mirror of
https://github.com/apache/cloudstack.git
synced 2025-10-26 08:42:29 +01:00
edd839ab10
Fix: RTNETLINK errors
- Management Server health check trying to create already existing interface
- Changes on update_config.py, cs_guestnetwork.py, merger.py
Fix: replace RRouTER_LOG in the CsRedundant.py per log file location
Fix: Guest Net address association during Router restart
- Changes on NicProfileHelper, NicProfileHelperImpl
Fix: aggregationExecution() method on VirtualNetworkApplianceManagerImpl
- Do not send an AggregationControlCommand to a non-configured router
Some classes have been formatted.
1051 lines
57 KiB
Java
1051 lines
57 KiB
Java
// Licensed to the Apache Software Foundation (ASF) under one
|
|
// or more contributor license agreements. See the NOTICE file
|
|
// distributed with this work for additional information
|
|
// regarding copyright ownership. The ASF licenses this file
|
|
// to you under the Apache License, Version 2.0 (the
|
|
// "License"); you may not use this file except in compliance
|
|
// with the License. You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing,
|
|
// software distributed under the License is distributed on an
|
|
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
// KIND, either express or implied. See the License for the
|
|
// specific language governing permissions and limitations
|
|
// under the License.
|
|
package com.cloud.network.router;
|
|
|
|
import java.net.URI;
|
|
import java.util.ArrayList;
|
|
import java.util.Collections;
|
|
import java.util.Comparator;
|
|
import java.util.HashMap;
|
|
import java.util.List;
|
|
import java.util.Map;
|
|
|
|
import javax.inject.Inject;
|
|
|
|
import org.apache.cloudstack.framework.config.dao.ConfigurationDao;
|
|
import org.apache.log4j.Logger;
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
import org.springframework.beans.factory.annotation.Qualifier;
|
|
|
|
import com.cloud.agent.api.SetupGuestNetworkCommand;
|
|
import com.cloud.agent.api.routing.CreateIpAliasCommand;
|
|
import com.cloud.agent.api.routing.DeleteIpAliasCommand;
|
|
import com.cloud.agent.api.routing.DhcpEntryCommand;
|
|
import com.cloud.agent.api.routing.DnsMasqConfigCommand;
|
|
import com.cloud.agent.api.routing.IpAliasTO;
|
|
import com.cloud.agent.api.routing.IpAssocCommand;
|
|
import com.cloud.agent.api.routing.IpAssocVpcCommand;
|
|
import com.cloud.agent.api.routing.LoadBalancerConfigCommand;
|
|
import com.cloud.agent.api.routing.NetworkElementCommand;
|
|
import com.cloud.agent.api.routing.RemoteAccessVpnCfgCommand;
|
|
import com.cloud.agent.api.routing.SavePasswordCommand;
|
|
import com.cloud.agent.api.routing.SetFirewallRulesCommand;
|
|
import com.cloud.agent.api.routing.SetNetworkACLCommand;
|
|
import com.cloud.agent.api.routing.SetPortForwardingRulesCommand;
|
|
import com.cloud.agent.api.routing.SetPortForwardingRulesVpcCommand;
|
|
import com.cloud.agent.api.routing.SetSourceNatCommand;
|
|
import com.cloud.agent.api.routing.SetStaticNatRulesCommand;
|
|
import com.cloud.agent.api.routing.SetStaticRouteCommand;
|
|
import com.cloud.agent.api.routing.Site2SiteVpnCfgCommand;
|
|
import com.cloud.agent.api.routing.VmDataCommand;
|
|
import com.cloud.agent.api.routing.VpnUsersCfgCommand;
|
|
import com.cloud.agent.api.to.DhcpTO;
|
|
import com.cloud.agent.api.to.FirewallRuleTO;
|
|
import com.cloud.agent.api.to.IpAddressTO;
|
|
import com.cloud.agent.api.to.LoadBalancerTO;
|
|
import com.cloud.agent.api.to.NetworkACLTO;
|
|
import com.cloud.agent.api.to.PortForwardingRuleTO;
|
|
import com.cloud.agent.api.to.StaticNatRuleTO;
|
|
import com.cloud.agent.manager.Commands;
|
|
import com.cloud.configuration.Config;
|
|
import com.cloud.dc.DataCenter;
|
|
import com.cloud.dc.DataCenter.NetworkType;
|
|
import com.cloud.dc.DataCenterVO;
|
|
import com.cloud.dc.dao.DataCenterDao;
|
|
import com.cloud.dc.dao.VlanDao;
|
|
import com.cloud.network.IpAddress;
|
|
import com.cloud.network.Network;
|
|
import com.cloud.network.Network.Provider;
|
|
import com.cloud.network.Network.Service;
|
|
import com.cloud.network.NetworkModel;
|
|
import com.cloud.network.Networks.BroadcastDomainType;
|
|
import com.cloud.network.Networks.TrafficType;
|
|
import com.cloud.network.PublicIpAddress;
|
|
import com.cloud.network.RemoteAccessVpn;
|
|
import com.cloud.network.Site2SiteVpnConnection;
|
|
import com.cloud.network.VpnUser;
|
|
import com.cloud.network.VpnUserVO;
|
|
import com.cloud.network.dao.FirewallRulesDao;
|
|
import com.cloud.network.dao.IPAddressDao;
|
|
import com.cloud.network.dao.NetworkDao;
|
|
import com.cloud.network.dao.NetworkVO;
|
|
import com.cloud.network.dao.Site2SiteCustomerGatewayDao;
|
|
import com.cloud.network.dao.Site2SiteCustomerGatewayVO;
|
|
import com.cloud.network.dao.Site2SiteVpnGatewayDao;
|
|
import com.cloud.network.dao.Site2SiteVpnGatewayVO;
|
|
import com.cloud.network.dao.VpnUserDao;
|
|
import com.cloud.network.lb.LoadBalancingRule;
|
|
import com.cloud.network.lb.LoadBalancingRule.LbDestination;
|
|
import com.cloud.network.lb.LoadBalancingRule.LbStickinessPolicy;
|
|
import com.cloud.network.rules.FirewallRule;
|
|
import com.cloud.network.rules.FirewallRule.Purpose;
|
|
import com.cloud.network.rules.FirewallRuleVO;
|
|
import com.cloud.network.rules.PortForwardingRule;
|
|
import com.cloud.network.rules.StaticNat;
|
|
import com.cloud.network.rules.StaticNatRule;
|
|
import com.cloud.network.vpc.NetworkACLItem;
|
|
import com.cloud.network.vpc.PrivateIpAddress;
|
|
import com.cloud.network.vpc.StaticRouteProfile;
|
|
import com.cloud.network.vpc.Vpc;
|
|
import com.cloud.network.vpc.VpcGateway;
|
|
import com.cloud.network.vpc.dao.VpcDao;
|
|
import com.cloud.offering.NetworkOffering;
|
|
import com.cloud.offerings.NetworkOfferingVO;
|
|
import com.cloud.offerings.dao.NetworkOfferingDao;
|
|
import com.cloud.service.dao.ServiceOfferingDao;
|
|
import com.cloud.storage.GuestOSVO;
|
|
import com.cloud.storage.dao.GuestOSDao;
|
|
import com.cloud.user.Account;
|
|
import com.cloud.uservm.UserVm;
|
|
import com.cloud.utils.Pair;
|
|
import com.cloud.utils.StringUtils;
|
|
import com.cloud.utils.db.EntityManager;
|
|
import com.cloud.utils.net.NetUtils;
|
|
import com.cloud.vm.DomainRouterVO;
|
|
import com.cloud.vm.Nic;
|
|
import com.cloud.vm.NicIpAlias;
|
|
import com.cloud.vm.NicProfile;
|
|
import com.cloud.vm.NicVO;
|
|
import com.cloud.vm.UserVmVO;
|
|
import com.cloud.vm.VirtualMachine;
|
|
import com.cloud.vm.VirtualMachine.State;
|
|
import com.cloud.vm.VirtualMachineManager;
|
|
import com.cloud.vm.VirtualMachineProfile;
|
|
import com.cloud.vm.dao.DomainRouterDao;
|
|
import com.cloud.vm.dao.NicDao;
|
|
import com.cloud.vm.dao.NicIpAliasDao;
|
|
import com.cloud.vm.dao.NicIpAliasVO;
|
|
import com.cloud.vm.dao.UserVmDao;
|
|
|
|
public class CommandSetupHelper {
|
|
|
|
private static final Logger s_logger = Logger.getLogger(CommandSetupHelper.class);
|
|
|
|
@Inject
|
|
private EntityManager _entityMgr;
|
|
|
|
@Inject
|
|
private NicDao _nicDao;
|
|
@Inject
|
|
private NetworkDao _networkDao;
|
|
@Inject
|
|
private DomainRouterDao _routerDao;
|
|
@Inject
|
|
private NetworkModel _networkModel;
|
|
@Inject
|
|
private VirtualMachineManager _itMgr;
|
|
@Inject
|
|
private DataCenterDao _dcDao;
|
|
@Inject
|
|
private NicIpAliasDao _nicIpAliasDao;
|
|
@Inject
|
|
private FirewallRulesDao _rulesDao;
|
|
@Inject
|
|
private NetworkOfferingDao _networkOfferingDao;
|
|
@Inject
|
|
private ConfigurationDao _configDao;
|
|
@Inject
|
|
private ServiceOfferingDao _serviceOfferingDao;
|
|
@Inject
|
|
private UserVmDao _userVmDao;
|
|
@Inject
|
|
private VpnUserDao _vpnUsersDao;
|
|
@Inject
|
|
private Site2SiteCustomerGatewayDao _s2sCustomerGatewayDao;
|
|
@Inject
|
|
private Site2SiteVpnGatewayDao _s2sVpnGatewayDao;
|
|
@Inject
|
|
private VpcDao _vpcDao;
|
|
@Inject
|
|
private VlanDao _vlanDao;
|
|
@Inject
|
|
private IPAddressDao _ipAddressDao;
|
|
@Inject
|
|
private GuestOSDao _guestOSDao;
|
|
|
|
@Inject
|
|
private RouterControlHelper _routerControlHelper;
|
|
|
|
@Autowired
|
|
@Qualifier("networkHelper")
|
|
protected NetworkHelper _networkHelper;
|
|
|
|
private final String _dnsBasicZoneUpdates = "all";
|
|
|
|
public void createVmDataCommand(final VirtualRouter router, final UserVm vm, final NicVO nic, final String publicKey, final Commands cmds) {
|
|
final String serviceOffering = _serviceOfferingDao.findByIdIncludingRemoved(vm.getId(), vm.getServiceOfferingId()).getDisplayText();
|
|
final String zoneName = _dcDao.findById(router.getDataCenterId()).getName();
|
|
cmds.addCommand(
|
|
"vmdata",
|
|
generateVmDataCommand(router, nic.getIp4Address(), vm.getUserData(), serviceOffering, zoneName, nic.getIp4Address(), vm.getHostName(), vm.getInstanceName(),
|
|
vm.getId(), vm.getUuid(), publicKey, nic.getNetworkId()));
|
|
}
|
|
|
|
public void createApplyVpnUsersCommand(final List<? extends VpnUser> users, final VirtualRouter router, final Commands cmds) {
|
|
final List<VpnUser> addUsers = new ArrayList<VpnUser>();
|
|
final List<VpnUser> removeUsers = new ArrayList<VpnUser>();
|
|
for (final VpnUser user : users) {
|
|
if (user.getState() == VpnUser.State.Add || user.getState() == VpnUser.State.Active) {
|
|
addUsers.add(user);
|
|
} else if (user.getState() == VpnUser.State.Revoke) {
|
|
removeUsers.add(user);
|
|
}
|
|
}
|
|
|
|
final VpnUsersCfgCommand cmd = new VpnUsersCfgCommand(addUsers, removeUsers);
|
|
cmd.setAccessDetail(NetworkElementCommand.ACCOUNT_ID, String.valueOf(router.getAccountId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
|
|
cmds.addCommand("users", cmd);
|
|
}
|
|
|
|
public void createDhcpEntryCommand(final VirtualRouter router, final UserVm vm, final NicVO nic, final Commands cmds) {
|
|
final DhcpEntryCommand dhcpCommand = new DhcpEntryCommand(nic.getMacAddress(), nic.getIp4Address(), vm.getHostName(), nic.getIp6Address(),
|
|
_networkModel.getExecuteInSeqNtwkElmtCmd());
|
|
|
|
String gatewayIp = nic.getGateway();
|
|
if (!nic.isDefaultNic()) {
|
|
final GuestOSVO guestOS = _guestOSDao.findById(vm.getGuestOSId());
|
|
if (guestOS == null || !guestOS.getDisplayName().toLowerCase().contains("windows")) {
|
|
gatewayIp = "0.0.0.0";
|
|
}
|
|
}
|
|
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
|
|
dhcpCommand.setDefaultRouter(gatewayIp);
|
|
dhcpCommand.setIp6Gateway(nic.getIp6Gateway());
|
|
String ipaddress = null;
|
|
final NicVO domrDefaultNic = findDefaultDnsIp(vm.getId());
|
|
if (domrDefaultNic != null) {
|
|
ipaddress = domrDefaultNic.getIp4Address();
|
|
}
|
|
dhcpCommand.setDefaultDns(ipaddress);
|
|
dhcpCommand.setDuid(NetUtils.getDuidLL(nic.getMacAddress()));
|
|
dhcpCommand.setDefault(nic.isDefaultNic());
|
|
|
|
dhcpCommand.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
dhcpCommand.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
dhcpCommand.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, _routerControlHelper.getRouterIpInNetwork(nic.getNetworkId(), router.getId()));
|
|
dhcpCommand.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
|
|
cmds.addCommand("dhcp", dhcpCommand);
|
|
}
|
|
|
|
public void createIpAlias(final VirtualRouter router, final List<IpAliasTO> ipAliasTOs, final Long networkid, final Commands cmds) {
|
|
|
|
final String routerip = _routerControlHelper.getRouterIpInNetwork(networkid, router.getId());
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
final CreateIpAliasCommand ipaliasCmd = new CreateIpAliasCommand(routerip, ipAliasTOs);
|
|
ipaliasCmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
ipaliasCmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
ipaliasCmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, routerip);
|
|
ipaliasCmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
|
|
cmds.addCommand("ipalias", ipaliasCmd);
|
|
}
|
|
|
|
public void configDnsMasq(final VirtualRouter router, final Network network, final Commands cmds) {
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
final List<NicIpAliasVO> ipAliasVOList = _nicIpAliasDao.listByNetworkIdAndState(network.getId(), NicIpAlias.state.active);
|
|
final List<DhcpTO> ipList = new ArrayList<DhcpTO>();
|
|
|
|
final NicVO router_guest_nic = _nicDao.findByNtwkIdAndInstanceId(network.getId(), router.getId());
|
|
final String cidr = NetUtils.getCidrFromGatewayAndNetmask(router_guest_nic.getGateway(), router_guest_nic.getNetmask());
|
|
final String[] cidrPair = cidr.split("\\/");
|
|
final String cidrAddress = cidrPair[0];
|
|
final long cidrSize = Long.parseLong(cidrPair[1]);
|
|
final String startIpOfSubnet = NetUtils.getIpRangeStartIpFromCidr(cidrAddress, cidrSize);
|
|
|
|
ipList.add(new DhcpTO(router_guest_nic.getIp4Address(), router_guest_nic.getGateway(), router_guest_nic.getNetmask(), startIpOfSubnet));
|
|
for (final NicIpAliasVO ipAliasVO : ipAliasVOList) {
|
|
final DhcpTO DhcpTO = new DhcpTO(ipAliasVO.getIp4Address(), ipAliasVO.getGateway(), ipAliasVO.getNetmask(), ipAliasVO.getStartIpOfSubnet());
|
|
if (s_logger.isTraceEnabled()) {
|
|
s_logger.trace("configDnsMasq : adding ip {" + DhcpTO.getGateway() + ", " + DhcpTO.getNetmask() + ", " + DhcpTO.getRouterIp() + ", " + DhcpTO.getStartIpOfSubnet()
|
|
+ "}");
|
|
}
|
|
ipList.add(DhcpTO);
|
|
ipAliasVO.setVmId(router.getId());
|
|
}
|
|
_dcDao.findById(router.getDataCenterId());
|
|
final DnsMasqConfigCommand dnsMasqConfigCmd = new DnsMasqConfigCommand(ipList);
|
|
dnsMasqConfigCmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
dnsMasqConfigCmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
dnsMasqConfigCmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, _routerControlHelper.getRouterIpInNetwork(network.getId(), router.getId()));
|
|
dnsMasqConfigCmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
cmds.addCommand("dnsMasqConfig", dnsMasqConfigCmd);
|
|
}
|
|
|
|
public void createApplyLoadBalancingRulesCommands(final List<LoadBalancingRule> rules, final VirtualRouter router, final Commands cmds, final long guestNetworkId) {
|
|
final LoadBalancerTO[] lbs = new LoadBalancerTO[rules.size()];
|
|
int i = 0;
|
|
// We don't support VR to be inline currently
|
|
final boolean inline = false;
|
|
for (final LoadBalancingRule rule : rules) {
|
|
final boolean revoked = rule.getState().equals(FirewallRule.State.Revoke);
|
|
final String protocol = rule.getProtocol();
|
|
final String algorithm = rule.getAlgorithm();
|
|
final String uuid = rule.getUuid();
|
|
|
|
final String srcIp = rule.getSourceIp().addr();
|
|
final int srcPort = rule.getSourcePortStart();
|
|
final List<LbDestination> destinations = rule.getDestinations();
|
|
final List<LbStickinessPolicy> stickinessPolicies = rule.getStickinessPolicies();
|
|
final LoadBalancerTO lb = new LoadBalancerTO(uuid, srcIp, srcPort, protocol, algorithm, revoked, false, inline, destinations, stickinessPolicies);
|
|
lbs[i++] = lb;
|
|
}
|
|
String routerPublicIp = null;
|
|
|
|
if (router instanceof DomainRouterVO) {
|
|
final DomainRouterVO domr = _routerDao.findById(router.getId());
|
|
routerPublicIp = domr.getPublicIpAddress();
|
|
if (routerPublicIp == null) {
|
|
routerPublicIp = router.getPublicIpAddress();
|
|
}
|
|
}
|
|
|
|
final Network guestNetwork = _networkModel.getNetwork(guestNetworkId);
|
|
final Nic nic = _nicDao.findByNtwkIdAndInstanceId(guestNetwork.getId(), router.getId());
|
|
final NicProfile nicProfile = new NicProfile(nic, guestNetwork, nic.getBroadcastUri(), nic.getIsolationUri(), _networkModel.getNetworkRate(guestNetwork.getId(),
|
|
router.getId()), _networkModel.isSecurityGroupSupportedInNetwork(guestNetwork), _networkModel.getNetworkTag(router.getHypervisorType(), guestNetwork));
|
|
final NetworkOffering offering = _networkOfferingDao.findById(guestNetwork.getNetworkOfferingId());
|
|
String maxconn = null;
|
|
if (offering.getConcurrentConnections() == null) {
|
|
maxconn = _configDao.getValue(Config.NetworkLBHaproxyMaxConn.key());
|
|
} else {
|
|
maxconn = offering.getConcurrentConnections().toString();
|
|
}
|
|
|
|
final LoadBalancerConfigCommand cmd = new LoadBalancerConfigCommand(lbs, routerPublicIp, _routerControlHelper.getRouterIpInNetwork(guestNetworkId, router.getId()),
|
|
router.getPrivateIpAddress(), _itMgr.toNicTO(nicProfile, router.getHypervisorType()), router.getVpcId(), maxconn, offering.isKeepAliveEnabled());
|
|
|
|
cmd.lbStatsVisibility = _configDao.getValue(Config.NetworkLBHaproxyStatsVisbility.key());
|
|
cmd.lbStatsUri = _configDao.getValue(Config.NetworkLBHaproxyStatsUri.key());
|
|
cmd.lbStatsAuth = _configDao.getValue(Config.NetworkLBHaproxyStatsAuth.key());
|
|
cmd.lbStatsPort = _configDao.getValue(Config.NetworkLBHaproxyStatsPort.key());
|
|
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, _routerControlHelper.getRouterIpInNetwork(guestNetworkId, router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
cmds.addCommand(cmd);
|
|
}
|
|
|
|
public void createApplyPortForwardingRulesCommands(final List<? extends PortForwardingRule> rules, final VirtualRouter router, final Commands cmds, final long guestNetworkId) {
|
|
final List<PortForwardingRuleTO> rulesTO = new ArrayList<PortForwardingRuleTO>();
|
|
if (rules != null) {
|
|
for (final PortForwardingRule rule : rules) {
|
|
final IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId());
|
|
final PortForwardingRuleTO ruleTO = new PortForwardingRuleTO(rule, null, sourceIp.getAddress().addr());
|
|
rulesTO.add(ruleTO);
|
|
}
|
|
}
|
|
|
|
SetPortForwardingRulesCommand cmd = null;
|
|
|
|
if (router.getVpcId() != null) {
|
|
cmd = new SetPortForwardingRulesVpcCommand(rulesTO);
|
|
} else {
|
|
cmd = new SetPortForwardingRulesCommand(rulesTO);
|
|
}
|
|
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, _routerControlHelper.getRouterIpInNetwork(guestNetworkId, router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
|
|
cmds.addCommand(cmd);
|
|
}
|
|
|
|
public void createApplyStaticNatRulesCommands(final List<? extends StaticNatRule> rules, final VirtualRouter router, final Commands cmds, final long guestNetworkId) {
|
|
final List<StaticNatRuleTO> rulesTO = new ArrayList<StaticNatRuleTO>();
|
|
if (rules != null) {
|
|
for (final StaticNatRule rule : rules) {
|
|
final IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId());
|
|
final StaticNatRuleTO ruleTO = new StaticNatRuleTO(rule, null, sourceIp.getAddress().addr(), rule.getDestIpAddress());
|
|
rulesTO.add(ruleTO);
|
|
}
|
|
}
|
|
|
|
final SetStaticNatRulesCommand cmd = new SetStaticNatRulesCommand(rulesTO, router.getVpcId());
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, _routerControlHelper.getRouterIpInNetwork(guestNetworkId, router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
cmds.addCommand(cmd);
|
|
}
|
|
|
|
public void createApplyFirewallRulesCommands(final List<? extends FirewallRule> rules, final VirtualRouter router, final Commands cmds, final long guestNetworkId) {
|
|
final List<FirewallRuleTO> rulesTO = new ArrayList<FirewallRuleTO>();
|
|
String systemRule = null;
|
|
Boolean defaultEgressPolicy = false;
|
|
if (rules != null) {
|
|
if (rules.size() > 0) {
|
|
if (rules.get(0).getTrafficType() == FirewallRule.TrafficType.Egress && rules.get(0).getType() == FirewallRule.FirewallRuleType.System) {
|
|
systemRule = String.valueOf(FirewallRule.FirewallRuleType.System);
|
|
}
|
|
}
|
|
for (final FirewallRule rule : rules) {
|
|
_rulesDao.loadSourceCidrs((FirewallRuleVO) rule);
|
|
final FirewallRule.TrafficType traffictype = rule.getTrafficType();
|
|
if (traffictype == FirewallRule.TrafficType.Ingress) {
|
|
final IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId());
|
|
final FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, sourceIp.getAddress().addr(), Purpose.Firewall, traffictype);
|
|
rulesTO.add(ruleTO);
|
|
} else if (rule.getTrafficType() == FirewallRule.TrafficType.Egress) {
|
|
final NetworkVO network = _networkDao.findById(guestNetworkId);
|
|
final NetworkOfferingVO offering = _networkOfferingDao.findById(network.getNetworkOfferingId());
|
|
defaultEgressPolicy = offering.getEgressDefaultPolicy();
|
|
assert rule.getSourceIpAddressId() == null : "ipAddressId should be null for egress firewall rule. ";
|
|
final FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, "", Purpose.Firewall, traffictype, defaultEgressPolicy);
|
|
rulesTO.add(ruleTO);
|
|
}
|
|
}
|
|
}
|
|
|
|
final SetFirewallRulesCommand cmd = new SetFirewallRulesCommand(rulesTO);
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, _routerControlHelper.getRouterIpInNetwork(guestNetworkId, router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
if (systemRule != null) {
|
|
cmd.setAccessDetail(NetworkElementCommand.FIREWALL_EGRESS_DEFAULT, systemRule);
|
|
} else {
|
|
cmd.setAccessDetail(NetworkElementCommand.FIREWALL_EGRESS_DEFAULT, String.valueOf(defaultEgressPolicy));
|
|
}
|
|
|
|
cmds.addCommand(cmd);
|
|
}
|
|
|
|
public void createFirewallRulesCommands(final List<? extends FirewallRule> rules, final VirtualRouter router, final Commands cmds, final long guestNetworkId) {
|
|
final List<FirewallRuleTO> rulesTO = new ArrayList<FirewallRuleTO>();
|
|
String systemRule = null;
|
|
Boolean defaultEgressPolicy = false;
|
|
if (rules != null) {
|
|
if (rules.size() > 0) {
|
|
if (rules.get(0).getTrafficType() == FirewallRule.TrafficType.Egress && rules.get(0).getType() == FirewallRule.FirewallRuleType.System) {
|
|
systemRule = String.valueOf(FirewallRule.FirewallRuleType.System);
|
|
}
|
|
}
|
|
for (final FirewallRule rule : rules) {
|
|
_rulesDao.loadSourceCidrs((FirewallRuleVO) rule);
|
|
final FirewallRule.TrafficType traffictype = rule.getTrafficType();
|
|
if (traffictype == FirewallRule.TrafficType.Ingress) {
|
|
final IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId());
|
|
final FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, sourceIp.getAddress().addr(), Purpose.Firewall, traffictype);
|
|
rulesTO.add(ruleTO);
|
|
} else if (rule.getTrafficType() == FirewallRule.TrafficType.Egress) {
|
|
final NetworkVO network = _networkDao.findById(guestNetworkId);
|
|
final NetworkOfferingVO offering = _networkOfferingDao.findById(network.getNetworkOfferingId());
|
|
defaultEgressPolicy = offering.getEgressDefaultPolicy();
|
|
assert rule.getSourceIpAddressId() == null : "ipAddressId should be null for egress firewall rule. ";
|
|
final FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, "", Purpose.Firewall, traffictype, defaultEgressPolicy);
|
|
rulesTO.add(ruleTO);
|
|
}
|
|
}
|
|
}
|
|
|
|
final SetFirewallRulesCommand cmd = new SetFirewallRulesCommand(rulesTO);
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, _routerControlHelper.getRouterIpInNetwork(guestNetworkId, router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
if (systemRule != null) {
|
|
cmd.setAccessDetail(NetworkElementCommand.FIREWALL_EGRESS_DEFAULT, systemRule);
|
|
} else {
|
|
cmd.setAccessDetail(NetworkElementCommand.FIREWALL_EGRESS_DEFAULT, String.valueOf(defaultEgressPolicy));
|
|
}
|
|
|
|
cmds.addCommand(cmd);
|
|
}
|
|
|
|
public void createAssociateIPCommands(final VirtualRouter router, final List<? extends PublicIpAddress> ips, final Commands cmds, final long vmId) {
|
|
final String ipAssocCommand = "IPAssocCommand";
|
|
createRedundantAssociateIPCommands(router, ips, cmds, ipAssocCommand, vmId);
|
|
}
|
|
|
|
public void createNetworkACLsCommands(final List<? extends NetworkACLItem> rules, final VirtualRouter router, final Commands cmds, final long guestNetworkId,
|
|
final boolean privateGateway) {
|
|
final List<NetworkACLTO> rulesTO = new ArrayList<NetworkACLTO>();
|
|
String guestVlan = null;
|
|
final Network guestNtwk = _networkDao.findById(guestNetworkId);
|
|
final URI uri = guestNtwk.getBroadcastUri();
|
|
if (uri != null) {
|
|
guestVlan = BroadcastDomainType.getValue(uri);
|
|
}
|
|
|
|
if (rules != null) {
|
|
for (final NetworkACLItem rule : rules) {
|
|
final NetworkACLTO ruleTO = new NetworkACLTO(rule, guestVlan, rule.getTrafficType());
|
|
rulesTO.add(ruleTO);
|
|
}
|
|
}
|
|
|
|
final SetNetworkACLCommand cmd = new SetNetworkACLCommand(rulesTO, _networkHelper.getNicTO(router, guestNetworkId, null));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, _routerControlHelper.getRouterIpInNetwork(guestNetworkId, router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.GUEST_VLAN_TAG, guestVlan);
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
if (privateGateway) {
|
|
cmd.setAccessDetail(NetworkElementCommand.VPC_PRIVATE_GATEWAY, String.valueOf(VpcGateway.Type.Private));
|
|
}
|
|
|
|
cmds.addCommand(cmd);
|
|
}
|
|
|
|
public void createPasswordCommand(final VirtualRouter router, final VirtualMachineProfile profile, final NicVO nic, final Commands cmds) {
|
|
final String password = (String) profile.getParameter(VirtualMachineProfile.Param.VmPassword);
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
|
|
// password should be set only on default network element
|
|
if (password != null && nic.isDefaultNic()) {
|
|
final SavePasswordCommand cmd = new SavePasswordCommand(password, nic.getIp4Address(), profile.getVirtualMachine().getHostName(),
|
|
_networkModel.getExecuteInSeqNtwkElmtCmd());
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, _routerControlHelper.getRouterIpInNetwork(nic.getNetworkId(), router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
|
|
cmds.addCommand("password", cmd);
|
|
}
|
|
|
|
}
|
|
|
|
public void createApplyStaticNatCommands(final List<? extends StaticNat> rules, final VirtualRouter router, final Commands cmds, final long guestNetworkId) {
|
|
final List<StaticNatRuleTO> rulesTO = new ArrayList<StaticNatRuleTO>();
|
|
if (rules != null) {
|
|
for (final StaticNat rule : rules) {
|
|
final IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId());
|
|
final StaticNatRuleTO ruleTO = new StaticNatRuleTO(0, sourceIp.getAddress().addr(), null, null, rule.getDestIpAddress(), null, null, null, rule.isForRevoke(),
|
|
false);
|
|
rulesTO.add(ruleTO);
|
|
}
|
|
}
|
|
|
|
final SetStaticNatRulesCommand cmd = new SetStaticNatRulesCommand(rulesTO, router.getVpcId());
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, _routerControlHelper.getRouterIpInNetwork(guestNetworkId, router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
cmds.addCommand(cmd);
|
|
}
|
|
|
|
public void createStaticRouteCommands(final List<StaticRouteProfile> staticRoutes, final VirtualRouter router, final Commands cmds) {
|
|
final SetStaticRouteCommand cmd = new SetStaticRouteCommand(staticRoutes);
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
cmds.addCommand(cmd);
|
|
}
|
|
|
|
public void createApplyVpnCommands(final boolean isCreate, final RemoteAccessVpn vpn, final VirtualRouter router, final Commands cmds) {
|
|
final List<VpnUserVO> vpnUsers = _vpnUsersDao.listByAccount(vpn.getAccountId());
|
|
|
|
createApplyVpnUsersCommand(vpnUsers, router, cmds);
|
|
|
|
final IpAddress ip = _networkModel.getIp(vpn.getServerAddressId());
|
|
|
|
// This block is needed due to the line 206 of the
|
|
// RemoteAccessVpnManagenerImpl:
|
|
// TODO: assumes one virtual network / domr per account per zone
|
|
final String cidr;
|
|
final Network network = _networkDao.findById(vpn.getNetworkId());
|
|
if (network == null) {
|
|
final Vpc vpc = _vpcDao.findById(vpn.getVpcId());
|
|
cidr = vpc.getCidr();
|
|
} else {
|
|
cidr = network.getCidr();
|
|
}
|
|
|
|
final RemoteAccessVpnCfgCommand startVpnCmd = new RemoteAccessVpnCfgCommand(isCreate, ip.getAddress().addr(), vpn.getLocalIp(), vpn.getIpRange(),
|
|
vpn.getIpsecPresharedKey(), vpn.getVpcId() != null);
|
|
startVpnCmd.setLocalCidr(cidr);
|
|
startVpnCmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
startVpnCmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
startVpnCmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
|
|
cmds.addCommand("startVpn", startVpnCmd);
|
|
}
|
|
|
|
public void createVmDataCommandForVMs(final DomainRouterVO router, final Commands cmds, final long guestNetworkId) {
|
|
final List<UserVmVO> vms = _userVmDao.listByNetworkIdAndStates(guestNetworkId, State.Running, State.Migrating, State.Stopping);
|
|
final DataCenterVO dc = _dcDao.findById(router.getDataCenterId());
|
|
for (final UserVmVO vm : vms) {
|
|
boolean createVmData = true;
|
|
if (dc.getNetworkType() == NetworkType.Basic && router.getPodIdToDeployIn().longValue() != vm.getPodIdToDeployIn().longValue()) {
|
|
createVmData = false;
|
|
}
|
|
|
|
if (createVmData) {
|
|
final NicVO nic = _nicDao.findByNtwkIdAndInstanceId(guestNetworkId, vm.getId());
|
|
if (nic != null) {
|
|
s_logger.debug("Creating user data entry for vm " + vm + " on domR " + router);
|
|
createVmDataCommand(router, vm, nic, null, cmds);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
public void createDhcpEntryCommandsForVMs(final DomainRouterVO router, final Commands cmds, final long guestNetworkId) {
|
|
final List<UserVmVO> vms = _userVmDao.listByNetworkIdAndStates(guestNetworkId, State.Running, State.Migrating, State.Stopping);
|
|
final DataCenterVO dc = _dcDao.findById(router.getDataCenterId());
|
|
for (final UserVmVO vm : vms) {
|
|
boolean createDhcp = true;
|
|
if (dc.getNetworkType() == NetworkType.Basic && router.getPodIdToDeployIn().longValue() != vm.getPodIdToDeployIn().longValue()
|
|
&& _dnsBasicZoneUpdates.equalsIgnoreCase("pod")) {
|
|
createDhcp = false;
|
|
}
|
|
if (createDhcp) {
|
|
final NicVO nic = _nicDao.findByNtwkIdAndInstanceId(guestNetworkId, vm.getId());
|
|
if (nic != null) {
|
|
s_logger.debug("Creating dhcp entry for vm " + vm + " on domR " + router + ".");
|
|
createDhcpEntryCommand(router, vm, nic, cmds);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
public void createDeleteIpAliasCommand(final DomainRouterVO router, final List<IpAliasTO> deleteIpAliasTOs, final List<IpAliasTO> createIpAliasTos, final long networkId,
|
|
final Commands cmds) {
|
|
final String routerip = _routerControlHelper.getRouterIpInNetwork(networkId, router.getId());
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
final DeleteIpAliasCommand deleteIpaliasCmd = new DeleteIpAliasCommand(routerip, deleteIpAliasTOs, createIpAliasTos);
|
|
deleteIpaliasCmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
deleteIpaliasCmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
deleteIpaliasCmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, routerip);
|
|
deleteIpaliasCmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
|
|
cmds.addCommand("deleteIpalias", deleteIpaliasCmd);
|
|
}
|
|
|
|
public void createVpcAssociatePublicIPCommands(final VirtualRouter router, final List<? extends PublicIpAddress> ips, final Commands cmds,
|
|
final Map<String, String> vlanMacAddress) {
|
|
|
|
final String ipAssocCommand = "IPAssocVpcCommand";
|
|
if (router.getIsRedundantRouter()) {
|
|
createRedundantAssociateIPCommands(router, ips, cmds, ipAssocCommand, 0);
|
|
return;
|
|
}
|
|
|
|
Pair<IpAddressTO, Long> sourceNatIpAdd = null;
|
|
Boolean addSourceNat = null;
|
|
// Ensure that in multiple vlans case we first send all ip addresses of
|
|
// vlan1, then all ip addresses of vlan2, etc..
|
|
final Map<String, ArrayList<PublicIpAddress>> vlanIpMap = new HashMap<String, ArrayList<PublicIpAddress>>();
|
|
for (final PublicIpAddress ipAddress : ips) {
|
|
final String vlanTag = ipAddress.getVlanTag();
|
|
ArrayList<PublicIpAddress> ipList = vlanIpMap.get(vlanTag);
|
|
if (ipList == null) {
|
|
ipList = new ArrayList<PublicIpAddress>();
|
|
}
|
|
// VR doesn't support release for sourceNat IP address; so reset the
|
|
// state
|
|
if (ipAddress.isSourceNat() && ipAddress.getState() == IpAddress.State.Releasing) {
|
|
ipAddress.setState(IpAddress.State.Allocated);
|
|
}
|
|
ipList.add(ipAddress);
|
|
vlanIpMap.put(vlanTag, ipList);
|
|
}
|
|
|
|
for (final Map.Entry<String, ArrayList<PublicIpAddress>> vlanAndIp : vlanIpMap.entrySet()) {
|
|
final List<PublicIpAddress> ipAddrList = vlanAndIp.getValue();
|
|
|
|
// Get network rate - required for IpAssoc
|
|
final Integer networkRate = _networkModel.getNetworkRate(ipAddrList.get(0).getNetworkId(), router.getId());
|
|
final Network network = _networkModel.getNetwork(ipAddrList.get(0).getNetworkId());
|
|
|
|
final IpAddressTO[] ipsToSend = new IpAddressTO[ipAddrList.size()];
|
|
int i = 0;
|
|
|
|
for (final PublicIpAddress ipAddr : ipAddrList) {
|
|
final boolean add = ipAddr.getState() == IpAddress.State.Releasing ? false : true;
|
|
|
|
final String macAddress = vlanMacAddress.get(BroadcastDomainType.getValue(BroadcastDomainType.fromString(ipAddr.getVlanTag())));
|
|
|
|
final IpAddressTO ip = new IpAddressTO(ipAddr.getAccountId(), ipAddr.getAddress().addr(), add, false, ipAddr.isSourceNat(), BroadcastDomainType.fromString(ipAddr.getVlanTag()).toString(), ipAddr.getGateway(),
|
|
ipAddr.getNetmask(), macAddress, networkRate, ipAddr.isOneToOneNat());
|
|
|
|
ip.setTrafficType(network.getTrafficType());
|
|
ip.setNetworkName(_networkModel.getNetworkTag(router.getHypervisorType(), network));
|
|
ipsToSend[i++] = ip;
|
|
if (ipAddr.isSourceNat()) {
|
|
sourceNatIpAdd = new Pair<IpAddressTO, Long>(ip, ipAddr.getNetworkId());
|
|
addSourceNat = add;
|
|
}
|
|
}
|
|
final IpAssocVpcCommand cmd = new IpAssocVpcCommand(ipsToSend);
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, _routerControlHelper.getRouterIpInNetwork(ipAddrList.get(0).getNetworkId(), router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
|
|
cmds.addCommand(ipAssocCommand, cmd);
|
|
}
|
|
|
|
// set source nat ip
|
|
if (sourceNatIpAdd != null) {
|
|
final IpAddressTO sourceNatIp = sourceNatIpAdd.first();
|
|
final SetSourceNatCommand cmd = new SetSourceNatCommand(sourceNatIp, addSourceNat);
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
cmds.addCommand("SetSourceNatCommand", cmd);
|
|
}
|
|
}
|
|
|
|
public void createRedundantAssociateIPCommands(final VirtualRouter router, final List<? extends PublicIpAddress> ips, final Commands cmds, final String ipAssocCommand, final long vmId) {
|
|
|
|
// Ensure that in multiple vlans case we first send all ip addresses of
|
|
// vlan1, then all ip addresses of vlan2, etc..
|
|
final Map<String, ArrayList<PublicIpAddress>> vlanIpMap = new HashMap<String, ArrayList<PublicIpAddress>>();
|
|
for (final PublicIpAddress ipAddress : ips) {
|
|
final String vlanTag = ipAddress.getVlanTag();
|
|
ArrayList<PublicIpAddress> ipList = vlanIpMap.get(vlanTag);
|
|
if (ipList == null) {
|
|
ipList = new ArrayList<PublicIpAddress>();
|
|
}
|
|
// domR doesn't support release for sourceNat IP address; so reset
|
|
// the state
|
|
if (ipAddress.isSourceNat() && ipAddress.getState() == IpAddress.State.Releasing) {
|
|
ipAddress.setState(IpAddress.State.Allocated);
|
|
}
|
|
ipList.add(ipAddress);
|
|
vlanIpMap.put(vlanTag, ipList);
|
|
}
|
|
|
|
final List<NicVO> nics = _nicDao.listByVmId(router.getId());
|
|
String baseMac = null;
|
|
for (final NicVO nic : nics) {
|
|
final NetworkVO nw = _networkDao.findById(nic.getNetworkId());
|
|
if (nw.getTrafficType() == TrafficType.Public) {
|
|
baseMac = nic.getMacAddress();
|
|
break;
|
|
}
|
|
}
|
|
|
|
for (final Map.Entry<String, ArrayList<PublicIpAddress>> vlanAndIp : vlanIpMap.entrySet()) {
|
|
final List<PublicIpAddress> ipAddrList = vlanAndIp.getValue();
|
|
// Source nat ip address should always be sent first
|
|
Collections.sort(ipAddrList, new Comparator<PublicIpAddress>() {
|
|
@Override
|
|
public int compare(final PublicIpAddress o1, final PublicIpAddress o2) {
|
|
final boolean s1 = o1.isSourceNat();
|
|
final boolean s2 = o2.isSourceNat();
|
|
return s1 ^ s2 ? s1 ^ true ? 1 : -1 : 0;
|
|
}
|
|
});
|
|
|
|
// Get network rate - required for IpAssoc
|
|
final Integer networkRate = _networkModel.getNetworkRate(ipAddrList.get(0).getNetworkId(), router.getId());
|
|
final Network network = _networkModel.getNetwork(ipAddrList.get(0).getNetworkId());
|
|
|
|
final IpAddressTO[] ipsToSend = new IpAddressTO[ipAddrList.size()];
|
|
int i = 0;
|
|
boolean firstIP = true;
|
|
|
|
for (final PublicIpAddress ipAddr : ipAddrList) {
|
|
|
|
final boolean add = ipAddr.getState() == IpAddress.State.Releasing ? false : true;
|
|
boolean sourceNat = ipAddr.isSourceNat();
|
|
/* enable sourceNAT for the first ip of the public interface */
|
|
if (firstIP) {
|
|
sourceNat = true;
|
|
}
|
|
final String vlanId = ipAddr.getVlanTag();
|
|
final String vlanGateway = ipAddr.getGateway();
|
|
final String vlanNetmask = ipAddr.getNetmask();
|
|
String vifMacAddress = null;
|
|
// For non-source nat IP, set the mac to be something based on
|
|
// first public nic's MAC
|
|
// We cannot depend on first ip because we need to deal with
|
|
// first ip of other nics
|
|
if (router.getVpcId() != null) {
|
|
//vifMacAddress = NetUtils.generateMacOnIncrease(baseMac, ipAddr.getVlanId());
|
|
vifMacAddress = ipAddr.getMacAddress();
|
|
} else {
|
|
if (!sourceNat && ipAddr.getVlanId() != 0) {
|
|
vifMacAddress = NetUtils.generateMacOnIncrease(baseMac, ipAddr.getVlanId());
|
|
} else {
|
|
vifMacAddress = ipAddr.getMacAddress();
|
|
}
|
|
}
|
|
|
|
final IpAddressTO ip = new IpAddressTO(ipAddr.getAccountId(), ipAddr.getAddress().addr(), add, firstIP, sourceNat, vlanId, vlanGateway, vlanNetmask,
|
|
vifMacAddress, networkRate, ipAddr.isOneToOneNat());
|
|
|
|
ip.setTrafficType(network.getTrafficType());
|
|
ip.setNetworkName(_networkModel.getNetworkTag(router.getHypervisorType(), network));
|
|
ipsToSend[i++] = ip;
|
|
/*
|
|
* send the firstIP = true for the first Add, this is to create
|
|
* primary on interface
|
|
*/
|
|
if (!firstIP || add) {
|
|
firstIP = false;
|
|
}
|
|
}
|
|
|
|
Long associatedWithNetworkId = ipAddrList.get(0).getAssociatedWithNetworkId();
|
|
if (associatedWithNetworkId == null || associatedWithNetworkId == 0) {
|
|
associatedWithNetworkId = ipAddrList.get(0).getNetworkId();
|
|
}
|
|
|
|
final IpAssocCommand cmd = new IpAssocCommand(ipsToSend);
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, _routerControlHelper.getRouterIpInNetwork(associatedWithNetworkId, router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
|
|
cmds.addCommand(ipAssocCommand, cmd);
|
|
}
|
|
}
|
|
|
|
public void createStaticRouteCommands(final List<StaticRouteProfile> staticRoutes, final DomainRouterVO router, final Commands cmds) {
|
|
final SetStaticRouteCommand cmd = new SetStaticRouteCommand(staticRoutes);
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
cmds.addCommand(cmd);
|
|
}
|
|
|
|
public void createSite2SiteVpnCfgCommands(final Site2SiteVpnConnection conn, final boolean isCreate, final VirtualRouter router, final Commands cmds) {
|
|
final Site2SiteCustomerGatewayVO gw = _s2sCustomerGatewayDao.findById(conn.getCustomerGatewayId());
|
|
final Site2SiteVpnGatewayVO vpnGw = _s2sVpnGatewayDao.findById(conn.getVpnGatewayId());
|
|
final IpAddress ip = _ipAddressDao.findById(vpnGw.getAddrId());
|
|
final Vpc vpc = _vpcDao.findById(ip.getVpcId());
|
|
final String localPublicIp = ip.getAddress().toString();
|
|
final String localGuestCidr = vpc.getCidr();
|
|
final String localPublicGateway = _vlanDao.findById(ip.getVlanId()).getVlanGateway();
|
|
final String peerGatewayIp = gw.getGatewayIp();
|
|
final String peerGuestCidrList = gw.getGuestCidrList();
|
|
final String ipsecPsk = gw.getIpsecPsk();
|
|
final String ikePolicy = gw.getIkePolicy();
|
|
final String espPolicy = gw.getEspPolicy();
|
|
final Long ikeLifetime = gw.getIkeLifetime();
|
|
final Long espLifetime = gw.getEspLifetime();
|
|
final Boolean dpd = gw.getDpd();
|
|
|
|
final Site2SiteVpnCfgCommand cmd = new Site2SiteVpnCfgCommand(isCreate, localPublicIp, localPublicGateway, localGuestCidr, peerGatewayIp, peerGuestCidrList, ikePolicy,
|
|
espPolicy, ipsecPsk, ikeLifetime, espLifetime, dpd, conn.isPassive());
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
cmds.addCommand("applyS2SVpn", cmd);
|
|
}
|
|
|
|
public void createVpcAssociatePrivateIPCommands(final VirtualRouter router, final List<PrivateIpAddress> ips, final Commands cmds, final boolean add) {
|
|
|
|
// Ensure that in multiple vlans case we first send all ip addresses of
|
|
// vlan1, then all ip addresses of vlan2, etc..
|
|
final Map<String, ArrayList<PrivateIpAddress>> vlanIpMap = new HashMap<String, ArrayList<PrivateIpAddress>>();
|
|
for (final PrivateIpAddress ipAddress : ips) {
|
|
final String vlanTag = ipAddress.getBroadcastUri();
|
|
ArrayList<PrivateIpAddress> ipList = vlanIpMap.get(vlanTag);
|
|
if (ipList == null) {
|
|
ipList = new ArrayList<PrivateIpAddress>();
|
|
}
|
|
|
|
ipList.add(ipAddress);
|
|
vlanIpMap.put(vlanTag, ipList);
|
|
}
|
|
|
|
for (final Map.Entry<String, ArrayList<PrivateIpAddress>> vlanAndIp : vlanIpMap.entrySet()) {
|
|
final List<PrivateIpAddress> ipAddrList = vlanAndIp.getValue();
|
|
final IpAddressTO[] ipsToSend = new IpAddressTO[ipAddrList.size()];
|
|
int i = 0;
|
|
|
|
for (final PrivateIpAddress ipAddr : ipAddrList) {
|
|
final Network network = _networkModel.getNetwork(ipAddr.getNetworkId());
|
|
final IpAddressTO ip = new IpAddressTO(Account.ACCOUNT_ID_SYSTEM, ipAddr.getIpAddress(), add, false, ipAddr.getSourceNat(), ipAddr.getBroadcastUri(),
|
|
ipAddr.getGateway(), ipAddr.getNetmask(), ipAddr.getMacAddress(), null, false);
|
|
|
|
ip.setTrafficType(network.getTrafficType());
|
|
ip.setNetworkName(_networkModel.getNetworkTag(router.getHypervisorType(), network));
|
|
ipsToSend[i++] = ip;
|
|
|
|
}
|
|
final IpAssocVpcCommand cmd = new IpAssocVpcCommand(ipsToSend);
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, _routerControlHelper.getRouterIpInNetwork(ipAddrList.get(0).getNetworkId(), router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
|
|
cmds.addCommand("IPAssocVpcCommand", cmd);
|
|
}
|
|
}
|
|
|
|
public SetupGuestNetworkCommand createSetupGuestNetworkCommand(final DomainRouterVO router, final boolean add, final NicProfile guestNic) {
|
|
final Network network = _networkModel.getNetwork(guestNic.getNetworkId());
|
|
|
|
String defaultDns1 = null;
|
|
String defaultDns2 = null;
|
|
|
|
final boolean dnsProvided = _networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.Dns, Provider.VPCVirtualRouter);
|
|
final boolean dhcpProvided = _networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.Dhcp, Provider.VPCVirtualRouter);
|
|
|
|
final boolean setupDns = dnsProvided || dhcpProvided;
|
|
|
|
if (setupDns) {
|
|
defaultDns1 = guestNic.getDns1();
|
|
defaultDns2 = guestNic.getDns2();
|
|
}
|
|
|
|
final Nic nic = _nicDao.findByNtwkIdAndInstanceId(network.getId(), router.getId());
|
|
final String networkDomain = network.getNetworkDomain();
|
|
final String dhcpRange = getGuestDhcpRange(guestNic, network, _entityMgr.findById(DataCenter.class, network.getDataCenterId()));
|
|
|
|
final NicProfile nicProfile = _networkModel.getNicProfile(router, nic.getNetworkId(), null);
|
|
final int priority = _networkHelper.getRealPriority(router);
|
|
|
|
final SetupGuestNetworkCommand setupCmd = new SetupGuestNetworkCommand(dhcpRange, networkDomain, router.getIsRedundantRouter(), priority, defaultDns1, defaultDns2, add, _itMgr.toNicTO(nicProfile,
|
|
router.getHypervisorType()));
|
|
|
|
final String brd = NetUtils.long2Ip(NetUtils.ip2Long(guestNic.getIp4Address()) | ~NetUtils.ip2Long(guestNic.getNetmask()));
|
|
setupCmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
setupCmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, _routerControlHelper.getRouterIpInNetwork(network.getId(), router.getId()));
|
|
|
|
setupCmd.setAccessDetail(NetworkElementCommand.GUEST_NETWORK_GATEWAY, network.getGateway());
|
|
setupCmd.setAccessDetail(NetworkElementCommand.GUEST_BRIDGE, brd);
|
|
setupCmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
|
|
if (network.getBroadcastDomainType() == BroadcastDomainType.Vlan) {
|
|
final long guestVlanTag = Long.parseLong(BroadcastDomainType.Vlan.getValueFrom(network.getBroadcastUri()));
|
|
setupCmd.setAccessDetail(NetworkElementCommand.GUEST_VLAN_TAG, String.valueOf(guestVlanTag));
|
|
}
|
|
|
|
return setupCmd;
|
|
}
|
|
|
|
private VmDataCommand generateVmDataCommand(final VirtualRouter router, final String vmPrivateIpAddress, final String userData, final String serviceOffering,
|
|
final String zoneName, final String guestIpAddress, final String vmName, final String vmInstanceName, final long vmId, final String vmUuid, final String publicKey,
|
|
final long guestNetworkId) {
|
|
final VmDataCommand cmd = new VmDataCommand(vmPrivateIpAddress, vmName, _networkModel.getExecuteInSeqNtwkElmtCmd());
|
|
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_IP, _routerControlHelper.getRouterControlIp(router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_GUEST_IP, _routerControlHelper.getRouterIpInNetwork(guestNetworkId, router.getId()));
|
|
cmd.setAccessDetail(NetworkElementCommand.ROUTER_NAME, router.getInstanceName());
|
|
|
|
final DataCenterVO dcVo = _dcDao.findById(router.getDataCenterId());
|
|
cmd.setAccessDetail(NetworkElementCommand.ZONE_NETWORK_TYPE, dcVo.getNetworkType().toString());
|
|
|
|
cmd.addVmData("userdata", "user-data", userData);
|
|
cmd.addVmData("metadata", "service-offering", StringUtils.unicodeEscape(serviceOffering));
|
|
cmd.addVmData("metadata", "availability-zone", StringUtils.unicodeEscape(zoneName));
|
|
cmd.addVmData("metadata", "local-ipv4", guestIpAddress);
|
|
cmd.addVmData("metadata", "local-hostname", StringUtils.unicodeEscape(vmName));
|
|
if (dcVo.getNetworkType() == NetworkType.Basic) {
|
|
cmd.addVmData("metadata", "public-ipv4", guestIpAddress);
|
|
cmd.addVmData("metadata", "public-hostname", StringUtils.unicodeEscape(vmName));
|
|
} else {
|
|
if (router.getPublicIpAddress() == null) {
|
|
cmd.addVmData("metadata", "public-ipv4", guestIpAddress);
|
|
} else {
|
|
cmd.addVmData("metadata", "public-ipv4", router.getPublicIpAddress());
|
|
}
|
|
cmd.addVmData("metadata", "public-hostname", router.getPublicIpAddress());
|
|
}
|
|
if (vmUuid == null) {
|
|
cmd.addVmData("metadata", "instance-id", vmInstanceName);
|
|
cmd.addVmData("metadata", "vm-id", String.valueOf(vmId));
|
|
} else {
|
|
cmd.addVmData("metadata", "instance-id", vmUuid);
|
|
cmd.addVmData("metadata", "vm-id", vmUuid);
|
|
}
|
|
cmd.addVmData("metadata", "public-keys", publicKey);
|
|
|
|
String cloudIdentifier = _configDao.getValue("cloud.identifier");
|
|
if (cloudIdentifier == null) {
|
|
cloudIdentifier = "";
|
|
} else {
|
|
cloudIdentifier = "CloudStack-{" + cloudIdentifier + "}";
|
|
}
|
|
cmd.addVmData("metadata", "cloud-identifier", cloudIdentifier);
|
|
|
|
return cmd;
|
|
}
|
|
|
|
private NicVO findGatewayIp(final long userVmId) {
|
|
final NicVO defaultNic = _nicDao.findDefaultNicForVM(userVmId);
|
|
return defaultNic;
|
|
}
|
|
|
|
private NicVO findDefaultDnsIp(final long userVmId) {
|
|
final NicVO defaultNic = _nicDao.findDefaultNicForVM(userVmId);
|
|
|
|
// check if DNS provider is the domR
|
|
if (!_networkModel.isProviderSupportServiceInNetwork(defaultNic.getNetworkId(), Service.Dns, Provider.VirtualRouter)) {
|
|
return null;
|
|
}
|
|
|
|
final NetworkOffering offering = _networkOfferingDao.findById(_networkDao.findById(defaultNic.getNetworkId()).getNetworkOfferingId());
|
|
if (offering.getRedundantRouter()) {
|
|
return findGatewayIp(userVmId);
|
|
}
|
|
|
|
final DataCenter dc = _dcDao.findById(_networkModel.getNetwork(defaultNic.getNetworkId()).getDataCenterId());
|
|
final boolean isZoneBasic = dc.getNetworkType() == NetworkType.Basic;
|
|
|
|
// find domR's nic in the network
|
|
NicVO domrDefaultNic;
|
|
if (isZoneBasic) {
|
|
domrDefaultNic = _nicDao.findByNetworkIdTypeAndGateway(defaultNic.getNetworkId(), VirtualMachine.Type.DomainRouter, defaultNic.getGateway());
|
|
} else {
|
|
domrDefaultNic = _nicDao.findByNetworkIdAndType(defaultNic.getNetworkId(), VirtualMachine.Type.DomainRouter);
|
|
}
|
|
return domrDefaultNic;
|
|
}
|
|
|
|
protected String getGuestDhcpRange(final NicProfile guestNic, final Network guestNetwork, final DataCenter dc) {
|
|
String dhcpRange = null;
|
|
// setup dhcp range
|
|
if (dc.getNetworkType() == NetworkType.Basic) {
|
|
final long cidrSize = NetUtils.getCidrSize(guestNic.getNetmask());
|
|
final String cidr = NetUtils.getCidrSubNet(guestNic.getGateway(), cidrSize);
|
|
if (cidr != null) {
|
|
dhcpRange = NetUtils.getIpRangeStartIpFromCidr(cidr, cidrSize);
|
|
}
|
|
} else if (dc.getNetworkType() == NetworkType.Advanced) {
|
|
final String cidr = guestNetwork.getCidr();
|
|
if (cidr != null) {
|
|
dhcpRange = NetUtils.getDhcpRange(cidr);
|
|
}
|
|
}
|
|
return dhcpRange;
|
|
}
|
|
}
|