apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

PVLAN: Simplify OVS policy

Browse Source 
We can resubmit the packet against the flow table to get simplier result.

Now we don't need to check if VM is in the same host as DHCP server or not.
This commit is contained in:
Sheng Yang 2013-05-01 13:23:08 -07:00
parent b64039bafd
commit 05885457ec
12 changed files with 104 additions and 245 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
api/src/com/cloud/agent/api/PvlanSetupCommand.java
View File

@ -23,17 +23,16 @@ import com.cloud.utils.net.NetUtils;
public class PvlanSetupCommand extends Command { public class PvlanSetupCommand extends Command {
public enum Type { public enum Type {
DHCP, DHCP,
VM, VM
VM_IN_DHCP_HOST
} }
private String op; private String op;
private String bridge; private String bridge;
private String primary; private String primary;
private String isolated; private String isolated;
private String vmMac; private String vmMac;
private String dhcpName;
private String dhcpMac; private String dhcpMac;
private String dhcpIp; private String dhcpIp;
private boolean strict;
private Type type; private Type type;
protected PvlanSetupCommand() {} protected PvlanSetupCommand() {}
@ -45,12 +44,12 @@ public class PvlanSetupCommand extends Command {
this.bridge = bridge; this.bridge = bridge;
this.primary = NetUtils.getPrimaryPvlanFromUri(uri); this.primary = NetUtils.getPrimaryPvlanFromUri(uri);
this.isolated = NetUtils.getIsolatedPvlanFromUri(uri); this.isolated = NetUtils.getIsolatedPvlanFromUri(uri);
this.strict = true;
} }
static public PvlanSetupCommand createDhcpSetup(String op, String bridge, URI uri, String dhcpMac, String dhcpIp) static public PvlanSetupCommand createDhcpSetup(String op, String bridge, URI uri, String dhcpName, String dhcpMac, String dhcpIp)
{ {
PvlanSetupCommand cmd = new PvlanSetupCommand(Type.DHCP, op, bridge, uri); PvlanSetupCommand cmd = new PvlanSetupCommand(Type.DHCP, op, bridge, uri);
cmd.setDhcpName(dhcpName);
cmd.setDhcpMac(dhcpMac); cmd.setDhcpMac(dhcpMac);
cmd.setDhcpIp(dhcpIp); cmd.setDhcpIp(dhcpIp);
return cmd; return cmd;
@ -63,14 +62,6 @@ public class PvlanSetupCommand extends Command {
return cmd; return cmd;
} }
static public PvlanSetupCommand createVmInDhcpHostSetup(String op, String bridge, URI uri, String dhcpMac, String vmMac)
{
PvlanSetupCommand cmd = new PvlanSetupCommand(Type.VM_IN_DHCP_HOST, op, bridge, uri);
cmd.setDhcpMac(dhcpMac);
cmd.setVmMac(vmMac);
return cmd;
}
@Override @Override
public boolean executeInSequence() { public boolean executeInSequence() {
return true; return true;
@ -120,11 +111,11 @@ public class PvlanSetupCommand extends Command {
return type; return type;
} }
public boolean isStrict() { public String getDhcpName() {
return strict; return dhcpName;
} }
public void setStrict(boolean strict) { public void setDhcpName(String dhcpName) {
this.strict = strict; this.dhcpName = dhcpName;
} }
} }

18
plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
View File

@ -1475,13 +1475,16 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
String isolatedPvlan = cmd.getIsolated(); String isolatedPvlan = cmd.getIsolated();
String op = cmd.getOp(); String op = cmd.getOp();
String bridge = cmd.getBridge(); String bridge = cmd.getBridge();
String result = null; String dhcpName = cmd.getDhcpName();
String dhcpMac = cmd.getDhcpMac(); String dhcpMac = cmd.getDhcpMac();
String dhcpIp = cmd.getDhcpIp(); String dhcpIp = cmd.getDhcpIp();
String vmMac = cmd.getVmMac(); String vmMac = cmd.getVmMac();
String result = null;
if (cmd.getType() == PvlanSetupCommand.Type.DHCP) { if (cmd.getType() == PvlanSetupCommand.Type.DHCP) {
result = callHostPlugin(conn, "ovs-pvlan", "setup-pvlan-dhcp", "op", op, "bridge", bridge, result = callHostPlugin(conn, "ovs-pvlan", "setup-pvlan-dhcp", "op", op, "bridge", bridge,
"primary-pvlan", primaryPvlan, "isolated-pvlan", isolatedPvlan, "dhcp-ip", dhcpIp, "dhcp-mac", dhcpMac); "primary-pvlan", primaryPvlan, "isolated-pvlan", isolatedPvlan, "dhcp-name", dhcpName,
"dhcp-ip", dhcpIp, "dhcp-mac", dhcpMac);
if (result == null || result.isEmpty() || !Boolean.parseBoolean(result)) { if (result == null || result.isEmpty() || !Boolean.parseBoolean(result)) {
s_logger.warn("Failed to program pvlan for dhcp server with mac " + dhcpMac); s_logger.warn("Failed to program pvlan for dhcp server with mac " + dhcpMac);
return new Answer(cmd, false, result); return new Answer(cmd, false, result);
@ -1489,7 +1492,7 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
s_logger.info("Programmed pvlan for dhcp server with mac " + dhcpMac); s_logger.info("Programmed pvlan for dhcp server with mac " + dhcpMac);
} }
} else if (cmd.getType() == PvlanSetupCommand.Type.VM) { } else if (cmd.getType() == PvlanSetupCommand.Type.VM) {
result = callHostPlugin(conn, "ovs-pvlan", "setup-pvlan-vm-alone", "op", op, "bridge", bridge, result = callHostPlugin(conn, "ovs-pvlan", "setup-pvlan-vm", "op", op, "bridge", bridge,
"primary-pvlan", primaryPvlan, "isolated-pvlan", isolatedPvlan, "vm-mac", vmMac); "primary-pvlan", primaryPvlan, "isolated-pvlan", isolatedPvlan, "vm-mac", vmMac);
if (result == null || result.isEmpty() || !Boolean.parseBoolean(result)) { if (result == null || result.isEmpty() || !Boolean.parseBoolean(result)) {
s_logger.warn("Failed to program pvlan for vm with mac " + vmMac); s_logger.warn("Failed to program pvlan for vm with mac " + vmMac);
@ -1497,15 +1500,6 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
} else { } else {
s_logger.info("Programmed pvlan for vm with mac " + vmMac); s_logger.info("Programmed pvlan for vm with mac " + vmMac);
} }
} else if (cmd.getType() == PvlanSetupCommand.Type.VM_IN_DHCP_HOST) {
result = callHostPlugin(conn, "ovs-pvlan", "setup-pvlan-vm-dhcp", "op", op, "bridge", bridge,
"primary-pvlan", primaryPvlan, "isolated-pvlan", isolatedPvlan, "vm-mac", vmMac, "dhcp-mac", dhcpMac);
if (result == null || result.isEmpty() || !Boolean.parseBoolean(result)) {
s_logger.warn("Failed to program pvlan for vm in dhcp host with mac " + vmMac);
return new Answer(cmd, false, result);
} else {
s_logger.info("Programmed pvlan for vm in dhcp host with mac " + vmMac);
}
} }
return new Answer(cmd, true, result); return new Answer(cmd, true, result);
} }

26
scripts/vm/hypervisor/xenserver/ovs-get-dhcp-port.sh Normal file
View File

@ -0,0 +1,26 @@
#!/bin/bash
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#!/bin/bash
bridge=$1
dhcp_name=$2
dom_id=`xe vm-list is-control-domain=false power-state=running params=dom-id name-label=$dhcp_name|cut -d ':' -f 2 |tr -d ' ' `
iface="vif${dom_id}.0"
port=`ovs-ofctl show $bridge|grep $iface|cut -d '(' -f 1|tr -d ' '`
echo $port

68
scripts/vm/hypervisor/xenserver/ovs-pvlan
View File

@ -33,8 +33,8 @@ from time import localtime as _localtime, asctime as _asctime
xePath = "/opt/xensource/bin/xe" xePath = "/opt/xensource/bin/xe"
lib.setup_logging("/var/log/ovs-pvlan.log") lib.setup_logging("/var/log/ovs-pvlan.log")
dhcpSetupPath = "/opt/xensource/bin/ovs-pvlan-dhcp-host.sh" dhcpSetupPath = "/opt/xensource/bin/ovs-pvlan-dhcp-host.sh"
vmAloneSetupPath = "/opt/xensource/bin/ovs-pvlan-vm.sh" vmSetupPath = "/opt/xensource/bin/ovs-pvlan-vm.sh"
vmDhcpSetupPath = "/opt/xensource/bin/ovs-pvlan-vm-in-dhcp-host.sh" getDhcpPortPath = "/opt/xensource/bin/ovs-get-dhcp-port.sh"
pvlanCleanupPath = "/opt/xensource/bin/ovs-pvlan-cleanup.sh" pvlanCleanupPath = "/opt/xensource/bin/ovs-pvlan-cleanup.sh"
def echo(fn): def echo(fn):
@ -53,17 +53,21 @@ def setup_pvlan_dhcp(session, args):
bridge = args.pop("bridge") bridge = args.pop("bridge")
primary = args.pop("primary-pvlan") primary = args.pop("primary-pvlan")
isolated = args.pop("isolated-pvlan") isolated = args.pop("isolated-pvlan")
dhcp_ip = args.pop("dhcp-ip"); dhcp_name = args.pop("dhcp-name")
dhcp_mac = args.pop("dhcp-mac"); dhcp_ip = args.pop("dhcp-ip")
dhcp_mac = args.pop("dhcp-mac")
res = lib.check_switch() res = lib.check_switch()
if res != "SUCCESS": if res != "SUCCESS":
return "FAILURE:%s" % res return "FAILURE:%s" % res
if op == "add": if op == "add":
logging.debug("Try to get dhcp vm %s port on the switch:%s" % (dhcp_name, bridge))
dhcp_port = lib.do_cmd([getDhcpPortPath, bridge, dhcp_name])
logging.debug("About to setup dhcp vm on the switch:%s" % bridge) logging.debug("About to setup dhcp vm on the switch:%s" % bridge)
res = lib.do_cmd([dhcpSetupPath, "-A", "-b", bridge, "-p", primary, res = lib.do_cmd([dhcpSetupPath, "-A", "-b", bridge, "-p", primary,
"-i", isolated, "-d", dhcp_ip, "-m", dhcp_mac]) "-i", isolated, "-n", dhcp_name, "-d", dhcp_ip, "-m", dhcp_mac,
"-P", dhcp_port])
if res: if res:
result = "FAILURE:%s" % res result = "FAILURE:%s" % res
return result; return result;
@ -71,7 +75,7 @@ def setup_pvlan_dhcp(session, args):
elif op == "delete": elif op == "delete":
logging.debug("About to remove dhcp the switch:%s" % bridge) logging.debug("About to remove dhcp the switch:%s" % bridge)
res = lib.do_cmd([dhcpSetupPath, "-D", "-b", bridge, "-p", primary, res = lib.do_cmd([dhcpSetupPath, "-D", "-b", bridge, "-p", primary,
"-i", isolated, "-d", dhcp_ip, "-m", dhcp_mac]) "-i", isolated, "-n", dhcp_name, "-d", dhcp_ip, "-m", dhcp_mac])
if res: if res:
result = "FAILURE:%s" % res result = "FAILURE:%s" % res
return result; return result;
@ -82,9 +86,10 @@ def setup_pvlan_dhcp(session, args):
return result return result
@echo @echo
def setup_pvlan_vm_alone(session, args): def setup_pvlan_vm(session, args):
op = args.pop("op") op = args.pop("op")
bridge = args.pop("bridge") bridge = args.pop("bridge")
primary = args.pop("primary-pvlan")
isolated = args.pop("isolated-pvlan") isolated = args.pop("isolated-pvlan")
vm_mac = args.pop("vm-mac") vm_mac = args.pop("vm-mac")
trunk_port = 1 trunk_port = 1
@ -94,58 +99,24 @@ def setup_pvlan_vm_alone(session, args):
return "FAILURE:%s" % res return "FAILURE:%s" % res
if op == "add": if op == "add":
logging.debug("About to setup vm alone on the switch:%s" % bridge) logging.debug("About to setup vm on the switch:%s" % bridge)
res = lib.do_cmd([vmAloneSetupPath, "-A", "-b", bridge, "-i", isolated, "-v", vm_mac]) res = lib.do_cmd([vmSetupPath, "-A", "-b", bridge, "-p", primary, "-i", isolated, "-v", vm_mac])
if res: if res:
result = "FAILURE:%s" % res result = "FAILURE:%s" % res
return result; return result;
logging.debug("Setup vm alone on switch program done") logging.debug("Setup vm on switch program done")
elif op == "delete": elif op == "delete":
logging.debug("About to remove vm alone on the switch:%s" % bridge) logging.debug("About to remove vm on the switch:%s" % bridge)
res = lib.do_cmd([vmAloneSetupPath, "-D", "-b", bridge, "-i", isolated, "-v", vm_mac]) res = lib.do_cmd([vmSetupPath, "-D", "-b", bridge, "-p", primary, "-i", isolated, "-v", vm_mac])
if res: if res:
result = "FAILURE:%s" % res result = "FAILURE:%s" % res
return result; return result;
logging.debug("Remove vm alone on switch program done") logging.debug("Remove vm on switch program done")
result = "true" result = "true"
logging.debug("Setup_pvlan_vm_alone completed with result:%s" % result) logging.debug("Setup_pvlan_vm_alone completed with result:%s" % result)
return result return result
@echo
def setup_pvlan_vm_dhcp(session, args):
op = args.pop("op")
bridge = args.pop("bridge")
isolated = args.pop("isolated-pvlan")
vm_mac = args.pop("vm-mac")
dhcp_mac = args.pop("dhcp-mac");
trunk_port = 1
res = lib.check_switch()
if res != "SUCCESS":
return "FAILURE:%s" % res
if op == "add":
logging.debug("About to setup vm dhcp on the switch:%s" % bridge)
res = lib.do_cmd([vmDhcpSetupPath, "-A", "-b", bridge, "-i", isolated,
"-v", vm_mac, "-m", dhcp_mac])
if res:
result = "FAILURE:%s" % res
return result;
logging.debug("Setup vm dhcp on switch program done")
elif op == "delete":
logging.debug("About to remove vm dhcp on the switch:%s" % bridge)
res = lib.do_cmd([vmDhcpSetupPath, "-D", "-b", bridge, "-i", isolated,
"-v", vm_mac, "-m", dhcp_mac])
if res:
result = "FAILURE:%s" % res
return result;
logging.debug("Remove vm dhcp on switch program done")
result = "true"
logging.debug("Setup_pvlan_vm_dhcp completed with result:%s" % result)
return result
@echo @echo
def cleanup(session, args): def cleanup(session, args):
res = lib.check_switch() res = lib.check_switch()
@ -163,6 +134,5 @@ def cleanup(session, args):
if __name__ == "__main__": if __name__ == "__main__":
XenAPIPlugin.dispatch({"setup-pvlan-dhcp": setup_pvlan_dhcp, XenAPIPlugin.dispatch({"setup-pvlan-dhcp": setup_pvlan_dhcp,
"setup-pvlan-vm-alone": setup_pvlan_vm_alone, "setup-pvlan-vm": setup_pvlan_vm,
"setup-pvlan-vm-dhcp": setup_pvlan_vm_dhcp,
"cleanup":cleanup}) "cleanup":cleanup})

2
scripts/vm/hypervisor/xenserver/xenserver60/patch
View File

@ -69,6 +69,6 @@ swiftxen=..,0755,/etc/xapi.d/plugins
s3xen=..,0755,/etc/xapi.d/plugins s3xen=..,0755,/etc/xapi.d/plugins
ovs-pvlan=..,0755,/etc/xapi.d/plugins ovs-pvlan=..,0755,/etc/xapi.d/plugins
ovs-pvlan-dhcp-host.sh=../../../network,0755,/opt/xensource/bin ovs-pvlan-dhcp-host.sh=../../../network,0755,/opt/xensource/bin
ovs-pvlan-vm-in-dhcp-host.sh=../../../network,0755,/opt/xensource/bin
ovs-pvlan-vm.sh=../../../network,0755,/opt/xensource/bin ovs-pvlan-vm.sh=../../../network,0755,/opt/xensource/bin
ovs-pvlan-cleanup.sh=../../../network,0755,/opt/xensource/bin ovs-pvlan-cleanup.sh=../../../network,0755,/opt/xensource/bin
ovs-get-dhcp-port.sh=..,0755,/opt/xensource/bin

34
scripts/vm/network/ovs-pvlan-dhcp-host.sh
View File

@ -16,20 +16,26 @@
# specific language governing permissions and limitations # specific language governing permissions and limitations
# under the License. # under the License.
#!/bin/bash
source ovs-func.sh
usage() { usage() {
printf "Usage: %s: (-A|-D) -b <bridge/switch> -p <primary vlan> -i <secondary isolated vlan> -d <DHCP server IP> -m <DHCP server MAC> -v <VM MAC> -h \n" $(basename $0) >&2 printf "Usage: %s: (-A|-D) -b <bridge/switch> -p <primary vlan> -i <secondary isolated vlan> -n <DHCP server name> -d <DHCP server IP> -m <DHCP server MAC> -P <DHCP on OVS port> -v <VM MAC> -h \n" $(basename $0) >&2
exit 2 exit 2
} }
br= br=
pri_vlan= pri_vlan=
sec_iso_vlan= sec_iso_vlan=
dhcp_name=
dhcp_ip= dhcp_ip=
dhcp_mac= dhcp_mac=
dhcp_port=
vm_mac= vm_mac=
op= op=
while getopts 'ADb:p:i:d:m:v:h' OPTION while getopts 'ADb:p:i:d:m:v:n:P:h' OPTION
do do
case $OPTION in case $OPTION in
A) op="add" A) op="add"
@ -42,10 +48,14 @@ do
;; ;;
i) sec_iso_vlan="$OPTARG" i) sec_iso_vlan="$OPTARG"
;; ;;
n) dhcp_name="$OPTARG"
;;
d) dhcp_ip="$OPTARG" d) dhcp_ip="$OPTARG"
;; ;;
m) dhcp_mac="$OPTARG" m) dhcp_mac="$OPTARG"
;; ;;
P) dhcp_port="$OPTARG"
;;
v) vm_mac="$OPTARG" v) vm_mac="$OPTARG"
;; ;;
h) usage h) usage
@ -78,6 +88,12 @@ then
exit 1 exit 1
fi fi
if [ -z "$dhcp_name" ]
then
echo Missing parameter DHCP NAME!
exit 1
fi
if [ -z "$dhcp_ip" ] if [ -z "$dhcp_ip" ]
then then
echo Missing parameter DHCP IP! echo Missing parameter DHCP IP!
@ -90,12 +106,18 @@ then
exit 1 exit 1
fi fi
if [ "$op" == "add" -a -z "$dhcp_port" ]
then
echo Missing parameter DHCP PORT!
exit 1
fi
if [ "$op" == "add" ] if [ "$op" == "add" ]
then then
ovs-ofctl add-flow $br priority=200,arp,dl_vlan=$sec_iso_vlan,nw_dst=$dhcp_ip,actions=mod_vlan_vid:$pri_vlan,NORMAL ovs-ofctl add-flow $br priority=200,arp,dl_vlan=$sec_iso_vlan,nw_dst=$dhcp_ip,actions=strip_vlan,output:$dhcp_port
ovs-ofctl add-flow $br priority=180,arp,nw_dst=$dhcp_ip,actions=NORMAL ovs-ofctl add-flow $br priority=180,arp,nw_dst=$dhcp_ip,actions=strip_vlan,output:$dhcp_port
ovs-ofctl add-flow $br priority=150,dl_vlan=$sec_iso_vlan,dl_dst=$dhcp_mac,actions=mod_vlan_vid:$pri_vlan,NORMAL ovs-ofctl add-flow $br priority=150,dl_vlan=$sec_iso_vlan,dl_dst=$dhcp_mac,actions=strip_vlan,output:$dhcp_port
ovs-ofctl add-flow $br priority=100,udp,dl_vlan=$sec_iso_vlan,nw_dst=255.255.255.255,tp_dst=67,actions=mod_vlan_vid:$pri_vlan,NORMAL ovs-ofctl add-flow $br priority=100,udp,dl_vlan=$sec_iso_vlan,nw_dst=255.255.255.255,tp_dst=67,actions=strip_vlan,output:$dhcp_port
else else
ovs-ofctl del-flows --strict $br priority=200,arp,dl_vlan=$sec_iso_vlan,nw_dst=$dhcp_ip ovs-ofctl del-flows --strict $br priority=200,arp,dl_vlan=$sec_iso_vlan,nw_dst=$dhcp_ip
ovs-ofctl del-flows --strict $br priority=180,arp,nw_dst=$dhcp_ip ovs-ofctl del-flows --strict $br priority=180,arp,nw_dst=$dhcp_ip

88
scripts/vm/network/ovs-pvlan-vm-in-dhcp-host.sh
View File

@ -1,88 +0,0 @@
#!/bin/bash
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
usage() {
printf "Usage: %s: (-A|-D) -b <bridge/switch> -p <primary vlan> -i <secondary isolated vlan> -d <DHCP server IP> -m <DHCP server MAC> -v <VM MAC> -h \n" $(basename $0) >&2
exit 2
}
br=
pri_vlan=
sec_iso_vlan=
dhcp_ip=
dhcp_mac=
vm_mac=
op=
while getopts 'ADb:p:i:d:m:v:h' OPTION
do
case $OPTION in
A) op="add"
;;
D) op="del"
;;
b) br="$OPTARG"
;;
p) pri_vlan="$OPTARG"
;;
i) sec_iso_vlan="$OPTARG"
;;
d) dhcp_ip="$OPTARG"
;;
m) dhcp_mac="$OPTARG"
;;
v) vm_mac="$OPTARG"
;;
h) usage
exit 1
;;
esac
done
if [ -z "$op" ]
then
echo Missing operation pararmeter!
exit 1
fi
if [ -z "$br" ]
then
echo Missing parameter bridge!
exit 1
fi
if [ -z "$vm_mac" ]
then
echo Missing parameter VM MAC!
exit 1
fi
if [ -z "$dhcp_mac" ]
then
echo Missing parameter DHCP MAC!
exit 1
fi
if [ "$op" == "add" ]
then
ovs-ofctl add-flow $br priority=120,dl_src=$vm_mac,dl_dst=$dhcp_mac,actions=NORMAL
ovs-ofctl add-flow $br priority=80,udp,dl_src=$vm_mac,nw_dst=255.255.255.255,tp_dst=67,actions=NORMAL
else
ovs-ofctl del-flows --strict $br priority=120,dl_src=$vm_mac,dl_dst=$dhcp_mac
ovs-ofctl del-flows --strict $br priority=80,udp,dl_src=$vm_mac,nw_dst=255.255.255.255,tp_dst=67
fi

15
scripts/vm/network/ovs-pvlan-vm.sh
View File

@ -16,6 +16,8 @@
# specific language governing permissions and limitations # specific language governing permissions and limitations
# under the License. # under the License.
#!/bin/bash
usage() { usage() {
printf "Usage: %s: (-A|-D) -b <bridge/switch> -p <primary vlan> -i <secondary isolated vlan> -d <DHCP server IP> -m <DHCP server MAC> -v <VM MAC> -h \n" $(basename $0) >&2 printf "Usage: %s: (-A|-D) -b <bridge/switch> -p <primary vlan> -i <secondary isolated vlan> -d <DHCP server IP> -m <DHCP server MAC> -v <VM MAC> -h \n" $(basename $0) >&2
exit 2 exit 2
@ -72,6 +74,12 @@ then
exit 1 exit 1
fi fi
if [ -z "$pri_vlan" ]
then
echo Missing parameter secondary isolate vlan!
exit 1
fi
if [ -z "$sec_iso_vlan" ] if [ -z "$sec_iso_vlan" ]
then then
echo Missing parameter secondary isolate vlan! echo Missing parameter secondary isolate vlan!
@ -82,9 +90,10 @@ trunk_port=1
if [ "$op" == "add" ] if [ "$op" == "add" ]
then then
ovs-ofctl add-flow $br priority=50,dl_src=$vm_mac,actions=mod_vlan_vid:$sec_iso_vlan,output:$trunk_port ovs-ofctl add-flow $br priority=50,dl_vlan=0xffff,dl_src=$vm_mac,actions=mod_vlan_vid:$sec_iso_vlan,resubmit:$trunk_port
ovs-ofctl add-flow $br priority=60,dl_vlan=$sec_iso_vlan,dl_src=$vm_mac,actions=output:1
else else
# it would delete any rule related to this vm, not only the rule added above ovs-ofctl del-flows --strict $br priority=50,dl_vlan=0xffff,dl_src=$vm_mac
ovs-ofctl del-flows $br dl_src=$vm_mac ovs-ofctl del-flows --strict $br priority=60,dl_vlan=$sec_iso_vlan,dl_src=$vm_mac
fi fi

10
server/src/com/cloud/network/element/VirtualRouterElement.java
View File

@ -215,16 +215,6 @@ public class VirtualRouterElement extends AdapterBase implements VirtualRouterEl
throw new ResourceUnavailableException("Can't find at least one running router!", throw new ResourceUnavailableException("Can't find at least one running router!",
DataCenter.class, network.getDataCenterId()); DataCenter.class, network.getDataCenterId());
} }
// Setup PVlan for vm if necessary
if (network.getTrafficType() == TrafficType.Guest && network.getBroadcastDomainType() == BroadcastDomainType.Pvlan) {
assert routers.size() == 1;
DomainRouterVO router = routers.get(0);
if (router.getHostId() == dest.getHost().getId()) {
_routerMgr.setupVmWithDhcpHostForPvlan(true, router, nic);
}
}
return true; return true;
} }

2
server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java
View File

@ -105,6 +105,4 @@ public interface VirtualNetworkApplianceManager extends Manager, VirtualNetworkA
boolean applyUserData(Network config, NicProfile nic, VirtualMachineProfile<UserVm> vm, DeployDestination dest, boolean applyUserData(Network config, NicProfile nic, VirtualMachineProfile<UserVm> vm, DeployDestination dest,
List<DomainRouterVO> routers) throws ResourceUnavailableException; List<DomainRouterVO> routers) throws ResourceUnavailableException;
void setupVmWithDhcpHostForPvlan(boolean add, DomainRouterVO router, NicProfile profile) throws ResourceUnavailableException;
} }

53
server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
View File

@ -2211,35 +2211,6 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
return dhcpRange; return dhcpRange;
} }
private boolean setupDhcpForPvlanOnHost(boolean add, DomainRouterVO router, Nic routerNic) {
if (!routerNic.getBroadcastUri().getScheme().equals("pvlan")) {
return false;
}
setupDhcpForPvlan(add, router, routerNic);
Long hostId = router.getHostId();
List<UserVmVO> vms = _userVmDao.listByHostId(hostId);
for (UserVmVO vm : vms) {
if (vm.getState() != State.Running) {
continue;
}
List<NicVO> nics = _nicDao.listByVmId(vm.getId());
for (NicVO nic : nics) {
if (nic.getNetworkId() == routerNic.getNetworkId()) {
try {
Network network = _networkDao.findById(routerNic.getNetworkId());
NicProfile profile = new NicProfile(nic, network, nic.getBroadcastUri(), nic.getIsolationUri(),
null, _networkModel.isSecurityGroupSupportedInNetwork(network), _networkModel.getNetworkTag(vm.getHypervisorType(), network));
setupVmWithDhcpHostForPvlan(add, router, profile);
} catch (ResourceUnavailableException e) {
s_logger.warn("Fail to program pvlan on nic " + nic.getMacAddress(), e);
return false;
}
}
}
}
return true;
}
private boolean setupDhcpForPvlan(boolean add, DomainRouterVO router, Nic nic) { private boolean setupDhcpForPvlan(boolean add, DomainRouterVO router, Nic nic) {
if (!nic.getBroadcastUri().getScheme().equals("pvlan")) { if (!nic.getBroadcastUri().getScheme().equals("pvlan")) {
return false; return false;
@ -2248,7 +2219,7 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
if (!add) { if (!add) {
op = "delete"; op = "delete";
} }
PvlanSetupCommand cmd = PvlanSetupCommand.createDhcpSetup(op, "xenbr0", nic.getBroadcastUri(), nic.getMacAddress(), nic.getIp4Address()); PvlanSetupCommand cmd = PvlanSetupCommand.createDhcpSetup(op, "xenbr0", nic.getBroadcastUri(), router.getInstanceName(), nic.getMacAddress(), nic.getIp4Address());
Commands cmds = new Commands(cmd); Commands cmds = new Commands(cmd);
// In fact we send command to the host of router, we're not programming router but the host // In fact we send command to the host of router, we're not programming router but the host
try { try {
@ -2260,23 +2231,6 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
return true; return true;
} }
@Override
public void setupVmWithDhcpHostForPvlan(boolean add, DomainRouterVO router, NicProfile profile) throws ResourceUnavailableException
{
if (!profile.getBroadCastUri().getScheme().equals("pvlan")) {
return;
}
String op = "add";
if (!add) {
op = "delete";
}
NicVO routerNic = _nicDao.findByInstanceIdAndNetworkId(profile.getNetworkId(), router.getId());
PvlanSetupCommand cmd = PvlanSetupCommand.createVmInDhcpHostSetup(op, "xenbr0", profile.getBroadCastUri(), routerNic.getMacAddress(), profile.getMacAddress());
Commands cmds = new Commands(cmd);
// In fact we send command to the host of router, we're not programming router but the host
sendCommandsToRouter(router, cmds);
}
@Override @Override
public boolean finalizeDeployment(Commands cmds, VirtualMachineProfile<DomainRouterVO> profile, public boolean finalizeDeployment(Commands cmds, VirtualMachineProfile<DomainRouterVO> profile,
DeployDestination dest, ReservationContext context) throws ResourceUnavailableException { DeployDestination dest, ReservationContext context) throws ResourceUnavailableException {
@ -2577,7 +2531,7 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
if (network.getTrafficType() == TrafficType.Guest) { if (network.getTrafficType() == TrafficType.Guest) {
guestNetworks.add(network); guestNetworks.add(network);
if (nic.getBroadcastUri().getScheme().equals("pvlan")) { if (nic.getBroadcastUri().getScheme().equals("pvlan")) {
result = setupDhcpForPvlanOnHost(true, router, nic); result = setupDhcpForPvlan(true, router, nic);
} }
} }
} }
@ -2615,9 +2569,10 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V
for (Nic nic : routerNics) { for (Nic nic : routerNics) {
Network network = _networkModel.getNetwork(nic.getNetworkId()); Network network = _networkModel.getNetwork(nic.getNetworkId());
if (network.getTrafficType() == TrafficType.Guest && nic.getBroadcastUri().getScheme().equals("pvlan")) { if (network.getTrafficType() == TrafficType.Guest && nic.getBroadcastUri().getScheme().equals("pvlan")) {
setupDhcpForPvlanOnHost(false, domR, nic); setupDhcpForPvlan(false, domR, nic);
} }
} }
} }
} }

8
server/test/com/cloud/vpc/MockVpcVirtualNetworkApplianceManager.java
View File

@ -401,12 +401,4 @@ VpcVirtualNetworkApplianceService {
// TODO Auto-generated method stub // TODO Auto-generated method stub
return null; return null;
} }
@Override
public void setupVmWithDhcpHostForPvlan(boolean add,
DomainRouterVO router, NicProfile nic) throws ResourceUnavailableException {
// TODO Auto-generated method stub
}
} }