diff --git a/core/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java b/core/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java index a4b64d57897..3d699a2fd61 100755 --- a/core/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java +++ b/core/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java @@ -191,6 +191,8 @@ import com.vmware.vim25.DatastoreSummary; import com.vmware.vim25.DynamicProperty; import com.vmware.vim25.HostFirewallInfo; import com.vmware.vim25.HostFirewallRuleset; +import com.vmware.vim25.HostNetworkPolicy; +import com.vmware.vim25.HostNetworkSecurityPolicy; import com.vmware.vim25.HostNetworkTrafficShapingPolicy; import com.vmware.vim25.HostPortGroupSpec; import com.vmware.vim25.ManagedObjectReference; diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/mo/HostMO.java b/vmware-base/src/com/cloud/hypervisor/vmware/mo/HostMO.java index cdfdaa36abb..84ed0db341e 100755 --- a/vmware-base/src/com/cloud/hypervisor/vmware/mo/HostMO.java +++ b/vmware-base/src/com/cloud/hypervisor/vmware/mo/HostMO.java @@ -29,6 +29,7 @@ import com.vmware.vim25.HostIpRouteEntry; import com.vmware.vim25.HostListSummaryQuickStats; import com.vmware.vim25.HostNetworkInfo; import com.vmware.vim25.HostNetworkPolicy; +import com.vmware.vim25.HostNetworkSecurityPolicy; import com.vmware.vim25.HostNetworkTrafficShapingPolicy; import com.vmware.vim25.HostPortGroup; import com.vmware.vim25.HostPortGroupSpec; @@ -353,8 +354,8 @@ public class HostMO extends BaseMO implements VmwareHypervisorHost { return false; } - public void createPortGroup(HostVirtualSwitch vSwitch, String portGroupName, Integer vlanId, HostNetworkTrafficShapingPolicy shapingPolicy) throws Exception { - assert(portGroupName != null); + public void createPortGroup(HostVirtualSwitch vSwitch, String portGroupName, Integer vlanId, HostNetworkSecurityPolicy secPolicy, HostNetworkTrafficShapingPolicy shapingPolicy) throws Exception { + assert(portGroupName != null); HostNetworkSystemMO hostNetMo = getHostNetworkSystemMO(); assert(hostNetMo != null); @@ -363,14 +364,16 @@ public class HostMO extends BaseMO implements VmwareHypervisorHost { spec.setName(portGroupName); if(vlanId != null) spec.setVlanId(vlanId.intValue()); - HostNetworkPolicy policy = new HostNetworkPolicy(); - policy.setShapingPolicy(shapingPolicy); - spec.setPolicy(policy); + HostNetworkPolicy policy = new HostNetworkPolicy(); + if (secPolicy != null) + policy.setSecurity(secPolicy); + policy.setShapingPolicy(shapingPolicy); + spec.setPolicy(policy); spec.setVswitchName(vSwitch.getName()); hostNetMo.addPortGroup(spec); } - public void updatePortGroup(HostVirtualSwitch vSwitch, String portGroupName, Integer vlanId, HostNetworkTrafficShapingPolicy shapingPolicy) throws Exception { + public void updatePortGroup(HostVirtualSwitch vSwitch, String portGroupName, Integer vlanId, HostNetworkSecurityPolicy secPolicy, HostNetworkTrafficShapingPolicy shapingPolicy) throws Exception { assert(portGroupName != null); HostNetworkSystemMO hostNetMo = getHostNetworkSystemMO(); assert(hostNetMo != null); @@ -380,9 +383,11 @@ public class HostMO extends BaseMO implements VmwareHypervisorHost { spec.setName(portGroupName); if(vlanId != null) spec.setVlanId(vlanId.intValue()); - HostNetworkPolicy policy = new HostNetworkPolicy(); - policy.setShapingPolicy(shapingPolicy); - spec.setPolicy(policy); + HostNetworkPolicy policy = new HostNetworkPolicy(); + if (secPolicy != null) + policy.setSecurity(secPolicy); + policy.setShapingPolicy(shapingPolicy); + spec.setPolicy(policy); spec.setVswitchName(vSwitch.getName()); hostNetMo.updatePortGroup(portGroupName, spec); } @@ -547,7 +552,7 @@ public class HostMO extends BaseMO implements VmwareHypervisorHost { if(s_logger.isTraceEnabled()) s_logger.trace("vCenter API trace - retrieveProperties() for VM properties. target MOR: " + _mor.get_value() + ", properties: " + new Gson().toJson(propertyPaths)); - PropertySpec pSpec = new PropertySpec(); + PropertySpec pSpec = new PropertySpec(); pSpec.setType("VirtualMachine"); pSpec.setPathSet(propertyPaths); diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/mo/HypervisorHostHelper.java b/vmware-base/src/com/cloud/hypervisor/vmware/mo/HypervisorHostHelper.java index 25bc3743f46..68cfc62ba8a 100755 --- a/vmware-base/src/com/cloud/hypervisor/vmware/mo/HypervisorHostHelper.java +++ b/vmware-base/src/com/cloud/hypervisor/vmware/mo/HypervisorHostHelper.java @@ -17,6 +17,8 @@ import com.cloud.utils.Pair; import com.cloud.utils.db.GlobalLock; import com.cloud.utils.net.NetUtils; import com.vmware.vim25.DynamicProperty; +import com.vmware.vim25.HostNetworkPolicy; +import com.vmware.vim25.HostNetworkSecurityPolicy; import com.vmware.vim25.HostNetworkTrafficShapingPolicy; import com.vmware.vim25.HostPortGroupSpec; import com.vmware.vim25.HostVirtualSwitch; @@ -117,15 +119,18 @@ public class HypervisorHostHelper { // allow 5 seconds of burst transfer shapingPolicy.setBurstSize(5*shapingPolicy.getAverageBandwidth()/8); } - +// HostNetworkSecurityPolicy secPolicy = new HostNetworkSecurityPolicy(); +// secPolicy.setAllowPromiscuous(Boolean.FALSE); +// secPolicy.setForgedTransmits(Boolean.TRUE); +// secPolicy.setMacChanges(Boolean.TRUE); boolean bWaitPortGroupReady = false; if (!hostMo.hasPortGroup(vSwitch, networkName)) { - hostMo.createPortGroup(vSwitch, networkName, vid, shapingPolicy); + hostMo.createPortGroup(vSwitch, networkName, vid, null, shapingPolicy); bWaitPortGroupReady = true; } else { HostPortGroupSpec spec = hostMo.getPortGroupSpec(networkName); if(!isSpecMatch(spec, vid, shapingPolicy)) { - hostMo.updatePortGroup(vSwitch, networkName, vid, shapingPolicy); + hostMo.updatePortGroup(vSwitch, networkName, vid, null, shapingPolicy); bWaitPortGroupReady = true; } } @@ -198,11 +203,15 @@ public class HypervisorHostHelper { String networkName; networkName = composeCloudNetworkName("cloud.private", vlanId == null ? null : String.valueOf(vlanId), null, vSwitchName); - - if (!hostMo.hasPortGroup(vSwitch, networkName)) { - hostMo.createPortGroup(vSwitch, networkName, vlanId, null); + HostNetworkSecurityPolicy secPolicy = new HostNetworkSecurityPolicy(); + secPolicy.setAllowPromiscuous(Boolean.TRUE); + secPolicy.setForgedTransmits(Boolean.TRUE); + secPolicy.setMacChanges(Boolean.TRUE); + if (!hostMo.hasPortGroup(vSwitch, networkName)) { + hostMo.createPortGroup(vSwitch, networkName, vlanId, secPolicy, null); + } else { + hostMo.updatePortGroup(vSwitch, networkName, vlanId, secPolicy, null); } - ManagedObjectReference morNetwork = waitForNetworkReady(hostMo, networkName, timeOutMs); if (morNetwork == null) { String msg = "Failed to create private network"; @@ -271,15 +280,15 @@ public class HypervisorHostHelper { // allow 5 seconds of burst transfer shapingPolicy.setBurstSize(5*shapingPolicy.getAverageBandwidth()/8); } - + boolean bWaitPortGroupReady = false; if (!hostMo.hasPortGroup(vSwitch, networkName)) { - hostMo.createPortGroup(vSwitch, networkName, vid, shapingPolicy); + hostMo.createPortGroup(vSwitch, networkName, vid, null, shapingPolicy); bWaitPortGroupReady = true; } else { HostPortGroupSpec spec = hostMo.getPortGroupSpec(networkName); if(!isSpecMatch(spec, vid, shapingPolicy)) { - hostMo.updatePortGroup(vSwitch, networkName, vid, shapingPolicy); + hostMo.updatePortGroup(vSwitch, networkName, vid, null, shapingPolicy); bWaitPortGroupReady = true; } }