apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge release branch 4.6 to master

Browse Source 
* 4.6:
  CLOUDSTACK-9106 - Makes Enum name compliant with Java code conventions.
  CLOUDSTACK-9106 - Adds a test to cover the changes in the applyVpnUsers() method
  CLOUDSTACK-9106 - Makes the router commands call more consistent.
  CLOUDSTACK-9106 - Enables private gateway tests on Redundant VPCs
  CLOUDSTACK-9106 - Refactor the createPrivateNicProfileForGateway() method
  CLOUDSTACK-9106 - Reduces the amount of iterations through the routers of a VPC
  Add support for not (re)starting server after cloud-setup-management.

Closed PRs that will not be considered for merge:
This closes #1158
This closes #1097
This commit is contained in:
Remi Bergsma 2015-12-07 21:36:05 +01:00
commit e08294a95f
17 changed files with 506 additions and 274 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
client/bindir/cloud-setup-management.in
View File

@ -6,9 +6,9 @@
# to you under the Apache License, Version 2.0 (the # to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance # "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at # with the License. You may obtain a copy of the License at
# #
# http://www.apache.org/licenses/LICENSE-2.0 # http://www.apache.org/licenses/LICENSE-2.0
# #
# Unless required by applicable law or agreed to in writing, # Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an # software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@ -26,18 +26,21 @@ from optparse import OptionParser
if __name__ == '__main__': if __name__ == '__main__':
initLoging("@MSLOGDIR@/setupManagement.log") initLoging("@MSLOGDIR@/setupManagement.log")
glbEnv = globalEnv() glbEnv = globalEnv()
parser = OptionParser() parser = OptionParser()
parser.add_option("--https", action="store_true", dest="https", help="Enable HTTPs connection of management server") parser.add_option("--https", action="store_true", dest="https", help="Enable HTTPs connection of management server")
parser.add_option("--tomcat7", action="store_true", dest="tomcat7", help="Use Tomcat7 configuration files in Management Server") parser.add_option("--tomcat7", action="store_true", dest="tomcat7", help="Use Tomcat7 configuration files in Management Server")
parser.add_option("--no-start", action="store_true", dest="nostart", help="Do not start management server after successful configuration")
(options, args) = parser.parse_args() (options, args) = parser.parse_args()
if options.https: if options.https:
glbEnv.svrMode = "HttpsServer" glbEnv.svrMode = "HttpsServer"
if options.tomcat7: if options.tomcat7:
glbEnv.svrConf = "Tomcat7" glbEnv.svrConf = "Tomcat7"
if options.nostart:
glbEnv.noStart = True
glbEnv.mode = "Server" glbEnv.mode = "Server"
print "Starting to configure CloudStack Management Server:" print "Starting to configure CloudStack Management Server:"
try: try:
syscfg = sysConfigFactory.getSysConfigFactory(glbEnv) syscfg = sysConfigFactory.getSysConfigFactory(glbEnv)

126
plugins/network-elements/ovs/src/com/cloud/network/element/OvsElement.java
View File

@ -69,7 +69,6 @@ import com.cloud.resource.ServerResource;
import com.cloud.resource.UnableDeleteHostException; import com.cloud.resource.UnableDeleteHostException;
import com.cloud.utils.Pair; import com.cloud.utils.Pair;
import com.cloud.utils.component.AdapterBase; import com.cloud.utils.component.AdapterBase;
import com.cloud.utils.exception.CloudRuntimeException;
import com.cloud.vm.DomainRouterVO; import com.cloud.vm.DomainRouterVO;
import com.cloud.vm.NicProfile; import com.cloud.vm.NicProfile;
import com.cloud.vm.ReservationContext; import com.cloud.vm.ReservationContext;
@ -206,7 +205,7 @@ StaticNatServiceProvider, IpDeployer {
return false; return false;
} }
HostVO host = _hostDao.findById(vm.getVirtualMachine().getHostId()); final HostVO host = _hostDao.findById(vm.getVirtualMachine().getHostId());
_ovsTunnelMgr.checkAndRemoveHostFromTunnelNetwork(network, host); _ovsTunnelMgr.checkAndRemoveHostFromTunnelNetwork(network, host);
return true; return true;
} }
@ -258,10 +257,10 @@ StaticNatServiceProvider, IpDeployer {
} }
private static Map<Service, Map<Capability, String>> setCapabilities() { private static Map<Service, Map<Capability, String>> setCapabilities() {
Map<Service, Map<Capability, String>> capabilities = new HashMap<Service, Map<Capability, String>>(); final Map<Service, Map<Capability, String>> capabilities = new HashMap<Service, Map<Capability, String>>();
// L2 Support : SDN provisioning // L2 Support : SDN provisioning
Map<Capability, String> connectivityCapabilities = new HashMap<Capability, String>(); final Map<Capability, String> connectivityCapabilities = new HashMap<Capability, String>();
connectivityCapabilities.put(Capability.DistributedRouter, null); connectivityCapabilities.put(Capability.DistributedRouter, null);
connectivityCapabilities.put(Capability.StretchedL2Subnet, null); connectivityCapabilities.put(Capability.StretchedL2Subnet, null);
connectivityCapabilities.put(Capability.RegionLevelVpc, null); connectivityCapabilities.put(Capability.RegionLevelVpc, null);
@ -276,7 +275,7 @@ StaticNatServiceProvider, IpDeployer {
// L3 support : Load Balancer // L3 support : Load Balancer
// Set capabilities for LB service // Set capabilities for LB service
Map<Capability, String> lbCapabilities = new HashMap<Capability, String>(); final Map<Capability, String> lbCapabilities = new HashMap<Capability, String>();
lbCapabilities.put(Capability.SupportedLBAlgorithms, "roundrobin,leastconn,source"); lbCapabilities.put(Capability.SupportedLBAlgorithms, "roundrobin,leastconn,source");
lbCapabilities.put(Capability.SupportedLBIsolation, "dedicated"); lbCapabilities.put(Capability.SupportedLBIsolation, "dedicated");
lbCapabilities.put(Capability.SupportedProtocols, "tcp, udp"); lbCapabilities.put(Capability.SupportedProtocols, "tcp, udp");
@ -290,7 +289,7 @@ StaticNatServiceProvider, IpDeployer {
public static String getHAProxyStickinessCapability() { public static String getHAProxyStickinessCapability() {
LbStickinessMethod method; LbStickinessMethod method;
List<LbStickinessMethod> methodList = new ArrayList<LbStickinessMethod>(1); final List<LbStickinessMethod> methodList = new ArrayList<LbStickinessMethod>(1);
method = new LbStickinessMethod(StickinessMethodType.LBCookieBased, "This is loadbalancer cookie based stickiness method."); method = new LbStickinessMethod(StickinessMethodType.LBCookieBased, "This is loadbalancer cookie based stickiness method.");
method.addParam("cookie-name", false, "Cookie name passed in http header by the LB to the client.", false); method.addParam("cookie-name", false, "Cookie name passed in http header by the LB to the client.", false);
@ -381,14 +380,14 @@ StaticNatServiceProvider, IpDeployer {
" example: expire=30m 20s 50h 4d. Default value:3h", false); " example: expire=30m 20s 50h 4d. Default value:3h", false);
methodList.add(method); methodList.add(method);
Gson gson = new Gson(); final Gson gson = new Gson();
String capability = gson.toJson(methodList); final String capability = gson.toJson(methodList);
return capability; return capability;
} }
@Override @Override
public List<Class<?>> getCommands() { public List<Class<?>> getCommands() {
List<Class<?>> cmdList = new ArrayList<Class<?>>(); final List<Class<?>> cmdList = new ArrayList<Class<?>>();
return cmdList; return cmdList;
} }
@ -428,15 +427,16 @@ StaticNatServiceProvider, IpDeployer {
final List<? extends PublicIpAddress> ipAddress, final Set<Service> services) final List<? extends PublicIpAddress> ipAddress, final Set<Service> services)
throws ResourceUnavailableException { throws ResourceUnavailableException {
boolean canHandle = true; boolean canHandle = true;
for (Service service : services) { for (final Service service : services) {
// check if Ovs can handle services except SourceNat & Firewall // check if Ovs can handle services except SourceNat & Firewall
if (!canHandle(network, service) && service != Service.SourceNat && service != Service.Firewall) { if (!canHandle(network, service) && service != Service.SourceNat && service != Service.Firewall) {
canHandle = false; canHandle = false;
break; break;
} }
} }
boolean result = true;
if (canHandle) { if (canHandle) {
List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole( final List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(
network.getId(), Role.VIRTUAL_ROUTER); network.getId(), Role.VIRTUAL_ROUTER);
if (routers == null || routers.isEmpty()) { if (routers == null || routers.isEmpty()) {
s_logger.debug("Virtual router element doesn't need to associate ip addresses on the backend; virtual " s_logger.debug("Virtual router element doesn't need to associate ip addresses on the backend; virtual "
@ -445,13 +445,14 @@ StaticNatServiceProvider, IpDeployer {
return true; return true;
} }
DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId());
NetworkTopology networkTopology = _networkTopologyContext.retrieveNetworkTopology(dcVO); final NetworkTopology networkTopology = _networkTopologyContext.retrieveNetworkTopology(dcVO);
return networkTopology.associatePublicIP(network, ipAddress, routers); for (final DomainRouterVO domainRouterVO : routers) {
} else { result = result && networkTopology.associatePublicIP(network, ipAddress, domainRouterVO);
return false; }
} }
return result;
} }
@Override @Override
@ -460,7 +461,7 @@ StaticNatServiceProvider, IpDeployer {
if (!canHandle(network, Service.StaticNat)) { if (!canHandle(network, Service.StaticNat)) {
return false; return false;
} }
List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole( final List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(
network.getId(), Role.VIRTUAL_ROUTER); network.getId(), Role.VIRTUAL_ROUTER);
if (routers == null || routers.isEmpty()) { if (routers == null || routers.isEmpty()) {
s_logger.debug("Ovs element doesn't need to apply static nat on the backend; virtual " s_logger.debug("Ovs element doesn't need to apply static nat on the backend; virtual "
@ -468,10 +469,13 @@ StaticNatServiceProvider, IpDeployer {
return true; return true;
} }
DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId());
NetworkTopology networkTopology = _networkTopologyContext.retrieveNetworkTopology(dcVO); final NetworkTopology networkTopology = _networkTopologyContext.retrieveNetworkTopology(dcVO);
boolean result = true;
return networkTopology.applyStaticNats(network, rules, routers); for (final DomainRouterVO domainRouterVO : routers) {
result = result && networkTopology.applyStaticNats(network, rules, domainRouterVO);
}
return result;
} }
@Override @Override
@ -480,7 +484,7 @@ StaticNatServiceProvider, IpDeployer {
if (!canHandle(network, Service.PortForwarding)) { if (!canHandle(network, Service.PortForwarding)) {
return false; return false;
} }
List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole( final List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(
network.getId(), Role.VIRTUAL_ROUTER); network.getId(), Role.VIRTUAL_ROUTER);
if (routers == null || routers.isEmpty()) { if (routers == null || routers.isEmpty()) {
s_logger.debug("Ovs element doesn't need to apply firewall rules on the backend; virtual " s_logger.debug("Ovs element doesn't need to apply firewall rules on the backend; virtual "
@ -488,21 +492,25 @@ StaticNatServiceProvider, IpDeployer {
return true; return true;
} }
DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); boolean result = true;
NetworkTopology networkTopology = _networkTopologyContext.retrieveNetworkTopology(dcVO); final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId());
final NetworkTopology networkTopology = _networkTopologyContext.retrieveNetworkTopology(dcVO);
return networkTopology.applyFirewallRules(network, rules, routers); for (final DomainRouterVO domainRouterVO : routers) {
result = result && networkTopology.applyFirewallRules(network, rules, domainRouterVO);
}
return result;
} }
@Override @Override
public boolean applyLBRules(final Network network, final List<LoadBalancingRule> rules) public boolean applyLBRules(final Network network, final List<LoadBalancingRule> rules)
throws ResourceUnavailableException { throws ResourceUnavailableException {
boolean result = true;
if (canHandle(network, Service.Lb)) { if (canHandle(network, Service.Lb)) {
if (!canHandleLbRules(rules)) { if (!canHandleLbRules(rules)) {
return false; return false;
} }
List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole( final List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(
network.getId(), Role.VIRTUAL_ROUTER); network.getId(), Role.VIRTUAL_ROUTER);
if (routers == null || routers.isEmpty()) { if (routers == null || routers.isEmpty()) {
s_logger.debug("Virtual router elemnt doesn't need to apply firewall rules on the backend; virtual " s_logger.debug("Virtual router elemnt doesn't need to apply firewall rules on the backend; virtual "
@ -511,27 +519,25 @@ StaticNatServiceProvider, IpDeployer {
return true; return true;
} }
DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId());
NetworkTopology networkTopology = _networkTopologyContext.retrieveNetworkTopology(dcVO); final NetworkTopology networkTopology = _networkTopologyContext.retrieveNetworkTopology(dcVO);
if (!networkTopology.applyLoadBalancingRules(network, rules, routers)) { for (final DomainRouterVO domainRouterVO : routers) {
throw new CloudRuntimeException( result = result && networkTopology.applyLoadBalancingRules(network, rules, domainRouterVO);
"Failed to apply load balancing rules in network " if (!result) {
+ network.getId()); s_logger.debug("Failed to apply load balancing rules in network " + network.getId());
} else { }
return true;
} }
} else {
return false;
} }
return result;
} }
@Override @Override
public boolean validateLBRule(final Network network, final LoadBalancingRule rule) { public boolean validateLBRule(final Network network, final LoadBalancingRule rule) {
List<LoadBalancingRule> rules = new ArrayList<LoadBalancingRule>(); final List<LoadBalancingRule> rules = new ArrayList<LoadBalancingRule>();
rules.add(rule); rules.add(rule);
if (canHandle(network, Service.Lb) && canHandleLbRules(rules)) { if (canHandle(network, Service.Lb) && canHandleLbRules(rules)) {
List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole( final List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(
network.getId(), Role.VIRTUAL_ROUTER); network.getId(), Role.VIRTUAL_ROUTER);
if (routers == null || routers.isEmpty()) { if (routers == null || routers.isEmpty()) {
return true; return true;
@ -549,11 +555,11 @@ StaticNatServiceProvider, IpDeployer {
} }
private boolean canHandleLbRules(final List<LoadBalancingRule> rules) { private boolean canHandleLbRules(final List<LoadBalancingRule> rules) {
Map<Capability, String> lbCaps = getCapabilities().get(Service.Lb); final Map<Capability, String> lbCaps = getCapabilities().get(Service.Lb);
if (!lbCaps.isEmpty()) { if (!lbCaps.isEmpty()) {
String schemeCaps = lbCaps.get(Capability.LbSchemes); final String schemeCaps = lbCaps.get(Capability.LbSchemes);
if (schemeCaps != null) { if (schemeCaps != null) {
for (LoadBalancingRule rule : rules) { for (final LoadBalancingRule rule : rules) {
if (!schemeCaps.contains(rule.getScheme().toString())) { if (!schemeCaps.contains(rule.getScheme().toString())) {
s_logger.debug("Scheme " + rules.get(0).getScheme() s_logger.debug("Scheme " + rules.get(0).getScheme()
+ " is not supported by the provider " + " is not supported by the provider "
@ -567,10 +573,10 @@ StaticNatServiceProvider, IpDeployer {
} }
public static boolean validateHAProxyLBRule(final LoadBalancingRule rule) { public static boolean validateHAProxyLBRule(final LoadBalancingRule rule) {
String timeEndChar = "dhms"; final String timeEndChar = "dhms";
for (LbStickinessPolicy stickinessPolicy : rule.getStickinessPolicies()) { for (final LbStickinessPolicy stickinessPolicy : rule.getStickinessPolicies()) {
List<Pair<String, String>> paramsList = stickinessPolicy final List<Pair<String, String>> paramsList = stickinessPolicy
.getParams(); .getParams();
if (StickinessMethodType.LBCookieBased.getName().equalsIgnoreCase( if (StickinessMethodType.LBCookieBased.getName().equalsIgnoreCase(
@ -582,9 +588,9 @@ StaticNatServiceProvider, IpDeployer {
String expire = "30m"; // optional String expire = "30m"; // optional
/* overwrite default values with the stick parameters */ /* overwrite default values with the stick parameters */
for (Pair<String, String> paramKV : paramsList) { for (final Pair<String, String> paramKV : paramsList) {
String key = paramKV.first(); final String key = paramKV.first();
String value = paramKV.second(); final String value = paramKV.second();
if ("tablesize".equalsIgnoreCase(key)) { if ("tablesize".equalsIgnoreCase(key)) {
tablesize = value; tablesize = value;
} }
@ -592,14 +598,14 @@ StaticNatServiceProvider, IpDeployer {
expire = value; expire = value;
} }
} }
if ((expire != null) if (expire != null
&& !containsOnlyNumbers(expire, timeEndChar)) { && !containsOnlyNumbers(expire, timeEndChar)) {
throw new InvalidParameterValueException( throw new InvalidParameterValueException(
"Failed LB in validation rule id: " + rule.getId() "Failed LB in validation rule id: " + rule.getId()
+ " Cause: expire is not in timeformat: " + " Cause: expire is not in timeformat: "
+ expire); + expire);
} }
if ((tablesize != null) if (tablesize != null
&& !containsOnlyNumbers(tablesize, "kmg")) { && !containsOnlyNumbers(tablesize, "kmg")) {
throw new InvalidParameterValueException( throw new InvalidParameterValueException(
"Failed LB in validation rule id: " "Failed LB in validation rule id: "
@ -613,9 +619,9 @@ StaticNatServiceProvider, IpDeployer {
String length = null; // optional String length = null; // optional
String holdTime = null; // optional String holdTime = null; // optional
for (Pair<String, String> paramKV : paramsList) { for (final Pair<String, String> paramKV : paramsList) {
String key = paramKV.first(); final String key = paramKV.first();
String value = paramKV.second(); final String value = paramKV.second();
if ("length".equalsIgnoreCase(key)) { if ("length".equalsIgnoreCase(key)) {
length = value; length = value;
} }
@ -624,15 +630,15 @@ StaticNatServiceProvider, IpDeployer {
} }
} }
if ((length != null) && (!containsOnlyNumbers(length, null))) { if (length != null && !containsOnlyNumbers(length, null)) {
throw new InvalidParameterValueException( throw new InvalidParameterValueException(
"Failed LB in validation rule id: " + rule.getId() "Failed LB in validation rule id: " + rule.getId()
+ " Cause: length is not a number: " + " Cause: length is not a number: "
+ length); + length);
} }
if ((holdTime != null) if (holdTime != null
&& (!containsOnlyNumbers(holdTime, timeEndChar) && !containsOnlyNumbers( && !containsOnlyNumbers(holdTime, timeEndChar) && !containsOnlyNumbers(
holdTime, null))) { holdTime, null)) {
throw new InvalidParameterValueException( throw new InvalidParameterValueException(
"Failed LB in validation rule id: " + rule.getId() "Failed LB in validation rule id: " + rule.getId()
+ " Cause: holdtime is not in timeformat: " + " Cause: holdtime is not in timeformat: "
@ -661,8 +667,8 @@ StaticNatServiceProvider, IpDeployer {
return false; // atleast one numeric and one char. example: return false; // atleast one numeric and one char. example:
} }
// 3h // 3h
char strEnd = str.toCharArray()[str.length() - 1]; final char strEnd = str.toCharArray()[str.length() - 1];
for (char c : endChar.toCharArray()) { for (final char c : endChar.toCharArray()) {
if (strEnd == c) { if (strEnd == c) {
number = str.substring(0, str.length() - 1); number = str.substring(0, str.length() - 1);
matchedEndChar = true; matchedEndChar = true;
@ -675,7 +681,7 @@ StaticNatServiceProvider, IpDeployer {
} }
try { try {
Integer.parseInt(number); Integer.parseInt(number);
} catch (NumberFormatException e) { } catch (final NumberFormatException e) {
return false; return false;
} }
return true; return true;

6
python/lib/cloudutils/globalEnv.py
View File

@ -5,9 +5,9 @@
# to you under the Apache License, Version 2.0 (the # to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance # "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at # with the License. You may obtain a copy of the License at
# #
# http://www.apache.org/licenses/LICENSE-2.0 # http://www.apache.org/licenses/LICENSE-2.0
# #
# Unless required by applicable law or agreed to in writing, # Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an # software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@ -20,6 +20,8 @@ class globalEnv:
self.mode = None self.mode = None
#server mode: normal/mycloud #server mode: normal/mycloud
self.svrMode = None self.svrMode = None
#noStart: do not start mgmt server after configuration?
self.noStart = False
#myCloud/Agent/Console #myCloud/Agent/Console
self.agentMode = None self.agentMode = None
#Tomcat6/Tomcat7 #Tomcat6/Tomcat7

35
python/lib/cloudutils/serviceConfigServer.py
View File

@ -5,9 +5,9 @@
# to you under the Apache License, Version 2.0 (the # to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance # "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at # with the License. You may obtain a copy of the License at
# #
# http://www.apache.org/licenses/LICENSE-2.0 # http://www.apache.org/licenses/LICENSE-2.0
# #
# Unless required by applicable law or agreed to in writing, # Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an # software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
@ -25,7 +25,7 @@ class cloudManagementConfig(serviceCfgBase):
def __init__(self, syscfg): def __init__(self, syscfg):
super(cloudManagementConfig, self).__init__(syscfg) super(cloudManagementConfig, self).__init__(syscfg)
self.serviceName = "CloudStack Management Server" self.serviceName = "CloudStack Management Server"
def config(self): def config(self):
def checkHostName(): def checkHostName():
ret = bash("hostname --fqdn") ret = bash("hostname --fqdn")
@ -46,7 +46,7 @@ class cloudManagementConfig(serviceCfgBase):
dbPass = None dbPass = None
dbName = cfo.getEntry("db.cloud.name") dbName = cfo.getEntry("db.cloud.name")
db = Database(dbUser, dbPass, dbHost, dbPort, dbName) db = Database(dbUser, dbPass, dbHost, dbPort, dbName)
try: try:
db.testConnection() db.testConnection()
except CloudRuntimeException, e: except CloudRuntimeException, e:
@ -56,27 +56,27 @@ class cloudManagementConfig(serviceCfgBase):
try: try:
statement = """ UPDATE configuration SET value='%s' WHERE name='%s'""" statement = """ UPDATE configuration SET value='%s' WHERE name='%s'"""
db.execute(statement%('true','use.local.storage')) db.execute(statement%('true','use.local.storage'))
db.execute(statement%('20','max.template.iso.size')) db.execute(statement%('20','max.template.iso.size'))
statement = """ UPDATE vm_template SET url='%s',checksum='%s' WHERE id='%s' """ statement = """ UPDATE vm_template SET url='%s',checksum='%s' WHERE id='%s' """
db.execute(statement%('https://rightscale-cloudstack.s3.amazonaws.com/kvm/RightImage_CentOS_5.4_x64_v5.6.28.qcow2.bz2', '90fcd2fa4d3177e31ff296cecb9933b7', '4')) db.execute(statement%('https://rightscale-cloudstack.s3.amazonaws.com/kvm/RightImage_CentOS_5.4_x64_v5.6.28.qcow2.bz2', '90fcd2fa4d3177e31ff296cecb9933b7', '4'))
statement="""UPDATE disk_offering set use_local_storage=1""" statement="""UPDATE disk_offering set use_local_storage=1"""
db.execute(statement) db.execute(statement)
except: except:
raise e raise e
#add DNAT 443 to 8250 #add DNAT 443 to 8250
if not bash("iptables-save |grep PREROUTING | grep 8250").isSuccess(): if not bash("iptables-save |grep PREROUTING | grep 8250").isSuccess():
bash("iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 8250 ") bash("iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 8250 ")
#generate keystore #generate keystore
keyPath = "/var/cloudstack/management/web.keystore" keyPath = "/var/cloudstack/management/web.keystore"
if not os.path.exists(keyPath): if not os.path.exists(keyPath):
cmd = bash("keytool -genkey -keystore %s -storepass \"cloud.com\" -keypass \"cloud.com\" -validity 3650 -dname cn=\"Cloudstack User\",ou=\"mycloud.cloud.com\",o=\"mycloud.cloud.com\",c=\"Unknown\""%keyPath) cmd = bash("keytool -genkey -keystore %s -storepass \"cloud.com\" -keypass \"cloud.com\" -validity 3650 -dname cn=\"Cloudstack User\",ou=\"mycloud.cloud.com\",o=\"mycloud.cloud.com\",c=\"Unknown\""%keyPath)
if not cmd.isSuccess(): if not cmd.isSuccess():
raise CloudInternalException(cmd.getErrMsg()) raise CloudInternalException(cmd.getErrMsg())
if not self.syscfg.env.svrConf == "Tomcat7": if not self.syscfg.env.svrConf == "Tomcat7":
@ -129,7 +129,7 @@ class cloudManagementConfig(serviceCfgBase):
cfo.add_lines("cloud soft nproc -1\n") cfo.add_lines("cloud soft nproc -1\n")
cfo.add_lines("cloud hard nproc -1\n") cfo.add_lines("cloud hard nproc -1\n")
cfo.save() cfo.save()
try: try:
if self.syscfg.env.svrConf == "Tomcat7": if self.syscfg.env.svrConf == "Tomcat7":
self.syscfg.svo.disableService("tomcat") self.syscfg.svo.disableService("tomcat")
@ -137,9 +137,14 @@ class cloudManagementConfig(serviceCfgBase):
self.syscfg.svo.disableService("tomcat6") self.syscfg.svo.disableService("tomcat6")
except: except:
pass pass
self.syscfg.svo.stopService("cloudstack-management") self.syscfg.svo.stopService("cloudstack-management")
if self.syscfg.svo.enableService("cloudstack-management"):
return True if self.syscfg.env.noStart == False:
if self.syscfg.svo.enableService("cloudstack-management"):
return True
else:
raise CloudRuntimeException("Failed to configure %s, please see the /var/log/cloudstack/management/setupManagement.log for detail"%self.serviceName)
else: else:
raise CloudRuntimeException("Failed to configure %s, please see the /var/log/cloudstack/management/setupManagement.log for detail"%self.serviceName) print "Configured successfully, but not starting management server."
return True

93
server/src/com/cloud/network/element/VirtualRouterElement.java
View File

@ -94,7 +94,6 @@ import com.cloud.utils.component.AdapterBase;
import com.cloud.utils.crypt.DBEncryptionUtil; import com.cloud.utils.crypt.DBEncryptionUtil;
import com.cloud.utils.db.QueryBuilder; import com.cloud.utils.db.QueryBuilder;
import com.cloud.utils.db.SearchCriteria.Op; import com.cloud.utils.db.SearchCriteria.Op;
import com.cloud.utils.exception.CloudRuntimeException;
import com.cloud.utils.net.NetUtils; import com.cloud.utils.net.NetUtils;
import com.cloud.vm.DomainRouterVO; import com.cloud.vm.DomainRouterVO;
import com.cloud.vm.NicProfile; import com.cloud.vm.NicProfile;
@ -259,6 +258,7 @@ NetworkMigrationResponder, AggregatedCommandExecutor {
@Override @Override
public boolean applyFWRules(final Network network, final List<? extends FirewallRule> rules) throws ResourceUnavailableException { public boolean applyFWRules(final Network network, final List<? extends FirewallRule> rules) throws ResourceUnavailableException {
boolean result = true;
if (canHandle(network, Service.Firewall)) { if (canHandle(network, Service.Firewall)) {
final List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER); final List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER);
if (routers == null || routers.isEmpty()) { if (routers == null || routers.isEmpty()) {
@ -278,14 +278,11 @@ NetworkMigrationResponder, AggregatedCommandExecutor {
final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId());
final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO);
if (!networkTopology.applyFirewallRules(network, rules, routers)) { for (final DomainRouterVO domainRouterVO : routers) {
throw new CloudRuntimeException("Failed to apply firewall rules in network " + network.getId()); result = result && networkTopology.applyFirewallRules(network, rules, domainRouterVO);
} else {
return true;
} }
} else {
return true;
} }
return result;
} }
/* /*
@ -402,6 +399,7 @@ NetworkMigrationResponder, AggregatedCommandExecutor {
@Override @Override
public boolean applyLBRules(final Network network, final List<LoadBalancingRule> rules) throws ResourceUnavailableException { public boolean applyLBRules(final Network network, final List<LoadBalancingRule> rules) throws ResourceUnavailableException {
boolean result = true;
if (canHandle(network, Service.Lb)) { if (canHandle(network, Service.Lb)) {
if (!canHandleLbRules(rules)) { if (!canHandleLbRules(rules)) {
return false; return false;
@ -416,14 +414,11 @@ NetworkMigrationResponder, AggregatedCommandExecutor {
final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId());
final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO);
if (!networkTopology.applyLoadBalancingRules(network, rules, routers)) { for (final DomainRouterVO domainRouterVO : routers) {
throw new CloudRuntimeException("Failed to apply load balancing rules in network " + network.getId()); result = result && networkTopology.applyLoadBalancingRules(network, rules, domainRouterVO);
} else {
return true;
} }
} else {
return false;
} }
return result;
} }
@Override @Override
@ -499,6 +494,7 @@ NetworkMigrationResponder, AggregatedCommandExecutor {
break; break;
} }
} }
boolean result = true;
if (canHandle) { if (canHandle) {
final List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER); final List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER);
if (routers == null || routers.isEmpty()) { if (routers == null || routers.isEmpty()) {
@ -509,10 +505,11 @@ NetworkMigrationResponder, AggregatedCommandExecutor {
final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId());
final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO);
return networkTopology.associatePublicIP(network, ipAddress, routers); for (final DomainRouterVO domainRouterVO : routers) {
} else { result = result && networkTopology.associatePublicIP(network, ipAddress, domainRouterVO);
return false; }
} }
return result;
} }
@Override @Override
@ -656,6 +653,7 @@ NetworkMigrationResponder, AggregatedCommandExecutor {
@Override @Override
public boolean applyStaticNats(final Network network, final List<? extends StaticNat> rules) throws ResourceUnavailableException { public boolean applyStaticNats(final Network network, final List<? extends StaticNat> rules) throws ResourceUnavailableException {
boolean result = true;
if (canHandle(network, Service.StaticNat)) { if (canHandle(network, Service.StaticNat)) {
final List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER); final List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER);
if (routers == null || routers.isEmpty()) { if (routers == null || routers.isEmpty()) {
@ -666,10 +664,11 @@ NetworkMigrationResponder, AggregatedCommandExecutor {
final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId());
final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO);
return networkTopology.applyStaticNats(network, rules, routers); for (final DomainRouterVO domainRouterVO : routers) {
} else { result = result && networkTopology.applyStaticNats(network, rules, domainRouterVO);
return true; }
} }
return result;
} }
@Override @Override
@ -678,20 +677,21 @@ NetworkMigrationResponder, AggregatedCommandExecutor {
if (routers == null || routers.isEmpty()) { if (routers == null || routers.isEmpty()) {
return true; return true;
} }
boolean result = true; boolean stopResult = true;
boolean destroyResult = true;
for (final DomainRouterVO router : routers) { for (final DomainRouterVO router : routers) {
result = result && _routerMgr.stop(router, false, context.getCaller(), context.getAccount()) != null; stopResult = stopResult && _routerMgr.stop(router, false, context.getCaller(), context.getAccount()) != null;
if (!stopResult) {
s_logger.warn("Failed to stop virtual router element " + router + ", but would try to process clean up anyway.");
}
if (cleanup) { if (cleanup) {
if (!result) { destroyResult = destroyResult && _routerMgr.destroyRouter(router.getId(), context.getAccount(), context.getCaller().getId()) != null;
s_logger.warn("Failed to stop virtual router element " + router + ", but would try to process clean up anyway."); if (!destroyResult) {
}
result = _routerMgr.destroyRouter(router.getId(), context.getAccount(), context.getCaller().getId()) != null;
if (!result) {
s_logger.warn("Failed to clean up virtual router element " + router); s_logger.warn("Failed to clean up virtual router element " + router);
} }
} }
} }
return result; return stopResult & destroyResult;
} }
@Override @Override
@ -732,7 +732,7 @@ NetworkMigrationResponder, AggregatedCommandExecutor {
// save the password in DB // save the password in DB
for (final VirtualRouter router : routers) { for (final VirtualRouter router : routers) {
if (router.getState() == State.Running) { if (router.getState() == State.Running) {
return networkTopology.savePasswordToRouter(network, nic, uservm, routers); return networkTopology.savePasswordToRouter(network, nic, uservm, router);
} }
} }
final String password = (String) uservm.getParameter(VirtualMachineProfile.Param.VmPassword); final String password = (String) uservm.getParameter(VirtualMachineProfile.Param.VmPassword);
@ -765,7 +765,11 @@ NetworkMigrationResponder, AggregatedCommandExecutor {
final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId());
final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO);
return networkTopology.saveSSHPublicKeyToRouter(network, nic, uservm, routers, sshPublicKey); boolean result = true;
for (final DomainRouterVO domainRouterVO : routers) {
result = result && networkTopology.saveSSHPublicKeyToRouter(network, nic, uservm, domainRouterVO, sshPublicKey);
}
return result;
} }
@Override @Override
@ -784,7 +788,11 @@ NetworkMigrationResponder, AggregatedCommandExecutor {
final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId());
final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO);
return networkTopology.saveUserDataToRouter(network, nic, uservm, routers); boolean result = true;
for (final DomainRouterVO domainRouterVO : routers) {
result = result && networkTopology.saveUserDataToRouter(network, nic, uservm, domainRouterVO);
}
return result;
} }
@Override @Override
@ -841,6 +849,7 @@ NetworkMigrationResponder, AggregatedCommandExecutor {
@Override @Override
public boolean applyPFRules(final Network network, final List<PortForwardingRule> rules) throws ResourceUnavailableException { public boolean applyPFRules(final Network network, final List<PortForwardingRule> rules) throws ResourceUnavailableException {
boolean result = true;
if (canHandle(network, Service.PortForwarding)) { if (canHandle(network, Service.PortForwarding)) {
final List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER); final List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER);
if (routers == null || routers.isEmpty()) { if (routers == null || routers.isEmpty()) {
@ -851,14 +860,11 @@ NetworkMigrationResponder, AggregatedCommandExecutor {
final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId());
final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO);
if (!networkTopology.applyFirewallRules(network, rules, routers)) { for (final DomainRouterVO domainRouterVO : routers) {
throw new CloudRuntimeException("Failed to apply firewall rules in network " + network.getId()); result = result && networkTopology.applyFirewallRules(network, rules, domainRouterVO);
} else {
return true;
} }
} else {
return true;
} }
return result;
} }
@Override @Override
@ -957,13 +963,13 @@ NetworkMigrationResponder, AggregatedCommandExecutor {
@Override @Override
public boolean addDhcpEntry(final Network network, final NicProfile nic, final VirtualMachineProfile vm, final DeployDestination dest, final ReservationContext context) public boolean addDhcpEntry(final Network network, final NicProfile nic, final VirtualMachineProfile vm, final DeployDestination dest, final ReservationContext context)
throws ConcurrentOperationException, InsufficientCapacityException, ResourceUnavailableException { throws ConcurrentOperationException, InsufficientCapacityException, ResourceUnavailableException {
boolean result = true;
if (canHandle(network, Service.Dhcp)) { if (canHandle(network, Service.Dhcp)) {
if (vm.getType() != VirtualMachine.Type.User) { if (vm.getType() != VirtualMachine.Type.User) {
return false; return false;
} }
final VirtualMachineProfile uservm = vm; final VirtualMachineProfile uservm = vm;
final List<DomainRouterVO> routers = getRouters(network, dest); final List<DomainRouterVO> routers = getRouters(network, dest);
if (routers == null || routers.size() == 0) { if (routers == null || routers.size() == 0) {
@ -973,14 +979,17 @@ NetworkMigrationResponder, AggregatedCommandExecutor {
final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId());
final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO);
return networkTopology.applyDhcpEntry(network, nic, uservm, dest, routers); for (final DomainRouterVO domainRouterVO : routers) {
result = result && networkTopology.applyDhcpEntry(network, nic, uservm, dest, domainRouterVO);
}
} }
return false; return result;
} }
@Override @Override
public boolean addPasswordAndUserdata(final Network network, final NicProfile nic, final VirtualMachineProfile vm, final DeployDestination dest, public boolean addPasswordAndUserdata(final Network network, final NicProfile nic, final VirtualMachineProfile vm, final DeployDestination dest,
final ReservationContext context) throws ConcurrentOperationException, InsufficientCapacityException, ResourceUnavailableException { final ReservationContext context) throws ConcurrentOperationException, InsufficientCapacityException, ResourceUnavailableException {
boolean result = true;
if (canHandle(network, Service.UserData)) { if (canHandle(network, Service.UserData)) {
if (vm.getType() != VirtualMachine.Type.User) { if (vm.getType() != VirtualMachine.Type.User) {
return false; return false;
@ -1002,9 +1011,11 @@ NetworkMigrationResponder, AggregatedCommandExecutor {
final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId());
final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO);
return networkTopology.applyUserData(network, nic, uservm, dest, routers); for (final DomainRouterVO domainRouterVO : routers) {
result = result && networkTopology.applyUserData(network, nic, uservm, dest, domainRouterVO);
}
} }
return false; return result;
} }
protected List<DomainRouterVO> getRouters(final Network network, final DeployDestination dest) { protected List<DomainRouterVO> getRouters(final Network network, final DeployDestination dest) {

79
server/src/com/cloud/network/element/VpcVirtualRouterElement.java
View File

@ -16,6 +16,8 @@
// under the License. // under the License.
package com.cloud.network.element; package com.cloud.network.element;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap; import java.util.HashMap;
import java.util.List; import java.util.List;
import java.util.Map; import java.util.Map;
@ -112,8 +114,7 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc
@Qualifier("vpcNetworkHelper") @Qualifier("vpcNetworkHelper")
private VpcNetworkHelperImpl _vpcNetWprkHelper; private VpcNetworkHelperImpl _vpcNetWprkHelper;
@Inject @Inject RouterDeploymentDefinitionBuilder routerDeploymentDefinitionBuilder;
private RouterDeploymentDefinitionBuilder routerDeploymentDefinitionBuilder;
@Override @Override
protected boolean canHandle(final Network network, final Service service) { protected boolean canHandle(final Network network, final Service service) {
@ -274,13 +275,13 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc
@Override @Override
public boolean shutdown(final Network network, final ReservationContext context, final boolean cleanup) throws ConcurrentOperationException, ResourceUnavailableException { public boolean shutdown(final Network network, final ReservationContext context, final boolean cleanup) throws ConcurrentOperationException, ResourceUnavailableException {
boolean success = true;
final Long vpcId = network.getVpcId(); final Long vpcId = network.getVpcId();
if (vpcId == null) { if (vpcId == null) {
s_logger.debug("Network " + network + " doesn't belong to any vpc, so skipping unplug nic part"); s_logger.debug("Network " + network + " doesn't belong to any vpc, so skipping unplug nic part");
return success; return true;
} }
boolean success = true;
final List<? extends VirtualRouter> routers = _routerDao.listByVpcId(vpcId); final List<? extends VirtualRouter> routers = _routerDao.listByVpcId(vpcId);
for (final VirtualRouter router : routers) { for (final VirtualRouter router : routers) {
// 1) Check if router is already a part of the network // 1) Check if router is already a part of the network
@ -302,13 +303,13 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc
@Override @Override
public boolean destroy(final Network config, final ReservationContext context) throws ConcurrentOperationException, ResourceUnavailableException { public boolean destroy(final Network config, final ReservationContext context) throws ConcurrentOperationException, ResourceUnavailableException {
boolean success = true;
final Long vpcId = config.getVpcId(); final Long vpcId = config.getVpcId();
if (vpcId == null) { if (vpcId == null) {
s_logger.debug("Network " + config + " doesn't belong to any vpc, so skipping unplug nic part"); s_logger.debug("Network " + config + " doesn't belong to any vpc, so skipping unplug nic part");
return success; return true;
} }
boolean success = true;
final List<? extends VirtualRouter> routers = _routerDao.listByVpcId(vpcId); final List<? extends VirtualRouter> routers = _routerDao.listByVpcId(vpcId);
for (final VirtualRouter router : routers) { for (final VirtualRouter router : routers) {
// 1) Check if router is already a part of the network // 1) Check if router is already a part of the network
@ -410,7 +411,7 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc
public boolean createPrivateGateway(final PrivateGateway gateway) throws ConcurrentOperationException, ResourceUnavailableException { public boolean createPrivateGateway(final PrivateGateway gateway) throws ConcurrentOperationException, ResourceUnavailableException {
if (gateway.getType() != VpcGateway.Type.Private) { if (gateway.getType() != VpcGateway.Type.Private) {
s_logger.warn("Type of vpc gateway is not " + VpcGateway.Type.Private); s_logger.warn("Type of vpc gateway is not " + VpcGateway.Type.Private);
return false; return true;
} }
final List<DomainRouterVO> routers = _vpcRouterMgr.getVpcRouters(gateway.getVpcId()); final List<DomainRouterVO> routers = _vpcRouterMgr.getVpcRouters(gateway.getVpcId());
@ -424,25 +425,23 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc
final DataCenterVO dcVO = _dcDao.findById(gateway.getZoneId()); final DataCenterVO dcVO = _dcDao.findById(gateway.getZoneId());
final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO);
boolean result = true;
final Network network = _networkDao.findById(gateway.getNetworkId());
final boolean isPrivateGateway = true;
for (final DomainRouterVO domainRouterVO : routers) { for (final DomainRouterVO domainRouterVO : routers) {
if (networkTopology.setupPrivateGateway(gateway, domainRouterVO)) { if (networkTopology.setupPrivateGateway(gateway, domainRouterVO)) {
try { try {
final List<NetworkACLItemVO> rules = _networkACLItemDao.listByACL(gateway.getNetworkACLId()); final List<NetworkACLItemVO> rules = _networkACLItemDao.listByACL(gateway.getNetworkACLId());
if (!applyACLItemsToPrivateGw(gateway, rules)) { result = result && networkTopology.applyNetworkACLs(network, rules, domainRouterVO, isPrivateGateway);
s_logger.debug("Failed to apply network acl id " + gateway.getNetworkACLId() + " on gateway ");
return false;
}
} catch (final Exception ex) { } catch (final Exception ex) {
s_logger.debug("Failed to apply network acl id " + gateway.getNetworkACLId() + " on gateway "); s_logger.debug("Failed to apply network acl id " + gateway.getNetworkACLId() + " on gateway ");
return false; return false;
} }
} else {
s_logger.debug("Failed to setup private gateway " + gateway);
return false;
} }
} }
return true; return result;
} }
@Override @Override
@ -479,25 +478,28 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc
break; break;
} }
} }
boolean result = true;
if (canHandle) { if (canHandle) {
final List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER); final List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER);
if (routers == null || routers.isEmpty()) { if (routers == null || routers.isEmpty()) {
s_logger.debug(getName() + " element doesn't need to associate ip addresses on the backend; VPC virtual " + "router doesn't exist in the network " s_logger.debug(getName() + " element doesn't need to associate ip addresses on the backend; VPC virtual " + "router doesn't exist in the network "
+ network.getId()); + network.getId());
return true; return false;
} }
final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId());
final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO);
return networkTopology.associatePublicIP(network, ipAddress, routers); for (final DomainRouterVO domainRouterVO : routers) {
} else { result = result && networkTopology.associatePublicIP(network, ipAddress, domainRouterVO);
return false; }
} }
return result;
} }
@Override @Override
public boolean applyNetworkACLs(final Network network, final List<? extends NetworkACLItem> rules) throws ResourceUnavailableException { public boolean applyNetworkACLs(final Network network, final List<? extends NetworkACLItem> rules) throws ResourceUnavailableException {
boolean result = true;
if (canHandle(network, Service.NetworkACL)) { if (canHandle(network, Service.NetworkACL)) {
final List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER); final List<DomainRouterVO> routers = _routerDao.listByNetworkAndRole(network.getId(), Role.VIRTUAL_ROUTER);
if (routers == null || routers.isEmpty()) { if (routers == null || routers.isEmpty()) {
@ -508,19 +510,15 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc
final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId());
final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO);
try { for (final DomainRouterVO domainRouterVO : routers) {
if (!networkTopology.applyNetworkACLs(network, rules, routers, false)) { try {
return false; result = result && networkTopology.applyNetworkACLs(network, rules, domainRouterVO, false);
} else { } catch (final Exception ex) {
return true; s_logger.debug("Failed to apply network acl in network " + network.getId());
} }
} catch (final Exception ex) {
s_logger.debug("Failed to apply network acl in network " + network.getId());
return false;
} }
} else {
return true;
} }
return result;
} }
@Override @Override
@ -561,11 +559,11 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc
final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId()); final DataCenterVO dcVO = _dcDao.findById(network.getDataCenterId());
final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO);
if (!networkTopology.applyNetworkACLs(network, rules, routers, isPrivateGateway)) { boolean result = true;
throw new CloudRuntimeException("Failed to apply network acl in network " + network.getId()); for (final DomainRouterVO domainRouterVO : routers) {
} else { result = result && networkTopology.applyNetworkACLs(network, rules, domainRouterVO, isPrivateGateway);
return true;
} }
return result;
} }
@Override @Override
@ -633,24 +631,31 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc
@Override @Override
public String[] applyVpnUsers(final RemoteAccessVpn vpn, final List<? extends VpnUser> users) throws ResourceUnavailableException { public String[] applyVpnUsers(final RemoteAccessVpn vpn, final List<? extends VpnUser> users) throws ResourceUnavailableException {
if (vpn.getVpcId() == null) { final Long vpcId = vpn.getVpcId();
if (vpcId == null) {
return null; return null;
} }
final List<DomainRouterVO> routers = _vpcRouterMgr.getVpcRouters(vpn.getVpcId()); final List<DomainRouterVO> routers = _vpcRouterMgr.getVpcRouters(vpcId);
if (routers == null) { if (routers == null) {
s_logger.debug("Cannot apply vpn users on the backend; virtual router doesn't exist in the network " + vpn.getVpcId()); s_logger.debug("Cannot apply vpn users on the backend; virtual router doesn't exist in the network " + vpcId);
return null; return null;
} }
final Vpc vpc = _entityMgr.findById(Vpc.class, vpn.getVpcId()); final Vpc vpc = _entityMgr.findById(Vpc.class, vpcId);
final DataCenterVO dcVO = _dcDao.findById(vpc.getZoneId()); final DataCenterVO dcVO = _dcDao.findById(vpc.getZoneId());
final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO); final NetworkTopology networkTopology = networkTopologyContext.retrieveNetworkTopology(dcVO);
String[] result = null; String[] result = null;
final List<String> combinedResults = new ArrayList<String>();
for (final DomainRouterVO domainRouterVO : routers) { for (final DomainRouterVO domainRouterVO : routers) {
result = networkTopology.applyVpnUsers(vpn, users, domainRouterVO); result = networkTopology.applyVpnUsers(vpn, users, domainRouterVO);
combinedResults.addAll(Arrays.asList(result));
} }
result = new String[combinedResults.size()];
final Object [] resultCast = combinedResults.toArray();
System.arraycopy(resultCast, 0, result, 0, resultCast.length);
return result; return result;
} }

3
server/src/com/cloud/network/router/NicProfileHelper.java
View File

@ -24,8 +24,7 @@ import com.cloud.vm.NicProfile;
public interface NicProfileHelper { public interface NicProfileHelper {
public abstract NicProfile createPrivateNicProfileForGateway( public abstract NicProfile createPrivateNicProfileForGateway(final VpcGateway privateGateway, final VirtualRouter router);
VpcGateway privateGateway);
public abstract NicProfile createGuestNicProfileForVpcRouter(final RouterDeploymentDefinition vpcRouterDeploymentDefinition, public abstract NicProfile createGuestNicProfileForVpcRouter(final RouterDeploymentDefinition vpcRouterDeploymentDefinition,
Network guestNetwork); Network guestNetwork);

18
server/src/com/cloud/network/router/NicProfileHelperImpl.java
View File

@ -31,6 +31,7 @@ import com.cloud.network.Networks.AddressFormat;
import com.cloud.network.Networks.BroadcastDomainType; import com.cloud.network.Networks.BroadcastDomainType;
import com.cloud.network.vpc.PrivateIpAddress; import com.cloud.network.vpc.PrivateIpAddress;
import com.cloud.network.vpc.PrivateIpVO; import com.cloud.network.vpc.PrivateIpVO;
import com.cloud.network.vpc.Vpc;
import com.cloud.network.vpc.VpcGateway; import com.cloud.network.vpc.VpcGateway;
import com.cloud.network.vpc.VpcManager; import com.cloud.network.vpc.VpcManager;
import com.cloud.network.vpc.dao.PrivateIpDao; import com.cloud.network.vpc.dao.PrivateIpDao;
@ -38,7 +39,6 @@ import com.cloud.utils.db.DB;
import com.cloud.utils.net.NetUtils; import com.cloud.utils.net.NetUtils;
import com.cloud.vm.Nic; import com.cloud.vm.Nic;
import com.cloud.vm.NicProfile; import com.cloud.vm.NicProfile;
import com.cloud.vm.VirtualMachine;
import com.cloud.vm.dao.NicDao; import com.cloud.vm.dao.NicDao;
import com.cloud.vm.dao.VMInstanceDao; import com.cloud.vm.dao.VMInstanceDao;
@ -61,19 +61,25 @@ public class NicProfileHelperImpl implements NicProfileHelper {
@Override @Override
@DB @DB
public NicProfile createPrivateNicProfileForGateway(final VpcGateway privateGateway) { public NicProfile createPrivateNicProfileForGateway(final VpcGateway privateGateway, final VirtualRouter router) {
final Network privateNetwork = _networkModel.getNetwork(privateGateway.getNetworkId()); final Network privateNetwork = _networkModel.getNetwork(privateGateway.getNetworkId());
final PrivateIpVO ipVO = _privateIpDao.allocateIpAddress(privateNetwork.getDataCenterId(), privateNetwork.getId(), privateGateway.getIp4Address()); PrivateIpVO ipVO = _privateIpDao.allocateIpAddress(privateNetwork.getDataCenterId(), privateNetwork.getId(), privateGateway.getIp4Address());
final Long vpcId = privateGateway.getVpcId();
final Vpc activeVpc = _vpcMgr.getActiveVpc(vpcId);
if (activeVpc.isRedundant() && ipVO == null) {
ipVO = _privateIpDao.findByIpAndVpcId(vpcId, privateGateway.getIp4Address());
}
final Nic privateNic = _nicDao.findByIp4AddressAndNetworkId(ipVO.getIpAddress(), privateNetwork.getId()); final Nic privateNic = _nicDao.findByIp4AddressAndNetworkId(ipVO.getIpAddress(), privateNetwork.getId());
NicProfile privateNicProfile = new NicProfile(); NicProfile privateNicProfile = new NicProfile();
if (privateNic != null) { if (privateNic != null) {
final VirtualMachine vm = _vmDao.findById(privateNic.getInstanceId());
privateNicProfile = privateNicProfile =
new NicProfile(privateNic, privateNetwork, privateNic.getBroadcastUri(), privateNic.getIsolationUri(), _networkModel.getNetworkRate( new NicProfile(privateNic, privateNetwork, privateNic.getBroadcastUri(), privateNic.getIsolationUri(), _networkModel.getNetworkRate(
privateNetwork.getId(), vm.getId()), _networkModel.isSecurityGroupSupportedInNetwork(privateNetwork), _networkModel.getNetworkTag( privateNetwork.getId(), router.getId()), _networkModel.isSecurityGroupSupportedInNetwork(privateNetwork), _networkModel.getNetworkTag(
vm.getHypervisorType(), privateNetwork)); router.getHypervisorType(), privateNetwork));
} else { } else {
final String netmask = NetUtils.getCidrNetmask(privateNetwork.getCidr()); final String netmask = NetUtils.getCidrNetmask(privateNetwork.getCidr());
final PrivateIpAddress ip = final PrivateIpAddress ip =

2
server/src/com/cloud/network/router/VpcNetworkHelperImpl.java
View File

@ -93,7 +93,7 @@ public class VpcNetworkHelperImpl extends NetworkHelperImpl {
final List<PrivateGateway> privateGateways = vpcMgr.getVpcPrivateGateways(vpcId); final List<PrivateGateway> privateGateways = vpcMgr.getVpcPrivateGateways(vpcId);
if (privateGateways != null && !privateGateways.isEmpty()) { if (privateGateways != null && !privateGateways.isEmpty()) {
for (final PrivateGateway privateGateway : privateGateways) { for (final PrivateGateway privateGateway : privateGateways) {
final NicProfile privateNic = nicProfileHelper.createPrivateNicProfileForGateway(privateGateway); final NicProfile privateNic = nicProfileHelper.createPrivateNicProfileForGateway(privateGateway, router);
final Network privateNetwork = _networkModel.getNetwork(privateGateway.getNetworkId()); final Network privateNetwork = _networkModel.getNetwork(privateGateway.getNetworkId());
networks.put(privateNetwork, new ArrayList<NicProfile>(Arrays.asList(privateNic))); networks.put(privateNetwork, new ArrayList<NicProfile>(Arrays.asList(privateNic)));
} }

28
server/src/com/cloud/network/rules/PrivateGatewayRules.java
View File

@ -54,18 +54,18 @@ public class PrivateGatewayRules extends RuleApplier {
boolean result = false; boolean result = false;
try { try {
NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel(); final NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel();
_network = networkModel.getNetwork(_privateGateway.getNetworkId()); _network = networkModel.getNetwork(_privateGateway.getNetworkId());
NicProfileHelper nicProfileHelper = visitor.getVirtualNetworkApplianceFactory().getNicProfileHelper(); final NicProfileHelper nicProfileHelper = visitor.getVirtualNetworkApplianceFactory().getNicProfileHelper();
NicProfile requested = nicProfileHelper.createPrivateNicProfileForGateway(_privateGateway); final NicProfile requested = nicProfileHelper.createPrivateNicProfileForGateway(_privateGateway, _router);
NetworkHelper networkHelper = visitor.getVirtualNetworkApplianceFactory().getNetworkHelper(); final NetworkHelper networkHelper = visitor.getVirtualNetworkApplianceFactory().getNetworkHelper();
if (!networkHelper.checkRouterVersion(_router)) { if (!networkHelper.checkRouterVersion(_router)) {
s_logger.warn("Router requires upgrade. Unable to send command to router: " + _router.getId()); s_logger.warn("Router requires upgrade. Unable to send command to router: " + _router.getId());
return false; return false;
} }
VirtualMachineManager itMgr = visitor.getVirtualNetworkApplianceFactory().getItMgr(); final VirtualMachineManager itMgr = visitor.getVirtualNetworkApplianceFactory().getItMgr();
_nicProfile = itMgr.addVmToNetwork(_router, _network, requested); _nicProfile = itMgr.addVmToNetwork(_router, _network, requested);
// setup source nat // setup source nat
@ -74,13 +74,13 @@ public class PrivateGatewayRules extends RuleApplier {
// result = setupVpcPrivateNetwork(router, true, guestNic); // result = setupVpcPrivateNetwork(router, true, guestNic);
result = visitor.visit(this); result = visitor.visit(this);
} }
} catch (Exception ex) { } catch (final Exception ex) {
s_logger.warn("Failed to create private gateway " + _privateGateway + " on router " + _router + " due to ", ex); s_logger.warn("Failed to create private gateway " + _privateGateway + " on router " + _router + " due to ", ex);
} finally { } finally {
if (!result) { if (!result) {
s_logger.debug("Failed to setup gateway " + _privateGateway + " on router " + _router + " with the source nat. Will now remove the gateway."); s_logger.debug("Failed to setup gateway " + _privateGateway + " on router " + _router + " with the source nat. Will now remove the gateway.");
_isAddOperation = false; _isAddOperation = false;
boolean isRemoved = destroyPrivateGateway(visitor); final boolean isRemoved = destroyPrivateGateway(visitor);
if (isRemoved) { if (isRemoved) {
s_logger.debug("Removed the gateway " + _privateGateway + " from router " + _router + " as a part of cleanup"); s_logger.debug("Removed the gateway " + _privateGateway + " from router " + _router + " as a part of cleanup");
@ -101,7 +101,7 @@ public class PrivateGatewayRules extends RuleApplier {
} }
public PrivateIpVO retrivePrivateIP(final NetworkTopologyVisitor visitor) { public PrivateIpVO retrivePrivateIP(final NetworkTopologyVisitor visitor) {
PrivateIpVO ipVO = visitor.getVirtualNetworkApplianceFactory().getPrivateIpDao().findByIpAndSourceNetworkId(_nicProfile.getNetworkId(), _nicProfile.getIPv4Address()); final PrivateIpVO ipVO = visitor.getVirtualNetworkApplianceFactory().getPrivateIpDao().findByIpAndSourceNetworkId(_nicProfile.getNetworkId(), _nicProfile.getIPv4Address());
return ipVO; return ipVO;
} }
@ -110,20 +110,20 @@ public class PrivateGatewayRules extends RuleApplier {
// RuleApplier super class. // RuleApplier super class.
// Just doing this here, but will double check is remove if it's not // Just doing this here, but will double check is remove if it's not
// needed. // needed.
NetworkDao networkDao = visitor.getVirtualNetworkApplianceFactory().getNetworkDao(); final NetworkDao networkDao = visitor.getVirtualNetworkApplianceFactory().getNetworkDao();
Network network = networkDao.findById(_nicProfile.getNetworkId()); final Network network = networkDao.findById(_nicProfile.getNetworkId());
return network; return network;
} }
protected boolean destroyPrivateGateway(final NetworkTopologyVisitor visitor) throws ConcurrentOperationException, ResourceUnavailableException { protected boolean destroyPrivateGateway(final NetworkTopologyVisitor visitor) throws ConcurrentOperationException, ResourceUnavailableException {
NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel(); final NetworkModel networkModel = visitor.getVirtualNetworkApplianceFactory().getNetworkModel();
if (!networkModel.isVmPartOfNetwork(_router.getId(), _privateGateway.getNetworkId())) { if (!networkModel.isVmPartOfNetwork(_router.getId(), _privateGateway.getNetworkId())) {
s_logger.debug("Router doesn't have nic for gateway " + _privateGateway + " so no need to removed it"); s_logger.debug("Router doesn't have nic for gateway " + _privateGateway + " so no need to removed it");
return true; return true;
} }
Network privateNetwork = networkModel.getNetwork(_privateGateway.getNetworkId()); final Network privateNetwork = networkModel.getNetwork(_privateGateway.getNetworkId());
s_logger.debug("Releasing private ip for gateway " + _privateGateway + " from " + _router); s_logger.debug("Releasing private ip for gateway " + _privateGateway + " from " + _router);
@ -135,14 +135,14 @@ public class PrivateGatewayRules extends RuleApplier {
} }
// revoke network acl on the private gateway. // revoke network acl on the private gateway.
NetworkACLManager networkACLMgr = visitor.getVirtualNetworkApplianceFactory().getNetworkACLMgr(); final NetworkACLManager networkACLMgr = visitor.getVirtualNetworkApplianceFactory().getNetworkACLMgr();
if (!networkACLMgr.revokeACLItemsForPrivateGw(_privateGateway)) { if (!networkACLMgr.revokeACLItemsForPrivateGw(_privateGateway)) {
s_logger.debug("Failed to delete network acl items on " + _privateGateway + " from router " + _router); s_logger.debug("Failed to delete network acl items on " + _privateGateway + " from router " + _router);
return false; return false;
} }
s_logger.debug("Removing router " + _router + " from private network " + privateNetwork + " as a part of delete private gateway"); s_logger.debug("Removing router " + _router + " from private network " + privateNetwork + " as a part of delete private gateway");
VirtualMachineManager itMgr = visitor.getVirtualNetworkApplianceFactory().getItMgr(); final VirtualMachineManager itMgr = visitor.getVirtualNetworkApplianceFactory().getItMgr();
result = result && itMgr.removeVmFromNetwork(_router, privateNetwork, null); result = result && itMgr.removeVmFromNetwork(_router, privateNetwork, null);
s_logger.debug("Private gateawy " + _privateGateway + " is removed from router " + _router); s_logger.debug("Private gateawy " + _privateGateway + " is removed from router " + _router);
return result; return result;

22
server/src/org/apache/cloudstack/network/topology/AdvancedNetworkTopology.java
View File

@ -141,7 +141,7 @@ public class AdvancedNetworkTopology extends BasicNetworkTopology {
} }
@Override @Override
public boolean applyUserData(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final List<DomainRouterVO> routers) public boolean applyUserData(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final DomainRouterVO router)
throws ResourceUnavailableException { throws ResourceUnavailableException {
s_logger.debug("APPLYING VPC USERDATA RULES"); s_logger.debug("APPLYING VPC USERDATA RULES");
@ -153,12 +153,12 @@ public class AdvancedNetworkTopology extends BasicNetworkTopology {
final UserdataPwdRules pwdRules = new UserdataPwdRules(network, nic, profile, dest); final UserdataPwdRules pwdRules = new UserdataPwdRules(network, nic, profile, dest);
return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(pwdRules)); return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(pwdRules));
} }
@Override @Override
public boolean applyDhcpEntry(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, public boolean applyDhcpEntry(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest,
final List<DomainRouterVO> routers) throws ResourceUnavailableException { final DomainRouterVO router) throws ResourceUnavailableException {
s_logger.debug("APPLYING VPC DHCP ENTRY RULES"); s_logger.debug("APPLYING VPC DHCP ENTRY RULES");
@ -169,11 +169,11 @@ public class AdvancedNetworkTopology extends BasicNetworkTopology {
final DhcpEntryRules dhcpRules = new DhcpEntryRules(network, nic, profile, dest); final DhcpEntryRules dhcpRules = new DhcpEntryRules(network, nic, profile, dest);
return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(dhcpRules)); return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(dhcpRules));
} }
@Override @Override
public boolean associatePublicIP(final Network network, final List<? extends PublicIpAddress> ipAddresses, final List<? extends VirtualRouter> routers) public boolean associatePublicIP(final Network network, final List<? extends PublicIpAddress> ipAddresses, final VirtualRouter router)
throws ResourceUnavailableException { throws ResourceUnavailableException {
if (ipAddresses == null || ipAddresses.isEmpty()) { if (ipAddresses == null || ipAddresses.isEmpty()) {
@ -182,7 +182,7 @@ public class AdvancedNetworkTopology extends BasicNetworkTopology {
} }
if (network.getVpcId() == null) { if (network.getVpcId() == null) {
return super.associatePublicIP(network, ipAddresses, routers); return super.associatePublicIP(network, ipAddresses, router);
} }
s_logger.debug("APPLYING VPC IP RULES"); s_logger.debug("APPLYING VPC IP RULES");
@ -193,12 +193,10 @@ public class AdvancedNetworkTopology extends BasicNetworkTopology {
final Long podId = null; final Long podId = null;
final NicPlugInOutRules nicPlugInOutRules = new NicPlugInOutRules(network, ipAddresses); final NicPlugInOutRules nicPlugInOutRules = new NicPlugInOutRules(network, ipAddresses);
for (final VirtualRouter router : routers) { nicPlugInOutRules.accept(_advancedVisitor, router);
nicPlugInOutRules.accept(_advancedVisitor, router);
}
final VpcIpAssociationRules ipAssociationRules = new VpcIpAssociationRules(network, ipAddresses); final VpcIpAssociationRules ipAssociationRules = new VpcIpAssociationRules(network, ipAddresses);
final boolean result = applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(ipAssociationRules)); final boolean result = applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(ipAssociationRules));
if (result) { if (result) {
_advancedVisitor.visit(nicPlugInOutRules); _advancedVisitor.visit(nicPlugInOutRules);
@ -208,7 +206,7 @@ public class AdvancedNetworkTopology extends BasicNetworkTopology {
} }
@Override @Override
public boolean applyNetworkACLs(final Network network, final List<? extends NetworkACLItem> rules, final List<? extends VirtualRouter> routers, final boolean isPrivateGateway) public boolean applyNetworkACLs(final Network network, final List<? extends NetworkACLItem> rules, final VirtualRouter router, final boolean isPrivateGateway)
throws ResourceUnavailableException { throws ResourceUnavailableException {
if (rules == null || rules.isEmpty()) { if (rules == null || rules.isEmpty()) {
@ -225,6 +223,6 @@ public class AdvancedNetworkTopology extends BasicNetworkTopology {
final NetworkAclsRules aclsRules = new NetworkAclsRules(network, rules, isPrivateGateway); final NetworkAclsRules aclsRules = new NetworkAclsRules(network, rules, isPrivateGateway);
return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(aclsRules)); return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(aclsRules));
} }
} }

118
server/src/org/apache/cloudstack/network/topology/BasicNetworkTopology.java
View File

@ -110,7 +110,7 @@ public class BasicNetworkTopology implements NetworkTopology {
} }
@Override @Override
public boolean applyNetworkACLs(final Network network, final List<? extends NetworkACLItem> rules, final List<? extends VirtualRouter> routers, final boolean isPrivateGateway) public boolean applyNetworkACLs(final Network network, final List<? extends NetworkACLItem> rules, final VirtualRouter router, final boolean isPrivateGateway)
throws ResourceUnavailableException { throws ResourceUnavailableException {
throw new CloudRuntimeException("applyNetworkACLs not implemented in Basic Network Topology."); throw new CloudRuntimeException("applyNetworkACLs not implemented in Basic Network Topology.");
} }
@ -140,7 +140,7 @@ public class BasicNetworkTopology implements NetworkTopology {
@Override @Override
public boolean applyDhcpEntry(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, public boolean applyDhcpEntry(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest,
final List<DomainRouterVO> routers) throws ResourceUnavailableException { final DomainRouterVO router) throws ResourceUnavailableException {
s_logger.debug("APPLYING DHCP ENTRY RULES"); s_logger.debug("APPLYING DHCP ENTRY RULES");
@ -160,11 +160,11 @@ public class BasicNetworkTopology implements NetworkTopology {
final DhcpEntryRules dhcpRules = new DhcpEntryRules(network, nic, profile, dest); final DhcpEntryRules dhcpRules = new DhcpEntryRules(network, nic, profile, dest);
return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(dhcpRules)); return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(dhcpRules));
} }
@Override @Override
public boolean applyUserData(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final List<DomainRouterVO> routers) public boolean applyUserData(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final DomainRouterVO router)
throws ResourceUnavailableException { throws ResourceUnavailableException {
s_logger.debug("APPLYING USERDATA RULES"); s_logger.debug("APPLYING USERDATA RULES");
@ -182,11 +182,11 @@ public class BasicNetworkTopology implements NetworkTopology {
final UserdataPwdRules pwdRules = new UserdataPwdRules(network, nic, profile, dest); final UserdataPwdRules pwdRules = new UserdataPwdRules(network, nic, profile, dest);
return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(pwdRules)); return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(pwdRules));
} }
@Override @Override
public boolean applyLoadBalancingRules(final Network network, final List<LoadBalancingRule> rules, final List<? extends VirtualRouter> routers) public boolean applyLoadBalancingRules(final Network network, final List<LoadBalancingRule> rules, final VirtualRouter router)
throws ResourceUnavailableException { throws ResourceUnavailableException {
if (rules == null || rules.isEmpty()) { if (rules == null || rules.isEmpty()) {
@ -203,11 +203,11 @@ public class BasicNetworkTopology implements NetworkTopology {
final LoadBalancingRules loadBalancingRules = new LoadBalancingRules(network, rules); final LoadBalancingRules loadBalancingRules = new LoadBalancingRules(network, rules);
return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(loadBalancingRules)); return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(loadBalancingRules));
} }
@Override @Override
public boolean applyFirewallRules(final Network network, final List<? extends FirewallRule> rules, final List<? extends VirtualRouter> routers) public boolean applyFirewallRules(final Network network, final List<? extends FirewallRule> rules, final VirtualRouter router)
throws ResourceUnavailableException { throws ResourceUnavailableException {
if (rules == null || rules.isEmpty()) { if (rules == null || rules.isEmpty()) {
s_logger.debug("No firewall rules to be applied for network " + network.getId()); s_logger.debug("No firewall rules to be applied for network " + network.getId());
@ -223,11 +223,11 @@ public class BasicNetworkTopology implements NetworkTopology {
final FirewallRules firewallRules = new FirewallRules(network, rules); final FirewallRules firewallRules = new FirewallRules(network, rules);
return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(firewallRules)); return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(firewallRules));
} }
@Override @Override
public boolean applyStaticNats(final Network network, final List<? extends StaticNat> rules, final List<? extends VirtualRouter> routers) throws ResourceUnavailableException { public boolean applyStaticNats(final Network network, final List<? extends StaticNat> rules, final VirtualRouter router) throws ResourceUnavailableException {
if (rules == null || rules.isEmpty()) { if (rules == null || rules.isEmpty()) {
s_logger.debug("No static nat rules to be applied for network " + network.getId()); s_logger.debug("No static nat rules to be applied for network " + network.getId());
return true; return true;
@ -242,11 +242,11 @@ public class BasicNetworkTopology implements NetworkTopology {
final StaticNatRules natRules = new StaticNatRules(network, rules); final StaticNatRules natRules = new StaticNatRules(network, rules);
return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(natRules)); return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(natRules));
} }
@Override @Override
public boolean associatePublicIP(final Network network, final List<? extends PublicIpAddress> ipAddress, final List<? extends VirtualRouter> routers) public boolean associatePublicIP(final Network network, final List<? extends PublicIpAddress> ipAddress, final VirtualRouter router)
throws ResourceUnavailableException { throws ResourceUnavailableException {
if (ipAddress == null || ipAddress.isEmpty()) { if (ipAddress == null || ipAddress.isEmpty()) {
s_logger.debug("No ip association rules to be applied for network " + network.getId()); s_logger.debug("No ip association rules to be applied for network " + network.getId());
@ -262,7 +262,7 @@ public class BasicNetworkTopology implements NetworkTopology {
final IpAssociationRules ipAddresses = new IpAssociationRules(network, ipAddress); final IpAssociationRules ipAddresses = new IpAssociationRules(network, ipAddress);
return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(ipAddresses)); return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(ipAddresses));
} }
@Override @Override
@ -304,7 +304,7 @@ public class BasicNetworkTopology implements NetworkTopology {
} }
@Override @Override
public boolean savePasswordToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final List<? extends VirtualRouter> routers) public boolean savePasswordToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final VirtualRouter router)
throws ResourceUnavailableException { throws ResourceUnavailableException {
s_logger.debug("SAVE PASSWORD TO ROUTE RULES"); s_logger.debug("SAVE PASSWORD TO ROUTE RULES");
@ -316,11 +316,11 @@ public class BasicNetworkTopology implements NetworkTopology {
final PasswordToRouterRules routerRules = new PasswordToRouterRules(network, nic, profile); final PasswordToRouterRules routerRules = new PasswordToRouterRules(network, nic, profile);
return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(routerRules)); return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(routerRules));
} }
@Override @Override
public boolean saveSSHPublicKeyToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final List<? extends VirtualRouter> routers, public boolean saveSSHPublicKeyToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final VirtualRouter router,
final String sshPublicKey) throws ResourceUnavailableException { final String sshPublicKey) throws ResourceUnavailableException {
s_logger.debug("SAVE SSH PUB KEY TO ROUTE RULES"); s_logger.debug("SAVE SSH PUB KEY TO ROUTE RULES");
@ -331,11 +331,11 @@ public class BasicNetworkTopology implements NetworkTopology {
final SshKeyToRouterRules keyToRouterRules = new SshKeyToRouterRules(network, nic, profile, sshPublicKey); final SshKeyToRouterRules keyToRouterRules = new SshKeyToRouterRules(network, nic, profile, sshPublicKey);
return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(keyToRouterRules)); return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(keyToRouterRules));
} }
@Override @Override
public boolean saveUserDataToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final List<? extends VirtualRouter> routers) public boolean saveUserDataToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final VirtualRouter router)
throws ResourceUnavailableException { throws ResourceUnavailableException {
s_logger.debug("SAVE USERDATA TO ROUTE RULES"); s_logger.debug("SAVE USERDATA TO ROUTE RULES");
@ -346,14 +346,14 @@ public class BasicNetworkTopology implements NetworkTopology {
final UserdataToRouterRules userdataToRouterRules = new UserdataToRouterRules(network, nic, profile); final UserdataToRouterRules userdataToRouterRules = new UserdataToRouterRules(network, nic, profile);
return applyRules(network, routers, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(userdataToRouterRules)); return applyRules(network, router, typeString, isPodLevelException, podId, failWhenDisconnect, new RuleApplierWrapper<RuleApplier>(userdataToRouterRules));
} }
@Override @Override
public boolean applyRules(final Network network, final List<? extends VirtualRouter> routers, final String typeString, final boolean isPodLevelException, final Long podId, public boolean applyRules(final Network network, final VirtualRouter router, final String typeString, final boolean isPodLevelException, final Long podId,
final boolean failWhenDisconnect, final RuleApplierWrapper<RuleApplier> ruleApplierWrapper) throws ResourceUnavailableException { final boolean failWhenDisconnect, final RuleApplierWrapper<RuleApplier> ruleApplierWrapper) throws ResourceUnavailableException {
if (routers == null || routers.isEmpty()) { if (router == null) {
s_logger.warn("Unable to apply " + typeString + ", virtual router doesn't exist in the network " + network.getId()); s_logger.warn("Unable to apply " + typeString + ", virtual router doesn't exist in the network " + network.getId());
throw new ResourceUnavailableException("Unable to apply " + typeString, DataCenter.class, network.getDataCenterId()); throw new ResourceUnavailableException("Unable to apply " + typeString, DataCenter.class, network.getDataCenterId());
} }
@ -370,45 +370,43 @@ public class BasicNetworkTopology implements NetworkTopology {
final List<VirtualRouter> disconnectedRouters = new ArrayList<VirtualRouter>(); final List<VirtualRouter> disconnectedRouters = new ArrayList<VirtualRouter>();
boolean result = true; boolean result = true;
final String msg = "Unable to apply " + typeString + " on disconnected router "; final String msg = "Unable to apply " + typeString + " on disconnected router ";
for (final VirtualRouter router : routers) { if (router.getState() == State.Running) {
if (router.getState() == State.Running) { s_logger.debug("Applying " + typeString + " in network " + network);
s_logger.debug("Applying " + typeString + " in network " + network);
if (router.isStopPending()) { if (router.isStopPending()) {
if (_hostDao.findById(router.getHostId()).getState() == Status.Up) { if (_hostDao.findById(router.getHostId()).getState() == Status.Up) {
throw new ResourceUnavailableException("Unable to process due to the stop pending router " + router.getInstanceName() throw new ResourceUnavailableException("Unable to process due to the stop pending router " + router.getInstanceName()
+ " haven't been stopped after it's host coming back!", DataCenter.class, router.getDataCenterId()); + " haven't been stopped after it's host coming back!", DataCenter.class, router.getDataCenterId());
}
s_logger.debug("Router " + router.getInstanceName() + " is stop pending, so not sending apply " + typeString + " commands to the backend");
continue;
} }
s_logger.debug("Router " + router.getInstanceName() + " is stop pending, so not sending apply " + typeString + " commands to the backend");
try { return false;
result = ruleApplier.accept(getVisitor(), router);
connectedRouters.add(router);
} catch (final AgentUnavailableException e) {
s_logger.warn(msg + router.getInstanceName(), e);
disconnectedRouters.add(router);
}
// If rules fail to apply on one domR and not due to
// disconnection, no need to proceed with the rest
if (!result) {
if (isZoneBasic && isPodLevelException) {
throw new ResourceUnavailableException("Unable to apply " + typeString + " on router ", Pod.class, podId);
}
throw new ResourceUnavailableException("Unable to apply " + typeString + " on router ", DataCenter.class, router.getDataCenterId());
}
} else if (router.getState() == State.Stopped || router.getState() == State.Stopping) {
s_logger.debug("Router " + router.getInstanceName() + " is in " + router.getState() + ", so not sending apply " + typeString + " commands to the backend");
} else {
s_logger.warn("Unable to apply " + typeString + ", virtual router is not in the right state " + router.getState());
if (isZoneBasic && isPodLevelException) {
throw new ResourceUnavailableException("Unable to apply " + typeString + ", virtual router is not in the right state", Pod.class, podId);
}
throw new ResourceUnavailableException("Unable to apply " + typeString + ", virtual router is not in the right state", DataCenter.class, router.getDataCenterId());
} }
try {
result = ruleApplier.accept(getVisitor(), router);
connectedRouters.add(router);
} catch (final AgentUnavailableException e) {
s_logger.warn(msg + router.getInstanceName(), e);
disconnectedRouters.add(router);
}
// If rules fail to apply on one domR and not due to
// disconnection, no need to proceed with the rest
if (!result) {
if (isZoneBasic && isPodLevelException) {
throw new ResourceUnavailableException("Unable to apply " + typeString + " on router ", Pod.class, podId);
}
throw new ResourceUnavailableException("Unable to apply " + typeString + " on router ", DataCenter.class, router.getDataCenterId());
}
} else if (router.getState() == State.Stopped || router.getState() == State.Stopping) {
s_logger.debug("Router " + router.getInstanceName() + " is in " + router.getState() + ", so not sending apply " + typeString + " commands to the backend");
} else {
s_logger.warn("Unable to apply " + typeString + ", virtual router is not in the right state " + router.getState());
if (isZoneBasic && isPodLevelException) {
throw new ResourceUnavailableException("Unable to apply " + typeString + ", virtual router is not in the right state", Pod.class, podId);
}
throw new ResourceUnavailableException("Unable to apply " + typeString + ", virtual router is not in the right state", DataCenter.class, router.getDataCenterId());
} }
if (!connectedRouters.isEmpty()) { if (!connectedRouters.isEmpty()) {
@ -425,10 +423,8 @@ public class BasicNetworkTopology implements NetworkTopology {
} }
} }
} else if (!disconnectedRouters.isEmpty()) { } else if (!disconnectedRouters.isEmpty()) {
for (final VirtualRouter router : disconnectedRouters) { if (s_logger.isDebugEnabled()) {
if (s_logger.isDebugEnabled()) { s_logger.debug(msg + router.getInstanceName() + "(" + router.getId() + ")");
s_logger.debug(msg + router.getInstanceName() + "(" + router.getId() + ")");
}
} }
if (isZoneBasic && isPodLevelException) { if (isZoneBasic && isPodLevelException) {
throw new ResourceUnavailableException(msg, Pod.class, podId); throw new ResourceUnavailableException(msg, Pod.class, podId);

22
server/src/org/apache/cloudstack/network/topology/NetworkTopology.java
View File

@ -50,7 +50,7 @@ public interface NetworkTopology {
boolean configDhcpForSubnet(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final List<DomainRouterVO> routers) boolean configDhcpForSubnet(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final List<DomainRouterVO> routers)
throws ResourceUnavailableException; throws ResourceUnavailableException;
boolean applyNetworkACLs(final Network network, final List<? extends NetworkACLItem> rules, final List<? extends VirtualRouter> routers, final boolean isPrivateGateway) boolean applyNetworkACLs(final Network network, final List<? extends NetworkACLItem> rules, final VirtualRouter router, final boolean isPrivateGateway)
throws ResourceUnavailableException; throws ResourceUnavailableException;
boolean applyStaticRoutes(final List<StaticRouteProfile> staticRoutes, final List<DomainRouterVO> routers) throws ResourceUnavailableException; boolean applyStaticRoutes(final List<StaticRouteProfile> staticRoutes, final List<DomainRouterVO> routers) throws ResourceUnavailableException;
@ -61,30 +61,30 @@ public interface NetworkTopology {
// ====== USED FOR GUEST NETWORK AND VCP ====== // // ====== USED FOR GUEST NETWORK AND VCP ====== //
boolean applyDhcpEntry(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final List<DomainRouterVO> routers) boolean applyDhcpEntry(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final DomainRouterVO router)
throws ResourceUnavailableException; throws ResourceUnavailableException;
boolean applyUserData(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final List<DomainRouterVO> routers) boolean applyUserData(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final DeployDestination dest, final DomainRouterVO router)
throws ResourceUnavailableException; throws ResourceUnavailableException;
boolean applyLoadBalancingRules(Network network, List<LoadBalancingRule> rules, List<? extends VirtualRouter> routers) throws ResourceUnavailableException; boolean applyLoadBalancingRules(Network network, List<LoadBalancingRule> rules, VirtualRouter router) throws ResourceUnavailableException;
boolean applyFirewallRules(final Network network, final List<? extends FirewallRule> rules, final List<? extends VirtualRouter> routers) throws ResourceUnavailableException; boolean applyFirewallRules(final Network network, final List<? extends FirewallRule> rules, final VirtualRouter router) throws ResourceUnavailableException;
boolean applyStaticNats(final Network network, final List<? extends StaticNat> rules, final List<? extends VirtualRouter> routers) throws ResourceUnavailableException; boolean applyStaticNats(final Network network, final List<? extends StaticNat> rules, final VirtualRouter router) throws ResourceUnavailableException;
boolean associatePublicIP(final Network network, final List<? extends PublicIpAddress> ipAddress, final List<? extends VirtualRouter> routers) throws ResourceUnavailableException; boolean associatePublicIP(final Network network, final List<? extends PublicIpAddress> ipAddress, final VirtualRouter router) throws ResourceUnavailableException;
String[] applyVpnUsers(final Network network, final List<? extends VpnUser> users, final List<DomainRouterVO> routers) throws ResourceUnavailableException; String[] applyVpnUsers(final Network network, final List<? extends VpnUser> users, final List<DomainRouterVO> routers) throws ResourceUnavailableException;
boolean savePasswordToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final List<? extends VirtualRouter> routers) throws ResourceUnavailableException; boolean savePasswordToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final VirtualRouter router) throws ResourceUnavailableException;
boolean saveSSHPublicKeyToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final List<? extends VirtualRouter> routers, boolean saveSSHPublicKeyToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final VirtualRouter router,
final String sshPublicKey) throws ResourceUnavailableException; final String sshPublicKey) throws ResourceUnavailableException;
boolean saveUserDataToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final List<? extends VirtualRouter> routers) boolean saveUserDataToRouter(final Network network, final NicProfile nic, final VirtualMachineProfile profile, final VirtualRouter router)
throws ResourceUnavailableException; throws ResourceUnavailableException;
boolean applyRules(final Network network, final List<? extends VirtualRouter> routers, final String typeString, final boolean isPodLevelException, final Long podId, boolean applyRules(final Network network, final VirtualRouter router, final String typeString, final boolean isPodLevelException, final Long podId,
final boolean failWhenDisconnect, RuleApplierWrapper<RuleApplier> ruleApplier) throws ResourceUnavailableException; final boolean failWhenDisconnect, RuleApplierWrapper<RuleApplier> ruleApplier) throws ResourceUnavailableException;
} }

16
server/src/org/apache/cloudstack/network/topology/NetworkTopologyContext.java
View File

@ -49,4 +49,20 @@ public class NetworkTopologyContext {
} }
return _flyweight.get(dc.getNetworkType()); return _flyweight.get(dc.getNetworkType());
} }
/**
* Method used for tests purpose only. Please do not use it to set the AdvanceNetworkTopology and it is managed by Spring.
* @param advancedNetworkTopology
*/
public void setAdvancedNetworkTopology(final AdvancedNetworkTopology advancedNetworkTopology) {
_advancedNetworkTopology = advancedNetworkTopology;
}
/**
* Method used for tests purpose only. Please do not use it to set the BasicNetworkTopology and it is managed by Spring.
* @param basicNetworkTopology
*/
public void setBasicNetworkTopology(final BasicNetworkTopology basicNetworkTopology) {
_basicNetworkTopology = basicNetworkTopology;
}
} }

188
server/test/com/cloud/network/element/VpcVirtualRouterElementTest.java Normal file
View File

@ -0,0 +1,188 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package com.cloud.network.element;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.fail;
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;
import java.util.ArrayList;
import java.util.List;
import org.apache.cloudstack.network.topology.AdvancedNetworkTopology;
import org.apache.cloudstack.network.topology.BasicNetworkTopology;
import org.apache.cloudstack.network.topology.NetworkTopologyContext;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.mockito.InjectMocks;
import org.mockito.Mock;
import org.mockito.Mockito;
import org.mockito.runners.MockitoJUnitRunner;
import com.cloud.dc.DataCenterVO;
import com.cloud.dc.dao.DataCenterDao;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.RemoteAccessVpn;
import com.cloud.network.VpnUser;
import com.cloud.network.router.VpcVirtualNetworkApplianceManagerImpl;
import com.cloud.network.vpc.Vpc;
import com.cloud.utils.db.EntityManager;
import com.cloud.vm.DomainRouterVO;
import com.cloud.vm.dao.DomainRouterDao;
@RunWith(MockitoJUnitRunner.class)
public class VpcVirtualRouterElementTest {
@Mock
DataCenterDao _dcDao;
@Mock private DomainRouterDao _routerDao;
@Mock
EntityManager _entityMgr;
@Mock
NetworkTopologyContext networkTopologyContext;
@InjectMocks
VpcVirtualNetworkApplianceManagerImpl _vpcRouterMgr;
@InjectMocks
VpcVirtualRouterElement vpcVirtualRouterElement;
@Test
public void testApplyVpnUsers() {
vpcVirtualRouterElement._vpcRouterMgr = _vpcRouterMgr;
final AdvancedNetworkTopology advancedNetworkTopology = Mockito.mock(AdvancedNetworkTopology.class);
final BasicNetworkTopology basicNetworkTopology = Mockito.mock(BasicNetworkTopology.class);
networkTopologyContext.setAdvancedNetworkTopology(advancedNetworkTopology);
networkTopologyContext.setBasicNetworkTopology(basicNetworkTopology);
networkTopologyContext.init();
final Vpc vpc = Mockito.mock(Vpc.class);
final DataCenterVO dataCenterVO = Mockito.mock(DataCenterVO.class);
final RemoteAccessVpn remoteAccessVpn = Mockito.mock(RemoteAccessVpn.class);
final DomainRouterVO domainRouterVO1 = Mockito.mock(DomainRouterVO.class);
final DomainRouterVO domainRouterVO2 = Mockito.mock(DomainRouterVO.class);
final VpnUser vpnUser1 = Mockito.mock(VpnUser.class);
final VpnUser vpnUser2 = Mockito.mock(VpnUser.class);
final List<VpnUser> users = new ArrayList<VpnUser>();
users.add(vpnUser1);
users.add(vpnUser2);
final List<DomainRouterVO> routers = new ArrayList<DomainRouterVO>();
routers.add(domainRouterVO1);
routers.add(domainRouterVO2);
final Long vpcId = new Long(1l);
final Long zoneId = new Long(1l);
when(remoteAccessVpn.getVpcId()).thenReturn(vpcId);
when(_vpcRouterMgr.getVpcRouters(vpcId)).thenReturn(routers);
when(_entityMgr.findById(Vpc.class, vpcId)).thenReturn(vpc);
when(vpc.getZoneId()).thenReturn(zoneId);
when(_dcDao.findById(zoneId)).thenReturn(dataCenterVO);
when(networkTopologyContext.retrieveNetworkTopology(dataCenterVO)).thenReturn(advancedNetworkTopology);
try {
when(advancedNetworkTopology.applyVpnUsers(remoteAccessVpn, users, domainRouterVO1)).thenReturn(new String[]{"user1", "user2"});
when(advancedNetworkTopology.applyVpnUsers(remoteAccessVpn, users, domainRouterVO2)).thenReturn(new String[]{"user3", "user4"});
} catch (final ResourceUnavailableException e) {
fail(e.getMessage());
}
try {
final String [] results = vpcVirtualRouterElement.applyVpnUsers(remoteAccessVpn, users);
assertNotNull(results);
assertEquals(results[0], "user1");
assertEquals(results[1], "user2");
assertEquals(results[2], "user3");
assertEquals(results[3], "user4");
} catch (final ResourceUnavailableException e) {
fail(e.getMessage());
}
verify(remoteAccessVpn, times(1)).getVpcId();
verify(vpc, times(1)).getZoneId();
verify(_dcDao, times(1)).findById(zoneId);
verify(networkTopologyContext, times(1)).retrieveNetworkTopology(dataCenterVO);
}
@Test
public void testApplyVpnUsersException1() {
vpcVirtualRouterElement._vpcRouterMgr = _vpcRouterMgr;
final AdvancedNetworkTopology advancedNetworkTopology = Mockito.mock(AdvancedNetworkTopology.class);
final BasicNetworkTopology basicNetworkTopology = Mockito.mock(BasicNetworkTopology.class);
networkTopologyContext.setAdvancedNetworkTopology(advancedNetworkTopology);
networkTopologyContext.setBasicNetworkTopology(basicNetworkTopology);
networkTopologyContext.init();
final RemoteAccessVpn remoteAccessVpn = Mockito.mock(RemoteAccessVpn.class);
final List<VpnUser> users = new ArrayList<VpnUser>();
when(remoteAccessVpn.getVpcId()).thenReturn(null);
try {
final String [] results = vpcVirtualRouterElement.applyVpnUsers(remoteAccessVpn, users);
assertNull(results);
} catch (final ResourceUnavailableException e) {
fail(e.getMessage());
}
verify(remoteAccessVpn, times(1)).getVpcId();
}
@Test
public void testApplyVpnUsersException2() {
vpcVirtualRouterElement._vpcRouterMgr = _vpcRouterMgr;
final AdvancedNetworkTopology advancedNetworkTopology = Mockito.mock(AdvancedNetworkTopology.class);
final BasicNetworkTopology basicNetworkTopology = Mockito.mock(BasicNetworkTopology.class);
networkTopologyContext.setAdvancedNetworkTopology(advancedNetworkTopology);
networkTopologyContext.setBasicNetworkTopology(basicNetworkTopology);
networkTopologyContext.init();
final RemoteAccessVpn remoteAccessVpn = Mockito.mock(RemoteAccessVpn.class);
final List<VpnUser> users = new ArrayList<VpnUser>();
final Long vpcId = new Long(1l);
when(remoteAccessVpn.getVpcId()).thenReturn(vpcId);
when(_vpcRouterMgr.getVpcRouters(vpcId)).thenReturn(null);
try {
final String [] results = vpcVirtualRouterElement.applyVpnUsers(remoteAccessVpn, users);
assertNull(results);
} catch (final ResourceUnavailableException e) {
fail(e.getMessage());
}
verify(remoteAccessVpn, times(1)).getVpcId();
}
}

9
systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py
View File

@ -28,7 +28,7 @@ from CsRoute import CsRoute
from CsRule import CsRule from CsRule import CsRule
VRRP_TYPES = ['guest'] VRRP_TYPES = ['guest']
PUBLIC_INTERFACE = ['eth1']
class CsAddress(CsDataBag): class CsAddress(CsDataBag):
@ -314,9 +314,10 @@ class CsIP:
for i in CsHelper.execute(cmd): for i in CsHelper.execute(cmd):
if " DOWN " in i: if " DOWN " in i:
cmd2 = "ip link set %s up" % self.getDevice() cmd2 = "ip link set %s up" % self.getDevice()
# If redundant do not bring up public interfaces # If redundant only bring up public interfaces that are not eth1.
# master.py and keepalived will deal with them # Reason: private gateways are public interfaces.
if self.cl.is_redundant() and not self.is_public(): # master.py and keepalived will deal with eth1 public interface.
if self.cl.is_redundant() and (not self.is_public() or self.getDevice() not in PUBLIC_INTERFACE):
CsHelper.execute(cmd2) CsHelper.execute(cmd2)
# if not redundant bring everything up # if not redundant bring everything up
if not self.cl.is_redundant(): if not self.cl.is_redundant():

4
test/integration/smoke/test_privategw_acl.py
View File

@ -242,7 +242,6 @@ class TestPrivateGwACL(cloudstackTestCase):
@attr(tags=["advanced"], required_hardware="true") @attr(tags=["advanced"], required_hardware="true")
def test_02_vpc_privategw_static_routes(self): def test_02_vpc_privategw_static_routes(self):
self.logger.debug("Creating a VPC offering..") self.logger.debug("Creating a VPC offering..")
vpc_off = VpcOffering.create( vpc_off = VpcOffering.create(
self.apiclient, self.apiclient,
@ -255,8 +254,6 @@ class TestPrivateGwACL(cloudstackTestCase):
@attr(tags=["advanced"], required_hardware="true") @attr(tags=["advanced"], required_hardware="true")
def test_03_rvpc_privategw_static_routes(self): def test_03_rvpc_privategw_static_routes(self):
self.skipTest("Redundant VPC Routers have to be fixed. Private Gateway not working yet.")
self.logger.debug("Creating a Redundant VPC offering..") self.logger.debug("Creating a Redundant VPC offering..")
vpc_off = VpcOffering.create( vpc_off = VpcOffering.create(
self.apiclient, self.apiclient,
@ -268,7 +265,6 @@ class TestPrivateGwACL(cloudstackTestCase):
self.performVPCTests(vpc_off) self.performVPCTests(vpc_off)
def performVPCTests(self, vpc_off): def performVPCTests(self, vpc_off):
self.logger.debug("Creating VPCs with offering ID %s" % vpc_off.id) self.logger.debug("Creating VPCs with offering ID %s" % vpc_off.id)
vpc_1 = self.createVPC(vpc_off, cidr = '10.0.1.0/24') vpc_1 = self.createVPC(vpc_off, cidr = '10.0.1.0/24')
vpc_2 = self.createVPC(vpc_off, cidr = '10.0.2.0/24') vpc_2 = self.createVPC(vpc_off, cidr = '10.0.2.0/24')