diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-acl-policy-set.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-acl-policy-set.xml
new file mode 100755
index 00000000000..ae40a8832a3
--- /dev/null
+++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-acl-policy-set.xml
@@ -0,0 +1,19 @@
+
+
+
+
+
+
+
diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-policy-set.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-policy-set.xml
new file mode 100755
index 00000000000..4038b9151cd
--- /dev/null
+++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-policy-set.xml
@@ -0,0 +1,28 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-policy.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-policy.xml
new file mode 100755
index 00000000000..61970119f0b
--- /dev/null
+++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-policy.xml
@@ -0,0 +1,17 @@
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-ingress-acl-rule.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-ingress-acl-rule.xml
new file mode 100755
index 00000000000..2c3fdabf81f
--- /dev/null
+++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-ingress-acl-rule.xml
@@ -0,0 +1,182 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-acl-policy.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-acl-policy.xml
new file mode 100755
index 00000000000..695d6965d57
--- /dev/null
+++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-acl-policy.xml
@@ -0,0 +1,16 @@
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-acl-rule.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-acl-rule.xml
new file mode 100755
index 00000000000..92354b0bc07
--- /dev/null
+++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-acl-rule.xml
@@ -0,0 +1,17 @@
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnection.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnection.java
index cf4cf9c3ccf..5d59c6552b4 100644
--- a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnection.java
+++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnection.java
@@ -22,55 +22,75 @@ import com.cloud.utils.exception.ExecutionException;
public interface CiscoVnmcConnection {
- public boolean createTenant(String tenantName) throws ExecutionException;
+ public boolean createTenant(String tenantName) throws ExecutionException;
- public boolean createTenantVDC(String tenantName) throws ExecutionException;
+ public boolean createTenantVDC(String tenantName) throws ExecutionException;
- public boolean createTenantVDCEdgeDeviceProfile(String tenantName)
- throws ExecutionException;
+ public boolean createTenantVDCEdgeDeviceProfile(String tenantName)
+ throws ExecutionException;
- public boolean createTenantVDCEdgeStaticRoutePolicy(String tenantName)
- throws ExecutionException;
+ public boolean createTenantVDCEdgeStaticRoutePolicy(String tenantName)
+ throws ExecutionException;
- public boolean createTenantVDCEdgeStaticRoute(String tenantName,
- String nextHopIp, String outsideIntf, String destination,
- String netmask) throws ExecutionException;
+ public boolean createTenantVDCEdgeStaticRoute(String tenantName,
+ String nextHopIp, String outsideIntf, String destination,
+ String netmask) throws ExecutionException;
- public boolean associateTenantVDCEdgeStaticRoutePolicy(String tenantName)
- throws ExecutionException;
+ public boolean associateTenantVDCEdgeStaticRoutePolicy(String tenantName)
+ throws ExecutionException;
- public boolean associateTenantVDCEdgeDhcpPolicy(String tenantName,
- String intfName) throws ExecutionException;
+ public boolean associateTenantVDCEdgeDhcpPolicy(String tenantName,
+ String intfName) throws ExecutionException;
- public boolean createTenantVDCEdgeDhcpPolicy(String tenantName,
- String startIp, String endIp, String subnet, String nameServerIp,
- String domain) throws ExecutionException;
+ public boolean createTenantVDCEdgeDhcpPolicy(String tenantName,
+ String startIp, String endIp, String subnet, String nameServerIp,
+ String domain) throws ExecutionException;
- public boolean associateTenantVDCEdgeDhcpServerPolicy(String tenantName,
- String intfName) throws ExecutionException;
+ public boolean associateTenantVDCEdgeDhcpServerPolicy(String tenantName,
+ String intfName) throws ExecutionException;
- public boolean createTenantVDCEdgeSecurityProfile(String tenantName)
- throws ExecutionException;
+ public boolean createTenantVDCEdgeSecurityProfile(String tenantName)
+ throws ExecutionException;
- public boolean createTenantVDCSourceNATPool(String tenantName,
- String publicIp) throws ExecutionException;
+ public boolean createTenantVDCSourceNATPool(String tenantName,
+ String publicIp) throws ExecutionException;
- public boolean createTenantVDCSourceNATPolicy(String tenantName,
- String startSourceIp, String endSourceIp) throws ExecutionException;
+ public boolean createTenantVDCSourceNATPolicy(String tenantName,
+ String startSourceIp, String endSourceIp) throws ExecutionException;
- public boolean createTenantVDCNatPolicySet(String tenantName)
- throws ExecutionException;
+ public boolean createTenantVDCNatPolicySet(String tenantName)
+ throws ExecutionException;
- public boolean associateNatPolicySet(String tenantName)
- throws ExecutionException;
+ public boolean associateNatPolicySet(String tenantName)
+ throws ExecutionException;
- public boolean createEdgeFirewall(String tenantName, String publicIp,
- String insideIp, String insideSubnet, String outsideSubnet)
- throws ExecutionException;
+ public boolean createIngressAclRule(String tenantName, String identifier,
+ String protocol, String sourceStartIp, String sourceEndIp,
+ String destStartPort, String destEndPort, String destIp)
+ throws ExecutionException;
- public Map listUnAssocAsa1000v() throws ExecutionException;
+ public boolean deleteAclRule(String tenantName, String identifier)
+ throws ExecutionException;
- public boolean assocAsa1000v(String tenantName, String firewallDn)
- throws ExecutionException;
+ public boolean createTenantVDCAclPolicy(String tenantName, boolean ingress)
+ throws ExecutionException;
+
+ public boolean deleteTenantVDCAclPolicy(String tenantName, boolean ingress)
+ throws ExecutionException;
+
+ public boolean createTenantVDCAclPolicySet(String tenantName, boolean ingress)
+ throws ExecutionException;
+
+ public boolean associateAclPolicySet(String tenantName)
+ throws ExecutionException;
+
+ public boolean createEdgeFirewall(String tenantName, String publicIp,
+ String insideIp, String insideSubnet, String outsideSubnet)
+ throws ExecutionException;
+
+ public Map listUnAssocAsa1000v() throws ExecutionException;
+
+ public boolean assocAsa1000v(String tenantName, String firewallDn)
+ throws ExecutionException;
}
\ No newline at end of file
diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnectionImpl.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnectionImpl.java
index d7f17a3823a..b304e05bcbf 100644
--- a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnectionImpl.java
+++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnectionImpl.java
@@ -19,9 +19,7 @@ package com.cloud.network.cisco;
import java.io.BufferedReader;
import java.io.FileReader;
import java.io.StringReader;
-import java.util.ArrayList;
import java.util.HashMap;
-import java.util.List;
import java.util.Map;
import javax.xml.parsers.DocumentBuilderFactory;
@@ -40,11 +38,11 @@ import com.cloud.utils.exception.ExecutionException;
import com.cloud.utils.script.Script;
public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
-
+
private String _ip;
private String _username;
private String _password;
- private String _cookie;
+ private String _cookie;
private final Logger s_logger = Logger.getLogger(CiscoVnmcConnectionImpl.class);
@@ -64,6 +62,12 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
CREATE_SOURCE_NAT_POLICY("create-source-nat-policy.xml", "policy-mgr"),
CREATE_NAT_POLICY_SET("create-nat-policy-set.xml", "policy-mgr"),
RESOLVE_NAT_POLICY_SET("associate-nat-policy-set.xml", "policy-mgr"),
+ CREATE_INGRESS_ACL_RULE("create-ingress-acl-rule.xml", "policy-mgr"),
+ DELETE_ACL_RULE("delete-acl-rule.xml", "policy-mgr"),
+ CREATE_ACL_POLICY("create-acl-policy.xml", "policy-mgr"),
+ DELETE_ACL_POLICY("delete-acl-policy.xml", "policy-mgr"),
+ CREATE_ACL_POLICY_SET("create-acl-policy-set.xml", "policy-mgr"),
+ RESOLVE_ACL_POLICY_SET("associate-acl-policy-set.xml", "policy-mgr"),
CREATE_EDGE_FIREWALL("create-edge-firewall.xml", "resource-mgr"),
LIST_UNASSOC_ASA1000V("list-unassigned-asa1000v.xml", "resource-mgr"),
ASSIGN_ASA1000V("assoc-asa1000v.xml", "resource-mgr");
@@ -98,7 +102,7 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
String line;
while ((line = br.readLine()) != null) {
//xml += line.replaceAll("\n"," ");
- xml += line;
+ xml += line;
}
return xml;
@@ -108,19 +112,19 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
}
}
- public String getService() {
- return service;
- }
- }
+ public String getService() {
+ return service;
+ }
+ }
public CiscoVnmcConnectionImpl(String hostIp, String userName, String password) {
- this._ip = hostIp;
- this._username = userName;
- this._password = password;
-
- }
+ this._ip = hostIp;
+ this._username = userName;
+ this._password = password;
+
+ }
- public boolean login() throws ExecutionException {
+ public boolean login() throws ExecutionException {
String xml = VnmcXml.LOGIN.getXml();
String service = VnmcXml.LOGIN.getService();
xml = replaceXmlValue(xml, "username", _username);
@@ -129,98 +133,97 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
Map checked = checkResponse(response, "outCookie", "errorCode", "response");
if (checked.get("errorCode") != null)
- return false;
+ return false;
_cookie = checked.get("outCookie");
if (_cookie == null) {
- return false;
+ return false;
}
return true;
}
-
+
private String getDnForTenant(String tenantName) {
- return "org-root/org-" + tenantName;
+ return "org-root/org-" + tenantName;
}
-
+
private String getDnForTenantVDC(String tenantName) {
- return getDnForTenant(tenantName) + "/org-VDC-" + tenantName;
+ return getDnForTenant(tenantName) + "/org-VDC-" + tenantName;
}
-
+
private String getDnForTenantVDCEdgeDeviceProfile(String tenantName) {
- return getDnForTenantVDC(tenantName) + "/edsp-" + getNameForEdgeDeviceServiceProfile(tenantName);
+ return getDnForTenantVDC(tenantName) + "/edsp-" + getNameForEdgeDeviceServiceProfile(tenantName);
}
-
+
private String getDnForTenantVDCEdgeSecurityProfile(String tenantName) {
- return getDnForTenantVDC(tenantName) + "/vnep-" + getNameForEdgeDeviceSecurityProfile(tenantName);
+ return getDnForTenantVDC(tenantName) + "/vnep-" + getNameForEdgeDeviceSecurityProfile(tenantName);
}
-
+
private String getDnForEdgeDeviceRoutingPolicy(String tenantName) {
- return getDnForTenantVDC(tenantName) + "/routing-policy-" + getNameForEdgeDeviceRoutePolicy(tenantName);
- //FIXME: any other construct is unreliable. why?
+ return getDnForTenantVDC(tenantName) + "/routing-policy-" + getNameForEdgeDeviceRoutePolicy(tenantName);
+ //FIXME: any other construct is unreliable. why?
}
-
+
private String getDnForEdgeDeviceRoute(String tenantName, int id) {
- return getDnForEdgeDeviceRoutingPolicy(tenantName) + "/sroute-" + id ;
+ return getDnForEdgeDeviceRoutingPolicy(tenantName) + "/sroute-" + id ;
}
-
+
private String getDnForDhcpPolicy(String tenantName, String intfName) {
- return getDnForTenantVDCEdgeDeviceProfile(tenantName) + "/dhcp-" + intfName;
+ return getDnForTenantVDCEdgeDeviceProfile(tenantName) + "/dhcp-" + intfName;
}
-
+
private String getNameForDhcpPolicy(String tenantName) {
- return tenantName + "-Dhcp-Policy";
+ return tenantName + "-Dhcp-Policy";
}
-
+
private String getNameForDhcpServer(String tenantName) {
- return tenantName + "-Dhcp-Server";
+ return tenantName + "-Dhcp-Server";
}
-
+
private String getDnForDhcpServerPolicy(String tenantName) {
- return getDnForTenantVDC(tenantName) + "/dhcp-server-" + getNameForDhcpPolicy(tenantName);
+ return getDnForTenantVDC(tenantName) + "/dhcp-server-" + getNameForDhcpPolicy(tenantName);
}
-
+
private String getNameForIpRange() {
- return "iprange";
+ return "iprange";
}
-
+
private String getDnForDhcpIpRange(String tenantName) {
- return getDnForDhcpServerPolicy(tenantName) + "/ip-range-" + getNameForIpRange();
+ return getDnForDhcpServerPolicy(tenantName) + "/ip-range-" + getNameForIpRange();
}
-
+
private String getNameForDNSService(String tenantName) {
- return tenantName + "-DNS";
+ return tenantName + "-DNS";
}
-
-
+
private String getDnForDnsService(String tenantName) {
- return getDnForDhcpServerPolicy(tenantName) + "/dns-svc-" + getNameForDNSService(tenantName);
+ return getDnForDhcpServerPolicy(tenantName) + "/dns-svc-" + getNameForDNSService(tenantName);
}
-
+
private String getDnForDnsServer(String tenantName, String dnsip) {
- return getDnForDnsService(tenantName) + "/dns-" + dnsip;
+ return getDnForDnsService(tenantName) + "/dns-" + dnsip;
}
-
+
private String getNameForTenantVDC(String tenantName) {
- return "VDC-" + tenantName;
+ return "VDC-" + tenantName;
}
-
+
private String getNameForEdgeDeviceServiceProfile(String tenantName) {
- return "EDSP-" + tenantName;
+ return "EDSP-" + tenantName;
}
-
+
private String getNameForEdgeDeviceSecurityProfile(String tenantName) {
- return "ESP-" + tenantName;
+ return "ESP-" + tenantName;
}
-
+
private String getNameForEdgeDeviceRoutePolicy(String tenantName) {
- return "EDSP-" + tenantName + "-Routes";//FIXME: this has to match DN somehow?
+ return "EDSP-" + tenantName + "-Routes";//FIXME: this has to match DN somehow?
}
-
+
/* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenant(java.lang.String)
- */
+ * @see com.cloud.network.resource.CiscoVnmcConnection#createTenant(java.lang.String)
+ */
@Override
- public boolean createTenant(String tenantName) throws ExecutionException {
- String xml = VnmcXml.CREATE_TENANT.getXml();
+ public boolean createTenant(String tenantName) throws ExecutionException {
+ String xml = VnmcXml.CREATE_TENANT.getXml();
String service = VnmcXml.CREATE_TENANT.getService();
xml = replaceXmlValue(xml, "cookie", _cookie);
xml = replaceXmlValue(xml, "descr", "Tenant for account " + tenantName);
@@ -230,13 +233,13 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
String response = sendRequest(service, xml);
return verifySuccess(response);
}
-
+
/* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDC(java.lang.String)
- */
+ * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDC(java.lang.String)
+ */
@Override
- public boolean createTenantVDC(String tenantName) throws ExecutionException {
- String xml = VnmcXml.CREATE_VDC.getXml();
+ public boolean createTenantVDC(String tenantName) throws ExecutionException {
+ String xml = VnmcXml.CREATE_VDC.getXml();
String service = VnmcXml.CREATE_VDC.getService();
xml = replaceXmlValue(xml, "cookie", _cookie);
xml = replaceXmlValue(xml, "descr", "VDC for Tenant" + tenantName);
@@ -247,13 +250,13 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
return verifySuccess(response);
}
-
+
/* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCEdgeDeviceProfile(java.lang.String)
- */
+ * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCEdgeDeviceProfile(java.lang.String)
+ */
@Override
- public boolean createTenantVDCEdgeDeviceProfile(String tenantName) throws ExecutionException {
- String xml = VnmcXml.CREATE_EDGE_DEVICE_PROFILE.getXml();
+ public boolean createTenantVDCEdgeDeviceProfile(String tenantName) throws ExecutionException {
+ String xml = VnmcXml.CREATE_EDGE_DEVICE_PROFILE.getXml();
String service = VnmcXml.CREATE_EDGE_DEVICE_PROFILE.getService();
xml = replaceXmlValue(xml, "cookie", _cookie);
xml = replaceXmlValue(xml, "descr", "Edge Device Profile for Tenant VDC" + tenantName);
@@ -266,30 +269,29 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
}
/* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCEdgeStaticRoutePolicy(java.lang.String)
- */
+ * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCEdgeStaticRoutePolicy(java.lang.String)
+ */
@Override
- public boolean createTenantVDCEdgeStaticRoutePolicy(String tenantName) throws ExecutionException {
- String xml = VnmcXml.CREATE_EDGE_ROUTE_POLICY.getXml();
+ public boolean createTenantVDCEdgeStaticRoutePolicy(String tenantName) throws ExecutionException {
+ String xml = VnmcXml.CREATE_EDGE_ROUTE_POLICY.getXml();
String service = VnmcXml.CREATE_EDGE_ROUTE_POLICY.getService();
xml = replaceXmlValue(xml, "cookie", _cookie);
xml = replaceXmlValue(xml, "name", getNameForEdgeDeviceRoutePolicy(tenantName));//FIXME: this has to match DN somehow?
xml = replaceXmlValue(xml, "routepolicydn", getDnForEdgeDeviceRoutingPolicy(tenantName));
xml = replaceXmlValue(xml, "descr", "Routing Policy for Edge Device for Tenant " + tenantName);
-
String response = sendRequest(service, xml);
return verifySuccess(response);
}
-
+
/* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCEdgeStaticRoute(java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String)
- */
+ * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCEdgeStaticRoute(java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String)
+ */
@Override
- public boolean createTenantVDCEdgeStaticRoute(String tenantName,
- String nextHopIp, String outsideIntf,
- String destination, String netmask) throws ExecutionException {
- String xml = VnmcXml.CREATE_EDGE_ROUTE.getXml();
+ public boolean createTenantVDCEdgeStaticRoute(String tenantName,
+ String nextHopIp, String outsideIntf,
+ String destination, String netmask) throws ExecutionException {
+ String xml = VnmcXml.CREATE_EDGE_ROUTE.getXml();
String service = VnmcXml.CREATE_EDGE_ROUTE.getService();
xml = replaceXmlValue(xml, "cookie", _cookie);
xml = replaceXmlValue(xml, "routedn", getDnForEdgeDeviceRoute(tenantName, 2));//TODO: why 2?
@@ -304,13 +306,13 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
String response = sendRequest(service, xml);
return verifySuccess(response);
}
-
+
/* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#associateTenantVDCEdgeStaticRoutePolicy(java.lang.String)
- */
+ * @see com.cloud.network.resource.CiscoVnmcConnection#associateTenantVDCEdgeStaticRoutePolicy(java.lang.String)
+ */
@Override
- public boolean associateTenantVDCEdgeStaticRoutePolicy(String tenantName) throws ExecutionException {
- String xml = VnmcXml.RESOLVE_EDGE_ROUTE_POLICY.getXml();
+ public boolean associateTenantVDCEdgeStaticRoutePolicy(String tenantName) throws ExecutionException {
+ String xml = VnmcXml.RESOLVE_EDGE_ROUTE_POLICY.getXml();
String service = VnmcXml.RESOLVE_EDGE_ROUTE_POLICY.getService();
xml = replaceXmlValue(xml, "cookie", _cookie);
xml = replaceXmlValue(xml, "profilename", getNameForEdgeDeviceServiceProfile(tenantName));
@@ -320,13 +322,13 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
String response = sendRequest(service, xml);
return verifySuccess(response);
}
-
+
/* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#associateTenantVDCEdgeDhcpPolicy(java.lang.String, java.lang.String)
- */
+ * @see com.cloud.network.resource.CiscoVnmcConnection#associateTenantVDCEdgeDhcpPolicy(java.lang.String, java.lang.String)
+ */
@Override
- public boolean associateTenantVDCEdgeDhcpPolicy(String tenantName, String intfName) throws ExecutionException {
- String xml = VnmcXml.RESOLVE_EDGE_DHCP_POLICY.getXml();
+ public boolean associateTenantVDCEdgeDhcpPolicy(String tenantName, String intfName) throws ExecutionException {
+ String xml = VnmcXml.RESOLVE_EDGE_DHCP_POLICY.getXml();
String service = VnmcXml.RESOLVE_EDGE_DHCP_POLICY.getService();
xml = replaceXmlValue(xml, "cookie", _cookie);
xml = replaceXmlValue(xml, "dhcpdn", getDnForDhcpPolicy(tenantName, intfName));
@@ -336,39 +338,39 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
return verifySuccess(response);
}
-
- /* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCEdgeDhcpPolicy(java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String)
- */
- @Override
- public boolean createTenantVDCEdgeDhcpPolicy(String tenantName,
- String startIp, String endIp, String subnet, String nameServerIp, String domain) throws ExecutionException {
- String xml = VnmcXml.CREATE_DHCP_POLICY.getXml();
- String service = VnmcXml.CREATE_DHCP_POLICY.getService();
- xml = replaceXmlValue(xml, "cookie", _cookie);
- xml = replaceXmlValue(xml, "dhcpserverdn", getDnForDhcpServerPolicy(tenantName));
- xml = replaceXmlValue(xml, "dhcpserverdescr", "DHCP server for " + tenantName);
- xml = replaceXmlValue(xml, "dhcpservername", getNameForDhcpPolicy(tenantName));
- xml = replaceXmlValue(xml, "iprangedn", getDnForDhcpIpRange(tenantName));
- xml = replaceXmlValue(xml, "startip", startIp);
- xml = replaceXmlValue(xml, "endip", endIp);
- xml = replaceXmlValue(xml, "subnet", subnet);
- xml = replaceXmlValue(xml, "domain", domain);
- xml = replaceXmlValue(xml, "dnsservicedn", getDnForDnsService(tenantName));
- xml = replaceXmlValue(xml, "dnsservicename", getNameForDNSService(tenantName));
- xml = replaceXmlValue(xml, "nameserverip", nameServerIp);
- xml = replaceXmlValue(xml, "nameserverdn", getDnForDnsServer(tenantName, nameServerIp));
- String response = sendRequest(service, xml);
- return verifySuccess(response);
- }
-
/* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#associateTenantVDCEdgeDhcpServerPolicy(java.lang.String, java.lang.String)
- */
+ * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCEdgeDhcpPolicy(java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String)
+ */
@Override
- public boolean associateTenantVDCEdgeDhcpServerPolicy(String tenantName, String intfName) throws ExecutionException {
- String xml = VnmcXml.RESOLVE_EDGE_DHCP_SERVER_POLICY.getXml();
+ public boolean createTenantVDCEdgeDhcpPolicy(String tenantName,
+ String startIp, String endIp, String subnet, String nameServerIp, String domain) throws ExecutionException {
+ String xml = VnmcXml.CREATE_DHCP_POLICY.getXml();
+ String service = VnmcXml.CREATE_DHCP_POLICY.getService();
+ xml = replaceXmlValue(xml, "cookie", _cookie);
+ xml = replaceXmlValue(xml, "dhcpserverdn", getDnForDhcpServerPolicy(tenantName));
+ xml = replaceXmlValue(xml, "dhcpserverdescr", "DHCP server for " + tenantName);
+ xml = replaceXmlValue(xml, "dhcpservername", getNameForDhcpPolicy(tenantName));
+ xml = replaceXmlValue(xml, "iprangedn", getDnForDhcpIpRange(tenantName));
+ xml = replaceXmlValue(xml, "startip", startIp);
+ xml = replaceXmlValue(xml, "endip", endIp);
+ xml = replaceXmlValue(xml, "subnet", subnet);
+ xml = replaceXmlValue(xml, "domain", domain);
+ xml = replaceXmlValue(xml, "dnsservicedn", getDnForDnsService(tenantName));
+ xml = replaceXmlValue(xml, "dnsservicename", getNameForDNSService(tenantName));
+ xml = replaceXmlValue(xml, "nameserverip", nameServerIp);
+ xml = replaceXmlValue(xml, "nameserverdn", getDnForDnsServer(tenantName, nameServerIp));
+
+ String response = sendRequest(service, xml);
+ return verifySuccess(response);
+ }
+
+ /* (non-Javadoc)
+ * @see com.cloud.network.resource.CiscoVnmcConnection#associateTenantVDCEdgeDhcpServerPolicy(java.lang.String, java.lang.String)
+ */
+ @Override
+ public boolean associateTenantVDCEdgeDhcpServerPolicy(String tenantName, String intfName) throws ExecutionException {
+ String xml = VnmcXml.RESOLVE_EDGE_DHCP_SERVER_POLICY.getXml();
String service = VnmcXml.RESOLVE_EDGE_DHCP_SERVER_POLICY.getService();
xml = replaceXmlValue(xml, "cookie", _cookie);
xml = replaceXmlValue(xml, "dhcpdn", getDnForDhcpPolicy(tenantName, intfName));
@@ -378,253 +380,392 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
String response = sendRequest(service, xml);
return verifySuccess(response);
}
-
+
/* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCEdgeSecurityProfile(java.lang.String)
- */
+ * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCEdgeSecurityProfile(java.lang.String)
+ */
@Override
- public boolean createTenantVDCEdgeSecurityProfile(String tenantName) throws ExecutionException {
- String xml = VnmcXml.CREATE_EDGE_SECURITY_PROFILE.getXml();
- String service = VnmcXml.CREATE_EDGE_SECURITY_PROFILE.getService();
- xml = replaceXmlValue(xml, "cookie", _cookie);
- xml = replaceXmlValue(xml, "descr", "Edge Security Profile for Tenant VDC" + tenantName);
- xml = replaceXmlValue(xml, "name", getNameForEdgeDeviceSecurityProfile(tenantName));
- xml = replaceXmlValue(xml, "espdn", getDnForTenantVDCEdgeSecurityProfile(tenantName));
- xml = replaceXmlValue(xml, "egressref", "default-egress");
- xml = replaceXmlValue(xml, "ingressref", "default-ingress"); //FIXME: allows everything
+ public boolean createTenantVDCEdgeSecurityProfile(String tenantName) throws ExecutionException {
+ String xml = VnmcXml.CREATE_EDGE_SECURITY_PROFILE.getXml();
+ String service = VnmcXml.CREATE_EDGE_SECURITY_PROFILE.getService();
+ xml = replaceXmlValue(xml, "cookie", _cookie);
+ xml = replaceXmlValue(xml, "descr", "Edge Security Profile for Tenant VDC" + tenantName);
+ xml = replaceXmlValue(xml, "name", getNameForEdgeDeviceSecurityProfile(tenantName));
+ xml = replaceXmlValue(xml, "espdn", getDnForTenantVDCEdgeSecurityProfile(tenantName));
+ xml = replaceXmlValue(xml, "egressref", "default-egress");
+ xml = replaceXmlValue(xml, "ingressref", "default-ingress"); //FIXME: allows everything
- String response = sendRequest(service, xml);
+ String response = sendRequest(service, xml);
- return verifySuccess(response);
+ return verifySuccess(response);
}
-
+
private String getNameForSourceNatPool(String tenantName) {
- return "Source-NAT-Pool-For-" + tenantName;
+ return "Source-NAT-Pool-For-" + tenantName;
}
-
+
private String getDnForSourceNatPool(String tenantName) {
- return getDnForTenantVDC(tenantName) + "/objgrp-" + getNameForSourceNatPool(tenantName);
+ return getDnForTenantVDC(tenantName) + "/objgrp-" + getNameForSourceNatPool(tenantName);
}
-
+
private String getDnForSourceNatPoolExpr(String tenantName) {
- return getDnForSourceNatPool(tenantName) + "/objgrp-expr-2";
+ return getDnForSourceNatPool(tenantName) + "/objgrp-expr-2";
}
-
+
private String getDnForSourceNatPublicIp(String tenantName) {
- return getDnForSourceNatPoolExpr(tenantName) + "/nw-ip-2";
+ return getDnForSourceNatPoolExpr(tenantName) + "/nw-ip-2";
}
-
+
/* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCSourceNATPool(java.lang.String, java.lang.String)
- */
+ * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCSourceNATPool(java.lang.String, java.lang.String)
+ */
@Override
- public boolean createTenantVDCSourceNATPool(String tenantName, String publicIp) throws ExecutionException {
- String xml = VnmcXml.CREATE_SOURCE_NAT_POOL.getXml();
- String service = VnmcXml.CREATE_SOURCE_NAT_POOL.getService();
- xml = replaceXmlValue(xml, "cookie", _cookie);
- xml = replaceXmlValue(xml, "descr", "Source NAT pool for Tenant VDC " + tenantName);
- xml = replaceXmlValue(xml, "name", getNameForSourceNatPool(tenantName));
- xml = replaceXmlValue(xml, "snatpooldn", getDnForSourceNatPool(tenantName));
- xml = replaceXmlValue(xml, "snatpoolexprdn", getDnForSourceNatPoolExpr(tenantName));
- xml = replaceXmlValue(xml, "publicipdn", getDnForSourceNatPublicIp(tenantName));
- xml = replaceXmlValue(xml, "publicip", publicIp);
+ public boolean createTenantVDCSourceNATPool(String tenantName, String publicIp) throws ExecutionException {
+ String xml = VnmcXml.CREATE_SOURCE_NAT_POOL.getXml();
+ String service = VnmcXml.CREATE_SOURCE_NAT_POOL.getService();
+ xml = replaceXmlValue(xml, "cookie", _cookie);
+ xml = replaceXmlValue(xml, "descr", "Source NAT pool for Tenant VDC " + tenantName);
+ xml = replaceXmlValue(xml, "name", getNameForSourceNatPool(tenantName));
+ xml = replaceXmlValue(xml, "snatpooldn", getDnForSourceNatPool(tenantName));
+ xml = replaceXmlValue(xml, "snatpoolexprdn", getDnForSourceNatPoolExpr(tenantName));
+ xml = replaceXmlValue(xml, "publicipdn", getDnForSourceNatPublicIp(tenantName));
+ xml = replaceXmlValue(xml, "publicip", publicIp);
- String response = sendRequest(service, xml);
+ String response = sendRequest(service, xml);
- return verifySuccess(response);
+ return verifySuccess(response);
}
-
-
+
private String getNameForSourceNatPolicy(String tenantName) {
- return "Source-NAT-For-" + tenantName;
+ return "Source-NAT-For-" + tenantName;
}
-
+
private String getDnForSourceNatPolicy(String tenantName) {
- return getDnForTenantVDC(tenantName) + "/natpol-" + getNameForSourceNatPolicy(tenantName);
+ return getDnForTenantVDC(tenantName) + "/natpol-" + getNameForSourceNatPolicy(tenantName);
}
-
+
private String getNameForSourceNatRule(String tenantName) {
- return "Source-NAT-Policy-Rule-" + tenantName;
+ return "Source-NAT-Policy-Rule-" + tenantName;
}
-
+
private String getDnForSourceNatRule(String tenantName) {
- return getDnForSourceNatPolicy(tenantName) + "/rule-" + getNameForSourceNatRule(tenantName);
+ return getDnForSourceNatPolicy(tenantName) + "/rule-" + getNameForSourceNatRule(tenantName);
}
-
+
private String getDnForSourceNatRuleAction(String tenantName) {
- return getDnForSourceNatRule(tenantName) + "/nat-action";
+ return getDnForSourceNatRule(tenantName) + "/nat-action";
}
-
+
private String getDnForSourceNatRuleRule(String tenantName) {
- return getDnForSourceNatRule(tenantName) + "/rule-cond-2";
+ return getDnForSourceNatRule(tenantName) + "/rule-cond-2";
}
-
+
private String getDnForSourceNatRuleRange(String tenantName) {
- return getDnForSourceNatRuleRule(tenantName) + "/nw-expr2";
+ return getDnForSourceNatRuleRule(tenantName) + "/nw-expr2";
}
-
+
private String getDnForSourceNatRuleRangeIp(String tenantName, int id) {
- return getDnForSourceNatRuleRange(tenantName) + "/nw-ip-" + id;
+ return getDnForSourceNatRuleRange(tenantName) + "/nw-ip-" + id;
}
-
+
private String getDnForSourceNatRuleRangeAttr(String tenantName) {
- return getDnForSourceNatRuleRange(tenantName) + "/nw-attr-qual";
+ return getDnForSourceNatRuleRange(tenantName) + "/nw-attr-qual";
}
-
+
/* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCSourceNATPolicy(java.lang.String, java.lang.String, java.lang.String)
- */
+ * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCSourceNATPolicy(java.lang.String, java.lang.String, java.lang.String)
+ */
@Override
- public boolean createTenantVDCSourceNATPolicy(String tenantName,
- String startSourceIp, String endSourceIp) throws ExecutionException {
-
- String xml = VnmcXml.CREATE_SOURCE_NAT_POLICY.getXml();
- String service = VnmcXml.CREATE_SOURCE_NAT_POLICY.getService();
- xml = replaceXmlValue(xml, "cookie", _cookie);
- xml = replaceXmlValue(xml, "descr", "Source NAT Policy for Tenant VDC " + tenantName);
- xml = replaceXmlValue(xml, "srcTranslatedIpPool", getNameForSourceNatPool(tenantName));
- xml = replaceXmlValue(xml, "natrulename", getNameForSourceNatRule(tenantName));
- xml = replaceXmlValue(xml, "natpolname", getNameForSourceNatPolicy(tenantName));
- xml = replaceXmlValue(xml, "natruleruledescr", "Source NAT Policy for Tenant " + tenantName);
- xml = replaceXmlValue(xml, "natpoldescr", "Source NAT Rule for Tenant " + tenantName);
- xml = replaceXmlValue(xml, "natpoldn", getDnForSourceNatPolicy(tenantName));
- xml = replaceXmlValue(xml, "natruledn", getDnForSourceNatRule(tenantName));
- xml = replaceXmlValue(xml, "sourcestartip", startSourceIp);
- xml = replaceXmlValue(xml, "sourceendip", endSourceIp);
- xml = replaceXmlValue(xml, "sourcenatpoolname", getNameForSourceNatPool(tenantName));
+ public boolean createTenantVDCSourceNATPolicy(String tenantName,
+ String startSourceIp, String endSourceIp) throws ExecutionException {
-
- xml = replaceXmlValue(xml, "natactiondn", getDnForSourceNatRuleAction(tenantName));
- xml = replaceXmlValue(xml, "natruleruledn", getDnForSourceNatRuleRule(tenantName));
- xml = replaceXmlValue(xml, "natrangedn", getDnForSourceNatRuleRange(tenantName));
- xml = replaceXmlValue(xml, "natipdn2", getDnForSourceNatRuleRangeIp(tenantName, 2));
- xml = replaceXmlValue(xml, "natipdn3", getDnForSourceNatRuleRangeIp(tenantName, 3));
+ String xml = VnmcXml.CREATE_SOURCE_NAT_POLICY.getXml();
+ String service = VnmcXml.CREATE_SOURCE_NAT_POLICY.getService();
+ xml = replaceXmlValue(xml, "cookie", _cookie);
+ xml = replaceXmlValue(xml, "descr", "Source NAT Policy for Tenant VDC " + tenantName);
+ xml = replaceXmlValue(xml, "srcTranslatedIpPool", getNameForSourceNatPool(tenantName));
+ xml = replaceXmlValue(xml, "natrulename", getNameForSourceNatRule(tenantName));
+ xml = replaceXmlValue(xml, "natpolname", getNameForSourceNatPolicy(tenantName));
+ xml = replaceXmlValue(xml, "natruleruledescr", "Source NAT Policy for Tenant " + tenantName);
+ xml = replaceXmlValue(xml, "natpoldescr", "Source NAT Rule for Tenant " + tenantName);
+ xml = replaceXmlValue(xml, "natpoldn", getDnForSourceNatPolicy(tenantName));
+ xml = replaceXmlValue(xml, "natruledn", getDnForSourceNatRule(tenantName));
+ xml = replaceXmlValue(xml, "sourcestartip", startSourceIp);
+ xml = replaceXmlValue(xml, "sourceendip", endSourceIp);
+ xml = replaceXmlValue(xml, "sourcenatpoolname", getNameForSourceNatPool(tenantName));
- xml = replaceXmlValue(xml, "natsnatruleconddn", getDnForSourceNatRuleRangeAttr(tenantName));
+ xml = replaceXmlValue(xml, "natactiondn", getDnForSourceNatRuleAction(tenantName));
+ xml = replaceXmlValue(xml, "natruleruledn", getDnForSourceNatRuleRule(tenantName));
+ xml = replaceXmlValue(xml, "natrangedn", getDnForSourceNatRuleRange(tenantName));
+ xml = replaceXmlValue(xml, "natipdn2", getDnForSourceNatRuleRangeIp(tenantName, 2));
+ xml = replaceXmlValue(xml, "natipdn3", getDnForSourceNatRuleRangeIp(tenantName, 3));
- String response = sendRequest(service, xml);
+ xml = replaceXmlValue(xml, "natsnatruleconddn", getDnForSourceNatRuleRangeAttr(tenantName));
- return verifySuccess(response);
+ String response = sendRequest(service, xml);
+
+ return verifySuccess(response);
}
-
+
private String getNameForNatPolicySet(String tenantName) {
- return "NAT-Policy-Set-" + tenantName;
+ return "NAT-Policy-Set-" + tenantName;
}
private String getDnForNatPolicySet(String tenantName) {
- return getDnForTenantVDC(tenantName) + "/natpset-" + getNameForNatPolicySet(tenantName) ;
+ return getDnForTenantVDC(tenantName) + "/natpset-" + getNameForNatPolicySet(tenantName) ;
}
-
- private String getDnForNatPolicySetRef(String tenantName) {
- return getDnForNatPolicySet(tenantName) + "/polref-" + getNameForSourceNatPolicy(tenantName) ;
+
+ private String getDnForNatPolicyRef(String tenantName) {
+ return getDnForNatPolicySet(tenantName) + "/polref-" + getNameForSourceNatPolicy(tenantName) ;
}
-
+
/* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCNatPolicySet(java.lang.String)
- */
+ * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCNatPolicySet(java.lang.String)
+ */
@Override
- public boolean createTenantVDCNatPolicySet(String tenantName) throws ExecutionException {
- String xml = VnmcXml.CREATE_NAT_POLICY_SET.getXml();
- String service = VnmcXml.CREATE_NAT_POLICY_SET.getService();
- xml = replaceXmlValue(xml, "cookie", _cookie);
- //xml = replaceXmlValue(xml, "descr", "Nat Policy Set for Tenant VDC " + tenantName);
- xml = replaceXmlValue(xml, "natpolicyname", getNameForSourceNatPolicy(tenantName));
- xml = replaceXmlValue(xml, "natpolicysetname", getNameForNatPolicySet(tenantName));
- xml = replaceXmlValue(xml, "natpolicysetdn", getDnForNatPolicySet(tenantName));
- xml = replaceXmlValue(xml, "natpolicyrefdn", getDnForNatPolicySetRef(tenantName));
+ public boolean createTenantVDCNatPolicySet(String tenantName) throws ExecutionException {
+ String xml = VnmcXml.CREATE_NAT_POLICY_SET.getXml();
+ String service = VnmcXml.CREATE_NAT_POLICY_SET.getService();
+ xml = replaceXmlValue(xml, "cookie", _cookie);
+ //xml = replaceXmlValue(xml, "descr", "Nat Policy Set for Tenant VDC " + tenantName);
+ xml = replaceXmlValue(xml, "natpolicyname", getNameForSourceNatPolicy(tenantName));
+ xml = replaceXmlValue(xml, "natpolicysetname", getNameForNatPolicySet(tenantName));
+ xml = replaceXmlValue(xml, "natpolicysetdn", getDnForNatPolicySet(tenantName));
+ xml = replaceXmlValue(xml, "natpolicyrefdn", getDnForNatPolicyRef(tenantName));
- String response = sendRequest(service, xml);
+ String response = sendRequest(service, xml);
- return verifySuccess(response);
+ return verifySuccess(response);
}
-
+
/* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#associateNatPolicySet(java.lang.String)
- */
+ * @see com.cloud.network.resource.CiscoVnmcConnection#associateNatPolicySet(java.lang.String)
+ */
@Override
- public boolean associateNatPolicySet(String tenantName) throws ExecutionException {
- String xml = VnmcXml.RESOLVE_NAT_POLICY_SET.getXml();
- String service = VnmcXml.RESOLVE_NAT_POLICY_SET.getService();
- xml = replaceXmlValue(xml, "cookie", _cookie);
- xml = replaceXmlValue(xml, "descr", "Edge Security Profile for Tenant VDC" + tenantName);
- xml = replaceXmlValue(xml, "name", getNameForEdgeDeviceSecurityProfile(tenantName));
- xml = replaceXmlValue(xml, "espdn", getDnForTenantVDCEdgeSecurityProfile(tenantName));
- xml = replaceXmlValue(xml, "egressref", "default-egress");
- xml = replaceXmlValue(xml, "ingressref", "default-ingress");
- xml = replaceXmlValue(xml, "natpolicysetname", getNameForNatPolicySet(tenantName));
+ public boolean associateNatPolicySet(String tenantName) throws ExecutionException {
+ String xml = VnmcXml.RESOLVE_NAT_POLICY_SET.getXml();
+ String service = VnmcXml.RESOLVE_NAT_POLICY_SET.getService();
+ xml = replaceXmlValue(xml, "cookie", _cookie);
+ xml = replaceXmlValue(xml, "descr", "Edge Security Profile for Tenant VDC" + tenantName);
+ xml = replaceXmlValue(xml, "name", getNameForEdgeDeviceSecurityProfile(tenantName));
+ xml = replaceXmlValue(xml, "espdn", getDnForTenantVDCEdgeSecurityProfile(tenantName));
+ xml = replaceXmlValue(xml, "egressref", "default-egress");
+ xml = replaceXmlValue(xml, "ingressref", "default-ingress");
+ xml = replaceXmlValue(xml, "natpolicysetname", getNameForNatPolicySet(tenantName));
- String response = sendRequest(service, xml);
+ String response = sendRequest(service, xml);
- return verifySuccess(response);
+ return verifySuccess(response);
}
-
+
+ private String getNameForAclPolicySet(String tenantName, boolean ingress) {
+ return (ingress ? "Ingress-" : "Egress-") + "ACL-Policy-Set-" + tenantName;
+ }
+
+ private String getDnForAclPolicySet(String tenantName, boolean ingress) {
+ return getDnForTenantVDC(tenantName) + "/pset-" + getNameForAclPolicySet(tenantName, ingress) ;
+ }
+
+ private String getNameForAclPolicy(String tenantName, boolean ingress) {
+ return (ingress ? "Ingress-" : "Egress-") + "ACL-For-" + tenantName;
+ }
+
+ private String getDnForAclPolicy(String tenantName, boolean ingress) {
+ return getDnForTenantVDC(tenantName) + "/pol-" + getNameForAclPolicy(tenantName, ingress);
+ }
+
+ private String getDnForAclPolicyRef(String tenantName, boolean ingress) {
+ return getDnForAclPolicySet(tenantName, ingress) + "/polref-" + getNameForAclPolicy(tenantName, ingress);
+ }
+
+ private String getNameForAclRule(String tenantName, String identifier, boolean ingress) {
+ return (ingress ? "Ingress-" : "Egress-") + "ACL-Rule-For-" + tenantName + "-" + identifier;
+ }
+
+ private String getDnForAclRule(String tenantName, String identifier, boolean ingress) {
+ return getDnForAclPolicy(tenantName, ingress) + "/rule-" + getNameForAclRule(tenantName, identifier, ingress);
+ }
+
+ /* (non-Javadoc)
+ * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCAclPolicy(java.lang.String)
+ */
+ @Override
+ public boolean createTenantVDCAclPolicy(String tenantName, boolean ingress) throws ExecutionException {
+ String xml = VnmcXml.CREATE_ACL_POLICY.getXml();
+ String service = VnmcXml.CREATE_ACL_POLICY.getService();
+ xml = replaceXmlValue(xml, "cookie", _cookie);
+ //xml = replaceXmlValue(xml, "descr", "ACL Policy for Tenant VDC " + tenantName);
+ xml = replaceXmlValue(xml, "aclpolicyname", getNameForAclPolicy(tenantName, ingress));
+ xml = replaceXmlValue(xml, "aclpolicydn", getDnForAclPolicy(tenantName, ingress));
+
+ String response = sendRequest(service, xml);
+
+ return verifySuccess(response);
+ }
+
+ /* (non-Javadoc)
+ * @see com.cloud.network.resource.CiscoVnmcConnection#deleteTenantVDCAclPolicy(java.lang.String)
+ */
+ @Override
+ public boolean deleteTenantVDCAclPolicy(String tenantName, boolean ingress) throws ExecutionException {
+ String xml = VnmcXml.DELETE_ACL_POLICY.getXml();
+ String service = VnmcXml.DELETE_ACL_POLICY.getService();
+ xml = replaceXmlValue(xml, "cookie", _cookie);
+ xml = replaceXmlValue(xml, "aclpolicyname", getNameForAclPolicy(tenantName, ingress));
+ xml = replaceXmlValue(xml, "aclpolicydn", getDnForAclPolicy(tenantName, ingress));
+
+ String response = sendRequest(service, xml);
+
+ return verifySuccess(response);
+ }
+
+ /* (non-Javadoc)
+ * @see com.cloud.network.resource.CiscoVnmcConnection#createTenantVDCAclPolicySet(java.lang.String)
+ */
+ @Override
+ public boolean createTenantVDCAclPolicySet(String tenantName, boolean ingress) throws ExecutionException {
+ String xml = VnmcXml.CREATE_ACL_POLICY_SET.getXml();
+ String service = VnmcXml.CREATE_ACL_POLICY_SET.getService();
+ xml = replaceXmlValue(xml, "cookie", _cookie);
+ //xml = replaceXmlValue(xml, "descr", "ACL Policy Set for Tenant VDC " + tenantName);
+ xml = replaceXmlValue(xml, "aclpolicyname", getNameForAclPolicy(tenantName, ingress));
+ xml = replaceXmlValue(xml, "aclpolicysetname", getNameForAclPolicySet(tenantName, ingress));
+ xml = replaceXmlValue(xml, "aclpolicysetdn", getDnForAclPolicySet(tenantName, ingress));
+ xml = replaceXmlValue(xml, "aclpolicyrefdn", getDnForAclPolicyRef(tenantName, ingress));
+
+ String response = sendRequest(service, xml);
+
+ return verifySuccess(response);
+ }
+
+ /* (non-Javadoc)
+ * @see com.cloud.network.resource.CiscoVnmcConnection#associateAclPolicySet(java.lang.String)
+ */
+ @Override
+ public boolean associateAclPolicySet(String tenantName) throws ExecutionException {
+ String xml = VnmcXml.RESOLVE_ACL_POLICY_SET.getXml();
+ String service = VnmcXml.RESOLVE_ACL_POLICY_SET.getService();
+ xml = replaceXmlValue(xml, "cookie", _cookie);
+ xml = replaceXmlValue(xml, "descr", "Edge Security Profile for Tenant VDC" + tenantName);
+ xml = replaceXmlValue(xml, "name", getNameForEdgeDeviceSecurityProfile(tenantName));
+ xml = replaceXmlValue(xml, "espdn", getDnForTenantVDCEdgeSecurityProfile(tenantName));
+ //xml = replaceXmlValue(xml, "egresspolicysetname", getNameForAclPolicySet(tenantName, false));
+ xml = replaceXmlValue(xml, "egresspolicysetname", "default-egress"); //FIXME
+ xml = replaceXmlValue(xml, "ingresspolicysetname", getNameForAclPolicySet(tenantName, true));
+ xml = replaceXmlValue(xml, "natpolicysetname", getNameForNatPolicySet(tenantName));
+
+ String response = sendRequest(service, xml);
+
+ return verifySuccess(response);
+ }
+
+ /* (non-Javadoc)
+ * @see com.cloud.network.resource.CiscoVnmcConnection#createIngressAclRule(java.lang.String)
+ */
+ @Override
+ public boolean createIngressAclRule(String tenantName, String identifier,
+ String protocol, String sourceStartIp, String sourceEndIp,
+ String destStartPort, String destEndPort, String destIp) throws ExecutionException {
+ String xml = VnmcXml.CREATE_INGRESS_ACL_RULE.getXml();
+ String service = VnmcXml.CREATE_INGRESS_ACL_RULE.getService();
+ xml = replaceXmlValue(xml, "cookie", _cookie);
+ //xml = replaceXmlValue(xml, "descr", "Ingress ACL Policy for Tenant VDC" + tenantName);
+ xml = replaceXmlValue(xml, "aclruledn", getDnForAclRule(tenantName, identifier, true));
+ xml = replaceXmlValue(xml, "aclrulename", getNameForAclRule(tenantName, identifier, true));
+ xml = replaceXmlValue(xml, "actiontype", "permit");
+ xml = replaceXmlValue(xml, "protocolvalue", protocol);
+ xml = replaceXmlValue(xml, "sourcestartip", sourceStartIp);
+ xml = replaceXmlValue(xml, "sourceendip", sourceEndIp);
+ xml = replaceXmlValue(xml, "deststartport", destStartPort);
+ xml = replaceXmlValue(xml, "destendport", destEndPort);
+ xml = replaceXmlValue(xml, "destip", destIp);
+
+ String response = sendRequest(service, xml);
+
+ return verifySuccess(response);
+ }
+
+ /* (non-Javadoc)
+ * @see com.cloud.network.resource.CiscoVnmcConnection#deleteAclRule(java.lang.String)
+ */
+ @Override
+ public boolean deleteAclRule(String tenantName, String identifier) throws ExecutionException {
+ String xml = VnmcXml.DELETE_ACL_RULE.getXml();
+ String service = VnmcXml.DELETE_ACL_RULE.getService();
+ xml = replaceXmlValue(xml, "cookie", _cookie);
+ xml = replaceXmlValue(xml, "aclruledn", getDnForAclRule(tenantName, identifier, true));
+ xml = replaceXmlValue(xml, "aclrulename", getNameForAclRule(tenantName, identifier, true));
+
+ String response = sendRequest(service, xml);
+
+ return verifySuccess(response);
+ }
+
private String getNameForEdgeFirewall(String tenantName) {
- return "ASA-1000v-" + tenantName;
+ return "ASA-1000v-" + tenantName;
}
-
+
private String getDnForEdgeFirewall(String tenantName) {
- return getDnForTenantVDC(tenantName) + "/efw-" + getNameForEdgeFirewall(tenantName);
+ return getDnForTenantVDC(tenantName) + "/efw-" + getNameForEdgeFirewall(tenantName);
}
-
+
private String getNameForEdgeInsideIntf(String tenantName) {
- return "Edge_Inside"; //TODO: make this configurable
+ return "Edge_Inside"; //TODO: make this configurable
}
-
+
private String getNameForEdgeOutsideIntf(String tenantName) {
- return "Edge_Outside"; //TODO: make this configurable
+ return "Edge_Outside"; //TODO: make this configurable
}
-
+
private String getDnForOutsideIntf(String tenantName) {
- return getDnForEdgeFirewall(tenantName) + "/interface-" + getNameForEdgeOutsideIntf(tenantName);
+ return getDnForEdgeFirewall(tenantName) + "/interface-" + getNameForEdgeOutsideIntf(tenantName);
}
-
+
private String getDnForInsideIntf(String tenantName) {
- return getDnForEdgeFirewall(tenantName) + "/interface-" + getNameForEdgeInsideIntf(tenantName);
+ return getDnForEdgeFirewall(tenantName) + "/interface-" + getNameForEdgeInsideIntf(tenantName);
}
-
+
/* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#createEdgeFirewall(java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String)
- */
+ * @see com.cloud.network.resource.CiscoVnmcConnection#createEdgeFirewall(java.lang.String, java.lang.String, java.lang.String, java.lang.String, java.lang.String)
+ */
@Override
- public boolean createEdgeFirewall(String tenantName, String publicIp, String insideIp,
- String insideSubnet, String outsideSubnet) throws ExecutionException {
-
- String xml = VnmcXml.CREATE_EDGE_FIREWALL.getXml();
- String service = VnmcXml.CREATE_EDGE_FIREWALL.getService();
- xml = replaceXmlValue(xml, "cookie", _cookie);
- xml = replaceXmlValue(xml, "edgefwdescr", "Edge Firewall for Tenant VDC " + tenantName);
- xml = replaceXmlValue(xml, "edgefwname", getNameForEdgeFirewall(tenantName));
- xml = replaceXmlValue(xml, "edgefwdn", getDnForEdgeFirewall(tenantName));
- xml = replaceXmlValue(xml, "insideintfname", getNameForEdgeInsideIntf(tenantName));
- xml = replaceXmlValue(xml, "outsideintfname", getNameForEdgeOutsideIntf(tenantName));
+ public boolean createEdgeFirewall(String tenantName, String publicIp, String insideIp,
+ String insideSubnet, String outsideSubnet) throws ExecutionException {
- xml = replaceXmlValue(xml, "insideintfdn", getDnForInsideIntf(tenantName));
- xml = replaceXmlValue(xml, "outsideintfdn", getDnForOutsideIntf(tenantName));
+ String xml = VnmcXml.CREATE_EDGE_FIREWALL.getXml();
+ String service = VnmcXml.CREATE_EDGE_FIREWALL.getService();
+ xml = replaceXmlValue(xml, "cookie", _cookie);
+ xml = replaceXmlValue(xml, "edgefwdescr", "Edge Firewall for Tenant VDC " + tenantName);
+ xml = replaceXmlValue(xml, "edgefwname", getNameForEdgeFirewall(tenantName));
+ xml = replaceXmlValue(xml, "edgefwdn", getDnForEdgeFirewall(tenantName));
+ xml = replaceXmlValue(xml, "insideintfname", getNameForEdgeInsideIntf(tenantName));
+ xml = replaceXmlValue(xml, "outsideintfname", getNameForEdgeOutsideIntf(tenantName));
- xml = replaceXmlValue(xml, "deviceserviceprofiledn", getDnForEdgeFirewall(tenantName) + "/device-service-profile");
- xml = replaceXmlValue(xml, "outsideintfsp", getDnForOutsideIntf(tenantName) + "/interface-service-profile");
+ xml = replaceXmlValue(xml, "insideintfdn", getDnForInsideIntf(tenantName));
+ xml = replaceXmlValue(xml, "outsideintfdn", getDnForOutsideIntf(tenantName));
- xml = replaceXmlValue(xml, "secprofileref", getNameForEdgeDeviceSecurityProfile(tenantName));
- xml = replaceXmlValue(xml, "deviceserviceprofile", getNameForEdgeDeviceServiceProfile(tenantName));
+ xml = replaceXmlValue(xml, "deviceserviceprofiledn", getDnForEdgeFirewall(tenantName) + "/device-service-profile");
+ xml = replaceXmlValue(xml, "outsideintfsp", getDnForOutsideIntf(tenantName) + "/interface-service-profile");
+ xml = replaceXmlValue(xml, "secprofileref", getNameForEdgeDeviceSecurityProfile(tenantName));
+ xml = replaceXmlValue(xml, "deviceserviceprofile", getNameForEdgeDeviceServiceProfile(tenantName));
- xml = replaceXmlValue(xml, "insideip", insideIp);
- xml = replaceXmlValue(xml, "publicip", publicIp);
- xml = replaceXmlValue(xml, "insidesubnet", insideSubnet);
- xml = replaceXmlValue(xml, "outsidesubnet", outsideSubnet);
-
- String response = sendRequest(service, xml);
+ xml = replaceXmlValue(xml, "insideip", insideIp);
+ xml = replaceXmlValue(xml, "publicip", publicIp);
+ xml = replaceXmlValue(xml, "insidesubnet", insideSubnet);
+ xml = replaceXmlValue(xml, "outsidesubnet", outsideSubnet);
- return verifySuccess(response);
+ String response = sendRequest(service, xml);
+
+ return verifySuccess(response);
}
-
-
+
/* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#listUnAssocAsa1000v()
- */
+ * @see com.cloud.network.resource.CiscoVnmcConnection#listUnAssocAsa1000v()
+ */
@Override
- public Map listUnAssocAsa1000v() throws ExecutionException {
+ public Map listUnAssocAsa1000v() throws ExecutionException {
String xml = VnmcXml.LIST_UNASSOC_ASA1000V.getXml();
String service = VnmcXml.LIST_UNASSOC_ASA1000V.getService();
@@ -645,12 +786,12 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
return result;
}
-
+
/* (non-Javadoc)
- * @see com.cloud.network.resource.CiscoVnmcConnection#assocAsa1000v(java.lang.String, java.lang.String)
- */
+ * @see com.cloud.network.resource.CiscoVnmcConnection#assocAsa1000v(java.lang.String, java.lang.String)
+ */
@Override
- public boolean assocAsa1000v(String tenantName, String firewallDn) throws ExecutionException {
+ public boolean assocAsa1000v(String tenantName, String firewallDn) throws ExecutionException {
String xml = VnmcXml.ASSIGN_ASA1000V.getXml();
String service = VnmcXml.ASSIGN_ASA1000V.getService();
@@ -663,59 +804,58 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
return verifySuccess(response);
}
-
private String sendRequest(String service, String xmlRequest) throws ExecutionException {
- org.apache.commons.httpclient.protocol.Protocol myhttps =
- new org.apache.commons.httpclient.protocol.Protocol("https", new EasySSLProtocolSocketFactory(), 443);
- HttpClient client = new HttpClient();
- client.getHostConfiguration().setHost(_ip, 443, myhttps);
- byte[] response = null;
- PostMethod method = new PostMethod("/xmlIM/" + service);
-
- method.setRequestBody(xmlRequest);
-
- try{
- int statusCode = client.executeMethod(method);
-
- if (statusCode != HttpStatus.SC_OK) {
- throw new Exception("Error code : " + statusCode);
- }
- response = method.getResponseBody();
- }catch(Exception e){
- System.out.println(e.getMessage());
- throw new ExecutionException(e.getMessage());
- }
- System.out.println(new String(response));
- return new String(response);
+ org.apache.commons.httpclient.protocol.Protocol myhttps =
+ new org.apache.commons.httpclient.protocol.Protocol("https", new EasySSLProtocolSocketFactory(), 443);
+ HttpClient client = new HttpClient();
+ client.getHostConfiguration().setHost(_ip, 443, myhttps);
+ byte[] response = null;
+ PostMethod method = new PostMethod("/xmlIM/" + service);
+
+ method.setRequestBody(xmlRequest);
+
+ try{
+ int statusCode = client.executeMethod(method);
+
+ if (statusCode != HttpStatus.SC_OK) {
+ throw new Exception("Error code : " + statusCode);
+ }
+ response = method.getResponseBody();
+ }catch(Exception e){
+ System.out.println(e.getMessage());
+ throw new ExecutionException(e.getMessage());
+ }
+ System.out.println(new String(response));
+ return new String(response);
}
-
+
private Map checkResponse(String xmlResponse, String... keys) throws ExecutionException {
Document xmlDoc = getDocument(xmlResponse);
Map result = new HashMap();
Node topElement = xmlDoc.getChildNodes().item(0);
if (topElement != null) {
- for (String key: keys){
- Node valueNode = topElement.getAttributes().getNamedItem(key);
- result.put(key, valueNode==null?null:valueNode.getNodeValue());
- }
+ for (String key: keys){
+ Node valueNode = topElement.getAttributes().getNamedItem(key);
+ result.put(key, valueNode==null?null:valueNode.getNodeValue());
+ }
}
return result;
}
- private boolean verifySuccess(String xmlResponse) throws ExecutionException {
- Map checked = checkResponse(xmlResponse, "errorCode", "errorDescr");
+ private boolean verifySuccess(String xmlResponse) throws ExecutionException {
+ Map checked = checkResponse(xmlResponse, "errorCode", "errorDescr");
- if (checked.get("errorCode") != null) {
- String errorCode = checked.get("errorCode");
- if (errorCode.equals("103")) {
- //tenant already exists
- return true;
- }
- String errorDescr = checked.get("errorDescr");
- throw new ExecutionException(errorDescr);
- }
- return true;
+ if (checked.get("errorCode") != null) {
+ String errorCode = checked.get("errorCode");
+ if (errorCode.equals("103")) {
+ //tenant already exists
+ return true;
+ }
+ String errorDescr = checked.get("errorDescr");
+ throw new ExecutionException(errorDescr);
+ }
+ return true;
}
/*
@@ -767,5 +907,4 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
}
-
}
diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java
index d3f9cab3941..c96abac2a67 100644
--- a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java
+++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java
@@ -104,7 +104,6 @@ import com.cloud.utils.component.AdapterBase;
import com.cloud.utils.component.Inject;
import com.cloud.utils.db.Transaction;
import com.cloud.utils.exception.CloudRuntimeException;
-import com.cloud.utils.net.NetUtils;
import com.cloud.vm.NicProfile;
import com.cloud.vm.ReservationContext;
import com.cloud.vm.VirtualMachine;
@@ -114,13 +113,13 @@ import com.cloud.vm.VirtualMachineProfile;
public class CiscoVnmcElement extends AdapterBase implements SourceNatServiceProvider, FirewallServiceProvider,
PortForwardingServiceProvider, IpDeployer, StaticNatServiceProvider, ResourceStateAdapter, NetworkElement,
CiscoVnmcElementService, CiscoAsa1000vService {
- private static final Logger s_logger = Logger.getLogger(CiscoVnmcElement.class);
+ private static final Logger s_logger = Logger.getLogger(CiscoVnmcElement.class);
private static final Map> capabilities = setCapabilities();
@Inject
AgentManager _agentMgr;
@Inject
- ResourceManager _resourceMgr;
+ ResourceManager _resourceMgr;
@Inject
ConfigurationManager _configMgr;
@Inject
@@ -155,7 +154,7 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro
return false; //TODO: should handle VxLAN as well
}
- return true;
+ return true;
}
@Override
@@ -212,7 +211,7 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro
}
private boolean configureSourceNat(long vlanId, String guestCidr,
- PublicIp sourceNatIp, long hostId) {
+ PublicIp sourceNatIp, long hostId) {
boolean add = (sourceNatIp.getState() == IpAddress.State.Releasing ? false : true);
IpAddressTO ip = new IpAddressTO(sourceNatIp.getAccountId(), sourceNatIp.getAddress().addr(), add, false,
sourceNatIp.isSourceNat(), sourceNatIp.getVlanTag(), sourceNatIp.getGateway(), sourceNatIp.getNetmask(), sourceNatIp.getMacAddress(),
@@ -230,7 +229,7 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro
}
private boolean associateAsaWithLogicalEdgeFirewall(long vlanId,
- String asaMgmtIp, long hostId) {
+ String asaMgmtIp, long hostId) {
AssociateAsaWithLogicalEdgeFirewallCommand cmd =
new AssociateAsaWithLogicalEdgeFirewallCommand(vlanId, asaMgmtIp);
Answer answer = _agentMgr.easySend(hostId, cmd);
@@ -239,9 +238,9 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro
@Override
public boolean implement(Network network, NetworkOffering offering,
- DeployDestination dest, ReservationContext context)
- throws ConcurrentOperationException, ResourceUnavailableException,
- InsufficientCapacityException {
+ DeployDestination dest, ReservationContext context)
+ throws ConcurrentOperationException, ResourceUnavailableException,
+ InsufficientCapacityException {
DataCenter zone = _configMgr.getZone(network.getDataCenterId());
if (zone.getNetworkType() == NetworkType.Basic) {
@@ -280,13 +279,13 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro
List asaList = _ciscoAsa1000vDao.listByPhysicalNetwork(network.getPhysicalNetworkId());
if (asaList.isEmpty()) {
s_logger.debug("No Cisco ASA 1000v device on network " + network.getName());
- return false;
+ return false;
}
NetworkAsa1000vMapVO asaForNetwork = _networkAsa1000vMapDao.findByNetworkId(network.getId());
if (asaForNetwork != null) {
s_logger.debug("Cisco ASA 1000v device already associated with network " + network.getName());
- return true;
+ return true;
}
if (!_networkMgr.isProviderSupportServiceInNetwork(network.getId(), Service.SourceNat, Provider.CiscoVnmc)) {
@@ -294,13 +293,13 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro
return false;
}
- Transaction txn = Transaction.currentTxn();
- boolean status = false;
+ Transaction txn = Transaction.currentTxn();
+ boolean status = false;
try {
- txn.start();
+ txn.start();
// ensure that there is an ASA 1000v assigned to this network
- CiscoAsa1000vDevice assignedAsa = assignAsa1000vToNetwork(network);
+ CiscoAsa1000vDevice assignedAsa = assignAsa1000vToNetwork(network);
if (assignedAsa == null) {
s_logger.error("Unable to assign ASA 1000v device to network " + network.getName());
return false;
@@ -354,84 +353,84 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro
return true;
}
- @Override
- public boolean prepare(Network network, NicProfile nic,
- VirtualMachineProfile vm,
- DeployDestination dest, ReservationContext context)
- throws ConcurrentOperationException, ResourceUnavailableException,
- InsufficientCapacityException {
- //Ensure that there is an ASA 1000v assigned to this network
- return true;
- }
+ @Override
+ public boolean prepare(Network network, NicProfile nic,
+ VirtualMachineProfile vm,
+ DeployDestination dest, ReservationContext context)
+ throws ConcurrentOperationException, ResourceUnavailableException,
+ InsufficientCapacityException {
+ //Ensure that there is an ASA 1000v assigned to this network
+ return true;
+ }
- @Override
- public boolean release(Network network, NicProfile nic,
- VirtualMachineProfile vm,
- ReservationContext context) throws ConcurrentOperationException,
- ResourceUnavailableException {
- // TODO Auto-generated method stub
- return false;
- }
+ @Override
+ public boolean release(Network network, NicProfile nic,
+ VirtualMachineProfile vm,
+ ReservationContext context) throws ConcurrentOperationException,
+ ResourceUnavailableException {
+ // TODO Auto-generated method stub
+ return false;
+ }
- @Override
- public boolean shutdown(Network network, ReservationContext context,
- boolean cleanup) throws ConcurrentOperationException,
- ResourceUnavailableException {
- // TODO Auto-generated method stub
- return false;
- }
+ @Override
+ public boolean shutdown(Network network, ReservationContext context,
+ boolean cleanup) throws ConcurrentOperationException,
+ ResourceUnavailableException {
+ // TODO Auto-generated method stub
+ return false;
+ }
- @Override
- public boolean isReady(PhysicalNetworkServiceProvider provider) {
- // TODO Auto-generated method stub
- return false;
- }
+ @Override
+ public boolean isReady(PhysicalNetworkServiceProvider provider) {
+ // TODO Auto-generated method stub
+ return false;
+ }
- @Override
- public boolean shutdownProviderInstances(
- PhysicalNetworkServiceProvider provider, ReservationContext context)
- throws ConcurrentOperationException, ResourceUnavailableException {
- // TODO Auto-generated method stub
- return false;
- }
+ @Override
+ public boolean shutdownProviderInstances(
+ PhysicalNetworkServiceProvider provider, ReservationContext context)
+ throws ConcurrentOperationException, ResourceUnavailableException {
+ // TODO Auto-generated method stub
+ return false;
+ }
- @Override
- public boolean canEnableIndividualServices() {
- return true;
- }
+ @Override
+ public boolean canEnableIndividualServices() {
+ return true;
+ }
- @Override
- public boolean verifyServicesCombination(Set services) {
+ @Override
+ public boolean verifyServicesCombination(Set services) {
if (!services.contains(Service.Firewall)) {
s_logger.warn("CiscoVnmc must be used as Firewall Service Provider in the network");
return false;
}
return true;
- }
+ }
- @Override
- public boolean applyFWRules(Network network,
- List rules)
- throws ResourceUnavailableException {
- // TODO Auto-generated method stub
- return false;
- }
+ @Override
+ public boolean applyFWRules(Network network,
+ List rules)
+ throws ResourceUnavailableException {
+ // TODO Auto-generated method stub
+ return false;
+ }
- @Override
- public boolean destroy(Network network, ReservationContext context)
- throws ConcurrentOperationException, ResourceUnavailableException {
- // TODO Auto-generated method stub
- return false;
- }
+ @Override
+ public boolean destroy(Network network, ReservationContext context)
+ throws ConcurrentOperationException, ResourceUnavailableException {
+ // TODO Auto-generated method stub
+ return false;
+ }
- @Override
- public List> getCommands() {
- // TODO Auto-generated method stub
- return null;
- }
+ @Override
+ public List> getCommands() {
+ // TODO Auto-generated method stub
+ return null;
+ }
- @Override
- public CiscoVnmcController addCiscoVnmcResource(AddCiscoVnmcResourceCmd cmd) {
+ @Override
+ public CiscoVnmcController addCiscoVnmcResource(AddCiscoVnmcResourceCmd cmd) {
String deviceName = Provider.CiscoVnmc.getName();
NetworkDevice networkDevice = NetworkDevice.getNetworkDevice(deviceName);
Long physicalNetworkId = cmd.getPhysicalNetworkId();
@@ -469,7 +468,7 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro
Map hostdetails = new HashMap();
hostdetails.putAll(params);
- ServerResource resource = new CiscoVnmcResource();
+ ServerResource resource = new CiscoVnmcResource();
Transaction txn = Transaction.currentTxn();
try {
resource.configure(cmd.getHost(), hostdetails);
@@ -495,114 +494,114 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro
}
}
- @Override
- public CiscoVnmcResourceResponse createCiscoVnmcResourceResponse(
- CiscoVnmcController ciscoVnmcResourceVO) {
- HostVO ciscoVnmcHost = _hostDao.findById(ciscoVnmcResourceVO.getHostId());
+ @Override
+ public CiscoVnmcResourceResponse createCiscoVnmcResourceResponse(
+ CiscoVnmcController ciscoVnmcResourceVO) {
+ HostVO ciscoVnmcHost = _hostDao.findById(ciscoVnmcResourceVO.getHostId());
- CiscoVnmcResourceResponse response = new CiscoVnmcResourceResponse();
- response.setId(ciscoVnmcResourceVO.getUuid());
- response.setPhysicalNetworkId(ciscoVnmcResourceVO.getPhysicalNetworkId());
- response.setProviderName(ciscoVnmcResourceVO.getProviderName());
- response.setResourceName(ciscoVnmcHost.getName());
+ CiscoVnmcResourceResponse response = new CiscoVnmcResourceResponse();
+ response.setId(ciscoVnmcResourceVO.getUuid());
+ response.setPhysicalNetworkId(ciscoVnmcResourceVO.getPhysicalNetworkId());
+ response.setProviderName(ciscoVnmcResourceVO.getProviderName());
+ response.setResourceName(ciscoVnmcHost.getName());
- return response;
- }
+ return response;
+ }
- @Override
- public boolean deleteCiscoVnmcResource(DeleteCiscoVnmcResourceCmd cmd) {
- // TODO Auto-generated method stub
- return false;
- }
+ @Override
+ public boolean deleteCiscoVnmcResource(DeleteCiscoVnmcResourceCmd cmd) {
+ // TODO Auto-generated method stub
+ return false;
+ }
- @Override
- public List listCiscoVnmcResources(
- ListCiscoVnmcResourcesCmd cmd) {
- Long physicalNetworkId = cmd.getPhysicalNetworkId();
- Long ciscoVnmcResourceId = cmd.getCiscoVnmcResourceId();
- List responseList = new ArrayList();
+ @Override
+ public List listCiscoVnmcResources(
+ ListCiscoVnmcResourcesCmd cmd) {
+ Long physicalNetworkId = cmd.getPhysicalNetworkId();
+ Long ciscoVnmcResourceId = cmd.getCiscoVnmcResourceId();
+ List responseList = new ArrayList();
- if (physicalNetworkId == null && ciscoVnmcResourceId == null) {
- throw new InvalidParameterValueException("Either physical network Id or vnmc device Id must be specified");
- }
+ if (physicalNetworkId == null && ciscoVnmcResourceId == null) {
+ throw new InvalidParameterValueException("Either physical network Id or vnmc device Id must be specified");
+ }
- if (ciscoVnmcResourceId != null) {
- CiscoVnmcControllerVO ciscoVnmcResource = _ciscoVnmcDao.findById(ciscoVnmcResourceId);
- if (ciscoVnmcResource == null) {
- throw new InvalidParameterValueException("Could not find Cisco Vnmc device with id: " + ciscoVnmcResource);
- }
- responseList.add(ciscoVnmcResource);
- }
- else {
- PhysicalNetworkVO physicalNetwork = _physicalNetworkDao.findById(physicalNetworkId);
- if (physicalNetwork == null) {
- throw new InvalidParameterValueException("Could not find a physical network with id: " + physicalNetworkId);
- }
- responseList = _ciscoVnmcDao.listByPhysicalNetwork(physicalNetworkId);
- }
+ if (ciscoVnmcResourceId != null) {
+ CiscoVnmcControllerVO ciscoVnmcResource = _ciscoVnmcDao.findById(ciscoVnmcResourceId);
+ if (ciscoVnmcResource == null) {
+ throw new InvalidParameterValueException("Could not find Cisco Vnmc device with id: " + ciscoVnmcResource);
+ }
+ responseList.add(ciscoVnmcResource);
+ }
+ else {
+ PhysicalNetworkVO physicalNetwork = _physicalNetworkDao.findById(physicalNetworkId);
+ if (physicalNetwork == null) {
+ throw new InvalidParameterValueException("Could not find a physical network with id: " + physicalNetworkId);
+ }
+ responseList = _ciscoVnmcDao.listByPhysicalNetwork(physicalNetworkId);
+ }
- return responseList;
- }
-
- @Override
- public IpDeployer getIpDeployer(Network network) {
- // TODO Auto-generated method stub
- return null;
- }
+ return responseList;
+ }
+
+ @Override
+ public IpDeployer getIpDeployer(Network network) {
+ // TODO Auto-generated method stub
+ return null;
+ }
- @Override
- public boolean applyPFRules(Network network, List rules)
- throws ResourceUnavailableException {
- // TODO Auto-generated method stub
- return false;
- }
+ @Override
+ public boolean applyPFRules(Network network, List rules)
+ throws ResourceUnavailableException {
+ // TODO Auto-generated method stub
+ return false;
+ }
- @Override
- public boolean applyStaticNats(Network config,
- List rules)
- throws ResourceUnavailableException {
- // TODO Auto-generated method stub
- return false;
- }
+ @Override
+ public boolean applyStaticNats(Network config,
+ List rules)
+ throws ResourceUnavailableException {
+ // TODO Auto-generated method stub
+ return false;
+ }
- @Override
- public boolean applyIps(Network network,
- List ipAddress, Set services)
- throws ResourceUnavailableException {
- // TODO Auto-generated method stub
- return false;
- }
+ @Override
+ public boolean applyIps(Network network,
+ List ipAddress, Set services)
+ throws ResourceUnavailableException {
+ // TODO Auto-generated method stub
+ return false;
+ }
- @Override
- public HostVO createHostVOForConnectedAgent(HostVO host,
- StartupCommand[] cmd) {
- // TODO Auto-generated method stub
- return null;
- }
+ @Override
+ public HostVO createHostVOForConnectedAgent(HostVO host,
+ StartupCommand[] cmd) {
+ // TODO Auto-generated method stub
+ return null;
+ }
- @Override
- public HostVO createHostVOForDirectConnectAgent(HostVO host,
- StartupCommand[] startup, ServerResource resource,
- Map details, List hostTags) {
+ @Override
+ public HostVO createHostVOForDirectConnectAgent(HostVO host,
+ StartupCommand[] startup, ServerResource resource,
+ Map details, List hostTags) {
if (!(startup[0] instanceof StartupExternalFirewallCommand)) {
return null;
}
host.setType(Host.Type.ExternalFirewall);
return host;
- }
+ }
- @Override
- public DeleteHostAnswer deleteHost(HostVO host, boolean isForced,
- boolean isForceDeleteStorage) throws UnableDeleteHostException {
+ @Override
+ public DeleteHostAnswer deleteHost(HostVO host, boolean isForced,
+ boolean isForceDeleteStorage) throws UnableDeleteHostException {
if (host.getType() != com.cloud.host.Host.Type.ExternalFirewall) {
return null;
}
return new DeleteHostAnswer(true);
- }
+ }
- @Override
- public CiscoAsa1000vDevice addCiscoAsa1000vResource(
- AddCiscoAsa1000vResourceCmd cmd) {
+ @Override
+ public CiscoAsa1000vDevice addCiscoAsa1000vResource(
+ AddCiscoAsa1000vResourceCmd cmd) {
Long physicalNetworkId = cmd.getPhysicalNetworkId();
CiscoAsa1000vDevice ciscoAsa1000vResource = null;
@@ -615,56 +614,56 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro
_ciscoAsa1000vDao.persist((CiscoAsa1000vDeviceVO)ciscoAsa1000vResource);
return ciscoAsa1000vResource;
- }
+ }
- @Override
- public CiscoAsa1000vResourceResponse createCiscoAsa1000vResourceResponse(
- CiscoAsa1000vDevice ciscoAsa1000vDeviceVO) {
- CiscoAsa1000vResourceResponse response = new CiscoAsa1000vResourceResponse();
- response.setId(ciscoAsa1000vDeviceVO.getUuid());
- response.setManagementIp(ciscoAsa1000vDeviceVO.getManagementIp());
- response.setInPortProfile(ciscoAsa1000vDeviceVO.getInPortProfile());
+ @Override
+ public CiscoAsa1000vResourceResponse createCiscoAsa1000vResourceResponse(
+ CiscoAsa1000vDevice ciscoAsa1000vDeviceVO) {
+ CiscoAsa1000vResourceResponse response = new CiscoAsa1000vResourceResponse();
+ response.setId(ciscoAsa1000vDeviceVO.getUuid());
+ response.setManagementIp(ciscoAsa1000vDeviceVO.getManagementIp());
+ response.setInPortProfile(ciscoAsa1000vDeviceVO.getInPortProfile());
- return response;
- }
+ return response;
+ }
- @Override
- public boolean deleteCiscoAsa1000vResource(
- DeleteCiscoAsa1000vResourceCmd cmd) {
- // TODO Auto-generated method stub
- return false;
- }
+ @Override
+ public boolean deleteCiscoAsa1000vResource(
+ DeleteCiscoAsa1000vResourceCmd cmd) {
+ // TODO Auto-generated method stub
+ return false;
+ }
- @Override
- public List listCiscoAsa1000vResources(
- ListCiscoAsa1000vResourcesCmd cmd) {
- Long physicalNetworkId = cmd.getPhysicalNetworkId();
- Long ciscoAsa1000vResourceId = cmd.getCiscoAsa1000vResourceId();
- List responseList = new ArrayList();
+ @Override
+ public List listCiscoAsa1000vResources(
+ ListCiscoAsa1000vResourcesCmd cmd) {
+ Long physicalNetworkId = cmd.getPhysicalNetworkId();
+ Long ciscoAsa1000vResourceId = cmd.getCiscoAsa1000vResourceId();
+ List responseList = new ArrayList();
- if (physicalNetworkId == null && ciscoAsa1000vResourceId == null) {
- throw new InvalidParameterValueException("Either physical network Id or Asa 1000v device Id must be specified");
- }
+ if (physicalNetworkId == null && ciscoAsa1000vResourceId == null) {
+ throw new InvalidParameterValueException("Either physical network Id or Asa 1000v device Id must be specified");
+ }
- if (ciscoAsa1000vResourceId != null) {
- CiscoAsa1000vDeviceVO ciscoAsa1000vResource = _ciscoAsa1000vDao.findById(ciscoAsa1000vResourceId);
- if (ciscoAsa1000vResource == null) {
- throw new InvalidParameterValueException("Could not find Cisco Asa 1000v device with id: " + ciscoAsa1000vResourceId);
- }
- responseList.add(ciscoAsa1000vResource);
- } else {
- PhysicalNetworkVO physicalNetwork = _physicalNetworkDao.findById(physicalNetworkId);
- if (physicalNetwork == null) {
- throw new InvalidParameterValueException("Could not find a physical network with id: " + physicalNetworkId);
- }
- responseList = _ciscoAsa1000vDao.listByPhysicalNetwork(physicalNetworkId);
- }
+ if (ciscoAsa1000vResourceId != null) {
+ CiscoAsa1000vDeviceVO ciscoAsa1000vResource = _ciscoAsa1000vDao.findById(ciscoAsa1000vResourceId);
+ if (ciscoAsa1000vResource == null) {
+ throw new InvalidParameterValueException("Could not find Cisco Asa 1000v device with id: " + ciscoAsa1000vResourceId);
+ }
+ responseList.add(ciscoAsa1000vResource);
+ } else {
+ PhysicalNetworkVO physicalNetwork = _physicalNetworkDao.findById(physicalNetworkId);
+ if (physicalNetwork == null) {
+ throw new InvalidParameterValueException("Could not find a physical network with id: " + physicalNetworkId);
+ }
+ responseList = _ciscoAsa1000vDao.listByPhysicalNetwork(physicalNetworkId);
+ }
- return responseList;
- }
+ return responseList;
+ }
- @Override
- public CiscoAsa1000vDevice assignAsa1000vToNetwork(Network network) {
+ @Override
+ public CiscoAsa1000vDevice assignAsa1000vToNetwork(Network network) {
List asaList = _ciscoAsa1000vDao.listByPhysicalNetwork(network.getPhysicalNetworkId());
for (CiscoAsa1000vDeviceVO asa : asaList) {
NetworkAsa1000vMapVO assignedToNetwork = _networkAsa1000vMapDao.findByAsa1000vId(asa.getId());
@@ -672,7 +671,7 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro
NetworkAsa1000vMapVO networkAsaMap = new NetworkAsa1000vMapVO(network.getId(), asa.getId());
_networkAsa1000vMapDao.persist(networkAsaMap);
return asa;
- }
+ }
}
return null;
}
diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java
index 83d0588eca1..3e58398537c 100644
--- a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java
+++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java
@@ -42,9 +42,11 @@ import com.cloud.agent.api.StartupExternalFirewallCommand;
import com.cloud.agent.api.routing.IpAssocAnswer;
import com.cloud.agent.api.routing.IpAssocCommand;
import com.cloud.agent.api.routing.NetworkElementCommand;
+import com.cloud.agent.api.routing.SetFirewallRulesCommand;
import com.cloud.agent.api.routing.SetPortForwardingRulesCommand;
import com.cloud.agent.api.routing.SetSourceNatCommand;
import com.cloud.agent.api.routing.SetStaticNatRulesCommand;
+import com.cloud.agent.api.to.FirewallRuleTO;
import com.cloud.host.Host;
import com.cloud.network.cisco.CiscoVnmcConnectionImpl;
import com.cloud.resource.ServerResource;
@@ -71,7 +73,7 @@ public class CiscoVnmcResource implements ServerResource{
private String _publicInterface;
private String _privateInterface;
- CiscoVnmcConnectionImpl _connection;
+ CiscoVnmcConnectionImpl _connection;
private final Logger s_logger = Logger.getLogger(CiscoVnmcResource.class);
@@ -84,6 +86,8 @@ public class CiscoVnmcResource implements ServerResource{
return execute((IpAssocCommand) cmd);
} else if (cmd instanceof SetSourceNatCommand) {
return execute((SetSourceNatCommand) cmd);
+ } else if (cmd instanceof SetFirewallRulesCommand) {
+ return execute((SetFirewallRulesCommand) cmd);
} else if (cmd instanceof SetStaticNatRulesCommand) {
return execute((SetStaticNatRulesCommand) cmd);
} else if (cmd instanceof SetPortForwardingRulesCommand) {
@@ -93,9 +97,9 @@ public class CiscoVnmcResource implements ServerResource{
} else if (cmd instanceof CreateLogicalEdgeFirewallCommand) {
return execute((CreateLogicalEdgeFirewallCommand)cmd);
} else if (cmd instanceof ConfigureNexusVsmForAsaCommand) {
- return execute((ConfigureNexusVsmForAsaCommand)cmd);
+ return execute((ConfigureNexusVsmForAsaCommand)cmd);
} else if (cmd instanceof AssociateAsaWithLogicalEdgeFirewallCommand) {
- return execute((AssociateAsaWithLogicalEdgeFirewallCommand)cmd);
+ return execute((AssociateAsaWithLogicalEdgeFirewallCommand)cmd);
} else {
return Answer.createUnsupportedCommandAnswer(cmd);
}
@@ -131,7 +135,7 @@ public class CiscoVnmcResource implements ServerResource{
_password = (String) params.get("password");
if (_password == null) {
throw new ConfigurationException("Unable to find password");
- }
+ }
_publicInterface = (String) params.get("publicinterface");
if (_publicInterface == null) {
@@ -232,7 +236,7 @@ public class CiscoVnmcResource implements ServerResource{
}
private ExternalNetworkResourceUsageAnswer execute(ExternalNetworkResourceUsageCommand cmd) {
- return new ExternalNetworkResourceUsageAnswer(cmd);
+ return new ExternalNetworkResourceUsageAnswer(cmd);
}
/*
@@ -243,13 +247,13 @@ public class CiscoVnmcResource implements ServerResource{
try {
ret = _connection.login();
} catch (ExecutionException ex) {
- s_logger.error("Login to Vnmc failed", ex);
+ s_logger.error("Login to Vnmc failed", ex);
}
return ret;
}
private synchronized Answer execute(IpAssocCommand cmd) {
- refreshVnmcConnection();
+ refreshVnmcConnection();
return execute(cmd, _numRetries);
}
@@ -262,17 +266,17 @@ public class CiscoVnmcResource implements ServerResource{
* Source NAT
*/
private synchronized Answer execute(SetSourceNatCommand cmd) {
- refreshVnmcConnection();
+ refreshVnmcConnection();
return execute(cmd, _numRetries);
}
private Answer execute(SetSourceNatCommand cmd, int numRetries) {
- String vlanId = cmd.getContextParam(NetworkElementCommand.GUEST_VLAN_TAG);
+ String vlanId = cmd.getContextParam(NetworkElementCommand.GUEST_VLAN_TAG);
String tenant = "vlan-" + vlanId;
try {
// create-nat-policy-set
if (!_connection.createTenantVDCNatPolicySet(tenant)) {
- throw new Exception("Failed to create NAT policy set in VNMC for guest network with vlan " + vlanId);
+ throw new Exception("Failed to create NAT policy set in VNMC for guest network with vlan " + vlanId);
}
// create-source-nat-pool
@@ -304,11 +308,66 @@ public class CiscoVnmcResource implements ServerResource{
return new Answer(cmd, true, "Success");
}
+ /*
+ * Firewall rule
+ */
+ private synchronized Answer execute(SetFirewallRulesCommand cmd) {
+ refreshVnmcConnection();
+ return execute(cmd, _numRetries);
+ }
+
+ private Answer execute(SetFirewallRulesCommand cmd, int numRetries) {
+ String vlanId = cmd.getContextParam(NetworkElementCommand.GUEST_VLAN_TAG);
+ String tenant = "vlan-" + vlanId;
+ try {
+ // create-acl-policy-set for ingress
+ _connection.createTenantVDCAclPolicySet(tenant, true);
+
+ // delete-acl-policy for ingress
+ _connection.deleteTenantVDCAclPolicy(tenant, true);
+ // delete-acl-policy for egress
+
+ // create-acl-policy for ingress
+ _connection.createTenantVDCAclPolicy(tenant, true);
+
+ // create-acl-policy-set for egress
+ // create-acl-policy for egress
+
+ FirewallRuleTO[] rules = cmd.getRules();
+ for (FirewallRuleTO rule : rules) {
+ if (rule.revoked()) {
+ // delete-acl-rule
+ //_connection.deleteAclRule(tenant, Long.toString(rule.getId()));
+ } else {
+ String cidr = rule.getSourceCidrList().get(0);
+ String[] result = cidr.split("\\/");
+ assert (result.length == 2) : "Something is wrong with source cidr " + cidr;
+ long size = Long.valueOf(result[1]);
+ String startIp = NetUtils.getIpRangeStartIpFromCidr(result[0], size);
+ String endIp = NetUtils.getIpRangeEndIpFromCidr(result[0], size);
+ // create-ingress-acl-rule
+ _connection.createIngressAclRule(tenant,
+ Long.toString(rule.getId()), rule.getProtocol().toUpperCase(), startIp, endIp,
+ Integer.toString(rule.getSrcPortRange()[0]), Integer.toString(rule.getSrcPortRange()[1]), rule.getSrcIp());
+ }
+ }
+
+ // associate-acl-policy-set
+ _connection.associateAclPolicySet(tenant);
+ } catch (Throwable e) {
+ String msg = "SetFirewallRulesCommand failed due to " + e.getMessage();
+ s_logger.error(msg, e);
+ return new Answer(cmd, false, msg);
+ }
+
+ return new Answer(cmd);
+ }
+
/*
* Static NAT
*/
private synchronized Answer execute(SetStaticNatRulesCommand cmd) {
- refreshVnmcConnection();
+ refreshVnmcConnection();
return execute(cmd, _numRetries);
}
@@ -320,7 +379,7 @@ public class CiscoVnmcResource implements ServerResource{
* Destination NAT
*/
private synchronized Answer execute(SetPortForwardingRulesCommand cmd) {
- refreshVnmcConnection();
+ refreshVnmcConnection();
return execute(cmd, _numRetries);
}
@@ -332,7 +391,7 @@ public class CiscoVnmcResource implements ServerResource{
* Logical edge firewall
*/
private synchronized Answer execute(CreateLogicalEdgeFirewallCommand cmd) {
- refreshVnmcConnection();
+ refreshVnmcConnection();
return execute(cmd, _numRetries);
}
@@ -341,19 +400,19 @@ public class CiscoVnmcResource implements ServerResource{
try {
// create tenant
if (!_connection.createTenant(tenant))
- throw new Exception("Failed to create tenant in VNMC for guest network with vlan " + cmd.getVlanId());
+ throw new Exception("Failed to create tenant in VNMC for guest network with vlan " + cmd.getVlanId());
// create tenant VDC
if (!_connection.createTenantVDC(tenant))
- throw new Exception("Failed to create tenant VDC in VNMC for guest network with vlan " + cmd.getVlanId());
+ throw new Exception("Failed to create tenant VDC in VNMC for guest network with vlan " + cmd.getVlanId());
// create edge security profile
if (!_connection.createTenantVDCEdgeSecurityProfile(tenant))
- throw new Exception("Failed to create tenant edge security profile in VNMC for guest network with vlan " + cmd.getVlanId());
+ throw new Exception("Failed to create tenant edge security profile in VNMC for guest network with vlan " + cmd.getVlanId());
// create logical edge firewall
if (!_connection.createEdgeFirewall(tenant, cmd.getPublicIp(), cmd.getInternalIp(), cmd.getPublicSubnet(), cmd.getInternalSubnet()))
- throw new Exception("Failed to create edge firewall in VNMC for guest network with vlan " + cmd.getVlanId());
+ throw new Exception("Failed to create edge firewall in VNMC for guest network with vlan " + cmd.getVlanId());
} catch (Throwable e) {
String msg = "CreateLogicalEdgeFirewallCommand failed due to " + e.getMessage();
s_logger.error(msg, e);
@@ -371,7 +430,7 @@ public class CiscoVnmcResource implements ServerResource{
}
private Answer execute(ConfigureNexusVsmForAsaCommand cmd, int numRetries) {
- String vlanId = Long.toString(cmd.getVlanId());
+ String vlanId = Long.toString(cmd.getVlanId());
NetconfHelper helper = null;
List> params = new ArrayList>();
params.add(new Pair(OperationType.addvlanid, vlanId));
diff --git a/plugins/network-elements/cisco-vnmc/test/com/cloud/network/cisco/CiscoVnmcConnectionTest.java b/plugins/network-elements/cisco-vnmc/test/com/cloud/network/cisco/CiscoVnmcConnectionTest.java
index d116a52d3c2..9325951b467 100644
--- a/plugins/network-elements/cisco-vnmc/test/com/cloud/network/cisco/CiscoVnmcConnectionTest.java
+++ b/plugins/network-elements/cisco-vnmc/test/com/cloud/network/cisco/CiscoVnmcConnectionTest.java
@@ -30,229 +30,215 @@ import com.cloud.utils.exception.ExecutionException;
@Ignore("Requires actual VNMC to connect to")
public class CiscoVnmcConnectionTest {
- static CiscoVnmcConnectionImpl connection;
- static String tenantName = "TenantE";
- static Map fwDns = null;
-
- @BeforeClass
- public static void setUpClass() throws Exception {
- connection = new CiscoVnmcConnectionImpl("10.223.56.5", "admin", "C1sco123");
- try {
- boolean response = connection.login();
- assertTrue(response);
- } catch (ExecutionException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
+ static CiscoVnmcConnectionImpl connection;
+ static String tenantName = "TenantE";
+ static Map fwDns = null;
-
- @Test
- public void testLogin() {
- //fail("Not yet implemented");
- try {
- boolean response = connection.login();
- assertTrue(response);
- } catch (ExecutionException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
+ @BeforeClass
+ public static void setUpClass() throws Exception {
+ connection = new CiscoVnmcConnectionImpl("10.223.56.5", "admin", "C1sco123");
+ try {
+ boolean response = connection.login();
+ assertTrue(response);
+ } catch (ExecutionException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
-
- @Test
- public void testCreateTenant() {
- //fail("Not yet implemented");
- try {
- boolean response = connection.createTenant(tenantName);
- assertTrue(response);
- } catch (ExecutionException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
-
- @Test
- public void testCreateTenantVDC() {
- //fail("Not yet implemented");
- try {
- boolean response = connection.createTenantVDC(tenantName);
- assertTrue(response);
- } catch (ExecutionException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
-
- @Test
- public void testCreateTenantVDCEdgeDeviceProfile() {
- //fail("Not yet implemented");
- try {
- boolean response = connection.createTenantVDCEdgeDeviceProfile(tenantName);
- assertTrue(response);
- } catch (ExecutionException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
-
- @Test
- public void testCreateTenantVDCEdgeDeviceRoutePolicy() {
- try {
- boolean response = connection.createTenantVDCEdgeStaticRoutePolicy(tenantName);
- assertTrue(response);
- } catch (ExecutionException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
-
- @Test
- public void testCreateTenantVDCEdgeDeviceRoute() {
- try {
- boolean response = connection.createTenantVDCEdgeStaticRoute(tenantName,
- "10.223.136.1", "Edge_Outside", "0.0.0.0", "0.0.0.0");
- assertTrue(response);
- } catch (ExecutionException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
-
- @Test
- public void testAssociateRoutePolicyWithEdgeProfile() {
- try {
- boolean response = connection.associateTenantVDCEdgeStaticRoutePolicy(tenantName);
- assertTrue(response);
- } catch (ExecutionException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
-
- @Test
- public void testAssociateTenantVDCEdgeDhcpPolicy() {
- try {
- boolean response = connection.associateTenantVDCEdgeDhcpPolicy(tenantName, "Edge_Inside");
- assertTrue(response);
- } catch (ExecutionException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
-
- @Test
- public void testCreateTenantVDCEdgeDhcpPolicy() {
- try {
- boolean response = connection.createTenantVDCEdgeDhcpPolicy(tenantName,
- "10.1.1.2", "10.1.1.254", "255.255.255.0","4.4.4.4", tenantName+ ".net");
- assertTrue(response);
- } catch (ExecutionException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
-
- @Test
- public void testCreateTenantVDCEdgeSecurityProfile() {
- try {
- boolean response = connection.createTenantVDCEdgeSecurityProfile(tenantName);
- assertTrue(response);
- } catch (ExecutionException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
-
- @Test
- public void testCreateTenantVDCSourceNATPool() {
- try {
- boolean response = connection.createTenantVDCSourceNATPool(tenantName, "10.223.136.10");
- assertTrue(response);
- } catch (ExecutionException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
-
- @Test
- public void testCreateTenantVDCSourceNATPolicy() {
- try {
- boolean response = connection.createTenantVDCSourceNATPolicy(tenantName, "10.1.1.2", "10.1.1.254");
- assertTrue(response);
- } catch (ExecutionException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
-
- @Test
- public void testCreateTenantVDCNatPolicySet() {
- try {
- boolean response = connection.createTenantVDCNatPolicySet(tenantName);
- assertTrue(response);
- } catch (ExecutionException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
-
- @Test
- public void testAssociateNatPolicySet() {
- try {
- boolean response = connection.associateNatPolicySet(tenantName);
- assertTrue(response);
- } catch (ExecutionException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
-
- @Test
- public void testCreateEdgeFirewall() {
- try {
- boolean response = connection.createEdgeFirewall(tenantName,
- "44.44.44.44", "192.168.1.1", "255.255.255.0", "255.255.255.192");
- assertTrue(response);
- } catch (ExecutionException e) {
- e.printStackTrace();
- }
- }
-
- @Test
- public void testListUnassocAsa1000v() {
- try {
- Map response = connection.listUnAssocAsa1000v();
- assertTrue(response.size() >=0);
- fwDns = response;
- } catch (ExecutionException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
-
-
- @Test
- public void assocAsa1000v() {
- try {
- boolean result = connection.assocAsa1000v(tenantName, fwDns.get(0));
- assertTrue(result);
- } catch (ExecutionException e) {
- // TODO Auto-generated catch block
- e.printStackTrace();
- }
- }
+
+ @Test
+ public void testLogin() {
+ //fail("Not yet implemented");
+ try {
+ boolean response = connection.login();
+ assertTrue(response);
+ } catch (ExecutionException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+
+ @Test
+ public void testCreateTenant() {
+ //fail("Not yet implemented");
+ try {
+ boolean response = connection.createTenant(tenantName);
+ assertTrue(response);
+ } catch (ExecutionException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void testCreateTenantVDC() {
+ //fail("Not yet implemented");
+ try {
+ boolean response = connection.createTenantVDC(tenantName);
+ assertTrue(response);
+ } catch (ExecutionException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void testCreateTenantVDCEdgeDeviceProfile() {
+ //fail("Not yet implemented");
+ try {
+ boolean response = connection.createTenantVDCEdgeDeviceProfile(tenantName);
+ assertTrue(response);
+ } catch (ExecutionException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void testCreateTenantVDCEdgeDeviceRoutePolicy() {
+ try {
+ boolean response = connection.createTenantVDCEdgeStaticRoutePolicy(tenantName);
+ assertTrue(response);
+ } catch (ExecutionException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void testCreateTenantVDCEdgeDeviceRoute() {
+ try {
+ boolean response = connection.createTenantVDCEdgeStaticRoute(tenantName,
+ "10.223.136.1", "Edge_Outside", "0.0.0.0", "0.0.0.0");
+ assertTrue(response);
+ } catch (ExecutionException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void testAssociateRoutePolicyWithEdgeProfile() {
+ try {
+ boolean response = connection.associateTenantVDCEdgeStaticRoutePolicy(tenantName);
+ assertTrue(response);
+ } catch (ExecutionException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void testAssociateTenantVDCEdgeDhcpPolicy() {
+ try {
+ boolean response = connection.associateTenantVDCEdgeDhcpPolicy(tenantName, "Edge_Inside");
+ assertTrue(response);
+ } catch (ExecutionException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void testCreateTenantVDCEdgeDhcpPolicy() {
+ try {
+ boolean response = connection.createTenantVDCEdgeDhcpPolicy(tenantName,
+ "10.1.1.2", "10.1.1.254", "255.255.255.0","4.4.4.4", tenantName+ ".net");
+ assertTrue(response);
+ } catch (ExecutionException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void testCreateTenantVDCEdgeSecurityProfile() {
+ try {
+ boolean response = connection.createTenantVDCEdgeSecurityProfile(tenantName);
+ assertTrue(response);
+ } catch (ExecutionException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void testCreateTenantVDCSourceNATPool() {
+ try {
+ boolean response = connection.createTenantVDCSourceNATPool(tenantName, "10.223.136.10");
+ assertTrue(response);
+ } catch (ExecutionException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void testCreateTenantVDCSourceNATPolicy() {
+ try {
+ boolean response = connection.createTenantVDCSourceNATPolicy(tenantName, "10.1.1.2", "10.1.1.254");
+ assertTrue(response);
+ } catch (ExecutionException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void testCreateTenantVDCNatPolicySet() {
+ try {
+ boolean response = connection.createTenantVDCNatPolicySet(tenantName);
+ assertTrue(response);
+ } catch (ExecutionException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void testAssociateNatPolicySet() {
+ try {
+ boolean response = connection.associateNatPolicySet(tenantName);
+ assertTrue(response);
+ } catch (ExecutionException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void testCreateEdgeFirewall() {
+ try {
+ boolean response = connection.createEdgeFirewall(tenantName,
+ "44.44.44.44", "192.168.1.1", "255.255.255.0", "255.255.255.192");
+ assertTrue(response);
+ } catch (ExecutionException e) {
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void testListUnassocAsa1000v() {
+ try {
+ Map response = connection.listUnAssocAsa1000v();
+ assertTrue(response.size() >=0);
+ fwDns = response;
+ } catch (ExecutionException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void assocAsa1000v() {
+ try {
+ boolean result = connection.assocAsa1000v(tenantName, fwDns.get(0));
+ assertTrue(result);
+ } catch (ExecutionException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
}