diff --git a/client/bindir/cloud-setup-management.in b/client/bindir/cloud-setup-management.in index 4d742e91105..de76007fc80 100755 --- a/client/bindir/cloud-setup-management.in +++ b/client/bindir/cloud-setup-management.in @@ -6,9 +6,9 @@ # to you under the Apache License, Version 2.0 (the # "License"); you may not use this file except in compliance # with the License. You may obtain a copy of the License at -# +# # http://www.apache.org/licenses/LICENSE-2.0 -# +# # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY @@ -26,18 +26,21 @@ from optparse import OptionParser if __name__ == '__main__': initLoging("@MSLOGDIR@/setupManagement.log") glbEnv = globalEnv() - + parser = OptionParser() parser.add_option("--https", action="store_true", dest="https", help="Enable HTTPs connection of management server") parser.add_option("--tomcat7", action="store_true", dest="tomcat7", help="Use Tomcat7 configuration files in Management Server") + parser.add_option("--no-start", action="store_true", dest="nostart", help="Do not start management server after successful configuration") (options, args) = parser.parse_args() if options.https: glbEnv.svrMode = "HttpsServer" if options.tomcat7: glbEnv.svrConf = "Tomcat7" + if options.nostart: + glbEnv.noStart = True glbEnv.mode = "Server" - + print "Starting to configure CloudStack Management Server:" try: syscfg = sysConfigFactory.getSysConfigFactory(glbEnv) diff --git a/plugins/network-elements/ovs/src/com/cloud/network/element/OvsElement.java b/plugins/network-elements/ovs/src/com/cloud/network/element/OvsElement.java index 5ebf62b2c5e..02248c5844d 100644 --- a/plugins/network-elements/ovs/src/com/cloud/network/element/OvsElement.java +++ b/plugins/network-elements/ovs/src/com/cloud/network/element/OvsElement.java @@ -69,7 +69,6 @@ import com.cloud.resource.ServerResource; import com.cloud.resource.UnableDeleteHostException; import com.cloud.utils.Pair; import com.cloud.utils.component.AdapterBase; -import com.cloud.utils.exception.CloudRuntimeException; import com.cloud.vm.DomainRouterVO; import com.cloud.vm.NicProfile; import com.cloud.vm.ReservationContext; @@ -206,7 +205,7 @@ StaticNatServiceProvider, IpDeployer { return false; } - HostVO host = _hostDao.findById(vm.getVirtualMachine().getHostId()); + final HostVO host = _hostDao.findById(vm.getVirtualMachine().getHostId()); _ovsTunnelMgr.checkAndRemoveHostFromTunnelNetwork(network, host); return true; } @@ -258,10 +257,10 @@ StaticNatServiceProvider, IpDeployer { } private static Map> setCapabilities() { - Map> capabilities = new HashMap>(); + final Map> capabilities = new HashMap>(); // L2 Support : SDN provisioning - Map connectivityCapabilities = new HashMap(); + final Map connectivityCapabilities = new HashMap(); connectivityCapabilities.put(Capability.DistributedRouter, null); connectivityCapabilities.put(Capability.StretchedL2Subnet, null); connectivityCapabilities.put(Capability.RegionLevelVpc, null); @@ -276,7 +275,7 @@ StaticNatServiceProvider, IpDeployer { // L3 support : Load Balancer // Set capabilities for LB service - Map lbCapabilities = new HashMap(); + final Map lbCapabilities = new HashMap(); lbCapabilities.put(Capability.SupportedLBAlgorithms, "roundrobin,leastconn,source"); lbCapabilities.put(Capability.SupportedLBIsolation, "dedicated"); lbCapabilities.put(Capability.SupportedProtocols, "tcp, udp"); @@ -290,7 +289,7 @@ StaticNatServiceProvider, IpDeployer { public static String getHAProxyStickinessCapability() { LbStickinessMethod method; - List methodList = new ArrayList(1); + final List methodList = new ArrayList(1); method = new LbStickinessMethod(StickinessMethodType.LBCookieBased, "This is loadbalancer cookie based stickiness method."); method.addParam("cookie-name", false, "Cookie name passed in http header by the LB to the client.", false); @@ -381,14 +380,14 @@ StaticNatServiceProvider, IpDeployer { " example: expire=30m 20s 50h 4d. Default value:3h", false); methodList.add(method); - Gson gson = new Gson(); - String capability = gson.toJson(methodList); + final Gson gson = new Gson(); + final String capability = gson.toJson(methodList); return capability; } @Override public List> getCommands() { - List> cmdList = new ArrayList>(); + final List> cmdList = new ArrayList>(); return cmdList; } @@ -428,15 +427,16 @@ StaticNatServiceProvider, IpDeployer { final List ipAddress, final Set services) throws ResourceUnavailableException { boolean canHandle = true; - for (Service service : services) { + for (final Service service : services) { // check if Ovs can handle services except SourceNat & Firewall if (!canHandle(network, service) && service != Service.SourceNat && service != Service.Firewall) { canHandle = false; break; } } + boolean result = true; if (canHandle) { - List routers = _routerDao.listByNetworkAndRole( + final List routers = _routerDao.listByNetworkAndRole( network.getId(), Role.VIRTUAL_ROUTER); if (routers == null || routers.isEmpty()) { s_logger.debug("Virtual router element doesn't need to associate ip addresses on the backend; virtual " @@ -445,13 +445,14 @@ StaticNatServiceProvider, IpDeployer { return true; } - DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); - NetworkTopology networkTopology = _networkTopologyContext.retrieveNetworkTopology(dcVO); + final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); + final NetworkTopology networkTopology = _networkTopologyContext.retrieveNetworkTopology(dcVO); - return networkTopology.associatePublicIP(network, ipAddress, routers); - } else { - return false; + for (final DomainRouterVO domainRouterVO : routers) { + result = result && networkTopology.associatePublicIP(network, ipAddress, domainRouterVO); + } } + return result; } @Override @@ -460,7 +461,7 @@ StaticNatServiceProvider, IpDeployer { if (!canHandle(network, Service.StaticNat)) { return false; } - List routers = _routerDao.listByNetworkAndRole( + final List routers = _routerDao.listByNetworkAndRole( network.getId(), Role.VIRTUAL_ROUTER); if (routers == null || routers.isEmpty()) { s_logger.debug("Ovs element doesn't need to apply static nat on the backend; virtual " @@ -468,10 +469,13 @@ StaticNatServiceProvider, IpDeployer { return true; } - DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); - NetworkTopology networkTopology = _networkTopologyContext.retrieveNetworkTopology(dcVO); - - return networkTopology.applyStaticNats(network, rules, routers); + final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); + final NetworkTopology networkTopology = _networkTopologyContext.retrieveNetworkTopology(dcVO); + boolean result = true; + for (final DomainRouterVO domainRouterVO : routers) { + result = result && networkTopology.applyStaticNats(network, rules, domainRouterVO); + } + return result; } @Override @@ -480,7 +484,7 @@ StaticNatServiceProvider, IpDeployer { if (!canHandle(network, Service.PortForwarding)) { return false; } - List routers = _routerDao.listByNetworkAndRole( + final List routers = _routerDao.listByNetworkAndRole( network.getId(), Role.VIRTUAL_ROUTER); if (routers == null || routers.isEmpty()) { s_logger.debug("Ovs element doesn't need to apply firewall rules on the backend; virtual " @@ -488,21 +492,25 @@ StaticNatServiceProvider, IpDeployer { return true; } - DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); - NetworkTopology networkTopology = _networkTopologyContext.retrieveNetworkTopology(dcVO); - - return networkTopology.applyFirewallRules(network, rules, routers); + boolean result = true; + final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); + final NetworkTopology networkTopology = _networkTopologyContext.retrieveNetworkTopology(dcVO); + for (final DomainRouterVO domainRouterVO : routers) { + result = result && networkTopology.applyFirewallRules(network, rules, domainRouterVO); + } + return result; } @Override public boolean applyLBRules(final Network network, final List rules) throws ResourceUnavailableException { + boolean result = true; if (canHandle(network, Service.Lb)) { if (!canHandleLbRules(rules)) { return false; } - List routers = _routerDao.listByNetworkAndRole( + final List routers = _routerDao.listByNetworkAndRole( network.getId(), Role.VIRTUAL_ROUTER); if (routers == null || routers.isEmpty()) { s_logger.debug("Virtual router elemnt doesn't need to apply firewall rules on the backend; virtual " @@ -511,27 +519,25 @@ StaticNatServiceProvider, IpDeployer { return true; } - DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); - NetworkTopology networkTopology = _networkTopologyContext.retrieveNetworkTopology(dcVO); + final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); + final NetworkTopology networkTopology = _networkTopologyContext.retrieveNetworkTopology(dcVO); - if (!networkTopology.applyLoadBalancingRules(network, rules, routers)) { - throw new CloudRuntimeException( - "Failed to apply load balancing rules in network " - + network.getId()); - } else { - return true; + for (final DomainRouterVO domainRouterVO : routers) { + result = result && networkTopology.applyLoadBalancingRules(network, rules, domainRouterVO); + if (!result) { + s_logger.debug("Failed to apply load balancing rules in network " + network.getId()); + } } - } else { - return false; } + return result; } @Override public boolean validateLBRule(final Network network, final LoadBalancingRule rule) { - List rules = new ArrayList(); + final List rules = new ArrayList(); rules.add(rule); if (canHandle(network, Service.Lb) && canHandleLbRules(rules)) { - List routers = _routerDao.listByNetworkAndRole( + final List routers = _routerDao.listByNetworkAndRole( network.getId(), Role.VIRTUAL_ROUTER); if (routers == null || routers.isEmpty()) { return true; @@ -549,11 +555,11 @@ StaticNatServiceProvider, IpDeployer { } private boolean canHandleLbRules(final List rules) { - Map lbCaps = getCapabilities().get(Service.Lb); + final Map lbCaps = getCapabilities().get(Service.Lb); if (!lbCaps.isEmpty()) { - String schemeCaps = lbCaps.get(Capability.LbSchemes); + final String schemeCaps = lbCaps.get(Capability.LbSchemes); if (schemeCaps != null) { - for (LoadBalancingRule rule : rules) { + for (final LoadBalancingRule rule : rules) { if (!schemeCaps.contains(rule.getScheme().toString())) { s_logger.debug("Scheme " + rules.get(0).getScheme() + " is not supported by the provider " @@ -567,10 +573,10 @@ StaticNatServiceProvider, IpDeployer { } public static boolean validateHAProxyLBRule(final LoadBalancingRule rule) { - String timeEndChar = "dhms"; + final String timeEndChar = "dhms"; - for (LbStickinessPolicy stickinessPolicy : rule.getStickinessPolicies()) { - List> paramsList = stickinessPolicy + for (final LbStickinessPolicy stickinessPolicy : rule.getStickinessPolicies()) { + final List> paramsList = stickinessPolicy .getParams(); if (StickinessMethodType.LBCookieBased.getName().equalsIgnoreCase( @@ -582,9 +588,9 @@ StaticNatServiceProvider, IpDeployer { String expire = "30m"; // optional /* overwrite default values with the stick parameters */ - for (Pair paramKV : paramsList) { - String key = paramKV.first(); - String value = paramKV.second(); + for (final Pair paramKV : paramsList) { + final String key = paramKV.first(); + final String value = paramKV.second(); if ("tablesize".equalsIgnoreCase(key)) { tablesize = value; } @@ -592,14 +598,14 @@ StaticNatServiceProvider, IpDeployer { expire = value; } } - if ((expire != null) + if (expire != null && !containsOnlyNumbers(expire, timeEndChar)) { throw new InvalidParameterValueException( "Failed LB in validation rule id: " + rule.getId() + " Cause: expire is not in timeformat: " + expire); } - if ((tablesize != null) + if (tablesize != null && !containsOnlyNumbers(tablesize, "kmg")) { throw new InvalidParameterValueException( "Failed LB in validation rule id: " @@ -613,9 +619,9 @@ StaticNatServiceProvider, IpDeployer { String length = null; // optional String holdTime = null; // optional - for (Pair paramKV : paramsList) { - String key = paramKV.first(); - String value = paramKV.second(); + for (final Pair paramKV : paramsList) { + final String key = paramKV.first(); + final String value = paramKV.second(); if ("length".equalsIgnoreCase(key)) { length = value; } @@ -624,15 +630,15 @@ StaticNatServiceProvider, IpDeployer { } } - if ((length != null) && (!containsOnlyNumbers(length, null))) { + if (length != null && !containsOnlyNumbers(length, null)) { throw new InvalidParameterValueException( "Failed LB in validation rule id: " + rule.getId() + " Cause: length is not a number: " + length); } - if ((holdTime != null) - && (!containsOnlyNumbers(holdTime, timeEndChar) && !containsOnlyNumbers( - holdTime, null))) { + if (holdTime != null + && !containsOnlyNumbers(holdTime, timeEndChar) && !containsOnlyNumbers( + holdTime, null)) { throw new InvalidParameterValueException( "Failed LB in validation rule id: " + rule.getId() + " Cause: holdtime is not in timeformat: " @@ -661,8 +667,8 @@ StaticNatServiceProvider, IpDeployer { return false; // atleast one numeric and one char. example: } // 3h - char strEnd = str.toCharArray()[str.length() - 1]; - for (char c : endChar.toCharArray()) { + final char strEnd = str.toCharArray()[str.length() - 1]; + for (final char c : endChar.toCharArray()) { if (strEnd == c) { number = str.substring(0, str.length() - 1); matchedEndChar = true; @@ -675,7 +681,7 @@ StaticNatServiceProvider, IpDeployer { } try { Integer.parseInt(number); - } catch (NumberFormatException e) { + } catch (final NumberFormatException e) { return false; } return true; diff --git a/python/lib/cloudutils/globalEnv.py b/python/lib/cloudutils/globalEnv.py index 106e3bb0b0a..f3a40b76fc9 100644 --- a/python/lib/cloudutils/globalEnv.py +++ b/python/lib/cloudutils/globalEnv.py @@ -5,9 +5,9 @@ # to you under the Apache License, Version 2.0 (the # "License"); you may not use this file except in compliance # with the License. You may obtain a copy of the License at -# +# # http://www.apache.org/licenses/LICENSE-2.0 -# +# # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY @@ -20,6 +20,8 @@ class globalEnv: self.mode = None #server mode: normal/mycloud self.svrMode = None + #noStart: do not start mgmt server after configuration? + self.noStart = False #myCloud/Agent/Console self.agentMode = None #Tomcat6/Tomcat7 diff --git a/python/lib/cloudutils/serviceConfigServer.py b/python/lib/cloudutils/serviceConfigServer.py index 4d45b13176d..7812fff4f73 100644 --- a/python/lib/cloudutils/serviceConfigServer.py +++ b/python/lib/cloudutils/serviceConfigServer.py @@ -5,9 +5,9 @@ # to you under the Apache License, Version 2.0 (the # "License"); you may not use this file except in compliance # with the License. You may obtain a copy of the License at -# +# # http://www.apache.org/licenses/LICENSE-2.0 -# +# # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY @@ -25,7 +25,7 @@ class cloudManagementConfig(serviceCfgBase): def __init__(self, syscfg): super(cloudManagementConfig, self).__init__(syscfg) self.serviceName = "CloudStack Management Server" - + def config(self): def checkHostName(): ret = bash("hostname --fqdn") @@ -46,7 +46,7 @@ class cloudManagementConfig(serviceCfgBase): dbPass = None dbName = cfo.getEntry("db.cloud.name") db = Database(dbUser, dbPass, dbHost, dbPort, dbName) - + try: db.testConnection() except CloudRuntimeException, e: @@ -56,27 +56,27 @@ class cloudManagementConfig(serviceCfgBase): try: statement = """ UPDATE configuration SET value='%s' WHERE name='%s'""" - + db.execute(statement%('true','use.local.storage')) db.execute(statement%('20','max.template.iso.size')) - + statement = """ UPDATE vm_template SET url='%s',checksum='%s' WHERE id='%s' """ db.execute(statement%('https://rightscale-cloudstack.s3.amazonaws.com/kvm/RightImage_CentOS_5.4_x64_v5.6.28.qcow2.bz2', '90fcd2fa4d3177e31ff296cecb9933b7', '4')) - + statement="""UPDATE disk_offering set use_local_storage=1""" db.execute(statement) except: raise e - + #add DNAT 443 to 8250 if not bash("iptables-save |grep PREROUTING | grep 8250").isSuccess(): bash("iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 8250 ") - + #generate keystore keyPath = "/var/cloudstack/management/web.keystore" if not os.path.exists(keyPath): cmd = bash("keytool -genkey -keystore %s -storepass \"cloud.com\" -keypass \"cloud.com\" -validity 3650 -dname cn=\"Cloudstack User\",ou=\"mycloud.cloud.com\",o=\"mycloud.cloud.com\",c=\"Unknown\""%keyPath) - + if not cmd.isSuccess(): raise CloudInternalException(cmd.getErrMsg()) if not self.syscfg.env.svrConf == "Tomcat7": @@ -129,7 +129,7 @@ class cloudManagementConfig(serviceCfgBase): cfo.add_lines("cloud soft nproc -1\n") cfo.add_lines("cloud hard nproc -1\n") cfo.save() - + try: if self.syscfg.env.svrConf == "Tomcat7": self.syscfg.svo.disableService("tomcat") @@ -137,9 +137,14 @@ class cloudManagementConfig(serviceCfgBase): self.syscfg.svo.disableService("tomcat6") except: pass - + self.syscfg.svo.stopService("cloudstack-management") - if self.syscfg.svo.enableService("cloudstack-management"): - return True + + if self.syscfg.env.noStart == False: + if self.syscfg.svo.enableService("cloudstack-management"): + return True + else: + raise CloudRuntimeException("Failed to configure %s, please see the /var/log/cloudstack/management/setupManagement.log for detail"%self.serviceName) else: - raise CloudRuntimeException("Failed to configure %s, please see the /var/log/cloudstack/management/setupManagement.log for detail"%self.serviceName) + print "Configured successfully, but not starting management server." + return True diff --git a/server/src/com/cloud/network/element/VirtualRouterElement.java b/server/src/com/cloud/network/element/VirtualRouterElement.java index ce96b14cd55..ef6c6f97f0b 100644 --- a/server/src/com/cloud/network/element/VirtualRouterElement.java +++ b/server/src/com/cloud/network/element/VirtualRouterElement.java @@ -94,7 +94,6 @@ import com.cloud.utils.component.AdapterBase; import com.cloud.utils.crypt.DBEncryptionUtil; import com.cloud.utils.db.QueryBuilder; import com.cloud.utils.db.SearchCriteria.Op; -import com.cloud.utils.exception.CloudRuntimeException; import com.cloud.utils.net.NetUtils; import com.cloud.vm.DomainRouterVO; import com.cloud.vm.NicProfile; @@ -259,6 +258,7 @@ NetworkMigrationResponder, AggregatedCommandExecutor { @Override public boolean applyFWRules(final Network network, final List rules) throws ResourceUnavailableException { + boolean result = true; if (canHandle(network, Service.Firewall)) { final List routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER); if (routers == null || routers.isEmpty()) { @@ -278,14 +278,11 @@ NetworkMigrationResponder, AggregatedCommandExecutor { final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); - if (!networkTopology.applyFirewallRules(network, rules, routers)) { - throw new CloudRuntimeException("Failed to apply firewall rules in network " + network.getId()); - } else { - return true; + for (final DomainRouterVO domainRouterVO : routers) { + result = result && networkTopology.applyFirewallRules(network, rules, domainRouterVO); } - } else { - return true; } + return result; } /* @@ -402,6 +399,7 @@ NetworkMigrationResponder, AggregatedCommandExecutor { @Override public boolean applyLBRules(final Network network, final List rules) throws ResourceUnavailableException { + boolean result = true; if (canHandle(network, Service.Lb)) { if (!canHandleLbRules(rules)) { return false; @@ -416,14 +414,11 @@ NetworkMigrationResponder, AggregatedCommandExecutor { final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); - if (!networkTopology.applyLoadBalancingRules(network, rules, routers)) { - throw new CloudRuntimeException("Failed to apply load balancing rules in network " + network.getId()); - } else { - return true; + for (final DomainRouterVO domainRouterVO : routers) { + result = result && networkTopology.applyLoadBalancingRules(network, rules, domainRouterVO); } - } else { - return false; } + return result; } @Override @@ -499,6 +494,7 @@ NetworkMigrationResponder, AggregatedCommandExecutor { break; } } + boolean result = true; if (canHandle) { final List routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER); if (routers == null || routers.isEmpty()) { @@ -509,10 +505,11 @@ NetworkMigrationResponder, AggregatedCommandExecutor { final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); - return networkTopology.associatePublicIP(network, ipAddress, routers); - } else { - return false; + for (final DomainRouterVO domainRouterVO : routers) { + result = result && networkTopology.associatePublicIP(network, ipAddress, domainRouterVO); + } } + return result; } @Override @@ -656,6 +653,7 @@ NetworkMigrationResponder, AggregatedCommandExecutor { @Override public boolean applyStaticNats(final Network network, final List rules) throws ResourceUnavailableException { + boolean result = true; if (canHandle(network, Service.StaticNat)) { final List routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER); if (routers == null || routers.isEmpty()) { @@ -666,10 +664,11 @@ NetworkMigrationResponder, AggregatedCommandExecutor { final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); - return networkTopology.applyStaticNats(network, rules, routers); - } else { - return true; + for (final DomainRouterVO domainRouterVO : routers) { + result = result && networkTopology.applyStaticNats(network, rules, domainRouterVO); + } } + return result; } @Override @@ -678,20 +677,21 @@ NetworkMigrationResponder, AggregatedCommandExecutor { if (routers == null || routers.isEmpty()) { return true; } - boolean result = true; + boolean stopResult = true; + boolean destroyResult = true; for (final DomainRouterVO router : routers) { - result = result && _routerMgr.stop(router, false, context.getCaller(), context.getAccount()) != null; + stopResult = stopResult && _routerMgr.stop(router, false, context.getCaller(), context.getAccount()) != null; + if (!stopResult) { + s_logger.warn("Failed to stop virtual router element " + router + ", but would try to process clean up anyway."); + } if (cleanup) { - if (!result) { - s_logger.warn("Failed to stop virtual router element " + router + ", but would try to process clean up anyway."); - } - result = _routerMgr.destroyRouter(router.getId(), context.getAccount(), context.getCaller().getId()) != null; - if (!result) { + destroyResult = destroyResult && _routerMgr.destroyRouter(router.getId(), context.getAccount(), context.getCaller().getId()) != null; + if (!destroyResult) { s_logger.warn("Failed to clean up virtual router element " + router); } } } - return result; + return stopResult & destroyResult; } @Override @@ -732,7 +732,7 @@ NetworkMigrationResponder, AggregatedCommandExecutor { // save the password in DB for (final VirtualRouter router : routers) { if (router.getState() == State.Running) { - return networkTopology.savePasswordToRouter(network, nic, uservm, routers); + return networkTopology.savePasswordToRouter(network, nic, uservm, router); } } final String password = (String) uservm.getParameter(VirtualMachineProfile.Param.VmPassword); @@ -765,7 +765,11 @@ NetworkMigrationResponder, AggregatedCommandExecutor { final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); - return networkTopology.saveSSHPublicKeyToRouter(network, nic, uservm, routers, sshPublicKey); + boolean result = true; + for (final DomainRouterVO domainRouterVO : routers) { + result = result && networkTopology.saveSSHPublicKeyToRouter(network, nic, uservm, domainRouterVO, sshPublicKey); + } + return result; } @Override @@ -784,7 +788,11 @@ NetworkMigrationResponder, AggregatedCommandExecutor { final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); - return networkTopology.saveUserDataToRouter(network, nic, uservm, routers); + boolean result = true; + for (final DomainRouterVO domainRouterVO : routers) { + result = result && networkTopology.saveUserDataToRouter(network, nic, uservm, domainRouterVO); + } + return result; } @Override @@ -841,6 +849,7 @@ NetworkMigrationResponder, AggregatedCommandExecutor { @Override public boolean applyPFRules(final Network network, final List rules) throws ResourceUnavailableException { + boolean result = true; if (canHandle(network, Service.PortForwarding)) { final List routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER); if (routers == null || routers.isEmpty()) { @@ -851,14 +860,11 @@ NetworkMigrationResponder, AggregatedCommandExecutor { final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); - if (!networkTopology.applyFirewallRules(network, rules, routers)) { - throw new CloudRuntimeException("Failed to apply firewall rules in network " + network.getId()); - } else { - return true; + for (final DomainRouterVO domainRouterVO : routers) { + result = result && networkTopology.applyFirewallRules(network, rules, domainRouterVO); } - } else { - return true; } + return result; } @Override @@ -957,13 +963,13 @@ NetworkMigrationResponder, AggregatedCommandExecutor { @Override public boolean addDhcpEntry(final Network network, final NicProfile nic, final VirtualMachineProfile vm, final DeployDestination dest, final ReservationContext context) throws ConcurrentOperationException, InsufficientCapacityException, ResourceUnavailableException { + boolean result = true; if (canHandle(network, Service.Dhcp)) { if (vm.getType() != VirtualMachine.Type.User) { return false; } final VirtualMachineProfile uservm = vm; - final List routers = getRouters(network, dest); if (routers == null || routers.size() == 0) { @@ -973,14 +979,17 @@ NetworkMigrationResponder, AggregatedCommandExecutor { final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); - return networkTopology.applyDhcpEntry(network, nic, uservm, dest, routers); + for (final DomainRouterVO domainRouterVO : routers) { + result = result && networkTopology.applyDhcpEntry(network, nic, uservm, dest, domainRouterVO); + } } - return false; + return result; } @Override public boolean addPasswordAndUserdata(final Network network, final NicProfile nic, final VirtualMachineProfile vm, final DeployDestination dest, final ReservationContext context) throws ConcurrentOperationException, InsufficientCapacityException, ResourceUnavailableException { + boolean result = true; if (canHandle(network, Service.UserData)) { if (vm.getType() != VirtualMachine.Type.User) { return false; @@ -1002,9 +1011,11 @@ NetworkMigrationResponder, AggregatedCommandExecutor { final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); - return networkTopology.applyUserData(network, nic, uservm, dest, routers); + for (final DomainRouterVO domainRouterVO : routers) { + result = result && networkTopology.applyUserData(network, nic, uservm, dest, domainRouterVO); + } } - return false; + return result; } protected List getRouters(final Network network, final DeployDestination dest) { diff --git a/server/src/com/cloud/network/element/VpcVirtualRouterElement.java b/server/src/com/cloud/network/element/VpcVirtualRouterElement.java index 8d25ae9c0d5..6ef2ed36faf 100644 --- a/server/src/com/cloud/network/element/VpcVirtualRouterElement.java +++ b/server/src/com/cloud/network/element/VpcVirtualRouterElement.java @@ -16,6 +16,8 @@ // under the License. package com.cloud.network.element; +import java.util.ArrayList; +import java.util.Arrays; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -112,8 +114,7 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc @Qualifier("vpcNetworkHelper") private VpcNetworkHelperImpl _vpcNetWprkHelper; - @Inject - private RouterDeploymentDefinitionBuilder routerDeploymentDefinitionBuilder; + @Inject RouterDeploymentDefinitionBuilder routerDeploymentDefinitionBuilder; @Override protected boolean canHandle(final Network network, final Service service) { @@ -274,13 +275,13 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc @Override public boolean shutdown(final Network network, final ReservationContext context, final boolean cleanup) throws ConcurrentOperationException, ResourceUnavailableException { - boolean success = true; final Long vpcId = network.getVpcId(); if (vpcId == null) { s_logger.debug("Network " + network + " doesn't belong to any vpc, so skipping unplug nic part"); - return success; + return true; } + boolean success = true; final List routers = _routerDao.listByVpcId(vpcId); for (final VirtualRouter router : routers) { // 1) Check if router is already a part of the network @@ -302,13 +303,13 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc @Override public boolean destroy(final Network config, final ReservationContext context) throws ConcurrentOperationException, ResourceUnavailableException { - boolean success = true; final Long vpcId = config.getVpcId(); if (vpcId == null) { s_logger.debug("Network " + config + " doesn't belong to any vpc, so skipping unplug nic part"); - return success; + return true; } + boolean success = true; final List routers = _routerDao.listByVpcId(vpcId); for (final VirtualRouter router : routers) { // 1) Check if router is already a part of the network @@ -410,7 +411,7 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc public boolean createPrivateGateway(final PrivateGateway gateway) throws ConcurrentOperationException, ResourceUnavailableException { if (gateway.getType() != VpcGateway.Type.Private) { s_logger.warn("Type of vpc gateway is not " + VpcGateway.Type.Private); - return false; + return true; } final List routers = _vpcRouterMgr.getVpcRouters(gateway.getVpcId()); @@ -424,25 +425,23 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc final DataCenterVO dcVO = _dcDao.findById(gateway.getZoneId()); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); + boolean result = true; + final Network network = _networkDao.findById(gateway.getNetworkId()); + final boolean isPrivateGateway = true; + for (final DomainRouterVO domainRouterVO : routers) { if (networkTopology.setupPrivateGateway(gateway, domainRouterVO)) { try { final List rules = _networkACLItemDao.listByACL(gateway.getNetworkACLId()); - if (!applyACLItemsToPrivateGw(gateway, rules)) { - s_logger.debug("Failed to apply network acl id " + gateway.getNetworkACLId() + " on gateway "); - return false; - } + result = result && networkTopology.applyNetworkACLs(network, rules, domainRouterVO, isPrivateGateway); } catch (final Exception ex) { s_logger.debug("Failed to apply network acl id " + gateway.getNetworkACLId() + " on gateway "); return false; } - } else { - s_logger.debug("Failed to setup private gateway " + gateway); - return false; } } - return true; + return result; } @Override @@ -479,25 +478,28 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc break; } } + boolean result = true; if (canHandle) { final List routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER); if (routers == null || routers.isEmpty()) { s_logger.debug(getName() + " element doesn't need to associate ip addresses on the backend; VPC virtual " + "router doesn't exist in the network " + network.getId()); - return true; + return false; } final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); - return networkTopology.associatePublicIP(network, ipAddress, routers); - } else { - return false; + for (final DomainRouterVO domainRouterVO : routers) { + result = result && networkTopology.associatePublicIP(network, ipAddress, domainRouterVO); + } } + return result; } @Override public boolean applyNetworkACLs(final Network network, final List rules) throws ResourceUnavailableException { + boolean result = true; if (canHandle(network, Service.NetworkACL)) { final List routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER); if (routers == null || routers.isEmpty()) { @@ -508,19 +510,15 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); - try { - if (!networkTopology.applyNetworkACLs(network, rules, routers, false)) { - return false; - } else { - return true; + for (final DomainRouterVO domainRouterVO : routers) { + try { + result = result && networkTopology.applyNetworkACLs(network, rules, domainRouterVO, false); + } catch (final Exception ex) { + s_logger.debug("Failed to apply network acl in network " + network.getId()); } - } catch (final Exception ex) { - s_logger.debug("Failed to apply network acl in network " + network.getId()); - return false; } - } else { - return true; } + return result; } @Override @@ -561,11 +559,11 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); - if (!networkTopology.applyNetworkACLs(network, rules, routers, isPrivateGateway)) { - throw new CloudRuntimeException("Failed to apply network acl in network " + network.getId()); - } else { - return true; + boolean result = true; + for (final DomainRouterVO domainRouterVO : routers) { + result = result && networkTopology.applyNetworkACLs(network, rules, domainRouterVO, isPrivateGateway); } + return result; } @Override @@ -633,24 +631,31 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc @Override public String[] applyVpnUsers(final RemoteAccessVpn vpn, final List users) throws ResourceUnavailableException { - if (vpn.getVpcId() == null) { + final Long vpcId = vpn.getVpcId(); + if (vpcId == null) { return null; } - final List routers = _vpcRouterMgr.getVpcRouters(vpn.getVpcId()); + final List routers = _vpcRouterMgr.getVpcRouters(vpcId); if (routers == null) { - s_logger.debug("Cannot apply vpn users on the backend; virtual router doesn't exist in the network " + vpn.getVpcId()); + s_logger.debug("Cannot apply vpn users on the backend; virtual router doesn't exist in the network " + vpcId); return null; } - final Vpc vpc = _entityMgr.findById(Vpc.class, vpn.getVpcId()); + final Vpc vpc = _entityMgr.findById(Vpc.class, vpcId); final DataCenterVO dcVO = _dcDao.findById(vpc.getZoneId()); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); String[] result = null; + final List combinedResults = new ArrayList(); for (final DomainRouterVO domainRouterVO : routers) { result = networkTopology.applyVpnUsers(vpn, users, domainRouterVO); + combinedResults.addAll(Arrays.asList(result)); } + result = new String[combinedResults.size()]; + final Object [] resultCast = combinedResults.toArray(); + System.arraycopy(resultCast, 0, result, 0, resultCast.length); + return result; } diff --git a/server/src/com/cloud/network/router/NicProfileHelper.java b/server/src/com/cloud/network/router/NicProfileHelper.java index db42abf7c4d..580d78beec1 100644 --- a/server/src/com/cloud/network/router/NicProfileHelper.java +++ b/server/src/com/cloud/network/router/NicProfileHelper.java @@ -24,8 +24,7 @@ import com.cloud.vm.NicProfile; public interface NicProfileHelper { - public abstract NicProfile createPrivateNicProfileForGateway( - VpcGateway privateGateway); + public abstract NicProfile createPrivateNicProfileForGateway(final VpcGateway privateGateway, final VirtualRouter router); public abstract NicProfile createGuestNicProfileForVpcRouter(final RouterDeploymentDefinition vpcRouterDeploymentDefinition, Network guestNetwork); diff --git a/server/src/com/cloud/network/router/NicProfileHelperImpl.java b/server/src/com/cloud/network/router/NicProfileHelperImpl.java index 09e52119dc4..7d8c19ab09b 100644 --- a/server/src/com/cloud/network/router/NicProfileHelperImpl.java +++ b/server/src/com/cloud/network/router/NicProfileHelperImpl.java @@ -31,6 +31,7 @@ import com.cloud.network.Networks.AddressFormat; import com.cloud.network.Networks.BroadcastDomainType; import com.cloud.network.vpc.PrivateIpAddress; import com.cloud.network.vpc.PrivateIpVO; +import com.cloud.network.vpc.Vpc; import com.cloud.network.vpc.VpcGateway; import com.cloud.network.vpc.VpcManager; import com.cloud.network.vpc.dao.PrivateIpDao; @@ -38,7 +39,6 @@ import com.cloud.utils.db.DB; import com.cloud.utils.net.NetUtils; import com.cloud.vm.Nic; import com.cloud.vm.NicProfile; -import com.cloud.vm.VirtualMachine; import com.cloud.vm.dao.NicDao; import com.cloud.vm.dao.VMInstanceDao; @@ -61,19 +61,25 @@ public class NicProfileHelperImpl implements NicProfileHelper { @Override @DB - public NicProfile createPrivateNicProfileForGateway(final VpcGateway privateGateway) { + public NicProfile createPrivateNicProfileForGateway(final VpcGateway privateGateway, final VirtualRouter router) { final Network privateNetwork = _networkModel.getNetwork(privateGateway.getNetworkId()); - final PrivateIpVO ipVO = _privateIpDao.allocateIpAddress(privateNetwork.getDataCenterId(), privateNetwork.getId(), privateGateway.getIp4Address()); + PrivateIpVO ipVO = _privateIpDao.allocateIpAddress(privateNetwork.getDataCenterId(), privateNetwork.getId(), privateGateway.getIp4Address()); + + final Long vpcId = privateGateway.getVpcId(); + final Vpc activeVpc = _vpcMgr.getActiveVpc(vpcId); + if (activeVpc.isRedundant() && ipVO == null) { + ipVO = _privateIpDao.findByIpAndVpcId(vpcId, privateGateway.getIp4Address()); + } + final Nic privateNic = _nicDao.findByIp4AddressAndNetworkId(ipVO.getIpAddress(), privateNetwork.getId()); NicProfile privateNicProfile = new NicProfile(); if (privateNic != null) { - final VirtualMachine vm = _vmDao.findById(privateNic.getInstanceId()); privateNicProfile = new NicProfile(privateNic, privateNetwork, privateNic.getBroadcastUri(), privateNic.getIsolationUri(), _networkModel.getNetworkRate( - privateNetwork.getId(), vm.getId()), _networkModel.isSecurityGroupSupportedInNetwork(privateNetwork), _networkModel.getNetworkTag( - vm.getHypervisorType(), privateNetwork)); + privateNetwork.getId(), router.getId()), _networkModel.isSecurityGroupSupportedInNetwork(privateNetwork), _networkModel.getNetworkTag( + router.getHypervisorType(), privateNetwork)); } else { final String netmask = NetUtils.getCidrNetmask(privateNetwork.getCidr()); final PrivateIpAddress ip = diff --git a/server/src/com/cloud/network/router/VpcNetworkHelperImpl.java b/server/src/com/cloud/network/router/VpcNetworkHelperImpl.java index 2b008bd28aa..8b1d9fe9852 100644 --- a/server/src/com/cloud/network/router/VpcNetworkHelperImpl.java +++ b/server/src/com/cloud/network/router/VpcNetworkHelperImpl.java @@ -93,7 +93,7 @@ public class VpcNetworkHelperImpl extends NetworkHelperImpl { final List privateGateways = vpcMgr.getVpcPrivateGateways(vpcId); if (privateGateways != null && !privateGateways.isEmpty()) { for (final PrivateGateway privateGateway : privateGateways) { - final NicProfile privateNic = nicProfileHelper.createPrivateNicProfileForGateway(privateGateway); + final NicProfile privateNic = nicProfileHelper.createPrivateNicProfileForGateway(privateGateway, router); final Network privateNetwork = _networkModel.getNetwork(privateGateway.getNetworkId()); networks.put(privateNetwork, new ArrayList(Arrays.asList(privateNic))); } diff --git a/server/src/com/cloud/network/rules/PrivateGatewayRules.java b/server/src/com/cloud/network/rules/PrivateGatewayRules.java index 17d90ead9e5..91f629cebdc 100644 --- a/server/src/com/cloud/network/rules/PrivateGatewayRules.java +++ b/server/src/com/cloud/network/rules/PrivateGatewayRules.java @@ -54,18 +54,18 @@ public class PrivateGatewayRules extends RuleApplier { boolean result = false; try { - NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel(); + final NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel(); _network = networkModel.getNetwork(_privateGateway.getNetworkId()); - NicProfileHelper nicProfileHelper = visitor.getVirtualNetworkApplianceFactory().getNicProfileHelper(); - NicProfile requested = nicProfileHelper.createPrivateNicProfileForGateway(_privateGateway); + final NicProfileHelper nicProfileHelper = visitor.getVirtualNetworkApplianceFactory().getNicProfileHelper(); + final NicProfile requested = nicProfileHelper.createPrivateNicProfileForGateway(_privateGateway, _router); - NetworkHelper networkHelper = visitor.getVirtualNetworkApplianceFactory().getNetworkHelper(); + final NetworkHelper networkHelper = visitor.getVirtualNetworkApplianceFactory().getNetworkHelper(); if (!networkHelper.checkRouterVersion(_router)) { s_logger.warn("Router requires upgrade. Unable to send command to router: " + _router.getId()); return false; } - VirtualMachineManager itMgr = visitor.getVirtualNetworkApplianceFactory().getItMgr(); + final VirtualMachineManager itMgr = visitor.getVirtualNetworkApplianceFactory().getItMgr(); _nicProfile = itMgr.addVmToNetwork(_router, _network, requested); // setup source nat @@ -74,13 +74,13 @@ public class PrivateGatewayRules extends RuleApplier { // result = setupVpcPrivateNetwork(router, true, guestNic); result = visitor.visit(this); } - } catch (Exception ex) { + } catch (final Exception ex) { s_logger.warn("Failed to create private gateway " + _privateGateway + " on router " + _router + " due to ", ex); } finally { if (!result) { s_logger.debug("Failed to setup gateway " + _privateGateway + " on router " + _router + " with the source nat. Will now remove the gateway."); _isAddOperation = false; - boolean isRemoved = destroyPrivateGateway(visitor); + final boolean isRemoved = destroyPrivateGateway(visitor); if (isRemoved) { s_logger.debug("Removed the gateway " + _privateGateway + " from router " + _router + " as a part of cleanup"); @@ -101,7 +101,7 @@ public class PrivateGatewayRules extends RuleApplier { } public PrivateIpVO retrivePrivateIP(final NetworkTopologyVisitor visitor) { - PrivateIpVO ipVO = visitor.getVirtualNetworkApplianceFactory().getPrivateIpDao().findByIpAndSourceNetworkId(_nicProfile.getNetworkId(), _nicProfile.getIPv4Address()); + final PrivateIpVO ipVO = visitor.getVirtualNetworkApplianceFactory().getPrivateIpDao().findByIpAndSourceNetworkId(_nicProfile.getNetworkId(), _nicProfile.getIPv4Address()); return ipVO; } @@ -110,20 +110,20 @@ public class PrivateGatewayRules extends RuleApplier { // RuleApplier super class. // Just doing this here, but will double check is remove if it's not // needed. - NetworkDao networkDao = visitor.getVirtualNetworkApplianceFactory().getNetworkDao(); - Network network = networkDao.findById(_nicProfile.getNetworkId()); + final NetworkDao networkDao = visitor.getVirtualNetworkApplianceFactory().getNetworkDao(); + final Network network = networkDao.findById(_nicProfile.getNetworkId()); return network; } protected boolean destroyPrivateGateway(final NetworkTopologyVisitor visitor) throws ConcurrentOperationException, ResourceUnavailableException { - NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel(); + final NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel(); if (!networkModel.isVmPartOfNetwork(_router.getId(), _privateGateway.getNetworkId())) { s_logger.debug("Router doesn't have nic for gateway " + _privateGateway + " so no need to removed it"); return true; } - Network privateNetwork = networkModel.getNetwork(_privateGateway.getNetworkId()); + final Network privateNetwork = networkModel.getNetwork(_privateGateway.getNetworkId()); s_logger.debug("Releasing private ip for gateway " + _privateGateway + " from " + _router); @@ -135,14 +135,14 @@ public class PrivateGatewayRules extends RuleApplier { } // revoke network acl on the private gateway. - NetworkACLManager networkACLMgr = visitor.getVirtualNetworkApplianceFactory().getNetworkACLMgr(); + final NetworkACLManager networkACLMgr = visitor.getVirtualNetworkApplianceFactory().getNetworkACLMgr(); if (!networkACLMgr.revokeACLItemsForPrivateGw(_privateGateway)) { s_logger.debug("Failed to delete network acl items on " + _privateGateway + " from router " + _router); return false; } s_logger.debug("Removing router " + _router + " from private network " + privateNetwork + " as a part of delete private gateway"); - VirtualMachineManager itMgr = visitor.getVirtualNetworkApplianceFactory().getItMgr(); + final VirtualMachineManager itMgr = visitor.getVirtualNetworkApplianceFactory().getItMgr(); result = result && itMgr.removeVmFromNetwork(_router, privateNetwork, null); s_logger.debug("Private gateawy " + _privateGateway + " is removed from router " + _router); return result; diff --git a/server/src/org/apache/cloudstack/network/topology/AdvancedNetworkTopology.java b/server/src/org/apache/cloudstack/network/topology/AdvancedNetworkTopology.java index fffac046548..e587c752c26 100644 --- a/server/src/org/apache/cloudstack/network/topology/AdvancedNetworkTopology.java +++ b/server/src/org/apache/cloudstack/network/topology/AdvancedNetworkTopology.java @@ -141,7 +141,7 @@ public class AdvancedNetworkTopology extends BasicNetworkTopology { } @Override - public boolean applyUserData(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final List routers) + public boolean applyUserData(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final DomainRouterVO router) throws ResourceUnavailableException { s_logger.debug("APPLYING VPC USERDATA RULES"); @@ -153,12 +153,12 @@ public class AdvancedNetworkTopology extends BasicNetworkTopology { final UserdataPwdRules pwdRules = new UserdataPwdRules(network, nic, profile, dest); - return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(pwdRules)); + return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(pwdRules)); } @Override public boolean applyDhcpEntry(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, - final List routers) throws ResourceUnavailableException { + final DomainRouterVO router) throws ResourceUnavailableException { s_logger.debug("APPLYING VPC DHCP ENTRY RULES"); @@ -169,11 +169,11 @@ public class AdvancedNetworkTopology extends BasicNetworkTopology { final DhcpEntryRules dhcpRules = new DhcpEntryRules(network, nic, profile, dest); - return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(dhcpRules)); + return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(dhcpRules)); } @Override - public boolean associatePublicIP(final Network network, final List ipAddresses, final List routers) + public boolean associatePublicIP(final Network network, final List ipAddresses, final VirtualRouter router) throws ResourceUnavailableException { if (ipAddresses == null || ipAddresses.isEmpty()) { @@ -182,7 +182,7 @@ public class AdvancedNetworkTopology extends BasicNetworkTopology { } if (network.getVpcId() == null) { - return super.associatePublicIP(network, ipAddresses, routers); + return super.associatePublicIP(network, ipAddresses, router); } s_logger.debug("APPLYING VPC IP RULES"); @@ -193,12 +193,10 @@ public class AdvancedNetworkTopology extends BasicNetworkTopology { final Long podId = null; final NicPlugInOutRules nicPlugInOutRules = new NicPlugInOutRules(network, ipAddresses); - for (final VirtualRouter router : routers) { - nicPlugInOutRules.accept(_advancedVisitor, router); - } + nicPlugInOutRules.accept(_advancedVisitor, router); final VpcIpAssociationRules ipAssociationRules = new VpcIpAssociationRules(network, ipAddresses); - final boolean result = applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(ipAssociationRules)); + final boolean result = applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(ipAssociationRules)); if (result) { _advancedVisitor.visit(nicPlugInOutRules); @@ -208,7 +206,7 @@ public class AdvancedNetworkTopology extends BasicNetworkTopology { } @Override - public boolean applyNetworkACLs(final Network network, final List rules, final List routers, final boolean isPrivateGateway) + public boolean applyNetworkACLs(final Network network, final List rules, final VirtualRouter router, final boolean isPrivateGateway) throws ResourceUnavailableException { if (rules == null || rules.isEmpty()) { @@ -225,6 +223,6 @@ public class AdvancedNetworkTopology extends BasicNetworkTopology { final NetworkAclsRules aclsRules = new NetworkAclsRules(network, rules, isPrivateGateway); - return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(aclsRules)); + return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(aclsRules)); } } \ No newline at end of file diff --git a/server/src/org/apache/cloudstack/network/topology/BasicNetworkTopology.java b/server/src/org/apache/cloudstack/network/topology/BasicNetworkTopology.java index 83b47a0b975..2b8873729d5 100644 --- a/server/src/org/apache/cloudstack/network/topology/BasicNetworkTopology.java +++ b/server/src/org/apache/cloudstack/network/topology/BasicNetworkTopology.java @@ -110,7 +110,7 @@ public class BasicNetworkTopology implements NetworkTopology { } @Override - public boolean applyNetworkACLs(final Network network, final List rules, final List routers, final boolean isPrivateGateway) + public boolean applyNetworkACLs(final Network network, final List rules, final VirtualRouter router, final boolean isPrivateGateway) throws ResourceUnavailableException { throw new CloudRuntimeException("applyNetworkACLs not implemented in Basic Network Topology."); } @@ -140,7 +140,7 @@ public class BasicNetworkTopology implements NetworkTopology { @Override public boolean applyDhcpEntry(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, - final List routers) throws ResourceUnavailableException { + final DomainRouterVO router) throws ResourceUnavailableException { s_logger.debug("APPLYING DHCP ENTRY RULES"); @@ -160,11 +160,11 @@ public class BasicNetworkTopology implements NetworkTopology { final DhcpEntryRules dhcpRules = new DhcpEntryRules(network, nic, profile, dest); - return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(dhcpRules)); + return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(dhcpRules)); } @Override - public boolean applyUserData(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final List routers) + public boolean applyUserData(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final DomainRouterVO router) throws ResourceUnavailableException { s_logger.debug("APPLYING USERDATA RULES"); @@ -182,11 +182,11 @@ public class BasicNetworkTopology implements NetworkTopology { final UserdataPwdRules pwdRules = new UserdataPwdRules(network, nic, profile, dest); - return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(pwdRules)); + return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(pwdRules)); } @Override - public boolean applyLoadBalancingRules(final Network network, final List rules, final List routers) + public boolean applyLoadBalancingRules(final Network network, final List rules, final VirtualRouter router) throws ResourceUnavailableException { if (rules == null || rules.isEmpty()) { @@ -203,11 +203,11 @@ public class BasicNetworkTopology implements NetworkTopology { final LoadBalancingRules loadBalancingRules = new LoadBalancingRules(network, rules); - return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(loadBalancingRules)); + return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(loadBalancingRules)); } @Override - public boolean applyFirewallRules(final Network network, final List rules, final List routers) + public boolean applyFirewallRules(final Network network, final List rules, final VirtualRouter router) throws ResourceUnavailableException { if (rules == null || rules.isEmpty()) { s_logger.debug("No firewall rules to be applied for network " + network.getId()); @@ -223,11 +223,11 @@ public class BasicNetworkTopology implements NetworkTopology { final FirewallRules firewallRules = new FirewallRules(network, rules); - return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(firewallRules)); + return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(firewallRules)); } @Override - public boolean applyStaticNats(final Network network, final List rules, final List routers) throws ResourceUnavailableException { + public boolean applyStaticNats(final Network network, final List rules, final VirtualRouter router) throws ResourceUnavailableException { if (rules == null || rules.isEmpty()) { s_logger.debug("No static nat rules to be applied for network " + network.getId()); return true; @@ -242,11 +242,11 @@ public class BasicNetworkTopology implements NetworkTopology { final StaticNatRules natRules = new StaticNatRules(network, rules); - return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(natRules)); + return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(natRules)); } @Override - public boolean associatePublicIP(final Network network, final List ipAddress, final List routers) + public boolean associatePublicIP(final Network network, final List ipAddress, final VirtualRouter router) throws ResourceUnavailableException { if (ipAddress == null || ipAddress.isEmpty()) { s_logger.debug("No ip association rules to be applied for network " + network.getId()); @@ -262,7 +262,7 @@ public class BasicNetworkTopology implements NetworkTopology { final IpAssociationRules ipAddresses = new IpAssociationRules(network, ipAddress); - return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(ipAddresses)); + return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(ipAddresses)); } @Override @@ -304,7 +304,7 @@ public class BasicNetworkTopology implements NetworkTopology { } @Override - public boolean savePasswordToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final List routers) + public boolean savePasswordToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final VirtualRouter router) throws ResourceUnavailableException { s_logger.debug("SAVE PASSWORD TO ROUTE RULES"); @@ -316,11 +316,11 @@ public class BasicNetworkTopology implements NetworkTopology { final PasswordToRouterRules routerRules = new PasswordToRouterRules(network, nic, profile); - return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(routerRules)); + return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(routerRules)); } @Override - public boolean saveSSHPublicKeyToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final List routers, + public boolean saveSSHPublicKeyToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final VirtualRouter router, final String sshPublicKey) throws ResourceUnavailableException { s_logger.debug("SAVE SSH PUB KEY TO ROUTE RULES"); @@ -331,11 +331,11 @@ public class BasicNetworkTopology implements NetworkTopology { final SshKeyToRouterRules keyToRouterRules = new SshKeyToRouterRules(network, nic, profile, sshPublicKey); - return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(keyToRouterRules)); + return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(keyToRouterRules)); } @Override - public boolean saveUserDataToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final List routers) + public boolean saveUserDataToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final VirtualRouter router) throws ResourceUnavailableException { s_logger.debug("SAVE USERDATA TO ROUTE RULES"); @@ -346,14 +346,14 @@ public class BasicNetworkTopology implements NetworkTopology { final UserdataToRouterRules userdataToRouterRules = new UserdataToRouterRules(network, nic, profile); - return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(userdataToRouterRules)); + return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper(userdataToRouterRules)); } @Override - public boolean applyRules(final Network network, final List routers, final String typeString, final boolean isPodLevelException, final Long podId, + public boolean applyRules(final Network network, final VirtualRouter router, final String typeString, final boolean isPodLevelException, final Long podId, final boolean failWhenDisconnect, final RuleApplierWrapper ruleApplierWrapper) throws ResourceUnavailableException { - if (routers == null || routers.isEmpty()) { + if (router == null) { s_logger.warn("Unable to apply " + typeString + ", virtual router doesn't exist in the network " + network.getId()); throw new ResourceUnavailableException("Unable to apply " + typeString, DataCenter.class, network.getDataCenterId()); } @@ -370,45 +370,43 @@ public class BasicNetworkTopology implements NetworkTopology { final List disconnectedRouters = new ArrayList(); boolean result = true; final String msg = "Unable to apply " + typeString + " on disconnected router "; - for (final VirtualRouter router : routers) { - if (router.getState() == State.Running) { - s_logger.debug("Applying " + typeString + " in network " + network); + if (router.getState() == State.Running) { + s_logger.debug("Applying " + typeString + " in network " + network); - if (router.isStopPending()) { - if (_hostDao.findById(router.getHostId()).getState() == Status.Up) { - throw new ResourceUnavailableException("Unable to process due to the stop pending router " + router.getInstanceName() - + " haven't been stopped after it's host coming back!", DataCenter.class, router.getDataCenterId()); - } - s_logger.debug("Router " + router.getInstanceName() + " is stop pending, so not sending apply " + typeString + " commands to the backend"); - continue; + if (router.isStopPending()) { + if (_hostDao.findById(router.getHostId()).getState() == Status.Up) { + throw new ResourceUnavailableException("Unable to process due to the stop pending router " + router.getInstanceName() + + " haven't been stopped after it's host coming back!", DataCenter.class, router.getDataCenterId()); } - - try { - result = ruleApplier.accept(getVisitor(), router); - connectedRouters.add(router); - } catch (final AgentUnavailableException e) { - s_logger.warn(msg + router.getInstanceName(), e); - disconnectedRouters.add(router); - } - - // If rules fail to apply on one domR and not due to - // disconnection, no need to proceed with the rest - if (!result) { - if (isZoneBasic && isPodLevelException) { - throw new ResourceUnavailableException("Unable to apply " + typeString + " on router ", Pod.class, podId); - } - throw new ResourceUnavailableException("Unable to apply " + typeString + " on router ", DataCenter.class, router.getDataCenterId()); - } - - } else if (router.getState() == State.Stopped || router.getState() == State.Stopping) { - s_logger.debug("Router " + router.getInstanceName() + " is in " + router.getState() + ", so not sending apply " + typeString + " commands to the backend"); - } else { - s_logger.warn("Unable to apply " + typeString + ", virtual router is not in the right state " + router.getState()); - if (isZoneBasic && isPodLevelException) { - throw new ResourceUnavailableException("Unable to apply " + typeString + ", virtual router is not in the right state", Pod.class, podId); - } - throw new ResourceUnavailableException("Unable to apply " + typeString + ", virtual router is not in the right state", DataCenter.class, router.getDataCenterId()); + s_logger.debug("Router " + router.getInstanceName() + " is stop pending, so not sending apply " + typeString + " commands to the backend"); + return false; } + + try { + result = ruleApplier.accept(getVisitor(), router); + connectedRouters.add(router); + } catch (final AgentUnavailableException e) { + s_logger.warn(msg + router.getInstanceName(), e); + disconnectedRouters.add(router); + } + + // If rules fail to apply on one domR and not due to + // disconnection, no need to proceed with the rest + if (!result) { + if (isZoneBasic && isPodLevelException) { + throw new ResourceUnavailableException("Unable to apply " + typeString + " on router ", Pod.class, podId); + } + throw new ResourceUnavailableException("Unable to apply " + typeString + " on router ", DataCenter.class, router.getDataCenterId()); + } + + } else if (router.getState() == State.Stopped || router.getState() == State.Stopping) { + s_logger.debug("Router " + router.getInstanceName() + " is in " + router.getState() + ", so not sending apply " + typeString + " commands to the backend"); + } else { + s_logger.warn("Unable to apply " + typeString + ", virtual router is not in the right state " + router.getState()); + if (isZoneBasic && isPodLevelException) { + throw new ResourceUnavailableException("Unable to apply " + typeString + ", virtual router is not in the right state", Pod.class, podId); + } + throw new ResourceUnavailableException("Unable to apply " + typeString + ", virtual router is not in the right state", DataCenter.class, router.getDataCenterId()); } if (!connectedRouters.isEmpty()) { @@ -425,10 +423,8 @@ public class BasicNetworkTopology implements NetworkTopology { } } } else if (!disconnectedRouters.isEmpty()) { - for (final VirtualRouter router : disconnectedRouters) { - if (s_logger.isDebugEnabled()) { - s_logger.debug(msg + router.getInstanceName() + "(" + router.getId() + ")"); - } + if (s_logger.isDebugEnabled()) { + s_logger.debug(msg + router.getInstanceName() + "(" + router.getId() + ")"); } if (isZoneBasic && isPodLevelException) { throw new ResourceUnavailableException(msg, Pod.class, podId); diff --git a/server/src/org/apache/cloudstack/network/topology/NetworkTopology.java b/server/src/org/apache/cloudstack/network/topology/NetworkTopology.java index 6e42ad30984..5190d5e2f5d 100644 --- a/server/src/org/apache/cloudstack/network/topology/NetworkTopology.java +++ b/server/src/org/apache/cloudstack/network/topology/NetworkTopology.java @@ -50,7 +50,7 @@ public interface NetworkTopology { boolean configDhcpForSubnet(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final List routers) throws ResourceUnavailableException; - boolean applyNetworkACLs(final Network network, final List rules, final List routers, final boolean isPrivateGateway) + boolean applyNetworkACLs(final Network network, final List rules, final VirtualRouter router, final boolean isPrivateGateway) throws ResourceUnavailableException; boolean applyStaticRoutes(final List staticRoutes, final List routers) throws ResourceUnavailableException; @@ -61,30 +61,30 @@ public interface NetworkTopology { // ====== USED FOR GUEST NETWORK AND VCP ====== // - boolean applyDhcpEntry(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final List routers) + boolean applyDhcpEntry(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final DomainRouterVO router) throws ResourceUnavailableException; - boolean applyUserData(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final List routers) + boolean applyUserData(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final DomainRouterVO router) throws ResourceUnavailableException; - boolean applyLoadBalancingRules(Network network, List rules, List routers) throws ResourceUnavailableException; + boolean applyLoadBalancingRules(Network network, List rules, VirtualRouter router) throws ResourceUnavailableException; - boolean applyFirewallRules(final Network network, final List rules, final List routers) throws ResourceUnavailableException; + boolean applyFirewallRules(final Network network, final List rules, final VirtualRouter router) throws ResourceUnavailableException; - boolean applyStaticNats(final Network network, final List rules, final List routers) throws ResourceUnavailableException; + boolean applyStaticNats(final Network network, final List rules, final VirtualRouter router) throws ResourceUnavailableException; - boolean associatePublicIP(final Network network, final List ipAddress, final List routers) throws ResourceUnavailableException; + boolean associatePublicIP(final Network network, final List ipAddress, final VirtualRouter router) throws ResourceUnavailableException; String[] applyVpnUsers(final Network network, final List users, final List routers) throws ResourceUnavailableException; - boolean savePasswordToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final List routers) throws ResourceUnavailableException; + boolean savePasswordToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final VirtualRouter router) throws ResourceUnavailableException; - boolean saveSSHPublicKeyToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final List routers, + boolean saveSSHPublicKeyToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final VirtualRouter router, final String sshPublicKey) throws ResourceUnavailableException; - boolean saveUserDataToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final List routers) + boolean saveUserDataToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final VirtualRouter router) throws ResourceUnavailableException; - boolean applyRules(final Network network, final List routers, final String typeString, final boolean isPodLevelException, final Long podId, + boolean applyRules(final Network network, final VirtualRouter router, final String typeString, final boolean isPodLevelException, final Long podId, final boolean failWhenDisconnect, RuleApplierWrapper ruleApplier) throws ResourceUnavailableException; } \ No newline at end of file diff --git a/server/src/org/apache/cloudstack/network/topology/NetworkTopologyContext.java b/server/src/org/apache/cloudstack/network/topology/NetworkTopologyContext.java index 8ddc836fb35..473770cb354 100644 --- a/server/src/org/apache/cloudstack/network/topology/NetworkTopologyContext.java +++ b/server/src/org/apache/cloudstack/network/topology/NetworkTopologyContext.java @@ -49,4 +49,20 @@ public class NetworkTopologyContext { } return _flyweight.get(dc.getNetworkType()); } + + /** + * Method used for tests purpose only. Please do not use it to set the AdvanceNetworkTopology and it is managed by Spring. + * @param advancedNetworkTopology + */ + public void setAdvancedNetworkTopology(final AdvancedNetworkTopology advancedNetworkTopology) { + _advancedNetworkTopology = advancedNetworkTopology; + } + + /** + * Method used for tests purpose only. Please do not use it to set the BasicNetworkTopology and it is managed by Spring. + * @param basicNetworkTopology + */ + public void setBasicNetworkTopology(final BasicNetworkTopology basicNetworkTopology) { + _basicNetworkTopology = basicNetworkTopology; + } } \ No newline at end of file diff --git a/server/test/com/cloud/network/element/VpcVirtualRouterElementTest.java b/server/test/com/cloud/network/element/VpcVirtualRouterElementTest.java new file mode 100644 index 00000000000..d044f5b2011 --- /dev/null +++ b/server/test/com/cloud/network/element/VpcVirtualRouterElementTest.java @@ -0,0 +1,188 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.element; + +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertNotNull; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.fail; +import static org.mockito.Mockito.times; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; + +import java.util.ArrayList; +import java.util.List; + +import org.apache.cloudstack.network.topology.AdvancedNetworkTopology; +import org.apache.cloudstack.network.topology.BasicNetworkTopology; +import org.apache.cloudstack.network.topology.NetworkTopologyContext; +import org.junit.Test; +import org.junit.runner.RunWith; +import org.mockito.InjectMocks; +import org.mockito.Mock; +import org.mockito.Mockito; +import org.mockito.runners.MockitoJUnitRunner; + +import com.cloud.dc.DataCenterVO; +import com.cloud.dc.dao.DataCenterDao; +import com.cloud.exception.ResourceUnavailableException; +import com.cloud.network.RemoteAccessVpn; +import com.cloud.network.VpnUser; +import com.cloud.network.router.VpcVirtualNetworkApplianceManagerImpl; +import com.cloud.network.vpc.Vpc; +import com.cloud.utils.db.EntityManager; +import com.cloud.vm.DomainRouterVO; +import com.cloud.vm.dao.DomainRouterDao; + +@RunWith(MockitoJUnitRunner.class) +public class VpcVirtualRouterElementTest { + @Mock + DataCenterDao _dcDao; + @Mock private DomainRouterDao _routerDao; + + @Mock + EntityManager _entityMgr; + + @Mock + NetworkTopologyContext networkTopologyContext; + + @InjectMocks + VpcVirtualNetworkApplianceManagerImpl _vpcRouterMgr; + + @InjectMocks + VpcVirtualRouterElement vpcVirtualRouterElement; + + + @Test + public void testApplyVpnUsers() { + vpcVirtualRouterElement._vpcRouterMgr = _vpcRouterMgr; + + final AdvancedNetworkTopology advancedNetworkTopology = Mockito.mock(AdvancedNetworkTopology.class); + final BasicNetworkTopology basicNetworkTopology = Mockito.mock(BasicNetworkTopology.class); + + networkTopologyContext.setAdvancedNetworkTopology(advancedNetworkTopology); + networkTopologyContext.setBasicNetworkTopology(basicNetworkTopology); + networkTopologyContext.init(); + + final Vpc vpc = Mockito.mock(Vpc.class); + final DataCenterVO dataCenterVO = Mockito.mock(DataCenterVO.class); + final RemoteAccessVpn remoteAccessVpn = Mockito.mock(RemoteAccessVpn.class); + final DomainRouterVO domainRouterVO1 = Mockito.mock(DomainRouterVO.class); + final DomainRouterVO domainRouterVO2 = Mockito.mock(DomainRouterVO.class); + final VpnUser vpnUser1 = Mockito.mock(VpnUser.class); + final VpnUser vpnUser2 = Mockito.mock(VpnUser.class); + + final List users = new ArrayList(); + users.add(vpnUser1); + users.add(vpnUser2); + + final List routers = new ArrayList(); + routers.add(domainRouterVO1); + routers.add(domainRouterVO2); + + final Long vpcId = new Long(1l); + final Long zoneId = new Long(1l); + + when(remoteAccessVpn.getVpcId()).thenReturn(vpcId); + when(_vpcRouterMgr.getVpcRouters(vpcId)).thenReturn(routers); + when(_entityMgr.findById(Vpc.class, vpcId)).thenReturn(vpc); + when(vpc.getZoneId()).thenReturn(zoneId); + when(_dcDao.findById(zoneId)).thenReturn(dataCenterVO); + when(networkTopologyContext.retrieveNetworkTopology(dataCenterVO)).thenReturn(advancedNetworkTopology); + + try { + when(advancedNetworkTopology.applyVpnUsers(remoteAccessVpn, users, domainRouterVO1)).thenReturn(new String[]{"user1", "user2"}); + when(advancedNetworkTopology.applyVpnUsers(remoteAccessVpn, users, domainRouterVO2)).thenReturn(new String[]{"user3", "user4"}); + } catch (final ResourceUnavailableException e) { + fail(e.getMessage()); + } + + try { + final String [] results = vpcVirtualRouterElement.applyVpnUsers(remoteAccessVpn, users); + + assertNotNull(results); + assertEquals(results[0], "user1"); + assertEquals(results[1], "user2"); + assertEquals(results[2], "user3"); + assertEquals(results[3], "user4"); + } catch (final ResourceUnavailableException e) { + fail(e.getMessage()); + } + + verify(remoteAccessVpn, times(1)).getVpcId(); + verify(vpc, times(1)).getZoneId(); + verify(_dcDao, times(1)).findById(zoneId); + verify(networkTopologyContext, times(1)).retrieveNetworkTopology(dataCenterVO); + } + + @Test + public void testApplyVpnUsersException1() { + vpcVirtualRouterElement._vpcRouterMgr = _vpcRouterMgr; + + final AdvancedNetworkTopology advancedNetworkTopology = Mockito.mock(AdvancedNetworkTopology.class); + final BasicNetworkTopology basicNetworkTopology = Mockito.mock(BasicNetworkTopology.class); + + networkTopologyContext.setAdvancedNetworkTopology(advancedNetworkTopology); + networkTopologyContext.setBasicNetworkTopology(basicNetworkTopology); + networkTopologyContext.init(); + + final RemoteAccessVpn remoteAccessVpn = Mockito.mock(RemoteAccessVpn.class); + final List users = new ArrayList(); + + when(remoteAccessVpn.getVpcId()).thenReturn(null); + + try { + final String [] results = vpcVirtualRouterElement.applyVpnUsers(remoteAccessVpn, users); + assertNull(results); + } catch (final ResourceUnavailableException e) { + fail(e.getMessage()); + } + + verify(remoteAccessVpn, times(1)).getVpcId(); + } + + @Test + public void testApplyVpnUsersException2() { + vpcVirtualRouterElement._vpcRouterMgr = _vpcRouterMgr; + + final AdvancedNetworkTopology advancedNetworkTopology = Mockito.mock(AdvancedNetworkTopology.class); + final BasicNetworkTopology basicNetworkTopology = Mockito.mock(BasicNetworkTopology.class); + + networkTopologyContext.setAdvancedNetworkTopology(advancedNetworkTopology); + networkTopologyContext.setBasicNetworkTopology(basicNetworkTopology); + networkTopologyContext.init(); + + final RemoteAccessVpn remoteAccessVpn = Mockito.mock(RemoteAccessVpn.class); + + final List users = new ArrayList(); + + final Long vpcId = new Long(1l); + + when(remoteAccessVpn.getVpcId()).thenReturn(vpcId); + when(_vpcRouterMgr.getVpcRouters(vpcId)).thenReturn(null); + + try { + final String [] results = vpcVirtualRouterElement.applyVpnUsers(remoteAccessVpn, users); + + assertNull(results); + } catch (final ResourceUnavailableException e) { + fail(e.getMessage()); + } + + verify(remoteAccessVpn, times(1)).getVpcId(); + } +} \ No newline at end of file diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py index e1c01eb4e1a..24d75e55e85 100755 --- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py +++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py @@ -28,7 +28,7 @@ from CsRoute import CsRoute from CsRule import CsRule VRRP_TYPES = ['guest'] - +PUBLIC_INTERFACE = ['eth1'] class CsAddress(CsDataBag): @@ -314,9 +314,10 @@ class CsIP: for i in CsHelper.execute(cmd): if " DOWN " in i: cmd2 = "ip link set %s up" % self.getDevice() - # If redundant do not bring up public interfaces - # master.py and keepalived will deal with them - if self.cl.is_redundant() and not self.is_public(): + # If redundant only bring up public interfaces that are not eth1. + # Reason: private gateways are public interfaces. + # master.py and keepalived will deal with eth1 public interface. + if self.cl.is_redundant() and (not self.is_public() or self.getDevice() not in PUBLIC_INTERFACE): CsHelper.execute(cmd2) # if not redundant bring everything up if not self.cl.is_redundant(): diff --git a/test/integration/smoke/test_privategw_acl.py b/test/integration/smoke/test_privategw_acl.py index 9b85fe8732d..7231a4b630b 100644 --- a/test/integration/smoke/test_privategw_acl.py +++ b/test/integration/smoke/test_privategw_acl.py @@ -242,7 +242,6 @@ class TestPrivateGwACL(cloudstackTestCase): @attr(tags=["advanced"], required_hardware="true") def test_02_vpc_privategw_static_routes(self): - self.logger.debug("Creating a VPC offering..") vpc_off = VpcOffering.create( self.apiclient, @@ -255,8 +254,6 @@ class TestPrivateGwACL(cloudstackTestCase): @attr(tags=["advanced"], required_hardware="true") def test_03_rvpc_privategw_static_routes(self): - self.skipTest("Redundant VPC Routers have to be fixed. Private Gateway not working yet.") - self.logger.debug("Creating a Redundant VPC offering..") vpc_off = VpcOffering.create( self.apiclient, @@ -268,7 +265,6 @@ class TestPrivateGwACL(cloudstackTestCase): self.performVPCTests(vpc_off) def performVPCTests(self, vpc_off): - self.logger.debug("Creating VPCs with offering ID %s" % vpc_off.id) vpc_1 = self.createVPC(vpc_off, cidr = '10.0.1.0/24') vpc_2 = self.createVPC(vpc_off, cidr = '10.0.2.0/24')