apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-11-02 11:52:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

RulesManager interface: changed visibility for methods that are being called only from RulesManagerImpl class, from public and defined in the interface, to private/protected

Browse Source
This commit is contained in:
Alena Prokharchyk 2013-05-28 16:00:46 -07:00
parent 9378820b9e
commit 0ea409546e
5 changed files with 36 additions and 282 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

194
server/src/com/cloud/api/ApiResponseHelper.java
View File

@ -29,35 +29,10 @@ import java.util.HashSet;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.TimeZone;
import javax.inject.Inject;
import com.cloud.network.GuestVlan;
import com.cloud.network.IpAddress;
import com.cloud.network.Network;
import com.cloud.network.NetworkModel;
import com.cloud.network.NetworkProfile;
import com.cloud.network.PhysicalNetwork;
import com.cloud.network.PhysicalNetworkServiceProvider;
import com.cloud.network.PhysicalNetworkTrafficType;
import com.cloud.network.RemoteAccessVpn;
import com.cloud.network.Site2SiteCustomerGateway;
import com.cloud.network.Site2SiteVpnConnection;
import com.cloud.network.Site2SiteVpnGateway;
import com.cloud.network.VirtualRouterProvider;
import com.cloud.network.VpnUser;
import com.cloud.network.VpnUserVO;
import com.cloud.network.dao.LoadBalancerVO;
import com.cloud.network.rules.FirewallRule;
import com.cloud.network.rules.FirewallRuleVO;
import com.cloud.network.rules.HealthCheckPolicy;
import com.cloud.network.rules.LoadBalancer;
import com.cloud.network.rules.PortForwardingRule;
import com.cloud.network.rules.PortForwardingRuleVO;
import com.cloud.network.rules.StaticNatRule;
import com.cloud.network.rules.StickinessPolicy;
import org.apache.cloudstack.acl.ControlledEntity;
import org.apache.cloudstack.acl.ControlledEntity.ACLType;
import org.apache.cloudstack.affinity.AffinityGroup;
@ -165,7 +140,6 @@ import org.apache.cloudstack.network.lb.ApplicationLoadBalancerRule;
import org.apache.cloudstack.region.PortableIp;
import org.apache.cloudstack.region.PortableIpRange;
import org.apache.cloudstack.region.Region;
import org.apache.cloudstack.storage.datastore.db.StoragePoolVO;
import org.apache.cloudstack.usage.Usage;
import org.apache.cloudstack.usage.UsageService;
import org.apache.cloudstack.usage.UsageTypes;
@ -217,11 +191,26 @@ import com.cloud.event.Event;
import com.cloud.host.Host;
import com.cloud.host.HostVO;
import com.cloud.hypervisor.HypervisorCapabilities;
import com.cloud.network.GuestVlan;
import com.cloud.network.IpAddress;
import com.cloud.network.Network;
import com.cloud.network.Network.Capability;
import com.cloud.network.Network.Provider;
import com.cloud.network.Network.Service;
import com.cloud.network.NetworkModel;
import com.cloud.network.NetworkProfile;
import com.cloud.network.Networks.IsolationType;
import com.cloud.network.Networks.TrafficType;
import com.cloud.network.PhysicalNetwork;
import com.cloud.network.PhysicalNetworkServiceProvider;
import com.cloud.network.PhysicalNetworkTrafficType;
import com.cloud.network.RemoteAccessVpn;
import com.cloud.network.Site2SiteCustomerGateway;
import com.cloud.network.Site2SiteVpnConnection;
import com.cloud.network.Site2SiteVpnGateway;
import com.cloud.network.VirtualRouterProvider;
import com.cloud.network.VpnUser;
import com.cloud.network.VpnUserVO;
import com.cloud.network.as.AutoScalePolicy;
import com.cloud.network.as.AutoScaleVmGroup;
import com.cloud.network.as.AutoScaleVmProfile;
@ -230,10 +219,19 @@ import com.cloud.network.as.Condition;
import com.cloud.network.as.ConditionVO;
import com.cloud.network.as.Counter;
import com.cloud.network.dao.IPAddressVO;
import com.cloud.network.dao.LoadBalancerVO;
import com.cloud.network.dao.NetworkVO;
import com.cloud.network.dao.PhysicalNetworkVO;
import com.cloud.network.router.VirtualRouter;
import com.cloud.network.rules.FirewallRule;
import com.cloud.network.rules.FirewallRuleVO;
import com.cloud.network.rules.HealthCheckPolicy;
import com.cloud.network.rules.LoadBalancer;
import com.cloud.network.rules.LoadBalancerContainer.Scheme;
import com.cloud.network.rules.PortForwardingRule;
import com.cloud.network.rules.PortForwardingRuleVO;
import com.cloud.network.rules.StaticNatRule;
import com.cloud.network.rules.StickinessPolicy;
import com.cloud.network.security.SecurityGroup;
import com.cloud.network.security.SecurityGroupVO;
import com.cloud.network.security.SecurityRule;
@ -254,7 +252,6 @@ import com.cloud.projects.Project;
import com.cloud.projects.ProjectAccount;
import com.cloud.projects.ProjectInvitation;
import com.cloud.region.ha.GlobalLoadBalancerRule;
import com.cloud.server.Criteria;
import com.cloud.server.ResourceTag;
import com.cloud.server.ResourceTag.TaggedResourceType;
import com.cloud.service.ServiceOfferingVO;
@ -265,7 +262,6 @@ import com.cloud.storage.S3;
import com.cloud.storage.Snapshot;
import com.cloud.storage.SnapshotVO;
import com.cloud.storage.Storage.ImageFormat;
import com.cloud.storage.Storage.StoragePoolType;
import com.cloud.storage.Storage.TemplateType;
import com.cloud.storage.StoragePool;
import com.cloud.storage.Swift;
@ -1875,148 +1871,6 @@ public class ApiResponseHelper implements ResponseGenerator {
return ApiDBUtils.newEventResponse(vEvent);
}
private List<CapacityVO> sumCapacities(List<? extends Capacity> hostCapacities) {
Map<String, Long> totalCapacityMap = new HashMap<String, Long>();
Map<String, Long> usedCapacityMap = new HashMap<String, Long>();
Set<Long> poolIdsToIgnore = new HashSet<Long>();
Criteria c = new Criteria();
// TODO: implement
List<? extends StoragePoolVO> allStoragePools = ApiDBUtils.searchForStoragePools(c);
for (StoragePoolVO pool : allStoragePools) {
StoragePoolType poolType = pool.getPoolType();
if (!(poolType.isShared())) {// All the non shared storages shouldn't show up in the capacity calculation
poolIdsToIgnore.add(pool.getId());
}
}
float cpuOverprovisioningFactor = ApiDBUtils.getCpuOverprovisioningFactor();
// collect all the capacity types, sum allocated/used and sum total...get one capacity number for each
for (Capacity capacity : hostCapacities) {
// check if zone exist
DataCenter zone = ApiDBUtils.findZoneById(capacity.getDataCenterId());
if (zone == null) {
continue;
}
short capacityType = capacity.getCapacityType();
// If local storage then ignore
if ((capacityType == Capacity.CAPACITY_TYPE_STORAGE_ALLOCATED || capacityType == Capacity.CAPACITY_TYPE_STORAGE)
&& poolIdsToIgnore.contains(capacity.getHostOrPoolId())) {
continue;
}
String key = capacity.getCapacityType() + "_" + capacity.getDataCenterId();
String keyForPodTotal = key + "_-1";
boolean sumPodCapacity = false;
if (capacity.getPodId() != null) {
key += "_" + capacity.getPodId();
sumPodCapacity = true;
}
Long totalCapacity = totalCapacityMap.get(key);
Long usedCapacity = usedCapacityMap.get(key);
// reset overprovisioning factor to 1
float overprovisioningFactor = 1;
if (capacityType == Capacity.CAPACITY_TYPE_CPU) {
overprovisioningFactor = cpuOverprovisioningFactor;
}
if (totalCapacity == null) {
totalCapacity = new Long((long) (capacity.getTotalCapacity() * overprovisioningFactor));
} else {
totalCapacity = new Long((long) (capacity.getTotalCapacity() * overprovisioningFactor)) + totalCapacity;
}
if (usedCapacity == null) {
usedCapacity = new Long(capacity.getUsedCapacity());
} else {
usedCapacity = new Long(capacity.getUsedCapacity() + usedCapacity);
}
if (capacityType == Capacity.CAPACITY_TYPE_CPU || capacityType == Capacity.CAPACITY_TYPE_MEMORY) { // Reserved
// Capacity
// accounts
// for
// stopped
// vms
// that
// have been
// stopped
// within
// an
// interval
usedCapacity += capacity.getReservedCapacity();
}
totalCapacityMap.put(key, totalCapacity);
usedCapacityMap.put(key, usedCapacity);
if (sumPodCapacity) {
totalCapacity = totalCapacityMap.get(keyForPodTotal);
usedCapacity = usedCapacityMap.get(keyForPodTotal);
overprovisioningFactor = 1;
if (capacityType == Capacity.CAPACITY_TYPE_CPU) {
overprovisioningFactor = cpuOverprovisioningFactor;
}
if (totalCapacity == null) {
totalCapacity = new Long((long) (capacity.getTotalCapacity() * overprovisioningFactor));
} else {
totalCapacity = new Long((long) (capacity.getTotalCapacity() * overprovisioningFactor)) + totalCapacity;
}
if (usedCapacity == null) {
usedCapacity = new Long(capacity.getUsedCapacity());
} else {
usedCapacity = new Long(capacity.getUsedCapacity() + usedCapacity);
}
if (capacityType == Capacity.CAPACITY_TYPE_CPU || capacityType == Capacity.CAPACITY_TYPE_MEMORY) { // Reserved
// Capacity
// accounts
// for
// stopped
// vms
// that
// have
// been
// stopped
// within
// an
// interval
usedCapacity += capacity.getReservedCapacity();
}
totalCapacityMap.put(keyForPodTotal, totalCapacity);
usedCapacityMap.put(keyForPodTotal, usedCapacity);
}
}
List<CapacityVO> summedCapacities = new ArrayList<CapacityVO>();
for (String key : totalCapacityMap.keySet()) {
CapacityVO summedCapacity = new CapacityVO();
StringTokenizer st = new StringTokenizer(key, "_");
summedCapacity.setCapacityType(Short.parseShort(st.nextToken()));
summedCapacity.setDataCenterId(Long.parseLong(st.nextToken()));
if (st.hasMoreTokens()) {
summedCapacity.setPodId(Long.parseLong(st.nextToken()));
}
summedCapacity.setTotalCapacity(totalCapacityMap.get(key));
summedCapacity.setUsedCapacity(usedCapacityMap.get(key));
summedCapacities.add(summedCapacity);
}
return summedCapacities;
}
@Override
public List<CapacityResponse> createCapacityResponse(List<? extends Capacity> result, DecimalFormat format) {

5
server/src/com/cloud/api/ApiServer.java
View File

@ -65,7 +65,6 @@ import org.apache.cloudstack.api.command.admin.host.ListHostsCmd;
import org.apache.cloudstack.api.command.admin.router.ListRoutersCmd;
import org.apache.cloudstack.api.command.admin.storage.ListStoragePoolsCmd;
import org.apache.cloudstack.api.command.admin.user.ListUsersCmd;
import com.cloud.event.ActionEventUtils;
import org.apache.cloudstack.api.command.user.account.ListAccountsCmd;
import org.apache.cloudstack.api.command.user.account.ListProjectAccountsCmd;
import org.apache.cloudstack.api.command.user.event.ListEventsCmd;
@ -81,7 +80,6 @@ import org.apache.cloudstack.api.command.user.volume.ListVolumesCmd;
import org.apache.cloudstack.api.command.user.zone.ListZonesByCmd;
import org.apache.cloudstack.api.response.ExceptionResponse;
import org.apache.cloudstack.api.response.ListResponse;
import org.apache.cloudstack.region.RegionManager;
import org.apache.commons.codec.binary.Base64;
import org.apache.http.ConnectionClosedException;
import org.apache.http.HttpException;
@ -123,6 +121,7 @@ import com.cloud.configuration.ConfigurationVO;
import com.cloud.configuration.dao.ConfigurationDao;
import com.cloud.domain.Domain;
import com.cloud.domain.DomainVO;
import com.cloud.event.ActionEventUtils;
import com.cloud.exception.AccountLimitException;
import com.cloud.exception.CloudAuthenticationException;
import com.cloud.exception.InsufficientCapacityException;
@ -167,8 +166,6 @@ public class ApiServer extends ManagerBase implements HttpRequestHandler, ApiSer
@Inject List<PluggableService> _pluggableServices;
@Inject List<APIChecker> _apiAccessCheckers;
@Inject private final RegionManager _regionMgr = null;
private static int _workerCount = 0;
private static ApiServer s_instance = null;
private static final DateFormat _dateFormat = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ssZ");

1
server/src/com/cloud/network/firewall/FirewallManagerImpl.java
View File

@ -159,6 +159,7 @@ public class FirewallManagerImpl extends ManagerBase implements FirewallService,
rule.getIcmpType(), null, rule.getType(), rule.getNetworkId(), rule.getTrafficType());
}
@Override
public FirewallRule createIngressFirewallRule(FirewallRule rule) throws NetworkRuleConflictException {
Account caller = UserContext.current().getCaller();
Long sourceIpAddressId = rule.getSourceIpAddressId();

27
server/src/com/cloud/network/rules/RulesManager.java
View File

@ -32,47 +32,20 @@ import com.cloud.vm.VirtualMachine;
*/
public interface RulesManager extends RulesService {
boolean applyPortForwardingRules(long ipAddressId, boolean continueOnError, Account caller);
boolean applyStaticNatRulesForIp(long sourceIpId, boolean continueOnError, Account caller, boolean forRevoke);
boolean applyPortForwardingRulesForNetwork(long networkId, boolean continueOnError, Account caller);
boolean applyStaticNatRulesForNetwork(long networkId, boolean continueOnError, Account caller);
void checkIpAndUserVm(IpAddress ipAddress, UserVm userVm, Account caller);
void checkRuleAndUserVm(FirewallRule rule, UserVm userVm, Account caller);
boolean revokeAllPFAndStaticNatRulesForIp(long ipId, long userId, Account caller) throws ResourceUnavailableException;
boolean revokeAllPFStaticNatRulesForNetwork(long networkId, long userId, Account caller) throws ResourceUnavailableException;
List<? extends FirewallRule> listFirewallRulesByIp(long ipAddressId);
/**
* Returns a list of port forwarding rules that are ready for application
* to the network elements for this ip.
*
* @param ip
* @return List of PortForwardingRule
*/
List<? extends PortForwardingRule> listPortForwardingRulesForApplication(long ipId);
List<? extends PortForwardingRule> gatherPortForwardingRulesForApplication(List<? extends IpAddress> addrs);
boolean revokePortForwardingRulesForVm(long vmId);
boolean revokeStaticNatRulesForVm(long vmId);
FirewallRule[] reservePorts(IpAddress ip, String protocol, FirewallRule.Purpose purpose, boolean openFirewall, Account caller, int... ports) throws NetworkRuleConflictException;
boolean releasePorts(long ipId, String protocol, FirewallRule.Purpose purpose, int... ports);
List<PortForwardingRuleVO> listByNetworkId(long networkId);
boolean applyStaticNatForIp(long sourceIpId, boolean continueOnError, Account caller, boolean forRevoke);
boolean applyStaticNatsForNetwork(long networkId, boolean continueOnError, Account caller);
void getSystemIpAndEnableStaticNatForVm(VirtualMachine vm, boolean getNewIp) throws InsufficientAddressCapacityException;

91
server/src/com/cloud/network/rules/RulesManagerImpl.java
View File

@ -24,7 +24,6 @@ import java.util.Set;
import javax.ejb.Local;
import javax.inject.Inject;
import javax.naming.ConfigurationException;
import org.apache.cloudstack.api.command.user.firewall.ListPortForwardingRulesCmd;
import org.apache.log4j.Logger;
@ -54,7 +53,6 @@ import com.cloud.network.dao.LoadBalancerVMMapDao;
import com.cloud.network.dao.LoadBalancerVMMapVO;
import com.cloud.network.rules.FirewallRule.FirewallRuleType;
import com.cloud.network.rules.FirewallRule.Purpose;
import com.cloud.network.rules.FirewallRule.TrafficType;
import com.cloud.network.rules.dao.PortForwardingRulesDao;
import com.cloud.network.vpc.VpcManager;
import com.cloud.offering.NetworkOffering;
@ -69,7 +67,6 @@ import com.cloud.user.UserContext;
import com.cloud.uservm.UserVm;
import com.cloud.utils.Pair;
import com.cloud.utils.Ternary;
import com.cloud.utils.component.Manager;
import com.cloud.utils.component.ManagerBase;
import com.cloud.utils.db.DB;
import com.cloud.utils.db.Filter;
@ -139,8 +136,8 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules
@Inject
LoadBalancerVMMapDao _loadBalancerVMMapDao;
@Override
public void checkIpAndUserVm(IpAddress ipAddress, UserVm userVm, Account caller) {
protected void checkIpAndUserVm(IpAddress ipAddress, UserVm userVm, Account caller) {
if (ipAddress == null || ipAddress.getAllocatedTime() == null || ipAddress.getAllocatedToAccountId() == null) {
throw new InvalidParameterValueException("Unable to create ip forwarding rule on address " + ipAddress + ", invalid IP address specified.");
}
@ -706,6 +703,7 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules
return true;
}
private boolean revokeStaticNatRuleInternal(long ruleId, Account caller, long userId, boolean apply) {
FirewallRuleVO rule = _firewallDao.findById(ruleId);
@ -756,45 +754,6 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules
return success;
}
@Override
public boolean revokeStaticNatRulesForVm(long vmId) {
boolean success = true;
UserVmVO vm = _vmDao.findByIdIncludingRemoved(vmId);
if (vm == null) {
return false;
}
List<FirewallRuleVO> rules = _firewallDao.listStaticNatByVmId(vm.getId());
Set<Long> ipsToReprogram = new HashSet<Long>();
if (rules == null || rules.isEmpty()) {
s_logger.debug("No static nat rules are found for vm id=" + vmId);
return true;
}
for (FirewallRuleVO rule : rules) {
// mark static nat as Revoked, but don't revoke it yet (apply = false)
revokeStaticNatRuleInternal(rule.getId(), _accountMgr.getSystemAccount(), Account.ACCOUNT_ID_SYSTEM, false);
ipsToReprogram.add(rule.getSourceIpAddressId());
}
// apply rules for all ip addresses
for (Long ipId : ipsToReprogram) {
s_logger.debug("Applying static nat rules for ip address id=" + ipId + " as a part of vm expunge");
if (!applyStaticNatRulesForIp(ipId, true, _accountMgr.getSystemAccount(), true)) {
success = false;
s_logger.warn("Failed to apply static nat rules for ip id=" + ipId);
}
}
return success;
}
@Override
public List<? extends PortForwardingRule> listPortForwardingRulesForApplication(long ipId) {
return _portForwardingDao.listForApplication(ipId);
}
@Override
public Pair<List<? extends PortForwardingRule>, Integer> listPortForwardingRules(ListPortForwardingRulesCmd cmd) {
@ -872,8 +831,8 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules
return _firewallCidrsDao.getSourceCidrs(ruleId);
}
@Override
public boolean applyPortForwardingRules(long ipId, boolean continueOnError, Account caller) {
protected boolean applyPortForwardingRules(long ipId, boolean continueOnError, Account caller) {
List<PortForwardingRuleVO> rules = _portForwardingDao.listForApplication(ipId);
if (rules.size() == 0) {
@ -897,8 +856,8 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules
return true;
}
@Override
public boolean applyStaticNatRulesForIp(long sourceIpId, boolean continueOnError, Account caller, boolean forRevoke) {
protected boolean applyStaticNatRulesForIp(long sourceIpId, boolean continueOnError, Account caller, boolean forRevoke) {
List<? extends FirewallRule> rules = _firewallDao.listByIpAndPurpose(sourceIpId, Purpose.StaticNat);
List<StaticNatRule> staticNatRules = new ArrayList<StaticNatRule>();
@ -1172,15 +1131,6 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules
return success && rules.size() == 0;
}
@Override
public List<? extends FirewallRule> listFirewallRulesByIp(long ipId) {
return null;
}
@Override
public boolean releasePorts(long ipId, String protocol, FirewallRule.Purpose purpose, int... ports) {
return _firewallDao.releasePorts(ipId, protocol, purpose, ports);
}
@Override
@DB
@ -1221,29 +1171,8 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules
}
}
@Override
public List<? extends PortForwardingRule> gatherPortForwardingRulesForApplication(List<? extends IpAddress> addrs) {
List<PortForwardingRuleVO> allRules = new ArrayList<PortForwardingRuleVO>();
for (IpAddress addr : addrs) {
if (!addr.readyToUse()) {
if (s_logger.isDebugEnabled()) {
s_logger.debug("Skipping " + addr + " because it is not ready for propation yet.");
}
continue;
}
allRules.addAll(_portForwardingDao.listForApplication(addr.getId()));
}
if (s_logger.isDebugEnabled()) {
s_logger.debug("Found " + allRules.size() + " rules to apply for the addresses.");
}
return allRules;
}
@Override
public List<PortForwardingRuleVO> listByNetworkId(long networkId) {
private List<PortForwardingRuleVO> listByNetworkId(long networkId) {
return _portForwardingDao.listByNetwork(networkId);
}
@ -1367,8 +1296,8 @@ public class RulesManagerImpl extends ManagerBase implements RulesManager, Rules
return new StaticNatRuleImpl(ruleVO, dstIp);
}
@Override
public boolean applyStaticNatForIp(long sourceIpId, boolean continueOnError, Account caller, boolean forRevoke) {
protected boolean applyStaticNatForIp(long sourceIpId, boolean continueOnError, Account caller, boolean forRevoke) {
IpAddress sourceIp = _ipAddressDao.findById(sourceIpId);
List<StaticNat> staticNats = createStaticNatForIp(sourceIp, caller, forRevoke);