etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

bug 6408: remove security groups/port forwarding service in virtual network case 

status 6408: resolved fixed
This commit is contained in:
kishan 2010-11-01 14:28:03 +05:30
parent 1b88b0eae4
commit 3a0f30a049
30 changed files with 3 additions and 3191 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
client/tomcatconf/commands.properties.in
View File

@ -102,15 +102,6 @@ disassociateIpAddress=com.cloud.api.commands.DisassociateIPAddrCmd;15
listPublicIpAddresses=com.cloud.api.commands.ListPublicIpAddressesCmd;15
#### firewall commands
createPortForwardingServiceRule=com.cloud.api.commands.CreatePortForwardingServiceRuleCmd;15
deletePortForwardingServiceRule=com.cloud.api.commands.DeletePortForwardingServiceRuleCmd;15
listPortForwardingServiceRules=com.cloud.api.commands.ListPortForwardingServiceRulesCmd;15
createPortForwardingService=com.cloud.api.commands.CreatePortForwardingServiceCmd;15
deletePortForwardingService=com.cloud.api.commands.DeletePortForwardingServiceCmd;15
assignPortForwardingService=com.cloud.api.commands.AssignPortForwardingServiceCmd;15
removePortForwardingService=com.cloud.api.commands.RemovePortForwardingServiceCmd;15
listPortForwardingServices=com.cloud.api.commands.ListPortForwardingServicesCmd;15
listPortForwardingServicesByVm=com.cloud.api.commands.ListPortForwardingServicesByVmCmd;15
listPortForwardingRules=com.cloud.api.commands.ListPortForwardingRulesCmd;15
createPortForwardingRule=com.cloud.api.commands.CreateIPForwardingRuleCmd;15
deletePortForwardingRule=com.cloud.api.commands.DeleteIPForwardingRuleCmd;15

2
client/tomcatconf/components.xml.in
View File

@ -63,10 +63,8 @@
<param name="cache.time.to.live">-1</param>
</dao>
<dao name="Firewall Rules" class="com.cloud.network.dao.FirewallRulesDaoImpl"/>
<dao name="Security Group" class="com.cloud.network.dao.SecurityGroupDaoImpl"/>
<dao name="Load Balancer" class="com.cloud.network.dao.LoadBalancerDaoImpl"/>
<dao name="Network Rule Config" class="com.cloud.network.dao.NetworkRuleConfigDaoImpl"/>
<dao name="Security Group Mapping" class="com.cloud.network.dao.SecurityGroupVMMapDaoImpl"/>
<dao name="Load Balancer Mapping" class="com.cloud.network.dao.LoadBalancerVMMapDaoImpl"/>
<dao name="Datacenter IP Addresses" class="com.cloud.dc.dao.DataCenterIpAddressDaoImpl"/>
<dao name="Network Security Group" class="com.cloud.network.security.dao.NetworkGroupDaoImpl"/>

5
core/src/com/cloud/event/EventTypes.java
View File

@ -57,11 +57,6 @@ public class EventTypes {
public static final String EVENT_NET_RULE_DELETE = "NET.RULEDELETE";
public static final String EVENT_NET_RULE_MODIFY = "NET.RULEMODIFY";
// Security Groups
public static final String EVENT_PORT_FORWARDING_SERVICE_APPLY = "PF.SERVICE.APPLY";
public static final String EVENT_PORT_FORWARDING_SERVICE_DELETE = "PF.SERVICE.DELETE";
public static final String EVENT_PORT_FORWARDING_SERVICE_REMOVE = "PF.SERVICE.REMOVE";
// Load Balancers
public static final String EVENT_ASSIGN_TO_LOAD_BALANCER_RULE = "LB.ASSIGN.TO.RULE";
public static final String EVENT_REMOVE_FROM_LOAD_BALANCER_RULE = "LB.REMOVE.FROM.RULE";

68
core/src/com/cloud/network/SecurityGroupVMMapVO.java
View File

@ -1,68 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.network;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
@Entity
@Table(name=("security_group_vm_map"))
public class SecurityGroupVMMapVO {
@Id
@GeneratedValue(strategy=GenerationType.IDENTITY)
@Column(name="id")
private Long id;
@Column(name="security_group_id")
private long securityGroupId;
@Column(name="ip_address")
private String ipAddress;
@Column(name="instance_id")
private long instanceId;
public SecurityGroupVMMapVO() { }
public SecurityGroupVMMapVO(long securityGroupId, String ipAddress, long instanceId) {
this.securityGroupId = securityGroupId;
this.ipAddress = ipAddress;
this.instanceId = instanceId;
}
public Long getId() {
return id;
}
public long getSecurityGroupId() {
return securityGroupId;
}
public String getIpAddress() {
return ipAddress;
}
public long getInstanceId() {
return instanceId;
}
}

90
core/src/com/cloud/network/SecurityGroupVO.java
View File

@ -1,90 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.network;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.PrimaryKeyJoinColumn;
import javax.persistence.SecondaryTable;
import javax.persistence.Table;
import com.cloud.domain.PartOf;
import com.cloud.user.OwnedBy;
@Entity
@Table(name=("security_group"))
@SecondaryTable(name="account",
pkJoinColumns={@PrimaryKeyJoinColumn(name="account_id", referencedColumnName="id")})
public class SecurityGroupVO implements PartOf, OwnedBy {
@Id
@GeneratedValue(strategy=GenerationType.IDENTITY)
@Column(name="id")
private long id;
@Column(name="name")
private String name;
@Column(name="description")
private String description;
@Column(name="domain_id")
private long domainId;
@Column(name="account_id")
private long accountId;
@Column(name="account_name", table="account", insertable=false, updatable=false)
private String accountName = null;
public SecurityGroupVO() {}
public SecurityGroupVO(String name, String description, long domainId, long accountId) {
this.name = name;
this.description = description;
this.domainId = domainId;
this.accountId = accountId;
}
public long getId() {
return id;
}
public String getName() {
return name;
}
public String getDescription() {
return description;
}
public long getDomainId() {
return domainId;
}
public long getAccountId() {
return accountId;
}
public String getAccountName() {
return accountName;
}
}

29
core/src/com/cloud/network/dao/SecurityGroupDao.java
View File

@ -1,29 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.network.dao;
import java.util.List;
import com.cloud.network.SecurityGroupVO;
import com.cloud.utils.db.GenericDao;
public interface SecurityGroupDao extends GenericDao<SecurityGroupVO, Long> {
List<SecurityGroupVO> listByAccountId(long accountId);
boolean isNameInUse(Long accountId, Long domainId, String name);
}

61
core/src/com/cloud/network/dao/SecurityGroupDaoImpl.java
View File

@ -1,61 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.network.dao;
import java.util.List;
import javax.ejb.Local;
import com.cloud.network.SecurityGroupVO;
import com.cloud.utils.db.GenericDaoBase;
import com.cloud.utils.db.SearchBuilder;
import com.cloud.utils.db.SearchCriteria;
@Local(value={SecurityGroupDao.class})
public class SecurityGroupDaoImpl extends GenericDaoBase<SecurityGroupVO, Long> implements SecurityGroupDao {
private SearchBuilder<SecurityGroupVO> AccountIdSearch;
protected SecurityGroupDaoImpl() {
AccountIdSearch = createSearchBuilder();
AccountIdSearch.and("accountId", AccountIdSearch.entity().getAccountId(), SearchCriteria.Op.EQ);
AccountIdSearch.done();
}
@Override
public List<SecurityGroupVO> listByAccountId(long accountId) {
SearchCriteria<SecurityGroupVO> sc = AccountIdSearch.create();
sc.setParameters("accountId", accountId);
return listBy(sc);
}
@Override
public boolean isNameInUse(Long accountId, Long domainId, String name) {
SearchCriteria<SecurityGroupVO> sc = createSearchCriteria();
sc.addAnd("name", SearchCriteria.Op.EQ, name);
if (accountId != null) {
sc.addAnd("accountId", SearchCriteria.Op.EQ, accountId);
} else {
sc.addAnd("domainId", SearchCriteria.Op.EQ, domainId);
sc.addAnd("accountId", SearchCriteria.Op.NULL);
}
List<SecurityGroupVO> securityGroups = listBy(sc);
return ((securityGroups != null) && !securityGroups.isEmpty());
}
}

31
core/src/com/cloud/network/dao/SecurityGroupVMMapDao.java
View File

@ -1,31 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.network.dao;
import java.util.List;
import com.cloud.network.SecurityGroupVMMapVO;
import com.cloud.utils.db.GenericDao;
public interface SecurityGroupVMMapDao extends GenericDao<SecurityGroupVMMapVO, Long> {
List<SecurityGroupVMMapVO> listByIpAndInstanceId(String ipAddress, long instanceId);
List<SecurityGroupVMMapVO> listByInstanceId(long instanceId);
List<SecurityGroupVMMapVO> listByIp(String ipAddress);
List<SecurityGroupVMMapVO> listBySecurityGroup(long securityGroupId);
}

84
core/src/com/cloud/network/dao/SecurityGroupVMMapDaoImpl.java
View File

@ -1,84 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.network.dao;
import java.util.List;
import javax.ejb.Local;
import com.cloud.network.SecurityGroupVMMapVO;
import com.cloud.utils.db.GenericDaoBase;
import com.cloud.utils.db.SearchBuilder;
import com.cloud.utils.db.SearchCriteria;
@Local(value={SecurityGroupVMMapDao.class})
public class SecurityGroupVMMapDaoImpl extends GenericDaoBase<SecurityGroupVMMapVO, Long> implements SecurityGroupVMMapDao {
private SearchBuilder<SecurityGroupVMMapVO> ListByIpAndVmId;
private SearchBuilder<SecurityGroupVMMapVO> ListByVmId;
private SearchBuilder<SecurityGroupVMMapVO> ListByIp;
private SearchBuilder<SecurityGroupVMMapVO> ListBySecurityGroup;
protected SecurityGroupVMMapDaoImpl() {
ListByIpAndVmId = createSearchBuilder();
ListByIpAndVmId.and("ipAddress", ListByIpAndVmId.entity().getIpAddress(), SearchCriteria.Op.EQ);
ListByIpAndVmId.and("instanceId", ListByIpAndVmId.entity().getInstanceId(), SearchCriteria.Op.EQ);
ListByIpAndVmId.done();
ListBySecurityGroup = createSearchBuilder();
ListBySecurityGroup.and("securityGroupId", ListBySecurityGroup.entity().getSecurityGroupId(), SearchCriteria.Op.EQ);
ListBySecurityGroup.done();
ListByIp = createSearchBuilder();
ListByIp.and("ipAddress", ListByIp.entity().getIpAddress(), SearchCriteria.Op.EQ);
ListByIp.done();
ListByVmId = createSearchBuilder();
ListByVmId.and("instanceId", ListByVmId.entity().getInstanceId(), SearchCriteria.Op.EQ);
ListByVmId.done();
}
public List<SecurityGroupVMMapVO> listByIpAndInstanceId(String ipAddress, long vmId) {
SearchCriteria<SecurityGroupVMMapVO> sc = ListByIpAndVmId.create();
sc.setParameters("ipAddress", ipAddress);
sc.setParameters("instanceId", vmId);
return listBy(sc);
}
@Override
public List<SecurityGroupVMMapVO> listBySecurityGroup(long securityGroupId) {
SearchCriteria<SecurityGroupVMMapVO> sc = ListBySecurityGroup.create();
sc.setParameters("securityGroupId", securityGroupId);
return listBy(sc);
}
@Override
public List<SecurityGroupVMMapVO> listByIp(String ipAddress) {
SearchCriteria<SecurityGroupVMMapVO> sc = ListByIp.create();
sc.setParameters("ipAddress", ipAddress);
return listBy(sc);
}
@Override
public List<SecurityGroupVMMapVO> listByInstanceId(long vmId) {
SearchCriteria<SecurityGroupVMMapVO> sc = ListByVmId.create();
sc.setParameters("instanceId", vmId);
return listBy(sc);
}
}

8
server/src/com/cloud/api/ApiDBUtils.java
View File

@ -27,11 +27,9 @@ import com.cloud.hypervisor.Hypervisor.HypervisorType;
import com.cloud.network.IPAddressVO;
import com.cloud.network.LoadBalancerVO;
import com.cloud.network.NetworkRuleConfigVO;
import com.cloud.network.SecurityGroupVO;
import com.cloud.network.dao.IPAddressDao;
import com.cloud.network.dao.LoadBalancerDao;
import com.cloud.network.dao.NetworkRuleConfigDao;
import com.cloud.network.dao.SecurityGroupDao;
import com.cloud.network.security.NetworkGroupManager;
import com.cloud.offering.ServiceOffering;
import com.cloud.server.Criteria;
@ -106,7 +104,6 @@ public class ApiDBUtils {
private static LoadBalancerDao _loadBalancerDao;
private static NetworkRuleConfigDao _networkRuleConfigDao;
private static HostPodDao _podDao;
private static SecurityGroupDao _securityGroupDao;
private static ServiceOfferingDao _serviceOfferingDao;
private static SnapshotDao _snapshotDao;
private static StoragePoolDao _storagePoolDao;
@ -145,7 +142,6 @@ public class ApiDBUtils {
_loadBalancerDao = locator.getDao(LoadBalancerDao.class);
_networkRuleConfigDao = locator.getDao(NetworkRuleConfigDao.class);
_podDao = locator.getDao(HostPodDao.class);
_securityGroupDao = locator.getDao(SecurityGroupDao.class);
_serviceOfferingDao = locator.getDao(ServiceOfferingDao.class);
_snapshotDao = locator.getDao(SnapshotDao.class);
_storagePoolDao = locator.getDao(StoragePoolDao.class);
@ -339,10 +335,6 @@ public class ApiDBUtils {
return _podDao.findById(podId);
}
public static SecurityGroupVO findPortForwardingServiceById(Long securityGroupId) {
return _securityGroupDao.findById(securityGroupId);
}
public static VolumeVO findRootVolume(long vmId) {
List<VolumeVO> volumes = _volumeDao.findByInstanceAndType(vmId, VolumeType.ROOT);
if (volumes != null && volumes.size() == 1) {

115
server/src/com/cloud/api/commands/AssignPortForwardingServiceCmd.java
View File

@ -1,115 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.api.commands;
import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
import com.cloud.api.ApiDBUtils;
import com.cloud.api.BaseAsyncCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.response.SuccessResponse;
import com.cloud.event.EventTypes;
import com.cloud.network.SecurityGroupVO;
import com.cloud.server.ManagementServer;
import com.cloud.user.Account;
@Implementation(method="assignSecurityGroup", manager=ManagementServer.class, description="Assigns a single or a list of port forwarding services to a virtual machine. If a list of port forwarding services is given, it will overwrite the previous assignment of port forwarding services. For example, on the first call, if you assigned port forwarding service A to virtual machine 1 and on the next call, you assign port forwarding services B and C to virtual machine 1, the ultimate result of these two commands would be that virtual machine 1 would only have port forwarding services B and C assigned to it. Individual port forwarding services can be assigned to the virtual machine by specifying a single port forwarding service group.")
public class AssignPortForwardingServiceCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(AssignPortForwardingServiceCmd.class.getName());
private static final String s_name = "assignportforwardingserviceresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="the ID of the port forwarding service to assign to the virtual machine/public IP")
private Long id;
@Parameter(name=ApiConstants.IDS, type=CommandType.LIST, collectionType=CommandType.LONG, description="a comma delimited list of port forwarding service IDs to assign to the virtual machine/public IP")
private List<Long> ids;
@Parameter(name=ApiConstants.PUBLIC_IP, type=CommandType.STRING, required=true, description="the public IP address to associate to the port forwarding service")
private String publicIp;
@Parameter(name=ApiConstants.VIRTUAL_MACHINE_ID, type=CommandType.LONG, required=true, description="the ID of the virtual machine to assign to the port forwarding service")
private Long virtualMachineId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public Long getId() {
return id;
}
public List<Long> getIds() {
return ids;
}
public String getPublicIp() {
return publicIp;
}
public Long getVirtualMachineId() {
return virtualMachineId;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@Override
public String getName() {
return s_name;
}
@Override
public long getAccountId() {
SecurityGroupVO sg = ApiDBUtils.findPortForwardingServiceById(getId());
if (sg == null) {
return Account.ACCOUNT_ID_SYSTEM; // bad id given, parent this command to SYSTEM so ERROR events are tracked
}
return sg.getAccountId();
}
@Override
public String getEventType() {
return EventTypes.EVENT_PORT_FORWARDING_SERVICE_APPLY;
}
@Override
public String getEventDescription() {
return "applying port forwarding service for vm with id: " + getVirtualMachineId();
}
@Override @SuppressWarnings("unchecked")
public SuccessResponse getResponse() {
Boolean success = (Boolean)getResponseObject();
SuccessResponse response = new SuccessResponse();
response.setSuccess(success);
response.setResponseName(getName());
return response;
}
}

99
server/src/com/cloud/api/commands/CreatePortForwardingServiceCmd.java
View File

@ -1,99 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.api.commands;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
import com.cloud.api.ApiDBUtils;
import com.cloud.api.BaseCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.response.SecurityGroupResponse;
import com.cloud.network.SecurityGroupVO;
@Implementation(method="createPortForwardingService", description="Creates a port forwarding service")
public class CreatePortForwardingServiceCmd extends BaseCmd {
public static final Logger s_logger = Logger.getLogger(CreatePortForwardingServiceCmd.class.getName());
private static final String s_name = "createportforwardingserviceresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account associated with the port forwarding service. Must be used with the domainId parameter.")
private String accountName;
@Parameter(name=ApiConstants.DESCRIPTION, type=CommandType.STRING, description="an optional user generated description for the port forwarding service")
private String description;
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID associated with the port forwarding service. If used with the account parameter, creates a new port forwarding service for the account in the specified domain ID.")
private Long domainId;
@Parameter(name=ApiConstants.NAME, type=CommandType.STRING, required=true, description="name of the port forwarding service")
private String portForwardingServiceName;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public String getAccountName() {
return accountName;
}
public String getDescription() {
return description;
}
public Long getDomainId() {
return domainId;
}
public String getPortForwardingServiceName() {
return portForwardingServiceName;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@Override
public String getName() {
return s_name;
}
@Override @SuppressWarnings("unchecked")
public SecurityGroupResponse getResponse() {
SecurityGroupVO group = (SecurityGroupVO)getResponseObject();
SecurityGroupResponse response = new SecurityGroupResponse();
response.setId(group.getId());
response.setName(group.getName());
response.setDescription(group.getDescription());
response.setAccountName(group.getAccountName());
response.setDomainId(group.getDomainId());
response.setDomainName(ApiDBUtils.findDomainById(group.getDomainId()).getName());
response.setResponseName(getName());
return response;
}
}

127
server/src/com/cloud/api/commands/CreatePortForwardingServiceRuleCmd.java
View File

@ -1,127 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.api.commands;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
import com.cloud.api.ApiDBUtils;
import com.cloud.api.BaseAsyncCreateCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.response.PortForwardingServiceRuleResponse;
import com.cloud.event.EventTypes;
import com.cloud.network.NetworkRuleConfigVO;
import com.cloud.network.SecurityGroupVO;
import com.cloud.user.Account;
@Implementation(createMethod="createPortForwardingServiceRule", method="applyPortForwardingServiceRule", description="Creates a port forwarding service rule")
public class CreatePortForwardingServiceRuleCmd extends BaseAsyncCreateCmd {
public static final Logger s_logger = Logger.getLogger(CreatePortForwardingServiceRuleCmd.class.getName());
private static final String s_name = "createportforwardingserviceruleresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.PORT_FORWARDING_SERVICE_ID, type=CommandType.LONG, required=true, description="the ID of the port forwarding service the rule is being created for")
private Long portForwardingServiceId;
@Parameter(name=ApiConstants.PRIVATE_PORT, type=CommandType.STRING, required=true, description="the port of the private ip address/virtual machine to forward traffic to")
private String privatePort;
@Parameter(name=ApiConstants.PROTOCOL, type=CommandType.STRING, description="TCP is default. UDP is the other supported protocol")
private String protocol;
@Parameter(name=ApiConstants.PUBLIC_PORT, type=CommandType.STRING, required=true, description="the port of the public ip address to forward traffic from")
private String publicPort;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public Long getPortForwardingServiceId() {
return portForwardingServiceId;
}
public String getPrivatePort() {
return privatePort;
}
public String getProtocol() {
return protocol;
}
public String getPublicPort() {
return publicPort;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@Override
public String getName() {
return s_name;
}
public static String getResultObjectName() {
return "portforwardingservicerule";
}
@Override
public long getAccountId() {
SecurityGroupVO portForwardingService = ApiDBUtils.findPortForwardingServiceById(getPortForwardingServiceId());
if (portForwardingService != null) {
return portForwardingService.getAccountId();
}
// bad id given, parent this command to SYSTEM so ERROR events are tracked
return Account.ACCOUNT_ID_SYSTEM;
}
@Override
public String getEventType() {
return EventTypes.EVENT_NET_RULE_ADD; // FIXME: Add a new event?
}
@Override
public String getEventDescription() {
return "creating port forwarding rule on service: " + getPortForwardingServiceId() + ", public port: " + getPublicPort() +
", priv port: " + getPrivatePort() + ", protocol: " + ((getProtocol() == null) ? "TCP" : getProtocol());
}
@Override @SuppressWarnings("unchecked")
public PortForwardingServiceRuleResponse getResponse() {
NetworkRuleConfigVO netRule = (NetworkRuleConfigVO)getResponseObject();
PortForwardingServiceRuleResponse response = new PortForwardingServiceRuleResponse();
response.setRuleId(netRule.getId());
response.setPortForwardingServiceId(netRule.getSecurityGroupId());
response.setPrivatePort(netRule.getPrivatePort());
response.setProtocol(netRule.getProtocol());
response.setPublicPort(netRule.getPublicPort());
response.setResponseName(getName());
return response;
}
}

100
server/src/com/cloud/api/commands/DeletePortForwardingServiceCmd.java
View File

@ -1,100 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.api.commands;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
import com.cloud.api.ApiDBUtils;
import com.cloud.api.BaseAsyncCmd;
import com.cloud.api.BaseCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.ServerApiException;
import com.cloud.api.response.SuccessResponse;
import com.cloud.event.EventTypes;
import com.cloud.network.SecurityGroupVO;
import com.cloud.server.ManagementServer;
import com.cloud.user.Account;
@Implementation(method="deleteSecurityGroup", manager=ManagementServer.class, description="Deletes a port forwarding service")
public class DeletePortForwardingServiceCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(DeletePortForwardingServiceCmd.class.getName());
private static final String s_name = "deleteportforwardingserviceresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, required=true, description="ID of the port forwarding service")
private Long id;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public Long getId() {
return id;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@Override
public String getName() {
return s_name;
}
@Override
public long getAccountId() {
SecurityGroupVO sg = ApiDBUtils.findPortForwardingServiceById(getId());
if (sg != null) {
return sg.getAccountId();
}
return Account.ACCOUNT_ID_SYSTEM; // no account info given, parent this command to SYSTEM so ERROR events are tracked
}
@Override
public String getEventType() {
return EventTypes.EVENT_PORT_FORWARDING_SERVICE_DELETE;
}
@Override
public String getEventDescription() {
return "deleting port forwarding service: " + getId();
}
@Override @SuppressWarnings("unchecked")
public SuccessResponse getResponse() {
SuccessResponse response = new SuccessResponse();
Boolean responseObject = (Boolean)getResponseObject();
if (responseObject != null) {
response.setSuccess(responseObject);
} else {
throw new ServerApiException(BaseCmd.INTERNAL_ERROR, "Failed to delete port forwarding service");
}
response.setResponseName(getName());
return response;
}
}

94
server/src/com/cloud/api/commands/DeletePortForwardingServiceRuleCmd.java
View File

@ -1,94 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.api.commands;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
import com.cloud.api.ApiDBUtils;
import com.cloud.api.BaseAsyncCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.response.SuccessResponse;
import com.cloud.event.EventTypes;
import com.cloud.network.NetworkManager;
import com.cloud.network.NetworkRuleConfigVO;
import com.cloud.network.SecurityGroupVO;
import com.cloud.user.Account;
@Implementation(method="deleteNetworkRuleConfig", manager=NetworkManager.class, description="Deletes a port forwarding service rule")
public class DeletePortForwardingServiceRuleCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(DeletePortForwardingServiceRuleCmd.class.getName());
private static final String s_name = "deleteportforwardingserviceruleresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, required=true, description="The ID of the port forwarding service rule")
private Long id;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public Long getId() {
return id;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@Override
public String getName() {
return s_name;
}
@Override
public long getAccountId() {
NetworkRuleConfigVO netRule = ApiDBUtils.findNetworkRuleById(getId());
if (netRule != null) {
SecurityGroupVO sg = ApiDBUtils.findPortForwardingServiceById(netRule.getSecurityGroupId());
return sg.getAccountId();
}
return Account.ACCOUNT_ID_SYSTEM; // no account info given, parent this command to SYSTEM so ERROR events are tracked
}
@Override
public String getEventType() {
return EventTypes.EVENT_NET_RULE_DELETE; // FIXME: add a new event type for this?
}
@Override
public String getEventDescription() {
return "deleting port forwarding service rule: " + getId();
}
@Override @SuppressWarnings("unchecked")
public SuccessResponse getResponse() {
Boolean success = (Boolean)getResponseObject();
SuccessResponse response = new SuccessResponse();
response.setSuccess(success);
response.setResponseName(getName());
return response;
}
}

114
server/src/com/cloud/api/commands/ListPortForwardingServiceRulesCmd.java
View File

@ -1,114 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.api.commands;
import java.util.ArrayList;
import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
import com.cloud.api.ApiDBUtils;
import com.cloud.api.BaseListCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.response.ListResponse;
import com.cloud.api.response.PortForwardingServiceRuleResponse;
import com.cloud.async.AsyncJobVO;
import com.cloud.network.NetworkRuleConfigVO;
@Implementation(method="searchForNetworkRules", description="List port forwarding service rules")
public class ListPortForwardingServiceRulesCmd extends BaseListCmd {
public static final Logger s_logger = Logger.getLogger(ListPortForwardingServiceRulesCmd.class.getName());
private static final String s_name = "listportforwardingservicerulesresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account associated with the port forwarding service rule. Must be used with the domainId parameter.")
private String accountName;
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domainId associated with the port forwarding service rule. If used with the account parameter, returns a list of port forwarding service rules for an account for the specified domain ID.")
private Long domainId;
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="the ID of the port forwarding service rule")
private Long id;
@Parameter(name=ApiConstants.PORT_FORWARDING_SERVICE_ID, type=CommandType.LONG, description="the ID of the port forwarding service the rule is being created for")
private Long portForwardingServiceId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public String getAccountName() {
return accountName;
}
public Long getDomainId() {
return domainId;
}
public Long getId() {
return id;
}
public Long getPortForwardingServiceId() {
return portForwardingServiceId;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@Override
public String getName() {
return s_name;
}
@Override @SuppressWarnings("unchecked")
public ListResponse<PortForwardingServiceRuleResponse> getResponse() {
List<NetworkRuleConfigVO> portForwardingServiceRules = (List<NetworkRuleConfigVO>)getResponseObject();
ListResponse<PortForwardingServiceRuleResponse> response = new ListResponse<PortForwardingServiceRuleResponse>();
List<PortForwardingServiceRuleResponse> ruleResponses = new ArrayList<PortForwardingServiceRuleResponse>();
for (NetworkRuleConfigVO rule : portForwardingServiceRules) {
PortForwardingServiceRuleResponse ruleResponse = new PortForwardingServiceRuleResponse();
ruleResponse.setRuleId(rule.getId());
ruleResponse.setPortForwardingServiceId(rule.getSecurityGroupId());
ruleResponse.setPublicPort(rule.getPublicPort());
ruleResponse.setPrivatePort(rule.getPrivatePort());
ruleResponse.setProtocol(rule.getProtocol());
AsyncJobVO asyncJob = ApiDBUtils.findInstancePendingAsyncJob("network_rule_config", rule.getId());
if(asyncJob != null) {
ruleResponse.setJobId(asyncJob.getId());
ruleResponse.setJobStatus(asyncJob.getStatus());
}
ruleResponse.setResponseName("portforwardingservicerule");
ruleResponses.add(ruleResponse);
}
response.setResponses(ruleResponses);
response.setResponseName(getName());
return response;
}
}

120
server/src/com/cloud/api/commands/ListPortForwardingServicesByVmCmd.java
View File

@ -1,120 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.api.commands;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
import com.cloud.api.ApiDBUtils;
import com.cloud.api.BaseListCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.response.ListResponse;
import com.cloud.api.response.SecurityGroupResponse;
import com.cloud.network.SecurityGroupVO;
import com.cloud.user.Account;
@Implementation(method="searchForSecurityGroupsByVM", description="Lists all port forwarding services applied to a virtual machine given the public ip address")
public class ListPortForwardingServicesByVmCmd extends BaseListCmd {
public static final Logger s_logger = Logger.getLogger(ListPortForwardingServicesByVmCmd.class.getName());
private static final String s_name = "listportforwardingservicesbyvmresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account associated with the port forwarding services. Must be used with the domainId parameter.")
private String accountName;
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="the domain ID associated with the port forwarding services. If used with the account parameter, returns a list of all port forwarding services for an account in the specified domain ID.")
private Long domainId;
@Parameter(name=ApiConstants.IP_ADDRESS, type=CommandType.STRING, description="public ip address")
private String ipAddress;
@Parameter(name=ApiConstants.VIRTUAL_MACHINE_ID, type=CommandType.LONG, description="ID of the virtual machine")
private Long virtualMachineId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public String getAccountName() {
return accountName;
}
public Long getDomainId() {
return domainId;
}
public String getIpAddress() {
return ipAddress;
}
public Long getVirtualMachineId() {
return virtualMachineId;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@Override
public String getName() {
return s_name;
}
@Override @SuppressWarnings("unchecked")
public ListResponse<SecurityGroupResponse> getResponse() {
Map<String, List<SecurityGroupVO>> portForwardingServices = (Map<String, List<SecurityGroupVO>>)getResponseObject();
ListResponse<SecurityGroupResponse> response = new ListResponse<SecurityGroupResponse>();
List<SecurityGroupResponse> pfResponses = new ArrayList<SecurityGroupResponse>();
for (String addr : portForwardingServices.keySet()) {
List<SecurityGroupVO> appliedGroup = portForwardingServices.get(addr);
for (SecurityGroupVO group : appliedGroup) {
SecurityGroupResponse pfsData = new SecurityGroupResponse();
pfsData.setId(group.getId());
pfsData.setName(group.getName());
pfsData.setDescription(group.getDescription());
pfsData.setIpAddress(addr);
Account accountTemp = ApiDBUtils.findAccountById(group.getAccountId());
if (accountTemp != null) {
pfsData.setAccountName(accountTemp.getAccountName());
pfsData.setDomainId(accountTemp.getDomainId());
pfsData.setDomainName(ApiDBUtils.findDomainById(accountTemp.getDomainId()).getName());
}
pfsData.setResponseName("portforwardingservice");
pfResponses.add(pfsData);
}
}
response.setResponses(pfResponses);
response.setResponseName(getName());
return response;
}
}

116
server/src/com/cloud/api/commands/ListPortForwardingServicesCmd.java
View File

@ -1,116 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.api.commands;
import java.util.ArrayList;
import java.util.List;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
import com.cloud.api.ApiDBUtils;
import com.cloud.api.BaseListCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.response.ListResponse;
import com.cloud.api.response.SecurityGroupResponse;
import com.cloud.network.SecurityGroupVO;
import com.cloud.user.Account;
@Implementation(method="searchForSecurityGroups", description="Lists all available port forwarding services")
public class ListPortForwardingServicesCmd extends BaseListCmd {
public static final Logger s_logger = Logger.getLogger(ListPortForwardingServicesCmd.class.getName());
private static final String s_name = "listportforwardingservicesresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="lists all available port forwarding services for the account. Must be used with the domainId parameter.")
private String accountName;
@Parameter(name=ApiConstants.DOMAIN_ID, type=CommandType.LONG, description="lists all available port forwarding services for the domain ID. If used with the account parameter, lists all available port forwarding services for the account in the specified domain ID.")
private Long domainId;
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, description="the ID of the port forwarding service")
private Long id;
@Parameter(name=ApiConstants.NAME, type=CommandType.STRING, description="the name of the port forwarding service")
private String portForwardingServiceName;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public String getAccountName() {
return accountName;
}
public Long getDomainId() {
return domainId;
}
public Long getId() {
return id;
}
public String getPortForwardingServiceName() {
return portForwardingServiceName;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@Override
public String getName() {
return s_name;
}
@Override @SuppressWarnings("unchecked")
public ListResponse<SecurityGroupResponse> getResponse() {
List<SecurityGroupVO> groups = (List<SecurityGroupVO>)getResponseObject();
ListResponse<SecurityGroupResponse> response = new ListResponse<SecurityGroupResponse>();
List<SecurityGroupResponse> pfsResponses = new ArrayList<SecurityGroupResponse>();
for (SecurityGroupVO group : groups) {
SecurityGroupResponse pfsData = new SecurityGroupResponse();
pfsData.setId(group.getId());
pfsData.setName(group.getName());
pfsData.setDescription(group.getDescription());
Account accountTemp = ApiDBUtils.findAccountById(group.getAccountId());
if (accountTemp != null) {
pfsData.setAccountName(accountTemp.getAccountName());
pfsData.setDomainId(accountTemp.getDomainId());
pfsData.setDomainName(ApiDBUtils.findDomainById(accountTemp.getDomainId()).getName());
}
pfsData.setResponseName("portforwardingservice");
pfsResponses.add(pfsData);
}
response.setResponses(pfsResponses);
response.setResponseName(getName());
return response;
}
}

105
server/src/com/cloud/api/commands/RemovePortForwardingServiceCmd.java
View File

@ -1,105 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.api.commands;
import org.apache.log4j.Logger;
import com.cloud.api.ApiConstants;
import com.cloud.api.ApiDBUtils;
import com.cloud.api.BaseAsyncCmd;
import com.cloud.api.Implementation;
import com.cloud.api.Parameter;
import com.cloud.api.response.SuccessResponse;
import com.cloud.event.EventTypes;
import com.cloud.network.SecurityGroupVO;
import com.cloud.server.ManagementServer;
import com.cloud.user.Account;
@Implementation(method="removeSecurityGroup", manager=ManagementServer.class, description="Removes a port forwarding service from a virtual machine")
public class RemovePortForwardingServiceCmd extends BaseAsyncCmd {
public static final Logger s_logger = Logger.getLogger(RemovePortForwardingServiceCmd.class.getName());
private static final String s_name = "removeportforwardingserviceresponse";
/////////////////////////////////////////////////////
//////////////// API parameters /////////////////////
/////////////////////////////////////////////////////
@Parameter(name=ApiConstants.ID, type=CommandType.LONG, required=true, description="the ID of the port forwarding service to remove from the virtual machine/publicIp")
private Long id;
@Parameter(name=ApiConstants.PUBLIC_IP, type=CommandType.STRING, required=true, description="the public IP address associated with the port forwarding service")
private String publicIp;
@Parameter(name=ApiConstants.VIRTUAL_MACHINE_ID, type=CommandType.LONG, required=true, description="the virtual machine currently assigned to the port forwarding service")
private Long virtualMachineId;
/////////////////////////////////////////////////////
/////////////////// Accessors ///////////////////////
/////////////////////////////////////////////////////
public Long getId() {
return id;
}
public String getPublicIp() {
return publicIp;
}
public Long getVirtualMachineId() {
return virtualMachineId;
}
/////////////////////////////////////////////////////
/////////////// API Implementation///////////////////
/////////////////////////////////////////////////////
@Override
public String getName() {
return s_name;
}
@Override
public long getAccountId() {
SecurityGroupVO sg = ApiDBUtils.findPortForwardingServiceById(getId());
if (sg != null) {
return sg.getAccountId();
}
return Account.ACCOUNT_ID_SYSTEM; // no account info given, parent this command to SYSTEM so ERROR events are tracked
}
@Override
public String getEventType() {
return EventTypes.EVENT_PORT_FORWARDING_SERVICE_REMOVE;
}
@Override
public String getEventDescription() {
return "removing port forwarding service: " + getId() + " from vm: " + getVirtualMachineId() + " on IP: " + getPublicIp();
}
@Override @SuppressWarnings("unchecked")
public SuccessResponse getResponse() {
Boolean success = (Boolean)getResponseObject();
SuccessResponse response = new SuccessResponse();
response.setSuccess(success);
response.setResponseName(getName());
return response;
}
}

101
server/src/com/cloud/api/response/SecurityGroupResponse.java
View File

@ -1,101 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.api.response;
import com.cloud.serializer.Param;
import com.google.gson.annotations.SerializedName;
public class SecurityGroupResponse extends BaseResponse {
@SerializedName("id") @Param(description="the ID of the security group")
private Long id;
@SerializedName("name") @Param(description="the name of the security group")
private String name;
@SerializedName("description") @Param(description="the description of the security group")
private String description;
@SerializedName("account") @Param(description="the account owning the securtiy group")
private String accountName;
@SerializedName("domainid") @Param(description="the domain ID of the security group")
private Long domainId;
@SerializedName("domain") @Param(description="the domain name of the secruity group")
private String domainName;
//FIXME - add description
@SerializedName("ipaddress")
private String ipAddress;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getDescription() {
return description;
}
public void setDescription(String description) {
this.description = description;
}
public String getAccountName() {
return accountName;
}
public void setAccountName(String accountName) {
this.accountName = accountName;
}
public Long getDomainId() {
return domainId;
}
public void setDomainId(Long domainId) {
this.domainId = domainId;
}
public String getDomainName() {
return domainName;
}
public void setDomainName(String domainName) {
this.domainName = domainName;
}
public String getIpAddress() {
return ipAddress;
}
public void setIpAddress(String ipAddress) {
this.ipAddress = ipAddress;
}
}

108
server/src/com/cloud/async/executor/AssignSecurityGroupExecutor.java
View File

@ -1,108 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.async.executor;
import org.apache.log4j.Logger;
import com.cloud.api.BaseCmd;
import com.cloud.async.AsyncJobManager;
import com.cloud.async.AsyncJobResult;
import com.cloud.async.AsyncJobVO;
import com.cloud.async.BaseAsyncJobExecutor;
import com.cloud.exception.InternalErrorException;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.NetworkRuleConflictException;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.serializer.GsonHelper;
import com.cloud.server.ManagementServer;
import com.cloud.vm.DomainRouterVO;
import com.cloud.vm.UserVmVO;
import com.cloud.vm.dao.DomainRouterDao;
import com.cloud.vm.dao.UserVmDao;
import com.google.gson.Gson;
public class AssignSecurityGroupExecutor extends BaseAsyncJobExecutor {
public static final Logger s_logger = Logger.getLogger(AssignSecurityGroupExecutor.class.getName());
public boolean execute() {
Gson gson = GsonHelper.getBuilder().create();
AsyncJobManager asyncMgr = getAsyncJobMgr();
AsyncJobVO job = getJob();
ManagementServer managementServer = asyncMgr.getExecutorContext().getManagementServer();
SecurityGroupParam param = gson.fromJson(job.getCmdInfo(), SecurityGroupParam.class);
/*
if(getSyncSource() == null) {
DomainRouterVO router = getRouterSyncSource(param);
if(router == null) {
asyncMgr.completeAsyncJob(getJob().getId(), AsyncJobResult.STATUS_FAILED,
BaseCmd.NET_INVALID_PARAM_ERROR, "Unable to find router for user vm " + param.getInstanceId() + " when assigning security group");
} else {
asyncMgr.syncAsyncJobExecution(job.getId(), "Router", router.getId());
}
return true;
} else {
try {
managementServer.assignSecurityGroup(param.getUserId(), param.getSecurityGroupId(), param.getSecurityGroupIdList(), param.getPublicIp(), param.getInstanceId(), param.getEventId());
asyncMgr.completeAsyncJob(getJob().getId(), AsyncJobResult.STATUS_SUCCEEDED, 0,
"success");
} catch (PermissionDeniedException e) {
if(s_logger.isDebugEnabled())
s_logger.debug("Unable to assign security group : " + e.getMessage());
asyncMgr.completeAsyncJob(getJob().getId(), AsyncJobResult.STATUS_FAILED, BaseCmd.PARAM_ERROR,
e.getMessage());
} catch (NetworkRuleConflictException e) {
if(s_logger.isDebugEnabled())
s_logger.debug("Unable to assign security group : " + e.getMessage());
asyncMgr.completeAsyncJob(getJob().getId(), AsyncJobResult.STATUS_FAILED, BaseCmd.NET_CONFLICT_IPFW_RULE_ERROR,
e.getMessage());
} catch (InvalidParameterValueException e) {
if(s_logger.isDebugEnabled())
s_logger.debug("Unable to assign security group : " + e.getMessage());
asyncMgr.completeAsyncJob(getJob().getId(), AsyncJobResult.STATUS_FAILED, BaseCmd.PARAM_ERROR,
e.getMessage());
} catch (InternalErrorException e) {
if(s_logger.isDebugEnabled())
s_logger.debug("Unable to assign security group : " + e.getMessage());
asyncMgr.completeAsyncJob(getJob().getId(), AsyncJobResult.STATUS_FAILED, BaseCmd.INTERNAL_ERROR,
e.getMessage());
} catch(Exception e) {
s_logger.warn("Unable to assign security group : " + e.getMessage(), e);
asyncMgr.completeAsyncJob(getJob().getId(), AsyncJobResult.STATUS_FAILED, BaseCmd.INTERNAL_ERROR,
e.getMessage());
}
}
*/
return true;
}
private DomainRouterVO getRouterSyncSource(SecurityGroupParam param) {
UserVmDao userVmDao = getAsyncJobMgr().getExecutorContext().getVmDao();
DomainRouterDao routerDao = getAsyncJobMgr().getExecutorContext().getRouterDao();
UserVmVO userVm = userVmDao.findById(param.getInstanceId());
if(userVm == null)
return null;
if (userVm.getDomainRouterId() == null)
return null;
else
return routerDao.findById(userVm.getDomainRouterId());
}
}

53
server/src/com/cloud/async/executor/DeleteSecurityGroupExecutor.java
View File

@ -1,53 +0,0 @@
package com.cloud.async.executor;
import org.apache.log4j.Logger;
import com.cloud.api.BaseCmd;
import com.cloud.async.AsyncJobManager;
import com.cloud.async.AsyncJobResult;
import com.cloud.async.AsyncJobVO;
import com.cloud.async.BaseAsyncJobExecutor;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.network.SecurityGroupVO;
import com.cloud.serializer.GsonHelper;
import com.cloud.server.ManagementServer;
import com.google.gson.Gson;
public class DeleteSecurityGroupExecutor extends BaseAsyncJobExecutor {
public static final Logger s_logger = Logger.getLogger(DeleteSecurityGroupExecutor.class.getName());
@Override
public boolean execute() {
Gson gson = GsonHelper.getBuilder().create();
AsyncJobManager asyncMgr = getAsyncJobMgr();
AsyncJobVO job = getJob();
ManagementServer managementServer = asyncMgr.getExecutorContext().getManagementServer();
SecurityGroupParam param = gson.fromJson(job.getCmdInfo(), SecurityGroupParam.class);
/*
if(getSyncSource() == null) {
SecurityGroupVO securityGroup = managementServer.findSecurityGroupById(param.getSecurityGroupId());
if(securityGroup == null) {
asyncMgr.completeAsyncJob(getJob().getId(), AsyncJobResult.STATUS_FAILED,
BaseCmd.NET_INVALID_PARAM_ERROR, "Unable to find security group " + param.getSecurityGroupId() + ", failed to delete security group");
} else {
asyncMgr.syncAsyncJobExecution(job.getId(), "SecurityGroup", securityGroup.getId());
}
return true;
} else {
try {
// managementServer.deleteSecurityGroup(param.getUserId(), param.getSecurityGroupId(), param.getEventId());
asyncMgr.completeAsyncJob(getJob().getId(), AsyncJobResult.STATUS_SUCCEEDED, 0, "success");
// } catch (PermissionDeniedException e) {
// if(s_logger.isDebugEnabled())
// s_logger.debug("Unable to remove security group: " + e.getMessage());
// asyncMgr.completeAsyncJob(getJob().getId(), AsyncJobResult.STATUS_FAILED, BaseCmd.PARAM_ERROR, e.getMessage());
} catch(Exception e) {
s_logger.warn("Unable to remove security group : " + e.getMessage(), e);
asyncMgr.completeAsyncJob(getJob().getId(), AsyncJobResult.STATUS_FAILED, BaseCmd.PARAM_ERROR, e.getMessage());
}
}
*/
return true;
}
}

91
server/src/com/cloud/async/executor/RemoveSecurityGroupExecutor.java
View File

@ -1,91 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.async.executor;
import org.apache.log4j.Logger;
import com.cloud.api.BaseCmd;
import com.cloud.async.AsyncJobManager;
import com.cloud.async.AsyncJobResult;
import com.cloud.async.AsyncJobVO;
import com.cloud.async.BaseAsyncJobExecutor;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.serializer.GsonHelper;
import com.cloud.server.ManagementServer;
import com.cloud.vm.DomainRouterVO;
import com.cloud.vm.UserVmVO;
import com.cloud.vm.dao.DomainRouterDao;
import com.cloud.vm.dao.UserVmDao;
import com.google.gson.Gson;
public class RemoveSecurityGroupExecutor extends BaseAsyncJobExecutor {
public static final Logger s_logger = Logger.getLogger(RemoveSecurityGroupExecutor.class.getName());
@Override
public boolean execute() {
Gson gson = GsonHelper.getBuilder().create();
AsyncJobManager asyncMgr = getAsyncJobMgr();
AsyncJobVO job = getJob();
ManagementServer managementServer = asyncMgr.getExecutorContext().getManagementServer();
SecurityGroupParam param = gson.fromJson(job.getCmdInfo(), SecurityGroupParam.class);
if(getSyncSource() == null) {
DomainRouterVO router = getRouterSyncSource(param);
if(router == null) {
asyncMgr.completeAsyncJob(getJob().getId(), AsyncJobResult.STATUS_FAILED,
BaseCmd.NET_INVALID_PARAM_ERROR, "Unable to find router for user vm " + param.getInstanceId() + " when removing security group");
} else {
asyncMgr.syncAsyncJobExecution(job, "Router", router.getId());
}
return true;
} else {
try {
managementServer.removeSecurityGroup(param.getUserId(), param.getSecurityGroupId(), param.getPublicIp(), param.getInstanceId(), param.getEventId());
asyncMgr.completeAsyncJob(getJob().getId(), AsyncJobResult.STATUS_SUCCEEDED, 0, "success");
} catch (PermissionDeniedException e) {
if(s_logger.isDebugEnabled())
s_logger.debug("Unable to remove security group: " + e.getMessage());
asyncMgr.completeAsyncJob(getJob().getId(), AsyncJobResult.STATUS_FAILED, BaseCmd.PARAM_ERROR, e.getMessage());
} catch (InvalidParameterValueException e) {
if(s_logger.isDebugEnabled())
s_logger.debug("Unable to remove security group: " + e.getMessage());
asyncMgr.completeAsyncJob(getJob().getId(), AsyncJobResult.STATUS_FAILED, BaseCmd.PARAM_ERROR, e.getMessage());
} catch(Exception e) {
s_logger.warn("Unable to remove security group : " + e.getMessage(), e);
asyncMgr.completeAsyncJob(getJob().getId(), AsyncJobResult.STATUS_FAILED, BaseCmd.PARAM_ERROR, e.getMessage());
}
}
return true;
}
private DomainRouterVO getRouterSyncSource(SecurityGroupParam param) {
UserVmDao userVmDao = getAsyncJobMgr().getExecutorContext().getVmDao();
DomainRouterDao routerDao = getAsyncJobMgr().getExecutorContext().getRouterDao();
UserVmVO userVm = userVmDao.findById(param.getInstanceId());
if(userVm == null)
return null;
if (userVm.getDomainRouterId() == null) {
return null;
} else
return routerDao.findById(userVm.getDomainRouterId());
}
}

90
server/src/com/cloud/async/executor/SecurityGroupParam.java
View File

@ -1,90 +0,0 @@
/**
* Copyright (C) 2010 Cloud.com, Inc. All rights reserved.
*
* This software is licensed under the GNU General Public License v3 or later.
*
* It is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or any later version.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
package com.cloud.async.executor;
import java.util.List;
public class SecurityGroupParam {
private Long userId;
private Long securityGroupId;
private List<Long> securityGroupIdList;
private String publicIp;
private Long instanceId;
private long eventId;
public SecurityGroupParam() {
}
public SecurityGroupParam(Long userId, Long securityGroupId, List<Long> securityGroupIdList, String publicIp, Long instanceId, long eventId) {
this.userId = userId;
this.securityGroupId = securityGroupId;
this.securityGroupIdList = securityGroupIdList;
this.publicIp = publicIp;
this.instanceId = instanceId;
this.eventId = eventId;
}
public Long getUserId() {
return userId;
}
public void setUserId(Long userId) {
this.userId = userId;
}
public Long getSecurityGroupId() {
return securityGroupId;
}
public void setSecurityGroupId(Long securityGroupId) {
this.securityGroupId = securityGroupId;
}
public List<Long> getSecurityGroupIdList() {
return securityGroupIdList;
}
public void setSecurityGroupIdList(List<Long> securityGroupIdList) {
this.securityGroupIdList = securityGroupIdList;
}
public String getPublicIp() {
return publicIp;
}
public void setPublicIp(String publicIp) {
this.publicIp = publicIp;
}
public Long getInstanceId() {
return instanceId;
}
public void setInstanceId(Long instanceId) {
this.instanceId = instanceId;
}
public void setEventId(long eventId) {
this.eventId = eventId;
}
public long getEventId() {
return eventId;
}
}

3
server/src/com/cloud/network/NetworkManager.java
View File

@ -27,7 +27,6 @@ import com.cloud.api.commands.CreateIPForwardingRuleCmd;
import com.cloud.api.commands.CreateLoadBalancerRuleCmd;
import com.cloud.api.commands.DeleteIPForwardingRuleCmd;
import com.cloud.api.commands.DeleteLoadBalancerRuleCmd;
import com.cloud.api.commands.DeletePortForwardingServiceRuleCmd;
import com.cloud.api.commands.DisassociateIPAddrCmd;
import com.cloud.api.commands.ListPortForwardingRulesCmd;
import com.cloud.api.commands.RebootRouterCmd;
@ -294,8 +293,6 @@ public interface NetworkManager extends Manager {
*/
List<IPAddressVO> listPublicIpAddressesInVirtualNetwork(long accountId, long dcId, Boolean sourceNat);
public boolean deleteNetworkRuleConfig(DeletePortForwardingServiceRuleCmd cmd) throws PermissionDeniedException;
public boolean disassociateIpAddress(DisassociateIPAddrCmd cmd) throws PermissionDeniedException;
public boolean deleteIpForwardingRule(DeleteIPForwardingRuleCmd cmd) throws PermissionDeniedException, InvalidParameterValueException;

109
server/src/com/cloud/network/NetworkManagerImpl.java
View File

@ -49,7 +49,6 @@ import com.cloud.api.commands.CreateIPForwardingRuleCmd;
import com.cloud.api.commands.CreateLoadBalancerRuleCmd;
import com.cloud.api.commands.DeleteIPForwardingRuleCmd;
import com.cloud.api.commands.DeleteLoadBalancerRuleCmd;
import com.cloud.api.commands.DeletePortForwardingServiceRuleCmd;
import com.cloud.api.commands.DisassociateIPAddrCmd;
import com.cloud.api.commands.ListPortForwardingRulesCmd;
import com.cloud.api.commands.RebootRouterCmd;
@ -104,8 +103,6 @@ import com.cloud.network.dao.LoadBalancerDao;
import com.cloud.network.dao.LoadBalancerVMMapDao;
import com.cloud.network.dao.NetworkConfigurationDao;
import com.cloud.network.dao.NetworkRuleConfigDao;
import com.cloud.network.dao.SecurityGroupDao;
import com.cloud.network.dao.SecurityGroupVMMapDao;
import com.cloud.network.element.NetworkElement;
import com.cloud.network.router.DomainRouterManager;
import com.cloud.offering.NetworkOffering;
@ -168,7 +165,6 @@ public class NetworkManagerImpl implements NetworkManager, DomainRouterService {
@Inject DataCenterDao _dcDao = null;
@Inject VlanDao _vlanDao = null;
@Inject FirewallRulesDao _rulesDao = null;
@Inject SecurityGroupVMMapDao _securityGroupVMMapDao = null;
@Inject LoadBalancerDao _loadBalancerDao = null;
@Inject LoadBalancerVMMapDao _loadBalancerVMMapDao = null;
@Inject IPAddressDao _ipAddressDao = null;
@ -194,7 +190,6 @@ public class NetworkManagerImpl implements NetworkManager, DomainRouterService {
@Inject ConfigurationManager _configMgr;
@Inject AsyncJobManager _asyncMgr;
@Inject StoragePoolDao _storagePoolDao = null;
@Inject SecurityGroupDao _securityGroupDao = null;
@Inject ServiceOfferingDao _serviceOfferingDao = null;
@Inject UserVmDao _userVmDao;
@Inject FirewallRulesDao _firewallRulesDao;
@ -1375,15 +1370,7 @@ public class NetworkManagerImpl implements NetworkManager, DomainRouterService {
List<FirewallRuleVO> existingFwRules = _rulesDao.listIPForwarding(publicIp, publicPort, true);
if ((existingFwRules != null) && !existingFwRules.isEmpty()) {
FirewallRuleVO existingFwRule = existingFwRules.get(0);
String securityGroupName = null;
if (existingFwRule.getGroupId() != null) {
long groupId = existingFwRule.getGroupId();
SecurityGroupVO securityGroup = _securityGroupDao.findById(groupId);
securityGroupName = securityGroup.getName();
}
throw new InvalidParameterValueException("IP Address (" + publicIp + ") and port (" + publicPort + ") already in use" +
((securityGroupName == null) ? "" : " by port forwarding service " + securityGroupName));
throw new InvalidParameterValueException("IP Address (" + publicIp + ") and port (" + publicPort + ") already in use");
}
ipAddr = _ipAddressDao.acquire(publicIp);
@ -1496,23 +1483,6 @@ public class NetworkManagerImpl implements NetworkManager, DomainRouterService {
_eventDao.persist(event);
}
// We've deleted all the rules for the given public IP, so remove any security group mappings for that public IP
List<SecurityGroupVMMapVO> securityGroupMappings = _securityGroupVMMapDao.listByIp(ipAddress);
for (SecurityGroupVMMapVO securityGroupMapping : securityGroupMappings) {
_securityGroupVMMapDao.remove(securityGroupMapping.getId());
// save off an event for removing the security group
EventVO event = new EventVO();
event.setUserId(userId);
event.setAccountId(ip.getAccountId());
event.setType(EventTypes.EVENT_PORT_FORWARDING_SERVICE_REMOVE);
String params = "sgId="+securityGroupMapping.getId()+"\nvmId="+securityGroupMapping.getInstanceId();
event.setParameters(params);
event.setDescription("Successfully removed security group " + Long.valueOf(securityGroupMapping.getSecurityGroupId()).toString() + " from virtual machine " + Long.valueOf(securityGroupMapping.getInstanceId()).toString());
event.setLevel(EventVO.LEVEL_INFO);
_eventDao.persist(event);
}
List<LoadBalancerVO> loadBalancers = _loadBalancerDao.listByIpAddress(ipAddress);
for (LoadBalancerVO loadBalancer : loadBalancers) {
_loadBalancerDao.remove(loadBalancer.getId());
@ -2343,83 +2313,6 @@ public class NetworkManagerImpl implements NetworkManager, DomainRouterService {
(accountType == Account.ACCOUNT_TYPE_READ_ONLY_ADMIN));
}
@Override
public boolean deleteNetworkRuleConfig(DeletePortForwardingServiceRuleCmd cmd) throws PermissionDeniedException {
Long userId = UserContext.current().getUserId();
Long netRuleId = cmd.getId();
Account account = UserContext.current().getAccount();
//If command is executed via 8096 port, set userId to the id of System account (1)
if (userId == null) {
userId = Long.valueOf(1);
}
// do a quick permissions check to make sure the account is either an
// admin or the owner of the security group to which the network rule
// belongs
NetworkRuleConfigVO netRule = _networkRuleConfigDao.findById(netRuleId);
if (netRule != null) {
SecurityGroupVO sg = _securityGroupDao.findById(netRule.getSecurityGroupId());
if ((account == null) || BaseCmd.isAdmin(account.getType())) {
if ((account != null) && !_domainDao.isChildDomain(account.getDomainId(), sg.getDomainId())) {
throw new PermissionDeniedException("Unable to delete port forwarding service rule " + netRuleId + "; account: " + account.getAccountName() + " is not an admin in the domain hierarchy.");
}
} else {
if (sg.getAccountId() != account.getId()) {
throw new PermissionDeniedException("Unable to delete port forwarding service rule " + netRuleId + "; account: " + account.getAccountName() + " is not the owner");
}
}
} else {
return false; // failed to delete due to netRule not found
}
return deleteNetworkRuleConfigInternal(userId, netRuleId);
}
private boolean deleteNetworkRuleConfigInternal(long userId, long networkRuleId) {
try {
NetworkRuleConfigVO netRule = _networkRuleConfigDao.findById(networkRuleId);
if (netRule != null) {
List<SecurityGroupVMMapVO> sgMappings = _securityGroupVMMapDao.listBySecurityGroup(netRule.getSecurityGroupId());
if ((sgMappings != null) && !sgMappings.isEmpty()) {
for (SecurityGroupVMMapVO sgMapping : sgMappings) {
UserVm userVm = _userVmDao.findById(sgMapping.getInstanceId());
if (userVm != null) {
List<FirewallRuleVO> fwRules = _firewallRulesDao.listIPForwarding(sgMapping.getIpAddress(), netRule.getPublicPort(), true);
FirewallRuleVO rule = null;
for (FirewallRuleVO fwRule : fwRules) {
if (fwRule.getPrivatePort().equals(netRule.getPrivatePort()) && fwRule.getPrivateIpAddress().equals(userVm.getGuestIpAddress())) {
rule = fwRule;
break;
}
}
if (rule != null) {
rule.setEnabled(false);
updateFirewallRule(rule, null, null);
// Save and create the event
Account account = _accountDao.findById(userVm.getAccountId());
_firewallRulesDao.remove(rule.getId());
String description = "deleted ip forwarding rule [" + rule.getPublicIpAddress() + ":" + rule.getPublicPort() + "]->[" + rule.getPrivateIpAddress()
+ ":" + rule.getPrivatePort() + "]" + " " + rule.getProtocol();
EventUtils.saveEvent(Long.valueOf(userId), account.getId(), EventVO.LEVEL_INFO, EventTypes.EVENT_NET_RULE_DELETE, description);
}
}
}
}
_networkRuleConfigDao.remove(netRule.getId());
}
} catch (Exception ex) {
s_logger.error("Unexpected exception deleting port forwarding service rule " + networkRuleId, ex);
return false;
}
return true;
}
private Account findAccountByIpAddress(String ipAddress) {
IPAddressVO address = _ipAddressDao.findById(ipAddress);
if ((address != null) && (address.getAccountId() != null)) {

4
server/src/com/cloud/network/router/DomainRouterManagerImpl.java
View File

@ -116,8 +116,6 @@ import com.cloud.network.dao.LoadBalancerDao;
import com.cloud.network.dao.LoadBalancerVMMapDao;
import com.cloud.network.dao.NetworkConfigurationDao;
import com.cloud.network.dao.NetworkRuleConfigDao;
import com.cloud.network.dao.SecurityGroupDao;
import com.cloud.network.dao.SecurityGroupVMMapDao;
import com.cloud.offering.NetworkOffering;
import com.cloud.offering.NetworkOffering.GuestIpType;
import com.cloud.offerings.NetworkOfferingVO;
@ -182,7 +180,6 @@ public class DomainRouterManagerImpl implements DomainRouterManager, VirtualMach
@Inject DataCenterDao _dcDao = null;
@Inject VlanDao _vlanDao = null;
@Inject FirewallRulesDao _rulesDao = null;
@Inject SecurityGroupVMMapDao _securityGroupVMMapDao = null;
@Inject LoadBalancerDao _loadBalancerDao = null;
@Inject LoadBalancerVMMapDao _loadBalancerVMMapDao = null;
@Inject IPAddressDao _ipAddressDao = null;
@ -210,7 +207,6 @@ public class DomainRouterManagerImpl implements DomainRouterManager, VirtualMach
@Inject ConfigurationManager _configMgr;
@Inject AsyncJobManager _asyncMgr;
@Inject StoragePoolDao _storagePoolDao = null;
@Inject SecurityGroupDao _securityGroupDao = null;
@Inject ServiceOfferingDao _serviceOfferingDao = null;
@Inject UserVmDao _userVmDao;
@Inject FirewallRulesDao _firewallRulesDao;

102
server/src/com/cloud/server/ManagementServer.java
View File

@ -24,13 +24,9 @@ import java.util.List;
import java.util.Map;
import com.cloud.alert.AlertVO;
import com.cloud.api.commands.AssignPortForwardingServiceCmd;
import com.cloud.api.commands.CreateDomainCmd;
import com.cloud.api.commands.CreatePortForwardingServiceCmd;
import com.cloud.api.commands.CreatePortForwardingServiceRuleCmd;
import com.cloud.api.commands.CreateUserCmd;
import com.cloud.api.commands.DeleteDomainCmd;
import com.cloud.api.commands.DeletePortForwardingServiceCmd;
import com.cloud.api.commands.DeletePreallocatedLunCmd;
import com.cloud.api.commands.DeleteUserCmd;
import com.cloud.api.commands.DeployVMCmd;
@ -59,9 +55,6 @@ import com.cloud.api.commands.ListIsosCmd;
import com.cloud.api.commands.ListLoadBalancerRuleInstancesCmd;
import com.cloud.api.commands.ListLoadBalancerRulesCmd;
import com.cloud.api.commands.ListPodsByCmd;
import com.cloud.api.commands.ListPortForwardingServiceRulesCmd;
import com.cloud.api.commands.ListPortForwardingServicesByVmCmd;
import com.cloud.api.commands.ListPortForwardingServicesCmd;
import com.cloud.api.commands.ListPreallocatedLunsCmd;
import com.cloud.api.commands.ListPublicIpAddressesCmd;
import com.cloud.api.commands.ListRoutersCmd;
@ -83,7 +76,6 @@ import com.cloud.api.commands.QueryAsyncJobResultCmd;
import com.cloud.api.commands.RebootSystemVmCmd;
import com.cloud.api.commands.RegisterCmd;
import com.cloud.api.commands.RegisterPreallocatedLunCmd;
import com.cloud.api.commands.RemovePortForwardingServiceCmd;
import com.cloud.api.commands.StartSystemVMCmd;
import com.cloud.api.commands.StopSystemVmCmd;
import com.cloud.api.commands.UpdateAccountCmd;
@ -112,7 +104,6 @@ import com.cloud.exception.ConcurrentOperationException;
import com.cloud.exception.InsufficientStorageCapacityException;
import com.cloud.exception.InternalErrorException;
import com.cloud.exception.InvalidParameterValueException;
import com.cloud.exception.NetworkRuleConflictException;
import com.cloud.exception.PermissionDeniedException;
import com.cloud.exception.ResourceAllocationException;
import com.cloud.exception.StorageUnavailableException;
@ -121,8 +112,6 @@ import com.cloud.info.ConsoleProxyInfo;
import com.cloud.network.FirewallRuleVO;
import com.cloud.network.IPAddressVO;
import com.cloud.network.LoadBalancerVO;
import com.cloud.network.NetworkRuleConfigVO;
import com.cloud.network.SecurityGroupVO;
import com.cloud.network.security.NetworkGroupVO;
import com.cloud.service.ServiceOfferingVO;
import com.cloud.storage.DiskOfferingVO;
@ -658,13 +647,6 @@ public interface ManagementServer {
*/
IPAddressVO findIPAddressById(String ipAddress);
/**
* Search for network rules given the search criteria.
* @param cmd the command containing the search criteria including port forwarding service id or rule id.
* @return list of rules for the port forwarding service id specified in the search criteria
*/
List<NetworkRuleConfigVO> searchForNetworkRules(ListPortForwardingServiceRulesCmd c) throws InvalidParameterValueException, PermissionDeniedException;
/**
* Obtains a list of events by the specified search criteria.
* Can search by: "username", "type", "level", "startDate", "endDate"
@ -766,25 +748,6 @@ public interface ManagementServer {
*/
void logoutUser(Long userId);
/**
* Creates a network rule as part of a port forwarding service. If this port forwarding service has been applied to any virtual
* machines, the network rules will get sent to the router.
* @param cmd the command describing the port forwarding service the rule belongs to, the public port, the private port, and the protocol
* @return a new network rule that is part of the port forwarding service if successful, null otherwise
* @throws InvalidParameterValueException
* @throws PermissionDeniedException
* @throws NetworkRuleConflictException
* @throws InternalErrorException
*/
NetworkRuleConfigVO createPortForwardingServiceRule(CreatePortForwardingServiceRuleCmd cmd) throws InvalidParameterValueException, PermissionDeniedException, NetworkRuleConflictException, InternalErrorException;
/**
* Apply a port forwarding service rule to all VMs that have the port forwarding service applied
* @param cmd the command object that wraps the id of the created rule to apply
* @return the updated rule if successful, null otherwise
*/
NetworkRuleConfigVO applyPortForwardingServiceRule(CreatePortForwardingServiceRuleCmd cmd) throws NetworkRuleConflictException;
ConsoleProxyInfo getConsoleProxy(long dataCenterId, long userVmId);
ConsoleProxyVO startConsoleProxy(long instanceId, long startEventId) throws InternalErrorException;
ConsoleProxyVO stopConsoleProxy(long instanceId, long startEventId);
@ -1035,71 +998,6 @@ public interface ManagementServer {
*/
List<AsyncJobVO> searchForAsyncJobs(ListAsyncJobsCmd cmd) throws InvalidParameterValueException, PermissionDeniedException;
/**
* Assign a security group to a VM
* @param cmd the command specifying secuirtyGroupId, securityGroupIdList, publicIp, vmId parameters
*/
void assignSecurityGroup(AssignPortForwardingServiceCmd cmd) throws PermissionDeniedException, NetworkRuleConflictException, InvalidParameterValueException, InternalErrorException;
/**
* remove a security group from a publicIp/vmId combination where it had been previously applied
* @param userId id of the user performing the action (for events)
* @param securityGroupId the id of the security group to remove
* @param publicIp
* @param vmId
*/
void removeSecurityGroup(long userId, long securityGroupId, String publicIp, long vmId, long startEventId) throws InvalidParameterValueException, PermissionDeniedException;
void removeSecurityGroup(RemovePortForwardingServiceCmd cmd) throws InvalidParameterValueException, PermissionDeniedException;
/**
* validate that the list of security groups can be applied to the instance
* @param securityGroupIds
* @param instanceId
* @return accountId that owns the instance if the security groups can be applied to the instance, null otherwise
*/
Long validateSecurityGroupsAndInstance(List<Long> securityGroupIds, Long instanceId);
/**
* returns a list of security groups
* @param cmd
* @return a list of security groups
*/
List<SecurityGroupVO> searchForSecurityGroups(ListPortForwardingServicesCmd cmd) throws InvalidParameterValueException, PermissionDeniedException;
/**
* returns a list of security groups from a given ip and vm id
* @param c
* @return a list of security groups
*/
Map<String, List<SecurityGroupVO>> searchForSecurityGroupsByVM(ListPortForwardingServicesByVmCmd cmd) throws InvalidParameterValueException, PermissionDeniedException;
/**
* Create a security group, a group of network rules (port, private port, protocol, algorithm) that can be applied in mass to a VM
* @param cmd the command specifying name, description, domainId, account parameters
* @return
*/
SecurityGroupVO createPortForwardingService(CreatePortForwardingServiceCmd cmd) throws InvalidParameterValueException;
/**
* Delete a security group. If the group is being actively used, it cannot be deleted.
* @param cmd - the command containing securityGroupId
* @return true if the security group is deleted, exception is thrown otherwise
* @throws InvalidParameterValueException, PermissionDeniedException
*/
boolean deleteSecurityGroup(DeletePortForwardingServiceCmd cmd) throws InvalidParameterValueException, PermissionDeniedException;
/**
* check if a security group name in the given account/domain is in use
* - if accountId is specified, look only for the account
* - otherwise look for the name in domain-level security groups (accountId is null)
* @param domainId id of the domain in which to search for security groups
* @param accountId id of the account in which to search for security groups
* @param name name of the security group to look for
* @return true if the security group name is found, false otherwise
*/
boolean isSecurityGroupNameInUse(Long domainId, Long accountId, String name);
SecurityGroupVO findSecurityGroupById(Long groupId);
LoadBalancerVO findLoadBalancer(Long accountId, String name);
LoadBalancerVO findLoadBalancerById(long loadBalancerId);

1096
server/src/com/cloud/server/ManagementServerImpl.java
View File

File diff suppressed because it is too large Load Diff

60
server/src/com/cloud/vm/UserVmManagerImpl.java
View File

@ -136,13 +136,10 @@ import com.cloud.network.IpAddrAllocator;
import com.cloud.network.LoadBalancerVMMapVO;
import com.cloud.network.NetworkConfigurationVO;
import com.cloud.network.NetworkManager;
import com.cloud.network.SecurityGroupVMMapVO;
import com.cloud.network.dao.FirewallRulesDao;
import com.cloud.network.dao.IPAddressDao;
import com.cloud.network.dao.LoadBalancerDao;
import com.cloud.network.dao.LoadBalancerVMMapDao;
import com.cloud.network.dao.SecurityGroupDao;
import com.cloud.network.dao.SecurityGroupVMMapDao;
import com.cloud.network.security.NetworkGroupManager;
import com.cloud.network.security.NetworkGroupVO;
import com.cloud.offering.NetworkOffering;
@ -227,8 +224,6 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, VirtualM
@Inject VolumeDao _volsDao = null;
@Inject DataCenterDao _dcDao = null;
@Inject FirewallRulesDao _rulesDao = null;
@Inject SecurityGroupDao _securityGroupDao = null;
@Inject SecurityGroupVMMapDao _securityGroupVMMapDao = null;
@Inject LoadBalancerVMMapDao _loadBalancerVMMapDao = null;
@Inject LoadBalancerDao _loadBalancerDao = null;
@Inject IPAddressDao _ipAddressDao = null;
@ -258,7 +253,6 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, VirtualM
@Inject EventDao _eventDao = null;
@Inject InstanceGroupDao _vmGroupDao;
@Inject InstanceGroupVMMapDao _groupVMMapDao;
@Inject SecurityGroupDao _networkSecurityGroupDao;
@Inject VmManager _itMgr;
private IpAddrAllocator _IpAllocator;
@ -2609,60 +2603,6 @@ public class UserVmManagerImpl implements UserVmManager, UserVmService, VirtualM
String guestIpAddr = vm.getGuestIpAddress();
long accountId = vm.getAccountId();
// clean up any load balancer rules and security group mappings for this VM
List<SecurityGroupVMMapVO> securityGroupMappings = _securityGroupVMMapDao.listByInstanceId(vm.getId());
for (SecurityGroupVMMapVO securityGroupMapping : securityGroupMappings) {
String ipAddress = securityGroupMapping.getIpAddress();
// find the router from the ipAddress
DomainRouterVO router = null;
if (vm.getDomainRouterId() != null)
router = _routerDao.findById(vm.getDomainRouterId());
else
continue;
// grab all the firewall rules
List<FirewallRuleVO> fwRules = _rulesDao.listForwardingByPubAndPrivIp(true, ipAddress, vm.getGuestIpAddress());
for (FirewallRuleVO fwRule : fwRules) {
fwRule.setEnabled(false);
}
List<FirewallRuleVO> updatedRules = _networkMgr.updateFirewallRules(ipAddress, fwRules, router);
// Save and create the event
String description;
String type = EventTypes.EVENT_NET_RULE_DELETE;
String ruleName = "ip forwarding";
String level = EventVO.LEVEL_INFO;
if (updatedRules != null) {
_securityGroupVMMapDao.remove(securityGroupMapping.getId());
for (FirewallRuleVO updatedRule : updatedRules) {
_rulesDao.remove(updatedRule.getId());
description = "deleted " + ruleName + " rule [" + updatedRule.getPublicIpAddress() + ":" + updatedRule.getPublicPort() +
"]->[" + updatedRule.getPrivateIpAddress() + ":" + updatedRule.getPrivatePort() + "]" + " " + updatedRule.getProtocol();
EventVO fwRuleEvent = new EventVO();
fwRuleEvent.setUserId(userId);
fwRuleEvent.setAccountId(accountId);
fwRuleEvent.setType(type);
fwRuleEvent.setDescription(description);
fwRuleEvent.setLevel(level);
_eventDao.persist(fwRuleEvent);
}
// save off an event for removing the security group
EventVO event = new EventVO();
event.setUserId(userId);
event.setAccountId(vm.getAccountId());
event.setType(EventTypes.EVENT_PORT_FORWARDING_SERVICE_REMOVE);
event.setDescription("Successfully removed port forwarding service " + securityGroupMapping.getSecurityGroupId() + " from virtual machine " + vm.getName());
event.setLevel(EventVO.LEVEL_INFO);
String params = "sgId="+securityGroupMapping.getSecurityGroupId()+"\nvmId="+vm.getId();
event.setParameters(params);
_eventDao.persist(event);
}
}
List<LoadBalancerVMMapVO> loadBalancerMappings = _loadBalancerVMMapDao.listByInstanceId(vm.getId());
for (LoadBalancerVMMapVO loadBalancerMapping : loadBalancerMappings) {
List<FirewallRuleVO> lbRules = _rulesDao.listByLoadBalancerId(loadBalancerMapping.getLoadBalancerId());