Port forwarding rules support for domainRouterElement. When new pf rule is created for a public ip address, we resend all existing rules for this address to the domR.

2010-12-20 10:01:19 -08:00 · 2010-12-20 10:01:19 -08:00 · 116ddb3cae
parent 3cd989cbef
commit 116ddb3cae
2 changed files with 50 additions and 32 deletions
--- a/server/src/com/cloud/network/element/DomainRouterElement.java
+++ b/server/src/com/cloud/network/element/DomainRouterElement.java
@ -53,6 +53,7 @@ import com.cloud.utils.component.Inject;
 import com.cloud.vm.DomainRouterVO;
 import com.cloud.vm.NicProfile;
 import com.cloud.vm.ReservationContext;
+import com.cloud.vm.State;
 import com.cloud.vm.UserVmManager;
 import com.cloud.vm.VirtualMachine;
 import com.cloud.vm.VirtualMachineProfile;
@ -127,25 +128,42 @@ public class DomainRouterElement extends AdapterBase implements NetworkElement {

    @Override
    public boolean applyRules(Network config, List<? extends FirewallRule> rules) throws ResourceUnavailableException {
+    
        DataCenter dc = _dataCenterDao.findById(config.getDataCenterId());
        if (canHandle(config.getGuestType(),dc)) {
-            if (rules != null && !rules.isEmpty()) {
-                if (rules.get(0).getPurpose() == Purpose.LoadBalancing) {
-                    //for load balancer we have to resend all lb rules for the network
-                    List<LoadBalancerVO> lbs = _lbDao.listByNetworkId(config.getId());
-                    List<LoadBalancingRule> lbRules = new ArrayList<LoadBalancingRule>();
-                    for (LoadBalancerVO lb : lbs) {
-                        List<LbDestination> dstList = _lbMgr.getExistingDestinations(lb.getId());
-                        LoadBalancingRule loadBalancing = new LoadBalancingRule(lb, dstList);
-                        lbRules.add(loadBalancing);
+            
+            long networkId = config.getId();
+            DomainRouterVO router = _routerDao.findByNetworkConfiguration(networkId);
+            if (router == null) {
+                s_logger.warn("Unable to apply firewall rules, virtual router doesn't exist in the network " + config.getId());
+                throw new ResourceUnavailableException("Unable to apply firewall rules");
+            }
+            
+            if (router.getState() == State.Running || router.getState() == State.Starting) {
+                if (rules != null && !rules.isEmpty()) {
+                    if (rules.get(0).getPurpose() == Purpose.LoadBalancing) {
+                        //for load balancer we have to resend all lb rules for the network
+                        List<LoadBalancerVO> lbs = _lbDao.listByNetworkId(config.getId());
+                        List<LoadBalancingRule> lbRules = new ArrayList<LoadBalancingRule>();
+                        for (LoadBalancerVO lb : lbs) {
+                            List<LbDestination> dstList = _lbMgr.getExistingDestinations(lb.getId());
+                            LoadBalancingRule loadBalancing = new LoadBalancingRule(lb, dstList);
+                            lbRules.add(loadBalancing);
+                        }
+                        
+                        return _routerMgr.applyLBRules(config, lbRules);
+                    } else if (rules.get(0).getPurpose() == Purpose.PortForwarding) {
+                        return _routerMgr.applyPortForwardingRules(config, rules);
                    }
-                    
-                    return _routerMgr.applyLBRules(config, lbRules);
-                } else if (rules.get(0).getPurpose() == Purpose.PortForwarding) {
-                    return _routerMgr.applyPortForwardingRules(config, rules);
+                } else {
+                    return true;
                }
-            } else {
+            } else if (router.getState() == State.Stopped || router.getState() == State.Stopping){
+                s_logger.debug("Router is in " + router.getState() + ", so not sending apply firewall rules commands to the backend");
                return true;
+            } else {
+                s_logger.warn("Unable to apply firewall rules, virtual router is not in the right state " + router.getState());
+                throw new ResourceUnavailableException("Unable to apply firewall rules, domR is not in right state " + router.getState());
            }
        } 
        return false;
--- a/server/src/com/cloud/network/router/DomainRouterManagerImpl.java
+++ b/server/src/com/cloud/network/router/DomainRouterManagerImpl.java
@ -53,10 +53,12 @@ import com.cloud.agent.api.routing.IPAssocCommand;
 import com.cloud.agent.api.routing.LoadBalancerConfigCommand;
 import com.cloud.agent.api.routing.RemoteAccessVpnCfgCommand;
 import com.cloud.agent.api.routing.SavePasswordCommand;
+import com.cloud.agent.api.routing.SetPortForwardingRulesCommand;
 import com.cloud.agent.api.routing.VmDataCommand;
 import com.cloud.agent.api.routing.VpnUsersCfgCommand;
 import com.cloud.agent.api.to.IpAddressTO;
 import com.cloud.agent.api.to.LoadBalancerTO;
+import com.cloud.agent.api.to.PortForwardingRuleTO;
 import com.cloud.agent.manager.Commands;
 import com.cloud.alert.AlertManager;
 import com.cloud.api.commands.RebootRouterCmd;
@ -131,6 +133,7 @@ import com.cloud.network.lb.LoadBalancingRule;
 import com.cloud.network.lb.LoadBalancingRule.LbDestination;
 import com.cloud.network.router.VirtualRouter.Role;
 import com.cloud.network.rules.FirewallRule;
+import com.cloud.network.rules.PortForwardingRule;
 import com.cloud.network.rules.RulesManager;
 import com.cloud.offering.NetworkOffering;
 import com.cloud.offerings.NetworkOfferingVO;
@ -2087,14 +2090,8 @@ public class DomainRouterManagerImpl implements DomainRouterManager, DomainRoute
    
    @Override
    public boolean applyLBRules(Network network, List<? extends FirewallRule> rules) {
-        DomainRouterVO router = _routerDao.findByNetworkConfiguration(network.getId());
-        if (router == null) {
-            s_logger.warn("Unable to apply lb rules, virtual router doesn't exist in the network " + network.getId());
-            throw new ResourceUnavailableException("Unable to apply lb rules");
-        }
-
-        if (router.getState() == State.Running || router.getState() == State.Starting) {
-
+        
+            DomainRouterVO router = _routerDao.findByNetworkConfiguration(network.getId());
            Commands cmds = new Commands(OnError.Continue);
            LoadBalancerTO[] lbs = new LoadBalancerTO[rules.size()];
            int i = 0;
@ -2115,20 +2112,23 @@ public class DomainRouterManagerImpl implements DomainRouterManager, DomainRoute
            
            //Send commands to router
            return sendCommandsToRouter(router, cmds);   
-            
-        } else if (router.getState() == State.Stopped || router.getState() == State.Stopping){
-            s_logger.debug("Router is in " + router.getState() + ", so not sending apply LB rules commands to the backend");
-            return true;
-        } else {
-            s_logger.warn("Unable to apply load balancer rules, virtual router is not in the right state " + router.getState());
-            throw new ResourceUnavailableException("Unable to apply load balancer rules, domR is not in right state " + router.getState());
-        }
+
    }
    
    @Override
    public boolean applyPortForwardingRules(Network network, List<? extends FirewallRule> rules) {
-        //TODO - apply port forwarding rules here
-        return true;
+        DomainRouterVO router = _routerDao.findByNetworkConfiguration(network.getId());
+        Commands cmds = new Commands(OnError.Continue);
+        List<PortForwardingRule> pfs = new ArrayList<PortForwardingRule>();
+        for (FirewallRule fwRule: rules) {
+            PortForwardingRule pf = (PortForwardingRule)fwRule;
+            pfs.add(pf);
+        }
+        SetPortForwardingRulesCommand cmd = new SetPortForwardingRulesCommand(pfs);
+        cmds.addCommand(cmd);
+        
+        //Send commands to router
+        return sendCommandsToRouter(router, cmds); 
    }

    @Override