apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'sg-in-advanced-zone'

Browse Source 
Conflicts:
	server/src/com/cloud/network/NetworkManagerImpl.java
	server/src/com/cloud/vm/UserVmManagerImpl.java
This commit is contained in:
anthony 2013-02-07 15:19:41 -08:00
commit 951cba92bb
7 changed files with 83 additions and 108 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
server/src/com/cloud/configuration/ConfigurationManagerImpl.java
View File

@ -1523,13 +1523,11 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati
// check if zone has necessary trafficTypes before enabling
try {
PhysicalNetwork mgmtPhyNetwork;
if (NetworkType.Advanced == zone.getNetworkType()) {
// zone should have a physical network with public and management traffiType
_networkModel.getDefaultPhysicalNetworkByZoneAndTrafficType(zoneId, TrafficType.Public);
mgmtPhyNetwork = _networkModel.getDefaultPhysicalNetworkByZoneAndTrafficType(zoneId, TrafficType.Management);
} else {
// zone should have a physical network with management traffiType
mgmtPhyNetwork = _networkModel.getDefaultPhysicalNetworkByZoneAndTrafficType(zoneId, TrafficType.Management);
if (NetworkType.Advanced == zone.getNetworkType() && ! zone.isSecurityGroupEnabled() ) {
// advanced zone without SG should have a physical network with public Thpe
_networkModel.getDefaultPhysicalNetworkByZoneAndTrafficType(zoneId, TrafficType.Public);
}
try {

17
server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
View File

@ -756,18 +756,27 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
DataCenterDeployment plan = new DataCenterDeployment(dataCenterId);
NetworkVO defaultNetwork = null;
if (dc.getNetworkType() == NetworkType.Advanced && dc.isSecurityGroupEnabled()) {
List<NetworkVO> networks = _networkDao.listByZoneSecurityGroup(dataCenterId);
if (networks == null || networks.size() == 0) {
throw new CloudRuntimeException("Can not found security enabled network in SG Zone " + dc);
}
defaultNetwork = networks.get(0);
} else {
TrafficType defaultTrafficType = TrafficType.Public;
if (dc.getNetworkType() == NetworkType.Basic || dc.isSecurityGroupEnabled()) {
defaultTrafficType = TrafficType.Guest;
}
List<NetworkVO> defaultNetworks = _networkDao.listByZoneAndTrafficType(dataCenterId, defaultTrafficType);
// api should never allow this situation to happen
if (defaultNetworks.size() != 1) {
throw new CloudRuntimeException("Found " + defaultNetworks.size() + " networks of type " + defaultTrafficType + " when expect to find 1");
throw new CloudRuntimeException("Found " + defaultNetworks.size() + " networks of type "
+ defaultTrafficType + " when expect to find 1");
}
defaultNetwork = defaultNetworks.get(0);
}
NetworkVO defaultNetwork = defaultNetworks.get(0);
List<? extends NetworkOffering> offerings = _networkModel.getSystemAccountNetworkOfferings(NetworkOffering.SystemControlNetwork, NetworkOffering.SystemManagementNetwork);
List<Pair<NetworkVO, NicProfile>> networks = new ArrayList<Pair<NetworkVO, NicProfile>>(offerings.size() + 1);

13
server/src/com/cloud/network/NetworkManagerImpl.java
View File

@ -1859,11 +1859,14 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L
}
// Only Account specific Isolated network with sourceNat service disabled are allowed in security group
// enabled zone
boolean allowCreation = (ntwkOff.getGuestType() == GuestType.Isolated
&& !_networkModel.areServicesSupportedByNetworkOffering(ntwkOff.getId(), Service.SourceNat));
if (!allowCreation) {
throw new InvalidParameterValueException("Only Account specific Isolated network with sourceNat " +
"service disabled are allowed in security group enabled zone");
if ( ntwkOff.getGuestType() != GuestType.Shared ){
throw new InvalidParameterValueException("Only shared guest network can be created in security group enabled zone");
}
if ( _networkModel.areServicesSupportedByNetworkOffering(ntwkOff.getId(), Service.SourceNat)) {
throw new InvalidParameterValueException("Service SourceNat is not allowed in security group enabled zone");
}
if ( ! _networkModel.areServicesSupportedByNetworkOffering(ntwkOff.getId(), Service.SecurityGroup)) {
throw new InvalidParameterValueException("network must have SecurityGroup provider in security group enabled zone");
}
}

6
server/src/com/cloud/resource/ResourceManagerImpl.java
View File

@ -427,6 +427,12 @@ public class ResourceManagerImpl extends ManagerBase implements ResourceManager,
+ cmd.getHypervisor() + " to a supported ");
}
if (zone.isSecurityGroupEnabled()) {
if( hypervisorType != HypervisorType.KVM && hypervisorType != HypervisorType.XenServer ) {
throw new InvalidParameterValueException("Don't support hypervisor type " + hypervisorType + " in advanced security enabled zone");
}
}
Cluster.ClusterType clusterType = null;
if (cmd.getClusterType() != null && !cmd.getClusterType().isEmpty()) {
clusterType = Cluster.ClusterType.valueOf(cmd.getClusterType());

20
server/src/com/cloud/storage/secondary/SecondaryStorageManagerImpl.java
View File

@ -540,19 +540,27 @@ public class SecondaryStorageManagerImpl extends ManagerBase implements Secondar
DataCenterDeployment plan = new DataCenterDeployment(dataCenterId);
DataCenter dc = _dcDao.findById(plan.getDataCenterId());
NetworkVO defaultNetwork = null;
if (dc.getNetworkType() == NetworkType.Advanced && dc.isSecurityGroupEnabled()) {
List<NetworkVO> networks = _networkDao.listByZoneSecurityGroup(dataCenterId);
if (networks == null || networks.size() == 0) {
throw new CloudRuntimeException("Can not found security enabled network in SG Zone " + dc);
}
defaultNetwork = networks.get(0);
} else {
TrafficType defaultTrafficType = TrafficType.Public;
if (dc.getNetworkType() == NetworkType.Basic || dc.isSecurityGroupEnabled()) {
defaultTrafficType = TrafficType.Guest;
}
List<NetworkVO> defaultNetworks = _networkDao.listByZoneAndTrafficType(dataCenterId, defaultTrafficType);
//api should never allow this situation to happen
// api should never allow this situation to happen
if (defaultNetworks.size() != 1) {
throw new CloudRuntimeException("Found " + defaultNetworks.size() + " networks of type " + defaultTrafficType + " when expect to find 1");
throw new CloudRuntimeException("Found " + defaultNetworks.size() + " networks of type "
+ defaultTrafficType + " when expect to find 1");
}
defaultNetwork = defaultNetworks.get(0);
}
NetworkVO defaultNetwork = defaultNetworks.get(0);
List<? extends NetworkOffering> offerings = _networkModel.getSystemAccountNetworkOfferings(NetworkOfferingVO.SystemControlNetwork, NetworkOfferingVO.SystemManagementNetwork, NetworkOfferingVO.SystemStorageNetwork);
List<Pair<NetworkVO, NicProfile>> networks = new ArrayList<Pair<NetworkVO, NicProfile>>(offerings.size() + 1);

68
server/src/com/cloud/vm/UserVmManagerImpl.java
View File

@ -2867,59 +2867,22 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Use
Account caller = UserContext.current().getCaller();
List<NetworkVO> networkList = new ArrayList<NetworkVO>();
boolean isSecurityGroupEnabledNetworkUsed = false;
boolean isVmWare = (template.getHypervisorType() == HypervisorType.VMware || (hypervisor != null && hypervisor == HypervisorType.VMware));
if (isVmWare) {
throw new InvalidParameterValueException("Security group feature is not supported for vmWare hypervisor");
}
// Verify that caller can perform actions in behalf of vm owner
_accountMgr.checkAccess(caller, null, true, owner);
// If no network is specified, find system security group enabled
// network
if (networkIdList == null || networkIdList.isEmpty()) {
Network networkWithSecurityGroup = _networkModel.getNetworkWithSecurityGroupEnabled(zone.getId());
if (networkWithSecurityGroup == null) {
throw new InvalidParameterValueException(
"No network with security enabled is found in zone id="
+ zone.getId());
throw new InvalidParameterValueException("need to specify networkIDs");
}
networkList.add(_networkDao.findById(networkWithSecurityGroup.getId()));
isSecurityGroupEnabledNetworkUsed = true;
} else if (securityGroupIdList != null
&& !securityGroupIdList.isEmpty()) {
if (isVmWare) {
throw new InvalidParameterValueException(
"Security group feature is not supported for vmWare hypervisor");
if (networkIdList.size() > 1 ) {
throw new InvalidParameterValueException("VM can only be on one network in Zone with Security group enabled zone");
}
// Only one network can be specified, and it should be security
// group enabled
if (networkIdList.size() > 1) {
throw new InvalidParameterValueException(
"Only support one network per VM if security group enabled");
}
NetworkVO network = _networkDao.findById(networkIdList.get(0)
.longValue());
if (network == null) {
throw new InvalidParameterValueException(
"Unable to find network by id "
+ networkIdList.get(0).longValue());
}
if (!_networkModel.isSecurityGroupSupportedInNetwork(network)) {
throw new InvalidParameterValueException("Network is not security group enabled: " + network.getId());
}
networkList.add(network);
isSecurityGroupEnabledNetworkUsed = true;
} else {
// Verify that all the networks are Shared/Guest; can't create combination of SG enabled and disabled networks
for (Long networkId : networkIdList) {
NetworkVO network = _networkDao.findById(networkId);
if (network == null) {
throw new InvalidParameterValueException(
"Unable to find network by id "
@ -2927,13 +2890,8 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Use
}
boolean isSecurityGroupEnabled = _networkModel.isSecurityGroupSupportedInNetwork(network);
if (isSecurityGroupEnabled) {
if (networkIdList.size() > 1) {
throw new InvalidParameterValueException("Can't create a vm with multiple networks one of" +
" which is Security Group enabled");
}
isSecurityGroupEnabledNetworkUsed = true;
if ( ! isSecurityGroupEnabled) {
throw new InvalidParameterValueException("Only support Security Group enabled networks in Security enabled zone, network " + network.getUuid() + " doesn't support security group ");
}
if (!(network.getTrafficType() == TrafficType.Guest && network.getGuestType() == Network.GuestType.Shared)) {
@ -2947,14 +2905,9 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Use
}
networkList.add(network);
}
}
// if network is security group enabled, and no security group is specified, then add the default security group automatically
if (isSecurityGroupEnabledNetworkUsed && !isVmWare && _networkModel.canAddDefaultSecurityGroup()) {
// add the default securityGroup only if no security group is
// specified
if (securityGroupIdList == null || securityGroupIdList.isEmpty()) {
if ( _networkModel.canAddDefaultSecurityGroup()) {
if(securityGroupIdList == null || securityGroupIdList.isEmpty()){
if (securityGroupIdList == null) {
securityGroupIdList = new ArrayList<Long>();
}
@ -2978,7 +2931,6 @@ public class UserVmManagerImpl extends ManagerBase implements UserVmManager, Use
}
}
}
return createVirtualMachine(zone, serviceOffering, template, hostName, displayName, owner, diskOfferingId,
diskSize, networkList, securityGroupIdList, group, userData, sshKeyPair, hypervisor, caller, requestedIps, defaultIps, keyboard);
}

1
ui/scripts/zoneWizard.js
View File

@ -373,7 +373,6 @@
var nonSupportedHypervisors = {};
if(args.context.zones[0]['network-model'] == "Advanced" && args.context.zones[0]['zone-advanced-sg-enabled'] == "on") {
firstOption = "KVM";
nonSupportedHypervisors["XenServer"] = 1; //to developers: comment this line if you need to test Advanced SG-enabled zone with XenServer hypervisor
nonSupportedHypervisors["VMware"] = 1;
nonSupportedHypervisors["BareMetal"] = 1;
nonSupportedHypervisors["Ovm"] = 1;