etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Correctly associating nat, acl policy sets to edge security profile in VNMC

This commit is contained in:
Koushik Das 2013-04-08 14:42:32 +05:30
parent 9c1e193fca
commit 3422ceefb6
4 changed files with 8 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/network-elements/cisco-vnmc/scripts/network/cisco/associate-nat-policy-set.xml
View File

@ -25,8 +25,6 @@ under the License.
connTimeoutRef=""
descr="%descr%"
dn="%espdn%"
egressAclPsetRef="default-egress"
ingressAclPsetRef="default-ingress"
inspectRef=""
name="%name%"
natPsetRef="%natpolicysetname%"

5
plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnectionImpl.java
View File

@ -548,8 +548,6 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
xml = replaceXmlValue(xml, "descr", "Edge Security Profile for Tenant VDC" + tenantName);
xml = replaceXmlValue(xml, "name", getNameForEdgeDeviceSecurityProfile(tenantName));
xml = replaceXmlValue(xml, "espdn", getDnForTenantVDCEdgeSecurityProfile(tenantName));
xml = replaceXmlValue(xml, "egressref", "default-egress");
xml = replaceXmlValue(xml, "ingressref", "default-ingress");
xml = replaceXmlValue(xml, "natpolicysetname", getNameForNatPolicySet(tenantName));
String response = sendRequest(service, xml);
@ -661,7 +659,8 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
xml = replaceXmlValue(xml, "descr", "Edge Security Profile for Tenant VDC" + tenantName);
xml = replaceXmlValue(xml, "name", getNameForEdgeDeviceSecurityProfile(tenantName));
xml = replaceXmlValue(xml, "espdn", getDnForTenantVDCEdgeSecurityProfile(tenantName));
xml = replaceXmlValue(xml, "egresspolicysetname", getNameForAclPolicySet(tenantName, false));
//xml = replaceXmlValue(xml, "egresspolicysetname", getNameForAclPolicySet(tenantName, false));
xml = replaceXmlValue(xml, "egresspolicysetname", "default-egress");
xml = replaceXmlValue(xml, "ingresspolicysetname", getNameForAclPolicySet(tenantName, true));
xml = replaceXmlValue(xml, "natpolicysetname", getNameForNatPolicySet(tenantName));

8
plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java
View File

@ -356,10 +356,10 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro
}
// configure source NAT
if (!configureSourceNat(vlanId, network.getCidr(), sourceNatIp, ciscoVnmcHost.getId())) {
s_logger.error("Failed to configure source NAT in Cisco VNMC device for network " + network.getName());
return false;
}
//if (!configureSourceNat(vlanId, network.getCidr(), sourceNatIp, ciscoVnmcHost.getId())) {
// s_logger.error("Failed to configure source NAT in Cisco VNMC device for network " + network.getName());
// return false;
//}
// associate Asa 1000v instance with logical edge firewall
if (!associateAsaWithLogicalEdgeFirewall(vlanId, assignedAsa.getManagementIp(), ciscoVnmcHost.getId())) {

4
plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java
View File

@ -494,7 +494,7 @@ public class CiscoVnmcResource implements ServerResource {
}
}
if (!_connection.associateNatPolicySet(tenant)) {
if (!_connection.associateAclPolicySet(tenant)) {
throw new Exception("Failed to associate source NAT policy set with edge security profile in VNMC for guest network with vlan " + vlanId);
}
} catch (Throwable e) {
@ -597,7 +597,7 @@ public class CiscoVnmcResource implements ServerResource {
}
}
if (!_connection.associateNatPolicySet(tenant)) {
if (!_connection.associateAclPolicySet(tenant)) {
throw new Exception("Failed to associate source NAT policy set with edge security profile in VNMC for guest network with vlan " + vlanId);
}
} catch (Throwable e) {