apache/cloudstack
1
0
Fork 0
mirror of https://github.com/apache/cloudstack.git synced 2025-11-04 00:02:37 +01:00
Code Issues Packages Projects Releases Wiki Activity

Nsx add lb rule (#8161)

Browse Source 
* NSX: Create and delete NSX Static Nat rules

* fix issues with static nat

* add static nat

* Support to add and delete Port forward rules

* add license

* fix adding multiple pf rules

* cleanup

* NSX: Add support to create and delete Load balancer rules

* fix deletion of lb rules

* add header file and update protocol detail
This commit is contained in:
Pearl Dsilva 2023-10-30 19:55:03 -04:00 committed by GitHub
parent ce1659e8fc
commit ff85d3df3b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
11 changed files with 579 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

63
plugins/network-elements/nsx/src/main/java/org/apache/cloudstack/agent/api/CreateNsxLoadBalancerRuleCommand.java Normal file
View File

@ -0,0 +1,63 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.cloudstack.agent.api;
import org.apache.cloudstack.resource.NsxLoadBalancerMember;
import java.util.List;
public class CreateNsxLoadBalancerRuleCommand extends NsxNetworkCommand {
private final String publicPort;
private final String algorithm;
private final String protocol;
List<NsxLoadBalancerMember> memberList;
private final long lbId;
public CreateNsxLoadBalancerRuleCommand(long domainId, long accountId, long zoneId, Long networkResourceId,
String networkResourceName, boolean isResourceVpc,
List<NsxLoadBalancerMember> memberList, long lbId, String publicPort,
String algorithm, String protocol) {
super(domainId, accountId, zoneId, networkResourceId, networkResourceName, isResourceVpc);
this.lbId = lbId;
this.memberList = memberList;
this.publicPort = publicPort;
this.algorithm = algorithm;
this.protocol = protocol;
}
public long getLbId() {
return lbId;
}
public String getPublicPort() {
return publicPort;
}
public List<NsxLoadBalancerMember> getMemberList() {
return memberList;
}
public String getAlgorithm() {
return algorithm;
}
public String getProtocol() {
return protocol;
}
}

40
plugins/network-elements/nsx/src/main/java/org/apache/cloudstack/agent/api/DeleteNsxLoadBalancerRuleCommand.java Normal file
View File

@ -0,0 +1,40 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.cloudstack.agent.api;
import org.apache.cloudstack.resource.NsxLoadBalancerMember;
import java.util.List;
public class DeleteNsxLoadBalancerRuleCommand extends NsxNetworkCommand {
private long lbId;
List<NsxLoadBalancerMember> memberList;
public DeleteNsxLoadBalancerRuleCommand(long domainId, long accountId, long zoneId, Long networkResourceId,
String networkResourceName, boolean isResourceVpc,
List<NsxLoadBalancerMember> memberList, long lbId, long vmId) {
super(domainId, accountId, zoneId, networkResourceId, networkResourceName, isResourceVpc, vmId);
this.lbId = lbId;
this.memberList = memberList;
}
public long getLbId() {
return lbId;
}
public List<NsxLoadBalancerMember> getMemberList() { return memberList; }
}

7
plugins/network-elements/nsx/src/main/java/org/apache/cloudstack/agent/api/NsxNetworkCommand.java
View File

@ -38,11 +38,16 @@ public class NsxNetworkCommand extends NsxCommand {
}
public NsxNetworkCommand(long domainId, long accountId, long zoneId, Long networkResourceId, String networkResourceName,
boolean isResourceVpc, Long vmId) {
boolean isResourceVpc) {
super(domainId, accountId, zoneId);
this.networkResourceId = networkResourceId;
this.networkResourceName = networkResourceName;
this.isResourceVpc = isResourceVpc;
}
public NsxNetworkCommand(long domainId, long accountId, long zoneId, Long networkResourceId, String networkResourceName,
boolean isResourceVpc, Long vmId) {
this(domainId, accountId, zoneId, networkResourceId, networkResourceName, isResourceVpc);
this.vmId = vmId;
}

41
plugins/network-elements/nsx/src/main/java/org/apache/cloudstack/resource/NsxLoadBalancerMember.java Normal file
View File

@ -0,0 +1,41 @@
// Licensed to the Apache Software Foundation (ASF) under one
// or more contributor license agreements. See the NOTICE file
// distributed with this work for additional information
// regarding copyright ownership. The ASF licenses this file
// to you under the Apache License, Version 2.0 (the
// "License"); you may not use this file except in compliance
// with the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied. See the License for the
// specific language governing permissions and limitations
// under the License.
package org.apache.cloudstack.resource;
public class NsxLoadBalancerMember {
private long vmId;
private String vmIp;
private int port;
public NsxLoadBalancerMember(long vmId, String vmIp, int port) {
this.vmId = vmId;
this.vmIp = vmIp;
this.port = port;
}
public long getVmId() {
return vmId;
}
public String getVmIp() {
return vmIp;
}
public int getPort() {
return port;
}
}

34
plugins/network-elements/nsx/src/main/java/org/apache/cloudstack/resource/NsxNetworkRule.java
View File

@ -16,6 +16,8 @@
// under the License.
package org.apache.cloudstack.resource;
import java.util.List;
public class NsxNetworkRule {
private long domainId;
private long accountId;
@ -30,6 +32,8 @@ public class NsxNetworkRule {
private String publicPort;
private String privatePort;
private String protocol;
private String algorithm;
private List<NsxLoadBalancerMember> memberList;
public long getDomainId() {
return domainId;
@ -135,6 +139,22 @@ public class NsxNetworkRule {
this.protocol = protocol;
}
public void setAlgorithm(String algorithm) {
this.algorithm = algorithm;
}
public String getAlgorithm() {
return algorithm;
}
public List<NsxLoadBalancerMember> getMemberList() {
return memberList;
}
public void setMemberList(List<NsxLoadBalancerMember> memberList) {
this.memberList = memberList;
}
public static final class Builder {
private long domainId;
private long accountId;
@ -150,6 +170,8 @@ public class NsxNetworkRule {
private String publicPort;
private String privatePort;
private String protocol;
private String algorithm;
private List<NsxLoadBalancerMember> memberList;
public Builder() {
}
@ -220,6 +242,16 @@ public class NsxNetworkRule {
return this;
}
public Builder setAlgorithm(String algorithm) {
this.algorithm = algorithm;
return this;
}
public Builder setMemberList(List<NsxLoadBalancerMember> memberList) {
this.memberList = memberList;
return this;
}
public NsxNetworkRule build() {
NsxNetworkRule rule = new NsxNetworkRule();
rule.setDomainId(this.domainId);
@ -235,6 +267,8 @@ public class NsxNetworkRule {
rule.setPrivatePort(this.privatePort);
rule.setProtocol(this.protocol);
rule.setRuleId(this.ruleId);
rule.setAlgorithm(this.algorithm);
rule.setMemberList(this.memberList);
return rule;
}
}

33
plugins/network-elements/nsx/src/main/java/org/apache/cloudstack/resource/NsxResource.java
View File

@ -36,10 +36,12 @@ import com.vmware.nsx_policy.model.SiteListResult;
import org.apache.cloudstack.NsxAnswer;
import org.apache.cloudstack.StartupNsxCommand;
import org.apache.cloudstack.agent.api.CreateNsxDhcpRelayConfigCommand;
import org.apache.cloudstack.agent.api.CreateNsxLoadBalancerRuleCommand;
import org.apache.cloudstack.agent.api.CreateNsxPortForwardRuleCommand;
import org.apache.cloudstack.agent.api.CreateNsxSegmentCommand;
import org.apache.cloudstack.agent.api.CreateNsxStaticNatCommand;
import org.apache.cloudstack.agent.api.CreateNsxTier1GatewayCommand;
import org.apache.cloudstack.agent.api.DeleteNsxLoadBalancerRuleCommand;
import org.apache.cloudstack.agent.api.DeleteNsxSegmentCommand;
import org.apache.cloudstack.agent.api.DeleteNsxNatRuleCommand;
import org.apache.cloudstack.agent.api.DeleteNsxTier1GatewayCommand;
@ -114,6 +116,10 @@ public class NsxResource implements ServerResource {
return executeRequest((DeleteNsxNatRuleCommand) cmd);
} else if (cmd instanceof CreateNsxPortForwardRuleCommand) {
return executeRequest((CreateNsxPortForwardRuleCommand) cmd);
} else if (cmd instanceof CreateNsxLoadBalancerRuleCommand) {
return executeRequest((CreateNsxLoadBalancerRuleCommand) cmd);
} else if (cmd instanceof DeleteNsxLoadBalancerRuleCommand) {
return executeRequest((DeleteNsxLoadBalancerRuleCommand) cmd);
} else {
return Answer.createUnsupportedCommandAnswer(cmd);
}
@ -401,6 +407,33 @@ public class NsxResource implements ServerResource {
return new NsxAnswer(cmd, true, null);
}
private NsxAnswer executeRequest(CreateNsxLoadBalancerRuleCommand cmd) {
String tier1GatewayName = NsxControllerUtils.getTier1GatewayName(cmd.getDomainId(), cmd.getAccountId(), cmd.getZoneId(),
cmd.getNetworkResourceId(), cmd.isResourceVpc());
String ruleName = NsxControllerUtils.getLoadBalancerRuleName(tier1GatewayName, cmd.getLbId());
try {
nsxApiClient.createAndAddNsxLbVirtualServer(tier1GatewayName, cmd.getLbId(), cmd.getPublicIp(), cmd.getPublicPort(),
cmd.getMemberList(), cmd.getAlgorithm(), cmd.getProtocol());
} catch (Exception e) {
LOGGER.error(String.format("Failed to add NSX load balancer rule %s for network: %s", ruleName, cmd.getNetworkResourceName()));
return new NsxAnswer(cmd, new CloudRuntimeException(e.getMessage()));
}
return new NsxAnswer(cmd, true, null);
}
private NsxAnswer executeRequest(DeleteNsxLoadBalancerRuleCommand cmd) {
String tier1GatewayName = NsxControllerUtils.getTier1GatewayName(cmd.getDomainId(), cmd.getAccountId(),
cmd.getZoneId(), cmd.getNetworkResourceId(), cmd.isResourceVpc());
String ruleName = NsxControllerUtils.getLoadBalancerRuleName(tier1GatewayName, cmd.getLbId());
try {
nsxApiClient.deleteNsxLbResources(tier1GatewayName, cmd.getLbId(), cmd.getVmId());
} catch (Exception e) {
LOGGER.error(String.format("Failed to add NSX load balancer rule %s for network: %s", ruleName, cmd.getNetworkResourceName()));
return new NsxAnswer(cmd, new CloudRuntimeException(e.getMessage()));
}
return new NsxAnswer(cmd, true, null);
}
@Override
public boolean start() {
return true;

216
plugins/network-elements/nsx/src/main/java/org/apache/cloudstack/service/NsxApiClient.java
View File

@ -22,6 +22,10 @@ import com.cloud.utils.exception.CloudRuntimeException;
import com.vmware.nsx.model.TransportZone;
import com.vmware.nsx.model.TransportZoneListResult;
import com.vmware.nsx_policy.infra.DhcpRelayConfigs;
import com.vmware.nsx_policy.infra.LbAppProfiles;
import com.vmware.nsx_policy.infra.LbPools;
import com.vmware.nsx_policy.infra.LbServices;
import com.vmware.nsx_policy.infra.LbVirtualServers;
import com.vmware.nsx_policy.infra.Segments;
import com.vmware.nsx_policy.infra.Services;
import com.vmware.nsx_policy.infra.Sites;
@ -33,6 +37,16 @@ import com.vmware.nsx_policy.model.ApiError;
import com.vmware.nsx_policy.model.DhcpRelayConfig;
import com.vmware.nsx_policy.model.EnforcementPointListResult;
import com.vmware.nsx_policy.model.L4PortSetServiceEntry;
<<<<<<< HEAD
import com.vmware.nsx_policy.model.LBAppProfileListResult;
import com.vmware.nsx_policy.model.LBPool;
import com.vmware.nsx_policy.model.LBPoolListResult;
import com.vmware.nsx_policy.model.LBPoolMember;
import com.vmware.nsx_policy.model.LBService;
import com.vmware.nsx_policy.model.LBVirtualServer;
import com.vmware.nsx_policy.model.LBVirtualServerListResult;
=======
>>>>>>> ce1659e8fcce61e0a6e7c75190af668f75172c87
import com.vmware.nsx_policy.model.LocaleServicesListResult;
import com.vmware.nsx_policy.model.PolicyNatRule;
import com.vmware.nsx_policy.model.Segment;
@ -41,6 +55,7 @@ import com.vmware.nsx_policy.model.ServiceListResult;
import com.vmware.nsx_policy.model.SiteListResult;
import com.vmware.nsx_policy.model.Tier1;
import com.vmware.vapi.bindings.Service;
import com.vmware.vapi.bindings.Structure;
import com.vmware.vapi.bindings.StubConfiguration;
import com.vmware.vapi.cis.authn.SecurityContextFactory;
import com.vmware.vapi.client.ApiClient;
@ -51,14 +66,31 @@ import com.vmware.vapi.internal.protocol.RestProtocol;
import com.vmware.vapi.internal.protocol.client.rest.authn.BasicAuthenticationAppender;
import com.vmware.vapi.protocol.HttpConfiguration;
import com.vmware.vapi.std.errors.Error;
import org.apache.cloudstack.resource.NsxLoadBalancerMember;
import org.apache.cloudstack.utils.NsxControllerUtils;
import org.apache.commons.collections.CollectionUtils;
import org.apache.log4j.Logger;
import java.util.List;
<<<<<<< HEAD
import java.util.Locale;
import java.util.Objects;
import java.util.Optional;
import java.util.function.Function;
import java.util.stream.Collectors;
import static org.apache.cloudstack.utils.NsxControllerUtils.getServerPoolMemberName;
import static org.apache.cloudstack.utils.NsxControllerUtils.getServerPoolName;
import static org.apache.cloudstack.utils.NsxControllerUtils.getServiceName;
import static org.apache.cloudstack.utils.NsxControllerUtils.getVirtualServerName;
import static org.apache.cloudstack.utils.NsxControllerUtils.getServiceEntryName;
import static org.apache.cloudstack.utils.NsxControllerUtils.getLoadBalancerName;
import static org.apache.cloudstack.utils.NsxControllerUtils.getLoadBalancerAlgorithm;
=======
import java.util.Objects;
import java.util.function.Function;
import java.util.stream.Collectors;
>>>>>>> ce1659e8fcce61e0a6e7c75190af668f75172c87
public class NsxApiClient {
@ -96,6 +128,22 @@ public class NsxApiClient {
BYPASS
}
<<<<<<< HEAD
public enum LBAlgorithm {
ROUND_ROBIN,
LEAST_CONNECTION,
IP_HASH
}
private enum LBSize {
SMALL,
MEDIUM,
LARGE,
XLARGE
}
=======
>>>>>>> ce1659e8fcce61e0a6e7c75190af668f75172c87
public enum RouteAdvertisementType { TIER1_STATIC_ROUTES, TIER1_CONNECTED, TIER1_NAT,
TIER1_LB_VIP, TIER1_LB_SNAT, TIER1_DNS_FORWARDER_IP, TIER1_IPSEC_LOCAL_ENDPOINT
}
@ -380,6 +428,166 @@ public class NsxApiClient {
}
}
public void createNsxLbServerPool(List<NsxLoadBalancerMember> memberList, String tier1GatewayName, String lbServerPoolName, String algorithm) {
for (NsxLoadBalancerMember member : memberList) {
try {
String serverPoolMemberName = getServerPoolMemberName(tier1GatewayName, member.getVmId());
LbPools lbPools = (LbPools) nsxService.apply(LbPools.class);
LBPoolMember lbPoolMember = new LBPoolMember.Builder()
.setDisplayName(serverPoolMemberName)
.setIpAddress(member.getVmIp())
.setPort(String.valueOf(member.getPort()))
.build();
LBPool lbPool = new LBPool.Builder()
.setId(lbServerPoolName)
.setDisplayName(lbServerPoolName)
.setAlgorithm(getLoadBalancerAlgorithm(algorithm))
.setMembers(List.of(lbPoolMember))
.build();
lbPools.patch(lbServerPoolName, lbPool);
} catch (Error error) {
ApiError ae = error.getData()._convertTo(ApiError.class);
String msg = String.format("Failed to create NSX LB server pool, due to: %s", ae.getErrorMessage());
LOGGER.error(msg);
throw new CloudRuntimeException(msg);
}
}
}
public void createNsxLoadBalancer(String tier1GatewayName, long lbId) {
try {
String lbName = getLoadBalancerName(tier1GatewayName);
LbServices lbServices = (LbServices) nsxService.apply(LbServices.class);
LBService lbService = getLbService(lbName);
if (Objects.nonNull(lbService)) {
return;
}
lbService = new LBService.Builder()
.setId(lbName)
.setDisplayName(lbName)
.setEnabled(true)
.setSize(LBSize.SMALL.name())
.setConnectivityPath(TIER_1_GATEWAY_PATH_PREFIX + tier1GatewayName)
.build();
lbServices.patch(lbName, lbService);
} catch (Error error) {
ApiError ae = error.getData()._convertTo(ApiError.class);
String msg = String.format("Failed to create NSX load balancer, due to: %s", ae.getErrorMessage());
LOGGER.error(msg);
throw new CloudRuntimeException(msg);
}
}
public void createAndAddNsxLbVirtualServer(String tier1GatewayName, long lbId, String publicIp, String publicPort,
List<NsxLoadBalancerMember> memberList, String algorithm, String protocol) {
try {
String lbServerPoolName = getServerPoolName(tier1GatewayName, lbId);
createNsxLbServerPool(memberList, tier1GatewayName, lbServerPoolName, algorithm);
createNsxLoadBalancer(tier1GatewayName, lbId);
String lbVirtualServerName = getVirtualServerName(tier1GatewayName, lbId);
String lbServiceName = getLoadBalancerName(tier1GatewayName);
LbVirtualServers lbVirtualServers = (LbVirtualServers) nsxService.apply(LbVirtualServers.class);
LBVirtualServer lbVirtualServer = new LBVirtualServer.Builder()
.setId(lbVirtualServerName)
.setDisplayName(lbVirtualServerName)
.setApplicationProfilePath(getLbProfileForProtocol(protocol))
.setIpAddress(publicIp)
.setLbServicePath(getLbPath(lbServiceName))
.setPoolPath(getLbPoolPath(lbServerPoolName))
.setPorts(List.of(publicPort))
.build();
lbVirtualServers.patch(lbVirtualServerName, lbVirtualServer);
} catch (Error error) {
ApiError ae = error.getData()._convertTo(ApiError.class);
String msg = String.format("Failed to create and add NSX virtual server to the Load Balancer, due to: %s", ae.getErrorMessage());
LOGGER.error(msg);
throw new CloudRuntimeException(msg);
}
}
public void deleteNsxLbResources(String tier1GatewayName, long lbId, long vmId) {
try {
// Delete associated Virtual servers
LbVirtualServers lbVirtualServers = (LbVirtualServers) nsxService.apply(LbVirtualServers.class);
String lbVirtualServerName = getVirtualServerName(tier1GatewayName, lbId);
lbVirtualServers.delete(lbVirtualServerName, false);
// Delete LB pool
LbPools lbPools = (LbPools) nsxService.apply(LbPools.class);
String lbServerPoolName = getServerPoolName(tier1GatewayName, lbId);
lbPools.delete(lbServerPoolName, false);
// Delete load balancer
LBVirtualServerListResult lbVsListResult = lbVirtualServers.list(null, null, null, null, null, null);
LBPoolListResult lbPoolListResult = lbPools.list(null, null, null, null, null, null);
if (CollectionUtils.isEmpty(lbVsListResult.getResults()) && CollectionUtils.isEmpty(lbPoolListResult.getResults())) {
String lbName = getLoadBalancerName(tier1GatewayName);
LbServices lbServices = (LbServices) nsxService.apply(LbServices.class);
lbServices.delete(lbName, true);
}
} catch (Error error) {
ApiError ae = error.getData()._convertTo(ApiError.class);
String msg = String.format("Failed to delete NSX Load Balancer resources, due to: %s", ae.getErrorMessage());
LOGGER.error(msg);
throw new CloudRuntimeException(msg);
}
}
private String getLbPoolPath(String lbPoolName) {
try {
LbPools lbPools = (LbPools) nsxService.apply(LbPools.class);
LBPool lbPool = lbPools.get(lbPoolName);
return Objects.nonNull(lbPool) ? lbPool.getPath() : null;
} catch (Error error) {
ApiError ae = error.getData()._convertTo(ApiError.class);
String msg = String.format("Failed to get NSX LB server pool, due to: %s", ae.getErrorMessage());
LOGGER.error(msg);
throw new CloudRuntimeException(msg);
}
}
private LBService getLbService(String lbName) {
try {
LbServices lbServices = (LbServices) nsxService.apply(LbServices.class);
LBService lbService = lbServices.get(lbName);
if (Objects.nonNull(lbService)) {
return lbService;
}
} catch (Exception e) {
return null;
}
return null;
}
private String getLbPath(String lbServiceName) {
try {
LbServices lbServices = (LbServices) nsxService.apply(LbServices.class);
LBService lbService = lbServices.get(lbServiceName);
return Objects.nonNull(lbService) ? lbService.getPath() : null;
} catch (Error error) {
ApiError ae = error.getData()._convertTo(ApiError.class);
String msg = String.format("Failed to get NSX LB server pool, due to: %s", ae.getErrorMessage());
LOGGER.error(msg);
throw new CloudRuntimeException(msg);
}
}
private String getLbProfileForProtocol(String protocol) {
try {
LbAppProfiles lbAppProfiles = (LbAppProfiles) nsxService.apply(LbAppProfiles.class);
LBAppProfileListResult lbAppProfileListResults = lbAppProfiles.list(null, null,
null, null, null, null);
Optional<Structure> appProfile = lbAppProfileListResults.getResults().stream().filter(profile -> profile._getDataValue().getField("path").toString().contains(protocol.toLowerCase(Locale.ROOT))).findFirst();
return appProfile.map(structure -> structure._getDataValue().getField("path").toString()).orElse(null);
} catch (Error error) {
ApiError ae = error.getData()._convertTo(ApiError.class);
String msg = String.format("Failed to list NSX LB App profiles, due to: %s", ae.getErrorMessage());
LOGGER.error(msg);
throw new CloudRuntimeException(msg);
}
}
public String getNsxInfraServices(String ruleName, String port, String protocol) {
try {
Services service = (Services) nsxService.apply(Services.class);
@ -456,12 +664,4 @@ public class NsxApiClient {
}
return null;
}
private String getServiceName(String ruleName, String port, String protocol) {
return ruleName + "-SVC-" + port + "-" +protocol;
}
private String getServiceEntryName(String ruleName, String port, String protocol) {
return ruleName + "-SE-" + port + "-" + protocol;
}
}

94
plugins/network-elements/nsx/src/main/java/org/apache/cloudstack/service/NsxElement.java
View File

@ -24,6 +24,7 @@ import com.cloud.agent.api.AgentControlCommand;
import com.cloud.agent.api.Answer;
import com.cloud.agent.api.Command;
import com.cloud.agent.api.StartupCommand;
import com.cloud.agent.api.to.LoadBalancerTO;
import com.cloud.api.ApiDBUtils;
import com.cloud.dc.DataCenterVO;
import com.cloud.dc.dao.DataCenterDao;
@ -45,6 +46,8 @@ import com.cloud.network.PhysicalNetworkServiceProvider;
import com.cloud.network.PublicIpAddress;
import com.cloud.network.dao.IPAddressDao;
import com.cloud.network.dao.IPAddressVO;
import com.cloud.network.dao.LoadBalancerVMMapDao;
import com.cloud.network.dao.LoadBalancerVMMapVO;
import com.cloud.network.dao.NetworkDao;
import com.cloud.network.dao.NetworkVO;
import com.cloud.network.dao.PhysicalNetworkDao;
@ -52,9 +55,11 @@ import com.cloud.network.dao.PhysicalNetworkVO;
import com.cloud.network.element.DhcpServiceProvider;
import com.cloud.network.element.DnsServiceProvider;
import com.cloud.network.element.IpDeployer;
import com.cloud.network.element.LoadBalancingServiceProvider;
import com.cloud.network.element.PortForwardingServiceProvider;
import com.cloud.network.element.StaticNatServiceProvider;
import com.cloud.network.element.VpcProvider;
import com.cloud.network.lb.LoadBalancingRule;
import com.cloud.network.rules.FirewallRule;
import com.cloud.network.rules.PortForwardingRule;
import com.cloud.network.rules.StaticNat;
@ -83,12 +88,14 @@ import com.cloud.vm.VirtualMachineProfile;
import com.cloud.vm.dao.VMInstanceDao;
import net.sf.ehcache.config.InvalidConfigurationException;
import org.apache.cloudstack.StartupNsxCommand;
import org.apache.cloudstack.resource.NsxLoadBalancerMember;
import org.apache.cloudstack.resource.NsxNetworkRule;
import org.apache.log4j.Logger;
import org.springframework.stereotype.Component;
import javax.inject.Inject;
import javax.naming.ConfigurationException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Locale;
@ -99,7 +106,9 @@ import java.util.function.LongFunction;
@Component
public class NsxElement extends AdapterBase implements DhcpServiceProvider, DnsServiceProvider, VpcProvider,
StaticNatServiceProvider, IpDeployer, PortForwardingServiceProvider, ResourceStateAdapter, Listener {
StaticNatServiceProvider, IpDeployer, PortForwardingServiceProvider,
LoadBalancingServiceProvider, ResourceStateAdapter, Listener {
@Inject
AccountManager accountMgr;
@ -125,6 +134,8 @@ public class NsxElement extends AdapterBase implements DhcpServiceProvider, DnsS
VMInstanceDao vmInstanceDao;
@Inject
VpcDao vpcDao;
@Inject
LoadBalancerVMMapDao lbVmMapDao;
private static final Logger LOGGER = Logger.getLogger(NsxElement.class);
@ -505,7 +516,6 @@ public class NsxElement extends AdapterBase implements DhcpServiceProvider, DnsS
String privatePort = getPrivatePortRange(rule);
// TODO: add builder to reduce signature params ; should we pass port range?
NsxNetworkRule networkRule = new NsxNetworkRule.Builder()
.setDomainId(domainId)
.setAccountId(accountId)
@ -522,9 +532,13 @@ public class NsxElement extends AdapterBase implements DhcpServiceProvider, DnsS
.setProtocol(rule.getProtocol().toUpperCase(Locale.ROOT))
.build();
if (rule.getState() == FirewallRule.State.Add) {
return nsxService.createPortForwardRule(networkRule);
if (!nsxService.createPortForwardRule(networkRule)) {
return false;
}
} else if (rule.getState() == FirewallRule.State.Revoke) {
return nsxService.deletePortForwardRule(networkRule);
if (!nsxService.deletePortForwardRule(networkRule)) {
return false;
}
}
}
return true;
@ -558,4 +572,76 @@ public class NsxElement extends AdapterBase implements DhcpServiceProvider, DnsS
String.valueOf(rule.getSourcePortStart()) :
String.valueOf(rule.getSourcePortStart()).concat("-").concat(String.valueOf(rule.getSourcePortEnd()));
}
@Override
public boolean applyLBRules(Network network, List<LoadBalancingRule> rules) throws ResourceUnavailableException {
for (LoadBalancingRule loadBalancingRule : rules) {
if (loadBalancingRule.getState() == FirewallRule.State.Active) {
continue;
}
IPAddressVO publicIp = ipAddressDao.findByIpAndDcId(network.getDataCenterId(),
loadBalancingRule.getSourceIp().addr());
Pair<VpcVO, NetworkVO> vpcOrNetwork = getVpcOrNetwork(network.getVpcId(), network.getId());
VpcVO vpc = vpcOrNetwork.first();
NetworkVO networkVO = vpcOrNetwork.second();
Long networkResourceId = Objects.nonNull(vpc) ? vpc.getId() : networkVO.getId();
String networkResourceName = Objects.nonNull(vpc) ? vpc.getName() : networkVO.getName();
boolean isVpcResource = Objects.nonNull(vpc);
long domainId = Objects.nonNull(vpc) ? vpc.getDomainId() : networkVO.getDomainId();
long accountId = Objects.nonNull(vpc) ? vpc.getAccountId() : networkVO.getAccountId();
long zoneId = Objects.nonNull(vpc) ? vpc.getZoneId() : networkVO.getDataCenterId();
List<NsxLoadBalancerMember> lbMembers = getLoadBalancerMembers(loadBalancingRule);
NsxNetworkRule networkRule = new NsxNetworkRule.Builder()
.setDomainId(domainId)
.setAccountId(accountId)
.setZoneId(zoneId)
.setNetworkResourceId(networkResourceId)
.setNetworkResourceName(networkResourceName)
.setVpcResource(isVpcResource)
.setMemberList(lbMembers)
.setPublicIp(publicIp.getAddress().addr())
.setPublicPort(String.valueOf(loadBalancingRule.getSourcePortStart()))
.setRuleId(loadBalancingRule.getId())
.setProtocol(loadBalancingRule.getProtocol().toUpperCase(Locale.ROOT))
.setAlgorithm(loadBalancingRule.getAlgorithm())
.build();
if (loadBalancingRule.getState() == FirewallRule.State.Add) {
if (!nsxService.createLbRule(networkRule)) {
return false;
}
} else if (loadBalancingRule.getState() == FirewallRule.State.Revoke) {
if (!nsxService.deleteLbRule(networkRule)) {
return false;
}
}
}
return true;
}
@Override
public boolean validateLBRule(Network network, LoadBalancingRule rule) {
return true;
}
@Override
public List<LoadBalancerTO> updateHealthChecks(Network network, List<LoadBalancingRule> lbrules) {
return new ArrayList<>();
}
@Override
public boolean handlesOnlyRulesInTransitionState() {
return false;
}
private List<NsxLoadBalancerMember> getLoadBalancerMembers(LoadBalancingRule lbRule) {
List<LoadBalancerVMMapVO> lbVms = lbVmMapDao.listByLoadBalancerId(lbRule.getId(), false);
List<NsxLoadBalancerMember> lbMembers = new ArrayList<>();
for (LoadBalancerVMMapVO lbVm : lbVms) {
NsxLoadBalancerMember member = new NsxLoadBalancerMember(lbVm.getInstanceId(), lbVm.getInstanceIp(), lbRule.getDefaultPortStart());
lbMembers.add(member);
}
return lbMembers;
}
}

23
plugins/network-elements/nsx/src/main/java/org/apache/cloudstack/service/NsxServiceImpl.java
View File

@ -23,9 +23,11 @@ import com.cloud.network.vpc.VpcVO;
import com.cloud.network.vpc.dao.VpcDao;
import com.cloud.utils.exception.CloudRuntimeException;
import org.apache.cloudstack.NsxAnswer;
import org.apache.cloudstack.agent.api.CreateNsxLoadBalancerRuleCommand;
import org.apache.cloudstack.agent.api.CreateNsxPortForwardRuleCommand;
import org.apache.cloudstack.agent.api.CreateNsxStaticNatCommand;
import org.apache.cloudstack.agent.api.CreateNsxTier1GatewayCommand;
import org.apache.cloudstack.agent.api.DeleteNsxLoadBalancerRuleCommand;
import org.apache.cloudstack.agent.api.DeleteNsxSegmentCommand;
import org.apache.cloudstack.agent.api.DeleteNsxNatRuleCommand;
import org.apache.cloudstack.agent.api.DeleteNsxTier1GatewayCommand;
@ -119,9 +121,28 @@ public class NsxServiceImpl implements NsxService {
public boolean deletePortForwardRule(NsxNetworkRule netRule) {
DeleteNsxNatRuleCommand deleteCmd = new DeleteNsxNatRuleCommand(netRule.getDomainId(),
netRule.getAccountId(), netRule.getZoneId(), netRule.getNetworkResourceId(),
netRule.getNetworkResourceName(), netRule.isVpcResource(), netRule.getVmId(), netRule.getRuleId(), netRule.getPrivatePort(), netRule.getPublicPort());
netRule.getNetworkResourceName(), netRule.isVpcResource(), netRule.getVmId(), netRule.getRuleId(), netRule.getPrivatePort(), netRule.getProtocol());
deleteCmd.setService(Network.Service.PortForwarding);
NsxAnswer result = nsxControllerUtils.sendNsxCommand(deleteCmd, netRule.getZoneId());
return result.getResult();
}
public boolean createLbRule(NsxNetworkRule netRule) {
CreateNsxLoadBalancerRuleCommand command = new CreateNsxLoadBalancerRuleCommand(netRule.getDomainId(),
netRule.getAccountId(), netRule.getZoneId(), netRule.getNetworkResourceId(),
netRule.getNetworkResourceName(), netRule.isVpcResource(), netRule.getMemberList(), netRule.getRuleId(),
netRule.getPublicPort(), netRule.getAlgorithm(), netRule.getProtocol());
command.setPublicIp(netRule.getPublicIp());
NsxAnswer result = nsxControllerUtils.sendNsxCommand(command, netRule.getZoneId());
return result.getResult();
}
public boolean deleteLbRule(NsxNetworkRule netRule) {
DeleteNsxLoadBalancerRuleCommand command = new DeleteNsxLoadBalancerRuleCommand(netRule.getDomainId(),
netRule.getAccountId(), netRule.getZoneId(), netRule.getNetworkResourceId(),
netRule.getNetworkResourceName(), netRule.isVpcResource(), netRule.getMemberList(), netRule.getRuleId(),
netRule.getVmId());
NsxAnswer result = nsxControllerUtils.sendNsxCommand(command, netRule.getZoneId());
return result.getResult();
}
}

40
plugins/network-elements/nsx/src/main/java/org/apache/cloudstack/utils/NsxControllerUtils.java
View File

@ -23,6 +23,7 @@ import com.cloud.network.dao.NsxProviderDao;
import com.cloud.network.element.NsxProviderVO;
import org.apache.cloudstack.NsxAnswer;
import org.apache.cloudstack.agent.api.NsxCommand;
import org.apache.cloudstack.service.NsxApiClient;
import org.apache.log4j.Logger;
import org.springframework.stereotype.Component;
@ -90,4 +91,43 @@ public class NsxControllerUtils {
String suffix = "-PF";
return getTier1GatewayName(domainId, accountId, zoneId, networkResourceId, isVpcResource) + suffix + ruleId;
}
public static String getServiceName(String ruleName, String port, String protocol) {
return ruleName + "-SVC-" + port + "-" +protocol;
}
public static String getServiceEntryName(String ruleName, String port, String protocol) {
return ruleName + "-SE-" + port + "-" + protocol;
}
public static String getLoadBalancerName(String tier1GatewayName) {
return tier1GatewayName + "-LB";
}
public static String getLoadBalancerRuleName(String tier1GatewayName, long lbId) {
return tier1GatewayName + "-LB" + lbId;
}
public static String getServerPoolName(String tier1GatewayName, long lbId) {
return getLoadBalancerRuleName(tier1GatewayName, lbId) + "-SP";
}
public static String getVirtualServerName(String tier1GatewayName, long lbId) {
return getLoadBalancerRuleName(tier1GatewayName, lbId) + "-VS";
}
public static String getServerPoolMemberName(String tier1GatewayName, long vmId) {
return tier1GatewayName + "-VM" + vmId;
}
public static String getLoadBalancerAlgorithm(String algorithm) {
switch (algorithm) {
case "leastconn":
return NsxApiClient.LBAlgorithm.LEAST_CONNECTION.name();
case "source":
return NsxApiClient.LBAlgorithm.IP_HASH.name();
default:
return NsxApiClient.LBAlgorithm.ROUND_ROBIN.name();
}
}
}

1
server/src/main/java/com/cloud/server/ConfigurationServerImpl.java
View File

@ -1225,6 +1225,7 @@ public class ConfigurationServerImpl extends ManagerBase implements Configuratio
new NetworkOfferingVO(name, displayText, TrafficType.Guest, false, false, null,
null, true, Availability.Optional, null, GuestType.Isolated, false,
false, false, false, false, forVpc);
defaultNatNSXNetworkOffering.setPublicLb(true);
defaultNatNSXNetworkOffering.setForNsx(true);
defaultNatNSXNetworkOffering.setNsxMode(nsxMode.name());
defaultNatNSXNetworkOffering.setState(NetworkOffering.State.Enabled);