diff --git a/api/src/com/cloud/api/ApiConstants.java b/api/src/com/cloud/api/ApiConstants.java index e0c70935714..455e20d01e4 100755 --- a/api/src/com/cloud/api/ApiConstants.java +++ b/api/src/com/cloud/api/ApiConstants.java @@ -302,6 +302,7 @@ public class ApiConstants { public static final String FIREWALL_DEVICE_NAME = "fwdevicename"; public static final String FIREWALL_DEVICE_STATE = "fwdevicestate"; public static final String FIREWALL_DEVICE_CAPACITY = "fwdevicecapacity"; + public static final String FIREWALL_DEVICE_DEDICATED = "fwdevicededicated"; public static final String SERVICE = "service"; public static final String ASSOCIATED_NETWORK_ID = "associatednetworkid"; diff --git a/api/src/com/cloud/api/response/F5LoadBalancerResponse.java b/api/src/com/cloud/api/response/F5LoadBalancerResponse.java index 9b8103b44fd..47e9b97e7f5 100644 --- a/api/src/com/cloud/api/response/F5LoadBalancerResponse.java +++ b/api/src/com/cloud/api/response/F5LoadBalancerResponse.java @@ -42,6 +42,21 @@ public class F5LoadBalancerResponse extends BaseResponse { @SerializedName(ApiConstants.LOAD_BALANCER_DEVICE_CAPACITY) @Param(description="device capacity") private Long deviceCapacity; + @SerializedName(ApiConstants.LOAD_BALANCER_DEVICE_DEDICATED) @Param(description="true if device is dedicated for an account") + private Boolean dedicatedLoadBalancer; + + @SerializedName(ApiConstants.INLINE) @Param(description="true if device is inline with firewall device") + private Boolean inlineLoadBalancer; + + @SerializedName(ApiConstants.PUBLIC_INTERFACE) @Param(description="the public interface of the load balancer") + private String publicInterface; + + @SerializedName(ApiConstants.PRIVATE_INTERFACE) @Param(description="the private interface of the load balancer") + private String privateInterface; + + @SerializedName(ApiConstants.IP_ADDRESS) @Param(description="the management IP address of the external load balancer") + private String ipAddress; + public void setId(long lbDeviceId) { this.id.setValue(lbDeviceId); } @@ -65,4 +80,24 @@ public class F5LoadBalancerResponse extends BaseResponse { public void setDeviceState(String deviceState) { this.deviceState = deviceState; } + + public void setDedicatedLoadBalancer(boolean isDedicated) { + this.dedicatedLoadBalancer = isDedicated; + } + + public void setInlineMode(boolean inline) { + this.inlineLoadBalancer = inline; + } + + public void setPublicInterface(String publicInterface) { + this.publicInterface = publicInterface; + } + + public void setPrivateInterface(String privateInterface) { + this.privateInterface = privateInterface; + } + + public void setIpAddress(String ipAddress) { + this.ipAddress = ipAddress; + } } diff --git a/api/src/com/cloud/api/response/SrxFirewallResponse.java b/api/src/com/cloud/api/response/SrxFirewallResponse.java index c071b4fbff6..b39160aa3ca 100644 --- a/api/src/com/cloud/api/response/SrxFirewallResponse.java +++ b/api/src/com/cloud/api/response/SrxFirewallResponse.java @@ -44,6 +44,36 @@ public class SrxFirewallResponse extends BaseResponse { @SerializedName(ApiConstants.FIREWALL_DEVICE_CAPACITY) @Param(description="device capacity") private Long deviceCapacity; + @SerializedName(ApiConstants.ZONE_ID) @Param(description="the zone ID of the external firewall") + private IdentityProxy zoneId = new IdentityProxy("data_center"); + + @SerializedName(ApiConstants.IP_ADDRESS) @Param(description="the management IP address of the external firewall") + private String ipAddress; + + @SerializedName(ApiConstants.USERNAME) @Param(description="the username that's used to log in to the external firewall") + private String username; + + @SerializedName(ApiConstants.PUBLIC_INTERFACE) @Param(description="the public interface of the external firewall") + private String publicInterface; + + @SerializedName(ApiConstants.USAGE_INTERFACE) @Param(description="the usage interface of the external firewall") + private String usageInterface; + + @SerializedName(ApiConstants.PRIVATE_INTERFACE) @Param(description="the private interface of the external firewall") + private String privateInterface; + + @SerializedName(ApiConstants.PUBLIC_ZONE) @Param(description="the public security zone of the external firewall") + private String publicZone; + + @SerializedName(ApiConstants.PRIVATE_ZONE) @Param(description="the private security zone of the external firewall") + private String privateZone; + + @SerializedName(ApiConstants.NUM_RETRIES) @Param(description="the number of times to retry requests to the external firewall") + private String numRetries; + + @SerializedName(ApiConstants.TIMEOUT) @Param(description="the timeout (in seconds) for requests to the external firewall") + private String timeout; + public void setId(long lbDeviceId) { this.id.setValue(lbDeviceId); } @@ -67,4 +97,44 @@ public class SrxFirewallResponse extends BaseResponse { public void setDeviceState(String deviceState) { this.deviceState = deviceState; } + + public void setIpAddress(String ipAddress) { + this.ipAddress = ipAddress; + } + + public void setPublicInterface(String publicInterface) { + this.publicInterface = publicInterface; + } + + public void setUsageInterface(String usageInterface) { + this.usageInterface = usageInterface; + } + + public void setPrivateInterface(String privateInterface) { + this.privateInterface = privateInterface; + } + + public void setPublicZone(String publicZone) { + this.publicZone = publicZone; + } + + public void setPrivateZone(String privateZone) { + this.privateZone = privateZone; + } + + public String getNumRetries() { + return numRetries; + } + + public void setNumRetries(String numRetries) { + this.numRetries = numRetries; + } + + public String getTimeout() { + return timeout; + } + + public void setTimeout(String timeout) { + this.timeout = timeout; + } } diff --git a/core/src/com/cloud/network/resource/JuniperSrxResource.java b/core/src/com/cloud/network/resource/JuniperSrxResource.java index d0393f82161..d20a36b774e 100644 --- a/core/src/com/cloud/network/resource/JuniperSrxResource.java +++ b/core/src/com/cloud/network/resource/JuniperSrxResource.java @@ -78,6 +78,7 @@ public class JuniperSrxResource implements ServerResource { private String _name; private String _zoneId; + private String _physicalNetworkId; private String _ip; private String _username; private String _password; @@ -300,6 +301,11 @@ public class JuniperSrxResource implements ServerResource { throw new ConfigurationException("Unable to find zone"); } + _physicalNetworkId = (String) params.get("physicalNetworkId"); + if (_physicalNetworkId == null) { + throw new ConfigurationException("Unable to find physical network id in the configuration parameters"); + } + _ip = (String) params.get("ip"); if (_ip == null) { throw new ConfigurationException("Unable to find IP"); diff --git a/server/src/com/cloud/network/ExternalFirewallDeviceManagerImpl.java b/server/src/com/cloud/network/ExternalFirewallDeviceManagerImpl.java index e61feeead07..1681d9e9368 100644 --- a/server/src/com/cloud/network/ExternalFirewallDeviceManagerImpl.java +++ b/server/src/com/cloud/network/ExternalFirewallDeviceManagerImpl.java @@ -32,6 +32,7 @@ import org.apache.log4j.Logger; import com.cloud.agent.AgentManager; import com.cloud.agent.api.Answer; import com.cloud.agent.api.StartupCommand; +import com.cloud.agent.api.StartupExternalFirewallCommand; import com.cloud.agent.api.StartupExternalLoadBalancerCommand; import com.cloud.agent.api.routing.IpAssocCommand; import com.cloud.agent.api.routing.NetworkElementCommand; @@ -61,6 +62,7 @@ import com.cloud.host.Host; import com.cloud.host.HostVO; import com.cloud.host.dao.HostDao; import com.cloud.host.dao.HostDetailsDao; +import com.cloud.network.ExternalFirewallDeviceVO.FirewallDeviceState; import com.cloud.network.ExternalNetworkDeviceManager.NetworkDevice; import com.cloud.network.Network.Capability; import com.cloud.network.Network.Service; @@ -91,6 +93,7 @@ import com.cloud.user.Account; import com.cloud.user.AccountManager; import com.cloud.user.dao.AccountDao; import com.cloud.user.dao.UserStatisticsDao; +import com.cloud.utils.NumbersUtil; import com.cloud.utils.component.AdapterBase; import com.cloud.utils.component.Inject; import com.cloud.utils.db.DB; @@ -136,6 +139,13 @@ public abstract class ExternalFirewallDeviceManagerImpl extends AdapterBase impl private static final org.apache.log4j.Logger s_logger = Logger.getLogger(ExternalFirewallDeviceManagerImpl.class); + @Override + public boolean configure(String name, Map params) throws ConfigurationException { + super.configure(name, params); + _resourceMgr.registerResourceStateAdapter(this.getClass().getSimpleName(), this); + return true; + } + @Override @DB public ExternalFirewallDeviceVO addExternalFirewall(long physicalNetworkId, String url, String username, String password, String deviceName, ServerResource resource) { @@ -175,6 +185,7 @@ public abstract class ExternalFirewallDeviceManagerImpl extends AdapterBase impl String ipAddress = uri.getHost(); Map hostDetails = new HashMap(); guid = getExternalNetworkResourceGuid(pNetwork.getId(), deviceName, ipAddress); + hostDetails.put("name", guid); hostDetails.put("guid", guid); hostDetails.put("zoneId", String.valueOf(pNetwork.getDataCenterId())); hostDetails.put("ip", ipAddress); @@ -182,11 +193,11 @@ public abstract class ExternalFirewallDeviceManagerImpl extends AdapterBase impl hostDetails.put("username", username); hostDetails.put("password", password); hostDetails.put("deviceName", deviceName); - Map params = new HashMap(); - UrlUtil.parseQueryParameters(uri.getQuery(), false, params); - hostDetails.putAll(params); + Map configParams = new HashMap(); + UrlUtil.parseQueryParameters(uri.getQuery(), false, configParams); + hostDetails.putAll(configParams); - // let the server resource to device parameters validation + // let the server resource to do parameters validation try { resource.configure(guid, hostDetails); } catch (ConfigurationException e) { @@ -198,7 +209,14 @@ public abstract class ExternalFirewallDeviceManagerImpl extends AdapterBase impl Transaction txn = Transaction.currentTxn(); txn.start(); - ExternalFirewallDeviceVO fwDevice = new ExternalFirewallDeviceVO(externalFirewall.getId(), pNetwork.getId(), ntwkSvcProvider.getProviderName(), deviceName); + boolean dedicatedUse = (configParams.get(ApiConstants.FIREWALL_DEVICE_DEDICATED) != null) ? Boolean.parseBoolean(configParams.get(ApiConstants.FIREWALL_DEVICE_DEDICATED)) : false; + long capacity = NumbersUtil.parseLong((String)configParams.get(ApiConstants.FIREWALL_DEVICE_CAPACITY), 0); + + ExternalFirewallDeviceVO fwDevice = new ExternalFirewallDeviceVO(externalFirewall.getId(), pNetwork.getId(), ntwkSvcProvider.getProviderName(), + deviceName, capacity, dedicatedUse); + if (capacity != 0) { + fwDevice.setState(FirewallDeviceState.Enabled); + } _externalFirewallDeviceDao.persist(fwDevice); DetailVO hostDetail = new DetailVO(externalFirewall.getId(), ApiConstants.FIREWALL_DEVICE_ID, String.valueOf(fwDevice.getId())); @@ -615,7 +633,7 @@ public abstract class ExternalFirewallDeviceManagerImpl extends AdapterBase impl @Override public HostVO createHostVOForDirectConnectAgent(HostVO host, StartupCommand[] startup, ServerResource resource, Map details, List hostTags) { - if (!(startup[0] instanceof StartupExternalLoadBalancerCommand)) { + if (!(startup[0] instanceof StartupExternalFirewallCommand)) { return null; } host.setType(Host.Type.ExternalFirewall); diff --git a/server/src/com/cloud/network/ExternalFirewallDeviceVO.java b/server/src/com/cloud/network/ExternalFirewallDeviceVO.java index 2ba07133a36..b43d6b2189b 100644 --- a/server/src/com/cloud/network/ExternalFirewallDeviceVO.java +++ b/server/src/com/cloud/network/ExternalFirewallDeviceVO.java @@ -60,6 +60,9 @@ public class ExternalFirewallDeviceVO { @Enumerated(value=EnumType.STRING) FirewallDeviceState state; + @Column(name="is_dedicated") + private boolean isDedicatedDevice; + @Column(name = "capacity") private long capacity; @@ -78,13 +81,15 @@ public class ExternalFirewallDeviceVO { Allocated } - public ExternalFirewallDeviceVO(long hostId, long physicalNetworkId, String provider_name, String device_name) { + public ExternalFirewallDeviceVO(long hostId, long physicalNetworkId, String provider_name, String device_name, long capacity, boolean dedicated) { this.physicalNetworkId = physicalNetworkId; this.providerName = provider_name; this.deviceName = device_name; this.hostId = hostId; this.state = FirewallDeviceState.Disabled; this.allocationState = FirewallDeviceAllocationState.Free; + this.capacity = capacity; + this.isDedicatedDevice = dedicated; this.uuid = UUID.randomUUID().toString(); } @@ -136,6 +141,14 @@ public class ExternalFirewallDeviceVO { this.allocationState = allocationState; } + public boolean getIsDedicatedDevice() { + return isDedicatedDevice; + } + + public void setIsDedicatedDevice(boolean isDedicated) { + isDedicatedDevice = isDedicated; + } + public String getUuid() { return uuid; } diff --git a/server/src/com/cloud/network/ExternalLoadBalancerDeviceManagerImpl.java b/server/src/com/cloud/network/ExternalLoadBalancerDeviceManagerImpl.java index 97d7ea12c85..30abc8023a9 100644 --- a/server/src/com/cloud/network/ExternalLoadBalancerDeviceManagerImpl.java +++ b/server/src/com/cloud/network/ExternalLoadBalancerDeviceManagerImpl.java @@ -216,9 +216,9 @@ public abstract class ExternalLoadBalancerDeviceManagerImpl extends AdapterBase txn = Transaction.currentTxn(); txn.start(); - boolean dedicatedUse = (configParams.get("lbdevicededicated") != null) ? Boolean.parseBoolean(configParams.get("lbdevicededicated")) : false; - boolean inline = (configParams.get("lbdeviceinline") != null) ? Boolean.parseBoolean(configParams.get("lbdeviceinline")) : false; - long capacity = NumbersUtil.parseLong((String)configParams.get("lbdevicecapacity"), 0); + boolean dedicatedUse = (configParams.get(ApiConstants.LOAD_BALANCER_DEVICE_DEDICATED) != null) ? Boolean.parseBoolean(configParams.get(ApiConstants.LOAD_BALANCER_DEVICE_DEDICATED)) : false; + boolean inline = (configParams.get(ApiConstants.INLINE) != null) ? Boolean.parseBoolean(configParams.get(ApiConstants.INLINE)) : false; + long capacity = NumbersUtil.parseLong((String)configParams.get(ApiConstants.LOAD_BALANCER_DEVICE_CAPACITY), 0); ExternalLoadBalancerDeviceVO lbDeviceVO = new ExternalLoadBalancerDeviceVO(host.getId(), pNetwork.getId(), ntwkSvcProvider.getProviderName(), deviceName, capacity, dedicatedUse, inline); diff --git a/server/src/com/cloud/network/element/F5ExternalLoadBalancerElement.java b/server/src/com/cloud/network/element/F5ExternalLoadBalancerElement.java index 4c468f78d8a..1f8d3b6c0b4 100644 --- a/server/src/com/cloud/network/element/F5ExternalLoadBalancerElement.java +++ b/server/src/com/cloud/network/element/F5ExternalLoadBalancerElement.java @@ -50,6 +50,7 @@ import com.cloud.exception.ResourceUnavailableException; import com.cloud.host.Host; import com.cloud.host.HostVO; import com.cloud.host.dao.HostDao; +import com.cloud.host.dao.HostDetailsDao; import com.cloud.network.ExternalLoadBalancerDeviceManager; import com.cloud.network.ExternalLoadBalancerDeviceManagerImpl; import com.cloud.network.ExternalLoadBalancerDeviceVO; @@ -97,6 +98,7 @@ public class F5ExternalLoadBalancerElement extends ExternalLoadBalancerDeviceMan @Inject ExternalLoadBalancerDeviceDao _lbDeviceDao; @Inject NetworkExternalLoadBalancerDao _networkLBDao; @Inject NetworkDao _networkDao; + @Inject HostDetailsDao _detailsDao; private boolean canHandle(Network config) { if (config.getGuestType() != Network.GuestType.Isolated || config.getTrafficType() != TrafficType.Guest) { @@ -400,12 +402,21 @@ public class F5ExternalLoadBalancerElement extends ExternalLoadBalancerDeviceMan @Override public F5LoadBalancerResponse createF5LoadBalancerResponse(ExternalLoadBalancerDeviceVO lbDeviceVO) { F5LoadBalancerResponse response = new F5LoadBalancerResponse(); + Host lbHost = _hostDao.findById(lbDeviceVO.getHostId()); + Map lbDetails = _detailsDao.findDetails(lbDeviceVO.getHostId()); + response.setId(lbDeviceVO.getId()); + response.setIpAddress(lbHost.getPrivateIpAddress()); response.setPhysicalNetworkId(lbDeviceVO.getPhysicalNetworkId()); + response.setPublicInterface(lbDetails.get("publicInterface")); + response.setPrivateInterface(lbDetails.get("privateInterface")); response.setDeviceName(lbDeviceVO.getDeviceName()); response.setDeviceCapacity(lbDeviceVO.getCapacity()); + response.setInlineMode(lbDeviceVO.getIsInLineMode()); + response.setDedicatedLoadBalancer(lbDeviceVO.getIsDedicatedDevice()); response.setProvider(lbDeviceVO.getProviderName()); response.setDeviceState(lbDeviceVO.getState().name()); + response.setObjectName("F5LoadBalancer"); return response; } } diff --git a/server/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java b/server/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java index b7a990b70c8..839b7c3008f 100644 --- a/server/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java +++ b/server/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java @@ -49,6 +49,7 @@ import com.cloud.exception.ResourceUnavailableException; import com.cloud.host.Host; import com.cloud.host.HostVO; import com.cloud.host.dao.HostDao; +import com.cloud.host.dao.HostDetailsDao; import com.cloud.network.Network; import com.cloud.network.ExternalFirewallDeviceVO.FirewallDeviceState; import com.cloud.network.ExternalNetworkDeviceManager.NetworkDevice; @@ -103,6 +104,7 @@ public class JuniperSRXExternalFirewallElement extends ExternalFirewallDeviceMan @Inject NetworkExternalFirewallDao _networkFirewallDao; @Inject NetworkDao _networkDao; @Inject NetworkServiceMapDao _ntwkSrvcDao; + @Inject HostDetailsDao _hostDetailDao; private boolean canHandle(Network config) { DataCenter zone = _configMgr.getZone(config.getDataCenterId()); @@ -448,7 +450,7 @@ public class JuniperSRXExternalFirewallElement extends ExternalFirewallDeviceMan if (pNetwork == null) { throw new InvalidParameterValueException("Could not find phyical network with ID: " + physcialNetworkId); } - fwDevices = _fwDevicesDao.listByPhysicalNetworkAndProvider(physcialNetworkId, Provider.F5BigIp.getName()); + fwDevices = _fwDevicesDao.listByPhysicalNetworkAndProvider(physcialNetworkId, Provider.JuniperSRX.getName()); } return fwDevices; @@ -478,12 +480,24 @@ public class JuniperSRXExternalFirewallElement extends ExternalFirewallDeviceMan @Override public SrxFirewallResponse createSrxFirewallResponse(ExternalFirewallDeviceVO fwDeviceVO) { SrxFirewallResponse response = new SrxFirewallResponse(); + Map fwDetails = _hostDetailDao.findDetails(fwDeviceVO.getHostId()); + Host fwHost = _hostDao.findById(fwDeviceVO.getHostId()); + response.setId(fwDeviceVO.getId()); response.setPhysicalNetworkId(fwDeviceVO.getPhysicalNetworkId()); response.setDeviceName(fwDeviceVO.getDeviceName()); response.setDeviceCapacity(fwDeviceVO.getCapacity()); response.setProvider(fwDeviceVO.getProviderName()); response.setDeviceState(fwDeviceVO.getState().name()); + response.setIpAddress(fwHost.getPrivateIpAddress()); + response.setPublicInterface(fwDetails.get("publicInterface")); + response.setUsageInterface(fwDetails.get("usageInterface")); + response.setPrivateInterface(fwDetails.get("privateInterface")); + response.setPublicZone(fwDetails.get("publicZone")); + response.setPrivateZone(fwDetails.get("privateZone")); + response.setNumRetries(fwDetails.get("numRetries")); + response.setTimeout(fwDetails.get("timeout")); + response.setObjectName("SRXFirewall"); return response; } } \ No newline at end of file diff --git a/server/src/com/cloud/network/element/NetscalerExternalLoadBalancerElement.java b/server/src/com/cloud/network/element/NetscalerExternalLoadBalancerElement.java index b5fe851ef31..f9e73c0f000 100644 --- a/server/src/com/cloud/network/element/NetscalerExternalLoadBalancerElement.java +++ b/server/src/com/cloud/network/element/NetscalerExternalLoadBalancerElement.java @@ -19,7 +19,6 @@ package com.cloud.network.element; -import java.net.URI; import java.util.ArrayList; import java.util.HashMap; import java.util.List; @@ -76,7 +75,6 @@ import com.cloud.utils.component.Inject; import com.cloud.utils.db.DB; import com.cloud.utils.db.Transaction; import com.cloud.utils.exception.CloudRuntimeException; -import com.cloud.utils.net.UrlUtil; import com.cloud.vm.NicProfile; import com.cloud.vm.ReservationContext; import com.cloud.vm.VirtualMachine; @@ -372,6 +370,7 @@ public class NetscalerExternalLoadBalancerElement extends ExternalLoadBalancerDe response.setDedicatedLoadBalancer(lbDeviceVO.getIsDedicatedDevice()); response.setProvider(lbDeviceVO.getProviderName()); response.setDeviceState(lbDeviceVO.getState().name()); + response.setObjectName("NetscalerLoadBalancer"); return response; } diff --git a/setup/db/create-schema.sql b/setup/db/create-schema.sql index ff311d9c454..07c66389ab2 100755 --- a/setup/db/create-schema.sql +++ b/setup/db/create-schema.sql @@ -1967,6 +1967,7 @@ CREATE TABLE `cloud`.`external_firewall_devices` ( `provider_name` varchar(255) NOT NULL COMMENT 'Service Provider name corresponding to this firewall device', `device_name` varchar(255) NOT NULL COMMENT 'name of the firewall device', `state` varchar(32) NOT NULL DEFAULT 'Disabled' COMMENT 'state (enabled/disabled/shutdown) of the device', + `is_dedicated` int(1) unsigned NOT NULL DEFAULT 0 COMMENT '1 if device/appliance meant for dedicated use only', `allocation_state` varchar(32) NOT NULL DEFAULT 'Free' COMMENT 'Allocation state (Free/Allocated) of the device', `host_id` bigint unsigned NOT NULL COMMENT 'host id coresponding to the external firewall device', `capacity` bigint unsigned NOT NULL DEFAULT 0 COMMENT 'Capacity of the external firewall device',