc @GutoVeronezi @JoaoJandre @mlsorensen @wido @andrijapanicsb @alexandremattioli @NuxRo @rajujith @DaanHoogland @rp- @slavkap @hrak @SadiJr @kiwiflyer @pdion891 @soreana @svenvogel |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The changes seem ok; any situation we might be missing can be handled later.
As this PR also changes integration tests, it would be good to add it to the PR's description.
from http.server import BaseHTTPRequestHandler, HTTPServer | ||
from socketserver import ThreadingMixIn #, ForkingMixIn |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
from http.server import BaseHTTPRequestHandler, HTTPServer | |
from socketserver import ThreadingMixIn #, ForkingMixIn | |
from http.server import BaseHTTPRequestHandler, HTTPServer | |
from socketserver import ThreadingMixIn #, ForkingMixIn |
thanks @GutoVeronezi for the review. I will apply your suggestion on passwd_server_ip.py in a followup PR |
Thanks all - agree with the approach, it's still main branch and months away from release - if we find anything we can add in as required. Merging on this comment. |
…pache#8497) * Update to 4.20.0 * Update to python3 * Upgrade to JRE 17 * Upgrade to Debian 12.4.0 * VR: upgrade to python3 for f in `find systemvm/ -name *.py`;do if grep "print " $f >/dev/null;then 2to3-2.7 -w $f else 2to3-2.7 -p -w $f fi done * java: Use JRE17 in cloudstack packages and systemvmtemplate Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com> * Add --add-opens to JAVA_OPTS in systemd config * Add --add-opens to JAVA_OPTS in systemd config for usage * python3: fix "TypeError: a bytes-like object is required, not 'str'" * python3: fix "ValueError: must have exactly one of create/read/write/append mode" * Add --add-exports=java.base/sun.security.x509=ALL-UNNAMED for management server * Use pip3 instead of pip for centos8 * python3: fix "TypeError: write() argument must be str, not bytes" ``` root@r-1037-VM:~# /opt/cloud/bin/passwd_server_ip.py 10.1.1.1 Traceback (most recent call last): File "/opt/cloud/bin/passwd_server_ip.py", line 201, in <module> serve() File "/opt/cloud/bin/passwd_server_ip.py", line 187, in serve initToken() File "/opt/cloud/bin/passwd_server_ip.py", line 60, in initToken f.write(secureToken) TypeError: write() argument must be str, not bytes root@r-1037-VM:~# ``` * Python3: fix "name 'file' is not defined" ``` root@r-1037-VM:~# /opt/cloud/bin/passwd_server_ip.py 10.1.1.1 Traceback (most recent call last): File "/opt/cloud/bin/passwd_server_ip.py", line 201, in <module> serve() File "/opt/cloud/bin/passwd_server_ip.py", line 188, in serve loadPasswordFile() File "/opt/cloud/bin/passwd_server_ip.py", line 67, in loadPasswordFile with file(getPasswordFile()) as f: NameError: name 'file' is not defined ``` * python3: fix "TypeError: write() argument must be str, not bytes" (two more files) * Upgrade jaxb version * python3: fix more "TypeError: a bytes-like object is required, not str" * python3: fix "Failed to update password server" Failed to update password server due to: POST data should be bytes, an iterable of bytes, or a file object. It cannot be of type str. * python3: fix "bad duration value: ikelifetime=24.0h" Jan 15 13:57:20 systemvm ipsec[3080]: # bad duration value: ikelifetime=24.0h * python3: fix password server "invalid save_password token" * test: incease retries in test_vpc_vpn.py * python3: fix passwd_server_ip.py see error below ``` Jan 15 18:51:21 systemvm passwd_server_ip.py[1507]: ---------------------------------------- Jan 15 18:51:21 systemvm passwd_server_ip.py[1507]: Exception occurred during processing of request from ('10.1.1.129', 32782) Jan 15 18:51:21 systemvm passwd_server_ip.py[1507]: Traceback (most recent call last): Jan 15 18:51:21 systemvm passwd_server_ip.py[1507]: File "/usr/lib/python3.9/socketserver.py", line 650, in process_request_thread Jan 15 18:51:21 systemvm passwd_server_ip.py[1507]: self.finish_request(request, client_address) Jan 15 18:51:21 systemvm passwd_server_ip.py[1507]: File "/usr/lib/python3.9/socketserver.py", line 360, in finish_request Jan 15 18:51:21 systemvm passwd_server_ip.py[1507]: self.RequestHandlerClass(request, client_address, self) Jan 15 18:51:21 systemvm passwd_server_ip.py[1507]: File "/usr/lib/python3.9/socketserver.py", line 720, in __init__ Jan 15 18:51:21 systemvm passwd_server_ip.py[1507]: self.handle() Jan 15 18:51:21 systemvm passwd_server_ip.py[1507]: File "/usr/lib/python3.9/http/server.py", line 427, in handle Jan 15 18:51:21 systemvm passwd_server_ip.py[1507]: self.handle_one_request() Jan 15 18:51:21 systemvm passwd_server_ip.py[1507]: File "/usr/lib/python3.9/http/server.py", line 415, in handle_one_request Jan 15 18:51:21 systemvm passwd_server_ip.py[1507]: method() Jan 15 18:51:21 systemvm passwd_server_ip.py[1507]: File "/opt/cloud/bin/passwd_server_ip.py", line 120, in do_GET Jan 15 18:51:21 systemvm passwd_server_ip.py[1507]: self.wfile.write(password) Jan 15 18:51:21 systemvm passwd_server_ip.py[1507]: File "/usr/lib/python3.9/socketserver.py", line 799, in write Jan 15 18:51:21 systemvm passwd_server_ip.py[1507]: self._sock.sendall(b) Jan 15 18:51:21 systemvm passwd_server_ip.py[1507]: TypeError: a bytes-like object is required, not 'str' ``` * python3: fix self.cl.get_router_password in Redundant VRs ``` File "/opt/cloud/bin/cs/CsDatabag.py", line 154, in get_router_password md5.update(passwd) TypeError: Unicode-objects must be encoded before hashing"] ``` * scripts: mark multipath scripts as executable * systemvm template: remove hyperv packages and do not export * VR: update default RAM size of System VMs/VRs to 512MiB Before ``` mysql> select id,name,cpu,speed,ram_size,unique_name,system_use from service_offering where name like "System%"; +----+----------------------------------------------------------+------+-------+----------+----------------------------------+------------+ | id | name | cpu | speed | ram_size | unique_name | system_use | +----+----------------------------------------------------------+------+-------+----------+----------------------------------+------------+ | 3 | System Offering For Software Router | 1 | 500 | 256 | Cloud.Com-SoftwareRouter | 1 | | 4 | System Offering For Software Router - Local Storage | 1 | 500 | 256 | Cloud.Com-SoftwareRouter-Local | 1 | | 5 | System Offering For Internal LB VM | 1 | 256 | 256 | Cloud.Com-InternalLBVm | 1 | | 6 | System Offering For Internal LB VM - Local Storage | 1 | 256 | 256 | Cloud.Com-InternalLBVm-Local | 1 | | 7 | System Offering For Console Proxy | 1 | 500 | 1024 | Cloud.com-ConsoleProxy | 1 | | 8 | System Offering For Console Proxy - Local Storage | 1 | 500 | 1024 | Cloud.com-ConsoleProxy-Local | 1 | | 9 | System Offering For Secondary Storage VM | 1 | 500 | 512 | Cloud.com-SecondaryStorage | 1 | | 10 | System Offering For Secondary Storage VM - Local Storage | 1 | 500 | 512 | Cloud.com-SecondaryStorage-Local | 1 | | 11 | System Offering For Elastic LB VM | 1 | 128 | 128 | Cloud.Com-ElasticLBVm | 1 | | 12 | System Offering For Elastic LB VM - Local Storage | 1 | 128 | 128 | Cloud.Com-ElasticLBVm-Local | 1 | +----+----------------------------------------------------------+------+-------+----------+----------------------------------+------------+ 10 rows in set (0.00 sec) ``` New value ``` mysql> select id,name,cpu,speed,ram_size,unique_name,system_use from service_offering where name like "System%"; +----+----------------------------------------------------------+------+-------+----------+----------------------------------+------------+ | id | name | cpu | speed | ram_size | unique_name | system_use | +----+----------------------------------------------------------+------+-------+----------+----------------------------------+------------+ | 3 | System Offering For Software Router | 1 | 500 | 512 | Cloud.Com-SoftwareRouter | 1 | | 4 | System Offering For Software Router - Local Storage | 1 | 500 | 512 | Cloud.Com-SoftwareRouter-Local | 1 | | 5 | System Offering For Internal LB VM | 1 | 256 | 512 | Cloud.Com-InternalLBVm | 1 | | 6 | System Offering For Internal LB VM - Local Storage | 1 | 256 | 512 | Cloud.Com-InternalLBVm-Local | 1 | | 7 | System Offering For Console Proxy | 1 | 500 | 1024 | Cloud.com-ConsoleProxy | 1 | | 8 | System Offering For Console Proxy - Local Storage | 1 | 500 | 1024 | Cloud.com-ConsoleProxy-Local | 1 | | 9 | System Offering For Secondary Storage VM | 1 | 500 | 512 | Cloud.com-SecondaryStorage | 1 | | 10 | System Offering For Secondary Storage VM - Local Storage | 1 | 500 | 512 | Cloud.com-SecondaryStorage-Local | 1 | | 11 | System Offering For Elastic LB VM | 1 | 128 | 512 | Cloud.Com-ElasticLBVm | 1 | | 12 | System Offering For Elastic LB VM - Local Storage | 1 | 128 | 512 | Cloud.Com-ElasticLBVm-Local | 1 | +----+----------------------------------------------------------+------+-------+----------+----------------------------------+------------+ 10 rows in set (0.01 sec) ``` * debian12: fix test_network_ipv6 and test_vpc_ipv6 * python3: remove duplicated imports * debian12: failed to start Apache2 server (SSLCipherSuite @SECLEVEL=0) error message ``` [Sat Jan 20 22:51:14.595143 2024] [ssl:emerg] [pid 10200:tid 140417063888768] AH02562: Failed to configure certificate cloudinternal.com:443:0 (with chain), check /etc/ssl/certs/cert_apache.crt [Sat Jan 20 22:51:14.595234 2024] [ssl:emerg] [pid 10200:tid 140417063888768] SSL Library Error: error:0A00018E:SSL routines::ca md too weak AH00016: Configuration Failed ``` openssl version ``` root@s-167-VM:~# openssl version -a OpenSSL 3.0.11 19 Sep 2023 (Library: OpenSSL 3.0.11 19 Sep 2023) built on: Mon Oct 23 17:52:22 2023 UTC platform: debian-amd64 options: bn(64,64) compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -fzero-call-used-regs=used-gpr -DOPENSSL_TLS_SECURITY_LEVEL=2 -Wa,--noexecstack -g -O2 -ffile-prefix-map=/build/reproducible-path/openssl-3.0.11=. -fstack-protector-strong -Wformat -Werror=format-security -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_BUILDING_OPENSSL -DNDEBUG -Wdate-time -D_FORTIFY_SOURCE=2 OPENSSLDIR: "/usr/lib/ssl" ENGINESDIR: "/usr/lib/x86_64-linux-gnu/engines-3" MODULESDIR: "/usr/lib/x86_64-linux-gnu/ossl-modules" Seeding source: os-specific CPUINFO: OPENSSL_ia32cap=0x80202001478bfffd:0x0 ``` certificate ``` root@s-167-VM:~# keytool -printcert -rfc -file /usr/local/cloud/systemvm/certs/realhostip.crt -----BEGIN CERTIFICATE----- MIIFZTCCBE2gAwIBAgIHKBCduBUoKDANBgkqhkiG9w0BAQUFADCByjELMAkGA1UE BhMCVVMxEDAOBgNVBAgTB0FyaXpvbmExEzARBgNVBAcTClNjb3R0c2RhbGUxGjAY BgNVBAoTEUdvRGFkZHkuY29tLCBJbmMuMTMwMQYDVQQLEypodHRwOi8vY2VydGlm aWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkxMDAuBgNVBAMTJ0dvIERhZGR5 IFNlY3VyZSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UEBRMIMDc5Njky ODcwHhcNMTIwMjAzMDMzMDQwWhcNMTcwMjA3MDUxMTIzWjBZMRkwFwYDVQQKDBAq LnJlYWxob3N0aXAuY29tMSEwHwYDVQQLDBhEb21haW4gQ29udHJvbCBWYWxpZGF0 ZWQxGTAXBgNVBAMMECoucmVhbGhvc3RpcC5jb20wggEiMA0GCSqGSIb3DQEBAQUA A4IBDwAwggEKAoIBAQCDT9AtEfs+s/I8QXp6rrCw0iNJ0+GgsybNHheU+JpL39LM TZykCrZhZnyDvwdxCoOfE38Sa32baHKNds+y2SHnMNsOkw8OcNucHEBX1FIpOBGp h9D6xC+umx9od6xMWETUv7j6h2u+WC3OhBM8fHCBqIiAol31/IkcqDxxsHlQ8S/o CfTlXJUY6Yn628OA1XijKdRnadV0hZ829cv/PZKljjwQUTyrd0KHQeksBH+YAYSo 2JUl8ekNLsOi8/cPtfojnltzRI1GXi0ZONs8VnDzJ0a2gqZY+uxlz+CGbLnGnlN4 j9cBpE+MfUE+35Dq121sTpsSgF85Mz+pVhn2S633AgMBAAGjggG+MIIBujAPBgNV HRMBAf8EBTADAQEAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAOBgNV HQ8BAf8EBAMCBaAwMwYDVR0fBCwwKjAooCagJIYiaHR0cDovL2NybC5nb2RhZGR5 LmNvbS9nZHMxLTY0LmNybDBTBgNVHSAETDBKMEgGC2CGSAGG/W0BBxcBMDkwNwYI KwYBBQUHAgEWK2h0dHA6Ly9jZXJ0aWZpY2F0ZXMuZ29kYWRkeS5jb20vcmVwb3Np dG9yeS8wgYAGCCsGAQUFBwEBBHQwcjAkBggrBgEFBQcwAYYYaHR0cDovL29jc3Au Z29kYWRkeS5jb20vMEoGCCsGAQUFBzAChj5odHRwOi8vY2VydGlmaWNhdGVzLmdv ZGFkZHkuY29tL3JlcG9zaXRvcnkvZ2RfaW50ZXJtZWRpYXRlLmNydDAfBgNVHSME GDAWgBT9rGEyk2xF1uLuhV+auud2mWjM5zArBgNVHREEJDAighAqLnJlYWxob3N0 aXAuY29tgg5yZWFsaG9zdGlwLmNvbTAdBgNVHQ4EFgQUZyJz9/QLy5TWIIscTXID E8Xk47YwDQYJKoZIhvcNAQEFBQADggEBAKiUV3KK16mP0NpS92fmQkCLqm+qUWyN BfBVgf9/M5pcT8EiTZlS5nAtzAE/eRpBeR3ubLlaAogj4rdH7YYVJcDDLLoB2qM3 qeCHu8LFoblkb93UuFDWqRaVPmMlJRnhsRkL1oa2gM2hwQTkBDkP7w5FG1BELCgl gZI2ij2yxjge6pOEwSyZCzzbCcg9pN+dNrYyGEtB4k+BBnPA3N4r14CWbk+uxjrQ 6j2Ip+b7wOc5IuMEMl8xwTyjuX3lsLbAZyFI9RCyofwA9NqIZ1GeB6Zd196rubQp 93cmBqGGjZUs3wMrGlm7xdjlX6GQ9UvmvkMub9+lL99A5W50QgCmFeI= -----END CERTIFICATE----- Warning: The certificate uses the SHA1withRSA signature algorithm which is considered a security risk. This algorithm will be disabled in a future update. ``` it comes from ``` $ openssl x509 -in ./systemvm/agent/certs/realhostip.crt -noout -text Certificate: Data: Version: 3 (0x2) Serial Number: 11277268652730408 (0x28109db8152828) Signature Algorithm: sha1WithRSAEncryption Issuer: C = US, ST = Arizona, L = Scottsdale, O = "GoDaddy.com, Inc.", OU = http://certificates.godaddy.com/repository, CN = Go Daddy Secure Certification Authority, serialNumber = 07969287 Validity Not Before: Feb 3 03:30:40 2012 GMT Not After : Feb 7 05:11:23 2017 GMT Subject: O = *.realhostip.com, OU = Domain Control Validated, CN = *.realhostip.com ``` * debian12: use ed25519 instead of rsa as ssh-rsa has been deprecated in OpenSSH on xenserver ``` [root@pr8497-t8906-xenserver-71-xs2 ~]# ssh -i .ssh/id_rsa.cloud -p 3922 169.254.214.153 Warning: Permanently added '[169.254.214.153]:3922' (ECDSA) to the list of known hosts. Permission denied (publickey). ``` in the CPVM Jan 22 19:31:09 v-1-VM sshd[2869]: userauth_pubkey: signature algorithm ssh-rsa not in PubkeyAcceptedAlgorithms [preauth] Jan 22 19:31:09 v-1-VM sshd[2869]: Connection closed by authenticating user root 169.254.0.1 port 54704 [preauth] ``` ssh-dss (DSA) is not supported either * debian12: add PubkeyAcceptedAlgorithms=+ssh-rsa to sshd_config * VR: install python3 packages in case of Debian 11 * pom.xml: exclude systemvm/agent/packages/* in license check * systemvm: do not patch router/systemvm during startup this will cause 4.19 SYSTEM template not work, but may be expected - python3 VS python2 (default) - openSSL 3.0.1 VS 1.1.1w - openssh-server 9.1 VS 8.4 * VR: patch router/systemvm if template is debian11 This supports debian 11 template by - revert change in systemvm/debian/etc/ssh/sshd_config - patch VR/systemvms during startup - install packages during patching system vm/routers * python3 flake: fix E502 the backslash is redundant between brackets ``` ../debian/root/health_checks/router_version_check.py:55:70: E502 the backslash is redundant between brackets ../debian/root/health_checks/router_version_check.py:58:61: E502 the backslash is redundant between brackets ../debian/root/health_checks/router_version_check.py:67:71: E502 the backslash is redundant between brackets ../debian/root/health_checks/router_version_check.py:70:60: E502 the backslash is redundant between brackets ../debian/root/health_checks/haproxy_check.py:47:71: E502 the backslash is redundant between brackets ../debian/root/health_checks/haproxy_check.py:48:64: E502 the backslash is redundant between brackets ../debian/root/health_checks/cpu_usage_check.py:43:54: E502 the backslash is redundant between brackets ../debian/root/health_checks/cpu_usage_check.py:46:58: E502 the backslash is redundant between brackets ../debian/root/health_checks/memory_usage_check.py:31:65: E502 the backslash is redundant between brackets ../debian/root/health_checks/memory_usage_check.py:42:57: E502 the backslash is redundant between brackets ../debian/root/health_checks/memory_usage_check.py:45:63: E502 the backslash is redundant between brackets ``` * python3 flake: fix E275 missing whitespace after keyword ``` ../debian/opt/cloud/bin/cs_firewallrules.py:29:20: E275 missing whitespace after keyword ../debian/opt/cloud/bin/cs_dhcp.py:27:16: E275 missing whitespace after keyword ../debian/opt/cloud/bin/cs_dhcp.py:36:16: E275 missing whitespace after keyword ../debian/opt/cloud/bin/cs_guestnetwork.py:33:20: E275 missing whitespace after keyword ../debian/opt/cloud/bin/cs_guestnetwork.py:35:16: E275 missing whitespace after keyword ../debian/opt/cloud/bin/cs_vpnusers.py:37:16: E275 missing whitespace after keyword ../debian/opt/cloud/bin/merge.py:230:11: E275 missing whitespace after keyword ../debian/opt/cloud/bin/merge.py:239:19: E275 missing whitespace after keyword ../debian/opt/cloud/bin/cs_remoteaccessvpn.py:24:12: E275 missing whitespace after keyword ../debian/opt/cloud/bin/cs_site2sitevpn.py:24:12: E275 missing whitespace after keyword ../debian/opt/cloud/bin/cs/CsHelper.py:90:15: E275 missing whitespace after keyword ../debian/opt/cloud/bin/cs/CsAddress.py:367:15: E275 missing whitespace after keyword ``` * python3 flake: fix configure.py ``` ../debian/opt/cloud/bin/configure.py:24:22: E401 multiple imports on one line ../debian/opt/cloud/bin/configure.py:43:180: E501 line too long (294 > 179 characters) ../debian/opt/cloud/bin/configure.py:46:1: E302 expected 2 blank lines, found 1 ../debian/opt/cloud/bin/configure.py:63:1: E302 expected 2 blank lines, found 1 ../debian/opt/cloud/bin/configure.py:65:12: E721 do not compare types, for exact checks use `is` / `is not`, for instance checks use `isinstance()` ../debian/opt/cloud/bin/configure.py:72:1: E302 expected 2 blank lines, found 1 ../debian/opt/cloud/bin/configure.py:310:25: E711 comparison to None should be 'if cond is not None:' ../debian/opt/cloud/bin/configure.py:312:29: E711 comparison to None should be 'if cond is None:' ../debian/opt/cloud/bin/configure.py:378:25: E711 comparison to None should be 'if cond is not None:' ../debian/opt/cloud/bin/configure.py:380:29: E711 comparison to None should be 'if cond is None:' ../debian/opt/cloud/bin/configure.py:490:29: E712 comparison to False should be 'if cond is False:' or 'if not cond:' ../debian/opt/cloud/bin/configure.py:642:16: E721 do not compare types, for exact checks use `is` / `is not`, for instance checks use `isinstance()` ../debian/opt/cloud/bin/configure.py:644:18: E721 do not compare types, for exact checks use `is` / `is not`, for instance checks use `isinstance()` ../debian/opt/cloud/bin/configure.py:1416:1: E305 expected 2 blank lines after class or function definition, found 1 ``` * python3 flake: fix other python files ``` ../debian/opt/cloud/bin/vmdata.py:97:12: E721 do not compare types, for exact checks use `is` / `is not`, for instance checks use `isinstance()` ../debian/opt/cloud/bin/vmdata.py:99:14: E721 do not compare types, for exact checks use `is` / `is not`, for instance checks use `isinstance()` ../debian/opt/cloud/bin/cs/CsRedundant.py:438:53: E203 whitespace before ':' ../debian/opt/cloud/bin/cs/CsRedundant.py:461:53: E203 whitespace before ':' ../debian/opt/cloud/bin/cs/CsRedundant.py:499:5: E303 too many blank lines (2) ../debian/opt/cloud/bin/cs/CsDatabag.py:189:1: E302 expected 2 blank lines, found 1 ../debian/opt/cloud/bin/cs/CsDatabag.py:193:37: E721 do not compare types, for exact checks use `is` / `is not`, for instance checks use `isinstance()` ../debian/opt/cloud/bin/cs/CsHelper.py:118:30: E231 missing whitespace after ',' ../debian/opt/cloud/bin/cs/CsHelper.py:119:15: E225 missing whitespace around operator ../debian/opt/cloud/bin/cs/CsHelper.py:127:19: E225 missing whitespace around operator ../debian/opt/cloud/bin/cs/CsAddress.py:324:43: E221 multiple spaces before operator ../debian/opt/cloud/bin/cs/CsVpcGuestNetwork.py:28:1: E302 expected 2 blank lines, found 1 ``` * python3 flake: fix CsNetfilter.py ``` ../debian/opt/cloud/bin/cs/CsNetfilter.py:226:13: E117 over-indented ../debian/opt/cloud/bin/cs/CsNetfilter.py:233:180: E501 line too long (197 > 179 characters) ../debian/opt/cloud/bin/cs/CsNetfilter.py:241:14: E201 whitespace after '{' ../debian/opt/cloud/bin/cs/CsNetfilter.py:242:14: E201 whitespace after '{' ../debian/opt/cloud/bin/cs/CsNetfilter.py:247:18: E201 whitespace after '{' ../debian/opt/cloud/bin/cs/CsNetfilter.py:247:74: E202 whitespace before '}' ../debian/opt/cloud/bin/cs/CsNetfilter.py:248:18: E201 whitespace after '{' ``` * systemvm/test: fix sys.path ``` $ bash runtests.sh /usr/bin/python Python 3.10.12 Running pycodestyle to check systemvm/python code for errors Running pylint to check systemvm/python code for errors Python 3.10.12 pylint 2.12.2 astroid 2.9.3 Python 3.10.12 (main, Nov 20 2023, 15:14:05) [GCC 11.4.0] -------------------------------------------------------------------- Your code has been rated at 10.00/10 (previous run: 10.00/10, +0.00) -------------------------------------------------------------------- Your code has been rated at 10.00/10 (previous run: 10.00/10, +0.00) Running systemvm/python unit tests ....Device "eth0" does not exist. ..................... ---------------------------------------------------------------------- Ran 25 tests in 0.008s OK ``` * Revert "systemvm template: remove hyperv packages and do not export" This reverts commit 4383d59. * debian12: move SQL change to schema-41900to42000.sql * debian12: update systemvm template version to 4.20 in pom.xml * pom.xml: fix NPE if templates do not exist on download.cloudstack.org * debian12: increase default system offering for routers to 384MiB RAM * CKS: fix addkubernetessupportedversion failed with JRE17 ``` marvin.cloudstackException.CloudstackAPIException: Execute cmd: addkubernetessupportedversion failed, due to: errorCode: 530, errorText:Cannot invoke "org.apache.cloudstack.engine.subsystem.api.storage.ObjectInDataStoreStateMachine$State.toString()" because the return value of "com.cloud.api.query.vo.TemplateJoinVO.getState()" is null ``` * python3: revert changes by 2to3 with systemvm/debian/root/health_checks/*.py * debian12: use ISO/packages on download.cloudstack.org * VR: Update default ram size to 384 * debian12: fix router_version_check.py after VR live-patch and add health check in test_routers.py * debian12: fix build error after log4j 2.x merge * VR: Update default ram size to 512MB (again) This reverts commit 578dd2b and efafa8c. * systemvmtemplate: Upgrade to Debian 12.5.0 * systemvm template: increase swap to 512MB * VR: fix health check error due to deprecated SafeConfigParser warning below ``` root@r-20-VM:~# /opt/cloud/bin/getRouterMonitorResults.sh true /root/monitorServices.py:59: DeprecationWarning: The SafeConfigParser class has been renamed to ConfigParser in Python 3.2. This alias will be removed in Python 3.12. Use ConfigParser directly instead. parser = SafeConfigParser() ``` * test: fix wget does not work in macchinina vms on vmware80u1 fixes error below ``` {Cmd: wget -t 1 -T 1 www.google.com via Host: 10.0.55.186} {returns: ["wget: '/usr/lib/libpcre.so.1' is not an ELF file", "wget: can't load library 'libpcre.so.1'"]} ``` * packaging: add message for VR memory upgrade after packages installation --------- Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com> Co-authored-by: Rohit Yadav <rohit.yadav@shapeblue.com> Co-authored-by: Vishesh <vishesh92@gmail.com>
Description
This PR
./systemvm/agent/certs/realhostip.crt
use insecure SHA1withRSA signature algorithmTypes of changes
Feature/Enhancement Scale or Bug Severity
Feature/Enhancement Scale
Bug Severity
Screenshots (if appropriate):
How Has This Been Tested?
How did you try to break this feature and the system with this change?