apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

CS-14753: When Vm is deployed with a Security Group , it also gets associated with the default security group.

Browse Source 
Changes:
- StartVM needed to be changed to add default security group only when none is present.
- DeployVm: createAdvancedSecurityGroupVirtualMachine changed to follow the same rule - add default SG only if none is specified.
This commit is contained in:
prachi 2012-05-08 15:01:36 -07:00
parent 0c1c9141f4
commit f1fae9d57f
1 changed files with 17 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
server/src/com/cloud/vm/UserVmManagerImpl.java
View File

@ -2110,34 +2110,26 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
}
}
// if network is security group enabled, and default security group is not present in the list of groups specified, add it automatically
// if network is security group enabled, and no security group is specified, then add the default security group automatically
if (isSecurityGroupEnabledNetworkUsed && !isVmWare && _networkMgr.canAddDefaultSecurityGroup()) {
if (securityGroupIdList == null) {
securityGroupIdList = new ArrayList<Long>();
}
SecurityGroup defaultGroup = _securityGroupMgr.getDefaultSecurityGroup(owner.getId());
if (defaultGroup != null) {
//check if security group id list already contains Default security group, and if not - add it
boolean defaultGroupPresent = false;
for (Long securityGroupId : securityGroupIdList) {
if (securityGroupId.longValue() == defaultGroup.getId()) {
defaultGroupPresent = true;
break;
}
//add the default securityGroup only if no security group is specified
if(securityGroupIdList == null || securityGroupIdList.isEmpty()){
if (securityGroupIdList == null) {
securityGroupIdList = new ArrayList<Long>();
}
if (!defaultGroupPresent) {
SecurityGroup defaultGroup = _securityGroupMgr.getDefaultSecurityGroup(owner.getId());
if (defaultGroup != null) {
securityGroupIdList.add(defaultGroup.getId());
} else {
//create default security group for the account
if (s_logger.isDebugEnabled()) {
s_logger.debug("Couldn't find default security group for the account " + owner + " so creating a new one");
}
defaultGroup = _securityGroupMgr.createSecurityGroup(SecurityGroupManager.DEFAULT_GROUP_NAME, SecurityGroupManager.DEFAULT_GROUP_DESCRIPTION, owner.getDomainId(), owner.getId(), owner.getAccountName());
securityGroupIdList.add(defaultGroup.getId());
}
} else {
//create default security group for the account
if (s_logger.isDebugEnabled()) {
s_logger.debug("Couldn't find default security group for the account " + owner + " so creating a new one");
}
defaultGroup = _securityGroupMgr.createSecurityGroup(SecurityGroupManager.DEFAULT_GROUP_NAME, SecurityGroupManager.DEFAULT_GROUP_DESCRIPTION, owner.getDomainId(), owner.getId(), owner.getAccountName());
securityGroupIdList.add(defaultGroup.getId());
}
}
@ -2759,7 +2751,7 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
}
//check if vm is security group enabled
if (_securityGroupMgr.isVmSecurityGroupEnabled(vmId) && !_securityGroupMgr.isVmMappedToDefaultSecurityGroup(vmId) && _networkMgr.canAddDefaultSecurityGroup()) {
if (_securityGroupMgr.isVmSecurityGroupEnabled(vmId) && _securityGroupMgr.getSecurityGroupsForVm(vmId).isEmpty() && !_securityGroupMgr.isVmMappedToDefaultSecurityGroup(vmId) && _networkMgr.canAddDefaultSecurityGroup()) {
//if vm is not mapped to security group, create a mapping
if (s_logger.isDebugEnabled()) {
s_logger.debug("Vm " + vm + " is security group enabled, but not mapped to default security group; creating the mapping automatically");