mirror of
https://github.com/apache/cloudstack.git
synced 2025-11-02 20:02:29 +01:00
NaaS: Add portforwarding and staticnat service provider
Make them service rather than capability of firewall. Now firewall only means open/close the port.
This commit is contained in:
Sheng Yang
parent
4ce2bf2f89
commit
3fc9b149e4
@ -266,6 +266,8 @@ public class ApiConstants {
|
||||
public static final String DHCP_SERVICE = "dhcpservice";
|
||||
public static final String DNS_SERVICE = "dnsservice";
|
||||
public static final String SOURCE_NAT_SERVICE = "sourcenatservice";
|
||||
public static final String STATIC_NAT_SERVICE = "staticnatservice";
|
||||
public static final String PORT_FORWARDING_SERVICE = "staticnatservice";
|
||||
public static final String VPN_SERVICE = "vpnservice";
|
||||
public static final String USERDATA_SERVICE = "userdataservice";
|
||||
public static final String LB_SERVICE = "lbservice";
|
||||
|
||||
@ -91,6 +91,12 @@ public class CreateNetworkOfferingCmd extends BaseCmd {
|
||||
@Parameter(name=ApiConstants.SOURCE_NAT_SERVICE, type=CommandType.BOOLEAN, description="true if network offering supports source nat service")
|
||||
private Boolean sourceNatService;
|
||||
|
||||
@Parameter(name=ApiConstants.STATIC_NAT_SERVICE, type=CommandType.BOOLEAN, description="true if network offering supports source nat service")
|
||||
private Boolean staticNatService;
|
||||
|
||||
@Parameter(name=ApiConstants.PORT_FORWARDING_SERVICE, type=CommandType.BOOLEAN, description="true if network offering supports source nat service")
|
||||
private Boolean portForwardingService;
|
||||
|
||||
@Parameter(name=ApiConstants.VPN_SERVICE, type=CommandType.BOOLEAN, description="true if network offering supports vpn service")
|
||||
private Boolean vpnService;
|
||||
|
||||
@ -175,6 +181,14 @@ public class CreateNetworkOfferingCmd extends BaseCmd {
|
||||
return sourceNatService == null ? false : sourceNatService;
|
||||
}
|
||||
|
||||
public Boolean getStaticNatService() {
|
||||
return staticNatService == null ? false : staticNatService;
|
||||
}
|
||||
|
||||
public Boolean getPortForwardingService() {
|
||||
return portForwardingService == null ? false : portForwardingService;
|
||||
}
|
||||
|
||||
public Boolean getVpnService() {
|
||||
return vpnService == null ? false : vpnService;
|
||||
}
|
||||
|
||||
@ -80,6 +80,12 @@ public class UpdateNetworkOfferingCmd extends BaseCmd {
|
||||
@Parameter(name=ApiConstants.SOURCE_NAT_SERVICE, type=CommandType.BOOLEAN, description="true is network offering supports source nat service")
|
||||
private Boolean sourceNatService;
|
||||
|
||||
@Parameter(name=ApiConstants.STATIC_NAT_SERVICE, type=CommandType.BOOLEAN, description="true if network offering supports source nat service")
|
||||
private Boolean staticNatService;
|
||||
|
||||
@Parameter(name=ApiConstants.PORT_FORWARDING_SERVICE, type=CommandType.BOOLEAN, description="true if network offering supports source nat service")
|
||||
private Boolean portForwardingService;
|
||||
|
||||
@Parameter(name=ApiConstants.VPN_SERVICE, type=CommandType.BOOLEAN, description="true is network offering supports vpn service")
|
||||
private Boolean vpnService;
|
||||
|
||||
@ -140,6 +146,14 @@ public class UpdateNetworkOfferingCmd extends BaseCmd {
|
||||
return sourceNatService == null ? false : sourceNatService;
|
||||
}
|
||||
|
||||
public Boolean getStaticNatService() {
|
||||
return staticNatService == null ? false : staticNatService;
|
||||
}
|
||||
|
||||
public Boolean getPortForwardingService() {
|
||||
return portForwardingService == null ? false : portForwardingService;
|
||||
}
|
||||
|
||||
public Boolean getVpnService() {
|
||||
return vpnService == null ? false : vpnService;
|
||||
}
|
||||
|
||||
@ -51,10 +51,12 @@ public interface Network extends ControlledEntity {
|
||||
public static final Service Dhcp = new Service("Dhcp");
|
||||
public static final Service Dns = new Service("Dns", Capability.AllowDnsSuffixModification);
|
||||
public static final Service Gateway = new Service("Gateway");
|
||||
public static final Service Firewall = new Service("Firewall", Capability.PortForwarding, Capability.StaticNat, Capability.SupportedProtocols, Capability.MultipleIps, Capability.SupportedSourceNatTypes, Capability.TrafficStatistics);
|
||||
public static final Service Firewall = new Service("Firewall", Capability.SupportedProtocols, Capability.MultipleIps, Capability.SupportedSourceNatTypes, Capability.TrafficStatistics);
|
||||
public static final Service Lb = new Service("Lb", Capability.SupportedLBAlgorithms, Capability.SupportedProtocols, Capability.TrafficStatistics, Capability.LoadBalancingSupportedIps);
|
||||
public static final Service UserData = new Service("UserData");
|
||||
public static final Service SourceNat = new Service("SourceNat");
|
||||
public static final Service StaticNat = new Service("StaticNat");
|
||||
public static final Service PortForwarding = new Service("PortForwarding");
|
||||
public static final Service SecurityGroup = new Service("SecurityGroup");
|
||||
|
||||
private String name;
|
||||
@ -154,8 +156,6 @@ public interface Network extends ControlledEntity {
|
||||
|
||||
public static class Capability {
|
||||
|
||||
public static final Capability PortForwarding = new Capability("PortForwarding");
|
||||
public static final Capability StaticNat = new Capability("StaticNat");
|
||||
public static final Capability SupportedProtocols = new Capability("SupportedProtocols");
|
||||
public static final Capability SupportedLBAlgorithms = new Capability("SupportedLbAlgorithms");
|
||||
public static final Capability MultipleIps = new Capability("MultipleIps");
|
||||
|
||||
@ -2872,6 +2872,14 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
|
||||
serviceProviderMap.put(Network.Service.SourceNat, defaultProviders);
|
||||
}
|
||||
|
||||
if (cmd.getStaticNatService()) {
|
||||
serviceProviderMap.put(Network.Service.StaticNat, defaultProviders);
|
||||
}
|
||||
|
||||
if (cmd.getPortForwardingService()) {
|
||||
serviceProviderMap.put(Network.Service.PortForwarding, defaultProviders);
|
||||
}
|
||||
|
||||
if (cmd.getUserdataService()) {
|
||||
serviceProviderMap.put(Network.Service.UserData, defaultProviders);
|
||||
}
|
||||
@ -3185,6 +3193,14 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
|
||||
serviceProviderMap.put(Network.Service.SourceNat, defaultProviders);
|
||||
}
|
||||
|
||||
if (cmd.getStaticNatService()) {
|
||||
serviceProviderMap.put(Network.Service.StaticNat, defaultProviders);
|
||||
}
|
||||
|
||||
if (cmd.getPortForwardingService()) {
|
||||
serviceProviderMap.put(Network.Service.PortForwarding, defaultProviders);
|
||||
}
|
||||
|
||||
if (cmd.getUserdataService()) {
|
||||
serviceProviderMap.put(Network.Service.UserData, defaultProviders);
|
||||
}
|
||||
|
||||
@ -878,6 +878,8 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
|
||||
defaultVirtualNetworkOfferingProviders.put(Service.Gateway, defaultProviders);
|
||||
defaultVirtualNetworkOfferingProviders.put(Service.Lb, defaultProviders);
|
||||
defaultVirtualNetworkOfferingProviders.put(Service.SourceNat, defaultProviders);
|
||||
defaultVirtualNetworkOfferingProviders.put(Service.StaticNat, defaultProviders);
|
||||
defaultVirtualNetworkOfferingProviders.put(Service.PortForwarding, defaultProviders);
|
||||
defaultVirtualNetworkOfferingProviders.put(Service.Vpn, defaultProviders);
|
||||
|
||||
Transaction txn = Transaction.currentTxn();
|
||||
|
||||
@ -74,6 +74,12 @@ public class PhysicalNetworkServiceProviderVO implements PhysicalNetworkServiceP
|
||||
@Column(name = "load_balance_service_provided")
|
||||
boolean lbServiceProvided;
|
||||
|
||||
@Column(name = "static_nat_service_provided")
|
||||
boolean staticnatServiceProvided;
|
||||
|
||||
@Column(name = "port_forwarding_service_provided")
|
||||
boolean portForwardingServiceProvided;
|
||||
|
||||
@Column(name = "user_data_service_provided")
|
||||
boolean userdataServiceProvided;
|
||||
|
||||
@ -188,6 +194,22 @@ public class PhysicalNetworkServiceProviderVO implements PhysicalNetworkServiceP
|
||||
this.lbServiceProvided = lbServiceProvided;
|
||||
}
|
||||
|
||||
public boolean isStaticnatServiceProvided() {
|
||||
return staticnatServiceProvided;
|
||||
}
|
||||
|
||||
public void setStaticnatServiceProvided(boolean staticnatServiceProvided) {
|
||||
this.staticnatServiceProvided = staticnatServiceProvided;
|
||||
}
|
||||
|
||||
public boolean isPortForwardingServiceProvided() {
|
||||
return portForwardingServiceProvided;
|
||||
}
|
||||
|
||||
public void setPortForwardingServiceProvided(boolean portForwardingServiceProvided) {
|
||||
this.portForwardingServiceProvided = portForwardingServiceProvided;
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean isUserdataServiceProvided() {
|
||||
return userdataServiceProvided;
|
||||
@ -214,6 +236,8 @@ public class PhysicalNetworkServiceProviderVO implements PhysicalNetworkServiceP
|
||||
this.setFirewallServiceProvided(services.contains(Service.Firewall));
|
||||
this.setLbServiceProvided(services.contains(Service.Lb));
|
||||
this.setSourcenatServiceProvided(services.contains(Service.SourceNat));
|
||||
this.setStaticnatServiceProvided(services.contains(Service.StaticNat));
|
||||
this.setPortForwardingServiceProvided(services.contains(Service.PortForwarding));
|
||||
this.setUserdataServiceProvided(services.contains(Service.UserData));
|
||||
this.setSecuritygroupServiceProvided(services.contains(Service.SecurityGroup));
|
||||
}
|
||||
@ -242,6 +266,12 @@ public class PhysicalNetworkServiceProviderVO implements PhysicalNetworkServiceP
|
||||
if(this.sourcenatServiceProvided){
|
||||
services.add(Service.SourceNat);
|
||||
}
|
||||
if(this.staticnatServiceProvided){
|
||||
services.add(Service.StaticNat);
|
||||
}
|
||||
if(this.portForwardingServiceProvided){
|
||||
services.add(Service.PortForwarding);
|
||||
}
|
||||
if(this.isUserdataServiceProvided()){
|
||||
services.add(Service.UserData);
|
||||
}
|
||||
|
||||
@ -203,9 +203,6 @@ public class JuniperSRXExternalFirewallElement extends AdapterBase implements So
|
||||
// Set capabilities for Firewall service
|
||||
Map<Capability, String> firewallCapabilities = new HashMap<Capability, String>();
|
||||
|
||||
// Specifies that static NAT rules are supported by this element
|
||||
firewallCapabilities.put(Capability.StaticNat, "true");
|
||||
|
||||
// Specifies that NAT rules can be made for either TCP or UDP traffic
|
||||
firewallCapabilities.put(Capability.SupportedProtocols, "tcp,udp");
|
||||
|
||||
@ -214,9 +211,6 @@ public class JuniperSRXExternalFirewallElement extends AdapterBase implements So
|
||||
// Specifies that this element can measure network usage on a per public IP basis
|
||||
firewallCapabilities.put(Capability.TrafficStatistics, "per public ip");
|
||||
|
||||
// Specifies that port forwarding rules are supported by this element
|
||||
firewallCapabilities.put(Capability.PortForwarding, "true");
|
||||
|
||||
// Specifies supported VPN types
|
||||
Map<Capability, String> vpnCapabilities = new HashMap<Capability, String>();
|
||||
vpnCapabilities.put(Capability.SupportedVpnTypes, "ipsec");
|
||||
@ -225,12 +219,17 @@ public class JuniperSRXExternalFirewallElement extends AdapterBase implements So
|
||||
capabilities.put(Service.Firewall, firewallCapabilities);
|
||||
capabilities.put(Service.Gateway, null);
|
||||
|
||||
|
||||
Map<Capability, String> sourceNatCapabilities = new HashMap<Capability, String>();
|
||||
// Specifies that this element supports either one source NAT rule per account, or no source NAT rules at all;
|
||||
// in the latter case a shared interface NAT rule will be used
|
||||
sourceNatCapabilities.put(Capability.SupportedSourceNatTypes, "per account, per zone");
|
||||
capabilities.put(Service.SourceNat, sourceNatCapabilities);
|
||||
|
||||
// Specifies that port forwarding rules are supported by this element
|
||||
capabilities.put(Service.PortForwarding, null);
|
||||
|
||||
// Specifies that static NAT rules are supported by this element
|
||||
capabilities.put(Service.StaticNat, null);
|
||||
|
||||
return capabilities;
|
||||
}
|
||||
|
||||
@ -302,9 +302,7 @@ public class VirtualRouterElement extends DhcpElement implements VirtualRouterEl
|
||||
|
||||
//Set capabilities for Firewall service
|
||||
Map<Capability, String> firewallCapabilities = new HashMap<Capability, String>();
|
||||
firewallCapabilities.put(Capability.PortForwarding, "true");
|
||||
firewallCapabilities.put(Capability.TrafficStatistics, "per public ip");
|
||||
firewallCapabilities.put(Capability.StaticNat, "true");
|
||||
firewallCapabilities.put(Capability.SupportedProtocols, "tcp,udp,icmp");
|
||||
firewallCapabilities.put(Capability.MultipleIps, "true");
|
||||
|
||||
@ -323,11 +321,13 @@ public class VirtualRouterElement extends DhcpElement implements VirtualRouterEl
|
||||
capabilities.put(Service.Dhcp, null);
|
||||
capabilities.put(Service.Gateway, null);
|
||||
|
||||
|
||||
Map<Capability, String> sourceNatCapabilities = new HashMap<Capability, String>();
|
||||
sourceNatCapabilities.put(Capability.SupportedSourceNatTypes, "per account");
|
||||
capabilities.put(Service.SourceNat, sourceNatCapabilities);
|
||||
|
||||
capabilities.put(Service.StaticNat, null);
|
||||
capabilities.put(Service.PortForwarding, null);
|
||||
|
||||
return capabilities;
|
||||
}
|
||||
|
||||
|
||||
@ -852,6 +852,8 @@ public class ConfigurationServerImpl implements ConfigurationServer {
|
||||
defaultVirtualNetworkOfferingProviders.put(Service.Gateway, Provider.VirtualRouter);
|
||||
defaultVirtualNetworkOfferingProviders.put(Service.Lb, Provider.VirtualRouter);
|
||||
defaultVirtualNetworkOfferingProviders.put(Service.SourceNat, Provider.VirtualRouter);
|
||||
defaultVirtualNetworkOfferingProviders.put(Service.StaticNat, Provider.VirtualRouter);
|
||||
defaultVirtualNetworkOfferingProviders.put(Service.PortForwarding, Provider.VirtualRouter);
|
||||
defaultVirtualNetworkOfferingProviders.put(Service.Vpn, Provider.VirtualRouter);
|
||||
|
||||
NetworkOfferingVO guestNetworkOffering = new NetworkOfferingVO(
|
||||
|
||||
@ -1787,8 +1787,10 @@ CREATE TABLE `cloud`.`physical_network_service_providers` (
|
||||
`dns_service_provided` tinyint(1) unsigned NOT NULL DEFAULT 0 COMMENT 'Is DNS service provided',
|
||||
`gateway_service_provided` tinyint(1) unsigned NOT NULL DEFAULT 0 COMMENT 'Is Gateway service provided',
|
||||
`firewall_service_provided` tinyint(1) unsigned NOT NULL DEFAULT 0 COMMENT 'Is Firewall service provided',
|
||||
`source_nat_service_provided` tinyint(1) unsigned NOT NULL DEFAULT 0 COMMENT 'Is SNAT service provided',
|
||||
`source_nat_service_provided` tinyint(1) unsigned NOT NULL DEFAULT 0 COMMENT 'Is Source NAT service provided',
|
||||
`load_balance_service_provided` tinyint(1) unsigned NOT NULL DEFAULT 0 COMMENT 'Is LB service provided',
|
||||
`static_nat_service_provided` tinyint(1) unsigned NOT NULL DEFAULT 0 COMMENT 'Is Static NAT service provided',
|
||||
`port_forwarding_service_provided` tinyint(1) unsigned NOT NULL DEFAULT 0 COMMENT 'Is Port Forwarding service provided',
|
||||
`user_data_service_provided` tinyint(1) unsigned NOT NULL DEFAULT 0 COMMENT 'Is UserData service provided',
|
||||
`security_group_service_provided` tinyint(1) unsigned NOT NULL DEFAULT 0 COMMENT 'Is SG service provided',
|
||||
PRIMARY KEY (`id`),
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user