cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From h...@apache.org
Subject [14/19] Move the system vm to a separate maven project.
Date Fri, 20 Sep 2013 10:33:06 GMT
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/opt/cloud/bin/vpc_func.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_func.sh b/patches/systemvm/debian/config/opt/cloud/bin/vpc_func.sh
deleted file mode 100755
index 2f88351..0000000
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_func.sh
+++ /dev/null
@@ -1,68 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# @VERSION@
-
-getEthByIp (){
-  local ip=$1
-  for dev in `ls -1 /sys/class/net | grep eth`
-  do
-    sudo ip addr show dev $dev | grep $ip\/ > /dev/null
-    if [ $? -eq 0 ]
-    then
-      echo $dev
-      return 0
-    fi
-  done
-  return 1
-}    
-
-getVPCcidr () {
-  CMDLINE=$(cat /var/cache/cloud/cmdline)
-  for i in $CMDLINE
-  do
-    # search for foo=bar pattern and cut out foo
-    KEY=$(echo $i | cut -d= -f1)
-    VALUE=$(echo $i | cut -d= -f2)
-    if [ "$KEY" == "vpccidr" ]
-    then
-      echo "$VALUE"
-      return 0
-    fi
-  done
-  return 1
-}
-
-removeRulesForIp() {
-  local ip=$1
-  iptables-save -t mangle | grep $ip | grep "\-A"  | while read rule
-  do
-    rule=$(echo $rule | sed 's/\-A/\-D/')
-    sudo iptables -t mangle $rule
-  done
-  iptables-save -t nat | grep $ip | grep "\-A"  | while read rule
-  do
-    rule=$(echo $rule | sed 's/\-A/\-D/')
-    sudo iptables -t nat $rule
-  done
-  iptables-save -t filter | grep $ip | grep "\-A"  | while read rule
-  do
-    rule=$(echo $rule | sed 's/\-A/\-D/')
-    sudo iptables -t filter $rule
-  done
-}

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh b/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh
deleted file mode 100755
index e5da2e0..0000000
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_guestnw.sh
+++ /dev/null
@@ -1,294 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# guestnw.sh -- create/destroy guest network 
-# @VERSION@
-
-source /root/func.sh
-source /opt/cloud/bin/vpc_func.sh
-
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
-    exit 1
-fi
-
-usage() {
-  printf "Usage:\n %s -A  -d <dev> -i <ip address> -g <gateway> -m <network mask> -s <dns ip> -e < domain> [-f] \n" $(basename $0) >&2
-  printf " %s -D -d <dev> -i <ip address> \n" $(basename $0) >&2
-}
-
-
-destroy_acl_chain() {
-  sudo iptables -t mangle -F ACL_OUTBOUND_$dev 2>/dev/null
-  sudo iptables -t mangle -D PREROUTING -m state --state NEW -i $dev -s $subnet/$mask ! -d $ip -j ACL_OUTBOUND_$dev  2>/dev/null
-  sudo iptables -t mangle -X ACL_OUTBOUND_$dev 2>/dev/null
-  sudo iptables -F ACL_INBOUND_$dev 2>/dev/null
-  sudo iptables -D FORWARD -o $dev -d $subnet/$mask -j ACL_INBOUND_$dev  2>/dev/null
-  sudo iptables -X ACL_INBOUND_$dev 2>/dev/null
-
-}
-
-create_acl_chain() {
-  destroy_acl_chain
-  sudo iptables -t mangle -N ACL_OUTBOUND_$dev 2>/dev/null
-  sudo iptables -t mangle -A ACL_OUTBOUND_$dev -j ACCEPT 2>/dev/null
-  sudo iptables -t mangle -A PREROUTING -m state --state NEW -i $dev -s $subnet/$mask ! -d $ip -j ACL_OUTBOUND_$dev  2>/dev/null
-  sudo iptables -N ACL_INBOUND_$dev 2>/dev/null
-  # drop if no rules match (this will be the last rule in the chain)
-  sudo iptables -A ACL_INBOUND_$dev -j DROP 2>/dev/null
-  sudo iptables -A FORWARD -o $dev -d $subnet/$mask -j ACL_INBOUND_$dev  2>/dev/null
-}
-
-
-setup_apache2() {
-  logger -t cloud "Setting up apache web server for $dev"
-  cp /etc/apache2/vhostexample.conf /etc/apache2/conf.d/vhost$dev.conf
-  sed -i -e "s/<VirtualHost.*:80>/<VirtualHost $ip:80>/" /etc/apache2/conf.d/vhost$dev.conf
-  sed -i -e "s/<VirtualHost.*:443>/<VirtualHost $ip:443>/" /etc/apache2/conf.d/vhost$dev.conf
-  sed -i -e "s/\tServerName.*/\tServerName vhost$dev.cloudinternal.com/" /etc/apache2/conf.d/vhost$dev.conf
-  sed -i -e "s/Listen .*:80/Listen $ip:80/g" /etc/apache2/conf.d/vhost$dev.conf
-  sed -i -e "s/Listen .*:443/Listen $ip:443/g" /etc/apache2/conf.d/vhost$dev.conf
-  service apache2 restart
-  sudo iptables -D INPUT -i $dev -d $ip -p tcp -m state --state NEW --dport 80 -j ACCEPT
-  sudo iptables -A INPUT -i $dev -d $ip -p tcp -m state --state NEW --dport 80 -j ACCEPT
-}
-
-desetup_apache2() {
-  logger -t cloud "Desetting up apache web server for $dev"
-  rm -f /etc/apache2/conf.d/vhost$dev.conf
-  service apache2 restart
-  sudo iptables -D INPUT -i $dev -d $ip -p tcp -m state --state NEW --dport 80 -j ACCEPT
-}
-
-
-setup_dnsmasq() {
-  logger -t cloud "Setting up dnsmasq for network $ip/$mask "
-  # setup rules to allow dhcp/dns request
-  sudo iptables -D INPUT -i $dev -p udp -m udp --dport 67 -j ACCEPT
-  sudo iptables -D INPUT -i $dev -d $ip -p udp -m udp --dport 53 -j ACCEPT
-  sudo iptables -D INPUT -i $dev -d $ip -p tcp -m tcp --dport 53 -j ACCEPT
-  sudo iptables -A INPUT -i $dev -p udp -m udp --dport 67 -j ACCEPT
-  sudo iptables -A INPUT -i $dev -d $ip -p udp -m udp --dport 53 -j ACCEPT
-  sudo iptables -A INPUT -i $dev -d $ip -p tcp -m tcp --dport 53 -j ACCEPT
-  # setup static 
-  sed -i -e "/^[#]*dhcp-range=interface:$dev/d" /etc/dnsmasq.d/cloud.conf
-  echo "dhcp-range=interface:$dev,set:interface-$dev,$ip,static" >> /etc/dnsmasq.d/cloud.conf
-  # setup DOMAIN
-  [ -z $DOMAIN ] && DOMAIN="cloudnine.internal"
-
-  sed -i -e "/^[#]*dhcp-option=tag:interface-$dev,15.*$/d" /etc/dnsmasq.d/cloud.conf
-  echo "dhcp-option=tag:interface-$dev,15,$DOMAIN" >> /etc/dnsmasq.d/cloud.conf
-  service dnsmasq restart
-  sleep 1
-} 
-
-desetup_dnsmasq() {
-  logger -t cloud "Desetting up dnsmasq for network $ip/$mask "
-  # remove rules to allow dhcp/dns request
-  sudo iptables -D INPUT -i $dev -p udp -m udp --dport 67 -j ACCEPT
-  sudo iptables -D INPUT -i $dev -d $ip -p udp -m udp --dport 53 -j ACCEPT
-  sed -i -e "/^[#]*dhcp-option=tag:interface-$dev,option:router.*$/d" /etc/dnsmasq.d/cloud.conf
-  sed -i -e "/^[#]*dhcp-option=tag:interface-$dev,6.*$/d" /etc/dnsmasq.d/cloud.conf
-  sed -i -e "/^[#]*dhcp-range=interface:$dev/d" /etc/dnsmasq.d/cloud.conf
-  service dnsmasq restart
-  sleep 1
-}
-
-setup_passwdsvcs() {
-  logger -t cloud "Setting up password service for network $ip/$mask, eth $dev "
-  sudo iptables -D INPUT -i $dev -d $ip -p tcp -m state --state NEW --dport 8080 -j ACCEPT
-  sudo iptables -A INPUT -i $dev -d $ip -p tcp -m state --state NEW --dport 8080 -j ACCEPT
-  nohup bash /opt/cloud/bin/vpc_passwd_server $ip >/dev/null 2>&1 &
-}
-
-desetup_passwdsvcs() {
-  logger -t cloud "Desetting up password service for network $ip/$mask, eth $dev "
-  sudo iptables -D INPUT -i $dev -d $ip -p tcp -m state --state NEW --dport 8080 -j ACCEPT
-  pid=`ps -ef | grep socat | grep $ip | grep -v grep | awk '{print $2}'`
-  if [ -n "$pid" ]
-  then
-    kill -9 $pid
-  fi 
-}
-
-create_guest_network() {
-  # need to wait for eth device to appear before configuring it
-  timer=0
-  while ! `grep -q $dev /proc/net/dev` ; do
-    logger -t cloud "$(basename $0):Waiting for interface $dev to appear, $timer seconds"
-    sleep 1;
-    if [ $timer -gt 15 ]; then
-      logger -t cloud "$(basename $0):interface $dev never appeared"
-      break
-    fi
-    timer=$[timer + 1]
-  done
-
-  logger -t cloud " $(basename $0): Create network on interface $dev,  gateway $gw, network $ip/$mask "
-  # setup ip configuration
-  sudo ip addr add dev $dev $ip/$mask brd +
-  sudo ip link set $dev up
-  sudo arping -c 3 -I $dev -A -U -s $ip $ip
-  echo 1 > /proc/sys/net/ipv4/conf/$dev/rp_filter
-  # restore mark from  connection mark
-  local tableName="Table_$dev"
-  sudo ip route add $subnet/$mask dev $dev table $tableName proto static
-  sudo iptables -t mangle -D PREROUTING -i $dev -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark
-  sudo iptables -t nat -D POSTROUTING -s $subnet/$mask -o $dev -j SNAT --to-source $ip
-  sudo iptables -t mangle -A PREROUTING -i $dev -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark
-  # set up hairpin
-  sudo iptables -t nat -A POSTROUTING -s $subnet/$mask -o $dev -j SNAT --to-source $ip
-  create_acl_chain
-  setup_dnsmasq
-  setup_apache2
-  setup_passwdsvcs
-
-  #enable rps, rfs
-  enable_rpsrfs $dev
-}
-
-enable_rpsrfs() {
-
-    if [  -f /etc/rpsrfsenable ]
-    then
-        enable=$(cat /etc/rpsrfsenable)
-        if [ $enable -eq 0 ]
-        then
-            return 0
-        fi
-    else
-        return 0
-    fi
-
-    proc=$(cat /proc/cpuinfo | grep "processor" | wc -l)
-    if [ $proc -le 1 ]
-    then
-        return 0
-    fi
-    dev=$1
-
-    num=1
-    num=$(($num<<$proc))
-    num=$(($num-1));
-    echo $num;
-    hex=$(printf "%x\n" $num)
-    echo $hex;
-    #enable rps
-    echo $hex > /sys/class/net/$dev/queues/rx-0/rps_cpus
-
-    #enble rfs
-    rps_flow_entries=$(cat /proc/sys/net/core/rps_sock_flow_entries)
-
-    if [ $rps_flow_entries -eq 0 ]
-    then
-        echo 256 > /proc/sys/net/core/rps_sock_flow_entries
-    fi
-
-    echo 256 > /sys/class/net/$dev/queues/rx-0/rps_flow_cnt
-
-}
-
-destroy_guest_network() {
-  logger -t cloud " $(basename $0): Create network on interface $dev,  gateway $gw, network $ip/$mask "
-
-  sudo ip addr del dev $dev $ip/$mask
-  sudo iptables -t mangle -D PREROUTING -i $dev -m state --state ESTABLISHED,RELATED -j CONNMARK --restore-mark
-  sudo iptables -t nat -D POSTROUTING -s $subnet/$mask -o $dev -j SNAT --to-source $ip
-  destroy_acl_chain
-  desetup_dnsmasq
-  desetup_apache2
-  desetup_passwdsvcs
-}
-
-#set -x
-iflag=0
-mflag=0
-nflag=0
-dflag=
-gflag=
-Cflag=
-Dflag=
-
-op=""
-
-
-while getopts 'CDn:m:d:i:g:s:e:' OPTION
-do
-  case $OPTION in
-  C)	Cflag=1
-		op="-C"
-		;;
-  D)	Dflag=1
-		op="-D"
-		;;
-  n)	nflag=1
-		subnet="$OPTARG"
-		;;
-  m)	mflag=1
-		mask="$OPTARG"
-		;;
-  d)	dflag=1
-  		dev="$OPTARG"
-  		;;
-  i)	iflag=1
-		ip="$OPTARG"
-  		;;
-  g)	gflag=1
-  		gw="$OPTARG"
-                ;;
-  s)    sflag=1
-                DNS="$OPTARG"
-                ;;
-  e)    eflag=1
-		DOMAIN="$OPTARG"
-  		;;
-  ?)	usage
-                unlock_exit 2 $lock $locked
-		;;
-  esac
-done
-
-vpccidr=$(getVPCcidr)
-
-if [ "$Cflag$Dflag$dflag" != "11" ]
-then
-    usage
-    unlock_exit 2 $lock $locked
-fi
-
-if [ "$Cflag" == "1" ] && [ "$iflag$gflag$mflag" != "111" ]
-then
-    usage
-    unlock_exit 2 $lock $locked
-fi
-
-
-if [ "$Cflag" == "1" ]
-then  
-  create_guest_network 
-fi
-
-
-if [ "$Dflag" == "1" ]
-then
-  destroy_guest_network
-fi
-
-unlock_exit 0 $lock $locked

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/opt/cloud/bin/vpc_ipassoc.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_ipassoc.sh b/patches/systemvm/debian/config/opt/cloud/bin/vpc_ipassoc.sh
deleted file mode 100755
index 8c5e0e4..0000000
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_ipassoc.sh
+++ /dev/null
@@ -1,223 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
- 
-
-# ipassoc.sh -- associate/disassociate a public ip with an instance
-# @VERSION@
-
-source /root/func.sh
-
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
-  exit 1
-fi
-
-usage() {
-  printf "Usage:\n %s -A -l <public-ip-address> -c <dev> [-f] \n" $(basename $0) >&2
-  printf " %s -D -l <public-ip-address> -c <dev> [-f] \n" $(basename $0) >&2
-}
-
-add_routing() {
-  logger -t cloud "$(basename $0):Add routing $pubIp on interface $ethDev"
-
-  local tableName="Table_$ethDev"
-  sudo ip route add $subnet/$mask dev $ethDev table $tableName proto static
-  sudo ip route add default via $defaultGwIP table $tableName proto static
-  sudo ip route flush cache
-  sudo ip route | grep default
-  if [ $? -gt 0 ]
-  then
-    sudo ip route add default via $defaultGwIP
-  fi
-  return 0
-}
-
-
-remove_routing() {
-  return 0
-}
-
-add_an_ip () {
-  # need to wait for eth device to appear before configuring it
-  timer=0
-  while ! `grep -q $ethDev /proc/net/dev` ; do
-    logger -t cloud "$(basename $0):Waiting for interface $ethDev to appear, $timer seconds"
-    sleep 1;
-    if [ $timer -gt 15 ]; then
-      logger -t cloud "$(basename $0):interface $ethDev never appeared"
-      break
-    fi
-    timer=$[timer + 1]
-  done
-
-  logger -t cloud "$(basename $0):Adding ip $pubIp on interface $ethDev"
-  sudo ip link show $ethDev | grep "state DOWN" > /dev/null
-  local old_state=$?
-
-  sudo ip addr add dev $ethDev $pubIp/$mask brd +
-  if [ $old_state -eq 0 ]
-  then
-    sudo ip link set $ethDev up
-  fi
-  sudo arping -c 1 -I $ethDev -A -U -s $pubIp $pubIp
-  sudo arping -c 1 -I $ethDev -A -U -s $pubIp $pubIp
-  local tableNo=${ethDev:3} 
-  sudo iptables-save -t mangle | grep  "PREROUTING -i $ethDev -m state --state NEW -j CONNMARK --set-xmark" 2>/dev/null
-  if [ $? -gt 0 ]
-  then
-    sudo iptables -t mangle -A PREROUTING -i $ethDev -m state --state NEW -j CONNMARK --set-mark $tableNo 2>/dev/null
-  fi
-
-  enable_rpsrfs $ethDev
-  add_routing 
-  return $?
-}
-
-enable_rpsrfs() {
-
-    if [  -f /etc/rpsrfsenable ]
-    then
-        enable=$(cat /etc/rpsrfsenable)
-        if [ $enable -eq 0 ]
-        then
-            return 0
-        fi
-    else
-        return 0
-    fi
-
-    proc=$(cat /proc/cpuinfo | grep "processor" | wc -l)
-    if [ $proc -le 1 ]
-    then
-        return 0
-    fi
-    dev=$1
-
-    num=1
-    num=$(($num<<$proc))
-    num=$(($num-1));
-    echo $num;
-    hex=$(printf "%x\n" $num)
-    echo $hex;
-    #enable rps
-    echo $hex > /sys/class/net/$dev/queues/rx-0/rps_cpus
-
-    #enble rfs
-    rps_flow_entries=$(cat /proc/sys/net/core/rps_sock_flow_entries)
-
-    if [ $rps_flow_entries -eq 0 ]
-    then
-        echo 256 > /proc/sys/net/core/rps_sock_flow_entries
-    fi
-
-    if [ $(cat /sys/class/net/$dev/queues/rx-0/rps_flow_cnt) -eq 0 ]
-    then
-        echo 256 > /sys/class/net/$dev/queues/rx-0/rps_flow_cnt
-    fi
-}
-
-remove_an_ip () {
-  logger -t cloud "$(basename $0):Removing ip $pubIp on interface $ethDev"
-  local existingIpMask=$(sudo ip addr show dev $ethDev | grep -v "inet6" | grep "inet " | awk '{print $2}')
-
-  sudo ip addr del dev $ethDev $pubIp/$mask
-  # reapply IPs in this interface
-  for ipMask in $existingIpMask
-  do
-    if [ "$ipMask" == "$pubIp/$mask" ]
-    then
-      continue
-    fi
-    sudo ip addr add dev $ethDev $ipMask brd +
-  done
-
-  remove_routing
-  return 0
-}
-
-#set -x
-lflag=0
-cflag=0
-gflag=0
-mflag=0
-nflag=0
-op=""
-
-
-while getopts 'ADl:c:g:m:n:' OPTION
-do
-  case $OPTION in
-  A)	Aflag=1
-		op="-A"
-		;;
-  D)	Dflag=1
-		op="-D"
-		;;
-  l)	lflag=1
-		pubIp="$OPTARG"
-		;;
-  c)	cflag=1
-  		ethDev="$OPTARG"
-  		;;
-  g)	gflag=1
-  		defaultGwIP="$OPTARG"
-  		;;
-  m)	mflag=1
-  		mask="$OPTARG"
-  		;;
-  n)	nflag=1
-  		subnet="$OPTARG"
-  		;;
-  ?)	usage
-                unlock_exit 2 $lock $locked
-		;;
-  esac
-done
-
-
-if [ "$Aflag$Dflag" != "1" ]
-then
-  usage
-  unlock_exit 2 $lock $locked
-fi
-
-if [ "$lflag$cflag$gflag$mflag$nflag" != "11111" ] 
-then
-  usage
-  unlock_exit 2 $lock $locked
-fi
-
-
-if [ "$Aflag" == "1" ]
-then
-  add_an_ip
-  unlock_exit $? $lock $locked
-fi
-
-
-if [ "$Dflag" == "1" ]
-then
-  remove_an_ip
-  unlock_exit $? $lock $locked
-fi
-
-
-unlock_exit 1 $lock $locked

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/opt/cloud/bin/vpc_loadbalancer.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_loadbalancer.sh b/patches/systemvm/debian/config/opt/cloud/bin/vpc_loadbalancer.sh
deleted file mode 100755
index 36a2347..0000000
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_loadbalancer.sh
+++ /dev/null
@@ -1,224 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# @VERSION@
-
-do_ilb_if_ilb () {
-  local typ=""
-  local pattern="type=(.*)"
-
-  for keyval in $(cat /var/cache/cloud/cmdline)
-  do    
-     if [[ $keyval =~ $pattern ]]; then      
-        typ=${BASH_REMATCH[1]}; 
-     fi 
-  done
-  if [ "$typ" == "ilbvm" ]
-  then
-     logger -t cloud "$(basename $0): Detected that we are running in an internal load balancer vm"
-     $(dirname $0)/ilb.sh "$@"
-     exit $?
-  fi
-
-}
-
-logger -t cloud "$(basename $0): Entering $(dirname $0)/$(basename $0)"
-
-do_ilb_if_ilb "$@"
-
-source /root/func.sh
-source /opt/cloud/bin/vpc_func.sh
-
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
-    exit 1
-fi
-
-usage() {
-  printf "Usage: %s:  -i <domR eth1 ip>  -a <added public ip address ip:port> -d <removed ip:port> -f <load balancer config> -s <stats ip ip:port:cidr>  \n" $(basename $0) >&2
-}
-
-# set -x
-
-fw_remove_backup() {
-  sudo iptables -F back_load_balancer 2> /dev/null
-  sudo iptables -D INPUT -p tcp  -j back_load_balancer 2> /dev/null
-  sudo iptables -X back_load_balancer 2> /dev/null
-  sudo iptables -F back_lb_stats 2> /dev/null
-  sudo iptables -D INPUT -p tcp  -j back_lb_stats 2> /dev/null
-  sudo iptables -X back_lb_stats 2> /dev/null
-}
-
-fw_remove() {
-  sudo iptables -F load_balancer 2> /dev/null
-  sudo iptables -D INPUT -p tcp  -j load_balancer 2> /dev/null
-  sudo iptables -X load_balancer 2> /dev/null
-  sudo iptables -F lb_stats 2> /dev/null
-  sudo iptables -D INPUT -p tcp  -j lb_stats 2> /dev/null
-  sudo iptables -X lb_stats 2> /dev/null
-}
-
-fw_backup() {
-  fw_remove_backup
-  sudo iptables -E load_balancer back_load_balancer 2> /dev/null
-  sudo iptables -E lb_stats back_lb_stats 2> /dev/null
-}
-
-fw_restore() {
-  fw_remove
-  sudo iptables -E back_load_balancer load_balancer 2> /dev/null
-  sudo iptables -E back_lb_stats lb_stats 2> /dev/null
-}
-
-fw_chain_create () {
-  fw_backup
-  sudo iptables -N load_balancer 2> /dev/null
-  sudo iptables -A INPUT -p tcp  -j load_balancer 2> /dev/null
-  sudo iptables -N lb_stats 2> /dev/null
-  sudo iptables -A INPUT -p tcp  -j lb_stats 2> /dev/null
-}
-
-# firewall entry to ensure that haproxy can receive on specified port
-fw_entry() {
-  local added=$1
-  local removed=$2
-  local stats=$3
-  if [ "$added" == "none" ]
-  then
-  	added=""
-  fi
-  if [ "$removed" == "none" ]
-  then
-  	removed=""
-  fi
-  local a=$(echo $added | cut -d, -f1- --output-delimiter=" ")
-  local r=$(echo $removed | cut -d, -f1- --output-delimiter=" ")
-  fw_chain_create
-  success=0
-  while [ 1 ]
-  do
-    for i in $a
-    do
-      local pubIp=$(echo $i | cut -d: -f1)
-      local dport=$(echo $i | cut -d: -f2)    
-      sudo iptables -A load_balancer -p tcp -d $pubIp --dport $dport -j ACL_INBOUND_$dev 2>/dev/null
-      success=$?
-      if [ $success -gt 0 ]
-      then
-        break
-      fi
-    done
-    if [ "$stats" != "none" ]
-    then
-      local pubIp=$(echo $stats | cut -d: -f1)
-      local dport=$(echo $stats | cut -d: -f2)    
-      local cidrs=$(echo $stats | cut -d: -f3 | sed 's/-/,/')
-      sudo iptables -A lb_stats -s $cidrs -p tcp -d $pubIp --dport $dport -j ACCEPT 2>/dev/null
-      success=$?
-    fi
-    break
-  done
-  if [ $success -gt 0 ]
-  then
-    fw_restore
-  else
-    fw_remove_backup
-  fi  
-  return $success
-}
-
-#Hot reconfigure HA Proxy in the routing domain
-reconfig_lb() {
-  /root/reconfigLB.sh
-  return $?
-}
-
-# Restore the HA Proxy to its previous state, and revert iptables rules on DomR
-restore_lb() {
-  logger -t cloud "Restoring HA Proxy to previous state"
-  # Copy the old version of haproxy.cfg into the file that reconfigLB.sh uses
-  cp /etc/haproxy/haproxy.cfg.old /etc/haproxy/haproxy.cfg.new
-   
-  if [ $? -eq 0 ]
-  then
-    # Run reconfigLB.sh again
-    /root/reconfigLB.sh
-  fi
-}
-
-iflag=
-aflag=
-dflag=
-sflag=
-
-while getopts 'i:a:d:s:' OPTION
-do
-  case $OPTION in
-  i)	iflag=1
-		ip="$OPTARG"
-		;;
-  a)	aflag=1
-		addedIps="$OPTARG"
-		;;
-  d)	dflag=1
-		removedIps="$OPTARG"
-		;;
-  s)	sflag=1
-		statsIp="$OPTARG"
-		;;
-  ?)	usage
-                unlock_exit 2 $lock $locked
-		;;
-  esac
-done
-
-
-dev=$(getEthByIp $ip)
-
-if [ "$addedIps" == "" ]
-then
-  addedIps="none"
-fi
-
-if [ "$removedIps" == "" ]
-then
-  removedIps="none"
-fi
-
-# hot reconfigure haproxy
-reconfig_lb
-
-if [ $? -gt 0 ]
-then
-  logger -t cloud "Reconfiguring loadbalancer failed"
-  unlock_exit 1 $lock $locked
-fi
-
-# iptables entry to ensure that haproxy receives traffic
-fw_entry $addedIps $removedIps $statsIp
-result=$?  	
-if [ $result -gt 0 ]
-then
-  logger -t cloud "Failed to apply firewall rules for load balancing, reverting HA Proxy config"
-  # Restore the LB
-  restore_lb
-fi
- 
-unlock_exit $result $lock $locked

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/opt/cloud/bin/vpc_netusage.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_netusage.sh b/patches/systemvm/debian/config/opt/cloud/bin/vpc_netusage.sh
deleted file mode 100755
index 4f32a46..0000000
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_netusage.sh
+++ /dev/null
@@ -1,158 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-source /root/func.sh
-source /opt/cloud/bin/vpc_func.sh
-
-vpnoutmark="0x525"
-vpninmark="0x524"
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
-    exit 1
-fi
-
-usage() {
-  printf "Usage: %s -[c|g|r|n|d] [-l <public gateway>] [-v <vpc cidr>] \n" $(basename $0)  >&2
-}
-
-create_usage_rules () {
-  iptables-save|grep "NETWORK_STATS_$ethDev" > /dev/null
-  if [ $? -gt 0 ]
-  then 
-    iptables -N NETWORK_STATS_$ethDev > /dev/null;
-    iptables -I FORWARD -j NETWORK_STATS_$ethDev > /dev/null;
-    iptables -A NETWORK_STATS_$ethDev -o $ethDev -s $vcidr > /dev/null;
-    iptables -A NETWORK_STATS_$ethDev -i $ethDev -d $vcidr > /dev/null;
-  fi  
-  return $?
-}
-
-create_vpn_usage_rules () {
-  iptables-save|grep "VPN_STATS_$ethDev" > /dev/null
-  if [ $? -gt 0 ]
-  then 
-    iptables -t mangle -N VPN_STATS_$ethDev > /dev/null;
-    iptables -t mangle -I FORWARD -j VPN_STATS_$ethDev > /dev/null;
-    iptables -t mangle -A VPN_STATS_$ethDev -o $ethDev -m mark --mark $vpnoutmark > /dev/null;
-    iptables -t mangle -A VPN_STATS_$ethDev -i $ethDev -m mark --mark $vpninmark > /dev/null;
-  fi
-  return $?
-}
-
-remove_usage_rules () {
-  return 0
-}
-
-get_usage () {
-  iptables -L NETWORK_STATS_$ethDev -n -v -x 2> /dev/null | awk '$1 ~ /^[0-9]+$/ { printf "%s:", $2}'; > /dev/null
-  return 0
-}
-
-get_vpn_usage () {
-  iptables -t mangle -L VPN_STATS_$ethDev -n -v -x | awk '$1 ~ /^[0-9]+$/ { printf "%s:", $2}'; > /dev/null
-  if [ $? -gt 0 ]
-  then
-     printf $?
-     return 1
-  fi
-}
-
-reset_usage () {
-  iptables -Z NETWORK_STATS_$ethDev > /dev/null
-  if [ $? -gt 0  -a $? -ne 2 ]
-  then
-     return 1
-  fi
-}
-
-#set -x
-
-cflag=
-gflag=
-rflag=
-lflag=
-vflag=
-nflag=
-dflag=
-
-while getopts 'cgndrl:v:' OPTION
-do
-  case $OPTION in
-  c)	cflag=1
-	;;
-  g)	gflag=1
-	;;
-  r)	rflag=1
-	;;
-  l)    lflag=1
-        publicIp="$OPTARG"
-        ;;
-  v)    vflag=1
-        vcidr="$OPTARG"
-        ;;
-  n)	nflag=1
-	;;
-  d)	dflag=1
-	;;	        
-  i)    #Do nothing, since it's parameter for host script
-        ;;
-  ?)	usage
-        unlock_exit 2 $lock $locked
-	;;
-  esac
-done
-
-ethDev=$(getEthByIp $publicIp)
-if [ "$cflag" == "1" ] 
-then
-  if [ "$ethDev" != "" ]
-  then
-    create_usage_rules
-    create_vpn_usage_rules
-    unlock_exit 0 $lock $locked
-   fi 
-fi
-
-if [ "$gflag" == "1" ] 
-then
-  get_usage 
-  unlock_exit $? $lock $locked
-fi
-
-if [ "$nflag" == "1" ] 
-then
-  get_vpn_usage 
-  unlock_exit $? $lock $locked
-fi
-
-if [ "$dflag" == "1" ] 
-then
-  remove_usage_rules
-  unlock_exit 0 $lock $locked
-fi
-
-if [ "$rflag" == "1" ] 
-then
-  reset_usage  
-  unlock_exit $? $lock $locked
-fi
-
-
-unlock_exit 0 $lock $locked

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/opt/cloud/bin/vpc_passwd_server
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_passwd_server b/patches/systemvm/debian/config/opt/cloud/bin/vpc_passwd_server
deleted file mode 100755
index 6488bec..0000000
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_passwd_server
+++ /dev/null
@@ -1,32 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-ip=$1
-result=$ip
-while [ -n "$result" ]
-do
-    socat -lf /var/log/cloud.log TCP4-LISTEN:8080,reuseaddr,crnl,bind=$ip SYSTEM:"/opt/cloud/bin/serve_password.sh \"\$SOCAT_PEERADDR\""
-    rc=$?
-    if [ $rc -ne 0 ]
-    then
-        logger -t cloud "Password server failed with error code $rc. Restarting socat..."
-        sleep 3
-    fi
-    result=`ip addr show | grep $ip`
-done

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/opt/cloud/bin/vpc_portforwarding.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_portforwarding.sh b/patches/systemvm/debian/config/opt/cloud/bin/vpc_portforwarding.sh
deleted file mode 100755
index 5aeaa70..0000000
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_portforwarding.sh
+++ /dev/null
@@ -1,126 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-# @VERSION@
-
-source /root/func.sh
-
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
-    exit 1
-fi
-
-usage() {
-  printf "Usage: %s: (-A|-D)   -r <target-instance-ip> -P protocol (-p port_range | -t icmp_type_code)  -l <public ip address> -d <target port> -s <source cidrs> [-G]   \n" $(basename $0) >&2
-}
-
-#set -x
-
-#Port (address translation) forwarding for tcp or udp
-tcp_or_udp_nat() {
-  local op=$1
-  local proto=$2
-  local publicIp=$3
-  local ports=$4
-  local instIp=$5
-  local dports=$6
-
-  logger -t cloud "$(basename $0): creating port fwd entry for PAT: public ip=$publicIp \
-  instance ip=$instIp proto=$proto port=$port dport=$dport op=$op"
-
-  #if adding, this might be a duplicate, so delete the old one first
-  [ "$op" == "-A" ] && tcp_or_udp_nat "-D" $proto $publicIp $ports $instIp $dports
-  # the delete operation may have errored out but the only possible reason is 
-  # that the rules didn't exist in the first place
-  # shortcircuit the process if error and it is an append operation
-  # continue if it is delete
-  local PROTO=""
-  if [ "$proto" != "any" ]
-  then
-    PROTO="--proto $proto"
-  fi
-
-  local DEST_PORT=""
-  if [ "$ports" != "any" ]
-  then
-    DEST_PORT="--destination-port $ports"
-  fi
-  
-  local TO_DEST="--to-destination $instIp"
-  if [ "$dports" != "any" ]
-  then
-    TO_DEST="--to-destination $instIp:$dports"
-  fi
-
-  sudo iptables -t nat $op PREROUTING $PROTO -d $publicIp  $DEST_PORT -j DNAT  \
-           $TO_DEST &>> $OUTFILE 
-        
-  local result=$?
-  logger -t cloud "$(basename $0): done port fwd entry for PAT: public ip=$publicIp op=$op result=$result"
-  # the rule may not exist
-  if [ "$op" == "-D" ]
-  then
-    return 0
-  fi
-  return $result
-}
-
-
-rflag=
-Pflag=
-pflag=
-lflag=
-dflag=
-op=""
-protocal="any"
-ports="any"
-dports="any"
-while getopts 'ADr:P:p:l:d:' OPTION
-do
-  case $OPTION in
-  A)    op="-A"
-        ;;
-  D)    op="-D"
-        ;;
-  r)    rflag=1
-        instanceIp="$OPTARG"
-        ;;
-  P)    Pflag=1
-        protocol="$OPTARG"
-        ;;
-  p)    pflag=1
-        ports="$OPTARG"
-        ;;
-  l)    lflag=1
-        publicIp="$OPTARG"
-        ;;
-  d)    dflag=1
-        dports="$OPTARG"
-        ;;
-  ?)    usage
-        unlock_exit 2 $lock $locked
-        ;;
-  esac
-done
-
-OUTFILE=$(mktemp)
-
-tcp_or_udp_nat $op $protocol $publicIp $ports $instanceIp $dports
-result=$?
-unlock_exit $result $lock $locked

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/opt/cloud/bin/vpc_privateGateway.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_privateGateway.sh b/patches/systemvm/debian/config/opt/cloud/bin/vpc_privateGateway.sh
deleted file mode 100755
index 3635e1c..0000000
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_privateGateway.sh
+++ /dev/null
@@ -1,98 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# @VERSION@
-
-source /root/func.sh
-
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
-  exit 1
-fi
-
-usage() {
-  printf "Usage:\n %s -A -l <public-ip-address>\n" $(basename $0) >&2
-  printf " %s -D -l <public-ip-address>\n" $(basename $0) >&2
-}
-
-
-add_snat() {
-  logger -t cloud "$(basename $0):Added SourceNAT $pubIp on interface $ethDev"
-  sudo iptables -t nat -D POSTROUTING   -j SNAT -o $ethDev --to-source $pubIp
-  sudo iptables -t nat -A POSTROUTING   -j SNAT -o $ethDev --to-source $pubIp
-  return $?
-}
-remove_snat() {
-  logger -t cloud "$(basename $0):Removing SourceNAT $pubIp on interface $ethDev"
-  sudo iptables -t nat -D POSTROUTING   -j SNAT -o $ethDev --to-source $pubIp
-  return $?
-}
-
-#set -x
-lflag=0
-cflag=0
-op=""
-
-while getopts 'ADl:c:' OPTION
-do
-  case $OPTION in
-  A)	Aflag=1
-		op="-A"
-		;;
-  D)	Dflag=1
-		op="-D"
-		;;
-  l)	lflag=1
-		pubIp="$OPTARG"
-		;;
-  c)	cflag=1
-		ethDev="$OPTARG"
-		;;
-  ?)	usage
-                unlock_exit 2 $lock $locked
-		;;
-  esac
-done
-
-if [ "$Aflag$Dflag" != "1" ]
-then
-  usage
-  unlock_exit 2 $lock $locked
-fi
-
-if [ "$lflag$cflag" != "11" ]
-then
-  usage
-  unlock_exit 2 $lock $locked
-fi
-
-if [ "$Aflag" == "1" ]
-then
-  add_snat  $publicIp
-  unlock_exit $? $lock $locked
-fi
-
-if [ "$Dflag" == "1" ]
-then
-  remove_snat  $publicIp
-  unlock_exit $? $lock $locked
-fi
-
-unlock_exit 1 $lock $locked

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/opt/cloud/bin/vpc_privategw_acl.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_privategw_acl.sh b/patches/systemvm/debian/config/opt/cloud/bin/vpc_privategw_acl.sh
deleted file mode 100755
index d4e3eba..0000000
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_privategw_acl.sh
+++ /dev/null
@@ -1,224 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-# vpc_privategw_acl.sh_rule.sh -- allow/block some ports / protocols to vm instances
-# @VERSION@
-
-source /root/func.sh
-
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
-    exit 1
-fi
-
-usage() {
-  printf "Usage: %s:  -a <public ip address:protocol:startport:endport:sourcecidrs>  \n" $(basename $0) >&2
-  printf "sourcecidrs format:  cidr1-cidr2-cidr3-...\n"
-}
-#set -x
-#FIXME: eating up the error code during execution of iptables
-
-acl_switch_to_new() {
-  sudo iptables -D FORWARD -o $dev  -j _ACL_INBOUND_$dev  2>/dev/null
-  sudo iptables-save  | grep "\-j _ACL_INBOUND_$dev" | grep "\-A" | while read rule;
-  do
-    rule1=$(echo $rule | sed 's/\_ACL_INBOUND/ACL_INBOUND/')
-    sudo iptables $rule1
-    rule2=$(echo $rule | sed 's/\-A/\-D/')
-    sudo iptables $rule2
-  done
-  sudo iptables -F _ACL_INBOUND_$dev 2>/dev/null
-  sudo iptables -X _ACL_INBOUND_$dev 2>/dev/null
-  sudo iptables -t mangle -F _ACL_OUTBOUND_$dev 2>/dev/null
-  sudo iptables -t mangle -D PREROUTING -m state --state NEW -i $dev  -j _ACL_OUTBOUND_$dev  2>/dev/null
-  sudo iptables -t mangle -X _ACL_OUTBOUND_$dev 2>/dev/null
-}
-
-acl_remove_backup() {
-  sudo iptables -F _ACL_INBOUND_$dev 2>/dev/null
-  sudo iptables -D FORWARD -o $dev  -j _ACL_INBOUND_$dev  2>/dev/null
-  sudo iptables -X _ACL_INBOUND_$dev 2>/dev/null
-  sudo iptables -t mangle -F _ACL_OUTBOUND_$dev 2>/dev/null
-  sudo iptables -t mangle -D PREROUTING -m state --state NEW -i $dev  -j _ACL_OUTBOUND_$dev  2>/dev/null
-  sudo iptables -t mangle -X _ACL_OUTBOUND_$dev 2>/dev/null
-}
-
-acl_remove() {
-  sudo iptables -F ACL_INBOUND_$dev 2>/dev/null
-  sudo iptables -D FORWARD -o $dev  -j ACL_INBOUND_$dev  2>/dev/null
-  sudo iptables -X ACL_INBOUND_$dev 2>/dev/null
-  sudo iptables -t mangle -F ACL_OUTBOUND_$dev 2>/dev/null
-  sudo iptables -t mangle -D PREROUTING -m state --state NEW -i $dev  -j ACL_OUTBOUND_$dev  2>/dev/null
-  sudo iptables -t mangle -X ACL_OUTBOUND_$dev 2>/dev/null
-}
-
-acl_restore() {
-  acl_remove
-  sudo iptables -E _ACL_INBOUND_$dev ACL_INBOUND_$dev 2>/dev/null
-  sudo iptables -t mangle -E _ACL_OUTBOUND_$dev ACL_OUTBOUND_$dev 2>/dev/null
-}
-
-acl_save() {
-  acl_remove_backup
-  sudo iptables -E ACL_INBOUND_$dev _ACL_INBOUND_$dev 2>/dev/null
-  sudo iptables -t mangle -E ACL_OUTBOUND_$dev _ACL_OUTBOUND_$dev 2>/dev/null
-}
-
-acl_chain_for_guest_network () {
-  acl_save
-  # inbound
-  sudo iptables -N ACL_INBOUND_$dev 2>/dev/null
-  # drop if no rules match (this will be the last rule in the chain)
-  sudo iptables -A ACL_INBOUND_$dev -j DROP 2>/dev/null
-  sudo iptables -A FORWARD -o $dev  -j ACL_INBOUND_$dev  2>/dev/null
-  # outbound
-  sudo iptables -t mangle -N ACL_OUTBOUND_$dev 2>/dev/null
-  sudo iptables -t mangle -A PREROUTING -m state --state NEW -i $dev  -j ACL_OUTBOUND_$dev  2>/dev/null
-}
-
-
-
-acl_entry_for_guest_network() {
-  local rule=$1
-
-  local ttype=$(echo $rule | cut -d: -f1)
-  local prot=$(echo $rule | cut -d: -f2)
-  local sport=$(echo $rule | cut -d: -f3)
-  local eport=$(echo $rule | cut -d: -f4)
-  local cidrs=$(echo $rule | cut -d: -f5 | sed 's/-/ /g')
-  local action=$(echo $rule | cut -d: -f6)
-  if [ "$sport" == "0" -a "$eport" == "0" ]
-  then
-      DPORT=""
-  else
-      DPORT="--dport $sport:$eport"
-  fi
-  logger -t cloud "$(basename $0): enter apply acl rules on private gateway interface : $dev, inbound:$inbound:$prot:$sport:$eport:$cidrs"
-
-  # note that rules are inserted after the RELATED,ESTABLISHED rule
-  # but before the DROP rule
-  for lcidr in $cidrs
-  do
-    [ "$prot" == "reverted" ] && continue;
-    if [ "$prot" == "icmp" ]
-    then
-      typecode="$sport/$eport"
-      [ "$eport" == "-1" ] && typecode="$sport"
-      [ "$sport" == "-1" ] && typecode="any"
-      if [ "$ttype" == "Ingress" ]
-      then
-        sudo iptables -I ACL_INBOUND_$dev -p $prot -s $lcidr  \
-                    --icmp-type $typecode  -j $action
-      else
-        let egress++
-        sudo iptables -t mangle -I ACL_OUTBOUND_$dev -p $prot -d $lcidr  \
-                    --icmp-type $typecode  -j $action
-      fi
-    else
-      if [ "$ttype" == "Ingress" ]
-      then
-        sudo iptables -I ACL_INBOUND_$dev -p $prot -s $lcidr \
-                    $DPORT -j $action
-      else
-        let egress++
-        sudo iptables -t mangle -I ACL_OUTBOUND_$dev -p $prot -d $lcidr \
-                    $DPORT -j $action
-      fi
-    fi
-    result=$?
-    [ $result -gt 0 ] &&
-       logger -t cloud "Error adding iptables entry for private gateway interface : $dev,inbound:$inbound:$prot:$sport:$eport:$cidrs" &&
-       break
-  done
-
-  logger -t cloud "$(basename $0): exit apply acl rules for private gw interface : $dev"
-  return $result
-}
-
-
-dflag=0
-gflag=0
-aflag=0
-rules=""
-rules_list=""
-dev=""
-while getopts 'd:a:' OPTION
-do
-  case $OPTION in
-  d)    dflag=1
-                dev="$OPTARG"
-                ;;
-  a)    aflag=1
-        rules="$OPTARG"
-        ;;
-  ?)    usage
-                unlock_exit 2 $lock $locked
-        ;;
-  esac
-done
-
-if [ "$dflag$aflag" != "11" ]
-then
-  usage
-  unlock_exit 2 $lock $locked
-fi
-
-if [ -n "$rules" ]
-then
-  rules_list=$(echo $rules | cut -d, -f1- --output-delimiter=" ")
-fi
-
-# rule format
-# protocal:sport:eport:cidr
-#-a tcp:80:80:0.0.0.0/0::tcp:220:220:0.0.0.0/0:,172.16.92.44:tcp:222:222:192.168.10.0/24-75.57.23.0/22-88.100.33.1/32
-#    if any entry is reverted , entry will be in the format <ip>:reverted:0:0:0
-# example : 172.16.92.44:tcp:80:80:0.0.0.0/0:ACCEPT:,172.16.92.44:tcp:220:220:0.0.0.0/0:DROP,200.1.1.2:reverted:0:0:0
-
-success=0
-
-acl_chain_for_guest_network
-egress=0
-for r in $rules_list
-do
-  acl_entry_for_guest_network $r
-  success=$?
-  if [ $success -gt 0 ]
-  then
-    logger -t cloud "$(basename $0): failure to apply acl rules on private gateway interface : $dev"
-    break
-  else
-    logger -t cloud "$(basename $0): successful in applying acl rules on private gateway interface : $dev"
-  fi
-done
-
-if [ $success -gt 0 ]
-then
-  logger -t cloud "$(basename $0): restoring from backup on private gateway interface : $dev"
-  acl_restore
-else
-  logger -t cloud "$(basename $0): deleting backup on private gateway interface : $dev"
-  if [ $egress -eq 0 ]
-  then
-    sudo iptables -t mangle -A ACL_OUTBOUND_$dev -j ACCEPT 2>/dev/null
-  else
-    sudo iptables -t mangle -A ACL_OUTBOUND_$dev -j DROP 2>/dev/null
-  fi
-  acl_switch_to_new
-fi
-unlock_exit $success $lock $locked

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/opt/cloud/bin/vpc_snat.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_snat.sh b/patches/systemvm/debian/config/opt/cloud/bin/vpc_snat.sh
deleted file mode 100755
index aa33e08..0000000
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_snat.sh
+++ /dev/null
@@ -1,102 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-# @VERSION@
-
-source /root/func.sh
-source /opt/cloud/bin/vpc_func.sh
-
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
-  exit 1
-fi
-
-usage() {
-  printf "Usage:\n %s -A -l <public-ip-address>\n" $(basename $0) >&2
-  printf " %s -D -l <public-ip-address>\n" $(basename $0) >&2
-}
-
-
-add_snat() {
-  logger -t cloud "$(basename $0):Added SourceNAT $pubIp on interface $ethDev"
-  vpccidr=$(getVPCcidr)
-  sudo iptables -D FORWARD -s $vpccidr ! -d $vpccidr -j ACCEPT
-  sudo iptables -A FORWARD -s $vpccidr ! -d $vpccidr -j ACCEPT
-  sudo iptables -t nat -D POSTROUTING   -j SNAT -o $ethDev --to-source $pubIp
-  sudo iptables -t nat -A POSTROUTING   -j SNAT -o $ethDev --to-source $pubIp
-  return $?
-}
-remove_snat() {
-  logger -t cloud "$(basename $0):Removing SourceNAT $pubIp on interface $ethDev"
-  sudo iptables -t nat -D POSTROUTING   -j SNAT -o $ethDev --to-source $pubIp
-  return $?
-}
-
-#set -x
-lflag=0
-cflag=0
-op=""
-
-while getopts 'ADl:c:' OPTION
-do
-  case $OPTION in
-  A)	Aflag=1
-		op="-A"
-		;;
-  D)	Dflag=1
-		op="-D"
-		;;
-  l)	lflag=1
-		pubIp="$OPTARG"
-		;;
-  c)	cflag=1
-		ethDev="$OPTARG"
-		;;
-  ?)	usage
-                unlock_exit 2 $lock $locked
-		;;
-  esac
-done
-
-if [ "$Aflag$Dflag" != "1" ]
-then
-  usage
-  unlock_exit 2 $lock $locked
-fi
-
-if [ "$lflag$cflag" != "11" ]
-then
-  usage
-  unlock_exit 2 $lock $locked
-fi
-
-if [ "$Aflag" == "1" ]
-then
-  add_snat  $publicIp
-  unlock_exit $? $lock $locked
-fi
-
-if [ "$Dflag" == "1" ]
-then
-  remove_sat  $publicIp
-  unlock_exit $? $lock $locked
-fi
-
-unlock_exit 1 $lock $locked

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/opt/cloud/bin/vpc_staticnat.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_staticnat.sh b/patches/systemvm/debian/config/opt/cloud/bin/vpc_staticnat.sh
deleted file mode 100755
index a98a262..0000000
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_staticnat.sh
+++ /dev/null
@@ -1,124 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-# @VERSION@
-
-source /root/func.sh
-source /opt/cloud/bin/vpc_func.sh
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
-    exit 1
-fi
-
-usage() {
-  printf "Usage: %s: (-A|-D)   -r <target-instance-ip>  -l <public ip address> -d < eth device>  \n" $(basename $0) >&2
-}
-
-#set -x
-
-vpnoutmark="0x525"
-
-static_nat() {
-  local op=$1
-  local publicIp=$2
-  local instIp=$3
-  local op2="-D"
-  local tableNo=${ethDev:3}
-
-  logger -t cloud "$(basename $0): static nat: public ip=$publicIp \
-  instance ip=$instIp  op=$op"
-  #if adding, this might be a duplicate, so delete the old one first
-  [ "$op" == "-A" ] && static_nat "-D" $publicIp $instIp 
-  # the delete operation may have errored out but the only possible reason is 
-  # that the rules didn't exist in the first place
-  [ "$op" == "-A" ] && op2="-I"
-  if [ "$op" == "-A" ]
-  then
-    # put static nat rule one rule after VPN no-NAT rule
-    # rule chain can be used to improve it later
-    iptables-save -t nat|grep "POSTROUTING" | grep $vpnoutmark > /dev/null
-    if [ $? -eq 0 ]
-    then
-      rulenum=2
-    else
-      rulenum=1
-    fi
-  fi
-
-  # shortcircuit the process if error and it is an append operation
-  # continue if it is delete
-  (sudo iptables -t nat $op  PREROUTING -d $publicIp -j DNAT \
-           --to-destination $instIp &>>  $OUTFILE || [ "$op" == "-D" ]) &&
-  # add mark to force the package go out through the eth the public IP is on
-  #(sudo iptables -t mangle $op PREROUTING -s $instIp -j MARK \
-  #         --set-mark $tableNo &> $OUTFILE ||  [ "$op" == "-D" ]) &&
-  (sudo iptables -t nat $op2 POSTROUTING $rulenum -o $ethDev -s $instIp -j SNAT \
-           --to-source $publicIp &>> $OUTFILE )
-  result=$?
-  logger -t cloud "$(basename $0): done static nat entry public ip=$publicIp op=$op result=$result"
-  if [ "$op" == "-D" ]
-  then
-    return 0
-  fi
-  return $result
-}
-
-
-
-rflag=
-lflag=
-dflag=
-op=""
-while getopts 'ADr:l:' OPTION
-
-do
-  case $OPTION in
-  A)    op="-A"
-        ;;
-  D)    op="-D"
-        ;;
-  r)    rflag=1
-        instanceIp="$OPTARG"
-        ;;
-  l)    lflag=1
-        publicIp="$OPTARG"
-        ;;
-  ?)    usage
-        unlock_exit 2 $lock $locked
-        ;;
-  esac
-done
-
-ethDev=$(getEthByIp $publicIp)
-result=$?
-if [ $result -gt 0 ]
-then
-  if [ "$op" == "-D" ]
-  then 
-    removeRulesForIp $publicIp
-    unlock_exit 0 $lock $locked
-  else
-    unlock_exit $result $lock $locked
-  fi
-fi
-OUTFILE=$(mktemp)
-
-static_nat $op $publicIp $instanceIp
-result=$?
-unlock_exit $result $lock $locked

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/opt/cloud/bin/vpc_staticroute.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/vpc_staticroute.sh b/patches/systemvm/debian/config/opt/cloud/bin/vpc_staticroute.sh
deleted file mode 100755
index 2a9f50a..0000000
--- a/patches/systemvm/debian/config/opt/cloud/bin/vpc_staticroute.sh
+++ /dev/null
@@ -1,134 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-# @VERSION@
-
-source /root/func.sh
-source /opt/cloud/bin/vpc_func.sh
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
-    exit 1
-fi
-
-usage() {
-  printf "Usage: %s:  -a < routes > \n" $(basename $0) >&2
-}
-
-#set -x
-
-flush_table_backup() {
-  flush_table "static_route_back"
-}
-
-flush_table() {
-  local tab=$1
-  sudo ip route flush table $tab
-}
-
-copy_table() {
-  local from=$1
-  local to=$2
-  sudo ip route show table $from | while read route
-  do
-    sudo ip route add table $to $route
-  done
-}
-
-backup_table() {
-  flush_table "static_route_back"
-  copy_table "static_route" "static_route_back"
-  flush_table "static_route"
-}
-
-restore_table() {
-  flush_table "static_route"
-  copy_table "static_route_back" "static_route"
-  flush_table "static_route_back"
-}
-
-static_route() {
-  local rule=$1
-  local ip=$(echo $rule | cut -d: -f1)
-  if [ $ip == "Revoke" ]
-  then
-    return 0
-  fi
-  local gateway=$(echo $rule | cut -d: -f2)
-  local cidr=$(echo $rule | cut -d: -f3)
-  logger -t cloud "$(basename $0): static route: public ip=$ip \
-  	gateway=$gateway cidr=$cidr"
-  local dev=$(getEthByIp $ip)
-  if [ $? -gt 0 ]
-  then
-    return 1
-  fi
-  sudo ip route add $cidr dev $dev via $gateway table static_route &>/dev/null
-  result=$?
-  logger -t cloud "$(basename $0): done static route: public ip=$ip \
-  	gateway=$gateway cidr=$cidr"
-  return $result
-}
-
-gflag=
-aflag=
-while getopts 'a:' OPTION
-
-do
-  case $OPTION in
-  a)    aflag=1
-        rules="$OPTARG"
-        ;;
-  ?)    usage
-        unlock_exit 2 $lock $locked
-        ;;
-  esac
-done
-
-if [ -n "$rules" ]
-then
-  rules_list=$(echo $rules | cut -d, -f1- --output-delimiter=" ")
-fi
-
-success=0
-
-backup_table
-
-for r in $rules_list
-do
-  static_route $r
-  success=$?
-  if [ $success -gt 0 ]
-  then
-    logger -t cloud "$(basename $0): failure to apply fw rules for guest network: $gcidr"
-    break
-  else
-    logger -t cloud "$(basename $0): successful in applying fw rules for guest network: $gcidr"
-  fi
-done
-
-if [ $success -gt 0 ]
-then
-  logger -t cloud "$(basename $0): restoring from backup for guest network: $gcidr"
-  restore_table
-else
-  logger -t cloud "$(basename $0): deleting backup for guest network: $gcidr"
-  flush_table_backup
-fi
-unlock_exit $success $lock $locked
-

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/root/.ssh/authorized_keys
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/root/.ssh/authorized_keys b/patches/systemvm/debian/config/root/.ssh/authorized_keys
deleted file mode 100644
index 7286760..0000000
--- a/patches/systemvm/debian/config/root/.ssh/authorized_keys
+++ /dev/null
@@ -1 +0,0 @@
-ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAvFu3MLSPphFRBR1yM7nBukXWS9gPdAXfqq9cfC8ZqQN9ybi531aj44CybZ4BVT4kLfzbAs7+7nJeSIpPHxjv9XFqbxjIxoFeGYkj7s0RrJgtsEmvAAubZ3mYboUAYUivMgnJFLnv4VqyAbpjix6CfECUiU4ygwo24F3F6bAmhl4Vo1R5TSUdDIX876YePJTFtuVkLl4lu/+xw1QRWrgaSFosGICT37IKY7RjE79Ozb0GjNHyJPPgVAGkUVO4LawroL9dYOBlzdHpmqqA9Kc44oQBpvcU7s1+ezRTt7fZNnP7TG9ninZtrvnP4qmwAc4iUJ7N1bwh0mCblnoTfZ28hw== anthony@mobl-ant

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/root/bumpup_priority.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/root/bumpup_priority.sh b/patches/systemvm/debian/config/root/bumpup_priority.sh
deleted file mode 100755
index 2b8d8c3..0000000
--- a/patches/systemvm/debian/config/root/bumpup_priority.sh
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-touch /tmp/rrouter_bumped

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/root/clearUsageRules.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/root/clearUsageRules.sh b/patches/systemvm/debian/config/root/clearUsageRules.sh
deleted file mode 100755
index 061688b..0000000
--- a/patches/systemvm/debian/config/root/clearUsageRules.sh
+++ /dev/null
@@ -1,39 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
- 
-
-# clearUsageRules.sh - remove iptable rules for removed public interfaces
-# @VERSION@
-
-if [ -f /root/removedVifs ]
-then
-    var=`cat /root/removedVifs`
-    # loop through even vif to be cleared
-    for i in $var; do
-        # Make sure vif doesn't exist
-        if [ ! -f /sys/class/net/$i ]
-        then
-            # remove rules
-            iptables -D NETWORK_STATS -i eth0 -o $i > /dev/null;
-            iptables -D NETWORK_STATS -i $i -o eth0 > /dev/null;
-            iptables -D NETWORK_STATS -o $i ! -i eth0 -p tcp > /dev/null;
-            iptables -D NETWORK_STATS -i $i ! -o eth0 -p tcp > /dev/null;
-        fi
-    done
-rm /root/removedVifs
-fi

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/root/createIpAlias.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/root/createIpAlias.sh b/patches/systemvm/debian/config/root/createIpAlias.sh
deleted file mode 100755
index cd273f6..0000000
--- a/patches/systemvm/debian/config/root/createIpAlias.sh
+++ /dev/null
@@ -1,100 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-usage() {
-  printf " %s   <alias_count:ip:netmask;alias_count2:ip2:netmask2;....> \n" $(basename $0) >&2
-}
-source /root/func.sh
-
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
-    exit 1
-fi
-
-PORTS_CONF=/etc/apache2/ports.conf
-PORTS_CONF_BAK=/etc/ports.conf.bak
-FAIL_DIR=/etc/failure_config
-CMDLINE=$(cat /var/cache/cloud/cmdline | tr '\n' ' ')
-
-if [ ! -d "$FAIL_DIR" ]
-  then
-      mkdir "$FAIL_DIR"
-fi
-#bakup ports.conf
-cp "$PORTS_CONF" "$PORTS_CONF_BAK"
-
-domain=$(echo "$CMDLINE" | grep -o " domain=.* " | sed -e 's/domain=//' | awk '{print $1}')
-
-setup_apache2() {
-  local ip=$1
-  logger -t cloud "Setting up apache web server for $ip"
-  cp /etc/apache2/sites-available/default  /etc/apache2/sites-available/ipAlias.${ip}.meta-data
-  cp /etc/apache2/sites-available/default-ssl  /etc/apache2/sites-available/ipAlias.${ip}-ssl.meta-data
-  cp /etc/apache2/ports.conf /etc/apache2/conf.d/ports.${ip}.meta-data.conf
-  sed -i -e "s/<VirtualHost.*>/<VirtualHost $ip:80>\nServerName $domain/" /etc/apache2/sites-available/ipAlias.${ip}.meta-data
-  sed -i -e "s/<VirtualHost.*>/<VirtualHost $ip:443>\nServerName $domain/" /etc/apache2/sites-available/ipAlias.${ip}-ssl.meta-data
-  sed -i -e "/NameVirtualHost .*:80/d" /etc/apache2/conf.d/ports.${ip}.meta-data.conf
-  sed -i -e "s/Listen .*:80/Listen $ip:80/g" /etc/apache2/conf.d/ports.${ip}.meta-data.conf
-  sed -i -e "s/Listen .*:443/Listen $ip:443/g" /etc/apache2/conf.d/ports.${ip}.meta-data.conf
-  ln -s /etc/apache2/sites-available/ipAlias.${ip}.meta-data /etc/apache2/sites-enabled/ipAlias.${ip}.meta-data
-  ln -s /etc/apache2/sites-available/ipAlias.${ip}-ssl.meta-data /etc/apache2/sites-enabled/ipAlias.${ip}-ssl.meta-data
-}
-
-var="$1"
-cert="/root/.ssh/id_rsa.cloud"
-config_ips=""
-
-while [ -n "$var" ]
-do
- var1=$(echo $var | cut -f1 -d "-")
- alias_count=$( echo $var1 | cut -f1 -d ":" )
- routerip=$(echo $var1 | cut -f2 -d ":")
- netmask=$(echo $var1 | cut -f3 -d ":")
- ifconfig eth0:$alias_count $routerip netmask $netmask up
- setup_apache2 "$routerip"
- config_ips="${config_ips}"$routerip":"
- var=$( echo $var | sed "s/${var1}-//" )
-done
-
-#restarting the apache server for the config to take effect.
-service apache2 restart
-result=$?
-if [ "$result" -ne "0" ]
-then
-   logger -t cloud "createIpAlias.sh: could not configure apache2 server"
-   logger -t cloud "createIpAlias.sh: reverting to the old config"
-   logger -t cloud "createIpAlias.sh: moving out the failure config to $FAIL_DIR"
-   while [ -n "$config_ips" ]
-   do
-      ip=$( echo $config_ips | cut -f1 -d ":" )
-      mv  "/etc/apache2/sites-available/ipAlias.${ip}.meta-data" "$FAIL_DIR/ipAlias.${ip}.meta-data"
-      mv  "/etc/apache2/sites-available/ipAlias.${ip}-ssl.meta-data" "$FAIL_DIR/ipAlias.${ip}-ssl.meta-data"
-      mv  "/etc/apache2/conf.d/ports.${ip}.meta-data.conf"       "$FAIL_DIR/ports.${ip}.meta-data.conf"
-      rm -f "/etc/apache2/sites-enabled/ipAlias.${ip}.meta-data"
-      rm -f "/etc/apache2/sites-enabled/ipAlias.${ip}-ssl.meta-data"
-      config_ips=$( echo $config_ips | sed "s/${ip}://" )
-   done
-   service apache2 restart
-   unlock_exit $result $lock $locked
-fi
-
-#restaring the password service to enable it on the ip aliases
-/etc/init.d/cloud-passwd-srvr restart
-unlock_exit $? $lock $locked
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/root/deleteIpAlias.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/root/deleteIpAlias.sh b/patches/systemvm/debian/config/root/deleteIpAlias.sh
deleted file mode 100755
index 47edb92..0000000
--- a/patches/systemvm/debian/config/root/deleteIpAlias.sh
+++ /dev/null
@@ -1,60 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-usage() {
-  printf " %s   <alias_count:ip:netmask;alias_count2:ip2:netmask2;....> \n" $(basename $0) >&2
-}
-
-source /root/func.sh
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
-    exit 1
-fi
-
-remove_apache_config() {
-local ip=$1
- logger -t cloud "removing apache web server config for $ip"
- rm -f "/etc/apache2/sites-available/ipAlias.${ip}.meta-data"
- rm -f "/etc/apache2/sites-available/ipAlias.${ip}-ssl.meta-data"
- rm -f "/etc/apache2/conf.d/ports.${ip}.meta-data.conf"
- rm -f "/etc/apache2/sites-enabled/ipAlias.${ip}-ssl.meta-data"
- rm -f "/etc/apache2/sites-enabled/ipAlias.${ip}.meta-data"
-}
-
-var="$1"
-cert="/root/.ssh/id_rsa.cloud"
-
-while [[ !( "$var" == "-" ) ]]
-do
- var1=$(echo $var | cut -f1 -d "-")
- alias_count=$( echo $var1 | cut -f1 -d ":" )
- routerip=$( echo $var1 | cut -f2 -d ":" )
- ifconfig eth0:$alias_count  down
- remove_apache_config "$routerip"
- var=$( echo $var | sed "s/${var1}-//" )
-done
-#restarting the apache server for the config to take effect.
-service apache2 restart
-
-releaseLockFile $lock $locked
-
-#recreating the active ip aliases
-/root/createIpAlias.sh $2
-unlock_exit $? $lock $locked
\ No newline at end of file

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/root/dnsmasq.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/root/dnsmasq.sh b/patches/systemvm/debian/config/root/dnsmasq.sh
deleted file mode 100755
index 8fae25c..0000000
--- a/patches/systemvm/debian/config/root/dnsmasq.sh
+++ /dev/null
@@ -1,130 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-usage() {
-  printf "Usage: %s:  <routerAliasIp:gateway:netmask:start_ip_of_subnet:-routerAlisIp:gateway:....>\n" $(basename $0) >&2
-}
-
-source /root/func.sh
-
-lock="biglock"
-locked=$(getLockFile $lock)
-if [ "$locked" != "1" ]
-then
-    exit 1
-fi
-
-#set -x
-#backup the old config file
-DHCP_CONFIG=/etc/dnsmasq.d/multiple_ranges.conf
-DHCP_CONFIG_BAK=/etc/dnsmasq.d/multiple_ranges.conf.bak
-DHCP_CONFIG_MAIN=/etc/dnsmasq.conf
-DHCP_CONFIG_MAIN_BAK=/etc/dnsmasq.conf.bak
-DHCP_FAILURE_CONFIG=/etc/multiple_ranges.conf.failure
-DHCP_FAILURE_CONFIG_MAIN=/etc/dnsmasq.conf.failure
-CMDLINE=$(cat /var/cache/cloud/cmdline | tr '\n' ' ')
-
-#take a backup copy of the dnsmasq file.
-cp "$DHCP_CONFIG_MAIN"  "$DHCP_CONFIG_MAIN_BAK"
-cp "$DHCP_CONFIG" "$DHCP_CONFIG_BAK"
-
-#empty the config file
-echo > $DHCP_CONFIG
-
-var="$1"
-dhcp_range=""
-dhcp_gateway=""
-dhcp_netmask=""
-dns_option=""
-dns_servers=""
-count=0
-
-
-# fetching the dns Ips from the command line.
-dns1=$(echo "$CMDLINE" | grep -o " dns1=[[:digit:]].* " | sed -e 's/dns1=//' | awk '{print $1}')
-dns2=$(echo "$CMDLINE" | grep -o " dns2=[[:digit:]].* "  | sed -e 's/dns2=//' | awk '{print $1}')
-
-dns_servers="${dns1}"
-if [ -n "$dns2" ]
-then
-dns_servers="${dns1},${dns2}"
-fi
-
-
-# check if useextdns is true
-use_ext_dns=$(echo "$CMDLINE" | grep -o "useextdns=true")
-while [ -n "$var" ]
-do
- var1=$(echo $var | cut -f1 -d "-")
- routerip=$( echo $var1 | cut -f1 -d ":" )
- gateway=$(echo $var1 | cut -f2 -d ":")
- netmask=$(echo $var1 | cut -f3 -d ":")
- start_ip_of_subnet=$(echo $var1 | cut -f4 -d ":")
- dhcp_range="${dhcp_range}"'dhcp-range=set:range'$count","$start_ip_of_subnet",static \n"
- dhcp_gateway="${dhcp_gateway}"'dhcp-option=tag:range'$count",3,"$gateway" \n"
- dhcp_netmask="${dhcp_netmask}"'dhcp-option=tag:range'$count",1,"$netmask" \n"
- if [ -n "$use_ext_dns" ]
- then
- dns_option="${dns_option}"'dhcp-option=tag:range'$count",6,"$dns_servers" \n"
- else
- dns_option="${dns_option}"'dhcp-option=tag:range'$count",6,$routerip"","$dns_servers" \n"
- fi
- var=$( echo $var | sed "s/${var1}-//" )
- count=$[$count+1]
-done
-
-#logging the configuration being removed.
-log=""
-log="${log}"`grep "^dhcp-option=6" "$DHCP_CONFIG_MAIN"`"\n"
-log="${log}"`grep "^dhcp-option=option:router" "$DHCP_CONFIG_MAIN"`"\n"
-log="${log}"`grep "^dhcp-range=" "$DHCP_CONFIG_MAIN"`"\n"
-
-if [ "$log" != '\n\n\n' ]
-then
- #Cleaning the existing dhcp confgiuration
- logger -t cloud "dnsmasq.sh: remvoing the primaryip confg from dnsmasq.conf and adding it to /etc/dnsmaq.d/multiple_ranges.conf"
- logger -t cloud "dnsmasq.sh: config removed from dnsmasq.conf is $log"
- sed -i -e '/dhcp-option=6/d'  "$DHCP_CONFIG_MAIN"
- sed -i -e '/dhcp-option=option:router/d' "$DHCP_CONFIG_MAIN"
- sed -i -e '/^dhcp-range=/d' "$DHCP_CONFIG_MAIN"
-fi
-
-#wrting the new config into the config file.
-echo -e "$dhcp_range" >> "$DHCP_CONFIG"
-echo -e "$dhcp_gateway" >> "$DHCP_CONFIG"
-echo -e "$dhcp_netmask" >> "$DHCP_CONFIG"
-echo -e "$dns_option" >> "$DHCP_CONFIG"
-
-
-#restart the dnsmasq
-service dnsmasq restart
-result=$?
-if [ "$result" -ne "0" ]
-then
-   logger -t cloud "dnsmasq.sh: could not configure dnsmasq"
-   logger -t cloud "dnsmasq.sh: reverting to the old config"
-   logger -t cloud "dnsmasq.sh: copying the failure config to `$DHCP_FAILURE_CONFIG` and `$DHCP_FAILURE_CONFIG_MAIN`"
-   cp "$DHCP_CONFIG" "$DHCP_FAILURE_CONFIG"
-   cp "$DHCP_CONFIG_MAIN" "$DHCP_FAILURE_CONFIG_MAIN"
-   cp "$DHCP_CONFIG_BAK" "$DHCP_CONFIG"
-   cp "$DHCP_CONFIG_MAIN_BAK" "$DHCP_CONFIG_MAIN"
-   service dnsmasq restart
-   unlock_exit $result $lock $locked
-fi
-rm "$DHCP_CONFIG_BAK"
-rm "$DHCP_CONFIG_MAIN_BAK"
-unlock_exit $result $lock $locked

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/6c261042/patches/systemvm/debian/config/root/edithosts.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/root/edithosts.sh b/patches/systemvm/debian/config/root/edithosts.sh
deleted file mode 100755
index b82fb8e..0000000
--- a/patches/systemvm/debian/config/root/edithosts.sh
+++ /dev/null
@@ -1,234 +0,0 @@
-#!/usr/bin/env bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
- 
-# edithosts.sh -- edit the dhcphosts file on the routing domain
-
-usage() {
-  printf "Usage: %s: -m <MAC address> -4 <IPv4 address> -6 <IPv6 address> -h <hostname> -d <default router> -n <name server address> -s <Routes> -u <DUID> [-N]\n" $(basename $0) >&2
-}
-
-mac=
-ipv4=
-ipv6=
-host=
-dflt=
-dns=
-routes=
-duid=
-nondefault=
-
-while getopts 'm:4:h:d:n:s:6:u:N' OPTION
-do
-  case $OPTION in
-  m)    mac="$OPTARG"
-        ;;
-  4)    ipv4="$OPTARG"
-        ;;
-  6)    ipv6="$OPTARG"
-        ;;
-  u)    duid="$OPTARG"
-        ;;
-  h)    host="$OPTARG"
-        ;;
-  d)    dflt="$OPTARG"
-        ;;
-  n)    dns="$OPTARG"
-        ;;
-  s)    routes="$OPTARG"
-        ;;
-  N)    nondefault=1
-        ;;
-  ?)    usage
-        exit 2
-        ;;
-  esac
-done
-
-DHCP_HOSTS=/etc/dhcphosts.txt
-DHCP_OPTS=/etc/dhcpopts.txt
-DHCP_LEASES=/var/lib/misc/dnsmasq.leases
-HOSTS=/etc/hosts
-
-source /root/func.sh
-
-lock="biglock"
-#default timeout value is 30 mins as DhcpEntryCommand is not synchronized on agent side any more,
-#and multiple commands can be sent to the same VR at a time
-locked=$(getLockFile $lock 1800)
-if [ "$locked" != "1" ]
-then
-    exit 1
-fi
-
-grep "redundant_router=1" /var/cache/cloud/cmdline > /dev/null
-no_redundant=$?
-
-command -v dhcp_release > /dev/null 2>&1
-no_dhcp_release=$?
-
-wait_for_dnsmasq () {
-  local _pid=$(pidof dnsmasq)
-  for i in 0 1 2 3 4 5 6 7 8 9 10
-  do
-    sleep 1
-    _pid=$(pidof dnsmasq)
-    [ "$_pid" != "" ] && break;
-  done
-  [ "$_pid" != "" ] && return 0;
-  logger -t cloud "edithosts: timed out waiting for dnsmasq to start"
-  return 1
-}
-
-if [ $ipv6 ]
-then
-    no_dhcp_release=1
-fi
-
-if [ $no_dhcp_release -eq 0 ]
-then
-  #release previous dhcp lease if present
-  logger -t cloud "edithosts: releasing $ipv4"
-  dhcp_release eth0 $ipv4 $(grep "$ipv4 " $DHCP_LEASES | awk '{print $2}') > /dev/null 2>&1
-  logger -t cloud "edithosts: released $ipv4"
-fi
-
-logger -t cloud "edithosts: update $mac $ipv4 $ipv6 $host to hosts"
-
-[ ! -f $DHCP_HOSTS ] && touch $DHCP_HOSTS
-[ ! -f $DHCP_OPTS ] && touch $DHCP_OPTS
-[ ! -f $DHCP_LEASES ] && touch $DHCP_LEASES
-
-#delete any previous entries from the dhcp hosts file
-sed -i  /$mac/d $DHCP_HOSTS
-if [ $ipv4 ]
-then
-  sed -i  /$ipv4,/d $DHCP_HOSTS
-fi
-if [ $ipv6 ]
-then
-  #searching with [$ipv6], matching other ip so using $ipv6],
-  sed -i  /$ipv6],/d $DHCP_HOSTS
-fi
-# don't want to do this in the future, we can have same VM with multiple nics/entries
-#sed -i  /$host,/d $DHCP_HOSTS
-
-
-#put in the new entry
-if [ $ipv4 ]
-then
-  echo "$mac,$ipv4,$host,infinite" >>$DHCP_HOSTS
-fi
-if [ $ipv6 ]
-then
-  if [ $nondefault ]
-  then
-    echo "id:$duid,set:nondefault6,[$ipv6],$host,infinite" >>$DHCP_HOSTS
-  else
-    echo "id:$duid,[$ipv6],$host,infinite" >>$DHCP_HOSTS
-  fi
-fi
-
-#delete leases to supplied mac and ip addresses
-if [ $ipv4 ]
-then
-  sed -i  /$mac/d $DHCP_LEASES 
-  sed -i  /"$ipv4 "/d $DHCP_LEASES 
-fi
-if [ $ipv6 ]
-then
-  sed -i  /$duid/d $DHCP_LEASES 
-  sed -i  /"$ipv6 "/d $DHCP_LEASES 
-fi
-sed -i  /"$host "/d $DHCP_LEASES 
-
-#put in the new entry
-if [ $ipv4 ]
-then
-  echo "0 $mac $ipv4 $host *" >> $DHCP_LEASES
-fi
-if [ $ipv6 ]
-then
-  echo "0 $duid $ipv6 $host *" >> $DHCP_LEASES
-fi
-
-#edit hosts file as well
-if [ $ipv4 ]
-then
-  sed -i  /"$ipv4 "/d $HOSTS
-fi
-if [ $ipv6 ]
-then
-  sed -i  /"$ipv6 "/d $HOSTS
-fi
-sed -i  /" $host$"/d $HOSTS
-if [ $ipv4 ]
-then
-  echo "$ipv4 $host" >> $HOSTS
-fi
-if [ $ipv6 ]
-then
-  echo "$ipv6 $host" >> $HOSTS
-fi
-
-if [ "$dflt" != "" ]
-then
-  #make sure dnsmasq looks into options file
-  sed -i /dhcp-optsfile/d /etc/dnsmasq.conf
-  echo "dhcp-optsfile=$DHCP_OPTS" >> /etc/dnsmasq.conf
-
-  tag=$(echo $ipv4 | tr '.' '_')
-  sed -i /$tag/d $DHCP_OPTS
-  if [ "$dflt" == "0.0.0.0" ]
-  then
-    logger -t cloud "$0: unset default router for $ipv4"
-    logger -t cloud "$0: unset dns server for $ipv4"
-    echo "$tag,3" >> $DHCP_OPTS
-    echo "$tag,6" >> $DHCP_OPTS
-    echo "$tag,15" >> $DHCP_OPTS
-  fi
-  [ "$routes" != "" ] && echo "$tag,121,$routes" >> $DHCP_OPTS
-  #delete entry we just put in because we need a tag
-  sed -i  /$ipv4,/d $DHCP_HOSTS
-  #put it back with a tag
-  echo "$mac,set:$tag,$ipv4,$host,infinite" >>$DHCP_HOSTS
-fi
-
-# make dnsmasq re-read files
-pid=$(pidof dnsmasq)
-if [ "$pid" != "" ]
-then
-  # use SIGHUP to avoid service outage if dhcp_release is available.
-  if [ $no_dhcp_release -eq 0 ]
-  then
-    kill -HUP $pid
-  else
-    service dnsmasq restart
-  fi
-else
-  if [ $no_redundant -eq 1 ]
-  then
-      wait_for_dnsmasq
-  else
-      logger -t cloud "edithosts: skip wait dnsmasq due to redundant virtual router"
-  fi
-fi
-
-ret=$?
-unlock_exit $ret $lock $locked


Mime
View raw message