apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-10-26 08:42:29 +01:00
Code Issues Packages Projects Releases Wiki Activity

bug 8251: introduced "id" field for public IP address. In the DB id is a primary key in user_ip_address table; ip_address and source_network_id is a composite key

Browse Source 
status 8251: resolved fixed
This commit is contained in:
alena 2011-01-30 21:27:25 -08:00
parent 7b1deef915
commit f6f8a35c75
68 changed files with 662 additions and 477 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
api/src/com/cloud/agent/api/routing/LoadBalancerConfigCommand.java
View File

@ -21,7 +21,7 @@ import com.cloud.agent.api.to.LoadBalancerTO;
/**
* LoadBalancerConfigCommand sends the load balancer configuration
* to the load balancer. Isn't that kinda obvious?
* to the load balancer.
*/
public class LoadBalancerConfigCommand extends NetworkElementCommand {
LoadBalancerTO[] loadBalancers;
@ -30,7 +30,7 @@ public class LoadBalancerConfigCommand extends NetworkElementCommand {
}
public LoadBalancerConfigCommand( LoadBalancerTO[] loadBalancers) {
public LoadBalancerConfigCommand(LoadBalancerTO[] loadBalancers) {
this.loadBalancers = loadBalancers;
}

7
api/src/com/cloud/agent/api/routing/SetPortForwardingRulesCommand.java
View File

@ -20,7 +20,6 @@ package com.cloud.agent.api.routing;
import java.util.List;
import com.cloud.agent.api.to.PortForwardingRuleTO;
import com.cloud.network.rules.PortForwardingRule;
public class SetPortForwardingRulesCommand extends NetworkElementCommand {
PortForwardingRuleTO[] rules;
@ -28,11 +27,11 @@ public class SetPortForwardingRulesCommand extends NetworkElementCommand {
protected SetPortForwardingRulesCommand() {
}
public SetPortForwardingRulesCommand(List<? extends PortForwardingRule> pfRules) {
public SetPortForwardingRulesCommand(List<? extends PortForwardingRuleTO> pfRules) {
rules = new PortForwardingRuleTO[pfRules.size()];
int i = 0;
for (PortForwardingRule rule : pfRules) {
rules[i++] = new PortForwardingRuleTO(rule);
for (PortForwardingRuleTO rule : pfRules) {
rules[i++] = rule;
}
}

7
api/src/com/cloud/agent/api/to/FirewallRuleTO.java
View File

@ -17,6 +17,7 @@
*/
package com.cloud.agent.api.to;
import com.cloud.network.IpAddress;
import com.cloud.network.rules.FirewallRule;
import com.cloud.network.rules.FirewallRule.State;
@ -28,7 +29,7 @@ import com.cloud.network.rules.FirewallRule.State;
* sent multiple times to the destination. If the rule is not on
* the destination, the answer to a revoke rule should be successful.
* 2. alreadyAdded - the rule has been successfully added before. Rules
* in this state are sent for completeness and optomization.
* in this state are sent for completeness and optimization.
* 3. neither - the rule is to be added but it might have been added before.
* If the rule already exists on the destination, the destination should
* reply the rule is successfully applied.
@ -62,8 +63,8 @@ public class FirewallRuleTO {
this.isOneToOneNat = isOneToOneNat;
}
public FirewallRuleTO(FirewallRule rule) {
this(rule.getId(), rule.getSourceIpAddress().addr(), rule.getProtocol(), rule.getSourcePortStart(), rule.getSourcePortEnd(), rule.getState()==State.Revoke, rule.getState()==State.Active, rule.isOneToOneNat());
public FirewallRuleTO(FirewallRule rule, String srcIp) {
this(rule.getId(), srcIp, rule.getProtocol(), rule.getSourcePortStart(), rule.getSourcePortEnd(), rule.getState()==State.Revoke, rule.getState()==State.Active, rule.isOneToOneNat());
}
public long getId() {

4
api/src/com/cloud/agent/api/to/PortForwardingRuleTO.java
View File

@ -33,8 +33,8 @@ public class PortForwardingRuleTO extends FirewallRuleTO {
super();
}
public PortForwardingRuleTO(PortForwardingRule rule) {
super(rule);
public PortForwardingRuleTO(PortForwardingRule rule, String srcIp) {
super(rule, srcIp);
this.dstIp = rule.getDestinationIpAddress().addr();
this.dstPortRange = new int[] { rule.getDestinationPortStart(), rule.getDestinationPortEnd() };
}

2
api/src/com/cloud/api/ApiConstants.java
View File

@ -79,6 +79,7 @@ public class ApiConstants {
public static final String INTERNAL_DNS2 = "internaldns2";
public static final String INTERVAL_TYPE = "intervaltype";
public static final String IP_ADDRESS = "ipaddress";
public static final String IP_ADDRESS_ID = "ipaddressid";
public static final String IP_AVAILABLE = "ipavailable";
public static final String IP_LIMIT = "iplimit";
public static final String IP_TOTAL = "iptotal";
@ -123,6 +124,7 @@ public class ApiConstants {
public static final String PRIVATE_ZONE = "privatezone";
public static final String PROTOCOL = "protocol";
public static final String PUBLIC_INTERFACE = "publicinterface";
public static final String PUBLIC_IP_ID = "publicipid";
public static final String PUBLIC_IP = "publicip";
public static final String PUBLIC_PORT = "publicport";
public static final String PUBLIC_ZONE = "publiczone";

42
api/src/com/cloud/api/commands/AssociateIPAddrCmd.java
View File

@ -22,11 +22,13 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
import com.cloud.api.BaseAsyncCreateCmd;
import com.cloud.api.BaseCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.ServerApiException;
import com.cloud.api.response.IPAddressResponse;
import com.cloud.event.EventTypes;
import com.cloud.exception.ConcurrentOperationException;
import com.cloud.exception.InsufficientAddressCapacityException;
import com.cloud.exception.InsufficientCapacityException;
@ -35,10 +37,11 @@ import com.cloud.exception.ResourceAllocationException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.IpAddress;
import com.cloud.network.Network;
import com.cloud.user.Account;
import com.cloud.user.UserContext;
@Implementation(description="Acquires and associates a public IP to an account.", responseObject=IPAddressResponse.class)
public class AssociateIPAddrCmd extends BaseCmd {
public class AssociateIPAddrCmd extends BaseAsyncCreateCmd {
public static final Logger s_logger = Logger.getLogger(AssociateIPAddrCmd.class.getName());
private static final String s_name = "associateipaddressresponse";
@ -94,6 +97,21 @@ public class AssociateIPAddrCmd extends BaseCmd {
return networks.get(0).getId();
}
@Override
public long getEntityOwnerId() {
Account caller = UserContext.current().getCaller();
return _accountService.finalizeOwner(caller, accountName, domainId).getAccountId();
}
@Override
public String getEventType() {
return EventTypes.EVENT_NET_IP_ASSIGN;
}
@Override
public String getEventDescription() {
return "associating ip to network id: " + getNetworkId() + " in zone " + getZoneId();
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
@ -109,6 +127,28 @@ public class AssociateIPAddrCmd extends BaseCmd {
return "addressinfo";
}
@Override
public void create(){
try {
IpAddress ip = _networkService.allocateIP(this);
if (ip != null) {
this.setEntityId(ip.getId());
} else {
throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to allocate ip address");
}
} catch (ResourceAllocationException ex) {
s_logger.warn("Exception: ", ex);
throw new ServerApiException(BaseCmd.RESOURCE_ALLOCATION_ERROR, ex.getMessage());
} catch (ConcurrentOperationException ex) {
s_logger.warn("Exception: ", ex);
throw new ServerApiException(BaseCmd.INTERNAL_ERROR, ex.getMessage());
} catch (InsufficientAddressCapacityException ex) {
s_logger.info(ex);
s_logger.trace(ex);
throw new ServerApiException(BaseCmd.INSUFFICIENT_CAPACITY_ERROR, ex.getMessage());
}
}
@Override
public void execute() throws ResourceUnavailableException, ResourceAllocationException, ConcurrentOperationException, InsufficientCapacityException {
try {

25
api/src/com/cloud/api/commands/CreateIpForwardingRuleCmd.java
View File

@ -47,8 +47,8 @@ public class CreateIpForwardingRuleCmd extends BaseAsyncCreateCmd implements Por
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.IP_ADDRESS, type=CommandType.STRING, required=true, description="the public IP address of the forwarding rule, already associated via associateIp")
private String ipAddress;
@Parameter(name=ApiConstants.IP_ADDRESS_ID, type=CommandType.LONG, required=true, description="the public IP address id of the forwarding rule, already associated via associateIp")
private Long ipAddressId;
@Parameter(name=ApiConstants.START_PORT, type=CommandType.INTEGER, required=true, description="the start port for the rule")
private Integer startPort;
@ -64,8 +64,8 @@ public class CreateIpForwardingRuleCmd extends BaseAsyncCreateCmd implements Por
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public String getIpAddress() {
return ipAddress;
public Long getIpAddressId() {
return ipAddressId;
}
public int getStartPort() {
@ -89,7 +89,7 @@ public class CreateIpForwardingRuleCmd extends BaseAsyncCreateCmd implements Por
public void execute(){
boolean result;
try {
result = _rulesService.applyPortForwardingRules(new Ip(ipAddress), UserContext.current().getCaller());
result = _rulesService.applyPortForwardingRules(ipAddressId, UserContext.current().getCaller());
} catch (Exception e) {
s_logger.error("Unable to apply port forwarding rules", e);
_rulesService.revokePortForwardingRule(getEntityId(), true);
@ -137,7 +137,7 @@ public class CreateIpForwardingRuleCmd extends BaseAsyncCreateCmd implements Por
@Override
public String getEventDescription() {
return ("Creating an ipforwarding 1:1 NAT rule for "+ipAddress+" with virtual machine:"+ getVirtualMachineId());
return ("Creating an ipforwarding 1:1 NAT rule for "+ipAddressId+" with virtual machine:"+ getVirtualMachineId());
}
@Override
@ -151,8 +151,8 @@ public class CreateIpForwardingRuleCmd extends BaseAsyncCreateCmd implements Por
}
@Override
public Ip getSourceIpAddress() {
return new Ip(ipAddress);
public long getSourceIpAddressId() {
return ipAddressId;
}
@Override
@ -225,13 +225,14 @@ public class CreateIpForwardingRuleCmd extends BaseAsyncCreateCmd implements Por
@Override
public long getVirtualMachineId() {
IpAddress ip = _networkService.getIp(new Ip(ipAddress));
IpAddress ip = _networkService.getIp(ipAddressId);
if (ip == null) {
throw new InvalidParameterValueException("Ip address " + ipAddress + " doesn't exist in the system");
throw new InvalidParameterValueException("Ip address id=" + ipAddressId + " doesn't exist in the system");
} else if (ip.isOneToOneNat() && ip.getAssociatedWithVmId() != null){
return _networkService.getIp(ipAddressId).getAssociatedWithVmId();
} else {
return _networkService.getIp(new Ip(ipAddress)).getAssociatedWithVmId();
throw new InvalidParameterValueException("Ip address id=" + ipAddressId + " doesn't have 1-1 Nat feature enabled");
}
}
}

13
api/src/com/cloud/api/commands/CreateLoadBalancerRuleCmd.java
View File

@ -29,7 +29,6 @@ import com.cloud.api.response.LoadBalancerResponse;
import com.cloud.exception.NetworkRuleConflictException;
import com.cloud.network.rules.LoadBalancer;
import com.cloud.user.UserContext;
import com.cloud.utils.net.Ip;
import com.cloud.utils.net.NetUtils;
@Implementation(description="Creates a load balancer rule", responseObject=LoadBalancerResponse.class)
@ -54,8 +53,8 @@ public class CreateLoadBalancerRuleCmd extends BaseCmd implements LoadBalancer
@Parameter(name=ApiConstants.PRIVATE_PORT, type=CommandType.INTEGER, required=true, description="the private port of the private ip address/virtual machine where the network traffic will be load balanced to")
private Integer privatePort;
@Parameter(name=ApiConstants.PUBLIC_IP, type=CommandType.STRING, required=true, description="public ip address from where the network traffic will be load balanced from")
private String publicIp;
@Parameter(name=ApiConstants.PUBLIC_IP_ID, type=CommandType.LONG, required=true, description="public ip address id from where the network traffic will be load balanced from")
private Long publicIpId;
@Parameter(name=ApiConstants.PUBLIC_PORT, type=CommandType.INTEGER, required=true, description="the public port from where the network traffic will be load balanced from")
private Integer publicPort;
@ -83,8 +82,8 @@ public class CreateLoadBalancerRuleCmd extends BaseCmd implements LoadBalancer
return privatePort;
}
public String getPublicIp() {
return publicIp;
public Long getPublicIpId() {
return publicIpId;
}
public Integer getPublicPort() {
@ -130,8 +129,8 @@ public class CreateLoadBalancerRuleCmd extends BaseCmd implements LoadBalancer
}
@Override
public Ip getSourceIpAddress() {
return new Ip(publicIp);
public long getSourceIpAddressId() {
return publicIpId;
}
@Override

16
api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java
View File

@ -45,8 +45,8 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.IP_ADDRESS, type=CommandType.STRING, required=true, description="the IP address of the port forwarding rule")
private String ipAddress;
@Parameter(name=ApiConstants.IP_ADDRESS_ID, type=CommandType.LONG, required=true, description="the IP address id of the port forwarding rule")
private Long ipAddressId;
@Parameter(name=ApiConstants.PRIVATE_PORT, type=CommandType.INTEGER, required=true, description="the private port of the port forwarding rule")
private Integer privatePort;
@ -65,8 +65,8 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public String getIpAddress() {
return ipAddress;
public Long getIpAddressId() {
return ipAddressId;
}
public Integer getPrivatePort() {
@ -103,7 +103,7 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements
boolean success = false;
PortForwardingRule rule = _entityMgr.findById(PortForwardingRule.class, getEntityId());
try {
success = _rulesService.applyPortForwardingRules(rule.getSourceIpAddress(), callerContext.getCaller());
success = _rulesService.applyPortForwardingRules(rule.getSourceIpAddressId(), callerContext.getCaller());
//State is different after the rule is applied, so get new object here
rule = _entityMgr.findById(PortForwardingRule.class, getEntityId());
@ -133,8 +133,8 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements
}
@Override
public Ip getSourceIpAddress() {
return new Ip(ipAddress.trim());
public long getSourceIpAddressId() {
return ipAddressId;
}
@Override
@ -212,7 +212,7 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements
@Override
public String getEventDescription() {
return ("Creating an port forwarding rule for "+ipAddress+" with virtual machine:"+virtualMachineId);
return ("Creating an port forwarding rule for "+ipAddressId+" with virtual machine:"+virtualMachineId);
}
@Override

32
api/src/com/cloud/api/commands/CreateRemoteAccessVpnCmd.java
View File

@ -20,20 +20,19 @@ package com.cloud.api.commands;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
import com.cloud.api.BaseAsyncCreateCmd;
import com.cloud.api.BaseCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.ServerApiException;
import com.cloud.api.response.RemoteAccessVpnResponse;
import com.cloud.domain.Domain;
import com.cloud.event.EventTypes;
import com.cloud.exception.NetworkRuleConflictException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.RemoteAccessVpn;
import com.cloud.user.Account;
import com.cloud.user.UserContext;
import com.cloud.utils.net.Ip;
@Implementation(description="Creates a l2tp/ipsec remote access vpn", responseObject=RemoteAccessVpnResponse.class)
public class CreateRemoteAccessVpnCmd extends BaseAsyncCreateCmd {
@ -44,8 +43,8 @@ public class CreateRemoteAccessVpnCmd extends BaseAsyncCreateCmd {
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name="publicip", type=CommandType.STRING, required=true, description="public ip address of the vpn server")
private String publicIp;
@Parameter(name=ApiConstants.PUBLIC_IP_ID, type=CommandType.LONG, required=true, description="public ip address id of the vpn server")
private Long publicIpId;
@Parameter(name="iprange", type=CommandType.STRING, required=false, description="the range of ip addresses to allocate to vpn clients. The first ip in the range will be taken by the vpn server")
private String ipRange;
@ -60,8 +59,8 @@ public class CreateRemoteAccessVpnCmd extends BaseAsyncCreateCmd {
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public String getPublicIp() {
return publicIp;
public Long getPublicIpId() {
return publicIpId;
}
public String getAccountName() {
@ -72,10 +71,6 @@ public class CreateRemoteAccessVpnCmd extends BaseAsyncCreateCmd {
return domainId;
}
public void setPublicIp(String publicIp) {
this.publicIp = publicIp;
}
public String getIpRange() {
return ipRange;
}
@ -116,7 +111,7 @@ public class CreateRemoteAccessVpnCmd extends BaseAsyncCreateCmd {
@Override
public String getEventDescription() {
return "Create Remote Access VPN for account " + getEntityOwnerId() + " using public " + publicIp;
return "Create Remote Access VPN for account " + getEntityOwnerId() + " using public ip id=" + publicIpId;
}
@Override
@ -127,9 +122,9 @@ public class CreateRemoteAccessVpnCmd extends BaseAsyncCreateCmd {
@Override
public void create() {
try {
RemoteAccessVpn vpn = _ravService.createRemoteAccessVpn(new Ip(publicIp), ipRange);
RemoteAccessVpn vpn = _ravService.createRemoteAccessVpn(publicIpId, ipRange);
if (vpn != null) {
this.setEntityId(vpn.getServerAddress().longValue());
this.setEntityId(vpn.getServerAddressId());
} else {
throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to create remote access vpn");
}
@ -143,17 +138,10 @@ public class CreateRemoteAccessVpnCmd extends BaseAsyncCreateCmd {
@Override
public void execute(){
try {
RemoteAccessVpn result = _ravService.startRemoteAccessVpn(new Ip(getEntityId()));
RemoteAccessVpn result = _ravService.startRemoteAccessVpn(publicIpId);
if (result != null) {
RemoteAccessVpnResponse response = new RemoteAccessVpnResponse();
response.setPublicIp(result.getServerAddress().toString());
response.setIpRange(result.getIpRange());
response.setAccountName(_entityMgr.findById(Account.class, result.getAccountId()).getAccountName());
response.setDomainId(result.getDomainId());
response.setDomainName(_entityMgr.findById(Domain.class, result.getDomainId()).getName());
response.setObjectName("remoteaccessvpn");
RemoteAccessVpnResponse response = _responseGenerator.createRemoteAccessVpnResponse(result);
response.setResponseName(getCommandName());
response.setPresharedKey(result.getIpsecPresharedKey());
this.setResponseObject(response);
} else {
throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to create remote access vpn");

11
api/src/com/cloud/api/commands/DeleteRemoteAccessVpnCmd.java
View File

@ -28,7 +28,6 @@ import com.cloud.api.response.SuccessResponse;
import com.cloud.event.EventTypes;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.RemoteAccessVpn;
import com.cloud.utils.net.Ip;
@Implementation(description="Destroys a l2tp/ipsec remote access vpn", responseObject=SuccessResponse.class)
public class DeleteRemoteAccessVpnCmd extends BaseAsyncCmd {
@ -39,8 +38,8 @@ public class DeleteRemoteAccessVpnCmd extends BaseAsyncCmd {
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name="publicip", type=CommandType.STRING, required=true, description="public ip address of the vpn server")
private String publicIp;
@Parameter(name=ApiConstants.PUBLIC_IP_ID, type=CommandType.LONG, required=true, description="public ip address id of the vpn server")
private Long publicIpId;
// unexposed parameter needed for events logging
@Parameter(name=ApiConstants.ACCOUNT_ID, type=CommandType.LONG, expose=false)
@ -61,14 +60,14 @@ public class DeleteRemoteAccessVpnCmd extends BaseAsyncCmd {
@Override
public long getEntityOwnerId() {
if (ownerId == null) {
ownerId = _entityMgr.findById(RemoteAccessVpn.class, new Ip(publicIp)).getAccountId();
ownerId = _entityMgr.findById(RemoteAccessVpn.class, publicIpId).getAccountId();
}
return ownerId;
}
@Override
public String getEventDescription() {
return "Delete Remote Access VPN for account " + getEntityOwnerId() + " for " + publicIp;
return "Delete Remote Access VPN for account " + getEntityOwnerId() + " for ip id=" + publicIpId;
}
@Override
@ -78,7 +77,7 @@ public class DeleteRemoteAccessVpnCmd extends BaseAsyncCmd {
@Override
public void execute() throws ResourceUnavailableException {
_ravService.destroyRemoteAccessVpn(new Ip(publicIp), getStartEventId());
_ravService.destroyRemoteAccessVpn(publicIpId, getStartEventId());
}
}

15
api/src/com/cloud/api/commands/DisableStaticNat.java
View File

@ -29,7 +29,6 @@ import com.cloud.api.response.SuccessResponse;
import com.cloud.event.EventTypes;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.IpAddress;
import com.cloud.utils.net.Ip;
@Implementation(description="Disables static rule for given ip address", responseObject=SuccessResponse.class)
public class DisableStaticNat extends BaseAsyncCmd {
@ -40,15 +39,15 @@ public class DisableStaticNat extends BaseAsyncCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.IP_ADDRESS, type=CommandType.STRING, required=true, description="the public IP address for which static nat feature is being disableed")
private String ipAddress;
@Parameter(name=ApiConstants.IP_ADDRESS_ID, type=CommandType.LONG, required=true, description="the public IP address id for which static nat feature is being disableed")
private Long ipAddressId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public String getIpAddress() {
return ipAddress;
public Long getIpAddress() {
return ipAddressId;
}
/////////////////////////////////////////////////////
@ -66,17 +65,17 @@ public class DisableStaticNat extends BaseAsyncCmd {
@Override
public String getEventDescription() {
return ("Disabling static nat for ip=" + ipAddress);
return ("Disabling static nat for ip id=" + ipAddressId);
}
@Override
public long getEntityOwnerId() {
return _entityMgr.findById(IpAddress.class, ipAddress).getAccountId();
return _entityMgr.findById(IpAddress.class, ipAddressId).getAccountId();
}
@Override
public void execute() throws ResourceUnavailableException {
boolean result = _rulesService.disableOneToOneNat(new Ip(ipAddress));
boolean result = _rulesService.disableOneToOneNat(ipAddressId);
if (result) {
SuccessResponse response = new SuccessResponse(getCommandName());

9
api/src/com/cloud/api/commands/DisassociateIPAddrCmd.java
View File

@ -25,7 +25,6 @@ import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.ServerApiException;
import com.cloud.api.response.SuccessResponse;
import com.cloud.utils.net.Ip;
@Implementation(description="Disassociates an ip address from the account.", responseObject=SuccessResponse.class)
public class DisassociateIPAddrCmd extends BaseCmd {
@ -37,15 +36,15 @@ public class DisassociateIPAddrCmd extends BaseCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.IP_ADDRESS, type=CommandType.STRING, required=true, description="the public ip address to disassociate")
private String ipAddress;
@Parameter(name=ApiConstants.IP_ADDRESS_ID, type=CommandType.LONG, required=true, description="the id of the public ip address to disassociate")
private Long ipAddressId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public Ip getIpAddress() {
return new Ip(ipAddress);
public Long getIpAddressId() {
return ipAddressId;
}
/////////////////////////////////////////////////////

11
api/src/com/cloud/api/commands/EnableStaticNat.java
View File

@ -27,7 +27,6 @@ import com.cloud.api.Parameter;
import com.cloud.api.ServerApiException;
import com.cloud.api.response.SuccessResponse;
import com.cloud.exception.NetworkRuleConflictException;
import com.cloud.utils.net.Ip;
@Implementation(description="Enables static nat for given ip address", responseObject=SuccessResponse.class)
public class EnableStaticNat extends BaseCmd{
@ -39,8 +38,8 @@ public class EnableStaticNat extends BaseCmd{
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.IP_ADDRESS, type=CommandType.STRING, required=true, description="the public IP address for which static nat feature is being enabled")
private String ipAddress;
@Parameter(name=ApiConstants.IP_ADDRESS_ID, type=CommandType.LONG, required=true, description="the public IP address id for which static nat feature is being enabled")
private Long ipAddressId;
@Parameter(name=ApiConstants.VIRTUAL_MACHINE_ID, type=CommandType.LONG, required=true, description="the ID of the virtual machine for enabling static nat feature")
private Long virtualMachineId;
@ -49,8 +48,8 @@ public class EnableStaticNat extends BaseCmd{
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public String getIpAddress() {
return ipAddress;
public Long getIpAddressId() {
return ipAddressId;
}
public Long getVirtualMachineId() {
@ -69,7 +68,7 @@ public class EnableStaticNat extends BaseCmd{
@Override
public void execute(){
try {
boolean result = _rulesService.enableOneToOneNat(new Ip(ipAddress), virtualMachineId);
boolean result = _rulesService.enableOneToOneNat(ipAddressId, virtualMachineId);
if (result) {
SuccessResponse response = new SuccessResponse(getCommandName());
this.setResponseObject(response);

19
api/src/com/cloud/api/commands/ListIpForwardingRulesCmd.java
View File

@ -30,7 +30,6 @@ import com.cloud.api.response.FirewallRuleResponse;
import com.cloud.api.response.IpForwardingRuleResponse;
import com.cloud.api.response.ListResponse;
import com.cloud.network.rules.PortForwardingRule;
import com.cloud.utils.net.Ip;
@Implementation(description="List the ip forwarding rules", responseObject=FirewallRuleResponse.class)
public class ListIpForwardingRulesCmd extends BaseListCmd {
@ -42,8 +41,8 @@ public class ListIpForwardingRulesCmd extends BaseListCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.IP_ADDRESS, type=CommandType.STRING, description="list the rule belonging to this public ip address")
private String publicIpAddress;
@Parameter(name=ApiConstants.IP_ADDRESS_ID, type=CommandType.LONG, description="list the rule belonging to this public ip address")
private Long publicIpAddressId;
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account associated with the ip forwarding rule. Must be used with the domainId parameter.")
private String accountName;
@ -70,12 +69,8 @@ public class ListIpForwardingRulesCmd extends BaseListCmd {
return s_name;
}
public String getPublicIpAddress() {
return publicIpAddress;
}
public void setPublicIpAddress(String publicIpAddress) {
this.publicIpAddress = publicIpAddress;
public Long getPublicIpAddressId() {
return publicIpAddressId;
}
public String getAccountName() {
@ -96,11 +91,7 @@ public class ListIpForwardingRulesCmd extends BaseListCmd {
@Override
public void execute(){
Ip ip = null;
if(publicIpAddress != null){
ip = new Ip(publicIpAddress);
}
List<? extends PortForwardingRule> result = _rulesService.searchForIpForwardingRules(ip, id, vmId, this.getStartIndex(), this.getPageSizeVal());
List<? extends PortForwardingRule> result = _rulesService.searchForIpForwardingRules(publicIpAddressId, id, vmId, this.getStartIndex(), this.getPageSizeVal());
ListResponse<IpForwardingRuleResponse> response = new ListResponse<IpForwardingRuleResponse>();
List<IpForwardingRuleResponse> ipForwardingResponses = new ArrayList<IpForwardingRuleResponse>();
for (PortForwardingRule rule : result) {

8
api/src/com/cloud/api/commands/ListLoadBalancerRulesCmd.java
View File

@ -53,8 +53,8 @@ public class ListLoadBalancerRulesCmd extends BaseListCmd {
@Parameter(name=ApiConstants.NAME, type=CommandType.STRING, description="the name of the load balancer rule")
private String loadBalancerRuleName;
@Parameter(name=ApiConstants.PUBLIC_IP, type=CommandType.STRING, description="the public IP address of the load balancer rule ")
private String publicIp;
@Parameter(name=ApiConstants.PUBLIC_IP_ID, type=CommandType.LONG, description="the public IP address id of the load balancer rule ")
private Long publicIpId;
@Parameter(name=ApiConstants.VIRTUAL_MACHINE_ID, type=CommandType.LONG, description="the ID of the virtual machine of the load balancer rule")
private Long virtualMachineId;
@ -79,8 +79,8 @@ public class ListLoadBalancerRulesCmd extends BaseListCmd {
return loadBalancerRuleName;
}
public String getPublicIp() {
return publicIp;
public Long getPublicIpId() {
return publicIpId;
}
public Long getVirtualMachineId() {

12
api/src/com/cloud/api/commands/ListPortForwardingRulesCmd.java
View File

@ -40,8 +40,8 @@ public class ListPortForwardingRulesCmd extends BaseListCmd {
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.IP_ADDRESS, type=CommandType.STRING, description="the IP address of the port forwarding services")
private String ipAddress;
@Parameter(name=ApiConstants.IP_ADDRESS_ID, type=CommandType.LONG, description="the id of IP address of the port forwarding services")
private Long ipAddressId;
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="account. Must be used with the domainId parameter.")
private String accountName;
@ -53,10 +53,6 @@ public class ListPortForwardingRulesCmd extends BaseListCmd {
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public String getIpAddress() {
return ipAddress;
}
public String getAccountName() {
return accountName;
}
@ -65,6 +61,10 @@ public class ListPortForwardingRulesCmd extends BaseListCmd {
return domainId;
}
public Long getIpAddressId() {
return ipAddressId;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////

6
api/src/com/cloud/api/commands/ListPublicIpAddressesCmd.java
View File

@ -53,6 +53,9 @@ public class ListPublicIpAddressesCmd extends BaseListCmd {
@Parameter(name=ApiConstants.FOR_VIRTUAL_NETWORK, type=CommandType.BOOLEAN, description="the virtual network for the IP address")
private Boolean forVirtualNetwork;
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="lists ip address by id")
private Long id;
@Parameter(name=ApiConstants.IP_ADDRESS, type=CommandType.STRING, description="lists the specified IP address")
private String ipAddress;
@ -65,6 +68,9 @@ public class ListPublicIpAddressesCmd extends BaseListCmd {
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public Long getId() {
return id;
}
public String getAccountName() {
return accountName;

10
api/src/com/cloud/api/commands/ListRemoteAccessVpnsCmd.java
View File

@ -23,13 +23,13 @@ import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
import com.cloud.api.BaseListCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.response.ListResponse;
import com.cloud.api.response.RemoteAccessVpnResponse;
import com.cloud.network.RemoteAccessVpn;
import com.cloud.utils.net.Ip;
@Implementation(description="Lists remote access vpns", responseObject=RemoteAccessVpnResponse.class)
public class ListRemoteAccessVpnsCmd extends BaseListCmd {
@ -47,8 +47,8 @@ public class ListRemoteAccessVpnsCmd extends BaseListCmd {
@Parameter(name="domainid", type=CommandType.LONG, description="the domain ID of the remote access vpn rule. If used with the account parameter, lists remote access vpns for the account in the specified domain.")
private Long domainId;
@Parameter(name="publicip", type=CommandType.STRING, required=true, description="public ip address of the vpn server")
private String publicIp;
@Parameter(name=ApiConstants.PUBLIC_IP_ID, type=CommandType.LONG, required=true, description="public ip address id of the vpn server")
private Long publicIpId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
@ -62,8 +62,8 @@ public class ListRemoteAccessVpnsCmd extends BaseListCmd {
return domainId;
}
public Ip getPublicIp() {
return new Ip(publicIp);
public Long getPublicIpId() {
return publicIpId;
}
/////////////////////////////////////////////////////

10
api/src/com/cloud/api/commands/UpdatePortForwardingRuleCmd.java
View File

@ -29,8 +29,8 @@ public class UpdatePortForwardingRuleCmd extends BaseAsyncCmd {
@Parameter(name=ApiConstants.PROTOCOL, type=CommandType.STRING, required=true, description="the protocol for the port fowarding rule. Valid values are TCP or UDP.")
private String protocol;
@Parameter(name=ApiConstants.IP_ADDRESS, type=CommandType.STRING, required=true, description="the IP address of the port forwarding rule")
private String publicIp;
@Parameter(name=ApiConstants.IP_ADDRESS_ID, type=CommandType.LONG, required=true, description="the IP address id of the port forwarding rule")
private Long publicIpId;
@Parameter(name=ApiConstants.PUBLIC_PORT, type=CommandType.STRING, required=true, description="the public port of the port forwarding rule")
private String publicPort;
@ -54,8 +54,8 @@ public class UpdatePortForwardingRuleCmd extends BaseAsyncCmd {
return protocol;
}
public String getPublicIp() {
return publicIp;
public Long getPublicIpId() {
return publicIpId;
}
public String getPublicPort() {
@ -77,7 +77,7 @@ public class UpdatePortForwardingRuleCmd extends BaseAsyncCmd {
@Override
public long getEntityOwnerId() {
IpAddress addr = _entityMgr.findById(IpAddress.class, getPublicIp());
IpAddress addr = _entityMgr.findById(IpAddress.class, getPublicIpId());
if (addr != null) {
return addr.getAllocatedToAccountId();
}

13
api/src/com/cloud/api/response/FirewallRuleResponse.java
View File

@ -43,7 +43,10 @@ public class FirewallRuleResponse extends BaseResponse {
@SerializedName("virtualmachinedisplayname") @Param(description="the VM display name for the port forwarding rule")
private String virtualMachineDisplayName;
@SerializedName("ipaddress") @Param(description="the public ip address for the port forwarding rule")
@SerializedName(ApiConstants.IP_ADDRESS_ID) @Param(description="the public ip address id for the port forwarding rule")
private Long publicIpAddressId;
@SerializedName(ApiConstants.IP_ADDRESS) @Param(description="the public ip address for the port forwarding rule")
private String publicIpAddress;
@SerializedName("state") @Param(description="the state of the rule")
@ -120,4 +123,12 @@ public class FirewallRuleResponse extends BaseResponse {
public void setState(String state) {
this.state = state;
}
public Long getPublicIpAddressId() {
return publicIpAddressId;
}
public void setPublicIpAddressId(Long publicIpAddressId) {
this.publicIpAddressId = publicIpAddressId;
}
}

11
api/src/com/cloud/api/response/IPAddressResponse.java
View File

@ -23,6 +23,9 @@ import com.cloud.serializer.Param;
import com.google.gson.annotations.SerializedName;
public class IPAddressResponse extends BaseResponse {
@SerializedName("id") @Param(description="public IP address id")
private Long id;
@SerializedName("ipaddress") @Param(description="public IP address")
private String ipAddress;
@ -209,4 +212,12 @@ public class IPAddressResponse extends BaseResponse {
public void setVirtualMachineDisplayName(String virtualMachineDisplayName) {
this.virtualMachineDisplayName = virtualMachineDisplayName;
}
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
}

13
api/src/com/cloud/api/response/IpForwardingRuleResponse.java
View File

@ -37,7 +37,10 @@ public class IpForwardingRuleResponse extends BaseResponse {
@SerializedName("virtualmachinedisplayname") @Param(description="the VM display name for the port forwarding rule")
private String virtualMachineDisplayName;
@SerializedName("ipaddress") @Param(description="the public ip address for the port forwarding rule")
@SerializedName(ApiConstants.IP_ADDRESS_ID) @Param(description="the public ip address id for the port forwarding rule")
private Long publicIpAddressId;
@SerializedName(ApiConstants.IP_ADDRESS) @Param(description="the public ip address for the port forwarding rule")
private String publicIpAddress;
@SerializedName(ApiConstants.START_PORT) @Param(description="the start port of the rule")
@ -120,4 +123,12 @@ public class IpForwardingRuleResponse extends BaseResponse {
public void setEndPort(Integer endPort) {
this.endPort = endPort;
}
public Long getPublicIpAddressId() {
return publicIpAddressId;
}
public void setPublicIpAddressId(Long publicIpAddressId) {
this.publicIpAddressId = publicIpAddressId;
}
}

15
api/src/com/cloud/api/response/LoadBalancerResponse.java
View File

@ -17,6 +17,7 @@
*/
package com.cloud.api.response;
import com.cloud.api.ApiConstants;
import com.cloud.serializer.Param;
import com.google.gson.annotations.SerializedName;
@ -30,7 +31,10 @@ public class LoadBalancerResponse extends BaseResponse {
@SerializedName("description") @Param(description="the description of the load balancer")
private String description;
@SerializedName("publicip") @Param(description="the public ip address")
@SerializedName(ApiConstants.PUBLIC_IP_ID) @Param(description="the public ip address id")
private Long publicIpId;
@SerializedName(ApiConstants.PUBLIC_IP) @Param(description="the public ip address")
private String publicIp;
@SerializedName("publicport") @Param(description="the public port")
@ -141,4 +145,13 @@ public class LoadBalancerResponse extends BaseResponse {
public void setState(String state) {
this.state = state;
}
public Long getPublicIpId() {
return publicIpId;
}
public void setPublicIpId(Long publicIpId) {
this.publicIpId = publicIpId;
}
}

16
api/src/com/cloud/api/response/RemoteAccessVpnResponse.java
View File

@ -17,11 +17,16 @@
*/
package com.cloud.api.response;
import com.cloud.api.ApiConstants;
import com.cloud.serializer.Param;
import com.google.gson.annotations.SerializedName;
public class RemoteAccessVpnResponse extends BaseResponse {
@SerializedName("publicip") @Param(description="the public ip address of the vpn server")
@SerializedName(ApiConstants.PUBLIC_IP_ID) @Param(description="the public ip address of the vpn server")
private Long publicIpId;
@SerializedName(ApiConstants.PUBLIC_IP) @Param(description="the public ip address of the vpn server")
private String publicIp;
@SerializedName("iprange") @Param(description="the range of ips to allocate to the clients")
@ -99,4 +104,13 @@ public class RemoteAccessVpnResponse extends BaseResponse {
public void setState(String state) {
this.state = state;
}
public Long getPublicIpId() {
return publicIpId;
}
public void setPublicIpId(Long publicIpId) {
this.publicIpId = publicIpId;
}
}

5
api/src/com/cloud/network/IpAddress.java
View File

@ -68,4 +68,9 @@ public interface IpAddress extends ControlledEntity {
Long getAssociatedWithNetworkId();
Long getAssociatedWithVmId();
/**
* @return database id.
*/
long getId();
}

5
api/src/com/cloud/network/NetworkService.java
View File

@ -32,7 +32,6 @@ import com.cloud.exception.PermissionDeniedException;
import com.cloud.exception.ResourceAllocationException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.offering.NetworkOffering;
import com.cloud.utils.net.Ip;
public interface NetworkService {
@ -40,6 +39,8 @@ public interface NetworkService {
List<? extends Network> getVirtualNetworksOwnedByAccountInZone(String accountName, long domainId, long zoneId);
List<? extends NetworkOffering> listNetworkOfferings();
IpAddress allocateIP(AssociateIPAddrCmd cmd) throws ResourceAllocationException, InsufficientAddressCapacityException, ConcurrentOperationException;
/**
* Associates a public IP address for a router.
* @param cmd - the command specifying ipAddress
@ -59,7 +60,7 @@ public interface NetworkService {
Network getNetwork(long networkId);
IpAddress getIp(Ip ip);
IpAddress getIp(long id);
NetworkProfile getNetworkProfile(long networkId);

3
api/src/com/cloud/network/RemoteAccessVpn.java
View File

@ -18,7 +18,6 @@
package com.cloud.network;
import com.cloud.acl.ControlledEntity;
import com.cloud.utils.net.Ip;
public interface RemoteAccessVpn extends ControlledEntity {
enum State {
@ -27,7 +26,7 @@ public interface RemoteAccessVpn extends ControlledEntity {
Removed
}
Ip getServerAddress();
long getServerAddressId();
String getIpRange();
String getIpsecPresharedKey();
String getLocalIp();

5
api/src/com/cloud/network/lb/LoadBalancingRule.java
View File

@ -4,7 +4,6 @@ import java.util.List;
import com.cloud.network.rules.FirewallRule;
import com.cloud.network.rules.LoadBalancer;
import com.cloud.utils.net.Ip;
public class LoadBalancingRule implements FirewallRule, LoadBalancer{
private LoadBalancer lb;
@ -60,8 +59,8 @@ public class LoadBalancingRule implements FirewallRule, LoadBalancer{
}
@Override
public Ip getSourceIpAddress() {
return lb.getSourceIpAddress();
public long getSourceIpAddressId() {
return lb.getSourceIpAddressId();
}
@Override

8
api/src/com/cloud/network/rules/FirewallRule.java
View File

@ -18,7 +18,6 @@
package com.cloud.network.rules;
import com.cloud.acl.ControlledEntity;
import com.cloud.utils.net.Ip;
public interface FirewallRule extends ControlledEntity {
enum Purpose {
@ -45,11 +44,6 @@ public interface FirewallRule extends ControlledEntity {
*/
String getXid();
/**
* @return public ip address.
*/
Ip getSourceIpAddress();
/**
* @return first port of the source port range.
*/
@ -72,4 +66,6 @@ public interface FirewallRule extends ControlledEntity {
long getNetworkId();
boolean isOneToOneNat();
long getSourceIpAddressId();
}

1
api/src/com/cloud/network/rules/LoadBalancer.java
View File

@ -23,7 +23,6 @@ package com.cloud.network.rules;
*/
public interface LoadBalancer extends FirewallRule {
String getName();
String getDescription();

12
api/src/com/cloud/network/rules/RulesService.java
View File

@ -19,14 +19,14 @@ package com.cloud.network.rules;
import java.util.List;
import com.cloud.agent.api.to.PortForwardingRuleTO;
import com.cloud.api.commands.ListPortForwardingRulesCmd;
import com.cloud.exception.NetworkRuleConflictException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.user.Account;
import com.cloud.utils.net.Ip;
public interface RulesService {
List<? extends PortForwardingRule> searchForIpForwardingRules(Ip ip, Long id, Long vmId, Long start, Long size);
List<? extends PortForwardingRule> searchForIpForwardingRules(Long ipId, Long id, Long vmId, Long start, Long size);
/**
* Creates a port forwarding rule between two ip addresses or between
@ -53,10 +53,12 @@ public interface RulesService {
*/
public List<? extends PortForwardingRule> listPortForwardingRules(ListPortForwardingRulesCmd cmd);
boolean applyPortForwardingRules(Ip ip, Account caller) throws ResourceUnavailableException;
boolean applyPortForwardingRules(long ipAdddressId, Account caller) throws ResourceUnavailableException;
boolean enableOneToOneNat(Ip ipAddress, long vmId) throws NetworkRuleConflictException;
boolean enableOneToOneNat(long ipAddressId, long vmId) throws NetworkRuleConflictException;
boolean disableOneToOneNat(Ip ipAddress);
boolean disableOneToOneNat(long ipAddressId);
List<PortForwardingRuleTO> buildPortForwardingTOrules(List<? extends PortForwardingRule> pfRules);
}

7
api/src/com/cloud/network/vpn/RemoteAccessVpnService.java
View File

@ -26,13 +26,12 @@ import com.cloud.exception.NetworkRuleConflictException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.RemoteAccessVpn;
import com.cloud.network.VpnUser;
import com.cloud.utils.net.Ip;
public interface RemoteAccessVpnService {
RemoteAccessVpn createRemoteAccessVpn(Ip vpnServerAddress, String ipRange) throws NetworkRuleConflictException;
void destroyRemoteAccessVpn(Ip vpnServerAddress, long startEventId) throws ResourceUnavailableException;
RemoteAccessVpn startRemoteAccessVpn(Ip vpnServerAddress) throws ResourceUnavailableException;
RemoteAccessVpn createRemoteAccessVpn(long vpnServerAddressId, String ipRange) throws NetworkRuleConflictException;
void destroyRemoteAccessVpn(long vpnServerAddressId, long startEventId) throws ResourceUnavailableException;
RemoteAccessVpn startRemoteAccessVpn(long vpnServerAddressId) throws ResourceUnavailableException;
VpnUser addVpnUser(long vpnOwnerId, String userName, String password);
boolean removeVpnUser(long vpnOwnerId, String userName);

4
server/src/com/cloud/api/ApiDBUtils.java
View File

@ -348,8 +348,8 @@ public class ApiDBUtils {
return _hostDao.findById(hostId);
}
public static IPAddressVO findIpAddressById(String address) {
return _ipAddressDao.findById(new Ip(address));
public static IPAddressVO findIpAddressById(long addressId) {
return _ipAddressDao.findById(addressId);
}
public static GuestOSCategoryVO getHostGuestOSCategory(long hostId) {

25
server/src/com/cloud/api/ApiResponseHelper.java
View File

@ -612,6 +612,7 @@ public class ApiResponseHelper implements ResponseGenerator {
long zoneId = ipAddress.getDataCenterId();
IPAddressResponse ipResponse = new IPAddressResponse();
ipResponse.setId(ipAddress.getId());
ipResponse.setIpAddress(ipAddress.getAddress().toString());
if (ipAddress.getAllocatedTime() != null) {
ipResponse.setAllocated(ipAddress.getAllocatedTime());
@ -675,7 +676,8 @@ public class ApiResponseHelper implements ResponseGenerator {
lbResponse.setId(loadBalancer.getId());
lbResponse.setName(loadBalancer.getName());
lbResponse.setDescription(loadBalancer.getDescription());
lbResponse.setPublicIp(loadBalancer.getSourceIpAddress().toString());
lbResponse.setPublicIpId(loadBalancer.getSourceIpAddressId());
lbResponse.setPublicIp(ApiDBUtils.findIpAddressById(loadBalancer.getSourceIpAddressId()).getAddress().addr());
lbResponse.setPublicPort(Integer.toString(loadBalancer.getSourcePortStart()));
lbResponse.setPrivatePort(Integer.toString(loadBalancer.getDefaultPortStart()));
lbResponse.setAlgorithm(loadBalancer.getAlgorithm());
@ -924,8 +926,12 @@ public class ApiResponseHelper implements ResponseGenerator {
response.setPrivatePort(Integer.toString(fwRule.getDestinationPortStart()));
response.setProtocol(fwRule.getProtocol());
response.setPublicPort(Integer.toString(fwRule.getSourcePortStart()));
response.setPublicIpAddress(fwRule.getSourceIpAddress().toString());
if (fwRule.getSourceIpAddress() != null && fwRule.getDestinationIpAddress() != null) {
IpAddress ip = ApiDBUtils.findIpAddressById(fwRule.getSourceIpAddressId());
response.setPublicIpAddressId(ip.getId());
response.setPublicIpAddress(ip.getAddress().addr());
if (ip != null && fwRule.getDestinationIpAddress() != null) {
UserVm vm = ApiDBUtils.findUserVmById(fwRule.getVirtualMachineId());
if(vm != null){
response.setVirtualMachineId(vm.getId());
@ -948,8 +954,12 @@ public class ApiResponseHelper implements ResponseGenerator {
IpForwardingRuleResponse response = new IpForwardingRuleResponse();
response.setId(fwRule.getId());
response.setProtocol(fwRule.getProtocol());
response.setPublicIpAddress(fwRule.getSourceIpAddress().addr());
if (fwRule.getSourceIpAddress() != null && fwRule.getDestinationIpAddress() != null) {
IpAddress ip = ApiDBUtils.findIpAddressById(fwRule.getSourceIpAddressId());
response.setPublicIpAddressId(ip.getId());
response.setPublicIpAddress(ip.getAddress().addr());
if (ip != null && fwRule.getDestinationIpAddress() != null) {
UserVm vm = ApiDBUtils.findUserVmById(fwRule.getVirtualMachineId());
if(vm != null){//vm might be destroyed
response.setVirtualMachineId(vm.getId());
@ -1299,7 +1309,8 @@ public class ApiResponseHelper implements ResponseGenerator {
@Override
public RemoteAccessVpnResponse createRemoteAccessVpnResponse(RemoteAccessVpn vpn) {
RemoteAccessVpnResponse vpnResponse = new RemoteAccessVpnResponse();
vpnResponse.setPublicIp(vpn.getServerAddress().toString());
vpnResponse.setPublicIpId(vpn.getServerAddressId());
vpnResponse.setPublicIp(ApiDBUtils.findIpAddressById(vpn.getServerAddressId()).getAddress().addr());
vpnResponse.setIpRange(vpn.getIpRange());
vpnResponse.setPresharedKey(vpn.getIpsecPresharedKey());
vpnResponse.setDomainId(vpn.getDomainId());
@ -1310,10 +1321,8 @@ public class ApiResponseHelper implements ResponseGenerator {
vpnResponse.setDomainName(ApiDBUtils.findDomainById(accountTemp.getDomainId()).getName());
}
vpnResponse.setState(vpn.getState().toString());
vpnResponse.setObjectName("remoteaccessvpn");
return vpnResponse;
}

20
server/src/com/cloud/configuration/ConfigurationManagerImpl.java
View File

@ -1777,7 +1777,7 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
checkPublicIpRangeErrors(zoneId, vlanId, vlanGateway, vlanNetmask, startIP, endIP);
// Throw an exception if any of the following is true:
// 1. Another VLAN in the same zone has a different tag but the same subnet as the new VLAN
// 1. Another VLAN in the same zone has a different tag but the same subnet as the new VLAN. Make an exception for the case when both vlans are Direct.
// 2. Another VLAN in the same zone that has the same tag and subnet as the new VLAN has IPs that overlap with the IPs being added
// 3. Another VLAN in the same zone that has the same tag and subnet as the new VLAN has a different gateway than the new VLAN
List<VlanVO> vlans = _vlanDao.listByZone(zone.getId());
@ -1791,7 +1791,7 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
otherVlanEndIP = otherVlanIpRange[1];
}
if (!vlanId.equals(vlan.getVlanTag()) && newVlanSubnet.equals(otherVlanSubnet)) {
if (!vlanId.equals(vlan.getVlanTag()) && newVlanSubnet.equals(otherVlanSubnet) && !allowIpRangeOverlap(vlan, forVirtualNetwork, networkId)) {
throw new InvalidParameterValueException("The IP range with tag: " + vlan.getVlanTag() + " in zone " + zone.getName() + " has the same subnet. Please specify a different gateway/netmask.");
}
@ -1832,7 +1832,7 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
VlanVO vlan = new VlanVO(vlanType, vlanId, vlanGateway, vlanNetmask, zone.getId(), ipRange, networkId);
vlan = _vlanDao.persist(vlan);
if (!savePublicIPRange(startIP, endIP, zoneId, vlan.getId())) {
if (!savePublicIPRange(startIP, endIP, zoneId, vlan.getId(), networkId)) {
deletePublicIPRange(vlan.getId());
_vlanDao.expunge(vlan.getId());
throw new CloudRuntimeException("Failed to save IP range. Please contact Cloud Support."); //It can be Direct IP or Public IP.
@ -2004,13 +2004,13 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
}
@DB
protected boolean savePublicIPRange(String startIP, String endIP, long zoneId, long vlanDbId) {
protected boolean savePublicIPRange(String startIP, String endIP, long zoneId, long vlanDbId, long sourceNetworkid) {
long startIPLong = NetUtils.ip2Long(startIP);
long endIPLong = NetUtils.ip2Long(endIP);
Transaction txn = Transaction.currentTxn();
txn.start();
IPRangeConfig config = new IPRangeConfig();
config.savePublicIPRange(txn, startIPLong, endIPLong, zoneId, vlanDbId);
config.savePublicIPRange(txn, startIPLong, endIPLong, zoneId, vlanDbId, sourceNetworkid);
txn.commit();
return true;
}
@ -2675,4 +2675,14 @@ public class ConfigurationManagerImpl implements ConfigurationManager, Configura
public ClusterVO getCluster(long id) {
return _clusterDao.findById(id);
}
private boolean allowIpRangeOverlap(VlanVO vlan, boolean forVirtualNetwork, long networkId) {
Network vlanNetwork = _networkMgr.getNetwork(vlan.getNetworkId());
Network network = _networkMgr.getNetwork(networkId);
if (vlan.getVlanType() == VlanType.DirectAttached && !forVirtualNetwork && network.getAccountId() != vlanNetwork.getAccountId()) {
return true;
} else {
return false;
}
}
}

23
server/src/com/cloud/network/IPAddressVO.java
View File

@ -24,6 +24,8 @@ import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.EnumType;
import javax.persistence.Enumerated;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
import javax.persistence.Temporal;
@ -38,6 +40,11 @@ import com.cloud.utils.net.Ip;
@Entity
@Table(name=("user_ip_address"))
public class IPAddressVO implements IpAddress {
@Id
@GeneratedValue(strategy=GenerationType.IDENTITY)
@Column(name="id")
long id;
@Column(name="account_id")
private Long allocatedToAccountId = null;
@ -74,6 +81,9 @@ public class IPAddressVO implements IpAddress {
@Column(name="mac_address")
private long macAddress;
@Column(name="source_network_id")
private Long sourceNetworkId;
@Column(name="network_id")
private Long associatedWithNetworkId;
@ -207,4 +217,17 @@ public class IPAddressVO implements IpAddress {
return new StringBuilder("Ip[").append(address).append("-").append(dataCenterId).append("]").toString();
}
@Override
public long getId() {
return id;
}
public Long getSourceNetworkId() {
return sourceNetworkId;
}
public void setSourceNetworkId(Long sourceNetworkId) {
this.sourceNetworkId = sourceNetworkId;
}
}

5
server/src/com/cloud/network/LoadBalancerVO.java
View File

@ -26,7 +26,6 @@ import javax.persistence.Table;
import com.cloud.network.rules.FirewallRuleVO;
import com.cloud.network.rules.LoadBalancer;
import com.cloud.utils.net.Ip;
import com.cloud.utils.net.NetUtils;
@Entity
@ -53,8 +52,8 @@ public class LoadBalancerVO extends FirewallRuleVO implements LoadBalancer {
public LoadBalancerVO() {
}
public LoadBalancerVO(String xId, String name, String description, Ip srcIp, int srcPort, int dstPort, String algorithm, long networkId, long accountId, long domainId) {
super(xId, srcIp, srcPort, NetUtils.TCP_PROTO, networkId, accountId, domainId, Purpose.LoadBalancing, false);
public LoadBalancerVO(String xId, String name, String description, long srcIpId, int srcPort, int dstPort, String algorithm, long networkId, long accountId, long domainId) {
super(xId, srcIpId, srcPort, NetUtils.TCP_PROTO, networkId, accountId, domainId, Purpose.LoadBalancing, false);
this.name = name;
this.description = description;
this.algorithm = algorithm;

5
server/src/com/cloud/network/NetworkManager.java
View File

@ -42,7 +42,6 @@ import com.cloud.offerings.NetworkOfferingVO;
import com.cloud.user.Account;
import com.cloud.user.AccountVO;
import com.cloud.utils.Pair;
import com.cloud.utils.net.Ip;
import com.cloud.vm.Nic;
import com.cloud.vm.NicProfile;
import com.cloud.vm.ReservationContext;
@ -87,7 +86,7 @@ public interface NetworkManager extends NetworkService {
* @param ipAddress
* @return true if it did; false if it didn't
*/
public boolean releasePublicIpAddress(Ip ipAddress, long ownerId, long userId);
public boolean releasePublicIpAddress(long id, long ownerId, long userId);
/**
* Lists IP addresses that belong to VirtualNetwork VLANs
@ -131,7 +130,7 @@ public interface NetworkManager extends NetworkService {
List<? extends RemoteAccessVpnElement> getRemoteAccessVpnElements();
PublicIpAddress getPublicIpAddress(Ip ipAddress);
PublicIpAddress getPublicIpAddress(long ipAddressId);
List<? extends Vlan> listPodVlans(long podId);

115
server/src/com/cloud/network/NetworkManagerImpl.java
View File

@ -262,7 +262,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
addr.setAssociatedWithNetworkId(networkId);
}
if (!_ipAddressDao.update(addr.getAddress(), addr)) {
if (!_ipAddressDao.update(addr.getId(), addr)) {
throw new CloudRuntimeException("Found address to allocate but unable to update: " + addr);
}
if(owner.getAccountId() != Account.ACCOUNT_ID_SYSTEM){
@ -321,7 +321,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
ip = fetchNewPublicIp(dcId, null, vlanId, owner, VlanType.VirtualNetwork, network.getId(), true, false);
sourceNat = ip.ip();
sourceNat.setState(IpAddress.State.Allocated);
_ipAddressDao.update(sourceNat.getAddress(), sourceNat);
_ipAddressDao.update(sourceNat.getId(), sourceNat);
// Increment the number of public IPs for this accountId in the database
_accountMgr.incrementResourceCount(ownerId, ResourceType.public_ip);
@ -426,9 +426,9 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
if (addr.getState() == IpAddress.State.Allocating) {
addr.setState(IpAddress.State.Allocated);
addr.setAssociatedWithNetworkId(network.getId());
_ipAddressDao.update(addr.getAddress(), addr);
_ipAddressDao.update(addr.getId(), addr);
} else if (addr.getState() == IpAddress.State.Releasing) {
_ipAddressDao.unassignIpAddress(addr.getAddress());
_ipAddressDao.unassignIpAddress(addr.getId());
}
}
}
@ -446,9 +446,8 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
return _networksDao.listBy(owner.getId(), zoneId, GuestIpType.Virtual);
}
@Override
@DB
public IpAddress associateIP(AssociateIPAddrCmd cmd) throws ResourceAllocationException, ResourceUnavailableException, InsufficientAddressCapacityException, ConcurrentOperationException {
@Override @DB
public IpAddress allocateIP(AssociateIPAddrCmd cmd) throws ResourceAllocationException, InsufficientAddressCapacityException, ConcurrentOperationException{
String accountName = cmd.getAccountName();
long domainId = cmd.getDomainId();
Long zoneId = cmd.getZoneId();
@ -473,7 +472,6 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
}
PublicIp ip = null;
boolean success = false;
Transaction txn = Transaction.currentTxn();
Account accountToLock = null;
@ -513,36 +511,59 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
s_logger.debug("Got " + ipAddress + " to assign for account " + owner.getId() + " in zone " + network.getDataCenterId());
txn.commit();
success = applyIpAssociations(network, false);
if (success) {
s_logger.debug("Successfully associated ip address " + ip + " for account " + owner.getId() + " in zone " + network.getDataCenterId());
} else {
s_logger.warn("Failed to associate ip address " + ip + " for account " + owner.getId() + " in zone " + network.getDataCenterId());
}
return ip;
} catch (ResourceUnavailableException e) {
s_logger.error("Unable to associate ip address due to resource unavailable exception", e);
return null;
} finally {
if (accountToLock != null) {
_accountDao.releaseFromLockTable(ownerId);
s_logger.debug("Associate IP address lock released");
}
}
return ip;
}
@Override @DB
public IpAddress associateIP(AssociateIPAddrCmd cmd) throws ResourceAllocationException, ResourceUnavailableException, InsufficientAddressCapacityException, ConcurrentOperationException {
Account caller = UserContext.current().getCaller();
Account owner = null;
IpAddress ipToAssoc = getIp(cmd.getEntityId());
if (ipToAssoc != null) {
_accountMgr.checkAccess(caller, ipToAssoc);
owner = _accountMgr.getAccount(ipToAssoc.getAccountId());
} else {
s_logger.debug("Unable to find ip address by id: " + cmd.getEntityId());
return null;
}
Network network = _networksDao.findById(ipToAssoc.getAssociatedWithNetworkId());
IpAddress ip = _ipAddressDao.findById(cmd.getEntityId());
boolean success = false;
try {
success = applyIpAssociations(network, false);
if (success) {
s_logger.debug("Successfully associated ip address " + ip.getAddress().addr() + " for account " + owner.getId() + " in zone " + network.getDataCenterId());
} else {
s_logger.warn("Failed to associate ip address " + ip.getAddress().addr() + " for account " + owner.getId() + " in zone " + network.getDataCenterId());
}
return ip;
} catch (ResourceUnavailableException e) {
s_logger.error("Unable to associate ip address due to resource unavailable exception", e);
return null;
} finally {
Transaction txn = Transaction.currentTxn();
if (!success) {
if (ip != null) {
try {
s_logger.warn("Failed to associate ip address " + ip);
_ipAddressDao.markAsUnavailable(ip.getAddress(), ip.getAccountId());
_ipAddressDao.markAsUnavailable(ip.getId());
applyIpAssociations(network, true);
} catch (Exception e) {
s_logger.warn("Unable to disassociate ip address for recovery", e);
}
txn.start();
_ipAddressDao.unassignIpAddress(ip.getAddress());
_accountMgr.decrementResourceCount(ownerId, ResourceType.public_ip);
_ipAddressDao.unassignIpAddress(ip.getId());
_accountMgr.decrementResourceCount(owner.getId(), ResourceType.public_ip);
txn.commit();
}
@ -551,20 +572,20 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
}
@Override
public boolean releasePublicIpAddress(Ip addr, long ownerId, long userId) {
IPAddressVO ip = _ipAddressDao.markAsUnavailable(addr, ownerId);
assert (ip != null) : "Unable to mark the ip address " + addr + " owned by " + ownerId + " as unavailable.";
public boolean releasePublicIpAddress(long addrId, long ownerId, long userId) {
IPAddressVO ip = _ipAddressDao.markAsUnavailable(addrId);
assert (ip != null) : "Unable to mark the ip address id=" + addrId + " owned by " + ownerId + " as unavailable.";
if (ip == null) {
return true;
}
if (s_logger.isDebugEnabled()) {
s_logger.debug("Releasing ip " + addr + "; sourceNat = " + ip.isSourceNat());
s_logger.debug("Releasing ip id=" + addrId + "; sourceNat = " + ip.isSourceNat());
}
boolean success = true;
try {
if (!_rulesMgr.revokeAllRules(addr, userId)) {
if (!_rulesMgr.revokeAllRules(addrId, userId)) {
s_logger.warn("Unable to revoke all the port forwarding rules for ip " + ip);
success = false;
}
@ -573,7 +594,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
success = false;
}
if (!_lbMgr.removeAllLoadBalanacers(addr)) {
if (!_lbMgr.removeAllLoadBalanacers(addrId)) {
s_logger.warn("Unable to revoke all the load balancer rules for ip " + ip);
success = false;
}
@ -591,10 +612,10 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
}
if (success) {
_ipAddressDao.unassignIpAddress(addr);
s_logger.debug("released a public ip: " + addr);
_ipAddressDao.unassignIpAddress(addrId);
s_logger.debug("released a public ip id=" + addrId);
if(ownerId != Account.ACCOUNT_ID_SYSTEM){
UsageEventVO usageEvent = new UsageEventVO(EventTypes.EVENT_NET_IP_RELEASE, ownerId, ip.getDataCenterId(), 0, addr.toString());
UsageEventVO usageEvent = new UsageEventVO(EventTypes.EVENT_NET_IP_RELEASE, ownerId, ip.getDataCenterId(), addrId, null);
_usageEventDao.persist(usageEvent);
}
@ -1099,8 +1120,8 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
return _nicDao.listBy(vm.getId());
}
private Account findAccountByIpAddress(Ip ipAddress) {
IPAddressVO address = _ipAddressDao.findById(ipAddress);
private Account findAccountByIpAddress(Long ipAddressId) {
IPAddressVO address = _ipAddressDao.findById(ipAddressId);
if ((address != null) && (address.getAllocatedToAccountId() != null)) {
return _accountMgr.getActiveAccount(address.getAllocatedToAccountId());
}
@ -1134,18 +1155,18 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
Long userId = UserContext.current().getCallerUserId();
Account caller = UserContext.current().getCaller();
Ip ipAddress = cmd.getIpAddress();
Long ipAddressId = cmd.getIpAddressId();
// Verify input parameters
Account accountByIp = findAccountByIpAddress(ipAddress);
Account accountByIp = findAccountByIpAddress(ipAddressId);
if (accountByIp == null) {
throw new InvalidParameterValueException("Unable to find account owner for ip " + ipAddress);
throw new InvalidParameterValueException("Unable to find account owner for ip " + ipAddressId);
}
Long accountId = accountByIp.getId();
if (!_accountMgr.isAdmin(caller.getType())) {
if (caller.getId() != accountId.longValue()) {
throw new PermissionDeniedException("account " + caller.getAccountName() + " doesn't own ip address " + ipAddress);
throw new PermissionDeniedException("account " + caller.getAccountName() + " doesn't own ip address id=" + ipAddressId);
}
} else {
Domain domain = _domainDao.findById(accountByIp.getDomainId());
@ -1153,7 +1174,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
}
try {
IPAddressVO ipVO = _ipAddressDao.findById(ipAddress);
IPAddressVO ipVO = _ipAddressDao.findById(ipAddressId);
if (ipVO == null) {
return false;
}
@ -1171,7 +1192,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
// FIXME: is the user visible in the admin account's domain????
if (!BaseCmd.isAdmin(account.getType())) {
if (s_logger.isDebugEnabled()) {
s_logger.debug("permission denied disassociating IP address " + ipAddress + "; acct: " + accountId + "; ip (acct / dc / dom / alloc): " + ipVO.getAllocatedToAccountId() + " / " + ipVO.getDataCenterId() + " / "
s_logger.debug("permission denied disassociating IP address id=" + ipAddressId + "; acct: " + accountId + "; ip (acct / dc / dom / alloc): " + ipVO.getAllocatedToAccountId() + " / " + ipVO.getDataCenterId() + " / "
+ ipVO.getAllocatedInDomainId() + " / " + ipVO.getAllocatedTime());
}
throw new PermissionDeniedException("User/account does not own supplied address");
@ -1193,10 +1214,10 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
// Check for account wide pool. It will have an entry for account_vlan_map.
if (_accountVlanMapDao.findAccountVlanMap(accountId, ipVO.getVlanId()) != null) {
throw new PermissionDeniedException(ipAddress + " belongs to Account wide IP pool and cannot be disassociated");
throw new PermissionDeniedException("Ip address id=" + ipAddressId + " belongs to Account wide IP pool and cannot be disassociated");
}
return releasePublicIpAddress(ipAddress, accountId, userId);
return releasePublicIpAddress(ipAddressId, accountId, userId);
} catch (PermissionDeniedException pde) {
throw pde;
@ -1656,7 +1677,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
List<IPAddressVO> ipsToRelease = _ipAddressDao.listByAssociatedNetwork(networkId);
if (ipsToRelease != null && !ipsToRelease.isEmpty()) {
for (IPAddressVO ip : ipsToRelease) {
_ipAddressDao.unassignIpAddress(ip.getAddress());
_ipAddressDao.unassignIpAddress(ip.getId());
if(ip.getAccountId() != Account.ACCOUNT_ID_SYSTEM){
UsageEventVO usageEvent = new UsageEventVO(EventTypes.EVENT_NET_IP_RELEASE, ip.getAccountId(), ip.getDataCenterId(), 0, ip.getAddress().toString());
_usageEventDao.persist(usageEvent);
@ -1896,8 +1917,8 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
}
@Override
public PublicIpAddress getPublicIpAddress(Ip ip) {
IPAddressVO addr = _ipAddressDao.findById(ip);
public PublicIpAddress getPublicIpAddress(long ipAddressId) {
IPAddressVO addr = _ipAddressDao.findById(ipAddressId);
if (addr == null) {
return null;
}
@ -1997,8 +2018,8 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
}
@Override
public IpAddress getIp(Ip ip) {
return _ipAddressDao.findById(ip);
public IpAddress getIp(long ipAddressId) {
return _ipAddressDao.findById(ipAddressId);
}
@Override

17
server/src/com/cloud/network/RemoteAccessVpnVO.java
View File

@ -20,13 +20,9 @@ package com.cloud.network;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.EnumType;
import javax.persistence.Enumerated;
import javax.persistence.Id;
import javax.persistence.Table;
import com.cloud.utils.net.Ip;
@Entity
@Table(name=("remote_access_vpn"))
public class RemoteAccessVpnVO implements RemoteAccessVpn {
@ -40,9 +36,8 @@ public class RemoteAccessVpnVO implements RemoteAccessVpn {
private long domainId;
@Id
@Column(name="vpn_server_addr")
@Enumerated(value=EnumType.ORDINAL)
private Ip serverAddress;
@Column(name="vpn_server_addr_id")
private long serverAddressId;
@Column(name="local_ip")
private String localIp;
@ -58,9 +53,9 @@ public class RemoteAccessVpnVO implements RemoteAccessVpn {
public RemoteAccessVpnVO() { }
public RemoteAccessVpnVO(long accountId, long domainId, long networkId, Ip publicIp, String localIp, String ipRange, String presharedKey) {
public RemoteAccessVpnVO(long accountId, long domainId, long networkId, long publicIpId, String localIp, String ipRange, String presharedKey) {
this.accountId = accountId;
this.serverAddress = publicIp;
this.serverAddressId = publicIpId;
this.ipRange = ipRange;
this.ipsecPresharedKey = presharedKey;
this.localIp = localIp;
@ -84,8 +79,8 @@ public class RemoteAccessVpnVO implements RemoteAccessVpn {
}
@Override
public Ip getServerAddress() {
return serverAddress;
public long getServerAddressId() {
return serverAddressId;
}
@Override

2
server/src/com/cloud/network/addr/PublicIp.java
View File

@ -164,7 +164,7 @@ public class PublicIp implements PublicIpAddress {
@Override
public long getId() {
return _vlan.getId();
return _addr.getId();
}
@Override

7
server/src/com/cloud/network/dao/FirewallRulesDao.java
View File

@ -23,21 +23,20 @@ import java.util.List;
import com.cloud.network.rules.FirewallRule;
import com.cloud.network.rules.FirewallRuleVO;
import com.cloud.utils.db.GenericDao;
import com.cloud.utils.net.Ip;
/*
* Data Access Object for user_ip_address and ip_forwarding tables
*/
public interface FirewallRulesDao extends GenericDao<FirewallRuleVO, Long> {
List<FirewallRuleVO> listByIpAndNotRevoked(Ip ip, Boolean isOneToOneNat);
List<FirewallRuleVO> listByIpAndNotRevoked(long ipAddressId, Boolean isOneToOneNat);
boolean setStateToAdd(FirewallRuleVO rule);
boolean revoke(FirewallRuleVO rule);
boolean releasePorts(Ip ip, String protocol, FirewallRule.Purpose purpose, int[] ports);
boolean releasePorts(long ipAddressId, String protocol, FirewallRule.Purpose purpose, int[] ports);
List<FirewallRuleVO> listByIpAndPurpose(Ip ip, FirewallRule.Purpose purpose);
List<FirewallRuleVO> listByIpAndPurpose(long ipAddressId, FirewallRule.Purpose purpose);
// public List<PortForwardingRuleVO> listIPForwarding(String publicIPAddress, boolean forwarding);
// public List<PortForwardingRuleVO> listIPForwarding(String publicIPAddress, String port, boolean forwarding);

18
server/src/com/cloud/network/dao/FirewallRulesDaoImpl.java
View File

@ -46,7 +46,7 @@ public class FirewallRulesDaoImpl extends GenericDaoBase<FirewallRuleVO, Long> i
super();
AllFieldsSearch = createSearchBuilder();
AllFieldsSearch.and("ip", AllFieldsSearch.entity().getSourceIpAddress(), Op.EQ);
AllFieldsSearch.and("ipId", AllFieldsSearch.entity().getSourceIpAddressId(), Op.EQ);
AllFieldsSearch.and("protocol", AllFieldsSearch.entity().getProtocol(), Op.EQ);
AllFieldsSearch.and("state", AllFieldsSearch.entity().getState(), Op.EQ);
AllFieldsSearch.and("purpose", AllFieldsSearch.entity().getPurpose(), Op.EQ);
@ -57,24 +57,24 @@ public class FirewallRulesDaoImpl extends GenericDaoBase<FirewallRuleVO, Long> i
AllFieldsSearch.done();
IpNotRevokedSearch = createSearchBuilder();
IpNotRevokedSearch.and("ip", IpNotRevokedSearch.entity().getSourceIpAddress(), Op.EQ);
IpNotRevokedSearch.and("ipId", IpNotRevokedSearch.entity().getSourceIpAddressId(), Op.EQ);
IpNotRevokedSearch.and("state", IpNotRevokedSearch.entity().getState(), Op.NEQ);
IpNotRevokedSearch.and("oneToOneNat", IpNotRevokedSearch.entity().isOneToOneNat(), Op.EQ);
IpNotRevokedSearch.done();
ReleaseSearch = createSearchBuilder();
ReleaseSearch.and("protocol", ReleaseSearch.entity().getProtocol(), Op.EQ);
ReleaseSearch.and("ip", ReleaseSearch.entity().getSourceIpAddress(), Op.EQ);
ReleaseSearch.and("ipId", ReleaseSearch.entity().getSourceIpAddressId(), Op.EQ);
ReleaseSearch.and("purpose", ReleaseSearch.entity().getPurpose(), Op.EQ);
ReleaseSearch.and("ports", ReleaseSearch.entity().getSourcePortStart(), Op.IN);
ReleaseSearch.done();
}
@Override
public boolean releasePorts(Ip ip, String protocol, FirewallRule.Purpose purpose, int[] ports) {
public boolean releasePorts(long ipId, String protocol, FirewallRule.Purpose purpose, int[] ports) {
SearchCriteria<FirewallRuleVO> sc = ReleaseSearch.create();
sc.setParameters("protocol", protocol);
sc.setParameters("ip", ip);
sc.setParameters("ipId", ipId);
sc.setParameters("purpose", purpose);
sc.setParameters("ports", ports);
@ -83,18 +83,18 @@ public class FirewallRulesDaoImpl extends GenericDaoBase<FirewallRuleVO, Long> i
}
@Override
public List<FirewallRuleVO> listByIpAndPurpose(Ip ip, FirewallRule.Purpose purpose) {
public List<FirewallRuleVO> listByIpAndPurpose(long ipId, FirewallRule.Purpose purpose) {
SearchCriteria<FirewallRuleVO> sc = ReleaseSearch.create();
sc.setParameters("ip", ip);
sc.setParameters("ipId", ipId);
sc.setParameters("purpose", purpose);
return listBy(sc);
}
@Override
public List<FirewallRuleVO> listByIpAndNotRevoked(Ip ip, Boolean isOneToOneNat) {
public List<FirewallRuleVO> listByIpAndNotRevoked(long ipId, Boolean isOneToOneNat) {
SearchCriteria<FirewallRuleVO> sc = IpNotRevokedSearch.create();
sc.setParameters("ip", ip);
sc.setParameters("ipId", ipId);
sc.setParameters("state", State.Revoke);
if (isOneToOneNat != null) {
sc.setParameters("oneToOneNat", isOneToOneNat);

8
server/src/com/cloud/network/dao/IPAddressDao.java
View File

@ -24,11 +24,11 @@ import com.cloud.network.IPAddressVO;
import com.cloud.utils.db.GenericDao;
import com.cloud.utils.net.Ip;
public interface IPAddressDao extends GenericDao<IPAddressVO, Ip> {
public interface IPAddressDao extends GenericDao<IPAddressVO, Long> {
IPAddressVO markAsUnavailable(Ip ipAddress, long ownerId);
IPAddressVO markAsUnavailable(long ipAddressId);
void unassignIpAddress(Ip ipAddress);
void unassignIpAddress(long ipAddressId);
List<IPAddressVO> listByAccount(long accountId);
@ -45,4 +45,6 @@ public interface IPAddressDao extends GenericDao<IPAddressVO, Ip> {
int countIPsForDashboard(long dcId, boolean onlyCountAllocated);
List<IPAddressVO> listByAssociatedVmId(long vmId);
IPAddressVO findByAccountAndIp(long accountId, String ipAddress);
}

22
server/src/com/cloud/network/dao/IPAddressDaoImpl.java
View File

@ -43,7 +43,7 @@ import com.cloud.utils.net.Ip;
@Local(value = { IPAddressDao.class })
@DB
public class IPAddressDaoImpl extends GenericDaoBase<IPAddressVO, Ip> implements IPAddressDao {
public class IPAddressDaoImpl extends GenericDaoBase<IPAddressVO, Long> implements IPAddressDao {
private static final Logger s_logger = Logger.getLogger(IPAddressDaoImpl.class);
protected final SearchBuilder<IPAddressVO> AllFieldsSearch;
@ -57,6 +57,7 @@ public class IPAddressDaoImpl extends GenericDaoBase<IPAddressVO, Ip> implements
// make it public for JUnit test
public IPAddressDaoImpl() {
AllFieldsSearch = createSearchBuilder();
AllFieldsSearch.and("id", AllFieldsSearch.entity().getId(), Op.EQ);
AllFieldsSearch.and("dataCenterId", AllFieldsSearch.entity().getDataCenterId(), Op.EQ);
AllFieldsSearch.and("ipAddress", AllFieldsSearch.entity().getAddress(), Op.EQ);
AllFieldsSearch.and("vlan", AllFieldsSearch.entity().getVlanId(), Op.EQ);
@ -138,7 +139,7 @@ public class IPAddressDaoImpl extends GenericDaoBase<IPAddressVO, Ip> implements
ip.setSourceNat(sourceNat);
ip.setState(State.Allocated);
if (!update(ip.getAddress(), ip)) {
if (!update(ip.getId(), ip)) {
throw new CloudRuntimeException("How can I lock the row but can't update it: " + ip.getAddress());
}
@ -147,7 +148,7 @@ public class IPAddressDaoImpl extends GenericDaoBase<IPAddressVO, Ip> implements
}
@Override
public void unassignIpAddress(Ip ipAddress) {
public void unassignIpAddress(long ipAddressId) {
IPAddressVO address = createForUpdate();
address.setAllocatedToAccountId(null);
address.setAllocatedInDomainId(null);
@ -157,7 +158,7 @@ public class IPAddressDaoImpl extends GenericDaoBase<IPAddressVO, Ip> implements
address.setAssociatedWithVmId(null);
address.setState(State.Free);
address.setAssociatedWithNetworkId(null);
update(ipAddress, address);
update(ipAddressId, address);
}
@Override
@ -167,6 +168,14 @@ public class IPAddressDaoImpl extends GenericDaoBase<IPAddressVO, Ip> implements
return listBy(sc);
}
@Override
public IPAddressVO findByAccountAndIp(long accountId, String ipAddress) {
SearchCriteria<IPAddressVO> sc = AllFieldsSearch.create();
sc.setParameters("accountId", accountId);
sc.setParameters("ipAddress", ipAddress);
return findOneBy(sc);
}
@Override
public List<IPAddressVO> listByDcIdIpAddress(long dcId, String ipAddress) {
SearchCriteria<IPAddressVO> sc = AllFieldsSearch.create();
@ -235,10 +244,9 @@ public class IPAddressDaoImpl extends GenericDaoBase<IPAddressVO, Ip> implements
}
@Override @DB
public IPAddressVO markAsUnavailable(Ip ipAddress, long ownerId) {
public IPAddressVO markAsUnavailable(long ipAddressId) {
SearchCriteria<IPAddressVO> sc = AllFieldsSearch.create();
sc.setParameters("accountId", ownerId);
sc.setParameters("ipAddress", ipAddress);
sc.setParameters("id", ipAddressId);
IPAddressVO ip = createForUpdate();
ip.setState(State.Releasing);

4
server/src/com/cloud/network/dao/LoadBalancerDao.java
View File

@ -25,8 +25,8 @@ import com.cloud.utils.db.GenericDao;
public interface LoadBalancerDao extends GenericDao<LoadBalancerVO, Long> {
List<Long> listInstancesByLoadBalancer(long loadBalancerId);
List<LoadBalancerVO> listByIpAddress(String ipAddress);
LoadBalancerVO findByIpAddressAndPublicPort(String ipAddress, String publicPort);
List<LoadBalancerVO> listByIpAddress(long ipAddressId);
LoadBalancerVO findByIpAddressAndPublicPort(long ipAddressId, String publicPort);
LoadBalancerVO findByAccountAndName(Long accountId, String name);
List<LoadBalancerVO> listByNetworkId(long networkId);
}

12
server/src/com/cloud/network/dao/LoadBalancerDaoImpl.java
View File

@ -50,12 +50,12 @@ public class LoadBalancerDaoImpl extends GenericDaoBase<LoadBalancerVO, Long> im
protected LoadBalancerDaoImpl() {
ListByIp = createSearchBuilder();
ListByIp.and("ipAddress", ListByIp.entity().getSourceIpAddress(), SearchCriteria.Op.EQ);
ListByIp.and("ipAddressId", ListByIp.entity().getSourceIpAddressId(), SearchCriteria.Op.EQ);
ListByIp.and("networkId", ListByIp.entity().getNetworkId(), SearchCriteria.Op.EQ);
ListByIp.done();
IpAndPublicPortSearch = createSearchBuilder();
IpAndPublicPortSearch.and("ipAddress", IpAndPublicPortSearch.entity().getSourceIpAddress(), SearchCriteria.Op.EQ);
IpAndPublicPortSearch.and("ipAddressId", IpAndPublicPortSearch.entity().getSourceIpAddressId(), SearchCriteria.Op.EQ);
IpAndPublicPortSearch.and("publicPort", IpAndPublicPortSearch.entity().getSourcePortStart(), SearchCriteria.Op.EQ);
IpAndPublicPortSearch.done();
@ -87,9 +87,9 @@ public class LoadBalancerDaoImpl extends GenericDaoBase<LoadBalancerVO, Long> im
}
@Override
public List<LoadBalancerVO> listByIpAddress(String ipAddress) {
public List<LoadBalancerVO> listByIpAddress(long ipAddressId) {
SearchCriteria<LoadBalancerVO> sc = ListByIp.create();
sc.setParameters("ipAddress", ipAddress);
sc.setParameters("ipAddressId", ipAddressId);
return listBy(sc);
}
@ -101,9 +101,9 @@ public class LoadBalancerDaoImpl extends GenericDaoBase<LoadBalancerVO, Long> im
}
@Override
public LoadBalancerVO findByIpAddressAndPublicPort(String ipAddress, String publicPort) {
public LoadBalancerVO findByIpAddressAndPublicPort(long ipAddressId, String publicPort) {
SearchCriteria<LoadBalancerVO> sc = IpAndPublicPortSearch.create();
sc.setParameters("ipAddress", ipAddress);
sc.setParameters("ipAddressId", ipAddressId);
sc.setParameters("publicPort", publicPort);
return findOneBy(sc);
}

7
server/src/com/cloud/network/dao/RemoteAccessVpnDao.java
View File

@ -23,11 +23,10 @@ import java.util.List;
import com.cloud.network.RemoteAccessVpn;
import com.cloud.network.RemoteAccessVpnVO;
import com.cloud.utils.db.GenericDao;
import com.cloud.utils.net.Ip;
public interface RemoteAccessVpnDao extends GenericDao<RemoteAccessVpnVO, Ip> {
RemoteAccessVpnVO findByPublicIpAddress(String ipAddress);
RemoteAccessVpnVO findByPublicIpAddressAndState(String ipAddress, RemoteAccessVpn.State state);
public interface RemoteAccessVpnDao extends GenericDao<RemoteAccessVpnVO, Long> {
RemoteAccessVpnVO findByPublicIpAddress(long ipAddressId);
RemoteAccessVpnVO findByPublicIpAddressAndState(long ipAddressId, RemoteAccessVpn.State state);
RemoteAccessVpnVO findByAccountAndNetwork(Long accountId, Long zoneId);
List<RemoteAccessVpnVO> findByAccount(Long accountId);
}

13
server/src/com/cloud/network/dao/RemoteAccessVpnDaoImpl.java
View File

@ -29,10 +29,9 @@ import com.cloud.network.RemoteAccessVpnVO;
import com.cloud.utils.db.GenericDaoBase;
import com.cloud.utils.db.SearchBuilder;
import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.net.Ip;
@Local(value={RemoteAccessVpnDao.class})
public class RemoteAccessVpnDaoImpl extends GenericDaoBase<RemoteAccessVpnVO, Ip> implements RemoteAccessVpnDao {
public class RemoteAccessVpnDaoImpl extends GenericDaoBase<RemoteAccessVpnVO, Long> implements RemoteAccessVpnDao {
private static final Logger s_logger = Logger.getLogger(RemoteAccessVpnDaoImpl.class);
private final SearchBuilder<RemoteAccessVpnVO> AllFieldsSearch;
@ -42,15 +41,15 @@ public class RemoteAccessVpnDaoImpl extends GenericDaoBase<RemoteAccessVpnVO, Ip
AllFieldsSearch = createSearchBuilder();
AllFieldsSearch.and("accountId", AllFieldsSearch.entity().getAccountId(), SearchCriteria.Op.EQ);
AllFieldsSearch.and("networkId", AllFieldsSearch.entity().getNetworkId(), SearchCriteria.Op.EQ);
AllFieldsSearch.and("ipAddress", AllFieldsSearch.entity().getServerAddress(), SearchCriteria.Op.EQ);
AllFieldsSearch.and("ipAddress", AllFieldsSearch.entity().getServerAddressId(), SearchCriteria.Op.EQ);
AllFieldsSearch.and("state", AllFieldsSearch.entity().getState(), SearchCriteria.Op.EQ);
AllFieldsSearch.done();
}
@Override
public RemoteAccessVpnVO findByPublicIpAddress(String ipAddress) {
public RemoteAccessVpnVO findByPublicIpAddress(long ipAddressId) {
SearchCriteria<RemoteAccessVpnVO> sc = AllFieldsSearch.create();
sc.setParameters("ipAddress", ipAddress);
sc.setParameters("ipAddress", ipAddressId);
return findOneBy(sc);
}
@ -70,9 +69,9 @@ public class RemoteAccessVpnDaoImpl extends GenericDaoBase<RemoteAccessVpnVO, Ip
}
@Override
public RemoteAccessVpnVO findByPublicIpAddressAndState(String ipAddress, RemoteAccessVpn.State state) {
public RemoteAccessVpnVO findByPublicIpAddressAndState(long ipAddressId, RemoteAccessVpn.State state) {
SearchCriteria<RemoteAccessVpnVO> sc = AllFieldsSearch.create();
sc.setParameters("ipAddress", ipAddress);
sc.setParameters("ipAddress", ipAddressId);
sc.setParameters("state", state);
return findOneBy(sc);
}

6
server/src/com/cloud/network/element/VirtualRouterElement.java
View File

@ -49,6 +49,7 @@ import com.cloud.network.lb.LoadBalancingRule.LbDestination;
import com.cloud.network.lb.LoadBalancingRulesManager;
import com.cloud.network.router.VirtualNetworkApplianceManager;
import com.cloud.network.rules.FirewallRule;
import com.cloud.network.rules.RulesManager;
import com.cloud.network.rules.FirewallRule.Purpose;
import com.cloud.network.rules.PortForwardingRule;
import com.cloud.network.vpn.RemoteAccessVpnElement;
@ -81,6 +82,7 @@ public class VirtualRouterElement extends DhcpElement implements NetworkElement,
@Inject NetworkOfferingDao _networkOfferingDao;
@Inject VirtualNetworkApplianceManager _routerMgr;
@Inject ConfigurationManager _configMgr;
@Inject RulesManager _rulesMgr;
@Inject UserVmManager _userVmMgr;
@Inject UserVmDao _userVmDao;
@Inject DomainRouterDao _routerDao;
@ -137,7 +139,7 @@ public class VirtualRouterElement extends DhcpElement implements NetworkElement,
throw new CloudRuntimeException("Unable to apply firewall rules");
}
if (router.getState() == State.Running || router.getState() == State.Starting) {
if (router.getState() == State.Running) {
if (rules != null && !rules.isEmpty()) {
if (rules.get(0).getPurpose() == Purpose.LoadBalancing) {
//for load balancer we have to resend all lb rules for the network
@ -151,7 +153,7 @@ public class VirtualRouterElement extends DhcpElement implements NetworkElement,
return _routerMgr.applyLBRules(config, lbRules);
} else if (rules.get(0).getPurpose() == Purpose.PortForwarding) {
return _routerMgr.applyPortForwardingRules(config, (List<PortForwardingRule>)rules);
return _routerMgr.applyPortForwardingRules(config, _rulesMgr.buildPortForwardingTOrules((List<PortForwardingRule>)rules));
}
} else {
return true;

5
server/src/com/cloud/network/guru/PublicNetworkGuru.java
View File

@ -17,6 +17,7 @@ import com.cloud.deploy.DeploymentPlan;
import com.cloud.exception.ConcurrentOperationException;
import com.cloud.exception.InsufficientAddressCapacityException;
import com.cloud.exception.InsufficientVirtualNetworkCapcityException;
import com.cloud.network.IPAddressVO;
import com.cloud.network.Network;
import com.cloud.network.Network.State;
import com.cloud.network.NetworkManager;
@ -34,7 +35,6 @@ import com.cloud.offerings.dao.NetworkOfferingDao;
import com.cloud.user.Account;
import com.cloud.utils.component.AdapterBase;
import com.cloud.utils.component.Inject;
import com.cloud.utils.net.Ip;
import com.cloud.vm.Nic.ReservationStrategy;
import com.cloud.vm.NicProfile;
import com.cloud.vm.ReservationContext;
@ -153,7 +153,8 @@ public class PublicNetworkGuru extends AdapterBase implements NetworkGuru {
@Override
public void deallocate(Network network, NicProfile nic, VirtualMachineProfile<? extends VirtualMachine> vm) {
_ipAddressDao.unassignIpAddress(new Ip(nic.getIp4Address()));
IPAddressVO ip = _ipAddressDao.findByAccountAndIp(vm.getVirtualMachine().getAccountId(), nic.getIp4Address());
_ipAddressDao.unassignIpAddress(ip.getId());
nic.deallocate();
}

3
server/src/com/cloud/network/lb/LoadBalancingRulesManager.java
View File

@ -20,10 +20,9 @@ package com.cloud.network.lb;
import java.util.List;
import com.cloud.network.lb.LoadBalancingRule.LbDestination;
import com.cloud.utils.net.Ip;
public interface LoadBalancingRulesManager extends LoadBalancingRulesService {
boolean removeAllLoadBalanacers(Ip ip);
boolean removeAllLoadBalanacers(long ipId);
List<LbDestination> getExistingDestinations(long lbId);
/**

38
server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
View File

@ -71,7 +71,6 @@ import com.cloud.utils.db.SearchBuilder;
import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.db.Transaction;
import com.cloud.utils.exception.CloudRuntimeException;
import com.cloud.utils.net.Ip;
import com.cloud.utils.net.NetUtils;
import com.cloud.vm.Nic;
import com.cloud.vm.UserVmVO;
@ -111,15 +110,14 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesManager,
@Override @DB
public boolean assignToLoadBalancer(long loadBalancerId, List<Long> instanceIds) {
UserContext caller = UserContext.current();
UserContext ctx = UserContext.current();
Account caller = ctx.getCaller();
LoadBalancerVO loadBalancer = _lbDao.findById(loadBalancerId);
if (loadBalancer == null) {
throw new InvalidParameterValueException("Failed to assign to load balancer " + loadBalancerId + ", the load balancer was not found.");
}
_accountMgr.checkAccess(caller.getCaller(), loadBalancer);
List<LoadBalancerVMMapVO> mappedInstances = _lb2VmMapDao.listByLoadBalancerId(loadBalancerId, false);
Set<Long> mappedInstanceIds = new HashSet<Long>();
for (LoadBalancerVMMapVO mappedInstance : mappedInstances) {
@ -138,7 +136,7 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesManager,
throw new InvalidParameterValueException("Invalid instance id: " + instanceId);
}
_accountMgr.checkAccess(caller.getCaller(), vm);
_rulesMgr.checkRuleAndUserVm(loadBalancer, vm, caller);
if (vm.getAccountId() != loadBalancer.getAccountId()) {
throw new PermissionDeniedException("Cannot add virtual machines that do not belong to the same owner.");
@ -305,12 +303,12 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesManager,
public LoadBalancer createLoadBalancerRule(LoadBalancer lb) throws NetworkRuleConflictException {
UserContext caller = UserContext.current();
Ip srcIp = lb.getSourceIpAddress();
long ipId = lb.getSourceIpAddressId();
// make sure ip address exists
IPAddressVO ipAddr = _ipAddressDao.findById(srcIp);
IPAddressVO ipAddr = _ipAddressDao.findById(ipId);
if (ipAddr == null || !ipAddr.readyToUse()) {
throw new InvalidParameterValueException("Unable to create load balancer rule, invalid IP address " + srcIp);
throw new InvalidParameterValueException("Unable to create load balancer rule, invalid IP address id" + ipId);
}
int srcPortStart = lb.getSourcePortStart();
@ -345,7 +343,7 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesManager,
networkId = ipAddr.getAssociatedWithNetworkId();
}
_accountMgr.checkAccess(caller.getCaller(), ipAddr);
LoadBalancerVO newRule = new LoadBalancerVO(lb.getXid(), lb.getName(), lb.getDescription(), lb.getSourceIpAddress(), lb.getSourcePortEnd(),
LoadBalancerVO newRule = new LoadBalancerVO(lb.getXid(), lb.getName(), lb.getDescription(), lb.getSourceIpAddressId(), lb.getSourcePortEnd(),
lb.getDefaultPortStart(), lb.getAlgorithm(), networkId, ipAddr.getAccountId(), ipAddr.getDomainId());
newRule = _lbDao.persist(newRule);
@ -355,7 +353,7 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesManager,
if (!_rulesDao.setStateToAdd(newRule)) {
throw new CloudRuntimeException("Unable to update the state to add for " + newRule);
}
s_logger.debug("Load balancer " + newRule.getId() + " for Ip address " + srcIp + ", public port " + srcPortStart + ", private port " + defPortStart+ " is added successfully.");
s_logger.debug("Load balancer " + newRule.getId() + " for Ip address id=" + ipId + ", public port " + srcPortStart + ", private port " + defPortStart+ " is added successfully.");
UsageEventVO usageEvent = new UsageEventVO(EventTypes.EVENT_LOAD_BALANCER_CREATE, ipAddr.getAllocatedToAccountId(), ipAddr.getDataCenterId(), newRule.getId(), null);
_usageEventDao.persist(usageEvent);
return newRule;
@ -364,7 +362,7 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesManager,
if (e instanceof NetworkRuleConflictException) {
throw (NetworkRuleConflictException) e;
}
throw new CloudRuntimeException("Unable to add rule for " + newRule.getSourceIpAddress(), e);
throw new CloudRuntimeException("Unable to add rule for ip address id=" + newRule.getSourceIpAddressId(), e);
}
}
@ -397,8 +395,8 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesManager,
}
@Override
public boolean removeAllLoadBalanacers(Ip ip) {
List<FirewallRuleVO> rules = _rulesDao.listByIpAndNotRevoked(ip, null);
public boolean removeAllLoadBalanacers(long ipId) {
List<FirewallRuleVO> rules = _rulesDao.listByIpAndNotRevoked(ipId, null);
if (rules != null)
s_logger.debug("Found " + rules.size() + " lb rules to cleanup");
for (FirewallRule rule : rules) {
@ -1209,7 +1207,7 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesManager,
}
}
IPAddressVO addr = _ipAddressDao.findById(loadBalancer.getSourceIpAddress());
IPAddressVO addr = _ipAddressDao.findById(loadBalancer.getSourceIpAddressId());
List<UserVmVO> userVms = _vmDao.listVirtualNetworkInstancesByAcctAndZone(loadBalancer.getAccountId(), addr.getDataCenterId(), loadBalancer.getNetworkId());
for (UserVmVO userVm : userVms) {
@ -1240,11 +1238,7 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesManager,
Long domainId = cmd.getDomainId();
String accountName = cmd.getAccountName();
Long accountId = null;
String ipString = cmd.getPublicIp();
Ip ipAddress = null;
if (ipString != null) {
ipAddress = new Ip(cmd.getPublicIp());
}
Long ipId = cmd.getPublicIpId();
if (accountName != null && domainId != null) {
owner = _accountDao.findActiveAccount(accountName, domainId);
@ -1271,7 +1265,7 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesManager,
SearchBuilder<LoadBalancerVO> sb = _lbDao.createSearchBuilder();
sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ);
sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE);
sb.and("sourceIpAddress", sb.entity().getSourceIpAddress(), SearchCriteria.Op.EQ);
sb.and("sourceIpAddress", sb.entity().getSourceIpAddressId(), SearchCriteria.Op.EQ);
sb.and("accountId", sb.entity().getAccountId(), SearchCriteria.Op.EQ);
sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ);
@ -1298,8 +1292,8 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesManager,
sc.setParameters("id", id);
}
if (ipAddress != null) {
sc.setParameters("sourceIpAddress", ipAddress);
if (ipId != null) {
sc.setParameters("sourceIpAddress", ipId);
}
if (instanceId != null) {

3
server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java
View File

@ -20,6 +20,7 @@ package com.cloud.network.router;
import java.util.List;
import java.util.Map;
import com.cloud.agent.api.to.PortForwardingRuleTO;
import com.cloud.api.commands.UpgradeRouterCmd;
import com.cloud.deploy.DeployDestination;
import com.cloud.exception.AgentUnavailableException;
@ -88,7 +89,7 @@ public interface VirtualNetworkApplianceManager extends Manager, VirtualNetworkA
boolean associateIP (Network network, List<? extends PublicIpAddress> ipAddress) throws ResourceUnavailableException;
boolean applyLBRules(Network network, List<LoadBalancingRule> rules) throws ResourceUnavailableException;
boolean applyPortForwardingRules(Network network, List<PortForwardingRule> rules) throws AgentUnavailableException;
boolean applyPortForwardingRules(Network network, List<PortForwardingRuleTO> rules) throws AgentUnavailableException;
String[] applyVpnUsers(Network network, List<? extends VpnUser> users) throws ResourceUnavailableException;

27
server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
View File

@ -55,6 +55,7 @@ import com.cloud.agent.api.routing.VmDataCommand;
import com.cloud.agent.api.routing.VpnUsersCfgCommand;
import com.cloud.agent.api.to.IpAddressTO;
import com.cloud.agent.api.to.LoadBalancerTO;
import com.cloud.agent.api.to.PortForwardingRuleTO;
import com.cloud.agent.manager.Commands;
import com.cloud.alert.AlertManager;
import com.cloud.api.commands.UpgradeRouterCmd;
@ -1145,13 +1146,15 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
createAssociateIPCommands(router, publicIps, cmds, 0);
//Re-apply port forwarding rules for all public ips
List<PortForwardingRuleVO> rulesToReapply = new ArrayList<PortForwardingRuleVO>();
List<PortForwardingRuleTO> rulesToReapply = new ArrayList<PortForwardingRuleTO>();
List<RemoteAccessVpn> vpns = new ArrayList<RemoteAccessVpn>();
for (PublicIpAddress ip : publicIps) {
List<PortForwardingRuleVO> rules = _pfRulesDao.listForApplication(ip.getAddress());
rulesToReapply.addAll(rules);
RemoteAccessVpn vpn = _vpnDao.findById(ip.getAddress());
List<? extends PortForwardingRule> rules = _pfRulesDao.listForApplication(ip.getId());
if (rules != null){
rulesToReapply.addAll(_rulesMgr.buildPortForwardingTOrules(rules));
}
RemoteAccessVpn vpn = _vpnDao.findById(ip.getId());
if (vpn != null) {
vpns.add(vpn);
}
@ -1277,7 +1280,9 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
throw new ResourceUnavailableException("Failed to delete remote access VPN: domR is not in right state " + router.getState(), DataCenter.class, network.getDataCenterId());
}
Commands cmds = new Commands(OnError.Continue);
RemoteAccessVpnCfgCommand removeVpnCmd = new RemoteAccessVpnCfgCommand(false, vpn.getServerAddress().addr(), vpn.getLocalIp(), vpn.getIpRange(), vpn.getIpsecPresharedKey());
IpAddress ip = _networkMgr.getIp(vpn.getServerAddressId());
RemoteAccessVpnCfgCommand removeVpnCmd = new RemoteAccessVpnCfgCommand(false, ip.getAddress().addr(), vpn.getLocalIp(), vpn.getIpRange(), vpn.getIpsecPresharedKey());
removeVpnCmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, router.getPrivateIpAddress());
removeVpnCmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
cmds.addCommand(removeVpnCmd);
@ -1508,8 +1513,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
}
}
private void createApplyPortForwardingRulesCommands(List<? extends PortForwardingRule> rules, DomainRouterVO router, Commands cmds) {
private void createApplyPortForwardingRulesCommands(List<PortForwardingRuleTO> rules, DomainRouterVO router, Commands cmds) {
SetPortForwardingRulesCommand cmd = new SetPortForwardingRulesCommand(rules);
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, router.getPrivateIpAddress());
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
@ -1524,7 +1528,8 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
boolean revoked = (rule.getState().equals(FirewallRule.State.Revoke));
String protocol = rule.getProtocol();
String algorithm = rule.getAlgorithm();
String srcIp = rule.getSourceIpAddress().addr();
String srcIp = _networkMgr.getIp(rule.getSourceIpAddressId()).getAddress().addr();
int srcPort = rule.getSourcePortStart();
List<LbDestination> destinations = rule.getDestinations();
LoadBalancerTO lb = new LoadBalancerTO(srcIp, srcPort, protocol, algorithm, revoked, false, destinations);
@ -1554,7 +1559,9 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
addUsersCmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, router.getPrivateIpAddress());
addUsersCmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
RemoteAccessVpnCfgCommand startVpnCmd = new RemoteAccessVpnCfgCommand(true, vpn.getServerAddress().addr(),
IpAddress ip = _networkMgr.getIp(vpn.getServerAddressId());
RemoteAccessVpnCfgCommand startVpnCmd = new RemoteAccessVpnCfgCommand(true, ip.getAddress().addr(),
vpn.getLocalIp(), vpn.getIpRange(), vpn.getIpsecPresharedKey());
startVpnCmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, router.getPrivateIpAddress());
startVpnCmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
@ -1673,7 +1680,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
}
@Override
public boolean applyPortForwardingRules(Network network, List<PortForwardingRule> rules) throws AgentUnavailableException {
public boolean applyPortForwardingRules(Network network, List<PortForwardingRuleTO> rules) throws AgentUnavailableException {
DomainRouterVO router = _routerDao.findByNetworkConfiguration(network.getId());
Commands cmds = new Commands(OnError.Continue);

18
server/src/com/cloud/network/rules/FirewallRuleVO.java
View File

@ -34,7 +34,6 @@ import javax.persistence.InheritanceType;
import javax.persistence.Table;
import com.cloud.utils.db.GenericDao;
import com.cloud.utils.net.Ip;
@Entity
@Table(name="firewall_rules")
@ -56,9 +55,8 @@ public class FirewallRuleVO implements FirewallRule {
@Column(name="account_id", updatable=false)
long accountId;
@Column(name="ip_address", updatable=false)
@Enumerated(value=EnumType.ORDINAL)
Ip sourceIpAddress;
@Column(name="ip_address_id", updatable=false)
long sourceIpAddressId;
@Column(name="start_port", updatable=false)
int sourcePortStart;
@ -107,8 +105,8 @@ public class FirewallRuleVO implements FirewallRule {
}
@Override
public Ip getSourceIpAddress() {
return sourceIpAddress;
public long getSourceIpAddressId() {
return sourceIpAddressId;
}
@Override
@ -152,14 +150,14 @@ public class FirewallRuleVO implements FirewallRule {
protected FirewallRuleVO() {
}
public FirewallRuleVO(String xId, Ip srcIp, int portStart, int portEnd, String protocol, long networkId, long accountId, long domainId, Purpose purpose, boolean isOneToOneNat) {
public FirewallRuleVO(String xId, long ipAddressId, int portStart, int portEnd, String protocol, long networkId, long accountId, long domainId, Purpose purpose, boolean isOneToOneNat) {
this.xId = xId;
if (xId == null) {
this.xId = UUID.randomUUID().toString();
}
this.accountId = accountId;
this.domainId = domainId;
this.sourceIpAddress = srcIp;
this.sourceIpAddressId = ipAddressId;
this.sourcePortStart = portStart;
this.sourcePortEnd = portEnd;
this.protocol = protocol;
@ -169,8 +167,8 @@ public class FirewallRuleVO implements FirewallRule {
this.oneToOneNat = isOneToOneNat;
}
public FirewallRuleVO(String xId, Ip srcIp, int port, String protocol, long networkId, long accountId, long domainId, Purpose purpose, boolean isOneToOneNat) {
this(xId, srcIp, port, port, protocol, networkId, accountId, domainId, purpose, isOneToOneNat);
public FirewallRuleVO(String xId, long ipAddressId, int port, String protocol, long networkId, long accountId, long domainId, Purpose purpose, boolean isOneToOneNat) {
this(xId, ipAddressId, port, port, protocol, networkId, accountId, domainId, purpose, isOneToOneNat);
}
@Override

8
server/src/com/cloud/network/rules/PortForwardingRuleVO.java
View File

@ -52,16 +52,16 @@ public class PortForwardingRuleVO extends FirewallRuleVO implements PortForwardi
public PortForwardingRuleVO() {
}
public PortForwardingRuleVO(String xId, Ip srcIp, int srcPortStart, int srcPortEnd, Ip dstIp, int dstPortStart, int dstPortEnd, String protocol, long networkId, long accountId, long domainId, long instanceId, boolean isOneToOneNat) {
super(xId, srcIp, srcPortStart, srcPortEnd, protocol, networkId, accountId, domainId, Purpose.PortForwarding, isOneToOneNat);
public PortForwardingRuleVO(String xId, long srcIpId, int srcPortStart, int srcPortEnd, Ip dstIp, int dstPortStart, int dstPortEnd, String protocol, long networkId, long accountId, long domainId, long instanceId, boolean isOneToOneNat) {
super(xId, srcIpId, srcPortStart, srcPortEnd, protocol, networkId, accountId, domainId, Purpose.PortForwarding, isOneToOneNat);
this.destinationIpAddress = dstIp;
this.virtualMachineId = instanceId;
this.destinationPortStart = dstPortStart;
this.destinationPortEnd = dstPortEnd;
}
public PortForwardingRuleVO(String xId, Ip srcIp, int srcPort, Ip dstIp, int dstPort, String protocol, long networkId, long accountId, long domainId, long instanceId, boolean isOneToOneNat) {
this(xId, srcIp, srcPort, srcPort, dstIp, dstPort, dstPort, protocol, networkId, accountId, domainId, instanceId, isOneToOneNat);
public PortForwardingRuleVO(String xId, long srcIpId, int srcPort, Ip dstIp, int dstPort, String protocol, long networkId, long accountId, long domainId, long instanceId, boolean isOneToOneNat) {
this(xId, srcIpId, srcPort, srcPort, dstIp, dstPort, dstPort, protocol, networkId, accountId, domainId, instanceId, isOneToOneNat);
}
@Override

12
server/src/com/cloud/network/rules/RulesManager.java
View File

@ -26,7 +26,6 @@ import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.IpAddress;
import com.cloud.user.Account;
import com.cloud.uservm.UserVm;
import com.cloud.utils.net.Ip;
/**
@ -34,7 +33,7 @@ import com.cloud.utils.net.Ip;
*/
public interface RulesManager extends RulesService {
boolean applyPortForwardingRules(Ip ip, boolean continueOnError);
boolean applyPortForwardingRules(long ipAddressId, boolean continueOnError);
/**
* detectRulesConflict finds conflicts in networking rules. It checks for
@ -56,10 +55,11 @@ public interface RulesManager extends RulesService {
void detectRulesConflict(FirewallRule newRule, IpAddress ipAddress) throws NetworkRuleConflictException;
void checkIpAndUserVm(IpAddress ipAddress, UserVm userVm, Account caller) throws InvalidParameterValueException, PermissionDeniedException;
void checkRuleAndUserVm(FirewallRule rule, UserVm userVm, Account caller) throws InvalidParameterValueException, PermissionDeniedException;
boolean revokeAllRules(Ip ip, long userId) throws ResourceUnavailableException;
boolean revokeAllRules(long ipId, long userId) throws ResourceUnavailableException;
List<? extends FirewallRule> listFirewallRulesByIp(Ip ip);
List<? extends FirewallRule> listFirewallRulesByIp(long ipAddressId);
/**
* Returns a list of port forwarding rules that are ready for application
@ -67,14 +67,14 @@ public interface RulesManager extends RulesService {
* @param ip
* @return List of PortForwardingRule
*/
List<? extends PortForwardingRule> listPortForwardingRulesForApplication(Ip ip);
List<? extends PortForwardingRule> listPortForwardingRulesForApplication(long ipId);
List<? extends PortForwardingRule> gatherPortForwardingRulesForApplication(List<? extends IpAddress> addrs);
boolean revokePortForwardingRule(long vmId);
FirewallRule[] reservePorts(IpAddress ip, String protocol, FirewallRule.Purpose purpose, int... ports) throws NetworkRuleConflictException;
boolean releasePorts(Ip ip, String protocol, FirewallRule.Purpose purpose, int... ports);
boolean releasePorts(long ipId, String protocol, FirewallRule.Purpose purpose, int... ports);
List<? extends PortForwardingRule> listByNetworkId(long networkId);
}

159
server/src/com/cloud/network/rules/RulesManagerImpl.java
View File

@ -26,6 +26,7 @@ import javax.naming.ConfigurationException;
import org.apache.log4j.Logger;
import com.cloud.agent.api.to.PortForwardingRuleTO;
import com.cloud.api.commands.ListPortForwardingRulesCmd;
import com.cloud.event.EventTypes;
import com.cloud.event.UsageEventVO;
@ -81,9 +82,9 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
@Override
public void detectRulesConflict(FirewallRule newRule, IpAddress ipAddress) throws NetworkRuleConflictException {
assert newRule.getSourceIpAddress().equals(ipAddress.getAddress()) : "You passed in an ip address that doesn't match the address in the new rule";
assert newRule.getSourceIpAddressId() == ipAddress.getId() : "You passed in an ip address that doesn't match the address in the new rule";
List<FirewallRuleVO> rules = _firewallDao.listByIpAndNotRevoked(newRule.getSourceIpAddress(), null);
List<FirewallRuleVO> rules = _firewallDao.listByIpAndNotRevoked(newRule.getSourceIpAddressId(), null);
assert (rules.size() >= 1) : "For network rules, we now always first persist the rule and then check for network conflicts so we should at least have one rule at this point.";
for (FirewallRuleVO rule : rules) {
@ -92,9 +93,9 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
if (rule.isOneToOneNat() && !newRule.isOneToOneNat()) {
throw new NetworkRuleConflictException("There is 1 to 1 Nat rule specified for the " + newRule.getSourceIpAddress());
throw new NetworkRuleConflictException("There is 1 to 1 Nat rule specified for the ip address id=" + newRule.getSourceIpAddressId());
} else if (!rule.isOneToOneNat() && newRule.isOneToOneNat()) {
throw new NetworkRuleConflictException("There is already firewall rule specified for the " + newRule.getSourceIpAddress());
throw new NetworkRuleConflictException("There is already firewall rule specified for the ip address id=" + newRule.getSourceIpAddressId());
}
if (rule.getNetworkId() != newRule.getNetworkId() && rule.getState() != State.Revoke) {
@ -148,14 +149,40 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
@Override
public void checkRuleAndUserVm(FirewallRule rule, UserVm userVm, Account caller) throws InvalidParameterValueException, PermissionDeniedException {
if (userVm == null || rule == null) {
return;
}
_accountMgr.checkAccess(caller, rule);
_accountMgr.checkAccess(caller, userVm);
if (userVm.getState() == VirtualMachine.State.Destroyed || userVm.getState() == VirtualMachine.State.Expunging) {
throw new InvalidParameterValueException("Invalid user vm: " + userVm.getId());
}
if (rule.getAccountId() != userVm.getAccountId()) {
throw new InvalidParameterValueException("Rule id=" + rule.getId() + " and vm id=" + userVm.getId() + " belong to different accounts");
}
}
@Override @DB
public PortForwardingRule createPortForwardingRule(PortForwardingRule rule, Long vmId, boolean isNat) throws NetworkRuleConflictException {
UserContext ctx = UserContext.current();
Account caller = ctx.getCaller();
Ip ipAddr = rule.getSourceIpAddress();
Long ipAddrId = rule.getSourceIpAddressId();
IPAddressVO ipAddress = _ipAddressDao.findById(ipAddr);
IPAddressVO ipAddress = _ipAddressDao.findById(ipAddrId);
//Verify ip address existst and if 1-1 nat is enabled for it
if (ipAddress == null) {
throw new InvalidParameterValueException("Unable to create ip forwarding rule; ip id=" + ipAddrId + " doesn't exist in the system");
} else {
_accountMgr.checkAccess(caller, ipAddress);
}
Ip dstIp = rule.getDestinationIpAddress();
long networkId;
@ -166,6 +193,8 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
vm = _vmDao.findById(vmId);
if (vm == null) {
throw new InvalidParameterValueException("Unable to create ip forwarding rule on address " + ipAddress + ", invalid virtual machine id specified (" + vmId + ").");
} else {
checkRuleAndUserVm(rule, vm, caller);
}
dstIp = null;
List<? extends Nic> nics = _networkMgr.getNics(vm);
@ -200,7 +229,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
PortForwardingRuleVO newRule =
new PortForwardingRuleVO(rule.getXid(),
rule.getSourceIpAddress(),
rule.getSourceIpAddressId(),
rule.getSourcePortStart(),
rule.getSourcePortEnd(),
dstIp,
@ -226,13 +255,13 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
if (e instanceof NetworkRuleConflictException) {
throw (NetworkRuleConflictException)e;
}
throw new CloudRuntimeException("Unable to add rule for " + newRule.getSourceIpAddress(), e);
throw new CloudRuntimeException("Unable to add rule for the ip id=" + newRule.getSourceIpAddressId(), e);
}
}
@Override
public boolean enableOneToOneNat(Ip ip, long vmId) throws NetworkRuleConflictException{
IPAddressVO ipAddress = _ipAddressDao.findById(ip);
public boolean enableOneToOneNat(long ipId, long vmId) throws NetworkRuleConflictException{
IPAddressVO ipAddress = _ipAddressDao.findById(ipId);
Account caller = UserContext.current().getCaller();
UserVmVO vm = null;
@ -244,23 +273,23 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
checkIpAndUserVm(ipAddress, vm, caller);
if (ipAddress.isSourceNat()) {
throw new InvalidParameterValueException("Can't enable one to one nat, ip address: " + ip.addr() + " is a sourceNat ip address");
throw new InvalidParameterValueException("Can't enable one to one nat, ip address id=" + ipId + " is a sourceNat ip address");
}
if (!ipAddress.isOneToOneNat()) {
List<FirewallRuleVO> rules = _firewallDao.listByIpAndNotRevoked(ip, false);
List<FirewallRuleVO> rules = _firewallDao.listByIpAndNotRevoked(ipId, false);
if (rules != null && !rules.isEmpty()) {
throw new NetworkRuleConflictException("Failed to enable one to one nat for the ip address " + ipAddress.getAddress() + " as it already has firewall rules assigned");
throw new NetworkRuleConflictException("Failed to enable one to one nat for the ip address id=" + ipAddress.getId() + " as it already has firewall rules assigned");
}
} else {
if (ipAddress.getAssociatedWithVmId() != null && ipAddress.getAssociatedWithVmId().longValue() != vmId) {
throw new NetworkRuleConflictException("Failed to enable one to one nat for the ip address " + ipAddress.getAddress() + " and vm id=" + vmId + " as it's already assigned to antoher vm");
throw new NetworkRuleConflictException("Failed to enable one to one nat for the ip address id=" + ipAddress.getId() + " and vm id=" + vmId + " as it's already assigned to antoher vm");
}
}
ipAddress.setOneToOneNat(true);
ipAddress.setAssociatedWithVmId(vmId);
return _ipAddressDao.update(ipAddress.getAddress(), ipAddress);
return _ipAddressDao.update(ipAddress.getId(), ipAddress);
}
@ -298,7 +327,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
// Save and create the event
String ruleName = rule.getPurpose() == Purpose.Firewall ? "Firewall" : (rule.isOneToOneNat() ? "ip forwarding" : "port forwarding");
StringBuilder description = new StringBuilder("deleted ").append(ruleName).append(" rule [").append(rule.getSourceIpAddress()).append(":").append(rule.getSourcePortStart()).append("-").append(rule.getSourcePortEnd()).append("]");
StringBuilder description = new StringBuilder("deleted ").append(ruleName).append(" rule [ipAddressId=").append(rule.getSourceIpAddressId()).append(":").append(rule.getSourcePortStart()).append("-").append(rule.getSourcePortEnd()).append("]");
if (rule.getPurpose() == Purpose.PortForwarding) {
PortForwardingRuleVO pfRule = (PortForwardingRuleVO)rule;
description.append("->[").append(pfRule.getDestinationIpAddress()).append(":").append(pfRule.getDestinationPortStart()).append("-").append(pfRule.getDestinationPortEnd()).append("]");
@ -324,7 +353,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
boolean success = false;
if (apply) {
success = applyPortForwardingRules(rule.getSourceIpAddress(), true);
success = applyPortForwardingRules(rule.getSourceIpAddressId(), true);
} else {
success = true;
}
@ -349,44 +378,43 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
return true;
}
public List<? extends FirewallRule> listFirewallRules(Ip ip) {
return _firewallDao.listByIpAndNotRevoked(ip, null);
public List<? extends FirewallRule> listFirewallRules(long ipId) {
return _firewallDao.listByIpAndNotRevoked(ipId, null);
}
@Override
public List<? extends PortForwardingRule> listPortForwardingRulesForApplication(Ip ip) {
return _forwardingDao.listForApplication(ip);
public List<? extends PortForwardingRule> listPortForwardingRulesForApplication(long ipId) {
return _forwardingDao.listForApplication(ipId);
}
@Override
public List<? extends PortForwardingRule> listPortForwardingRules(ListPortForwardingRulesCmd cmd) {
Account caller = UserContext.current().getCaller();
String ip = cmd.getIpAddress();
Long ipId = cmd.getIpAddressId();
Pair<String, Long> accountDomainPair = _accountMgr.finalizeAccountDomainForList(caller, cmd.getAccountName(), cmd.getDomainId());
String accountName = accountDomainPair.first();
Long domainId = accountDomainPair.second();
if(cmd.getIpAddress() != null){
Ip ipAddress = new Ip(cmd.getIpAddress());
IPAddressVO ipAddressVO = _ipAddressDao.findById(ipAddress);
if(ipId != null){
IPAddressVO ipAddressVO = _ipAddressDao.findById(ipId);
if (ipAddressVO == null || !ipAddressVO.readyToUse()) {
throw new InvalidParameterValueException("Ip address not ready for port forwarding rules yet: " + ipAddress);
throw new InvalidParameterValueException("Ip address id=" + ipId + " not ready for port forwarding rules yet");
}
_accountMgr.checkAccess(caller, ipAddressVO);
}
Filter filter = new Filter(PortForwardingRuleVO.class, "id", false, cmd.getStartIndex(), cmd.getPageSizeVal());
SearchBuilder<PortForwardingRuleVO> sb = _forwardingDao.createSearchBuilder();
sb.and("ip", sb.entity().getSourceIpAddress(), Op.EQ);
sb.and("ip", sb.entity().getSourceIpAddressId(), Op.EQ);
sb.and("accountId", sb.entity().getAccountId(), Op.EQ);
sb.and("domainId", sb.entity().getDomainId(), Op.EQ);
sb.and("oneToOneNat", sb.entity().isOneToOneNat(), Op.EQ);
SearchCriteria<PortForwardingRuleVO> sc = sb.create();
if (ip != null) {
sc.setParameters("ip", ip);
if (ipId != null) {
sc.setParameters("ip", ipId);
}
if (domainId != null) {
@ -403,19 +431,19 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
@Override
public boolean applyPortForwardingRules(Ip ip, boolean continueOnError) {
public boolean applyPortForwardingRules(long ipId, boolean continueOnError) {
try {
return applyPortForwardingRules(ip, continueOnError, null);
return applyPortForwardingRules(ipId, continueOnError, null);
} catch (ResourceUnavailableException e) {
s_logger.warn("Unable to reapply port forwarding rules for " + ip);
s_logger.warn("Unable to reapply port forwarding rules for Ip id=" + ipId);
return false;
}
}
protected boolean applyPortForwardingRules(Ip ip, boolean continueOnError, Account caller) throws ResourceUnavailableException {
List<PortForwardingRuleVO> rules = _forwardingDao.listForApplication(ip);
protected boolean applyPortForwardingRules(long ipId, boolean continueOnError, Account caller) throws ResourceUnavailableException {
List<PortForwardingRuleVO> rules = _forwardingDao.listForApplication(ipId);
if (rules.size() == 0) {
s_logger.debug("There are no rules to apply for " + ip);
s_logger.debug("There are no rules to apply for ip id=" + ipId);
return true;
}
@ -441,33 +469,33 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
@Override
public List<PortForwardingRuleVO> searchForIpForwardingRules(Ip ip, Long id, Long vmId, Long start, Long size) {
return _forwardingDao.searchNatRules(ip, id, vmId, start, size);
public List<PortForwardingRuleVO> searchForIpForwardingRules(Long ipId, Long id, Long vmId, Long start, Long size) {
return _forwardingDao.searchNatRules(ipId, id, vmId, start, size);
}
@Override
public boolean applyPortForwardingRules(Ip ip, Account caller) throws ResourceUnavailableException {
return applyPortForwardingRules(ip, false, caller);
public boolean applyPortForwardingRules(long ipId, Account caller) throws ResourceUnavailableException {
return applyPortForwardingRules(ipId, false, caller);
}
@Override
public boolean revokeAllRules(Ip ip, long userId) throws ResourceUnavailableException {
List<PortForwardingRuleVO> rules = _forwardingDao.listByIpAndNotRevoked(ip);
public boolean revokeAllRules(long ipId, long userId) throws ResourceUnavailableException {
List<PortForwardingRuleVO> rules = _forwardingDao.listByIpAndNotRevoked(ipId);
if (s_logger.isDebugEnabled()) {
s_logger.debug("Releasing " + rules.size() + " rules for " + ip);
s_logger.debug("Releasing " + rules.size() + " rules for ip id=" + ipId);
}
for (PortForwardingRuleVO rule : rules) {
revokeRule(rule, null, userId);
}
applyPortForwardingRules(ip, true, null);
applyPortForwardingRules(ipId, true, null);
// Now we check again in case more rules have been inserted.
rules = _forwardingDao.listByIpAndNotRevoked(ip);
rules = _forwardingDao.listByIpAndNotRevoked(ipId);
if (s_logger.isDebugEnabled()) {
s_logger.debug("Successfully released rules for " + ip + " and # of rules now = " + rules.size());
s_logger.debug("Successfully released rules for ip id=" + ipId + " and # of rules now = " + rules.size());
}
return rules.size() == 0;
@ -495,13 +523,13 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
@Override
public List<? extends FirewallRule> listFirewallRulesByIp(Ip ip) {
public List<? extends FirewallRule> listFirewallRulesByIp(long ipId) {
return null;
}
@Override
public boolean releasePorts(Ip ip, String protocol, FirewallRule.Purpose purpose, int... ports) {
return _firewallDao.releasePorts(ip, protocol, purpose, ports);
public boolean releasePorts(long ipId, String protocol, FirewallRule.Purpose purpose, int... ports) {
return _firewallDao.releasePorts(ipId, protocol, purpose, ports);
}
@Override @DB
@ -513,7 +541,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
for (int i = 0; i < ports.length; i++) {
rules[i] =
new FirewallRuleVO(null,
ip.getAddress(),
ip.getId(),
ports[i],
protocol,
ip.getAssociatedWithNetworkId(),
@ -554,7 +582,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
continue;
}
allRules.addAll(_forwardingDao.listForApplication(addr.getAddress()));
allRules.addAll(_forwardingDao.listForApplication(addr.getId()));
}
if (s_logger.isDebugEnabled()) {
@ -570,7 +598,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
public boolean isLastOneToOneNatRule(FirewallRule ruleToCheck) {
List<FirewallRuleVO> rules = _firewallDao.listByIpAndNotRevoked(ruleToCheck.getSourceIpAddress(), false);
List<FirewallRuleVO> rules = _firewallDao.listByIpAndNotRevoked(ruleToCheck.getSourceIpAddressId(), false);
if (rules != null && !rules.isEmpty()) {
for (FirewallRuleVO rule : rules) {
if (ruleToCheck.getId() == rule.getId()) {
@ -588,17 +616,17 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
@Override
public boolean disableOneToOneNat(Ip ip){
public boolean disableOneToOneNat(long ipId){
Account caller = UserContext.current().getCaller();
IPAddressVO ipAddress = _ipAddressDao.findById(ip);
IPAddressVO ipAddress = _ipAddressDao.findById(ipId);
checkIpAndUserVm(ipAddress, null, caller);
if (!ipAddress.isOneToOneNat()) {
throw new InvalidParameterValueException("One to one nat is not enabled for the ip: " + ip.addr());
throw new InvalidParameterValueException("One to one nat is not enabled for the ip id=" + ipId);
}
List<FirewallRuleVO> rules = _firewallDao.listByIpAndNotRevoked(ip, true);
List<FirewallRuleVO> rules = _firewallDao.listByIpAndNotRevoked(ipId, true);
if (rules != null) {
for (FirewallRuleVO rule : rules) {
rule.setState(State.Revoke);
@ -608,15 +636,30 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
}
if (applyPortForwardingRules(ip, true)) {
if (applyPortForwardingRules(ipId, true)) {
ipAddress.setOneToOneNat(false);
ipAddress.setAssociatedWithVmId(null);
_ipAddressDao.update(ipAddress.getAddress(), ipAddress);
_ipAddressDao.update(ipAddress.getId(), ipAddress);
return true;
} else {
s_logger.warn("Failed to disable one to one nat for the ip address " + ip.addr());
s_logger.warn("Failed to disable one to one nat for the ip address id" + ipId);
return false;
}
}
@Override
public List<PortForwardingRuleTO> buildPortForwardingTOrules(List<? extends PortForwardingRule> pfRules) {
if (pfRules != null) {
List<PortForwardingRuleTO> rulesTO = new ArrayList<PortForwardingRuleTO>();
for (PortForwardingRule rule : pfRules) {
IpAddress sourceIp = _networkMgr.getIp(rule.getSourceIpAddressId());
PortForwardingRuleTO ruleTO = new PortForwardingRuleTO(rule, sourceIp.getAddress().addr());
rulesTO.add(ruleTO);
}
return rulesTO;
} else {
return null;
}
}
}

9
server/src/com/cloud/network/rules/dao/PortForwardingRulesDao.java
View File

@ -21,10 +21,9 @@ import java.util.List;
import com.cloud.network.rules.PortForwardingRuleVO;
import com.cloud.utils.db.GenericDao;
import com.cloud.utils.net.Ip;
public interface PortForwardingRulesDao extends GenericDao<PortForwardingRuleVO, Long> {
List<PortForwardingRuleVO> listForApplication(Ip ip);
List<PortForwardingRuleVO> listForApplication(long ipId);
/**
* Find all port forwarding rules that have not been revoked.
@ -32,11 +31,11 @@ public interface PortForwardingRulesDao extends GenericDao<PortForwardingRuleVO,
* @param ip ip address
* @return List of PortForwardingRuleVO
*/
List<PortForwardingRuleVO> listByIpAndNotRevoked(Ip ip);
List<PortForwardingRuleVO> listByIpAndNotRevoked(long ipId);
List<PortForwardingRuleVO> listByIp(Ip ip);
List<PortForwardingRuleVO> listByIp(long ipId);
List<PortForwardingRuleVO> searchNatRules(Ip ip, Long id, Long vmId, Long startIndex, Long pageSize);
List<PortForwardingRuleVO> searchNatRules(Long ipId, Long id, Long vmId, Long startIndex, Long pageSize);
List<PortForwardingRuleVO> listByVm(Long vmId);

25
server/src/com/cloud/network/rules/dao/PortForwardingRulesDaoImpl.java
View File

@ -28,7 +28,6 @@ import com.cloud.utils.db.GenericDaoBase;
import com.cloud.utils.db.SearchBuilder;
import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.db.SearchCriteria.Op;
import com.cloud.utils.net.Ip;
@Local(value=PortForwardingRulesDao.class)
public class PortForwardingRulesDaoImpl extends GenericDaoBase<PortForwardingRuleVO, Long> implements PortForwardingRulesDao {
@ -44,7 +43,7 @@ public class PortForwardingRulesDaoImpl extends GenericDaoBase<PortForwardingRul
AllFieldsSearch = createSearchBuilder();
AllFieldsSearch.and("id", AllFieldsSearch.entity().getId(), Op.EQ);
AllFieldsSearch.and("state", AllFieldsSearch.entity().getState(), Op.EQ);
AllFieldsSearch.and("ip", AllFieldsSearch.entity().getSourceIpAddress(), Op.EQ);
AllFieldsSearch.and("ipId", AllFieldsSearch.entity().getSourceIpAddressId(), Op.EQ);
AllFieldsSearch.and("protocol", AllFieldsSearch.entity().getProtocol(), Op.EQ);
AllFieldsSearch.and("networkId", AllFieldsSearch.entity().getNetworkId(), Op.EQ);
AllFieldsSearch.and("vmId", AllFieldsSearch.entity().getVirtualMachineId(), Op.EQ);
@ -52,11 +51,11 @@ public class PortForwardingRulesDaoImpl extends GenericDaoBase<PortForwardingRul
AllFieldsSearch.done();
ApplicationSearch = createSearchBuilder();
ApplicationSearch.and("ip", ApplicationSearch.entity().getSourceIpAddress(), Op.EQ);
ApplicationSearch.and("ipId", ApplicationSearch.entity().getSourceIpAddressId(), Op.EQ);
ApplicationSearch.and("state", ApplicationSearch.entity().getState(), Op.NEQ);
ActiveRulesSearch = createSearchBuilder();
ActiveRulesSearch.and("ip", ActiveRulesSearch.entity().getSourceIpAddress(), Op.EQ);
ActiveRulesSearch.and("ipId", ActiveRulesSearch.entity().getSourceIpAddressId(), Op.EQ);
ActiveRulesSearch.and("state", ActiveRulesSearch.entity().getState(), Op.NEQ);
ActiveRulesSearch.done();
@ -71,9 +70,9 @@ public class PortForwardingRulesDaoImpl extends GenericDaoBase<PortForwardingRul
}
@Override
public List<PortForwardingRuleVO> listForApplication(Ip ip) {
public List<PortForwardingRuleVO> listForApplication(long ipId) {
SearchCriteria<PortForwardingRuleVO> sc = ApplicationSearch.create();
sc.setParameters("ip", ip);
sc.setParameters("ipId", ipId);
sc.setParameters("state", State.Staged);
return listBy(sc, null);
@ -87,29 +86,29 @@ public class PortForwardingRulesDaoImpl extends GenericDaoBase<PortForwardingRul
}
@Override
public List<PortForwardingRuleVO> listByIpAndNotRevoked(Ip ip) {
public List<PortForwardingRuleVO> listByIpAndNotRevoked(long ipId) {
SearchCriteria<PortForwardingRuleVO> sc = ActiveRulesSearch.create();
sc.setParameters("ip", ip);
sc.setParameters("ipId", ipId);
sc.setParameters("state", State.Revoke);
return listBy(sc, null);
}
@Override
public List<PortForwardingRuleVO> listByIp(Ip ip) {
public List<PortForwardingRuleVO> listByIp(long ipId) {
SearchCriteria<PortForwardingRuleVO> sc = ActiveRulesSearch.create();
sc.setParameters("ip", ip);
sc.setParameters("ipId", ipId);
return listBy(sc, null);
}
@Override
public List<PortForwardingRuleVO> searchNatRules(Ip ip, Long id, Long vmId, Long startIndex, Long pageSize) {
public List<PortForwardingRuleVO> searchNatRules(Long ipId, Long id, Long vmId, Long startIndex, Long pageSize) {
Filter searchFilter = new Filter(PortForwardingRuleVO.class, "id", true, startIndex, pageSize);
SearchCriteria<PortForwardingRuleVO> sc = AllFieldsSearch.create();
if (ip != null) {
sc.setParameters("ip", ip);
if (ipId != null) {
sc.setParameters("ipId", ipId);
}
if (id != null) {

47
server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
View File

@ -32,8 +32,6 @@ import com.cloud.configuration.Config;
import com.cloud.configuration.dao.ConfigurationDao;
import com.cloud.domain.DomainVO;
import com.cloud.domain.dao.DomainDao;
import com.cloud.event.EventTypes;
import com.cloud.event.EventUtils;
import com.cloud.exception.AccountLimitException;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.NetworkRuleConflictException;
@ -52,8 +50,8 @@ import com.cloud.network.dao.IPAddressDao;
import com.cloud.network.dao.RemoteAccessVpnDao;
import com.cloud.network.dao.VpnUserDao;
import com.cloud.network.router.VirtualNetworkApplianceManager;
import com.cloud.network.rules.FirewallRule;
import com.cloud.network.rules.FirewallRule.Purpose;
import com.cloud.network.rules.FirewallRuleVO;
import com.cloud.network.rules.RulesManager;
import com.cloud.user.Account;
import com.cloud.user.AccountManager;
@ -71,7 +69,6 @@ import com.cloud.utils.db.JoinBuilder;
import com.cloud.utils.db.SearchBuilder;
import com.cloud.utils.db.SearchCriteria;
import com.cloud.utils.db.Transaction;
import com.cloud.utils.net.Ip;
import com.cloud.utils.net.NetUtils;
@Local(value = RemoteAccessVpnService.class)
@ -96,14 +93,14 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
SearchBuilder<RemoteAccessVpnVO> VpnSearch;
@Override
public RemoteAccessVpn createRemoteAccessVpn(Ip publicIp, String ipRange) throws NetworkRuleConflictException {
public RemoteAccessVpn createRemoteAccessVpn(long publicIpId, String ipRange) throws NetworkRuleConflictException {
UserContext ctx = UserContext.current();
Account caller = ctx.getCaller();
// make sure ip address exists
PublicIpAddress ipAddr = _networkMgr.getPublicIpAddress(publicIp);
PublicIpAddress ipAddr = _networkMgr.getPublicIpAddress(publicIpId);
if (ipAddr == null) {
throw new InvalidParameterValueException("Unable to create remote access vpn, invalid public IP address " + publicIp);
throw new InvalidParameterValueException("Unable to create remote access vpn, invalid public IP address id" + publicIpId);
}
_accountMgr.checkAccess(caller, ipAddr);
@ -112,7 +109,7 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
throw new InvalidParameterValueException("The Ip address is not ready to be used yet: " + ipAddr.getAddress());
}
RemoteAccessVpnVO vpnVO = _remoteAccessVpnDao.findByPublicIpAddress(publicIp.toString());
RemoteAccessVpnVO vpnVO = _remoteAccessVpnDao.findByPublicIpAddress(publicIpId);
if (vpnVO != null) {
//if vpn is in Added state, return it to the api
@ -164,7 +161,7 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
String sharedSecret = PasswordGenerator.generatePresharedKey(_pskLength);
_rulesMgr.reservePorts(ipAddr, NetUtils.UDP_PROTO, Purpose.Vpn, NetUtils.VPN_PORT, NetUtils.VPN_L2TP_PORT, NetUtils.VPN_NATT_PORT);
vpnVO = new RemoteAccessVpnVO(ipAddr.getAllocatedToAccountId(), ipAddr.getAllocatedInDomainId(), ipAddr.getAssociatedWithNetworkId(),
publicIp, range[0], newIpRange, sharedSecret);
publicIpId, range[0], newIpRange, sharedSecret);
return _remoteAccessVpnDao.persist(vpnVO);
}
@ -195,12 +192,12 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
}
@Override @DB
public void destroyRemoteAccessVpn(Ip ip, long startEventId) throws ResourceUnavailableException {
public void destroyRemoteAccessVpn(long ipId, long startEventId) throws ResourceUnavailableException {
Account caller = UserContext.current().getCaller();
RemoteAccessVpnVO vpn = _remoteAccessVpnDao.findById(ip);
RemoteAccessVpnVO vpn = _remoteAccessVpnDao.findById(ipId);
if (vpn == null) {
s_logger.debug("vpn does not exists " + ip);
s_logger.debug("vpn id=" + ipId + " does not exists ");
return;
}
@ -209,7 +206,7 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
Network network = _networkMgr.getNetwork(vpn.getNetworkId());
vpn.setState(RemoteAccessVpn.State.Removed);
_remoteAccessVpnDao.update(vpn.getServerAddress(), vpn);
_remoteAccessVpnDao.update(vpn.getServerAddressId(), vpn);
List<? extends RemoteAccessVpnElement> elements = _networkMgr.getRemoteAccessVpnElements();
@ -226,14 +223,14 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
Transaction txn = Transaction.currentTxn();
try {
txn.start();
_remoteAccessVpnDao.remove(ip);
_remoteAccessVpnDao.remove(ipId);
//Cleanup corresponding ports
List<FirewallRuleVO> ports = _rulesDao.listByIpAndPurpose(ip, Purpose.Vpn);
List<? extends FirewallRule> ports = _rulesDao.listByIpAndPurpose(ipId, Purpose.Vpn);
if (ports != null) {
for (FirewallRuleVO port : ports) {
for (FirewallRule port : ports) {
_rulesDao.remove(port.getId());
s_logger.debug("Successfully removed firewall rule with ip " + port.getSourceIpAddress() + " and port " + port.getSourcePortStart() + " as a part of vpn cleanup");
s_logger.debug("Successfully removed firewall rule with ip id=" + port.getSourceIpAddressId() + " and port " + port.getSourcePortStart() + " as a part of vpn cleanup");
}
}
txn.commit();
@ -299,7 +296,7 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
}
@Override
public RemoteAccessVpnVO startRemoteAccessVpn(Ip vpnId) throws ResourceUnavailableException {
public RemoteAccessVpnVO startRemoteAccessVpn(long vpnId) throws ResourceUnavailableException {
Account caller = UserContext.current().getCaller();
RemoteAccessVpnVO vpn = _remoteAccessVpnDao.findById(vpnId);
@ -324,7 +321,7 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
} finally {
if (started) {
vpn.setState(RemoteAccessVpn.State.Running);
_remoteAccessVpnDao.update(vpn.getServerAddress(), vpn);
_remoteAccessVpnDao.update(vpn.getServerAddressId(), vpn);
}
}
}
@ -482,22 +479,22 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
String accountName = cmd.getAccountName();
Long domainId = cmd.getDomainId();
Ip ipAddress = cmd.getPublicIp();
if (ipAddress != null) {
PublicIpAddress publicIp = _networkMgr.getPublicIpAddress(ipAddress);
Long ipAddressId = cmd.getPublicIpId();
if (ipAddressId != null) {
PublicIpAddress publicIp = _networkMgr.getPublicIpAddress(ipAddressId);
if (publicIp == null) {
throw new InvalidParameterValueException("Unable to list remote access vpns, IP address " + ipAddress + " not found.");
throw new InvalidParameterValueException("Unable to list remote access vpns, IP address " + ipAddressId + " not found.");
} else {
Long ipAddrAcctId = publicIp.getAllocatedToAccountId();
if (ipAddrAcctId == null) {
throw new InvalidParameterValueException("Unable to list remote access vpns, IP address " + ipAddress
throw new InvalidParameterValueException("Unable to list remote access vpns, IP address " + ipAddressId
+ " is not associated with an account.");
}
}
_accountMgr.checkAccess(caller, publicIp);
List<RemoteAccessVpnVO> vpns = new ArrayList<RemoteAccessVpnVO>(1);
RemoteAccessVpnVO remoteVpn = _remoteAccessVpnDao.findById(ipAddress);
RemoteAccessVpnVO remoteVpn = _remoteAccessVpnDao.findById(ipAddressId);
if (remoteVpn != null) {
vpns.add(remoteVpn);
}

4
server/src/com/cloud/server/ConfigurationServerImpl.java
View File

@ -161,11 +161,7 @@ public class ConfigurationServerImpl implements ConfigurationServer {
}
}
// If this is a premium environment, set the network type to be "vlan"
if (_configDao.isPremium()) {
// _configDao.update("network.type", "vlan");
// s_logger.debug("ConfigurationServer changed the network type to \"vlan\".");
// Default value is set as KVM because of FOSS build, when we are
// running under premium, autoset to XenServer if we know it is from FOSS settings

4
server/src/com/cloud/test/DatabaseConfig.java
View File

@ -670,7 +670,7 @@ public class DatabaseConfig {
pzc.modifyVlan(zoneName, true, vlanId, gateway, netmask, vlanPodName, vlanType, publicIpRange, 0);
long vlanDbId = pzc.getVlanDbId(zoneName, vlanId);
iprc.saveIPRange("public", -1, zoneDbId, vlanDbId, startIP, endIP);
iprc.saveIPRange("public", -1, zoneDbId, vlanDbId, startIP, endIP, 1L);
}
@ -732,7 +732,7 @@ public class DatabaseConfig {
if (privateIpRange != null) {
// Save the IP address range
iprc.saveIPRange("private", id, dataCenterId, -1, startIP, endIP);
iprc.saveIPRange("private", id, dataCenterId, -1, startIP, endIP, null);
}
}

23
server/src/com/cloud/test/IPRangeConfig.java
View File

@ -41,10 +41,12 @@ public class IPRangeConfig {
System.exit(0);
}
//This class is not applicable in 2.2 with the new networking model
private String usage() {
return "Usage: ./change_ip_range.sh [add|delete] [public zone | private pod zone] startIP endIP";
}
public void run(String[] args) {
if (args.length < 2) {
printError(usage());
@ -70,7 +72,7 @@ public class IPRangeConfig {
}
long zoneId = PodZoneConfig.getZoneId(zone);
result = changeRange(op, "public", -1, zoneId, startIP, endIP);
result = changeRange(op, "public", -1, zoneId, startIP, endIP, null);
result.replaceAll("<br>", "/n");
System.out.println(result);
} else if (type.equals("private")) {
@ -92,7 +94,7 @@ public class IPRangeConfig {
long podId = PodZoneConfig.getPodId(pod, zone);
long zoneId = PodZoneConfig.getZoneId(zone);
result = changeRange(op, "private", podId, zoneId, startIP, endIP);
result = changeRange(op, "private", podId, zoneId, startIP, endIP, null);
result.replaceAll("<br>", "/n");
System.out.println(result);
} else {
@ -107,7 +109,7 @@ public class IPRangeConfig {
}
long zoneId = PodZoneConfig.getZoneId(zone);
result = changeRange(op, "public", -1, zoneId, startIP, endIP);
result = changeRange(op, "public", -1, zoneId, startIP, endIP, null);
return DatabaseConfig.genReturnList("true", result);
}
@ -120,7 +122,7 @@ public class IPRangeConfig {
long podId = PodZoneConfig.getPodId(pod, zone);
long zoneId = PodZoneConfig.getZoneId(zone);
result = changeRange(op, "private", podId, zoneId, startIP, endIP);
result = changeRange(op, "private", podId, zoneId, startIP, endIP, null);
return DatabaseConfig.genReturnList("true", result);
}
@ -224,12 +226,12 @@ public class IPRangeConfig {
}
}
private String changeRange(String op, String type, long podId, long zoneId, String startIP, String endIP) {
private String changeRange(String op, String type, long podId, long zoneId, String startIP, String endIP, Long networkId) {
// Go through all the IPs and add or delete them
List<String> problemIPs = null;
if (op.equals("add")) {
problemIPs = saveIPRange(type, podId, zoneId, 1, startIP, endIP);
problemIPs = saveIPRange(type, podId, zoneId, 1, startIP, endIP, networkId);
} else if (op.equals("delete")) {
problemIPs = deleteIPRange(type, podId, zoneId, 1, startIP, endIP);
}
@ -422,7 +424,7 @@ public class IPRangeConfig {
}
@DB
public List<String> saveIPRange(String type, long podId, long zoneId, long vlanDbId, String startIP, String endIP) {
public List<String> saveIPRange(String type, long podId, long zoneId, long vlanDbId, String startIP, String endIP, Long sourceNetworkId) {
long startIPLong = NetUtils.ip2Long(startIP);
long endIPLong = startIPLong;
if (endIP != null) {
@ -433,7 +435,7 @@ public class IPRangeConfig {
List<String> problemIPs = null;
if (type.equals("public")) {
problemIPs = savePublicIPRange(txn, startIPLong, endIPLong, zoneId, vlanDbId);
problemIPs = savePublicIPRange(txn, startIPLong, endIPLong, zoneId, vlanDbId, sourceNetworkId);
} else if (type.equals("private")) {
problemIPs = savePrivateIPRange(txn, startIPLong, endIPLong, podId, zoneId);
}
@ -447,8 +449,8 @@ public class IPRangeConfig {
return problemIPs;
}
public Vector<String> savePublicIPRange(Transaction txn, long startIP, long endIP, long zoneId, long vlanDbId) {
String insertSql = "INSERT INTO `cloud`.`user_ip_address` (public_ip_address, data_center_id, vlan_db_id, mac_address) VALUES (?, ?, ?, (select mac_address from `cloud`.`data_center` where id=?))";
public Vector<String> savePublicIPRange(Transaction txn, long startIP, long endIP, long zoneId, long vlanDbId, long sourceNetworkId) {
String insertSql = "INSERT INTO `cloud`.`user_ip_address` (public_ip_address, data_center_id, vlan_db_id, mac_address, source_network_id) VALUES (?, ?, ?, (select mac_address from `cloud`.`data_center` where id=?), ?)";
String updateSql = "UPDATE `cloud`.`data_center` set mac_address = mac_address+1 where id=?";
Vector<String> problemIPs = new Vector<String>();
PreparedStatement stmt = null;
@ -467,6 +469,7 @@ public class IPRangeConfig {
stmt.setLong(2, zoneId);
stmt.setLong(3, vlanDbId);
stmt.setLong(4, zoneId);
stmt.setLong(5, sourceNetworkId);
stmt.executeUpdate();
stmt.close();
stmt = conn.prepareStatement(updateSql);

14
server/src/com/cloud/vm/UserVmManagerImpl.java
View File

@ -78,9 +78,9 @@ import com.cloud.configuration.ConfigurationManager;
import com.cloud.configuration.ResourceCount.ResourceType;
import com.cloud.configuration.dao.ConfigurationDao;
import com.cloud.configuration.dao.ResourceLimitDao;
import com.cloud.dc.DataCenter.NetworkType;
import com.cloud.dc.DataCenterVO;
import com.cloud.dc.HostPodVO;
import com.cloud.dc.DataCenter.NetworkType;
import com.cloud.dc.dao.AccountVlanMapDao;
import com.cloud.dc.dao.ClusterDao;
import com.cloud.dc.dao.DataCenterDao;
@ -134,24 +134,20 @@ import com.cloud.storage.DiskOfferingVO;
import com.cloud.storage.GuestOSVO;
import com.cloud.storage.SnapshotVO;
import com.cloud.storage.Storage;
import com.cloud.storage.StoragePoolStatus;
import com.cloud.storage.Storage.ImageFormat;
import com.cloud.storage.Storage.StoragePoolType;
import com.cloud.storage.Storage.StorageResourceType;
import com.cloud.storage.Storage.TemplateType;
import com.cloud.storage.StorageManager;
import com.cloud.storage.StoragePool;
import com.cloud.storage.StoragePoolStatus;
import com.cloud.storage.StoragePoolVO;
import com.cloud.storage.VMTemplateHostVO;
import com.cloud.storage.VMTemplateStorageResourceAssoc.Status;
import com.cloud.storage.VMTemplateVO;
import com.cloud.storage.Volume;
import com.cloud.storage.VolumeVO;
import com.cloud.storage.Storage.ImageFormat;
import com.cloud.storage.Storage.StoragePoolType;
import com.cloud.storage.Storage.StorageResourceType;
import com.cloud.storage.Storage.TemplateType;
import com.cloud.storage.VMTemplateStorageResourceAssoc.Status;
import com.cloud.storage.Volume.VolumeType;
import com.cloud.storage.VolumeVO;
import com.cloud.storage.dao.DiskOfferingDao;
import com.cloud.storage.dao.GuestOSCategoryDao;
import com.cloud.storage.dao.GuestOSDao;
@ -1188,7 +1184,7 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, Manager
for (IPAddressVO ip : ips) {
ip.setOneToOneNat(false);
ip.setAssociatedWithVmId(null);
_ipAddressDao.update(ip.getAddress(), ip);
_ipAddressDao.update(ip.getId(), ip);
s_logger.debug("Disabled 1-1 nat for ip address " + ip + " as a part of vm " + vm + " expunge");
}
}

22
setup/db/create-schema.sql
View File

@ -475,7 +475,7 @@ CREATE TABLE `cloud`.`op_dc_vnet_alloc` (
CREATE TABLE `cloud`.`firewall_rules` (
`id` bigint unsigned NOT NULL auto_increment COMMENT 'id',
`ip_address` bigint unsigned NOT NULL COMMENT 'ip address',
`ip_address_id` bigint unsigned NOT NULL COMMENT 'id of the corresponding ip address',
`start_port` int(10) NOT NULL COMMENT 'starting port of a port range',
`end_port` int(10) NOT NULL COMMENT 'end port of a port range',
`state` char(32) NOT NULL COMMENT 'current state of this rule',
@ -488,7 +488,7 @@ CREATE TABLE `cloud`.`firewall_rules` (
`xid` char(40) NOT NULL COMMENT 'external id',
`created` datetime COMMENT 'Date created',
PRIMARY KEY (`id`),
CONSTRAINT `fk_firewall_rules__ip_address` FOREIGN KEY(`ip_address`) REFERENCES `user_ip_address`(`public_ip_address`),
CONSTRAINT `fk_firewall_rules__ip_address_id` FOREIGN KEY(`ip_address_id`) REFERENCES `user_ip_address`(`id`),
CONSTRAINT `fk_firewall_rules__network_id` FOREIGN KEY(`network_id`) REFERENCES `networks`(`id`) ON DELETE CASCADE,
CONSTRAINT `fk_firewall_rules__account_id` FOREIGN KEY(`account_id`) REFERENCES `account`(`id`) ON DELETE CASCADE,
CONSTRAINT `fk_firewall_rules__domain_id` FOREIGN KEY(`domain_id`) REFERENCES `domain`(`id`) ON DELETE CASCADE
@ -526,7 +526,7 @@ CREATE TABLE `cloud`.`port_forwarding_rules` (
CONSTRAINT `fk_port_forwarding_rules__id` FOREIGN KEY(`id`) REFERENCES `firewall_rules`(`id`) ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE VIEW `cloud`.`port_forwarding_rules_view` AS SELECT fw.id, INET_NTOA(fw.ip_address) as src_ip_address, INET_NTOA(pf.dest_ip_address), fw.start_port as src_port_start, pf.dest_port_start, fw.end_port as src_end_port, pf.dest_port_end as dest_end_port, fw.state, fw.protocol, fw.purpose, fw.account_id from cloud.firewall_rules as fw inner join cloud.port_forwarding_rules as pf on fw.id=pf.id;
CREATE VIEW `cloud`.`port_forwarding_rules_view` AS SELECT fw.id, INET_NTOA(fw.ip_address_id) as src_ip_address_id, INET_NTOA(pf.dest_ip_address), fw.start_port as src_port_start, pf.dest_port_start, fw.end_port as src_end_port, pf.dest_port_end as dest_end_port, fw.state, fw.protocol, fw.purpose, fw.account_id from cloud.firewall_rules as fw inner join cloud.port_forwarding_rules as pf on fw.id=pf.id;
#CREATE TABLE `cloud`.`ip_forwarding` (
# `id` bigint unsigned NOT NULL auto_increment,
@ -653,9 +653,10 @@ CREATE TABLE `cloud`.`event` (
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `cloud`.`user_ip_address` (
`id` bigint unsigned NOT NULL UNIQUE auto_increment,
`account_id` bigint unsigned NULL,
`domain_id` bigint unsigned NULL,
`public_ip_address` bigint unsigned unique NOT NULL,
`public_ip_address` bigint unsigned NOT NULL,
`data_center_id` bigint unsigned NOT NULL COMMENT 'zone that it belongs to',
`source_nat` int(1) unsigned NOT NULL default '0',
`allocated` datetime NULL COMMENT 'Date this ip was allocated to someone',
@ -664,8 +665,11 @@ CREATE TABLE `cloud`.`user_ip_address` (
`vm_id` bigint unsigned COMMENT 'vm id the one_to_one nat ip is assigned to',
`state` char(32) NOT NULL default 'Free' COMMENT 'state of the ip address',
`mac_address` bigint unsigned NOT NULL COMMENT 'mac address of this ip',
`source_network_id` bigint unsigned NOT NULL COMMENT 'network id ip belongs to',
`network_id` bigint unsigned COMMENT 'network this public ip address is associated with',
PRIMARY KEY (`public_ip_address`),
PRIMARY KEY (`id`),
UNIQUE (`public_ip_address`, `source_network_id`),
CONSTRAINT `fk_user_ip_address__source_network_id` FOREIGN KEY (`source_network_id`) REFERENCES `networks`(`id`),
CONSTRAINT `fk_user_ip_address__network_id` FOREIGN KEY (`network_id`) REFERENCES `networks`(`id`),
CONSTRAINT `fk_user_ip_address__account_id` FOREIGN KEY (`account_id`) REFERENCES `account`(`id`),
CONSTRAINT `fk_user_ip_address__vlan_db_id` FOREIGN KEY (`vlan_db_id`) REFERENCES `vlan`(`id`) ON DELETE CASCADE,
@ -674,7 +678,7 @@ CREATE TABLE `cloud`.`user_ip_address` (
INDEX `i_user_ip_address__source_nat`(`source_nat`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE VIEW `cloud`.`user_ip_address_view` AS SELECT INET_NTOA(user_ip_address.public_ip_address) as ip_address, user_ip_address.data_center_id, user_ip_address.account_id, user_ip_address.domain_id, user_ip_address.source_nat, user_ip_address.allocated, user_ip_address.vlan_db_id, user_ip_address.one_to_one_nat, user_ip_address.state, user_ip_address.mac_address, user_ip_address.network_id as associated_network_id from user_ip_address;
CREATE VIEW `cloud`.`user_ip_address_view` AS SELECT user_ip_address.id, INET_NTOA(user_ip_address.public_ip_address) as ip_address, user_ip_address.data_center_id, user_ip_address.account_id, user_ip_address.domain_id, user_ip_address.source_nat, user_ip_address.allocated, user_ip_address.vlan_db_id, user_ip_address.one_to_one_nat, user_ip_address.vm_id, user_ip_address.state, user_ip_address.mac_address, user_ip_address.source_network_id as network_id, user_ip_address.network_id as associated_network_id from user_ip_address;
CREATE TABLE `cloud`.`user_statistics` (
`id` bigint unsigned UNIQUE NOT NULL AUTO_INCREMENT,
@ -1066,7 +1070,7 @@ CREATE TABLE `cloud`.`load_balancer` (
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `cloud`.`remote_access_vpn` (
`vpn_server_addr` bigint unsigned UNIQUE NOT NULL,
`vpn_server_addr_id` bigint unsigned UNIQUE NOT NULL,
`account_id` bigint unsigned NOT NULL,
`network_id` bigint unsigned NOT NULL,
`domain_id` bigint unsigned NOT NULL,
@ -1074,11 +1078,11 @@ CREATE TABLE `cloud`.`remote_access_vpn` (
`ip_range` varchar(32) NOT NULL,
`ipsec_psk` varchar(256) NOT NULL,
`state` char(32) NOT NULL,
PRIMARY KEY (`vpn_server_addr`),
PRIMARY KEY (`vpn_server_addr_id`),
CONSTRAINT `fk_remote_access_vpn__account_id` FOREIGN KEY `fk_remote_access_vpn__account_id`(`account_id`) REFERENCES `account` (`id`) ON DELETE CASCADE,
CONSTRAINT `fk_remote_access_vpn__domain_id` FOREIGN KEY `fk_remote_access_vpn__domain_id`(`domain_id`) REFERENCES `domain`(`id`) ON DELETE CASCADE,
CONSTRAINT `fk_remote_access_vpn__network_id` FOREIGN KEY `fk_remote_access_vpn__network_id` (`network_id`) REFERENCES `networks` (`id`) ON DELETE CASCADE,
CONSTRAINT `fk_remote_access_vpn__server_addr` FOREIGN KEY `fk_remote_access_vpn__server_addr` (`vpn_server_addr`) REFERENCES `user_ip_address` (`public_ip_address`)
CONSTRAINT `fk_remote_access_vpn__vpn_server_addr_id` FOREIGN KEY `fk_remote_access_vpn__vpn_server_addr_id` (`vpn_server_addr_id`) REFERENCES `user_ip_address` (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
CREATE TABLE `cloud`.`vpn_users` (