diff --git a/engine/orchestration/src/org/apache/cloudstack/engine/cloud/entity/api/VirtualMachineEntityFactory.java b/engine/orchestration/src/org/apache/cloudstack/engine/cloud/entity/api/VirtualMachineEntityFactory.java deleted file mode 100644 index e8ad8e47745..00000000000 --- a/engine/orchestration/src/org/apache/cloudstack/engine/cloud/entity/api/VirtualMachineEntityFactory.java +++ /dev/null @@ -1,41 +0,0 @@ -// Licensed to the Apache Software Foundation (ASF) under one -// or more contributor license agreements. See the NOTICE file -// distributed with this work for additional information -// regarding copyright ownership. The ASF licenses this file -// to you under the Apache License, Version 2.0 (the -// "License"); you may not use this file except in compliance -// with the License. You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, -// software distributed under the License is distributed on an -// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -// KIND, either express or implied. See the License for the -// specific language governing permissions and limitations -// under the License. -package org.apache.cloudstack.engine.cloud.entity.api; - -import com.cloud.utils.component.ComponentContext; -import org.springframework.beans.factory.FactoryBean; -import org.springframework.stereotype.Component; - -@Component -public class VirtualMachineEntityFactory implements FactoryBean{ - - @Override - public VirtualMachineEntityImpl getObject() throws Exception { - return ComponentContext.inject(VirtualMachineEntityImpl.class.newInstance()); - } - - @Override - public Class getObjectType() { - return VirtualMachineEntityImpl.class; - } - - @Override - public boolean isSingleton() { - return false; - } - -} diff --git a/plugins/hypervisors/baremetal/src/com/cloud/baremetal/networkservice/BaremetaNetworkGuru.java b/plugins/hypervisors/baremetal/src/com/cloud/baremetal/networkservice/BaremetaNetworkGuru.java index 7501882df28..07ee12d06e5 100755 --- a/plugins/hypervisors/baremetal/src/com/cloud/baremetal/networkservice/BaremetaNetworkGuru.java +++ b/plugins/hypervisors/baremetal/src/com/cloud/baremetal/networkservice/BaremetaNetworkGuru.java @@ -5,9 +5,9 @@ // to you under the Apache License, Version 2.0 (the // "License"); you may not use this file except in compliance // with the License. You may obtain a copy of the License at -// +// // http://www.apache.org/licenses/LICENSE-2.0 -// +// // Unless required by applicable law or agreed to in writing, // software distributed under the License is distributed on an // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY @@ -23,9 +23,10 @@ import java.net.URI; import javax.ejb.Local; import javax.inject.Inject; -import org.apache.cloudstack.api.ApiConstants; import org.apache.log4j.Logger; +import org.apache.cloudstack.api.ApiConstants; + import com.cloud.dc.DataCenter; import com.cloud.dc.Pod; import com.cloud.dc.PodVlanMapVO; @@ -41,6 +42,7 @@ import com.cloud.exception.InsufficientVirtualNetworkCapcityException; import com.cloud.host.HostVO; import com.cloud.host.dao.HostDao; import com.cloud.hypervisor.Hypervisor.HypervisorType; +import com.cloud.network.IpAddressManager; import com.cloud.network.Network; import com.cloud.network.NetworkManager; import com.cloud.network.Networks.AddressFormat; @@ -54,7 +56,6 @@ import com.cloud.offerings.dao.NetworkOfferingDao; import com.cloud.utils.db.Transaction; import com.cloud.vm.NicProfile; import com.cloud.vm.ReservationContext; -import com.cloud.vm.VirtualMachine; import com.cloud.vm.VirtualMachineProfile; @Local(value = { NetworkGuru.class }) @@ -74,6 +75,8 @@ public class BaremetaNetworkGuru extends DirectPodBasedNetworkGuru { NetworkOfferingDao _networkOfferingDao; @Inject PodVlanMapDao _podVlanDao; + @Inject + IpAddressManager _ipAddrMgr; @Override public void reserve(NicProfile nic, Network network, VirtualMachineProfile vm, DeployDestination dest, ReservationContext context) @@ -106,7 +109,7 @@ public class BaremetaNetworkGuru extends DirectPodBasedNetworkGuru { txn.start(); // release the old ip here - _networkMgr.markIpAsUnavailable(ipVO.getId()); + _ipAddrMgr.markIpAsUnavailable(ipVO.getId()); _ipAddressDao.unassignIpAddress(ipVO.getId()); txn.commit(); @@ -154,7 +157,7 @@ public class BaremetaNetworkGuru extends DirectPodBasedNetworkGuru { DataCenter dc = _dcDao.findById(pod.getDataCenterId()); if (nic.getIp4Address() == null) { s_logger.debug(String.format("Requiring ip address: %s", nic.getIp4Address())); - PublicIp ip = _networkMgr.assignPublicIpAddress(dc.getId(), pod.getId(), vm.getOwner(), VlanType.DirectAttached, network.getId(), requiredIp, false); + PublicIp ip = _ipAddrMgr.assignPublicIpAddress(dc.getId(), pod.getId(), vm.getOwner(), VlanType.DirectAttached, network.getId(), requiredIp, false); nic.setIp4Address(ip.getAddress().toString()); nic.setFormat(AddressFormat.Ip4); nic.setGateway(ip.getGateway()); diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java index 8a5f041a638..3ae6a081207 100644 --- a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java @@ -28,11 +28,11 @@ import javax.ejb.Local; import javax.inject.Inject; import javax.naming.ConfigurationException; +import org.apache.log4j.Logger; + import org.apache.cloudstack.context.CallContext; import org.apache.cloudstack.network.ExternalNetworkDeviceManager.NetworkDevice; -import org.apache.log4j.Logger; - import com.cloud.agent.AgentManager; import com.cloud.agent.api.Answer; import com.cloud.agent.api.AssociateAsaWithLogicalEdgeFirewallCommand; @@ -62,8 +62,8 @@ import com.cloud.configuration.ConfigurationManager; import com.cloud.dc.ClusterVO; import com.cloud.dc.ClusterVSMMapVO; import com.cloud.dc.DataCenter; -import com.cloud.dc.Vlan; import com.cloud.dc.DataCenter.NetworkType; +import com.cloud.dc.Vlan; import com.cloud.dc.VlanVO; import com.cloud.dc.dao.ClusterDao; import com.cloud.dc.dao.ClusterVSMMapDao; @@ -81,15 +81,15 @@ import com.cloud.host.dao.HostDao; import com.cloud.host.dao.HostDetailsDao; import com.cloud.network.CiscoNexusVSMDeviceVO; import com.cloud.network.IpAddress; +import com.cloud.network.IpAddressManager; import com.cloud.network.Network; -import com.cloud.network.NetworkManager; -import com.cloud.network.NetworkModel; -import com.cloud.network.PhysicalNetworkServiceProvider; -import com.cloud.network.dao.PhysicalNetworkVO; import com.cloud.network.Network.Capability; import com.cloud.network.Network.Provider; import com.cloud.network.Network.Service; +import com.cloud.network.NetworkManager; +import com.cloud.network.NetworkModel; import com.cloud.network.Networks.BroadcastDomainType; +import com.cloud.network.PhysicalNetworkServiceProvider; import com.cloud.network.PublicIpAddress; import com.cloud.network.addr.PublicIp; import com.cloud.network.cisco.CiscoAsa1000vDevice; @@ -107,6 +107,7 @@ import com.cloud.network.dao.NetworkDao; import com.cloud.network.dao.PhysicalNetworkDao; import com.cloud.network.dao.PhysicalNetworkServiceProviderDao; import com.cloud.network.dao.PhysicalNetworkServiceProviderVO; +import com.cloud.network.dao.PhysicalNetworkVO; import com.cloud.network.resource.CiscoVnmcResource; import com.cloud.network.rules.FirewallRule; import com.cloud.network.rules.FirewallRule.TrafficType; @@ -125,7 +126,6 @@ import com.cloud.utils.exception.CloudRuntimeException; import com.cloud.utils.net.NetUtils; import com.cloud.vm.NicProfile; import com.cloud.vm.ReservationContext; -import com.cloud.vm.VirtualMachine; import com.cloud.vm.VirtualMachine.Type; import com.cloud.vm.VirtualMachineProfile; @@ -146,6 +146,8 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro NetworkManager _networkMgr; @Inject NetworkModel _networkModel; + @Inject + IpAddressManager _ipAddrMgr; @Inject PhysicalNetworkDao _physicalNetworkDao; @@ -262,7 +264,7 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro private boolean associateAsaWithLogicalEdgeFirewall(long vlanId, String asaMgmtIp, long hostId) { - AssociateAsaWithLogicalEdgeFirewallCommand cmd = + AssociateAsaWithLogicalEdgeFirewallCommand cmd = new AssociateAsaWithLogicalEdgeFirewallCommand(vlanId, asaMgmtIp); Answer answer = _agentMgr.easySend(hostId, cmd); return answer.getResult(); @@ -336,7 +338,7 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro HostVO ciscoVnmcHost = _hostDao.findById(ciscoVnmcDevice.getHostId()); _hostDao.loadDetails(ciscoVnmcHost); Account owner = context.getAccount(); - PublicIp sourceNatIp = _networkMgr.assignSourceNatIpAddressToGuestNetwork(owner, network); + PublicIp sourceNatIp = _ipAddrMgr.assignSourceNatIpAddressToGuestNetwork(owner, network); String vlan = network.getBroadcastUri().getHost(); long vlanId = Long.parseLong(vlan); @@ -362,14 +364,14 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro try { Account caller = CallContext.current().getCallingAccount(); long callerUserId = CallContext.current().getCallingUserId(); - outsideIp = _networkMgr.allocateIp(owner, false, caller, callerUserId, zone); + outsideIp = _ipAddrMgr.allocateIp(owner, false, caller, callerUserId, zone); } catch (ResourceAllocationException e) { s_logger.error("Unable to allocate additional public Ip address. Exception details " + e); return false; } try { - outsideIp = _networkMgr.associateIPToGuestNetwork(outsideIp.getId(), network.getId(), true); + outsideIp = _ipAddrMgr.associateIPToGuestNetwork(outsideIp.getId(), network.getId(), true); } catch (ResourceAllocationException e) { s_logger.error("Unable to assign allocated additional public Ip " + outsideIp.getAddress().addr() + " to network with vlan " + vlanId + ". Exception details " + e); return false; diff --git a/plugins/network-elements/cisco-vnmc/test/com/cloud/network/element/CiscoVnmcElementTest.java b/plugins/network-elements/cisco-vnmc/test/com/cloud/network/element/CiscoVnmcElementTest.java index a16733b5135..36460a83b63 100755 --- a/plugins/network-elements/cisco-vnmc/test/com/cloud/network/element/CiscoVnmcElementTest.java +++ b/plugins/network-elements/cisco-vnmc/test/com/cloud/network/element/CiscoVnmcElementTest.java @@ -16,6 +16,13 @@ // under the License. package com.cloud.network.element; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertTrue; +import static org.mockito.Matchers.any; +import static org.mockito.Matchers.anyLong; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; + import java.net.URI; import java.util.ArrayList; import java.util.Collections; @@ -25,7 +32,6 @@ import javax.naming.ConfigurationException; import org.junit.Before; import org.junit.Test; -import org.mockito.internal.matchers.Any; import com.cloud.agent.AgentManager; import com.cloud.agent.api.Answer; @@ -40,8 +46,8 @@ import com.cloud.agent.api.routing.SetStaticNatRulesCommand; import com.cloud.configuration.ConfigurationManager; import com.cloud.dc.ClusterVSMMapVO; import com.cloud.dc.DataCenter; -import com.cloud.dc.VlanVO; import com.cloud.dc.DataCenter.NetworkType; +import com.cloud.dc.VlanVO; import com.cloud.dc.dao.ClusterVSMMapDao; import com.cloud.dc.dao.VlanDao; import com.cloud.deploy.DeployDestination; @@ -51,12 +57,13 @@ import com.cloud.exception.InsufficientCapacityException; import com.cloud.exception.ResourceUnavailableException; import com.cloud.host.HostVO; import com.cloud.host.dao.HostDao; +import com.cloud.network.CiscoNexusVSMDeviceVO; +import com.cloud.network.IpAddress; +import com.cloud.network.IpAddressManager; import com.cloud.network.Network; import com.cloud.network.Network.GuestType; import com.cloud.network.Network.Provider; import com.cloud.network.Network.Service; -import com.cloud.network.CiscoNexusVSMDeviceVO; -import com.cloud.network.IpAddress; import com.cloud.network.NetworkManager; import com.cloud.network.NetworkModel; import com.cloud.network.Networks.BroadcastDomainType; @@ -73,16 +80,12 @@ import com.cloud.network.dao.NetworkServiceMapDao; import com.cloud.network.rules.FirewallRule; import com.cloud.network.rules.PortForwardingRule; import com.cloud.network.rules.StaticNat; -import com.cloud.network.rules.StaticNatRule; import com.cloud.offering.NetworkOffering; import com.cloud.resource.ResourceManager; import com.cloud.user.Account; import com.cloud.utils.net.Ip; import com.cloud.vm.ReservationContext; -import static org.junit.Assert.*; -import static org.mockito.Mockito.*; - public class CiscoVnmcElementTest { CiscoVnmcElement _element = new CiscoVnmcElement(); @@ -98,6 +101,7 @@ public class CiscoVnmcElementTest { ClusterVSMMapDao _clusterVsmMapDao = mock(ClusterVSMMapDao.class); CiscoNexusVSMDeviceDao _vsmDeviceDao = mock(CiscoNexusVSMDeviceDao.class); VlanDao _vlanDao = mock(VlanDao.class); + IpAddressManager _ipAddrMgr = mock(IpAddressManager.class); @Before public void setUp() throws ConfigurationException { @@ -206,7 +210,7 @@ public class CiscoVnmcElementTest { when(publicIp.getNetmask()).thenReturn("1.1.1.1"); when(publicIp.getMacAddress()).thenReturn(null); when(publicIp.isOneToOneNat()).thenReturn(true); - when(_networkMgr.assignSourceNatIpAddressToGuestNetwork(acc, network)).thenReturn(publicIp); + when(_ipAddrMgr.assignSourceNatIpAddressToGuestNetwork(acc, network)).thenReturn(publicIp); VlanVO vlanVO = mock(VlanVO.class); when(vlanVO.getVlanGateway()).thenReturn("1.1.1.1"); diff --git a/plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java b/plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java index 71045c964d0..55ed2538a8c 100644 --- a/plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java +++ b/plugins/network-elements/elastic-loadbalancer/src/com/cloud/network/lb/ElasticLoadBalancerManagerImpl.java @@ -75,6 +75,7 @@ import com.cloud.exception.ResourceUnavailableException; import com.cloud.exception.StorageUnavailableException; import com.cloud.hypervisor.Hypervisor.HypervisorType; import com.cloud.network.ElasticLbVmMapVO; +import com.cloud.network.IpAddressManager; import com.cloud.network.Network; import com.cloud.network.Network.Provider; import com.cloud.network.Network.Service; @@ -164,6 +165,8 @@ public class ElasticLoadBalancerManagerImpl extends ManagerBase implements Elast @Inject DataCenterDao _dcDao = null; @Inject + IpAddressManager _ipAddrMgr; + @Inject protected NetworkDao _networkDao; @Inject protected NetworkOfferingDao _networkOfferingDao; @@ -585,7 +588,7 @@ public class ElasticLoadBalancerManagerImpl extends ManagerBase implements Elast Transaction txn = Transaction.currentTxn(); txn.start(); - PublicIp ip = _networkMgr.assignPublicIpAddress(frontEndNetwork.getDataCenterId(), null, account, VlanType.DirectAttached, frontEndNetwork.getId(), null, true); + PublicIp ip = _ipAddrMgr.assignPublicIpAddress(frontEndNetwork.getDataCenterId(), null, account, VlanType.DirectAttached, frontEndNetwork.getId(), null, true); IPAddressVO ipvo = _ipAddressDao.findById(ip.getId()); ipvo.setAssociatedWithNetworkId(frontEndNetwork.getId()); _ipAddressDao.update(ipvo.getId(), ipvo); @@ -600,7 +603,7 @@ public class ElasticLoadBalancerManagerImpl extends ManagerBase implements Elast IPAddressVO ipvo = _ipAddressDao.findById(ipId); ipvo.setAssociatedWithNetworkId(null); _ipAddressDao.update(ipvo.getId(), ipvo); - _networkMgr.disassociatePublicIpAddress(ipId, userId, caller); + _ipAddrMgr.disassociatePublicIpAddress(ipId, userId, caller); _ipAddressDao.unassignIpAddress(ipId); } diff --git a/plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java b/plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java index 26d5570091d..aa5c182bd83 100644 --- a/plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java +++ b/plugins/network-elements/internal-loadbalancer/src/org/apache/cloudstack/network/lb/InternalLoadBalancerVMManagerImpl.java @@ -61,6 +61,7 @@ import com.cloud.exception.OperationTimedoutException; import com.cloud.exception.ResourceUnavailableException; import com.cloud.exception.StorageUnavailableException; import com.cloud.hypervisor.Hypervisor.HypervisorType; +import com.cloud.network.IpAddressManager; import com.cloud.network.Network; import com.cloud.network.Network.Provider; import com.cloud.network.Network.Service; @@ -130,6 +131,8 @@ public class InternalLoadBalancerVMManagerImpl extends ManagerBase implements private String _mgmtCidr; private long _internalLbVmOfferingId = 0L; + @Inject + IpAddressManager _ipAddrMgr; @Inject VirtualMachineManager _itMgr; @Inject DomainRouterDao _internalLbVmDao; @Inject ConfigurationDao _configDao; @@ -661,7 +664,7 @@ public class InternalLoadBalancerVMManagerImpl extends ManagerBase implements if (guestIp != null) { guestNic.setIp4Address(guestIp.addr()); } else { - guestNic.setIp4Address(_ntwkMgr.acquireGuestIpAddress(guestNetwork, null)); + guestNic.setIp4Address(_ipAddrMgr.acquireGuestIpAddress(guestNetwork, null)); } guestNic.setGateway(guestNetwork.getGateway()); guestNic.setBroadcastUri(guestNetwork.getBroadcastUri()); diff --git a/plugins/network-elements/midonet/src/com/cloud/network/guru/MidoNetPublicNetworkGuru.java b/plugins/network-elements/midonet/src/com/cloud/network/guru/MidoNetPublicNetworkGuru.java index 38da02bf6f9..ef97380a971 100644 --- a/plugins/network-elements/midonet/src/com/cloud/network/guru/MidoNetPublicNetworkGuru.java +++ b/plugins/network-elements/midonet/src/com/cloud/network/guru/MidoNetPublicNetworkGuru.java @@ -18,6 +18,13 @@ */ package com.cloud.network.guru; +import java.net.URI; + +import javax.ejb.Local; +import javax.inject.Inject; + +import org.apache.log4j.Logger; + import com.cloud.dc.DataCenter; import com.cloud.dc.Vlan; import com.cloud.deploy.DeployDestination; @@ -25,25 +32,26 @@ import com.cloud.deploy.DeploymentPlan; import com.cloud.exception.ConcurrentOperationException; import com.cloud.exception.InsufficientAddressCapacityException; import com.cloud.exception.InsufficientVirtualNetworkCapcityException; -import com.cloud.network.*; +import com.cloud.network.IpAddressManager; import com.cloud.network.Network; +import com.cloud.network.NetworkModel; +import com.cloud.network.NetworkProfile; +import com.cloud.network.Networks; import com.cloud.network.addr.PublicIp; +import com.cloud.network.dao.IPAddressVO; +import com.cloud.network.dao.NetworkVO; import com.cloud.offering.NetworkOffering; import com.cloud.user.Account; +import com.cloud.user.AccountVO; +import com.cloud.user.dao.AccountDao; import com.cloud.utils.db.DB; import com.cloud.utils.db.Transaction; import com.cloud.utils.exception.CloudRuntimeException; -import com.cloud.utils.net.NetUtils; -import com.cloud.user.AccountVO; -import com.cloud.user.dao.AccountDao; -import com.cloud.network.dao.NetworkVO; -import com.cloud.network.dao.IPAddressVO; -import com.cloud.vm.*; -import org.apache.log4j.Logger; -import java.net.URI; - -import javax.ejb.Local; -import javax.inject.Inject; +import com.cloud.vm.Nic; +import com.cloud.vm.NicProfile; +import com.cloud.vm.ReservationContext; +import com.cloud.vm.VirtualMachine; +import com.cloud.vm.VirtualMachineProfile; @Local(value = NetworkGuru.class) public class MidoNetPublicNetworkGuru extends PublicNetworkGuru { @@ -54,6 +62,8 @@ public class MidoNetPublicNetworkGuru extends PublicNetworkGuru { NetworkModel _networkModel; @Inject AccountDao _accountDao; + @Inject + IpAddressManager _ipAddrMgr; // Don't need to change traffic type stuff, public is fine @@ -78,10 +88,11 @@ public class MidoNetPublicNetworkGuru extends PublicNetworkGuru { super(); } + @Override protected void getIp(NicProfile nic, DataCenter dc, VirtualMachineProfile vm, Network network) throws InsufficientVirtualNetworkCapcityException, InsufficientAddressCapacityException, ConcurrentOperationException { if (nic.getIp4Address() == null) { - PublicIp ip = _networkMgr.assignPublicIpAddress(dc.getId(), null, vm.getOwner(), Vlan.VlanType.VirtualNetwork, null, null, false); + PublicIp ip = _ipAddrMgr.assignPublicIpAddress(dc.getId(), null, vm.getOwner(), Vlan.VlanType.VirtualNetwork, null, null, false); nic.setIp4Address(ip.getAddress().toString()); nic.setGateway(ip.getGateway()); @@ -201,7 +212,7 @@ public class MidoNetPublicNetworkGuru extends PublicNetworkGuru { Transaction txn = Transaction.currentTxn(); txn.start(); - _networkMgr.markIpAsUnavailable(ip.getId()); + _ipAddrMgr.markIpAsUnavailable(ip.getId()); _ipAddressDao.unassignIpAddress(ip.getId()); txn.commit(); diff --git a/plugins/network-elements/nicira-nvp/src/com/cloud/network/element/NiciraNvpElement.java b/plugins/network-elements/nicira-nvp/src/com/cloud/network/element/NiciraNvpElement.java index 754e7b1c1db..c7d08844fe3 100644 --- a/plugins/network-elements/nicira-nvp/src/com/cloud/network/element/NiciraNvpElement.java +++ b/plugins/network-elements/nicira-nvp/src/com/cloud/network/element/NiciraNvpElement.java @@ -28,10 +28,11 @@ import javax.ejb.Local; import javax.inject.Inject; import javax.naming.ConfigurationException; -import org.apache.cloudstack.network.ExternalNetworkDeviceManager.NetworkDevice; import org.apache.log4j.Logger; import org.springframework.stereotype.Component; +import org.apache.cloudstack.network.ExternalNetworkDeviceManager.NetworkDevice; + import com.cloud.agent.AgentManager; import com.cloud.agent.api.ConfigurePortForwardingRulesOnLogicalRouterAnswer; import com.cloud.agent.api.ConfigurePortForwardingRulesOnLogicalRouterCommand; @@ -74,6 +75,7 @@ import com.cloud.host.HostVO; import com.cloud.host.dao.HostDao; import com.cloud.host.dao.HostDetailsDao; import com.cloud.network.IpAddress; +import com.cloud.network.IpAddressManager; import com.cloud.network.Network; import com.cloud.network.Network.Capability; import com.cloud.network.Network.Provider; @@ -117,13 +119,12 @@ import com.cloud.utils.net.NetUtils; import com.cloud.vm.NicProfile; import com.cloud.vm.NicVO; import com.cloud.vm.ReservationContext; -import com.cloud.vm.VirtualMachine; import com.cloud.vm.VirtualMachineProfile; import com.cloud.vm.dao.NicDao; @Component -@Local(value = {NetworkElement.class, ConnectivityProvider.class, - SourceNatServiceProvider.class, StaticNatServiceProvider.class, +@Local(value = {NetworkElement.class, ConnectivityProvider.class, + SourceNatServiceProvider.class, StaticNatServiceProvider.class, PortForwardingServiceProvider.class, IpDeployer.class} ) public class NiciraNvpElement extends AdapterBase implements ConnectivityProvider, SourceNatServiceProvider, @@ -134,20 +135,20 @@ NiciraNvpElementService, ResourceStateAdapter, IpDeployer { private static final Map> capabilities = setCapabilities(); - @Inject + @Inject NicDao _nicDao; - @Inject - ResourceManager _resourceMgr; + @Inject + ResourceManager _resourceMgr; @Inject PhysicalNetworkDao _physicalNetworkDao; @Inject PhysicalNetworkServiceProviderDao _physicalNetworkServiceProviderDao; @Inject NiciraNvpDao _niciraNvpDao; - @Inject + @Inject HostDetailsDao _hostDetailsDao; @Inject - HostDao _hostDao; + HostDao _hostDao; @Inject AgentManager _agentMgr; @Inject @@ -166,6 +167,8 @@ NiciraNvpElementService, ResourceStateAdapter, IpDeployer { NetworkServiceMapDao _ntwkSrvcDao; @Inject VlanDao _vlanDao; + @Inject + IpAddressManager _ipAddrMgr; @Override public Map> getCapabilities() { @@ -199,7 +202,7 @@ NiciraNvpElementService, ResourceStateAdapter, IpDeployer { return false; } - return true; + return true; } @Override @@ -259,7 +262,7 @@ NiciraNvpElementService, ResourceStateAdapter, IpDeployer { network.getId(), Service.SourceNat, Provider.NiciraNvp)) { s_logger.debug("Apparently we are supposed to provide SourceNat on this network"); - PublicIp sourceNatIp = _networkManager + PublicIp sourceNatIp = _ipAddrMgr .assignSourceNatIpAddressToGuestNetwork(owner, network); String publicCidr = sourceNatIp.getAddress().addr() + "/" + NetUtils.getCidrSize(sourceNatIp.getVlanNetmask()); @@ -629,7 +632,7 @@ NiciraNvpElementService, ResourceStateAdapter, IpDeployer { } else { throw new CloudRuntimeException( "Failed to add Nicira Nvp Device due to internal error."); - } + } } catch (ConfigurationException e) { txn.rollback(); throw new CloudRuntimeException(e.getMessage()); @@ -665,7 +668,7 @@ NiciraNvpElementService, ResourceStateAdapter, IpDeployer { if (niciraNvpDevice == null) { throw new InvalidParameterValueException( "Could not find a nicira device with id " + niciraDeviceId); - } + } // Find the physical network we work for Long physicalNetworkId = niciraNvpDevice.getPhysicalNetworkId(); @@ -736,7 +739,7 @@ NiciraNvpElementService, ResourceStateAdapter, IpDeployer { return responseList; } - @Override + @Override public List listNiciraNvpDeviceNetworks( ListNiciraNvpDeviceNetworksCmd cmd) { Long niciraDeviceId = cmd.getNiciraNvpDeviceId(); @@ -745,7 +748,7 @@ NiciraNvpElementService, ResourceStateAdapter, IpDeployer { if (niciraNvpDevice == null) { throw new InvalidParameterValueException( "Could not find a nicira device with id " + niciraDeviceId); - } + } // Find the physical network we work for Long physicalNetworkId = niciraNvpDevice.getPhysicalNetworkId(); diff --git a/server/src/com/cloud/configuration/ConfigurationManagerImpl.java b/server/src/com/cloud/configuration/ConfigurationManagerImpl.java index 62699d6a86b..57dc0b39e7b 100755 --- a/server/src/com/cloud/configuration/ConfigurationManagerImpl.java +++ b/server/src/com/cloud/configuration/ConfigurationManagerImpl.java @@ -21,6 +21,7 @@ import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; import java.util.ArrayList; +import java.util.Arrays; import java.util.Collection; import java.util.HashMap; import java.util.HashSet; @@ -132,6 +133,7 @@ import com.cloud.exception.PermissionDeniedException; import com.cloud.exception.ResourceAllocationException; import com.cloud.exception.ResourceUnavailableException; import com.cloud.hypervisor.Hypervisor.HypervisorType; +import com.cloud.network.IpAddressManager; import com.cloud.network.Network; import com.cloud.network.Network.Capability; import com.cloud.network.Network.GuestType; @@ -203,8 +205,6 @@ import com.cloud.vm.dao.NicIpAliasDao; import com.cloud.vm.dao.NicIpAliasVO; import com.cloud.vm.dao.NicSecondaryIpDao; -import java.util.Arrays; - @Local(value = { ConfigurationManager.class, ConfigurationService.class }) public class ConfigurationManagerImpl extends ManagerBase implements ConfigurationManager, ConfigurationService { public static final Logger s_logger = Logger.getLogger(ConfigurationManagerImpl.class.getName()); @@ -303,6 +303,8 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati public ManagementService _mgr; @Inject DedicatedResourceDao _dedicatedDao; + @Inject + IpAddressManager _ipAddrMgr; // FIXME - why don't we have interface for DataCenterLinkLocalIpAddressDao? @Inject @@ -3208,7 +3210,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati + " belonging to the range has firewall rules applied. Cleanup the rules first"); } // release public ip address here - success = success && _networkMgr.disassociatePublicIpAddress(ip.getId(), userId, caller); + success = success && _ipAddrMgr.disassociatePublicIpAddress(ip.getId(), userId, caller); } if (!success) { s_logger.warn("Some ip addresses failed to be released as a part of vlan " + vlanDbId @@ -3391,7 +3393,7 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati s_logger.debug("Releasing Public IP addresses" + ip + " of vlan " + vlanDbId + " as part of Public IP" + " range release to the system pool"); } - success = success && _networkMgr.disassociatePublicIpAddress(ip.getId(), userId, caller); + success = success && _ipAddrMgr.disassociatePublicIpAddress(ip.getId(), userId, caller); } else { ipsInUse.add(ip); } diff --git a/server/src/com/cloud/network/ExternalLoadBalancerDeviceManagerImpl.java b/server/src/com/cloud/network/ExternalLoadBalancerDeviceManagerImpl.java index c3bc0ac351a..c018127411e 100644 --- a/server/src/com/cloud/network/ExternalLoadBalancerDeviceManagerImpl.java +++ b/server/src/com/cloud/network/ExternalLoadBalancerDeviceManagerImpl.java @@ -5,7 +5,7 @@ // to you under the Apache License, Version 2.0 (the // "License"); you may not use this file except in compliance // with the License. You may obtain a copy of the License at -// +// // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, @@ -26,13 +26,13 @@ import java.util.UUID; import javax.inject.Inject; import javax.naming.ConfigurationException; +import org.apache.log4j.Logger; + import org.apache.cloudstack.api.ApiConstants; import org.apache.cloudstack.api.response.ExternalLoadBalancerResponse; import org.apache.cloudstack.framework.config.dao.ConfigurationDao; import org.apache.cloudstack.network.ExternalNetworkDeviceManager.NetworkDevice; -import org.apache.log4j.Logger; - import com.cloud.agent.AgentManager; import com.cloud.agent.api.Answer; import com.cloud.agent.api.StartupCommand; @@ -184,6 +184,8 @@ public abstract class ExternalLoadBalancerDeviceManagerImpl extends AdapterBase ExternalFirewallDeviceDao _externalFirewallDeviceDao; @Inject protected HostPodDao _podDao = null; + @Inject + IpAddressManager _ipAddrMgr; private long _defaultLbCapacity; private static final org.apache.log4j.Logger s_logger = Logger.getLogger(ExternalLoadBalancerDeviceManagerImpl.class); @@ -507,7 +509,13 @@ public abstract class ExternalLoadBalancerDeviceManagerImpl extends AdapterBase // acquire a public IP to associate with lb appliance (used as subnet IP to make the // appliance part of private network) - PublicIp publicIp = _networkMgr.assignPublicIpAddress(guestConfig.getDataCenterId(), null, _accountMgr.getSystemAccount(), VlanType.VirtualNetwork, null, null, false); + PublicIp publicIp = _ipAddrMgr.assignPublicIpAddress(guestConfig.getDataCenterId(), + null, + _accountMgr.getSystemAccount(), + VlanType.VirtualNetwork, + null, + null, + false); String publicIPNetmask = publicIp.getVlanNetmask(); String publicIPgateway = publicIp.getVlanGateway(); String publicIPVlanTag = publicIp.getVlanTag(); @@ -544,7 +552,7 @@ public abstract class ExternalLoadBalancerDeviceManagerImpl extends AdapterBase // release the public & private IP back to dc pool, as the load balancer // appliance is now destroyed _dcDao.releasePrivateIpAddress(lbIP, guestConfig.getDataCenterId(), null); - _networkMgr.disassociatePublicIpAddress(publicIp.getId(), _accountMgr.getSystemUser().getId(), _accountMgr.getSystemAccount()); + _ipAddrMgr.disassociatePublicIpAddress(publicIp.getId(), _accountMgr.getSystemUser().getId(), _accountMgr.getSystemAccount()); } } catch (Exception e) { s_logger.warn("Failed to destroy load balancer appliance created for the network" + guestConfig.getId() + " due to " + e.getMessage()); @@ -696,7 +704,7 @@ public abstract class ExternalLoadBalancerDeviceManagerImpl extends AdapterBase // release the public IP allocated for this LB appliance DetailVO publicIpDetail = _hostDetailDao.findDetail(lbHost.getId(), "publicip"); IPAddressVO ipVo = _ipAddressDao.findByIpAndDcId(guestConfig.getDataCenterId(), publicIpDetail.toString()); - _networkMgr.disassociatePublicIpAddress(ipVo.getId(), _accountMgr.getSystemUser().getId(), _accountMgr.getSystemAccount()); + _ipAddrMgr.disassociatePublicIpAddress(ipVo.getId(), _accountMgr.getSystemUser().getId(), _accountMgr.getSystemAccount()); } else { deviceMapLock.unlock(); } @@ -763,7 +771,7 @@ public abstract class ExternalLoadBalancerDeviceManagerImpl extends AdapterBase String loadBalancingIpAddress = existedGuestIp; if (loadBalancingIpAddress == null) { - loadBalancingIpAddress = _networkMgr.acquireGuestIpAddress(network, null); + loadBalancingIpAddress = _ipAddrMgr.acquireGuestIpAddress(network, null); } if (loadBalancingIpAddress == null) { @@ -803,7 +811,7 @@ public abstract class ExternalLoadBalancerDeviceManagerImpl extends AdapterBase // Find the NIC that the mapping refers to loadBalancingIpNic = _nicDao.findById(mapping.getNicId()); - int count = _networkMgr.getRuleCountForIp(sourceIpId, Purpose.LoadBalancing, FirewallRule.State.Active); + int count = _ipAddrMgr.getRuleCountForIp(sourceIpId, Purpose.LoadBalancing, FirewallRule.State.Active); if (count == 0) { // On the firewall provider for the network, delete the static NAT rule between the source IP // address and the load balancing IP address @@ -984,7 +992,7 @@ public abstract class ExternalLoadBalancerDeviceManagerImpl extends AdapterBase } // Acquire a self-ip address from the guest network IP address range - selfIp = _networkMgr.acquireGuestIpAddress(guestConfig, null); + selfIp = _ipAddrMgr.acquireGuestIpAddress(guestConfig, null); if (selfIp == null) { String msg = "failed to acquire guest IP address so not implementing the network on the external load balancer "; s_logger.error(msg); diff --git a/server/src/com/cloud/network/NetworkManager.java b/server/src/com/cloud/network/NetworkManager.java index b8e5aefbb9c..4acf8c30842 100755 --- a/server/src/com/cloud/network/NetworkManager.java +++ b/server/src/com/cloud/network/NetworkManager.java @@ -22,9 +22,6 @@ import java.util.Map; import org.apache.cloudstack.acl.ControlledEntity.ACLType; -import com.cloud.dc.DataCenter; -import com.cloud.dc.Pod; -import com.cloud.dc.Vlan.VlanType; import com.cloud.deploy.DataCenterDeployment; import com.cloud.deploy.DeployDestination; import com.cloud.deploy.DeploymentPlan; @@ -36,17 +33,13 @@ import com.cloud.exception.ResourceAllocationException; import com.cloud.exception.ResourceUnavailableException; import com.cloud.network.Network.Provider; import com.cloud.network.Network.Service; -import com.cloud.network.addr.PublicIp; -import com.cloud.network.dao.IPAddressVO; import com.cloud.network.dao.NetworkVO; import com.cloud.network.element.DhcpServiceProvider; import com.cloud.network.element.LoadBalancingServiceProvider; import com.cloud.network.element.StaticNatServiceProvider; import com.cloud.network.element.UserDataServiceProvider; import com.cloud.network.guru.NetworkGuru; -import com.cloud.network.rules.FirewallRule; import com.cloud.network.rules.LoadBalancerContainer.Scheme; -import com.cloud.network.rules.StaticNat; import com.cloud.offering.NetworkOffering; import com.cloud.offerings.NetworkOfferingVO; import com.cloud.user.Account; @@ -65,37 +58,7 @@ import com.cloud.vm.VirtualMachineProfile; * */ public interface NetworkManager { - /** - * Assigns a new public ip address. - * - * @param dcId - * @param podId - * TODO - * @param owner - * @param type - * @param networkId - * @param requestedIp - * TODO - * @param allocatedBy - * TODO - * @return - * @throws InsufficientAddressCapacityException - */ - PublicIp assignPublicIpAddress(long dcId, Long podId, Account owner, VlanType type, Long networkId, String requestedIp, - boolean isSystem) throws InsufficientAddressCapacityException; - - - /** - * Do all of the work of releasing public ip addresses. Note that if this method fails, there can be side effects. - * - * @param userId - * @param caller - * TODO - * @param IpAddress - * @return true if it did; false if it didn't - */ - public boolean disassociatePublicIpAddress(long id, long userId, Account caller); List setupNetwork(Account owner, NetworkOffering offering, DeploymentPlan plan, String name, String displayText, boolean isDefault) throws ConcurrentOperationException; @@ -117,8 +80,6 @@ public interface NetworkManager { List getNicProfiles(VirtualMachine vm); - boolean applyRules(List rules, FirewallRule.Purpose purpose, NetworkRuleApplier applier, boolean continueOnError) throws ResourceUnavailableException; - Pair implementNetwork(long networkId, DeployDestination dest, ReservationContext context) throws ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException; @@ -161,62 +122,14 @@ public interface NetworkManager { Boolean displayNetworkEnabled, String isolatedPvlan) throws ConcurrentOperationException, InsufficientCapacityException, ResourceAllocationException; - /** - * @throws ResourceAllocationException TODO - * @throws InsufficientCapacityException - * Associates an ip address list to an account. The list of ip addresses are all addresses associated - * with the - * given vlan id. - * @param userId - * @param accountId - * @param zoneId - * @param vlanId - * @throws InsufficientAddressCapacityException - * @throws - */ - boolean associateIpAddressListToAccount(long userId, long accountId, long zoneId, Long vlanId, Network guestNetwork) throws InsufficientCapacityException, ConcurrentOperationException, - ResourceUnavailableException, ResourceAllocationException; - UserDataServiceProvider getPasswordResetProvider(Network network); UserDataServiceProvider getSSHKeyResetProvider(Network network); - boolean applyIpAssociations(Network network, boolean continueOnError) throws ResourceUnavailableException; - - boolean applyIpAssociations(Network network, boolean rulesRevoked, boolean continueOnError, List publicIps) throws ResourceUnavailableException; - boolean startNetwork(long networkId, DeployDestination dest, ReservationContext context) throws ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException; - IPAddressVO markIpAsUnavailable(long addrId); - - public String acquireGuestIpAddress(Network network, String requestedIp); - - boolean applyStaticNats(List staticNats, boolean continueOnError, boolean forRevoke) throws ResourceUnavailableException; - boolean reallocate(VirtualMachineProfile vm, DataCenterDeployment dest) throws InsufficientCapacityException, ConcurrentOperationException; - IpAddress assignSystemIp(long networkId, Account owner, - boolean forElasticLb, boolean forElasticIp) - throws InsufficientAddressCapacityException; - - boolean handleSystemIpRelease(IpAddress ip); - - void allocateDirectIp(NicProfile nic, DataCenter dc, - VirtualMachineProfile vm, - Network network, String requestedIpv4, String requestedIpv6) - throws InsufficientVirtualNetworkCapcityException, - InsufficientAddressCapacityException; - - /** - * @param owner - * @param guestNetwork - * @return - * @throws ConcurrentOperationException - * @throws InsufficientAddressCapacityException - */ - PublicIp assignSourceNatIpAddressToGuestNetwork(Account owner, Network guestNetwork) throws InsufficientAddressCapacityException, ConcurrentOperationException; - - /** * @param requested * @param network @@ -258,30 +171,6 @@ public interface NetworkManager { void removeNic(VirtualMachineProfile vm, Nic nic); - /** - * @param ipAddrId - * @param networkId - * @param releaseOnFailure TODO - */ - IPAddressVO associateIPToGuestNetwork(long ipAddrId, long networkId, boolean releaseOnFailure) throws ResourceAllocationException, ResourceUnavailableException, - InsufficientAddressCapacityException, ConcurrentOperationException; - - IpAddress allocatePortableIp(Account ipOwner, Account caller, long dcId, Long networkId, Long vpcID) - throws ConcurrentOperationException, ResourceAllocationException, InsufficientAddressCapacityException; - - boolean releasePortableIpAddress(long addrId); - - IPAddressVO associatePortableIPToGuestNetwork(long ipAddrId, long networkId, boolean releaseOnFailure) throws ResourceAllocationException, ResourceUnavailableException, - InsufficientAddressCapacityException, ConcurrentOperationException; - - IPAddressVO disassociatePortableIPToGuestNetwork(long ipAddrId, long networkId) throws ResourceAllocationException, ResourceUnavailableException, - InsufficientAddressCapacityException, ConcurrentOperationException; - - boolean isPortableIpTransferableFromNetwork(long ipAddrId, long networkId); - - void transferPortableIP(long ipAddrId, long currentNetworkId, long newNetworkId) throws ResourceAllocationException, ResourceUnavailableException, - InsufficientAddressCapacityException, ConcurrentOperationException;; - /** * @param network * @param provider @@ -318,24 +207,6 @@ public interface NetworkManager { InsufficientAddressCapacityException, ConcurrentOperationException, InsufficientCapacityException, ResourceUnavailableException; - /** - * @param addr - */ - void markPublicIpAsAllocated(IPAddressVO addr); - - - /** - * @param owner - * @param guestNtwkId - * @param vpcId - * @param dcId - * @param isSourceNat - * @return - * @throws ConcurrentOperationException - * @throws InsufficientAddressCapacityException - */ - PublicIp assignDedicateIpAddress(Account owner, Long guestNtwkId, Long vpcId, long dcId, boolean isSourceNat) throws ConcurrentOperationException, InsufficientAddressCapacityException; - NetworkProfile convertNetworkToNetworkProfile(long networkId); /** @@ -357,9 +228,6 @@ public interface NetworkManager { NetworkOfferingVO findById) throws ConcurrentOperationException, InsufficientAddressCapacityException, ResourceUnavailableException, InsufficientCapacityException; - IpAddress allocateIp(Account ipOwner, boolean isSystem, Account caller, long callerId, - DataCenter zone) throws ConcurrentOperationException, ResourceAllocationException, InsufficientAddressCapacityException; - Map finalizeServicesAndProvidersForNetwork(NetworkOffering offering, Long physicalNetworkId); @@ -369,23 +237,14 @@ public interface NetworkManager { boolean isNetworkInlineMode(Network network); - int getRuleCountForIp(Long addressId, FirewallRule.Purpose purpose, FirewallRule.State state); - LoadBalancingServiceProvider getLoadBalancingProviderForNetwork(Network network, Scheme lbScheme); boolean isSecondaryIpSetForNic(long nicId); - public String allocateGuestIP(Account ipOwner, boolean isSystem, long zoneId, Long networkId, String requestedIp) throws InsufficientAddressCapacityException; - List listVmNics(Long vmId, Long nicId); - String allocatePublicIpForGuestNic(Long networkId, DataCenter dc, Pod pod, Account caller, String requestedIp) throws InsufficientAddressCapacityException; - NicVO savePlaceholderNic(Network network, String ip4Address, String ip6Address, Type vmType); DhcpServiceProvider getDhcpServiceProvider(Network network); - - PublicIp assignPublicIpAddressFromVlans(long dcId, Long podId, Account owner, VlanType type, List vlanDbIds, Long networkId, String requestedIp, boolean isSystem) throws InsufficientAddressCapacityException; - void removeDhcpServiceInSubnet(NicVO nic); } diff --git a/server/src/com/cloud/network/NetworkManagerImpl.java b/server/src/com/cloud/network/NetworkManagerImpl.java index 3819fffc9c1..8c939f3636a 100755 --- a/server/src/com/cloud/network/NetworkManagerImpl.java +++ b/server/src/com/cloud/network/NetworkManagerImpl.java @@ -21,13 +21,11 @@ import java.util.ArrayList; import java.util.Arrays; import java.util.Collections; import java.util.Comparator; -import java.util.Date; import java.util.HashMap; import java.util.HashSet; import java.util.LinkedHashMap; import java.util.List; import java.util.Map; -import java.util.Random; import java.util.Set; import java.util.UUID; import java.util.concurrent.Executors; @@ -42,13 +40,9 @@ import org.apache.log4j.Logger; import org.springframework.stereotype.Component; import org.apache.cloudstack.acl.ControlledEntity.ACLType; -import org.apache.cloudstack.acl.SecurityChecker.AccessType; import org.apache.cloudstack.context.CallContext; import org.apache.cloudstack.framework.config.dao.ConfigurationDao; -import org.apache.cloudstack.region.PortableIp; import org.apache.cloudstack.region.PortableIpDao; -import org.apache.cloudstack.region.PortableIpVO; -import org.apache.cloudstack.region.Region; import com.cloud.agent.AgentManager; import com.cloud.agent.Listener; @@ -66,15 +60,12 @@ import com.cloud.api.ApiDBUtils; import com.cloud.configuration.Config; import com.cloud.configuration.ConfigurationManager; import com.cloud.configuration.Resource.ResourceType; -import com.cloud.dc.AccountVlanMapVO; import com.cloud.dc.DataCenter; import com.cloud.dc.DataCenter.NetworkType; import com.cloud.dc.DataCenterVO; import com.cloud.dc.DataCenterVnetVO; -import com.cloud.dc.Pod; import com.cloud.dc.PodVlanMapVO; import com.cloud.dc.Vlan; -import com.cloud.dc.Vlan.VlanType; import com.cloud.dc.VlanVO; import com.cloud.dc.dao.AccountVlanMapDao; import com.cloud.dc.dao.DataCenterDao; @@ -86,18 +77,13 @@ import com.cloud.deploy.DeployDestination; import com.cloud.deploy.DeploymentPlan; import com.cloud.domain.Domain; import com.cloud.domain.dao.DomainDao; -import com.cloud.event.ActionEventUtils; -import com.cloud.event.EventTypes; -import com.cloud.event.UsageEventUtils; import com.cloud.event.dao.UsageEventDao; -import com.cloud.exception.AccountLimitException; import com.cloud.exception.ConcurrentOperationException; import com.cloud.exception.ConnectionException; import com.cloud.exception.InsufficientAddressCapacityException; import com.cloud.exception.InsufficientCapacityException; import com.cloud.exception.InsufficientVirtualNetworkCapcityException; import com.cloud.exception.InvalidParameterValueException; -import com.cloud.exception.PermissionDeniedException; import com.cloud.exception.ResourceAllocationException; import com.cloud.exception.ResourceUnavailableException; import com.cloud.exception.UnsupportedServiceException; @@ -111,9 +97,7 @@ import com.cloud.network.Network.Event; import com.cloud.network.Network.GuestType; import com.cloud.network.Network.Provider; import com.cloud.network.Network.Service; -import com.cloud.network.Networks.AddressFormat; import com.cloud.network.Networks.BroadcastDomainType; -import com.cloud.network.Networks.IsolationType; import com.cloud.network.Networks.TrafficType; import com.cloud.network.addr.PublicIp; import com.cloud.network.dao.AccountGuestVlanMapDao; @@ -138,7 +122,6 @@ import com.cloud.network.dao.PhysicalNetworkVO; import com.cloud.network.dao.UserIpv6AddressDao; import com.cloud.network.element.DhcpServiceProvider; import com.cloud.network.element.IpDeployer; -import com.cloud.network.element.IpDeployingRequester; import com.cloud.network.element.LoadBalancingServiceProvider; import com.cloud.network.element.NetworkElement; import com.cloud.network.element.StaticNatServiceProvider; @@ -152,7 +135,6 @@ import com.cloud.network.rules.FirewallRuleVO; import com.cloud.network.rules.LoadBalancerContainer.Scheme; import com.cloud.network.rules.PortForwardingRuleVO; import com.cloud.network.rules.RulesManager; -import com.cloud.network.rules.StaticNat; import com.cloud.network.rules.StaticNatRule; import com.cloud.network.rules.StaticNatRuleImpl; import com.cloud.network.rules.dao.PortForwardingRulesDao; @@ -167,33 +149,27 @@ import com.cloud.offerings.NetworkOfferingVO; import com.cloud.offerings.dao.NetworkOfferingDao; import com.cloud.offerings.dao.NetworkOfferingDetailsDao; import com.cloud.offerings.dao.NetworkOfferingServiceMapDao; -import com.cloud.org.Grouping; import com.cloud.server.ConfigurationServer; import com.cloud.user.Account; import com.cloud.user.AccountManager; import com.cloud.user.ResourceLimitService; import com.cloud.user.User; -import com.cloud.user.UserVO; import com.cloud.user.dao.AccountDao; import com.cloud.user.dao.UserDao; -import com.cloud.utils.Journal; import com.cloud.utils.NumbersUtil; import com.cloud.utils.Pair; import com.cloud.utils.component.AdapterBase; import com.cloud.utils.component.ManagerBase; import com.cloud.utils.concurrency.NamedThreadFactory; import com.cloud.utils.db.DB; -import com.cloud.utils.db.Filter; import com.cloud.utils.db.GlobalLock; import com.cloud.utils.db.JoinBuilder.JoinType; import com.cloud.utils.db.SearchBuilder; -import com.cloud.utils.db.SearchCriteria; import com.cloud.utils.db.SearchCriteria.Op; import com.cloud.utils.db.Transaction; import com.cloud.utils.exception.CloudRuntimeException; import com.cloud.utils.fsm.NoTransitionException; import com.cloud.utils.fsm.StateMachine2; -import com.cloud.utils.net.Ip; import com.cloud.utils.net.NetUtils; import com.cloud.vm.Nic; import com.cloud.vm.Nic.ReservationStrategy; @@ -275,6 +251,8 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L protected NicIpAliasDao _nicIpAliasDao; @Inject protected IPAddressDao _publicIpAddressDao; + @Inject + protected IpAddressManager _ipAddrMgr; List _networkGurus; public List getNetworkGurus() { @@ -373,910 +351,7 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L HashMap _lastNetworkIdsToFree = new HashMap(); - @Override - public PublicIp assignPublicIpAddress(long dcId, Long podId, Account owner, VlanType type, Long networkId, String requestedIp, boolean isSystem) throws InsufficientAddressCapacityException { - return fetchNewPublicIp(dcId, podId, null, owner, type, networkId, false, true, requestedIp, isSystem, null); - } - @Override - public PublicIp assignPublicIpAddressFromVlans(long dcId, Long podId, Account owner, VlanType type, List vlanDbIds, Long networkId, String requestedIp, boolean isSystem) throws InsufficientAddressCapacityException { - return fetchNewPublicIp(dcId, podId, vlanDbIds , owner, type, networkId, false, true, requestedIp, isSystem, null); - } - @DB - public PublicIp fetchNewPublicIp(long dcId, Long podId, List vlanDbIds, Account owner, VlanType vlanUse, - Long guestNetworkId, boolean sourceNat, boolean assign, String requestedIp, boolean isSystem, Long vpcId) - throws InsufficientAddressCapacityException { - StringBuilder errorMessage = new StringBuilder("Unable to get ip adress in "); - boolean fetchFromDedicatedRange = false; - List dedicatedVlanDbIds = new ArrayList(); - List nonDedicatedVlanDbIds = new ArrayList(); - - Transaction txn = Transaction.currentTxn(); - txn.start(); - SearchCriteria sc = null; - if (podId != null) { - sc = AssignIpAddressFromPodVlanSearch.create(); - sc.setJoinParameters("podVlanMapSB", "podId", podId); - errorMessage.append(" pod id=" + podId); - } else { - sc = AssignIpAddressSearch.create(); - errorMessage.append(" zone id=" + dcId); - } - - // If owner has dedicated Public IP ranges, fetch IP from the dedicated range - // Otherwise fetch IP from the system pool - List maps = _accountVlanMapDao.listAccountVlanMapsByAccount(owner.getId()); - for (AccountVlanMapVO map : maps) { - if (vlanDbIds == null || vlanDbIds.contains(map.getVlanDbId())) - dedicatedVlanDbIds.add(map.getVlanDbId()); - } - List nonDedicatedVlans = _vlanDao.listZoneWideNonDedicatedVlans(dcId); - for (VlanVO nonDedicatedVlan : nonDedicatedVlans) { - if (vlanDbIds == null || vlanDbIds.contains(nonDedicatedVlan.getId())) - nonDedicatedVlanDbIds.add(nonDedicatedVlan.getId()); - } - if (dedicatedVlanDbIds != null && !dedicatedVlanDbIds.isEmpty()) { - fetchFromDedicatedRange = true; - sc.setParameters("vlanId", dedicatedVlanDbIds.toArray()); - errorMessage.append(", vlanId id=" + dedicatedVlanDbIds.toArray()); - } else if (nonDedicatedVlanDbIds != null && !nonDedicatedVlanDbIds.isEmpty()) { - sc.setParameters("vlanId", nonDedicatedVlanDbIds.toArray()); - errorMessage.append(", vlanId id=" + nonDedicatedVlanDbIds.toArray()); - } else { - if (podId != null) { - InsufficientAddressCapacityException ex = new InsufficientAddressCapacityException - ("Insufficient address capacity", Pod.class, podId); - ex.addProxyObject(ApiDBUtils.findPodById(podId).getUuid()); - throw ex; - } - s_logger.warn(errorMessage.toString()); - InsufficientAddressCapacityException ex = new InsufficientAddressCapacityException - ("Insufficient address capacity", DataCenter.class, dcId); - ex.addProxyObject(ApiDBUtils.findZoneById(dcId).getUuid()); - throw ex; - } - - sc.setParameters("dc", dcId); - - DataCenter zone = _configMgr.getZone(dcId); - - // for direct network take ip addresses only from the vlans belonging to the network - if (vlanUse == VlanType.DirectAttached) { - sc.setJoinParameters("vlan", "networkId", guestNetworkId); - errorMessage.append(", network id=" + guestNetworkId); - } - sc.setJoinParameters("vlan", "type", vlanUse); - - if (requestedIp != null) { - sc.addAnd("address", SearchCriteria.Op.EQ, requestedIp); - errorMessage.append(": requested ip " + requestedIp + " is not available"); - } - - Filter filter = new Filter(IPAddressVO.class, "vlanId", true, 0l, 1l); - - List addrs = _ipAddressDao.lockRows(sc, filter, true); - - // If all the dedicated IPs of the owner are in use fetch an IP from the system pool - if (addrs.size() == 0 && fetchFromDedicatedRange) { - // Verify if account is allowed to acquire IPs from the system - boolean useSystemIps = Boolean.parseBoolean(_configServer.getConfigValue(Config.UseSystemPublicIps.key(), - Config.ConfigurationParameterScope.account.toString(), owner.getId())); - if(useSystemIps && nonDedicatedVlanDbIds != null && !nonDedicatedVlanDbIds.isEmpty()) { - fetchFromDedicatedRange = false; - sc.setParameters("vlanId", nonDedicatedVlanDbIds.toArray()); - errorMessage.append(", vlanId id=" + nonDedicatedVlanDbIds.toArray()); - addrs = _ipAddressDao.lockRows(sc, filter, true); - } - } - - if (addrs.size() == 0) { - if (podId != null) { - InsufficientAddressCapacityException ex = new InsufficientAddressCapacityException - ("Insufficient address capacity", Pod.class, podId); - // for now, we hardcode the table names, but we should ideally do a lookup for the tablename from the VO object. - ex.addProxyObject(ApiDBUtils.findPodById(podId).getUuid()); - throw ex; - } - s_logger.warn(errorMessage.toString()); - InsufficientAddressCapacityException ex = new InsufficientAddressCapacityException - ("Insufficient address capacity", DataCenter.class, dcId); - ex.addProxyObject(ApiDBUtils.findZoneById(dcId).getUuid()); - throw ex; - } - - assert (addrs.size() == 1) : "Return size is incorrect: " + addrs.size(); - - if (!fetchFromDedicatedRange) { - // Check that the maximum number of public IPs for the given accountId will not be exceeded - try { - _resourceLimitMgr.checkResourceLimit(owner, ResourceType.public_ip); - } catch (ResourceAllocationException ex) { - s_logger.warn("Failed to allocate resource of type " + ex.getResourceType() + " for account " + owner); - throw new AccountLimitException("Maximum number of public IP addresses for account: " + owner.getAccountName() + " has been exceeded."); - } - } - - IPAddressVO addr = addrs.get(0); - addr.setSourceNat(sourceNat); - addr.setAllocatedTime(new Date()); - addr.setAllocatedInDomainId(owner.getDomainId()); - addr.setAllocatedToAccountId(owner.getId()); - addr.setSystem(isSystem); - - if (assign) { - markPublicIpAsAllocated(addr); - } else { - addr.setState(IpAddress.State.Allocating); - } - addr.setState(assign ? IpAddress.State.Allocated : IpAddress.State.Allocating); - - if (vlanUse != VlanType.DirectAttached || zone.getNetworkType() == NetworkType.Basic) { - addr.setAssociatedWithNetworkId(guestNetworkId); - addr.setVpcId(vpcId); - } - - _ipAddressDao.update(addr.getId(), addr); - - txn.commit(); - - if (vlanUse == VlanType.VirtualNetwork) { - _firewallMgr.addSystemFirewallRules(addr, owner); - } - - return PublicIp.createFromAddrAndVlan(addr, _vlanDao.findById(addr.getVlanId())); - } - - @DB - @Override - public void markPublicIpAsAllocated(IPAddressVO addr) { - - assert (addr.getState() == IpAddress.State.Allocating || addr.getState() == IpAddress.State.Free) : - "Unable to transition from state " + addr.getState() + " to " + IpAddress.State.Allocated; - - Transaction txn = Transaction.currentTxn(); - - Account owner = _accountMgr.getAccount(addr.getAllocatedToAccountId()); - - txn.start(); - addr.setState(IpAddress.State.Allocated); - _ipAddressDao.update(addr.getId(), addr); - - // Save usage event - if (owner.getAccountId() != Account.ACCOUNT_ID_SYSTEM) { - VlanVO vlan = _vlanDao.findById(addr.getVlanId()); - - String guestType = vlan.getVlanType().toString(); - - if (!isIpDedicated(addr)) { - UsageEventUtils.publishUsageEvent(EventTypes.EVENT_NET_IP_ASSIGN, owner.getId(), - addr.getDataCenterId(), addr.getId(), addr.getAddress().toString(), addr.isSourceNat(), guestType, - addr.getSystem(), addr.getClass().getName(), addr.getUuid()); - } - // don't increment resource count for direct and dedicated ip addresses - if (addr.getAssociatedWithNetworkId() != null && !isIpDedicated(addr)) { - _resourceLimitMgr.incrementResourceCount(owner.getId(), ResourceType.public_ip); - } - } - - txn.commit(); - } - - private boolean isIpDedicated(IPAddressVO addr) { - List maps = _accountVlanMapDao.listAccountVlanMapsByVlan(addr.getVlanId()); - if (maps != null && !maps.isEmpty()) - return true; - return false; - } - - @Override - public PublicIp assignSourceNatIpAddressToGuestNetwork(Account owner, Network guestNetwork) - throws InsufficientAddressCapacityException, ConcurrentOperationException { - assert (guestNetwork.getTrafficType() != null) : "You're asking for a source nat but your network " + - "can't participate in source nat. What do you have to say for yourself?"; - long dcId = guestNetwork.getDataCenterId(); - - IPAddressVO sourceNatIp = getExistingSourceNatInNetwork(owner.getId(), guestNetwork.getId()); - - PublicIp ipToReturn = null; - if (sourceNatIp != null) { - ipToReturn = PublicIp.createFromAddrAndVlan(sourceNatIp, _vlanDao.findById(sourceNatIp.getVlanId())); - } else { - ipToReturn = assignDedicateIpAddress(owner, guestNetwork.getId(), null, dcId, true); - } - - return ipToReturn; - } - - - @DB - @Override - public PublicIp assignDedicateIpAddress(Account owner, Long guestNtwkId, Long vpcId, long dcId, boolean isSourceNat) - throws ConcurrentOperationException, InsufficientAddressCapacityException { - - long ownerId = owner.getId(); - - PublicIp ip = null; - Transaction txn = Transaction.currentTxn(); - try { - txn.start(); - - owner = _accountDao.acquireInLockTable(ownerId); - - if (owner == null) { - // this ownerId comes from owner or type Account. See the class "AccountVO" and the annotations in that class - // to get the table name and field name that is queried to fill this ownerid. - ConcurrentOperationException ex = new ConcurrentOperationException("Unable to lock account"); - throw ex; - } - if (s_logger.isDebugEnabled()) { - s_logger.debug("lock account " + ownerId + " is acquired"); - } - - ip = fetchNewPublicIp(dcId, null, null, owner, VlanType.VirtualNetwork, guestNtwkId, - isSourceNat, false, null, false, vpcId); - IPAddressVO publicIp = ip.ip(); - - markPublicIpAsAllocated(publicIp); - _ipAddressDao.update(publicIp.getId(), publicIp); - - txn.commit(); - return ip; - } finally { - if (owner != null) { - if (s_logger.isDebugEnabled()) { - s_logger.debug("Releasing lock account " + ownerId); - } - - _accountDao.releaseFromLockTable(ownerId); - } - if (ip == null) { - txn.rollback(); - s_logger.error("Unable to get source nat ip address for account " + ownerId); - } - } - } - - - - @Override - public boolean applyIpAssociations(Network network, boolean continueOnError) throws ResourceUnavailableException { - List userIps = _ipAddressDao.listByAssociatedNetwork(network.getId(), null); - boolean success = true; - - // CloudStack will take a lazy approach to associate an acquired public IP to a network service provider as - // it will not know what service an acquired IP will be used for. An IP is actually associated with a provider when first - // rule is applied. Similarly when last rule on the acquired IP is revoked, IP is not associated with any provider - // but still be associated with the account. At this point just mark IP as allocated or released. - for (IPAddressVO addr : userIps) { - if (addr.getState() == IpAddress.State.Allocating) { - addr.setAssociatedWithNetworkId(network.getId()); - markPublicIpAsAllocated(addr); - } else if (addr.getState() == IpAddress.State.Releasing) { - // Cleanup all the resources for ip address if there are any, and only then un-assign ip in the system - if (cleanupIpResources(addr.getId(), Account.ACCOUNT_ID_SYSTEM, _accountMgr.getSystemAccount())) { - _ipAddressDao.unassignIpAddress(addr.getId()); - } else { - success = false; - s_logger.warn("Failed to release resources for ip address id=" + addr.getId()); - } - } - } - - return success; - } - - - // CloudStack will take a lazy approach to associate an acquired public IP to a network service provider as - // it will not know what a acquired IP will be used for. An IP is actually associated with a provider when first - // rule is applied. Similarly when last rule on the acquired IP is revoked, IP is not associated with any provider - // but still be associated with the account. Its up to caller of this function to decide when to invoke IPAssociation - @Override - public boolean applyIpAssociations(Network network, boolean postApplyRules, boolean continueOnError, - List publicIps) throws ResourceUnavailableException { - boolean success = true; - - Map> ipToServices = _networkModel.getIpToServices(publicIps, postApplyRules, true); - Map> providerToIpList = _networkModel.getProviderToIpList(network, ipToServices); - - for (Provider provider : providerToIpList.keySet()) { - try { - ArrayList ips = providerToIpList.get(provider); - if (ips == null || ips.isEmpty()) { - continue; - } - IpDeployer deployer = null; - NetworkElement element = _networkModel.getElementImplementingProvider(provider.getName()); - if (!(element instanceof IpDeployingRequester)) { - throw new CloudRuntimeException("Element " + element + " is not a IpDeployingRequester!"); - } - deployer = ((IpDeployingRequester)element).getIpDeployer(network); - if (deployer == null) { - throw new CloudRuntimeException("Fail to get ip deployer for element: " + element); - } - Set services = new HashSet(); - for (PublicIpAddress ip : ips) { - if (!ipToServices.containsKey(ip)) { - continue; - } - services.addAll(ipToServices.get(ip)); - } - deployer.applyIps(network, ips, services); - } catch (ResourceUnavailableException e) { - success = false; - if (!continueOnError) { - throw e; - } else { - s_logger.debug("Resource is not available: " + provider.getName(), e); - } - } - } - - return success; - } - - - - - protected List getIsolatedNetworksWithSourceNATOwnedByAccountInZone(long zoneId, Account owner) { - - return _networksDao.listSourceNATEnabledNetworks(owner.getId(), zoneId, Network.GuestType.Isolated); - } - - - - private IpAddress allocateIP(Account ipOwner, boolean isSystem, long zoneId) - throws ResourceAllocationException, InsufficientAddressCapacityException, ConcurrentOperationException { - Account caller = CallContext.current().getCallingAccount(); - long callerUserId = CallContext.current().getCallingUserId(); - // check permissions - _accountMgr.checkAccess(caller, null, false, ipOwner); - - DataCenter zone = _configMgr.getZone(zoneId); - - return allocateIp(ipOwner, isSystem, caller, callerUserId, zone); - } - - @DB - @Override - public IpAddress allocateIp(Account ipOwner, boolean isSystem, Account caller, long callerUserId, DataCenter zone) - throws ConcurrentOperationException, ResourceAllocationException, - InsufficientAddressCapacityException { - - VlanType vlanType = VlanType.VirtualNetwork; - boolean assign = false; - - if (Grouping.AllocationState.Disabled == zone.getAllocationState() && !_accountMgr.isRootAdmin(caller.getType())) { - // zone is of type DataCenter. See DataCenterVO.java. - PermissionDeniedException ex = new PermissionDeniedException("Cannot perform this operation, " + - "Zone is currently disabled"); - ex.addProxyObject(zone.getUuid(), "zoneId"); - throw ex; - } - - PublicIp ip = null; - - Transaction txn = Transaction.currentTxn(); - Account accountToLock = null; - try { - if (s_logger.isDebugEnabled()) { - s_logger.debug("Associate IP address called by the user " + callerUserId + " account " + ipOwner.getId()); - } - accountToLock = _accountDao.acquireInLockTable(ipOwner.getId()); - if (accountToLock == null) { - s_logger.warn("Unable to lock account: " + ipOwner.getId()); - throw new ConcurrentOperationException("Unable to acquire account lock"); - } - - if (s_logger.isDebugEnabled()) { - s_logger.debug("Associate IP address lock acquired"); - } - - txn.start(); - - ip = fetchNewPublicIp(zone.getId(), null, null, ipOwner, vlanType, null, false, assign, null, - isSystem, null); - - if (ip == null) { - InsufficientAddressCapacityException ex = new InsufficientAddressCapacityException - ("Unable to find available public IP addresses", DataCenter.class, zone.getId()); - ex.addProxyObject(ApiDBUtils.findZoneById(zone.getId()).getUuid()); - throw ex; - } - CallContext.current().setEventDetails("Ip Id: " + ip.getId()); - Ip ipAddress = ip.getAddress(); - - s_logger.debug("Got " + ipAddress + " to assign for account " + ipOwner.getId() + " in zone " + zone.getId()); - - txn.commit(); - } finally { - if (accountToLock != null) { - if (s_logger.isDebugEnabled()) { - s_logger.debug("Releasing lock account " + ipOwner); - } - _accountDao.releaseFromLockTable(ipOwner.getId()); - s_logger.debug("Associate IP address lock released"); - } - } - return ip; - } - - @Override - @DB - public IpAddress allocatePortableIp(Account ipOwner, Account caller, long dcId, Long networkId, Long vpcID) - throws ConcurrentOperationException, ResourceAllocationException, InsufficientAddressCapacityException { - - Transaction txn = Transaction.currentTxn(); - GlobalLock portableIpLock = GlobalLock.getInternLock("PortablePublicIpRange"); - PortableIpVO allocatedPortableIp; - IPAddressVO ipaddr; - - try { - portableIpLock.lock(5); - - txn.start(); - - List portableIpVOs = _portableIpDao.listByRegionIdAndState(1, PortableIp.State.Free); - if (portableIpVOs == null || portableIpVOs.isEmpty()) { - InsufficientAddressCapacityException ex = new InsufficientAddressCapacityException - ("Unable to find available portable IP addresses", Region.class, new Long(1)); - throw ex; - } - - // allocate first portable IP to the user - allocatedPortableIp = portableIpVOs.get(0); - allocatedPortableIp.setAllocatedTime(new Date()); - allocatedPortableIp.setAllocatedToAccountId(ipOwner.getAccountId()); - allocatedPortableIp.setAllocatedInDomainId(ipOwner.getDomainId()); - allocatedPortableIp.setState(PortableIp.State.Allocated); - _portableIpDao.update(allocatedPortableIp.getId(), allocatedPortableIp); - - // To make portable IP available as a zone level resource we need to emulate portable IP's (which are - // provisioned at region level) as public IP provisioned in a zone. user_ip_address and vlan combo give the - // identity of a public IP in zone. Create entry for portable ip in these tables. - - // provision portable IP range VLAN into the zone - long physicalNetworkId = _networkModel.getDefaultPhysicalNetworkByZoneAndTrafficType(dcId, TrafficType.Public).getId(); - Network network =_networkModel.getSystemNetworkByZoneAndTrafficType(dcId, TrafficType.Public); - String range = allocatedPortableIp.getAddress() + "-" + allocatedPortableIp.getAddress(); - VlanVO vlan = new VlanVO(VlanType.VirtualNetwork, allocatedPortableIp.getVlan(), allocatedPortableIp.getGateway(), - allocatedPortableIp.getNetmask(), dcId, range, network.getId(), physicalNetworkId, null, null, null); - vlan = _vlanDao.persist(vlan); - - // provision the portable IP in to user_ip_address table - ipaddr = new IPAddressVO(new Ip(allocatedPortableIp.getAddress()), dcId, networkId, vpcID, physicalNetworkId, - network.getId(), vlan.getId(), true); - ipaddr.setState(State.Allocated); - ipaddr.setAllocatedTime(new Date()); - ipaddr.setAllocatedInDomainId(ipOwner.getDomainId()); - ipaddr.setAllocatedToAccountId(ipOwner.getId()); - ipaddr= _ipAddressDao.persist(ipaddr); - - String guestType = vlan.getVlanType().toString(); - UsageEventUtils.publishUsageEvent(EventTypes.EVENT_PORTABLE_IP_ASSIGN, ipaddr.getId(), - ipaddr.getDataCenterId(), ipaddr.getId(), ipaddr.getAddress().toString(), ipaddr.isSourceNat(), null, - ipaddr.getSystem(), ipaddr.getClass().getName(), ipaddr.getUuid()); - - txn.commit(); - - } finally { - portableIpLock.unlock(); - } - - return ipaddr; - } - - protected IPAddressVO getExistingSourceNatInNetwork(long ownerId, Long networkId) { - - List addrs = _networkModel.listPublicIpsAssignedToGuestNtwk(ownerId, networkId, true); - - IPAddressVO sourceNatIp = null; - if (addrs.isEmpty()) { - return null; - } else { - // Account already has ip addresses - for (IpAddress addr : addrs) { - if (addr.isSourceNat()) { - sourceNatIp = _ipAddressDao.findById(addr.getId()); - return sourceNatIp; - } - } - - assert (sourceNatIp != null) : "How do we get a bunch of ip addresses but none of them are source nat? " + - "account=" + ownerId + "; networkId=" + networkId; - } - - return sourceNatIp; - } - - @DB - @Override - public IPAddressVO associateIPToGuestNetwork(long ipId, long networkId, boolean releaseOnFailure) - throws ResourceAllocationException, ResourceUnavailableException, - InsufficientAddressCapacityException, ConcurrentOperationException { - Account caller = CallContext.current().getCallingAccount(); - Account owner = null; - - IPAddressVO ipToAssoc = _ipAddressDao.findById(ipId); - if (ipToAssoc != null) { - Network network = _networksDao.findById(networkId); - if (network == null) { - throw new InvalidParameterValueException("Invalid network id is given"); - } - - DataCenter zone = _configMgr.getZone(network.getDataCenterId()); - if (zone.getNetworkType() == NetworkType.Advanced) { - if (network.getGuestType() == Network.GuestType.Shared) { - if (isSharedNetworkOfferingWithServices(network.getNetworkOfferingId())) { - _accountMgr.checkAccess(CallContext.current().getCallingAccount(), AccessType.UseNetwork, false, network); - } else { - throw new InvalidParameterValueException("IP can be associated with guest network of 'shared' type only if " + - "network services Source Nat, Static Nat, Port Forwarding, Load balancing, firewall are enabled in the network"); - } - } - } else { - _accountMgr.checkAccess(caller, null, true, ipToAssoc); - } - owner = _accountMgr.getAccount(ipToAssoc.getAllocatedToAccountId()); - } else { - s_logger.debug("Unable to find ip address by id: " + ipId); - return null; - } - - if (ipToAssoc.getAssociatedWithNetworkId() != null) { - s_logger.debug("IP " + ipToAssoc + " is already assocaited with network id" + networkId); - return ipToAssoc; - } - - Network network = _networksDao.findById(networkId); - if (network != null) { - _accountMgr.checkAccess(owner, AccessType.UseNetwork, false, network); - } else { - s_logger.debug("Unable to find ip address by id: " + ipId); - return null; - } - - DataCenter zone = _configMgr.getZone(network.getDataCenterId()); - - // allow associating IP addresses to guest network only - if (network.getTrafficType() != TrafficType.Guest) { - throw new InvalidParameterValueException("Ip address can be associated to the network with trafficType " + TrafficType.Guest); - } - - // Check that network belongs to IP owner - skip this check - // - if zone is basic zone as there is just one guest network, - // - if shared network in Advanced zone - // - and it belongs to the system - if (network.getAccountId() != owner.getId()) { - if (zone.getNetworkType() != NetworkType.Basic && !(zone.getNetworkType() == NetworkType.Advanced && network.getGuestType() == Network.GuestType.Shared)) { - throw new InvalidParameterValueException("The owner of the network is not the same as owner of the IP"); - } - } - - // In Advance zone only allow to do IP assoc - // - for Isolated networks with source nat service enabled - // - for shared networks with source nat service enabled - if (zone.getNetworkType() == NetworkType.Advanced && - !(_networkModel.areServicesSupportedInNetwork(network.getId(), Service.SourceNat))) { - throw new InvalidParameterValueException("In zone of type " + NetworkType.Advanced + - " ip address can be associated only to the network of guest type " + GuestType.Isolated + " with the " - + Service.SourceNat.getName() + " enabled"); - } - - NetworkOffering offering = _networkOfferingDao.findById(network.getNetworkOfferingId()); - boolean sharedSourceNat = offering.getSharedSourceNat(); - boolean isSourceNat = false; - if (!sharedSourceNat) { - if (getExistingSourceNatInNetwork(owner.getId(), networkId) == null) { - if (network.getGuestType() == GuestType.Isolated && network.getVpcId() == null && - !ipToAssoc.isPortable()) { - isSourceNat = true; - } - } - } - - s_logger.debug("Associating ip " + ipToAssoc + " to network " + network); - - IPAddressVO ip = _ipAddressDao.findById(ipId); - //update ip address with networkId - ip.setAssociatedWithNetworkId(networkId); - ip.setSourceNat(isSourceNat); - _ipAddressDao.update(ipId, ip); - - boolean success = false; - try { - success = applyIpAssociations(network, false); - if (success) { - s_logger.debug("Successfully associated ip address " + ip.getAddress().addr() + " to network " + network); - } else { - s_logger.warn("Failed to associate ip address " + ip.getAddress().addr() + " to network " + network); - } - return ip; - } finally { - if (!success && releaseOnFailure) { - if (ip != null) { - try { - s_logger.warn("Failed to associate ip address, so releasing ip from the database " + ip); - _ipAddressDao.markAsUnavailable(ip.getId()); - if (!applyIpAssociations(network, true)) { - // if fail to apply ip assciations again, unassign ip address without updating resource - // count and generating usage event as there is no need to keep it in the db - _ipAddressDao.unassignIpAddress(ip.getId()); - } - } catch (Exception e) { - s_logger.warn("Unable to disassociate ip address for recovery", e); - } - } - } - } - } - - @Override - public IPAddressVO associatePortableIPToGuestNetwork(long ipAddrId, long networkId, boolean releaseOnFailure) throws ResourceAllocationException, ResourceUnavailableException, - InsufficientAddressCapacityException, ConcurrentOperationException { - return associateIPToGuestNetwork(ipAddrId, networkId, releaseOnFailure); - } - - @DB - @Override - public IPAddressVO disassociatePortableIPToGuestNetwork(long ipId, long networkId) - throws ResourceAllocationException, ResourceUnavailableException, - InsufficientAddressCapacityException, ConcurrentOperationException { - - Account caller = CallContext.current().getCallingAccount(); - Account owner = null; - - Network network = _networksDao.findById(networkId); - if (network == null) { - throw new InvalidParameterValueException("Invalid network id is given"); - } - - IPAddressVO ipToAssoc = _ipAddressDao.findById(ipId); - if (ipToAssoc != null) { - - if (ipToAssoc.getAssociatedWithNetworkId() == null) { - throw new InvalidParameterValueException("IP " + ipToAssoc + " is not associated with any network"); - } - - if (ipToAssoc.getAssociatedWithNetworkId() != network.getId()) { - throw new InvalidParameterValueException("IP " + ipToAssoc + " is not associated with network id" + networkId); - } - - DataCenter zone = _configMgr.getZone(network.getDataCenterId()); - if (zone.getNetworkType() == NetworkType.Advanced) { - if (network.getGuestType() == Network.GuestType.Shared) { - assert (isSharedNetworkOfferingWithServices(network.getNetworkOfferingId())); - _accountMgr.checkAccess(CallContext.current().getCallingAccount(), AccessType.UseNetwork, false, network); - } - } else { - _accountMgr.checkAccess(caller, null, true, ipToAssoc); - } - owner = _accountMgr.getAccount(ipToAssoc.getAllocatedToAccountId()); - } else { - s_logger.debug("Unable to find ip address by id: " + ipId); - return null; - } - - DataCenter zone = _configMgr.getZone(network.getDataCenterId()); - - // Check that network belongs to IP owner - skip this check - // - if zone is basic zone as there is just one guest network, - // - if shared network in Advanced zone - // - and it belongs to the system - if (network.getAccountId() != owner.getId()) { - if (zone.getNetworkType() != NetworkType.Basic && !(zone.getNetworkType() == NetworkType.Advanced && network.getGuestType() == Network.GuestType.Shared)) { - throw new InvalidParameterValueException("The owner of the network is not the same as owner of the IP"); - } - } - - // Check if IP has any services (rules) associated in the network - List ipList = new ArrayList(); - PublicIp publicIp = PublicIp.createFromAddrAndVlan(ipToAssoc, _vlanDao.findById(ipToAssoc.getVlanId())); - ipList.add(publicIp); - Map> ipToServices = _networkModel.getIpToServices(ipList, false, true); - if (ipToServices != null & !ipToServices.isEmpty()) { - Set services = ipToServices.get(publicIp); - if (services != null && !services.isEmpty()) { - throw new InvalidParameterValueException("IP " + ipToAssoc + " has services and rules associated in the network " + networkId); - } - } - - IPAddressVO ip = _ipAddressDao.findById(ipId); - ip.setAssociatedWithNetworkId(null); - _ipAddressDao.update(ipId, ip); - - try { - boolean success = applyIpAssociations(network, false); - if (success) { - s_logger.debug("Successfully associated ip address " + ip.getAddress().addr() + " to network " + network); - } else { - s_logger.warn("Failed to associate ip address " + ip.getAddress().addr() + " to network " + network); - } - return ip; - } finally { - - } - } - - @Override - public boolean isPortableIpTransferableFromNetwork(long ipAddrId, long networkId) { - Network network = _networksDao.findById(networkId); - if (network == null) { - throw new InvalidParameterValueException("Invalid network id is given"); - } - - IPAddressVO ip = _ipAddressDao.findById(ipAddrId); - if (ip == null) { - throw new InvalidParameterValueException("Invalid network id is given"); - } - - // Check if IP has any services (rules) associated in the network - List ipList = new ArrayList(); - PublicIp publicIp = PublicIp.createFromAddrAndVlan(ip, _vlanDao.findById(ip.getVlanId())); - ipList.add(publicIp); - Map> ipToServices = _networkModel.getIpToServices(ipList, false, true); - if (ipToServices != null & !ipToServices.isEmpty()) { - Set ipServices = ipToServices.get(publicIp); - if (ipServices != null && !ipServices.isEmpty()) { - return false; - } - } - - return true; - } - - @DB - @Override - public void transferPortableIP(long ipAddrId, long currentNetworkId, long newNetworkId) throws ResourceAllocationException, ResourceUnavailableException, - InsufficientAddressCapacityException, ConcurrentOperationException { - - Network srcNetwork = _networksDao.findById(currentNetworkId); - if (srcNetwork == null) { - throw new InvalidParameterValueException("Invalid source network id " + currentNetworkId +" is given"); - } - - Network dstNetwork = _networksDao.findById(newNetworkId); - if (dstNetwork == null) { - throw new InvalidParameterValueException("Invalid source network id " + newNetworkId +" is given"); - } - - IPAddressVO ip = _ipAddressDao.findById(ipAddrId); - if (ip == null) { - throw new InvalidParameterValueException("Invalid portable ip address id is given"); - } - - Transaction txn = Transaction.currentTxn(); - - assert(isPortableIpTransferableFromNetwork(ipAddrId, currentNetworkId)); - - // disassociate portable IP with current network/VPC network - if (srcNetwork.getVpcId() != null) { - _vpcMgr.unassignIPFromVpcNetwork(ipAddrId, currentNetworkId); - } else { - disassociatePortableIPToGuestNetwork(ipAddrId, currentNetworkId); - } - - // If portable IP need to be transferred across the zones, then mark the entry corresponding to portable ip - // in user_ip_address and vlan tables so as to emulate portable IP as provisioned in destination data center - if (srcNetwork.getDataCenterId() != dstNetwork.getDataCenterId()) { - txn.start(); - - long physicalNetworkId = _networkModel.getDefaultPhysicalNetworkByZoneAndTrafficType( - dstNetwork.getDataCenterId(), TrafficType.Public).getId(); - long publicNetworkId =_networkModel.getSystemNetworkByZoneAndTrafficType( - dstNetwork.getDataCenterId(), TrafficType.Public).getId(); - - ip.setDataCenterId(dstNetwork.getDataCenterId()); - ip.setPhysicalNetworkId(physicalNetworkId); - ip.setSourceNetworkId(publicNetworkId); - _ipAddressDao.update(ipAddrId, ip); - - VlanVO vlan = _vlanDao.findById(ip.getVlanId()); - vlan.setPhysicalNetworkId(physicalNetworkId); - vlan.setNetworkId(publicNetworkId); - vlan.setDataCenterId(dstNetwork.getDataCenterId()); - _vlanDao.update(ip.getVlanId(), vlan); - - txn.commit(); - } - - // associate portable IP with new network/VPC network - associatePortableIPToGuestNetwork(ipAddrId, newNetworkId, false); - - txn.start(); - - if (dstNetwork.getVpcId() != null) { - ip.setVpcId(dstNetwork.getVpcId()); - } else { - ip.setVpcId(null); - } - - _ipAddressDao.update(ipAddrId, ip); - - txn.commit(); - - // trigger an action event for the transfer of portable IP across the networks, so that external entities - // monitoring for this event can initiate the route advertisement for the availability of IP from the zoe - ActionEventUtils.onActionEvent(User.UID_SYSTEM, Account.ACCOUNT_ID_SYSTEM, Domain.ROOT_DOMAIN, - EventTypes.EVENT_PORTABLE_IP_TRANSFER, "Portable IP associated is transferred from network " - + currentNetworkId + " to " + newNetworkId); - } - - @Override - @DB - public boolean disassociatePublicIpAddress(long addrId, long userId, Account caller) { - - boolean success = true; - // Cleanup all ip address resources - PF/LB/Static nat rules - if (!cleanupIpResources(addrId, userId, caller)) { - success = false; - s_logger.warn("Failed to release resources for ip address id=" + addrId); - } - - IPAddressVO ip = markIpAsUnavailable(addrId); - - assert (ip != null) : "Unable to mark the ip address id=" + addrId + " as unavailable."; - if (ip == null) { - return true; - } - - if (s_logger.isDebugEnabled()) { - s_logger.debug("Releasing ip id=" + addrId + "; sourceNat = " + ip.isSourceNat()); - } - - if (ip.getAssociatedWithNetworkId() != null) { - Network network = _networksDao.findById(ip.getAssociatedWithNetworkId()); - try { - if (!applyIpAssociations(network, true)) { - s_logger.warn("Unable to apply ip address associations for " + network); - success = false; - } - } catch (ResourceUnavailableException e) { - throw new CloudRuntimeException("We should never get to here because we used true when applyIpAssociations", e); - } - } else { - if (ip.getState() == IpAddress.State.Releasing) { - _ipAddressDao.unassignIpAddress(ip.getId()); - } - } - - if (success) { - if (ip.isPortable()) { - releasePortableIpAddress(addrId); - } - s_logger.debug("Released a public ip id=" + addrId); - } - - return success; - } - - @DB - @Override - public boolean releasePortableIpAddress(long addrId) { - Transaction txn = Transaction.currentTxn(); - GlobalLock portableIpLock = GlobalLock.getInternLock("PortablePublicIpRange"); - - txn.start(); - try { - portableIpLock.lock(5); - IPAddressVO ip = _ipAddressDao.findById(addrId); - - // unassign portable IP - PortableIpVO portableIp = _portableIpDao.findByIpAddress(ip.getAddress().addr()); - _portableIpDao.unassignIpAddress(portableIp.getId()); - - // removed the provisioned vlan - VlanVO vlan = _vlanDao.findById(ip.getVlanId()); - _vlanDao.remove(vlan.getId()); - - // remove the provisioned public ip address - _ipAddressDao.remove(ip.getId()); - - txn.commit(); - return true; - } finally { - portableIpLock.releaseRef(); - } - } @Override @DB @@ -1977,7 +1052,7 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L if (ips.isEmpty()) { s_logger.debug("Creating a source nat ip for network " + network); Account owner = _accountMgr.getAccount(network.getAccountId()); - assignSourceNatIpAddressToGuestNetwork(owner, network); + _ipAddrMgr.assignSourceNatIpAddressToGuestNetwork(owner, network); } } @@ -2017,6 +1092,90 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L } } + // This method re-programs the rules/ips for existing network + protected boolean reprogramNetworkRules(long networkId, Account caller, NetworkVO network) throws ResourceUnavailableException { + boolean success = true; + // associate all ip addresses + if (!_ipAddrMgr.applyIpAssociations(network, false)) { + s_logger.warn("Failed to apply ip addresses as a part of network id" + networkId + " restart"); + success = false; + } + + // apply static nat + if (!_rulesMgr.applyStaticNatsForNetwork(networkId, false, caller)) { + s_logger.warn("Failed to apply static nats a part of network id" + networkId + " restart"); + success = false; + } + + // apply firewall rules + List firewallIngressRulesToApply = _firewallDao.listByNetworkPurposeTrafficType(networkId, Purpose.Firewall, FirewallRule.TrafficType.Ingress); + if (!_firewallMgr.applyFirewallRules(firewallIngressRulesToApply, false, caller)) { + s_logger.warn("Failed to reapply Ingress firewall rule(s) as a part of network id=" + networkId + " restart"); + success = false; + } + + List firewallEgressRulesToApply = _firewallDao.listByNetworkPurposeTrafficType(networkId, Purpose.Firewall, FirewallRule.TrafficType.Egress); + if (firewallEgressRulesToApply.size() == 0) { + NetworkOfferingVO offering = _networkOfferingDao.findById(network.getNetworkOfferingId()); + //there are no egress rules then apply the default egress rule + DataCenter zone = _dcDao.findById(network.getDataCenterId()); + if (offering.getEgressDefaultPolicy() && _networkModel.areServicesSupportedInNetwork(network.getId(), Service.Firewall) && + (network.getGuestType() == Network.GuestType.Isolated || (network.getGuestType() == Network.GuestType.Shared && zone.getNetworkType() == NetworkType.Advanced))) { + // add default egress rule to accept the traffic + _firewallMgr.applyDefaultEgressFirewallRule(network.getId(), true); + } + } else { + if (!_firewallMgr.applyFirewallRules(firewallEgressRulesToApply, false, caller)) { + s_logger.warn("Failed to reapply firewall Egress rule(s) as a part of network id=" + networkId + " restart"); + success = false; + } + } + + // apply port forwarding rules + if (!_rulesMgr.applyPortForwardingRulesForNetwork(networkId, false, caller)) { + s_logger.warn("Failed to reapply port forwarding rule(s) as a part of network id=" + networkId + " restart"); + success = false; + } + + // apply static nat rules + if (!_rulesMgr.applyStaticNatRulesForNetwork(networkId, false, caller)) { + s_logger.warn("Failed to reapply static nat rule(s) as a part of network id=" + networkId + " restart"); + success = false; + } + + // apply public load balancer rules + if (!_lbMgr.applyLoadBalancersForNetwork(networkId, Scheme.Public)) { + s_logger.warn("Failed to reapply Public load balancer rules as a part of network id=" + networkId + " restart"); + success = false; + } + + // apply internal load balancer rules + if (!_lbMgr.applyLoadBalancersForNetwork(networkId, Scheme.Internal)) { + s_logger.warn("Failed to reapply internal load balancer rules as a part of network id=" + networkId + " restart"); + success = false; + } + + // apply vpn rules + List vpnsToReapply = _vpnMgr.listRemoteAccessVpns(networkId); + if (vpnsToReapply != null) { + for (RemoteAccessVpn vpn : vpnsToReapply) { + // Start remote access vpn per ip + if (_vpnMgr.startRemoteAccessVpn(vpn.getServerAddressId(), false) == null) { + s_logger.warn("Failed to reapply vpn rules as a part of network id=" + networkId + " restart"); + success = false; + } + } + } + + //apply network ACLs + if (!_networkACLMgr.applyACLToNetwork(networkId)) { + s_logger.warn("Failed to reapply network ACLs as a part of of network id=" + networkId + " restart"); + success = false; + } + + return success; + } + protected boolean prepareElement(NetworkElement element, NetworkVO network, NicProfile profile, VirtualMachineProfile vmProfile, DeployDestination dest, ReservationContext context) throws InsufficientCapacityException, @@ -3041,104 +2200,6 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L return result; } - @Override - public boolean applyRules(List rules, FirewallRule.Purpose purpose, - NetworkRuleApplier applier, boolean continueOnError) throws ResourceUnavailableException { - if (rules == null || rules.size() == 0) { - s_logger.debug("There are no rules to forward to the network elements"); - return true; - } - - boolean success = true; - Network network = _networksDao.findById(rules.get(0).getNetworkId()); - FirewallRuleVO.TrafficType trafficType = rules.get(0).getTrafficType(); - List publicIps = new ArrayList(); - - if (!(rules.get(0).getPurpose() == FirewallRule.Purpose.Firewall && trafficType == FirewallRule.TrafficType.Egress)) { - // get the list of public ip's owned by the network - List userIps = _ipAddressDao.listByAssociatedNetwork(network.getId(), null); - if (userIps != null && !userIps.isEmpty()) { - for (IPAddressVO userIp : userIps) { - PublicIp publicIp = PublicIp.createFromAddrAndVlan(userIp, _vlanDao.findById(userIp.getVlanId())); - publicIps.add(publicIp); - } - } - } - // rules can not programmed unless IP is associated with network service provider, so run IP assoication for - // the network so as to ensure IP is associated before applying rules (in add state) - if (checkIfIpAssocRequired(network, false, publicIps)) { - applyIpAssociations(network, false, continueOnError, publicIps); - } - - try { - applier.applyRules(network, purpose, rules); - } catch (ResourceUnavailableException e) { - if (!continueOnError) { - throw e; - } - s_logger.warn("Problems with applying " + purpose + " rules but pushing on", e); - success = false; - } - - // if there are no active rules associated with a public IP, then public IP need not be associated with a provider. - // This IPAssoc ensures, public IP is dis-associated after last active rule is revoked. - if (checkIfIpAssocRequired(network, true, publicIps)) { - applyIpAssociations(network, true, continueOnError, publicIps); - } - - return success; - } - - // An IP association is required in below cases - // 1.there is at least one public IP associated with the network on which first rule (PF/static NAT/LB) is being applied. - // 2.last rule (PF/static NAT/LB) on the public IP has been revoked. So the public IP should not be associated with any provider - boolean checkIfIpAssocRequired(Network network, boolean postApplyRules, List publicIps) { - for (PublicIp ip : publicIps) { - if (ip.isSourceNat()) { - continue; - } else if (ip.isOneToOneNat()) { - continue; - } else { - Long totalCount = null; - Long revokeCount = null; - Long activeCount = null; - Long addCount = null; - - totalCount = _firewallDao.countRulesByIpId(ip.getId()); - if (postApplyRules) { - revokeCount = _firewallDao.countRulesByIpIdAndState(ip.getId(), FirewallRule.State.Revoke); - } else { - activeCount = _firewallDao.countRulesByIpIdAndState(ip.getId(), FirewallRule.State.Active); - addCount = _firewallDao.countRulesByIpIdAndState(ip.getId(), FirewallRule.State.Add); - } - - if (totalCount == null || totalCount.longValue() == 0L) { - continue; - } - - if (postApplyRules) { - - if (revokeCount != null && revokeCount.longValue() == totalCount.longValue()) { - s_logger.trace("All rules are in Revoke state, have to dis-assiciate IP from the backend"); - return true; - } - } else { - if (activeCount != null && activeCount > 0) { - continue; - } else if (addCount != null && addCount.longValue() == totalCount.longValue()) { - s_logger.trace("All rules are in Add state, have to assiciate IP with the backend"); - return true; - } else { - continue; - } - } - } - } - - // there are no IP's corresponding to this network that need to be associated with provider - return false; - } - public class NetworkGarbageCollector implements Runnable { @Override public void run() { @@ -3282,214 +2343,11 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L _networksDao.update(network.getId(), network); } - // This method re-programs the rules/ips for existing network - protected boolean reprogramNetworkRules(long networkId, Account caller, NetworkVO network) throws ResourceUnavailableException { - boolean success = true; - // associate all ip addresses - if (!applyIpAssociations(network, false)) { - s_logger.warn("Failed to apply ip addresses as a part of network id" + networkId + " restart"); - success = false; - } - - // apply static nat - if (!_rulesMgr.applyStaticNatsForNetwork(networkId, false, caller)) { - s_logger.warn("Failed to apply static nats a part of network id" + networkId + " restart"); - success = false; - } - - // apply firewall rules - List firewallIngressRulesToApply = _firewallDao.listByNetworkPurposeTrafficType(networkId, Purpose.Firewall, FirewallRule.TrafficType.Ingress); - if (!_firewallMgr.applyFirewallRules(firewallIngressRulesToApply, false, caller)) { - s_logger.warn("Failed to reapply Ingress firewall rule(s) as a part of network id=" + networkId + " restart"); - success = false; - } - - List firewallEgressRulesToApply = _firewallDao.listByNetworkPurposeTrafficType(networkId, Purpose.Firewall, FirewallRule.TrafficType.Egress); - if (firewallEgressRulesToApply.size() == 0) { - NetworkOfferingVO offering = _networkOfferingDao.findById(network.getNetworkOfferingId()); - //there are no egress rules then apply the default egress rule - DataCenter zone = _dcDao.findById(network.getDataCenterId()); - if (offering.getEgressDefaultPolicy() && _networkModel.areServicesSupportedInNetwork(network.getId(), Service.Firewall) - && (network.getGuestType() == Network.GuestType.Isolated || - (network.getGuestType() == Network.GuestType.Shared && zone.getNetworkType() == NetworkType.Advanced))) { - // add default egress rule to accept the traffic - _firewallMgr.applyDefaultEgressFirewallRule(network.getId(), true); - } - } else { - if (!_firewallMgr.applyFirewallRules(firewallEgressRulesToApply, false, caller)) { - s_logger.warn("Failed to reapply firewall Egress rule(s) as a part of network id=" + networkId + " restart"); - success = false; - } - } - - // apply port forwarding rules - if (!_rulesMgr.applyPortForwardingRulesForNetwork(networkId, false, caller)) { - s_logger.warn("Failed to reapply port forwarding rule(s) as a part of network id=" + networkId + " restart"); - success = false; - } - - // apply static nat rules - if (!_rulesMgr.applyStaticNatRulesForNetwork(networkId, false, caller)) { - s_logger.warn("Failed to reapply static nat rule(s) as a part of network id=" + networkId + " restart"); - success = false; - } - - // apply public load balancer rules - if (!_lbMgr.applyLoadBalancersForNetwork(networkId, Scheme.Public)) { - s_logger.warn("Failed to reapply Public load balancer rules as a part of network id=" + networkId + " restart"); - success = false; - } - - // apply internal load balancer rules - if (!_lbMgr.applyLoadBalancersForNetwork(networkId, Scheme.Internal)) { - s_logger.warn("Failed to reapply internal load balancer rules as a part of network id=" + networkId + " restart"); - success = false; - } - - // apply vpn rules - List vpnsToReapply = _vpnMgr.listRemoteAccessVpns(networkId); - if (vpnsToReapply != null) { - for (RemoteAccessVpn vpn : vpnsToReapply) { - // Start remote access vpn per ip - if (_vpnMgr.startRemoteAccessVpn(vpn.getServerAddressId(), false) == null) { - s_logger.warn("Failed to reapply vpn rules as a part of network id=" + networkId + " restart"); - success = false; - } - } - } - - //apply network ACLs - if (!_networkACLMgr.applyACLToNetwork(networkId)) { - s_logger.warn("Failed to reapply network ACLs as a part of of network id=" + networkId + " restart"); - success = false; - } - - return success; - } - - protected int getActiveNicsInNetwork(long networkId) { return _networksDao.getActiveNicsIn(networkId); } - @Override - @DB - public boolean associateIpAddressListToAccount(long userId, long accountId, long zoneId, Long vlanId, Network guestNetwork) - throws InsufficientCapacityException, ConcurrentOperationException, - ResourceUnavailableException, ResourceAllocationException { - Account owner = _accountMgr.getActiveAccountById(accountId); - boolean createNetwork = false; - - if (guestNetwork != null && guestNetwork.getTrafficType() != TrafficType.Guest) { - throw new InvalidParameterValueException("Network " + guestNetwork + " is not of a type " + TrafficType.Guest); - } - - Transaction txn = Transaction.currentTxn(); - txn.start(); - - if (guestNetwork == null) { - List networks = getIsolatedNetworksWithSourceNATOwnedByAccountInZone(zoneId, owner); - if (networks.size() == 0) { - createNetwork = true; - } else if (networks.size() == 1) { - guestNetwork = networks.get(0); - } else { - throw new InvalidParameterValueException("Error, more than 1 Guest Isolated Networks with SourceNAT " + - "service enabled found for this account, cannot assosiate the IP range, please provide the network ID"); - } - } - - // create new Virtual network (Isolated with SourceNAT) for the user if it doesn't exist - List requiredOfferings = _networkOfferingDao.listByAvailability(Availability.Required, false); - if (requiredOfferings.size() < 1) { - throw new CloudRuntimeException("Unable to find network offering with availability=" + - Availability.Required + " to automatically create the network as part of createVlanIpRange"); - } - if (createNetwork) { - if (requiredOfferings.get(0).getState() == NetworkOffering.State.Enabled) { - long physicalNetworkId = _networkModel.findPhysicalNetworkId(zoneId, requiredOfferings.get(0).getTags(), requiredOfferings.get(0).getTrafficType()); - // Validate physical network - PhysicalNetwork physicalNetwork = _physicalNetworkDao.findById(physicalNetworkId); - if (physicalNetwork == null) { - throw new InvalidParameterValueException("Unable to find physical network with id: "+physicalNetworkId + " and tag: " +requiredOfferings.get(0).getTags()); - } - - s_logger.debug("Creating network for account " + owner + " from the network offering id=" + - requiredOfferings.get(0).getId() + " as a part of createVlanIpRange process"); - guestNetwork = createGuestNetwork(requiredOfferings.get(0).getId(), owner.getAccountName() + "-network" - , owner.getAccountName() + "-network", null, null, null, null, owner, null, physicalNetwork, - zoneId, ACLType.Account, - null, null, null, null, true, null); - if (guestNetwork == null) { - s_logger.warn("Failed to create default Virtual network for the account " + accountId + "in zone " + zoneId); - throw new CloudRuntimeException("Failed to create a Guest Isolated Networks with SourceNAT " + - "service enabled as a part of createVlanIpRange, for the account " + accountId + "in zone " + zoneId); - } - } else { - throw new CloudRuntimeException("Required network offering id=" + requiredOfferings.get(0).getId() - + " is not in " + NetworkOffering.State.Enabled); - } - } - - // Check if there is a source nat ip address for this account; if not - we have to allocate one - boolean allocateSourceNat = false; - List sourceNat = _ipAddressDao.listByAssociatedNetwork(guestNetwork.getId(), true); - if (sourceNat.isEmpty()) { - allocateSourceNat = true; - } - - // update all ips with a network id, mark them as allocated and update resourceCount/usage - List ips = _ipAddressDao.listByVlanId(vlanId); - boolean isSourceNatAllocated = false; - for (IPAddressVO addr : ips) { - if (addr.getState() != State.Allocated) { - if (!isSourceNatAllocated && allocateSourceNat) { - addr.setSourceNat(true); - isSourceNatAllocated = true; - } else { - addr.setSourceNat(false); - } - addr.setAssociatedWithNetworkId(guestNetwork.getId()); - addr.setVpcId(guestNetwork.getVpcId()); - addr.setAllocatedTime(new Date()); - addr.setAllocatedInDomainId(owner.getDomainId()); - addr.setAllocatedToAccountId(owner.getId()); - addr.setSystem(false); - addr.setState(IpAddress.State.Allocating); - markPublicIpAsAllocated(addr); - } - } - - txn.commit(); - - // if the network offering has persistent set to true, implement the network - if ( createNetwork && requiredOfferings.get(0).getIsPersistent() ) { - DataCenter zone = _dcDao.findById(zoneId); - DeployDestination dest = new DeployDestination(zone, null, null, null); - Account callerAccount = CallContext.current().getCallingAccount(); - UserVO callerUser = _userDao.findById(CallContext.current().getCallingUserId()); - Journal journal = new Journal.LogJournal("Implementing " + guestNetwork, s_logger); - ReservationContext context = new ReservationContextImpl(UUID.randomUUID().toString(), journal, callerUser, callerAccount); - s_logger.debug("Implementing network " + guestNetwork + " as a part of network provision for persistent network"); - try { - Pair implementedNetwork = implementNetwork(guestNetwork.getId(), dest, context); - if (implementedNetwork.first() == null) { - s_logger.warn("Failed to implement the network " + guestNetwork); - } - guestNetwork = implementedNetwork.second(); - } catch (Exception ex) { - s_logger.warn("Failed to implement network " + guestNetwork + " elements and resources as a part of" + - " network provision due to ", ex); - CloudRuntimeException e = new CloudRuntimeException("Failed to implement network (with specified id)" + - " elements and resources as a part of network provision for persistent network"); - e.addProxyObject(guestNetwork.getUuid(), "networkId"); - throw e; - } - } - return true; - } - @Override public NetworkProfile convertNetworkToNetworkProfile(long networkId) { NetworkVO network = _networksDao.findById(networkId); @@ -3563,99 +2421,6 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L } - protected boolean cleanupIpResources(long ipId, long userId, Account caller) { - boolean success = true; - - // Revoke all firewall rules for the ip - try { - s_logger.debug("Revoking all " + Purpose.Firewall + "rules as a part of public IP id=" + ipId + " release..."); - if (!_firewallMgr.revokeFirewallRulesForIp(ipId, userId, caller)) { - s_logger.warn("Unable to revoke all the firewall rules for ip id=" + ipId + " as a part of ip release"); - success = false; - } - } catch (ResourceUnavailableException e) { - s_logger.warn("Unable to revoke all firewall rules for ip id=" + ipId + " as a part of ip release", e); - success = false; - } - - // Revoke all PF/Static nat rules for the ip - try { - s_logger.debug("Revoking all " + Purpose.PortForwarding + "/" + Purpose.StaticNat + " rules as a part of public IP id=" + ipId + " release..."); - if (!_rulesMgr.revokeAllPFAndStaticNatRulesForIp(ipId, userId, caller)) { - s_logger.warn("Unable to revoke all the port forwarding rules for ip id=" + ipId + " as a part of ip release"); - success = false; - } - } catch (ResourceUnavailableException e) { - s_logger.warn("Unable to revoke all the port forwarding rules for ip id=" + ipId + " as a part of ip release", e); - success = false; - } - - s_logger.debug("Revoking all " + Purpose.LoadBalancing + " rules as a part of public IP id=" + ipId + " release..."); - if (!_lbMgr.removeAllLoadBalanacersForIp(ipId, caller, userId)) { - s_logger.warn("Unable to revoke all the load balancer rules for ip id=" + ipId + " as a part of ip release"); - success = false; - } - - // remote access vpn can be enabled only for static nat ip, so this part should never be executed under normal - // conditions - // only when ip address failed to be cleaned up as a part of account destroy and was marked as Releasing, this part of - // the code would be triggered - s_logger.debug("Cleaning up remote access vpns as a part of public IP id=" + ipId + " release..."); - try { - _vpnMgr.destroyRemoteAccessVpnForIp(ipId, caller); - } catch (ResourceUnavailableException e) { - s_logger.warn("Unable to destroy remote access vpn for ip id=" + ipId + " as a part of ip release", e); - success = false; - } - - return success; - } - - @DB - @Override - public IPAddressVO markIpAsUnavailable(long addrId) { - Transaction txn = Transaction.currentTxn(); - - IPAddressVO ip = _ipAddressDao.findById(addrId); - - if (ip.getAllocatedToAccountId() == null && ip.getAllocatedTime() == null) { - s_logger.trace("Ip address id=" + addrId + " is already released"); - return ip; - } - - if (ip.getState() != State.Releasing) { - txn.start(); - - // don't decrement resource count for direct and dedicated ips - if (ip.getAssociatedWithNetworkId() != null && !isIpDedicated(ip)) { - _resourceLimitMgr.decrementResourceCount(_ipAddressDao.findById(addrId).getAllocatedToAccountId(), ResourceType.public_ip); - } - - // Save usage event - if (ip.getAllocatedToAccountId() != null && ip.getAllocatedToAccountId() != Account.ACCOUNT_ID_SYSTEM) { - VlanVO vlan = _vlanDao.findById(ip.getVlanId()); - - String guestType = vlan.getVlanType().toString(); - if (!isIpDedicated(ip)) { - String eventType = ip.isPortable() ? EventTypes.EVENT_PORTABLE_IP_RELEASE : EventTypes.EVENT_NET_IP_RELEASE; - UsageEventUtils.publishUsageEvent( eventType, - ip.getAllocatedToAccountId(), ip.getDataCenterId(), addrId, ip.getAddress().addr(), - ip.isSourceNat(), guestType, ip.getSystem(), ip.getClass().getName(), ip.getUuid()); - } - } - - ip = _ipAddressDao.markAsUnavailable(addrId); - - txn.commit(); - } - - return ip; - } - - - - Random _rand = new Random(System.currentTimeMillis()); - @Override public List listVmNics(Long vmId, Long nicId) { List result = null; @@ -3667,144 +2432,8 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L return result; } - @Override - public String allocateGuestIP(Account ipOwner, boolean isSystem, long zoneId, Long networkId, String requestedIp) - throws InsufficientAddressCapacityException { - String ipaddr = null; - Account caller = CallContext.current().getCallingAccount(); - // check permissions - Network network = _networksDao.findById(networkId); - - _accountMgr.checkAccess(caller, null, false, network); - - ipaddr = acquireGuestIpAddress(network, requestedIp); - return ipaddr; - } - @Override - @DB - public String acquireGuestIpAddress(Network network, String requestedIp) { - if (requestedIp != null && requestedIp.equals(network.getGateway())) { - s_logger.warn("Requested ip address " + requestedIp + " is used as a gateway address in network " + network); - return null; - } - - Set availableIps = _networkModel.getAvailableIps(network, requestedIp); - - if (availableIps == null || availableIps.isEmpty()) { - return null; - } - - Long[] array = availableIps.toArray(new Long[availableIps.size()]); - - if (requestedIp != null) { - // check that requested ip has the same cidr - String[] cidr = network.getCidr().split("/"); - boolean isSameCidr = NetUtils.sameSubnetCIDR(requestedIp, NetUtils.long2Ip(array[0]), Integer.parseInt(cidr[1])); - if (!isSameCidr) { - s_logger.warn("Requested ip address " + requestedIp + " doesn't belong to the network " + network + " cidr"); - return null; - } else { - return requestedIp; - } - } - - String result; - do { - result = NetUtils.long2Ip(array[_rand.nextInt(array.length)]); - } while (result.split("\\.")[3].equals("1")); - return result; - } - - - @Override - public boolean applyStaticNats(List staticNats, boolean continueOnError, boolean forRevoke) - throws ResourceUnavailableException { - Network network = _networksDao.findById(staticNats.get(0).getNetworkId()); - boolean success = true; - - if (staticNats == null || staticNats.size() == 0) { - s_logger.debug("There are no static nat rules for the network elements"); - return true; - } - - // get the list of public ip's owned by the network - List userIps = _ipAddressDao.listByAssociatedNetwork(network.getId(), null); - List publicIps = new ArrayList(); - if (userIps != null && !userIps.isEmpty()) { - for (IPAddressVO userIp : userIps) { - PublicIp publicIp = PublicIp.createFromAddrAndVlan(userIp, _vlanDao.findById(userIp.getVlanId())); - publicIps.add(publicIp); - } - } - - // static NAT rules can not programmed unless IP is associated with source NAT service provider, so run IP - // association for the network so as to ensure IP is associated before applying rules - if (checkStaticNatIPAssocRequired(network, false, forRevoke, publicIps)) { - applyIpAssociations(network, false, continueOnError, publicIps); - } - - // get provider - StaticNatServiceProvider element = getStaticNatProviderForNetwork(network); - try { - success = element.applyStaticNats(network, staticNats); - } catch (ResourceUnavailableException e) { - if (!continueOnError) { - throw e; - } - s_logger.warn("Problems with " + element.getName() + " but pushing on", e); - success = false; - } - - // For revoked static nat IP, set the vm_id to null, indicate it should be revoked - for (StaticNat staticNat : staticNats) { - if (staticNat.isForRevoke()) { - for (PublicIp publicIp : publicIps) { - if (publicIp.getId() == staticNat.getSourceIpAddressId()) { - publicIps.remove(publicIp); - IPAddressVO ip = _ipAddressDao.findByIdIncludingRemoved(staticNat.getSourceIpAddressId()); - // ip can't be null, otherwise something wrong happened - ip.setAssociatedWithVmId(null); - publicIp = PublicIp.createFromAddrAndVlan(ip, _vlanDao.findById(ip.getVlanId())); - publicIps.add(publicIp); - break; - } - } - } - } - - // if the static NAT rules configured on public IP is revoked then, dis-associate IP with static NAT service provider - if (checkStaticNatIPAssocRequired(network, true, forRevoke, publicIps)) { - applyIpAssociations(network, true, continueOnError, publicIps); - } - - return success; - } - - // checks if there are any public IP assigned to network, that are marked for one-to-one NAT that - // needs to be associated/dis-associated with static-nat provider - boolean checkStaticNatIPAssocRequired(Network network, boolean postApplyRules, boolean forRevoke, List publicIps) { - for (PublicIp ip : publicIps) { - if (ip.isOneToOneNat()) { - Long activeFwCount = null; - activeFwCount = _firewallDao.countRulesByIpIdAndState(ip.getId(), FirewallRule.State.Active); - - if (!postApplyRules && !forRevoke) { - if (activeFwCount > 0) { - continue; - } else { - return true; - } - } else if (postApplyRules && forRevoke) { - return true; - } - } else { - continue; - } - } - return false; - } @DB @Override @@ -3890,7 +2519,7 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L for (IPAddressVO ipToRelease : ipsToRelease) { if (ipToRelease.getVpcId() == null) { if (!ipToRelease.isPortable()) { - IPAddressVO ip = markIpAsUnavailable(ipToRelease.getId()); + IPAddressVO ip = _ipAddrMgr.markIpAsUnavailable(ipToRelease.getId()); assert (ip != null) : "Unable to mark the ip address id=" + ipToRelease.getId() + " as unavailable."; } else { // portable IP address are associated with owner, until explicitly requested to be disassociated @@ -3905,7 +2534,7 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L } try { - if (!applyIpAssociations(network, true)) { + if (!_ipAddrMgr.applyIpAssociations(network, true)) { s_logger.warn("Unable to apply ip address associations for " + network); success = false; } @@ -4072,7 +2701,7 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L } try { - if (!applyIpAssociations(network, true, true, publicIpsToRelease)) { + if (!_ipAddrMgr.applyIpAssociations(network, true, true, publicIpsToRelease)) { s_logger.warn("Unable to apply ip address associations for " + network + " as a part of shutdownNetworkRules"); success = false; } @@ -4251,126 +2880,6 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L return providers; } - @Override - public IpAddress assignSystemIp(long networkId, Account owner, boolean forElasticLb, boolean forElasticIp) - throws InsufficientAddressCapacityException { - Network guestNetwork = _networksDao.findById(networkId); - NetworkOffering off = _configMgr.getNetworkOffering(guestNetwork.getNetworkOfferingId()); - IpAddress ip = null; - if ((off.getElasticLb() && forElasticLb) || (off.getElasticIp() && forElasticIp)) { - - try { - s_logger.debug("Allocating system IP address for load balancer rule..."); - // allocate ip - ip = allocateIP(owner, true, guestNetwork.getDataCenterId()); - // apply ip associations - ip = associateIPToGuestNetwork(ip.getId(), networkId, true);; - } catch (ResourceAllocationException ex) { - throw new CloudRuntimeException("Failed to allocate system ip due to ", ex); - } catch (ConcurrentOperationException ex) { - throw new CloudRuntimeException("Failed to allocate system lb ip due to ", ex); - } catch (ResourceUnavailableException ex) { - throw new CloudRuntimeException("Failed to allocate system lb ip due to ", ex); - } - - if (ip == null) { - throw new CloudRuntimeException("Failed to allocate system ip"); - } - } - - return ip; - } - - @Override - public boolean handleSystemIpRelease(IpAddress ip) { - boolean success = true; - Long networkId = ip.getAssociatedWithNetworkId(); - if (networkId != null) { - if (ip.getSystem()) { - CallContext ctx = CallContext.current(); - if (!disassociatePublicIpAddress(ip.getId(), ctx.getCallingUserId(), ctx.getCallingAccount())) { - s_logger.warn("Unable to release system ip address id=" + ip.getId()); - success = false; - } else { - s_logger.warn("Successfully released system ip address id=" + ip.getId()); - } - } - } - return success; - } - - @Override - @DB - public void allocateDirectIp(NicProfile nic, DataCenter dc, VirtualMachineProfile vm, Network network, - String requestedIpv4, String requestedIpv6) throws InsufficientVirtualNetworkCapcityException, - InsufficientAddressCapacityException { - //This method allocates direct ip for the Shared network in Advance zones - boolean ipv4 = false; - - Transaction txn = Transaction.currentTxn(); - txn.start(); - - if (network.getGateway() != null) { - if (nic.getIp4Address() == null) { - ipv4 = true; - PublicIp ip = null; - - //Get ip address from the placeholder and don't allocate a new one - if (requestedIpv4 != null && vm.getType() == VirtualMachine.Type.DomainRouter) { - Nic placeholderNic = _networkModel.getPlaceholderNicForRouter(network, null); - if (placeholderNic != null) { - IPAddressVO userIp = _ipAddressDao.findByIpAndSourceNetworkId(network.getId(), placeholderNic.getIp4Address()); - ip = PublicIp.createFromAddrAndVlan(userIp, _vlanDao.findById(userIp.getVlanId())); - s_logger.debug("Nic got an ip address " + placeholderNic.getIp4Address() + " stored in placeholder nic for the network " + network); - } - } - - if (ip == null) { - ip = assignPublicIpAddress(dc.getId(), null, vm.getOwner(), VlanType.DirectAttached, network.getId(), requestedIpv4, false); - } - - nic.setIp4Address(ip.getAddress().toString()); - nic.setGateway(ip.getGateway()); - nic.setNetmask(ip.getNetmask()); - nic.setIsolationUri(IsolationType.Vlan.toUri(ip.getVlanTag())); - //nic.setBroadcastType(BroadcastDomainType.Vlan); - //nic.setBroadcastUri(BroadcastDomainType.Vlan.toUri(ip.getVlanTag())); - nic.setBroadcastType(network.getBroadcastDomainType()); - nic.setBroadcastUri(network.getBroadcastUri()); - nic.setFormat(AddressFormat.Ip4); - nic.setReservationId(String.valueOf(ip.getVlanTag())); - nic.setMacAddress(ip.getMacAddress()); - } - nic.setDns1(dc.getDns1()); - nic.setDns2(dc.getDns2()); - } - - //FIXME - get ipv6 address from the placeholder if it's stored there - if (network.getIp6Gateway() != null) { - if (nic.getIp6Address() == null) { - UserIpv6Address ip = _ipv6Mgr.assignDirectIp6Address(dc.getId(), vm.getOwner(), network.getId(), requestedIpv6); - Vlan vlan = _vlanDao.findById(ip.getVlanId()); - nic.setIp6Address(ip.getAddress().toString()); - nic.setIp6Gateway(vlan.getIp6Gateway()); - nic.setIp6Cidr(vlan.getIp6Cidr()); - if (ipv4) { - nic.setFormat(AddressFormat.DualStack); - } else { - nic.setIsolationUri(IsolationType.Vlan.toUri(vlan.getVlanTag())); - nic.setBroadcastType(BroadcastDomainType.Vlan); - nic.setBroadcastUri(BroadcastDomainType.Vlan.toUri(vlan.getVlanTag())); - nic.setFormat(AddressFormat.Ip6); - nic.setReservationId(String.valueOf(vlan.getVlanTag())); - nic.setMacAddress(ip.getMacAddress()); - } - } - nic.setIp6Dns1(dc.getIp6Dns1()); - nic.setIp6Dns2(dc.getIp6Dns2()); - } - - txn.commit(); - } - @Override public boolean setupDns(Network network, Provider provider) { boolean dnsProvided = _networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.Dns, provider ); @@ -4565,16 +3074,6 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L return offering.isInline(); } - @Override - public int getRuleCountForIp(Long addressId, FirewallRule.Purpose purpose, FirewallRule.State state) { - List rules = _firewallDao.listByIpAndPurposeWithState(addressId, purpose, state); - if (rules == null) { - return 0; - } - return rules.size(); - } - - @Override public boolean isSecondaryIpSetForNic(long nicId) { NicVO nic = _nicDao.findById(nicId); @@ -4597,19 +3096,6 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L } - @Override - public String allocatePublicIpForGuestNic(Long networkId, DataCenter dc, Pod pod,Account owner, - String requestedIp) throws InsufficientAddressCapacityException { - PublicIp ip = assignPublicIpAddress(dc.getId(), null, owner, VlanType.DirectAttached, networkId, requestedIp, false); - if (ip == null) { - s_logger.debug("There is no free public ip address"); - return null; - } - Ip ipAddr = ip.getAddress(); - return ipAddr.addr(); - } - - @Override public NicVO savePlaceholderNic(Network network, String ip4Address, String ip6Address, Type vmType) { NicVO nic = new NicVO(null, null, network.getId(), null); diff --git a/server/src/com/cloud/network/NetworkServiceImpl.java b/server/src/com/cloud/network/NetworkServiceImpl.java index 09ca75849be..cc5d24666cd 100755 --- a/server/src/com/cloud/network/NetworkServiceImpl.java +++ b/server/src/com/cloud/network/NetworkServiceImpl.java @@ -40,7 +40,6 @@ import javax.inject.Inject; import javax.naming.ConfigurationException; import org.apache.log4j.Logger; -import org.springframework.stereotype.Component; import org.apache.cloudstack.acl.ControlledEntity.ACLType; import org.apache.cloudstack.acl.SecurityChecker.AccessType; @@ -180,7 +179,6 @@ import com.cloud.vm.dao.VMInstanceDao; /** * NetworkServiceImpl implements NetworkService. */ -@Component @Local(value = { NetworkService.class }) public class NetworkServiceImpl extends ManagerBase implements NetworkService { private static final Logger s_logger = Logger.getLogger(NetworkServiceImpl.class); @@ -279,7 +277,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { HostDao _hostDao; @Inject HostPodDao _hostPodDao; - @Inject + @Inject InternalLoadBalancerElementService _internalLbElementSvc; @Inject DataCenterVnetDao _datacneter_vnet; @@ -289,6 +287,8 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { VpcDao _vpcDao; @Inject NetworkACLDao _networkACLDao; + @Inject + IpAddressManager _ipAddrMgr; int _cidrLimit; boolean _allowSubdomainNetworkAccess; @@ -526,7 +526,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { if (s_logger.isDebugEnabled()) { s_logger.debug("Associate IP address called by the user " + callerUserId + " account " + ipOwner.getId()); } - return _networkMgr.allocateIp(ipOwner, false, caller, callerUserId, zone); + return _ipAddrMgr.allocateIp(ipOwner, false, caller, callerUserId, zone); } else { throw new InvalidParameterValueException("Associate IP address can only be called on the shared networks in the advanced zone" + " with Firewall/Source Nat/Static Nat/Port Forwarding/Load balancing services enabled"); @@ -537,7 +537,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { _accountMgr.checkAccess(caller, null, false, ipOwner); } - return _networkMgr.allocateIp(ipOwner, false, caller, callerUserId, zone); + return _ipAddrMgr.allocateIp(ipOwner, false, caller, callerUserId, zone); } @Override @@ -569,7 +569,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { if (s_logger.isDebugEnabled()) { s_logger.debug("Associate IP address called by the user " + callerUserId + " account " + ipOwner.getId()); } - return _networkMgr.allocatePortableIp(ipOwner, caller, zoneId, networkId, null); + return _ipAddrMgr.allocatePortableIp(ipOwner, caller, zoneId, networkId, null); } else { throw new InvalidParameterValueException("Associate IP address can only be called on the shared networks in the advanced zone" + " with Firewall/Source Nat/Static Nat/Port Forwarding/Load balancing services enabled"); @@ -587,7 +587,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { _accountMgr.checkAccess(caller, null, false, ipOwner); - return _networkMgr.allocatePortableIp(ipOwner, caller, zoneId, null, null); + return _ipAddrMgr.allocatePortableIp(ipOwner, caller, zoneId, null, null); } @Override @@ -680,7 +680,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { s_logger.debug("Calling the ip allocation ..."); if (dc.getNetworkType() == NetworkType.Advanced && network.getGuestType() == Network.GuestType.Isolated) { try { - ipaddr = _networkMgr.allocateGuestIP(ipOwner, false, zoneId, networkId, requestedIp); + ipaddr = _ipAddrMgr.allocateGuestIP(ipOwner, false, zoneId, networkId, requestedIp); } catch (InsufficientAddressCapacityException e) { throw new InvalidParameterValueException("Allocating guest ip for nic failed"); } @@ -697,7 +697,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { } try { - ipaddr = _networkMgr.allocatePublicIpForGuestNic(networkId, dc, pod, caller, requestedIp); + ipaddr = _ipAddrMgr.allocatePublicIpForGuestNic(networkId, dc, pod, caller, requestedIp); if (ipaddr == null) { throw new InvalidParameterValueException("Allocating ip to guest nic " + nicId + " failed"); } @@ -803,7 +803,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { if (ip != null) { Transaction txn = Transaction.currentTxn(); txn.start(); - _networkMgr.markIpAsUnavailable(ip.getId()); + _ipAddrMgr.markIpAsUnavailable(ip.getId()); _ipAddressDao.unassignIpAddress(ip.getId()); txn.commit(); } @@ -885,7 +885,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { throw ex; } - boolean success = _networkMgr.disassociatePublicIpAddress(ipAddressId, userId, caller); + boolean success = _ipAddrMgr.disassociatePublicIpAddress(ipAddressId, userId, caller); if (success) { Long networkId = ipVO.getAssociatedWithNetworkId(); @@ -1289,7 +1289,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { } } } - network = _vpcMgr.createVpcGuestNetwork(networkOfferingId, name, displayText, gateway, cidr, vlanId, + network = _vpcMgr.createVpcGuestNetwork(networkOfferingId, name, displayText, gateway, cidr, vlanId, networkDomain, owner, sharedDomainId, pNtwk, zoneId, aclType, subdomainAccess, vpcId, aclId, caller, displayNetwork); } else { if (_configMgr.isOfferingForVpc(ntwkOff)){ @@ -1299,7 +1299,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { throw new InvalidParameterValueException("Internal Lb can be enabled on vpc networks only"); } - network = _networkMgr.createGuestNetwork(networkOfferingId, name, displayText, gateway, cidr, vlanId, + network = _networkMgr.createGuestNetwork(networkOfferingId, name, displayText, gateway, cidr, vlanId, networkDomain, owner, sharedDomainId, pNtwk, zoneId, aclType, subdomainAccess, vpcId, ip6Gateway, ip6Cidr, displayNetwork, isolatedPvlan); } @@ -1497,7 +1497,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { if (!permittedAccounts.isEmpty()) { //get account level networks networksToReturn.addAll(listAccountSpecificNetworks( - buildNetworkSearchCriteria(sb, keyword, id, isSystem, zoneId, guestIpType, trafficType, + buildNetworkSearchCriteria(sb, keyword, id, isSystem, zoneId, guestIpType, trafficType, physicalNetworkId, aclType, skipProjectNetworks, restartRequired, specifyIpRanges, vpcId, tags), searchFilter, permittedAccounts)); //get domain level networks @@ -1511,12 +1511,12 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { } else { //add account specific networks networksToReturn.addAll(listAccountSpecificNetworksByDomainPath( - buildNetworkSearchCriteria(sb, keyword, id, isSystem, zoneId, guestIpType, trafficType, + buildNetworkSearchCriteria(sb, keyword, id, isSystem, zoneId, guestIpType, trafficType, physicalNetworkId, aclType, skipProjectNetworks, restartRequired, specifyIpRanges, vpcId, tags), searchFilter, path, isRecursive)); //add domain specific networks of domain + parent domains networksToReturn.addAll(listDomainSpecificNetworksByDomainPath( - buildNetworkSearchCriteria(sb, keyword, id, isSystem, zoneId, guestIpType, trafficType, + buildNetworkSearchCriteria(sb, keyword, id, isSystem, zoneId, guestIpType, trafficType, physicalNetworkId, aclType, skipProjectNetworks, restartRequired, specifyIpRanges, vpcId, tags), searchFilter, path, isRecursive)); //add networks of subdomains @@ -2681,6 +2681,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { public String generateVnetString(List vnetList) { Collections.sort(vnetList, new Comparator() { + @Override public int compare(String s1, String s2) { return Integer.valueOf(s1).compareTo(Integer.valueOf(s2)); } @@ -3700,7 +3701,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { protected PhysicalNetworkServiceProvider addDefaultInternalLbProviderToPhysicalNetwork(long physicalNetworkId) { - PhysicalNetworkServiceProvider nsp = addProviderToPhysicalNetwork(physicalNetworkId, + PhysicalNetworkServiceProvider nsp = addProviderToPhysicalNetwork(physicalNetworkId, Network.Provider.InternalLbVm.getName(), null, null); NetworkElement networkElement = _networkModel.getElementImplementingProvider(Network.Provider.InternalLbVm.getName()); @@ -3794,7 +3795,7 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { throw new InvalidParameterValueException("Can't assign ip to the network directly when network belongs" + " to VPC.Specify vpcId to associate ip address to VPC"); } - return _networkMgr.associateIPToGuestNetwork(ipId, networkId, true); + return _ipAddrMgr.associateIPToGuestNetwork(ipId, networkId, true); } diff --git a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java index 126251318dd..ca58b4034a4 100644 --- a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java +++ b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java @@ -5,7 +5,7 @@ // to you under the Apache License, Version 2.0 (the // "License"); you may not use this file except in compliance // with the License. You may obtain a copy of the License at -// +// // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, @@ -27,17 +27,14 @@ import javax.ejb.Local; import javax.inject.Inject; import javax.naming.ConfigurationException; +import org.apache.log4j.Logger; +import org.springframework.stereotype.Component; + import org.apache.cloudstack.api.command.user.firewall.ListEgressFirewallRulesCmd; - -import com.cloud.network.dao.*; - import org.apache.cloudstack.api.command.user.firewall.ListFirewallRulesCmd; import org.apache.cloudstack.context.CallContext; import org.apache.cloudstack.framework.config.dao.ConfigurationDao; -import org.apache.log4j.Logger; -import org.springframework.stereotype.Component; - import com.cloud.configuration.Config; import com.cloud.domain.dao.DomainDao; import com.cloud.event.ActionEvent; @@ -49,12 +46,19 @@ import com.cloud.exception.InvalidParameterValueException; import com.cloud.exception.NetworkRuleConflictException; import com.cloud.exception.ResourceUnavailableException; import com.cloud.network.IpAddress; +import com.cloud.network.IpAddressManager; import com.cloud.network.Network; import com.cloud.network.Network.Capability; import com.cloud.network.Network.Service; import com.cloud.network.NetworkManager; import com.cloud.network.NetworkModel; import com.cloud.network.NetworkRuleApplier; +import com.cloud.network.dao.FirewallRulesCidrsDao; +import com.cloud.network.dao.FirewallRulesDao; +import com.cloud.network.dao.IPAddressDao; +import com.cloud.network.dao.IPAddressVO; +import com.cloud.network.dao.NetworkDao; +import com.cloud.network.dao.NetworkVO; import com.cloud.network.element.FirewallServiceProvider; import com.cloud.network.element.NetworkACLServiceProvider; import com.cloud.network.element.PortForwardingServiceProvider; @@ -136,6 +140,8 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, @Inject List _staticNatElements; @Inject List _networkAclElements; + @Inject + IpAddressManager _ipAddrMgr; private boolean _elbEnabled = false; @@ -157,7 +163,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, throw new InvalidParameterValueException("Egress firewall rules are not supported for " + network.getGuestType() + " networks"); } - return createFirewallRule(null, caller, rule.getXid(), rule.getSourcePortStart(), + return createFirewallRule(null, caller, rule.getXid(), rule.getSourcePortStart(), rule.getSourcePortEnd(), rule.getProtocol(), rule.getSourceCidrList(), rule.getIcmpCode(), rule.getIcmpType(), null, rule.getType(), rule.getNetworkId(), rule.getTrafficType()); } @@ -167,7 +173,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, Account caller = CallContext.current().getCallingAccount(); Long sourceIpAddressId = rule.getSourceIpAddressId(); - return createFirewallRule(sourceIpAddressId, caller, rule.getXid(), rule.getSourcePortStart(), + return createFirewallRule(sourceIpAddressId, caller, rule.getXid(), rule.getSourcePortStart(), rule.getSourcePortEnd(), rule.getProtocol(), rule.getSourceCidrList(), rule.getIcmpCode(), rule.getIcmpType(), null, rule.getType(), rule.getNetworkId(), rule.getTrafficType()); } @@ -188,7 +194,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, throw new InvalidParameterValueException("Unable to create firewall rule; " + "couldn't locate IP address by id in the system"); } - _networkModel.checkIpForService(ipAddress, Service.Firewall, null); + _networkModel.checkIpForService(ipAddress, Service.Firewall, null); } validateFirewallRule(caller, ipAddress, portStart, portEnd, protocol, Purpose.Firewall, type, networkId, trafficType); @@ -369,7 +375,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, if (!oneOfRulesIsFirewall) { if (rule.getPurpose() == Purpose.StaticNat && newRule.getPurpose() != Purpose.StaticNat) { - throw new NetworkRuleConflictException("There is 1 to 1 Nat rule specified for the ip address id=" + throw new NetworkRuleConflictException("There is 1 to 1 Nat rule specified for the ip address id=" + newRule.getSourceIpAddressId()); } else if (rule.getPurpose() != Purpose.StaticNat && newRule.getPurpose() == Purpose.StaticNat) { throw new NetworkRuleConflictException("There is already firewall rule specified for the ip address id=" @@ -383,25 +389,25 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, } if (newRule.getProtocol().equalsIgnoreCase(NetUtils.ICMP_PROTO) && newRule.getProtocol().equalsIgnoreCase(rule.getProtocol())) { - if (newRule.getIcmpCode().longValue() == rule.getIcmpCode().longValue() + if (newRule.getIcmpCode().longValue() == rule.getIcmpCode().longValue() && newRule.getIcmpType().longValue() == rule.getIcmpType().longValue() && newRule.getProtocol().equalsIgnoreCase(rule.getProtocol()) && duplicatedCidrs) { throw new InvalidParameterValueException("New rule conflicts with existing rule id=" + rule.getId()); } } - boolean notNullPorts = (newRule.getSourcePortStart() != null && newRule.getSourcePortEnd() != null && + boolean notNullPorts = (newRule.getSourcePortStart() != null && newRule.getSourcePortEnd() != null && rule.getSourcePortStart() != null && rule.getSourcePortEnd() != null); if (!notNullPorts) { continue; } else if (!oneOfRulesIsFirewall && !(bothRulesFirewall && !duplicatedCidrs) - && ((rule.getSourcePortStart().intValue() <= newRule.getSourcePortStart().intValue() + && ((rule.getSourcePortStart().intValue() <= newRule.getSourcePortStart().intValue() && rule.getSourcePortEnd().intValue() >= newRule.getSourcePortStart().intValue()) - || (rule.getSourcePortStart().intValue() <= newRule.getSourcePortEnd().intValue() + || (rule.getSourcePortStart().intValue() <= newRule.getSourcePortEnd().intValue() && rule.getSourcePortEnd().intValue() >= newRule.getSourcePortEnd().intValue()) - || (newRule.getSourcePortStart().intValue() <= rule.getSourcePortStart().intValue() + || (newRule.getSourcePortStart().intValue() <= rule.getSourcePortStart().intValue() && newRule.getSourcePortEnd().intValue() >= rule.getSourcePortStart().intValue()) - || (newRule.getSourcePortStart().intValue() <= rule.getSourcePortEnd().intValue() + || (newRule.getSourcePortStart().intValue() <= rule.getSourcePortEnd().intValue() && newRule.getSourcePortEnd().intValue() >= rule.getSourcePortEnd().intValue()))) { // we allow port forwarding rules with the same parameters but different protocols @@ -423,7 +429,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, } @Override - public void validateFirewallRule(Account caller, IPAddressVO ipAddress, Integer portStart, Integer portEnd, + public void validateFirewallRule(Account caller, IPAddressVO ipAddress, Integer portStart, Integer portEnd, String proto, Purpose purpose, FirewallRuleType type, Long networkId, FirewallRule.TrafficType trafficType ) { if (portStart != null && !NetUtils.isValidPort(portStart)) { throw new InvalidParameterValueException("publicPort is an invalid value: " + portStart); @@ -452,7 +458,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, _accountMgr.checkAccess(caller, null, true, ipAddress); } - //network id either has to be passed explicitly, or implicitly as a part of ipAddress object + //network id either has to be passed explicitly, or implicitly as a part of ipAddress object if (networkId == null) { throw new InvalidParameterValueException("Unable to retrieve network id to validate the rule"); } @@ -502,7 +508,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, } @Override - public boolean applyRules(List rules, boolean continueOnError, boolean updateRulesInDB) + public boolean applyRules(List rules, boolean continueOnError, boolean updateRulesInDB) throws ResourceUnavailableException { boolean success = true; if (rules == null || rules.size() == 0) { @@ -510,7 +516,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, return true; } Purpose purpose = rules.get(0).getPurpose(); - if (!_networkMgr.applyRules(rules, purpose, this, continueOnError)) { + if (!_ipAddrMgr.applyRules(rules, purpose, this, continueOnError)) { s_logger.warn("Rules are not completely applied"); return false; } else { @@ -519,7 +525,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, if (rule.getState() == FirewallRule.State.Revoke) { FirewallRuleVO relatedRule = _firewallDao.findByRelatedId(rule.getId()); if (relatedRule != null) { - s_logger.warn("Can't remove the firewall rule id=" + rule.getId() + + s_logger.warn("Can't remove the firewall rule id=" + rule.getId() + " as it has related firewall rule id=" + relatedRule.getId() + "; leaving it in Revoke state"); success = false; } else { @@ -543,7 +549,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, } @Override - public boolean applyRules(Network network, Purpose purpose, List rules) + public boolean applyRules(Network network, Purpose purpose, List rules) throws ResourceUnavailableException { boolean handled = false; switch (purpose){ @@ -704,7 +710,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, if (apply) { // ingress firewall rule - if (rule.getSourceIpAddressId() != null){ + if (rule.getSourceIpAddressId() != null){ //feteches ingress firewall, ingress firewall rules associated with the ip List rules = _firewallDao.listByIpAndPurpose(rule.getSourceIpAddressId(), Purpose.Firewall); return applyFirewallRules(rules, false, caller); @@ -916,8 +922,8 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService, try { if (rule.getSourceCidrList() == null && (rule.getPurpose() == Purpose.Firewall || rule.getPurpose() == Purpose.NetworkACL)) { _firewallDao.loadSourceCidrs(rule); - } - this.createFirewallRule(ip.getId(), acct, rule.getXid(), rule.getSourcePortStart(), rule.getSourcePortEnd(), rule.getProtocol(), + } + createFirewallRule(ip.getId(), acct, rule.getXid(), rule.getSourcePortStart(), rule.getSourcePortEnd(), rule.getProtocol(), rule.getSourceCidrList(), rule.getIcmpCode(), rule.getIcmpType(), rule.getRelated(), FirewallRuleType.System, rule.getNetworkId(), rule.getTrafficType()); } catch (Exception e) { s_logger.debug("Failed to add system wide firewall rule, due to:" + e.toString()); diff --git a/server/src/com/cloud/network/guru/DirectNetworkGuru.java b/server/src/com/cloud/network/guru/DirectNetworkGuru.java index 5d0e7b1d9cf..98533a0c1f4 100755 --- a/server/src/com/cloud/network/guru/DirectNetworkGuru.java +++ b/server/src/com/cloud/network/guru/DirectNetworkGuru.java @@ -33,6 +33,7 @@ import com.cloud.exception.ConcurrentOperationException; import com.cloud.exception.InsufficientAddressCapacityException; import com.cloud.exception.InsufficientVirtualNetworkCapcityException; import com.cloud.exception.InvalidParameterValueException; +import com.cloud.network.IpAddressManager; import com.cloud.network.Ipv6AddressManager; import com.cloud.network.Network; import com.cloud.network.Network.GuestType; @@ -88,6 +89,8 @@ public class DirectNetworkGuru extends AdapterBase implements NetworkGuru { NicSecondaryIpDao _nicSecondaryIpDao; @Inject NicDao _nicDao; + @Inject + IpAddressManager _ipAddrMgr; private static final TrafficType[] _trafficTypes = {TrafficType.Guest}; @@ -191,7 +194,7 @@ public class DirectNetworkGuru extends AdapterBase implements NetworkGuru { public NicProfile allocate(Network network, NicProfile nic, VirtualMachineProfile vm) throws InsufficientVirtualNetworkCapcityException, InsufficientAddressCapacityException, ConcurrentOperationException { - DataCenter dc = _dcDao.findById(network.getDataCenterId()); + DataCenter dc = _dcDao.findById(network.getDataCenterId()); if (nic == null) { nic = new NicProfile(ReservationStrategy.Create, null, null, null, null); @@ -223,7 +226,7 @@ public class DirectNetworkGuru extends AdapterBase implements NetworkGuru { Transaction txn = Transaction.currentTxn(); txn.start(); - _networkMgr.allocateDirectIp(nic, dc, vm, network, requestedIp4Addr, requestedIp6Addr); + _ipAddrMgr.allocateDirectIp(nic, dc, vm, network, requestedIp4Addr, requestedIp6Addr); //save the placeholder nic if the vm is the Virtual router if (vm.getType() == VirtualMachine.Type.DomainRouter) { Nic placeholderNic = _networkModel.getPlaceholderNicForRouter(network, null); @@ -262,7 +265,7 @@ public class DirectNetworkGuru extends AdapterBase implements NetworkGuru { if (placeholderNic != null && placeholderNic.getIp4Address().equalsIgnoreCase(ip.getAddress().addr())) { s_logger.debug("Not releasing direct ip " + ip.getId() +" yet as its ip is saved in the placeholder"); } else { - _networkMgr.markIpAsUnavailable(ip.getId()); + _ipAddrMgr.markIpAsUnavailable(ip.getId()); _ipAddressDao.unassignIpAddress(ip.getId()); } @@ -272,7 +275,7 @@ public class DirectNetworkGuru extends AdapterBase implements NetworkGuru { nicSecIps = _nicSecondaryIpDao.getSecondaryIpAddressesForNic(nic.getId()); for (String secIp: nicSecIps) { IPAddressVO pubIp = _ipAddressDao.findByIpAndSourceNetworkId(nic.getNetworkId(), secIp); - _networkMgr.markIpAsUnavailable(pubIp.getId()); + _ipAddrMgr.markIpAsUnavailable(pubIp.getId()); _ipAddressDao.unassignIpAddress(pubIp.getId()); } @@ -301,7 +304,7 @@ public class DirectNetworkGuru extends AdapterBase implements NetworkGuru { if (nic.getIp4Address() != null) { s_logger.debug("Releasing ip " + nic.getIp4Address() + " of placeholder nic " + nic); IPAddressVO ip = _ipAddressDao.findByIpAndSourceNetworkId(nic.getNetworkId(), nic.getIp4Address()); - _networkMgr.markIpAsUnavailable(ip.getId()); + _ipAddrMgr.markIpAsUnavailable(ip.getId()); _ipAddressDao.unassignIpAddress(ip.getId()); s_logger.debug("Removing placeholder nic " + nic); _nicDao.remove(nic.getId()); diff --git a/server/src/com/cloud/network/guru/DirectPodBasedNetworkGuru.java b/server/src/com/cloud/network/guru/DirectPodBasedNetworkGuru.java index 110096b7147..5b87d542037 100755 --- a/server/src/com/cloud/network/guru/DirectPodBasedNetworkGuru.java +++ b/server/src/com/cloud/network/guru/DirectPodBasedNetworkGuru.java @@ -40,6 +40,7 @@ import com.cloud.deploy.DeployDestination; import com.cloud.exception.ConcurrentOperationException; import com.cloud.exception.InsufficientAddressCapacityException; import com.cloud.exception.InsufficientVirtualNetworkCapcityException; +import com.cloud.network.IpAddressManager; import com.cloud.network.Network; import com.cloud.network.NetworkManager; import com.cloud.network.Networks.AddressFormat; @@ -75,6 +76,8 @@ public class DirectPodBasedNetworkGuru extends DirectNetworkGuru { NetworkOfferingDao _networkOfferingDao; @Inject PodVlanMapDao _podVlanDao; + @Inject + IpAddressManager _ipAddrMgr; @Override protected boolean canHandle(NetworkOffering offering, DataCenter dc) { @@ -137,7 +140,7 @@ public class DirectPodBasedNetworkGuru extends DirectNetworkGuru { txn.start(); //release the old ip here - _networkMgr.markIpAsUnavailable(ipVO.getId()); + _ipAddrMgr.markIpAsUnavailable(ipVO.getId()); _ipAddressDao.unassignIpAddress(ipVO.getId()); txn.commit(); @@ -149,7 +152,7 @@ public class DirectPodBasedNetworkGuru extends DirectNetworkGuru { } if (getNewIp) { - //we don't set reservationStrategy to Create because we need this method to be called again for the case when vm fails to deploy in Pod1, and we try to redeploy it in Pod2 + //we don't set reservationStrategy to Create because we need this method to be called again for the case when vm fails to deploy in Pod1, and we try to redeploy it in Pod2 getIp(nic, dest.getPod(), vm, network); } @@ -183,7 +186,7 @@ public class DirectPodBasedNetworkGuru extends DirectNetworkGuru { } if (ip == null) { - ip = _networkMgr.assignPublicIpAddress(dc.getId(), pod.getId(), vm.getOwner(), VlanType.DirectAttached, network.getId(), null, false); + ip = _ipAddrMgr.assignPublicIpAddress(dc.getId(), pod.getId(), vm.getOwner(), VlanType.DirectAttached, network.getId(), null, false); } nic.setIp4Address(ip.getAddress().toString()); diff --git a/server/src/com/cloud/network/guru/ExternalGuestNetworkGuru.java b/server/src/com/cloud/network/guru/ExternalGuestNetworkGuru.java index fdab0c6f715..00598dda903 100644 --- a/server/src/com/cloud/network/guru/ExternalGuestNetworkGuru.java +++ b/server/src/com/cloud/network/guru/ExternalGuestNetworkGuru.java @@ -21,10 +21,6 @@ import java.util.List; import javax.ejb.Local; import javax.inject.Inject; -import com.cloud.event.ActionEventUtils; - -import com.cloud.network.dao.IPAddressDao; -import com.cloud.network.dao.IPAddressVO; import org.apache.log4j.Logger; import org.apache.cloudstack.context.CallContext; @@ -35,10 +31,12 @@ import com.cloud.dc.DataCenter.NetworkType; import com.cloud.dc.dao.DataCenterDao; import com.cloud.deploy.DeployDestination; import com.cloud.deploy.DeploymentPlan; +import com.cloud.event.ActionEventUtils; import com.cloud.event.EventTypes; import com.cloud.event.EventVO; import com.cloud.exception.InsufficientAddressCapacityException; import com.cloud.exception.InsufficientVirtualNetworkCapcityException; +import com.cloud.network.IpAddressManager; import com.cloud.network.Network; import com.cloud.network.Network.GuestType; import com.cloud.network.Network.State; @@ -46,6 +44,8 @@ import com.cloud.network.NetworkManager; import com.cloud.network.Networks.BroadcastDomainType; import com.cloud.network.PhysicalNetwork; import com.cloud.network.PhysicalNetwork.IsolationMethod; +import com.cloud.network.dao.IPAddressDao; +import com.cloud.network.dao.IPAddressVO; import com.cloud.network.dao.NetworkDao; import com.cloud.network.dao.NetworkVO; import com.cloud.network.rules.PortForwardingRuleVO; @@ -60,7 +60,6 @@ import com.cloud.vm.Nic.ReservationStrategy; import com.cloud.vm.NicProfile; import com.cloud.vm.NicVO; import com.cloud.vm.ReservationContext; -import com.cloud.vm.VirtualMachine; import com.cloud.vm.VirtualMachineProfile; @Local(value = NetworkGuru.class) @@ -76,6 +75,8 @@ public class ExternalGuestNetworkGuru extends GuestNetworkGuru { PortForwardingRulesDao _pfRulesDao; @Inject IPAddressDao _ipAddressDao; + @Inject + IpAddressManager _ipAddrMgr; public ExternalGuestNetworkGuru() { @@ -83,6 +84,7 @@ public class ExternalGuestNetworkGuru extends GuestNetworkGuru { _isolationMethods = new IsolationMethod[] { IsolationMethod.GRE, IsolationMethod.L3, IsolationMethod.VLAN }; } + @Override protected boolean canHandle(NetworkOffering offering, final NetworkType networkType, final PhysicalNetwork physicalNetwork) { // This guru handles only Guest Isolated network that supports Source @@ -98,7 +100,7 @@ public class ExternalGuestNetworkGuru extends GuestNetworkGuru { + NetworkType.Advanced); return false; } - } + } @Override public Network design(NetworkOffering offering, DeploymentPlan plan, Network userSpecified, Account owner) { @@ -278,7 +280,7 @@ public class ExternalGuestNetworkGuru extends GuestNetworkGuru { nic.setGateway(config.getGateway()); if (nic.getIp4Address() == null) { - String guestIp = _networkMgr.acquireGuestIpAddress(config, null); + String guestIp = _ipAddrMgr.acquireGuestIpAddress(config, null); if (guestIp == null) { throw new InsufficientVirtualNetworkCapcityException("Unable to acquire guest IP address for network " + config, DataCenter.class, dc.getId()); } diff --git a/server/src/com/cloud/network/guru/GuestNetworkGuru.java b/server/src/com/cloud/network/guru/GuestNetworkGuru.java index 3fa0dd77cb6..b0da42f7c87 100755 --- a/server/src/com/cloud/network/guru/GuestNetworkGuru.java +++ b/server/src/com/cloud/network/guru/GuestNetworkGuru.java @@ -5,7 +5,7 @@ // to you under the Apache License, Version 2.0 (the // "License"); you may not use this file except in compliance // with the License. You may obtain a copy of the License at -// +// // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, @@ -19,16 +19,10 @@ package com.cloud.network.guru; import java.util.ArrayList; import java.util.List; import java.util.Random; -import java.util.SortedSet; -import java.util.TreeSet; import javax.ejb.Local; import javax.inject.Inject; -import com.cloud.event.ActionEventUtils; -import com.cloud.server.ConfigurationServer; -import com.cloud.utils.Pair; - import org.apache.log4j.Logger; import org.apache.cloudstack.context.CallContext; @@ -41,12 +35,16 @@ import com.cloud.dc.dao.DataCenterDao; import com.cloud.dc.dao.VlanDao; import com.cloud.deploy.DeployDestination; import com.cloud.deploy.DeploymentPlan; +import com.cloud.event.ActionEventUtils; import com.cloud.event.EventTypes; import com.cloud.event.EventVO; import com.cloud.exception.InsufficientAddressCapacityException; import com.cloud.exception.InsufficientVirtualNetworkCapcityException; import com.cloud.exception.InvalidParameterValueException; +import com.cloud.network.IpAddressManager; import com.cloud.network.Network; +import com.cloud.network.Network.Provider; +import com.cloud.network.Network.Service; import com.cloud.network.Network.State; import com.cloud.network.NetworkManager; import com.cloud.network.NetworkModel; @@ -64,12 +62,13 @@ import com.cloud.network.dao.NetworkVO; import com.cloud.network.dao.PhysicalNetworkDao; import com.cloud.network.dao.PhysicalNetworkVO; import com.cloud.offering.NetworkOffering; +import com.cloud.server.ConfigurationServer; import com.cloud.user.Account; +import com.cloud.utils.Pair; import com.cloud.utils.component.AdapterBase; import com.cloud.utils.db.DB; import com.cloud.utils.db.Transaction; import com.cloud.utils.exception.CloudRuntimeException; -import com.cloud.utils.net.Ip4Address; import com.cloud.utils.net.NetUtils; import com.cloud.vm.Nic.ReservationStrategy; import com.cloud.vm.NicProfile; @@ -77,8 +76,6 @@ import com.cloud.vm.ReservationContext; import com.cloud.vm.VirtualMachine; import com.cloud.vm.VirtualMachineProfile; import com.cloud.vm.dao.NicDao; -import com.cloud.network.Network.Provider; -import com.cloud.network.Network.Service; @Local(value = NetworkGuru.class) public abstract class GuestNetworkGuru extends AdapterBase implements NetworkGuru { @@ -99,10 +96,12 @@ public abstract class GuestNetworkGuru extends AdapterBase implements NetworkGur protected NetworkDao _networkDao; @Inject IPAddressDao _ipAddressDao; - @Inject - protected PhysicalNetworkDao _physicalNetworkDao; + @Inject + protected PhysicalNetworkDao _physicalNetworkDao; @Inject ConfigurationServer _configServer; + @Inject + IpAddressManager _ipAddrMgr; Random _rand = new Random(System.currentTimeMillis()); private static final TrafficType[] _trafficTypes = {TrafficType.Guest}; @@ -179,7 +178,7 @@ public abstract class GuestNetworkGuru extends AdapterBase implements NetworkGur NetworkVO network = new NetworkVO(offering.getTrafficType(), Mode.Dhcp, BroadcastDomainType.Vlan, offering.getId(), State.Allocated, plan.getDataCenterId(), plan.getPhysicalNetworkId()); if (userSpecified != null) { - if ((userSpecified.getCidr() == null && userSpecified.getGateway() != null) || + if ((userSpecified.getCidr() == null && userSpecified.getGateway() != null) || (userSpecified.getCidr() != null && userSpecified.getGateway() == null)) { throw new InvalidParameterValueException("cidr and gateway must be specified together."); } @@ -226,7 +225,7 @@ public abstract class GuestNetworkGuru extends AdapterBase implements NetworkGur if (ip != null) { Transaction txn = Transaction.currentTxn(); txn.start(); - _networkMgr.markIpAsUnavailable(ip.getId()); + _ipAddrMgr.markIpAsUnavailable(ip.getId()); _ipAddressDao.unassignIpAddress(ip.getId()); txn.commit(); } @@ -285,7 +284,7 @@ public abstract class GuestNetworkGuru extends AdapterBase implements NetworkGur } @Override - public Network implement(Network network, NetworkOffering offering, DeployDestination dest, + public Network implement(Network network, NetworkOffering offering, DeployDestination dest, ReservationContext context) throws InsufficientVirtualNetworkCapcityException { assert (network.getState() == State.Implementing) : "Why are we implementing " + network; @@ -295,11 +294,11 @@ public abstract class GuestNetworkGuru extends AdapterBase implements NetworkGur Long physicalNetworkId = network.getPhysicalNetworkId(); // physical network id can be null in Guest Network in Basic zone, so locate the physical network - if (physicalNetworkId == null) { + if (physicalNetworkId == null) { physicalNetworkId = _networkModel.findPhysicalNetworkId(dcId, offering.getTags(), offering.getTrafficType()); } - NetworkVO implemented = new NetworkVO(network.getTrafficType(), network.getMode(), + NetworkVO implemented = new NetworkVO(network.getTrafficType(), network.getMode(), network.getBroadcastDomainType(), network.getNetworkOfferingId(), State.Allocated, network.getDataCenterId(), physicalNetworkId); @@ -332,11 +331,11 @@ public abstract class GuestNetworkGuru extends AdapterBase implements NetworkGur if (nic.getIp4Address() == null) { nic.setBroadcastUri(network.getBroadcastUri()); nic.setIsolationUri(network.getBroadcastUri()); - nic.setGateway(network.getGateway()); + nic.setGateway(network.getGateway()); String guestIp = null; if (network.getSpecifyIpRanges()) { - _networkMgr.allocateDirectIp(nic, dc, vm, network, nic.getRequestedIpv4(), null); + _ipAddrMgr.allocateDirectIp(nic, dc, vm, network, nic.getRequestedIpv4(), null); } else { //if Vm is router vm and source nat is enabled in the network, set ip4 to the network gateway boolean isGateway = false; @@ -355,7 +354,7 @@ public abstract class GuestNetworkGuru extends AdapterBase implements NetworkGur if (isGateway) { guestIp = network.getGateway(); } else { - guestIp = _networkMgr.acquireGuestIpAddress(network, nic.getRequestedIpv4()); + guestIp = _ipAddrMgr.acquireGuestIpAddress(network, nic.getRequestedIpv4()); if (guestIp == null) { throw new InsufficientVirtualNetworkCapcityException("Unable to acquire Guest IP" + " address for network " + network, DataCenter.class, dc.getId()); @@ -412,10 +411,10 @@ public abstract class GuestNetworkGuru extends AdapterBase implements NetworkGur @Override public void shutdown(NetworkProfile profile, NetworkOffering offering) { - if (profile.getBroadcastDomainType() == BroadcastDomainType.Vlan && + if (profile.getBroadcastDomainType() == BroadcastDomainType.Vlan && profile.getBroadcastUri() != null && !offering.getSpecifyVlan()) { s_logger.debug("Releasing vnet for the network id=" + profile.getId()); - _dcDao.releaseVnet(profile.getBroadcastUri().getHost(), profile.getDataCenterId(), + _dcDao.releaseVnet(profile.getBroadcastUri().getHost(), profile.getDataCenterId(), profile.getPhysicalNetworkId(), profile.getAccountId(), profile.getReservationId()); ActionEventUtils.onCompletedActionEvent(CallContext.current().getCallingUserId(), profile.getAccountId(), EventVO.LEVEL_INFO, EventTypes.EVENT_ZONE_VLAN_RELEASE, "Released Zone Vlan: " diff --git a/server/src/com/cloud/network/guru/PublicNetworkGuru.java b/server/src/com/cloud/network/guru/PublicNetworkGuru.java index 8beb42e5831..d1094681a10 100755 --- a/server/src/com/cloud/network/guru/PublicNetworkGuru.java +++ b/server/src/com/cloud/network/guru/PublicNetworkGuru.java @@ -5,7 +5,7 @@ // to you under the Apache License, Version 2.0 (the // "License"); you may not use this file except in compliance // with the License. You may obtain a copy of the License at -// +// // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, @@ -30,6 +30,7 @@ import com.cloud.deploy.DeploymentPlan; import com.cloud.exception.ConcurrentOperationException; import com.cloud.exception.InsufficientAddressCapacityException; import com.cloud.exception.InsufficientVirtualNetworkCapcityException; +import com.cloud.network.IpAddressManager; import com.cloud.network.Network; import com.cloud.network.Network.State; import com.cloud.network.NetworkManager; @@ -67,6 +68,8 @@ public class PublicNetworkGuru extends AdapterBase implements NetworkGuru { NetworkManager _networkMgr; @Inject IPAddressDao _ipAddressDao; + @Inject + IpAddressManager _ipAddrMgr; private static final TrafficType[] _trafficTypes = {TrafficType.Public}; @@ -110,7 +113,7 @@ public class PublicNetworkGuru extends AdapterBase implements NetworkGuru { protected void getIp(NicProfile nic, DataCenter dc, VirtualMachineProfile vm, Network network) throws InsufficientVirtualNetworkCapcityException, InsufficientAddressCapacityException, ConcurrentOperationException { if (nic.getIp4Address() == null) { - PublicIp ip = _networkMgr.assignPublicIpAddress(dc.getId(), null, vm.getOwner(), VlanType.VirtualNetwork, null, null, false); + PublicIp ip = _ipAddrMgr.assignPublicIpAddress(dc.getId(), null, vm.getOwner(), VlanType.VirtualNetwork, null, null, false); nic.setIp4Address(ip.getAddress().toString()); nic.setGateway(ip.getGateway()); nic.setNetmask(ip.getNetmask()); @@ -136,11 +139,11 @@ public class PublicNetworkGuru extends AdapterBase implements NetworkGuru { } @Override - public NicProfile allocate(Network network, NicProfile nic, VirtualMachineProfile vm) + public NicProfile allocate(Network network, NicProfile nic, VirtualMachineProfile vm) throws InsufficientVirtualNetworkCapcityException, InsufficientAddressCapacityException, ConcurrentOperationException { - DataCenter dc = _dcDao.findById(network.getDataCenterId()); + DataCenter dc = _dcDao.findById(network.getDataCenterId()); if (nic != null && nic.getRequestedIpv4() != null) { throw new CloudRuntimeException("Does not support custom ip allocation at this time: " + nic); @@ -194,7 +197,7 @@ public class PublicNetworkGuru extends AdapterBase implements NetworkGuru { Transaction txn = Transaction.currentTxn(); txn.start(); - _networkMgr.markIpAsUnavailable(ip.getId()); + _ipAddrMgr.markIpAsUnavailable(ip.getId()); _ipAddressDao.unassignIpAddress(ip.getId()); txn.commit(); diff --git a/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java b/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java index 79f3cf820b2..e97fd56aec4 100755 --- a/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java +++ b/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java @@ -5,7 +5,7 @@ // to you under the Apache License, Version 2.0 (the // "License"); you may not use this file except in compliance // with the License. You may obtain a copy of the License at -// +// // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, @@ -30,12 +30,11 @@ import java.util.Set; import javax.ejb.Local; import javax.inject.Inject; -import com.cloud.network.ExternalDeviceUsageManager; -import com.cloud.network.IpAddress; -import com.cloud.network.LBHealthCheckPolicyVO; -import com.cloud.network.Network; -import com.cloud.network.NetworkManager; -import com.cloud.network.NetworkModel; +import org.apache.log4j.Logger; +import org.springframework.stereotype.Component; + +import com.google.gson.Gson; +import com.google.gson.reflect.TypeToken; import org.apache.cloudstack.api.ApiConstants; import org.apache.cloudstack.api.command.user.loadbalancer.CreateLBHealthCheckPolicyCmd; @@ -51,9 +50,6 @@ import org.apache.cloudstack.framework.config.dao.ConfigurationDao; import org.apache.cloudstack.lb.ApplicationLoadBalancerRuleVO; import org.apache.cloudstack.lb.dao.ApplicationLoadBalancerRuleDao; -import org.apache.log4j.Logger; -import org.springframework.stereotype.Component; - import com.cloud.agent.api.to.LoadBalancerTO; import com.cloud.configuration.Config; import com.cloud.configuration.ConfigurationManager; @@ -72,9 +68,16 @@ import com.cloud.exception.InvalidParameterValueException; import com.cloud.exception.NetworkRuleConflictException; import com.cloud.exception.PermissionDeniedException; import com.cloud.exception.ResourceUnavailableException; +import com.cloud.network.ExternalDeviceUsageManager; +import com.cloud.network.IpAddress; +import com.cloud.network.IpAddressManager; +import com.cloud.network.LBHealthCheckPolicyVO; +import com.cloud.network.Network; import com.cloud.network.Network.Capability; import com.cloud.network.Network.Provider; import com.cloud.network.Network.Service; +import com.cloud.network.NetworkManager; +import com.cloud.network.NetworkModel; import com.cloud.network.addr.PublicIp; import com.cloud.network.as.AutoScalePolicy; import com.cloud.network.as.AutoScalePolicyConditionMapVO; @@ -158,9 +161,6 @@ import com.cloud.vm.VirtualMachine.State; import com.cloud.vm.dao.NicDao; import com.cloud.vm.dao.UserVmDao; -import com.google.gson.Gson; -import com.google.gson.reflect.TypeToken; - @Component @Local(value = { LoadBalancingRulesManager.class, LoadBalancingRulesService.class }) public class LoadBalancingRulesManagerImpl extends ManagerBase implements LoadBalancingRulesManager, @@ -247,6 +247,8 @@ public class LoadBalancingRulesManagerImpl extends ManagerBase implements @Inject List _lbProviders; @Inject ApplicationLoadBalancerRuleDao _appLbRuleDao; + @Inject + IpAddressManager _ipAddrMgr; // Will return a string. For LB Stickiness this will be a json, for // autoscale this will be "," separated values @@ -901,7 +903,7 @@ public class LoadBalancingRulesManagerImpl extends ManagerBase implements if (lbrules.size() > 0) { isHandled = false; for (LoadBalancingServiceProvider lbElement : _lbProviders) { - stateRules = lbElement.updateHealthChecks(network, (List) lbrules); + stateRules = lbElement.updateHealthChecks(network, lbrules); if (stateRules != null && stateRules.size() > 0) { for (LoadBalancerTO lbto : stateRules) { LoadBalancerVO ulb = _lbDao.findByUuid(lbto.getUuid()); @@ -1299,7 +1301,7 @@ public class LoadBalancingRulesManagerImpl extends ManagerBase implements @Override @ActionEvent(eventType = EventTypes.EVENT_LOAD_BALANCER_CREATE, eventDescription = "creating load balancer") - public LoadBalancer createPublicLoadBalancerRule(String xId, String name, String description, + public LoadBalancer createPublicLoadBalancerRule(String xId, String name, String description, int srcPortStart, int srcPortEnd, int defPortStart, int defPortEnd, Long ipAddrId, String protocol, String algorithm, long networkId, long lbOwnerId, boolean openFirewall) throws NetworkRuleConflictException, InsufficientAddressCapacityException { Account lbOwner = _accountMgr.getAccount(lbOwnerId); @@ -1325,7 +1327,7 @@ public class LoadBalancingRulesManagerImpl extends ManagerBase implements IpAddress systemIp = null; NetworkOffering off = _configMgr.getNetworkOffering(network.getNetworkOfferingId()); if (off.getElasticLb() && ipVO == null && network.getVpcId() == null) { - systemIp = _networkMgr.assignSystemIp(networkId, lbOwner, true, false); + systemIp = _ipAddrMgr.assignSystemIp(networkId, lbOwner, true, false); ipVO = _ipAddressDao.findById(systemIp.getId()); } @@ -1348,7 +1350,7 @@ public class LoadBalancingRulesManagerImpl extends ManagerBase implements s_logger.debug("The ip is not associated with the VPC network id=" + networkId + " so assigning"); - ipVO = _networkMgr.associateIPToGuestNetwork(ipAddrId, networkId, false); + ipVO = _ipAddrMgr.associateIPToGuestNetwork(ipAddrId, networkId, false); performedIpAssoc = true; } } else { @@ -1370,7 +1372,7 @@ public class LoadBalancingRulesManagerImpl extends ManagerBase implements if (result == null && systemIp != null) { s_logger.debug("Releasing system IP address " + systemIp + " as corresponding lb rule failed to create"); - _networkMgr.handleSystemIpRelease(systemIp); + _ipAddrMgr.handleSystemIpRelease(systemIp); } // release ip address if ipassoc was perfored if (performedIpAssoc) { @@ -1389,7 +1391,7 @@ public class LoadBalancingRulesManagerImpl extends ManagerBase implements @DB @Override - public LoadBalancer createPublicLoadBalancer(String xId, String name, String description, + public LoadBalancer createPublicLoadBalancer(String xId, String name, String description, int srcPort, int destPort, long sourceIpId, String protocol, String algorithm, boolean openFirewall, CallContext caller) throws NetworkRuleConflictException { @@ -1410,7 +1412,7 @@ public class LoadBalancingRulesManagerImpl extends ManagerBase implements ex.addProxyObject(String.valueOf(sourceIpId), "sourceIpId"); } else{ - ex.addProxyObject(ipAddr.getUuid(), "sourceIpId"); + ex.addProxyObject(ipAddr.getUuid(), "sourceIpId"); } throw ex; } else if (ipAddr.isOneToOneNat()) { @@ -1677,7 +1679,7 @@ public class LoadBalancingRulesManagerImpl extends ManagerBase implements boolean success = true; if (ip.getSystem()) { s_logger.debug("Releasing system ip address " + lb.getSourceIpAddressId() + " as a part of delete lb rule"); - if (!_networkMgr.disassociatePublicIpAddress(lb.getSourceIpAddressId(), CallContext.current() + if (!_ipAddrMgr.disassociatePublicIpAddress(lb.getSourceIpAddressId(), CallContext.current() .getCallingUserId(), CallContext.current().getCallingAccount())) { s_logger.warn("Unable to release system ip address id=" + lb.getSourceIpAddressId() + " as a part of delete lb rule"); @@ -2085,7 +2087,7 @@ public class LoadBalancingRulesManagerImpl extends ManagerBase implements // service provider, so run IP assoication for // the network so as to ensure IP is associated before applying // rules (in add state) - _networkMgr.applyIpAssociations(network, false, continueOnError, publicIps); + _ipAddrMgr.applyIpAssociations(network, false, continueOnError, publicIps); try { @@ -2100,7 +2102,7 @@ public class LoadBalancingRulesManagerImpl extends ManagerBase implements // if all the rules configured on public IP are revoked then // dis-associate IP with network service provider - _networkMgr.applyIpAssociations(network, true, continueOnError, publicIps); + _ipAddrMgr.applyIpAssociations(network, true, continueOnError, publicIps); return success; } @@ -2140,7 +2142,7 @@ public class LoadBalancingRulesManagerImpl extends ManagerBase implements } } else { if (!off.getInternalLb()) { - throw new InvalidParameterValueException("Scheme " + scheme + " is not supported by the network offering " + off); + throw new InvalidParameterValueException("Scheme " + scheme + " is not supported by the network offering " + off); } } diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java index 584c07069c7..42990ece04a 100755 --- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java +++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java @@ -134,6 +134,7 @@ import com.cloud.host.Status; import com.cloud.host.dao.HostDao; import com.cloud.hypervisor.Hypervisor.HypervisorType; import com.cloud.network.IpAddress; +import com.cloud.network.IpAddressManager; import com.cloud.network.Network; import com.cloud.network.Network.GuestType; import com.cloud.network.Network.Provider; @@ -359,6 +360,8 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V UserIpv6AddressDao _ipv6Dao; @Inject NetworkService _networkSvc; + @Inject + IpAddressManager _ipAddrMgr; int _routerRamSize; @@ -1530,7 +1533,7 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V PublicIp sourceNatIp = null; if (publicNetwork) { - sourceNatIp = _networkMgr.assignSourceNatIpAddressToGuestNetwork(owner, guestNetwork); + sourceNatIp = _ipAddrMgr.assignSourceNatIpAddressToGuestNetwork(owner, guestNetwork); } // 3) deploy virtual router(s) @@ -1791,7 +1794,7 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V NicProfile gatewayNic = new NicProfile(defaultNetworkStartIp, defaultNetworkStartIpv6); if (setupPublicNetwork) { if (isRedundant) { - gatewayNic.setIp4Address(_networkMgr.acquireGuestIpAddress(guestNetwork, null)); + gatewayNic.setIp4Address(_ipAddrMgr.acquireGuestIpAddress(guestNetwork, null)); } else { gatewayNic.setIp4Address(guestNetwork.getGateway()); } @@ -2817,10 +2820,24 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V vlanDbIdList.add(vlan.getId()); } if (dc.getNetworkType() == NetworkType.Basic) { - routerPublicIP = _networkMgr.assignPublicIpAddressFromVlans(router.getDataCenterId(), vm.getPodIdToDeployIn(), caller, Vlan.VlanType.DirectAttached, vlanDbIdList, nic.getNetworkId(), null, false); + routerPublicIP = _ipAddrMgr.assignPublicIpAddressFromVlans(router.getDataCenterId(), + vm.getPodIdToDeployIn(), + caller, + Vlan.VlanType.DirectAttached, + vlanDbIdList, + nic.getNetworkId(), + null, + false); } else { - routerPublicIP = _networkMgr.assignPublicIpAddressFromVlans(router.getDataCenterId(), null, caller, Vlan.VlanType.DirectAttached, vlanDbIdList, nic.getNetworkId(), null, false); + routerPublicIP = _ipAddrMgr.assignPublicIpAddressFromVlans(router.getDataCenterId(), + null, + caller, + Vlan.VlanType.DirectAttached, + vlanDbIdList, + nic.getNetworkId(), + null, + false); } routerAliasIp = routerPublicIP.getAddress().addr(); diff --git a/server/src/com/cloud/network/rules/RulesManagerImpl.java b/server/src/com/cloud/network/rules/RulesManagerImpl.java index a2f5da3b7f9..723350661ce 100755 --- a/server/src/com/cloud/network/rules/RulesManagerImpl.java +++ b/server/src/com/cloud/network/rules/RulesManagerImpl.java @@ -5,7 +5,7 @@ // to you under the Apache License, Version 2.0 (the // "License"); you may not use this file except in compliance // with the License. You may obtain a copy of the License at -// +// // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, @@ -25,12 +25,12 @@ import java.util.Set; import javax.ejb.Local; import javax.inject.Inject; -import org.apache.cloudstack.api.command.user.firewall.ListPortForwardingRulesCmd; -import org.apache.cloudstack.context.CallContext; - import org.apache.log4j.Logger; import org.springframework.stereotype.Component; +import org.apache.cloudstack.api.command.user.firewall.ListPortForwardingRulesCmd; +import org.apache.cloudstack.context.CallContext; + import com.cloud.configuration.ConfigurationManager; import com.cloud.domain.dao.DomainDao; import com.cloud.event.ActionEvent; @@ -43,6 +43,7 @@ import com.cloud.exception.InvalidParameterValueException; import com.cloud.exception.NetworkRuleConflictException; import com.cloud.exception.ResourceUnavailableException; import com.cloud.network.IpAddress; +import com.cloud.network.IpAddressManager; import com.cloud.network.Network; import com.cloud.network.Network.Service; import com.cloud.network.NetworkManager; @@ -96,6 +97,9 @@ import com.cloud.vm.dao.VMInstanceDao; public class RulesManagerImpl extends ManagerBase implements RulesManager, RulesService { private static final Logger s_logger = Logger.getLogger(RulesManagerImpl.class); + @Inject + IpAddressManager _ipAddrMgr; + @Inject PortForwardingRulesDao _portForwardingDao; @Inject @@ -212,14 +216,14 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules boolean performedIpAssoc = false; Nic guestNic; if (ipAddress.getAssociatedWithNetworkId() == null) { - boolean assignToVpcNtwk = network.getVpcId() != null + boolean assignToVpcNtwk = network.getVpcId() != null && ipAddress.getVpcId() != null && ipAddress.getVpcId().longValue() == network.getVpcId(); if (assignToVpcNtwk) { _networkModel.checkIpForService(ipAddress, Service.PortForwarding, networkId); s_logger.debug("The ip is not associated with the VPC network id="+ networkId + ", so assigning"); try { - ipAddress = _networkMgr.associateIPToGuestNetwork(ipAddrId, networkId, false); + ipAddress = _ipAddrMgr.associateIPToGuestNetwork(ipAddrId, networkId, false); performedIpAssoc = true; } catch (Exception ex) { throw new CloudRuntimeException("Failed to associate ip to VPC network as " + @@ -230,12 +234,12 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules _networkModel.checkIpForService(ipAddress, Service.PortForwarding, null); } - if (ipAddress.getAssociatedWithNetworkId() == null) { + if (ipAddress.getAssociatedWithNetworkId() == null) { throw new InvalidParameterValueException("Ip address " + ipAddress + " is not assigned to the network " + network); } try { - _firewallMgr.validateFirewallRule(caller, ipAddress, rule.getSourcePortStart(), rule.getSourcePortEnd(), + _firewallMgr.validateFirewallRule(caller, ipAddress, rule.getSourcePortStart(), rule.getSourcePortEnd(), rule.getProtocol(), Purpose.PortForwarding, FirewallRuleType.User, networkId, rule.getTrafficType()); Long accountId = ipAddress.getAllocatedToAccountId(); @@ -254,7 +258,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules // validate user VM exists UserVm vm = _vmDao.findById(vmId); if (vm == null) { - throw new InvalidParameterValueException("Unable to create port forwarding rule on address " + ipAddress + + throw new InvalidParameterValueException("Unable to create port forwarding rule on address " + ipAddress + ", invalid virtual machine id specified (" + vmId + ")."); } else { checkRuleAndUserVm(rule, vm, caller); @@ -285,7 +289,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules //if start port and end port are passed in, and they are not equal to each other, perform the validation boolean validatePortRange = false; - if (rule.getSourcePortStart().intValue() != rule.getSourcePortEnd().intValue() + if (rule.getSourcePortStart().intValue() != rule.getSourcePortEnd().intValue() || rule.getDestinationPortStart() != rule.getDestinationPortEnd()) { validatePortRange = true; } @@ -304,7 +308,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules Transaction txn = Transaction.currentTxn(); txn.start(); - PortForwardingRuleVO newRule = new PortForwardingRuleVO(rule.getXid(), rule.getSourceIpAddressId(), + PortForwardingRuleVO newRule = new PortForwardingRuleVO(rule.getXid(), rule.getSourceIpAddressId(), rule.getSourcePortStart(), rule.getSourcePortEnd(), dstIp, rule.getDestinationPortStart(), rule.getDestinationPortEnd(), rule.getProtocol().toLowerCase(), networkId, accountId, domainId, vmId); newRule = _portForwardingDao.persist(newRule); @@ -346,7 +350,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules if (performedIpAssoc) { //if the rule is the last one for the ip address assigned to VPC, unassign it from the network IpAddress ip = _ipAddressDao.findById(ipAddress.getId()); - _vpcMgr.unassignIPFromVpcNetwork(ip.getId(), networkId); + _vpcMgr.unassignIPFromVpcNetwork(ip.getId(), networkId); } } } @@ -475,19 +479,19 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules if (!isSystemVm) { UserVmVO vm = _vmDao.findById(vmId); if (vm == null) { - throw new InvalidParameterValueException("Can't enable static nat for the address id=" + ipId + + throw new InvalidParameterValueException("Can't enable static nat for the address id=" + ipId + ", invalid virtual machine id specified (" + vmId + ")."); } //associate ip address to network (if needed) if (ipAddress.getAssociatedWithNetworkId() == null) { - boolean assignToVpcNtwk = network.getVpcId() != null + boolean assignToVpcNtwk = network.getVpcId() != null && ipAddress.getVpcId() != null && ipAddress.getVpcId().longValue() == network.getVpcId(); if (assignToVpcNtwk) { _networkModel.checkIpForService(ipAddress, Service.StaticNat, networkId); s_logger.debug("The ip is not associated with the VPC network id="+ networkId + ", so assigning"); try { - ipAddress = _networkMgr.associateIPToGuestNetwork(ipId, networkId, false); + ipAddress = _ipAddrMgr.associateIPToGuestNetwork(ipId, networkId, false); } catch (Exception ex) { s_logger.warn("Failed to associate ip id=" + ipId + " to VPC network id=" + networkId + " as " + "a part of enable static nat"); @@ -506,7 +510,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules } // associate portable IP with guest network - ipAddress = _networkMgr.associatePortableIPToGuestNetwork(ipId, networkId, false); + ipAddress = _ipAddrMgr.associatePortableIPToGuestNetwork(ipId, networkId, false); } catch (Exception e) { s_logger.warn("Failed to associate portable id=" + ipId + " to network id=" + networkId + " as " + "a part of enable static nat"); @@ -519,10 +523,10 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules _networkModel.checkIpForService(ipAddress, Service.StaticNat, networkId); // check if portable IP can be transferred across the networks - if (_networkMgr.isPortableIpTransferableFromNetwork(ipId, ipAddress.getAssociatedWithNetworkId() )) { + if (_ipAddrMgr.isPortableIpTransferableFromNetwork(ipId, ipAddress.getAssociatedWithNetworkId())) { try { // transfer the portable IP and refresh IP details - _networkMgr.transferPortableIP(ipId, ipAddress.getAssociatedWithNetworkId(), networkId); + _ipAddrMgr.transferPortableIP(ipId, ipAddress.getAssociatedWithNetworkId(), networkId); ipAddress = _ipAddressDao.findById(ipId); } catch (Exception e) { s_logger.warn("Failed to associate portable id=" + ipId + " to network id=" + networkId + " as " + @@ -542,7 +546,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules _networkModel.checkIpForService(ipAddress, Service.StaticNat, null); } - if (ipAddress.getAssociatedWithNetworkId() == null) { + if (ipAddress.getAssociatedWithNetworkId() == null) { throw new InvalidParameterValueException("Ip address " + ipAddress + " is not assigned to the network " + network); } @@ -972,7 +976,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules } try { - if (!_networkMgr.applyStaticNats(staticNats, continueOnError, false)) { + if (!_ipAddrMgr.applyStaticNats(staticNats, continueOnError, false)) { return false; } } catch (ResourceUnavailableException ex) { @@ -1145,7 +1149,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules @Override @DB - public FirewallRuleVO[] reservePorts(IpAddress ip, String protocol, FirewallRule.Purpose purpose, + public FirewallRuleVO[] reservePorts(IpAddress ip, String protocol, FirewallRule.Purpose purpose, boolean openFirewall, Account caller, int... ports) throws NetworkRuleConflictException { FirewallRuleVO[] rules = new FirewallRuleVO[ports.length]; @@ -1157,7 +1161,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules rules[i] = _firewallDao.persist(rules[i]); if (openFirewall) { - _firewallMgr.createRuleForAllCidrs(ip.getId(), caller, ports[i], ports[i], protocol, null, null, + _firewallMgr.createRuleForAllCidrs(ip.getId(), caller, ports[i], ports[i], protocol, null, null, rules[i].getId(), ip.getAssociatedWithNetworkId()); } } @@ -1197,14 +1201,14 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules if (ipAddress.getSystem()) { InvalidParameterValueException ex = new InvalidParameterValueException("Can't disable static nat for system IP address with specified id"); - ex.addProxyObject(ipAddress.getUuid(), "ipId"); + ex.addProxyObject(ipAddress.getUuid(), "ipId"); throw ex; } Long vmId = ipAddress.getAssociatedWithVmId(); if (vmId == null) { InvalidParameterValueException ex = new InvalidParameterValueException("Specified IP address id is not associated with any vm Id"); - ex.addProxyObject(ipAddress.getUuid(), "ipId"); + ex.addProxyObject(ipAddress.getUuid(), "ipId"); throw ex; } @@ -1232,7 +1236,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules if (!ipAddress.isOneToOneNat()) { InvalidParameterValueException ex = new InvalidParameterValueException("One to one nat is not enabled for the specified ip id"); - ex.addProxyObject(ipAddress.getUuid(), "ipId"); + ex.addProxyObject(ipAddress.getUuid(), "ipId"); throw ex; } @@ -1264,7 +1268,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules _ipAddressDao.update(ipAddress.getId(), ipAddress); _vpcMgr.unassignIPFromVpcNetwork(ipAddress.getId(), networkId); - if (isIpSystem && releaseIpIfElastic && !_networkMgr.handleSystemIpRelease(ipAddress)) { + if (isIpSystem && releaseIpIfElastic && !_ipAddrMgr.handleSystemIpRelease(ipAddress)) { s_logger.warn("Failed to release system ip address " + ipAddress); success = false; } @@ -1315,7 +1319,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules if (staticNats != null && !staticNats.isEmpty()) { try { - if (!_networkMgr.applyStaticNats(staticNats, continueOnError, forRevoke)) { + if (!_ipAddrMgr.applyStaticNats(staticNats, continueOnError, forRevoke)) { return false; } } catch (ResourceUnavailableException ex) { @@ -1342,7 +1346,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules s_logger.debug("Found " + staticNats.size() + " static nats to disable for network id " + networkId); } try { - if (!_networkMgr.applyStaticNats(staticNats, continueOnError, forRevoke)) { + if (!_ipAddrMgr.applyStaticNats(staticNats, continueOnError, forRevoke)) { return false; } } catch (ResourceUnavailableException ex) { @@ -1372,7 +1376,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules Network network = _networkModel.getNetwork(networkId); if (network == null) { CloudRuntimeException ex = new CloudRuntimeException("Unable to find an ip address to map to specified vm id"); - ex.addProxyObject(vm.getUuid(), "vmId"); + ex.addProxyObject(vm.getUuid(), "vmId"); throw ex; } @@ -1422,9 +1426,9 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules } s_logger.debug("Allocating system ip and enabling static nat for it for the vm " + vm + " in guest network " + guestNetwork); - IpAddress ip = _networkMgr.assignSystemIp(guestNetwork.getId(), _accountMgr.getAccount(vm.getAccountId()), false, true); + IpAddress ip = _ipAddrMgr.assignSystemIp(guestNetwork.getId(), _accountMgr.getAccount(vm.getAccountId()), false, true); if (ip == null) { - throw new CloudRuntimeException("Failed to allocate system ip for vm " + vm + " in guest network " + guestNetwork); + throw new CloudRuntimeException("Failed to allocate system ip for vm " + vm + " in guest network " + guestNetwork); } s_logger.debug("Allocated system ip " + ip + ", now enabling static nat on it for vm " + vm); @@ -1432,18 +1436,18 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules try { success = enableStaticNat(ip.getId(), vm.getId(), guestNetwork.getId(), isSystemVM, null); } catch (NetworkRuleConflictException ex) { - s_logger.warn("Failed to enable static nat as a part of enabling elasticIp and staticNat for vm " + + s_logger.warn("Failed to enable static nat as a part of enabling elasticIp and staticNat for vm " + vm + " in guest network " + guestNetwork + " due to exception ", ex); success = false; } catch (ResourceUnavailableException ex) { - s_logger.warn("Failed to enable static nat as a part of enabling elasticIp and staticNat for vm " + + s_logger.warn("Failed to enable static nat as a part of enabling elasticIp and staticNat for vm " + vm + " in guest network " + guestNetwork + " due to exception ", ex); success = false; } if (!success) { s_logger.warn("Failed to enable static nat on system ip " + ip + " for the vm " + vm + ", releasing the ip..."); - _networkMgr.handleSystemIpRelease(ip); + _ipAddrMgr.handleSystemIpRelease(ip); throw new CloudRuntimeException("Failed to enable static nat on system ip for the vm " + vm); } else { s_logger.warn("Succesfully enabled static nat on system ip " + ip + " for the vm " + vm); @@ -1474,7 +1478,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules VMInstanceVO vm = _vmInstanceDao.findById(nic.getInstanceId()); // generate a static Nat rule on the fly because staticNATrule does not persist into db anymore // FIX ME - FirewallRuleVO staticNatRule = new FirewallRuleVO(null, ip.getId(), 0, 65535, NetUtils.ALL_PROTO.toString(), + FirewallRuleVO staticNatRule = new FirewallRuleVO(null, ip.getId(), 0, 65535, NetUtils.ALL_PROTO.toString(), nic.getNetworkId(), vm.getAccountId(), vm.getDomainId(), Purpose.StaticNat, null, null, null, null, null); result.add(staticNatRule); } diff --git a/server/src/com/cloud/network/vpc/VpcManagerImpl.java b/server/src/com/cloud/network/vpc/VpcManagerImpl.java index 03750e35ec5..3a7b69bd807 100644 --- a/server/src/com/cloud/network/vpc/VpcManagerImpl.java +++ b/server/src/com/cloud/network/vpc/VpcManagerImpl.java @@ -16,6 +16,30 @@ // under the License. package com.cloud.network.vpc; +import java.util.ArrayList; +import java.util.Arrays; +import java.util.HashMap; +import java.util.HashSet; +import java.util.List; +import java.util.Map; +import java.util.Set; +import java.util.concurrent.Executors; +import java.util.concurrent.ScheduledExecutorService; +import java.util.concurrent.TimeUnit; + +import javax.ejb.Local; +import javax.inject.Inject; +import javax.naming.ConfigurationException; + +import org.apache.log4j.Logger; +import org.springframework.stereotype.Component; + +import org.apache.cloudstack.acl.ControlledEntity.ACLType; +import org.apache.cloudstack.api.command.user.vpc.ListPrivateGatewaysCmd; +import org.apache.cloudstack.api.command.user.vpc.ListStaticRoutesCmd; +import org.apache.cloudstack.context.CallContext; +import org.apache.cloudstack.framework.config.dao.ConfigurationDao; + import com.cloud.configuration.Config; import com.cloud.configuration.ConfigurationManager; import com.cloud.configuration.Resource.ResourceType; @@ -37,6 +61,7 @@ import com.cloud.exception.ResourceAllocationException; import com.cloud.exception.ResourceUnavailableException; import com.cloud.hypervisor.Hypervisor.HypervisorType; import com.cloud.network.IpAddress; +import com.cloud.network.IpAddressManager; import com.cloud.network.Network; import com.cloud.network.Network.GuestType; import com.cloud.network.Network.Provider; @@ -99,30 +124,6 @@ import com.cloud.vm.ReservationContext; import com.cloud.vm.ReservationContextImpl; import com.cloud.vm.dao.DomainRouterDao; -import org.apache.cloudstack.acl.ControlledEntity.ACLType; -import org.apache.cloudstack.api.command.user.vpc.ListPrivateGatewaysCmd; -import org.apache.cloudstack.api.command.user.vpc.ListStaticRoutesCmd; -import org.apache.cloudstack.context.CallContext; -import org.apache.cloudstack.framework.config.dao.ConfigurationDao; - -import org.apache.log4j.Logger; -import org.springframework.stereotype.Component; - -import javax.ejb.Local; -import javax.inject.Inject; -import javax.naming.ConfigurationException; - -import java.util.ArrayList; -import java.util.Arrays; -import java.util.HashMap; -import java.util.HashSet; -import java.util.List; -import java.util.Map; -import java.util.Set; -import java.util.concurrent.Executors; -import java.util.concurrent.ScheduledExecutorService; -import java.util.concurrent.TimeUnit; - @Component @Local(value = { VpcManager.class, VpcService.class, VpcProvisioningService.class }) @@ -184,6 +185,8 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis ConfigurationServer _configServer; @Inject NetworkACLDao _networkAclDao; + @Inject + IpAddressManager _ipAddrMgr; private final ScheduledExecutorService _executor = Executors.newScheduledThreadPool(1, new NamedThreadFactory("VpcChecker")); private List vpcElements = null; @@ -218,7 +221,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis svcProviderMap.put(svc, defaultProviders); } } - createVpcOffering(VpcOffering.defaultVPCOfferingName, VpcOffering.defaultVPCOfferingName, svcProviderMap, + createVpcOffering(VpcOffering.defaultVPCOfferingName, VpcOffering.defaultVPCOfferingName, svcProviderMap, true, State.Enabled); } @@ -359,7 +362,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis @DB - protected VpcOffering createVpcOffering(String name, String displayText, Map> svcProviderMap, boolean isDefault, State state) { Transaction txn = Transaction.currentTxn(); txn.start(); @@ -506,7 +509,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis VpcOfferingVO offering = _vpcOffDao.findById(offId); if (offering == null) { throw new InvalidParameterValueException("unable to find vpc offering " + offId); - } + } // Don't allow to delete default vpc offerings if (offering.isDefault() == true) { @@ -571,7 +574,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis @Override @ActionEvent(eventType = EventTypes.EVENT_VPC_CREATE, eventDescription = "creating vpc", create=true) - public Vpc createVpc(long zoneId, long vpcOffId, long vpcOwnerId, String vpcName, String displayText, String cidr, + public Vpc createVpc(long zoneId, long vpcOffId, long vpcOwnerId, String vpcName, String displayText, String cidr, String networkDomain) throws ResourceAllocationException { Account caller = CallContext.current().getCallingAccount(); Account owner = _accountMgr.getAccount(vpcOwnerId); @@ -624,7 +627,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis @DB - protected Vpc createVpc(long zoneId, long vpcOffId, Account vpcOwner, String vpcName, String displayText, String cidr, + protected Vpc createVpc(long zoneId, long vpcOffId, Account vpcOwner, String vpcName, String displayText, String cidr, String networkDomain) { //Validate CIDR @@ -648,7 +651,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis Transaction txn = Transaction.currentTxn(); txn.start(); - VpcVO vpc = new VpcVO (zoneId, vpcName, displayText, vpcOwner.getId(), vpcOwner.getDomainId(), vpcOffId, cidr, + VpcVO vpc = new VpcVO (zoneId, vpcName, displayText, vpcOwner.getId(), vpcOwner.getDomainId(), vpcOffId, cidr, networkDomain); vpc = _vpcDao.persist(vpc, finalizeServicesAndProvidersForVpc(zoneId, vpcOffId)); _resourceLimitMgr.incrementResourceCount(vpcOwner.getId(), ResourceType.vpc); @@ -656,7 +659,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis s_logger.debug("Created VPC " + vpc); - return vpc; + return vpc; } private Map finalizeServicesAndProvidersForVpc(long zoneId, long offeringId) { @@ -797,13 +800,13 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis @Override - public List listVpcs(Long id, String vpcName, String displayText, List supportedServicesStr, + public List listVpcs(Long id, String vpcName, String displayText, List supportedServicesStr, String cidr, Long vpcOffId, String state, String accountName, Long domainId, String keyword, Long startIndex, Long pageSizeVal, Long zoneId, Boolean isRecursive, Boolean listAll, Boolean restartRequired, Map tags, Long projectId) { Account caller = CallContext.current().getCallingAccount(); List permittedAccounts = new ArrayList(); - Ternary domainIdRecursiveListProject = new Ternary domainIdRecursiveListProject = new Ternary(domainId, isRecursive, null); _accountMgr.buildACLSearchParameters(caller, id, accountName, projectId, permittedAccounts, domainIdRecursiveListProject, listAll, false); @@ -838,7 +841,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis // now set the SC criteria... SearchCriteria sc = sb.create(); - _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria); + _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria); if (keyword != null) { SearchCriteria ssc = _vpcDao.createSearchCriteria(); @@ -862,7 +865,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis sc.setJoinParameters("tagSearch", "key" + String.valueOf(count), key); sc.setJoinParameters("tagSearch", "value" + String.valueOf(count), tags.get(key)); count++; - } + } } if (id != null) { @@ -941,7 +944,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis } @Override - public boolean startVpc(long vpcId, boolean destroyOnFailure) throws ConcurrentOperationException, ResourceUnavailableException, + public boolean startVpc(long vpcId, boolean destroyOnFailure) throws ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException { CallContext ctx = CallContext.current(); Account caller = ctx.getCallingAccount(); @@ -961,7 +964,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis DataCenter dc = _configMgr.getZone(vpc.getZoneId()); DeployDestination dest = new DeployDestination(dc, null, null, null); - ReservationContext context = new ReservationContextImpl(null, null, callerUser, + ReservationContext context = new ReservationContextImpl(null, null, callerUser, _accountMgr.getAccount(vpc.getAccountId())); boolean result = true; @@ -987,7 +990,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis return result; } - protected boolean startVpc(Vpc vpc, DeployDestination dest, ReservationContext context) + protected boolean startVpc(Vpc vpc, DeployDestination dest, ReservationContext context) throws ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException { //deploy provider boolean success = true; @@ -1042,7 +1045,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis @DB @Override - public void validateNtwkOffForNtwkInVpc(Long networkId, long newNtwkOffId, String newCidr, + public void validateNtwkOffForNtwkInVpc(Long networkId, long newNtwkOffId, String newCidr, String newNetworkDomain, Vpc vpc, String gateway, Account networkOwner, Long aclId) { NetworkOffering guestNtwkOff = _configMgr.getNetworkOffering(newNtwkOffId); @@ -1053,7 +1056,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis if (networkId == null) { //1) Validate attributes that has to be passed in when create new guest network - validateNewVpcGuestNetwork(newCidr, gateway, networkOwner, vpc, newNetworkDomain); + validateNewVpcGuestNetwork(newCidr, gateway, networkOwner, vpc, newNetworkDomain); } //2) validate network offering attributes @@ -1067,7 +1070,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis String pr = nSvcVO.getProvider(); String service = nSvcVO.getService(); if (_vpcOffServiceDao.findByServiceProviderAndOfferingId(service, pr, vpc.getVpcOfferingId()) == null) { - throw new InvalidParameterValueException("Service/provider combination " + service + "/" + + throw new InvalidParameterValueException("Service/provider combination " + service + "/" + pr + " is not supported by VPC " + vpc); } } @@ -1102,13 +1105,13 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis List providers = _ntwkModel.getNtwkOffDistinctProviders(guestNtwkOff.getId()); for (Provider provider : providers) { if (!supportedProviders.contains(provider) ) { - throw new InvalidParameterValueException("Provider of type " + provider.getName() + throw new InvalidParameterValueException("Provider of type " + provider.getName() + " is not supported for network offerings that can be used in VPC"); } } //2) Only Isolated networks with Source nat service enabled can be added to vpc - if (!(guestNtwkOff.getGuestType() == GuestType.Isolated + if (!(guestNtwkOff.getGuestType() == GuestType.Isolated && supportedSvcs.contains(Service.SourceNat))) { throw new InvalidParameterValueException("Only network offerings of type " + GuestType.Isolated + " with service " @@ -1146,7 +1149,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis try { //check number of active networks in vpc if (_ntwkDao.countVpcNetworks(vpc.getId()) >= _maxNetworks) { - throw new CloudRuntimeException("Number of networks per VPC can't extend " + throw new CloudRuntimeException("Number of networks per VPC can't extend " + _maxNetworks + "; increase it using global config " + Config.VpcMaxNetworks); } @@ -1166,9 +1169,9 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis for (Network ntwk : ntwks) { assert (cidr != null) : "Why the network cidr is null when it belongs to vpc?"; - if (NetUtils.isNetworkAWithinNetworkB(ntwk.getCidr(), cidr) + if (NetUtils.isNetworkAWithinNetworkB(ntwk.getCidr(), cidr) || NetUtils.isNetworkAWithinNetworkB(cidr, ntwk.getCidr())) { - throw new InvalidParameterValueException("Network cidr " + cidr + " crosses other network cidr " + ntwk + + throw new InvalidParameterValueException("Network cidr " + cidr + " crosses other network cidr " + ntwk + " belonging to the same vpc " + vpc); } } @@ -1216,7 +1219,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis return _vpcDao.listByAccountId(accountId); } - public boolean cleanupVpcResources(long vpcId, Account caller, long callerUserId) + public boolean cleanupVpcResources(long vpcId, Account caller, long callerUserId) throws ResourceUnavailableException, ConcurrentOperationException { s_logger.debug("Cleaning up resources for vpc id=" + vpcId); boolean success = true; @@ -1239,12 +1242,12 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis _ipAddressDao.update(ipToRelease.getId(), ipToRelease); s_logger.debug("Portable IP address " + ipToRelease + " is no longer associated with any VPC"); } else { - success = success && _ntwkMgr.disassociatePublicIpAddress(ipToRelease.getId(), callerUserId, caller); + success = success && _ipAddrMgr.disassociatePublicIpAddress(ipToRelease.getId(), callerUserId, caller); if (!success) { s_logger.warn("Failed to cleanup ip " + ipToRelease + " as a part of vpc id=" + vpcId + " cleanup"); } } - } + } if (success) { s_logger.debug("Released ip addresses for vpc id=" + vpcId + " as a part of cleanup vpc process"); @@ -1281,7 +1284,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis @Override @ActionEvent(eventType = EventTypes.EVENT_VPC_RESTART, eventDescription = "restarting vpc") - public boolean restartVpc(long vpcId) throws ConcurrentOperationException, ResourceUnavailableException, + public boolean restartVpc(long vpcId) throws ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException { Account caller = CallContext.current().getCallingAccount(); @@ -1318,7 +1321,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis VpcVO vo = _vpcDao.findById(vpcId); vo.setRestartRequired(restartRequired); _vpcDao.update(vpc.getId(), vo); - } + } } @@ -1386,7 +1389,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis s_logger.debug("Creating Private gateway for VPC " + vpc); //1) create private network String networkName = "vpc-" + vpc.getName() + "-privateNetwork"; - Network privateNtwk = _ntwkSvc.createPrivateNetwork(networkName, networkName, physicalNetworkId, + Network privateNtwk = _ntwkSvc.createPrivateNetwork(networkName, networkName, physicalNetworkId, vlan, ipAddress, null, gateway, netmask, gatewayOwnerId, vpcId, isSourceNat); long networkAclId = NetworkACL.DEFAULT_DENY; @@ -1411,7 +1414,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis txn.commit(); - return getVpcPrivateGateway(gatewayVO.getId()); + return getVpcPrivateGateway(gatewayVO.getId()); } @@ -1449,9 +1452,9 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis } else { s_logger.warn("Failed to destroy vpc " + vo + " that failed to start"); } - } + } } - } + } } @Override @@ -1466,7 +1469,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis throw new ConcurrentOperationException("Unable to lock gateway " + gatewayId); } - try { + try { //don't allow to remove gateway when there are static routes associated with it long routeCount = _staticRouteDao.countRoutesByGateway(gatewayVO.getId()); if (routeCount > 0) { @@ -1498,7 +1501,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis if (gatewayVO != null) { _vpcGatewayDao.releaseFromLockTable(gatewayId); } - } + } } @DB @@ -1553,7 +1556,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis Long projectId = cmd.getProjectId(); Filter searchFilter = new Filter(VpcGatewayVO.class, "id", false, cmd.getStartIndex(), cmd.getPageSizeVal()); - Ternary domainIdRecursiveListProject = new Ternary domainIdRecursiveListProject = new Ternary(domainId, isRecursive, null); _accountMgr.buildACLSearchParameters(caller, id, accountName, projectId, permittedAccounts, domainIdRecursiveListProject, listAll, false); @@ -1571,7 +1574,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis } SearchCriteria sc = sb.create(); - _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria); + _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria); if (id != null) { sc.addAnd("id", Op.EQ, id); @@ -1642,11 +1645,11 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis s_logger.debug("Marked route " + route + " with state " + StaticRoute.State.Active); } } - } + } } return success; - } + } protected boolean applyStaticRoutes(List routes) throws ResourceUnavailableException{ if (routes.isEmpty()) { @@ -1802,7 +1805,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis Map tags = cmd.getTags(); Long projectId = cmd.getProjectId(); - Ternary domainIdRecursiveListProject = new Ternary domainIdRecursiveListProject = new Ternary(domainId, isRecursive, null); _accountMgr.buildACLSearchParameters(caller, id, accountName, projectId, permittedAccounts, domainIdRecursiveListProject, listAll, false); @@ -1831,7 +1834,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis } SearchCriteria sc = sb.create(); - _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria); + _accountMgr.buildACLSearchCriteria(sc, domainId, isRecursive, permittedAccounts, listProjectResourcesCriteria); if (id != null) { sc.addAnd("id", Op.EQ, id); @@ -1852,7 +1855,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis sc.setJoinParameters("tagSearch", "key" + String.valueOf(count), key); sc.setJoinParameters("tagSearch", "value" + String.valueOf(count), tags.get(key)); count++; - } + } } Pair, Integer> result = _staticRouteDao.searchAndCount(sc, searchFilter); @@ -1919,7 +1922,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis s_logger.info("Found " + inactiveVpcs.size() + " removed VPCs to cleanup"); for (VpcVO vpc : inactiveVpcs) { s_logger.debug("Cleaning up " + vpc); - destroyVpc(vpc, _accountMgr.getAccount(Account.ACCOUNT_ID_SYSTEM), User.UID_SYSTEM); + destroyVpc(vpc, _accountMgr.getAccount(Account.ACCOUNT_ID_SYSTEM), User.UID_SYSTEM); } } catch (Exception e) { s_logger.error("Exception ", e); @@ -1939,7 +1942,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis @DB @Override @ActionEvent(eventType = EventTypes.EVENT_NET_IP_ASSIGN, eventDescription = "associating Ip", async = true) - public IpAddress associateIPToVpc(long ipId, long vpcId) throws ResourceAllocationException, ResourceUnavailableException, + public IpAddress associateIPToVpc(long ipId, long vpcId) throws ResourceAllocationException, ResourceUnavailableException, InsufficientAddressCapacityException, ConcurrentOperationException { Account caller = CallContext.current().getCallingAccount(); Account owner = null; @@ -1977,7 +1980,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis _ipAddressDao.update(ipId, ip); //mark ip as allocated - _ntwkMgr.markPublicIpAsAllocated(ip); + _ipAddrMgr.markPublicIpAsAllocated(ip); txn.commit(); s_logger.debug("Successfully assigned ip " + ipToAssoc + " to vpc " + vpc); @@ -2003,9 +2006,9 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis boolean success = false; try { //unassign ip from the VPC router - success = _ntwkMgr.applyIpAssociations(_ntwkModel.getNetwork(networkId), true); + success = _ipAddrMgr.applyIpAssociations(_ntwkModel.getNetwork(networkId), true); } catch (ResourceUnavailableException ex) { - throw new CloudRuntimeException("Failed to apply ip associations for network id=" + networkId + + throw new CloudRuntimeException("Failed to apply ip associations for network id=" + networkId + " as a part of unassigning ip " + ipId + " from vpc", ex); } @@ -2014,7 +2017,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis _ipAddressDao.update(ipId, ip); s_logger.debug("IP address " + ip + " is no longer associated with the network inside vpc id=" + vpcId); } else { - throw new CloudRuntimeException("Failed to apply ip associations for network id=" + networkId + + throw new CloudRuntimeException("Failed to apply ip associations for network id=" + networkId + " as a part of unassigning ip " + ipId + " from vpc"); } s_logger.debug("Successfully released VPC ip address " + ip + " back to VPC pool "); @@ -2022,7 +2025,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis @Override public boolean isIpAllocatedToVpc(IpAddress ip) { - return (ip != null && ip.getVpcId() != null && + return (ip != null && ip.getVpcId() != null && (ip.isOneToOneNat() || !_firewallDao.listByIp(ip.getId()).isEmpty())); } @@ -2083,7 +2086,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis assert (sourceNatIp != null) : "How do we get a bunch of ip addresses but none of them are source nat? " + "account=" + ownerId + "; vpcId=" + vpcId; - } + } return sourceNatIp; } @@ -2113,7 +2116,7 @@ public class VpcManagerImpl extends ManagerBase implements VpcManager, VpcProvis if (sourceNatIp != null) { ipToReturn = PublicIp.createFromAddrAndVlan(sourceNatIp, _vlanDao.findById(sourceNatIp.getVlanId())); } else { - ipToReturn = _ntwkMgr.assignDedicateIpAddress(owner, null, vpc.getId(), dcId, true); + ipToReturn = _ipAddrMgr.assignDedicateIpAddress(owner, null, vpc.getId(), dcId, true); } return ipToReturn; diff --git a/server/src/com/cloud/user/AccountManagerImpl.java b/server/src/com/cloud/user/AccountManagerImpl.java index 2f11fae2c8c..341fa6bf444 100755 --- a/server/src/com/cloud/user/AccountManagerImpl.java +++ b/server/src/com/cloud/user/AccountManagerImpl.java @@ -82,6 +82,7 @@ import com.cloud.exception.OperationTimedoutException; import com.cloud.exception.PermissionDeniedException; import com.cloud.exception.ResourceUnavailableException; import com.cloud.network.IpAddress; +import com.cloud.network.IpAddressManager; import com.cloud.network.NetworkManager; import com.cloud.network.VpnUserVO; import com.cloud.network.as.AutoScaleManager; @@ -248,6 +249,8 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M private List _userAuthenticators; List _userPasswordEncoders; + protected IpAddressManager _ipAddrMgr; + private final ScheduledExecutorService _executor = Executors.newScheduledThreadPool(1, new NamedThreadFactory("AccountChecker")); int _allowedLoginAttempts; @@ -696,7 +699,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M List ipsToRelease = _ipAddressDao.listByAccount(accountId); for (IpAddress ip : ipsToRelease) { s_logger.debug("Releasing ip " + ip + " as a part of account id=" + accountId + " cleanup"); - if (!_networkMgr.disassociatePublicIpAddress(ip.getId(), callerUserId, caller)) { + if (!_ipAddrMgr.disassociatePublicIpAddress(ip.getId(), callerUserId, caller)) { s_logger.warn("Failed to release ip address " + ip + " as a part of account id=" + accountId + " clenaup"); accountCleanupNeeded = true; } @@ -740,7 +743,7 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M List portableIpsToRelease = _ipAddressDao.listByAccount(accountId); for (IpAddress ip : portableIpsToRelease) { s_logger.debug("Releasing portable ip " + ip + " as a part of account id=" + accountId + " cleanup"); - _networkMgr.releasePortableIpAddress(ip.getId()); + _ipAddrMgr.releasePortableIpAddress(ip.getId()); } //release dedication if any List dedicatedResources = _dedicatedDao.listByAccountId(accountId); diff --git a/server/src/org/apache/cloudstack/network/lb/ApplicationLoadBalancerManagerImpl.java b/server/src/org/apache/cloudstack/network/lb/ApplicationLoadBalancerManagerImpl.java index 560768c1a8f..cbdecdd5a98 100644 --- a/server/src/org/apache/cloudstack/network/lb/ApplicationLoadBalancerManagerImpl.java +++ b/server/src/org/apache/cloudstack/network/lb/ApplicationLoadBalancerManagerImpl.java @@ -5,7 +5,7 @@ // to you under the Apache License, Version 2.0 (the // "License"); you may not use this file except in compliance // with the License. You may obtain a copy of the License at -// +// // http://www.apache.org/licenses/LICENSE-2.0 // // Unless required by applicable law or agreed to in writing, @@ -24,15 +24,15 @@ import java.util.Map; import javax.ejb.Local; import javax.inject.Inject; +import org.apache.log4j.Logger; +import org.springframework.stereotype.Component; + import org.apache.cloudstack.acl.SecurityChecker.AccessType; import org.apache.cloudstack.api.command.user.loadbalancer.ListApplicationLoadBalancersCmd; import org.apache.cloudstack.context.CallContext; import org.apache.cloudstack.lb.ApplicationLoadBalancerRuleVO; import org.apache.cloudstack.lb.dao.ApplicationLoadBalancerRuleDao; -import org.apache.log4j.Logger; -import org.springframework.stereotype.Component; - import com.cloud.event.ActionEvent; import com.cloud.event.EventTypes; import com.cloud.event.UsageEventUtils; @@ -41,6 +41,7 @@ import com.cloud.exception.InsufficientVirtualNetworkCapcityException; import com.cloud.exception.InvalidParameterValueException; import com.cloud.exception.NetworkRuleConflictException; import com.cloud.exception.UnsupportedServiceException; +import com.cloud.network.IpAddressManager; import com.cloud.network.Network; import com.cloud.network.Network.Capability; import com.cloud.network.Network.Service; @@ -86,6 +87,8 @@ public class ApplicationLoadBalancerManagerImpl extends ManagerBase implements A @Inject FirewallRulesDao _firewallDao; @Inject ResourceTagDao _resourceTagDao; @Inject NetworkManager _ntwkMgr; + @Inject + IpAddressManager _ipAddrMgr; @Override @@ -238,7 +241,7 @@ public class ApplicationLoadBalancerManagerImpl extends ManagerBase implements A * @return * @throws InsufficientVirtualNetworkCapcityException */ - protected Ip getSourceIp(Scheme scheme, Network sourceIpNtwk, String requestedIp) throws InsufficientVirtualNetworkCapcityException { + protected Ip getSourceIp(Scheme scheme, Network sourceIpNtwk, String requestedIp) throws InsufficientVirtualNetworkCapcityException { if (requestedIp != null) { if (_lbDao.countBySourceIp(new Ip(requestedIp), sourceIpNtwk.getId()) > 0) { @@ -284,7 +287,7 @@ public class ApplicationLoadBalancerManagerImpl extends ManagerBase implements A * @return */ protected String allocateSourceIpForInternalLbRule(Network sourceIpNtwk, String requestedIp) { - return _ntwkMgr.acquireGuestIpAddress(sourceIpNtwk, requestedIp); + return _ipAddrMgr.acquireGuestIpAddress(sourceIpNtwk, requestedIp); } @@ -344,7 +347,7 @@ public class ApplicationLoadBalancerManagerImpl extends ManagerBase implements A protected Network validateSourceIpNtwkForInternalLbRule(Network sourceIpNtwk) { if (sourceIpNtwk.getTrafficType() != TrafficType.Guest) { throw new InvalidParameterValueException("Only traffic type " + TrafficType.Guest + " is supported"); - } + } //Can't create the LB rule if the network's cidr is NULL String ntwkCidr = sourceIpNtwk.getCidr(); @@ -444,7 +447,7 @@ public class ApplicationLoadBalancerManagerImpl extends ManagerBase implements A } if (networkId != null) { - sc.setParameters("networkId", networkId); + sc.setParameters("networkId", networkId); } if (tags != null && !tags.isEmpty()) { @@ -503,13 +506,13 @@ public class ApplicationLoadBalancerManagerImpl extends ManagerBase implements A + lbRule.getXid()); } - if ((lbRule.getSourcePortStart().intValue() <= newLbRule.getSourcePortStart().intValue() + if ((lbRule.getSourcePortStart().intValue() <= newLbRule.getSourcePortStart().intValue() && lbRule.getSourcePortEnd().intValue() >= newLbRule.getSourcePortStart().intValue()) - || (lbRule.getSourcePortStart().intValue() <= newLbRule.getSourcePortEnd().intValue() + || (lbRule.getSourcePortStart().intValue() <= newLbRule.getSourcePortEnd().intValue() && lbRule.getSourcePortEnd().intValue() >= newLbRule.getSourcePortEnd().intValue()) - || (newLbRule.getSourcePortStart().intValue() <= lbRule.getSourcePortStart().intValue() + || (newLbRule.getSourcePortStart().intValue() <= lbRule.getSourcePortStart().intValue() && newLbRule.getSourcePortEnd().intValue() >= lbRule.getSourcePortStart().intValue()) - || (newLbRule.getSourcePortStart().intValue() <= lbRule.getSourcePortEnd().intValue() + || (newLbRule.getSourcePortStart().intValue() <= lbRule.getSourcePortEnd().intValue() && newLbRule.getSourcePortEnd().intValue() >= lbRule.getSourcePortEnd().intValue())) { diff --git a/server/test/com/cloud/configuration/ConfigurationManagerTest.java b/server/test/com/cloud/configuration/ConfigurationManagerTest.java index eb362b7dff5..e6f415c8d08 100755 --- a/server/test/com/cloud/configuration/ConfigurationManagerTest.java +++ b/server/test/com/cloud/configuration/ConfigurationManagerTest.java @@ -52,6 +52,7 @@ import com.cloud.dc.VlanVO; import com.cloud.dc.dao.AccountVlanMapDao; import com.cloud.dc.dao.DataCenterDao; import com.cloud.dc.dao.VlanDao; +import com.cloud.network.IpAddressManager; import com.cloud.network.NetworkManager; import com.cloud.network.dao.FirewallRulesDao; import com.cloud.network.dao.IPAddressDao; @@ -88,6 +89,8 @@ public class ConfigurationManagerTest { @Mock IPAddressDao _publicIpAddressDao; @Mock DataCenterDao _zoneDao; @Mock FirewallRulesDao _firewallDao; + @Mock + IpAddressManager _ipAddrMgr; VlanVO vlan = new VlanVO(Vlan.VlanType.VirtualNetwork, "vlantag", "vlangateway","vlannetmask", 1L, "iprange", 1L, 1L, null, null, null); @@ -368,7 +371,7 @@ public class ConfigurationManagerTest { when(configurationMgr._firewallDao.countRulesByIpId(anyLong())).thenReturn(0L); - when(configurationMgr._networkMgr.disassociatePublicIpAddress(anyLong(), anyLong(), any(Account.class))).thenReturn(true); + when(configurationMgr._ipAddrMgr.disassociatePublicIpAddress(anyLong(), anyLong(), any(Account.class))).thenReturn(true); when(configurationMgr._vlanDao.releaseFromLockTable(anyLong())).thenReturn(true); diff --git a/server/test/com/cloud/network/firewall/FirewallManagerTest.java b/server/test/com/cloud/network/firewall/FirewallManagerTest.java index 33b6c73dbc4..de098bcc589 100644 --- a/server/test/com/cloud/network/firewall/FirewallManagerTest.java +++ b/server/test/com/cloud/network/firewall/FirewallManagerTest.java @@ -39,6 +39,7 @@ import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import com.cloud.exception.ResourceUnavailableException; +import com.cloud.network.IpAddressManager; import com.cloud.network.Network; import com.cloud.network.NetworkManager; import com.cloud.network.NetworkRuleApplier; @@ -106,21 +107,22 @@ public class FirewallManagerTest { @Test public void testApplyRules() { List ruleList = new ArrayList(); - FirewallRuleVO rule = - new FirewallRuleVO("rule1", 1, 80, "TCP", 1, 2, 1, + FirewallRuleVO rule = + new FirewallRuleVO("rule1", 1, 80, "TCP", 1, 2, 1, FirewallRule.Purpose.Firewall, null, null, null, null); ruleList.add(rule); FirewallManagerImpl firewallMgr = (FirewallManagerImpl)_firewallMgr; NetworkManager netMgr = mock(NetworkManager.class); + IpAddressManager addrMgr = mock(IpAddressManager.class); firewallMgr._networkMgr = netMgr; try { firewallMgr.applyRules(ruleList, false, false); - verify(netMgr) - .applyRules(any(List.class), - any(FirewallRule.Purpose.class), - any(NetworkRuleApplier.class), + verify(addrMgr) + .applyRules(any(List.class), + any(FirewallRule.Purpose.class), + any(NetworkRuleApplier.class), anyBoolean()); } catch (ResourceUnavailableException e) { @@ -131,14 +133,14 @@ public class FirewallManagerTest { @Test public void testApplyFWRules() { List ruleList = new ArrayList(); - FirewallRuleVO rule = - new FirewallRuleVO("rule1", 1, 80, "TCP", 1, 2, 1, + FirewallRuleVO rule = + new FirewallRuleVO("rule1", 1, 80, "TCP", 1, 2, 1, FirewallRule.Purpose.Firewall, null, null, null, null); ruleList.add(rule); FirewallManagerImpl firewallMgr = (FirewallManagerImpl)_firewallMgr; - VirtualRouterElement virtualRouter = + VirtualRouterElement virtualRouter = mock(VirtualRouterElement.class); - VpcVirtualRouterElement vpcVirtualRouter = + VpcVirtualRouterElement vpcVirtualRouter = mock(VpcVirtualRouterElement.class); List fwElements = new ArrayList(); diff --git a/server/test/com/cloud/vpc/MockNetworkManagerImpl.java b/server/test/com/cloud/vpc/MockNetworkManagerImpl.java index ce2660f3734..633c6328cb2 100644 --- a/server/test/com/cloud/vpc/MockNetworkManagerImpl.java +++ b/server/test/com/cloud/vpc/MockNetworkManagerImpl.java @@ -37,9 +37,6 @@ import org.apache.cloudstack.api.command.user.network.ListNetworksCmd; import org.apache.cloudstack.api.command.user.network.RestartNetworkCmd; import org.apache.cloudstack.api.command.user.vm.ListNicsCmd; -import com.cloud.dc.DataCenter; -import com.cloud.dc.Pod; -import com.cloud.dc.Vlan.VlanType; import com.cloud.deploy.DataCenterDeployment; import com.cloud.deploy.DeployDestination; import com.cloud.deploy.DeploymentPlan; @@ -56,15 +53,11 @@ import com.cloud.network.Network.Provider; import com.cloud.network.Network.Service; import com.cloud.network.NetworkManager; import com.cloud.network.NetworkProfile; -import com.cloud.network.NetworkRuleApplier; import com.cloud.network.NetworkService; import com.cloud.network.Networks.TrafficType; import com.cloud.network.PhysicalNetwork; import com.cloud.network.PhysicalNetworkServiceProvider; import com.cloud.network.PhysicalNetworkTrafficType; -import com.cloud.network.PublicIpAddress; -import com.cloud.network.addr.PublicIp; -import com.cloud.network.dao.IPAddressVO; import com.cloud.network.dao.NetworkServiceMapDao; import com.cloud.network.dao.NetworkVO; import com.cloud.network.element.DhcpServiceProvider; @@ -73,11 +66,7 @@ import com.cloud.network.element.NetworkElement; import com.cloud.network.element.StaticNatServiceProvider; import com.cloud.network.element.UserDataServiceProvider; import com.cloud.network.guru.NetworkGuru; -import com.cloud.network.rules.FirewallRule; -import com.cloud.network.rules.FirewallRule.Purpose; -import com.cloud.network.rules.FirewallRule.State; import com.cloud.network.rules.LoadBalancerContainer.Scheme; -import com.cloud.network.rules.StaticNat; import com.cloud.offering.NetworkOffering; import com.cloud.offerings.NetworkOfferingVO; import com.cloud.offerings.dao.NetworkOfferingServiceMapDao; @@ -198,12 +187,6 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage return null; } - @Override - public IpAddress allocatePortableIp(Account ipOwner, Account caller, long dcId, Long networkId, Long vpcID) - throws ConcurrentOperationException, ResourceAllocationException, InsufficientAddressCapacityException { - return null;// TODO Auto-generated method stub - } - @Override public IpAddress allocatePortableIP(Account ipOwner, int regionId, Long zoneId, Long networkId, Long vpcId) throws ResourceAllocationException, InsufficientAddressCapacityException, ConcurrentOperationException { @@ -214,17 +197,6 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage public boolean releasePortableIpAddress(long ipAddressId) { return false;// TODO Auto-generated method stub } - - @Override - public boolean isPortableIpTransferableFromNetwork(long ipAddrId, long networkId) { - return false; - } - - @Override - public void transferPortableIP(long ipAddrId, long currentNetworkId, long newNetworkId) throws ResourceAllocationException, ResourceUnavailableException, - InsufficientAddressCapacityException, ConcurrentOperationException { - } - /* (non-Javadoc) * @see com.cloud.network.NetworkService#releaseIpAddress(long) */ @@ -679,33 +651,6 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#assignPublicIpAddress(long, java.lang.Long, com.cloud.user.Account, com.cloud.dc.Vlan.VlanType, java.lang.Long, java.lang.String, boolean) - */ - @Override - public PublicIp assignPublicIpAddress(long dcId, Long podId, Account owner, VlanType type, Long networkId, - String requestedIp, boolean isSystem) throws InsufficientAddressCapacityException { - // TODO Auto-generated method stub - return null; - } - - - - - - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#disassociatePublicIpAddress(long, long, com.cloud.user.Account) - */ - @Override - public boolean disassociatePublicIpAddress(long id, long userId, Account caller) { - // TODO Auto-generated method stub - return false; - } - - - - - /* (non-Javadoc) * @see com.cloud.network.NetworkManager#setupNetwork(com.cloud.user.Account, com.cloud.offerings.NetworkOfferingVO, com.cloud.deploy.DeploymentPlan, java.lang.String, java.lang.String, boolean) */ @@ -816,21 +761,6 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage - - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#applyRules(java.util.List, com.cloud.network.rules.FirewallRule.Purpose, com.cloud.network.NetworkRuleApplier, boolean) - */ - @Override - public boolean applyRules(List rules, Purpose purpose, NetworkRuleApplier applier, - boolean continueOnError) throws ResourceUnavailableException { - // TODO Auto-generated method stub - return false; - } - - - - - /* (non-Javadoc) * @see com.cloud.network.NetworkManager#implementNetwork(long, com.cloud.deploy.DeployDestination, com.cloud.vm.ReservationContext) */ @@ -886,21 +816,6 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage return null; } - - - - - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#associateIpAddressListToAccount(long, long, long, java.lang.Long, com.cloud.network.Network) - */ - @Override - public boolean associateIpAddressListToAccount(long userId, long accountId, long zoneId, Long vlanId, - Network guestNetwork) throws InsufficientCapacityException, ConcurrentOperationException, - ResourceUnavailableException, ResourceAllocationException { - // TODO Auto-generated method stub - return false; - } - /* (non-Javadoc) * @see com.cloud.network.NetworkManager#getPasswordResetProvider(com.cloud.network.Network) */ @@ -917,30 +832,6 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage } - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#applyIpAssociations(com.cloud.network.Network, boolean) - */ - @Override - public boolean applyIpAssociations(Network network, boolean continueOnError) throws ResourceUnavailableException { - // TODO Auto-generated method stub - return false; - } - - - - - - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#applyIpAssociations(com.cloud.network.Network, boolean, boolean, java.util.List) - */ - @Override - public boolean applyIpAssociations(Network network, boolean rulesRevoked, boolean continueOnError, - List publicIps) throws ResourceUnavailableException { - // TODO Auto-generated method stub - return false; - } - - @@ -958,46 +849,6 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#markIpAsUnavailable(long) - */ - @Override - public IPAddressVO markIpAsUnavailable(long addrId) { - // TODO Auto-generated method stub - return null; - } - - - - - - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#acquireGuestIpAddress(com.cloud.network.Network, java.lang.String) - */ - @Override - public String acquireGuestIpAddress(Network network, String requestedIp) { - // TODO Auto-generated method stub - return null; - } - - - - - - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#applyStaticNats(java.util.List, boolean) - */ - @Override - public boolean applyStaticNats(List staticNats, boolean continueOnError, boolean forRevoke) - throws ResourceUnavailableException { - // TODO Auto-generated method stub - return false; - } - - - - - /* (non-Javadoc) * @see com.cloud.network.NetworkManager#reallocate(com.cloud.vm.VirtualMachineProfile, com.cloud.deploy.DataCenterDeployment) */ @@ -1007,66 +858,6 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage // TODO Auto-generated method stub return false; } - - - - - - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#assignSystemIp(long, com.cloud.user.Account, boolean, boolean) - */ - @Override - public IpAddress assignSystemIp(long networkId, Account owner, boolean forElasticLb, boolean forElasticIp) - throws InsufficientAddressCapacityException { - // TODO Auto-generated method stub - return null; - } - - - - - - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#handleSystemIpRelease(com.cloud.network.IpAddress) - */ - @Override - public boolean handleSystemIpRelease(IpAddress ip) { - // TODO Auto-generated method stub - return false; - } - - - - - - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#allocateDirectIp(com.cloud.vm.NicProfile, com.cloud.dc.DataCenter, com.cloud.vm.VirtualMachineProfile, com.cloud.network.Network, java.lang.String) - */ - @Override - public void allocateDirectIp(NicProfile nic, DataCenter dc, VirtualMachineProfile vm, - Network network, String requestedIpv4, String requestedIpv6) throws InsufficientVirtualNetworkCapcityException, - InsufficientAddressCapacityException { - // TODO Auto-generated method stub - } - - - - - - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#assignSourceNatIpAddressToGuestNetwork(com.cloud.user.Account, com.cloud.network.Network) - */ - @Override - public PublicIp assignSourceNatIpAddressToGuestNetwork(Account owner, Network guestNetwork) - throws InsufficientAddressCapacityException, ConcurrentOperationException { - // TODO Auto-generated method stub - return null; - } - - - - - /* (non-Javadoc) * @see com.cloud.network.NetworkManager#allocateNic(com.cloud.vm.NicProfile, com.cloud.network.Network, java.lang.Boolean, int, com.cloud.vm.VirtualMachineProfile) */ @@ -1107,33 +898,6 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage // TODO Auto-generated method stub } - - - - - - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#associateIPToGuestNetwork(long, long, boolean) - */ - @Override - public IPAddressVO associateIPToGuestNetwork(long ipAddrId, long networkId, boolean releaseOnFailure) - throws ResourceAllocationException, ResourceUnavailableException, InsufficientAddressCapacityException, - ConcurrentOperationException { - // TODO Auto-generated method stub - return null; - } - - @Override - public IPAddressVO associatePortableIPToGuestNetwork(long ipAddrId, long networkId, boolean releaseOnFailure) throws ResourceAllocationException, ResourceUnavailableException { - return null;// TODO Auto-generated method stub - } - - @Override - public IPAddressVO disassociatePortableIPToGuestNetwork(long ipAddrId, long networkId) throws ResourceAllocationException, ResourceUnavailableException, InsufficientAddressCapacityException, ConcurrentOperationException { - return null;// TODO Auto-generated method stub - } - - /* (non-Javadoc) * @see com.cloud.network.NetworkManager#setupDns(com.cloud.network.Network, com.cloud.network.Network.Provider) */ @@ -1166,31 +930,6 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage return null; } - - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#markPublicIpAsAllocated(com.cloud.network.IPAddressVO) - */ - @Override - public void markPublicIpAsAllocated(IPAddressVO addr) { - // TODO Auto-generated method stub - - } - - - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#assignDedicateIpAddress(com.cloud.user.Account, java.lang.Long, java.lang.Long, long, boolean) - */ - @Override - public PublicIp assignDedicateIpAddress(Account owner, Long guestNtwkId, Long vpcId, long dcId, boolean isSourceNat) - throws ConcurrentOperationException, InsufficientAddressCapacityException { - // TODO Auto-generated method stub - return null; - } - - - - - /* (non-Javadoc) * @see com.cloud.network.NetworkManager#convertNetworkToNetworkProfile(long) */ @@ -1256,20 +995,6 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#allocateIp(com.cloud.user.Account, boolean, com.cloud.user.Account, com.cloud.dc.DataCenter) - */ - @Override - public IpAddress allocateIp(Account ipOwner, boolean isSystem, Account caller, long callerId, DataCenter zone) - throws ConcurrentOperationException, ResourceAllocationException, InsufficientAddressCapacityException { - // TODO Auto-generated method stub - return null; - } - - - - - /* (non-Javadoc) * @see com.cloud.network.NetworkManager#finalizeServicesAndProvidersForNetwork(com.cloud.offering.NetworkOffering, java.lang.Long) */ @@ -1296,13 +1021,6 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage // TODO Auto-generated method stub return null; } - - @Override - public int getRuleCountForIp(Long addressId, Purpose purpose, State state) { - // TODO Auto-generated method stub - return 0; - } - @Override public LoadBalancingServiceProvider getLoadBalancingProviderForNetwork(Network network, Scheme lbScheme) { // TODO Auto-generated method stub @@ -1351,22 +1069,6 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage - @Override - public String allocateGuestIP(Account ipOwner, boolean isSystem, - long zoneId, Long networkId, String requestedIp) - throws InsufficientAddressCapacityException { - // TODO Auto-generated method stub - return null; - } - - - - - - - - - @Override public List listVmNics(Long vmId, Long nicId) { // TODO Auto-generated method stub @@ -1389,15 +1091,6 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage } - @Override - public String allocatePublicIpForGuestNic(Long networkId, DataCenter dc, - Pod pod, Account caller, String requestedIp) - throws InsufficientAddressCapacityException { - // TODO Auto-generated method stub - return null; - } - - @Override public NicVO savePlaceholderNic(Network network, String ip4Address, String ip6Address, Type vmType) { // TODO Auto-generated method stub @@ -1409,11 +1102,6 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage return null; //To change body of implemented methods use File | Settings | File Templates. } - @Override - public PublicIp assignPublicIpAddressFromVlans(long dcId, Long podId, Account owner, VlanType type, List vlanDbIds, Long networkId, String requestedIp, boolean isSystem) throws InsufficientAddressCapacityException { - return null; //To change body of implemented methods use File | Settings | File Templates. - } - @Override public void removeDhcpServiceInSubnet(NicVO nic) { //To change body of implemented methods use File | Settings | File Templates.