Chapter 3. Version 4.0.0-incubating

3.1. What’s New in 4.0.0-incubating
3.2. Issues Fixed in 4.0.0-incubating
3.3. Known Issues in 4.0.0-incubating

3.1. What’s New in 4.0.0-incubating

+ Apache CloudStack 4.0.0-incubating includes the following new features: +

3.1.1. Inter-VLAN Routing

+ Inter-VLAN Routing is the capability to route network traffic between VLANs. This feature enables you to set up Virtual Private Clouds (VPC) that can hold multi-tier applications. These tiers are deployed on different VLANs that can communicate with each other. You can provision VLANs to the tiers your create, and VMs can be deployed on different tiers, such as Web, Application, or Database. The VLANs are connected to a virtual router, which facilitates communication between the VMs. In effect, you can segment VMs by means of VLANs into different networks that can host multi-tier applications. Such segmentation by means of VLANs logically separate application VMs for higher security and lower broadcasts, while remaining physically connected to the same device. +

+ This feature is supported on XenServer and VMware hypervisors. +

3.1.2. Site-to-Site VPN

+ A Site-to-Site VPN connection helps you establish a secure connection from an enterprise datacenter to the cloud infrastructure. This allows users to access the guest VMs by establishing a VPN connection to the virtual router of the account from a device in the datacenter of the enterprise. Having this facility eliminates the need to establish VPN connections to individual VMs. +

+ The supported endpoints on the remote datacenters are: +

+ Cisco ISR with IOS 12.4 or later +
+ Juniper J-Series routers with JunOS 9.5 or later +

3.1.3. Local Storage Support for Data Volumes

+ You can now create data volumes on local storage. The data volume is placed on the same XenServer host as the VM instance that is attached to the data volume. These local data volumes can be attached to virtual machines, detached, re-attached, and deleted just as with the other types of data volume. In earlier releases of CloudStack, only the root disk could be placed in local storage. +

+ Local storage is ideal for scenarios where persistence of data volumes and HA is not required. Some of the benefits include reduced disk I/O latency and cost reduction from using inexpensive local disks. +

+ In order for local volumes to be used, the feature must be enabled for the zone. +

+ You can create a data disk offering for local storage. When a user creates a new VM, they can select this disk offering in order to cause the data disk volume to be placed in local storage. +

+ You can not migrate a VM that has a volume in local storage to a different host, nor migrate the volume itself away to a different host. If you want to put a host into maintenance mode, you must first stop any VMs with local data volumes on that host. +

+ Local storage support for volumes is available for XenServer, KVM, and VMware hypervisors. +

3.1.4. Tags

+ A tag is a key-value pair that stores metadata about a resource in the cloud. Tags are useful for categorizing resources. For example, you can tag a user VM with a value that indicates the user's city of residence. In this case, the key would be "city" and the value might be "Toronto" or "Tokyo." You can then request CloudStack to find all resources that have a given tag; for example, VMs for users in a given city. +

+ You can tag a user virtual machine, volume, snapshot, guest network, template, ISO, firewall rule, port forwarding rule, public IP address, security group, load balancer rule, project, VPC, network ACL, or static route. You can not tag a remote access VPN. +

+ You can work with tags through the UI or through the new API commands createTags, deleteTags, and listTags. You can define multiple tags for each resource. There is no limit on the number of tags you can define. Each tag can be up to 255 characters long. Users can define tags on the resources they own, and administrators can define tags on any resources in the cloud. +

+ A new optional input parameter, "tags," has been added to many of the list* API commands. The following example shows how to use this new parameter to find all the volumes having tag region=canada OR tag city=Toronto: +

command=listVolumes
+&listAll=true
+&tags[0].key=region
+&tags[0].value=canada
+&tags[1].key=city
+&tags[1].value=Toronto

+ The following API commands have the new "tags" input parameter: +

+ listVirtualMachines +
+ listVolumes +
+ listSnapshots +
+ listNetworks +
+ listTemplates +
+ listIsos +
+ listFirewallRules +
+ listPortForwardingRules +
+ listPublicIpAddresses +
+ listSecurityGroups +
+ listLoadBalancerRules +
+ listProjects +
+ listVPCs +
+ listNetworkACLs +
+ listStaticRoutes +

3.1.5. AWS API Changes for Tags

+ Some changes have been made to the Amazon Web Services API compatibility support in order to accommodate the new tagging feature. +

+ New APIs: +

+ + New API + + +	+ + Description + + +
+ + ec2-create-tags + + +	+ + Add tags to one or more resources. + + +
+ + ec2-delete-tags + + +	+ + Remove tags from one or more resources. + + +
+ ec2-describe-tags +	+ + Show currently defined tags. + + +

+ Changed APIs: +

+ + Changed API + + +	+ + Description + + +
+ ec2-describe-images +	+ + Output now shows tags defined for each image. + + +
+ + ec2-describe-instances + + +	+ + Output now shows tags defined for each image. + + + The following filters can now be passed in to limit the output result set: tag-key, tag-value and tag:key + + +
+ + ec2-describe-snapshots + + +	+ + Output now shows tags defined for each image. + + + The following filters can now be passed in to limit the output result set: tag-key, tag-value and tag:key + + +
+ ec2-describe-volumes +	+ + Output now shows tags defined for each image. + + + The following filters can now be passed in to limit the output result set: tag-key, tag-value and tag:key + + +

3.1.6. Secure Console Access on XenServer

+ With the addition of Secure Console feature, users can now securely access the VM consoles on the XenServer hypervisor. You can either SSH or use the View Console option in the Management Server to securely connect to the VMs on the XenServer host. The Management Server uses the xapi API to stream the VM consoles. However, there is no change in the way you can access the console of a VM. This feature is supported on XenServer 5.6 and 6.0 versions. +

3.1.7. Stopped VM

+ This release supports creating VMs without starting them on the backend. You can determine whether the VM needs to be started as part of the VM deployment. A VM can be deployed in two ways: create and start a VM (the default method); create a VM and leave it in the stopped state. +

+ A new request parameter, startVM, is introduced in the deployVm API to support the stopped VM feature. The possible values are: +

+ true - The VM starts as a part of the VM deployment +
+ false - The VM is left in stopped state at the end of the VM deployment +

3.1.8. Uploading an Existing Volume to a Virtual Machine

+ Existing data can now be made accessible to a virtual machine. This is called uploading a volume to the VM. For example, this is useful to upload data from a local file system and attach it to a VM. Root administrators, domain administrators, and end users can all upload existing volumes to VMs. The upload is performed by using HTTP. The uploaded volume is placed in the zone's secondary storage. +

+ This functionality is supported for the following hypervisors: +

+ Hypervisor : Disk Image Format +
+ XenServer : VHD +
+ VMware : OVA +
+ KVM : QCOW2 +

3.1.9. Dedicated High-Availability Hosts

+ One or more hosts can now be designated for use only by high-availability (HA) enabled VMs that are restarted due to a host failure. Setting up a pool of such dedicated HA hosts as the recovery destination for all HA-enabled VMs make it easier to determine which VMs are restarted as part of the high-availability function. You can designate a host as a dedicated-HA restart node only if the Dedicated HA Hosts feature is enabled by setting the appropriate global configuration parameter. +

3.1.10. Support for Amazon Web Services API

+ This release supports Amazon Web Services APIs, including Elastic Compute Cloud (EC2) API. Fidelity with the EC2 API and the installation experience for this functionality are both enhanced. In prior releases, users were required to install a separate component called CloudBridge, in addition to installing the Management Server. For new installations of CloudStack 4.0.0-incubating, this software is installed automatically along with CloudStack and runs in a more closely integrated fashion. The feature is disabled by default, but can be easily enabled by setting the appropriate global configuration parameter and performing a few setup steps. +

3.1.11. The Nicira NVP Plugin

+ The Nicira NVP plug-in allows CloudStack to use the Nicira solution for virtualized network as a provider for CloudStack networks and services. In CloudStack 4.0.0-incubating this plug-in supports the Connectivity service. This service is responsible for creating Layer 2 networks supporting the networks created by guests. When a tenant creates a new network, instead of a traditional VLAN, a logical network will be created by sending the appropriate calls to the Nicira NVP Controller. The plug-in has been tested with Nicira NVP versions 2.1.0, 2.2.0 and 2.2.1. +

3.1.12. Support for CAStor Cluster

+ CloudStack 4.0.0-incubating supports using a CAStor cluster as the back-end storage system for a CloudStack S3 front-end. The CAStor back-end storage for CloudStack extends the existing storage classes and allows the storage configuration attribute to point to a CAStor cluster. This feature makes use of the CloudStack server's local disk to spool files before writing them to CAStor when handling the PUT operations. However, a file must be successfully written into the CAStor cluster prior to the return of a success code to the S3 client to ensure that the transaction outcome is correctly reported. +

+ The S3 multipart file upload is not supported in this release. You are prompted with proper error message if a multipart upload is attempted. +

3.1.13. Clustered Logical Volume Manager Support for KVM

+ This release adds Clustered Logical Volume Manager (CLVM) storage support for KVM hosts. With this support, you can use CLVM as primary storage. +

+ The CLVM support for KVM allows root and data disks (primary storage) to reside on Linux logical volumes. The administrators are required to configure CLVM on the KVM hosts independent of CloudStack. When the volume groups are available, an administrator can simply add primary storage of type CLVM, providing the volume group name. Then CloudStack creates and manages logical volumes as needed. +

+ CLVM also supports Snapshots. CloudStack creates an LVM snapshot, copy the applicable logical volume to the secondary storage in the qcow2 format, and then delete the LVM snapshot. +

3.1.14. Rados Block Device Support for KVM

+ You can now use Rados Block Device (RBD) to run instances on Apache CloudStack 4.0.0-incubating. This can be done by adding a RBD pool as primary storage. Before using RBD, ensure that Qemu is compiled with RBD enabled, and the libvirt version is at least 0.10 with RBD enabled on the KVM host +

+ Create a disk offering for RBD so that you can ensure that StoragePoolAllocator chooses the RBD pool to deploy instances. +

3.2. Issues Fixed in 4.0.0-incubating

+ Many bugs include a defect number that reflects the bug number that was held in the bug tracker run by Citrix (bugs.cloudstack.org). The Apache CloudStack project now uses Jira to manage its bugs, so some of the bugs that are referenced here may not be available to view. However, we are still including them for completeness. +

+ + Defect + + +	+ + Description + + +
+ + Many + +	+ + vSphere 5.0 now has GA support. Formerly only Beta support was provided. + +
+ + CS-16135 + +	+ + Creating volumes after upgrading from snapshot taken in 2.2.14 no longer deletes the snapshot physically from the secondary storage. + +
+ + CS-16122 + +	+ + In a site-to-site VPN setup, alerts are generated when the VPC virtual router is rebooted with multiple vpn connections. + +
+ + CS-16022 + +	+ + If host connection fails due to a database error, host now disconnects and the Managerment Server id is removed. + +
+ + CS-16011 + +	+ + Name of network offering is no longer truncated due to too-narrow field width in Add Guest Network dialog box. + + +
+ + CS-15978 + +	+ + When the virtual router and its host go down, the high availability mechanism now works for the virtual router. + + +
+ + CS-15921 + +	+ + The 2.2.x security group script now accounts for the VMs created in the version 2.1 timeframe. + + +
+ + CS-15919 + +	+ + A level parameter is added to the listVolumes command; therefore queries return the response more quickly. + +
+ + CS-15904 + +	+ + Upgrade from version 2.2.14 to CloudStack-3.0.5-0.2944-rhel5 works as expected. The upgrade script, /usr/share/cloud/setup/db/schema-2214to30-cleanup.sql, works as expected. + +
+ + CS-15879 + +	+ + The database upgrade from version 3.0.4 to 3.0.5 works as expected. + + +
+ + CS-15807 + +	+ + Network label for OVM now available in UI. + + +
+ + CS-15779 + +	+ + When the thumbnail is requested, the console session will not be terminated. + + +
+ + CS-15778 + +	+ + Fetching a VM thumbnail now gets a thumbnail of appropriate visual dimensions. + + +
+ + CS-15734 + +	+ + KVM Snapshots no longer shows incorrect disk usage. + +
+ + CS-15733 + +	+ + The domainId parameter for the listNetworks command now lists the resources belonging to the domain specified. + +
+ + CS-15676 + +	+ + Stopping the router no longer fails with the null pointer exception. + + +
+ + CS-15648 + +	+ + If creating a volume from a snapshot fails, the error is reported on the UI but the volume is stuck in the creating state. + + +
+ + CS-15646 + +	+ + createFirewallRule API no longer causes null pointer exception. + +
+ + CS-15628 + +	+ + In a KVM host, the high availability mechanism no longer takes a long time to migrate VMs to another KVM host if there are multiple storage pools. + +
+ + CS-15627 + +	+ + Metadata instance-id and vm-id for existing VMs stays the same after upgrade. + +
+ + CS-15621 + +	+ + Solved difficulty with allocating disk volumes when running multiple VM deployment in parallel. + +
+ + CS-15603 + +	+ + CloudStack now stop the VMs when destroyVM command is called. + +
+ + CS-15586 + +	+ + Public Vlan for an account no longer fails if multiple physical networks are present. + +
+ + CS-15582 + +	+ + The dns-name filter is now supported for ec2-describe-instances in the Amazon Web Services API compatibility commands. The filter maps to the name of a user VM. + +
+ + CS-15503 + +	+ + An IP address which has static NAT rules can now be released. Subsequently, restarting this network after it was shutdown can succeed. + +
+ + CS-15464 + +	+ + Can now delete static route whose state is set to Revoke. + +
+ + CS-15443 + +	+ + Creating a firewall rule no longer fails with an internal server error. + +
+ + CS-15398 + +	+ + Corrected technique for programming DNS on the user VMs. + +
+ + CS-15356 + +	+ + Internal DNS 2 entry now correctly shown in UI. + +
+ + CS-15335 + +	+ + The CloudBridge S3 Engine now connects to the database by using the deciphered password in the db.properties file. + +
+ + CS-15318 + +	+ + UI now correctly prevents the user from stopping a VM that is in the Starting state. + +
+ + CS-15307 + +	+ + Fixed Japanese localization of instance statuses in the Instances menu. + +
+ + CS-15278 + +	+ + The deployment planner no longer takes long time to locate a suitable host to deploy VMs when large number of clusters are present. + +
+ + CS-15274 + +	+ + Creating a VLAN range using Zone ID without network ID now succeeds. + +
+ + CS-15243 + +	+ + Now check to be sure source NAT and VPN have same provider. + +
+ + CS-15232 + +	+ + Ensure that networks using external load balancer/firewall in 2.2.14 or earlier can properly upgrade. + +
+ + CS-15200 + +	+ + No exception when trying to attach the same volume while attaching the first volume is in progress. + +
+ + CS-15173 + +	+ + Additional cluster can no longer be added with same VSM IP address as another cluster. + +
+ + CS-15167 + +	+ + AWS API calls now honor the admin account's ability to view or act on the resources owned by the regular users. + +
+ + CS-15163 + +	+ + The minimum limit is not honored when there is not enough capacity to deploy all the VMs and the ec2-run-instances command with the -n >n1 -n2> option is used to deploy multiple VMs. + +
+ + CS-15157 + +	+ + Can now add/enable service providers for multiple physical networks through the UI. + +
+ + CS-15145 + +	+ + AWS API call ec2-register has better error handling for negative cases. + +
+ + CS-15122 + +	+ + Filters now supported for AWS API call ec2-describe-availability-zones. + +
+ + CS-15120 + +	+ + Actions column in UI of Volume page now shows action links. + +
+ + CS-15099 + +	+ + Buttons no longer overlap text on Account Deletion confirmation page in UI. + +
+ + CS-15095 + +	+ + Ensures you can not create a VM with a CPU frequency greater than the host CPU frequency. + +
+ + CS-15094 + +	+ + CPU cap now set properly in VMware. + +
+ + CS-15077 + +	+ + NullPointerException is no longer observed while executing the command to list the public IP in a basic zone created with the default shared NetScaler EIP and ELB network offering. + +
+ + CS-15044 + +	+ + UI now provides option to view the list of instances which are part of the guest network. + +
+ + CS-15026 + +	+ + UI in Deploy VM dialog now lists only templates or ISOs depending on which is selected in previous dialog. + +
+ + CS-14989 + +	+ + In KVM, the Create Instance wizard now shows only templates from the current (KVM) zone. + +
+ + CS-14986, CS-14985 + +	+ + Listing filters works as expected in the ec2-describe-volumes and ec2-describe-snapshots commands. + +
+ + CS-14964 + +	+ + Automatically starting the Console Proxy no longer fails due to its missing volume on the primary storage + +
+ + CS-14907 + +	+ + User is now correctly prevented from trying to download an uploaded volume which has not yet been moved to primary storage. + +
+ + CS-14879 + +	+ + When a user VM is stopped or terminated, the static NAT associated with this VM is now disabled. This public IP address is no longer owned by this account and can be associated to any other user VM. + +
+ + CS-14854 + +	+ + Only the admin user can change the template permission to Public, so this option is removed from the UI for domain Admins and regular Users. + +
+ + CS-14817 + +	+ + While checking if network has any external provider, CloudStack will consider all providers in the network. + +
+ + CS-14796 + +	+ + When deploying a VM with ec2-run-instances, userdata is now encoded. + +
+ + CS-14770 + +	+ + The API returns the keypair information when a VM is deployed with sshkey. This affects the API commands related to virtual machines (deployVirtualMachine, listVirtualMachines, ... *VirtualMachine), as well as the corresponding AWS APIs. + +
+ + CS-14724 + +	+ + UI no longer displays the dropdown list of isolation method choices if sdn.ovs.controller is false. + +
+ + CS-14345 + +	+ + Logout API returns XML header. + +
+ + CS-14724 + +	+ + Host IPs now associated with appropriate IPs according to traffic type. + +
+ + CS-14253 + +	+ + Can now delete and re-create port forwarding rule on same firewall. + +
+ + CS-14724 + +	+ + UI no longer displays the dropdown list of isolation method choices if sdn.ovs.controller is false. + +
+ + CS-14452 + +	+ + Data disk volumes are now automatically copied from one cluster to another. + +
+ + CS-13539 + +	+ + Windows VM can get IP after reboot. + +
+ + CS-13537 + +	+ + When user tries to delete a domain that contains sub-domains, an error message is now sent to convey the reason for the delete failure. + +
+ + CS-13153 + +	+ + System VMs support HTTP proxy. + +
+ + CS-12642 + +	+ + Added Close button to Select Project list view popup in UI. + +
+ + CS-12510 + +	+ + Deleting and reinserting host_details no longer causes deadlocks. + +
+ + CS-12407 + +	+ + F5 and Netscaler - when dedicated is selected, capacity field is disabled. + +
+ + CS-12111 + +	+ + Email validation for edit user form. + +
+ + CS-10928 + +	+ + Network read/write values now always positive numbers. + +
+ + CS-15376, CS-15373 + +	+ + The AWS APIs (EC2 and S3) now listen on the 7080 port and send request to CloudStack on the 8080 port just as any other clients of CloudStack. + +
+ + CS-13944 + +	+ + The CloudStack 2.2.x to 3.0.x database upgrade for multiple physical networks is now supported. + +
+ + CS-15300 + +	+ + The admin accounts of a domain now honour the limits imposed on that domain just like the regular accounts do. A domain admin now is not allowed to create an unlimited number of instances, volumes, snapshots, and so on. + +
+ + CS-15396 + +	+ + The CloudStack database now contain the UUD information after the 2.2.14 to 3.0.4 upgrade. + +
+ + CS-15450 + +	+ + Upgrade from 2.2.14 to 3.0.4 no longer fails on a VMware host. + +
+ + CS-15449 + +	+ + Running cloudstack-aws-api-register no longer fails with the "User registration failed with error: [Errno 113] No route to host" error. + +
+ + CS-15455 + +	+ + The iptable rules are configured to open the awsapi port (7080) as part of the installation. + +
+ + CS-15429 + +	+ + While creating an instance with data volume, disk offering also is considered while checking the account limit on volume resources. + +
+ + CS-15414 + +	+ + After the 2.2.14 to 3.0.4 upgrade, the value of the global parameter xen.guest.network.device is now decrypted before setting the traffic label. + +
+ + CS-15382 + +	+ + During 2.2.14 to 3.0.4 upgrade, the hosts no longer go to the Alert state if destroyed networks existed with non-existent tags prior to upgrade. + +
+ + CS-15323 + +	+ + CloudStack supports the following Citrix XenServer hotfixes: XS602E003, XS602E004, and XS602E005. + +
+ + CS-15430 + +	+ + Create snapshot now fails if creating a snapshot exceeds the snapshot resource limit for a domain admin or a user account. + +
+ + CS-14256 + +	+ + Virtual Router no longer remains in starting state for subdomain or user on a KVM 3.0.1 prerlease host on RHEL 6.2. + +
+ + CS-7495 + +	+ + Implemented a variety of Xen management host improvements. + +
+ + CS-8105 + +	+ + NFS v4 for primary storage now works as expected on KVM hosts. + +
+ + CS-9989 + +	+ + The error messages returned during VM deployment failure will have much more details than before. + +
+ + CS-12584 + +	+ + You can no longer add security groups not supported by the hypervisor in use. + +
+ + CS-12705 + +	+ + When creating a Network offering by using SRX as the service provider for SourceNAT servcies, an option is given in the CloudStack UI now to set the source_nat type to "per Zone"/"per account". + +
+ + CS-12782 + +	+ + Assigning a VM from Basic to Advanced zone no longer ignores the network ID. A warning message is displayed for VM movements across zones. + +
+ + CS-12591 + +	+ + Broadcast Address on the Second Public IP NIC is now corrected. + +
+ + CS-13272 + +	+ + When a user is deleted, all the associated properties, such as IPs and virtual routers, are now deleted. + +
+ + CS-13377 + +	+ + Creating template from a root disk of a stopped instance now provides an option to make it a "Featured template". + +
+ + CS-13500 + +	+ + Reaching the first guest VM by using its public IP from the second guest VM no longer fails. + +
+ + CS-13853 + +	+ + The default gateway can no longer be 0.0.0.0 in the Secondary Storage VM (SSVM). + +
+ + CS-13863 + +	+ + The queryAsyncJobResult command in XML format now returns the correct UUIDs. + +
+ + CS-13867 + +	+ + Corrected CSP xenserver-cloud-supp.tgz for XenServer 5.6 and 6.0. + +
+ + CS-13904 + +	+ + Labels and values for the service offerings CPU and memory are now consistent. + +
+ + CS-13998 + +	+ + The SSVM kernel panic issue is fixed on XenServer. + +
+ + CS-14090 + +	+ + The issue is fixed where running the VMware snapshots randomly fails with the ArrayIndexOutOfBoundsException error. + +
+ + CS-14021 + +	+ + The java.lang.OutOfMemoryError is fixed on the Management Server. + +
+ + CS-14025 + +	+ + The Python Eggs are provided to easily package the test client for each branch of CloudStack. + +
+ + CS-14068 + +	+ + Resetting the VM password through the CloudStack UI no longer causes any error. + +
+ + CS-14156 + +	+ + The pod which has the administrator's virtual router is no longer selected while creating the virtual routers for guests. + +
+ + CS-14182 + +	+ + The users can now delete their ISOs as normal users. + +
+ + CS-14185 + +	+ + The listOSTypes API now filters out the types of operating system by using the keywords. + +
+ + CS-14204 + +	+ + The cloud-setup-bonding.sh command no longer generates the "command not found" error. + +
+ + CS-14214 + +	+ + The Specify VLAN option cannot be enabled now for an isolated Network offering with SourceNAT enabled. + +
+ + CS-14234 + +	+ + Sending project invite email to an account now requires SMTP configured in CloudStack. + +
+ + CS-14237 + +	+ + The garbage collector of the primary storage no longer fails when the first host in the cluster is not up. + +
+ + CS-14241 + +	+ + Custom Volume Disk Offering is now matching the Global configuration value. + +
+ + CS-14270 + +	+ + The listNetworks API no longer assumes that the broadcast type is always VLAN. + +
+ + CS-14319 + +	+ + The internal name of the VM is no longer present in the error message that is displayed to a domain administrator. + +
+ + CS-14321 + +	+ + The listVolumes API call now returns a valid value for the isExtractable parameter for the ISO-derived disk and data disk volumes. + +
+ + CS-14323 + +	+ + Invalid API calls will now give valid response in json/xml format. + +
+ + CS-14339 + +	+ + Custom Disk Size will now allow values larger than 100GB. + +
+ + CS-14357 + +	+ + The ConsoleProxyLoadReportCommand is no longer fired continuously. + +
+ + CS-14421 + +	+ + Fixed the issue of virtual router deployments. The DHCP entries can now be assigned to the router. + +
+ + CS-14555 + +	+ + Unzipped downloaded template MD5SUM will no longer override the zipped template MD5SUM in the database. + +
+ + CS-14598 + +	+ + The complete screen of the running VM is now displayed in the console proxy. + +
+ + CS-14600 + +	+ + Windows or Linux based consoles are no longer lost upon rebooting VMs. + +
+ + CS-14784 + +	+ + Multiple subnets with the same VLAN now work as expected. + +
+ + CS-13303, 14874, 13897, 13944, 14088, 14190 + +	+ + A variety of upgrade issues have been fixed in release 3.0.3. + +
+ + CS-15080 + +	+ + Setting a private network on a VLAN for VMWare environment is now supported. + +
+ + CS-15168 + +	+ + The console proxy now works as expected and no exception is shown in the log after upgrading from version 2.2.14 to 3.0.2. + +
+ + CS-15172 + +	+ + Version 3.0.2 now accepts the valid public key. + +

3.3. Known Issues in 4.0.0-incubating

+ + Issue ID + + +	+ + Description + + +
+ + CLOUDSTACK-301 + +	+ + Nexus 1000v DVS integration is not functional + + + This source code release includes some partial functionality to support the Cisco Nexus 1000v Distributed Virtual Switch within a VMware hypervisor environment. The functionality is not complete at this time. + + +
+ + CLOUDSTACK-368 + +	+ + OVM - cannot create guest VM + + + This source code release has regressed from the CloudStack 2.2.x code and is unable to support Oracle VM (OVM). + + +
+ + CLOUDSTACK-279 + +	+ + Deleting a project fails when executed by the regular user. This works as expected for root/domain admin. To workaround, perform either of the following: + + + Use the account cleanup thread which will eventually complete the project deletion. + + Execute the call as the root/domain admin on behalf of the regular user. + + +
+ + CS-16067 + +	+ + The command=listTags&key=city command does not work as expected. The command does not return tags for the resources of the account with the tag, city + + +
+ + CS-16063 + +	+ + The current values of volumes and snapshots are incorrect when using KVM as a host. To fix this, the database upgrade codes, volumes.size and snapshots.size, should be changed to show the virtual sizes. + + +
+ + CS-16058 + +	+ + Null pointer Exception while deleting the host after moving the host to maintenance state. + + +
+ + CS-16045 + +	+ + Only the root administrator can handle the API keys. The domain administrators are not allowed to create, delete, or retrieve API keys for the users in their domain. + + +
+ + CS-16019 + +	+ + CIDR list in the Add VPN Customer Gateway dialog does not prompt the user that they can provide a comma separated CIDRs if multiple CIDRs have to be supplied. + + +
+ + CS-16015 + +	+ + Deleting a network is not supported when its network providers are disabled. + + +
+ + CS-16012 + +	+ + Unable to delete a zone in the UI because the necessary cleanup cannot be completed. When the hosts are removed, the expunge process fails to delete the volumes as no hosts are present to send the commands to. Therefore, the storage pool removal fails, and zone can't be cleaned and deleted. + + +
+ + CS-16011 + +	+ + Name of network offering might be truncated due to too-narrow field width in Add Guest Network dialog box. + + +
+ + CS-15789 + +	+ + Invalid global setting prevents management server to restart. For example, if you configure the "project.invite.timeout" parameter to "300" and attempt to restart management server, it fails without throwing a warning or setting the value to the default. + + +
+ + CS-15749 + +	+ + Restarting VPC is resulting in intermittent connection loss to the port forwarding and StaticNAT rules. + + +
+ + CS-15690 + +	+ + The IpAssoc command failed as a part of starting the virtual router, but the final start result is reported as succes. + + +
+ + CS-15672, CS-15635 + +	+ + The FQDN of the VM is not configured if it is deployed as a part of default shared network and isolated guest network (DefaultIsolatedNetworkOfferingWithSourceNatService). + + +
+ + CS-15634 + +	+ + The FQDN of a VM that is deployed as a part of both a shared network and default isolated guest network has the suffix of the shared network instead of the default isolated guest network. + + +
+ + CS-15576 + +	+ + Stopping a VM on XenServer creates a backlog of API commands. For example, the Attach volume calls become delayed while waiting for the stopVirtualMachine command to be executed. + + +
+ + CS-15569 + +	+ + Misleading error message in the exception when creating a StaticNAT rule fails in a VPC. + + +
+ + CS-15566 + +	+ + External device such as Netscaler is not supported in VPC. + +
+ + CS-15557 + +	+ + Intermittent traffic loss in the VPN connection if Juniper is the remote router and the life time is 300 seconds. + + +
+ + CS-15361 + +	+ + Egress rules are not working in NetScaler loadbalancer. + + +
+ + CS-15163 + +	+ + The minimum limit is not honored when there is not enough capacity to deploy all the VMs and the ec2-run-instances command with the -n >n1 -n2> option is used to deploy multiple VMs. + +
+ + CS-15105 + +	+ + The cloud-sysvmadm script does not work if the integration.api.port parameter is set to any port other than 8096. + +
+ + CS-15092 + +	+ + Connecting to the guest VMs through SSH is extremely slow, and it results in connection timeout. + +
+ + CS-15037 + +	+ + Hairpin NAT is not supported when NetScaler is used for EIP. + +
+ + CS-15009 + +	+ + The port_profile table will not be populated with port profile information. In this release, CloudStack directly connects to the VSM for all the port profile operations; therefore, no port profile information is cached. + +
+ + CS-14939 + +	+ + Adding a VMware cluster is not supported when the Management Network is migrated to the Distributed Virtual Switch environment. + +
+ + CS-14780 + +	+ + You are allowed to ping the elastic IP address of the VM even though no ingress rule is set that allows the ICMP protocol. + +
+ + CS-14756 + +	+ + Installing KVM on RHEL 6.2 will result in unreliable network performance. Workaround: blacklist vhost-net. Edit /etc/modprobe.d/blacklist-kvm.conf and include vhost-net. + +
+ + CS-14346 + +	+ + The UpdateVirtualMachine API call does not check whether the VM is stopped. Therefore, stop the VM manually before issuing this call. + +
+ + CS-14303 (was 14537) + +	+ + The IP addresses for a shared network are still being consumed even if no services are defined for that network. + +
+ + CS-14296 (was 14530) + +	+ + OVM: Network traffic labels are not supported. + +
+ + CS-14291 (was 14523) + +	+ + The EIP/ELB network offering for basic zones does not support multiple NetScalers. + +
+ + CS-14275 (was 14506) + +	+ + F5: Unable to properly remove a F5 device. + +
+ + CS-14201 (was 14430) + +	+ + VMWare: Template sizes are being reported different depending on whether the primary storage is using ISCSI or NFS. + +
+ + CS-13758 (was 13963) + +	+ + vSphere: template download from templates created off of the root volume does not work properly. + +
+ + CS-13733 (was 13935) + +	+ + vSphere: detaching an ISO from a restored VM instance fails. + +
+ + CS-13682 (was 13883) + +	+ + Multiple NetScalers are not supported in Basic Networking. + +
+ + CS-13599 (was 13359) + +	+ + Programming F5/NetScaler rules can be better optimized. + +
+ + CS-13337 (was 13518) + +	+ + Security Groups are not supported in Advanced Networking + +
+ + CS-13173 (was 13336) + +	+ + vSphere: cross cluster volume migration does not work properly. + +
+ + CS-12714 (was 12840) + +	+ + Capacity view is not available for pods or clusters. + +
+ + CS-12624 (was 12741) + +	+ + vSphere: maintenance mode will not live migrate system VM to another host. + +
+ + CS-15476 + + +	+ + The 2.2.14 to 4.0.0-incubating upgrade fails if multiple untagged physical networks exist before the upgrade. + + +
+ + CS-15407 + + +	+ + After the 2.2.14 to 4.0.0-incubating upgrade, VLAN allocation on multiple physical networks does not happen as expected. + + + To workaround this issue, follow the instructions given below: + + + Revert to your 2.2.14 setup. + + Stop all the VMs with the isolated virtual networks in your cloud setup. + + Run following query to find if any networks still have the NICs allocated: + + Check if any virtual guest networks have the NICs allocated: + #SELECT DISTINCT op.id from `cloud`.`op_networks` op JOIN `cloud`.`networks` n on op.id=n.id WHERE nics_count != 0 AND guest_type = 'Virtual'; + If this returns any network IDs, then ensure the following: + + All the VMs are stopped. + + No new VM is started. + + Shutdown the Management Server. + + Remove the NICs count for the virtual network IDs returned in step (a), and set the NIC count to 0: + UPDATE `cloud`.`op_networks` SET nics_count = 0 WHERE id = `enter id of virtual network` + Restart the Management Server, and wait for all the networks to shut down. + Note + Networks shutdown is determined by the network.gc.interval and network.gc.wait parameters. + + Ensure that all the networks are shut down and all the guest VNETs are free. + + Run the upgrade script. + + This allocates all your guest VNET ranges to the first physical network. + + By using the updatePhysicalNetwork API, reconfigure the VNET ranges for each physical network as desired. + + Start all the VMs. + + +
+ + CS-14680 + + +	+ + CloudStack and LDAP user validation cannot happen simultaneously because the user password is hashed and stored in the database, and LDAP requires the passwords in plain text. + + + To work with the LDAP user, the MD5 hash should be disabled in the login process by commenting the following variable in sharedFunctions.js file available at /usr/share/cloud/management/webapps/client/scripts, and restart the cloud-management service. + + + var md5HashedLogin = false; + + However, if md5HashedLogin is set to false, the end user can login with the LDAP credentials but not with the CloudStack user credentials. + + +
+ + CS-14346 + +	+ + The UpdateVirtualMachine API call does not check whether the VM is stopped. Therefore, stop the VM manually before issuing this call. + +
+ + CS-15130 + +	+ + Data disk volumes are not automatically copied from one cluster to another. + +
+ + CS-14780 + +	+ + You are allowed to ping the elastic IP address of the VM even though no ingress rule is set that allows the ICMP protocol. + +
+ + CS-14939 + +	+ + Adding a VMware cluster is not supported when the Management Network is migrated to the Distributed Virtual Switch environment. + +
+ + CS-15009 + +	+ + The port_profile table will not be populated with port profile information. In this release, CloudStack directly connects to the VSM for all the port profile operations; therefore, no port profile information is cached. + +
+ + CS-15037 + +	+ + Hairpin NAT is not supported when NetScaler is used for EIP. + +
+ + CS-15092 + +	+ + Connecting to the guest VMs through SSH is extremely slow, and it results in connection timeout. + +
+ + CS-15105 + +	+ + The cloud-sysvmadm script does not work if the integration.api.port parameter is set to any port other than 8096. + +
+ + CS-15163 + +	+ + The minimum limit is not honored when there is not enough capacity to deploy all the VMs and the ec2-run-instances command with the -n >n1 -n2> option is used to deploy multiple VMs. + +