diff --git a/server/src/com/cloud/network/NetworkManagerImpl.java b/server/src/com/cloud/network/NetworkManagerImpl.java index 0d4a41d9597..69461209b64 100755 --- a/server/src/com/cloud/network/NetworkManagerImpl.java +++ b/server/src/com/cloud/network/NetworkManagerImpl.java @@ -1180,7 +1180,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag boolean isSourceNat = false; if (!sharedSourceNat) { if (getExistingSourceNat(owner.getId(), networkId, null) == null) { - if (network.getGuestType() == GuestType.Isolated) { + if (network.getGuestType() == GuestType.Isolated && network.getVpcId() == null) { isSourceNat = true; } } diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java index a4cb4b2d410..d732fa0de81 100755 --- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java +++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java @@ -1954,7 +1954,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian protected void finalizeNetworkRulesForNetwork(Commands cmds, DomainRouterVO router, Provider provider, Long guestNetworkId) { s_logger.debug("Resending ipAssoc, port forwarding, load balancing rules as a part of Virtual router start"); - ArrayList publicIps = getPublicIpsToApply(router, provider, guestNetworkId); + ArrayList publicIps = getPublicIpsToApply(router, provider, guestNetworkId); if (publicIps != null && !publicIps.isEmpty()) { List vpns = new ArrayList(); @@ -1964,7 +1964,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian List firewallRules = new ArrayList(); //Get information about all the rules (StaticNats and StaticNatRules; PFVPN to reapply on domR start) - for (PublicIp ip : publicIps) { + for (PublicIpAddress ip : publicIps) { if (_networkMgr.isProviderSupportServiceInNetwork(guestNetworkId, Service.PortForwarding, provider)) { pfRules.addAll(_pfRulesDao.listForApplication(ip.getId())); } @@ -2046,10 +2046,10 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian } } - protected ArrayList finalizeIpAssocForNetwork(Commands cmds, DomainRouterVO router, Provider provider, + protected void finalizeIpAssocForNetwork(Commands cmds, VirtualRouter router, Provider provider, Long guestNetworkId) { - ArrayList publicIps = getPublicIpsToApply(router, provider, guestNetworkId); + ArrayList publicIps = getPublicIpsToApply(router, provider, guestNetworkId); if (publicIps != null && !publicIps.isEmpty()) { s_logger.debug("Found " + publicIps.size() + " ip(s) to apply as a part of domR " + router + " start."); @@ -2058,10 +2058,9 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian createAssociateIPCommands(router, publicIps, cmds, 0); } } - return publicIps; } - protected ArrayList getPublicIpsToApply(DomainRouterVO router, Provider provider, Long guestNetworkId) { + protected ArrayList getPublicIpsToApply(VirtualRouter router, Provider provider, Long guestNetworkId) { long ownerId = router.getAccountId(); final List userIps = _networkMgr.listPublicIpsAssignedToGuestNtwk(ownerId, guestNetworkId, null); List allPublicIps = new ArrayList(); diff --git a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java index d18ceffe748..426368204cd 100644 --- a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java +++ b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java @@ -712,7 +712,6 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian return super.finalizeCommandsOnStart(cmds, profile); } - //1) FORM SSH CHECK COMMAND NicProfile controlNic = getControlNic(profile); if (controlNic == null) { @@ -737,26 +736,25 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian } } - List publicIps = new ArrayList(1); try { //add VPC router to public networks + List publicIps = new ArrayList(1); for (Nic publicNic : publicNics.keySet()) { Network publicNtwk = publicNics.get(publicNic); IPAddressVO userIp = _ipAddressDao.findByIpAndSourceNetworkId(publicNtwk.getId(), publicNic.getIp4Address()); - PublicIp publicIp = new PublicIp(userIp, _vlanDao.findById(userIp.getVlanId()), - NetUtils.createSequenceBasedMacAddress(userIp.getMacAddress())); - - - if (publicIp.isSourceNat()) { + + if (userIp.isSourceNat()) { + PublicIp publicIp = new PublicIp(userIp, _vlanDao.findById(userIp.getVlanId()), + NetUtils.createSequenceBasedMacAddress(userIp.getMacAddress())); publicIps.add(publicIp); } PlugNicCommand plugNicCmd = new PlugNicCommand(_itMgr.toVmTO(profile), getNicTO(router, publicNic.getNetworkId())); - cmds.addCommand(plugNicCmd); + cmds.addCommand(plugNicCmd); } - // create vpc assoc commands + // create ip assoc for source nat if (!publicIps.isEmpty()) { createVpcAssociateIPCommands(router, publicIps, cmds); } @@ -791,7 +789,7 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian return false; } - //3) REAPPLY FIREWALL RULES + //3) REPROGRAM GUEST NETWORK boolean reprogramGuestNtwks = true; if (profile.getParameter(Param.ReProgramGuestNetworks) != null && (Boolean) profile.getParameter(Param.ReProgramGuestNetworks) == false) { @@ -810,6 +808,7 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian List routerGuestNtwkIds = _routerDao.getRouterNetworks(router.getId()); for (Long guestNetworkId : routerGuestNtwkIds) { if (reprogramGuestNtwks) { + finalizeIpAssocForNetwork(cmds, router, provider, guestNetworkId); finalizeNetworkRulesForNetwork(cmds, router, provider, guestNetworkId); } @@ -926,4 +925,19 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian return result; } + + @Override + protected void finalizeIpAssocForNetwork(Commands cmds, VirtualRouter router, Provider provider, + Long guestNetworkId) { + + ArrayList publicIps = getPublicIpsToApply(router, provider, guestNetworkId); + + if (publicIps != null && !publicIps.isEmpty()) { + s_logger.debug("Found " + publicIps.size() + " ip(s) to apply as a part of domR " + router + " start."); + // Re-apply public ip addresses - should come before PF/LB/VPN + if (_networkMgr.isProviderSupportServiceInNetwork(guestNetworkId, Service.Firewall, provider)) { + createVpcAssociateIPCommands(router, publicIps, cmds); + } + } + } } diff --git a/server/src/com/cloud/network/rules/RulesManagerImpl.java b/server/src/com/cloud/network/rules/RulesManagerImpl.java index d828166da63..ddbeaf3fb34 100755 --- a/server/src/com/cloud/network/rules/RulesManagerImpl.java +++ b/server/src/com/cloud/network/rules/RulesManagerImpl.java @@ -177,6 +177,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager { s_logger.debug("The ip is not associated with the network id="+ networkId + " so assigning"); try { _networkMgr.associateIPToGuestNetwork(ipAddrId, networkId); + ipAddress = _ipAddressDao.findById(ipAddrId); } catch (Exception ex) { s_logger.warn("Failed to associate ip id=" + ipAddrId + " to network id=" + networkId + " as " + "a part of port forwarding rule creation");