diff --git a/server/src/main/java/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java b/server/src/main/java/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java index 7c957614ddd..b6eddca6390 100644 --- a/server/src/main/java/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java +++ b/server/src/main/java/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java @@ -314,6 +314,7 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian // 2) FORM PLUG NIC COMMANDS final List> guestNics = new ArrayList>(); final List> publicNics = new ArrayList>(); + final List> privateGatewayNics = new ArrayList>(); final Map vlanMacAddress = new HashMap(); final List routerNics = _nicDao.listByVmIdOrderByDeviceId(profile.getId()); @@ -321,7 +322,11 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian final Network network = _networkModel.getNetwork(routerNic.getNetworkId()); if (network.getTrafficType() == TrafficType.Guest) { final Pair guestNic = new Pair(routerNic, network); - guestNics.add(guestNic); + if (_networkModel.isPrivateGateway(routerNic.getNetworkId())) { + privateGatewayNics.add(guestNic); + } else { + guestNics.add(guestNic); + } } else if (network.getTrafficType() == TrafficType.Public) { final Pair publicNic = new Pair(routerNic, network); publicNics.add(publicNic); @@ -375,6 +380,36 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian _commandSetupHelper.createVpcAssociatePublicIPCommands(domainRouterVO, sourceNat, cmds, vlanMacAddress); } + // add VPC router to private gateway networks + for (final Pair nicNtwk : privateGatewayNics) { + final Nic guestNic = updateNicWithDeviceId(nicNtwk.first().getId(), deviceId); + deviceId ++; + // plug guest nic + final PlugNicCommand plugNicCmd = new PlugNicCommand(_nwHelper.getNicTO(domainRouterVO, guestNic.getNetworkId(), null), domainRouterVO.getInstanceName(), domainRouterVO.getType(), details); + cmds.addCommand(plugNicCmd); + // set private network + final PrivateIpVO ipVO = _privateIpDao.findByIpAndSourceNetworkId(guestNic.getNetworkId(), guestNic.getIPv4Address()); + final Network network = _networkDao.findById(guestNic.getNetworkId()); + BroadcastDomainType.getValue(network.getBroadcastUri()); + final String netmask = NetUtils.getCidrNetmask(network.getCidr()); + final PrivateIpAddress ip = new PrivateIpAddress(ipVO, network.getBroadcastUri().toString(), network.getGateway(), netmask, guestNic.getMacAddress()); + + final List privateIps = new ArrayList(1); + privateIps.add(ip); + _commandSetupHelper.createVpcAssociatePrivateIPCommands(domainRouterVO, privateIps, cmds, true); + + final Long privateGwAclId = _vpcGatewayDao.getNetworkAclIdForPrivateIp(ipVO.getVpcId(), ipVO.getNetworkId(), ipVO.getIpAddress()); + + if (privateGwAclId != null) { + // set network acl on private gateway + final List networkACLs = _networkACLItemDao.listByACL(privateGwAclId); + s_logger.debug("Found " + networkACLs.size() + " network ACLs to apply as a part of VPC VR " + domainRouterVO + " start for private gateway ip = " + + ipVO.getIpAddress()); + + _commandSetupHelper.createNetworkACLsCommands(networkACLs, domainRouterVO, cmds, ipVO.getNetworkId(), true); + } + } + // add VPC router to guest networks for (final Pair nicNtwk : guestNics) { final Nic guestNic = updateNicWithDeviceId(nicNtwk.first().getId(), deviceId); @@ -382,36 +417,11 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian // plug guest nic final PlugNicCommand plugNicCmd = new PlugNicCommand(_nwHelper.getNicTO(domainRouterVO, guestNic.getNetworkId(), null), domainRouterVO.getInstanceName(), domainRouterVO.getType(), details); cmds.addCommand(plugNicCmd); - if (!_networkModel.isPrivateGateway(guestNic.getNetworkId())) { - // set guest network - final VirtualMachine vm = _vmDao.findById(domainRouterVO.getId()); - final NicProfile nicProfile = _networkModel.getNicProfile(vm, guestNic.getNetworkId(), null); - final SetupGuestNetworkCommand setupCmd = _commandSetupHelper.createSetupGuestNetworkCommand(domainRouterVO, true, nicProfile); - cmds.addCommand(setupCmd); - } else { - - // set private network - final PrivateIpVO ipVO = _privateIpDao.findByIpAndSourceNetworkId(guestNic.getNetworkId(), guestNic.getIPv4Address()); - final Network network = _networkDao.findById(guestNic.getNetworkId()); - BroadcastDomainType.getValue(network.getBroadcastUri()); - final String netmask = NetUtils.getCidrNetmask(network.getCidr()); - final PrivateIpAddress ip = new PrivateIpAddress(ipVO, network.getBroadcastUri().toString(), network.getGateway(), netmask, guestNic.getMacAddress()); - - final List privateIps = new ArrayList(1); - privateIps.add(ip); - _commandSetupHelper.createVpcAssociatePrivateIPCommands(domainRouterVO, privateIps, cmds, true); - - final Long privateGwAclId = _vpcGatewayDao.getNetworkAclIdForPrivateIp(ipVO.getVpcId(), ipVO.getNetworkId(), ipVO.getIpAddress()); - - if (privateGwAclId != null) { - // set network acl on private gateway - final List networkACLs = _networkACLItemDao.listByACL(privateGwAclId); - s_logger.debug("Found " + networkACLs.size() + " network ACLs to apply as a part of VPC VR " + domainRouterVO + " start for private gateway ip = " - + ipVO.getIpAddress()); - - _commandSetupHelper.createNetworkACLsCommands(networkACLs, domainRouterVO, cmds, ipVO.getNetworkId(), true); - } - } + // set guest network + final VirtualMachine vm = _vmDao.findById(domainRouterVO.getId()); + final NicProfile nicProfile = _networkModel.getNicProfile(vm, guestNic.getNetworkId(), null); + final SetupGuestNetworkCommand setupCmd = _commandSetupHelper.createSetupGuestNetworkCommand(domainRouterVO, true, nicProfile); + cmds.addCommand(setupCmd); } } catch (final Exception ex) { s_logger.warn("Failed to add router " + domainRouterVO + " to network due to exception ", ex); diff --git a/test/integration/component/test_multiple_subnets_in_isolated_network.py b/test/integration/component/test_multiple_subnets_in_isolated_network.py index 046e06221a0..9a35bc519a0 100644 --- a/test/integration/component/test_multiple_subnets_in_isolated_network.py +++ b/test/integration/component/test_multiple_subnets_in_isolated_network.py @@ -429,7 +429,7 @@ class TestMultiplePublicIpSubnets(cloudstackTestCase): # 6. create new public ip range 1 self.services["publiciprange"]["zoneid"] = self.zone.id self.services["publiciprange"]["forvirtualnetwork"] = "true" - random_subnet_number = random.randrange(10,20) + random_subnet_number = random.randrange(10,50) self.services["publiciprange"]["vlan"] = get_free_vlan( self.apiclient, self.zone.id)[1] diff --git a/test/integration/component/test_multiple_subnets_in_isolated_network_rvr.py b/test/integration/component/test_multiple_subnets_in_isolated_network_rvr.py index 30a701d33fd..2114df58602 100644 --- a/test/integration/component/test_multiple_subnets_in_isolated_network_rvr.py +++ b/test/integration/component/test_multiple_subnets_in_isolated_network_rvr.py @@ -429,7 +429,7 @@ class TestMultiplePublicIpSubnets(cloudstackTestCase): # 6. create new public ip range 1 self.services["publiciprange"]["zoneid"] = self.zone.id self.services["publiciprange"]["forvirtualnetwork"] = "true" - random_subnet_number = random.randrange(10,20) + random_subnet_number = random.randrange(10,50) self.services["publiciprange"]["vlan"] = get_free_vlan( self.apiclient, self.zone.id)[1] diff --git a/test/integration/component/test_multiple_subnets_in_vpc.py b/test/integration/component/test_multiple_subnets_in_vpc.py index 0235e4cb5e2..f3f9864ccdb 100644 --- a/test/integration/component/test_multiple_subnets_in_vpc.py +++ b/test/integration/component/test_multiple_subnets_in_vpc.py @@ -328,13 +328,13 @@ class TestMultiplePublicIpSubnets(cloudstackTestCase): # verify the IPs in VR. eth1 -> source nat IP, eth2 -> tier 1, eth4 -> tier 2, eth5 -> new ip 6, eth3-> private gateway # 24. reboot router # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,eth5," - # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> tier 1, eth4 -> private gateway, eth5 -> tier 2 + # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> private gateway, eth4 -> tier 1, eth5 -> tier 2 # 25. restart VPC with cleanup # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,eth5," - # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> tier 1, eth4 -> private gateway, eth5 -> tier 2 + # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> private gateway, eth4 -> tier 1, eth5 -> tier 2 # 26. restart VPC with cleanup, makeredundant=true # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,eth5," - # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> tier 1, eth4 -> private gateway, eth5 -> tier 2 + # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> private gateway, eth4 -> tier 1, eth5 -> tier 2 """ # Create new domain1 @@ -479,7 +479,7 @@ class TestMultiplePublicIpSubnets(cloudstackTestCase): # 6. create new public ip range 1 self.services["publiciprange"]["zoneid"] = self.zone.id self.services["publiciprange"]["forvirtualnetwork"] = "true" - random_subnet_number = random.randrange(10,20) + random_subnet_number = random.randrange(10,50) self.services["publiciprange"]["vlan"] = get_free_vlan( self.apiclient, self.zone.id)[1] @@ -900,7 +900,7 @@ class TestMultiplePublicIpSubnets(cloudstackTestCase): # 24. reboot router # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,eth5," - # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> tier 1, eth4 -> private gateway, eth5 -> tier 2 + # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> private gateway, eth4 -> tier 1, eth5 -> tier 2 routers = self.get_vpc_routers(self.vpc1.id) if len(routers) > 0: router = routers[0] @@ -914,14 +914,14 @@ class TestMultiplePublicIpSubnets(cloudstackTestCase): self.verify_ip_address_in_router(router, host, controlIp, "eth0", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth1", True) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth2", True) - self.verify_ip_address_in_router(router, host, tier1_Ip, "eth3", True) - self.verify_ip_address_in_router(router, host, private_gateway_ip, "eth4", True) + self.verify_ip_address_in_router(router, host, private_gateway_ip, "eth3", True) + self.verify_ip_address_in_router(router, host, tier1_Ip, "eth4", True) self.verify_ip_address_in_router(router, host, tier2_Ip, "eth5", True) - self.verify_router_publicnic_state(router, host, "eth1|eth2|eth4") + self.verify_router_publicnic_state(router, host, "eth1|eth2|eth3") # 25. restart VPC with cleanup # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,eth5," - # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> tier 1, eth4 -> private gateway, eth5 -> tier 2 + # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> private gateway, eth4 -> tier 1, eth5 -> tier 2 self.vpc1.restart(self.apiclient, cleanup=True) routers = self.get_vpc_routers(self.vpc1.id) for router in routers: @@ -931,14 +931,14 @@ class TestMultiplePublicIpSubnets(cloudstackTestCase): self.verify_ip_address_in_router(router, host, controlIp, "eth0", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth1", True) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth2", True) - self.verify_ip_address_in_router(router, host, tier1_Ip, "eth3", True) - self.verify_ip_address_in_router(router, host, private_gateway_ip, "eth4", True) + self.verify_ip_address_in_router(router, host, private_gateway_ip, "eth3", True) + self.verify_ip_address_in_router(router, host, tier1_Ip, "eth4", True) self.verify_ip_address_in_router(router, host, tier2_Ip, "eth5", True) - self.verify_router_publicnic_state(router, host, "eth1|eth2|eth4") + self.verify_router_publicnic_state(router, host, "eth1|eth2|eth3") # 26. restart VPC with cleanup, makeredundant=true # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,eth5," - # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> tier 1, eth4 -> private gateway, eth5 -> tier 2 + # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> private gateway, eth4 -> tier 1, eth5 -> tier 2 self.vpc1.restart(self.apiclient, cleanup=True, makeredundant=True) routers = self.get_vpc_routers(self.vpc1.id) for router in routers: @@ -948,7 +948,7 @@ class TestMultiplePublicIpSubnets(cloudstackTestCase): self.verify_ip_address_in_router(router, host, controlIp, "eth0", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth1", True) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth2", True) - self.verify_ip_address_in_router(router, host, tier1_Ip, "eth3", True) - self.verify_ip_address_in_router(router, host, private_gateway_ip, "eth4", True) + self.verify_ip_address_in_router(router, host, private_gateway_ip, "eth3", True) + self.verify_ip_address_in_router(router, host, tier1_Ip, "eth4", True) self.verify_ip_address_in_router(router, host, tier2_Ip, "eth5", True) - self.verify_router_publicnic_state(router, host, "eth1|eth2|eth4") + self.verify_router_publicnic_state(router, host, "eth1|eth2|eth3") diff --git a/test/integration/component/test_multiple_subnets_in_vpc_rvr.py b/test/integration/component/test_multiple_subnets_in_vpc_rvr.py index 1ebed1dd299..1e2e9151cf4 100644 --- a/test/integration/component/test_multiple_subnets_in_vpc_rvr.py +++ b/test/integration/component/test_multiple_subnets_in_vpc_rvr.py @@ -328,13 +328,13 @@ class TestMultiplePublicIpSubnets(cloudstackTestCase): # verify the IPs in VR. eth1 -> source nat IP, eth2 -> tier 1, eth4 -> tier 2, eth5 -> new ip 6, eth3-> private gateway # 24. reboot router # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,eth5," - # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> tier 1, eth4 -> private gateway, eth5 -> tier 2 + # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> private gateway, eth4 -> tier 1, eth5 -> tier 2 # 25. restart VPC with cleanup # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,eth5," - # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> tier 1, eth4 -> private gateway, eth5 -> tier 2 + # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> private gateway, eth4 -> tier 1, eth5 -> tier 2 # 26. restart VPC with cleanup, makeredundant=true # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,eth5," - # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> tier 1, eth4 -> private gateway, eth5 -> tier 2 + # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> private gateway, eth4 -> tier 1, eth5 -> tier 2 """ # Create new domain1 @@ -479,7 +479,7 @@ class TestMultiplePublicIpSubnets(cloudstackTestCase): # 6. create new public ip range 1 self.services["publiciprange"]["zoneid"] = self.zone.id self.services["publiciprange"]["forvirtualnetwork"] = "true" - random_subnet_number = random.randrange(10,20) + random_subnet_number = random.randrange(10,50) self.services["publiciprange"]["vlan"] = get_free_vlan( self.apiclient, self.zone.id)[1] @@ -900,7 +900,7 @@ class TestMultiplePublicIpSubnets(cloudstackTestCase): # 24. reboot router # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,eth5," - # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> tier 1, eth4 -> private gateway, eth5 -> tier 2 + # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> private gateway, eth4 -> tier 1, eth5 -> tier 2 routers = self.get_vpc_routers(self.vpc1.id) if len(routers) > 0: router = routers[0] @@ -914,14 +914,14 @@ class TestMultiplePublicIpSubnets(cloudstackTestCase): self.verify_ip_address_in_router(router, host, controlIp, "eth0", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth1", True) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth2", True) - self.verify_ip_address_in_router(router, host, tier1_Ip, "eth3", True) - self.verify_ip_address_in_router(router, host, private_gateway_ip, "eth4", True) + self.verify_ip_address_in_router(router, host, private_gateway_ip, "eth3", True) + self.verify_ip_address_in_router(router, host, tier1_Ip, "eth4", True) self.verify_ip_address_in_router(router, host, tier2_Ip, "eth5", True) - self.verify_router_publicnic_state(router, host, "eth1|eth2|eth4") + self.verify_router_publicnic_state(router, host, "eth1|eth2|eth3") # 25. restart VPC with cleanup # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,eth5," - # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> tier 1, eth4 -> private gateway, eth5 -> tier 2 + # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> private gateway, eth4 -> tier 1, eth5 -> tier 2 self.vpc1.restart(self.apiclient, cleanup=True) routers = self.get_vpc_routers(self.vpc1.id) for router in routers: @@ -931,14 +931,14 @@ class TestMultiplePublicIpSubnets(cloudstackTestCase): self.verify_ip_address_in_router(router, host, controlIp, "eth0", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth1", True) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth2", True) - self.verify_ip_address_in_router(router, host, tier1_Ip, "eth3", True) - self.verify_ip_address_in_router(router, host, private_gateway_ip, "eth4", True) + self.verify_ip_address_in_router(router, host, private_gateway_ip, "eth3", True) + self.verify_ip_address_in_router(router, host, tier1_Ip, "eth4", True) self.verify_ip_address_in_router(router, host, tier2_Ip, "eth5", True) - self.verify_router_publicnic_state(router, host, "eth1|eth2|eth4") + self.verify_router_publicnic_state(router, host, "eth1|eth2|eth3") # 26. restart VPC with cleanup, makeredundant=true # verify the available nics in VR should be "eth0,eth1,eth2,eth3,eth4,eth5," - # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> tier 1, eth4 -> private gateway, eth5 -> tier 2 + # verify the IPs in VR. eth1 -> source nat IP, eth2 -> new ip 6, eth3 -> private gateway, eth4 -> tier 1, eth5 -> tier 2 self.vpc1.restart(self.apiclient, cleanup=True, makeredundant=True) routers = self.get_vpc_routers(self.vpc1.id) for router in routers: @@ -948,7 +948,7 @@ class TestMultiplePublicIpSubnets(cloudstackTestCase): self.verify_ip_address_in_router(router, host, controlIp, "eth0", True) self.verify_ip_address_in_router(router, host, sourcenatIp, "eth1", True) self.verify_ip_address_in_router(router, host, ipaddress_6.ipaddress.ipaddress, "eth2", True) - self.verify_ip_address_in_router(router, host, tier1_Ip, "eth3", True) - self.verify_ip_address_in_router(router, host, private_gateway_ip, "eth4", True) + self.verify_ip_address_in_router(router, host, private_gateway_ip, "eth3", True) + self.verify_ip_address_in_router(router, host, tier1_Ip, "eth4", True) self.verify_ip_address_in_router(router, host, tier2_Ip, "eth5", True) - self.verify_router_publicnic_state(router, host, "eth1|eth2|eth4") + self.verify_router_publicnic_state(router, host, "eth1|eth2|eth3")