diff --git a/DISCLAIMER b/DISCLAIMER deleted file mode 100644 index fa1e9261a36..00000000000 --- a/DISCLAIMER +++ /dev/null @@ -1,7 +0,0 @@ -Apache CloudStack is an effort undergoing incubation at The Apache Software Foundation (ASF), -sponsored by the Apache Incubator. Incubation is required of all newly accepted -projects until a further review indicates that the infrastructure, communications, and -decision making process have stabilized in a manner consistent with other successful ASF -projects. While incubation status is not necessarily a reflection of the completeness or -stability of the code, it does indicate that the project has yet to be fully endorsed by -the ASF. diff --git a/api/src/com/cloud/configuration/ConfigurationService.java b/api/src/com/cloud/configuration/ConfigurationService.java index e63fcece525..6937d0b64de 100644 --- a/api/src/com/cloud/configuration/ConfigurationService.java +++ b/api/src/com/cloud/configuration/ConfigurationService.java @@ -35,7 +35,9 @@ import org.apache.cloudstack.api.command.admin.offering.UpdateServiceOfferingCmd import org.apache.cloudstack.api.command.admin.pod.DeletePodCmd; import org.apache.cloudstack.api.command.admin.pod.UpdatePodCmd; import org.apache.cloudstack.api.command.admin.vlan.CreateVlanIpRangeCmd; +import org.apache.cloudstack.api.command.admin.vlan.DedicatePublicIpRangeCmd; import org.apache.cloudstack.api.command.admin.vlan.DeleteVlanIpRangeCmd; +import org.apache.cloudstack.api.command.admin.vlan.ReleasePublicIpRangeCmd; import org.apache.cloudstack.api.command.admin.zone.CreateZoneCmd; import org.apache.cloudstack.api.command.admin.zone.DeleteZoneCmd; import org.apache.cloudstack.api.command.admin.zone.UpdateZoneCmd; @@ -234,6 +236,10 @@ public interface ConfigurationService { boolean deleteVlanIpRange(DeleteVlanIpRangeCmd cmd); + Vlan dedicatePublicIpRange(DedicatePublicIpRangeCmd cmd) throws ResourceAllocationException; + + boolean releasePublicIpRange(ReleasePublicIpRangeCmd cmd); + NetworkOffering createNetworkOffering(CreateNetworkOfferingCmd cmd); NetworkOffering updateNetworkOffering(UpdateNetworkOfferingCmd cmd); diff --git a/api/src/com/cloud/event/EventTypes.java b/api/src/com/cloud/event/EventTypes.java index 6a26212ecc7..0ee7f402fd7 100755 --- a/api/src/com/cloud/event/EventTypes.java +++ b/api/src/com/cloud/event/EventTypes.java @@ -226,6 +226,8 @@ public class EventTypes { // VLANs/IP ranges public static final String EVENT_VLAN_IP_RANGE_CREATE = "VLAN.IP.RANGE.CREATE"; public static final String EVENT_VLAN_IP_RANGE_DELETE = "VLAN.IP.RANGE.DELETE"; + public static final String EVENT_VLAN_IP_RANGE_DEDICATE = "VLAN.IP.RANGE.DEDICATE"; + public static final String EVENT_VLAN_IP_RANGE_RELEASE = "VLAN.IP.RANGE.RELEASE"; public static final String EVENT_STORAGE_IP_RANGE_CREATE = "STORAGE.IP.RANGE.CREATE"; public static final String EVENT_STORAGE_IP_RANGE_DELETE = "STORAGE.IP.RANGE.DELETE"; @@ -545,6 +547,8 @@ public class EventTypes { // VLANs/IP ranges entityEventDetails.put(EVENT_VLAN_IP_RANGE_CREATE, Vlan.class.getName()); entityEventDetails.put(EVENT_VLAN_IP_RANGE_DELETE,Vlan.class.getName()); + entityEventDetails.put(EVENT_VLAN_IP_RANGE_DEDICATE, Vlan.class.getName()); + entityEventDetails.put(EVENT_VLAN_IP_RANGE_RELEASE,Vlan.class.getName()); entityEventDetails.put(EVENT_STORAGE_IP_RANGE_CREATE, StorageNetworkIpRange.class.getName()); entityEventDetails.put(EVENT_STORAGE_IP_RANGE_DELETE, StorageNetworkIpRange.class.getName()); diff --git a/api/src/com/cloud/network/Network.java b/api/src/com/cloud/network/Network.java index c0b0117fc7e..ffe70d19dc0 100644 --- a/api/src/com/cloud/network/Network.java +++ b/api/src/com/cloud/network/Network.java @@ -137,6 +137,7 @@ public interface Network extends ControlledEntity, StateObject, I public static final Provider None = new Provider("None", false); // NiciraNvp is not an "External" provider, otherwise we get in trouble with NetworkServiceImpl.providersConfiguredForExternalNetworking public static final Provider NiciraNvp = new Provider("NiciraNvp", false); + public static final Provider CiscoVnmc = new Provider("CiscoVnmc", true); private String name; private boolean isExternal; diff --git a/api/src/com/cloud/network/NetworkService.java b/api/src/com/cloud/network/NetworkService.java index ab6d7bfd882..066009b8b75 100755 --- a/api/src/com/cloud/network/NetworkService.java +++ b/api/src/com/cloud/network/NetworkService.java @@ -46,7 +46,7 @@ public interface NetworkService { List getIsolatedNetworksOwnedByAccountInZone(long zoneId, Account owner); - IpAddress allocateIP(Account ipOwner, boolean isSystem, long zoneId) throws ResourceAllocationException, + IpAddress allocateIP(Account ipOwner, long zoneId, Long networkId) throws ResourceAllocationException, InsufficientAddressCapacityException, ConcurrentOperationException; boolean releaseIpAddress(long ipAddressId) throws InsufficientAddressCapacityException; diff --git a/api/src/com/cloud/vm/DiskProfile.java b/api/src/com/cloud/vm/DiskProfile.java index e34a3340e9e..e3a3386d1e5 100644 --- a/api/src/com/cloud/vm/DiskProfile.java +++ b/api/src/com/cloud/vm/DiskProfile.java @@ -139,7 +139,7 @@ public class DiskProfile { this.hyperType = hyperType; } - public HypervisorType getHypersorType() { + public HypervisorType getHypervisorType() { return this.hyperType; } diff --git a/api/src/org/apache/cloudstack/api/ApiConstants.java b/api/src/org/apache/cloudstack/api/ApiConstants.java index b08e992abd2..37cb59f3758 100755 --- a/api/src/org/apache/cloudstack/api/ApiConstants.java +++ b/api/src/org/apache/cloudstack/api/ApiConstants.java @@ -476,6 +476,7 @@ public class ApiConstants { public static final String AFFINITY_GROUP_IDS = "affinitygroupids"; public static final String AFFINITY_GROUP_NAMES = "affinitygroupnames"; public static final String DEPLOYMENT_PLANNER = "deploymentplanner"; + public static final String ASA_INSIDE_PORT_PROFILE = "insideportprofile"; public enum HostDetails { all, capacity, events, stats, min; diff --git a/api/src/org/apache/cloudstack/api/command/admin/vlan/DedicatePublicIpRangeCmd.java b/api/src/org/apache/cloudstack/api/command/admin/vlan/DedicatePublicIpRangeCmd.java new file mode 100755 index 00000000000..e7b1105af94 --- /dev/null +++ b/api/src/org/apache/cloudstack/api/command/admin/vlan/DedicatePublicIpRangeCmd.java @@ -0,0 +1,108 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package org.apache.cloudstack.api.command.admin.vlan; + +import org.apache.cloudstack.api.APICommand; +import org.apache.cloudstack.api.ApiConstants; +import org.apache.cloudstack.api.ApiErrorCode; +import org.apache.cloudstack.api.BaseCmd; +import org.apache.cloudstack.api.Parameter; +import org.apache.cloudstack.api.ServerApiException; +import org.apache.cloudstack.api.response.DomainResponse; +import org.apache.cloudstack.api.response.ProjectResponse; +import org.apache.cloudstack.api.response.VlanIpRangeResponse; +import org.apache.cloudstack.api.response.ZoneResponse; +import org.apache.log4j.Logger; + +import com.cloud.dc.Vlan; +import com.cloud.exception.ResourceAllocationException; +import com.cloud.exception.ResourceUnavailableException; +import com.cloud.user.Account; + +@APICommand(name = "dedicatePublicIpRange", description="Dedicates a Public IP range to an account", responseObject=VlanIpRangeResponse.class) +public class DedicatePublicIpRangeCmd extends BaseCmd { + public static final Logger s_logger = Logger.getLogger(DedicatePublicIpRangeCmd.class.getName()); + + private static final String s_name = "dedicatepubliciprangeresponse"; + + ///////////////////////////////////////////////////// + //////////////// API parameters ///////////////////// + ///////////////////////////////////////////////////// + + @Parameter(name=ApiConstants.ID, type=CommandType.UUID, entityType = VlanIpRangeResponse.class, + required=true, description="the id of the VLAN IP range") + private Long id; + + @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, required=true, + description="account who will own the VLAN") + private String accountName; + + @Parameter(name=ApiConstants.PROJECT_ID, type=CommandType.UUID, entityType = ProjectResponse.class, + description="project who will own the VLAN") + private Long projectId; + + @Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.UUID, entityType = DomainResponse.class, + required=true, description="domain ID of the account owning a VLAN") + private Long domainId; + + ///////////////////////////////////////////////////// + /////////////////// Accessors /////////////////////// + ///////////////////////////////////////////////////// + + public Long getId() { + return id; + } + + public String getAccountName() { + return accountName; + } + + public Long getDomainId() { + return domainId; + } + + public Long getProjectId() { + return projectId; + } + + ///////////////////////////////////////////////////// + /////////////// API Implementation/////////////////// + ///////////////////////////////////////////////////// + + @Override + public String getCommandName() { + return s_name; + } + + @Override + public long getEntityOwnerId() { + return Account.ACCOUNT_ID_SYSTEM; + } + + @Override + public void execute() throws ResourceUnavailableException, ResourceAllocationException { + Vlan result = _configService.dedicatePublicIpRange(this); + if (result != null) { + VlanIpRangeResponse response = _responseGenerator.createVlanIpRangeResponse(result); + response.setResponseName(getCommandName()); + this.setResponseObject(response); + } else { + throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to dedicate vlan ip range"); + } + } + +} diff --git a/api/src/org/apache/cloudstack/api/command/admin/vlan/ReleasePublicIpRangeCmd.java b/api/src/org/apache/cloudstack/api/command/admin/vlan/ReleasePublicIpRangeCmd.java new file mode 100644 index 00000000000..91cc7d33da9 --- /dev/null +++ b/api/src/org/apache/cloudstack/api/command/admin/vlan/ReleasePublicIpRangeCmd.java @@ -0,0 +1,77 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package org.apache.cloudstack.api.command.admin.vlan; + +import org.apache.cloudstack.api.APICommand; +import org.apache.cloudstack.api.ApiConstants; +import org.apache.cloudstack.api.ApiErrorCode; +import org.apache.cloudstack.api.BaseCmd; +import org.apache.cloudstack.api.Parameter; +import org.apache.cloudstack.api.ServerApiException; +import org.apache.cloudstack.api.response.SuccessResponse; +import org.apache.cloudstack.api.response.VlanIpRangeResponse; +import org.apache.log4j.Logger; + +import com.cloud.user.Account; + +@APICommand(name = "releasePublicIpRange", description="Releases a Public IP range back to the system pool", responseObject=SuccessResponse.class) +public class ReleasePublicIpRangeCmd extends BaseCmd { + public static final Logger s_logger = Logger.getLogger(ReleasePublicIpRangeCmd.class.getName()); + + private static final String s_name = "releasepubliciprangeresponse"; + + ///////////////////////////////////////////////////// + //////////////// API parameters ///////////////////// + ///////////////////////////////////////////////////// + + @Parameter(name=ApiConstants.ID, type=CommandType.UUID, entityType = VlanIpRangeResponse.class, + required=true, description="the id of the Public IP range") + private Long id; + + ///////////////////////////////////////////////////// + /////////////////// Accessors /////////////////////// + ///////////////////////////////////////////////////// + + public Long getId() { + return id; + } + + ///////////////////////////////////////////////////// + /////////////// API Implementation/////////////////// + ///////////////////////////////////////////////////// + + @Override + public String getCommandName() { + return s_name; + } + + @Override + public long getEntityOwnerId() { + return Account.ACCOUNT_ID_SYSTEM; + } + + @Override + public void execute(){ + boolean result = _configService.releasePublicIpRange(this); + if (result) { + SuccessResponse response = new SuccessResponse(getCommandName()); + this.setResponseObject(response); + } else { + throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to release public ip range"); + } + } +} diff --git a/api/src/org/apache/cloudstack/api/command/user/address/AssociateIPAddrCmd.java b/api/src/org/apache/cloudstack/api/command/user/address/AssociateIPAddrCmd.java index 406f782da51..28fbae4437a 100644 --- a/api/src/org/apache/cloudstack/api/command/user/address/AssociateIPAddrCmd.java +++ b/api/src/org/apache/cloudstack/api/command/user/address/AssociateIPAddrCmd.java @@ -16,38 +16,21 @@ // under the License. package org.apache.cloudstack.api.command.user.address; -import java.util.List; - -import org.apache.cloudstack.api.APICommand; -import org.apache.cloudstack.api.ApiConstants; -import org.apache.cloudstack.api.ApiErrorCode; -import org.apache.cloudstack.api.BaseAsyncCmd; -import org.apache.cloudstack.api.BaseAsyncCreateCmd; -import org.apache.cloudstack.api.Parameter; -import org.apache.cloudstack.api.ServerApiException; -import org.apache.cloudstack.api.response.DomainResponse; -import org.apache.cloudstack.api.response.IPAddressResponse; -import org.apache.cloudstack.api.response.NetworkResponse; -import org.apache.cloudstack.api.response.ProjectResponse; -import org.apache.cloudstack.api.response.VpcResponse; -import org.apache.cloudstack.api.response.ZoneResponse; -import org.apache.log4j.Logger; - import com.cloud.async.AsyncJob; import com.cloud.dc.DataCenter; import com.cloud.dc.DataCenter.NetworkType; import com.cloud.event.EventTypes; -import com.cloud.exception.ConcurrentOperationException; -import com.cloud.exception.InsufficientAddressCapacityException; -import com.cloud.exception.InsufficientCapacityException; -import com.cloud.exception.InvalidParameterValueException; -import com.cloud.exception.ResourceAllocationException; -import com.cloud.exception.ResourceUnavailableException; +import com.cloud.exception.*; import com.cloud.network.IpAddress; import com.cloud.network.Network; import com.cloud.network.vpc.Vpc; import com.cloud.user.Account; import com.cloud.user.UserContext; +import org.apache.cloudstack.api.*; +import org.apache.cloudstack.api.response.*; +import org.apache.log4j.Logger; + +import java.util.List; @APICommand(name = "associateIpAddress", description="Acquires and associates a public IP to an account.", responseObject=IPAddressResponse.class) public class AssociateIPAddrCmd extends BaseAsyncCreateCmd { @@ -213,7 +196,7 @@ public class AssociateIPAddrCmd extends BaseAsyncCreateCmd { @Override public void create() throws ResourceAllocationException{ try { - IpAddress ip = _networkService.allocateIP(_accountService.getAccount(getEntityOwnerId()), false, getZoneId()); + IpAddress ip = _networkService.allocateIP(_accountService.getAccount(getEntityOwnerId()), getZoneId(), getNetworkId()); if (ip != null) { this.setEntityId(ip.getId()); diff --git a/api/src/org/apache/cloudstack/network/ExternalNetworkDeviceManager.java b/api/src/org/apache/cloudstack/network/ExternalNetworkDeviceManager.java index aeed81d2011..29ce2e3971d 100644 --- a/api/src/org/apache/cloudstack/network/ExternalNetworkDeviceManager.java +++ b/api/src/org/apache/cloudstack/network/ExternalNetworkDeviceManager.java @@ -43,6 +43,7 @@ public interface ExternalNetworkDeviceManager extends Manager { public static final NetworkDevice F5BigIpLoadBalancer = new NetworkDevice("F5BigIpLoadBalancer", Network.Provider.F5BigIp.getName()); public static final NetworkDevice JuniperSRXFirewall = new NetworkDevice("JuniperSRXFirewall", Network.Provider.JuniperSRX.getName()); public static final NetworkDevice NiciraNvp = new NetworkDevice("NiciraNvp", Network.Provider.NiciraNvp.getName()); + public static final NetworkDevice CiscoVnmc = new NetworkDevice("CiscoVnmc", Network.Provider.CiscoVnmc.getName()); public NetworkDevice(String deviceName, String ntwkServiceprovider) { _name = deviceName; diff --git a/client/pom.xml b/client/pom.xml index 08946b6d905..743cd363005 100644 --- a/client/pom.xml +++ b/client/pom.xml @@ -455,6 +455,11 @@ file="${basedir}/target/generated-webapp/WEB-INF/web.xml" match="classpath:componentContext.xml" replace="classpath:nonossComponentContext.xml" byline="true" /> + + + + + @@ -639,6 +644,11 @@ cloud-vmware-base ${project.version} + + org.apache.cloudstack + cloud-plugin-network-cisco-vnmc + ${project.version} + diff --git a/client/tomcatconf/applicationContext.xml.in b/client/tomcatconf/applicationContext.xml.in index 0d13877b49b..15cd6fe0f13 100644 --- a/client/tomcatconf/applicationContext.xml.in +++ b/client/tomcatconf/applicationContext.xml.in @@ -454,11 +454,11 @@ - + - + @@ -733,7 +733,7 @@ - + diff --git a/client/tomcatconf/commands.properties.in b/client/tomcatconf/commands.properties.in index 4ce9fd3af5c..10fcfe3f687 100644 --- a/client/tomcatconf/commands.properties.in +++ b/client/tomcatconf/commands.properties.in @@ -124,6 +124,8 @@ listDiskOfferings=15 createVlanIpRange=1 deleteVlanIpRange=1 listVlanIpRanges=1 +dedicatePublicIpRange=1 +releasePublicIpRange=1 #### address commands associateIpAddress=15 @@ -575,3 +577,14 @@ deleteAffinityGroup=15 listAffinityGroups=15 updateVMAffinityGroup=15 listAffinityGroupTypes=15 + +#### Cisco Vnmc commands +addCiscoVnmcResource=1 +deleteCiscoVnmcResource=1 +listCiscoVnmcResources=1 + +#### Cisco Asa1000v commands +addCiscoAsa1000vResource=1 +deleteCiscoAsa1000vResource=1 +listCiscoAsa1000vResources=1 + diff --git a/client/tomcatconf/componentContext.xml.in b/client/tomcatconf/componentContext.xml.in index 92838fd85d3..23284abc094 100644 --- a/client/tomcatconf/componentContext.xml.in +++ b/client/tomcatconf/componentContext.xml.in @@ -197,6 +197,7 @@ + diff --git a/client/tomcatconf/nonossComponentContext.xml.in b/client/tomcatconf/nonossComponentContext.xml.in index fc8a9cd5409..a2182d183b0 100644 --- a/client/tomcatconf/nonossComponentContext.xml.in +++ b/client/tomcatconf/nonossComponentContext.xml.in @@ -136,6 +136,16 @@ + + + + + + + + @@ -283,6 +293,7 @@ + @@ -324,6 +335,7 @@ + @@ -339,5 +351,13 @@ + + + + + + diff --git a/debian/cloudstack-awsapi.install b/debian/cloudstack-awsapi.install index 02ba66829ef..675b84def74 100644 --- a/debian/cloudstack-awsapi.install +++ b/debian/cloudstack-awsapi.install @@ -15,4 +15,12 @@ # specific language governing permissions and limitations # under the License. -/var/log/cloudstack/awsapi \ No newline at end of file +/etc/cloudstack/management/cloud-bridge.properties +/etc/cloudstack/management/commons-logging.properties +/etc/cloudstack/management/crypto.properties +/etc/cloudstack/management/xes.keystore +/etc/cloudstack/management/ec2-service.properties +/var/log/cloudstack/awsapi +/usr/bin/cloudstack-setup-bridge +/usr/bin/cloudstack-aws-api-register +/usr/share/cloudstack-bridge \ No newline at end of file diff --git a/debian/rules b/debian/rules index 4e55c71048c..f5f68aba03d 100755 --- a/debian/rules +++ b/debian/rules @@ -34,7 +34,7 @@ build: build-indep build-indep: build-indep-stamp build-indep-stamp: configure - mvn package -DskipTests -Dsystemvm \ + mvn -Pawsapi package -DskipTests -Dsystemvm \ -Dcs.replace.properties=replace.properties.tmp touch $@ @@ -147,7 +147,25 @@ install: install -D packaging/debian/init/cloud-usage $(DESTDIR)/$(SYSCONFDIR)/init.d/$(PACKAGE)-usage # cloudstack-awsapi + mkdir $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/awsapi mkdir $(DESTDIR)/var/log/$(PACKAGE)/awsapi + mkdir $(DESTDIR)/usr/share/$(PACKAGE)-bridge + mkdir -p $(DESTDIR)/usr/share/$(PACKAGE)-bridge/webapps/awsapi + mkdir $(DESTDIR)/usr/share/$(PACKAGE)-bridge/setup + cp -r awsapi/target/cloud-awsapi-$(VERSION)-SNAPSHOT/* $(DESTDIR)/usr/share/$(PACKAGE)-bridge/webapps/awsapi + install -D awsapi-setup/setup/cloud-setup-bridge $(DESTDIR)/usr/bin/cloudstack-setup-bridge + install -D awsapi-setup/setup/cloudstack-aws-api-register $(DESTDIR)/usr/bin/cloudstack-aws-api-register + cp -r awsapi-setup/db/mysql/* $(DESTDIR)/usr/share/$(PACKAGE)-bridge/setup + for i in applicationContext.xml cloud-bridge.properties commons-logging.properties crypto.properties xes.keystore ec2-service.properties; do \ + mv $(DESTDIR)/usr/share/$(PACKAGE)-bridge/webapps/awsapi/WEB-INF/classes/$$i $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/management/; \ + done + rm $(DESTDIR)/usr/share/$(PACKAGE)-bridge/webapps/awsapi/WEB-INF/classes/log4j-vmops.xml + rm $(DESTDIR)/usr/share/$(PACKAGE)-bridge/webapps/awsapi/WEB-INF/classes/log4j.properties + rm $(DESTDIR)/usr/share/$(PACKAGE)-bridge/webapps/awsapi/WEB-INF/classes/db.properties + rm $(DESTDIR)/usr/share/$(PACKAGE)-bridge/webapps/awsapi/WEB-INF/classes/LICENSE.txt + rm $(DESTDIR)/usr/share/$(PACKAGE)-bridge/webapps/awsapi/WEB-INF/classes/NOTICE.txt + rm $(DESTDIR)/usr/share/$(PACKAGE)-bridge/webapps/awsapi/WEB-INF/classes/services.xml + rm -rf $(DESTDIR)/usr/share/$(PACKAGE)-bridge/webapps/awsapi/WEB-INF/classes/META-INF dh_installdirs dh_install diff --git a/docs/en-US/Release_Notes.xml b/docs/en-US/Release_Notes.xml index b8c5c01fb0b..718f38e7df9 100644 --- a/docs/en-US/Release_Notes.xml +++ b/docs/en-US/Release_Notes.xml @@ -27,6 +27,4090 @@ under the License. This document contains information specific to this release of &PRODUCT;, including upgrade instructions from prior releases, new features added to &PRODUCT;, API changes, and issues fixed in the release. For installation instructions, please see the Installation Guide. For usage and administration instructions, please see the &PRODUCT; Administrator's Guide. Developers and users who wish to work with the API will find instruction in the &PRODUCT; API Developer's Guide If you find any errors or problems in this guide, please see . We hope you enjoy working with &PRODUCT;! + + Version 4.1.0 +
+ What’s New in 4.1 + Apache CloudStack 4.1.0 includes many new features. This section covers the most prominent new features and changes. +
+ Localization + The 4.1.0 release adds partial User Interface (UI) support for Catalan, Chinese, French, German, Italian, Japanese, Korean, Norwegian, Portuguese, Russian, and Spanish. Not all languages are complete. + The 4.1.0 release also adds documentation translations for Chinese, Chinese (Taiwan), Italian, Japanese, Korean, and Portuguese. +
+
+ Added Region Support + CLOUDSTACK-241: This feature adds a "region" construct that spans several management servers. The objective of this feature is to add AWS EC2 like Regions implementation into CloudStack. Regions are dispersed and located in separate geographic areas. Availability Zones (or Zones in CloudStack) are distinct locations within a Region that are engineered to be isolated from failures in other Zones and provide inexpensive, low latency network connectivity to other Zones in the same Region. + Regions are expected to add the following benefits + + Higher availability of the services: users can deploy services across AZs and even if one of the AZ goes down the services are still available to the end-user through VMs deployed in other zones. + Higher availability of the Management Server (MS): Since each MS Cluster only manages a single Region, if that MS Cluster goes down, only that particular Region is impacted. Admin should be able to access all the other Regions. + Scalability: The scalability limit of CloudStack dramatically improves, as the scalability limit of MS Cluster is limited to a single Region. + Object Store: With Regions construct, CloudStack would also allow users to define Object Store (Secondary Storage) across AZs. This helps users easily deploy VMs in different AZs using the same template, offerings. + Geographical Grouping: Regions allow admins to group AZs (that have low latency and are geographically located nearby) into a broader region construct. + + Currently the Region feature is exposed in the API, but does not have a UI component. +
+
+ Support for EC2 Query API + CLOUDSTACK-197: This introduces a query API for the AWS APIs that are currently only supported by SOAP. The AWS Java SDK and AWS PHP SDK should now be supported by the AWSAPI in CloudStack. + Supported Query APIs in 4.1.0: + + AllocateAddress + AssociateAddress + AttachVolume + AuthorizeSecurityGroupIngress + CreateImage + CreateKeyPair + CreateSecurityGroup + CreateSnapshot + CreateTags + CreateVolume + DeleteKeyPair + DeleteSecurityGroup + DeleteSnapshot + DeleteTags + DeleteVolume + DeregisterImage + DescribeAddresses + DescribeAvailabilityZones + DescribeImageAttribute + DescribeImages + DescribeInstanceAttribute + DescribeInstances + DescribeKeyPairs + DescribeSecurityGroups + DescribeSnapshots + DescribeTags + DescribeVolumes + DetachVolume + DisassociateAddress + GetPasswordData + ImportkeyPair + ModifyImageAttribute + RebootInstances + RegisterImage + ReleaseAddress + ResetImageAttribute + RevokeSecurityGroupIngress + RunInstances + StartInstances + StopInstances + TerminateInstances + + See the Feature Specification for more information on the Query API support. +
+
+ Auto-Completing Shell for CloudStack (CloudMonkey) + CLOUDSTACK-132: Adds a auto-completing shell and command-line tool for &PRODUCT; written in Python, called CloudMonkey. + CloudMonkey includes the following features: + + Usable as a command line tool and interactive shell. + All commands are lowercase unlike API. + Api Discovery using sync feature, with build time api precaching for failsafe sync. + Raw api execution support. + Auto-completion via double tab. + Reverse search using Ctrl+R + Emacs compatible key bindings. + Output that's "pipeable" to other *nix programs. + Unix shell execution. + Support to handle asynchronous jobs using user defined blocking or non-blocking way. + Tabular or JSON output with filtering of table columns. + Colored output. + API parameter value completion (based on predication, fuzzy results may fail sometimes). + + CloudMonkey has a few requirements above and beyond CloudStack, and does not need to be run on the same machine as a management server. If you wish to run CloudMonkey you'll need Python 2.5 or later, readline, Pygments, and prettytable. CloudMonkey can be installed with pip: + $ pip install cloudmonkey + See the Developer's Guide and the CloudStack wiki for the latest information on CloudMonkey installation and use. +
+
+ API Discovery Service + CLOUDSTACK-926: CloudStack has more than 300 APIs and more are added in each major release. CloudStack admins can enable or disable APIs, or add plugins which provide more APIs. The API Discovery Service is a plugin which will help users discover the APIs available to them on a CloudStack Management Server. + The discovery service implements a method called listApis which will return information about APIs for a user. It currently accepts an apiName to list api information of that particular API. The method ensures that user can only list APIs they are entitled to. + All CloudStack APIs are implemented by annotated command class and PluggableService is a contract implemented by all the components such as the Management Server and all the plugins which provide an API. During load time, API discovery service asks all the pluggable services to return list of API cmd classes from whose fields and annotations it gathers information about each API, the information consists of name, description, parameter name, parameter description, etc. + For more information on the implementation of the API Discovery Service for 4.1.0, see the CloudStack wiki. +
+
+ Events Framework + CLOUDSTACK-820: The Events Framework provides a mechanism to publish and subscribe to events in &PRODUCT;. +
+
+ Additional VMX Settings + ### +
+
+ L3 Router Functionality in Nicira Nvp Plugin + ### +
+
+ Persistent Networks without Running VM + ### +
+
+ Add/Remove Network on VM + ### +
+
+ Resize Volumes Feature + ### +
+
+ Autoscale + ### +
+
+ API Request Throttling + ### +
+
+ Ceph RDB Setup + ### +
+
+ S3 Backed Secondary Storage + ### +
+
+ User and Domain Admin Can Create API Key and Secret + CLOUDSTACK-437: This feature adds the ability for domain admins and users to create their own API Key and Secret. Domain admins can create keys for themselves, subdomain admins, and for regular users, but not for other domain admins. +
+
+ Support Inline Mode for F5 and SRX + CLOUDSTACK-306: ### +
+
+ Egress Firewall Rules for Guest Networks + CLOUDSTACK-299: ### +
+
+ Reset SSH Key to Access VM + CLOUDSTACK-297: ### +
+
+
+ Issues Fixed in 4.1.0 + Apache CloudStack uses Jira + to track its issues. All new features and bugs for 4.1.0 have been tracked in Jira, and have + a standard naming convention of "CLOUDSTACK-NNNN" where "NNNN" is the issue number. + This section includes a summary of known issues against 4.0.0 that were fixed in 4.1.0. Approximately 470 bugs were resolved or closed in the 4.1.0 cycle. + + + + + + + + Defect + + + Description + + + + + + + CLOUDSTACK-46 + + + Remnants of mycloud remain. + + + + + CLOUDSTACK-70 + + + Improve Network Restart Behaviour for Basic Zone: Restarting Network Fail + + + + + CLOUDSTACK-94 + + + "API command, listIsos documentation clarity + + + + + CLOUDSTACK-95 + + + IP address allocation not working when a user tries to allocate IP addresses in a Project + + + + + CLOUDSTACK-97 + + + Vmware network labels are ignored when creating a Zone using basic networkin + + + + + CLOUDSTACK-108 + + + VM should not be allowed to be deployed on two Isolated Networks of an Account that were created from DefaultNetworkOfferingwithSourceNATService + + + + + CLOUDSTACK-118 + + + "Status of host resorce stuck in ""ErrorInMaintenance"" + + + + + CLOUDSTACK-119 + + + Move Agent-Simulator in to the hypervisor plugin mode + + + + + CLOUDSTACK-130 + + + Clarify docs on tags parameter in API referenc + + + + + CLOUDSTACK-152 + + + Routes on the User VM are programmed incorrectly on a VM present on both Isolated and Shared Guest Network + + + + + CLOUDSTACK-178 + + + Expose name parameter of VM in list Vm view + + + + + CLOUDSTACK-198 + + + vpn:failto add VPN Users deletes all the existing Vpn use + + + + + CLOUDSTACK-222 + + + Admin UI prompts to restart Management server with cancel edit operatio + + + + + CLOUDSTACK-225 + + + API Docs: Request params repeated with different description + + + + + CLOUDSTACK-226 + + + UpdatePhysicalNetworkcommand failed due to java.sql.BatchUpdateException ; Tried to extend the existing Guest VLAN Range of one physical network into the Guest VLAN range of the other physical networ + + + + + CLOUDSTACK-227 + + + ReconnectHostCmd: NullPointerException: Unable to get host Information for XenServer 6.0.2 host - on intentionally changing the traffic labels on the physical networ + + + + + CLOUDSTACK-228 + + + UI provides an option to reconnect a disconnected host - ServerApiException is thrown on an attemp + + + + + CLOUDSTACK-232 + + + Zone infrastructure chart -- disable resource total displa + + + + + CLOUDSTACK-235 + + + Network rate can be set in 2 places. Clarify docs on how this works + + + + + CLOUDSTACK-249 + + + Add host id to failed VM deploy alert + + + + + CLOUDSTACK-250 + + + Incorrect description of maintenance mode in admin guid + + + + + CLOUDSTACK-256 + + + "vpn:As an admin user, not able to delete VPN user which is present in a regular user's network. + + + + + CLOUDSTACK-271 + + + updatePhysicalNetwork dies with an NPE when the vlan range is empt + + + + + CLOUDSTACK-274 + + + Two error codes mapped to same value in AP + + + + + CLOUDSTACK-275 + + + hostid not always a UUI + + + + + CLOUDSTACK-277 + + + Message during CloudStack management server Installation: cannot access /usr/share/cloud/bridge/lib: No such file or director + + + + + CLOUDSTACK-279 + + + deleteProject fails when executed by the regular user (works fine for root/domain admin + + + + + CLOUDSTACK-284 + + + listVirtualMachines does not return deleted machines when zone is specifie + + + + + CLOUDSTACK-290 + + + 3.0.0 template also needed for 2.2.14 to 3.0.5 direct upgrade + + + + + CLOUDSTACK-293 + + + "We do awful, hacky things in our spec file for client + + + + + CLOUDSTACK-304 + + + Add synchronization for createSnapshot command per host basi + + + + + CLOUDSTACK-309 + + + iptables rules being deleted from wrong VM after a migratio + + + + + CLOUDSTACK-318 + + + Adding XenServer Host Fails - 6.0.2 fails with 4.0. + + + + + CLOUDSTACK-320 + + + "sessionKey query parameter should be case-insensitive, now only sessionkey is accepted + + + + + CLOUDSTACK-322 + + + During upgrade displays error - a foreign key constraint fails (`cloud/#sql-f34_6e`.. + + + + + CLOUDSTACK-332 + + + """count"" property in list* API response should be equal to how many entries in database, not how many objects in API response + + + + + CLOUDSTACK-333 + + + When Datacenter name in VCenter has spaces Primary Storage (VMFS) discovery will fai + + + + + CLOUDSTACK-335 + + + KVM VPC load balancer not workin + + + + + CLOUDSTACK-336 + + + listZones doesn't honour pagin + + + + + CLOUDSTACK-343 + + + "Document what tools and packages are required to build, package and install CloudStack 4.0 + + + + + CLOUDSTACK-346 + + + Cannot add Vmware cluster with class loader conflict exceptio + + + + + CLOUDSTACK-347 + + + listNetworks API: return vlan information only when the caller is ROOT admi + + + + + CLOUDSTACK-348 + + + deleteNetwork does not clean up network resource count correctl + + + + + CLOUDSTACK-354 + + + Display of storage statistics is wrong + + + + + CLOUDSTACK-355 + + + "Fix ""count"" in a bunch of API commands + + + + + CLOUDSTACK-357 + + + "ISOs can be deleted while still attached to a running VM, and they subsequently cannot be detached from a running VM + + + + + CLOUDSTACK-359 + + + PropagateResourceEventCommand failes in cluster configuratio + + + + + CLOUDSTACK-361 + + + Wrong creation of guest networks on a KVM host in Multiple Physical Networks with guest traffi + + + + + CLOUDSTACK-364 + + + Docs point to download.cloud.com for AWS API scrip + + + + + CLOUDSTACK-368 + + + OVM - cannot create guest V + + + + + CLOUDSTACK-369 + + + ASF 4.0 - unable to support XenServer 6.1 hos + + + + + CLOUDSTACK-373 + + + "static NAT and Firewall is not working on external firewall device SRX, it needs to be implemented + + + + + CLOUDSTACK-377 + + + provide deployment config access to marvin's testcas + + + + + CLOUDSTACK-378 + + + mavenize marvin on maste + + + + + CLOUDSTACK-390 + + + Install Guide: Section 4.5.7 (Prepare the System VM Template): Links go to cloud.co + + + + + CLOUDSTACK-397 + + + Install Guide: Section 11.1 (Guest Traffic): Diagram is the wrong diagra + + + + + CLOUDSTACK-398 + + + Install Guide: Section 11.17.3 (Using VPN with Mac OSX): Not complete + + + + + CLOUDSTACK-404 + + + Update docs on the usage of cloud-setup-database + + + + + CLOUDSTACK-412 + + + Data truncation: Out of range value for column 'ram' at row + + + + + CLOUDSTACK-415 + + + restartNetwork call causes VM to be unreachable when Nicira based SDN is used + + + + + CLOUDSTACK-416 + + + XCP 1.6beta2 (61002c) - can't add a hos + + + + + CLOUDSTACK-417 + + + Handle password server securely to run on port 8080 on V + + + + + CLOUDSTACK-424 + + + Updated userdata not propagating to the VR + + + + + CLOUDSTACK-427 + + + Change hardcoded step number references to dynamic link + + + + + CLOUDSTACK-428 + + + Storage capacity shown in UI is incorrec + + + + + CLOUDSTACK-435 + + + Vmware network labels are ignored when creating a Zone using basic networkin + + + + + CLOUDSTACK-441 + + + Running mgmt server using jetty fails to start api serve + + + + + CLOUDSTACK-446 + + + "Host going to alert state, if you are adding already added host + + + + + CLOUDSTACK-448 + + + SSVM bootstrap failure on XenServer hosts with E3 CP + + + + + CLOUDSTACK-456 + + + License tag in SPEC isn't what RPM is expectin + + + + + CLOUDSTACK-459 + + + [Optional Public IP assignment for EIP with Basic Zone] Associate IP Checkbox in Create Network Offering Dialog is Displayed When Elastic LB is Selecte + + + + + CLOUDSTACK-462 + + + A few corrections to make to the 4.0.0 installation guid + + + + + CLOUDSTACK-464 + + + "Regression in AWSAPI docs, entire sections removed + + + + + CLOUDSTACK-465 + + + French language file quotes are dropping javascript syntax error + + + + + CLOUDSTACK-467 + + + Developer's Guide points to cloud.com for API referenc + + + + + CLOUDSTACK-479 + + + UpdateVirtualMachine api fails to propagate userdata to dom + + + + + CLOUDSTACK-481 + + + Installation Guide Doc Erro + + + + + CLOUDSTACK-493 + + + 2.2.x-3.0 DB upgrade support for Advance SG enabled network + + + + + CLOUDSTACK-499 + + + cloudmonkey CLI can't accept complex parameter + + + + + CLOUDSTACK-500 + + + Passwd-server iptables rules are dropped on domr on fresh start or on reboot. + + + + + CLOUDSTACK-501 + + + Apidocs and marvin does not know how to handle Autoscaling docs. + + + + + CLOUDSTACK-504 + + + Duplicate guest password scripts in codebase. + + + + + CLOUDSTACK-507 + + + fix api docs for listSSHKeyPair + + + + + CLOUDSTACK-508 + + + CLVM copies template to primary storage unnecessarily. + + + + + CLOUDSTACK-510 + + + Add button not visible when adding public IPs to physical network. + + + + + CLOUDSTACK-514 + + + Marvin and Cloudmonkey don't work when an API target uses https or an alternate path. + + + + + CLOUDSTACK-518 + + + API refactoring -- change @Parameter annotation and remove the @IdentityMapper annotation. + + + + + CLOUDSTACK-520 + + + Dependency jar names mismatch with install-non-oss.s + + + + + CLOUDSTACK-521 + + + Build will hung up when doing test for TestAgentShel + + + + + CLOUDSTACK-522 + + + Log requests in cloudmonkey's log file. + + + + + CLOUDSTACK-527 + + + List API performance optimization by using DB views and removing UUID conversion + + + + + CLOUDSTACK-534 + + + Failed to add hos + + + + + CLOUDSTACK-536 + + + remove citrix cloudpatform from 4.0 build - CloudStack is ASF project. + + + + + CLOUDSTACK-539 + + + Cropped Text in UI under Quick View. + + + + + CLOUDSTACK-552 + + + ]Quick view details for a volume displays scroll bar in place of name of the volume when the name of the volume has more no of characters. + + + + + CLOUDSTACK-553 + + + "SRX - When adding SRX device make "Public Network" - default to "untrusted" and "Private Network" - default to "trusted" as un-editable fields. + + + + + CLOUDSTACK-556 + + + Erratic window behavior in Quick View tooltip. + + + + + CLOUDSTACK-559 + + + source code import problem + + + + + CLOUDSTACK-560 + + + Usage server doesn't work in 4.0.0 due to missing db changes + + + + + CLOUDSTACK-572 + + + SG Enabled Advanced Zone - Not able to deploy a VM in an account specific shared network + + + + + CLOUDSTACK-573 + + + "NPE at ""com.cloud.network.NetworkManagerImpl.networkOfferingIsConfiguredForExternalNetworking(NetworkManagerImpl.java:4345)"" when create network from the network offering having NULL provider for the service + + + + + CLOUDSTACK-578 + + + The already deleted same hostname is not deleted from /etc/hosts of vRouter + + + + + CLOUDSTACK-584 + + + "typos in ""Apache_CloudStack-4.0.0-incubating-CloudStack_Nicira_NVP_Guide-en-US"" + + + + + CLOUDSTACK-590 + + + Incorrect Network Gateways Assigned to System VM + + + + + CLOUDSTACK-592 + + + "API bloat, unknown apis cmd classes + + + + + CLOUDSTACK-593 + + + "2 guest network, auto create vlan error + + + + + CLOUDSTACK-596 + + + DeployVM command takes a lot of time to return job id. + + + + + CLOUDSTACK-599 + + + DhcpEntryCommand fails on Router VM on CS4.0 and vSphere5 with Advanced Network Zone. + + + + + CLOUDSTACK-600 + + + When rebooting KVM local storage VM host, libvirt definitions deleted + + + + + CLOUDSTACK-605 + + + Host physical CPU is incorrectly calculated for Vmware host + + + + + CLOUDSTACK-606 + + + Starting VM fails with 'ConcurrentOperationException' in a clustered MS scenari + + + + + CLOUDSTACK-614 + + + "ListTemplates API is not returning ""Enable SSH Key"" attribute for any given template + + + + + CLOUDSTACK-617 + + + Unable to edit a Sub domai + + + + + CLOUDSTACK-639 + + + API Refactoring: Adapters for AC + + + + + CLOUDSTACK-648 + + + The normal users could change their own login password. + + + + + CLOUDSTACK-660 + + + Network Traffic Labels are not functional in Marvin + + + + + CLOUDSTACK-683 + + + Image Is Missing in the Accessing VM Section + + + + + CLOUDSTACK-689 + + + RVR: Stop pending flag is not cleared when user start the disconnected router from another hos + + + + + CLOUDSTACK-691 + + + A warning dialog box shows after reloading the welcome page. + + + + + CLOUDSTACK-693 + + + Adding a VPC virtual router to a NiciraNVP enabled network fails. + + + + + CLOUDSTACK-694 + + + "Create a new VPC network offering with "connectivity" option needed for SDN networking) is not allowed / VPC support for SDN networks + + + + + CLOUDSTACK-717 + + + cloudmonkey fails to parse/print response. + + + + + CLOUDSTACK-720 + + + Fail to load a png image when accessing the web console. + + + + + CLOUDSTACK-721 + + + Bytes sent/received in user statistics is empty (CloudStack 4.0) + + + + + CLOUDSTACK-725 + + + UI: Error when the Egress rules tab is selected for a network. + + + + + CLOUDSTACK-734 + + + api_refactoring: CreateAccountCmd fails to send response due to NPE in service layer + + + + + CLOUDSTACK-735 + + + Integration smoke tests: Fix expunge vm test on api_refactoring + + + + + CLOUDSTACK-736 + + + Integration smoke tests: Fix check for vm name for the deployvm smoke test. + + + + + CLOUDSTACK-793 + + + "Create cloudmonkey-helper, a plugin that helps autodiscover and sync api info via an api over some endpoint + + + + + CLOUDSTACK-798 + + + Move usage related cmd classes from cloud-server to cloud-api + + + + + CLOUDSTACK-799 + + + [Load Test] Check router statistics falls behind in gathering stats by more than 2 times the set value + + + + + CLOUDSTACK-819 + + + Create Account/User API logging password in access log + + + + + CLOUDSTACK-863 + + + Non-printable characters (ASCII control character) such as %00 or %0025 are getting stored in raw/non encoded form in the database + + + + + CLOUDSTACK-870 + + + Client UI: Wrong character encoding for some language + + + + + CLOUDSTACK-928 + + + [Simulator] Latency for Agent Commands - change unit of wait from seconds to millisecond + + + + + CLOUDSTACK-938 + + + s2s VPN trouble + + + + + CLOUDSTACK-959 + + + Missing sub-sections in document section System Service Offering + + + + + CLOUDSTACK-968 + + + marvin: vlan should be an attribute of the physical_network and not the zon + + + + + CLOUDSTACK-977 + + + Document how to use openvswitch with KVM hypervisor + + + + + CLOUDSTACK-978 + + + TypeError: instance.displayname is undefined while adding VM's to the LB rule + + + + + CLOUDSTACK-985 + + + Different MAC address for RvR caused issue in short term network outrag + + + + + CLOUDSTACK-987 + + + Sections missing in Working With Snapshot + + + + + CLOUDSTACK-993 + + + "admin"" user is not getting created when management server is started. + + + + + CLOUDSTACK-995 + + + Not able to add the KVM host + + + + + CLOUDSTACK-1002 + + + Not able to start VM + + + + + CLOUDSTACK-1006 + + + need to disable service libvirt-guests in CentOS packaging RPMs, or in installation docs + + + + + CLOUDSTACK-1008 + + + "Egress"" tab should not be presented in the UI for Shared Networks + + + + + CLOUDSTACK-1010 + + + Host count and Secondary storage count always shows 1 in UI + + + + + CLOUDSTACK-1011 + + + KVM host getting disconnected in cluster environment + + + + + CLOUDSTACK-1013 + + + running cloudstack overwrites default public/private ssh key + + + + + CLOUDSTACK-1014 + + + Merge ManagementServer and ManagementServerEx + + + + + CLOUDSTACK-1016 + + + Not able to deploy VM + + + + + CLOUDSTACK-1021 + + + the vlan is not creat to right nic. when i creat multi guest network + + + + + CLOUDSTACK-1024 + + + Regression: Unable to add Xenserver host with latest build. + + + + + CLOUDSTACK-1027 + + + "Update SSL certificate" button should properly reflect its functionality + + + + + CLOUDSTACK-1029 + + + Enter the token to specified project is malfunctioned + + + + + CLOUDSTACK-1037 + + + "Make cloudmonkey awesome-er: Online help docs and api discovery, better colored output, parameter value autocompletion + + + + + CLOUDSTACK-1050 + + + No Documentation on Adding a Load Balancer Rule + + + + + CLOUDSTACK-1051 + + + API dispatcher unable to find objectVO corresponding to DeleteTemplatecm + + + + + CLOUDSTACK-1055 + + + "The overlay still exists when the ""Recurring Snapshots"" dialog is canceled by pressing esc key. + + + + + CLOUDSTACK-1056 + + + S3 secondary storage fails to upload systemvm template due to KVMHA director + + + + + CLOUDSTACK-1057 + + + regression of changeServiceForVirtualMachine API - fails to find service offering by serviceOfferingId parameter + + + + + CLOUDSTACK-1063 + + + "SG Enabled Advanced Zone - "Add Guest Networks" - When user tries to add a guest Network with scope as "Account" he should NOT be presented with ""Offering for shared security group enabled"" + + + + + CLOUDSTACK-1064 + + + A type error occurs when trying to add account/register template... + + + + + CLOUDSTACK-1068 + + + Names in VR list is useles + + + + + CLOUDSTACK-1070 + + + javelin: NPE on executing registerIso AP + + + + + CLOUDSTACK-1071 + + + Netscaler element is not getting loaded as part of LoadBalancing Service Providers + + + + + CLOUDSTACK-1078 + + + Not able to start System Vms on Rhel 6.3 KVM hos + + + + + CLOUDSTACK-1079 + + + Deploying AWSAPI with mvn -pl :cloud-awsapi jetty:run fail + + + + + CLOUDSTACK-1082 + + + UI doesn't throw any error message when trying to delete ip range from a network that is in use. + + + + + CLOUDSTACK-1083 + + + listUsageRecords api: removed project results in NP + + + + + CLOUDSTACK-1087 + + + Update the Developer Guide for ASFCS 4.1 Releas + + + + + CLOUDSTACK-1088 + + + EnableStaticNat error will clear the data in databas + + + + + CLOUDSTACK-1094 + + + Ipv6 - hostname/hostname --fqdn does not return the name of the VM. But i am able to reach the Vm using their names + + + + + CLOUDSTACK-1095 + + + Ipv6 - dhclient command needs to be run manually on the Vms to get the Ipv6 address + + + + + CLOUDSTACK-1100 + + + Expunge thread is not kicked off based on global configuration if the global setting is less than 60 second + + + + + CLOUDSTACK-1103 + + + "IpV6 - listNetwork() command does not retrun gateway,netmask,cidr + + + + + CLOUDSTACK-1104 + + + Ipv6 - listVlanIpRanges() returns error 530 + + + + + CLOUDSTACK-1105 + + + "IpV6 - listVirtualMachines() does not return netmask, gateway,ipaddress. + + + + + CLOUDSTACK-1107 + + + Ipv6 - Unable to extend Ip range for a Ipv6 network using craeteVlanIpRange() command - Error code 530 returned + + + + + CLOUDSTACK-1108 + + + Ipv6 - Not able to restart Networks + + + + + CLOUDSTACK-1109 + + + "Ipv6 - Unable to expunge User Vms that are ""Destroyed"". + + + + + CLOUDSTACK-1111 + + + Ipv6 - listRouters() does not return guestipaddress + + + + + CLOUDSTACK-1112 + + + "Errors in ""Prepare the System VM Template"" + + + + + CLOUDSTACK-1113 + + + "Ipv6 - Not able to deploy a new VM in this network because of ""Unable to allocate Unique Ipv6 address"" + + + + + CLOUDSTACK-1114 + + + unable to execute listegressfirewallrules API due invalid value i + + + + + CLOUDSTACK-1115 + + + In multiple shared network unable to login with default nic - KV + + + + + CLOUDSTACK-1123 + + + ListStoragePools API broken by refacto + + + + + CLOUDSTACK-1138 + + + "Providing invalid values for gateway, netmask etc in the zoneWizard blocks the VLAN container to load, throwing an error + + + + + CLOUDSTACK-1139 + + + "After the Vm is "Expunged" we see the entry still being present in the router in /etc/dhcphosts.txt + + + + + CLOUDSTACK-1141 + + + "Ipv6 - After network restart (and reboot router), we do not see the existing vms dnsentries not being programmed in the router. + + + + + CLOUDSTACK-1152 + + + Missing tag in host-add.xm + + + + + CLOUDSTACK-1153 + + + "Ipv6 - Vm deployment fails with "n must be positive" error. + + + + + CLOUDSTACK-1154 + + + Account/Users related API failed due to RegionService inject exception. + + + + + CLOUDSTACK-1157 + + + No API Documentation on Listing Custom User Templates Using CS4 API + + + + + CLOUDSTACK-1160 + + + References to version=3.0.3|4|5|6 in API classes needs to be removed. + + + + + CLOUDSTACK-1161 + + + Differences between 4.1 and master in ongoing-config-of-external-firewalls-lb.xml + + + + + CLOUDSTACK-1163 + + + Failed with NPE while creating firewall rule + + + + + CLOUDSTACK-1168 + + + Create firewall rule broke + + + + + CLOUDSTACK-1173 + + + ConsoleProxyResource instantiation exception. + + + + + CLOUDSTACK-1174 + + + Snapshots related SQL error. + + + + + CLOUDSTACK-1176 + + + Issue with snapshots(create/list + + + + + CLOUDSTACK-1181 + + + mvn deploy db failing with NP + + + + + CLOUDSTACK-1190 + + + Make APIChecker interface throw a single sensible exception. + + + + + CLOUDSTACK-1200 + + + "Unknown column 'vm_instance.disk_offering_id' in table vm_instance, db exception shown in MS log + + + + + CLOUDSTACK-1201 + + + "Failed to create ssh key for user "cloud" /var/lib/cloud/management/.ssh/id_rsa and failed to start management server + + + + + CLOUDSTACK-1202 + + + Fail to install KVM cloud-agent. + + + + + CLOUDSTACK-1203 + + + Fail to create advance zone with SG enabled when UI allows SG enabled option. + + + + + CLOUDSTACK-1204 + + + Fail to create advance zone due to fail to add host + + + + + CLOUDSTACK-1205 + + + Ipv6 - Ubuntu 12.10 guest Vms loses default route (after it expiration time ~ 30 mts) when ipv6.autoconfig parameters are disabled except for net.ipv6.conf.lo.autoconf which is enabled. + + + + + CLOUDSTACK-1206 + + + Failure in Copy of System template + + + + + CLOUDSTACK-1210 + + + Make all pluggable services return list of api cmd classes + + + + + CLOUDSTACK-1216 + + + UUID is null for admin and failed to register user key with 4.0 + + + + + CLOUDSTACK-1218 + + + "IPv6: Shared Network - After network restart with clean option, router is assigned a different address. Name resolution for the existing guest Vms in the network fails. + + + + + CLOUDSTACK-1219 + + + Ipv6 - Provide better error messages when deploying a Vm with Ip an address that is outside the network's ip range / if the ip address already is assigned to another Vm + + + + + CLOUDSTACK-1220 + + + Ipv6 - Better error message when deploy Vm fails to get a free Ip address + + + + + CLOUDSTACK-1222 + + + API rate limit configs: removed double quote in upgrade script + + + + + CLOUDSTACK-1223 + + + Exception while starting jetty server: org.springframework.beans.factory.BeanCreationException Error creating bean with name 'apiServer' + + + + + CLOUDSTACK-1224 + + + Volume snapshot creation failing + + + + + CLOUDSTACK-1226 + + + Error while running Cloudstack-setup-database + + + + + CLOUDSTACK-1228 + + + Unable to Create System Vm's in the VMware Hypervisor setup + + + + + CLOUDSTACK-1229 + + + Incorrect SQL syntax to insert api limit related configuration items in upgrade path script. + + + + + CLOUDSTACK-1231 + + + cloud-install-sys-tmplt failed due to missing path + + + + + CLOUDSTACK-1232 + + + "Ipv6 - Guest Vms are not able to get Ipaddress when executing dhclient command when using ""/96"" network. + + + + + CLOUDSTACK-1233 + + + Veewee configuration files are inappropriately identified as ASLv2 licensed file + + + + + CLOUDSTACK-1234 + + + Unable to start KVM agent with 4.1 build. + + + + + CLOUDSTACK-1237 + + + "Register Template fails with ""Cannot find template adapter for XenServer"" + + + + + CLOUDSTACK-1239 + + + Unable to registerISO :unhandled exception executing api command: registerIs + + + + + CLOUDSTACK-1240 + + + Unable to registerTemplate : Cannot find template adapter for XenServer. + + + + + CLOUDSTACK-1241 + + + Network apply rules logic is broken. + + + + + CLOUDSTACK-1242 + + + [F5-SRX-InlineMode] Failed to create LB rule with F5-SRX inlinemode deployemen + + + + + CLOUDSTACK-1243 + + + Failed to cleanup account :java.lang.NullPointerException + + + + + CLOUDSTACK-1244 + + + fail to push sysmvm.iso onto xen host + + + + + CLOUDSTACK-1246 + + + "[ ALU beta CS 4.1 build2] ""Guest network"" missing in Add Zone wizard ( step 3, Setup Network \ Physical Network) + + + + + CLOUDSTACK-1251 + + + Baremetal zone doesn't need primary/secondary storage in UI wizard. + + + + + CLOUDSTACK-1252 + + + Failed to download default template in VMware. + + + + + CLOUDSTACK-1260 + + + Failed to register template: Unable to find template adapter + + + + + CLOUDSTACK-1261 + + + Cannot find template adapter for XenServer. + + + + + CLOUDSTACK-1262 + + + "Failed to Prepare Secondary Storage in VMware, + + + + + CLOUDSTACK-1265 + + + logrotate dnsmasq configuration is wrong + + + + + CLOUDSTACK-1267 + + + KVM's cloudstack-agent service doesn't log (log4j) + + + + + CLOUDSTACK-1269 + + + Failed to start CPVM java.lang.NullPointerException Unable to start SSVM + + + + + CLOUDSTACK-1272 + + + Autoscale: createAutoScaleVmProfile fails due to unable to retrieve Service Offering ip + + + + + CLOUDSTACK-1274 + + + UpdateNetworkCmd throws NP + + + + + CLOUDSTACK-1276 + + + Remove autoscanning for 4.1 + + + + + CLOUDSTACK-1277 + + + ApiResponseHelper.createUserVmResponse failed to populate password field set from UserVm object + + + + + CLOUDSTACK-1278 + + + Improper permissions on injectkeys.s + + + + + CLOUDSTACK-1288 + + + [F5-SRX-InlineMode] classCastException during network restart with cleanup option true + + + + + CLOUDSTACK-1289 + + + [F5-SRX-InlineMode] Usage stats are not generated for Juniper SRX Firewall in inlinemod + + + + + CLOUDSTACK-1290 + + + listNetoworks API takes too long to respond + + + + + CLOUDSTACK-1292 + + + "[F5-SRX-InlineMode] Update network from SRX,F5 as service provideds to VR as service provider does not delete firewall rules from SRX + + + + + CLOUDSTACK-1295 + + + NPE in usage parsers due to missing @Component inject + + + + + CLOUDSTACK-1299 + + + Errors in 4.5.5 section of installation guide + + + + + CLOUDSTACK-1300 + + + section in wrong order in installation guide + + + + + CLOUDSTACK-1303 + + + Ipv6 - java.lang.NullPointerException when executing listnetworks() and deployVirtualMachine() after extending the Ipv4 range of a dual stack network + + + + + CLOUDSTACK-1307 + + + Noticed NPE when we put host in maintenance mode in clustered management setup + + + + + CLOUDSTACK-1310 + + + ASF-build-master-nonoss-rhel63 - create advance zone FAIL - CreatePhysicalNetworkCmd FAIL - MySQLIntegrityConstraintViolationException: Duplicate entry '200-Public' for key 'physical_network_id + + + + + CLOUDSTACK-1312 + + + "Fix rolling upgrades from 4.0 to 4.1 in 4.1 release, fix db schemas to be same as 4.0 + + + + + CLOUDSTACK-1313 + + + Working with Volumes Section Is Missing + + + + + CLOUDSTACK-1315 + + + [F5-SRX-InlineMode] Network implement failed with Run time Exception during network upgrade from VR to SRX-F + + + + + CLOUDSTACK-1319 + + + createCustomerVpnGateway response gives TypeError: json.createvpncustomergatewayresponse is undefined + + + + + CLOUDSTACK-1320 + + + Routers naming convention is changed to hostname. + + + + + CLOUDSTACK-1321 + + + [Site-to-Site VPN] No events are generated in case of status change in site to site vpn connection + + + + + CLOUDSTACK-1326 + + + KVM - Failed to start cloud agent from SSVM + + + + + CLOUDSTACK-1328 + + + console view unable to connect - CPVM SSVM guest VM + + + + + CLOUDSTACK-1329 + + + "API listRouters response returns hostname instead of Virtual Routers, UI displays host entry for each VR + + + + + CLOUDSTACK-1330 + + + ec2-run-instances - When -n option is used to deploy multiple Vms API returns error even though few of the Vms have been deployed successfully + + + + + CLOUDSTACK-1331 + + + Upgrade fails for a 2.2.14 Zone having multiple guest networks using network_tags and Public Vlan + + + + + CLOUDSTACK-1332 + + + IPV6 - Router and guest Vms should be able to use an IPV6 address for external DNS entry + + + + + CLOUDSTACK-1334 + + + vmware.root.disk.controller doesn't work + + + + + CLOUDSTACK-1337 + + + Zone to zone template/ISO copy fails and template/ISO download also fail + + + + + CLOUDSTACK-1338 + + + Deploy VM failed using IS + + + + + CLOUDSTACK-1339 + + + ASF 4.1: Management server becomes unresponsive + + + + + CLOUDSTACK-1341 + + + URL for the KEYs file is wrong in the installation guide + + + + + CLOUDSTACK-1342 + + + Document installation and usage of cloudmonkey for 4.1 docs + + + + + CLOUDSTACK-1343 + + + Porting Baremetal related UI changes to ACS + + + + + CLOUDSTACK-1344 + + + Typo in use.external.dns setting description + + + + + CLOUDSTACK-1345 + + + BigSwitch plugin introduces 'VNS' isolation in UI without backend implementation + + + + + CLOUDSTACK-1346 + + + "Check to see if external devices are used in the network, is hardcoded for specific devices + + + + + CLOUDSTACK-1347 + + + "Not able to delete network. Error - ""Unable to insert queue item into database, DB is full?"" + + + + + CLOUDSTACK-1348 + + + API/UI: zoneObj is undefined. + + + + + CLOUDSTACK-1349 + + + "VPC network Adding Network ACls, PF rules - Unable to insert queue item into database, DB is full? PF rules and NW Acls in Add state in DB + + + + + CLOUDSTACK-1350 + + + Management server Stop and start causes previously downloaded ISOs and templates to redownload & reinstall. + + + + + CLOUDSTACK-1353 + + + KVM 6.3 snapshot Scheduling snapshot failed due to java.lang.NullPointerExceptio + + + + + CLOUDSTACK-1357 + + + "Autoscale: Provisioned VMs from Netscaler not being added to lb vserver, provserver fails with provserver_err_asynctaskpoll + + + + + CLOUDSTACK-1360 + + + The clusterid field of the createStoragePool API command should be documented as required. + + + + + CLOUDSTACK-1367 + + + NPE noticed in logs while AgentMonitor is monitoring the host ping interval + + + + + CLOUDSTACK-1368 + + + Shared network - Not able to delete network because of java.lang.NullPointerException + + + + + CLOUDSTACK-1369 + + + "Ipv6 - In dual Stack network, guest VM does not have the Ipv6 address of the router programmed in /etc/resolv.conf for DNS resolution. + + + + + CLOUDSTACK-1370 + + + DeployVM Fail - VPC or non-VPC network + + + + + CLOUDSTACK-1375 + + + deploydb failing with acs master + + + + + CLOUDSTACK-1376 + + + Unable to migrate VM due to internal error process exited while connecting to monitor + + + + + CLOUDSTACK-1377 + + + HA fail - when host is shutdown, VMs and SSVMs are not failover to second host in cluster. + + + + + CLOUDSTACK-1382 + + + vm deploy fails with Error "cannot find DeployPlannerSelector for vm" + + + + + CLOUDSTACK-1383 + + + Deploying basic zone on 4.1 fails in NP + + + + + CLOUDSTACK-1386 + + + BASIC zone SSVM fail to start due to exception + + + + + CLOUDSTACK-1388 + + + UI - ListUsers doesnt display any User except the Default Root Admin User + + + + + CLOUDSTACK-1391 + + + EventBus is not getting injected after javelin merge + + + + + CLOUDSTACK-1394 + + + [F5-SRX-InlineMode] Failure in static nat configuration on SRX does not result in LB configuration error in CS during LB rule configuratio + + + + + CLOUDSTACK-1397 + + + Static Nat configuration is failing with NP + + + + + CLOUDSTACK-1399 + + + Unhandled exception executing api command: stopVirtualMachine + + + + + CLOUDSTACK-1402 + + + listRouters API response doesn't return linklocal IP and public IP detail + + + + + CLOUDSTACK-1403 + + + Storage and console-proxy related error + + + + + CLOUDSTACK-1411 + + + Issues with VMWare Hypervisor host_ids not updated when ESX(i) crashes in instance table + + + + + CLOUDSTACK-1414 + + + Redundant router: BACKUP switch cancelled due to lock timeout after a glitch in network. + + + + + CLOUDSTACK-1417 + + + When invalid values are passed to createNetwork(), error message does not indicate the parameter name that has invalid values. + + + + + CLOUDSTACK-1418 + + + As regular user, we are not allowed to deploy VM on a shared network. + + + + + CLOUDSTACK-1419 + + + Apache-ify and apply trademark logos in the UI + + + + + CLOUDSTACK-1420 + + + Ensure trademarks are properly attributed in publican brand + + + + + CLOUDSTACK-1423 + + + Unable to launch UI [HTTP Status 404]. + + + + + CLOUDSTACK-1425 + + + unhandled exception executing api command: migrateVirtualMachine & recoverVirtualMachine + + + + + CLOUDSTACK-1427 + + + Failed to delete Guestnetwork which has LB with Netscaler + + + + + CLOUDSTACK-1428 + + + [UI] Instance which are created without display name are not visible when added to LB + + + + + CLOUDSTACK-1429 + + + single account is unable to use same vnet across multiple physical network + + + + + CLOUDSTACK-1436 + + + 4.1 management server fails to start from RPM build artifact + + + + + CLOUDSTACK-1443 + + + As domain admin we are allowed to create shared network + + + + + CLOUDSTACK-1446 + + + [UI]VPC Router type should be of type vpc and not syste + + + + + CLOUDSTACK-1447 + + + [UI]Persistent Status is not displayed for VPC Tier + + + + + CLOUDSTACK-1449 + + + listAccounts and listProjectAccounts API lists all the users not account-specific users for each account returne + + + + + CLOUDSTACK-1451 + + + Getting EntityExistsException while creating more than one project in CS 4. + + + + + CLOUDSTACK-1452 + + + Public IP's are assigned to private interface with VPC Restart [PF/LB rules are not functional + + + + + CLOUDSTACK-1461 + + + "Ipv6 - From a Vm that that is part of 2 networks, non default network router's details should not get programmed in the DNS entries of the guest VM. + + + + + CLOUDSTACK-1463 + + + IPV6 - Ubuntu 12.10 - Multiple Nic - IPV6 address is assigned automatically for 1 nic only. Need to do a manual dhclient request to get the ipv6 for other nic + + + + + CLOUDSTACK-1464 + + + "IPV6 - Multi nic - Ubuntu 1210 -When Vm is stopped and started/ rebooted, i get multiple global IPV6 addresses being allocated for one of the nics. + + + + + CLOUDSTACK-1465 + + + List Zones returns null under create instance when logged is as use + + + + + CLOUDSTACK-1467 + + + Failed to create Volume for the System Vm's + + + + + CLOUDSTACK-1469 + + + kvm agent: agent service fails to start u + + + + + CLOUDSTACK-1470 + + + unhandled exception executing api command: deployVirtualMachin + + + + + CLOUDSTACK-1472 + + + AssignVirtualMachine API with wrong Virtual Instance ID failed with NP + + + + + CLOUDSTACK-1473 + + + deleteDomain is failing with NP + + + + + CLOUDSTACK-1481 + + + "IPV6 - When Vm is part of 1 dual network and 1 ipv6 network, name resolution using fqdn fails for the ipv6 network. + + + + + CLOUDSTACK-1482 + + + IPV6 - We are not allowed to create a shared IPV6 network with a VLAN which already is associated with a IPV4 network + + + + + CLOUDSTACK-1484 + + + "API Throttling : api.throttling.enabled, Global setting missing + + + + + CLOUDSTACK-1485 + + + Add Baremetal Provider back to 4.1 branc + + + + + CLOUDSTACK-1487 + + + cloudstack-setup-agent fails to set private.network.device on KVM host ad + + + + + CLOUDSTACK-1488 + + + "Ipv6 - When Vm is deployed as part of multiple networks, one of the IPV6 address assigned to guest VM is lost. + + + + + CLOUDSTACK-1490 + + + 4.1 deb management fails to start due to tomcat dep problem + + + + + CLOUDSTACK-1496 + + + List API Performance: listAccounts failing with OOME for high values of pagesize (>1000 + + + + + CLOUDSTACK-1499 + + + ListAPI Performance for few APIs not as good as it was before API optimizatio + + + + + CLOUDSTACK-1503 + + + listHypervisor API not getting fired when logged in as Use + + + + + CLOUDSTACK-1505 + + + Unknown column 'domain.region_id' in 'field list + + + + + CLOUDSTACK-1509 + + + Failed to implement network elements and resources while provisioning for persistent network(createVlanIpRange to an account + + + + + CLOUDSTACK-1511 + + + [UI] Instances NIC details does not have Network Nam + + + + + CLOUDSTACK-1512 + + + [UI] Wrong message[message.configure.all.traffic.types] when trying to create zone with mulitple physical networks without providing the traffic labe + + + + + CLOUDSTACK-1515 + + + None of the cloudstack packges are marked for upgrade when tried to upgrade from.4.0/4.0.1 to 4. + + + + + CLOUDSTACK-1516 + + + Create documentation in languages that have translations availabl + + + + + CLOUDSTACK-1517 + + + Check UI in languages availabl + + + + + CLOUDSTACK-1521 + + + Redundant router: Services are not stopped when switch to BACKUP stat + + + + + CLOUDSTACK-1526 + + + Template registration fails in the VMware Setup + + + + + CLOUDSTACK-1531 + + + vmware create volume from snapshot will missing dat + + + + + CLOUDSTACK-1537 + + + Restart network with clean up set to true causes Autoscaled LB rule to get mangled and unusabl + + + + + CLOUDSTACK-1541 + + + NPE while deleting snapshot :Unexpected exception while executing org.apache.cloudstack.api.command.user.snapshot.DeleteSnapshotCm + + + + + CLOUDSTACK-1542 + + + unhandled exception while creating projec + + + + + CLOUDSTACK-1544 + + + The description and the response format for the deleteUser command are incorrec + + + + + CLOUDSTACK-1550 + + + createaccountresponse returns more than the user you requested for creation + + + + + CLOUDSTACK-1553 + + + AWS Regions-Not able to list accounts from the 2nd region after user/account/domain details have been manually synced up from first region + + + + + CLOUDSTACK-1555 + + + "AWS Regions - userapikey and usersecretkey parameters are not returned in the response of addRegion, updateRegion listRegion api calls.. + + + + + CLOUDSTACK-1557 + + + EC2 REST API : cloudbridge database is missing on the CloudStack Installatio + + + + + CLOUDSTACK-1562 + + + Replace the short-cut solution of supportting @DB with the formal on + + + + + CLOUDSTACK-1565 + + + "Used Master Branch System VM Template: Default Route on the System VMs (SSVM,CPVM and VR) is missing + + + + + CLOUDSTACK-1566 + + + Baremetal API addBaremetalPxePingServer fail to add PXE PING server to deployment causing create instance with PING style image to fai + + + + + CLOUDSTACK-1569 + + + "AWS Regions - Not able to Edit domain/account/user from a region that is not the owner region.""The content of elements must consist of well-formed character data or markup."" - error message presented to the user. + + + + + CLOUDSTACK-1571 + + + "AWS Regions - When deleting domain/account/user from a region that is not the owner, the request is not being forwarded to the owner region. + + + + + CLOUDSTACK-1574 + + + updateResourceCount API is failed saying to specify valida resource type even after parsing the valid resource typ + + + + + CLOUDSTACK-1583 + + + AWS Regions - RabbitMQ Server did not recieve any event notification during account creation + + + + + CLOUDSTACK-1587 + + + "Basic zone - CPVM fail to go to running state, Exception while trying to start secondary storage vm + + + + + CLOUDSTACK-1588 + + + "AWS Regions - When registerUserKeys() is called for a user from a region that is not the owner, it is handled by this region. + + + + + CLOUDSTACK-1600 + + + Typo in dpkg-buildpackage comman + + + + + CLOUDSTACK-1604 + + + "deploy VM failed when global setting ""vm.allocation.algorithm"" is set to ""userdispersing"" + + + + + CLOUDSTACK-1615 + + + "VMware Cluster discovery fails with if ESXi version is 5.0 Update 1, build 721882 + + + + + CLOUDSTACK-1620 + + + Cannot provision CentOS 6 VMs on XenServer 6. + + + + + CLOUDSTACK-1621 + + + listProjectInvitations fails with NPE for valid request + + + + + CLOUDSTACK-1624 + + + API is not returning response in details:UI is also not returning any outpu + + + + + CLOUDSTACK-1625 + + + NPE with updateResourceCount when && is passed thru AP + + + + + CLOUDSTACK-1630 + + + 4.0.x cloud-aws-api not properly obsoleted + + + + + CLOUDSTACK-1631 + + + 4.1 RPM packaging broke + + + + + CLOUDSTACK-1636 + + + AWS Regions - Remove the concept of having an owner region for domain/account/user objects + + + + + CLOUDSTACK-1642 + + + Add support CentOS 6. + + + + + CLOUDSTACK-1648 + + + Unable to add KVM hos + + + + + CLOUDSTACK-1649 + + + vmware vm os type erro + + + + + CLOUDSTACK-1651 + + + agent scripts still pointing to /var/log/cloud + + + + + CLOUDSTACK-1656 + + + NicResponses in a UserVmResponse are not preseving the natural order + + + + + CLOUDSTACK-1663 + + + AWS Regions - Events - There are no events being generated when a new domain is added/edited + + + + + CLOUDSTACK-1664 + + + Action Events are not logged due to spring change + + + + + CLOUDSTACK-1665 + + + AWS Regions - Events - There are no events being generated when a new user is added/edited/enabled/deleted/password changes/api & secret keys are generated + + + + + CLOUDSTACK-1666 + + + KVM VPC NetworkUsage doesnot wor + + + + + CLOUDSTACK-1668 + + + IP conflict in VPC tie + + + + + CLOUDSTACK-1671 + + + AWS Regions - Events - Domain Delete event does not include the UUID of the domain that was deleted + + + + + CLOUDSTACK-1674 + + + AWS Regions - Events - Account Deletion event does not include the UUID of the account deleted + + + + + CLOUDSTACK-1681 + + + Upgrade instructions mention incorrect name and description of systemvm-vmware template in registering template section + + + + + CLOUDSTACK-1684 + + + "api.throttling.enabled configuration setting should be set to ""false"" in Config.java + + + + + CLOUDSTACK-1688 + + + AWS Regions - Domain admin user is not able to use getUser() command to fetch user details + + + + + CLOUDSTACK-1690 + + + NPE from API server when starting mgmt serve + + + + + CLOUDSTACK-1694 + + + Issues to start/access Management Server after upgrade from 4.0 to 4. + + + + + CLOUDSTACK-1697 + + + Six DB tables are not available with upgraded setup(4.0 to 4.1) when compare to 4.1 newly installatio + + + + + CLOUDSTACK-1706 + + + "Failed to deploy VM with error ""cannot find DeployPlannerSelector"" + + + + + CLOUDSTACK-1709 + + + "AWS Regions - As part of adding a new region, project related entries should not be synced from accounts table. + + + + + CLOUDSTACK-1710 + + + "AWS Regions - As part of adding a new region,default_zone_id column for the account entries should not be synced. + + + + + CLOUDSTACK-1711 + + + AWS Regions - Include all the details of the API call made in the Events payload when changes in Admin/Account/User objects are made. + + + + + CLOUDSTACK-1713 + + + EC2 REST API: AWS API Installation Problem + + + + + CLOUDSTACK-1714 + + + Doc section has wrong title: Setting Zone VLAN and Running VM Maximum + + + + + CLOUDSTACK-1715 + + + "Missing ""host"" config setting in docs on management server load balancing + + + + + CLOUDSTACK-1716 + + + "AWS Regions - listRegions(),removeRegions(),updateRegions() should accept UUID value instead of id. + + + + + CLOUDSTACK-1718 + + + AWS Regions - removeRegion() response returns updateregionresponse + + + + + CLOUDSTACK-1719 + + + EC2 REST API: AWS APIs are not getting translated on the CloudStack Management Serve + + + + + CLOUDSTACK-1720 + + + Have an upgrade path from 4.0.x to 4.1 and 4.0.x to 4.2. + + + + + CLOUDSTACK-1729 + + + Ensure adapter execution order in runtim + + + + + CLOUDSTACK-1733 + + + [ACS41][UI] Add guest network is missing ip range fields and missing network offering + + + + + CLOUDSTACK-1736 + + + Ubuntu 12.04 cloud-setup-management Failed to configure CloudStack Management Serve + + + + + CLOUDSTACK-1738 + + + StatsCollector is not runnin + + + + + CLOUDSTACK-1740 + + + Failed to view consol + + + + + CLOUDSTACK-1746 + + + Cloudstack Usage Server won't star + + + + + CLOUDSTACK-1747 + + + "mvn deploydb only creates 4.0 DB, not 4.1 + + + + + CLOUDSTACK-1750 + + + injectkeys script fails on OSX because cp does not have a -b option (backup of destination file + + + + + CLOUDSTACK-1761 + + + Available local storage disk capacity incorrectly reported in KVM to manager + + + + + CLOUDSTACK-1764 + + + ListTemplateCommand failed with java.lang.NumberFormatException and failed to create default template. + + + + + CLOUDSTACK-1772 + + + the change in vnc listening port will cause live migration doesn't work. + + + + + CLOUDSTACK-1773 + + + Disable baremetal functionality + + + + + CLOUDSTACK-1776 + + + NPE on listSecondaryStorageHostsInAllZones in Upgraded setup from 4.0 to 4.1.0 + + + + + CLOUDSTACK-1785 + + + Redundant Router test cases failing during automation run. + + + + + CLOUDSTACK-1789 + + + Unable to download templates to Primary Storage if a host is in maintenance. + + + + + CLOUDSTACK-1791 + + + Volumes with storage tags can't be attached. + + + + + CLOUDSTACK-1792 + + + "AWS Regions - RuntimeException while executing listAccounts(), when the encryption keys are set to different values between regions. + + + + + CLOUDSTACK-1793 + + + L10n docs don't build in chinese, portuguese and japanese + + + + + CLOUDSTACK-1795 + + + Customize AOP to fully support legacy CloudStack @DB and @ActionEvent semantics. + + + + + CLOUDSTACK-1796 + + + Japanese docs don't build. + + + + + CLOUDSTACK-1802 + + + Upgrade 4.0 -> 4.1 - Not able to start management server becasue of missing /etc/cloudstack/management/tomcat6.conf file + + + + + CLOUDSTACK-1804 + + + Upgrade 4.0 -> 4.1 - DB upgrade fails + + + + + CLOUDSTACK-1805 + + + com.mysql.jdbc.exceptions.jdbc4.CommunicationsException seen after long time of inactivity resulting in not being able to log in to the management server + + + + + CLOUDSTACK-1810 + + + listTemplate API with templatefilter=featured|community is not returning any lists + + + + + CLOUDSTACK-1811 + + + "Upgrade 4.0->4.1 - When upgrade scripts fail, component loading continues and management server starts. + + + + + CLOUDSTACK-1812 + + + create physical network fails while creating basic zon + + + + + CLOUDSTACK-1825 + + + EC2 REST API: AWS APIs fail to execute due to BeanCreationException: Error creating bean with name 'SAclDaoImpl + + + + + CLOUDSTACK-1826 + + + "Storage migration not working, seemingly due to uuid vs id + + + + + CLOUDSTACK-1827 + + + Redundant router - When VR Master was stopped failover to VR Backup did not occur. + + + + + CLOUDSTACK-1834 + + + "Events are not generated for registerUserKeys(), Enabling account and Editing account. + + + + + CLOUDSTACK-1836 + + + License header failures for ja-JP .po translation file + + + + + CLOUDSTACK-1839 + + + Upgrade 4.0 -> 4.1 - Upgraded DB has lot more keys and indexes for many tables compare to the fresh installed 4.1 DB + + + + + CLOUDSTACK-1841 + + + ASF 4.0 to 4.1 Upgrade: Missing Few Global Configuration parameters on the Upgraded Setup. + + + + + CLOUDSTACK-1842 + + + ASF 4.0 to 4.1 Upgrade: Missing Ubuntu 12.04 Guest OS Types on the Upgraded Setup. + + + + + CLOUDSTACK-1844 + + + Upgrade 4.0 -> 4.1 - KVM host agent.properties is not restored as part of upgrading the binaries from 4.0 to 4.1. + + + + + CLOUDSTACK-1845 + + + KVM - storage migration often fail. + + + + + CLOUDSTACK-1846 + + + "KVM - storage pools can silently fail to be unregistered, leading to failure to register later. + + + + + CLOUDSTACK-1848 + + + Cloudstack Packages are not got updated with scenario 4.0 to 4.1 upgrade where MS is on Ubuntu 12.04. + + + + + CLOUDSTACK-1856 + + + Upgrade 4.0 -> 4.1 - Fresh install of 4.1 has 3 parameters missing in db.properties compared to an upgraded 4.0 set up + + + + + CLOUDSTACK-1873 + + + "Installation : JasyptPBEStringDecryptionCLI missing, failed to decrypt db password + + + + + CLOUDSTACK-1874 + + + AWS Regions - Account table in cloud_usage DB has region_id + + + + + CLOUDSTACK-1876 + + + External Devices - network offering for external devices is not returned in API listNetworkOfferings when creating instances. + + + + + CLOUDSTACK-1877 + + + Failed to connect to DB while starting Ubuntu management server after upgrading the packages from 4.0 to 4.1.0 + + + + + CLOUDSTACK-1882 + + + “HTTP Status 404 。 The requested resource () is not available. + + + + + CLOUDSTACK-1890 + + + listProjects is not listing state in the respons + + + + + CLOUDSTACK-1900 + + + "Upgrade 4.0 -> 4.1, We do not have a copy of db.properties that comes from a 4.1 installation saved anywhere. + + + + + CLOUDSTACK-1929 + + + ASF 4.1 cloudstack agent fail to install in KVM host CENTOS 6.3 OS: qemu-kvm-0.12.1.2-3.295.el6.10.x86_64 requires libusbredirparser.so. + + + + + CLOUDSTACK-1934 + + + NPE with listSupportedNetworkServices after upgrade from 4.0 to 4.1 (Ubuntu MS + + + + + CLOUDSTACK-1935 + + + Cloud utilities are not renamed to Cloudstack after upgrade from 4.0 to 4.1 [Ubutnu MS + + + + + CLOUDSTACK-1936 + + + On CentOS, after a upgrade from 4.0.1 to 4.1 on a cloud node (cloud-agent), the new cloustack-agent isn't add as a service (chkconfig) + + + + + CLOUDSTACK-1951 + + + centos packaging: cloud-install-sys-tmplt can't find jasypt jar. + + + + + CLOUDSTACK-1971 + + + VM deployed to incorrect primary storage. + + + + + CLOUDSTACK-1972 + + + VM deployed to incorrect primary storage. + + + + + CLOUDSTACK-1978 + + + openvswitch - unable to start console session for SSVM CPVM user VM + + + + + CLOUDSTACK-1980 + + + "[4.1]cloudstack-setup-bridge, cloudstack-setup-encryption & cloudstack-sysvmadm utilities are not available in Ubuntu 12.04 Management Server. + + + + + CLOUDSTACK-1987 + + + Deleted service offerings owned by a domain show up to domain user. + + + + + CLOUDSTACK-1988 + + + AWS API using SOAP client - User Registeration fails + + + + + CLOUDSTACK-1989 + + + "Query service offering by ID returns no result, but querying all returns service offering + + + + + CLOUDSTACK-2003 + + + Deleting domain while deleted account is cleaning up leaves VMs expunging forever due to 'Failed to update resource count + + + + + CLOUDSTACK-2007 + + + Release Notes failing to build on jenkins.cs. + + + + CS-16135 + Creating volumes after upgrading from snapshot taken in 2.2.14 no longer deletes the snapshot physically from the secondary storage. + + + + +
+
+ Known Issues in 4.1.0 + + + + + + + + Issue ID + + + Description + + + + + + CLOUDSTACK-1747 + mvn deploydb only creates 4.0 DB, not 4.1 + Due to tooling changes between 4.1 and 4.2, CloudStack's database is created using the 4.0 schema and updated to the 4.1 schema when the management server starts for the first time. It's OK to see the same schema if the management server has not started yet. + + + + CLOUDSTACK-1824 + Service CloudStack-Management is being displayed as cloud-management service + Many scripts and text entries have references to cloud-management rather than cloudstack-management due to the changeover between 4.0 and 4.1 to rename services. This is a minor issue and should be corrected by 4.2. + + + + + CLOUDSTACK-1824 + Service CloudStack-Management is being displayed as cloud-management service + + + + + CLOUDSTACK-1510 + + + NPE when primary storage is added with wrong path + + + + + CLOUDSTACK-1428 + + + [UI] Instance which are created without display name are not visible when added to LB + + + + + CLOUDSTACK-1306 + + + Better Error message when trying to deploy Vm by passing static Ipv4 addresses that are assigned to another VM/IP4 address is outside the iprange. + + + + + CLOUDSTACK-1236 + + + Warning while adding Xen 6.1 host [Unable to create local link network] + + + + + CLOUDSTACK-969 + + + api: zone response lists vlan in it as "vlan range of zone" but the vlan belongs to physical network + + + + + CLOUDSTACK-963 + + + [cloud.utils.AnnotationHelper] class java.lang.Stringdoes not have a Table annotation + + + + + CLOUDSTACK-458 + + + xen:snapshots:Storage gc fail to clean the failed snapshot images from secondarystorage + + + + + CLOUDSTACK-315 + + + Infrastructure view does not show capacity values + + + + + CLOUDSTACK-300 + + + Creation of compute offering allow combination of local storage + HA + + + + + CLOUDSTACK-282 + + + Virtual Routers do not properly resolve DNS SRV Records + + + + + CLOUDSTACK-276 + + + SSVM ID is exposed in the Error Message thrown by AddTrafficType API + + + + + CLOUDSTACK-270 + + + Ui should not ask for a vlan range if the physical network isolation type is not VLAN + + + + + CLOUDSTACK-245 + + + VPC ACLs are not stored and programmed consistently + + + + + CLOUDSTACK-231 + + + Tag creation using special charecters + + + + + CLOUDSTACK-124 + + + NetworkGarbageCollector not cleaning up networks + + + + + CLOUDSTACK-62 + + + console proxy does not support any keymaps besides us, jp + + + + + +
+ Upgrade Instructions This section contains upgrade instructions from prior versions of CloudStack to Apache CloudStack 4.1.0. We include instructions on upgrading to Apache CloudStack from pre-Apache versions of Citrix CloudStack (last version prior to Apache is 3.0.2) and from the releases made while CloudStack was in the Apache Incubator. @@ -46,6 +4130,92 @@ under the License. Create RPM or Debian packages (as appropriate) and a repository from the 4.1.0 source, or check the Apache CloudStack downloads page at http://cloudstack.apache.org/downloads.html for package repositories supplied by community members. You will need them for step or step . Instructions for creating packages from the &PRODUCT; source are in the Installation Guide. + + For VMware Only + This step is only required if you are using VMware. You can safely skip this step if you are using KVM and/or Xen only. + + In each zone that includes VMware hosts, you need to add a new system VM template. + + + While running the existing 3.0.2 system, log in to the UI as root administrator. + + + In the left navigation bar, click Templates. + + + In Select view, click Templates. + + + Click Register template. + The Register template dialog box is displayed. + + + In the Register template dialog box, specify the following values (do not change these): + + + + + + + Field + Value + + + + + Name + systemvm-vmware-4.1 + + + Description + systemvm-vmware-4.1 + + + URL + http://download.cloud.com/templates/burbank/burbank-systemvm-08012012.ova + + + Zone + Choose the zone where this hypervisor is used + + + Hypervisor + VMware + + + Format + OVA + + + OS Type + Debian GNU/Linux 5.0 (32-bit) + + + Extractable + no + + + Password Enabled + no + + + Public + no + + + Featured + no + + + + + + + Watch the screen to be sure that the template downloads successfully and enters + the READY state. Do not proceed until this is successful. + + + Stop your management server or servers. Run this on all management server hosts: # service cloud-management stop @@ -102,17 +4272,17 @@ under the License. Restart the agent: -service cloud-agent stop -killall jsvc -service cloudstack-agent start + service cloud-agent stop + killall jsvc + service cloudstack-agent start During the upgrade, log4j-cloud.xml was simply copied over, so the logs will continue to be added to /var/log/cloud/agent/agent.log. There's nothing wrong with this, but if you prefer to be consistent, you can change this by copying over the sample configuration file: -cd /etc/cloudstack/agent -mv log4j-cloud.xml.dpkg-dist log4j-cloud.xml -service cloudstack-agent restart + cd /etc/cloudstack/agent + mv log4j-cloud.xml.dpkg-dist log4j-cloud.xml + service cloudstack-agent restart @@ -132,12 +4302,12 @@ service cloudstack-agent restart # tail -f sysvm.log The output to sysvm.log will look something like this: -Stopping and starting 1 secondary storage vm(s)... -Done stopping and starting secondary storage vm(s) -Stopping and starting 1 console proxy vm(s)... -Done stopping and starting console proxy vm(s). -Stopping and starting 4 running routing vm(s)... -Done restarting router(s). + Stopping and starting 1 secondary storage vm(s)... + Done stopping and starting secondary storage vm(s) + Stopping and starting 1 console proxy vm(s)... + Done stopping and starting console proxy vm(s). + Stopping and starting 4 running routing vm(s)... + Done restarting router(s). @@ -196,11 +4366,11 @@ Done restarting router(s). Name - systemvm-vmware-4.0 + systemvm-vmware-4.1 Description - systemvm-vmware-4.0 + systemvm-vmware-4.1 URL @@ -886,12 +5056,12 @@ Done restarting router(s). # tail -f sysvm.log The content should be like the following: -Stopping and starting 1 secondary storage vm(s)... -Done stopping and starting secondary storage vm(s) -Stopping and starting 1 console proxy vm(s)... -Done stopping and starting console proxy vm(s). -Stopping and starting 4 running routing vm(s)... -Done restarting router(s). + Stopping and starting 1 secondary storage vm(s)... + Done stopping and starting secondary storage vm(s) + Stopping and starting 1 console proxy vm(s)... + Done stopping and starting console proxy vm(s). + Stopping and starting 4 running routing vm(s)... + Done restarting router(s). @@ -1083,210 +5253,6 @@ Done restarting router(s). - - Version 4.1.0 -
- What’s New in 4.1 - Apache CloudStack 4.1.0 includes many new features. This section covers the most prominent new features and changes. -
-
- Issues Fixed in 4.1.0 - Apache CloudStack uses Jira - to track its issues. All new features and bugs for 4.1.0 have been tracked in Jira, and have - a standard naming convention of "CLOUDSTACK-NNNN" where "NNNN" is the issue number. - This section includes a summary of known issues against 4.0.0 that were fixed in 4.1.0. - - - - - - - - Defect - - - Description - - - - - - CS-16135 - Creating volumes after upgrading from snapshot taken in 2.2.14 no longer - deletes the snapshot physically from the secondary storage. - - - - -
-
- Known Issues in 4.1.0 - - - - - - - - Issue ID - - - Description - - - - - - CLOUDSTACK-1747 - mvn deploydb only creates 4.0 DB, not 4.1 - Due to tooling changes between 4.1 and 4.2, CloudStack's database is created using the 4.0 schema and updated to the 4.1 schema when the management server starts for the first time. It's OK to see the same schema if the management server has not started yet. - - - - CLOUDSTACK-1824 - Service CloudStack-Management is being displayed as cloud-management service - Many scripts and text entries have references to cloud-management rather than cloudstack-management due to the changeover between 4.0 and 4.1 to rename services. This is a minor issue and should be corrected by 4.2. - - - - - CLOUDSTACK-1824 - Service CloudStack-Management is being displayed as cloud-management service - - - - - CLOUDSTACK-1510 - - - NPE when primary storage is added with wrong path - - - - - CLOUDSTACK-1428 - - - [UI] Instance which are created without display name are not visible when added to LB - - - - - CLOUDSTACK-1306 - - - Better Error message when trying to deploy Vm by passing static Ipv4 addresses that are assigned to another VM/IP4 address is outside the iprange. - - - - - CLOUDSTACK-1236 - - - Warning while adding Xen 6.1 host [Unable to create local link network] - - - - - CLOUDSTACK-969 - - - api: zone response lists vlan in it as "vlan range of zone" but the vlan belongs to physical network - - - - - CLOUDSTACK-963 - - - [cloud.utils.AnnotationHelper] class java.lang.Stringdoes not have a Table annotation - - - - - CLOUDSTACK-458 - - - xen:snapshots:Storage gc fail to clean the failed snapshot images from secondarystorage - - - - - CLOUDSTACK-315 - - - Infrastructure view does not show capacity values - - - - - CLOUDSTACK-300 - - - Creation of compute offering allow combination of local storage + HA - - - - - CLOUDSTACK-282 - - - Virtual Routers do not properly resolve DNS SRV Records - - - - - CLOUDSTACK-276 - - - SSVM ID is exposed in the Error Message thrown by AddTrafficType API - - - - - CLOUDSTACK-270 - - - Ui should not ask for a vlan range if the physical network isolation type is not VLAN - - - - - CLOUDSTACK-245 - - - VPC ACLs are not stored and programmed consistently - - - - - CLOUDSTACK-231 - - - Tag creation using special charecters - - - - - CLOUDSTACK-124 - - - NetworkGarbageCollector not cleaning up networks - - - - - CLOUDSTACK-62 - - - console proxy does not support any keymaps besides us, jp - - - - - -
- diff --git a/docs/en-US/hypervisor-kvm-install-flow.xml b/docs/en-US/hypervisor-kvm-install-flow.xml index 6cc73e4fdfa..7dfd47d2e52 100644 --- a/docs/en-US/hypervisor-kvm-install-flow.xml +++ b/docs/en-US/hypervisor-kvm-install-flow.xml @@ -34,4 +34,5 @@ + diff --git a/engine/api/src/org/apache/cloudstack/engine/subsystem/api/storage/CommandResult.java b/engine/api/src/org/apache/cloudstack/engine/subsystem/api/storage/CommandResult.java index 6b6139b937d..cc45914dc41 100644 --- a/engine/api/src/org/apache/cloudstack/engine/subsystem/api/storage/CommandResult.java +++ b/engine/api/src/org/apache/cloudstack/engine/subsystem/api/storage/CommandResult.java @@ -34,7 +34,7 @@ public class CommandResult { return !this.success; } - public void setSucess(boolean success) { + public void setSuccess(boolean success) { this.success = success; } diff --git a/engine/api/src/org/apache/cloudstack/engine/subsystem/api/storage/ObjectInDataStoreStateMachine.java b/engine/api/src/org/apache/cloudstack/engine/subsystem/api/storage/ObjectInDataStoreStateMachine.java index 726ce0821c5..f619ef4e976 100644 --- a/engine/api/src/org/apache/cloudstack/engine/subsystem/api/storage/ObjectInDataStoreStateMachine.java +++ b/engine/api/src/org/apache/cloudstack/engine/subsystem/api/storage/ObjectInDataStoreStateMachine.java @@ -26,7 +26,7 @@ public interface ObjectInDataStoreStateMachine extends StateObject - + diff --git a/engine/storage/src/org/apache/cloudstack/storage/HypervsiorHostEndPointRpcServer.java b/engine/storage/src/org/apache/cloudstack/storage/HypervisorHostEndPointRpcServer.java similarity index 92% rename from engine/storage/src/org/apache/cloudstack/storage/HypervsiorHostEndPointRpcServer.java rename to engine/storage/src/org/apache/cloudstack/storage/HypervisorHostEndPointRpcServer.java index f441f39ddfa..bc217769d91 100644 --- a/engine/storage/src/org/apache/cloudstack/storage/HypervsiorHostEndPointRpcServer.java +++ b/engine/storage/src/org/apache/cloudstack/storage/HypervisorHostEndPointRpcServer.java @@ -36,16 +36,16 @@ import com.cloud.agent.api.Command; import com.cloud.utils.exception.CloudRuntimeException; @Component -public class HypervsiorHostEndPointRpcServer implements HostEndpointRpcServer { - private static final Logger s_logger = Logger.getLogger(HypervsiorHostEndPointRpcServer.class); +public class HypervisorHostEndPointRpcServer implements HostEndpointRpcServer { + private static final Logger s_logger = Logger.getLogger(HypervisorHostEndPointRpcServer.class); @Inject private RpcProvider rpcProvider; - public HypervsiorHostEndPointRpcServer() { + public HypervisorHostEndPointRpcServer() { } - public HypervsiorHostEndPointRpcServer(RpcProvider rpcProvider) { + public HypervisorHostEndPointRpcServer(RpcProvider rpcProvider) { rpcProvider = rpcProvider; rpcProvider.registerRpcServiceEndpoint(RpcServiceDispatcher.getDispatcher(this)); } @@ -91,7 +91,7 @@ public class HypervsiorHostEndPointRpcServer implements HostEndpointRpcServer { @Override public Answer sendCommand(HypervisorHostEndPoint host, Command command) { SendCommandContext context = new SendCommandContext(null); - AsyncCallbackDispatcher caller = AsyncCallbackDispatcher.create(this); + AsyncCallbackDispatcher caller = AsyncCallbackDispatcher.create(this); caller.setCallback(caller.getTarget().sendCommandCallback(null, null)) .setContext(context); @@ -109,7 +109,7 @@ public class HypervsiorHostEndPointRpcServer implements HostEndpointRpcServer { return context.getAnswer(); } - protected Object sendCommandCallback(AsyncCallbackDispatcher callback, SendCommandContext context) { + protected Object sendCommandCallback(AsyncCallbackDispatcher callback, SendCommandContext context) { context.setAnswer((Answer)callback.getResult()); synchronized(context) { context.notify(); diff --git a/engine/storage/src/org/apache/cloudstack/storage/allocator/AbstractStoragePoolAllocator.java b/engine/storage/src/org/apache/cloudstack/storage/allocator/AbstractStoragePoolAllocator.java index 6334ca7f2dc..3a66b859b39 100755 --- a/engine/storage/src/org/apache/cloudstack/storage/allocator/AbstractStoragePoolAllocator.java +++ b/engine/storage/src/org/apache/cloudstack/storage/allocator/AbstractStoragePoolAllocator.java @@ -176,7 +176,7 @@ public abstract class AbstractStoragePoolAllocator extends AdapterBase implement Long clusterId = pool.getClusterId(); ClusterVO cluster = _clusterDao.findById(clusterId); - if (!(cluster.getHypervisorType() == dskCh.getHypersorType())) { + if (!(cluster.getHypervisorType() == dskCh.getHypervisorType())) { if (s_logger.isDebugEnabled()) { s_logger.debug("StoragePool's Cluster does not have required hypervisorType, skipping this pool"); } diff --git a/engine/storage/src/org/apache/cloudstack/storage/allocator/ZoneWideStoragePoolAllocator.java b/engine/storage/src/org/apache/cloudstack/storage/allocator/ZoneWideStoragePoolAllocator.java index 7c6c946765f..1d3cd819d70 100644 --- a/engine/storage/src/org/apache/cloudstack/storage/allocator/ZoneWideStoragePoolAllocator.java +++ b/engine/storage/src/org/apache/cloudstack/storage/allocator/ZoneWideStoragePoolAllocator.java @@ -57,7 +57,7 @@ public class ZoneWideStoragePoolAllocator extends AbstractStoragePoolAllocator { DeploymentPlan plan, ExcludeList avoid, int returnUpTo) { s_logger.debug("ZoneWideStoragePoolAllocator to find storage pool"); List suitablePools = new ArrayList(); - HypervisorType hypervisor = dskCh.getHypersorType(); + HypervisorType hypervisor = dskCh.getHypervisorType(); if (hypervisor != null) { if (hypervisor != HypervisorType.KVM) { s_logger.debug("Only kvm supports zone wide storage"); diff --git a/engine/storage/src/org/apache/cloudstack/storage/datastore/DataObjectManagerImpl.java b/engine/storage/src/org/apache/cloudstack/storage/datastore/DataObjectManagerImpl.java index 218f9013a17..9d1afbeacad 100644 --- a/engine/storage/src/org/apache/cloudstack/storage/datastore/DataObjectManagerImpl.java +++ b/engine/storage/src/org/apache/cloudstack/storage/datastore/DataObjectManagerImpl.java @@ -109,7 +109,7 @@ public class DataObjectManagerImpl implements DataObjectManager { if (obj == null) { CreateCmdResult result = new CreateCmdResult( null, null); - result.setSucess(false); + result.setSuccess(false); result.setResult(e.toString()); callback.complete(result); return; @@ -124,7 +124,7 @@ public class DataObjectManagerImpl implements DataObjectManager { data, store); } catch (Exception e) { CreateCmdResult result = new CreateCmdResult(null, null); - result.setSucess(false); + result.setSuccess(false); result.setResult(e.toString()); callback.complete(result); return; @@ -153,7 +153,7 @@ public class DataObjectManagerImpl implements DataObjectManager { s_logger.debug("state transation failed", e1); } CreateCmdResult result = new CreateCmdResult(null, null); - result.setSucess(false); + result.setSuccess(false); result.setResult(e.toString()); callback.complete(result); return; diff --git a/engine/storage/volume/src/org/apache/cloudstack/storage/datastore/driver/DefaultPrimaryDataStoreDriverImpl.java b/engine/storage/volume/src/org/apache/cloudstack/storage/datastore/driver/DefaultPrimaryDataStoreDriverImpl.java index 6d0c2c6862b..e5ee742f5ba 100644 --- a/engine/storage/volume/src/org/apache/cloudstack/storage/datastore/driver/DefaultPrimaryDataStoreDriverImpl.java +++ b/engine/storage/volume/src/org/apache/cloudstack/storage/datastore/driver/DefaultPrimaryDataStoreDriverImpl.java @@ -144,12 +144,12 @@ public class DefaultPrimaryDataStoreDriverImpl implements PrimaryDataStoreDriver CreateVolumeAnswer answer = (CreateVolumeAnswer)callback.getResult(); CommandResult result = new CommandResult(); if (answer == null || answer.getDetails() != null) { - result.setSucess(false); + result.setSuccess(false); if (answer != null) { result.setResult(answer.getDetails()); } } else { - result.setSucess(true); + result.setSuccess(true); VolumeObject volume = context.getVolume(); volume.setPath(answer.getVolumeUuid()); } diff --git a/engine/storage/volume/src/org/apache/cloudstack/storage/datastore/provider/DefaultPrimaryDatastoreProviderImpl.java b/engine/storage/volume/src/org/apache/cloudstack/storage/datastore/provider/DefaultPrimaryDatastoreProviderImpl.java index 46fa738e294..8c674dc0444 100644 --- a/engine/storage/volume/src/org/apache/cloudstack/storage/datastore/provider/DefaultPrimaryDatastoreProviderImpl.java +++ b/engine/storage/volume/src/org/apache/cloudstack/storage/datastore/provider/DefaultPrimaryDatastoreProviderImpl.java @@ -42,7 +42,7 @@ public class DefaultPrimaryDatastoreProviderImpl implements PrimaryDataStoreProv @Inject PrimaryDataStoreProviderManager storeMgr; - protected DataStoreLifeCycle lifecyle; + protected DataStoreLifeCycle lifecycle; protected String uuid; protected long id; @Override @@ -52,12 +52,12 @@ public class DefaultPrimaryDatastoreProviderImpl implements PrimaryDataStoreProv @Override public DataStoreLifeCycle getDataStoreLifeCycle() { - return this.lifecyle; + return this.lifecycle; } @Override public boolean configure(Map params) { - lifecyle = ComponentContext.inject(DefaultPrimaryDataStoreLifeCycleImpl.class); + lifecycle = ComponentContext.inject(DefaultPrimaryDataStoreLifeCycleImpl.class); driver = ComponentContext.inject(DefaultPrimaryDataStoreDriverImpl.class); listener = ComponentContext.inject(DefaultHostListener.class); return true; diff --git a/engine/storage/volume/src/org/apache/cloudstack/storage/volume/TemplateInstallStrategyImpl.java b/engine/storage/volume/src/org/apache/cloudstack/storage/volume/TemplateInstallStrategyImpl.java index 5f1735c180a..e09961913de 100644 --- a/engine/storage/volume/src/org/apache/cloudstack/storage/volume/TemplateInstallStrategyImpl.java +++ b/engine/storage/volume/src/org/apache/cloudstack/storage/volume/TemplateInstallStrategyImpl.java @@ -107,7 +107,7 @@ public class TemplateInstallStrategyImpl implements TemplateInstallStrategy { if (obj == null) { CreateBaseImageResult result = new CreateBaseImageResult( null); - result.setSucess(false); + result.setSuccess(false); result.setResult(e.toString()); callback.complete(result); return null; @@ -122,7 +122,7 @@ public class TemplateInstallStrategyImpl implements TemplateInstallStrategy { template, store); } catch (Exception e) { CreateBaseImageResult result = new CreateBaseImageResult(null); - result.setSucess(false); + result.setSuccess(false); result.setResult(e.toString()); callback.complete(result); return null; @@ -145,7 +145,7 @@ public class TemplateInstallStrategyImpl implements TemplateInstallStrategy { s_logger.debug("state transation failed", e1); } CreateBaseImageResult result = new CreateBaseImageResult(null); - result.setSucess(false); + result.setSuccess(false); result.setResult(e.toString()); callback.complete(result); return null; diff --git a/packaging/centos63/cloud.spec b/packaging/centos63/cloud.spec index 9ce46c97c42..c2c6fe734cd 100644 --- a/packaging/centos63/cloud.spec +++ b/packaging/centos63/cloud.spec @@ -278,6 +278,8 @@ cp plugins/hypervisors/kvm/target/dependencies/* ${RPM_BUILD_ROOT}%{_datadir}/% mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/usage mkdir -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}-usage/lib install -D usage/target/cloud-usage-%{_maventag}.jar ${RPM_BUILD_ROOT}%{_datadir}/%{name}-usage/cloud-usage-%{_maventag}.jar +install -D usage/target/transformed/db.properties ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/usage/db.properties +install -D usage/target/transformed/log4j-cloud_usage.xml ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/usage/log4j-cloud.xml cp usage/target/dependencies/* ${RPM_BUILD_ROOT}%{_datadir}/%{name}-usage/lib/ install -D packaging/centos63/cloud-usage.rc ${RPM_BUILD_ROOT}/%{_sysconfdir}/init.d/%{name}-usage mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/log/%{name}/usage/ @@ -438,6 +440,20 @@ if [ -f "%{_sysconfdir}/cloud.rpmsave/agent/agent.properties" ]; then mv %{_sysconfdir}/cloud.rpmsave/agent/agent.properties %{_sysconfdir}/cloud.rpmsave/agent/agent.properties.rpmsave fi +%post usage +if [ -f "%{_sysconfdir}/%{name}/management/db.properties" ]; then + echo Replacing db.properties with management server db.properties + rm -f %{_sysconfdir}/%{name}/usage/db.properties + ln -s %{_sysconfdir}/%{name}/management/db.properties %{_sysconfdir}/%{name}/usage/db.properties +fi + +if [ -f "%{_sysconfdir}/%{name}/management/log4j-cloud.xml" ]; then + echo Replacing log4j-cloud.xml with management server log4j-cloud.xml + rm -f %{_sysconfdir}/%{name}/usage/log4j-cloud.xml + ln -s %{_sysconfdir}/%{name}/management/log4j-cloud.xml %{_sysconfdir}/%{name}/usage/log4j-cloud.xml +fi + + #%post awsapi #if [ -d "%{_datadir}/%{name}-management" ] ; then # ln -s %{_datadir}/%{name}-bridge/webapps %{_datadir}/%{name}-management/webapps7080 @@ -533,7 +549,8 @@ fi %attr(0644,root,root) %{_datadir}/%{name}-usage/*.jar %attr(0644,root,root) %{_datadir}/%{name}-usage/lib/*.jar %dir /var/log/%{name}/usage -%dir %{_sysconfdir}/%{name}/usage +%attr(0644,root,root) %{_sysconfdir}/%{name}/usage/db.properties +%attr(0644,root,root) %{_sysconfdir}/%{name}/usage/log4j-cloud.xml %{_defaultdocdir}/%{name}-usage-%{version}/LICENSE %{_defaultdocdir}/%{name}-usage-%{version}/NOTICE diff --git a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/guru/VMwareGuru.java b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/guru/VMwareGuru.java index f6f0923c7ae..122ba3b9dba 100644 --- a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/guru/VMwareGuru.java +++ b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/guru/VMwareGuru.java @@ -52,7 +52,9 @@ import com.cloud.hypervisor.HypervisorGuru; import com.cloud.hypervisor.HypervisorGuruBase; import com.cloud.hypervisor.vmware.manager.VmwareManager; import com.cloud.hypervisor.vmware.mo.VirtualEthernetCardType; +import com.cloud.network.Network.Provider; import com.cloud.network.NetworkModel; +import com.cloud.network.Network.Service; import com.cloud.network.Networks.TrafficType; import com.cloud.network.dao.NetworkDao; import com.cloud.network.dao.NetworkVO; @@ -143,13 +145,23 @@ public class VMwareGuru extends HypervisorGuruBase implements HypervisorGuru { details.put(VmDetailConstants.ROOK_DISK_CONTROLLER, _vmwareMgr.getRootDiskController()); } } - + + List nicProfiles = vm.getNics(); + + for(NicProfile nicProfile : nicProfiles) { + if(nicProfile.getTrafficType() == TrafficType.Guest) { + if(_networkMgr.isProviderSupportServiceInNetwork(nicProfile.getNetworkId(), Service.Firewall, Provider.CiscoVnmc)) { + details.put("ConfigureVServiceInNexus", Boolean.TRUE.toString()); + } + break; + } + } + to.setDetails(details); if(vm.getVirtualMachine() instanceof DomainRouterVO) { - List nicProfiles = vm.getNics(); - NicProfile publicNicProfile = null; + NicProfile publicNicProfile = null; for(NicProfile nicProfile : nicProfiles) { if(nicProfile.getTrafficType() == TrafficType.Public) { publicNicProfile = nicProfile; diff --git a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/manager/VmwareManagerImpl.java b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/manager/VmwareManagerImpl.java index b2e37685d17..eb09af0d67e 100755 --- a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/manager/VmwareManagerImpl.java +++ b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/manager/VmwareManagerImpl.java @@ -317,8 +317,7 @@ public class VmwareManagerImpl extends ManagerBase implements VmwareManager, Vmw } s_logger.info("Preparing network on host " + hostMo.getContext().toString() + " for " + privateTrafficLabel); - HypervisorHostHelper.prepareNetwork(vSwitchName, "cloud.private", hostMo, vlanId, null, null, 180000, false); - + HypervisorHostHelper.prepareNetwork(vSwitchName, "cloud.private", hostMo, vlanId, null, null, 180000, false); } @Override diff --git a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java index f569595b8b0..3dc23ccb060 100755 --- a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java +++ b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java @@ -1329,7 +1329,7 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa NicTO nicTo = cmd.getNic(); VirtualDevice nic; - Pair networkInfo = prepareNetworkFromNicInfo(vmMo.getRunningHost(), nicTo); + Pair networkInfo = prepareNetworkFromNicInfo(vmMo.getRunningHost(), nicTo, false); if (VmwareHelper.isDvPortGroup(networkInfo.first())) { String dvSwitchUuid; ManagedObjectReference dcMor = hyperHost.getHyperHostDatacenter(); @@ -1571,7 +1571,7 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa vmMo.getRunningHost(), vlanId, null, null, this._ops_timeout, true); } else { networkInfo = HypervisorHostHelper.prepareNetwork(this._publicTrafficInfo.getVirtualSwitchName(), "cloud.public", - vmMo.getRunningHost(), vlanId, null, null, this._ops_timeout, vSwitchType, _portsPerDvPortGroup); + vmMo.getRunningHost(), vlanId, null, null, this._ops_timeout, vSwitchType, _portsPerDvPortGroup, null, false); } int nicIndex = allocPublicNicIndex(vmMo); @@ -2304,7 +2304,8 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa for (NicTO nicTo : sortNicsByDeviceId(nics)) { s_logger.info("Prepare NIC device based on NicTO: " + _gson.toJson(nicTo)); - Pair networkInfo = prepareNetworkFromNicInfo(vmMo.getRunningHost(), nicTo); + boolean configureVServiceInNexus = (nicTo.getType() == TrafficType.Guest) && (vmSpec.getDetails().containsKey("ConfigureVServiceInNexus")); + Pair networkInfo = prepareNetworkFromNicInfo(vmMo.getRunningHost(), nicTo, configureVServiceInNexus); if (VmwareHelper.isDvPortGroup(networkInfo.first())) { String dvSwitchUuid; ManagedObjectReference dcMor = hyperHost.getHyperHostDatacenter(); @@ -2504,7 +2505,7 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa return defaultVlan; } - private Pair prepareNetworkFromNicInfo(HostMO hostMo, NicTO nicTo) throws Exception { + private Pair prepareNetworkFromNicInfo(HostMO hostMo, NicTO nicTo, boolean configureVServiceInNexus) throws Exception { Pair switchName; TrafficType trafficType; VirtualSwitchType switchType; @@ -2534,7 +2535,7 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa } else { networkInfo = HypervisorHostHelper.prepareNetwork(switchName.first(), namePrefix, hostMo, getVlanInfo(nicTo, switchName.second()), - nicTo.getNetworkRateMbps(), nicTo.getNetworkRateMulticastMbps(), _ops_timeout, switchType, _portsPerDvPortGroup); + nicTo.getNetworkRateMbps(), nicTo.getNetworkRateMulticastMbps(), _ops_timeout, switchType, _portsPerDvPortGroup, nicTo.getGateway(), configureVServiceInNexus); } return networkInfo; @@ -3024,7 +3025,7 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa NicTO[] nics = vm.getNics(); for (NicTO nic : nics) { // prepare network on the host - prepareNetworkFromNicInfo(new HostMO(getServiceContext(), _morHyperHost), nic); + prepareNetworkFromNicInfo(new HostMO(getServiceContext(), _morHyperHost), nic, false); } String secStoreUrl = mgr.getSecondaryStorageStoreUrl(Long.parseLong(_dcId)); diff --git a/plugins/network-elements/cisco-vnmc/pom.xml b/plugins/network-elements/cisco-vnmc/pom.xml new file mode 100644 index 00000000000..1ac6bd8d8c9 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/pom.xml @@ -0,0 +1,42 @@ + + + 4.0.0 + cloud-plugin-network-cisco-vnmc + Apache CloudStack Plugin - Cisco VNMC + + org.apache.cloudstack + cloudstack-plugins + 4.2.0-SNAPSHOT + ../../pom.xml + + + + org.apache.cloudstack + cloud-plugin-hypervisor-vmware + ${project.version} + + + org.apache.cloudstack + cloud-vmware-base + ${project.version} + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/assoc-asa1000v.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/assoc-asa1000v.xml new file mode 100644 index 00000000000..b0249db741b --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/assoc-asa1000v.xml @@ -0,0 +1,34 @@ + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-acl-policy-set.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-acl-policy-set.xml new file mode 100755 index 00000000000..e3113ae22c7 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-acl-policy-set.xml @@ -0,0 +1,37 @@ + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-dhcp-policy.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-dhcp-policy.xml new file mode 100644 index 00000000000..e866f51e366 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-dhcp-policy.xml @@ -0,0 +1,34 @@ + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-dhcp-server.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-dhcp-server.xml new file mode 100644 index 00000000000..930e4ec77a2 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-dhcp-server.xml @@ -0,0 +1,32 @@ + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-nat-policy-set.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-nat-policy-set.xml new file mode 100644 index 00000000000..6d67c31c5d6 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-nat-policy-set.xml @@ -0,0 +1,35 @@ + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-route-policy.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-route-policy.xml new file mode 100644 index 00000000000..8884a1b9686 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-route-policy.xml @@ -0,0 +1,33 @@ + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-policy-ref.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-policy-ref.xml new file mode 100755 index 00000000000..c534c327194 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-policy-ref.xml @@ -0,0 +1,38 @@ + + + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-policy-set.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-policy-set.xml new file mode 100755 index 00000000000..b475d2ca564 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-policy-set.xml @@ -0,0 +1,36 @@ + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-policy.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-policy.xml new file mode 100755 index 00000000000..e71cd429858 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-policy.xml @@ -0,0 +1,35 @@ + + + + + + + + \ No newline at end of file diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-rule-for-dnat.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-rule-for-dnat.xml new file mode 100755 index 00000000000..5b6aaa3f59b --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-rule-for-dnat.xml @@ -0,0 +1,82 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-rule-for-pf.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-rule-for-pf.xml new file mode 100755 index 00000000000..1a1d9cbf3e2 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-acl-rule-for-pf.xml @@ -0,0 +1,156 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-dhcp-policy.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-dhcp-policy.xml new file mode 100644 index 00000000000..5bb4abcd8e1 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-dhcp-policy.xml @@ -0,0 +1,72 @@ + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-dnat-rule.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-dnat-rule.xml new file mode 100755 index 00000000000..bd8dbff6d32 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-dnat-rule.xml @@ -0,0 +1,91 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-edge-device-profile.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-edge-device-profile.xml new file mode 100644 index 00000000000..c4bdd026186 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-edge-device-profile.xml @@ -0,0 +1,32 @@ + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-edge-device-route-policy.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-edge-device-route-policy.xml new file mode 100644 index 00000000000..69f4a5f7bfd --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-edge-device-route-policy.xml @@ -0,0 +1,30 @@ + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-edge-device-route.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-edge-device-route.xml new file mode 100644 index 00000000000..126c188f979 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-edge-device-route.xml @@ -0,0 +1,35 @@ + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-edge-firewall.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-edge-firewall.xml new file mode 100644 index 00000000000..e5447e39e63 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-edge-firewall.xml @@ -0,0 +1,89 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-edge-security-profile.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-edge-security-profile.xml new file mode 100644 index 00000000000..e2f5eaf0686 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-edge-security-profile.xml @@ -0,0 +1,41 @@ + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-egress-acl-rule.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-egress-acl-rule.xml new file mode 100755 index 00000000000..930272ed8ee --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-egress-acl-rule.xml @@ -0,0 +1,201 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-generic-egress-acl-rule.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-generic-egress-acl-rule.xml new file mode 100755 index 00000000000..92c25043dad --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-generic-egress-acl-rule.xml @@ -0,0 +1,122 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-generic-ingress-acl-rule.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-generic-ingress-acl-rule.xml new file mode 100755 index 00000000000..7c1164138bc --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-generic-ingress-acl-rule.xml @@ -0,0 +1,121 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-ingress-acl-rule.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-ingress-acl-rule.xml new file mode 100755 index 00000000000..1af30b44416 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-ingress-acl-rule.xml @@ -0,0 +1,201 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-ip-pool.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-ip-pool.xml new file mode 100755 index 00000000000..4cf0451c33d --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-ip-pool.xml @@ -0,0 +1,58 @@ + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-nat-policy-ref.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-nat-policy-ref.xml new file mode 100755 index 00000000000..450d40c9d6d --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-nat-policy-ref.xml @@ -0,0 +1,38 @@ + + + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-nat-policy-set.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-nat-policy-set.xml new file mode 100644 index 00000000000..090caf15cb4 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-nat-policy-set.xml @@ -0,0 +1,37 @@ + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-nat-policy.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-nat-policy.xml new file mode 100755 index 00000000000..0b556f42a84 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-nat-policy.xml @@ -0,0 +1,33 @@ + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-pf-rule.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-pf-rule.xml new file mode 100755 index 00000000000..a8a631f5d7f --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-pf-rule.xml @@ -0,0 +1,166 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-port-pool.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-port-pool.xml new file mode 100755 index 00000000000..e1b7be024f7 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-port-pool.xml @@ -0,0 +1,72 @@ + + + + + + + + + + + + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-source-nat-pool.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-source-nat-pool.xml new file mode 100644 index 00000000000..2ad1e8798a5 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-source-nat-pool.xml @@ -0,0 +1,58 @@ + + + + + + + + + + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-source-nat-rule.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-source-nat-rule.xml new file mode 100644 index 00000000000..a3ee9875e19 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-source-nat-rule.xml @@ -0,0 +1,103 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-tenant.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-tenant.xml new file mode 100644 index 00000000000..085b7a2e533 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-tenant.xml @@ -0,0 +1,29 @@ + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-vdc.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-vdc.xml new file mode 100644 index 00000000000..4cb805ecf7e --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-vdc.xml @@ -0,0 +1,30 @@ + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-acl-policy-set.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-acl-policy-set.xml new file mode 100755 index 00000000000..2c5578659c7 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-acl-policy-set.xml @@ -0,0 +1,30 @@ + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-acl-policy.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-acl-policy.xml new file mode 100755 index 00000000000..b1a27650419 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-acl-policy.xml @@ -0,0 +1,33 @@ + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-edge-firewall.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-edge-firewall.xml new file mode 100755 index 00000000000..992d6a1ab62 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-edge-firewall.xml @@ -0,0 +1,30 @@ + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-edge-security-profile.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-edge-security-profile.xml new file mode 100755 index 00000000000..f394fe91d9e --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-edge-security-profile.xml @@ -0,0 +1,38 @@ + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-nat-policy-set.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-nat-policy-set.xml new file mode 100755 index 00000000000..3f4c08d747f --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-nat-policy-set.xml @@ -0,0 +1,30 @@ + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-nat-policy.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-nat-policy.xml new file mode 100755 index 00000000000..6c3ed7b9f48 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-nat-policy.xml @@ -0,0 +1,33 @@ + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-rule.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-rule.xml new file mode 100755 index 00000000000..e56e9190496 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-rule.xml @@ -0,0 +1,31 @@ + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-tenant.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-tenant.xml new file mode 100755 index 00000000000..05bef9a2906 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-tenant.xml @@ -0,0 +1,30 @@ + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-vdc.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-vdc.xml new file mode 100755 index 00000000000..fbc2312c208 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/delete-vdc.xml @@ -0,0 +1,30 @@ + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/disassoc-asa1000v.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/disassoc-asa1000v.xml new file mode 100755 index 00000000000..448b65f0d53 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/disassoc-asa1000v.xml @@ -0,0 +1,30 @@ + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/list-acl-policies.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/list-acl-policies.xml new file mode 100755 index 00000000000..aec800e9f4a --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/list-acl-policies.xml @@ -0,0 +1,31 @@ + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/list-children.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/list-children.xml new file mode 100755 index 00000000000..f272999a76c --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/list-children.xml @@ -0,0 +1,27 @@ + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/list-nat-policies.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/list-nat-policies.xml new file mode 100755 index 00000000000..720ced06d8a --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/list-nat-policies.xml @@ -0,0 +1,31 @@ + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/list-policyrefs-in-policyset.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/list-policyrefs-in-policyset.xml new file mode 100755 index 00000000000..c53af90369d --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/list-policyrefs-in-policyset.xml @@ -0,0 +1,31 @@ + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/list-tenants.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/list-tenants.xml new file mode 100644 index 00000000000..63ae848b3e1 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/list-tenants.xml @@ -0,0 +1,26 @@ + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/list-unassigned-asa1000v.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/list-unassigned-asa1000v.xml new file mode 100644 index 00000000000..539f330da8a --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/list-unassigned-asa1000v.xml @@ -0,0 +1,39 @@ + + + + + + + + + + + + diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/login.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/login.xml new file mode 100644 index 00000000000..8e1c435ea15 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/login.xml @@ -0,0 +1,20 @@ + + + diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/agent/api/AssociateAsaWithLogicalEdgeFirewallCommand.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/agent/api/AssociateAsaWithLogicalEdgeFirewallCommand.java new file mode 100755 index 00000000000..a438cbc0e59 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/agent/api/AssociateAsaWithLogicalEdgeFirewallCommand.java @@ -0,0 +1,53 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.agent.api; + +/** + * Associates an ASA 1000v appliance with logical edge firewall in VNMC + */ +public class AssociateAsaWithLogicalEdgeFirewallCommand extends Command { + private long _vlanId; + private String _asaMgmtIp; + + public AssociateAsaWithLogicalEdgeFirewallCommand(long vlanId, String asaMgmtIp) { + super(); + this._vlanId = vlanId; + this._asaMgmtIp = asaMgmtIp; + } + + @Override + public boolean executeInSequence() { + return false; + } + + public long getVlanId() { + return _vlanId; + } + + public void setVlanId(long vlanId) { + this._vlanId = vlanId; + } + + public String getAsaMgmtIp() { + return _asaMgmtIp; + } + + public void setAsaMgmtIp(String asaMgmtIp) { + this._asaMgmtIp = asaMgmtIp; + } + +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/agent/api/CleanupLogicalEdgeFirewallCommand.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/agent/api/CleanupLogicalEdgeFirewallCommand.java new file mode 100755 index 00000000000..c9f7f8c4c83 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/agent/api/CleanupLogicalEdgeFirewallCommand.java @@ -0,0 +1,43 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.agent.api; + +/** + * Command for cleaning up logical edge firewall in VNMC + */ +public class CleanupLogicalEdgeFirewallCommand extends Command { + private long _vlanId; + + public CleanupLogicalEdgeFirewallCommand(long vlanId) { + super(); + this._vlanId = vlanId; + } + + @Override + public boolean executeInSequence() { + return false; + } + + public long getVlanId() { + return _vlanId; + } + + public void setVlanId(long vlanId) { + this._vlanId = vlanId; + } + +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/agent/api/ConfigureNexusVsmForAsaCommand.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/agent/api/ConfigureNexusVsmForAsaCommand.java new file mode 100755 index 00000000000..b20ad1f2df6 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/agent/api/ConfigureNexusVsmForAsaCommand.java @@ -0,0 +1,95 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.agent.api; + +/** + * Command for configuring n1kv VSM for asa1kv device. It does the following in VSM: + * a. creating vservice node for asa1kv + * b. updating vlan of inside port profile associated with asa1kv + */ +public class ConfigureNexusVsmForAsaCommand extends Command { + private long _vlanId; + private String _ipAddress; + private String _vsmUsername; + private String _vsmPassword; + private String _vsmIp; + private String _asaInPortProfile; + + public ConfigureNexusVsmForAsaCommand(long vlanId, String ipAddress, + String vsmUsername, String vsmPassword, String vsmIp, String asaInPortProfile) { + super(); + this._vlanId = vlanId; + this._ipAddress = ipAddress; + this._vsmUsername = vsmUsername; + this._vsmPassword = vsmPassword; + this._vsmIp = vsmIp; + this._asaInPortProfile = asaInPortProfile; + } + + @Override + public boolean executeInSequence() { + return false; + } + + public long getVlanId() { + return _vlanId; + } + + public void setVlanId(long _vlanId) { + this._vlanId = _vlanId; + } + + public String getIpAddress() { + return _ipAddress; + } + + public void setIpAddress(String _ipAddress) { + this._ipAddress = _ipAddress; + } + + public String getVsmUsername() { + return _vsmUsername; + } + + public void setVsmUsername(String _vsmUsername) { + this._vsmUsername = _vsmUsername; + } + + public String getVsmPassword() { + return _vsmPassword; + } + + public void setVsmPassword(String _vsmPassword) { + this._vsmPassword = _vsmPassword; + } + + public String getVsmIp() { + return _vsmIp; + } + + public void setVsmIp(String _vsmIp) { + this._vsmIp = _vsmIp; + } + + public String getAsaInPortProfile() { + return _asaInPortProfile; + } + + public void setAsaInPortProfile(String _asaInPortProfile) { + this._asaInPortProfile = _asaInPortProfile; + } +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/agent/api/CreateLogicalEdgeFirewallCommand.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/agent/api/CreateLogicalEdgeFirewallCommand.java new file mode 100755 index 00000000000..def8225acf1 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/agent/api/CreateLogicalEdgeFirewallCommand.java @@ -0,0 +1,94 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.agent.api; + +import java.util.ArrayList; +import java.util.List; + +/** + * Command for creating a logical edge firewall in VNMC + */ +public class CreateLogicalEdgeFirewallCommand extends Command { + private long _vlanId; + private String _publicIp; + private String _internalIp; + private String _publicSubnet; + private String _internalSubnet; + private List _publicGateways; + + public CreateLogicalEdgeFirewallCommand(long vlanId, + String publicIp, String internalIp, + String publicSubnet, String internalSubnet) { + super(); + this._vlanId = vlanId; + this._publicIp = publicIp; + this._internalIp = internalIp; + this._publicSubnet = publicSubnet; + this.setInternalSubnet(internalSubnet); + _publicGateways = new ArrayList(); + } + + @Override + public boolean executeInSequence() { + return false; + } + + public long getVlanId() { + return _vlanId; + } + + public void setVlanId(long vlanId) { + this._vlanId = vlanId; + } + + public String getPublicIp() { + return _publicIp; + } + + public void setPublicIp(String publicIp) { + this._publicIp = publicIp; + } + + public String getInternalIp() { + return _internalIp; + } + + public void setInternalIp(String internalIp) { + this._internalIp = internalIp; + } + + public String getPublicSubnet() { + return _publicSubnet; + } + + public void setPublicSubnet(String publicSubnet) { + this._publicSubnet = publicSubnet; + } + + public String getInternalSubnet() { + return _internalSubnet; + } + + public void setInternalSubnet(String _internalSubnet) { + this._internalSubnet = _internalSubnet; + } + + public List getPublicGateways() { + return _publicGateways; + } + +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/api/commands/AddCiscoAsa1000vResourceCmd.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/api/commands/AddCiscoAsa1000vResourceCmd.java new file mode 100755 index 00000000000..c880199f5c4 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/api/commands/AddCiscoAsa1000vResourceCmd.java @@ -0,0 +1,116 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.api.commands; + +import javax.inject.Inject; + +import org.apache.cloudstack.api.APICommand; +import org.apache.cloudstack.api.ApiConstants; +import org.apache.cloudstack.api.ApiErrorCode; +import org.apache.cloudstack.api.BaseCmd; +import org.apache.cloudstack.api.Parameter; +import org.apache.cloudstack.api.ServerApiException; +import org.apache.cloudstack.api.response.ClusterResponse; +import org.apache.cloudstack.api.response.PhysicalNetworkResponse; +import org.apache.log4j.Logger; + +import com.cloud.api.response.CiscoAsa1000vResourceResponse; +import com.cloud.exception.ConcurrentOperationException; +import com.cloud.exception.InsufficientCapacityException; +import com.cloud.exception.InvalidParameterValueException; +import com.cloud.exception.ResourceAllocationException; +import com.cloud.exception.ResourceUnavailableException; +import com.cloud.network.cisco.CiscoAsa1000vDevice; +import com.cloud.network.element.CiscoAsa1000vService; +import com.cloud.user.UserContext; +import com.cloud.utils.exception.CloudRuntimeException; + +@APICommand(name="addCiscoAsa1000vResource", responseObject=CiscoAsa1000vResourceResponse.class, description="Adds a Cisco Asa 1000v appliance") +public class AddCiscoAsa1000vResourceCmd extends BaseCmd { + private static final Logger s_logger = Logger.getLogger(AddCiscoAsa1000vResourceCmd.class.getName()); + private static final String s_name = "addCiscoAsa1000vResource"; + @Inject CiscoAsa1000vService _ciscoAsa1000vService; + + ///////////////////////////////////////////////////// + //////////////// API parameters ///////////////////// + ///////////////////////////////////////////////////// + + @Parameter(name=ApiConstants.PHYSICAL_NETWORK_ID, type=CommandType.UUID, entityType = PhysicalNetworkResponse.class, required=true, description="the Physical Network ID") + private Long physicalNetworkId; + + @Parameter(name=ApiConstants.HOST_NAME, type=CommandType.STRING, required = true, description="Hostname or ip address of the Cisco ASA 1000v appliance.") + private String host; + + @Parameter(name=ApiConstants.ASA_INSIDE_PORT_PROFILE, type=CommandType.STRING, required = true, description="Nexus port profile associated with inside interface of ASA 1000v") + private String inPortProfile; + + @Parameter(name=ApiConstants.CLUSTER_ID, type=CommandType.UUID, entityType = ClusterResponse.class, required=true, description="the Cluster ID") + private Long clusterId; + + ///////////////////////////////////////////////////// + /////////////////// Accessors /////////////////////// + ///////////////////////////////////////////////////// + + public Long getPhysicalNetworkId() { + return physicalNetworkId; + } + + public String getManagementIp() { + return host; + } + + public String getInPortProfile() { + return inPortProfile; + } + + public Long getClusterId() { + return clusterId; + } + + ///////////////////////////////////////////////////// + /////////////// API Implementation/////////////////// + ///////////////////////////////////////////////////// + + @Override + public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException, ConcurrentOperationException, ResourceAllocationException { + try { + CiscoAsa1000vDevice ciscoAsa1000v = _ciscoAsa1000vService.addCiscoAsa1000vResource(this); + if (ciscoAsa1000v != null) { + CiscoAsa1000vResourceResponse response = _ciscoAsa1000vService.createCiscoAsa1000vResourceResponse(ciscoAsa1000v); + response.setObjectName("CiscoAsa1000vResource"); + response.setResponseName(getCommandName()); + this.setResponseObject(response); + } else { + throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to add Cisco ASA 1000v appliance due to internal error."); + } + } catch (InvalidParameterValueException invalidParamExcp) { + throw new ServerApiException(ApiErrorCode.PARAM_ERROR, invalidParamExcp.getMessage()); + } catch (CloudRuntimeException runtimeExcp) { + throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, runtimeExcp.getMessage()); + } + } + + @Override + public String getCommandName() { + return s_name; + } + + @Override + public long getEntityOwnerId() { + return UserContext.current().getCaller().getId(); + } +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/api/commands/AddCiscoVnmcResourceCmd.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/api/commands/AddCiscoVnmcResourceCmd.java new file mode 100644 index 00000000000..bfd6db95434 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/api/commands/AddCiscoVnmcResourceCmd.java @@ -0,0 +1,115 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.api.commands; + +import javax.inject.Inject; + +import org.apache.cloudstack.api.APICommand; +import org.apache.cloudstack.api.ApiConstants; +import org.apache.cloudstack.api.ApiErrorCode; +import org.apache.cloudstack.api.BaseCmd; +import org.apache.cloudstack.api.Parameter; +import org.apache.cloudstack.api.ServerApiException; +import org.apache.cloudstack.api.response.PhysicalNetworkResponse; +import org.apache.log4j.Logger; + +import com.cloud.api.response.CiscoVnmcResourceResponse; +import com.cloud.exception.ConcurrentOperationException; +import com.cloud.exception.InsufficientCapacityException; +import com.cloud.exception.InvalidParameterValueException; +import com.cloud.exception.ResourceAllocationException; +import com.cloud.exception.ResourceUnavailableException; +import com.cloud.network.cisco.CiscoVnmcController; +import com.cloud.network.element.CiscoVnmcElementService; +import com.cloud.user.UserContext; +import com.cloud.utils.exception.CloudRuntimeException; + +@APICommand(name="addCiscoVnmcResource", responseObject=CiscoVnmcResourceResponse.class, description="Adds a Cisco Vnmc Controller") +public class AddCiscoVnmcResourceCmd extends BaseCmd { + private static final Logger s_logger = Logger.getLogger(AddCiscoVnmcResourceCmd.class.getName()); + private static final String s_name = "addCiscoVnmcResource"; + @Inject CiscoVnmcElementService _ciscoVnmcElementService; + + ///////////////////////////////////////////////////// + //////////////// API parameters ///////////////////// + ///////////////////////////////////////////////////// + + @Parameter(name=ApiConstants.PHYSICAL_NETWORK_ID, type=CommandType.UUID, entityType = PhysicalNetworkResponse.class, required=true, description="the Physical Network ID") + private Long physicalNetworkId; + + @Parameter(name=ApiConstants.HOST_NAME, type=CommandType.STRING, required = true, description="Hostname or ip address of the Cisco VNMC Controller.") + private String host; + + @Parameter(name=ApiConstants.USERNAME, type=CommandType.STRING, required = true, description="Credentials to access the Cisco VNMC Controller API") + private String username; + + @Parameter(name=ApiConstants.PASSWORD, type=CommandType.STRING, required = true, description="Credentials to access the Cisco VNMC Controller API") + private String password; + + ///////////////////////////////////////////////////// + /////////////////// Accessors /////////////////////// + ///////////////////////////////////////////////////// + + public Long getPhysicalNetworkId() { + return physicalNetworkId; + } + + public String getHost() { + return host; + } + + public String getUsername() { + return username; + } + + public String getPassword() { + return password; + } + + ///////////////////////////////////////////////////// + /////////////// API Implementation/////////////////// + ///////////////////////////////////////////////////// + + @Override + public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException, ConcurrentOperationException, ResourceAllocationException { + try { + CiscoVnmcController CiscoVnmcResourceVO = _ciscoVnmcElementService.addCiscoVnmcResource(this); + if (CiscoVnmcResourceVO != null) { + CiscoVnmcResourceResponse response = _ciscoVnmcElementService.createCiscoVnmcResourceResponse(CiscoVnmcResourceVO); + response.setObjectName("CiscoVnmcResource"); + response.setResponseName(getCommandName()); + this.setResponseObject(response); + } else { + throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to add Cisco VNMC controller due to internal error."); + } + } catch (InvalidParameterValueException invalidParamExcp) { + throw new ServerApiException(ApiErrorCode.PARAM_ERROR, invalidParamExcp.getMessage()); + } catch (CloudRuntimeException runtimeExcp) { + throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, runtimeExcp.getMessage()); + } + } + + @Override + public String getCommandName() { + return s_name; + } + + @Override + public long getEntityOwnerId() { + return UserContext.current().getCaller().getId(); + } +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/api/commands/DeleteCiscoAsa1000vResourceCmd.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/api/commands/DeleteCiscoAsa1000vResourceCmd.java new file mode 100755 index 00000000000..d4f86fa527a --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/api/commands/DeleteCiscoAsa1000vResourceCmd.java @@ -0,0 +1,93 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.api.commands; + +import javax.inject.Inject; + +import org.apache.cloudstack.api.APICommand; +import org.apache.cloudstack.api.ApiConstants; +import org.apache.cloudstack.api.ApiErrorCode; +import org.apache.cloudstack.api.BaseCmd; +import org.apache.cloudstack.api.Parameter; +import org.apache.cloudstack.api.ServerApiException; +import org.apache.cloudstack.api.response.SuccessResponse; +import org.apache.log4j.Logger; + +import com.cloud.api.response.CiscoAsa1000vResourceResponse; +import com.cloud.exception.ConcurrentOperationException; +import com.cloud.exception.InsufficientCapacityException; +import com.cloud.exception.InvalidParameterValueException; +import com.cloud.exception.ResourceAllocationException; +import com.cloud.exception.ResourceUnavailableException; +import com.cloud.network.element.CiscoAsa1000vService; +import com.cloud.user.UserContext; +import com.cloud.utils.exception.CloudRuntimeException; + +@APICommand(name="deleteCiscoAsa1000vResource", responseObject=SuccessResponse.class, description="Deletes a Cisco ASA 1000v appliance") +public class DeleteCiscoAsa1000vResourceCmd extends BaseCmd { + private static final Logger s_logger = Logger.getLogger(DeleteCiscoAsa1000vResourceCmd.class.getName()); + private static final String s_name = "deleteCiscoAsa1000vResource"; + @Inject CiscoAsa1000vService _ciscoAsa1000vService; + + ///////////////////////////////////////////////////// + //////////////// API parameters ///////////////////// + ///////////////////////////////////////////////////// + + @Parameter(name=ApiConstants.RESOURCE_ID, type=CommandType.UUID, required=true, entityType=CiscoAsa1000vResourceResponse.class, description="Cisco ASA 1000v resource ID") + private Long ciscoAsa1000vResourceId; + + ///////////////////////////////////////////////////// + /////////////////// Accessors /////////////////////// + ///////////////////////////////////////////////////// + + public Long getCiscoAsa1000vResourceId() { + return ciscoAsa1000vResourceId; + } + + ///////////////////////////////////////////////////// + /////////////// API Implementation/////////////////// + ///////////////////////////////////////////////////// + + @Override + public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException, ConcurrentOperationException, ResourceAllocationException { + try { + boolean result = _ciscoAsa1000vService.deleteCiscoAsa1000vResource(this); + if (result) { + SuccessResponse response = new SuccessResponse(getCommandName()); + response.setResponseName(getCommandName()); + this.setResponseObject(response); + } else { + throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to delete Cisco ASA 1000v appliance."); + } + } catch (InvalidParameterValueException invalidParamExcp) { + throw new ServerApiException(ApiErrorCode.PARAM_ERROR, invalidParamExcp.getMessage()); + } catch (CloudRuntimeException runtimeExcp) { + throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, runtimeExcp.getMessage()); + } + } + + @Override + public String getCommandName() { + return s_name; + } + + @Override + public long getEntityOwnerId() { + return UserContext.current().getCaller().getId(); + } + +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/api/commands/DeleteCiscoVnmcResourceCmd.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/api/commands/DeleteCiscoVnmcResourceCmd.java new file mode 100644 index 00000000000..d2a37202f0a --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/api/commands/DeleteCiscoVnmcResourceCmd.java @@ -0,0 +1,93 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.api.commands; + +import javax.inject.Inject; + +import org.apache.cloudstack.api.APICommand; +import org.apache.cloudstack.api.ApiConstants; +import org.apache.cloudstack.api.ApiErrorCode; +import org.apache.cloudstack.api.BaseCmd; +import org.apache.cloudstack.api.Parameter; +import org.apache.cloudstack.api.ServerApiException; +import org.apache.cloudstack.api.response.SuccessResponse; +import org.apache.log4j.Logger; + +import com.cloud.api.response.CiscoVnmcResourceResponse; +import com.cloud.exception.ConcurrentOperationException; +import com.cloud.exception.InsufficientCapacityException; +import com.cloud.exception.InvalidParameterValueException; +import com.cloud.exception.ResourceAllocationException; +import com.cloud.exception.ResourceUnavailableException; +import com.cloud.network.element.CiscoVnmcElementService; +import com.cloud.user.UserContext; +import com.cloud.utils.exception.CloudRuntimeException; + +@APICommand(name="deleteCiscoVnmcResource", responseObject=SuccessResponse.class, description="Deletes a Cisco Vnmc controller") +public class DeleteCiscoVnmcResourceCmd extends BaseCmd { + private static final Logger s_logger = Logger.getLogger(DeleteCiscoVnmcResourceCmd.class.getName()); + private static final String s_name = "deleteCiscoVnmcResource"; + @Inject CiscoVnmcElementService _ciscoVnmcElementService; + + ///////////////////////////////////////////////////// + //////////////// API parameters ///////////////////// + ///////////////////////////////////////////////////// + + @Parameter(name=ApiConstants.RESOURCE_ID, type=CommandType.UUID, required=true, entityType=CiscoVnmcResourceResponse.class, description="Cisco Vnmc resource ID") + private Long ciscoVnmcResourceId; + + ///////////////////////////////////////////////////// + /////////////////// Accessors /////////////////////// + ///////////////////////////////////////////////////// + + public Long getCiscoVnmcResourceId() { + return ciscoVnmcResourceId; + } + + ///////////////////////////////////////////////////// + /////////////// API Implementation/////////////////// + ///////////////////////////////////////////////////// + + @Override + public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException, ConcurrentOperationException, ResourceAllocationException { + try { + boolean result = _ciscoVnmcElementService.deleteCiscoVnmcResource(this); + if (result) { + SuccessResponse response = new SuccessResponse(getCommandName()); + response.setResponseName(getCommandName()); + this.setResponseObject(response); + } else { + throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, "Failed to delete Cisco Vnmc resource."); + } + } catch (InvalidParameterValueException invalidParamExcp) { + throw new ServerApiException(ApiErrorCode.PARAM_ERROR, invalidParamExcp.getMessage()); + } catch (CloudRuntimeException runtimeExcp) { + throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, runtimeExcp.getMessage()); + } + } + + @Override + public String getCommandName() { + return s_name; + } + + @Override + public long getEntityOwnerId() { + return UserContext.current().getCaller().getId(); + } + +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/api/commands/ListCiscoAsa1000vResourcesCmd.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/api/commands/ListCiscoAsa1000vResourcesCmd.java new file mode 100755 index 00000000000..509d39fb5f9 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/api/commands/ListCiscoAsa1000vResourcesCmd.java @@ -0,0 +1,110 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.api.commands; + +import java.util.ArrayList; +import java.util.List; + +import javax.inject.Inject; + +import org.apache.cloudstack.api.APICommand; +import org.apache.cloudstack.api.ApiConstants; +import org.apache.cloudstack.api.ApiErrorCode; +import org.apache.cloudstack.api.BaseListCmd; +import org.apache.cloudstack.api.Parameter; +import org.apache.cloudstack.api.ServerApiException; +import org.apache.cloudstack.api.response.ListResponse; +import org.apache.cloudstack.api.response.PhysicalNetworkResponse; +import org.apache.log4j.Logger; + +import com.cloud.api.response.CiscoAsa1000vResourceResponse; +import com.cloud.exception.ConcurrentOperationException; +import com.cloud.exception.InsufficientCapacityException; +import com.cloud.exception.InvalidParameterValueException; +import com.cloud.exception.ResourceAllocationException; +import com.cloud.exception.ResourceUnavailableException; +import com.cloud.network.cisco.CiscoAsa1000vDevice; +import com.cloud.network.cisco.CiscoAsa1000vDeviceVO; +import com.cloud.network.element.CiscoAsa1000vService; +import com.cloud.utils.exception.CloudRuntimeException; + +@APICommand(name="listCiscoAsa1000vResources", responseObject=CiscoAsa1000vResourceResponse.class, description="Lists Cisco ASA 1000v appliances") +public class ListCiscoAsa1000vResourcesCmd extends BaseListCmd { + private static final Logger s_logger = Logger.getLogger(ListCiscoAsa1000vResourcesCmd.class.getName()); + private static final String s_name = "listCiscoAsa1000vResources"; + @Inject CiscoAsa1000vService _ciscoAsa1000vService; + + ///////////////////////////////////////////////////// + //////////////// API parameters ///////////////////// + ///////////////////////////////////////////////////// + + @Parameter(name=ApiConstants.PHYSICAL_NETWORK_ID, type=CommandType.UUID, entityType = PhysicalNetworkResponse.class, description="the Physical Network ID") + private Long physicalNetworkId; + + @Parameter(name=ApiConstants.RESOURCE_ID, type=CommandType.UUID, entityType=CiscoAsa1000vResourceResponse.class, description="Cisco ASA 1000v resource ID") + private Long ciscoAsa1000vResourceId; + + @Parameter(name=ApiConstants.HOST_NAME, type=CommandType.STRING, description="Hostname or ip address of the Cisco ASA 1000v appliance.") + private String host; + ///////////////////////////////////////////////////// + /////////////////// Accessors /////////////////////// + ///////////////////////////////////////////////////// + + public Long getCiscoAsa1000vResourceId() { + return ciscoAsa1000vResourceId; + } + + public Long getPhysicalNetworkId() { + return physicalNetworkId; + } + + public String getManagementIp() { + return host; + } + ///////////////////////////////////////////////////// + /////////////// API Implementation/////////////////// + ///////////////////////////////////////////////////// + + @Override + public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException, ConcurrentOperationException, ResourceAllocationException { + try { + List ciscoAsa1000vDevices = _ciscoAsa1000vService.listCiscoAsa1000vResources(this); + ListResponse response = new ListResponse(); + List ciscoAsa1000vResourcesResponse = new ArrayList(); + + if (ciscoAsa1000vDevices != null && !ciscoAsa1000vDevices.isEmpty()) { + for (CiscoAsa1000vDevice ciscoAsa1000vDeviceVO : ciscoAsa1000vDevices) { + CiscoAsa1000vResourceResponse ciscoAsa1000vResourceResponse = _ciscoAsa1000vService.createCiscoAsa1000vResourceResponse(ciscoAsa1000vDeviceVO); + ciscoAsa1000vResourcesResponse.add(ciscoAsa1000vResourceResponse); + } + } + + response.setResponses(ciscoAsa1000vResourcesResponse); + response.setResponseName(getCommandName()); + this.setResponseObject(response); + } catch (InvalidParameterValueException invalidParamExcp) { + throw new ServerApiException(ApiErrorCode.PARAM_ERROR, invalidParamExcp.getMessage()); + } catch (CloudRuntimeException runtimeExcp) { + throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, runtimeExcp.getMessage()); + } + } + + @Override + public String getCommandName() { + return s_name; + } +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/api/commands/ListCiscoVnmcResourcesCmd.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/api/commands/ListCiscoVnmcResourcesCmd.java new file mode 100644 index 00000000000..ab553ee94ac --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/api/commands/ListCiscoVnmcResourcesCmd.java @@ -0,0 +1,106 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.api.commands; + +import java.util.ArrayList; +import java.util.List; + +import javax.inject.Inject; + +import org.apache.cloudstack.api.APICommand; +import org.apache.cloudstack.api.ApiConstants; +import org.apache.cloudstack.api.ApiErrorCode; +import org.apache.cloudstack.api.BaseListCmd; +import org.apache.cloudstack.api.Parameter; +import org.apache.cloudstack.api.ServerApiException; +import org.apache.cloudstack.api.response.ListResponse; +import org.apache.cloudstack.api.response.PhysicalNetworkResponse; +import org.apache.log4j.Logger; + +import com.cloud.api.response.CiscoVnmcResourceResponse; +import com.cloud.exception.ConcurrentOperationException; +import com.cloud.exception.InsufficientCapacityException; +import com.cloud.exception.InvalidParameterValueException; +import com.cloud.exception.ResourceAllocationException; +import com.cloud.exception.ResourceUnavailableException; +import com.cloud.network.cisco.CiscoVnmcController; +import com.cloud.network.cisco.CiscoVnmcControllerVO; +import com.cloud.network.element.CiscoVnmcElementService; +import com.cloud.utils.exception.CloudRuntimeException; + +@APICommand(name="listCiscoVnmcResources", responseObject=CiscoVnmcResourceResponse.class, description="Lists Cisco VNMC controllers") +public class ListCiscoVnmcResourcesCmd extends BaseListCmd { + private static final Logger s_logger = Logger.getLogger(ListCiscoVnmcResourcesCmd.class.getName()); + private static final String s_name = "listCiscoVnmcResources"; + @Inject CiscoVnmcElementService _ciscoVnmcElementService; + + ///////////////////////////////////////////////////// + //////////////// API parameters ///////////////////// + ///////////////////////////////////////////////////// + + @Parameter(name=ApiConstants.PHYSICAL_NETWORK_ID, type=CommandType.UUID, entityType = PhysicalNetworkResponse.class, description="the Physical Network ID") + private Long physicalNetworkId; + + @Parameter(name=ApiConstants.RESOURCE_ID, type=CommandType.UUID, entityType=CiscoVnmcResourceResponse.class, description="Cisco VNMC resource ID") + private Long ciscoVnmcResourceId; + + ///////////////////////////////////////////////////// + /////////////////// Accessors /////////////////////// + ///////////////////////////////////////////////////// + + public Long getCiscoVnmcResourceId() { + return ciscoVnmcResourceId; + } + + public Long getPhysicalNetworkId() { + return physicalNetworkId; + } + + ///////////////////////////////////////////////////// + /////////////// API Implementation/////////////////// + ///////////////////////////////////////////////////// + + @Override + public void execute() throws ResourceUnavailableException, InsufficientCapacityException, ServerApiException, ConcurrentOperationException, ResourceAllocationException { + try { + List CiscoVnmcResources = _ciscoVnmcElementService.listCiscoVnmcResources(this); + ListResponse response = new ListResponse(); + List CiscoVnmcResourcesResponse = new ArrayList(); + + if (CiscoVnmcResources != null && !CiscoVnmcResources.isEmpty()) { + for (CiscoVnmcController CiscoVnmcResourceVO : CiscoVnmcResources) { + CiscoVnmcResourceResponse CiscoVnmcResourceResponse = _ciscoVnmcElementService.createCiscoVnmcResourceResponse(CiscoVnmcResourceVO); + CiscoVnmcResourcesResponse.add(CiscoVnmcResourceResponse); + } + } + + response.setResponses(CiscoVnmcResourcesResponse); + response.setResponseName(getCommandName()); + this.setResponseObject(response); + } catch (InvalidParameterValueException invalidParamExcp) { + throw new ServerApiException(ApiErrorCode.PARAM_ERROR, invalidParamExcp.getMessage()); + } catch (CloudRuntimeException runtimeExcp) { + throw new ServerApiException(ApiErrorCode.INTERNAL_ERROR, runtimeExcp.getMessage()); + } + } + + @Override + public String getCommandName() { + return s_name; + } + +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/api/response/CiscoAsa1000vResourceResponse.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/api/response/CiscoAsa1000vResourceResponse.java new file mode 100755 index 00000000000..9cd87da66a1 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/api/response/CiscoAsa1000vResourceResponse.java @@ -0,0 +1,88 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.api.response; + + +import org.apache.cloudstack.api.ApiConstants; +import org.apache.cloudstack.api.BaseResponse; +import org.apache.cloudstack.api.EntityReference; +import org.apache.cloudstack.api.Parameter; +import org.apache.cloudstack.api.response.NetworkResponse; +import org.apache.cloudstack.api.response.PhysicalNetworkResponse; + +import com.cloud.network.cisco.CiscoAsa1000vDevice; +import com.google.gson.annotations.SerializedName; + +@EntityReference(value = CiscoAsa1000vDevice.class) +public class CiscoAsa1000vResourceResponse extends BaseResponse { + public static final String RESOURCE_NAME = "resourcename"; + + @SerializedName(ApiConstants.RESOURCE_ID) @Parameter(description="resource id of the Cisco ASA 1000v appliance") + private String id; + + @SerializedName(ApiConstants.PHYSICAL_NETWORK_ID) + @Parameter(description="the physical network to which this ASA 1000v belongs to", entityType = PhysicalNetworkResponse.class) + private Long physicalNetworkId ; + + public Long getPhysicalNetworkId() { + return physicalNetworkId; + } + + @SerializedName(ApiConstants.HOST_NAME) + @Parameter(description="management ip address of ASA 1000v") + private String managementIp; + + public String getManagementIp() { + return managementIp; + } + + @SerializedName(ApiConstants.ASA_INSIDE_PORT_PROFILE) + @Parameter(description="management ip address of ASA 1000v") + private String inPortProfile; + + public String getInPortProfile() { + return inPortProfile; + } + + @SerializedName(ApiConstants.NETWORK_ID) + @Parameter(description="the guest network to which ASA 1000v is associated", entityType = NetworkResponse.class) + private Long guestNetworkId; + + public Long getGuestNetworkId() { + return guestNetworkId; + } + + public void setId(String ciscoAsa1000vResourceId) { + this.id = ciscoAsa1000vResourceId; + } + + public void setPhysicalNetworkId(Long physicalNetworkId) { + this.physicalNetworkId = physicalNetworkId; + } + + public void setManagementIp(String managementIp) { + this.managementIp = managementIp; + } + + public void setInPortProfile(String inPortProfile) { + this.inPortProfile = inPortProfile; + } + + public void setGuestNetworkId(Long guestNetworkId) { + this.guestNetworkId = guestNetworkId; + } +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/api/response/CiscoVnmcResourceResponse.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/api/response/CiscoVnmcResourceResponse.java new file mode 100644 index 00000000000..f5c9b727f8f --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/api/response/CiscoVnmcResourceResponse.java @@ -0,0 +1,75 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.api.response; + + +import org.apache.cloudstack.api.ApiConstants; +import org.apache.cloudstack.api.BaseResponse; +import org.apache.cloudstack.api.EntityReference; +import org.apache.cloudstack.api.Parameter; +import org.apache.cloudstack.api.response.PhysicalNetworkResponse; + +import com.cloud.network.cisco.CiscoVnmcController; +import com.google.gson.annotations.SerializedName; +@EntityReference(value = CiscoVnmcController.class) +public class CiscoVnmcResourceResponse extends BaseResponse { + public static final String RESOURCE_NAME = "resourcename"; + + @SerializedName(ApiConstants.RESOURCE_ID) + @Parameter(description="resource id of the Cisco VNMC controller") + private String id; + + @SerializedName(ApiConstants.PHYSICAL_NETWORK_ID) + @Parameter(description="the physical network to which this VNMC belongs to", entityType = PhysicalNetworkResponse.class) + private Long physicalNetworkId; + + public Long getPhysicalNetworkId() { + return physicalNetworkId; + } + + public String getProviderName() { + return providerName; + } + + public String getResourceName() { + return resourceName; + } + + @SerializedName(ApiConstants.PROVIDER) @Parameter(description="name of the provider") + private String providerName; + + @SerializedName(RESOURCE_NAME) + @Parameter(description="Cisco VNMC resource name") + private String resourceName; + + public void setId(String ciscoVnmcResourceId) { + this.id = ciscoVnmcResourceId; + } + + public void setPhysicalNetworkId(Long physicalNetworkId) { + this.physicalNetworkId = physicalNetworkId; + } + + public void setProviderName(String providerName) { + this.providerName = providerName; + } + + public void setResourceName(String resourceName) { + this.resourceName = resourceName; + } + +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoAsa1000vDevice.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoAsa1000vDevice.java new file mode 100755 index 00000000000..3c5f6827718 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoAsa1000vDevice.java @@ -0,0 +1,39 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.cisco; + +import org.apache.cloudstack.api.Identity; +import org.apache.cloudstack.api.InternalIdentity; + +import com.cloud.org.Grouping; + +public interface CiscoAsa1000vDevice extends Grouping, InternalIdentity, Identity { + + long getId(); + + String getUuid(); + + void setUuid(String uuid); + + long getPhysicalNetworkId(); + + String getManagementIp(); + + String getInPortProfile(); + + long getClusterId(); +} \ No newline at end of file diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoAsa1000vDeviceVO.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoAsa1000vDeviceVO.java new file mode 100755 index 00000000000..ba85fb105c8 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoAsa1000vDeviceVO.java @@ -0,0 +1,101 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.cisco; + +import java.util.UUID; + +import javax.persistence.Column; +import javax.persistence.Entity; +import javax.persistence.GeneratedValue; +import javax.persistence.GenerationType; +import javax.persistence.Id; +import javax.persistence.Table; + +@Entity +@Table(name="external_cisco_asa1000v_devices") +public class CiscoAsa1000vDeviceVO implements CiscoAsa1000vDevice { + + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name="id") + private long id; + + @Column(name="uuid") + private String uuid; + + @Column(name="physical_network_id") + private long physicalNetworkId; + + @Column(name="management_ip") + private String managementIp; + + @Column(name="in_Port_profile") + private String inPortProfile; + + @Column(name="cluster_id") + private long clusterId; + + public CiscoAsa1000vDeviceVO() { + this.uuid = UUID.randomUUID().toString(); + } + + public CiscoAsa1000vDeviceVO(long physicalNetworkId, + String managementIp, String inPortProfile, long clusterId) { + super(); + this.physicalNetworkId = physicalNetworkId; + this.managementIp = managementIp; + this.inPortProfile = inPortProfile; + this.uuid = UUID.randomUUID().toString(); + this.clusterId = clusterId; + } + + @Override + public long getId() { + return id; + } + + @Override + public String getUuid() { + return uuid; + } + + @Override + public void setUuid(String uuid) { + this.uuid = uuid; + } + + @Override + public long getPhysicalNetworkId() { + return physicalNetworkId; + } + + @Override + public String getManagementIp() { + return managementIp; + } + + @Override + public String getInPortProfile() { + return inPortProfile; + } + + @Override + public long getClusterId() { + return clusterId; + } + +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnection.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnection.java new file mode 100644 index 00000000000..f137148ab48 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnection.java @@ -0,0 +1,196 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.cisco; + +import java.util.Map; + +import com.cloud.utils.exception.ExecutionException; + +public interface CiscoVnmcConnection { + + public boolean createTenant(String tenantName) throws ExecutionException; + + public boolean deleteTenant(String tenantName) throws ExecutionException; + + public boolean createTenantVDC(String tenantName) throws ExecutionException; + + public boolean deleteTenantVDC(String tenantName) throws ExecutionException; + + public boolean createTenantVDCEdgeDeviceProfile(String tenantName) + throws ExecutionException; + + public boolean createTenantVDCEdgeStaticRoutePolicy(String tenantName) + throws ExecutionException; + + public boolean createTenantVDCEdgeStaticRoute(String tenantName, + String nextHopIp, String destination, String netmask) throws ExecutionException; + + public boolean associateTenantVDCEdgeStaticRoutePolicy(String tenantName) + throws ExecutionException; + + public boolean associateTenantVDCEdgeDhcpPolicy(String tenantName, + String intfName) throws ExecutionException; + + public boolean createTenantVDCEdgeDhcpPolicy(String tenantName, + String startIp, String endIp, String subnet, String nameServerIp, + String domain) throws ExecutionException; + + public boolean associateTenantVDCEdgeDhcpServerPolicy(String tenantName, + String intfName) throws ExecutionException; + + public boolean createTenantVDCEdgeSecurityProfile(String tenantName) + throws ExecutionException; + + public boolean deleteTenantVDCEdgeSecurityProfile(String tenantName) + throws ExecutionException; + + public boolean createTenantVDCSourceNatIpPool(String tenantName, String identifier, + String publicIp) throws ExecutionException; + + public boolean createTenantVDCSourceNatRule(String tenantName, String identifier, + String startSourceIp, String endSourceIp) throws ExecutionException; + + public boolean createTenantVDCSourceNatPolicy(String tenantName, String identifier) + throws ExecutionException; + + public boolean createTenantVDCSourceNatPolicyRef(String tenantName, String identifier) + throws ExecutionException; + + public boolean createTenantVDCDNatIpPool(String tenantName, String identifier, + String ipAddress) throws ExecutionException; + + public boolean createTenantVDCDNatRule(String tenantName, + String identifier, String policyIdentifier, + String publicIp) + throws ExecutionException; + + public boolean deleteTenantVDCDNatRule(String tenantName, + String identifier, String policyIdentifier) + throws ExecutionException; + + public boolean createTenantVDCAclRuleForDNat(String tenantName, + String identifier, String policyIdentifier, + String ipAddress) + throws ExecutionException; + + public boolean createTenantVDCDNatPolicy(String tenantName, String identifier) + throws ExecutionException; + + public boolean deleteTenantVDCDNatPolicy(String tenantName, String identifier) + throws ExecutionException; + + public boolean createTenantVDCDNatPolicyRef(String tenantName, String identifier) + throws ExecutionException; + + public boolean createTenantVDCPFPortPool(String tenantName, String identifier, + String startPort, String endPort) + throws ExecutionException; + + public boolean createTenantVDCPFIpPool(String tenantName, String identifier, + String ipAddress) throws ExecutionException; + + public boolean createTenantVDCPFRule(String tenantName, + String identifier, String policyIdentifier, + String protocol, String publicIp, + String startPort, String endPort) + throws ExecutionException; + + public boolean deleteTenantVDCPFRule(String tenantName, + String identifier, String policyIdentifier) + throws ExecutionException; + + public boolean createTenantVDCAclRuleForPF(String tenantName, + String identifier, String policyIdentifier, + String protocol, String ipAddress, + String startPort, String endPort) + throws ExecutionException; + + public boolean createTenantVDCPFPolicy(String tenantName, String identifier) + throws ExecutionException; + + public boolean deleteTenantVDCPFPolicy(String tenantName, String identifier) + throws ExecutionException; + + public boolean createTenantVDCPFPolicyRef(String tenantName, String identifier) + throws ExecutionException; + + public boolean createTenantVDCNatPolicySet(String tenantName) + throws ExecutionException; + + public boolean deleteTenantVDCNatPolicySet(String tenantName) + throws ExecutionException; + + public boolean associateNatPolicySet(String tenantName) + throws ExecutionException; + + public boolean createTenantVDCIngressAclRule(String tenantName, + String identifier, String policyIdentifier, + String protocol, String sourceStartIp, String sourceEndIp, + String destStartPort, String destEndPort, String destIp) + throws ExecutionException; + + public boolean createTenantVDCIngressAclRule(String tenantName, + String identifier, String policyIdentifier, + String protocol, String sourceStartIp, String sourceEndIp, String destIp) + throws ExecutionException; + + public boolean createTenantVDCEgressAclRule(String tenantName, + String identifier, String policyIdentifier, + String protocol, String sourceStartPort, String sourceEndPort, String sourceIp, + String destStartIp, String destEndIp) + throws ExecutionException; + + public boolean createTenantVDCEgressAclRule(String tenantName, + String identifier, String policyIdentifier, + String protocol, String sourceIp, String destStartIp, String destEndIp) + throws ExecutionException; + + public boolean deleteTenantVDCAclRule(String tenantName, + String identifier, String policyIdentifier) throws ExecutionException; + + public boolean createTenantVDCAclPolicy(String tenantName, + String identifier) throws ExecutionException; + + public boolean createTenantVDCAclPolicyRef(String tenantName, String identifier, + boolean ingress) throws ExecutionException; + + public boolean deleteTenantVDCAclPolicy(String tenantName, String identifier) + throws ExecutionException; + + public boolean createTenantVDCAclPolicySet(String tenantName, boolean ingress) + throws ExecutionException; + + public boolean deleteTenantVDCAclPolicySet(String tenantName, boolean ingress) + throws ExecutionException; + + public boolean associateAclPolicySet(String tenantName) + throws ExecutionException; + + public boolean createEdgeFirewall(String tenantName, String publicIp, + String insideIp, String publicSubnet, String insideSubnet) + throws ExecutionException; + + public boolean deleteEdgeFirewall(String tenantName) throws ExecutionException; + + public Map listUnAssocAsa1000v() throws ExecutionException; + + public boolean assignAsa1000v(String tenantName, String firewallDn) + throws ExecutionException; + + public boolean unassignAsa1000v(String tenantName, String firewallDn) + throws ExecutionException; +} \ No newline at end of file diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnectionImpl.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnectionImpl.java new file mode 100644 index 00000000000..527fb04698e --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnectionImpl.java @@ -0,0 +1,1415 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.cisco; + +import java.io.BufferedReader; +import java.io.FileReader; +import java.io.StringReader; +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.xml.parsers.DocumentBuilderFactory; + +import org.apache.commons.httpclient.HttpClient; +import org.apache.commons.httpclient.HttpStatus; +import org.apache.commons.httpclient.contrib.ssl.EasySSLProtocolSocketFactory; +import org.apache.commons.httpclient.methods.PostMethod; +import org.apache.log4j.Logger; +import org.w3c.dom.Document; +import org.w3c.dom.Node; +import org.w3c.dom.NodeList; +import org.xml.sax.InputSource; + +import com.cloud.utils.exception.ExecutionException; +import com.cloud.utils.script.Script; + +public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection { + + private String _ip; + private String _username; + private String _password; + private String _cookie; + + private final Logger s_logger = Logger.getLogger(CiscoVnmcConnectionImpl.class); + + private enum VnmcXml { + LOGIN("login.xml", "mgmt-controller"), + + CREATE_TENANT("create-tenant.xml", "service-reg"), + DELETE_TENANT("delete-tenant.xml", "service-reg"), + CREATE_VDC("create-vdc.xml", "service-reg"), + DELETE_VDC("delete-vdc.xml", "service-reg"), + + CREATE_EDGE_DEVICE_PROFILE("create-edge-device-profile.xml", "policy-mgr"), + CREATE_EDGE_ROUTE_POLICY("create-edge-device-route-policy.xml", "policy-mgr"), + CREATE_EDGE_ROUTE("create-edge-device-route.xml", "policy-mgr"), + RESOLVE_EDGE_ROUTE_POLICY("associate-route-policy.xml", "policy-mgr"), + + CREATE_DHCP_POLICY("create-dhcp-policy.xml", "policy-mgr"), + RESOLVE_EDGE_DHCP_POLICY("associate-dhcp-policy.xml", "policy-mgr"), + RESOLVE_EDGE_DHCP_SERVER_POLICY("associate-dhcp-server.xml", "policy-mgr"), + + CREATE_EDGE_SECURITY_PROFILE("create-edge-security-profile.xml", "policy-mgr"), + DELETE_EDGE_SECURITY_PROFILE("delete-edge-security-profile.xml", "policy-mgr"), + + CREATE_NAT_POLICY_SET("create-nat-policy-set.xml", "policy-mgr"), + DELETE_NAT_POLICY_SET("delete-nat-policy-set.xml", "policy-mgr"), + RESOLVE_NAT_POLICY_SET("associate-nat-policy-set.xml", "policy-mgr"), + CREATE_NAT_POLICY("create-nat-policy.xml", "policy-mgr"), + DELETE_NAT_POLICY("delete-nat-policy.xml", "policy-mgr"), + LIST_NAT_POLICIES("list-nat-policies.xml", "policy-mgr"), + CREATE_NAT_POLICY_REF("create-nat-policy-ref.xml", "policy-mgr"), + CREATE_PORT_POOL("create-port-pool.xml", "policy-mgr"), + CREATE_IP_POOL("create-ip-pool.xml", "policy-mgr"), + + CREATE_PF_RULE("create-pf-rule.xml", "policy-mgr"), + CREATE_ACL_RULE_FOR_PF("create-acl-rule-for-pf.xml", "policy-mgr"), + CREATE_DNAT_RULE("create-dnat-rule.xml", "policy-mgr"), + CREATE_ACL_RULE_FOR_DNAT("create-acl-rule-for-dnat.xml", "policy-mgr"), + CREATE_SOURCE_NAT_RULE("create-source-nat-rule.xml", "policy-mgr"), + + CREATE_ACL_POLICY_SET("create-acl-policy-set.xml", "policy-mgr"), + DELETE_ACL_POLICY_SET("delete-acl-policy-set.xml", "policy-mgr"), + RESOLVE_ACL_POLICY_SET("associate-acl-policy-set.xml", "policy-mgr"), + CREATE_ACL_POLICY("create-acl-policy.xml", "policy-mgr"), + DELETE_ACL_POLICY("delete-acl-policy.xml", "policy-mgr"), + LIST_ACL_POLICIES("list-acl-policies.xml", "policy-mgr"), + CREATE_ACL_POLICY_REF("create-acl-policy-ref.xml", "policy-mgr"), + CREATE_INGRESS_ACL_RULE("create-ingress-acl-rule.xml", "policy-mgr"), + CREATE_EGRESS_ACL_RULE("create-egress-acl-rule.xml", "policy-mgr"), + CREATE_GENERIC_INGRESS_ACL_RULE("create-generic-ingress-acl-rule.xml", "policy-mgr"), + CREATE_GENERIC_EGRESS_ACL_RULE("create-generic-egress-acl-rule.xml", "policy-mgr"), + + DELETE_RULE("delete-rule.xml", "policy-mgr"), + + LIST_CHILDREN("list-children.xml", "policy-mgr"), + + CREATE_EDGE_FIREWALL("create-edge-firewall.xml", "resource-mgr"), + DELETE_EDGE_FIREWALL("delete-edge-firewall.xml", "resource-mgr"), + + LIST_UNASSOC_ASA1000V("list-unassigned-asa1000v.xml", "resource-mgr"), + ASSIGN_ASA1000V("assoc-asa1000v.xml", "resource-mgr"), + UNASSIGN_ASA1000V("disassoc-asa1000v.xml", "resource-mgr"); + + private String scriptsDir = "scripts/network/cisco"; + private String xml; + private String service; + private final Logger s_logger = Logger.getLogger(CiscoVnmcConnectionImpl.class); + + + private VnmcXml(String filename, String service) { + this.xml = getXml(filename); + this.service = service; + } + + public String getXml() { + return xml; + } + + private String getXml(String filename) { + try { + String xmlFilePath = Script.findScript(scriptsDir, filename); + + if (xmlFilePath == null) { + throw new Exception("Failed to find Cisco VNMC XML file: " + filename); + } + + FileReader fr = new FileReader(xmlFilePath); + BufferedReader br = new BufferedReader(fr); + + String xml = ""; + String line; + while ((line = br.readLine()) != null) { + //xml += line.replaceAll("\n"," "); + xml += line; + } + + return xml; + } catch (Exception e) { + s_logger.debug(e); + return null; + } + } + + public String getService() { + return service; + } + } + + public CiscoVnmcConnectionImpl(String hostIp, String userName, String password) { + this._ip = hostIp; + this._username = userName; + this._password = password; + + } + + public boolean login() throws ExecutionException { + String xml = VnmcXml.LOGIN.getXml(); + String service = VnmcXml.LOGIN.getService(); + xml = replaceXmlValue(xml, "username", _username); + xml = replaceXmlValue(xml, "password", _password); + String response = sendRequest(service, xml); + Map checked = checkResponse(response, "outCookie", "errorCode", "response"); + + if (checked.get("errorCode") != null) + return false; + _cookie = checked.get("outCookie"); + if (_cookie == null) { + return false; + } + return true; + } + + private String getDnForTenant(String tenantName) { + return "org-root/org-" + tenantName; + } + + private String getDnForTenantVDC(String tenantName) { + return getDnForTenant(tenantName) + "/org-VDC-" + tenantName; + } + + private String getDnForTenantVDCEdgeDeviceProfile(String tenantName) { + return getDnForTenantVDC(tenantName) + "/edsp-" + getNameForEdgeDeviceServiceProfile(tenantName); + } + + private String getDnForTenantVDCEdgeSecurityProfile(String tenantName) { + return getDnForTenantVDC(tenantName) + "/vnep-" + getNameForEdgeDeviceSecurityProfile(tenantName); + } + + private String getDnForEdgeDeviceRoutingPolicy(String tenantName) { + return getDnForTenantVDC(tenantName) + "/routing-policy-" + getNameForEdgeDeviceRoutePolicy(tenantName); + //FIXME: any other construct is unreliable. why? + } + + private String getDnForDhcpPolicy(String tenantName, String intfName) { + return getDnForTenantVDCEdgeDeviceProfile(tenantName) + "/dhcp-" + intfName; + } + + private String getNameForDhcpPolicy(String tenantName) { + return tenantName + "-Dhcp-Policy"; + } + + private String getNameForDhcpServer(String tenantName) { + return tenantName + "-Dhcp-Server"; + } + + private String getDnForDhcpServerPolicy(String tenantName) { + return getDnForTenantVDC(tenantName) + "/dhcp-server-" + getNameForDhcpPolicy(tenantName); + } + + private String getNameForIpRange() { + return "iprange"; + } + + private String getDnForDhcpIpRange(String tenantName) { + return getDnForDhcpServerPolicy(tenantName) + "/ip-range-" + getNameForIpRange(); + } + + private String getNameForDNSService(String tenantName) { + return tenantName + "-DNS"; + } + + private String getDnForDnsService(String tenantName) { + return getDnForDhcpServerPolicy(tenantName) + "/dns-svc-" + getNameForDNSService(tenantName); + } + + private String getDnForDnsServer(String tenantName, String dnsip) { + return getDnForDnsService(tenantName) + "/dns-" + dnsip; + } + + private String getNameForTenantVDC(String tenantName) { + return "VDC-" + tenantName; + } + + private String getNameForEdgeDeviceServiceProfile(String tenantName) { + return "EDSP-" + tenantName; + } + + private String getNameForEdgeDeviceSecurityProfile(String tenantName) { + return "ESP-" + tenantName; + } + + private String getNameForEdgeDeviceRoutePolicy(String tenantName) { + return "EDSP-" + tenantName + "-Routes"; + } + + @Override + public boolean createTenant(String tenantName) throws ExecutionException { + String xml = VnmcXml.CREATE_TENANT.getXml(); + String service = VnmcXml.CREATE_TENANT.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "descr", "Tenant for account " + tenantName); + xml = replaceXmlValue(xml, "name", tenantName); + xml = replaceXmlValue(xml, "dn", getDnForTenant(tenantName)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean deleteTenant(String tenantName) throws ExecutionException { + String xml = VnmcXml.DELETE_TENANT.getXml(); + String service = VnmcXml.DELETE_TENANT.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "name", tenantName); + xml = replaceXmlValue(xml, "dn", getDnForTenant(tenantName)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean createTenantVDC(String tenantName) throws ExecutionException { + String xml = VnmcXml.CREATE_VDC.getXml(); + String service = VnmcXml.CREATE_VDC.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "descr", "VDC for Tenant" + tenantName); + xml = replaceXmlValue(xml, "name", getNameForTenantVDC(tenantName)); + xml = replaceXmlValue(xml, "dn", getDnForTenantVDC(tenantName)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean deleteTenantVDC(String tenantName) throws ExecutionException { + String xml = VnmcXml.DELETE_VDC.getXml(); + String service = VnmcXml.DELETE_VDC.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "name", getNameForTenantVDC(tenantName)); + xml = replaceXmlValue(xml, "dn", getDnForTenantVDC(tenantName)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean createTenantVDCEdgeDeviceProfile(String tenantName) throws ExecutionException { + String xml = VnmcXml.CREATE_EDGE_DEVICE_PROFILE.getXml(); + String service = VnmcXml.CREATE_EDGE_DEVICE_PROFILE.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "descr", "Edge Device Profile for Tenant VDC" + tenantName); + xml = replaceXmlValue(xml, "name", getNameForEdgeDeviceServiceProfile(tenantName)); + xml = replaceXmlValue(xml, "dn", getDnForTenantVDCEdgeDeviceProfile(tenantName)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean createTenantVDCEdgeStaticRoutePolicy(String tenantName) throws ExecutionException { + String xml = VnmcXml.CREATE_EDGE_ROUTE_POLICY.getXml(); + String service = VnmcXml.CREATE_EDGE_ROUTE_POLICY.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "name", getNameForEdgeDeviceRoutePolicy(tenantName)); + xml = replaceXmlValue(xml, "routepolicydn", getDnForEdgeDeviceRoutingPolicy(tenantName)); + xml = replaceXmlValue(xml, "descr", "Routing Policy for Edge Device for Tenant " + tenantName); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean createTenantVDCEdgeStaticRoute(String tenantName, + String nextHopIp, String destination, String netmask) throws ExecutionException { + String xml = VnmcXml.CREATE_EDGE_ROUTE.getXml(); + String service = VnmcXml.CREATE_EDGE_ROUTE.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "routepolicydn", getDnForEdgeDeviceRoutingPolicy(tenantName)); + xml = replaceXmlValue(xml, "nexthop", nextHopIp); + xml = replaceXmlValue(xml, "nexthopintf", getNameForEdgeOutsideIntf(tenantName)); + xml = replaceXmlValue(xml, "destination", destination); + xml = replaceXmlValue(xml, "netmask", netmask); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean associateTenantVDCEdgeStaticRoutePolicy(String tenantName) throws ExecutionException { + String xml = VnmcXml.RESOLVE_EDGE_ROUTE_POLICY.getXml(); + String service = VnmcXml.RESOLVE_EDGE_ROUTE_POLICY.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "name", getNameForEdgeDeviceServiceProfile(tenantName)); + xml = replaceXmlValue(xml, "dn", getDnForTenantVDCEdgeDeviceProfile(tenantName)); + xml = replaceXmlValue(xml, "routepolicyname", getNameForEdgeDeviceRoutePolicy(tenantName)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean associateTenantVDCEdgeDhcpPolicy(String tenantName, String intfName) throws ExecutionException { + String xml = VnmcXml.RESOLVE_EDGE_DHCP_POLICY.getXml(); + String service = VnmcXml.RESOLVE_EDGE_DHCP_POLICY.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "dhcpdn", getDnForDhcpPolicy(tenantName, intfName)); + xml = replaceXmlValue(xml, "insideintf", intfName); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean createTenantVDCEdgeDhcpPolicy(String tenantName, + String startIp, String endIp, String subnet, String nameServerIp, String domain) throws ExecutionException { + String xml = VnmcXml.CREATE_DHCP_POLICY.getXml(); + String service = VnmcXml.CREATE_DHCP_POLICY.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "dhcpserverdn", getDnForDhcpServerPolicy(tenantName)); + xml = replaceXmlValue(xml, "dhcpserverdescr", "DHCP server for " + tenantName); + xml = replaceXmlValue(xml, "dhcpservername", getNameForDhcpPolicy(tenantName)); + xml = replaceXmlValue(xml, "iprangedn", getDnForDhcpIpRange(tenantName)); + xml = replaceXmlValue(xml, "startip", startIp); + xml = replaceXmlValue(xml, "endip", endIp); + xml = replaceXmlValue(xml, "subnet", subnet); + xml = replaceXmlValue(xml, "domain", domain); + xml = replaceXmlValue(xml, "dnsservicedn", getDnForDnsService(tenantName)); + xml = replaceXmlValue(xml, "dnsservicename", getNameForDNSService(tenantName)); + xml = replaceXmlValue(xml, "nameserverip", nameServerIp); + xml = replaceXmlValue(xml, "nameserverdn", getDnForDnsServer(tenantName, nameServerIp)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean associateTenantVDCEdgeDhcpServerPolicy(String tenantName, String intfName) throws ExecutionException { + String xml = VnmcXml.RESOLVE_EDGE_DHCP_SERVER_POLICY.getXml(); + String service = VnmcXml.RESOLVE_EDGE_DHCP_SERVER_POLICY.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "dhcpdn", getDnForDhcpPolicy(tenantName, intfName)); + xml = replaceXmlValue(xml, "insideintf", intfName); + xml = replaceXmlValue(xml, "dhcpserverpolicyname", getNameForDhcpServer(tenantName)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean createTenantVDCEdgeSecurityProfile(String tenantName) throws ExecutionException { + String xml = VnmcXml.CREATE_EDGE_SECURITY_PROFILE.getXml(); + String service = VnmcXml.CREATE_EDGE_SECURITY_PROFILE.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "descr", "Edge Security Profile for Tenant VDC" + tenantName); + xml = replaceXmlValue(xml, "name", getNameForEdgeDeviceSecurityProfile(tenantName)); + xml = replaceXmlValue(xml, "espdn", getDnForTenantVDCEdgeSecurityProfile(tenantName)); + xml = replaceXmlValue(xml, "egressref", "default-egress"); + xml = replaceXmlValue(xml, "ingressref", "default-ingress"); //FIXME: allows everything + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean deleteTenantVDCEdgeSecurityProfile(String tenantName) throws ExecutionException { + String xml = VnmcXml.DELETE_EDGE_SECURITY_PROFILE.getXml(); + String service = VnmcXml.DELETE_EDGE_SECURITY_PROFILE.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "name", getNameForEdgeDeviceSecurityProfile(tenantName)); + xml = replaceXmlValue(xml, "espdn", getDnForTenantVDCEdgeSecurityProfile(tenantName)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + private String getNameForSourceNatIpPool(String tenantName) { + return "SNATIp-" + tenantName; + } + + private String getDnForSourceNatPool(String tenantName) { + return getDnForTenantVDC(tenantName) + "/objgrp-" + getNameForSourceNatIpPool(tenantName); + } + + @Override + public boolean createTenantVDCSourceNatIpPool(String tenantName, String identifier, + String publicIp) throws ExecutionException { + return createTenantVDCIpPool( + getDnForSourceNatPool(tenantName), + getNameForSourceNatIpPool(tenantName), + "Source NAT ip pool for Tenant VDC " + tenantName, + publicIp); + } + + private String getNameForSourceNatPolicy(String tenantName) { + return "SNAT-Policy-" + tenantName; + } + + private String getDnForSourceNatPolicy(String tenantName) { + return getDnForTenantVDC(tenantName) + "/natpol-" + getNameForSourceNatPolicy(tenantName); + } + + private String getNameForSourceNatRule(String tenantName) { + return "SNAT-Rule-" + tenantName; + } + + private String getDnForSourceNatRule(String tenantName) { + return getDnForSourceNatPolicy(tenantName) + "/rule-" + getNameForSourceNatRule(tenantName); + } + + private String getNameForNatPolicySet(String tenantName) { + return "NAT-PolicySet-" + tenantName; + } + + private String getDnForNatPolicySet(String tenantName) { + return getDnForTenantVDC(tenantName) + "/natpset-" + getNameForNatPolicySet(tenantName) ; + } + + private String getDnForSourceNatPolicyRef(String tenantName) { + return getDnForNatPolicySet(tenantName) + "/polref-" + getNameForSourceNatPolicy(tenantName) ; + } + + @Override + public boolean createTenantVDCSourceNatRule(String tenantName, String identifier, + String startSourceIp, String endSourceIp) throws ExecutionException { + + String xml = VnmcXml.CREATE_SOURCE_NAT_RULE.getXml(); + String service = VnmcXml.CREATE_SOURCE_NAT_RULE.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "natruledn", getDnForSourceNatRule(tenantName)); + xml = replaceXmlValue(xml, "natrulename", getNameForSourceNatRule(tenantName)); + xml = replaceXmlValue(xml, "descr", "Source NAT rule for Tenant VDC " + tenantName); + xml = replaceXmlValue(xml, "srcstartip", startSourceIp); + xml = replaceXmlValue(xml, "srcendip", endSourceIp); + xml = replaceXmlValue(xml, "ippoolname", getNameForSourceNatIpPool(tenantName)); + + List rules = listChildren(getDnForSourceNatPolicy(tenantName)); + int order = 100; + if (rules != null) { + order += rules.size(); + } + xml = replaceXmlValue(xml, "order", Integer.toString(order)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean createTenantVDCSourceNatPolicyRef(String tenantName, String identifier) throws ExecutionException { + return createTenantVDCNatPolicyRef( + getDnForSourceNatPolicyRef(tenantName), + getNameForSourceNatPolicy(tenantName), + tenantName); + } + + @Override + public boolean createTenantVDCSourceNatPolicy(String tenantName, String identifier) throws ExecutionException { + return createTenantVDCNatPolicy( + getDnForSourceNatPolicy(tenantName), + getNameForSourceNatPolicy(tenantName)); + } + + @Override + public boolean createTenantVDCNatPolicySet(String tenantName) throws ExecutionException { + String xml = VnmcXml.CREATE_NAT_POLICY_SET.getXml(); + String service = VnmcXml.CREATE_NAT_POLICY_SET.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "descr", "NAT policy set for Tenant VDC " + tenantName); + xml = replaceXmlValue(xml, "natpolicysetname", getNameForNatPolicySet(tenantName)); + xml = replaceXmlValue(xml, "natpolicysetdn", getDnForNatPolicySet(tenantName)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean deleteTenantVDCNatPolicySet(String tenantName) throws ExecutionException { + String xml = VnmcXml.DELETE_NAT_POLICY_SET.getXml(); + String service = VnmcXml.DELETE_NAT_POLICY_SET.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "natpolicysetname", getNameForNatPolicySet(tenantName)); + xml = replaceXmlValue(xml, "natpolicysetdn", getDnForNatPolicySet(tenantName)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean associateNatPolicySet(String tenantName) throws ExecutionException { + String xml = VnmcXml.RESOLVE_NAT_POLICY_SET.getXml(); + String service = VnmcXml.RESOLVE_NAT_POLICY_SET.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "descr", "Edge Security Profile for Tenant VDC" + tenantName); + xml = replaceXmlValue(xml, "name", getNameForEdgeDeviceSecurityProfile(tenantName)); + xml = replaceXmlValue(xml, "espdn", getDnForTenantVDCEdgeSecurityProfile(tenantName)); + xml = replaceXmlValue(xml, "natpolicysetname", getNameForNatPolicySet(tenantName)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + private String getNameForAclPolicySet(String tenantName, boolean ingress) { + return (ingress ? "Ingress-" : "Egress-") + "ACL-PolicySet-" + tenantName; + } + + private String getDnForAclPolicySet(String tenantName, boolean ingress) { + return getDnForTenantVDC(tenantName) + "/pset-" + getNameForAclPolicySet(tenantName, ingress) ; + } + + private String getNameForAclPolicy(String tenantName, String identifier) { + return "ACL-" + tenantName + "-" + identifier; + } + + private String getDnForAclPolicy(String tenantName, String identifier) { + return getDnForTenantVDC(tenantName) + "/pol-" + getNameForAclPolicy(tenantName, identifier); + } + + private String getDnForAclPolicyRef(String tenantName, String identifier, boolean ingress) { + return getDnForAclPolicySet(tenantName, ingress) + "/polref-" + getNameForAclPolicy(tenantName, identifier); + } + + private String getNameForAclRule(String tenantName, String identifier) { + return "Rule-" + tenantName + "-" + identifier; + } + + private String getDnForAclRule(String tenantName, String identifier, String policyIdentifier) { + return getDnForAclPolicy(tenantName, policyIdentifier) + "/rule-" + getNameForAclRule(tenantName, identifier); + } + + @Override + public boolean createTenantVDCAclPolicy(String tenantName, String identifier) throws ExecutionException { + String xml = VnmcXml.CREATE_ACL_POLICY.getXml(); + String service = VnmcXml.CREATE_ACL_POLICY.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "aclpolicyname", getNameForAclPolicy(tenantName, identifier)); + xml = replaceXmlValue(xml, "aclpolicydn", getDnForAclPolicy(tenantName, identifier)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean deleteTenantVDCAclPolicy(String tenantName, String identifier) throws ExecutionException { + String xml = VnmcXml.DELETE_ACL_POLICY.getXml(); + String service = VnmcXml.DELETE_ACL_POLICY.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "aclpolicyname", getNameForAclPolicy(tenantName, identifier)); + xml = replaceXmlValue(xml, "aclpolicydn", getDnForAclPolicy(tenantName, identifier)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean createTenantVDCAclPolicyRef(String tenantName, String identifier, boolean ingress) throws ExecutionException { + String xml = VnmcXml.CREATE_ACL_POLICY_REF.getXml(); + String service = VnmcXml.CREATE_ACL_POLICY_REF.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "aclpolicyname", getNameForAclPolicy(tenantName, identifier)); + xml = replaceXmlValue(xml, "aclpolicydn", getDnForAclPolicy(tenantName, identifier)); + xml = replaceXmlValue(xml, "aclpolicyrefdn", getDnForAclPolicyRef(tenantName, identifier, ingress)); + + List policies = listAclPolicies(tenantName); + int order = 100; + if (policies != null) { + order += policies.size(); + } + xml = replaceXmlValue(xml, "order", Integer.toString(order)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean createTenantVDCAclPolicySet(String tenantName, boolean ingress) throws ExecutionException { + String xml = VnmcXml.CREATE_ACL_POLICY_SET.getXml(); + String service = VnmcXml.CREATE_ACL_POLICY_SET.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "descr", "ACL policy set for Tenant VDC " + tenantName); + xml = replaceXmlValue(xml, "aclpolicysetname", getNameForAclPolicySet(tenantName, ingress)); + xml = replaceXmlValue(xml, "aclpolicysetdn", getDnForAclPolicySet(tenantName, ingress)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean deleteTenantVDCAclPolicySet(String tenantName, boolean ingress) throws ExecutionException { + String xml = VnmcXml.DELETE_ACL_POLICY_SET.getXml(); + String service = VnmcXml.DELETE_ACL_POLICY_SET.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "aclpolicysetname", getNameForAclPolicySet(tenantName, ingress)); + xml = replaceXmlValue(xml, "aclpolicysetdn", getDnForAclPolicySet(tenantName, ingress)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean associateAclPolicySet(String tenantName) throws ExecutionException { + String xml = VnmcXml.RESOLVE_ACL_POLICY_SET.getXml(); + String service = VnmcXml.RESOLVE_ACL_POLICY_SET.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "descr", "Edge Security Profile for Tenant VDC" + tenantName); + xml = replaceXmlValue(xml, "name", getNameForEdgeDeviceSecurityProfile(tenantName)); + xml = replaceXmlValue(xml, "espdn", getDnForTenantVDCEdgeSecurityProfile(tenantName)); + //xml = replaceXmlValue(xml, "egresspolicysetname", getNameForAclPolicySet(tenantName, false)); + xml = replaceXmlValue(xml, "egresspolicysetname", "default-egress"); + xml = replaceXmlValue(xml, "ingresspolicysetname", getNameForAclPolicySet(tenantName, true)); + xml = replaceXmlValue(xml, "natpolicysetname", getNameForNatPolicySet(tenantName)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean createTenantVDCIngressAclRule(String tenantName, + String identifier, String policyIdentifier, + String protocol, String sourceStartIp, String sourceEndIp, + String destStartPort, String destEndPort, String destIp) throws ExecutionException { + String xml = VnmcXml.CREATE_INGRESS_ACL_RULE.getXml(); + String service = VnmcXml.CREATE_INGRESS_ACL_RULE.getService(); + + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "aclruledn", getDnForAclRule(tenantName, identifier, policyIdentifier)); + xml = replaceXmlValue(xml, "aclrulename", getNameForAclRule(tenantName, identifier)); + xml = replaceXmlValue(xml, "descr", "Ingress ACL rule for Tenant VDC " + tenantName); + xml = replaceXmlValue(xml, "actiontype", "permit"); + xml = replaceXmlValue(xml, "protocolvalue", protocol); + xml = replaceXmlValue(xml, "sourcestartip", sourceStartIp); + xml = replaceXmlValue(xml, "sourceendip", sourceEndIp); + xml = replaceXmlValue(xml, "deststartport", destStartPort); + xml = replaceXmlValue(xml, "destendport", destEndPort); + xml = replaceXmlValue(xml, "destip", destIp); + + List rules = listChildren(getDnForAclPolicy(tenantName, policyIdentifier)); + int order = 100; + if (rules != null) { + order += rules.size(); + } + xml = replaceXmlValue(xml, "order", Integer.toString(order)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean createTenantVDCIngressAclRule(String tenantName, + String identifier, String policyIdentifier, + String protocol, String sourceStartIp, String sourceEndIp, + String destIp) throws ExecutionException { + String xml = VnmcXml.CREATE_GENERIC_INGRESS_ACL_RULE.getXml(); + String service = VnmcXml.CREATE_GENERIC_INGRESS_ACL_RULE.getService(); + + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "aclruledn", getDnForAclRule(tenantName, identifier, policyIdentifier)); + xml = replaceXmlValue(xml, "aclrulename", getNameForAclRule(tenantName, identifier)); + xml = replaceXmlValue(xml, "descr", "Ingress ACL rule for Tenant VDC " + tenantName); + xml = replaceXmlValue(xml, "actiontype", "permit"); + xml = replaceXmlValue(xml, "protocolvalue", protocol); + xml = replaceXmlValue(xml, "sourcestartip", sourceStartIp); + xml = replaceXmlValue(xml, "sourceendip", sourceEndIp); + + List rules = listChildren(getDnForAclPolicy(tenantName, policyIdentifier)); + int order = 100; + if (rules != null) { + order += rules.size(); + } + xml = replaceXmlValue(xml, "order", Integer.toString(order)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean createTenantVDCEgressAclRule(String tenantName, + String identifier, String policyIdentifier, + String protocol, String sourceStartPort, String sourceEndPort, String sourceIp, + String destStartIp, String destEndIp) throws ExecutionException { + String xml = VnmcXml.CREATE_EGRESS_ACL_RULE.getXml(); + String service = VnmcXml.CREATE_EGRESS_ACL_RULE.getService(); + + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "aclruledn", getDnForAclRule(tenantName, identifier, policyIdentifier)); + xml = replaceXmlValue(xml, "aclrulename", getNameForAclRule(tenantName, identifier)); + xml = replaceXmlValue(xml, "descr", "Egress ACL rule for Tenant VDC " + tenantName); + xml = replaceXmlValue(xml, "actiontype", "permit"); + xml = replaceXmlValue(xml, "protocolvalue", protocol); + xml = replaceXmlValue(xml, "deststartip", destStartIp); + xml = replaceXmlValue(xml, "destendip", destEndIp); + xml = replaceXmlValue(xml, "sourcestartport", sourceStartPort); + xml = replaceXmlValue(xml, "sourceendport", sourceEndPort); + xml = replaceXmlValue(xml, "sourceip", sourceIp); + + List rules = listChildren(getDnForAclPolicy(tenantName, policyIdentifier)); + int order = 100; + if (rules != null) { + order += rules.size(); + } + xml = replaceXmlValue(xml, "order", Integer.toString(order)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean createTenantVDCEgressAclRule(String tenantName, + String identifier, String policyIdentifier, + String protocol, String sourceIp, + String destStartIp, String destEndIp) throws ExecutionException { + String xml = VnmcXml.CREATE_GENERIC_EGRESS_ACL_RULE.getXml(); + String service = VnmcXml.CREATE_GENERIC_EGRESS_ACL_RULE.getService(); + + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "aclruledn", getDnForAclRule(tenantName, identifier, policyIdentifier)); + xml = replaceXmlValue(xml, "aclrulename", getNameForAclRule(tenantName, identifier)); + xml = replaceXmlValue(xml, "descr", "Egress ACL rule for Tenant VDC " + tenantName); + xml = replaceXmlValue(xml, "actiontype", "permit"); + xml = replaceXmlValue(xml, "protocolvalue", protocol); + xml = replaceXmlValue(xml, "deststartip", destStartIp); + xml = replaceXmlValue(xml, "destendip", destEndIp); + + List rules = listChildren(getDnForAclPolicy(tenantName, policyIdentifier)); + int order = 100; + if (rules != null) { + order += rules.size(); + } + xml = replaceXmlValue(xml, "order", Integer.toString(order)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean deleteTenantVDCAclRule(String tenantName, String identifier, String policyIdentifier) throws ExecutionException { + return deleteTenantVDCRule( + getDnForAclRule(tenantName, identifier, policyIdentifier), + getNameForAclRule(tenantName, identifier)); + } + + private String getNameForPFPortPool(String tenantName, String identifier) { + return "PFPort-" + tenantName + "-" + identifier; + } + + private String getDnForPFPortPool(String tenantName, String identifier) { + return getDnForTenantVDC(tenantName) + "/objgrp-" + getNameForPFPortPool(tenantName, identifier); + } + + private String getNameForPFIpPool(String tenantName, String identifier) { + return "PFIp-" + tenantName + "-" + identifier; + } + + private String getDnForPFIpPool(String tenantName, String identifier) { + return getDnForTenantVDC(tenantName) + "/objgrp-" + getNameForPFIpPool(tenantName, identifier); + } + + private boolean createTenantVDCPortPool(String poolDn, String name, + String description, String startPort, String endPort) throws ExecutionException { + String xml = VnmcXml.CREATE_PORT_POOL.getXml(); + String service = VnmcXml.CREATE_PORT_POOL.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "portpooldn", poolDn); + xml = replaceXmlValue(xml, "portpoolname", name); + xml = replaceXmlValue(xml, "descr", description); + xml = replaceXmlValue(xml, "startport", startPort); + xml = replaceXmlValue(xml, "endport", endPort); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + private boolean createTenantVDCIpPool(String poolDn, String name, + String description, String ipAddress) throws ExecutionException { + String xml = VnmcXml.CREATE_IP_POOL.getXml(); + String service = VnmcXml.CREATE_IP_POOL.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "ippooldn", poolDn); + xml = replaceXmlValue(xml, "ippoolname", name); + xml = replaceXmlValue(xml, "descr", description); + xml = replaceXmlValue(xml, "ipvalue", ipAddress); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + private boolean createTenantVDCNatPolicyRef(String policyRefDn, String name, String tenantName) throws ExecutionException { + String xml = VnmcXml.CREATE_NAT_POLICY_REF.getXml(); + String service = VnmcXml.CREATE_NAT_POLICY_REF.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "natpolicyrefdn", policyRefDn); + xml = replaceXmlValue(xml, "natpolicyname", name); + + List policies = listNatPolicies(tenantName); + int order = 100; + if (policies != null) { + order += policies.size(); + } + xml = replaceXmlValue(xml, "order", Integer.toString(order)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + private boolean createTenantVDCNatPolicy(String policyDn, String name) throws ExecutionException { + String xml = VnmcXml.CREATE_NAT_POLICY.getXml(); + String service = VnmcXml.CREATE_NAT_POLICY.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "natpolicydn", policyDn); + xml = replaceXmlValue(xml, "natpolicyname", name); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + private boolean deleteTenantVDCNatPolicy(String policyDn, String name) throws ExecutionException { + String xml = VnmcXml.DELETE_NAT_POLICY.getXml(); + String service = VnmcXml.DELETE_NAT_POLICY.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "natpolicydn", policyDn); + xml = replaceXmlValue(xml, "natpolicyname", name); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + private boolean deleteTenantVDCRule(String ruledn, String ruleName) throws ExecutionException { + String xml = VnmcXml.DELETE_RULE.getXml(); + String service = VnmcXml.DELETE_RULE.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "ruledn", ruledn); + xml = replaceXmlValue(xml, "rulename", ruleName); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + private List listNatPolicies(String tenantName) throws ExecutionException { + + String xml = VnmcXml.LIST_NAT_POLICIES.getXml(); + String service = VnmcXml.LIST_NAT_POLICIES.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "vdcdn", getDnForTenantVDC(tenantName)); + + String response = sendRequest(service, xml); + + List result = new ArrayList(); + Document xmlDoc = getDocument(response); + xmlDoc.normalize(); + NodeList policyList = xmlDoc.getElementsByTagName("pair"); + for (int i=0; i < policyList.getLength(); i++) { + Node policyNode = policyList.item(i); + result.add(policyNode.getAttributes().getNamedItem("key").getNodeValue()); + } + + return result; + } + + private List listAclPolicies(String tenantName) throws ExecutionException { + + String xml = VnmcXml.LIST_ACL_POLICIES.getXml(); + String service = VnmcXml.LIST_ACL_POLICIES.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "vdcdn", getDnForTenantVDC(tenantName)); + + String response = sendRequest(service, xml); + + List result = new ArrayList(); + Document xmlDoc = getDocument(response); + xmlDoc.normalize(); + NodeList policyList = xmlDoc.getElementsByTagName("pair"); + for (int i=0; i < policyList.getLength(); i++) { + Node policyNode = policyList.item(i); + result.add(policyNode.getAttributes().getNamedItem("key").getNodeValue()); + } + + return result; + } + + private List listChildren(String dn) throws ExecutionException { + + String xml = VnmcXml.LIST_CHILDREN.getXml(); + String service = VnmcXml.LIST_CHILDREN.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "dn", dn); + + String response = sendRequest(service, xml); + + List result = new ArrayList(); + Document xmlDoc = getDocument(response); + xmlDoc.normalize(); + NodeList policyList = xmlDoc.getElementsByTagName("policyRule"); + for (int i=0; i < policyList.getLength(); i++) { + Node policyNode = policyList.item(i); + result.add(policyNode.getAttributes().getNamedItem("name").getNodeValue()); + } + + return result; + } + + @Override + public boolean createTenantVDCPFPortPool(String tenantName, String identifier, + String startPort, String endPort) throws ExecutionException { + return createTenantVDCPortPool( + getDnForPFPortPool(tenantName, identifier), + getNameForPFPortPool(tenantName, identifier), + "PF port pool for " + getNameForPFPortPool(tenantName, identifier), + startPort, endPort); + } + + @Override + public boolean createTenantVDCPFIpPool(String tenantName, String identifier, + String ipAddress) throws ExecutionException { + return createTenantVDCIpPool( + getDnForPFIpPool(tenantName, identifier), + getNameForPFIpPool(tenantName, identifier), + "PF ip pool for " + getNameForPFIpPool(tenantName, identifier), + ipAddress); + } + + private String getNameForPFPolicy(String tenantName, String identifier) { + return "PF-" + tenantName + "-" + identifier; + } + + private String getDnForPFPolicy(String tenantName, String identifier) { + return getDnForTenantVDC(tenantName) + "/natpol-" + getNameForPFPolicy(tenantName, identifier); + } + + private String getDnForPFPolicyRef(String tenantName, String identifier) { + return getDnForNatPolicySet(tenantName) + "/polref-" + getNameForPFPolicy(tenantName, identifier); + } + + private String getNameForPFRule(String tenantName, String identifier) { + return "Rule-" + tenantName + "-" + identifier; + } + + private String getDnForPFRule(String tenantName, String identifier, String policyIdentifier) { + return getDnForPFPolicy(tenantName, policyIdentifier) + "/rule-" + getNameForPFRule(tenantName, identifier); + } + + @Override + public boolean createTenantVDCPFRule(String tenantName, + String identifier, String policyIdentifier, + String protocol, String publicIp, + String startPort, String endPort) throws ExecutionException { + String xml = VnmcXml.CREATE_PF_RULE.getXml(); + String service = VnmcXml.CREATE_PF_RULE.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "natruledn", getDnForPFRule(tenantName, identifier, policyIdentifier)); + xml = replaceXmlValue(xml, "natrulename", getNameForPFRule(tenantName, identifier)); + xml = replaceXmlValue(xml, "descr", "PF rule for Tenant VDC " + tenantName); + xml = replaceXmlValue(xml, "ippoolname", getNameForPFIpPool(tenantName, policyIdentifier + "-" + identifier)); + xml = replaceXmlValue(xml, "portpoolname", getNameForPFPortPool(tenantName, policyIdentifier + "-" + identifier)); + xml = replaceXmlValue(xml, "ip", publicIp); + xml = replaceXmlValue(xml, "startport", startPort); + xml = replaceXmlValue(xml, "endport", endPort); + xml = replaceXmlValue(xml, "protocolvalue", protocol); + + List rules = listChildren(getDnForPFPolicy(tenantName, policyIdentifier)); + int order = 100; + if (rules != null) { + order += rules.size(); + } + xml = replaceXmlValue(xml, "order", Integer.toString(order)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean deleteTenantVDCPFRule(String tenantName, String identifier, + String policyIdentifier) throws ExecutionException { + return deleteTenantVDCRule( + getDnForPFRule(tenantName, identifier, policyIdentifier), + getNameForPFRule(tenantName, identifier)); + } + + @Override + public boolean createTenantVDCAclRuleForPF(String tenantName, + String identifier, String policyIdentifier, String protocol, + String ipAddress, String startPort, String endPort) + throws ExecutionException { + String xml = VnmcXml.CREATE_ACL_RULE_FOR_PF.getXml(); + String service = VnmcXml.CREATE_ACL_RULE_FOR_PF.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "aclruledn", getDnForAclRule(tenantName, identifier, policyIdentifier)); + xml = replaceXmlValue(xml, "aclrulename", getNameForAclRule(tenantName, identifier)); + xml = replaceXmlValue(xml, "descr", "ACL rule for Tenant VDC " + tenantName); + xml = replaceXmlValue(xml, "actiontype", "permit"); + xml = replaceXmlValue(xml, "protocolvalue", protocol); + xml = replaceXmlValue(xml, "ip", ipAddress); + xml = replaceXmlValue(xml, "startport", startPort); + xml = replaceXmlValue(xml, "endport", endPort); + + List rules = listChildren(getDnForAclPolicy(tenantName, policyIdentifier)); + int order = 100; + if (rules != null) { + order += rules.size(); + } + xml = replaceXmlValue(xml, "order", Integer.toString(order)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean createTenantVDCPFPolicyRef(String tenantName, String identifier) throws ExecutionException { + return createTenantVDCNatPolicyRef( + getDnForPFPolicyRef(tenantName, identifier), + getNameForPFPolicy(tenantName, identifier), + tenantName); + } + + @Override + public boolean createTenantVDCPFPolicy(String tenantName, String identifier) throws ExecutionException { + return createTenantVDCNatPolicy( + getDnForPFPolicy(tenantName, identifier), + getNameForPFPolicy(tenantName, identifier)); + } + + @Override + public boolean deleteTenantVDCPFPolicy(String tenantName, String identifier) throws ExecutionException { + return deleteTenantVDCNatPolicy( + getDnForPFPolicy(tenantName, identifier), + getNameForPFPolicy(tenantName, identifier)); + } + + private String getNameForDNatIpPool(String tenantName, String identifier) { + return "DNATIp-" + tenantName + "-" + identifier; + } + + private String getDnForDNatIpPool(String tenantName, String identifier) { + return getDnForTenantVDC(tenantName) + "/objgrp-" + getNameForDNatIpPool(tenantName, identifier); + } + + @Override + public boolean createTenantVDCDNatIpPool(String tenantName, + String identifier, String ipAddress) throws ExecutionException { + return createTenantVDCIpPool( + getDnForDNatIpPool(tenantName, identifier), + getNameForDNatIpPool(tenantName, identifier), + "DNAT ip pool for " + getNameForDNatIpPool(tenantName, identifier), + ipAddress); + } + + private String getNameForDNatRule(String tenantName, String identifier) { + return "Rule-" + tenantName + "-" + identifier; + } + + private String getDnForDNatRule(String tenantName, String identifier, String policyIdentifier) { + return getDnForDNatPolicy(tenantName, policyIdentifier) + "/rule-" + getNameForDNatRule(tenantName, identifier); + } + + private String getNameForDNatPolicy(String tenantName, String identifier) { + return "DNAT-" + tenantName + "-" + identifier; + } + + private String getDnForDNatPolicy(String tenantName, String identifier) { + return getDnForTenantVDC(tenantName) + "/natpol-" + getNameForDNatPolicy(tenantName, identifier); + } + + private String getDnForDNatPolicyRef(String tenantName, String identifier) { + return getDnForNatPolicySet(tenantName) + "/polref-" + getNameForDNatPolicy(tenantName, identifier); + } + + @Override + public boolean createTenantVDCDNatRule(String tenantName, + String identifier, String policyIdentifier, String publicIp) + throws ExecutionException { + String xml = VnmcXml.CREATE_DNAT_RULE.getXml(); + String service = VnmcXml.CREATE_DNAT_RULE.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "natruledn", getDnForDNatRule(tenantName, identifier, policyIdentifier)); + xml = replaceXmlValue(xml, "natrulename", getNameForDNatRule(tenantName, identifier)); + xml = replaceXmlValue(xml, "descr", "DNAT rule for Tenant VDC " + tenantName); + xml = replaceXmlValue(xml, "ippoolname", getNameForDNatIpPool(tenantName, policyIdentifier + "-" + identifier)); + xml = replaceXmlValue(xml, "ip", publicIp); + + List rules = listChildren(getDnForDNatPolicy(tenantName, policyIdentifier)); + int order = 100; + if (rules != null) { + order += rules.size(); + } + xml = replaceXmlValue(xml, "order", Integer.toString(order)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean deleteTenantVDCDNatRule(String tenantName, + String identifier, String policyIdentifier) + throws ExecutionException { + return deleteTenantVDCRule( + getDnForDNatRule(tenantName, identifier, policyIdentifier), + getNameForDNatRule(tenantName, identifier)); + } + + @Override + public boolean createTenantVDCAclRuleForDNat(String tenantName, + String identifier, String policyIdentifier, String ipAddress) + throws ExecutionException { + String xml = VnmcXml.CREATE_ACL_RULE_FOR_DNAT.getXml(); + String service = VnmcXml.CREATE_ACL_RULE_FOR_DNAT.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "aclruledn", getDnForAclRule(tenantName, identifier, policyIdentifier)); + xml = replaceXmlValue(xml, "aclrulename", getNameForAclRule(tenantName, identifier)); + xml = replaceXmlValue(xml, "descr", "ACL rule for Tenant VDC " + tenantName); + xml = replaceXmlValue(xml, "actiontype", "permit"); + xml = replaceXmlValue(xml, "ip", ipAddress); + + List rules = listChildren(getDnForAclPolicy(tenantName, policyIdentifier)); + int order = 100; + if (rules != null) { + order += rules.size(); + } + xml = replaceXmlValue(xml, "order", Integer.toString(order)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean createTenantVDCDNatPolicyRef(String tenantName, + String identifier) throws ExecutionException { + return createTenantVDCNatPolicyRef( + getDnForDNatPolicyRef(tenantName, identifier), + getNameForDNatPolicy(tenantName, identifier), + tenantName); + } + + @Override + public boolean createTenantVDCDNatPolicy(String tenantName, + String identifier) throws ExecutionException { + return createTenantVDCNatPolicy( + getDnForDNatPolicy(tenantName, identifier), + getNameForDNatPolicy(tenantName, identifier)); + } + + @Override + public boolean deleteTenantVDCDNatPolicy(String tenantName, + String identifier) throws ExecutionException { + return deleteTenantVDCNatPolicy( + getDnForDNatPolicy(tenantName, identifier), + getNameForDNatPolicy(tenantName, identifier)); + } + + private String getNameForEdgeFirewall(String tenantName) { + return "ASA-1000v-" + tenantName; + } + + private String getDnForEdgeFirewall(String tenantName) { + return getDnForTenantVDC(tenantName) + "/efw-" + getNameForEdgeFirewall(tenantName); + } + + private String getNameForEdgeInsideIntf(String tenantName) { + return "Edge_Inside"; //TODO: make this configurable + } + + private String getNameForEdgeOutsideIntf(String tenantName) { + return "Edge_Outside"; //TODO: make this configurable + } + + private String getDnForOutsideIntf(String tenantName) { + return getDnForEdgeFirewall(tenantName) + "/interface-" + getNameForEdgeOutsideIntf(tenantName); + } + + private String getDnForInsideIntf(String tenantName) { + return getDnForEdgeFirewall(tenantName) + "/interface-" + getNameForEdgeInsideIntf(tenantName); + } + + @Override + public boolean createEdgeFirewall(String tenantName, String publicIp, String insideIp, + String publicSubnet, String insideSubnet) throws ExecutionException { + String xml = VnmcXml.CREATE_EDGE_FIREWALL.getXml(); + String service = VnmcXml.CREATE_EDGE_FIREWALL.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "edgefwdescr", "Edge Firewall for Tenant VDC " + tenantName); + xml = replaceXmlValue(xml, "edgefwname", getNameForEdgeFirewall(tenantName)); + xml = replaceXmlValue(xml, "edgefwdn", getDnForEdgeFirewall(tenantName)); + xml = replaceXmlValue(xml, "insideintfname", getNameForEdgeInsideIntf(tenantName)); + xml = replaceXmlValue(xml, "outsideintfname", getNameForEdgeOutsideIntf(tenantName)); + + xml = replaceXmlValue(xml, "insideintfdn", getDnForInsideIntf(tenantName)); + xml = replaceXmlValue(xml, "outsideintfdn", getDnForOutsideIntf(tenantName)); + + xml = replaceXmlValue(xml, "deviceserviceprofiledn", getDnForEdgeFirewall(tenantName) + "/device-service-profile"); + xml = replaceXmlValue(xml, "outsideintfsp", getDnForOutsideIntf(tenantName) + "/interface-service-profile"); + + xml = replaceXmlValue(xml, "secprofileref", getNameForEdgeDeviceSecurityProfile(tenantName)); + xml = replaceXmlValue(xml, "deviceserviceprofile", getNameForEdgeDeviceServiceProfile(tenantName)); + + xml = replaceXmlValue(xml, "insideip", insideIp); + xml = replaceXmlValue(xml, "publicip", publicIp); + xml = replaceXmlValue(xml, "insidesubnet", insideSubnet); + xml = replaceXmlValue(xml, "outsidesubnet", publicSubnet); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean deleteEdgeFirewall(String tenantName) throws ExecutionException { + String xml = VnmcXml.DELETE_EDGE_FIREWALL.getXml(); + String service = VnmcXml.DELETE_EDGE_FIREWALL.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "edgefwname", getNameForEdgeFirewall(tenantName)); + xml = replaceXmlValue(xml, "edgefwdn", getDnForEdgeFirewall(tenantName)); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public Map listUnAssocAsa1000v() throws ExecutionException { + String xml = VnmcXml.LIST_UNASSOC_ASA1000V.getXml(); + String service = VnmcXml.LIST_UNASSOC_ASA1000V.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + + String response = sendRequest(service, xml); + + Map result = new HashMap(); + Document xmlDoc = getDocument(response); + xmlDoc.normalize(); + NodeList fwList = xmlDoc.getElementsByTagName("fwInstance"); + for (int j=0; j < fwList.getLength(); j++) { + Node fwNode = fwList.item(j); + result.put(fwNode.getAttributes().getNamedItem("mgmtIp").getNodeValue(), + fwNode.getAttributes().getNamedItem("dn").getNodeValue()); + } + + return result; + } + + @Override + public boolean assignAsa1000v(String tenantName, String firewallDn) throws ExecutionException { + String xml = VnmcXml.ASSIGN_ASA1000V.getXml(); + String service = VnmcXml.ASSIGN_ASA1000V.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "binddn", getDnForEdgeFirewall(tenantName) + "/binding"); + xml = replaceXmlValue(xml, "fwdn", firewallDn); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + @Override + public boolean unassignAsa1000v(String tenantName, String firewallDn) throws ExecutionException { + String xml = VnmcXml.UNASSIGN_ASA1000V.getXml(); + String service = VnmcXml.UNASSIGN_ASA1000V.getService(); + xml = replaceXmlValue(xml, "cookie", _cookie); + xml = replaceXmlValue(xml, "binddn", getDnForEdgeFirewall(tenantName) + "/binding"); + xml = replaceXmlValue(xml, "fwdn", firewallDn); + + String response = sendRequest(service, xml); + return verifySuccess(response); + } + + private String sendRequest(String service, String xmlRequest) throws ExecutionException { + org.apache.commons.httpclient.protocol.Protocol myhttps = + new org.apache.commons.httpclient.protocol.Protocol("https", new EasySSLProtocolSocketFactory(), 443); + HttpClient client = new HttpClient(); + client.getHostConfiguration().setHost(_ip, 443, myhttps); + byte[] response = null; + PostMethod method = new PostMethod("/xmlIM/" + service); + + method.setRequestBody(xmlRequest); + + try{ + int statusCode = client.executeMethod(method); + + if (statusCode != HttpStatus.SC_OK) { + throw new Exception("Error code : " + statusCode); + } + response = method.getResponseBody(); + }catch(Exception e){ + System.out.println(e.getMessage()); + throw new ExecutionException(e.getMessage()); + } + System.out.println(new String(response)); + return new String(response); + } + + private Map checkResponse(String xmlResponse, String... keys) throws ExecutionException { + Document xmlDoc = getDocument(xmlResponse); + Map result = new HashMap(); + Node topElement = xmlDoc.getChildNodes().item(0); + if (topElement != null) { + for (String key: keys){ + Node valueNode = topElement.getAttributes().getNamedItem(key); + result.put(key, valueNode==null?null:valueNode.getNodeValue()); + } + } + return result; + } + + private boolean verifySuccess(String xmlResponse) throws ExecutionException { + Map checked = checkResponse(xmlResponse, "errorCode", "errorDescr"); + + if (checked.get("errorCode") != null) { + String errorCode = checked.get("errorCode"); + if (errorCode.equals("103")) { + //tenant already exists + return true; + } + String errorDescr = checked.get("errorDescr"); + throw new ExecutionException(errorDescr); + } + return true; + } + + /* + * XML utils + */ + + private Document getDocument(String xml) throws ExecutionException { + StringReader xmlReader = new StringReader(" \n" + xml.trim()); + InputSource xmlSource = new InputSource(xmlReader); + Document doc = null; + + try { + doc = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(xmlSource); + + } catch (Exception e) { + s_logger.error(e); + throw new ExecutionException(e.getMessage()); + } + + if (doc == null) { + throw new ExecutionException("Failed to parse xml " + xml); + } else { + return doc; + } + } + + private String replaceXmlTag(String xml, String oldTag, String newTag) { + return xml.replaceAll(oldTag, newTag); + } + + private String replaceXmlValue(String xml, String marker, String value) { + marker = "\\s*%" + marker + "%\\s*"; + + if (value == null) { + value = ""; + } + + return xml.replaceAll(marker, value); + } + + private String extractXml(String xml, String marker) { + String startMarker = "<" + marker + ">"; + String endMarker = ""; + if (xml.contains(startMarker) && xml.contains(endMarker)) { + return xml.substring(xml.indexOf(startMarker) + startMarker.length(), xml.indexOf(endMarker)); + } else { + return null; + } + + } + +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcController.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcController.java new file mode 100644 index 00000000000..e756165bdaa --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcController.java @@ -0,0 +1,40 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.cisco; + +import org.apache.cloudstack.api.Identity; +import org.apache.cloudstack.api.InternalIdentity; + +import com.cloud.org.Grouping; + +public interface CiscoVnmcController extends Grouping, InternalIdentity, Identity { + + long getId(); + + String getUuid(); + + void setUuid(String uuid); + + long getPhysicalNetworkId(); + + long getHostId(); + + String getProviderName(); + + String getDeviceName(); + +} \ No newline at end of file diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcControllerVO.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcControllerVO.java new file mode 100644 index 00000000000..4207f1dac4c --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcControllerVO.java @@ -0,0 +1,102 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.cisco; + +import java.util.UUID; + +import javax.persistence.Column; +import javax.persistence.Entity; +import javax.persistence.GeneratedValue; +import javax.persistence.GenerationType; +import javax.persistence.Id; +import javax.persistence.Table; + +@Entity +@Table(name="external_cisco_vnmc_devices") +public class CiscoVnmcControllerVO implements CiscoVnmcController { + + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name="id") + private long id; + + @Column(name="uuid") + private String uuid; + + @Column(name="host_id") + private long hostId; + + @Column(name="physical_network_id") + private long physicalNetworkId; + + @Column(name="provider_name") + private String providerName; + + @Column(name="device_name") + private String deviceName; + + + public CiscoVnmcControllerVO() { + this.uuid = UUID.randomUUID().toString(); + } + + public CiscoVnmcControllerVO(long hostId, long physicalNetworkId, + String providerName, String deviceName) { + super(); + this.hostId = hostId; + this.physicalNetworkId = physicalNetworkId; + this.providerName = providerName; + this.deviceName = deviceName; + this.uuid = UUID.randomUUID().toString(); + } + + @Override + public long getId() { + return id; + } + + @Override + public String getUuid() { + return uuid; + } + + @Override + public void setUuid(String uuid) { + this.uuid = uuid; + } + + @Override + public long getPhysicalNetworkId() { + return physicalNetworkId; + } + + @Override + public long getHostId() { + return hostId; + } + + @Override + public String getProviderName() { + return providerName; + } + + @Override + public String getDeviceName() { + return deviceName; + } + +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/NetworkAsa1000vMap.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/NetworkAsa1000vMap.java new file mode 100755 index 00000000000..2e004dccd41 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/NetworkAsa1000vMap.java @@ -0,0 +1,31 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.cisco; + +import org.apache.cloudstack.api.InternalIdentity; + +import com.cloud.org.Grouping; + +public interface NetworkAsa1000vMap extends Grouping, InternalIdentity { + + long getId(); + + long getNetworkId(); + + long getAsa1000vId(); + +} \ No newline at end of file diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/NetworkAsa1000vMapVO.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/NetworkAsa1000vMapVO.java new file mode 100755 index 00000000000..9638b6f8ae2 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/NetworkAsa1000vMapVO.java @@ -0,0 +1,73 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.cisco; + +import javax.persistence.Column; +import javax.persistence.Entity; +import javax.persistence.GeneratedValue; +import javax.persistence.GenerationType; +import javax.persistence.Id; +import javax.persistence.Table; + +@Entity +@Table(name="network_asa1000v_map") +public class NetworkAsa1000vMapVO implements NetworkAsa1000vMap { + + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + @Column(name="id") + private long id; + + @Column(name="network_id") + private long networkId; + + @Column(name="asa1000v_id") + private long asa1000vId; + + public NetworkAsa1000vMapVO() { + } + + public NetworkAsa1000vMapVO(long networkId, long asa1000vId) { + super(); + this.networkId = networkId; + this.asa1000vId = asa1000vId; + } + + @Override + public long getId() { + return id; + } + + @Override + public long getAsa1000vId() { + return asa1000vId; + } + + public void setAsa1000vId(long asa1000vId) { + this.asa1000vId = asa1000vId; + } + + @Override + public long getNetworkId() { + return networkId; + } + + public void setNetworkId(long networkId) { + this.networkId = networkId; + } + +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/dao/CiscoAsa1000vDao.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/dao/CiscoAsa1000vDao.java new file mode 100755 index 00000000000..1a380b13691 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/dao/CiscoAsa1000vDao.java @@ -0,0 +1,33 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.dao; + +import java.util.List; + +import com.cloud.network.cisco.CiscoAsa1000vDeviceVO; +import com.cloud.utils.db.GenericDao; + +public interface CiscoAsa1000vDao extends GenericDao{ + /** + * list all the Cisco Asa 1000v devices added in to this physical network + * @param physicalNetworkId physical Network Id + * @return list of CiscoAsa1000vDeviceVO for this physical network. + */ + List listByPhysicalNetwork(long physicalNetworkId); + + CiscoAsa1000vDeviceVO findByManagementIp(String managementIp); +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/dao/CiscoAsa1000vDaoImpl.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/dao/CiscoAsa1000vDaoImpl.java new file mode 100755 index 00000000000..a5820dea48b --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/dao/CiscoAsa1000vDaoImpl.java @@ -0,0 +1,63 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.dao; + +import java.util.List; + +import javax.ejb.Local; + +import org.springframework.stereotype.Component; + +import com.cloud.network.cisco.CiscoAsa1000vDeviceVO; +import com.cloud.utils.db.GenericDaoBase; +import com.cloud.utils.db.SearchBuilder; +import com.cloud.utils.db.SearchCriteria; +import com.cloud.utils.db.SearchCriteria.Op; + +@Component +@Local(value=CiscoAsa1000vDao.class) +public class CiscoAsa1000vDaoImpl extends GenericDaoBase + implements CiscoAsa1000vDao { + + protected final SearchBuilder physicalNetworkIdSearch; + protected final SearchBuilder managementIpSearch; + + public CiscoAsa1000vDaoImpl() { + physicalNetworkIdSearch = createSearchBuilder(); + physicalNetworkIdSearch.and("physicalNetworkId", physicalNetworkIdSearch.entity().getPhysicalNetworkId(), Op.EQ); + physicalNetworkIdSearch.done(); + + managementIpSearch = createSearchBuilder(); + managementIpSearch.and("managementIp", managementIpSearch.entity().getManagementIp(), Op.EQ); + managementIpSearch.done(); + } + + @Override + public List listByPhysicalNetwork(long physicalNetworkId) { + SearchCriteria sc = physicalNetworkIdSearch.create(); + sc.setParameters("physicalNetworkId", physicalNetworkId); + return search(sc, null); + } + + @Override + public CiscoAsa1000vDeviceVO findByManagementIp(String managementIp) { + SearchCriteria sc = managementIpSearch.create(); + sc.setParameters("managementIp", managementIp); + return findOneBy(sc); + } + +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/dao/CiscoVnmcDao.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/dao/CiscoVnmcDao.java new file mode 100644 index 00000000000..f0b394834a0 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/dao/CiscoVnmcDao.java @@ -0,0 +1,32 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.dao; + +import java.util.List; + +import com.cloud.network.cisco.CiscoVnmcControllerVO; +import com.cloud.utils.db.GenericDao; + +public interface CiscoVnmcDao extends GenericDao{ + /** + * list all the Cisco VNMC devices added in to this physical network + * @param physicalNetworkId physical Network Id + * @return list of CiscoVnmcDeviceVO for this physical network. + */ + List listByPhysicalNetwork(long physicalNetworkId); + +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/dao/CiscoVnmcDaoImpl.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/dao/CiscoVnmcDaoImpl.java new file mode 100644 index 00000000000..89518104851 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/dao/CiscoVnmcDaoImpl.java @@ -0,0 +1,51 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.dao; + +import java.util.List; + +import javax.ejb.Local; + +import org.springframework.stereotype.Component; + +import com.cloud.network.cisco.CiscoVnmcControllerVO; +import com.cloud.utils.db.GenericDaoBase; +import com.cloud.utils.db.SearchBuilder; +import com.cloud.utils.db.SearchCriteria; +import com.cloud.utils.db.SearchCriteria.Op; + +@Component +@Local(value=CiscoVnmcDao.class) +public class CiscoVnmcDaoImpl extends GenericDaoBase + implements CiscoVnmcDao { + + protected final SearchBuilder physicalNetworkIdSearch; + + public CiscoVnmcDaoImpl() { + physicalNetworkIdSearch = createSearchBuilder(); + physicalNetworkIdSearch.and("physicalNetworkId", physicalNetworkIdSearch.entity().getPhysicalNetworkId(), Op.EQ); + physicalNetworkIdSearch.done(); + } + + @Override + public List listByPhysicalNetwork(long physicalNetworkId) { + SearchCriteria sc = physicalNetworkIdSearch.create(); + sc.setParameters("physicalNetworkId", physicalNetworkId); + return search(sc, null); + } + +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/dao/NetworkAsa1000vMapDao.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/dao/NetworkAsa1000vMapDao.java new file mode 100755 index 00000000000..053f4afef54 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/dao/NetworkAsa1000vMapDao.java @@ -0,0 +1,28 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.dao; + +import com.cloud.network.cisco.NetworkAsa1000vMapVO; +import com.cloud.utils.db.GenericDao; + +public interface NetworkAsa1000vMapDao extends GenericDao{ + + NetworkAsa1000vMapVO findByNetworkId(long networkId); + + NetworkAsa1000vMapVO findByAsa1000vId(long asa1000vId); + +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/dao/NetworkAsa1000vMapDaoImpl.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/dao/NetworkAsa1000vMapDaoImpl.java new file mode 100755 index 00000000000..692b3d6fda6 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/dao/NetworkAsa1000vMapDaoImpl.java @@ -0,0 +1,61 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.dao; + +import javax.ejb.Local; + +import org.springframework.stereotype.Component; + +import com.cloud.network.cisco.NetworkAsa1000vMapVO; +import com.cloud.utils.db.GenericDaoBase; +import com.cloud.utils.db.SearchBuilder; +import com.cloud.utils.db.SearchCriteria; +import com.cloud.utils.db.SearchCriteria.Op; + +@Component +@Local(value=NetworkAsa1000vMapDao.class) +public class NetworkAsa1000vMapDaoImpl extends GenericDaoBase + implements NetworkAsa1000vMapDao { + + protected final SearchBuilder networkSearch; + protected final SearchBuilder asa1000vSearch; + + public NetworkAsa1000vMapDaoImpl() { + networkSearch = createSearchBuilder(); + networkSearch.and("networkId", networkSearch.entity().getNetworkId(), Op.EQ); + networkSearch.done(); + + asa1000vSearch = createSearchBuilder(); + asa1000vSearch.and("asa1000vId", asa1000vSearch.entity().getAsa1000vId(), Op.EQ); + asa1000vSearch.done(); + } + + @Override + public NetworkAsa1000vMapVO findByNetworkId(long networkId) { + SearchCriteria sc = networkSearch.create(); + sc.setParameters("networkId", networkId); + return findOneBy(sc); + } + + @Override + public NetworkAsa1000vMapVO findByAsa1000vId(long asa1000vId) { + SearchCriteria sc = asa1000vSearch.create(); + sc.setParameters("asa1000vId", asa1000vId); + return findOneBy(sc); + } + +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoAsa1000vService.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoAsa1000vService.java new file mode 100755 index 00000000000..dff9288b0ff --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoAsa1000vService.java @@ -0,0 +1,43 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.element; + +import java.util.List; + +import com.cloud.api.commands.AddCiscoAsa1000vResourceCmd; +import com.cloud.api.commands.DeleteCiscoAsa1000vResourceCmd; +import com.cloud.api.commands.ListCiscoAsa1000vResourcesCmd; +import com.cloud.api.response.CiscoAsa1000vResourceResponse; +import com.cloud.network.Network; +import com.cloud.network.cisco.CiscoAsa1000vDevice; +import com.cloud.network.cisco.CiscoAsa1000vDeviceVO; +import com.cloud.utils.component.PluggableService; + +public interface CiscoAsa1000vService extends PluggableService { + + public CiscoAsa1000vDevice addCiscoAsa1000vResource(AddCiscoAsa1000vResourceCmd cmd); + + public CiscoAsa1000vResourceResponse createCiscoAsa1000vResourceResponse( + CiscoAsa1000vDevice ciscoAsa1000vDeviceVO); + + boolean deleteCiscoAsa1000vResource(DeleteCiscoAsa1000vResourceCmd cmd); + + List listCiscoAsa1000vResources(ListCiscoAsa1000vResourcesCmd cmd); + + CiscoAsa1000vDevice assignAsa1000vToNetwork(Network network); + +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java new file mode 100644 index 00000000000..443bb40f57f --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java @@ -0,0 +1,928 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +package com.cloud.network.element; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Set; +import java.util.UUID; + +import javax.ejb.Local; +import javax.inject.Inject; +import javax.naming.ConfigurationException; + +import org.apache.cloudstack.network.ExternalNetworkDeviceManager.NetworkDevice; +import org.apache.log4j.Logger; + +import com.cloud.agent.AgentManager; +import com.cloud.agent.api.Answer; +import com.cloud.agent.api.AssociateAsaWithLogicalEdgeFirewallCommand; +import com.cloud.agent.api.CleanupLogicalEdgeFirewallCommand; +import com.cloud.agent.api.ConfigureNexusVsmForAsaCommand; +import com.cloud.agent.api.CreateLogicalEdgeFirewallCommand; +import com.cloud.agent.api.StartupCommand; +import com.cloud.agent.api.StartupExternalFirewallCommand; +import com.cloud.agent.api.routing.NetworkElementCommand; +import com.cloud.agent.api.routing.SetFirewallRulesCommand; +import com.cloud.agent.api.routing.SetPortForwardingRulesCommand; +import com.cloud.agent.api.routing.SetSourceNatCommand; +import com.cloud.agent.api.routing.SetStaticNatRulesCommand; +import com.cloud.agent.api.to.FirewallRuleTO; +import com.cloud.agent.api.to.IpAddressTO; +import com.cloud.agent.api.to.PortForwardingRuleTO; +import com.cloud.agent.api.to.StaticNatRuleTO; +import com.cloud.api.commands.AddCiscoAsa1000vResourceCmd; +import com.cloud.api.commands.AddCiscoVnmcResourceCmd; +import com.cloud.api.commands.DeleteCiscoAsa1000vResourceCmd; +import com.cloud.api.commands.DeleteCiscoVnmcResourceCmd; +import com.cloud.api.commands.ListCiscoAsa1000vResourcesCmd; +import com.cloud.api.commands.ListCiscoVnmcResourcesCmd; +import com.cloud.api.response.CiscoAsa1000vResourceResponse; +import com.cloud.api.response.CiscoVnmcResourceResponse; +import com.cloud.configuration.ConfigurationManager; +import com.cloud.dc.ClusterVO; +import com.cloud.dc.ClusterVSMMapVO; +import com.cloud.dc.DataCenter; +import com.cloud.dc.Vlan; +import com.cloud.dc.DataCenter.NetworkType; +import com.cloud.dc.VlanVO; +import com.cloud.dc.dao.ClusterDao; +import com.cloud.dc.dao.ClusterVSMMapDao; +import com.cloud.dc.dao.VlanDao; +import com.cloud.deploy.DeployDestination; +import com.cloud.exception.ConcurrentOperationException; +import com.cloud.exception.InsufficientCapacityException; +import com.cloud.exception.InvalidParameterValueException; +import com.cloud.exception.ResourceUnavailableException; +import com.cloud.host.DetailVO; +import com.cloud.host.Host; +import com.cloud.host.HostVO; +import com.cloud.host.dao.HostDao; +import com.cloud.host.dao.HostDetailsDao; +import com.cloud.network.CiscoNexusVSMDeviceVO; +import com.cloud.network.IpAddress; +import com.cloud.network.Network; +import com.cloud.network.NetworkManager; +import com.cloud.network.NetworkModel; +import com.cloud.network.PhysicalNetworkServiceProvider; +import com.cloud.network.dao.PhysicalNetworkVO; +import com.cloud.network.Network.Capability; +import com.cloud.network.Network.Provider; +import com.cloud.network.Network.Service; +import com.cloud.network.Networks.BroadcastDomainType; +import com.cloud.network.PublicIpAddress; +import com.cloud.network.addr.PublicIp; +import com.cloud.network.cisco.CiscoAsa1000vDevice; +import com.cloud.network.cisco.CiscoAsa1000vDeviceVO; +import com.cloud.network.cisco.CiscoVnmcController; +import com.cloud.network.cisco.CiscoVnmcControllerVO; +import com.cloud.network.cisco.NetworkAsa1000vMapVO; +import com.cloud.network.dao.CiscoAsa1000vDao; +import com.cloud.network.dao.CiscoNexusVSMDeviceDao; +import com.cloud.network.dao.CiscoVnmcDao; +import com.cloud.network.dao.NetworkAsa1000vMapDao; +import com.cloud.network.dao.NetworkDao; +import com.cloud.network.dao.PhysicalNetworkDao; +import com.cloud.network.dao.PhysicalNetworkServiceProviderDao; +import com.cloud.network.dao.PhysicalNetworkServiceProviderVO; +import com.cloud.network.resource.CiscoVnmcResource; +import com.cloud.network.rules.FirewallRule; +import com.cloud.network.rules.PortForwardingRule; +import com.cloud.network.rules.StaticNat; +import com.cloud.offering.NetworkOffering; +import com.cloud.resource.ResourceManager; +import com.cloud.resource.ResourceState; +import com.cloud.resource.ResourceStateAdapter; +import com.cloud.resource.ServerResource; +import com.cloud.resource.UnableDeleteHostException; +import com.cloud.user.Account; +import com.cloud.utils.component.AdapterBase; +import com.cloud.utils.db.Transaction; +import com.cloud.utils.exception.CloudRuntimeException; +import com.cloud.utils.net.NetUtils; +import com.cloud.vm.NicProfile; +import com.cloud.vm.ReservationContext; +import com.cloud.vm.VirtualMachine; +import com.cloud.vm.VirtualMachine.Type; +import com.cloud.vm.VirtualMachineProfile; + +@Local(value = NetworkElement.class) +public class CiscoVnmcElement extends AdapterBase implements SourceNatServiceProvider, FirewallServiceProvider, + PortForwardingServiceProvider, IpDeployer, StaticNatServiceProvider, ResourceStateAdapter, NetworkElement, + CiscoVnmcElementService, CiscoAsa1000vService { + private static final Logger s_logger = Logger.getLogger(CiscoVnmcElement.class); + private static final Map> capabilities = setCapabilities(); + + @Inject + AgentManager _agentMgr; + @Inject + ResourceManager _resourceMgr; + @Inject + ConfigurationManager _configMgr; + @Inject + NetworkManager _networkMgr; + @Inject + NetworkModel _networkModel; + + @Inject + PhysicalNetworkDao _physicalNetworkDao; + @Inject + PhysicalNetworkServiceProviderDao _physicalNetworkServiceProviderDao; + @Inject + HostDetailsDao _hostDetailsDao; + @Inject + HostDao _hostDao; + @Inject + NetworkDao _networkDao; + @Inject + ClusterDao _clusterDao; + @Inject + VlanDao _vlanDao; + @Inject + ClusterVSMMapDao _clusterVsmMapDao; + @Inject + CiscoNexusVSMDeviceDao _vsmDeviceDao; + @Inject + CiscoVnmcDao _ciscoVnmcDao; + @Inject + CiscoAsa1000vDao _ciscoAsa1000vDao; + @Inject + NetworkAsa1000vMapDao _networkAsa1000vMapDao; + + protected boolean canHandle(Network network) { + if (network.getBroadcastDomainType() != BroadcastDomainType.Vlan) { + return false; //TODO: should handle VxLAN as well + } + + return true; + } + + @Override + public boolean configure(String name, Map params) + throws ConfigurationException { + super.configure(name, params); + _resourceMgr.registerResourceStateAdapter(this.getClass().getSimpleName(), this); + return true; + } + + private static Map> setCapabilities() { + Map> capabilities = new HashMap>(); + capabilities.put(Service.Gateway, null); + + Map firewallCapabilities = new HashMap(); + firewallCapabilities.put(Capability.TrafficStatistics, "per public ip"); + firewallCapabilities.put(Capability.SupportedTrafficDirection, "ingress,egress"); + firewallCapabilities.put(Capability.SupportedProtocols, "tcp,udp,icmp"); + firewallCapabilities.put(Capability.SupportedEgressProtocols, "tcp,udp,icmp"); + firewallCapabilities.put(Capability.MultipleIps, "true"); + capabilities.put(Service.Firewall, firewallCapabilities); + + capabilities.put(Service.StaticNat, null); + capabilities.put(Service.PortForwarding, null); + + Map sourceNatCapabilities = new HashMap(); + sourceNatCapabilities.put(Capability.SupportedSourceNatTypes, "peraccount"); + sourceNatCapabilities.put(Capability.RedundantRouter, "false"); //TODO: + capabilities.put(Service.SourceNat, sourceNatCapabilities); + return capabilities; + } + + @Override + public Map> getCapabilities() { + return capabilities; + } + + @Override + public Provider getProvider() { + return Provider.CiscoVnmc; + } + + private boolean createLogicalEdgeFirewall(long vlanId, + String gateway, String gatewayNetmask, + String publicIp, String publicNetmask, + List publicGateways, long hostId) { + CreateLogicalEdgeFirewallCommand cmd = new CreateLogicalEdgeFirewallCommand(vlanId, publicIp, gateway, publicNetmask, gatewayNetmask); + for (String publicGateway : publicGateways) { + cmd.getPublicGateways().add(publicGateway); + } + Answer answer = _agentMgr.easySend(hostId, cmd); + return answer.getResult(); + } + + private boolean configureNexusVsmForAsa(long vlanId, String gateway, + String vsmUsername, String vsmPassword, String vsmIp, + String asaInPortProfile, long hostId) { + ConfigureNexusVsmForAsaCommand cmd = new ConfigureNexusVsmForAsaCommand(vlanId, gateway, vsmUsername, vsmPassword, vsmIp, asaInPortProfile); + Answer answer = _agentMgr.easySend(hostId, cmd); + return answer.getResult(); + } + + private boolean configureSourceNat(long vlanId, String guestCidr, + PublicIp sourceNatIp, long hostId) { + boolean add = (sourceNatIp.getState() == IpAddress.State.Releasing ? false : true); + IpAddressTO ip = new IpAddressTO(sourceNatIp.getAccountId(), sourceNatIp.getAddress().addr(), add, false, + sourceNatIp.isSourceNat(), sourceNatIp.getVlanTag(), sourceNatIp.getGateway(), sourceNatIp.getNetmask(), sourceNatIp.getMacAddress(), + null, sourceNatIp.isOneToOneNat()); + boolean addSourceNat = false; + if (sourceNatIp.isSourceNat()) { + addSourceNat = add; + } + + SetSourceNatCommand cmd = new SetSourceNatCommand(ip, addSourceNat); + cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, Long.toString(vlanId)); + cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, guestCidr); + Answer answer = _agentMgr.easySend(hostId, cmd); + return answer.getResult(); + } + + private boolean associateAsaWithLogicalEdgeFirewall(long vlanId, + String asaMgmtIp, long hostId) { + AssociateAsaWithLogicalEdgeFirewallCommand cmd = + new AssociateAsaWithLogicalEdgeFirewallCommand(vlanId, asaMgmtIp); + Answer answer = _agentMgr.easySend(hostId, cmd); + return answer.getResult(); + } + + @Override + public boolean implement(Network network, NetworkOffering offering, + DeployDestination dest, ReservationContext context) + throws ConcurrentOperationException, ResourceUnavailableException, + InsufficientCapacityException { + DataCenter zone = _configMgr.getZone(network.getDataCenterId()); + + if (zone.getNetworkType() == NetworkType.Basic) { + s_logger.debug("Not handling network implement in zone of type " + NetworkType.Basic); + return false; + } + + if (!canHandle(network)) { + return false; + } + + List devices = _ciscoVnmcDao.listByPhysicalNetwork(network.getPhysicalNetworkId()); + if (devices.isEmpty()) { + s_logger.error("No Cisco Vnmc device on network " + network.getName()); + return false; + } + + List asaList = _ciscoAsa1000vDao.listByPhysicalNetwork(network.getPhysicalNetworkId()); + if (asaList.isEmpty()) { + s_logger.debug("No Cisco ASA 1000v device on network " + network.getName()); + return false; + } + + NetworkAsa1000vMapVO asaForNetwork = _networkAsa1000vMapDao.findByNetworkId(network.getId()); + if (asaForNetwork != null) { + s_logger.debug("Cisco ASA 1000v device already associated with network " + network.getName()); + return true; + } + + if (!_networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.SourceNat, Provider.CiscoVnmc)) { + s_logger.error("SourceNat service is not provided by Cisco Vnmc device on network " + network.getName()); + return false; + } + + Transaction txn = Transaction.currentTxn(); + boolean status = false; + try { + txn.start(); + + // ensure that there is an ASA 1000v assigned to this network + CiscoAsa1000vDevice assignedAsa = assignAsa1000vToNetwork(network); + if (assignedAsa == null) { + s_logger.error("Unable to assign ASA 1000v device to network " + network.getName()); + return false; + } + + ClusterVO asaCluster = _clusterDao.findById(assignedAsa.getClusterId()); + ClusterVSMMapVO clusterVsmMap = _clusterVsmMapDao.findByClusterId(assignedAsa.getClusterId()); + if (clusterVsmMap == null) { + s_logger.error("Vmware cluster " + asaCluster.getName() + " has no Cisco Nexus VSM device associated with it"); + return false; + } + + CiscoNexusVSMDeviceVO vsmDevice = _vsmDeviceDao.findById(clusterVsmMap.getVsmId()); + if (vsmDevice == null) { + s_logger.error("Unable to load details of Cisco Nexus VSM device associated with cluster " + asaCluster.getName()); + return false; + } + + CiscoVnmcControllerVO ciscoVnmcDevice = devices.get(0); + HostVO ciscoVnmcHost = _hostDao.findById(ciscoVnmcDevice.getHostId()); + _hostDao.loadDetails(ciscoVnmcHost); + Account owner = context.getAccount(); + PublicIp sourceNatIp = _networkMgr.assignSourceNatIpAddressToGuestNetwork(owner, network); + String vlan = network.getBroadcastUri().getHost(); + long vlanId = Long.parseLong(vlan); + + List vlanVOList = _vlanDao.listVlansByPhysicalNetworkId(network.getPhysicalNetworkId()); + List publicGateways = new ArrayList(); + for (VlanVO vlanVO : vlanVOList) { + publicGateways.add(vlanVO.getVlanGateway()); + } + + // create logical edge firewall in VNMC + String gatewayNetmask = NetUtils.getCidrNetmask(network.getCidr()); + if (!createLogicalEdgeFirewall(vlanId, network.getGateway(), gatewayNetmask, + sourceNatIp.getAddress().addr(), sourceNatIp.getNetmask(), publicGateways, ciscoVnmcHost.getId())) { + s_logger.error("Failed to create logical edge firewall in Cisco VNMC device for network " + network.getName()); + return false; + } + + // create stuff in VSM for ASA device + if (!configureNexusVsmForAsa(vlanId, network.getGateway(), + vsmDevice.getUserName(), vsmDevice.getPassword(), vsmDevice.getipaddr(), + assignedAsa.getInPortProfile(), ciscoVnmcHost.getId())) { + s_logger.error("Failed to configure Cisco Nexus VSM " + vsmDevice.getipaddr() + + " for ASA device for network " + network.getName()); + return false; + } + + // configure source NAT + //if (!configureSourceNat(vlanId, network.getCidr(), sourceNatIp, ciscoVnmcHost.getId())) { + // s_logger.error("Failed to configure source NAT in Cisco VNMC device for network " + network.getName()); + // return false; + //} + + // associate Asa 1000v instance with logical edge firewall + if (!associateAsaWithLogicalEdgeFirewall(vlanId, assignedAsa.getManagementIp(), ciscoVnmcHost.getId())) { + s_logger.error("Failed to associate Cisco ASA 1000v (" + assignedAsa.getManagementIp() + + ") with logical edge firewall in VNMC for network " + network.getName()); + return false; + } + + status = true; + txn.commit(); + } finally { + if (!status) { + txn.rollback(); + //FIXME: also undo changes in VNMC, VSM if anything failed + } + } + + return true; + } + + @Override + public boolean prepare(Network network, NicProfile nic, + VirtualMachineProfile vm, + DeployDestination dest, ReservationContext context) + throws ConcurrentOperationException, ResourceUnavailableException, + InsufficientCapacityException { + if (vm.getType() != Type.User) { + return false; + } + + // ensure that there is an ASA 1000v assigned to this network + NetworkAsa1000vMapVO asaForNetwork = _networkAsa1000vMapDao.findByNetworkId(network.getId()); + if (asaForNetwork == null) { + return false; + } + + return true; + } + + @Override + public boolean release(Network network, NicProfile nic, + VirtualMachineProfile vm, + ReservationContext context) throws ConcurrentOperationException, + ResourceUnavailableException { + return true; + } + + private boolean cleanupLogicalEdgeFirewall(long vlanId, long hostId) { + CleanupLogicalEdgeFirewallCommand cmd = new CleanupLogicalEdgeFirewallCommand(vlanId); + Answer answer = _agentMgr.easySend(hostId, cmd); + return answer.getResult(); + } + + @Override + public boolean shutdown(Network network, ReservationContext context, + boolean cleanup) throws ConcurrentOperationException, + ResourceUnavailableException { + + unassignAsa1000vFromNetwork(network); + + String vlan = network.getBroadcastUri().getHost(); + long vlanId = Long.parseLong(vlan); + List devices = _ciscoVnmcDao.listByPhysicalNetwork(network.getPhysicalNetworkId()); + if (!devices.isEmpty()) { + CiscoVnmcControllerVO ciscoVnmcDevice = devices.get(0); + HostVO ciscoVnmcHost = _hostDao.findById(ciscoVnmcDevice.getHostId()); + cleanupLogicalEdgeFirewall(vlanId, ciscoVnmcHost.getId()); + } + + return true; + } + + @Override + public boolean isReady(PhysicalNetworkServiceProvider provider) { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean shutdownProviderInstances( + PhysicalNetworkServiceProvider provider, ReservationContext context) + throws ConcurrentOperationException, ResourceUnavailableException { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean canEnableIndividualServices() { + return true; + } + + @Override + public boolean verifyServicesCombination(Set services) { + if (!services.contains(Service.Firewall)) { + s_logger.warn("CiscoVnmc must be used as Firewall Service Provider in the network"); + return false; + } + return true; + } + + @Override + public boolean destroy(Network network, ReservationContext context) + throws ConcurrentOperationException, ResourceUnavailableException { + return true; + } + + @Override + public List> getCommands() { + List> cmdList = new ArrayList>(); + cmdList.add(AddCiscoVnmcResourceCmd.class); + cmdList.add(DeleteCiscoVnmcResourceCmd.class); + cmdList.add(ListCiscoVnmcResourcesCmd.class); + cmdList.add(AddCiscoAsa1000vResourceCmd.class); + cmdList.add(DeleteCiscoAsa1000vResourceCmd.class); + cmdList.add(ListCiscoAsa1000vResourcesCmd.class); + return cmdList; + } + + @Override + public CiscoVnmcController addCiscoVnmcResource(AddCiscoVnmcResourceCmd cmd) { + String deviceName = Provider.CiscoVnmc.getName(); + NetworkDevice networkDevice = NetworkDevice.getNetworkDevice(deviceName); + Long physicalNetworkId = cmd.getPhysicalNetworkId(); + CiscoVnmcController ciscoVnmcResource = null; + + PhysicalNetworkVO physicalNetwork = _physicalNetworkDao.findById(physicalNetworkId); + if (physicalNetwork == null) { + throw new InvalidParameterValueException("Could not find phyical network with ID: " + physicalNetworkId); + } + long zoneId = physicalNetwork.getDataCenterId(); + + PhysicalNetworkServiceProviderVO ntwkSvcProvider = _physicalNetworkServiceProviderDao.findByServiceProvider(physicalNetwork.getId(), networkDevice.getNetworkServiceProvder()); + if (ntwkSvcProvider == null) { + throw new CloudRuntimeException("Network Service Provider: " + networkDevice.getNetworkServiceProvder() + + " is not enabled in the physical network: " + physicalNetworkId + "to add this device"); + } else if (ntwkSvcProvider.getState() == PhysicalNetworkServiceProvider.State.Shutdown) { + throw new CloudRuntimeException("Network Service Provider: " + ntwkSvcProvider.getProviderName() + + " is in shutdown state in the physical network: " + physicalNetworkId + "to add this device"); + } + + if (_ciscoVnmcDao.listByPhysicalNetwork(physicalNetworkId).size() != 0) { + throw new CloudRuntimeException("A Cisco Vnmc device is already configured on this physical network"); + } + + Map params = new HashMap(); + params.put("guid", UUID.randomUUID().toString()); + params.put("zoneId", String.valueOf(physicalNetwork.getDataCenterId())); + params.put("physicalNetworkId", String.valueOf(physicalNetwork.getId())); + params.put("name", "Cisco VNMC Controller - " + cmd.getHost()); + params.put("ip", cmd.getHost()); + params.put("username", cmd.getUsername()); + params.put("password", cmd.getPassword()); + params.put("transportzoneisotype", physicalNetwork.getIsolationMethods().get(0).toLowerCase()); // FIXME What to do with multiple isolation types + + Map hostdetails = new HashMap(); + hostdetails.putAll(params); + + ServerResource resource = new CiscoVnmcResource(); + Transaction txn = Transaction.currentTxn(); + try { + resource.configure(cmd.getHost(), hostdetails); + + Host host = _resourceMgr.addHost(zoneId, resource, Host.Type.ExternalFirewall, params); + if (host != null) { + txn.start(); + + ciscoVnmcResource = new CiscoVnmcControllerVO(host.getId(), physicalNetworkId, ntwkSvcProvider.getProviderName(), deviceName); + _ciscoVnmcDao.persist((CiscoVnmcControllerVO)ciscoVnmcResource); + + DetailVO detail = new DetailVO(host.getId(), "deviceid", String.valueOf(ciscoVnmcResource.getId())); + _hostDetailsDao.persist(detail); + + txn.commit(); + return ciscoVnmcResource; + } else { + throw new CloudRuntimeException("Failed to add Cisco Vnmc device due to internal error."); + } + } catch (ConfigurationException e) { + txn.rollback(); + throw new CloudRuntimeException(e.getMessage()); + } + } + + @Override + public CiscoVnmcResourceResponse createCiscoVnmcResourceResponse( + CiscoVnmcController ciscoVnmcResourceVO) { + HostVO ciscoVnmcHost = _hostDao.findById(ciscoVnmcResourceVO.getHostId()); + + CiscoVnmcResourceResponse response = new CiscoVnmcResourceResponse(); + response.setId(ciscoVnmcResourceVO.getUuid()); + response.setPhysicalNetworkId(ciscoVnmcResourceVO.getPhysicalNetworkId()); + response.setProviderName(ciscoVnmcResourceVO.getProviderName()); + response.setResourceName(ciscoVnmcHost.getName()); + + return response; + } + + @Override + public boolean deleteCiscoVnmcResource(DeleteCiscoVnmcResourceCmd cmd) { + Long vnmcResourceId = cmd.getCiscoVnmcResourceId(); + CiscoVnmcControllerVO vnmcResource = _ciscoVnmcDao.findById(vnmcResourceId); + if (vnmcResource == null) { + throw new InvalidParameterValueException( + "Could not find a Cisco VNMC appliance with id " + vnmcResourceId); + } + + // Check if there any ASA 1000v appliances + Long physicalNetworkId = vnmcResource.getPhysicalNetworkId(); + PhysicalNetworkVO physicalNetwork = _physicalNetworkDao.findById(physicalNetworkId); + if (physicalNetwork != null) { + List responseList = _ciscoAsa1000vDao.listByPhysicalNetwork(physicalNetworkId); + if (responseList.size() > 0) { + throw new CloudRuntimeException( + "Cisco VNMC appliance with id " + vnmcResourceId + + " cannot be deleted as there Cisco ASA 1000v appliances using it"); + } + } + + HostVO vnmcHost = _hostDao.findById(vnmcResource.getHostId()); + Long hostId = vnmcHost.getId(); + vnmcHost.setResourceState(ResourceState.Maintenance); + _hostDao.update(hostId, vnmcHost); + _resourceMgr.deleteHost(hostId, false, false); + _ciscoVnmcDao.remove(vnmcResourceId); + + return true; + } + + @Override + public List listCiscoVnmcResources( + ListCiscoVnmcResourcesCmd cmd) { + Long physicalNetworkId = cmd.getPhysicalNetworkId(); + Long ciscoVnmcResourceId = cmd.getCiscoVnmcResourceId(); + List responseList = new ArrayList(); + + if (physicalNetworkId == null && ciscoVnmcResourceId == null) { + throw new InvalidParameterValueException("Either physical network Id or vnmc device Id must be specified"); + } + + if (ciscoVnmcResourceId != null) { + CiscoVnmcControllerVO ciscoVnmcResource = _ciscoVnmcDao.findById(ciscoVnmcResourceId); + if (ciscoVnmcResource == null) { + throw new InvalidParameterValueException("Could not find Cisco Vnmc device with id: " + ciscoVnmcResource); + } + responseList.add(ciscoVnmcResource); + } + else { + PhysicalNetworkVO physicalNetwork = _physicalNetworkDao.findById(physicalNetworkId); + if (physicalNetwork == null) { + throw new InvalidParameterValueException("Could not find a physical network with id: " + physicalNetworkId); + } + responseList = _ciscoVnmcDao.listByPhysicalNetwork(physicalNetworkId); + } + + return responseList; + } + + @Override + public IpDeployer getIpDeployer(Network network) { + return this; + } + + @Override + public boolean applyFWRules(Network network, + List rules) + throws ResourceUnavailableException { + + if (!_networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.Firewall, Provider.CiscoVnmc)) { + s_logger.error("Firewall service is not provided by Cisco Vnmc device on network " + network.getName()); + return false; + } + + // Find VNMC host for physical network + List devices = _ciscoVnmcDao.listByPhysicalNetwork(network.getPhysicalNetworkId()); + if (devices.isEmpty()) { + s_logger.error("No Cisco Vnmc device on network " + network.getName()); + return true; + } + + // Find if ASA 1000v is associated with network + NetworkAsa1000vMapVO asaForNetwork = _networkAsa1000vMapDao.findByNetworkId(network.getId()); + if (asaForNetwork == null) { + s_logger.debug("Cisco ASA 1000v device is not associated with network " + network.getName()); + return true; + } + + if (network.getState() == Network.State.Allocated) { + s_logger.debug("External firewall was asked to apply firewall rules for network with ID " + network.getId() + "; this network is not implemented. Skipping backend commands."); + return true; + } + + CiscoVnmcControllerVO ciscoVnmcDevice = devices.get(0); + HostVO ciscoVnmcHost = _hostDao.findById(ciscoVnmcDevice.getHostId()); + + List rulesTO = new ArrayList(); + for (FirewallRule rule : rules) { + IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId()); + FirewallRuleTO ruleTO = new FirewallRuleTO(rule, null, sourceIp.getAddress().addr(), rule.getPurpose(), rule.getTrafficType()); + rulesTO.add(ruleTO); + } + + if (!rulesTO.isEmpty()) { + SetFirewallRulesCommand cmd = new SetFirewallRulesCommand(rulesTO); + cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, network.getBroadcastUri().getHost()); + cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, network.getCidr()); + Answer answer = _agentMgr.easySend(ciscoVnmcHost.getId(), cmd); + if (answer == null || !answer.getResult()) { + String details = (answer != null) ? answer.getDetails() : "details unavailable"; + String msg = "Unable to apply firewall rules to Cisco ASA 1000v appliance due to: " + details + "."; + s_logger.error(msg); + throw new ResourceUnavailableException(msg, DataCenter.class, network.getDataCenterId()); + } + } + + return true; + } + + @Override + public boolean applyPFRules(Network network, List rules) + throws ResourceUnavailableException { + + if (!_networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.PortForwarding, Provider.CiscoVnmc)) { + s_logger.error("Port forwarding service is not provided by Cisco Vnmc device on network " + network.getName()); + return false; + } + + // Find VNMC host for physical network + List devices = _ciscoVnmcDao.listByPhysicalNetwork(network.getPhysicalNetworkId()); + if (devices.isEmpty()) { + s_logger.error("No Cisco Vnmc device on network " + network.getName()); + return true; + } + + // Find if ASA 1000v is associated with network + NetworkAsa1000vMapVO asaForNetwork = _networkAsa1000vMapDao.findByNetworkId(network.getId()); + if (asaForNetwork == null) { + s_logger.debug("Cisco ASA 1000v device is not associated with network " + network.getName()); + return true; + } + + if (network.getState() == Network.State.Allocated) { + s_logger.debug("External firewall was asked to apply port forwarding rules for network with ID " + network.getId() + "; this network is not implemented. Skipping backend commands."); + return true; + } + + CiscoVnmcControllerVO ciscoVnmcDevice = devices.get(0); + HostVO ciscoVnmcHost = _hostDao.findById(ciscoVnmcDevice.getHostId()); + + List rulesTO = new ArrayList(); + for (PortForwardingRule rule : rules) { + IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId()); + Vlan vlan = _vlanDao.findById(sourceIp.getVlanId()); + PortForwardingRuleTO ruleTO = new PortForwardingRuleTO(rule, vlan.getVlanTag(), sourceIp.getAddress().addr()); + rulesTO.add(ruleTO); + } + + if (!rulesTO.isEmpty()) { + SetPortForwardingRulesCommand cmd = new SetPortForwardingRulesCommand(rulesTO); + cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, network.getBroadcastUri().getHost()); + cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, network.getCidr()); + Answer answer = _agentMgr.easySend(ciscoVnmcHost.getId(), cmd); + if (answer == null || !answer.getResult()) { + String details = (answer != null) ? answer.getDetails() : "details unavailable"; + String msg = "Unable to apply port forwarding rules to Cisco ASA 1000v appliance due to: " + details + "."; + s_logger.error(msg); + throw new ResourceUnavailableException(msg, DataCenter.class, network.getDataCenterId()); + } + } + + return true; + } + + @Override + public boolean applyStaticNats(Network network, + List rules) + throws ResourceUnavailableException { + if (!_networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.StaticNat, Provider.CiscoVnmc)) { + s_logger.error("Static NAT service is not provided by Cisco Vnmc device on network " + network.getName()); + return false; + } + + // Find VNMC host for physical network + List devices = _ciscoVnmcDao.listByPhysicalNetwork(network.getPhysicalNetworkId()); + if (devices.isEmpty()) { + s_logger.error("No Cisco Vnmc device on network " + network.getName()); + return true; + } + + // Find if ASA 1000v is associated with network + NetworkAsa1000vMapVO asaForNetwork = _networkAsa1000vMapDao.findByNetworkId(network.getId()); + if (asaForNetwork == null) { + s_logger.debug("Cisco ASA 1000v device is not associated with network " + network.getName()); + return true; + } + + if (network.getState() == Network.State.Allocated) { + s_logger.debug("External firewall was asked to apply static NAT rules for network with ID " + network.getId() + "; this network is not implemented. Skipping backend commands."); + return true; + } + + CiscoVnmcControllerVO ciscoVnmcDevice = devices.get(0); + HostVO ciscoVnmcHost = _hostDao.findById(ciscoVnmcDevice.getHostId()); + + List rulesTO = new ArrayList(); + for (StaticNat rule : rules) { + IpAddress sourceIp = _networkModel.getIp(rule.getSourceIpAddressId()); + StaticNatRuleTO ruleTO = new StaticNatRuleTO(0, sourceIp.getAddress().addr(), null, + null, rule.getDestIpAddress(), null, null, null, rule.isForRevoke(), false); + rulesTO.add(ruleTO); + } + + if (!rulesTO.isEmpty()) { + SetStaticNatRulesCommand cmd = new SetStaticNatRulesCommand(rulesTO, null); + cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, network.getBroadcastUri().getHost()); + cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, network.getCidr()); + Answer answer = _agentMgr.easySend(ciscoVnmcHost.getId(), cmd); + if (answer == null || !answer.getResult()) { + String details = (answer != null) ? answer.getDetails() : "details unavailable"; + String msg = "Unable to apply static NAT rules to Cisco ASA 1000v appliance due to: " + details + "."; + s_logger.error(msg); + throw new ResourceUnavailableException(msg, DataCenter.class, network.getDataCenterId()); + } + } + + return true; + } + + @Override + public boolean applyIps(Network network, + List ipAddress, Set services) + throws ResourceUnavailableException { + // TODO Auto-generated method stub + return false; + } + + @Override + public HostVO createHostVOForConnectedAgent(HostVO host, + StartupCommand[] cmd) { + // TODO Auto-generated method stub + return null; + } + + @Override + public HostVO createHostVOForDirectConnectAgent(HostVO host, + StartupCommand[] startup, ServerResource resource, + Map details, List hostTags) { + if (!(startup[0] instanceof StartupExternalFirewallCommand)) { + return null; + } + host.setType(Host.Type.ExternalFirewall); + return host; + } + + @Override + public DeleteHostAnswer deleteHost(HostVO host, boolean isForced, + boolean isForceDeleteStorage) throws UnableDeleteHostException { + if (host.getType() != com.cloud.host.Host.Type.ExternalFirewall) { + return null; + } + return new DeleteHostAnswer(true); + } + + @Override + public CiscoAsa1000vDevice addCiscoAsa1000vResource( + AddCiscoAsa1000vResourceCmd cmd) { + Long physicalNetworkId = cmd.getPhysicalNetworkId(); + CiscoAsa1000vDevice ciscoAsa1000vResource = null; + + PhysicalNetworkVO physicalNetwork = _physicalNetworkDao.findById(physicalNetworkId); + if (physicalNetwork == null) { + throw new InvalidParameterValueException("Could not find phyical network with ID: " + physicalNetworkId); + } + + ciscoAsa1000vResource = new CiscoAsa1000vDeviceVO(physicalNetworkId, cmd.getManagementIp(), cmd.getInPortProfile(), cmd.getClusterId()); + _ciscoAsa1000vDao.persist((CiscoAsa1000vDeviceVO)ciscoAsa1000vResource); + + return ciscoAsa1000vResource; + } + + @Override + public CiscoAsa1000vResourceResponse createCiscoAsa1000vResourceResponse( + CiscoAsa1000vDevice ciscoAsa1000vDeviceVO) { + CiscoAsa1000vResourceResponse response = new CiscoAsa1000vResourceResponse(); + response.setId(ciscoAsa1000vDeviceVO.getUuid()); + response.setManagementIp(ciscoAsa1000vDeviceVO.getManagementIp()); + response.setInPortProfile(ciscoAsa1000vDeviceVO.getInPortProfile()); + + NetworkAsa1000vMapVO networkAsaMap = _networkAsa1000vMapDao.findByAsa1000vId(ciscoAsa1000vDeviceVO.getId()); + if (networkAsaMap != null) { + response.setGuestNetworkId(networkAsaMap.getNetworkId()); + } + + return response; + } + + @Override + public boolean deleteCiscoAsa1000vResource( + DeleteCiscoAsa1000vResourceCmd cmd) { + Long asaResourceId = cmd.getCiscoAsa1000vResourceId(); + CiscoAsa1000vDeviceVO asaResource = _ciscoAsa1000vDao.findById(asaResourceId); + if (asaResource == null) { + throw new InvalidParameterValueException( + "Could not find a Cisco ASA 1000v appliance with id " + asaResourceId); + } + + NetworkAsa1000vMapVO networkAsaMap = _networkAsa1000vMapDao.findByAsa1000vId(asaResource.getId()); + if (networkAsaMap != null) { + throw new CloudRuntimeException( + "Cisco ASA 1000v appliance with id " + asaResourceId + + " cannot be deleted as it is associated with guest network"); + } + + _ciscoAsa1000vDao.remove(asaResourceId); + + return true; + } + + @Override + public List listCiscoAsa1000vResources( + ListCiscoAsa1000vResourcesCmd cmd) { + Long physicalNetworkId = cmd.getPhysicalNetworkId(); + Long ciscoAsa1000vResourceId = cmd.getCiscoAsa1000vResourceId(); + List responseList = new ArrayList(); + + if (physicalNetworkId == null && ciscoAsa1000vResourceId == null) { + throw new InvalidParameterValueException("Either physical network Id or Asa 1000v device Id must be specified"); + } + + if (ciscoAsa1000vResourceId != null) { + CiscoAsa1000vDeviceVO ciscoAsa1000vResource = _ciscoAsa1000vDao.findById(ciscoAsa1000vResourceId); + if (ciscoAsa1000vResource == null) { + throw new InvalidParameterValueException("Could not find Cisco Asa 1000v device with id: " + ciscoAsa1000vResourceId); + } + responseList.add(ciscoAsa1000vResource); + } else { + PhysicalNetworkVO physicalNetwork = _physicalNetworkDao.findById(physicalNetworkId); + if (physicalNetwork == null) { + throw new InvalidParameterValueException("Could not find a physical network with id: " + physicalNetworkId); + } + responseList = _ciscoAsa1000vDao.listByPhysicalNetwork(physicalNetworkId); + } + + return responseList; + } + + @Override + public CiscoAsa1000vDevice assignAsa1000vToNetwork(Network network) { + List asaList = _ciscoAsa1000vDao.listByPhysicalNetwork(network.getPhysicalNetworkId()); + for (CiscoAsa1000vDeviceVO asa : asaList) { + NetworkAsa1000vMapVO assignedToNetwork = _networkAsa1000vMapDao.findByAsa1000vId(asa.getId()); + if (assignedToNetwork == null) { + NetworkAsa1000vMapVO networkAsaMap = new NetworkAsa1000vMapVO(network.getId(), asa.getId()); + _networkAsa1000vMapDao.persist(networkAsaMap); + return asa; + } + } + return null; + } + + private void unassignAsa1000vFromNetwork(Network network) { + NetworkAsa1000vMapVO networkAsaMap = _networkAsa1000vMapDao.findByNetworkId(network.getId()); + if (networkAsaMap != null) { + _networkAsa1000vMapDao.remove(networkAsaMap.getId()); + } + } +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElementService.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElementService.java new file mode 100644 index 00000000000..e8eb473154a --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElementService.java @@ -0,0 +1,42 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.element; + +import java.util.List; + +import com.cloud.api.commands.AddCiscoVnmcResourceCmd; +import com.cloud.api.commands.DeleteCiscoVnmcResourceCmd; +import com.cloud.api.commands.ListCiscoVnmcResourcesCmd; +import com.cloud.api.response.CiscoVnmcResourceResponse; +import com.cloud.network.cisco.CiscoVnmcController; +import com.cloud.network.cisco.CiscoVnmcControllerVO; +import com.cloud.utils.component.PluggableService; + +public interface CiscoVnmcElementService extends PluggableService { + + //public static final Provider CiscoVnmc = new Provider("CiscoVnmc", true); + + public CiscoVnmcController addCiscoVnmcResource(AddCiscoVnmcResourceCmd cmd); + + public CiscoVnmcResourceResponse createCiscoVnmcResourceResponse( + CiscoVnmcController CiscoVnmcResourceVO); + + boolean deleteCiscoVnmcResource(DeleteCiscoVnmcResourceCmd cmd); + + List listCiscoVnmcResources(ListCiscoVnmcResourcesCmd cmd); + +} diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java new file mode 100644 index 00000000000..91559782304 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java @@ -0,0 +1,780 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.resource; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.naming.ConfigurationException; + +import org.apache.log4j.Logger; + +import com.cloud.agent.IAgentControl; +import com.cloud.agent.api.Answer; +import com.cloud.agent.api.AssociateAsaWithLogicalEdgeFirewallCommand; +import com.cloud.agent.api.CleanupLogicalEdgeFirewallCommand; +import com.cloud.agent.api.Command; +import com.cloud.agent.api.ConfigureNexusVsmForAsaCommand; +import com.cloud.agent.api.CreateLogicalEdgeFirewallCommand; +import com.cloud.agent.api.ExternalNetworkResourceUsageAnswer; +import com.cloud.agent.api.ExternalNetworkResourceUsageCommand; +import com.cloud.agent.api.MaintainAnswer; +import com.cloud.agent.api.MaintainCommand; +import com.cloud.agent.api.PingCommand; +import com.cloud.agent.api.ReadyAnswer; +import com.cloud.agent.api.ReadyCommand; +import com.cloud.agent.api.StartupCommand; +import com.cloud.agent.api.StartupExternalFirewallCommand; +import com.cloud.agent.api.routing.IpAssocAnswer; +import com.cloud.agent.api.routing.IpAssocCommand; +import com.cloud.agent.api.routing.NetworkElementCommand; +import com.cloud.agent.api.routing.SetFirewallRulesCommand; +import com.cloud.agent.api.routing.SetPortForwardingRulesCommand; +import com.cloud.agent.api.routing.SetSourceNatCommand; +import com.cloud.agent.api.routing.SetStaticNatRulesCommand; +import com.cloud.agent.api.to.FirewallRuleTO; +import com.cloud.agent.api.to.PortForwardingRuleTO; +import com.cloud.agent.api.to.StaticNatRuleTO; +import com.cloud.host.Host; +import com.cloud.network.cisco.CiscoVnmcConnectionImpl; +import com.cloud.network.rules.FirewallRule.TrafficType; +import com.cloud.resource.ServerResource; +import com.cloud.utils.NumbersUtil; +import com.cloud.utils.Pair; +import com.cloud.utils.cisco.n1kv.vsm.NetconfHelper; +import com.cloud.utils.cisco.n1kv.vsm.VsmCommand.OperationType; +import com.cloud.utils.cisco.n1kv.vsm.VsmCommand.SwitchPortMode; +import com.cloud.utils.exception.ExecutionException; +import com.cloud.utils.net.NetUtils; + +public class CiscoVnmcResource implements ServerResource { + + private String _name; + private String _zoneId; + private String _physicalNetworkId; + private String _ip; + private String _username; + private String _password; + private String _guid; + private Integer _numRetries; + + private CiscoVnmcConnectionImpl _connection; + + public void setConnection(CiscoVnmcConnectionImpl connection) { + this._connection = connection; + } + + private final Logger s_logger = Logger.getLogger(CiscoVnmcResource.class); + + public Answer executeRequest(Command cmd) { + if (cmd instanceof ReadyCommand) { + return execute((ReadyCommand) cmd); + } else if (cmd instanceof MaintainCommand) { + return execute((MaintainCommand) cmd); + } else if (cmd instanceof IpAssocCommand) { + return execute((IpAssocCommand) cmd); + } else if (cmd instanceof SetSourceNatCommand) { + return execute((SetSourceNatCommand) cmd); + } else if (cmd instanceof SetFirewallRulesCommand) { + return execute((SetFirewallRulesCommand) cmd); + } else if (cmd instanceof SetStaticNatRulesCommand) { + return execute((SetStaticNatRulesCommand) cmd); + } else if (cmd instanceof SetPortForwardingRulesCommand) { + return execute((SetPortForwardingRulesCommand) cmd); + } else if (cmd instanceof ExternalNetworkResourceUsageCommand) { + return execute((ExternalNetworkResourceUsageCommand) cmd); + } else if (cmd instanceof CreateLogicalEdgeFirewallCommand) { + return execute((CreateLogicalEdgeFirewallCommand)cmd); + } else if (cmd instanceof CleanupLogicalEdgeFirewallCommand) { + return execute((CleanupLogicalEdgeFirewallCommand)cmd); + } else if (cmd instanceof ConfigureNexusVsmForAsaCommand) { + return execute((ConfigureNexusVsmForAsaCommand)cmd); + } else if (cmd instanceof AssociateAsaWithLogicalEdgeFirewallCommand) { + return execute((AssociateAsaWithLogicalEdgeFirewallCommand)cmd); + } else { + return Answer.createUnsupportedCommandAnswer(cmd); + } + } + + public boolean configure(String name, Map params) throws ConfigurationException { + try { + _name = (String) params.get("name"); + if (_name == null) { + throw new ConfigurationException("Unable to find name"); + } + + _zoneId = (String) params.get("zoneId"); + if (_zoneId == null) { + throw new ConfigurationException("Unable to find zone"); + } + + _physicalNetworkId = (String) params.get("physicalNetworkId"); + if (_physicalNetworkId == null) { + throw new ConfigurationException("Unable to find physical network id in the configuration parameters"); + } + + _ip = (String) params.get("ip"); + if (_ip == null) { + throw new ConfigurationException("Unable to find IP"); + } + + _username = (String) params.get("username"); + if (_username == null) { + throw new ConfigurationException("Unable to find username"); + } + + _password = (String) params.get("password"); + if (_password == null) { + throw new ConfigurationException("Unable to find password"); + } + + _guid = (String)params.get("guid"); + if (_guid == null) { + throw new ConfigurationException("Unable to find the guid"); + } + + _numRetries = NumbersUtil.parseInt((String) params.get("numretries"), 1); + + NumbersUtil.parseInt((String) params.get("timeout"), 300); + + // Open a socket and login + _connection = new CiscoVnmcConnectionImpl(_ip, _username, _password); + //if (!refreshVnmcConnection()) { + // throw new ConfigurationException("Unable to open a connection to the VNMC."); + //} + + return true; + } catch (Exception e) { + throw new ConfigurationException(e.getMessage()); + } + + } + + public StartupCommand[] initialize() { + StartupExternalFirewallCommand cmd = new StartupExternalFirewallCommand(); + cmd.setName(_name); + cmd.setDataCenter(_zoneId); + cmd.setPod(""); + cmd.setPrivateIpAddress(_ip); + cmd.setStorageIpAddress(""); + cmd.setVersion(""); + cmd.setGuid(_guid); + return new StartupCommand[] { cmd }; + } + + public Host.Type getType() { + return Host.Type.ExternalFirewall; + } + + @Override + public String getName() { + return _name; + } + + @Override + public boolean start() { + return true; + } + + @Override + public boolean stop() { + return true; + } + + @Override + public PingCommand getCurrentStatus(final long id) { + if (!refreshVnmcConnection()) { + return null; + } + return new PingCommand(Host.Type.ExternalFirewall, id); + } + + @Override + public void disconnected() { + } + + public IAgentControl getAgentControl() { + return null; + } + + public void setAgentControl(IAgentControl agentControl) { + return; + } + + private Answer execute(ReadyCommand cmd) { + return new ReadyAnswer(cmd); + } + + private Answer execute(MaintainCommand cmd) { + return new MaintainAnswer(cmd); + } + + private ExternalNetworkResourceUsageAnswer execute(ExternalNetworkResourceUsageCommand cmd) { + return new ExternalNetworkResourceUsageAnswer(cmd); + } + + /* + * Login + */ + private boolean refreshVnmcConnection() { + boolean ret = false; + try { + ret = _connection.login(); + } catch (ExecutionException ex) { + s_logger.error("Login to Vnmc failed", ex); + } + return ret; + } + + private synchronized Answer execute(IpAssocCommand cmd) { + refreshVnmcConnection(); + return execute(cmd, _numRetries); + } + + private Answer execute(IpAssocCommand cmd, int numRetries) { + String[] results = new String[cmd.getIpAddresses().length]; + return new IpAssocAnswer(cmd, results); + } + + private String[] getIpRangeFromCidr(String cidr) { + String[] result = new String[2]; + String[] cidrData = cidr.split("\\/"); + assert (cidrData.length == 2) : "Something is wrong with source cidr " + cidr; + long size = Long.valueOf(cidrData[1]); + result[0] = cidrData[0]; + result[1] = cidrData[0]; + if (size < 32) { + result[0] = NetUtils.getIpRangeStartIpFromCidr(cidrData[0], size); + result[1] = NetUtils.getIpRangeEndIpFromCidr(cidrData[0], size); + } + return result; + } + + /* + * Source NAT + */ + private synchronized Answer execute(SetSourceNatCommand cmd) { + refreshVnmcConnection(); + return execute(cmd, _numRetries); + } + + private Answer execute(SetSourceNatCommand cmd, int numRetries) { + String vlanId = cmd.getContextParam(NetworkElementCommand.GUEST_VLAN_TAG); + String tenant = "vlan-" + vlanId; + String policyIdentifier = cmd.getIpAddress().getPublicIp().replace('.', '-'); + try { + if (!_connection.createTenantVDCNatPolicySet(tenant)) { + throw new Exception("Failed to create NAT policy set in VNMC for guest network with vlan " + vlanId); + } + + if (!_connection.createTenantVDCSourceNatPolicy(tenant, policyIdentifier)) { + throw new Exception("Failed to create source NAT policy in VNMC for guest network with vlan " + vlanId); + } + + if (!_connection.createTenantVDCSourceNatPolicyRef(tenant, policyIdentifier)) { + throw new Exception("Failed to associate source NAT policy with NAT policy set in VNMC for guest network with vlan " + vlanId); + } + + if (!_connection.createTenantVDCSourceNatIpPool(tenant, policyIdentifier, cmd.getIpAddress().getPublicIp())) { + throw new Exception("Failed to create source NAT ip pool in VNMC for guest network with vlan " + vlanId); + } + + String[] ipRange = getIpRangeFromCidr(cmd.getContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR)); + if (!_connection.createTenantVDCSourceNatRule(tenant, policyIdentifier, ipRange[0], ipRange[1])) { + throw new Exception("Failed to create source NAT rule in VNMC for guest network with vlan " + vlanId); + } + + if (!_connection.associateNatPolicySet(tenant)) { + throw new Exception("Failed to associate source NAT policy set with edge security profile in VNMC for guest network with vlan " + vlanId); + } + } catch (Throwable e) { + String msg = "SetSourceNatCommand failed due to " + e.getMessage(); + s_logger.error(msg, e); + return new Answer(cmd, false, msg); + } + + return new Answer(cmd, true, "Success"); + } + + /* + * Firewall rule + */ + private synchronized Answer execute(SetFirewallRulesCommand cmd) { + refreshVnmcConnection(); + return execute(cmd, _numRetries); + } + + private Answer execute(SetFirewallRulesCommand cmd, int numRetries) { + String vlanId = cmd.getContextParam(NetworkElementCommand.GUEST_VLAN_TAG); + String tenant = "vlan-" + vlanId; + + FirewallRuleTO[] rules = cmd.getRules(); + Map> publicIpRulesMap = new HashMap>(); + for (FirewallRuleTO rule : rules) { + String publicIp = rule.getSrcIp(); + if (!publicIpRulesMap.containsKey(publicIp)) { + List publicIpRulesList = new ArrayList(); + publicIpRulesMap.put(publicIp, publicIpRulesList); + } + publicIpRulesMap.get(publicIp).add(rule); + } + + try { + if (!_connection.createTenantVDCAclPolicySet(tenant, true)) { + throw new Exception("Failed to create ACL ingress policy set in VNMC for guest network with vlan " + vlanId); + } + if (!_connection.createTenantVDCAclPolicySet(tenant, false)) { + throw new Exception("Failed to create ACL egress policy set in VNMC for guest network with vlan " + vlanId); + } + + for (String publicIp : publicIpRulesMap.keySet()) { + String policyIdentifier = publicIp.replace('.', '-'); + + if (!_connection.createTenantVDCAclPolicy(tenant, policyIdentifier)) { + throw new Exception("Failed to create ACL policy in VNMC for guest network with vlan " + vlanId); + } + if (!_connection.createTenantVDCAclPolicyRef(tenant, policyIdentifier, true)) { + throw new Exception("Failed to associate ACL policy with ACL ingress policy set in VNMC for guest network with vlan " + vlanId); + } + if (!_connection.createTenantVDCAclPolicyRef(tenant, policyIdentifier, false)) { + throw new Exception("Failed to associate ACL policy with ACL egress policy set in VNMC for guest network with vlan " + vlanId); + } + + for (FirewallRuleTO rule : publicIpRulesMap.get(publicIp)) { + if (rule.revoked()) { + if (!_connection.deleteTenantVDCAclRule(tenant, Long.toString(rule.getId()), policyIdentifier)) { + throw new Exception("Failed to delete ACL rule in VNMC for guest network with vlan " + vlanId); + } + } else { + String[] externalIpRange = getIpRangeFromCidr(rule.getSourceCidrList().get(0)); + if (rule.getTrafficType() == TrafficType.Ingress) { + if (!rule.getProtocol().equalsIgnoreCase("icmp")) { + if (!_connection.createTenantVDCIngressAclRule(tenant, + Long.toString(rule.getId()), policyIdentifier, + rule.getProtocol().toUpperCase(), externalIpRange[0], externalIpRange[1], + Integer.toString(rule.getSrcPortRange()[0]), Integer.toString(rule.getSrcPortRange()[1]), publicIp)) { + throw new Exception("Failed to create ACL ingress rule in VNMC for guest network with vlan " + vlanId); + } + } else { + if (!_connection.createTenantVDCIngressAclRule(tenant, + Long.toString(rule.getId()), policyIdentifier, + rule.getProtocol().toUpperCase(), externalIpRange[0], externalIpRange[1], publicIp)) { + throw new Exception("Failed to create ACL ingress rule in VNMC for guest network with vlan " + vlanId); + } + } + } else { + if (!rule.getProtocol().equalsIgnoreCase("icmp")) { + if (!_connection.createTenantVDCEgressAclRule(tenant, + Long.toString(rule.getId()), policyIdentifier, + rule.getProtocol().toUpperCase(), + Integer.toString(rule.getSrcPortRange()[0]), Integer.toString(rule.getSrcPortRange()[1]), publicIp, + externalIpRange[0], externalIpRange[1])) { + throw new Exception("Failed to create ACL egress rule in VNMC for guest network with vlan " + vlanId); + } + } else { + if (!_connection.createTenantVDCEgressAclRule(tenant, + Long.toString(rule.getId()), policyIdentifier, + rule.getProtocol().toUpperCase(), publicIp, externalIpRange[0], externalIpRange[1])) { + throw new Exception("Failed to create ACL egress rule in VNMC for guest network with vlan " + vlanId); + } + } + } + } + } + } + + if (!_connection.associateAclPolicySet(tenant)) { + throw new Exception("Failed to associate ACL policy set with edge security profile in VNMC for guest network with vlan " + vlanId); + } + } catch (Throwable e) { + String msg = "SetFirewallRulesCommand failed due to " + e.getMessage(); + s_logger.error(msg, e); + return new Answer(cmd, false, msg); + } + + return new Answer(cmd, true, "Success"); + } + + /* + * Static NAT + */ + private synchronized Answer execute(SetStaticNatRulesCommand cmd) { + refreshVnmcConnection(); + return execute(cmd, _numRetries); + } + + private Answer execute(SetStaticNatRulesCommand cmd, int numRetries) { + String vlanId = cmd.getContextParam(NetworkElementCommand.GUEST_VLAN_TAG); + String tenant = "vlan-" + vlanId; + + StaticNatRuleTO[] rules = cmd.getRules(); + Map> publicIpRulesMap = new HashMap>(); + for (StaticNatRuleTO rule : rules) { + String publicIp = rule.getSrcIp(); + if (!publicIpRulesMap.containsKey(publicIp)) { + List publicIpRulesList = new ArrayList(); + publicIpRulesMap.put(publicIp, publicIpRulesList); + } + publicIpRulesMap.get(publicIp).add(rule); + } + + try { + if (!_connection.createTenantVDCNatPolicySet(tenant)) { + throw new Exception("Failed to create NAT policy set in VNMC for guest network with vlan " + vlanId); + } + + if (!_connection.createTenantVDCAclPolicySet(tenant, true)) { + throw new Exception("Failed to create ACL ingress policy set in VNMC for guest network with vlan " + vlanId); + } + + if (!_connection.createTenantVDCAclPolicySet(tenant, false)) { + throw new Exception("Failed to create ACL egress policy set in VNMC for guest network with vlan " + vlanId); + } + + for (String publicIp : publicIpRulesMap.keySet()) { + String policyIdentifier = publicIp.replace('.', '-'); + + if (!_connection.createTenantVDCDNatPolicy(tenant, policyIdentifier)) { + throw new Exception("Failed to create DNAT policy in VNMC for guest network with vlan " + vlanId); + } + if (!_connection.createTenantVDCDNatPolicyRef(tenant, policyIdentifier)) { + throw new Exception("Failed to associate DNAT policy with NAT policy set in VNMC for guest network with vlan " + vlanId); + } + + if (!_connection.createTenantVDCAclPolicy(tenant, policyIdentifier)) { + throw new Exception("Failed to create ACL policy in VNMC for guest network with vlan " + vlanId); + } + if (!_connection.createTenantVDCAclPolicyRef(tenant, policyIdentifier, true)) { + throw new Exception("Failed to associate ACL policy with ACL ingress policy set in VNMC for guest network with vlan " + vlanId); + } + if (!_connection.createTenantVDCAclPolicyRef(tenant, policyIdentifier, false)) { + throw new Exception("Failed to associate ACL policy with ACL egress policy set in VNMC for guest network with vlan " + vlanId); + } + + for (StaticNatRuleTO rule : publicIpRulesMap.get(publicIp)) { + if (rule.revoked()) { + if (!_connection.deleteTenantVDCDNatRule(tenant, Long.toString(rule.getId()), policyIdentifier)) { + throw new Exception("Failed to delete DNAT rule in VNMC for guest network with vlan " + vlanId); + } + + if (!_connection.deleteTenantVDCAclRule(tenant, Long.toString(rule.getId()), policyIdentifier)) { + throw new Exception("Failed to delete ACL ingress rule for DNAT in VNMC for guest network with vlan " + vlanId); + } + } else { + if (!_connection.createTenantVDCDNatIpPool(tenant, policyIdentifier + "-" + rule.getId(), rule.getDstIp())) { + throw new Exception("Failed to create DNAT ip pool in VNMC for guest network with vlan " + vlanId); + } + + if (!_connection.createTenantVDCDNatRule(tenant, + Long.toString(rule.getId()), policyIdentifier, rule.getSrcIp())) { + throw new Exception("Failed to create DNAT rule in VNMC for guest network with vlan " + vlanId); + } + + if (!_connection.createTenantVDCAclRuleForDNat(tenant, + Long.toString(rule.getId()), policyIdentifier, rule.getDstIp())) { + throw new Exception("Failed to create ACL rule for DNAT in VNMC for guest network with vlan " + vlanId); + } + } + } + } + + if (!_connection.associateAclPolicySet(tenant)) { + throw new Exception("Failed to associate source NAT policy set with edge security profile in VNMC for guest network with vlan " + vlanId); + } + } catch (Throwable e) { + String msg = "SetSourceNatCommand failed due to " + e.getMessage(); + s_logger.error(msg, e); + return new Answer(cmd, false, msg); + } + + return new Answer(cmd, true, "Success"); + } + + /* + * Destination NAT + */ + private synchronized Answer execute(SetPortForwardingRulesCommand cmd) { + refreshVnmcConnection(); + return execute(cmd, _numRetries); + } + + private Answer execute(SetPortForwardingRulesCommand cmd, int numRetries) { + String vlanId = cmd.getContextParam(NetworkElementCommand.GUEST_VLAN_TAG); + String tenant = "vlan-" + vlanId; + + PortForwardingRuleTO[] rules = cmd.getRules(); + Map> publicIpRulesMap = new HashMap>(); + for (PortForwardingRuleTO rule : rules) { + String publicIp = rule.getSrcIp(); + if (!publicIpRulesMap.containsKey(publicIp)) { + List publicIpRulesList = new ArrayList(); + publicIpRulesMap.put(publicIp, publicIpRulesList); + } + publicIpRulesMap.get(publicIp).add(rule); + } + + try { + if (!_connection.createTenantVDCNatPolicySet(tenant)) { + throw new Exception("Failed to create NAT policy set in VNMC for guest network with vlan " + vlanId); + } + + if (!_connection.createTenantVDCAclPolicySet(tenant, true)) { + throw new Exception("Failed to create ACL ingress policy set in VNMC for guest network with vlan " + vlanId); + } + + if (!_connection.createTenantVDCAclPolicySet(tenant, false)) { + throw new Exception("Failed to create ACL egress policy set in VNMC for guest network with vlan " + vlanId); + } + + for (String publicIp : publicIpRulesMap.keySet()) { + String policyIdentifier = publicIp.replace('.', '-'); + + if (!_connection.createTenantVDCPFPolicy(tenant, policyIdentifier)) { + throw new Exception("Failed to create PF policy in VNMC for guest network with vlan " + vlanId); + } + if (!_connection.createTenantVDCPFPolicyRef(tenant, policyIdentifier)) { + throw new Exception("Failed to associate PF policy with NAT policy set in VNMC for guest network with vlan " + vlanId); + } + + if (!_connection.createTenantVDCAclPolicy(tenant, policyIdentifier)) { + throw new Exception("Failed to create ACL policy in VNMC for guest network with vlan " + vlanId); + } + if (!_connection.createTenantVDCAclPolicyRef(tenant, policyIdentifier, true)) { + throw new Exception("Failed to associate ACL policy with ACL ingress policy set in VNMC for guest network with vlan " + vlanId); + } + if (!_connection.createTenantVDCAclPolicyRef(tenant, policyIdentifier, false)) { + throw new Exception("Failed to associate ACL policy with ACL egress policy set in VNMC for guest network with vlan " + vlanId); + } + + for (PortForwardingRuleTO rule : publicIpRulesMap.get(publicIp)) { + if (rule.revoked()) { + if (!_connection.deleteTenantVDCPFRule(tenant, Long.toString(rule.getId()), policyIdentifier)) { + throw new Exception("Failed to delete PF rule in VNMC for guest network with vlan " + vlanId); + } + + if (!_connection.deleteTenantVDCAclRule(tenant, Long.toString(rule.getId()), policyIdentifier)) { + throw new Exception("Failed to delete ACL ingress rule for PF in VNMC for guest network with vlan " + vlanId); + } + } else { + if (!_connection.createTenantVDCPFIpPool(tenant, policyIdentifier + "-" + rule.getId(), rule.getDstIp())) { + throw new Exception("Failed to create PF ip pool in VNMC for guest network with vlan " + vlanId); + } + if (!_connection.createTenantVDCPFPortPool(tenant, policyIdentifier + "-" + rule.getId(), + Integer.toString(rule.getDstPortRange()[0]), Integer.toString(rule.getDstPortRange()[1]))) { + throw new Exception("Failed to create PF port pool in VNMC for guest network with vlan " + vlanId); + } + + if (!_connection.createTenantVDCPFRule(tenant, + Long.toString(rule.getId()), policyIdentifier, + rule.getProtocol().toUpperCase(), rule.getSrcIp(), + Integer.toString(rule.getSrcPortRange()[0]), Integer.toString(rule.getSrcPortRange()[1]))) { + throw new Exception("Failed to create PF rule in VNMC for guest network with vlan " + vlanId); + } + + if (!_connection.createTenantVDCAclRuleForPF(tenant, + Long.toString(rule.getId()), policyIdentifier, + rule.getProtocol().toUpperCase(), rule.getDstIp(), + Integer.toString(rule.getDstPortRange()[0]), Integer.toString(rule.getDstPortRange()[1]))) { + throw new Exception("Failed to create ACL rule for PF in VNMC for guest network with vlan " + vlanId); + } + } + } + } + + if (!_connection.associateAclPolicySet(tenant)) { + throw new Exception("Failed to associate source NAT policy set with edge security profile in VNMC for guest network with vlan " + vlanId); + } + } catch (Throwable e) { + String msg = "SetSourceNatCommand failed due to " + e.getMessage(); + s_logger.error(msg, e); + return new Answer(cmd, false, msg); + } + + return new Answer(cmd, true, "Success"); + } + + /* + * Logical edge firewall + */ + private synchronized Answer execute(CreateLogicalEdgeFirewallCommand cmd) { + refreshVnmcConnection(); + return execute(cmd, _numRetries); + } + + private void createEdgeDeviceProfile(String tenant, List gateways, Long vlanId) throws Exception { + // create edge device profile + if (!_connection.createTenantVDCEdgeDeviceProfile(tenant)) + throw new Exception("Failed to create tenant edge device profile in VNMC for guest network with vlan " + vlanId); + + // create edge static route policy + if (!_connection.createTenantVDCEdgeStaticRoutePolicy(tenant)) + throw new Exception("Failed to create tenant edge static route policy in VNMC for guest network with vlan " + vlanId); + + // create edge static route for all gateways + for (String gateway : gateways) { + if (!_connection.createTenantVDCEdgeStaticRoute(tenant, gateway, "0.0.0.0", "0.0.0.0")) + throw new Exception("Failed to create tenant edge static route in VNMC for guest network with vlan " + vlanId); + } + + // associate edge + if (!_connection.associateTenantVDCEdgeStaticRoutePolicy(tenant)) + throw new Exception("Failed to associate edge static route policy with edge device profile in VNMC for guest network with vlan " + vlanId); + } + + private Answer execute(CreateLogicalEdgeFirewallCommand cmd, int numRetries) { + String tenant = "vlan-" + cmd.getVlanId(); + try { + // create tenant + if (!_connection.createTenant(tenant)) + throw new Exception("Failed to create tenant in VNMC for guest network with vlan " + cmd.getVlanId()); + + // create tenant VDC + if (!_connection.createTenantVDC(tenant)) + throw new Exception("Failed to create tenant VDC in VNMC for guest network with vlan " + cmd.getVlanId()); + + // create edge security profile + if (!_connection.createTenantVDCEdgeSecurityProfile(tenant)) + throw new Exception("Failed to create tenant edge security profile in VNMC for guest network with vlan " + cmd.getVlanId()); + + // create edge device profile and associated route + createEdgeDeviceProfile(tenant, cmd.getPublicGateways(), cmd.getVlanId()); + + // create logical edge firewall + if (!_connection.createEdgeFirewall(tenant, cmd.getPublicIp(), cmd.getInternalIp(), cmd.getPublicSubnet(), cmd.getInternalSubnet())) + throw new Exception("Failed to create edge firewall in VNMC for guest network with vlan " + cmd.getVlanId()); + } catch (Throwable e) { + String msg = "CreateLogicalEdgeFirewallCommand failed due to " + e.getMessage(); + s_logger.error(msg, e); + return new Answer(cmd, false, msg); + } + + return new Answer(cmd, true, "Success"); + } + + /* + * Create vservice node and update inside port profile for ASA appliance in VSM + */ + private synchronized Answer execute(ConfigureNexusVsmForAsaCommand cmd) { + return execute(cmd, _numRetries); + } + + private Answer execute(ConfigureNexusVsmForAsaCommand cmd, int numRetries) { + String vlanId = Long.toString(cmd.getVlanId()); + NetconfHelper helper = null; + List> params = new ArrayList>(); + params.add(new Pair(OperationType.addvlanid, vlanId)); + try { + helper = new NetconfHelper(cmd.getVsmIp(), cmd.getVsmUsername(), cmd.getVsmPassword()); + s_logger.debug("Connected to Cisco VSM " + cmd.getVsmIp()); + helper.addVServiceNode(vlanId, cmd.getIpAddress()); + s_logger.debug("Created vservice node for ASA appliance in Cisco VSM for vlan " + vlanId); + helper.updatePortProfile(cmd.getAsaInPortProfile(), SwitchPortMode.access, params); + s_logger.debug("Updated inside port profile for ASA appliance in Cisco VSM with new vlan " + vlanId); + } catch (Throwable e) { + String msg = "ConfigureVSMForASACommand failed due to " + e.getMessage(); + s_logger.error(msg, e); + return new Answer(cmd, false, msg); + } finally { + helper.disconnect(); + } + + return new Answer(cmd, true, "Success"); + } + + /* + * Associates ASA 1000v with logical edge firewall in VNMC + */ + private synchronized Answer execute(AssociateAsaWithLogicalEdgeFirewallCommand cmd) { + return execute(cmd, _numRetries); + } + + private Answer execute(AssociateAsaWithLogicalEdgeFirewallCommand cmd, int numRetries) { + String tenant = "vlan-" + cmd.getVlanId(); + try { + Map availableAsaAppliances = _connection.listUnAssocAsa1000v(); + if (availableAsaAppliances.isEmpty()) { + throw new Exception("No ASA 1000v available to associate with logical edge firewall for guest vlan " + cmd.getVlanId()); + } + + String asaInstanceDn = availableAsaAppliances.get(cmd.getAsaMgmtIp()); + if (asaInstanceDn == null) { + throw new Exception("Requested ASA 1000v (" + cmd.getAsaMgmtIp() + ") is not available"); + } + + if (!_connection.assignAsa1000v(tenant, asaInstanceDn)) { + throw new Exception("Failed to associate ASA 1000v (" + cmd.getAsaMgmtIp() + ") with logical edge firewall for guest vlan " + cmd.getVlanId()); + } + } catch (Throwable e) { + String msg = "AssociateAsaWithLogicalEdgeFirewallCommand failed due to " + e.getMessage(); + s_logger.error(msg, e); + return new Answer(cmd, false, msg); + } + + return new Answer(cmd, true, "Success"); + } + + /* + * Cleanup + */ + private synchronized Answer execute(CleanupLogicalEdgeFirewallCommand cmd) { + refreshVnmcConnection(); + return execute(cmd, _numRetries); + } + + private Answer execute(CleanupLogicalEdgeFirewallCommand cmd, int numRetries) { + String tenant = "vlan-" + cmd.getVlanId(); + try { + _connection.deleteTenant(tenant); + } catch (Throwable e) { + String msg = "CleanupLogicalEdgeFirewallCommand failed due to " + e.getMessage(); + s_logger.error(msg, e); + return new Answer(cmd, false, msg); + } + + return new Answer(cmd, true, "Success"); + } + + @Override + public void setName(String name) { + // TODO Auto-generated method stub + } + + @Override + public void setConfigParams(Map params) { + // TODO Auto-generated method stub + } + + @Override + public Map getConfigParams() { + // TODO Auto-generated method stub + return null; + } + + @Override + public int getRunLevel() { + // TODO Auto-generated method stub + return 0; + } + + @Override + public void setRunLevel(int level) { + // TODO Auto-generated method stub + } + +} diff --git a/plugins/network-elements/cisco-vnmc/src/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java b/plugins/network-elements/cisco-vnmc/src/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java new file mode 100644 index 00000000000..52f0ea66f50 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/org/apache/commons/httpclient/contrib/ssl/EasySSLProtocolSocketFactory.java @@ -0,0 +1,232 @@ +/* + * $HeadURL$ + * $Revision$ + * $Date$ + * + * ==================================================================== + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ==================================================================== + * + * This software consists of voluntary contributions made by many + * individuals on behalf of the Apache Software Foundation. For more + * information on the Apache Software Foundation, please see + * . + * + */ + +package org.apache.commons.httpclient.contrib.ssl; + +import java.io.IOException; +import java.net.InetAddress; +import java.net.InetSocketAddress; +import java.net.Socket; +import java.net.SocketAddress; +import java.net.UnknownHostException; + +import javax.net.SocketFactory; +import javax.net.ssl.SSLContext; +import javax.net.ssl.TrustManager; + +import org.apache.commons.httpclient.ConnectTimeoutException; +import org.apache.commons.httpclient.HttpClientError; +import org.apache.commons.httpclient.params.HttpConnectionParams; +import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + *

+ * EasySSLProtocolSocketFactory can be used to creats SSL {@link Socket}s + * that accept self-signed certificates. + *

+ *

+ * This socket factory SHOULD NOT be used for productive systems + * due to security reasons, unless it is a concious decision and + * you are perfectly aware of security implications of accepting + * self-signed certificates + *

+ * + *

+ * Example of using custom protocol socket factory for a specific host: + * 

+ *     Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443);
+ *
+ *     URI uri = new URI("https://localhost/", true);
+ *     // use relative url only
+ *     GetMethod httpget = new GetMethod(uri.getPathQuery());
+ *     HostConfiguration hc = new HostConfiguration();
+ *     hc.setHost(uri.getHost(), uri.getPort(), easyhttps);
+ *     HttpClient client = new HttpClient();
+ *     client.executeMethod(hc, httpget);
+ *
+ *

+ *

+ * Example of using custom protocol socket factory per default instead of the standard one: + * 

+ *     Protocol easyhttps = new Protocol("https", new EasySSLProtocolSocketFactory(), 443);
+ *     Protocol.registerProtocol("https", easyhttps);
+ *
+ *     HttpClient client = new HttpClient();
+ *     GetMethod httpget = new GetMethod("https://localhost/");
+ *     client.executeMethod(httpget);
+ *
+ *

+ * + * @author Oleg Kalnichevski + * + *

+ * DISCLAIMER: HttpClient developers DO NOT actively support this component. + * The component is provided as a reference material, which may be inappropriate + * for use without additional customization. + *

+ */ + +public class EasySSLProtocolSocketFactory implements SecureProtocolSocketFactory { + + /** Log object for this class. */ + private static final Log LOG = LogFactory.getLog(EasySSLProtocolSocketFactory.class); + + private SSLContext sslcontext = null; + + /** + * Constructor for EasySSLProtocolSocketFactory. + */ + public EasySSLProtocolSocketFactory() { + super(); + } + + private static SSLContext createEasySSLContext() { + try { + SSLContext context = SSLContext.getInstance("SSL"); + context.init( + null, + new TrustManager[] {new EasyX509TrustManager(null)}, + null); + return context; + } catch (Exception e) { + LOG.error(e.getMessage(), e); + throw new HttpClientError(e.toString()); + } + } + + private SSLContext getSSLContext() { + if (this.sslcontext == null) { + this.sslcontext = createEasySSLContext(); + } + return this.sslcontext; + } + + /** + * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int,java.net.InetAddress,int) + */ + public Socket createSocket( + String host, + int port, + InetAddress clientHost, + int clientPort) + throws IOException, UnknownHostException { + + return getSSLContext().getSocketFactory().createSocket( + host, + port, + clientHost, + clientPort + ); + } + + /** + * Attempts to get a new socket connection to the given host within the given time limit. + *

+ * To circumvent the limitations of older JREs that do not support connect timeout a + * controller thread is executed. The controller thread attempts to create a new socket + * within the given limit of time. If socket constructor does not return until the + * timeout expires, the controller terminates and throws an {@link ConnectTimeoutException} + *

+ * + * @param host the host name/IP + * @param port the port on the host + * @param clientHost the local host name/IP to bind the socket to + * @param clientPort the port on the local machine + * @param params {@link HttpConnectionParams Http connection parameters} + * + * @return Socket a new socket + * + * @throws IOException if an I/O error occurs while creating the socket + * @throws UnknownHostException if the IP address of the host cannot be + * determined + */ + public Socket createSocket( + final String host, + final int port, + final InetAddress localAddress, + final int localPort, + final HttpConnectionParams params + ) throws IOException, UnknownHostException, ConnectTimeoutException { + if (params == null) { + throw new IllegalArgumentException("Parameters may not be null"); + } + int timeout = params.getConnectionTimeout(); + SocketFactory socketfactory = getSSLContext().getSocketFactory(); + if (timeout == 0) { + return socketfactory.createSocket(host, port, localAddress, localPort); + } else { + Socket socket = socketfactory.createSocket(); + SocketAddress localaddr = new InetSocketAddress(localAddress, localPort); + SocketAddress remoteaddr = new InetSocketAddress(host, port); + socket.bind(localaddr); + socket.connect(remoteaddr, timeout); + return socket; + } + } + + /** + * @see SecureProtocolSocketFactory#createSocket(java.lang.String,int) + */ + public Socket createSocket(String host, int port) + throws IOException, UnknownHostException { + return getSSLContext().getSocketFactory().createSocket( + host, + port + ); + } + + /** + * @see SecureProtocolSocketFactory#createSocket(java.net.Socket,java.lang.String,int,boolean) + */ + public Socket createSocket( + Socket socket, + String host, + int port, + boolean autoClose) + throws IOException, UnknownHostException { + return getSSLContext().getSocketFactory().createSocket( + socket, + host, + port, + autoClose + ); + } + + public boolean equals(Object obj) { + return ((obj != null) && obj.getClass().equals(EasySSLProtocolSocketFactory.class)); + } + + public int hashCode() { + return EasySSLProtocolSocketFactory.class.hashCode(); + } + +} diff --git a/plugins/network-elements/cisco-vnmc/src/org/apache/commons/httpclient/contrib/ssl/EasyX509TrustManager.java b/plugins/network-elements/cisco-vnmc/src/org/apache/commons/httpclient/contrib/ssl/EasyX509TrustManager.java new file mode 100644 index 00000000000..ae9f9380b31 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/src/org/apache/commons/httpclient/contrib/ssl/EasyX509TrustManager.java @@ -0,0 +1,114 @@ +/* + * ==================================================================== + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * ==================================================================== + * + * This software consists of voluntary contributions made by many + * individuals on behalf of the Apache Software Foundation. For more + * information on the Apache Software Foundation, please see + * . + * + */ + +package org.apache.commons.httpclient.contrib.ssl; + +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; + +import javax.net.ssl.TrustManagerFactory; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; + +/** + *

+ * EasyX509TrustManager unlike default {@link X509TrustManager} accepts + * self-signed certificates. + *

+ *

+ * This trust manager SHOULD NOT be used for productive systems + * due to security reasons, unless it is a concious decision and + * you are perfectly aware of security implications of accepting + * self-signed certificates + *

+ * + * @author Adrian Sutton + * @author Oleg Kalnichevski + * + *

+ * DISCLAIMER: HttpClient developers DO NOT actively support this component. + * The component is provided as a reference material, which may be inappropriate + * for use without additional customization. + *

+ */ + +public class EasyX509TrustManager implements X509TrustManager +{ + private X509TrustManager standardTrustManager = null; + + /** Log object for this class. */ + private static final Log LOG = LogFactory.getLog(EasyX509TrustManager.class); + + /** + * Constructor for EasyX509TrustManager. + */ + public EasyX509TrustManager(KeyStore keystore) throws NoSuchAlgorithmException, KeyStoreException { + super(); + TrustManagerFactory factory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); + factory.init(keystore); + TrustManager[] trustmanagers = factory.getTrustManagers(); + if (trustmanagers.length == 0) { + throw new NoSuchAlgorithmException("no trust manager found"); + } + this.standardTrustManager = (X509TrustManager)trustmanagers[0]; + } + + /** + * @see javax.net.ssl.X509TrustManager#checkClientTrusted(X509Certificate[],String authType) + */ + public void checkClientTrusted(X509Certificate[] certificates,String authType) throws CertificateException { + standardTrustManager.checkClientTrusted(certificates,authType); + } + + /** + * @see javax.net.ssl.X509TrustManager#checkServerTrusted(X509Certificate[],String authType) + */ + public void checkServerTrusted(X509Certificate[] certificates,String authType) throws CertificateException { + if ((certificates != null) && LOG.isDebugEnabled()) { + LOG.debug("Server certificate chain:"); + for (int i = 0; i < certificates.length; i++) { + LOG.debug("X509Certificate[" + i + "]=" + certificates[i]); + } + } + if ((certificates != null) && (certificates.length == 1)) { + certificates[0].checkValidity(); + } else { + standardTrustManager.checkServerTrusted(certificates,authType); + } + } + + /** + * @see javax.net.ssl.X509TrustManager#getAcceptedIssuers() + */ + public X509Certificate[] getAcceptedIssuers() { + return this.standardTrustManager.getAcceptedIssuers(); + } +} diff --git a/plugins/network-elements/cisco-vnmc/test/com/cloud/network/cisco/CiscoVnmcConnectionTest.java b/plugins/network-elements/cisco-vnmc/test/com/cloud/network/cisco/CiscoVnmcConnectionTest.java new file mode 100644 index 00000000000..bf52356779e --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/test/com/cloud/network/cisco/CiscoVnmcConnectionTest.java @@ -0,0 +1,248 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.cisco; + +import static org.junit.Assert.assertTrue; + +import java.util.Map; + +import org.junit.BeforeClass; +import org.junit.Ignore; +import org.junit.Test; + +import com.cloud.network.cisco.CiscoVnmcConnectionImpl; +import com.cloud.utils.exception.ExecutionException; + + +@Ignore("Requires actual VNMC to connect to") +public class CiscoVnmcConnectionTest { + static CiscoVnmcConnectionImpl connection; + static String tenantName = "TenantE"; + static Map fwDns = null; + + @BeforeClass + public static void setUpClass() throws Exception { + connection = new CiscoVnmcConnectionImpl("10.223.56.5", "admin", "C1sco123"); + try { + boolean response = connection.login(); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + + @Test + public void testLogin() { + //fail("Not yet implemented"); + try { + boolean response = connection.login(); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + + @Test + public void testCreateTenant() { + //fail("Not yet implemented"); + try { + boolean response = connection.createTenant(tenantName); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateTenantVDC() { + //fail("Not yet implemented"); + try { + boolean response = connection.createTenantVDC(tenantName); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateTenantVDCEdgeDeviceProfile() { + //fail("Not yet implemented"); + try { + boolean response = connection.createTenantVDCEdgeDeviceProfile(tenantName); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateTenantVDCEdgeDeviceRoutePolicy() { + try { + boolean response = connection.createTenantVDCEdgeStaticRoutePolicy(tenantName); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateTenantVDCEdgeDeviceRoute() { + try { + boolean response = connection.createTenantVDCEdgeStaticRoute(tenantName, + "10.223.136.1", "0.0.0.0", "0.0.0.0"); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testAssociateRoutePolicyWithEdgeProfile() { + try { + boolean response = connection.associateTenantVDCEdgeStaticRoutePolicy(tenantName); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testAssociateTenantVDCEdgeDhcpPolicy() { + try { + boolean response = connection.associateTenantVDCEdgeDhcpPolicy(tenantName, "Edge_Inside"); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateTenantVDCEdgeDhcpPolicy() { + try { + boolean response = connection.createTenantVDCEdgeDhcpPolicy(tenantName, + "10.1.1.2", "10.1.1.254", "255.255.255.0","4.4.4.4", tenantName+ ".net"); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateTenantVDCEdgeSecurityProfile() { + try { + boolean response = connection.createTenantVDCEdgeSecurityProfile(tenantName); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateTenantVDCSourceNatIpPool() { + try { + boolean response = connection.createTenantVDCSourceNatIpPool(tenantName, "1", "10.223.136.10"); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateTenantVDCSourceNatPolicy() { + try { + boolean response = connection.createTenantVDCSourceNatPolicy(tenantName, "1"); + assertTrue(response); + response = connection.createTenantVDCSourceNatPolicyRef(tenantName, "1"); + assertTrue(response); + response = connection.createTenantVDCSourceNatRule(tenantName, "1", "10.1.1.2", "10.1.1.254"); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateTenantVDCNatPolicySet() { + try { + boolean response = connection.createTenantVDCNatPolicySet(tenantName); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testAssociateNatPolicySet() { + try { + boolean response = connection.associateNatPolicySet(tenantName); + assertTrue(response); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void testCreateEdgeFirewall() { + try { + boolean response = connection.createEdgeFirewall(tenantName, + "44.44.44.44", "192.168.1.1", "255.255.255.0", "255.255.255.192"); + assertTrue(response); + } catch (ExecutionException e) { + e.printStackTrace(); + } + } + + @Test + public void testListUnassocAsa1000v() { + try { + Map response = connection.listUnAssocAsa1000v(); + assertTrue(response.size() >=0); + fwDns = response; + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + @Test + public void assocAsa1000v() { + try { + boolean result = connection.assignAsa1000v(tenantName, fwDns.get(0)); + assertTrue(result); + } catch (ExecutionException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } +} diff --git a/plugins/network-elements/cisco-vnmc/test/com/cloud/network/element/CiscoVnmcElementTest.java b/plugins/network-elements/cisco-vnmc/test/com/cloud/network/element/CiscoVnmcElementTest.java new file mode 100755 index 00000000000..a16733b5135 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/test/com/cloud/network/element/CiscoVnmcElementTest.java @@ -0,0 +1,401 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.element; + +import java.net.URI; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; + +import javax.naming.ConfigurationException; + +import org.junit.Before; +import org.junit.Test; +import org.mockito.internal.matchers.Any; + +import com.cloud.agent.AgentManager; +import com.cloud.agent.api.Answer; +import com.cloud.agent.api.AssociateAsaWithLogicalEdgeFirewallCommand; +import com.cloud.agent.api.CleanupLogicalEdgeFirewallCommand; +import com.cloud.agent.api.ConfigureNexusVsmForAsaCommand; +import com.cloud.agent.api.CreateLogicalEdgeFirewallCommand; +import com.cloud.agent.api.routing.SetFirewallRulesCommand; +import com.cloud.agent.api.routing.SetPortForwardingRulesCommand; +import com.cloud.agent.api.routing.SetSourceNatCommand; +import com.cloud.agent.api.routing.SetStaticNatRulesCommand; +import com.cloud.configuration.ConfigurationManager; +import com.cloud.dc.ClusterVSMMapVO; +import com.cloud.dc.DataCenter; +import com.cloud.dc.VlanVO; +import com.cloud.dc.DataCenter.NetworkType; +import com.cloud.dc.dao.ClusterVSMMapDao; +import com.cloud.dc.dao.VlanDao; +import com.cloud.deploy.DeployDestination; +import com.cloud.domain.Domain; +import com.cloud.exception.ConcurrentOperationException; +import com.cloud.exception.InsufficientCapacityException; +import com.cloud.exception.ResourceUnavailableException; +import com.cloud.host.HostVO; +import com.cloud.host.dao.HostDao; +import com.cloud.network.Network; +import com.cloud.network.Network.GuestType; +import com.cloud.network.Network.Provider; +import com.cloud.network.Network.Service; +import com.cloud.network.CiscoNexusVSMDeviceVO; +import com.cloud.network.IpAddress; +import com.cloud.network.NetworkManager; +import com.cloud.network.NetworkModel; +import com.cloud.network.Networks.BroadcastDomainType; +import com.cloud.network.Networks.TrafficType; +import com.cloud.network.addr.PublicIp; +import com.cloud.network.cisco.CiscoAsa1000vDeviceVO; +import com.cloud.network.cisco.CiscoVnmcControllerVO; +import com.cloud.network.cisco.NetworkAsa1000vMapVO; +import com.cloud.network.dao.CiscoAsa1000vDao; +import com.cloud.network.dao.CiscoNexusVSMDeviceDao; +import com.cloud.network.dao.CiscoVnmcDao; +import com.cloud.network.dao.NetworkAsa1000vMapDao; +import com.cloud.network.dao.NetworkServiceMapDao; +import com.cloud.network.rules.FirewallRule; +import com.cloud.network.rules.PortForwardingRule; +import com.cloud.network.rules.StaticNat; +import com.cloud.network.rules.StaticNatRule; +import com.cloud.offering.NetworkOffering; +import com.cloud.resource.ResourceManager; +import com.cloud.user.Account; +import com.cloud.utils.net.Ip; +import com.cloud.vm.ReservationContext; + +import static org.junit.Assert.*; +import static org.mockito.Mockito.*; + +public class CiscoVnmcElementTest { + + CiscoVnmcElement _element = new CiscoVnmcElement(); + AgentManager _agentMgr = mock(AgentManager.class); + NetworkManager _networkMgr = mock(NetworkManager.class); + NetworkModel _networkModel = mock(NetworkModel.class); + HostDao _hostDao = mock(HostDao.class); + NetworkServiceMapDao _ntwkSrvcDao = mock(NetworkServiceMapDao.class); + ConfigurationManager _configMgr = mock(ConfigurationManager.class); + CiscoVnmcDao _ciscoVnmcDao = mock(CiscoVnmcDao.class); + CiscoAsa1000vDao _ciscoAsa1000vDao = mock(CiscoAsa1000vDao.class); + NetworkAsa1000vMapDao _networkAsa1000vMapDao = mock(NetworkAsa1000vMapDao.class); + ClusterVSMMapDao _clusterVsmMapDao = mock(ClusterVSMMapDao.class); + CiscoNexusVSMDeviceDao _vsmDeviceDao = mock(CiscoNexusVSMDeviceDao.class); + VlanDao _vlanDao = mock(VlanDao.class); + + @Before + public void setUp() throws ConfigurationException { + _element._resourceMgr = mock(ResourceManager.class); + _element._agentMgr = _agentMgr; + _element._networkMgr = _networkMgr; + _element._networkModel = _networkModel; + _element._hostDao = _hostDao; + _element._configMgr = _configMgr; + _element._ciscoVnmcDao = _ciscoVnmcDao; + _element._ciscoAsa1000vDao = _ciscoAsa1000vDao; + _element._networkAsa1000vMapDao = _networkAsa1000vMapDao; + _element._clusterVsmMapDao = _clusterVsmMapDao; + _element._vsmDeviceDao = _vsmDeviceDao; + _element._vlanDao = _vlanDao; + + // Standard responses + when(_networkModel.isProviderForNetwork(Provider.CiscoVnmc, 1L)).thenReturn(true); + + _element.configure("CiscoVnmcTestElement", Collections. emptyMap()); + } + + @Test + public void canHandleTest() { + Network network = mock(Network.class); + when(network.getId()).thenReturn(1L); + when(network.getBroadcastDomainType()).thenReturn(BroadcastDomainType.Vlan); + assertTrue(_element.canHandle(network)); + + when(network.getBroadcastDomainType()).thenReturn(BroadcastDomainType.UnDecided); + assertFalse(_element.canHandle(network)); + } + + @Test + public void implementTest() throws ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException { + URI uri = URI.create("vlan://123"); + + Network network = mock(Network.class); + when(network.getId()).thenReturn(1L); + when(network.getBroadcastDomainType()).thenReturn(BroadcastDomainType.Vlan); + when(network.getDataCenterId()).thenReturn(1L); + when(network.getGateway()).thenReturn("1.1.1.1"); + when(network.getBroadcastUri()).thenReturn(uri); + when(network.getCidr()).thenReturn("1.1.1.0/24"); + + NetworkOffering offering = mock(NetworkOffering.class); + when(offering.getId()).thenReturn(1L); + when(offering.getTrafficType()).thenReturn(TrafficType.Guest); + when(offering.getGuestType()).thenReturn(GuestType.Isolated); + + DeployDestination dest = mock(DeployDestination.class); + + Domain dom = mock(Domain.class); + when(dom.getName()).thenReturn("d1"); + Account acc = mock(Account.class); + when(acc.getAccountName()).thenReturn("a1"); + ReservationContext context = mock(ReservationContext.class); + when(context.getDomain()).thenReturn(dom); + when(context.getAccount()).thenReturn(acc); + + DataCenter dc = mock(DataCenter.class); + when(dc.getNetworkType()).thenReturn(NetworkType.Advanced); + when(_configMgr.getZone(network.getDataCenterId())).thenReturn(dc); + + List devices = new ArrayList(); + devices.add(mock(CiscoVnmcControllerVO.class)); + when(_ciscoVnmcDao.listByPhysicalNetwork(network.getPhysicalNetworkId())).thenReturn(devices); + + CiscoAsa1000vDeviceVO asaVO = mock(CiscoAsa1000vDeviceVO.class); + when(asaVO.getInPortProfile()).thenReturn("foo"); + when(asaVO.getManagementIp()).thenReturn("1.2.3.4"); + + List asaList = new ArrayList(); + asaList.add(asaVO); + when(_ciscoAsa1000vDao.listByPhysicalNetwork(network.getPhysicalNetworkId())).thenReturn(asaList); + + when(_networkAsa1000vMapDao.findByNetworkId(network.getId())).thenReturn(mock(NetworkAsa1000vMapVO.class)); + when(_networkAsa1000vMapDao.findByAsa1000vId(anyLong())).thenReturn(null); + when(_networkAsa1000vMapDao.persist(any(NetworkAsa1000vMapVO.class))).thenReturn(mock(NetworkAsa1000vMapVO.class)); + + when(_networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.SourceNat, Provider.CiscoVnmc)).thenReturn(true); + + ClusterVSMMapVO clusterVsmMap = mock(ClusterVSMMapVO.class); + when(_clusterVsmMapDao.findByClusterId(anyLong())).thenReturn(clusterVsmMap); + + CiscoNexusVSMDeviceVO vsmDevice = mock(CiscoNexusVSMDeviceVO.class); + when(vsmDevice.getUserName()).thenReturn("foo"); + when(vsmDevice.getPassword()).thenReturn("bar"); + when(vsmDevice.getipaddr()).thenReturn("1.2.3.4"); + when(_vsmDeviceDao.findById(anyLong())).thenReturn(vsmDevice); + + HostVO hostVO = mock(HostVO.class); + when(hostVO.getId()).thenReturn(1L); + when(_hostDao.findById(anyLong())).thenReturn(hostVO); + + Ip ip = mock(Ip.class); + when(ip.addr()).thenReturn("1.2.3.4"); + + PublicIp publicIp = mock(PublicIp.class); + when(publicIp.getAddress()).thenReturn(ip); + when(publicIp.getState()).thenReturn(IpAddress.State.Releasing); + when(publicIp.getAccountId()).thenReturn(1L); + when(publicIp.isSourceNat()).thenReturn(true); + when(publicIp.getVlanTag()).thenReturn("123"); + when(publicIp.getGateway()).thenReturn("1.1.1.1"); + when(publicIp.getNetmask()).thenReturn("1.1.1.1"); + when(publicIp.getMacAddress()).thenReturn(null); + when(publicIp.isOneToOneNat()).thenReturn(true); + when(_networkMgr.assignSourceNatIpAddressToGuestNetwork(acc, network)).thenReturn(publicIp); + + VlanVO vlanVO = mock(VlanVO.class); + when(vlanVO.getVlanGateway()).thenReturn("1.1.1.1"); + List vlanVOList = new ArrayList(); + when(_vlanDao.listVlansByPhysicalNetworkId(network.getPhysicalNetworkId())).thenReturn(vlanVOList); + + Answer answer = mock(Answer.class); + when(answer.getResult()).thenReturn(true); + + when(_agentMgr.easySend(anyLong(), any(CreateLogicalEdgeFirewallCommand.class))).thenReturn(answer); + when(_agentMgr.easySend(anyLong(), any(ConfigureNexusVsmForAsaCommand.class))).thenReturn(answer); + when(_agentMgr.easySend(anyLong(), any(SetSourceNatCommand.class))).thenReturn(answer); + when(_agentMgr.easySend(anyLong(), any(AssociateAsaWithLogicalEdgeFirewallCommand.class))).thenReturn(answer); + + assertTrue(_element.implement(network, offering, dest, context)); + } + + @Test + public void shutdownTest() throws ConcurrentOperationException, ResourceUnavailableException { + URI uri = URI.create("vlan://123"); + + Network network = mock(Network.class); + when(network.getId()).thenReturn(1L); + when(network.getBroadcastDomainType()).thenReturn(BroadcastDomainType.Vlan); + when(network.getDataCenterId()).thenReturn(1L); + when(network.getBroadcastUri()).thenReturn(uri); + + ReservationContext context = mock(ReservationContext.class); + + when(_networkAsa1000vMapDao.findByNetworkId(network.getId())).thenReturn(mock(NetworkAsa1000vMapVO.class)); + + List devices = new ArrayList(); + devices.add(mock(CiscoVnmcControllerVO.class)); + when(_ciscoVnmcDao.listByPhysicalNetwork(network.getPhysicalNetworkId())).thenReturn(devices); + + HostVO hostVO = mock(HostVO.class); + when(hostVO.getId()).thenReturn(1L); + when(_hostDao.findById(anyLong())).thenReturn(hostVO); + + Answer answer = mock(Answer.class); + when(answer.getResult()).thenReturn(true); + + when(_agentMgr.easySend(anyLong(), any(CleanupLogicalEdgeFirewallCommand.class))).thenReturn(answer); + + assertTrue(_element.shutdown(network, context, true)); + } + + @Test + public void applyFWRulesTest() throws ResourceUnavailableException { + URI uri = URI.create("vlan://123"); + + Network network = mock(Network.class); + when(network.getId()).thenReturn(1L); + when(network.getBroadcastDomainType()).thenReturn(BroadcastDomainType.Vlan); + when(network.getDataCenterId()).thenReturn(1L); + when(network.getBroadcastUri()).thenReturn(uri); + when(network.getCidr()).thenReturn("1.1.1.0/24"); + when(network.getState()).thenReturn(Network.State.Implemented); + + Ip ip = mock(Ip.class); + when(ip.addr()).thenReturn("1.2.3.4"); + + IpAddress ipAddress = mock(IpAddress.class); + when(ipAddress.getAddress()).thenReturn(ip); + + when(_networkModel.getIp(anyLong())).thenReturn(ipAddress); + when(_networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.Firewall, Provider.CiscoVnmc)).thenReturn(true); + + List devices = new ArrayList(); + devices.add(mock(CiscoVnmcControllerVO.class)); + when(_ciscoVnmcDao.listByPhysicalNetwork(network.getPhysicalNetworkId())).thenReturn(devices); + + when(_networkAsa1000vMapDao.findByNetworkId(network.getId())).thenReturn(mock(NetworkAsa1000vMapVO.class)); + + HostVO hostVO = mock(HostVO.class); + when(hostVO.getId()).thenReturn(1L); + when(_hostDao.findById(anyLong())).thenReturn(hostVO); + + FirewallRule rule = mock(FirewallRule.class); + when(rule.getSourceIpAddressId()).thenReturn(1L); + List rules = new ArrayList(); + rules.add(rule); + + Answer answer = mock(Answer.class); + when(answer.getResult()).thenReturn(true); + + when(_agentMgr.easySend(anyLong(), any(SetFirewallRulesCommand.class))).thenReturn(answer); + + assertTrue(_element.applyFWRules(network, rules)); + } + + @Test + public void applyPRulesTest() throws ResourceUnavailableException { + URI uri = URI.create("vlan://123"); + + Network network = mock(Network.class); + when(network.getId()).thenReturn(1L); + when(network.getBroadcastDomainType()).thenReturn(BroadcastDomainType.Vlan); + when(network.getDataCenterId()).thenReturn(1L); + when(network.getBroadcastUri()).thenReturn(uri); + when(network.getCidr()).thenReturn("1.1.1.0/24"); + when(network.getState()).thenReturn(Network.State.Implemented); + + Ip ip = mock(Ip.class); + when(ip.addr()).thenReturn("1.2.3.4"); + + IpAddress ipAddress = mock(IpAddress.class); + when(ipAddress.getAddress()).thenReturn(ip); + when(ipAddress.getVlanId()).thenReturn(1L); + + when(_networkModel.getIp(anyLong())).thenReturn(ipAddress); + when(_networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.PortForwarding, Provider.CiscoVnmc)).thenReturn(true); + + List devices = new ArrayList(); + devices.add(mock(CiscoVnmcControllerVO.class)); + when(_ciscoVnmcDao.listByPhysicalNetwork(network.getPhysicalNetworkId())).thenReturn(devices); + + when(_networkAsa1000vMapDao.findByNetworkId(network.getId())).thenReturn(mock(NetworkAsa1000vMapVO.class)); + + HostVO hostVO = mock(HostVO.class); + when(hostVO.getId()).thenReturn(1L); + when(_hostDao.findById(anyLong())).thenReturn(hostVO); + + VlanVO vlanVO = mock(VlanVO.class); + when(vlanVO.getVlanTag()).thenReturn(null); + when(_vlanDao.findById(anyLong())).thenReturn(vlanVO); + + PortForwardingRule rule = mock(PortForwardingRule.class); + when(rule.getSourceIpAddressId()).thenReturn(1L); + when(rule.getDestinationIpAddress()).thenReturn(ip); + List rules = new ArrayList(); + rules.add(rule); + + Answer answer = mock(Answer.class); + when(answer.getResult()).thenReturn(true); + + when(_agentMgr.easySend(anyLong(), any(SetPortForwardingRulesCommand.class))).thenReturn(answer); + + assertTrue(_element.applyPFRules(network, rules)); + } + + @Test + public void applyStaticNatsTest() throws ResourceUnavailableException { + URI uri = URI.create("vlan://123"); + + Network network = mock(Network.class); + when(network.getId()).thenReturn(1L); + when(network.getBroadcastDomainType()).thenReturn(BroadcastDomainType.Vlan); + when(network.getDataCenterId()).thenReturn(1L); + when(network.getBroadcastUri()).thenReturn(uri); + when(network.getCidr()).thenReturn("1.1.1.0/24"); + when(network.getState()).thenReturn(Network.State.Implemented); + + Ip ip = mock(Ip.class); + when(ip.addr()).thenReturn("1.2.3.4"); + + IpAddress ipAddress = mock(IpAddress.class); + when(ipAddress.getAddress()).thenReturn(ip); + when(ipAddress.getVlanId()).thenReturn(1L); + + when(_networkModel.getIp(anyLong())).thenReturn(ipAddress); + when(_networkModel.isProviderSupportServiceInNetwork(network.getId(), Service.StaticNat, Provider.CiscoVnmc)).thenReturn(true); + + List devices = new ArrayList(); + devices.add(mock(CiscoVnmcControllerVO.class)); + when(_ciscoVnmcDao.listByPhysicalNetwork(network.getPhysicalNetworkId())).thenReturn(devices); + + when(_networkAsa1000vMapDao.findByNetworkId(network.getId())).thenReturn(mock(NetworkAsa1000vMapVO.class)); + + HostVO hostVO = mock(HostVO.class); + when(hostVO.getId()).thenReturn(1L); + when(_hostDao.findById(anyLong())).thenReturn(hostVO); + + VlanVO vlanVO = mock(VlanVO.class); + when(vlanVO.getVlanTag()).thenReturn(null); + when(_vlanDao.findById(anyLong())).thenReturn(vlanVO); + + StaticNat rule = mock(StaticNat.class); + when(rule.getSourceIpAddressId()).thenReturn(1L); + when(rule.getDestIpAddress()).thenReturn("1.2.3.4"); + when(rule.isForRevoke()).thenReturn(false); + List rules = new ArrayList(); + rules.add(rule); + + Answer answer = mock(Answer.class); + when(answer.getResult()).thenReturn(true); + + when(_agentMgr.easySend(anyLong(), any(SetStaticNatRulesCommand.class))).thenReturn(answer); + + assertTrue(_element.applyStaticNats(network, rules)); + } +} diff --git a/plugins/network-elements/cisco-vnmc/test/com/cloud/network/resource/CiscoVnmcResourceTest.java b/plugins/network-elements/cisco-vnmc/test/com/cloud/network/resource/CiscoVnmcResourceTest.java new file mode 100755 index 00000000000..e814fdcd4d5 --- /dev/null +++ b/plugins/network-elements/cisco-vnmc/test/com/cloud/network/resource/CiscoVnmcResourceTest.java @@ -0,0 +1,285 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. +package com.cloud.network.resource; + +import static org.junit.Assert.*; +import static org.mockito.Matchers.any; +import static org.mockito.Mockito.*; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.naming.ConfigurationException; + +import org.junit.Before; +import org.junit.Test; + +import com.cloud.agent.api.Answer; +import com.cloud.agent.api.CreateLogicalEdgeFirewallCommand; +import com.cloud.agent.api.PingCommand; +import com.cloud.agent.api.StartupCommand; +import com.cloud.agent.api.routing.NetworkElementCommand; +import com.cloud.agent.api.routing.SetFirewallRulesCommand; +import com.cloud.agent.api.routing.SetPortForwardingRulesCommand; +import com.cloud.agent.api.routing.SetSourceNatCommand; +import com.cloud.agent.api.routing.SetStaticNatRulesCommand; +import com.cloud.agent.api.to.FirewallRuleTO; +import com.cloud.agent.api.to.IpAddressTO; +import com.cloud.agent.api.to.PortForwardingRuleTO; +import com.cloud.agent.api.to.StaticNatRuleTO; +import com.cloud.dc.Vlan; +import com.cloud.host.Host; +import com.cloud.network.IpAddress; +import com.cloud.network.cisco.CiscoVnmcConnectionImpl; +import com.cloud.network.rules.FirewallRule; +import com.cloud.network.rules.PortForwardingRule; +import com.cloud.network.rules.StaticNat; +import com.cloud.network.rules.FirewallRule.Purpose; +import com.cloud.network.rules.FirewallRule.TrafficType; +import com.cloud.network.rules.FirewallRuleVO; +import com.cloud.utils.exception.ExecutionException; + +public class CiscoVnmcResourceTest { + CiscoVnmcConnectionImpl _connection = mock(CiscoVnmcConnectionImpl.class); + CiscoVnmcResource _resource; + Map _parameters; + + @Before + public void setUp() throws ConfigurationException { + _resource = new CiscoVnmcResource(); + + _parameters = new HashMap(); + _parameters.put("name", "CiscoVnmc"); + _parameters.put("zoneId", "1"); + _parameters.put("physicalNetworkId", "100"); + _parameters.put("ip", "1.2.3.4"); + _parameters.put("username", "admin"); + _parameters.put("password", "pass"); + _parameters.put("guid", "e8e13097-0a08-4e82-b0af-1101589ec3b8"); + _parameters.put("numretries", "3"); + _parameters.put("timeout", "300"); + } + + @Test(expected=ConfigurationException.class) + public void resourceConfigureFailure() throws ConfigurationException { + _resource.configure("CiscoVnmcResource", Collections.emptyMap()); + } + + @Test + public void resourceConfigure() throws ConfigurationException { + _resource.configure("CiscoVnmcResource", _parameters); + assertTrue("CiscoVnmc".equals(_resource.getName())); + assertTrue(_resource.getType() == Host.Type.ExternalFirewall); + } + + @Test + public void testInitialization() throws ConfigurationException { + _resource.configure("CiscoVnmcResource", _parameters); + StartupCommand[] sc = _resource.initialize(); + assertTrue(sc.length ==1); + assertTrue("e8e13097-0a08-4e82-b0af-1101589ec3b8".equals(sc[0].getGuid())); + assertTrue("CiscoVnmc".equals(sc[0].getName())); + assertTrue("1".equals(sc[0].getDataCenter())); + } + + @Test + public void testPingCommandStatusOk() throws ConfigurationException, ExecutionException { + _resource.configure("CiscoVnmcResource", _parameters); + _resource.setConnection(_connection); + when(_connection.login()).thenReturn(true); + PingCommand ping = _resource.getCurrentStatus(1); + assertTrue(ping != null); + assertTrue(ping.getHostId() == 1); + assertTrue(ping.getHostType() == Host.Type.ExternalFirewall); + } + + @Test + public void testPingCommandStatusFail() throws ConfigurationException, ExecutionException { + _resource.configure("CiscoVnmcResource", _parameters); + _resource.setConnection(_connection); + when(_connection.login()).thenReturn(false); + PingCommand ping = _resource.getCurrentStatus(1); + assertTrue(ping == null); + } + + @Test + public void testSourceNat() throws ConfigurationException, Exception { + long vlanId = 123; + IpAddressTO ip = new IpAddressTO(1, "1.2.3.4", true, false, + false, null, "1.2.3.1", "255.255.255.0", null, null, false); + SetSourceNatCommand cmd = new SetSourceNatCommand(ip, true); + cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, Long.toString(vlanId)); + cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, "1.2.3.4/32"); + + _resource.configure("CiscoVnmcResource", _parameters); + _resource.setConnection(_connection); + when(_connection.login()).thenReturn(true); + when(_connection.createTenantVDCNatPolicySet(anyString())).thenReturn(true); + when(_connection.createTenantVDCSourceNatPolicy(anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCSourceNatPolicyRef(anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCSourceNatIpPool(anyString(), anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCSourceNatRule(anyString(), anyString(), anyString(), anyString())).thenReturn(true); + when(_connection.associateNatPolicySet(anyString())).thenReturn(true); + + Answer answer = _resource.executeRequest(cmd); + System.out.println(answer.getDetails()); + assertTrue(answer.getResult()); + } + + @Test + public void testFirewall() throws ConfigurationException, Exception { + long vlanId = 123; + List rules = new ArrayList(); + List cidrList = new ArrayList(); + cidrList.add("2.3.2.3/32"); + FirewallRuleTO active = new FirewallRuleTO(1, + null, "1.2.3.4", "tcp", 22, 22, false, false, + FirewallRule.Purpose.Firewall, cidrList, null, null); + rules.add(active); + FirewallRuleTO revoked = new FirewallRuleTO(1, + null, "1.2.3.4", "tcp", 22, 22, true, false, + FirewallRule.Purpose.Firewall, null, null, null); + rules.add(revoked); + + SetFirewallRulesCommand cmd = new SetFirewallRulesCommand(rules); + cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, Long.toString(vlanId)); + cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, "1.2.3.4/32"); + + _resource.configure("CiscoVnmcResource", _parameters); + _resource.setConnection(_connection); + when(_connection.createTenantVDCAclPolicySet(anyString(), anyBoolean())).thenReturn(true); + when(_connection.createTenantVDCAclPolicy(anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCAclPolicyRef(anyString(), anyString(), anyBoolean())).thenReturn(true); + when(_connection.deleteTenantVDCAclRule(anyString(), anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCIngressAclRule( + anyString(), anyString(), anyString(), + anyString(), anyString(), anyString(), + anyString(), anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCEgressAclRule( + anyString(), anyString(), anyString(), + anyString(), anyString(), anyString(), + anyString(), anyString(), anyString())).thenReturn(true); + when(_connection.associateAclPolicySet(anyString())).thenReturn(true); + + Answer answer = _resource.executeRequest(cmd); + System.out.println(answer.getDetails()); + assertTrue(answer.getResult()); + } + + @Test + public void testStaticNat() throws ConfigurationException, Exception { + long vlanId = 123; + List rules = new ArrayList(); + StaticNatRuleTO active = new StaticNatRuleTO(0, "1.2.3.4", null, + null, "5.6.7.8", null, null, null, false, false); + rules.add(active); + StaticNatRuleTO revoked = new StaticNatRuleTO(0, "1.2.3.4", null, + null, "5.6.7.8", null, null, null, true, false); + rules.add(revoked); + + SetStaticNatRulesCommand cmd = new SetStaticNatRulesCommand(rules, null); + cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, Long.toString(vlanId)); + cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, "1.2.3.4/32"); + + _resource.configure("CiscoVnmcResource", _parameters); + _resource.setConnection(_connection); + when(_connection.createTenantVDCNatPolicySet(anyString())).thenReturn(true); + when(_connection.createTenantVDCAclPolicySet(anyString(), anyBoolean())).thenReturn(true); + when(_connection.createTenantVDCDNatPolicy(anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCDNatPolicyRef(anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCAclPolicy(anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCAclPolicyRef(anyString(), anyString(), anyBoolean())).thenReturn(true); + when(_connection.deleteTenantVDCDNatRule(anyString(), anyString(), anyString())).thenReturn(true); + when(_connection.deleteTenantVDCAclRule(anyString(), anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCDNatIpPool(anyString(), anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCDNatRule(anyString(), + anyString(), anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCAclRuleForDNat(anyString(), + anyString(), anyString(), anyString())).thenReturn(true); + when(_connection.associateAclPolicySet(anyString())).thenReturn(true); + + Answer answer = _resource.executeRequest(cmd); + System.out.println(answer.getDetails()); + assertTrue(answer.getResult()); + } + + @Test + public void testPortForwarding() throws ConfigurationException, Exception { + long vlanId = 123; + List rules = new ArrayList(); + PortForwardingRuleTO active = new PortForwardingRuleTO(1, "1.2.3.4", 22, 22, + "5.6.7.8", 22, 22, "tcp", false, false); + rules.add(active); + PortForwardingRuleTO revoked = new PortForwardingRuleTO(1, "1.2.3.4", 22, 22, + "5.6.7.8", 22, 22, "tcp", false, false); + rules.add(revoked); + + SetPortForwardingRulesCommand cmd = new SetPortForwardingRulesCommand(rules); + cmd.setContextParam(NetworkElementCommand.GUEST_VLAN_TAG, Long.toString(vlanId)); + cmd.setContextParam(NetworkElementCommand.GUEST_NETWORK_CIDR, "1.2.3.4/32"); + + _resource.configure("CiscoVnmcResource", _parameters); + _resource.setConnection(_connection); + when(_connection.createTenantVDCNatPolicySet(anyString())).thenReturn(true); + when(_connection.createTenantVDCAclPolicySet(anyString(), anyBoolean())).thenReturn(true); + when(_connection.createTenantVDCPFPolicy(anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCPFPolicyRef(anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCAclPolicy(anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCAclPolicyRef(anyString(), anyString(), anyBoolean())).thenReturn(true); + when(_connection.deleteTenantVDCPFRule(anyString(), anyString(), anyString())).thenReturn(true); + when(_connection.deleteTenantVDCAclRule(anyString(), anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCPFIpPool(anyString(), anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCPFPortPool(anyString(), anyString(), anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCPFRule(anyString(), + anyString(), anyString(), anyString(), + anyString(), anyString(), anyString())).thenReturn(true); + when(_connection.createTenantVDCAclRuleForPF(anyString(), + anyString(), anyString(), anyString(), + anyString(), anyString(), anyString())).thenReturn(true); + when(_connection.associateAclPolicySet(anyString())).thenReturn(true); + + Answer answer = _resource.executeRequest(cmd); + System.out.println(answer.getDetails()); + assertTrue(answer.getResult()); + } + + @Test + public void testCreateEdgeFirewall() throws ConfigurationException, Exception { + long vlanId = 123; + CreateLogicalEdgeFirewallCommand cmd = new CreateLogicalEdgeFirewallCommand(vlanId, "1.2.3.4", "5.6.7.8", "255.255.255.0", "255.255.255.0"); + cmd.getPublicGateways().add("1.1.1.1"); + cmd.getPublicGateways().add("2.2.2.2"); + + _resource.configure("CiscoVnmcResource", _parameters); + _resource.setConnection(_connection); + when(_connection.createTenant(anyString())).thenReturn(true); + when(_connection.createTenantVDC(anyString())).thenReturn(true); + when(_connection.createTenantVDCEdgeSecurityProfile(anyString())).thenReturn(true); + when(_connection.createTenantVDCEdgeDeviceProfile(anyString())).thenReturn(true); + when(_connection.createTenantVDCEdgeStaticRoutePolicy(anyString())).thenReturn(true); + when(_connection.createTenantVDCEdgeStaticRoute(anyString(), anyString(), anyString(), anyString())).thenReturn(true); + when(_connection.associateTenantVDCEdgeStaticRoutePolicy(anyString())).thenReturn(true); + when(_connection.createEdgeFirewall(anyString(), anyString(), anyString(), anyString(), anyString())).thenReturn(true); + + Answer answer = _resource.executeRequest(cmd); + System.out.println(answer.getDetails()); + assertTrue(answer.getResult()); + } +} diff --git a/plugins/network-elements/dns-notifier/resources/components-example.xml b/plugins/network-elements/dns-notifier/resources/components-example.xml index 6493e748fae..2e9c5bedc63 100755 --- a/plugins/network-elements/dns-notifier/resources/components-example.xml +++ b/plugins/network-elements/dns-notifier/resources/components-example.xml @@ -86,7 +86,7 @@ under the License. - + diff --git a/plugins/network-elements/f5/src/com/cloud/network/element/F5ExternalLoadBalancerElement.java b/plugins/network-elements/f5/src/com/cloud/network/element/F5ExternalLoadBalancerElement.java index 77f6b60bfe8..e384e3cfd0d 100644 --- a/plugins/network-elements/f5/src/com/cloud/network/element/F5ExternalLoadBalancerElement.java +++ b/plugins/network-elements/f5/src/com/cloud/network/element/F5ExternalLoadBalancerElement.java @@ -16,19 +16,6 @@ // under the License. package com.cloud.network.element; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Set; - -import javax.ejb.Local; -import javax.inject.Inject; - -import org.apache.cloudstack.api.response.ExternalLoadBalancerResponse; -import org.apache.cloudstack.network.ExternalNetworkDeviceManager.NetworkDevice; -import org.apache.log4j.Logger; - import com.cloud.agent.api.to.LoadBalancerTO; import com.cloud.api.ApiDBUtils; import com.cloud.api.commands.*; @@ -101,7 +88,7 @@ public class F5ExternalLoadBalancerElement extends ExternalLoadBalancerDeviceMan ConfigurationDao _configDao; private boolean canHandle(Network config) { - if (config.getGuestType() != Network.GuestType.Isolated || config.getTrafficType() != TrafficType.Guest) { + if ((config.getGuestType() != Network.GuestType.Isolated && config.getGuestType() != Network.GuestType.Shared) || config.getTrafficType() != TrafficType.Guest) { s_logger.trace("Not handling network with Type " + config.getGuestType() + " and traffic type " + config.getTrafficType()); return false; } diff --git a/plugins/network-elements/juniper-srx/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java b/plugins/network-elements/juniper-srx/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java index 64b0f5aa37d..a429306a680 100644 --- a/plugins/network-elements/juniper-srx/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java +++ b/plugins/network-elements/juniper-srx/src/com/cloud/network/element/JuniperSRXExternalFirewallElement.java @@ -16,28 +16,8 @@ // under the License. package com.cloud.network.element; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Set; - -import javax.ejb.Local; -import javax.inject.Inject; - -import org.apache.cloudstack.api.response.ExternalFirewallResponse; -import org.apache.cloudstack.network.ExternalNetworkDeviceManager.NetworkDevice; -import org.apache.log4j.Logger; - import com.cloud.api.ApiDBUtils; -import com.cloud.api.commands.AddExternalFirewallCmd; -import com.cloud.api.commands.AddSrxFirewallCmd; -import com.cloud.api.commands.ConfigureSrxFirewallCmd; -import com.cloud.api.commands.DeleteExternalFirewallCmd; -import com.cloud.api.commands.DeleteSrxFirewallCmd; -import com.cloud.api.commands.ListExternalFirewallsCmd; -import com.cloud.api.commands.ListSrxFirewallNetworksCmd; -import com.cloud.api.commands.ListSrxFirewallsCmd; +import com.cloud.api.commands.*; import com.cloud.api.response.SrxFirewallResponse; import com.cloud.configuration.Config; import com.cloud.configuration.ConfigurationManager; @@ -47,35 +27,16 @@ import com.cloud.dc.DataCenter.NetworkType; import com.cloud.dc.DataCenterVO; import com.cloud.dc.dao.DataCenterDao; import com.cloud.deploy.DeployDestination; -import com.cloud.exception.ConcurrentOperationException; -import com.cloud.exception.InsufficientCapacityException; -import com.cloud.exception.InsufficientNetworkCapacityException; -import com.cloud.exception.InvalidParameterValueException; -import com.cloud.exception.ResourceUnavailableException; +import com.cloud.exception.*; import com.cloud.host.Host; import com.cloud.host.HostVO; import com.cloud.host.dao.HostDao; import com.cloud.host.dao.HostDetailsDao; -import com.cloud.network.ExternalFirewallDeviceManagerImpl; -import com.cloud.network.Network; +import com.cloud.network.*; import com.cloud.network.Network.Capability; import com.cloud.network.Network.Provider; import com.cloud.network.Network.Service; -import com.cloud.network.NetworkModel; -import com.cloud.network.PhysicalNetwork; -import com.cloud.network.PhysicalNetworkServiceProvider; -import com.cloud.network.PublicIpAddress; -import com.cloud.network.RemoteAccessVpn; -import com.cloud.network.VpnUser; -import com.cloud.network.dao.ExternalFirewallDeviceDao; -import com.cloud.network.dao.ExternalFirewallDeviceVO; -import com.cloud.network.dao.NetworkDao; -import com.cloud.network.dao.NetworkExternalFirewallDao; -import com.cloud.network.dao.NetworkExternalFirewallVO; -import com.cloud.network.dao.NetworkServiceMapDao; -import com.cloud.network.dao.NetworkVO; -import com.cloud.network.dao.PhysicalNetworkDao; -import com.cloud.network.dao.PhysicalNetworkVO; +import com.cloud.network.dao.*; import com.cloud.network.dao.ExternalFirewallDeviceVO.FirewallDeviceState; import com.cloud.network.resource.JuniperSrxResource; import com.cloud.network.rules.FirewallRule; @@ -89,6 +50,13 @@ import com.cloud.vm.NicProfile; import com.cloud.vm.ReservationContext; import com.cloud.vm.VirtualMachine; import com.cloud.vm.VirtualMachineProfile; +import org.apache.cloudstack.api.response.ExternalFirewallResponse; +import org.apache.cloudstack.network.ExternalNetworkDeviceManager.NetworkDevice; +import org.apache.log4j.Logger; + +import javax.ejb.Local; +import javax.inject.Inject; +import java.util.*; @Local(value = {NetworkElement.class, FirewallServiceProvider.class, PortForwardingServiceProvider.class, IpDeployer.class, @@ -129,7 +97,9 @@ PortForwardingServiceProvider, RemoteAccessVPNServiceProvider, IpDeployer, Junip private boolean canHandle(Network network, Service service) { DataCenter zone = _configMgr.getZone(network.getDataCenterId()); - if ((zone.getNetworkType() == NetworkType.Advanced && network.getGuestType() != Network.GuestType.Isolated) || (zone.getNetworkType() == NetworkType.Basic && network.getGuestType() != Network.GuestType.Shared)) { + if ((zone.getNetworkType() == NetworkType.Advanced && !(network.getGuestType() == Network.GuestType.Isolated || + network.getGuestType() == Network.GuestType.Shared )) || + (zone.getNetworkType() == NetworkType.Basic && network.getGuestType() != Network.GuestType.Shared)) { s_logger.trace("Element " + getProvider().getName() + "is not handling network type = " + network.getGuestType()); return false; } diff --git a/plugins/network-elements/netscaler/src/com/cloud/network/element/NetscalerElement.java b/plugins/network-elements/netscaler/src/com/cloud/network/element/NetscalerElement.java index 17bb7cc1b6a..2bbdb0450be 100644 --- a/plugins/network-elements/netscaler/src/com/cloud/network/element/NetscalerElement.java +++ b/plugins/network-elements/netscaler/src/com/cloud/network/element/NetscalerElement.java @@ -124,7 +124,8 @@ public class NetscalerElement extends ExternalLoadBalancerDeviceManagerImpl impl private boolean canHandle(Network config, Service service) { DataCenter zone = _dcDao.findById(config.getDataCenterId()); - boolean handleInAdvanceZone = (zone.getNetworkType() == NetworkType.Advanced && config.getGuestType() == Network.GuestType.Isolated && config.getTrafficType() == TrafficType.Guest); + boolean handleInAdvanceZone = (zone.getNetworkType() == NetworkType.Advanced && + (config.getGuestType() == Network.GuestType.Isolated || config.getGuestType() == Network.GuestType.Shared) && config.getTrafficType() == TrafficType.Guest); boolean handleInBasicZone = (zone.getNetworkType() == NetworkType.Basic && config.getGuestType() == Network.GuestType.Shared && config.getTrafficType() == TrafficType.Guest); if (!(handleInAdvanceZone || handleInBasicZone)) { diff --git a/plugins/pom.xml b/plugins/pom.xml index 12c85fff38b..471253f0728 100755 --- a/plugins/pom.xml +++ b/plugins/pom.xml @@ -138,6 +138,7 @@ hypervisors/vmware + network-elements/cisco-vnmc diff --git a/plugins/storage/volume/default/src/org/apache/cloudstack/storage/datastore/provider/CloudStackPrimaryDataStoreProviderImpl.java b/plugins/storage/volume/default/src/org/apache/cloudstack/storage/datastore/provider/CloudStackPrimaryDataStoreProviderImpl.java index 4d46d99fab3..826f07ae07e 100644 --- a/plugins/storage/volume/default/src/org/apache/cloudstack/storage/datastore/provider/CloudStackPrimaryDataStoreProviderImpl.java +++ b/plugins/storage/volume/default/src/org/apache/cloudstack/storage/datastore/provider/CloudStackPrimaryDataStoreProviderImpl.java @@ -37,7 +37,7 @@ public class CloudStackPrimaryDataStoreProviderImpl implements private final String providerName = "ancient primary data store provider"; protected PrimaryDataStoreDriver driver; protected HypervisorHostListener listener; - protected DataStoreLifeCycle lifecyle; + protected DataStoreLifeCycle lifecycle; CloudStackPrimaryDataStoreProviderImpl() { @@ -50,12 +50,12 @@ public class CloudStackPrimaryDataStoreProviderImpl implements @Override public DataStoreLifeCycle getDataStoreLifeCycle() { - return this.lifecyle; + return this.lifecycle; } @Override public boolean configure(Map params) { - lifecyle = ComponentContext.inject(CloudStackPrimaryDataStoreLifeCycleImpl.class); + lifecycle = ComponentContext.inject(CloudStackPrimaryDataStoreLifeCycleImpl.class); driver = ComponentContext.inject(CloudStackPrimaryDataStoreDriverImpl.class); listener = ComponentContext.inject(DefaultHostListener.class); return true; diff --git a/server/src/com/cloud/api/ApiResponseHelper.java b/server/src/com/cloud/api/ApiResponseHelper.java index 50c137ae81f..cfe0e00d8ba 100755 --- a/server/src/com/cloud/api/ApiResponseHelper.java +++ b/server/src/com/cloud/api/ApiResponseHelper.java @@ -2717,8 +2717,8 @@ public class ApiResponseHelper implements ResponseGenerator { List serviceProviders = ApiDBUtils.getProvidersForService(service); List serviceProvidersResponses = new ArrayList(); for (Network.Provider serviceProvider : serviceProviders) { - // return only Virtual Router/JuniperSRX as a provider for the firewall - if (service == Service.Firewall && !(serviceProvider == Provider.VirtualRouter || serviceProvider == Provider.JuniperSRX)) { + // return only Virtual Router/JuniperSRX/CiscoVnmc as a provider for the firewall + if (service == Service.Firewall && !(serviceProvider == Provider.VirtualRouter || serviceProvider == Provider.JuniperSRX || serviceProvider == Provider.CiscoVnmc)) { continue; } diff --git a/server/src/com/cloud/api/query/QueryManagerImpl.java b/server/src/com/cloud/api/query/QueryManagerImpl.java index ea58427b3c8..5ffc2db995c 100644 --- a/server/src/com/cloud/api/query/QueryManagerImpl.java +++ b/server/src/com/cloud/api/query/QueryManagerImpl.java @@ -1941,7 +1941,7 @@ public class QueryManagerImpl extends ManagerBase implements QueryService { Boolean isAscending = Boolean.parseBoolean(_configDao.getValue("sortkey.algorithm")); isAscending = (isAscending == null ? true : isAscending); Filter searchFilter = new Filter(DiskOfferingJoinVO.class, "sortKey", isAscending, cmd.getStartIndex(), cmd.getPageSizeVal()); - SearchBuilder sb = _diskOfferingJoinDao.createSearchBuilder(); + SearchCriteria sc = _diskOfferingJoinDao.createSearchCriteria(); Account account = UserContext.current().getCaller(); @@ -1956,9 +1956,7 @@ public class QueryManagerImpl extends ManagerBase implements QueryService { if (account.getType() == Account.ACCOUNT_TYPE_ADMIN || isPermissible(account.getDomainId(), domainId) ) { // check if the user's domain == do's domain || user's domain is // a child of so's domain for non-root users - sb.and("domainId", sb.entity().getDomainId(), SearchCriteria.Op.EQ); - SearchCriteria sc = sb.create(); - sc.setParameters("domainId", domainId); + sc.addAnd("domainId", SearchCriteria.Op.EQ, domainId); return _diskOfferingJoinDao.searchAndCount(sc, searchFilter); } else { throw new PermissionDeniedException("The account:" + account.getAccountName() @@ -1966,11 +1964,7 @@ public class QueryManagerImpl extends ManagerBase implements QueryService { } } - sb.and("name", sb.entity().getName(), SearchCriteria.Op.LIKE); - sb.and("id", sb.entity().getId(), SearchCriteria.Op.EQ); - - boolean includePublicOfferings = false; List domainIds = null; // For non-root users, only return all offerings for the user's domain, and everything above till root if ((account.getType() == Account.ACCOUNT_TYPE_NORMAL || account.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) @@ -1987,16 +1981,17 @@ public class QueryManagerImpl extends ManagerBase implements QueryService { domainRecord = _domainDao.findById(domainRecord.getParent()); domainIds.add(domainRecord.getId()); } - sb.and("domainIdIn", sb.entity().getDomainId(), SearchCriteria.Op.IN); + + SearchCriteria spc = _diskOfferingJoinDao.createSearchCriteria(); - // include also public offering if no keyword, name and id specified - if ( keyword == null && name == null && id == null ){ - includePublicOfferings = true; - } + spc.addOr("domainId", SearchCriteria.Op.IN, domainIds.toArray()); + spc.addOr("domainId", SearchCriteria.Op.NULL); // include public offering as where + sc.addAnd("domainId", SearchCriteria.Op.SC, spc); + sc.addAnd("systemUse", SearchCriteria.Op.EQ, false); // non-root users should not see system offering at all + } - SearchCriteria sc = sb.create(); - if (keyword != null) { + if (keyword != null) { SearchCriteria ssc = _diskOfferingJoinDao.createSearchCriteria(); ssc.addOr("displayText", SearchCriteria.Op.LIKE, "%" + keyword + "%"); ssc.addOr("name", SearchCriteria.Op.LIKE, "%" + keyword + "%"); @@ -2004,26 +1999,14 @@ public class QueryManagerImpl extends ManagerBase implements QueryService { sc.addAnd("name", SearchCriteria.Op.SC, ssc); } - if (name != null) { - sc.setParameters("name", "%" + name + "%"); - } - if (id != null) { - sc.setParameters("id", id); + sc.addAnd("id", SearchCriteria.Op.EQ, id); } - if (domainIds != null ){ - sc.setParameters("domainIdIn", domainIds.toArray()); + if (name != null) { + sc.addAnd("name", SearchCriteria.Op.EQ, name); } - - if (includePublicOfferings){ - SearchCriteria spc = _diskOfferingJoinDao.createSearchCriteria(); - spc.addAnd("domainId", SearchCriteria.Op.NULL); - spc.addAnd("systemUse", SearchCriteria.Op.EQ, false); - - sc.addOr("systemUse", SearchCriteria.Op.SC, spc); - } - + // FIXME: disk offerings should search back up the hierarchy for // available disk offerings... /* @@ -2100,10 +2083,10 @@ public class QueryManagerImpl extends ManagerBase implements QueryService { } } - boolean includePublicOfferings = false; + // boolean includePublicOfferings = false; if ((caller.getType() == Account.ACCOUNT_TYPE_NORMAL || caller.getType() == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) || caller.getType() == Account.ACCOUNT_TYPE_RESOURCE_DOMAIN_ADMIN) { - // For non-root users + // For non-root users. if (isSystem) { throw new InvalidParameterValueException("Only root admins can access system's offering"); } @@ -2122,13 +2105,9 @@ public class QueryManagerImpl extends ManagerBase implements QueryService { SearchCriteria spc = _srvOfferingJoinDao.createSearchCriteria(); spc.addOr("domainId", SearchCriteria.Op.IN, domainIds.toArray()); - spc.addOr("domainId", SearchCriteria.Op.NULL); + spc.addOr("domainId", SearchCriteria.Op.NULL); // include public offering as where sc.addAnd("domainId", SearchCriteria.Op.SC, spc); - // include also public offering if no keyword, name and id specified - if ( keyword == null && name == null && id == null ){ - includePublicOfferings = true; - } } else { // for root users @@ -2171,24 +2150,18 @@ public class QueryManagerImpl extends ManagerBase implements QueryService { } if (isSystem != null) { + // note that for non-root users, isSystem is always false when control comes to here sc.addAnd("systemUse", SearchCriteria.Op.EQ, isSystem); } if (name != null) { - sc.addAnd("name", SearchCriteria.Op.LIKE, "%" + name + "%"); + sc.addAnd("name", SearchCriteria.Op.EQ, name); } if (vmTypeStr != null) { sc.addAnd("vm_type", SearchCriteria.Op.EQ, vmTypeStr); } - if (includePublicOfferings){ - SearchCriteria spc = _srvOfferingJoinDao.createSearchCriteria(); - spc.addAnd("domainId", SearchCriteria.Op.NULL); - spc.addAnd("systemUse", SearchCriteria.Op.EQ, false); - sc.addOr("systemUse", SearchCriteria.Op.SC, spc); - } - return _srvOfferingJoinDao.searchAndCount(sc, searchFilter); } diff --git a/server/src/com/cloud/configuration/ConfigurationManager.java b/server/src/com/cloud/configuration/ConfigurationManager.java old mode 100644 new mode 100755 index c5f65e9d0fc..d7faf19fd28 --- a/server/src/com/cloud/configuration/ConfigurationManager.java +++ b/server/src/com/cloud/configuration/ConfigurationManager.java @@ -30,6 +30,7 @@ import com.cloud.dc.Vlan; import com.cloud.exception.ConcurrentOperationException; import com.cloud.exception.InsufficientCapacityException; import com.cloud.exception.InvalidParameterValueException; +import com.cloud.exception.ResourceAllocationException; import com.cloud.network.Network; import com.cloud.network.Network.Capability; import com.cloud.network.Network.Provider; @@ -150,6 +151,8 @@ public interface ConfigurationManager extends ConfigurationService, Manager { */ boolean deleteVlanAndPublicIpRange(long userId, long vlanDbId, Account caller); + boolean releasePublicIpRange(long userId, long vlanDbId, Account caller); + /** * Converts a comma separated list of tags to a List * @@ -211,7 +214,7 @@ public interface ConfigurationManager extends ConfigurationService, Manager { ClusterVO getCluster(long id); - boolean deleteAccountSpecificVirtualRanges(long accountId); + boolean releaseAccountSpecificVirtualRanges(long accountId); /** * Edits a pod in the database. Will not allow you to edit pods that are being used anywhere in the system. diff --git a/server/src/com/cloud/configuration/ConfigurationManagerImpl.java b/server/src/com/cloud/configuration/ConfigurationManagerImpl.java index ceeae1ee910..5b6d81e8df8 100755 --- a/server/src/com/cloud/configuration/ConfigurationManagerImpl.java +++ b/server/src/com/cloud/configuration/ConfigurationManagerImpl.java @@ -56,7 +56,9 @@ import org.apache.cloudstack.api.command.admin.offering.UpdateServiceOfferingCmd import org.apache.cloudstack.api.command.admin.pod.DeletePodCmd; import org.apache.cloudstack.api.command.admin.pod.UpdatePodCmd; import org.apache.cloudstack.api.command.admin.vlan.CreateVlanIpRangeCmd; +import org.apache.cloudstack.api.command.admin.vlan.DedicatePublicIpRangeCmd; import org.apache.cloudstack.api.command.admin.vlan.DeleteVlanIpRangeCmd; +import org.apache.cloudstack.api.command.admin.vlan.ReleasePublicIpRangeCmd; import org.apache.cloudstack.api.command.admin.zone.CreateZoneCmd; import org.apache.cloudstack.api.command.admin.zone.DeleteZoneCmd; import org.apache.cloudstack.api.command.admin.zone.UpdateZoneCmd; @@ -2306,9 +2308,6 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati throw new InvalidParameterValueException("Gateway, netmask and zoneId have to be passed in for virtual and direct untagged networks"); } - // if it's an account specific range, associate ip address list to the account - boolean associateIpRangeToAccount = false; - if (forVirtualNetwork) { if (vlanOwner != null) { @@ -2316,8 +2315,6 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati //check resource limits _resourceLimitMgr.checkResourceLimit(vlanOwner, ResourceType.public_ip, accountIpRange); - - associateIpRangeToAccount = true; } } @@ -2332,21 +2329,6 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati endIP, vlanGateway, vlanNetmask, vlanId, vlanOwner, startIPv6, endIPv6, ip6Gateway, ip6Cidr); txn.commit(); - if (associateIpRangeToAccount) { - _networkMgr.associateIpAddressListToAccount(userId, vlanOwner.getId(), zoneId, vlan.getId(), null); - } - - // Associate ips to the network - if (associateIpRangeToAccount) { - if (network.getState() == Network.State.Implemented) { - s_logger.debug("Applying ip associations for vlan id=" + vlanId + " in network " + network); - if (!_networkMgr.applyIpAssociations(network, false)) { - s_logger.warn("Failed to apply ip associations for vlan id=1 as a part of add vlan range for account id=" + vlanOwner.getId()); - } - } else { - s_logger.trace("Network id=" + network.getId() + " is not Implemented, no need to apply ipAssociations"); - } - } return vlan; } @@ -2698,6 +2680,149 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati } } + @Override + @DB + @ActionEvent(eventType = EventTypes.EVENT_VLAN_IP_RANGE_DEDICATE, eventDescription = "dedicating vlan ip range", async = false) + public Vlan dedicatePublicIpRange(DedicatePublicIpRangeCmd cmd) throws ResourceAllocationException { + Long vlanDbId = cmd.getId(); + String accountName = cmd.getAccountName(); + Long domainId = cmd.getDomainId(); + Long projectId = cmd.getProjectId(); + + // Check if account is valid + Account vlanOwner = null; + if (projectId != null) { + if (accountName != null) { + throw new InvalidParameterValueException("accountName and projectId are mutually exclusive"); + } + Project project = _projectMgr.getProject(projectId); + if (project == null) { + throw new InvalidParameterValueException("Unable to find project by id " + projectId); + } + vlanOwner = _accountMgr.getAccount(project.getProjectAccountId()); + } + + if ((accountName != null) && (domainId != null)) { + vlanOwner = _accountDao.findActiveAccount(accountName, domainId); + if (vlanOwner == null) { + throw new InvalidParameterValueException("Please specify a valid account"); + } + } + + // Check if range is valid + VlanVO vlan = _vlanDao.findById(vlanDbId); + if (vlan == null) { + throw new InvalidParameterValueException("Please specify a valid Public IP range id"); + } + + // Check if range has already been dedicated + List maps = _accountVlanMapDao.listAccountVlanMapsByVlan(vlanDbId); + if (maps != null && !maps.isEmpty()) { + throw new InvalidParameterValueException("Specified Public IP range has already been dedicated"); + } + + // Verify that zone exists and is advanced + Long zoneId = vlan.getDataCenterId(); + DataCenterVO zone = _zoneDao.findById(zoneId); + if (zone == null) { + throw new InvalidParameterValueException("Unable to find zone by id " + zoneId); + } + if (zone.getNetworkType() == NetworkType.Basic) { + throw new InvalidParameterValueException("Public IP range can be dedicated to an account only in the zone of type " + NetworkType.Advanced); + } + + // Check Public IP resource limits + int accountPublicIpRange = _publicIpAddressDao.countIPs(zoneId, vlanDbId, false); + _resourceLimitMgr.checkResourceLimit(vlanOwner, ResourceType.public_ip, accountPublicIpRange); + + // Check if any of the Public IP addresses is allocated to another account + List ips = _publicIpAddressDao.listByVlanId(vlanDbId); + for (IPAddressVO ip : ips) { + Long allocatedToAccountId = ip.getAllocatedToAccountId(); + if (allocatedToAccountId != null) { + Account accountAllocatedTo = _accountMgr.getActiveAccountById(allocatedToAccountId); + if (!accountAllocatedTo.getAccountName().equalsIgnoreCase(accountName)) + throw new InvalidParameterValueException("Public IP address in range is already allocated to another account"); + } + } + + Transaction txn = Transaction.currentTxn(); + txn.start(); + + // Create an AccountVlanMapVO entry + AccountVlanMapVO accountVlanMapVO = new AccountVlanMapVO(vlanOwner.getId(), vlan.getId()); + _accountVlanMapDao.persist(accountVlanMapVO); + + txn.commit(); + + return vlan; + } + + @Override + @ActionEvent(eventType = EventTypes.EVENT_VLAN_IP_RANGE_RELEASE, eventDescription = "releasing a public ip range", async = false) + public boolean releasePublicIpRange(ReleasePublicIpRangeCmd cmd) { + Long vlanDbId = cmd.getId(); + + VlanVO vlan = _vlanDao.findById(vlanDbId); + if (vlan == null) { + throw new InvalidParameterValueException("Please specify a valid IP range id."); + } + + return releasePublicIpRange(vlanDbId, UserContext.current().getCallerUserId(), UserContext.current().getCaller()); + } + + @Override + @DB + public boolean releasePublicIpRange(long vlanDbId, long userId, Account caller) { + VlanVO vlan = _vlanDao.findById(vlanDbId); + + List acctVln = _accountVlanMapDao.listAccountVlanMapsByVlan(vlanDbId); + // Verify range is dedicated + if (acctVln == null || acctVln.isEmpty()) { + throw new InvalidParameterValueException("Can't release Public IP range " + vlanDbId + " as it not dedicated to any account"); + } + + // Check if range has any allocated public IPs + long allocIpCount = _publicIpAddressDao.countIPs(vlan.getDataCenterId(), vlanDbId, true); + boolean success = true; + if (allocIpCount > 0) { + try { + vlan = _vlanDao.acquireInLockTable(vlanDbId, 30); + if (vlan == null) { + throw new CloudRuntimeException("Unable to acquire vlan configuration: " + vlanDbId); + } + if (s_logger.isDebugEnabled()) { + s_logger.debug("lock vlan " + vlanDbId + " is acquired"); + } + List ips = _publicIpAddressDao.listByVlanId(vlanDbId); + for (IPAddressVO ip : ips) { + // Disassociate allocated IP's that are not in use + if ( !ip.isOneToOneNat() && !(ip.isSourceNat() && _networkModel.getNetwork(ip.getAssociatedWithNetworkId()) != null) && + !(_firewallDao.countRulesByIpId(ip.getId()) > 0) ) { + if (s_logger.isDebugEnabled()) { + s_logger.debug("Releasing Public IP addresses" + ip +" of vlan " + vlanDbId + " as part of Public IP" + + " range release to the system pool"); + } + success = success && _networkMgr.disassociatePublicIpAddress(ip.getId(), userId, caller); + } + } + if (!success) { + s_logger.warn("Some Public IP addresses that were not in use failed to be released as a part of" + + " vlan " + vlanDbId + "release to the system pool"); + } + } finally { + _vlanDao.releaseFromLockTable(vlanDbId); + } + } + + // A Public IP range can only be dedicated to one account at a time + if (_accountVlanMapDao.remove(acctVln.get(0).getId())) { + return true; + } else { + return false; + } + } + @Override public List csvTagsToList(String tags) { List tagsList = new ArrayList(); @@ -3177,8 +3302,8 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati throw new InvalidParameterValueException("Invalid service provider: " + prvNameStr); } - if (provider == Provider.JuniperSRX) { - firewallProvider = Provider.JuniperSRX; + if (provider == Provider.JuniperSRX || provider == Provider.CiscoVnmc) { + firewallProvider = provider; } if ((service == Service.PortForwarding || service == Service.StaticNat) && provider == Provider.VirtualRouter){ @@ -3957,14 +4082,14 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati @Override @DB - public boolean deleteAccountSpecificVirtualRanges(long accountId) { + public boolean releaseAccountSpecificVirtualRanges(long accountId) { List maps = _accountVlanMapDao.listAccountVlanMapsByAccount(accountId); boolean result = true; if (maps != null && !maps.isEmpty()) { Transaction txn = Transaction.currentTxn(); txn.start(); for (AccountVlanMapVO map : maps) { - if (!deleteVlanAndPublicIpRange(_accountMgr.getSystemUser().getId(), map.getVlanDbId(), + if (!releasePublicIpRange(map.getVlanDbId(), _accountMgr.getSystemUser().getId(), _accountMgr.getAccount(Account.ACCOUNT_ID_SYSTEM))) { result = false; } @@ -3972,10 +4097,10 @@ public class ConfigurationManagerImpl extends ManagerBase implements Configurati if (result) { txn.commit(); } else { - s_logger.error("Failed to delete account specific virtual ip ranges for account id=" + accountId); + s_logger.error("Failed to release account specific virtual ip ranges for account id=" + accountId); } } else { - s_logger.trace("Account id=" + accountId + " has no account specific virtual ip ranges, nothing to delete"); + s_logger.trace("Account id=" + accountId + " has no account specific virtual ip ranges, nothing to release"); } return result; } diff --git a/server/src/com/cloud/consoleproxy/AgentBasedConsoleProxyManager.java.orig b/server/src/com/cloud/consoleproxy/AgentBasedConsoleProxyManager.java.orig deleted file mode 100755 index 134d59d0065..00000000000 --- a/server/src/com/cloud/consoleproxy/AgentBasedConsoleProxyManager.java.orig +++ /dev/null @@ -1,298 +0,0 @@ -// Licensed to the Apache Software Foundation (ASF) under one -// or more contributor license agreements. See the NOTICE file -// distributed with this work for additional information -// regarding copyright ownership. The ASF licenses this file -// to you under the Apache License, Version 2.0 (the -// "License"); you may not use this file except in compliance -// with the License. You may obtain a copy of the License at -// -// http://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, -// software distributed under the License is distributed on an -// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -// KIND, either express or implied. See the License for the -// specific language governing permissions and limitations -// under the License. -package com.cloud.consoleproxy; - -import java.util.Map; - -import javax.ejb.Local; -import javax.inject.Inject; -import javax.naming.ConfigurationException; - -import org.apache.log4j.Logger; - -import com.cloud.agent.AgentManager; -import com.cloud.agent.api.GetVncPortAnswer; -import com.cloud.agent.api.GetVncPortCommand; -import com.cloud.agent.api.StartupProxyCommand; -import com.cloud.configuration.dao.ConfigurationDao; -import com.cloud.host.HostVO; -import com.cloud.host.dao.HostDao; -import com.cloud.info.ConsoleProxyInfo; -import com.cloud.keystore.KeystoreManager; -import com.cloud.utils.NumbersUtil; -import com.cloud.utils.component.ManagerBase; -import com.cloud.vm.ConsoleProxyVO; -import com.cloud.vm.UserVmVO; -import com.cloud.vm.VMInstanceVO; -import com.cloud.vm.VirtualMachineManager; -import com.cloud.vm.dao.ConsoleProxyDao; -import com.cloud.vm.dao.UserVmDao; -import com.cloud.vm.dao.VMInstanceDao; - -@Local(value = { ConsoleProxyManager.class }) -public class AgentBasedConsoleProxyManager extends ManagerBase implements ConsoleProxyManager { - private static final Logger s_logger = Logger.getLogger(AgentBasedConsoleProxyManager.class); - - @Inject - protected HostDao _hostDao; - @Inject - protected UserVmDao _userVmDao; - private String _instance; - protected String _consoleProxyUrlDomain; - @Inject - private VMInstanceDao _instanceDao; - private ConsoleProxyListener _listener; - protected int _consoleProxyUrlPort = ConsoleProxyManager.DEFAULT_PROXY_URL_PORT; - protected int _consoleProxyPort = ConsoleProxyManager.DEFAULT_PROXY_VNC_PORT; - protected boolean _sslEnabled = false; - @Inject - AgentManager _agentMgr; - @Inject - VirtualMachineManager _itMgr; - @Inject - protected ConsoleProxyDao _cpDao; - @Inject - protected KeystoreManager _ksMgr; - - @Inject ConfigurationDao _configDao; - - public class AgentBasedAgentHook extends AgentHookBase { - - public AgentBasedAgentHook(VMInstanceDao instanceDao, HostDao hostDao, ConfigurationDao cfgDao, - KeystoreManager ksMgr, AgentManager agentMgr) { - super(instanceDao, hostDao, cfgDao, ksMgr, agentMgr); - } - - @Override - protected HostVO findConsoleProxyHost(StartupProxyCommand cmd) { - return _hostDao.findByGuid(cmd.getGuid()); - } - - } - - public int getVncPort(VMInstanceVO vm) { - if (vm.getHostId() == null) { - return -1; - } - GetVncPortAnswer answer = (GetVncPortAnswer) _agentMgr.easySend(vm.getHostId(), new GetVncPortCommand(vm.getId(), vm.getHostName())); - return (answer == null || !answer.getResult()) ? -1 : answer.getPort(); - } - - @Override - public boolean configure(String name, Map params) throws ConfigurationException { - - if (s_logger.isInfoEnabled()) { - s_logger.info("Start configuring AgentBasedConsoleProxyManager"); - } - - Map configs = _configDao.getConfiguration("management-server", params); - String value = configs.get("consoleproxy.url.port"); - if (value != null) { - _consoleProxyUrlPort = NumbersUtil.parseInt(value, ConsoleProxyManager.DEFAULT_PROXY_URL_PORT); - } - - value = configs.get("consoleproxy.port"); - if (value != null) { - _consoleProxyPort = NumbersUtil.parseInt(value, ConsoleProxyManager.DEFAULT_PROXY_VNC_PORT); - } - - value = configs.get("consoleproxy.sslEnabled"); - if (value != null && value.equalsIgnoreCase("true")) { - _sslEnabled = true; - } - - _instance = configs.get("instance.name"); - - _consoleProxyUrlDomain = configs.get("consoleproxy.url.domain"); - - _listener = - new ConsoleProxyListener(new AgentBasedAgentHook(_instanceDao, _hostDao, _configDao, _ksMgr, _agentMgr)); - _agentMgr.registerForHostEvents(_listener, true, true, false); - - if (s_logger.isInfoEnabled()) { - s_logger.info("AgentBasedConsoleProxyManager has been configured. SSL enabled: " + _sslEnabled); - } - return true; - } - - HostVO findHost(VMInstanceVO vm) { - return _hostDao.findById(vm.getHostId()); - } - - @Override - public ConsoleProxyInfo assignProxy(long dataCenterId, long userVmId) { - UserVmVO userVm = _userVmDao.findById(userVmId); - if (userVm == null) { - s_logger.warn("User VM " + userVmId + " no longer exists, return a null proxy for user vm:" + userVmId); - return null; - } - - HostVO host = findHost(userVm); - if (host != null) { - if (s_logger.isDebugEnabled()) { - s_logger.debug("Assign embedded console proxy running at " + host.getName() + " to user vm " + userVmId + " with public IP " - + host.getPublicIpAddress()); - } - - // only private IP, public IP, host id have meaningful values, rest - // of all are place-holder values - String publicIp = host.getPublicIpAddress(); - if (publicIp == null) { - if (s_logger.isDebugEnabled()) { - s_logger.debug("Host " + host.getName() + "/" + host.getPrivateIpAddress() - + " does not have public interface, we will return its private IP for cosole proxy."); - } - publicIp = host.getPrivateIpAddress(); - } - - int urlPort = _consoleProxyUrlPort; - - if (host.getProxyPort() != null && host.getProxyPort().intValue() > 0) { - urlPort = host.getProxyPort().intValue(); - } - - return new ConsoleProxyInfo(_sslEnabled, publicIp, _consoleProxyPort, urlPort, _consoleProxyUrlDomain); - } else { - s_logger.warn("Host that VM is running is no longer available, console access to VM " + userVmId + " will be temporarily unavailable."); - } - return null; - } - - - - - @Override - public ConsoleProxyVO startProxy(long proxyVmId) { - return null; - } - - @Override - public boolean destroyProxy(long proxyVmId) { - return false; - } - - @Override - public boolean rebootProxy(long proxyVmId) { - return false; - } - - @Override - public boolean stopProxy(long proxyVmId) { - return false; - } - - @Override - public void setManagementState(ConsoleProxyManagementState state) { - } - - @Override - public ConsoleProxyManagementState getManagementState() { - return null; - } - - @Override - public void resumeLastManagementState() { - } - - @Override - public String getName() { - return _name; - } -<<<<<<< HEAD - - @Override - public Long convertToId(String vmName) { - if (!VirtualMachineName.isValidConsoleProxyName(vmName, _instance)) { - return null; - } - return VirtualMachineName.getConsoleProxyId(vmName); - } - - @Override - public ConsoleProxyVO findByName(String name) { - // TODO Auto-generated method stub - return null; - } - - @Override - public ConsoleProxyVO findById(long id) { - // TODO Auto-generated method stub - return null; - } - - @Override - public ConsoleProxyVO persist(ConsoleProxyVO vm) { - // TODO Auto-generated method stub - return null; - } - - @Override - public boolean finalizeVirtualMachineProfile(VirtualMachineProfile profile, DeployDestination dest, ReservationContext context) { - // TODO Auto-generated method stub - return false; - } - - @Override - public boolean finalizeDeployment(Commands cmds, VirtualMachineProfile profile, DeployDestination dest, ReservationContext context) { - // TODO Auto-generated method stub - return false; - } - - @Override - public boolean finalizeCommandsOnStart(Commands cmds, VirtualMachineProfile profile) { - // TODO Auto-generated method stub - return false; - } - - @Override - public boolean finalizeStart(VirtualMachineProfile profile, long hostId, Commands cmds, ReservationContext context) { - // TODO Auto-generated method stub - return false; - } - - @Override - public void finalizeStop(VirtualMachineProfile profile, StopAnswer answer) { - // TODO Auto-generated method stub - } - - @Override - public void finalizeExpunge(ConsoleProxyVO proxy) { - } - - @Override - public boolean plugNic(Network network, NicTO nic, VirtualMachineTO vm, - ReservationContext context, DeployDestination dest) throws ConcurrentOperationException, ResourceUnavailableException, - InsufficientCapacityException { - //not supported - throw new UnsupportedOperationException("Plug nic is not supported for vm of type " + vm.getType()); - } - - - @Override - public boolean unplugNic(Network network, NicTO nic, VirtualMachineTO vm, - ReservationContext context, DeployDestination dest) throws ConcurrentOperationException, ResourceUnavailableException { - //not supported - throw new UnsupportedOperationException("Unplug nic is not supported for vm of type " + vm.getType()); - } - - @Override - public void prepareStop(VirtualMachineProfile profile) { - } -} -======= -} ->>>>>>> QuickCloud: refactor to avoid copy paste of authentication and startup code diff --git a/server/src/com/cloud/network/ExteralIpAddressAllocator.java b/server/src/com/cloud/network/ExternalIpAddressAllocator.java similarity index 96% rename from server/src/com/cloud/network/ExteralIpAddressAllocator.java rename to server/src/com/cloud/network/ExternalIpAddressAllocator.java index 2b78712b86f..f24fa2d29b9 100644 --- a/server/src/com/cloud/network/ExteralIpAddressAllocator.java +++ b/server/src/com/cloud/network/ExternalIpAddressAllocator.java @@ -37,8 +37,8 @@ import com.cloud.utils.component.AdapterBase; import com.cloud.utils.exception.CloudRuntimeException; @Local(value=IpAddrAllocator.class) -public class ExteralIpAddressAllocator extends AdapterBase implements IpAddrAllocator{ - private static final Logger s_logger = Logger.getLogger(ExteralIpAddressAllocator.class); +public class ExternalIpAddressAllocator extends AdapterBase implements IpAddrAllocator{ + private static final Logger s_logger = Logger.getLogger(ExternalIpAddressAllocator.class); String _name; @Inject ConfigurationDao _configDao = null; @Inject IPAddressDao _ipAddressDao = null; @@ -135,7 +135,7 @@ public class ExteralIpAddressAllocator extends AdapterBase implements IpAddrAllo } @Override - public boolean exteralIpAddressAllocatorEnabled() { + public boolean externalIpAddressAllocatorEnabled() { return _isExternalIpAllocatorEnabled; } diff --git a/server/src/com/cloud/network/IpAddrAllocator.java b/server/src/com/cloud/network/IpAddrAllocator.java index d79125b3741..6cdf5972080 100644 --- a/server/src/com/cloud/network/IpAddrAllocator.java +++ b/server/src/com/cloud/network/IpAddrAllocator.java @@ -52,5 +52,5 @@ public interface IpAddrAllocator extends Adapter { public IpAddr getPrivateIpAddress(String macAddr, long dcId, long podId); public boolean releasePublicIpAddress(String ip, long dcId, long podId); public boolean releasePrivateIpAddress(String ip, long dcId, long podId); - public boolean exteralIpAddressAllocatorEnabled(); + public boolean externalIpAddressAllocatorEnabled(); } diff --git a/server/src/com/cloud/network/NetworkManagerImpl.java b/server/src/com/cloud/network/NetworkManagerImpl.java index a97f2ce13e4..7332ef3e9cf 100755 --- a/server/src/com/cloud/network/NetworkManagerImpl.java +++ b/server/src/com/cloud/network/NetworkManagerImpl.java @@ -16,42 +16,9 @@ // under the License. package com.cloud.network; -import java.net.URI; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.Collections; -import java.util.Comparator; -import java.util.Date; -import java.util.HashMap; -import java.util.HashSet; -import java.util.List; -import java.util.Map; -import java.util.Random; -import java.util.Set; -import java.util.UUID; -import java.util.concurrent.Executors; -import java.util.concurrent.ScheduledExecutorService; -import java.util.concurrent.TimeUnit; - -import javax.ejb.Local; -import javax.inject.Inject; -import javax.naming.ConfigurationException; - -import org.apache.cloudstack.acl.ControlledEntity.ACLType; -import org.apache.cloudstack.acl.SecurityChecker.AccessType; -import org.apache.log4j.Logger; -import org.springframework.stereotype.Component; - import com.cloud.agent.AgentManager; import com.cloud.agent.Listener; -import com.cloud.agent.api.AgentControlAnswer; -import com.cloud.agent.api.AgentControlCommand; -import com.cloud.agent.api.Answer; -import com.cloud.agent.api.CheckNetworkAnswer; -import com.cloud.agent.api.CheckNetworkCommand; -import com.cloud.agent.api.Command; -import com.cloud.agent.api.StartupCommand; -import com.cloud.agent.api.StartupRoutingCommand; +import com.cloud.agent.api.*; import com.cloud.agent.api.to.NicTO; import com.cloud.alert.AlertManager; import com.cloud.api.ApiDBUtils; @@ -59,15 +26,9 @@ import com.cloud.configuration.Config; import com.cloud.configuration.ConfigurationManager; import com.cloud.configuration.Resource.ResourceType; import com.cloud.configuration.dao.ConfigurationDao; -import com.cloud.dc.AccountVlanMapVO; -import com.cloud.dc.DataCenter; +import com.cloud.dc.*; import com.cloud.dc.DataCenter.NetworkType; -import com.cloud.dc.DataCenterVO; -import com.cloud.dc.Pod; -import com.cloud.dc.PodVlanMapVO; -import com.cloud.dc.Vlan; import com.cloud.dc.Vlan.VlanType; -import com.cloud.dc.VlanVO; import com.cloud.dc.dao.AccountVlanMapDao; import com.cloud.dc.dao.DataCenterDao; import com.cloud.dc.dao.PodVlanMapDao; @@ -80,66 +41,25 @@ import com.cloud.domain.dao.DomainDao; import com.cloud.event.EventTypes; import com.cloud.event.UsageEventUtils; import com.cloud.event.dao.UsageEventDao; -import com.cloud.exception.AccountLimitException; -import com.cloud.exception.ConcurrentOperationException; -import com.cloud.exception.ConnectionException; -import com.cloud.exception.InsufficientAddressCapacityException; -import com.cloud.exception.InsufficientCapacityException; -import com.cloud.exception.InsufficientVirtualNetworkCapcityException; -import com.cloud.exception.InvalidParameterValueException; -import com.cloud.exception.PermissionDeniedException; -import com.cloud.exception.ResourceAllocationException; -import com.cloud.exception.ResourceUnavailableException; -import com.cloud.exception.UnsupportedServiceException; +import com.cloud.exception.*; import com.cloud.host.Host; import com.cloud.host.HostVO; import com.cloud.host.Status; import com.cloud.host.dao.HostDao; import com.cloud.hypervisor.Hypervisor.HypervisorType; import com.cloud.network.IpAddress.State; -import com.cloud.network.Network.Capability; -import com.cloud.network.Network.Event; -import com.cloud.network.Network.GuestType; -import com.cloud.network.Network.Provider; -import com.cloud.network.Network.Service; +import com.cloud.network.Network.*; import com.cloud.network.Networks.AddressFormat; import com.cloud.network.Networks.BroadcastDomainType; import com.cloud.network.Networks.IsolationType; import com.cloud.network.Networks.TrafficType; import com.cloud.network.addr.PublicIp; -import com.cloud.network.dao.FirewallRulesDao; -import com.cloud.network.dao.IPAddressDao; -import com.cloud.network.dao.IPAddressVO; -import com.cloud.network.dao.LoadBalancerDao; -import com.cloud.network.dao.NetworkDao; -import com.cloud.network.dao.NetworkDomainDao; -import com.cloud.network.dao.NetworkServiceMapDao; -import com.cloud.network.dao.NetworkServiceMapVO; -import com.cloud.network.dao.NetworkVO; -import com.cloud.network.dao.PhysicalNetworkDao; -import com.cloud.network.dao.PhysicalNetworkServiceProviderDao; -import com.cloud.network.dao.PhysicalNetworkTrafficTypeDao; -import com.cloud.network.dao.PhysicalNetworkTrafficTypeVO; -import com.cloud.network.dao.PhysicalNetworkVO; -import com.cloud.network.dao.UserIpv6AddressDao; -import com.cloud.network.element.DhcpServiceProvider; -import com.cloud.network.element.IpDeployer; -import com.cloud.network.element.IpDeployingRequester; -import com.cloud.network.element.LoadBalancingServiceProvider; -import com.cloud.network.element.NetworkElement; -import com.cloud.network.element.StaticNatServiceProvider; -import com.cloud.network.element.UserDataServiceProvider; +import com.cloud.network.dao.*; +import com.cloud.network.element.*; import com.cloud.network.guru.NetworkGuru; import com.cloud.network.lb.LoadBalancingRulesManager; -import com.cloud.network.rules.FirewallManager; -import com.cloud.network.rules.FirewallRule; +import com.cloud.network.rules.*; import com.cloud.network.rules.FirewallRule.Purpose; -import com.cloud.network.rules.FirewallRuleVO; -import com.cloud.network.rules.PortForwardingRuleVO; -import com.cloud.network.rules.RulesManager; -import com.cloud.network.rules.StaticNat; -import com.cloud.network.rules.StaticNatRule; -import com.cloud.network.rules.StaticNatRuleImpl; import com.cloud.network.rules.dao.PortForwardingRulesDao; import com.cloud.network.vpc.NetworkACLManager; import com.cloud.network.vpc.VpcManager; @@ -152,49 +72,40 @@ import com.cloud.offerings.NetworkOfferingVO; import com.cloud.offerings.dao.NetworkOfferingDao; import com.cloud.offerings.dao.NetworkOfferingServiceMapDao; import com.cloud.org.Grouping; -import com.cloud.user.Account; -import com.cloud.user.AccountManager; -import com.cloud.user.ResourceLimitService; -import com.cloud.user.User; -import com.cloud.user.UserContext; -import com.cloud.user.UserVO; +import com.cloud.user.*; import com.cloud.user.dao.AccountDao; import com.cloud.user.dao.UserDao; import com.cloud.utils.Journal; import com.cloud.utils.NumbersUtil; import com.cloud.utils.Pair; import com.cloud.utils.component.AdapterBase; -import com.cloud.utils.component.ComponentContext; import com.cloud.utils.component.ManagerBase; import com.cloud.utils.concurrency.NamedThreadFactory; -import com.cloud.utils.db.DB; -import com.cloud.utils.db.Filter; +import com.cloud.utils.db.*; import com.cloud.utils.db.JoinBuilder.JoinType; -import com.cloud.utils.db.SearchBuilder; -import com.cloud.utils.db.SearchCriteria; import com.cloud.utils.db.SearchCriteria.Op; -import com.cloud.utils.db.Transaction; import com.cloud.utils.exception.CloudRuntimeException; import com.cloud.utils.fsm.NoTransitionException; import com.cloud.utils.fsm.StateMachine2; import com.cloud.utils.net.Ip; import com.cloud.utils.net.NetUtils; -import com.cloud.vm.Nic; +import com.cloud.vm.*; import com.cloud.vm.Nic.ReservationStrategy; -import com.cloud.vm.NicProfile; -import com.cloud.vm.NicVO; -import com.cloud.vm.ReservationContext; -import com.cloud.vm.ReservationContextImpl; -import com.cloud.vm.UserVmVO; -import com.cloud.vm.VMInstanceVO; -import com.cloud.vm.VirtualMachine; import com.cloud.vm.VirtualMachine.Type; -import com.cloud.vm.VirtualMachineProfile; -import com.cloud.vm.dao.NicDao; -import com.cloud.vm.dao.NicSecondaryIpDao; -import com.cloud.vm.dao.NicSecondaryIpVO; -import com.cloud.vm.dao.UserVmDao; -import com.cloud.vm.dao.VMInstanceDao; +import com.cloud.vm.dao.*; +import org.apache.cloudstack.acl.ControlledEntity.ACLType; +import org.apache.cloudstack.acl.SecurityChecker.AccessType; +import org.apache.log4j.Logger; +import org.springframework.stereotype.Component; + +import javax.ejb.Local; +import javax.inject.Inject; +import javax.naming.ConfigurationException; +import java.net.URI; +import java.util.*; +import java.util.concurrent.Executors; +import java.util.concurrent.ScheduledExecutorService; +import java.util.concurrent.TimeUnit; /** * NetworkManagerImpl implements NetworkManager. @@ -348,7 +259,7 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L } @DB - public PublicIp fetchNewPublicIp(long dcId, Long podId, Long vlanDbId, Account owner, VlanType vlanUse, + public PublicIp fetchNewPublicIp(long dcId, Long podId, List vlanDbIds, Account owner, VlanType vlanUse, Long guestNetworkId, boolean sourceNat, boolean assign, String requestedIp, boolean isSystem, Long vpcId) throws InsufficientAddressCapacityException { StringBuilder errorMessage = new StringBuilder("Unable to get ip adress in "); @@ -364,9 +275,9 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L errorMessage.append(" zone id=" + dcId); } - if (vlanDbId != null) { - sc.addAnd("vlanId", SearchCriteria.Op.EQ, vlanDbId); - errorMessage.append(", vlanId id=" + vlanDbId); + if ( vlanDbIds != null && !vlanDbIds.isEmpty() ) { + sc.setParameters("vlanId", vlanDbIds.toArray()); + errorMessage.append(", vlanId id=" + vlanDbIds.toArray()); } sc.setParameters("dc", dcId); @@ -526,14 +437,14 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L } // If account has Account specific ip ranges, try to allocate ip from there - Long vlanId = null; + List vlanIds = new ArrayList(); List maps = _accountVlanMapDao.listAccountVlanMapsByAccount(ownerId); if (maps != null && !maps.isEmpty()) { - vlanId = maps.get(0).getVlanDbId(); + vlanIds.add(maps.get(0).getVlanDbId()); } - ip = fetchNewPublicIp(dcId, null, vlanId, owner, VlanType.VirtualNetwork, guestNtwkId, + ip = fetchNewPublicIp(dcId, null, vlanIds, owner, VlanType.VirtualNetwork, guestNtwkId, isSourceNat, false, null, false, vpcId); IPAddressVO publicIp = ip.ip(); @@ -663,12 +574,13 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L @DB @Override - public IpAddress allocateIp(Account ipOwner, boolean isSystem, Account caller, long callerUserId, DataCenter zone) + public IpAddress allocateIp(Account ipOwner, boolean isSystem, Account caller, long callerUserId, DataCenter zone) throws ConcurrentOperationException, ResourceAllocationException, InsufficientAddressCapacityException { VlanType vlanType = VlanType.VirtualNetwork; boolean assign = false; + boolean allocateFromDedicatedRange = false; if (Grouping.AllocationState.Disabled == zone.getAllocationState() && !_accountMgr.isRootAdmin(caller.getType())) { // zone is of type DataCenter. See DataCenterVO.java. @@ -702,8 +614,32 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L txn.start(); - ip = fetchNewPublicIp(zone.getId(), null, null, ipOwner, vlanType, null, - false, assign, null, isSystem, null); + // If account has dedicated Public IP ranges, allocate IP from the dedicated range + List vlanDbIds = new ArrayList(); + List maps = _accountVlanMapDao.listAccountVlanMapsByAccount(ipOwner.getId()); + for (AccountVlanMapVO map : maps) { + vlanDbIds.add(map.getVlanDbId()); + } + if (vlanDbIds != null && !vlanDbIds.isEmpty()) { + allocateFromDedicatedRange = true; + } + + try { + if (allocateFromDedicatedRange) { + ip = fetchNewPublicIp(zone.getId(), null, vlanDbIds, ipOwner, vlanType, null, + false, assign, null, isSystem, null); + } + } catch(InsufficientAddressCapacityException e) { + s_logger.warn("All IPs dedicated to account " + ipOwner.getId() + " has been acquired." + + " Now acquiring from the system pool"); + txn.close(); + allocateFromDedicatedRange = false; + } + + if (!allocateFromDedicatedRange) { + ip = fetchNewPublicIp(zone.getId(), null, null, ipOwner, vlanType, null, false, assign, null, + isSystem, null); + } if (ip == null) { @@ -763,7 +699,22 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L IPAddressVO ipToAssoc = _ipAddressDao.findById(ipId); if (ipToAssoc != null) { - _accountMgr.checkAccess(caller, null, true, ipToAssoc); + Network network = _networksDao.findById(networkId); + if (network == null) { + throw new InvalidParameterValueException("Invalid network id is given"); + } + + DataCenter zone = _configMgr.getZone(network.getDataCenterId()); + if (network.getGuestType() == Network.GuestType.Shared && zone.getNetworkType() == NetworkType.Advanced) { + if (isSharedNetworkOfferingWithServices(network.getNetworkOfferingId())) { + _accountMgr.checkAccess(UserContext.current().getCaller(), AccessType.UseNetwork, false, network); + } else { + throw new InvalidParameterValueException("IP can be associated with guest network of 'shared' type only if " + + "network services Source Nat, Static Nat, Port Forwarding, Load balancing, firewall are enabled in the network"); + } + } else { + _accountMgr.checkAccess(caller, null, true, ipToAssoc); + } owner = _accountMgr.getAccount(ipToAssoc.getAllocatedToAccountId()); } else { s_logger.debug("Unable to find ip address by id: " + ipId); @@ -790,16 +741,21 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L throw new InvalidParameterValueException("Ip address can be associated to the network with trafficType " + TrafficType.Guest); } - // Check that network belongs to IP owner - skip this check for Basic zone as there is just one guest network, - // and it belongs to the system - if (zone.getNetworkType() != NetworkType.Basic && network.getAccountId() != owner.getId()) { - throw new InvalidParameterValueException("The owner of the network is not the same as owner of the IP"); + // Check that network belongs to IP owner - skip this check + // - if zone is basic zone as there is just one guest network, + // - if shared network in Advanced zone + // - and it belongs to the system + if (network.getAccountId() != owner.getId()) { + if (zone.getNetworkType() != NetworkType.Basic && !(zone.getNetworkType() == NetworkType.Advanced && network.getGuestType() == Network.GuestType.Shared)) { + throw new InvalidParameterValueException("The owner of the network is not the same as owner of the IP"); + } } - // In Advance zone only allow to do IP assoc for Isolated networks with source nat service enabled + // In Advance zone only allow to do IP assoc + // - for Isolated networks with source nat service enabled + // - for shared networks with source nat service enabled if (zone.getNetworkType() == NetworkType.Advanced && - !(network.getGuestType() == GuestType.Isolated && _networkModel.areServicesSupportedInNetwork(network.getId(), - Service.SourceNat))) { + !(_networkModel.areServicesSupportedInNetwork(network.getId(), Service.SourceNat))) { throw new InvalidParameterValueException("In zone of type " + NetworkType.Advanced + " ip address can be associated only to the network of guest type " + GuestType.Isolated + " with the " + Service.SourceNat.getName() + " enabled"); @@ -1082,7 +1038,7 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L AssignIpAddressSearch = _ipAddressDao.createSearchBuilder(); AssignIpAddressSearch.and("dc", AssignIpAddressSearch.entity().getDataCenterId(), Op.EQ); AssignIpAddressSearch.and("allocated", AssignIpAddressSearch.entity().getAllocatedTime(), Op.NULL); - AssignIpAddressSearch.and("vlanId", AssignIpAddressSearch.entity().getVlanId(), Op.EQ); + AssignIpAddressSearch.and("vlanId", AssignIpAddressSearch.entity().getVlanId(), Op.IN); SearchBuilder vlanSearch = _vlanDao.createSearchBuilder(); vlanSearch.and("type", vlanSearch.entity().getVlanType(), Op.EQ); vlanSearch.and("networkId", vlanSearch.entity().getNetworkId(), Op.EQ); @@ -1471,12 +1427,21 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L try { NetworkGuru guru = AdapterBase.getAdapterByName(_networkGurus, network.getGuruName()); Network.State state = network.getState(); - if (state == Network.State.Implemented || state == Network.State.Setup || state == Network.State.Implementing) { + if (state == Network.State.Implemented || state == Network.State.Implementing) { s_logger.debug("Network id=" + networkId + " is already implemented"); implemented.set(guru, network); return implemented; } + if (state == Network.State.Setup) { + DataCenterVO zone = _dcDao.findById(network.getDataCenterId()); + if (!isSharedNetworkOfferingWithServices(network.getNetworkOfferingId()) || (zone.getNetworkType() == NetworkType.Basic)) { + s_logger.debug("Network id=" + networkId + " is already implemented"); + implemented.set(guru, network); + return implemented; + } + } + if (s_logger.isDebugEnabled()) { s_logger.debug("Asking " + guru.getName() + " to implement " + network); } @@ -1484,7 +1449,11 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L NetworkOfferingVO offering = _networkOfferingDao.findById(network.getNetworkOfferingId()); network.setReservationId(context.getReservationId()); - stateTransitTo(network, Event.ImplementNetwork); + if (isSharedNetworkWithServices(network)) { + network.setState(Network.State.Implementing); + } else { + stateTransitTo(network, Event.ImplementNetwork); + } Network result = guru.implement(network, offering, dest, context); network.setCidr(result.getCidr()); @@ -1497,7 +1466,11 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L // implement network elements and re-apply all the network rules implementNetworkElementsAndResources(dest, context, network, offering); - stateTransitTo(network,Event.OperationSucceeded); + if (isSharedNetworkWithServices(network)) { + network.setState(Network.State.Implemented); + } else { + stateTransitTo(network,Event.OperationSucceeded); + } network.setRestartRequired(false); _networksDao.update(network.getId(), network); @@ -1510,7 +1483,12 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L if (implemented.first() == null) { s_logger.debug("Cleaning up because we're unable to implement the network " + network); try { - stateTransitTo(network,Event.OperationFailed); + if (isSharedNetworkWithServices(network)) { + network.setState(Network.State.Shutdown); + _networksDao.update(networkId, network); + } else { + stateTransitTo(network,Event.OperationFailed); + } } catch (NoTransitionException e) { s_logger.error(e.getMessage()); } @@ -1535,14 +1513,17 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L NetworkVO network, NetworkOfferingVO offering) throws ConcurrentOperationException, InsufficientAddressCapacityException, ResourceUnavailableException, InsufficientCapacityException { - // If this is a 1) guest virtual network 2) network has sourceNat service 3) network offering does not support a - // Shared source NAT rule, - // associate a source NAT IP (if one isn't already associated with the network) + // Associate a source NAT IP (if one isn't already associated with the network) if this is a + // 1) 'Isolated' or 'Shared' guest virtual network in the advance zone + // 2) network has sourceNat service + // 3) network offering does not support a shared source NAT rule boolean sharedSourceNat = offering.getSharedSourceNat(); - if (network.getGuestType() == Network.GuestType.Isolated - && _networkModel.areServicesSupportedInNetwork(network.getId(), Service.SourceNat) - && !sharedSourceNat) { + DataCenter zone = _dcDao.findById(network.getDataCenterId()); + + if (!sharedSourceNat && _networkModel.areServicesSupportedInNetwork(network.getId(), Service.SourceNat) + && (network.getGuestType() == Network.GuestType.Isolated || + (network.getGuestType() == Network.GuestType.Shared && zone.getNetworkType() == NetworkType.Advanced))) { List ips = null; if (network.getVpcId() != null) { @@ -2006,10 +1987,12 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L throw new InvalidParameterValueException("Network with vlan " + vlanId + " already exists in zone " + zoneId); } } else { - //don't allow to create Shared network with Vlan that already exists in the zone for Isolated networks - if (_networksDao.countByZoneUriAndGuestType(zoneId, uri, GuestType.Isolated) > 0) { - throw new InvalidParameterValueException("Isolated network with vlan " + vlanId + " already exists " + - "in zone " + zoneId); + // don't allow to creating shared network with given Vlan ID, if there already exists a isolated network or + // shared network with same Vlan ID in the zone + if (_networksDao.countByZoneUriAndGuestType(zoneId, uri, GuestType.Isolated) > 0 || + _networksDao.countByZoneUriAndGuestType(zoneId, uri, GuestType.Shared) > 0) { + throw new InvalidParameterValueException("There is a isolated/shared network with vlan id: " + + vlanId + " already exists " + "in zone " + zoneId); } } } @@ -2141,6 +2124,7 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L @DB public boolean shutdownNetwork(long networkId, ReservationContext context, boolean cleanupElements) { boolean result = false; + Transaction txn = Transaction.currentTxn(); NetworkVO network = _networksDao.lockRow(networkId, true); if (network == null) { @@ -2151,16 +2135,23 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L s_logger.debug("Network is not implemented: " + network); return false; } - try { - stateTransitTo(network, Event.DestroyNetwork); - } catch (NoTransitionException e) { + + txn.start(); + if (isSharedNetworkWithServices(network)) { network.setState(Network.State.Shutdown); _networksDao.update(network.getId(), network); + } else { + try { + stateTransitTo(network, Event.DestroyNetwork); + } catch (NoTransitionException e) { + network.setState(Network.State.Shutdown); + _networksDao.update(network.getId(), network); + } } + txn.commit(); boolean success = shutdownNetworkElementsAndResources(context, cleanupElements, network); - Transaction txn = Transaction.currentTxn(); txn.start(); if (success) { if (s_logger.isDebugEnabled()) { @@ -2171,11 +2162,16 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L guru.shutdown(profile, _networkOfferingDao.findById(network.getNetworkOfferingId())); applyProfileToNetwork(network, profile); - try { - stateTransitTo(network, Event.OperationSucceeded); - } catch (NoTransitionException e) { - network.setState(Network.State.Allocated); - network.setRestartRequired(false); + DataCenterVO zone = _dcDao.findById(network.getDataCenterId()); + if (isSharedNetworkOfferingWithServices(network.getNetworkOfferingId()) && (zone.getNetworkType() == NetworkType.Advanced)) { + network.setState(Network.State.Setup); + } else { + try { + stateTransitTo(network, Event.OperationSucceeded); + } catch (NoTransitionException e) { + network.setState(Network.State.Allocated); + network.setRestartRequired(false); + } } _networksDao.update(network.getId(), network); _networksDao.clearCheckForGc(networkId); @@ -2791,6 +2787,17 @@ public class NetworkManagerImpl extends ManagerBase implements NetworkManager, L return (UserDataServiceProvider)_networkModel.getElementImplementingProvider(SSHKeyProvider); } + protected boolean isSharedNetworkWithServices(Network network) { + assert(network != null); + DataCenter zone = _configMgr.getZone(network.getDataCenterId()); + if (network.getGuestType() == Network.GuestType.Shared && + zone.getNetworkType() == NetworkType.Advanced && + isSharedNetworkOfferingWithServices(network.getNetworkOfferingId())) { + return true; + } + return false; + } + protected boolean isSharedNetworkOfferingWithServices(long networkOfferingId) { NetworkOfferingVO networkOffering = _networkOfferingDao.findById(networkOfferingId); if ( (networkOffering.getGuestType() == Network.GuestType.Shared) && ( diff --git a/server/src/com/cloud/network/NetworkServiceImpl.java b/server/src/com/cloud/network/NetworkServiceImpl.java index 4eb620c4243..70d1d0d432c 100755 --- a/server/src/com/cloud/network/NetworkServiceImpl.java +++ b/server/src/com/cloud/network/NetworkServiceImpl.java @@ -16,44 +16,13 @@ // under the License. package com.cloud.network; -import java.net.InetAddress; -import java.net.Inet6Address; -import java.net.UnknownHostException; -import java.security.InvalidParameterException; -import java.sql.PreparedStatement; -import java.sql.ResultSet; -import java.sql.SQLException; -import java.util.ArrayList; -import java.util.Collection; -import java.util.HashMap; -import java.util.HashSet; -import java.util.List; -import java.util.Map; -import java.util.Set; -import java.util.TreeSet; - -import javax.ejb.Local; -import javax.inject.Inject; -import javax.naming.ConfigurationException; - -import org.apache.cloudstack.acl.ControlledEntity.ACLType; -import org.apache.cloudstack.acl.SecurityChecker.AccessType; -import org.apache.cloudstack.api.command.admin.usage.ListTrafficTypeImplementorsCmd; -import org.apache.cloudstack.api.command.user.network.CreateNetworkCmd; -import org.apache.cloudstack.api.command.user.network.ListNetworksCmd; -import org.apache.cloudstack.api.command.user.network.RestartNetworkCmd; -import org.apache.log4j.Logger; -import org.springframework.stereotype.Component; -import org.apache.cloudstack.api.command.user.vm.ListNicsCmd; -import org.bouncycastle.util.IPAddress; - import com.cloud.configuration.Config; import com.cloud.configuration.ConfigurationManager; import com.cloud.configuration.dao.ConfigurationDao; import com.cloud.dc.DataCenter; -import com.cloud.dc.Pod; import com.cloud.dc.DataCenter.NetworkType; import com.cloud.dc.DataCenterVO; +import com.cloud.dc.Pod; import com.cloud.dc.Vlan.VlanType; import com.cloud.dc.VlanVO; import com.cloud.dc.dao.AccountVlanMapDao; @@ -70,10 +39,8 @@ import com.cloud.event.UsageEventUtils; import com.cloud.event.dao.EventDao; import com.cloud.event.dao.UsageEventDao; import com.cloud.exception.*; -import com.cloud.host.Host; import com.cloud.host.dao.HostDao; import com.cloud.network.IpAddress.State; -import com.cloud.vm.Nic; import com.cloud.network.Network.Capability; import com.cloud.network.Network.GuestType; import com.cloud.network.Network.Provider; @@ -89,10 +56,10 @@ import com.cloud.network.element.VirtualRouterElement; import com.cloud.network.element.VpcVirtualRouterElement; import com.cloud.network.guru.NetworkGuru; import com.cloud.network.rules.FirewallRule.Purpose; -import com.cloud.network.rules.dao.PortForwardingRulesDao; import com.cloud.network.rules.FirewallRuleVO; import com.cloud.network.rules.PortForwardingRuleVO; import com.cloud.network.rules.RulesManager; +import com.cloud.network.rules.dao.PortForwardingRulesDao; import com.cloud.network.vpc.PrivateIpVO; import com.cloud.network.vpc.Vpc; import com.cloud.network.vpc.VpcManager; @@ -114,19 +81,33 @@ import com.cloud.utils.AnnotationHelper; import com.cloud.utils.Journal; import com.cloud.utils.NumbersUtil; import com.cloud.utils.Pair; -import com.cloud.utils.component.ComponentContext; -import com.cloud.utils.component.Manager; import com.cloud.utils.component.ManagerBase; import com.cloud.utils.db.*; import com.cloud.utils.db.SearchCriteria.Op; import com.cloud.utils.exception.CloudRuntimeException; import com.cloud.utils.net.NetUtils; import com.cloud.vm.*; -import com.cloud.vm.dao.NicDao; -import com.cloud.vm.dao.NicSecondaryIpDao; -import com.cloud.vm.dao.NicSecondaryIpVO; -import com.cloud.vm.dao.UserVmDao; -import com.cloud.vm.dao.VMInstanceDao; +import com.cloud.vm.dao.*; +import org.apache.cloudstack.acl.ControlledEntity.ACLType; +import org.apache.cloudstack.acl.SecurityChecker.AccessType; +import org.apache.cloudstack.api.command.admin.usage.ListTrafficTypeImplementorsCmd; +import org.apache.cloudstack.api.command.user.network.CreateNetworkCmd; +import org.apache.cloudstack.api.command.user.network.ListNetworksCmd; +import org.apache.cloudstack.api.command.user.network.RestartNetworkCmd; +import org.apache.cloudstack.api.command.user.vm.ListNicsCmd; +import org.apache.log4j.Logger; +import org.springframework.stereotype.Component; + +import javax.ejb.Local; +import javax.inject.Inject; +import javax.naming.ConfigurationException; +import java.net.Inet6Address; +import java.net.InetAddress; +import java.net.UnknownHostException; +import java.security.InvalidParameterException; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.sql.SQLException; import java.util.*; /** @@ -433,7 +414,40 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { @Override @ActionEvent(eventType = EventTypes.EVENT_NET_IP_ASSIGN, eventDescription = "allocating Ip", create = true) - public IpAddress allocateIP(Account ipOwner, boolean isSystem, long zoneId) + public IpAddress allocateIP(Account ipOwner, long zoneId, Long networkId) + throws ResourceAllocationException, InsufficientAddressCapacityException, ConcurrentOperationException { + + if (networkId != null) { + Network network = _networksDao.findById(networkId); + if (network == null) { + throw new InvalidParameterValueException("Invalid network id is given"); + } + if (network.getGuestType() == Network.GuestType.Shared) { + DataCenter zone = _configMgr.getZone(zoneId); + if (zone == null) { + throw new InvalidParameterValueException("Invalid zone Id is given"); + } + + // if shared network in the advanced zone, then check the caller against the network for 'AccessType.UseNetwork' + if (isSharedNetworkOfferingWithServices(network.getNetworkOfferingId()) && zone.getNetworkType() == NetworkType.Advanced) { + Account caller = UserContext.current().getCaller(); + long callerUserId = UserContext.current().getCallerUserId(); + _accountMgr.checkAccess(caller, AccessType.UseNetwork, false, network); + if (s_logger.isDebugEnabled()) { + s_logger.debug("Associate IP address called by the user " + callerUserId + " account " + ipOwner.getId()); + } + return _networkMgr.allocateIp(ipOwner, false, caller, callerUserId, zone); + } else { + throw new InvalidParameterValueException("Associate IP address can only be called on the shared networks in the advanced zone" + + " with Firewall/Source Nat/Static Nat/Port Forwarding/Load balancing services enabled"); + } + } + } + + return allocateIP(ipOwner, false, zoneId); + } + + public IpAddress allocateIP(Account ipOwner, boolean isSystem, long zoneId) throws ResourceAllocationException, InsufficientAddressCapacityException, ConcurrentOperationException { Account caller = UserContext.current().getCaller(); // check permissions @@ -697,15 +711,6 @@ public class NetworkServiceImpl extends ManagerBase implements NetworkService { throw new IllegalArgumentException("only ip addresses that belong to a virtual network may be disassociated."); } - // Check for account wide pool. It will have an entry for account_vlan_map. - if (_accountVlanMapDao.findAccountVlanMap(ipVO.getAllocatedToAccountId(), ipVO.getVlanId()) != null) { - //see IPaddressVO.java - InvalidParameterValueException ex = new InvalidParameterValueException("Sepcified IP address uuid belongs to" + - " Account wide IP pool and cannot be disassociated"); - ex.addProxyObject("user_ip_address", ipAddressId, "ipAddressId"); - throw ex; - } - // don't allow releasing system ip address if (ipVO.getSystem()) { InvalidParameterValueException ex = new InvalidParameterValueException("Can't release system IP address with specified id"); diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java index b869d1e21b3..d9a4317d097 100755 --- a/server/src/com/cloud/server/ManagementServerImpl.java +++ b/server/src/com/cloud/server/ManagementServerImpl.java @@ -59,6 +59,7 @@ import org.apache.cloudstack.api.command.admin.storage.*; import org.apache.cloudstack.api.command.admin.systemvm.*; import org.apache.cloudstack.api.command.admin.usage.*; import org.apache.cloudstack.api.command.admin.user.*; +import org.apache.cloudstack.api.command.admin.vlan.*; import org.apache.cloudstack.api.command.admin.vpc.*; import org.apache.cloudstack.api.command.user.autoscale.*; import org.apache.cloudstack.api.command.user.firewall.*; @@ -2037,6 +2038,8 @@ public class ManagementServerImpl extends ManagerBase implements ManagementServe cmdList.add(CreateVlanIpRangeCmd.class); cmdList.add(DeleteVlanIpRangeCmd.class); cmdList.add(ListVlanIpRangesCmd.class); + cmdList.add(DedicatePublicIpRangeCmd.class); + cmdList.add(ReleasePublicIpRangeCmd.class); cmdList.add(AssignVMCmd.class); cmdList.add(MigrateVMCmd.class); cmdList.add(RecoverVMCmd.class); diff --git a/server/src/com/cloud/template/TemplateManagerImpl.java b/server/src/com/cloud/template/TemplateManagerImpl.java index 2892e0081c2..576440a2ce7 100755 --- a/server/src/com/cloud/template/TemplateManagerImpl.java +++ b/server/src/com/cloud/template/TemplateManagerImpl.java @@ -273,7 +273,7 @@ public class TemplateManagerImpl extends ManagerBase implements TemplateManager, if (type == HypervisorType.BareMetal) { adapter = AdapterBase.getAdapterByName(_adapters, TemplateAdapterType.BareMetal.getName()); } else { - // see HyervisorTemplateAdapter + // see HypervisorTemplateAdapter adapter = AdapterBase.getAdapterByName(_adapters, TemplateAdapterType.Hypervisor.getName()); } diff --git a/server/src/com/cloud/user/AccountManagerImpl.java b/server/src/com/cloud/user/AccountManagerImpl.java index fe714c530b9..e74c49124f7 100755 --- a/server/src/com/cloud/user/AccountManagerImpl.java +++ b/server/src/com/cloud/user/AccountManagerImpl.java @@ -690,13 +690,13 @@ public class AccountManagerImpl extends ManagerBase implements AccountManager, M accountCleanupNeeded = true; } - // delete account specific Virtual vlans (belong to system Public Network) - only when networks are cleaned + // release account specific Virtual vlans (belong to system Public Network) - only when networks are cleaned // up successfully if (networksDeleted) { - if (!_configMgr.deleteAccountSpecificVirtualRanges(accountId)) { + if (!_configMgr.releaseAccountSpecificVirtualRanges(accountId)) { accountCleanupNeeded = true; } else { - s_logger.debug("Account specific Virtual IP ranges " + " are successfully deleted as a part of account id=" + accountId + " cleanup."); + s_logger.debug("Account specific Virtual IP ranges " + " are successfully released as a part of account id=" + accountId + " cleanup."); } } diff --git a/server/test/com/cloud/configuration/ConfigurationManagerTest.java b/server/test/com/cloud/configuration/ConfigurationManagerTest.java new file mode 100755 index 00000000000..ee98d53c922 --- /dev/null +++ b/server/test/com/cloud/configuration/ConfigurationManagerTest.java @@ -0,0 +1,413 @@ +// Licensed to the Apache Software Foundation (ASF) under one +// or more contributor license agreements. See the NOTICE file +// distributed with this work for additional information +// regarding copyright ownership. The ASF licenses this file +// to you under the Apache License, Version 2.0 (the +// "License"); you may not use this file except in compliance +// with the License. You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, +// software distributed under the License is distributed on an +// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +// KIND, either express or implied. See the License for the +// specific language governing permissions and limitations +// under the License. + +package com.cloud.configuration; + +import java.util.ArrayList; +import java.util.List; +import java.util.UUID; +import java.lang.reflect.Field; + +import org.apache.cloudstack.api.command.admin.vlan.DedicatePublicIpRangeCmd; +import org.apache.cloudstack.api.command.admin.vlan.ReleasePublicIpRangeCmd; +import org.apache.log4j.Logger; +import org.junit.Before; +import org.junit.Test; +import org.mockito.Mock; +import org.mockito.MockitoAnnotations; + +import com.cloud.configuration.Resource.ResourceType; +import com.cloud.dc.AccountVlanMapVO; +import com.cloud.dc.DataCenterVO; +import com.cloud.dc.Vlan; +import com.cloud.dc.VlanVO; +import com.cloud.dc.DataCenter.NetworkType; +import com.cloud.dc.dao.AccountVlanMapDao; +import com.cloud.dc.dao.DataCenterDao; +import com.cloud.dc.dao.VlanDao; +import com.cloud.network.NetworkManager; +import com.cloud.network.dao.FirewallRulesDao; +import com.cloud.network.dao.IPAddressDao; +import com.cloud.network.dao.IPAddressVO; +import com.cloud.projects.ProjectManager; +import com.cloud.user.Account; +import com.cloud.user.AccountManager; +import com.cloud.user.AccountVO; +import com.cloud.user.ResourceLimitService; +import com.cloud.user.UserContext; +import com.cloud.user.dao.AccountDao; +import com.cloud.utils.db.Transaction; +import com.cloud.utils.net.Ip; + +import junit.framework.Assert; + +import static org.mockito.Matchers.*; +import static org.mockito.Mockito.when; +import static org.mockito.Mockito.doNothing; + +public class ConfigurationManagerTest { + + private static final Logger s_logger = Logger.getLogger(ConfigurationManagerTest.class); + + ConfigurationManagerImpl configurationMgr = new ConfigurationManagerImpl(); + + DedicatePublicIpRangeCmd dedicatePublicIpRangesCmd = new DedicatePublicIpRangeCmdExtn(); + Class _dedicatePublicIpRangeClass = dedicatePublicIpRangesCmd.getClass().getSuperclass(); + + ReleasePublicIpRangeCmd releasePublicIpRangesCmd = new ReleasePublicIpRangeCmdExtn(); + Class _releasePublicIpRangeClass = releasePublicIpRangesCmd.getClass().getSuperclass(); + + @Mock AccountManager _accountMgr; + @Mock ProjectManager _projectMgr; + @Mock ResourceLimitService _resourceLimitMgr; + @Mock NetworkManager _networkMgr; + @Mock AccountDao _accountDao; + @Mock VlanDao _vlanDao; + @Mock AccountVlanMapDao _accountVlanMapDao; + @Mock IPAddressDao _publicIpAddressDao; + @Mock DataCenterDao _zoneDao; + @Mock FirewallRulesDao _firewallDao; + + VlanVO vlan = new VlanVO(Vlan.VlanType.VirtualNetwork, "vlantag", "vlangateway","vlannetmask", 1L, "iprange", 1L, 1L, null, null, null); + + @Before + public void setup() throws Exception { + MockitoAnnotations.initMocks(this); + configurationMgr._accountMgr = _accountMgr; + configurationMgr._projectMgr = _projectMgr; + configurationMgr._resourceLimitMgr = _resourceLimitMgr; + configurationMgr._networkMgr = _networkMgr; + configurationMgr._accountDao = _accountDao; + configurationMgr._vlanDao = _vlanDao; + configurationMgr._accountVlanMapDao = _accountVlanMapDao; + configurationMgr._publicIpAddressDao = _publicIpAddressDao; + configurationMgr._zoneDao = _zoneDao; + configurationMgr._firewallDao = _firewallDao; + + Account account = (Account) new AccountVO("testaccount", 1, "networkdomain", (short) 0, UUID.randomUUID().toString()); + when(configurationMgr._accountMgr.getAccount(anyLong())).thenReturn(account); + when(configurationMgr._accountDao.findActiveAccount(anyString(), anyLong())).thenReturn(account); + when(configurationMgr._accountMgr.getActiveAccountById(anyLong())).thenReturn(account); + + when(configurationMgr._publicIpAddressDao.countIPs(anyLong(), anyLong(), anyBoolean())).thenReturn(1); + + doNothing().when(configurationMgr._resourceLimitMgr).checkResourceLimit(any(Account.class), + any(ResourceType.class), anyLong()); + + when(configurationMgr._accountVlanMapDao.persist(any(AccountVlanMapVO.class))).thenReturn(new AccountVlanMapVO()); + + when(configurationMgr._vlanDao.acquireInLockTable(anyLong(), anyInt())).thenReturn(vlan); + + UserContext.registerContext(1, account, null, true); + + Field dedicateIdField = _dedicatePublicIpRangeClass.getDeclaredField("id"); + dedicateIdField.setAccessible(true); + dedicateIdField.set(dedicatePublicIpRangesCmd, 1L); + + Field accountNameField = _dedicatePublicIpRangeClass.getDeclaredField("accountName"); + accountNameField.setAccessible(true); + accountNameField.set(dedicatePublicIpRangesCmd, "accountname"); + + Field projectIdField = _dedicatePublicIpRangeClass.getDeclaredField("projectId"); + projectIdField.setAccessible(true); + projectIdField.set(dedicatePublicIpRangesCmd, null); + + Field domainIdField = _dedicatePublicIpRangeClass.getDeclaredField("domainId"); + domainIdField.setAccessible(true); + domainIdField.set(dedicatePublicIpRangesCmd, 1L); + + Field releaseIdField = _releasePublicIpRangeClass.getDeclaredField("id"); + releaseIdField.setAccessible(true); + releaseIdField.set(releasePublicIpRangesCmd, 1L); + } + + @Test + public void testDedicatePublicIpRange() throws Exception { + + s_logger.info("Running tests for DedicatePublicIpRange API"); + + /* + * TEST 1: given valid parameters DedicatePublicIpRange should succeed + */ + runDedicatePublicIpRangePostiveTest(); + + /* + * TEST 2: given invalid public ip range DedicatePublicIpRange should fail + */ + runDedicatePublicIpRangeInvalidRange(); + /* + * TEST 3: given public IP range that is already dedicated to a different account DedicatePublicIpRange should fail + */ + runDedicatePublicIpRangeDedicatedRange(); + + /* + * TEST 4: given zone is of type Basic DedicatePublicIpRange should fail + */ + runDedicatePublicIpRangeInvalidZone(); + + /* + * TEST 5: given range is already allocated to a different account DedicatePublicIpRange should fail + */ + runDedicatePublicIpRangeIPAdressAllocated(); + } + + @Test + public void testReleasePublicIpRange() throws Exception { + + s_logger.info("Running tests for DedicatePublicIpRange API"); + + /* + * TEST 1: given valid parameters and no allocated public ip's in the range ReleasePublicIpRange should succeed + */ + runReleasePublicIpRangePostiveTest1(); + + /* + * TEST 2: given valid parameters ReleasePublicIpRange should succeed + */ + runReleasePublicIpRangePostiveTest2(); + + /* + * TEST 3: given range doesn't exist + */ + runReleasePublicIpRangeInvalidIpRange(); + + /* + * TEST 4: given range is not dedicated to any account + */ + runReleaseNonDedicatedPublicIpRange(); + } + + void runDedicatePublicIpRangePostiveTest() throws Exception { + Transaction txn = Transaction.open("runDedicatePublicIpRangePostiveTest"); + + when(configurationMgr._vlanDao.findById(anyLong())).thenReturn(vlan); + + when(configurationMgr._accountVlanMapDao.listAccountVlanMapsByAccount(anyLong())).thenReturn(null); + + DataCenterVO dc = new DataCenterVO(UUID.randomUUID().toString(), "test", "8.8.8.8", null, "10.0.0.1", null, "10.0.0.1/24", + null, null, NetworkType.Advanced, null, null, true, true, null, null); + when(configurationMgr._zoneDao.findById(anyLong())).thenReturn(dc); + + List ipAddressList = new ArrayList(); + IPAddressVO ipAddress = new IPAddressVO(new Ip("75.75.75.75"), 1, 0xaabbccddeeffL, 10, false); + ipAddressList.add(ipAddress); + when(configurationMgr._publicIpAddressDao.listByVlanId(anyLong())).thenReturn(ipAddressList); + + try { + Vlan result = configurationMgr.dedicatePublicIpRange(dedicatePublicIpRangesCmd); + Assert.assertNotNull(result); + } catch (Exception e) { + s_logger.info("exception in testing runDedicatePublicIpRangePostiveTest message: " + e.toString()); + } finally { + txn.close("runDedicatePublicIpRangePostiveTest"); + } + } + + void runDedicatePublicIpRangeInvalidRange() throws Exception { + Transaction txn = Transaction.open("runDedicatePublicIpRangeInvalidRange"); + + when(configurationMgr._vlanDao.findById(anyLong())).thenReturn(null); + try { + configurationMgr.dedicatePublicIpRange(dedicatePublicIpRangesCmd); + } catch (Exception e) { + Assert.assertTrue(e.getMessage().contains("Please specify a valid Public IP range id")); + } finally { + txn.close("runDedicatePublicIpRangeInvalidRange"); + } + } + + void runDedicatePublicIpRangeDedicatedRange() throws Exception { + Transaction txn = Transaction.open("runDedicatePublicIpRangeDedicatedRange"); + + when(configurationMgr._vlanDao.findById(anyLong())).thenReturn(vlan); + + // public ip range is already dedicated + List accountVlanMaps = new ArrayList(); + AccountVlanMapVO accountVlanMap = new AccountVlanMapVO(1, 1); + accountVlanMaps.add(accountVlanMap); + when(configurationMgr._accountVlanMapDao.listAccountVlanMapsByVlan(anyLong())).thenReturn(accountVlanMaps); + + DataCenterVO dc = new DataCenterVO(UUID.randomUUID().toString(), "test", "8.8.8.8", null, "10.0.0.1", null, "10.0.0.1/24", + null, null, NetworkType.Advanced, null, null, true, true, null, null); + when(configurationMgr._zoneDao.findById(anyLong())).thenReturn(dc); + + List ipAddressList = new ArrayList(); + IPAddressVO ipAddress = new IPAddressVO(new Ip("75.75.75.75"), 1, 0xaabbccddeeffL, 10, false); + ipAddressList.add(ipAddress); + when(configurationMgr._publicIpAddressDao.listByVlanId(anyLong())).thenReturn(ipAddressList); + + try { + configurationMgr.dedicatePublicIpRange(dedicatePublicIpRangesCmd); + } catch (Exception e) { + Assert.assertTrue(e.getMessage().contains("Public IP range has already been dedicated")); + } finally { + txn.close("runDedicatePublicIpRangePublicIpRangeDedicated"); + } + } + + void runDedicatePublicIpRangeInvalidZone() throws Exception { + Transaction txn = Transaction.open("runDedicatePublicIpRangeInvalidZone"); + + when(configurationMgr._vlanDao.findById(anyLong())).thenReturn(vlan); + + when(configurationMgr._accountVlanMapDao.listAccountVlanMapsByVlan(anyLong())).thenReturn(null); + + // public ip range belongs to zone of type basic + DataCenterVO dc = new DataCenterVO(UUID.randomUUID().toString(), "test", "8.8.8.8", null, "10.0.0.1", null, "10.0.0.1/24", + null, null, NetworkType.Basic, null, null, true, true, null, null); + when(configurationMgr._zoneDao.findById(anyLong())).thenReturn(dc); + + List ipAddressList = new ArrayList(); + IPAddressVO ipAddress = new IPAddressVO(new Ip("75.75.75.75"), 1, 0xaabbccddeeffL, 10, false); + ipAddressList.add(ipAddress); + when(configurationMgr._publicIpAddressDao.listByVlanId(anyLong())).thenReturn(ipAddressList); + + try { + configurationMgr.dedicatePublicIpRange(dedicatePublicIpRangesCmd); + } catch (Exception e) { + Assert.assertTrue(e.getMessage().contains("Public IP range can be dedicated to an account only in the zone of type Advanced")); + } finally { + txn.close("runDedicatePublicIpRangeInvalidZone"); + } + } + + void runDedicatePublicIpRangeIPAdressAllocated() throws Exception { + Transaction txn = Transaction.open("runDedicatePublicIpRangeIPAdressAllocated"); + + when(configurationMgr._vlanDao.findById(anyLong())).thenReturn(vlan); + + when(configurationMgr._accountVlanMapDao.listAccountVlanMapsByAccount(anyLong())).thenReturn(null); + + DataCenterVO dc = new DataCenterVO(UUID.randomUUID().toString(), "test", "8.8.8.8", null, "10.0.0.1", null, "10.0.0.1/24", + null, null, NetworkType.Advanced, null, null, true, true, null, null); + when(configurationMgr._zoneDao.findById(anyLong())).thenReturn(dc); + + // one of the ip addresses of the range is allocated to different account + List ipAddressList = new ArrayList(); + IPAddressVO ipAddress = new IPAddressVO(new Ip("75.75.75.75"), 1, 0xaabbccddeeffL, 10, false); + ipAddress.setAllocatedToAccountId(1L); + ipAddressList.add(ipAddress); + when(configurationMgr._publicIpAddressDao.listByVlanId(anyLong())).thenReturn(ipAddressList); + + try { + configurationMgr.dedicatePublicIpRange(dedicatePublicIpRangesCmd); + } catch (Exception e) { + Assert.assertTrue(e.getMessage().contains("Public IP address in range is already allocated to another account")); + } finally { + txn.close("runDedicatePublicIpRangeIPAdressAllocated"); + } + } + + void runReleasePublicIpRangePostiveTest1() throws Exception { + Transaction txn = Transaction.open("runReleasePublicIpRangePostiveTest1"); + + when(configurationMgr._vlanDao.findById(anyLong())).thenReturn(vlan); + + List accountVlanMaps = new ArrayList(); + AccountVlanMapVO accountVlanMap = new AccountVlanMapVO(1, 1); + accountVlanMaps.add(accountVlanMap); + when(configurationMgr._accountVlanMapDao.listAccountVlanMapsByVlan(anyLong())).thenReturn(accountVlanMaps); + + // no allocated ip's + when(configurationMgr._publicIpAddressDao.countIPs(anyLong(), anyLong(), anyBoolean())).thenReturn(0); + + when(configurationMgr._accountVlanMapDao.remove(anyLong())).thenReturn(true); + try { + Boolean result = configurationMgr.releasePublicIpRange(releasePublicIpRangesCmd); + Assert.assertTrue(result); + } catch (Exception e) { + s_logger.info("exception in testing runReleasePublicIpRangePostiveTest1 message: " + e.toString()); + } finally { + txn.close("runReleasePublicIpRangePostiveTest1"); + } + } + + void runReleasePublicIpRangePostiveTest2() throws Exception { + Transaction txn = Transaction.open("runReleasePublicIpRangePostiveTest2"); + + when(configurationMgr._vlanDao.findById(anyLong())).thenReturn(vlan); + + List accountVlanMaps = new ArrayList(); + AccountVlanMapVO accountVlanMap = new AccountVlanMapVO(1, 1); + accountVlanMaps.add(accountVlanMap); + when(configurationMgr._accountVlanMapDao.listAccountVlanMapsByVlan(anyLong())).thenReturn(accountVlanMaps); + + when(configurationMgr._publicIpAddressDao.countIPs(anyLong(), anyLong(), anyBoolean())).thenReturn(1); + + List ipAddressList = new ArrayList(); + IPAddressVO ipAddress = new IPAddressVO(new Ip("75.75.75.75"), 1, 0xaabbccddeeffL, 10, false); + ipAddressList.add(ipAddress); + when(configurationMgr._publicIpAddressDao.listByVlanId(anyLong())).thenReturn(ipAddressList); + + when(configurationMgr._firewallDao.countRulesByIpId(anyLong())).thenReturn(0L); + + when(configurationMgr._networkMgr.disassociatePublicIpAddress(anyLong(), anyLong(), any(Account.class))).thenReturn(true); + + when(configurationMgr._vlanDao.releaseFromLockTable(anyLong())).thenReturn(true); + + when(configurationMgr._accountVlanMapDao.remove(anyLong())).thenReturn(true); + try { + Boolean result = configurationMgr.releasePublicIpRange(releasePublicIpRangesCmd); + Assert.assertTrue(result); + } catch (Exception e) { + s_logger.info("exception in testing runReleasePublicIpRangePostiveTest2 message: " + e.toString()); + } finally { + txn.close("runReleasePublicIpRangePostiveTest2"); + } + } + + void runReleasePublicIpRangeInvalidIpRange() throws Exception { + Transaction txn = Transaction.open("runReleasePublicIpRangeInvalidIpRange"); + + when(configurationMgr._vlanDao.findById(anyLong())).thenReturn(null); + try { + configurationMgr.releasePublicIpRange(releasePublicIpRangesCmd); + } catch (Exception e) { + Assert.assertTrue(e.getMessage().contains("Please specify a valid IP range id")); + } finally { + txn.close("runReleasePublicIpRangeInvalidIpRange"); + } + } + + void runReleaseNonDedicatedPublicIpRange() throws Exception { + Transaction txn = Transaction.open("runReleaseNonDedicatedPublicIpRange"); + + when(configurationMgr._vlanDao.findById(anyLong())).thenReturn(vlan); + + when(configurationMgr._accountVlanMapDao.listAccountVlanMapsByVlan(anyLong())).thenReturn(null); + try { + configurationMgr.releasePublicIpRange(releasePublicIpRangesCmd); + } catch (Exception e) { + Assert.assertTrue(e.getMessage().contains("as it not dedicated to any account")); + } finally { + txn.close("runReleaseNonDedicatedPublicIpRange"); + } + } + + + public class DedicatePublicIpRangeCmdExtn extends DedicatePublicIpRangeCmd { + public long getEntityOwnerId() { + return 1; + } + } + + public class ReleasePublicIpRangeCmdExtn extends ReleasePublicIpRangeCmd { + public long getEntityOwnerId() { + return 1; + } + } +} diff --git a/server/test/com/cloud/network/MockNetworkManagerImpl.java b/server/test/com/cloud/network/MockNetworkManagerImpl.java index 18eae085879..9042f03d4a7 100755 --- a/server/test/com/cloud/network/MockNetworkManagerImpl.java +++ b/server/test/com/cloud/network/MockNetworkManagerImpl.java @@ -16,33 +16,13 @@ // under the License. package com.cloud.network; -import java.util.List; -import java.util.Map; -import java.util.Set; - -import javax.ejb.Local; -import javax.naming.ConfigurationException; - -import org.apache.cloudstack.acl.ControlledEntity.ACLType; -import org.apache.cloudstack.api.command.admin.usage.ListTrafficTypeImplementorsCmd; -import org.apache.cloudstack.api.command.user.network.CreateNetworkCmd; -import org.apache.cloudstack.api.command.user.network.ListNetworksCmd; -import org.apache.cloudstack.api.command.user.network.RestartNetworkCmd; -import org.springframework.stereotype.Component; -import org.apache.cloudstack.api.command.user.vm.ListNicsCmd; - import com.cloud.dc.DataCenter; import com.cloud.dc.Pod; import com.cloud.dc.Vlan.VlanType; import com.cloud.deploy.DataCenterDeployment; import com.cloud.deploy.DeployDestination; import com.cloud.deploy.DeploymentPlan; -import com.cloud.exception.ConcurrentOperationException; -import com.cloud.exception.InsufficientAddressCapacityException; -import com.cloud.exception.InsufficientCapacityException; -import com.cloud.exception.InsufficientVirtualNetworkCapcityException; -import com.cloud.exception.ResourceAllocationException; -import com.cloud.exception.ResourceUnavailableException; +import com.cloud.exception.*; import com.cloud.network.Network.Provider; import com.cloud.network.Network.Service; import com.cloud.network.Networks.TrafficType; @@ -62,7 +42,6 @@ import com.cloud.offerings.NetworkOfferingVO; import com.cloud.user.Account; import com.cloud.user.User; import com.cloud.utils.Pair; -import com.cloud.utils.component.Manager; import com.cloud.utils.component.ManagerBase; import com.cloud.vm.Nic; import com.cloud.vm.NicProfile; @@ -74,6 +53,19 @@ import com.cloud.vm.VirtualMachine; import com.cloud.vm.VirtualMachine.Type; import com.cloud.vm.VirtualMachineProfile; import com.cloud.vm.VirtualMachineProfileImpl; +import org.apache.cloudstack.acl.ControlledEntity.ACLType; +import org.apache.cloudstack.api.command.admin.usage.ListTrafficTypeImplementorsCmd; +import org.apache.cloudstack.api.command.user.network.CreateNetworkCmd; +import org.apache.cloudstack.api.command.user.network.ListNetworksCmd; +import org.apache.cloudstack.api.command.user.network.RestartNetworkCmd; +import org.apache.cloudstack.api.command.user.vm.ListNicsCmd; +import org.springframework.stereotype.Component; + +import javax.ejb.Local; +import javax.naming.ConfigurationException; +import java.util.List; +import java.util.Map; +import java.util.Set; @Component @Local(value = { NetworkManager.class, NetworkService.class }) @@ -824,7 +816,7 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage * @see com.cloud.network.NetworkService#allocateIP(com.cloud.user.Account, boolean, long) */ @Override - public IpAddress allocateIP(Account ipOwner, boolean isSystem, long zoneId) throws ResourceAllocationException, + public IpAddress allocateIP(Account ipOwner, long zoneId, Long networkId) throws ResourceAllocationException, InsufficientAddressCapacityException, ConcurrentOperationException { // TODO Auto-generated method stub return null; diff --git a/server/test/com/cloud/vpc/MockConfigurationManagerImpl.java b/server/test/com/cloud/vpc/MockConfigurationManagerImpl.java old mode 100644 new mode 100755 index b0063fa2e2e..a03e361d8c1 --- a/server/test/com/cloud/vpc/MockConfigurationManagerImpl.java +++ b/server/test/com/cloud/vpc/MockConfigurationManagerImpl.java @@ -40,7 +40,9 @@ import org.apache.cloudstack.api.command.admin.offering.UpdateServiceOfferingCmd import org.apache.cloudstack.api.command.admin.pod.DeletePodCmd; import org.apache.cloudstack.api.command.admin.pod.UpdatePodCmd; import org.apache.cloudstack.api.command.admin.vlan.CreateVlanIpRangeCmd; +import org.apache.cloudstack.api.command.admin.vlan.DedicatePublicIpRangeCmd; import org.apache.cloudstack.api.command.admin.vlan.DeleteVlanIpRangeCmd; +import org.apache.cloudstack.api.command.admin.vlan.ReleasePublicIpRangeCmd; import org.apache.cloudstack.api.command.admin.zone.CreateZoneCmd; import org.apache.cloudstack.api.command.admin.zone.DeleteZoneCmd; import org.apache.cloudstack.api.command.admin.zone.UpdateZoneCmd; @@ -544,7 +546,7 @@ public class MockConfigurationManagerImpl extends ManagerBase implements Configu * @see com.cloud.configuration.ConfigurationManager#deleteAccountSpecificVirtualRanges(long) */ @Override - public boolean deleteAccountSpecificVirtualRanges(long accountId) { + public boolean releaseAccountSpecificVirtualRanges(long accountId) { // TODO Auto-generated method stub return false; } @@ -613,5 +615,24 @@ public class MockConfigurationManagerImpl extends ManagerBase implements Configu return null; } + @Override + public Vlan dedicatePublicIpRange(DedicatePublicIpRangeCmd cmd) + throws ResourceAllocationException { + // TODO Auto-generated method stub + return null; + } + + @Override + public boolean releasePublicIpRange(ReleasePublicIpRangeCmd cmd) { + // TODO Auto-generated method stub + return false; + } + + @Override + public boolean releasePublicIpRange(long userId, long vlanDbId, + Account caller) { + // TODO Auto-generated method stub + return false; + } } diff --git a/server/test/com/cloud/vpc/MockNetworkManagerImpl.java b/server/test/com/cloud/vpc/MockNetworkManagerImpl.java index bd4fd678d48..3a585ce708a 100644 --- a/server/test/com/cloud/vpc/MockNetworkManagerImpl.java +++ b/server/test/com/cloud/vpc/MockNetworkManagerImpl.java @@ -16,49 +16,17 @@ // under the License. package com.cloud.vpc; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import javax.ejb.Local; -import javax.inject.Inject; -import javax.naming.ConfigurationException; - -import org.apache.cloudstack.acl.ControlledEntity.ACLType; -import org.apache.cloudstack.api.command.admin.usage.ListTrafficTypeImplementorsCmd; -import org.apache.cloudstack.api.command.user.network.CreateNetworkCmd; -import org.apache.cloudstack.api.command.user.network.ListNetworksCmd; -import org.apache.cloudstack.api.command.user.network.RestartNetworkCmd; -import org.apache.cloudstack.api.command.user.vm.ListNicsCmd; -import org.apache.log4j.Logger; -import org.springframework.stereotype.Component; - import com.cloud.dc.DataCenter; import com.cloud.dc.Pod; import com.cloud.dc.Vlan.VlanType; import com.cloud.deploy.DataCenterDeployment; import com.cloud.deploy.DeployDestination; import com.cloud.deploy.DeploymentPlan; -import com.cloud.exception.ConcurrentOperationException; -import com.cloud.exception.InsufficientAddressCapacityException; -import com.cloud.exception.InsufficientCapacityException; -import com.cloud.exception.InsufficientVirtualNetworkCapcityException; -import com.cloud.exception.ResourceAllocationException; -import com.cloud.exception.ResourceUnavailableException; -import com.cloud.network.IpAddress; -import com.cloud.network.Network; +import com.cloud.exception.*; +import com.cloud.network.*; import com.cloud.network.Network.Provider; import com.cloud.network.Network.Service; -import com.cloud.network.NetworkManager; -import com.cloud.network.NetworkProfile; -import com.cloud.network.NetworkRuleApplier; -import com.cloud.network.NetworkService; import com.cloud.network.Networks.TrafficType; -import com.cloud.network.PhysicalNetwork; -import com.cloud.network.PhysicalNetworkServiceProvider; -import com.cloud.network.PhysicalNetworkTrafficType; -import com.cloud.network.PublicIpAddress; -import com.cloud.network.UserIpv6Address; import com.cloud.network.addr.PublicIp; import com.cloud.network.dao.IPAddressVO; import com.cloud.network.dao.NetworkServiceMapDao; @@ -78,7 +46,6 @@ import com.cloud.offerings.dao.NetworkOfferingServiceMapDao; import com.cloud.user.Account; import com.cloud.user.User; import com.cloud.utils.Pair; -import com.cloud.utils.component.Manager; import com.cloud.utils.component.ManagerBase; import com.cloud.vm.Nic; import com.cloud.vm.NicProfile; @@ -90,6 +57,21 @@ import com.cloud.vm.VirtualMachine; import com.cloud.vm.VirtualMachine.Type; import com.cloud.vm.VirtualMachineProfile; import com.cloud.vm.VirtualMachineProfileImpl; +import org.apache.cloudstack.acl.ControlledEntity.ACLType; +import org.apache.cloudstack.api.command.admin.usage.ListTrafficTypeImplementorsCmd; +import org.apache.cloudstack.api.command.user.network.CreateNetworkCmd; +import org.apache.cloudstack.api.command.user.network.ListNetworksCmd; +import org.apache.cloudstack.api.command.user.network.RestartNetworkCmd; +import org.apache.cloudstack.api.command.user.vm.ListNicsCmd; +import org.apache.log4j.Logger; +import org.springframework.stereotype.Component; + +import javax.ejb.Local; +import javax.inject.Inject; +import javax.naming.ConfigurationException; +import java.util.HashMap; +import java.util.List; +import java.util.Map; @Component @Local(value = { NetworkManager.class, NetworkService.class }) @@ -188,7 +170,7 @@ public class MockNetworkManagerImpl extends ManagerBase implements NetworkManage * @see com.cloud.network.NetworkService#allocateIP(com.cloud.user.Account, long, java.lang.Long) */ @Override - public IpAddress allocateIP(Account ipOwner, boolean isSystem, long networkId) throws ResourceAllocationException, + public IpAddress allocateIP(Account ipOwner, long zoneId, Long networkId) throws ResourceAllocationException, InsufficientAddressCapacityException, ConcurrentOperationException { // TODO Auto-generated method stub return null; diff --git a/server/test/resources/network-mgr-component.xml b/server/test/resources/network-mgr-component.xml index 42d3c2ebdb1..b55a68b0fcf 100644 --- a/server/test/resources/network-mgr-component.xml +++ b/server/test/resources/network-mgr-component.xml @@ -78,7 +78,7 @@ under the License. - + diff --git a/setup/db/db/schema-410to420.sql b/setup/db/db/schema-410to420.sql index 92b2d9c863c..fb760bf4824 100644 --- a/setup/db/db/schema-410to420.sql +++ b/setup/db/db/schema-410to420.sql @@ -680,7 +680,41 @@ CREATE VIEW `cloud`.`affinity_group_view` AS left join `cloud`.`vm_instance` ON vm_instance.id = affinity_group_vm_map.instance_id left join - `cloud`.`user_vm` ON user_vm.id = vm_instance.id; - + `cloud`.`user_vm` ON user_vm.id = vm_instance.id; + +CREATE TABLE `cloud`.`external_cisco_vnmc_devices` ( + `id` bigint unsigned NOT NULL AUTO_INCREMENT COMMENT 'id', + `uuid` varchar(255) UNIQUE, + `physical_network_id` bigint unsigned NOT NULL COMMENT 'id of the physical network in to which cisco vnmc device is added', + `provider_name` varchar(255) NOT NULL COMMENT 'Service Provider name corresponding to this cisco vnmc device', + `device_name` varchar(255) NOT NULL COMMENT 'name of the cisco vnmc device', + `host_id` bigint unsigned NOT NULL COMMENT 'host id coresponding to the external cisco vnmc device', + PRIMARY KEY (`id`), + CONSTRAINT `fk_external_cisco_vnmc_devices__host_id` FOREIGN KEY (`host_id`) REFERENCES `host`(`id`) ON DELETE CASCADE, + CONSTRAINT `fk_external_cisco_vnmc_devices__physical_network_id` FOREIGN KEY (`physical_network_id`) REFERENCES `physical_network`(`id`) ON DELETE CASCADE +) ENGINE=InnoDB DEFAULT CHARSET=utf8; + +CREATE TABLE `cloud`.`external_cisco_asa1000v_devices` ( + `id` bigint unsigned NOT NULL AUTO_INCREMENT COMMENT 'id', + `uuid` varchar(255) UNIQUE, + `physical_network_id` bigint unsigned NOT NULL COMMENT 'id of the physical network in to which cisco asa1kv device is added', + `management_ip` varchar(255) UNIQUE NOT NULL COMMENT 'mgmt. ip of cisco asa1kv device', + `in_port_profile` varchar(255) NOT NULL COMMENT 'inside port profile name of cisco asa1kv device', + `cluster_id` bigint unsigned NOT NULL COMMENT 'id of the Vmware cluster to which cisco asa1kv device is attached (cisco n1kv switch)', + PRIMARY KEY (`id`), + CONSTRAINT `fk_external_cisco_asa1000v_devices__physical_network_id` FOREIGN KEY (`physical_network_id`) REFERENCES `physical_network`(`id`) ON DELETE CASCADE, + CONSTRAINT `fk_external_cisco_asa1000v_devices__cluster_id` FOREIGN KEY (`cluster_id`) REFERENCES `cluster`(`id`) ON DELETE CASCADE +) ENGINE=InnoDB DEFAULT CHARSET=utf8; + +CREATE TABLE `cloud`.`network_asa1000v_map` ( + `id` bigint unsigned NOT NULL AUTO_INCREMENT COMMENT 'id', + `network_id` bigint unsigned NOT NULL UNIQUE COMMENT 'id of guest network', + `asa1000v_id` bigint unsigned NOT NULL UNIQUE COMMENT 'id of asa1000v device', + PRIMARY KEY (`id`), + CONSTRAINT `fk_network_asa1000v_map__network_id` FOREIGN KEY (`network_id`) REFERENCES `networks`(`id`) ON DELETE CASCADE, + CONSTRAINT `fk_network_asa1000v_map__asa1000v_id` FOREIGN KEY (`asa1000v_id`) REFERENCES `external_cisco_asa1000v_devices`(`id`) ON DELETE CASCADE +) ENGINE=InnoDB DEFAULT CHARSET=utf8; + -- Re-enable foreign key checking, at the end of the upgrade path SET foreign_key_checks = 1; + diff --git a/test/integration/component/test_asa1000v_fw.py b/test/integration/component/test_asa1000v_fw.py new file mode 100755 index 00000000000..0b66f971946 --- /dev/null +++ b/test/integration/component/test_asa1000v_fw.py @@ -0,0 +1,134 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +""" Cisco ASA1000v external firewall +""" +#Import Local Modules +import marvin +from nose.plugins.attrib import attr +from marvin.cloudstackTestCase import * +from marvin.cloudstackAPI import * +from marvin.integration.lib.utils import * +from marvin.integration.lib.base import * +from marvin.integration.lib.common import * +from marvin.remoteSSHClient import remoteSSHClient +import datetime + + +class Services: + """Test Cisco ASA1000v services + """ + + def __init__(self): + self.services = { + "vnmc": { + "ipaddress": '10.147.28.236', + "username": 'admin', + "password": 'Password_123', + }, + "asa": { + "ipaddress": '10.147.28.238', + "insideportprofile": 'asa-in123', + }, + "network_offering": { + "name": 'CiscoVnmc', + "displaytext": 'CiscoVnmc', + "guestiptype": 'Isolated', + "supportedservices": 'Dhcp,Dns,SourceNat,PortForwarding,Firewall,UserData,StaticNat', + "traffictype": 'GUEST', + "availability": 'Optional', + "serviceProviderList": { + "Dhcp": 'VirtualRouter', + "Dns": 'VirtualRouter', + "SourceNat": 'CiscoVnmc', + "PortForwarding": 'CiscoVnmc', + "Firewall": 'CiscoVnmc', + "UserData": 'VirtualRouter', + "StaticNat": 'CiscoVnmc', + }, + }, + "network": { + "name": "CiscoVnmc", + "displaytext": "CiscoVnmc", + }, + } + +class TestASASetup(cloudstackTestCase): + + @classmethod + def setUpClass(cls): + cls.apiclient = super( + TestASASetup, + cls + ).getClsTestClient().getApiClient() + cls.services = Services().services + cls.network_offering = NetworkOffering.create( + cls.apiclient, + cls.services["network_offering"], + conservemode=True) + # Enable network offering + cls.network_offering.update(cls.apiclient, state='Enabled') + + cls._cleanup = [ + cls.network_offering, + ] + return + + @classmethod + def tearDownClass(cls): + try: + # Cleanup + cleanup_resources(cls.apiclient, cls._cleanup) + except Exception as e: + raise Exception("Warning: Exception during cleanup : %s" % e) + return + + def setUp(self): + self.apiclient = self.testClient.getApiClient() + self.dbclient = self.testClient.getDbConnection() + + self.zone = get_zone(self.apiclient, self.services) + self.physicalnetworks = PhysicalNetwork.list(self.apiclient, zoneid=self.zone.id) + self.assertNotEqual(len(self.physicalnetworks), 0, "Check if the list physical network API returns a non-empty response") + self.clusters = Cluster.list(self.apiclient, hypervisor='VMware') + self.assertNotEqual(len(self.clusters), 0, "Check if the list cluster API returns a non-empty response") + + return + + def tearDown(self): + try: + self.debug("Cleaning up the resources") + # Cleanup + cleanup_resources(self.apiclient, self._cleanup) + self.debug("Cleanup complete!") + except Exception as e: + raise Exception("Warning: Exception during cleanup : %s" % e) + return + + def test_registerVnmc(self): + Vnmc = VNMC.create(self.apiclient, self.services["vnmc"]["ipaddress"], self.services["vnmc"]["username"], self.services["vnmc"]["password"], self.physicalnetworks[0].id) + self.debug("Cisco VNMC appliance with id %s deployed"%(Vnmc.id)) + VnmcList = VNMC.list(self.apiclient, physicalnetworkid = self.physicalnetworks[0].id) + self.assertNotEqual(len(VnmcList), 0, "List VNMC API returned an empty response") + Vnmc.delete(self.apiclient) + + def test_registerAsa1000v(self): + Asa = ASA1000V.create(self.apiclient, self.services["asa"]["ipaddress"], self.services["asa"]["insideportprofile"], self.clusters[0].id, self.physicalnetworks[0].id) + self.debug("Cisco ASA 1000v appliance with id %s deployed"%(Asa.id)) + AsaList = ASA1000V.list(self.apiclient, physicalnetworkid = self.physicalnetworks[0].id) + self.assertNotEqual(len(AsaList), 0, "List ASA 1000v API returned an empty response") + Asa.delete(self.apiclient) \ No newline at end of file diff --git a/test/integration/smoke/test_iso.py b/test/integration/smoke/test_iso.py index 5bd7bb358be..3f8f11abdf9 100644 --- a/test/integration/smoke/test_iso.py +++ b/test/integration/smoke/test_iso.py @@ -79,8 +79,6 @@ class Services: "timeout": 10, "ostype": "CentOS 5.3 (64-bit)", # CentOS 5.3 (64 bit) - "mode": 'advanced' - # Networking mode: Basic or Advanced } @@ -93,6 +91,7 @@ class TestCreateIso(cloudstackTestCase): # Get Zone, Domain and templates self.domain = get_domain(self.apiclient, self.services) self.zone = get_zone(self.apiclient, self.services) + self.services['mode'] = zone.networktype self.services["domainid"] = self.domain.id self.services["iso_2"]["zoneid"] = self.zone.id diff --git a/test/integration/smoke/test_network.py b/test/integration/smoke/test_network.py index e78cc43fe33..e2c63a4b5b4 100644 --- a/test/integration/smoke/test_network.py +++ b/test/integration/smoke/test_network.py @@ -38,8 +38,6 @@ class Services: self.services = { "ostype": "CentOS 5.3 (64-bit)", # Cent OS 5.3 (64 bit) - "mode": 'advanced', - # Networking mode: Basic or advanced "lb_switch_wait": 10, # Time interval after which LB switches the requests "sleep": 60, @@ -120,7 +118,7 @@ class TestPublicIP(cloudstackTestCase): # Get Zone, Domain and templates cls.domain = get_domain(cls.api_client, cls.services) cls.zone = get_zone(cls.api_client, cls.services) - + cls.services['mode'] = zone.networktype # Create Accounts & networks cls.account = Account.create( cls.api_client, diff --git a/test/integration/smoke/test_public_ip_range.py b/test/integration/smoke/test_public_ip_range.py new file mode 100644 index 00000000000..a7aad6b795c --- /dev/null +++ b/test/integration/smoke/test_public_ip_range.py @@ -0,0 +1,173 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. +""" P1 tests for Dedicating Public IP addresses +""" +#Import Local Modules +import marvin +from nose.plugins.attrib import attr +from marvin.cloudstackTestCase import * +from marvin.cloudstackAPI import * +from marvin.integration.lib.utils import * +from marvin.integration.lib.base import * +from marvin.integration.lib.common import * +import datetime + +class Services: + """Test Dedicating Public IP addresses + """ + + def __init__(self): + self.services = { + "domain": { + "name": "Domain", + }, + "account": { + "email": "test@test.com", + "firstname": "Test", + "lastname": "User", + "username": "test", + "password": "password", + }, + "gateway": "10.102.197.1", + "netmask": "255.255.255.0", + "forvirtualnetwork": "true", + "startip": "10.102.197.70", + "endip": "10.102.197.73", + "zoneid": "1", + "podid": "", + "vlan": "101", + } + +class TesDedicatePublicIPRange(cloudstackTestCase): + + @classmethod + def setUpClass(cls): + cls.api_client = super(TesDedicatePublicIPRange, cls).getClsTestClient().getApiClient() + cls.services = Services().services + # Get Zone, Domain + cls.domain = get_domain(cls.api_client, cls.services) + cls.zone = get_zone(cls.api_client, cls.services) + + # Create Account + cls.account = Account.create( + cls.api_client, + cls.services["account"], + domainid=cls.domain.id + ) + cls._cleanup = [ + cls.account, + ] + return + + @classmethod + def tearDownClass(cls): + try: + # Cleanup resources used + cleanup_resources(cls.api_client, cls._cleanup) + except Exception as e: + raise Exception("Warning: Exception during cleanup : %s" % e) + return + + def setUp(self): + self.apiclient = self.testClient.getApiClient() + self.dbclient = self.testClient.getDbConnection() + self.cleanup = [] + return + + def tearDown(self): + try: + # Clean up + cleanup_resources(self.apiclient, self.cleanup) + except Exception as e: + raise Exception("Warning: Exception during cleanup : %s" % e) + return + + @attr(tags = ["simulator", "publiciprange", "dedicate", "release"]) + def test_dedicatePublicIpRange(self): + """Test public IP range dedication + """ + + # Validate the following: + # 1. Create a Public IP range + # 2. Created IP range should be present, verify with listVlanIpRanges + # 3. Dedicate the created IP range to user account + # 4. Verify IP range is dedicated, verify with listVlanIpRanges + # 5. Release the dedicated Public IP range back to the system + # 6. Verify IP range has been released, verify with listVlanIpRanges + # 7. Delete the Public IP range + + self.debug("Creating Public IP range") + self.public_ip_range = PublicIpRange.create( + self.api_client, + self.services + ) + list_public_ip_range_response = PublicIpRange.list( + self.apiclient, + id=self.public_ip_range.vlan.id + ) + self.debug( + "Verify listPublicIpRanges response for public ip ranges: %s" \ + % self.public_ip_range.vlan.id + ) + self.assertEqual( + isinstance(list_public_ip_range_response, list), + True, + "Check for list Public IP range response" + ) + public_ip_response = list_public_ip_range_response[0] + self.assertEqual( + public_ip_response.id, + self.public_ip_range.vlan.id, + "Check public ip range response id is in listVlanIpRanges" + ) + + self.debug("Dedicating Public IP range"); + dedicate_public_ip_range_response = PublicIpRange.dedicate( + self.apiclient, + self.public_ip_range.vlan.id, + account=self.account.account.name, + domainid=self.account.account.domainid + ) + list_public_ip_range_response = PublicIpRange.list( + self.apiclient, + id=self.public_ip_range.vlan.id + ) + public_ip_response = list_public_ip_range_response[0] + self.assertEqual( + public_ip_response.account, + self.account.account.name, + "Check account name is in listVlanIpRanges as the account public ip range is dedicated to" + ) + + self.debug("Releasing Public IP range"); + self.public_ip_range.release(self.apiclient) + list_public_ip_range_response = PublicIpRange.list( + self.apiclient, + id=self.public_ip_range.vlan.id + ) + public_ip_response = list_public_ip_range_response[0] + self.assertEqual( + public_ip_response.account, + "system", + "Check account name is system account in listVlanIpRanges" + ) + + self.debug("Deleting Public IP range"); + self.public_ip_range.delete(self.apiclient) + + return + diff --git a/test/integration/smoke/test_routers.py b/test/integration/smoke/test_routers.py index 435c7e41a43..93116bfd58a 100644 --- a/test/integration/smoke/test_routers.py +++ b/test/integration/smoke/test_routers.py @@ -64,7 +64,6 @@ class Services: "ostype": "CentOS 5.3 (64-bit)", "sleep": 60, "timeout": 10, - "mode": 'advanced', #Networking mode: Basic, Advanced } @@ -81,6 +80,7 @@ class TestRouterServices(cloudstackTestCase): # Get Zone, Domain and templates cls.domain = get_domain(cls.api_client, cls.services) cls.zone = get_zone(cls.api_client, cls.services) + self.services['mode'] = zone.networktype template = get_template( cls.api_client, cls.zone.id, diff --git a/test/integration/smoke/test_templates.py b/test/integration/smoke/test_templates.py index 663b174ed78..2b0e2f5ce97 100644 --- a/test/integration/smoke/test_templates.py +++ b/test/integration/smoke/test_templates.py @@ -93,8 +93,6 @@ class Services: "bootable": True, "passwordenabled": True, "ostype": "CentOS 5.3 (64-bit)", - "mode": 'advanced', - # Networking mode: Advanced, basic "sleep": 30, "timeout": 10, } @@ -126,6 +124,7 @@ class TestCreateTemplate(cloudstackTestCase): # Get Zone, Domain and templates cls.domain = get_domain(cls.api_client, cls.services) cls.zone = get_zone(cls.api_client, cls.services) + cls.services['mode'] = zone.networktype cls.disk_offering = DiskOffering.create( cls.api_client, cls.services["disk_offering"] diff --git a/test/integration/smoke/test_vm_life_cycle.py b/test/integration/smoke/test_vm_life_cycle.py index 564f6e854a5..cf9fd7530f1 100644 --- a/test/integration/smoke/test_vm_life_cycle.py +++ b/test/integration/smoke/test_vm_life_cycle.py @@ -1038,4 +1038,4 @@ class TestVMLifeCycle(cloudstackTestCase): False, "Check if ISO is detached from virtual machine" ) - return \ No newline at end of file + return diff --git a/test/integration/smoke/test_volumes.py b/test/integration/smoke/test_volumes.py index 36eb5ded263..9aa44eb6f1f 100644 --- a/test/integration/smoke/test_volumes.py +++ b/test/integration/smoke/test_volumes.py @@ -78,13 +78,12 @@ class Services: "password": "password", "ssh_port": 22, "diskname": "TestDiskServ", - "hypervisor": 'XenServer', + "hypervisor": 'KVM', "privateport": 22, "publicport": 22, "protocol": 'TCP', "diskdevice": "/dev/xvdb", - "ostype": 'CentOS 5.3 (64-bit)', - "mode": 'basic', + "ostype": 'CentOS 5.5 (64-bit)', "sleep": 10, "timeout": 600, } @@ -100,6 +99,7 @@ class TestCreateVolume(cloudstackTestCase): # Get Zone, Domain and templates cls.domain = get_domain(cls.api_client, cls.services) cls.zone = get_zone(cls.api_client, cls.services) + cls.services['mode'] = zone.networktype cls.disk_offering = DiskOffering.create( cls.api_client, cls.services["disk_offering"] @@ -358,6 +358,12 @@ class TestVolumes(cloudstackTestCase): def setUp(self): self.apiClient = self.testClient.getApiClient() self.dbclient = self.testClient.getDbConnection() + self.cleanup = [] + + def tearDown(self): + #Clean up, terminate the created volumes + cleanup_resources(self.apiClient, self.cleanup) + return @attr(tags = ["advanced", "advancedns", "smoke"]) def test_02_attach_volume(self): @@ -535,9 +541,13 @@ class TestVolumes(cloudstackTestCase): try: response = self.apiClient.resizeVolume(cmd) except Exception as ex: - if str(ex) == "HTTP Error 431: 431": + #print str(ex) + if "HTTP Error 431:" in str(ex): success = True - self.assertEqual(success, True, "ResizeVolume - verify invalid id is handled appropriately") + self.assertEqual( + success, + True, + "ResizeVolume - verify invalid id is handled appropriately") # Next, we'll try an invalid disk offering id cmd.id = self.volume.id @@ -546,16 +556,29 @@ class TestVolumes(cloudstackTestCase): try: response = self.apiClient.resizeVolume(cmd) except Exception as ex: - if "need to specify a disk offering" in str(ex): + if "HTTP Error 431:" in str(ex): success = True - self.assertEqual(success, True, "ResizeVolume - verify disk offering is handled appropriately") - + self.assertEqual( + success, + True, + "ResizeVolume - verify disk offering is handled appropriately") # Ok, now let's try and resize a volume that is not custom. cmd.id = self.volume.id cmd.diskofferingid = self.services['diskofferingid'] cmd.size = 4 currentSize = self.volume.size + self.debug( + "Attaching volume (ID: %s) to VM (ID: %s)" % ( + self.volume.id, + self.virtual_machine.id) + ) + #attach the volume + self.virtual_machine.attach_volume(self.apiClient, self.volume) + #stop the vm if it is on xenserver + if self.services['hypervisor'].lower() == "xenserver": + self.virtual_machine.stop(self.apiClient) + self.apiClient.resizeVolume(cmd) count = 0 success = True @@ -566,7 +589,7 @@ class TestVolumes(cloudstackTestCase): type='DATADISK' ) for vol in list_volume_response: - if vol.id == self.volume.id and vol.size != currentSize: + if vol.id == self.volume.id and vol.size != currentSize and vol.state != "Resizing": success = False if success: break @@ -579,12 +602,21 @@ class TestVolumes(cloudstackTestCase): True, "Verify the volume did not resize" ) - + self.virtual_machine.detach_volume(self.apiClient, self.volume) + self.cleanup.append(self.volume) @attr(tags = ["advanced", "advancedns", "smoke"]) def test_08_resize_volume(self): """Resize a volume""" # Verify the size is the new size is what we wanted it to be. + self.debug( + "Attaching volume (ID: %s) to VM (ID: %s)" % ( + self.volume.id, + self.virtual_machine.id + )) + self.virtual_machine.attach_volume(self.apiClient, self.volume) + if self.services['hypervisor'].lower() == "xenserver": + self.virtual_machine.stop(self.apiClient) self.debug("Resize Volume ID: %s" % self.volume.id) cmd = resizeVolume.resizeVolumeCmd() @@ -616,6 +648,9 @@ class TestVolumes(cloudstackTestCase): "Check if the volume resized appropriately" ) + self.virtual_machine.detach_volume(self.apiClient, self.volume) + self.cleanup.append(self.volume) + @attr(tags = ["advanced", "advancedns", "smoke"]) def test_09_delete_detached_volume(self): """Delete a Volume unattached to an VM diff --git a/tools/apidoc/gen_toc.py b/tools/apidoc/gen_toc.py index 2d5292b8426..5403adb99df 100644 --- a/tools/apidoc/gen_toc.py +++ b/tools/apidoc/gen_toc.py @@ -83,6 +83,7 @@ known_categories = { 'Configuration': 'Configuration', 'Capabilities': 'Configuration', 'Pod': 'Pod', + 'PublicIpRange': 'Network', 'Zone': 'Zone', 'NetworkOffering': 'Network Offering', 'NetworkACL': 'Network ACL', diff --git a/tools/build/build_docs.sh b/tools/build/build_docs.sh index 62617a3df9d..11b24141d95 100755 --- a/tools/build/build_docs.sh +++ b/tools/build/build_docs.sh @@ -20,6 +20,7 @@ sourcedir=~/incubator-cloudstack/ common_content_dir=/usr/share/publican/Common_Content publican_path=/usr/bin/publican output_format="html,pdf" +config="publican-adminguide.cfg" usage(){ echo "usage: $0 [-s source dir] [-c publican common content] [-p path to publican]" @@ -27,10 +28,11 @@ usage(){ echo " -c sets the public common content directory (defaults to $common_content_dir)" echo " -p sets the path to the publican binary (defaults to $publican_path)" echo " -f sets the output format (defaults to $output_format)" - echo " -h" + echo " -g sets the publican config file (defaults to $config)" + echo " -h show this help" } -while getopts v:s:c:p:f:h opt +while getopts v:s:c:p:f:g:h opt do case "$opt" in v) version="$OPTARG";; @@ -38,6 +40,7 @@ do c) common_content_dir="$OPTARG";; p) publican_path="$OPTARG";; f) output_format="$OPTARG";; + g) config="$OPTARG";; h) usage exit 0;; \?) @@ -59,5 +62,5 @@ fi cd $sourcedir/docs cp -R /usr/share/publican/Common_Content . ln -s $sourcedir/docs/publican-cloudstack Common_Content/cloudstack -publican build --config=publican-installation.cfg --formats $output_format --langs en-US --common_content=$sourcedir/docs/Common_Content -rm -r Common_Content \ No newline at end of file +publican build --config=$config --formats $output_format --langs en-US --common_content=$sourcedir/docs/Common_Content +rm -r Common_Content diff --git a/tools/marvin/marvin/integration/lib/base.py b/tools/marvin/marvin/integration/lib/base.py old mode 100644 new mode 100755 index d27ab3b2903..0185c87fed9 --- a/tools/marvin/marvin/integration/lib/base.py +++ b/tools/marvin/marvin/integration/lib/base.py @@ -1873,7 +1873,7 @@ class PublicIpRange: """Delete VlanIpRange""" cmd = deleteVlanIpRange.deleteVlanIpRangeCmd() - cmd.id = self.id + cmd.id = self.vlan.id apiclient.deleteVlanIpRange(cmd) @classmethod @@ -1884,6 +1884,23 @@ class PublicIpRange: [setattr(cmd, k, v) for k, v in kwargs.items()] return(apiclient.listVlanIpRanges(cmd)) + @classmethod + def dedicate(cls, apiclient, id, account=None, domainid=None, projectid=None): + """Dedicate VLAN IP range""" + + cmd = dedicatePublicIpRange.dedicatePublicIpRangeCmd() + cmd.id = id + cmd.account = account + cmd.domainid = domainid + cmd.projectid = projectid + return PublicIpRange(apiclient.dedicatePublicIpRange(cmd).__dict__) + + def release(self, apiclient): + """Release VLAN IP range""" + + cmd = releasePublicIpRange.releasePublicIpRangeCmd() + cmd.id = self.vlan.id + return apiclient.releasePublicIpRange(cmd) class SecondaryStorage: """Manage Secondary storage""" @@ -2427,7 +2444,6 @@ class VPC: [setattr(cmd, k, v) for k, v in kwargs.items()] return(apiclient.listVPCs(cmd)) - class AffinityGroup: def __init__(self, items): self.__dict__.update(items) @@ -2450,9 +2466,71 @@ class AffinityGroup: cmd.id = self.id return apiclient.deleteVPC(cmd) - @classmethod def list(cls, apiclient, **kwargs): cmd = listAffinityGroups.listAffinityGroupsCmd() [setattr(cmd, k, v) for k, v in kwargs.items()] return(apiclient.listVPCs(cmd)) + +class VNMC: + """Manage VNMC lifecycle""" + + def __init__(self, items): + self.__dict__.update(items) + + def create(cls, apiclient, hostname, username, password, physicalnetworkid): + """Registers VNMC appliance""" + + cmd = addCiscoVnmcResource.addCiscoVnmcResourceCmd() + cmd.hostname = hostname + cmd.username = username + cmd.password = password + cmd.physicalnetworkid = physicalnetworkid + return VNMC(apiclient.addCiscoVnmcResource(cmd)) + + def delete(self, apiclient): + """Removes VNMC appliance""" + + cmd = deleteCiscoVnmcResource.deleteCiscoVnmcResourceCmd() + cmd.resourceid = self.resourceid + return apiclient.deleteCiscoVnmcResource(cmd) + + @classmethod + def list(cls, apiclient, **kwargs): + """List VNMC appliances""" + + cmd = listCiscoVnmcResources.listCiscoVnmcResourcesCmd() + [setattr(cmd, k, v) for k, v in kwargs.items()] + return(apiclient.listCiscoVnmcResources(cmd)) + +class ASA1000V: + """Manage ASA 1000v lifecycle""" + + def __init__(self, items): + self.__dict__.update(items) + + @classmethod + def create(cls, apiclient, hostname, insideportprofile, clusterid, physicalnetworkid): + """Registers ASA 1000v appliance""" + + cmd = addCiscoAsa1000vResource.addCiscoAsa1000vResourceCmd() + cmd.hostname = hostname + cmd.insideportprofile = insideportprofile + cmd.clusterid = clusterid + cmd.physicalnetworkid = physicalnetworkid + return ASA1000V(apiclient.addCiscoAsa1000vResource(cmd)) + + def delete(self, apiclient): + """Removes ASA 1000v appliance""" + + cmd = deleteCiscoAsa1000vResource.deleteCiscoAsa1000vResourceCmd() + cmd.resourceid = self.resourceid + return apiclient.deleteCiscoAsa1000vResource(cmd) + + @classmethod + def list(cls, apiclient, **kwargs): + """List ASA 1000v appliances""" + + cmd = listCiscoAsa1000vResources.listCiscoAsa1000vResourcesCmd() + [setattr(cmd, k, v) for k, v in kwargs.items()] + return(apiclient.listCiscoAsa1000vResources(cmd)) diff --git a/ui/scripts/dashboard.js b/ui/scripts/dashboard.js index 845ae52259b..e8ab6c531f9 100644 --- a/ui/scripts/dashboard.js +++ b/ui/scripts/dashboard.js @@ -238,7 +238,7 @@ return { zoneID: capacity.zoneid, // Temporary fix for dashboard zoneName: capacity.zonename, - type: cloudStack.converters.toAlertType(capacity.type), + type: cloudStack.converters.toCapacityCountType(capacity.type), percent: parseInt(capacity.percentused), used: cloudStack.converters.convertByType(capacity.type, capacity.capacityused), total: cloudStack.converters.convertByType(capacity.type, capacity.capacitytotal) diff --git a/ui/scripts/instances.js b/ui/scripts/instances.js index b230cf72583..6273a78575a 100644 --- a/ui/scripts/instances.js +++ b/ui/scripts/instances.js @@ -1152,9 +1152,36 @@ scaleUp:{ label:'scaleUp VM', + createForm:{ + title:'Scale UP Virtual Machine', + label:'Scale UP Virtual Machine', + fields:{ + serviceOffering: { + label: 'label.compute.offering', + select: function(args) { + $.ajax({ + url: createURL("listServiceOfferings&VirtualMachineId=" + args.context.instances[0].id), + dataType: "json", + async: true, + success: function(json) { + var serviceofferings = json.listserviceofferingsresponse.serviceoffering; + var items = []; + $(serviceofferings).each(function() { + items.push({id: this.id, description: this.displaytext}); + }); + args.response.success({data: items}); + } + }); + } + } + + + } + }, + action: function(args) { $.ajax({ - url: createURL("scaleVirtualMachine&id=" + args.context.instances[0].id + "&serviceofferingid=" + args.context.instances[0].serviceofferingid), + url: createURL("scaleVirtualMachine&id=" + args.context.instances[0].id + "&serviceofferingid=" + args.data.serviceOffering), dataType: "json", async: true, success: function(json) { diff --git a/ui/scripts/network.js b/ui/scripts/network.js index b6ed0fe9904..a759fb29211 100755 --- a/ui/scripts/network.js +++ b/ui/scripts/network.js @@ -923,7 +923,7 @@ hiddenTabs.push("addloadBalancer"); } - if (isVPC || isAdvancedSGZone || hasSRXFirewall) { + if (isVPC || isAdvancedSGZone ) { hiddenTabs.push('egressRules'); } diff --git a/ui/scripts/sharedFunctions.js b/ui/scripts/sharedFunctions.js index 86fe7f6416c..74675314040 100644 --- a/ui/scripts/sharedFunctions.js +++ b/ui/scripts/sharedFunctions.js @@ -325,7 +325,8 @@ cloudStack.converters = { if(g_timezoneoffset != null) localDate = disconnected.getTimePlusTimezoneOffset(g_timezoneoffset); else - localDate = disconnected.getTimePlusTimezoneOffset(0); + localDate = disconnected.toUTCString(); + // localDate = disconnected.getTimePlusTimezoneOffset(0); } return localDate; }, @@ -425,6 +426,31 @@ cloudStack.converters = { case 26 : return "Resource Limit Exceeded"; } }, + + toCapacityCountType:function(capacityCode){ + switch(capacityCode){ + case 0 : return _l('label.memory'); + case 1 : return _l('label.cpu'); + case 2 : return _l('label.storage'); + case 3 : return _l('label.primary.storage'); + case 4 : return _l('label.public.ips'); + case 5 : return _l('label.management.ips'); + case 6 : return _l('label.secondary.storage'); + case 7 : return _l('label.vlan'); + case 8 : return _l('label.direct.ips'); + case 9 : return _l('label.local.storage'); + case 10 : return "Routing Host"; + case 11 : return "Storage"; + case 12 : return "Usage Server"; + case 13 : return "Management Server"; + case 14 : return "Domain Router"; + case 15 : return "Console Proxy"; + case 16 : return "User VM"; + case 17 : return "VLAN"; + case 18 : return "Secondary Storage VM"; + } + }, + convertByType: function(alertCode, value) { switch(alertCode) { case 0: return cloudStack.converters.convertBytes(value); diff --git a/utils/src/com/cloud/utils/cisco/n1kv/vsm/NetconfHelper.java b/utils/src/com/cloud/utils/cisco/n1kv/vsm/NetconfHelper.java index be8d68a5648..06718d0f35e 100644 --- a/utils/src/com/cloud/utils/cisco/n1kv/vsm/NetconfHelper.java +++ b/utils/src/com/cloud/utils/cisco/n1kv/vsm/NetconfHelper.java @@ -79,6 +79,17 @@ public class NetconfHelper { parseOkReply(receive()); } + public void addPortProfile(String name, PortProfileType type, BindingType binding, + SwitchPortMode mode, int vlanid, String vdc, String espName) throws CloudRuntimeException { + String command = VsmCommand.getAddPortProfile(name, type, binding, mode, vlanid, vdc, espName); + if (command != null) { + command = command.concat(SSH_NETCONF_TERMINATOR); + parseOkReply(sendAndReceive(command)); + } else { + throw new CloudRuntimeException("Error generating rpc request for adding port profile."); + } + } + public void addPortProfile(String name, PortProfileType type, BindingType binding, SwitchPortMode mode, int vlanid) throws CloudRuntimeException { String command = VsmCommand.getAddPortProfile(name, type, binding, mode, vlanid); @@ -160,6 +171,17 @@ public class NetconfHelper { } } + public void addVServiceNode(String vlanId, String ipAddr) + throws CloudRuntimeException { + String command = VsmCommand.getVServiceNode(vlanId, ipAddr); + if (command != null) { + command = command.concat(SSH_NETCONF_TERMINATOR); + parseOkReply(sendAndReceive(command)); + } else { + throw new CloudRuntimeException("Error generating rpc request for adding vservice node for vlan " + vlanId); + } + } + public PortProfile getPortProfileByName(String name) throws CloudRuntimeException { String command = VsmCommand.getPortProfile(name); if (command != null) { diff --git a/utils/src/com/cloud/utils/cisco/n1kv/vsm/VsmCommand.java b/utils/src/com/cloud/utils/cisco/n1kv/vsm/VsmCommand.java index d1887f6417d..fdab390557d 100644 --- a/utils/src/com/cloud/utils/cisco/n1kv/vsm/VsmCommand.java +++ b/utils/src/com/cloud/utils/cisco/n1kv/vsm/VsmCommand.java @@ -69,6 +69,40 @@ public class VsmCommand { removevlanid } + public static String getAddPortProfile(String name, PortProfileType type, + BindingType binding, SwitchPortMode mode, int vlanid, String vdc, String espName) { + try { + // Create the document and root element. + DocumentBuilderFactory docFactory = DocumentBuilderFactory.newInstance(); + DocumentBuilder docBuilder = docFactory.newDocumentBuilder(); + DOMImplementation domImpl = docBuilder.getDOMImplementation(); + Document doc = createDocument(domImpl); + + // Edit configuration command. + Element editConfig = doc.createElement("nf:edit-config"); + doc.getDocumentElement().appendChild(editConfig); + + // Command to get into exec configure mode. + Element target = doc.createElement("nf:target"); + Element running = doc.createElement("nf:running"); + target.appendChild(running); + editConfig.appendChild(target); + + // Command to create the port profile with the desired configuration. + Element config = doc.createElement("nf:config"); + config.appendChild(configPortProfileDetails(doc, name, type, binding, mode, vlanid, vdc, espName)); + editConfig.appendChild(config); + + return serialize(domImpl, doc); + } catch (ParserConfigurationException e) { + s_logger.error("Error while creating add port profile message : " + e.getMessage()); + return null; + } catch (DOMException e) { + s_logger.error("Error while creating add port profile message : " + e.getMessage()); + return null; + } + } + public static String getAddPortProfile(String name, PortProfileType type, BindingType binding, SwitchPortMode mode, int vlanid) { try { @@ -366,6 +400,184 @@ public class VsmCommand { } } + public static String getVServiceNode(String vlanId, String ipAddr) { + try { + // Create the document and root element. + DocumentBuilderFactory docFactory = DocumentBuilderFactory.newInstance(); + DocumentBuilder docBuilder = docFactory.newDocumentBuilder(); + DOMImplementation domImpl = docBuilder.getDOMImplementation(); + Document doc = createDocument(domImpl); + + // Edit configuration command. + Element editConfig = doc.createElement("nf:edit-config"); + doc.getDocumentElement().appendChild(editConfig); + + // Command to get into exec configure mode. + Element target = doc.createElement("nf:target"); + Element running = doc.createElement("nf:running"); + target.appendChild(running); + editConfig.appendChild(target); + + // Command to create the port profile with the desired configuration. + Element config = doc.createElement("nf:config"); + config.appendChild(configVServiceNodeDetails(doc, vlanId, ipAddr)); + editConfig.appendChild(config); + + return serialize(domImpl, doc); + } catch (ParserConfigurationException e) { + s_logger.error("Error while adding vservice node for vlan " + vlanId + ", " + e.getMessage()); + return null; + } catch (DOMException e) { + s_logger.error("Error while adding vservice node for vlan " + vlanId + ", " + e.getMessage()); + return null; + } + } + + private static Element configVServiceNodeDetails(Document doc, String vlanId, String ipAddr) { + // In mode, exec_configure. + Element configure = doc.createElementNS(s_ciscons, "nxos:configure"); + Element modeConfigure = doc.createElement("nxos:" + s_configuremode); + configure.appendChild(modeConfigure); + + // vservice node %name% type asa + Element vservice = doc.createElement("vservice"); + vservice.appendChild(doc.createElement("node")) + .appendChild(doc.createElement("ASA_" + vlanId)) + .appendChild(doc.createElement("type")) + .appendChild(doc.createElement("asa")); + modeConfigure.appendChild(vservice); + + Element address = doc.createElement(s_paramvalue); + address.setAttribute("isKey", "true"); + address.setTextContent(ipAddr); + + // ip address %ipAddr% + modeConfigure.appendChild(doc.createElement("ip")) + .appendChild(doc.createElement("address")) + .appendChild(doc.createElement("value")) + .appendChild(address); + + Element vlan = doc.createElement(s_paramvalue); + vlan.setAttribute("isKey", "true"); + vlan.setTextContent(vlanId); + + // adjacency l2 vlan %vlanId% + modeConfigure.appendChild(doc.createElement("adjacency")) + .appendChild(doc.createElement("l2")) + .appendChild(doc.createElement("vlan")) + .appendChild(doc.createElement("value")) + .appendChild(vlan); + + // fail-mode close + modeConfigure.appendChild(doc.createElement("fail-mode")) + .appendChild(doc.createElement("close")); + + // Persist the configuration across reboots. + modeConfigure.appendChild(persistConfiguration(doc)); + + return configure; + } + + private static Element configPortProfileDetails(Document doc, String name, PortProfileType type, + BindingType binding, SwitchPortMode mode, int vlanid, String vdc, String espName) { + + // In mode, exec_configure. + Element configure = doc.createElementNS(s_ciscons, "nxos:configure"); + Element modeConfigure = doc.createElement("nxos:" + s_configuremode); + configure.appendChild(modeConfigure); + + // Port profile name and type configuration. + Element portProfile = doc.createElement("port-profile"); + modeConfigure.appendChild(portProfile); + + // Port profile type. + Element portDetails = doc.createElement("name"); + switch (type) { + case none: + portProfile.appendChild(portDetails); + break; + case ethernet: + { + Element typetag = doc.createElement("type"); + Element ethernettype = doc.createElement("ethernet"); + portProfile.appendChild(typetag); + typetag.appendChild(ethernettype); + ethernettype.appendChild(portDetails); + } + break; + case vethernet: + { + Element typetag = doc.createElement("type"); + Element ethernettype = doc.createElement("vethernet"); + portProfile.appendChild(typetag); + typetag.appendChild(ethernettype); + ethernettype.appendChild(portDetails); + } + break; + } + + // Port profile name. + Element value = doc.createElement(s_paramvalue); + value.setAttribute("isKey", "true"); + value.setTextContent(name); + portDetails.appendChild(value); + + // element for port prof mode. + Element portProf = doc.createElement(s_portprofmode); + portDetails.appendChild(portProf); + + // Binding type. + if (binding != BindingType.none) { + portProf.appendChild(getBindingType(doc, binding)); + } + + if (mode != SwitchPortMode.none) { + // Switchport mode. + portProf.appendChild(getSwitchPortMode(doc, mode)); + // Adding vlan details. + if (vlanid > 0) { + portProf.appendChild(getAddVlanDetails(doc, mode, Integer.toString(vlanid))); + } + } + + // Command "vmware port-group". + Element vmware = doc.createElement("vmware"); + Element portgroup = doc.createElement("port-group"); + vmware.appendChild(portgroup); + portProf.appendChild(vmware); + + // org root/%vdc% + // vservice node profile + Element org = doc.createElement("org"); + org.appendChild(doc.createElement(vdc)); + portProf.appendChild(org); + + String asaNodeName = "ASA_" + vlanid; + Element vservice = doc.createElement("vservice"); + vservice.appendChild(doc.createElement("node")) + .appendChild(doc.createElement(asaNodeName)) + .appendChild(doc.createElement("profile")) + .appendChild(doc.createElement(espName)); + portProf.appendChild(vservice); + + // no shutdown. + Element no = doc.createElement("no"); + Element shutdown = doc.createElement("shutdown"); + no.appendChild(shutdown); + portProf.appendChild(no); + + // Enable the port profile. + Element state = doc.createElement("state"); + Element enabled = doc.createElement("enabled"); + state.appendChild(enabled); + portProf.appendChild(state); + + // Persist the configuration across reboots. + modeConfigure.appendChild(persistConfiguration(doc)); + + return configure; + } + private static Element configPortProfileDetails(Document doc, String name, PortProfileType type, BindingType binding, SwitchPortMode mode, int vlanid) { @@ -433,6 +645,7 @@ public class VsmCommand { Element portgroup = doc.createElement("port-group"); vmware.appendChild(portgroup); portProf.appendChild(vmware); + // no shutdown. Element no = doc.createElement("no"); diff --git a/utils/src/com/cloud/utils/component/ComponentContext.java b/utils/src/com/cloud/utils/component/ComponentContext.java index 796d4ec0282..5c5194cca2d 100644 --- a/utils/src/com/cloud/utils/component/ComponentContext.java +++ b/utils/src/com/cloud/utils/component/ComponentContext.java @@ -71,14 +71,14 @@ public class ComponentContext implements ApplicationContextAware { beanFactory.configureBean(bean, entry.getKey()); } - Map lifecyleComponents = getApplicationContext().getBeansOfType(ComponentLifecycle.class); + Map lifecycleComponents = getApplicationContext().getBeansOfType(ComponentLifecycle.class); Map[] classifiedComponents = new Map[ComponentLifecycle.MAX_RUN_LEVELS]; for(int i = 0; i < ComponentLifecycle.MAX_RUN_LEVELS; i++) { classifiedComponents[i] = new HashMap(); } - for(Map.Entry entry : lifecyleComponents.entrySet()) { + for(Map.Entry entry : lifecycleComponents.entrySet()) { classifiedComponents[entry.getValue().getRunLevel()].put(entry.getKey(), entry.getValue()); } diff --git a/vmware-base/src/com/cloud/hypervisor/vmware/mo/HypervisorHostHelper.java b/vmware-base/src/com/cloud/hypervisor/vmware/mo/HypervisorHostHelper.java index 621c091481a..7f323c5e400 100755 --- a/vmware-base/src/com/cloud/hypervisor/vmware/mo/HypervisorHostHelper.java +++ b/vmware-base/src/com/cloud/hypervisor/vmware/mo/HypervisorHostHelper.java @@ -163,7 +163,8 @@ public class HypervisorHostHelper { } public static void createPortProfile(VmwareContext context, String ethPortProfileName, String networkName, - Integer vlanId, Integer networkRateMbps, long peakBandwidth, long burstSize) throws Exception { + Integer vlanId, Integer networkRateMbps, long peakBandwidth, long burstSize, + String gateway, boolean configureVServiceInNexus) throws Exception { Map vsmCredentials = getValidatedVsmCredentials(context); String vsmIp = vsmCredentials.get("vsmip"); String vsmUserName = vsmCredentials.get("vsmusername"); @@ -233,8 +234,18 @@ public class HypervisorHostHelper { s_logger.info("Adding port profile configured over untagged VLAN."); netconfClient.addPortProfile(networkName, PortProfileType.vethernet, BindingType.portbindingstatic, SwitchPortMode.access, 0); } else { - s_logger.info("Adding port profile configured over VLAN : " + vlanId.toString()); - netconfClient.addPortProfile(networkName, PortProfileType.vethernet, BindingType.portbindingstatic, SwitchPortMode.access, vlanId.intValue()); + if (!configureVServiceInNexus) { + s_logger.info("Adding port profile configured over VLAN : " + vlanId.toString()); + netconfClient.addPortProfile(networkName, PortProfileType.vethernet, BindingType.portbindingstatic, SwitchPortMode.access, vlanId.intValue()); + } else { + String tenant = "vlan-" + vlanId.intValue(); + String vdc = "root/" + tenant + "/VDC-" + tenant; + String esp = "ESP-" + tenant; + s_logger.info("Adding vservice node in Nexus VSM for VLAN : " + vlanId.toString()); + netconfClient.addVServiceNode(vlanId.toString(), gateway); + s_logger.info("Adding port profile with vservice details configured over VLAN : " + vlanId.toString()); + netconfClient.addPortProfile(networkName, PortProfileType.vethernet, BindingType.portbindingstatic, SwitchPortMode.access, vlanId.intValue(), vdc, esp); + } } } catch (CloudRuntimeException e) { msg = "Failed to add vEthernet port profile " + networkName + "." + ". Exception: " + e.toString(); @@ -402,7 +413,7 @@ public class HypervisorHostHelper { public static Pair prepareNetwork(String physicalNetwork, String namePrefix, HostMO hostMo, String vlanId, Integer networkRateMbps, Integer networkRateMulticastMbps, long timeOutMs, - VirtualSwitchType vSwitchType, int numPorts) throws Exception { + VirtualSwitchType vSwitchType, int numPorts, String gateway, boolean configureVServiceInNexus) throws Exception { ManagedObjectReference morNetwork = null; VmwareContext context = hostMo.getContext(); ManagedObjectReference dcMor = hostMo.getHyperHostDatacenter(); @@ -504,22 +515,22 @@ public class HypervisorHostHelper { } else { s_logger.info("Found Ethernet port profile " + ethPortProfileName); } - long averageBandwidth = 0L; - if (networkRateMbps != null && networkRateMbps.intValue() > 0) { - averageBandwidth = (long) (networkRateMbps.intValue() * 1024L * 1024L); - } - // We chose 50% higher allocation than average bandwidth. + long averageBandwidth = 0L; + if (networkRateMbps != null && networkRateMbps.intValue() > 0) { + averageBandwidth = (long) (networkRateMbps.intValue() * 1024L * 1024L); + } + // We chose 50% higher allocation than average bandwidth. // TODO(sateesh): Optionally let user specify the peak coefficient - long peakBandwidth = (long) (averageBandwidth * 1.5); + long peakBandwidth = (long) (averageBandwidth * 1.5); // TODO(sateesh): Optionally let user specify the burst coefficient - long burstSize = 5 * averageBandwidth / 8; + long burstSize = 5 * averageBandwidth / 8; - if (!dataCenterMo.hasDvPortGroup(networkName)) { - s_logger.info("Port profile " + networkName + " not found."); - createPortProfile(context, physicalNetwork, networkName, vid, networkRateMbps, peakBandwidth, burstSize); - bWaitPortGroupReady = true; - } else { - s_logger.info("Port profile " + networkName + " found."); + if (!dataCenterMo.hasDvPortGroup(networkName)) { + s_logger.info("Port profile " + networkName + " not found."); + createPortProfile(context, physicalNetwork, networkName, vid, networkRateMbps, peakBandwidth, burstSize, gateway, configureVServiceInNexus); + bWaitPortGroupReady = true; + } else { + s_logger.info("Port profile " + networkName + " found."); updatePortProfile(context, physicalNetwork, networkName, vid, networkRateMbps, peakBandwidth, burstSize); } }