From 5170c215f8090f8f4cbd408b4005fc463101e0a1 Mon Sep 17 00:00:00 2001 From: alena Date: Wed, 8 Sep 2010 15:04:26 -0700 Subject: [PATCH] Refactored DeleteLoadBalancerRule/UpdateLoadBalancerRule api commands. --- .../commands/DeleteLoadBalancerRuleCmd.java | 125 +++--- .../commands/UpdateLoadBalancerRuleCmd.java | 121 +++--- .../src/com/cloud/network/NetworkManager.java | 5 + .../com/cloud/network/NetworkManagerImpl.java | 205 +++++++++- .../com/cloud/server/ManagementServer.java | 8 +- .../cloud/server/ManagementServerImpl.java | 376 +++++++++--------- 6 files changed, 500 insertions(+), 340 deletions(-) diff --git a/server/src/com/cloud/api/commands/DeleteLoadBalancerRuleCmd.java b/server/src/com/cloud/api/commands/DeleteLoadBalancerRuleCmd.java index c01493f76df..ac49fabb677 100644 --- a/server/src/com/cloud/api/commands/DeleteLoadBalancerRuleCmd.java +++ b/server/src/com/cloud/api/commands/DeleteLoadBalancerRuleCmd.java @@ -18,64 +18,33 @@ package com.cloud.api.commands; -import java.util.ArrayList; -import java.util.List; -import java.util.Map; - import org.apache.log4j.Logger; -import com.cloud.api.BaseCmd; +import com.cloud.api.BaseAsyncCmd; +import com.cloud.api.Implementation; import com.cloud.api.Parameter; -import com.cloud.api.ServerApiException; -import com.cloud.network.LoadBalancerVO; -import com.cloud.user.Account; -import com.cloud.utils.Pair; - -public class DeleteLoadBalancerRuleCmd extends BaseCmd { +import com.cloud.api.BaseCmd.Manager; + +@Implementation(method="deleteLoadBalancerRule", manager=Manager.NetworkManager) +public class DeleteLoadBalancerRuleCmd extends BaseAsyncCmd { public static final Logger s_logger = Logger.getLogger(DeleteLoadBalancerRuleCmd.class.getName()); - private static final String s_name = "deleteloadbalancerruleresponse"; - private static final List> s_properties = new ArrayList>(); - - static { - s_properties.add(new Pair(BaseCmd.Properties.USER_ID, Boolean.FALSE)); - s_properties.add(new Pair(BaseCmd.Properties.ACCOUNT_OBJ, Boolean.FALSE)); - s_properties.add(new Pair(BaseCmd.Properties.ACCOUNT, Boolean.FALSE)); - s_properties.add(new Pair(BaseCmd.Properties.DOMAIN_ID, Boolean.FALSE)); - s_properties.add(new Pair(BaseCmd.Properties.ID, Boolean.TRUE)); - } - ///////////////////////////////////////////////////// //////////////// API parameters ///////////////////// ///////////////////////////////////////////////////// - @Parameter(name="account", type=CommandType.STRING) - private String accountName; - @Parameter(name="id", type=CommandType.LONG, required=true) private Long id; - @Parameter(name="domainid", type=CommandType.LONG) - private Long domainId; - ///////////////////////////////////////////////////// /////////////////// Accessors /////////////////////// ///////////////////////////////////////////////////// - public String getAccountName() { - return accountName; - } - public Long getId() { return id; } - public Long getDomainId() { - return domainId; - } - - ///////////////////////////////////////////////////// /////////////// API Implementation/////////////////// ///////////////////////////////////////////////////// @@ -83,45 +52,47 @@ public class DeleteLoadBalancerRuleCmd extends BaseCmd { public String getName() { return s_name; } - - public List> getProperties() { - return s_properties; - } - @Override - public List> execute(Map params) { - Long userId = (Long)params.get(BaseCmd.Properties.USER_ID.getName()); - Account account = (Account)params.get(BaseCmd.Properties.ACCOUNT_OBJ.getName()); - Long loadBalancerId = (Long)params.get(BaseCmd.Properties.ID.getName()); - - //Verify parameters - LoadBalancerVO loadBalancer = getManagementServer().findLoadBalancerById(loadBalancerId.longValue()); - if (loadBalancer == null) { - throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to find load balancer rule, with id " + loadBalancerId); - } else if (account != null) { - if (!isAdmin(account.getType())) { - if (loadBalancer.getAccountId() != account.getId().longValue()) { - throw new ServerApiException(BaseCmd.PARAM_ERROR, "Account " + account.getAccountName() + " does not own load balancer rule " + loadBalancer.getName() + " (id:" + loadBalancerId + ")"); - } - } else if (!getManagementServer().isChildDomain(account.getDomainId(), loadBalancer.getDomainId())) { - throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to delete load balancer rule " + loadBalancer.getName() + " (id:" + loadBalancerId + "), permission denied."); - } - } - - if (userId == null) { - userId = Long.valueOf(1); - } - - long jobId = getManagementServer().deleteLoadBalancerAsync(userId, loadBalancerId.longValue()); - if (jobId == 0) { - s_logger.warn("Unable to schedule async-job for DeleteLoadBalancerRule comamnd"); - } else { - if (s_logger.isDebugEnabled()) - s_logger.debug("DeleteLoadBalancerRule command has been accepted, job id: " + jobId); - } - - List> returnValues = new ArrayList>(); - returnValues.add(new Pair(BaseCmd.Properties.JOB_ID.getName(), Long.valueOf(jobId))); - return returnValues; - } +// @Override +// public List> execute(Map params) { +// Long userId = (Long)params.get(BaseCmd.Properties.USER_ID.getName()); +// Account account = (Account)params.get(BaseCmd.Properties.ACCOUNT_OBJ.getName()); +// Long loadBalancerId = (Long)params.get(BaseCmd.Properties.ID.getName()); +// +// //Verify parameters +// LoadBalancerVO loadBalancer = getManagementServer().findLoadBalancerById(loadBalancerId.longValue()); +// if (loadBalancer == null) { +// throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to find load balancer rule, with id " + loadBalancerId); +// } else if (account != null) { +// if (!isAdmin(account.getType())) { +// if (loadBalancer.getAccountId() != account.getId().longValue()) { +// throw new ServerApiException(BaseCmd.PARAM_ERROR, "Account " + account.getAccountName() + " does not own load balancer rule " + loadBalancer.getName() + " (id:" + loadBalancerId + ")"); +// } +// } else if (!getManagementServer().isChildDomain(account.getDomainId(), loadBalancer.getDomainId())) { +// throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to delete load balancer rule " + loadBalancer.getName() + " (id:" + loadBalancerId + "), permission denied."); +// } +// } +// +// if (userId == null) { +// userId = Long.valueOf(1); +// } +// +// long jobId = getManagementServer().deleteLoadBalancerAsync(userId, loadBalancerId.longValue()); +// if (jobId == 0) { +// s_logger.warn("Unable to schedule async-job for DeleteLoadBalancerRule comamnd"); +// } else { +// if (s_logger.isDebugEnabled()) +// s_logger.debug("DeleteLoadBalancerRule command has been accepted, job id: " + jobId); +// } +// +// List> returnValues = new ArrayList>(); +// returnValues.add(new Pair(BaseCmd.Properties.JOB_ID.getName(), Long.valueOf(jobId))); +// return returnValues; +// } + + @Override + public String getResponse() { + // TODO Auto-generated method stub + return null; + } } diff --git a/server/src/com/cloud/api/commands/UpdateLoadBalancerRuleCmd.java b/server/src/com/cloud/api/commands/UpdateLoadBalancerRuleCmd.java index 360e7c1fa74..5541f54e9c9 100644 --- a/server/src/com/cloud/api/commands/UpdateLoadBalancerRuleCmd.java +++ b/server/src/com/cloud/api/commands/UpdateLoadBalancerRuleCmd.java @@ -1,34 +1,16 @@ package com.cloud.api.commands; -import java.util.ArrayList; -import java.util.List; -import java.util.Map; - import org.apache.log4j.Logger; -import com.cloud.api.BaseCmd; +import com.cloud.api.BaseAsyncCmd; +import com.cloud.api.BaseCmd.Manager; +import com.cloud.api.Implementation; import com.cloud.api.Parameter; -import com.cloud.api.ServerApiException; -import com.cloud.network.LoadBalancerVO; -import com.cloud.user.Account; -import com.cloud.utils.Pair; -public class UpdateLoadBalancerRuleCmd extends BaseCmd { +@Implementation(method="updateLoadBalancerRule", manager=Manager.NetworkManager) +public class UpdateLoadBalancerRuleCmd extends BaseAsyncCmd { public static final Logger s_logger = Logger.getLogger(UpdateLoadBalancerRuleCmd.class.getName()); - private static final String s_name = "updateloadbalancerruleresponse"; - private static final List> s_properties = new ArrayList>(); - - static { - s_properties.add(new Pair(BaseCmd.Properties.USER_ID, Boolean.FALSE)); - s_properties.add(new Pair(BaseCmd.Properties.ACCOUNT_OBJ, Boolean.FALSE)); - - s_properties.add(new Pair(BaseCmd.Properties.ALGORITHM, Boolean.FALSE)); - s_properties.add(new Pair(BaseCmd.Properties.DESCRIPTION, Boolean.FALSE)); - s_properties.add(new Pair(BaseCmd.Properties.ID, Boolean.TRUE)); - s_properties.add(new Pair(BaseCmd.Properties.NAME, Boolean.FALSE)); - s_properties.add(new Pair(BaseCmd.Properties.PRIVATE_PORT, Boolean.FALSE)); - } ///////////////////////////////////////////////////// //////////////// API parameters ///////////////////// @@ -80,50 +62,53 @@ public class UpdateLoadBalancerRuleCmd extends BaseCmd { public String getName() { return s_name; } - public List> getProperties() { - return s_properties; - } - @Override - public List> execute(Map params) { - Long userId = (Long)params.get(BaseCmd.Properties.USER_ID.getName()); - Account account = (Account)params.get(BaseCmd.Properties.ACCOUNT_OBJ.getName()); - String name = (String)params.get(BaseCmd.Properties.NAME.getName()); - String description = (String)params.get(BaseCmd.Properties.DESCRIPTION.getName()); - String privatePort = (String)params.get(BaseCmd.Properties.PRIVATE_PORT.getName()); - String algorithm = (String)params.get(BaseCmd.Properties.ALGORITHM.getName()); - Long loadBalancerId = (Long)params.get(BaseCmd.Properties.ID.getName()); - - if (userId == null) { - userId = Long.valueOf(1); - } - - LoadBalancerVO lb = getManagementServer().findLoadBalancerById(loadBalancerId); - if (lb == null) { - throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to find load balancer rule " + loadBalancerId + " for update."); - } - - // Verify input parameters - Account lbOwner = getManagementServer().findAccountById(lb.getAccountId()); - if (lbOwner == null) { - throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to update load balancer rule, cannot find owning account"); - } - - Long accountId = lbOwner.getId(); - if (account != null) { - if (!isAdmin(account.getType())) { - if (account.getId().longValue() != accountId.longValue()) { - throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Unable to update load balancer rule, permission denied"); - } - } else if (!getManagementServer().isChildDomain(account.getDomainId(), lbOwner.getDomainId())) { - throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Unable to update load balancer rule, permission denied."); - } - } - - long jobId = getManagementServer().updateLoadBalancerRuleAsync(userId, lb.getAccountId(), lb.getId().longValue(), name, description, privatePort, algorithm); - - List> returnValues = new ArrayList>(); - returnValues.add(new Pair(BaseCmd.Properties.JOB_ID.getName(), Long.valueOf(jobId).toString())); - return returnValues; - } +// @Override +// public List> execute(Map params) { +// Long userId = (Long)params.get(BaseCmd.Properties.USER_ID.getName()); +// Account account = (Account)params.get(BaseCmd.Properties.ACCOUNT_OBJ.getName()); +// String name = (String)params.get(BaseCmd.Properties.NAME.getName()); +// String description = (String)params.get(BaseCmd.Properties.DESCRIPTION.getName()); +// String privatePort = (String)params.get(BaseCmd.Properties.PRIVATE_PORT.getName()); +// String algorithm = (String)params.get(BaseCmd.Properties.ALGORITHM.getName()); +// Long loadBalancerId = (Long)params.get(BaseCmd.Properties.ID.getName()); +// +// if (userId == null) { +// userId = Long.valueOf(1); +// } +// +// LoadBalancerVO lb = getManagementServer().findLoadBalancerById(loadBalancerId); +// if (lb == null) { +// throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to find load balancer rule " + loadBalancerId + " for update."); +// } +// +// // Verify input parameters +// Account lbOwner = getManagementServer().findAccountById(lb.getAccountId()); +// if (lbOwner == null) { +// throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to update load balancer rule, cannot find owning account"); +// } +// +// Long accountId = lbOwner.getId(); +// if (account != null) { +// if (!isAdmin(account.getType())) { +// if (account.getId().longValue() != accountId.longValue()) { +// throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Unable to update load balancer rule, permission denied"); +// } +// } else if (!getManagementServer().isChildDomain(account.getDomainId(), lbOwner.getDomainId())) { +// throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Unable to update load balancer rule, permission denied."); +// } +// } +// +// long jobId = getManagementServer().updateLoadBalancerRuleAsync(userId, lb.getAccountId(), lb.getId().longValue(), name, description, privatePort, algorithm); +// +// List> returnValues = new ArrayList>(); +// returnValues.add(new Pair(BaseCmd.Properties.JOB_ID.getName(), Long.valueOf(jobId).toString())); +// return returnValues; +// } + + @Override + public String getResponse() { + // TODO Auto-generated method stub + return null; + } } diff --git a/server/src/com/cloud/network/NetworkManager.java b/server/src/com/cloud/network/NetworkManager.java index 638c740dcd9..013d9100282 100644 --- a/server/src/com/cloud/network/NetworkManager.java +++ b/server/src/com/cloud/network/NetworkManager.java @@ -24,6 +24,7 @@ import com.cloud.api.commands.AssignToLoadBalancerRuleCmd; import com.cloud.api.commands.AssociateIPAddrCmd; import com.cloud.api.commands.CreateIPForwardingRuleCmd; import com.cloud.api.commands.CreateLoadBalancerRuleCmd; +import com.cloud.api.commands.DeleteLoadBalancerRuleCmd; import com.cloud.api.commands.DeletePortForwardingServiceRuleCmd; import com.cloud.api.commands.DisassociateIPAddrCmd; import com.cloud.api.commands.ListPortForwardingRulesCmd; @@ -31,6 +32,7 @@ import com.cloud.api.commands.RebootRouterCmd; import com.cloud.api.commands.RemoveFromLoadBalancerRuleCmd; import com.cloud.api.commands.StartRouterCmd; import com.cloud.api.commands.StopRouterCmd; +import com.cloud.api.commands.UpdateLoadBalancerRuleCmd; import com.cloud.dc.DataCenterVO; import com.cloud.dc.HostPodVO; import com.cloud.dc.VlanVO; @@ -230,6 +232,9 @@ public interface NetworkManager extends Manager { public boolean removeFromLoadBalancer(RemoveFromLoadBalancerRuleCmd cmd) throws InvalidParameterValueException; + public boolean deleteLoadBalancerRule(DeleteLoadBalancerRuleCmd cmd) throws InvalidParameterValueException; + public LoadBalancerVO updateLoadBalancerRule(UpdateLoadBalancerRuleCmd cmd) throws InvalidParameterValueException; + /** * Add a DHCP entry on the domr dhcp server * @param routerHostId - the host id of the domr diff --git a/server/src/com/cloud/network/NetworkManagerImpl.java b/server/src/com/cloud/network/NetworkManagerImpl.java index d467785f2dc..5b6d8bbf5b5 100755 --- a/server/src/com/cloud/network/NetworkManagerImpl.java +++ b/server/src/com/cloud/network/NetworkManagerImpl.java @@ -62,18 +62,20 @@ import com.cloud.api.commands.AssignToLoadBalancerRuleCmd; import com.cloud.api.commands.AssociateIPAddrCmd; import com.cloud.api.commands.CreateIPForwardingRuleCmd; import com.cloud.api.commands.CreateLoadBalancerRuleCmd; +import com.cloud.api.commands.DeleteLoadBalancerRuleCmd; import com.cloud.api.commands.DeletePortForwardingServiceRuleCmd; import com.cloud.api.commands.DisassociateIPAddrCmd; import com.cloud.api.commands.ListPortForwardingRulesCmd; +import com.cloud.api.commands.LoadBalancerVO; import com.cloud.api.commands.RebootRouterCmd; import com.cloud.api.commands.RemoveFromLoadBalancerRuleCmd; import com.cloud.api.commands.StartRouterCmd; import com.cloud.api.commands.StopRouterCmd; +import com.cloud.api.commands.UpdateLoadBalancerRuleCmd; import com.cloud.async.AsyncJobExecutor; import com.cloud.async.AsyncJobManager; import com.cloud.async.AsyncJobVO; import com.cloud.async.BaseAsyncJobExecutor; -import com.cloud.async.executor.VMOperationParam; import com.cloud.capacity.dao.CapacityDao; import com.cloud.configuration.Config; import com.cloud.configuration.ConfigurationManager; @@ -120,7 +122,6 @@ import com.cloud.network.dao.NetworkRuleConfigDao; import com.cloud.network.dao.SecurityGroupDao; import com.cloud.network.dao.SecurityGroupVMMapDao; import com.cloud.offering.ServiceOffering.GuestIpType; -import com.cloud.serializer.GsonHelper; import com.cloud.service.ServiceOfferingVO; import com.cloud.service.dao.ServiceOfferingDao; import com.cloud.storage.StorageManager; @@ -166,7 +167,6 @@ import com.cloud.vm.VirtualMachineManager; import com.cloud.vm.VirtualMachineName; import com.cloud.vm.dao.DomainRouterDao; import com.cloud.vm.dao.UserVmDao; -import com.google.gson.Gson; /** * NetworkManagerImpl implements NetworkManager. @@ -3135,6 +3135,205 @@ public class NetworkManagerImpl implements NetworkManager, VirtualMachineManager return success; } + @Override @DB + public boolean deleteLoadBalancerRule(DeleteLoadBalancerRuleCmd cmd) throws InvalidParameterValueException{ + Long loadBalancerId = cmd.getId(); + Long userId = UserContext.current().getUserId(); + Account account = (Account)UserContext.current().getAccountObject(); + + ///verify input parameters + LoadBalancerVO loadBalancer = _loadBalancerDao.findById(loadBalancerId); + if (loadBalancer == null) { + throw new InvalidParameterValueException ("Unable to find load balancer rule with id " + loadBalancerId); + } + + if (account != null) { + if (!isAdmin(account.getType())) { + if (loadBalancer.getAccountId() != account.getId().longValue()) { + throw new ServerApiException(BaseCmd.PARAM_ERROR, "Account " + account.getAccountName() + " does not own load balancer rule " + loadBalancer.getName() + " (id:" + loadBalancerId + ")"); + } + } else if (!_domainDao.isChildDomain(account.getDomainId(), loadBalancer.getDomainId())) { + throw new ServerApiException(BaseCmd.PARAM_ERROR, "Unable to delete load balancer rule " + loadBalancer.getName() + " (id:" + loadBalancerId + "), permission denied."); + } + } + + if (userId == null) { + userId = Long.valueOf(1); + } + + Transaction txn = Transaction.currentTxn(); + LoadBalancerVO loadBalancerLock = null; + try { + + IPAddressVO ipAddress = _ipAddressDao.findById(loadBalancer.getIpAddress()); + if (ipAddress == null) { + return false; + } + + DomainRouterVO router = _routerDao.findBy(ipAddress.getAccountId(), ipAddress.getDataCenterId()); + List fwRules = _firewallRulesDao.listByLoadBalancerId(loadBalancerId); + + txn.start(); + + if ((fwRules != null) && !fwRules.isEmpty()) { + for (FirewallRuleVO fwRule : fwRules) { + fwRule.setEnabled(false); + _firewallRulesDao.update(fwRule.getId(), fwRule); + } + + List allLbRules = new ArrayList(); + List ipAddrs = listPublicIpAddressesInVirtualNetwork(loadBalancer.getAccountId(), ipAddress.getDataCenterId(), null); + for (IPAddressVO ipv : ipAddrs) { + List rules = _firewallRulesDao.listIPForwarding(ipv.getAddress(), false); + allLbRules.addAll(rules); + } + + updateFirewallRules(loadBalancer.getIpAddress(), allLbRules, router); + + // firewall rules are updated, lock the load balancer as the mappings are updated + loadBalancerLock = _loadBalancerDao.acquire(loadBalancerId); + if (loadBalancerLock == null) { + s_logger.warn("deleteLoadBalancer: failed to lock load balancer " + loadBalancerId + ", deleting mappings anyway..."); + } + + // remove all loadBalancer->VM mappings + _loadBalancerVMMapDao.remove(loadBalancerId); + + // Save and create the event + String description; + String type = EventTypes.EVENT_NET_RULE_DELETE; + String ruleName = "load balancer"; + String level = EventVO.LEVEL_INFO; + Account accountOwner = _accountDao.findById(loadBalancer.getAccountId()); + + for (FirewallRuleVO updatedRule : fwRules) { + _firewallRulesDao.remove(updatedRule.getId()); + + description = "deleted " + ruleName + " rule [" + updatedRule.getPublicIpAddress() + ":" + updatedRule.getPublicPort() + "]->[" + + updatedRule.getPrivateIpAddress() + ":" + updatedRule.getPrivatePort() + "]" + " " + updatedRule.getProtocol(); + + EventUtils.saveEvent(userId, accountOwner.getId(), level, type, description); + } + } + + txn.commit(); + } catch (Exception ex) { + txn.rollback(); + s_logger.error("Unexpected exception deleting load balancer " + loadBalancerId, ex); + return false; + } finally { + if (loadBalancerLock != null) { + _loadBalancerDao.release(loadBalancerId); + } + } + + boolean success = _loadBalancerDao.remove(loadBalancerId); + + // save off an event for removing the security group + EventVO event = new EventVO(); + event.setUserId(userId); + event.setAccountId(loadBalancer.getAccountId()); + event.setType(EventTypes.EVENT_LOAD_BALANCER_DELETE); + if (success) { + event.setLevel(EventVO.LEVEL_INFO); + String params = "id="+loadBalancer.getId(); + event.setParameters(params); + event.setDescription("Successfully deleted load balancer " + loadBalancer.getName() + " (id:" + loadBalancer.getId() + ")"); + } else { + event.setLevel(EventVO.LEVEL_ERROR); + event.setDescription("Failed to delete load balancer " + loadBalancer.getName() + " (id:" + loadBalancer.getId() + ")"); + } + _eventDao.persist(event); + return success; + } + + + @Override @DB + public LoadBalancerVO updateLoadBalancerRule(UpdateLoadBalancerRuleCmd cmd) throws InvalidParameterValueException{ + Long loadBalancerId = cmd.getId(); + String privatePort = cmd.getPrivatePort(); + String algorithm = cmd.getAlgorithm(); + String name = cmd.getName(); + String description = cmd.getDescription(); + Long userId = UserContext.current().getUserId(); + Account account = (Account)UserContext.current().getAccountObject(); + + //Verify input parameters + LoadBalancerVO loadBalancer = _loadBalancerDao.findById(loadBalancerId); + if (loadBalancer == null) { + throw new InvalidParameterValueException("Unable to find load balancer rule " + loadBalancerId + " for update."); + } + + // make sure the name's not already in use + if (name != null) { + LoadBalancerVO existingLB = _loadBalancerDao.findByAccountAndName(loadBalancer.getAccountId(), name); + if ((existingLB != null) && (existingLB.getId().longValue() != loadBalancer.getId().longValue())) { + throw new InvalidParameterValueException("Unable to update load balancer " + loadBalancer.getName() + " with new name " + name + ", the name is already in use."); + } + } + + Account lbOwner = _accountDao.findById(loadBalancer.getId()); + if (lbOwner == null) { + throw new InvalidParameterValueException("Unable to update load balancer rule, cannot find owning account"); + } + + Long accountId = lbOwner.getId(); + if (account != null) { + if (!isAdmin(account.getType())) { + if (account.getId().longValue() != accountId.longValue()) { + throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Unable to update load balancer rule, permission denied"); + } + } else if (!_domainDao.isChildDomain(account.getDomainId(), lbOwner.getDomainId())) { + throw new ServerApiException(BaseCmd.ACCOUNT_ERROR, "Unable to update load balancer rule, permission denied."); + } + } + + String updatedPrivatePort = ((privatePort == null) ? loadBalancer.getPrivatePort() : privatePort); + String updatedAlgorithm = ((algorithm == null) ? loadBalancer.getAlgorithm() : algorithm); + String updatedName = ((name == null) ? loadBalancer.getName() : name); + String updatedDescription = ((description == null) ? loadBalancer.getDescription() : description); + + Transaction txn = Transaction.currentTxn(); + try { + txn.start(); + loadBalancer.setPrivatePort(updatedPrivatePort); + loadBalancer.setAlgorithm(updatedAlgorithm); + loadBalancer.setName(updatedName); + loadBalancer.setDescription(updatedDescription); + _loadBalancerDao.update(loadBalancer.getId(), loadBalancer); + + List fwRules = _firewallRulesDao.listByLoadBalancerId(loadBalancer.getId()); + if ((fwRules != null) && !fwRules.isEmpty()) { + for (FirewallRuleVO fwRule : fwRules) { + fwRule.setPrivatePort(updatedPrivatePort); + fwRule.setAlgorithm(updatedAlgorithm); + _firewallRulesDao.update(fwRule.getId(), fwRule); + } + } + txn.commit(); + } catch (RuntimeException ex) { + s_logger.warn("Unhandled exception trying to update load balancer rule", ex); + txn.rollback(); + throw ex; + } finally { + txn.close(); + } + + // now that the load balancer has been updated, reconfigure the HA Proxy on the router with all the LB rules + List allLbRules = new ArrayList(); + IPAddressVO ipAddress = _ipAddressDao.findById(loadBalancer.getIpAddress()); + List ipAddrs = listPublicIpAddressesInVirtualNetwork(loadBalancer.getAccountId(), ipAddress.getDataCenterId(), null); + for (IPAddressVO ipv : ipAddrs) { + List rules = _firewallRulesDao.listIPForwarding(ipv.getAddress(), false); + allLbRules.addAll(rules); + } + + IPAddressVO ip = _ipAddressDao.findById(loadBalancer.getIpAddress()); + DomainRouterVO router = _routerDao.findBy(ip.getAccountId(), ip.getDataCenterId()); + updateFirewallRules(loadBalancer.getIpAddress(), allLbRules, router); + return _loadBalancerDao.findById(loadBalancer.getId()); + } + public static boolean isAdmin(short accountType) { return ((accountType == Account.ACCOUNT_TYPE_ADMIN) || (accountType == Account.ACCOUNT_TYPE_DOMAIN_ADMIN) || diff --git a/server/src/com/cloud/server/ManagementServer.java b/server/src/com/cloud/server/ManagementServer.java index 0861526e242..21f0b177200 100644 --- a/server/src/com/cloud/server/ManagementServer.java +++ b/server/src/com/cloud/server/ManagementServer.java @@ -1766,8 +1766,8 @@ public interface ManagementServer { */ List searchForLoadBalancers(ListLoadBalancerRulesCmd cmd) throws InvalidParameterValueException, PermissionDeniedException; - boolean deleteLoadBalancer(long userId, long loadBalancerId); - long deleteLoadBalancerAsync(long userId, long loadBalancerId); +// boolean deleteLoadBalancer(long userId, long loadBalancerId); +// long deleteLoadBalancerAsync(long userId, long loadBalancerId); /** * Update a load balancer rule from the existing private port to a new private port. The load balancer is found by publicIp, public port, and algorithm. @@ -1778,7 +1778,7 @@ public interface ManagementServer { * @param algorithm the target algorithm of the load balancer rule (the rule will be updated from the existing algorithm to this algorithm) * @return the updated load balancer rule */ - LoadBalancerVO updateLoadBalancerRule(long userId, LoadBalancerVO loadBalancer, String privatePort, String algorithm); +// LoadBalancerVO updateLoadBalancerRule(long userId, LoadBalancerVO loadBalancer, String privatePort, String algorithm); /** * Update the name and/or description of a load balancer rule @@ -1787,7 +1787,7 @@ public interface ManagementServer { * @param description the new description, null if not changing the description * @return the updated load balancer rule */ - LoadBalancerVO updateLoadBalancerRule(LoadBalancerVO loadBalancer, String name, String description) throws InvalidParameterValueException; +// LoadBalancerVO updateLoadBalancerRule(LoadBalancerVO loadBalancer, String name, String description) throws InvalidParameterValueException; /** * Update the name, description, private port, and/or algorithm of a load balancer rule diff --git a/server/src/com/cloud/server/ManagementServerImpl.java b/server/src/com/cloud/server/ManagementServerImpl.java index 3e306a6c757..354695cd4a3 100755 --- a/server/src/com/cloud/server/ManagementServerImpl.java +++ b/server/src/com/cloud/server/ManagementServerImpl.java @@ -5033,87 +5033,87 @@ public class ManagementServerImpl implements ManagementServer { return _asyncMgr.submitAsyncJob(job); } - @Override @DB - public LoadBalancerVO updateLoadBalancerRule(long userId, LoadBalancerVO loadBalancer, String privatePort, String algorithm) { - String updatedPrivatePort = ((privatePort == null) ? loadBalancer.getPrivatePort() : privatePort); - String updatedAlgorithm = ((algorithm == null) ? loadBalancer.getAlgorithm() : algorithm); +// @Override @DB +// public LoadBalancerVO updateLoadBalancerRule(long userId, LoadBalancerVO loadBalancer, String privatePort, String algorithm) { +// String updatedPrivatePort = ((privatePort == null) ? loadBalancer.getPrivatePort() : privatePort); +// String updatedAlgorithm = ((algorithm == null) ? loadBalancer.getAlgorithm() : algorithm); +// +// Transaction txn = Transaction.currentTxn(); +// try { +// txn.start(); +// loadBalancer.setPrivatePort(updatedPrivatePort); +// loadBalancer.setAlgorithm(updatedAlgorithm); +// _loadBalancerDao.update(loadBalancer.getId(), loadBalancer); +// +// List fwRules = _firewallRulesDao.listByLoadBalancerId(loadBalancer.getId()); +// if ((fwRules != null) && !fwRules.isEmpty()) { +// for (FirewallRuleVO fwRule : fwRules) { +// fwRule.setPrivatePort(updatedPrivatePort); +// fwRule.setAlgorithm(updatedAlgorithm); +// _firewallRulesDao.update(fwRule.getId(), fwRule); +// } +// } +// txn.commit(); +// } catch (RuntimeException ex) { +// s_logger.warn("Unhandled exception trying to update load balancer rule", ex); +// txn.rollback(); +// throw ex; +// } finally { +// txn.close(); +// } +// +// // now that the load balancer has been updated, reconfigure the HA Proxy on the router with all the LB rules +// List allLbRules = new ArrayList(); +// IPAddressVO ipAddress = _publicIpAddressDao.findById(loadBalancer.getIpAddress()); +// List ipAddrs = _networkMgr.listPublicIpAddressesInVirtualNetwork(loadBalancer.getAccountId(), ipAddress.getDataCenterId(), null); +// for (IPAddressVO ipv : ipAddrs) { +// List rules = _firewallRulesDao.listIPForwarding(ipv.getAddress(), false); +// allLbRules.addAll(rules); +// } +// +// IPAddressVO ip = _publicIpAddressDao.findById(loadBalancer.getIpAddress()); +// DomainRouterVO router = _routerDao.findBy(ip.getAccountId(), ip.getDataCenterId()); +// _networkMgr.updateFirewallRules(loadBalancer.getIpAddress(), allLbRules, router); +// return _loadBalancerDao.findById(loadBalancer.getId()); +// } - Transaction txn = Transaction.currentTxn(); - try { - txn.start(); - loadBalancer.setPrivatePort(updatedPrivatePort); - loadBalancer.setAlgorithm(updatedAlgorithm); - _loadBalancerDao.update(loadBalancer.getId(), loadBalancer); +// @Override +// public LoadBalancerVO updateLoadBalancerRule(LoadBalancerVO loadBalancer, String name, String description) throws InvalidParameterValueException { +// if ((name == null) && (description == null)) { +// return loadBalancer; // nothing to do +// } +// +// LoadBalancerVO lbForUpdate = _loadBalancerDao.createForUpdate(); +// // make sure the name's not already in use +// if (name != null) { +// LoadBalancerVO existingLB = _loadBalancerDao.findByAccountAndName(loadBalancer.getAccountId(), name); +// if ((existingLB != null) && (existingLB.getId().longValue() != loadBalancer.getId().longValue())) { +// throw new InvalidParameterValueException("Unable to update load balancer " + loadBalancer.getName() + " with new name " + name + ", the name is already in use."); +// } +// lbForUpdate.setName(name); +// } +// +// if (description != null) { +// lbForUpdate.setDescription(description); +// } +// _loadBalancerDao.update(loadBalancer.getId(), lbForUpdate); +// return _loadBalancerDao.findById(loadBalancer.getId()); +// } - List fwRules = _firewallRulesDao.listByLoadBalancerId(loadBalancer.getId()); - if ((fwRules != null) && !fwRules.isEmpty()) { - for (FirewallRuleVO fwRule : fwRules) { - fwRule.setPrivatePort(updatedPrivatePort); - fwRule.setAlgorithm(updatedAlgorithm); - _firewallRulesDao.update(fwRule.getId(), fwRule); - } - } - txn.commit(); - } catch (RuntimeException ex) { - s_logger.warn("Unhandled exception trying to update load balancer rule", ex); - txn.rollback(); - throw ex; - } finally { - txn.close(); - } - - // now that the load balancer has been updated, reconfigure the HA Proxy on the router with all the LB rules - List allLbRules = new ArrayList(); - IPAddressVO ipAddress = _publicIpAddressDao.findById(loadBalancer.getIpAddress()); - List ipAddrs = _networkMgr.listPublicIpAddressesInVirtualNetwork(loadBalancer.getAccountId(), ipAddress.getDataCenterId(), null); - for (IPAddressVO ipv : ipAddrs) { - List rules = _firewallRulesDao.listIPForwarding(ipv.getAddress(), false); - allLbRules.addAll(rules); - } - - IPAddressVO ip = _publicIpAddressDao.findById(loadBalancer.getIpAddress()); - DomainRouterVO router = _routerDao.findBy(ip.getAccountId(), ip.getDataCenterId()); - _networkMgr.updateFirewallRules(loadBalancer.getIpAddress(), allLbRules, router); - return _loadBalancerDao.findById(loadBalancer.getId()); - } - - @Override - public LoadBalancerVO updateLoadBalancerRule(LoadBalancerVO loadBalancer, String name, String description) throws InvalidParameterValueException { - if ((name == null) && (description == null)) { - return loadBalancer; // nothing to do - } - - LoadBalancerVO lbForUpdate = _loadBalancerDao.createForUpdate(); - // make sure the name's not already in use - if (name != null) { - LoadBalancerVO existingLB = _loadBalancerDao.findByAccountAndName(loadBalancer.getAccountId(), name); - if ((existingLB != null) && (existingLB.getId().longValue() != loadBalancer.getId().longValue())) { - throw new InvalidParameterValueException("Unable to update load balancer " + loadBalancer.getName() + " with new name " + name + ", the name is already in use."); - } - lbForUpdate.setName(name); - } - - if (description != null) { - lbForUpdate.setDescription(description); - } - _loadBalancerDao.update(loadBalancer.getId(), lbForUpdate); - return _loadBalancerDao.findById(loadBalancer.getId()); - } - - @Override - public long updateLoadBalancerRuleAsync(long userId, long accountId, long loadBalancerId, String name, String description, String privatePort, String algorithm) { - UpdateLoadBalancerParam param = new UpdateLoadBalancerParam(userId, loadBalancerId, name, description, privatePort, algorithm); - Gson gson = GsonHelper.getBuilder().create(); - - AsyncJobVO job = new AsyncJobVO(); - job.setUserId(UserContext.current().getUserId()); - job.setAccountId(accountId); - job.setCmd("UpdateLoadBalancerRule"); - job.setCmdInfo(gson.toJson(param)); - job.setCmdOriginator("loadbalancer"); - - return _asyncMgr.submitAsyncJob(job); - } +// @Override +// public long updateLoadBalancerRuleAsync(long userId, long accountId, long loadBalancerId, String name, String description, String privatePort, String algorithm) { +// UpdateLoadBalancerParam param = new UpdateLoadBalancerParam(userId, loadBalancerId, name, description, privatePort, algorithm); +// Gson gson = GsonHelper.getBuilder().create(); +// +// AsyncJobVO job = new AsyncJobVO(); +// job.setUserId(UserContext.current().getUserId()); +// job.setAccountId(accountId); +// job.setCmd("UpdateLoadBalancerRule"); +// job.setCmdInfo(gson.toJson(param)); +// job.setCmdOriginator("loadbalancer"); +// +// return _asyncMgr.submitAsyncJob(job); +// } @Override public FirewallRuleVO findForwardingRuleById(Long ruleId) { @@ -7460,115 +7460,115 @@ public class ManagementServerImpl implements ManagementServer { // return _asyncMgr.submitAsyncJob(job, true); // } - @Override @DB - public boolean deleteLoadBalancer(long userId, long loadBalancerId) { - Transaction txn = Transaction.currentTxn(); - LoadBalancerVO loadBalancer = null; - LoadBalancerVO loadBalancerLock = null; - try { - loadBalancer = _loadBalancerDao.findById(loadBalancerId); - if (loadBalancer == null) { - return false; - } - - IPAddressVO ipAddress = _publicIpAddressDao.findById(loadBalancer.getIpAddress()); - if (ipAddress == null) { - return false; - } - - DomainRouterVO router = _routerDao.findBy(ipAddress.getAccountId(), ipAddress.getDataCenterId()); - List fwRules = _firewallRulesDao.listByLoadBalancerId(loadBalancerId); - - txn.start(); - - if ((fwRules != null) && !fwRules.isEmpty()) { - for (FirewallRuleVO fwRule : fwRules) { - fwRule.setEnabled(false); - _firewallRulesDao.update(fwRule.getId(), fwRule); - } - - List allLbRules = new ArrayList(); - List ipAddrs = _networkMgr.listPublicIpAddressesInVirtualNetwork(loadBalancer.getAccountId(), ipAddress.getDataCenterId(), null); - for (IPAddressVO ipv : ipAddrs) { - List rules = _firewallRulesDao.listIPForwarding(ipv.getAddress(), false); - allLbRules.addAll(rules); - } - - _networkMgr.updateFirewallRules(loadBalancer.getIpAddress(), allLbRules, router); - - // firewall rules are updated, lock the load balancer as the mappings are updated - loadBalancerLock = _loadBalancerDao.acquire(loadBalancerId); - if (loadBalancerLock == null) { - s_logger.warn("deleteLoadBalancer: failed to lock load balancer " + loadBalancerId + ", deleting mappings anyway..."); - } - - // remove all loadBalancer->VM mappings - _loadBalancerVMMapDao.remove(loadBalancerId); - - // Save and create the event - String description; - String type = EventTypes.EVENT_NET_RULE_DELETE; - String ruleName = "load balancer"; - String level = EventVO.LEVEL_INFO; - Account account = _accountDao.findById(loadBalancer.getAccountId()); - - for (FirewallRuleVO updatedRule : fwRules) { - _firewallRulesDao.remove(updatedRule.getId()); - - description = "deleted " + ruleName + " rule [" + updatedRule.getPublicIpAddress() + ":" + updatedRule.getPublicPort() + "]->[" - + updatedRule.getPrivateIpAddress() + ":" + updatedRule.getPrivatePort() + "]" + " " + updatedRule.getProtocol(); - - EventUtils.saveEvent(userId, account.getId(), level, type, description); - } - } - - txn.commit(); - } catch (Exception ex) { - txn.rollback(); - s_logger.error("Unexpected exception deleting load balancer " + loadBalancerId, ex); - return false; - } finally { - if (loadBalancerLock != null) { - _loadBalancerDao.release(loadBalancerId); - } - } - - boolean success = _loadBalancerDao.remove(loadBalancerId); - - // save off an event for removing the security group - EventVO event = new EventVO(); - event.setUserId(userId); - event.setAccountId(loadBalancer.getAccountId()); - event.setType(EventTypes.EVENT_LOAD_BALANCER_DELETE); - if (success) { - event.setLevel(EventVO.LEVEL_INFO); - String params = "id="+loadBalancer.getId(); - event.setParameters(params); - event.setDescription("Successfully deleted load balancer " + loadBalancer.getName() + " (id:" + loadBalancer.getId() + ")"); - } else { - event.setLevel(EventVO.LEVEL_ERROR); - event.setDescription("Failed to delete load balancer " + loadBalancer.getName() + " (id:" + loadBalancer.getId() + ")"); - } - _eventDao.persist(event); - return success; - } - - @Override - public long deleteLoadBalancerAsync(long userId, long loadBalancerId) { - LoadBalancerVO loadBalancer = _loadBalancerDao.findById(loadBalancerId); - IPAddressVO ipAddress = _publicIpAddressDao.findById(loadBalancer.getIpAddress()); - DomainRouterVO router = _routerDao.findBy(loadBalancer.getAccountId(), ipAddress.getDataCenterId()); - LoadBalancerParam param = new LoadBalancerParam(userId, router.getId(), loadBalancerId, null); - Gson gson = GsonHelper.getBuilder().create(); - - AsyncJobVO job = new AsyncJobVO(); - job.setUserId(UserContext.current().getUserId()); - job.setAccountId(loadBalancer.getAccountId()); - job.setCmd("DeleteLoadBalancer"); - job.setCmdInfo(gson.toJson(param)); - - return _asyncMgr.submitAsyncJob(job, true); - } +// @Override @DB +// public boolean deleteLoadBalancer(long userId, long loadBalancerId) { +// Transaction txn = Transaction.currentTxn(); +// LoadBalancerVO loadBalancer = null; +// LoadBalancerVO loadBalancerLock = null; +// try { +// loadBalancer = _loadBalancerDao.findById(loadBalancerId); +// if (loadBalancer == null) { +// return false; +// } +// +// IPAddressVO ipAddress = _publicIpAddressDao.findById(loadBalancer.getIpAddress()); +// if (ipAddress == null) { +// return false; +// } +// +// DomainRouterVO router = _routerDao.findBy(ipAddress.getAccountId(), ipAddress.getDataCenterId()); +// List fwRules = _firewallRulesDao.listByLoadBalancerId(loadBalancerId); +// +// txn.start(); +// +// if ((fwRules != null) && !fwRules.isEmpty()) { +// for (FirewallRuleVO fwRule : fwRules) { +// fwRule.setEnabled(false); +// _firewallRulesDao.update(fwRule.getId(), fwRule); +// } +// +// List allLbRules = new ArrayList(); +// List ipAddrs = _networkMgr.listPublicIpAddressesInVirtualNetwork(loadBalancer.getAccountId(), ipAddress.getDataCenterId(), null); +// for (IPAddressVO ipv : ipAddrs) { +// List rules = _firewallRulesDao.listIPForwarding(ipv.getAddress(), false); +// allLbRules.addAll(rules); +// } +// +// _networkMgr.updateFirewallRules(loadBalancer.getIpAddress(), allLbRules, router); +// +// // firewall rules are updated, lock the load balancer as the mappings are updated +// loadBalancerLock = _loadBalancerDao.acquire(loadBalancerId); +// if (loadBalancerLock == null) { +// s_logger.warn("deleteLoadBalancer: failed to lock load balancer " + loadBalancerId + ", deleting mappings anyway..."); +// } +// +// // remove all loadBalancer->VM mappings +// _loadBalancerVMMapDao.remove(loadBalancerId); +// +// // Save and create the event +// String description; +// String type = EventTypes.EVENT_NET_RULE_DELETE; +// String ruleName = "load balancer"; +// String level = EventVO.LEVEL_INFO; +// Account account = _accountDao.findById(loadBalancer.getAccountId()); +// +// for (FirewallRuleVO updatedRule : fwRules) { +// _firewallRulesDao.remove(updatedRule.getId()); +// +// description = "deleted " + ruleName + " rule [" + updatedRule.getPublicIpAddress() + ":" + updatedRule.getPublicPort() + "]->[" +// + updatedRule.getPrivateIpAddress() + ":" + updatedRule.getPrivatePort() + "]" + " " + updatedRule.getProtocol(); +// +// EventUtils.saveEvent(userId, account.getId(), level, type, description); +// } +// } +// +// txn.commit(); +// } catch (Exception ex) { +// txn.rollback(); +// s_logger.error("Unexpected exception deleting load balancer " + loadBalancerId, ex); +// return false; +// } finally { +// if (loadBalancerLock != null) { +// _loadBalancerDao.release(loadBalancerId); +// } +// } +// +// boolean success = _loadBalancerDao.remove(loadBalancerId); +// +// // save off an event for removing the security group +// EventVO event = new EventVO(); +// event.setUserId(userId); +// event.setAccountId(loadBalancer.getAccountId()); +// event.setType(EventTypes.EVENT_LOAD_BALANCER_DELETE); +// if (success) { +// event.setLevel(EventVO.LEVEL_INFO); +// String params = "id="+loadBalancer.getId(); +// event.setParameters(params); +// event.setDescription("Successfully deleted load balancer " + loadBalancer.getName() + " (id:" + loadBalancer.getId() + ")"); +// } else { +// event.setLevel(EventVO.LEVEL_ERROR); +// event.setDescription("Failed to delete load balancer " + loadBalancer.getName() + " (id:" + loadBalancer.getId() + ")"); +// } +// _eventDao.persist(event); +// return success; +// } +// +// @Override +// public long deleteLoadBalancerAsync(long userId, long loadBalancerId) { +// LoadBalancerVO loadBalancer = _loadBalancerDao.findById(loadBalancerId); +// IPAddressVO ipAddress = _publicIpAddressDao.findById(loadBalancer.getIpAddress()); +// DomainRouterVO router = _routerDao.findBy(loadBalancer.getAccountId(), ipAddress.getDataCenterId()); +// LoadBalancerParam param = new LoadBalancerParam(userId, router.getId(), loadBalancerId, null); +// Gson gson = GsonHelper.getBuilder().create(); +// +// AsyncJobVO job = new AsyncJobVO(); +// job.setUserId(UserContext.current().getUserId()); +// job.setAccountId(loadBalancer.getAccountId()); +// job.setCmd("DeleteLoadBalancer"); +// job.setCmdInfo(gson.toJson(param)); +// +// return _asyncMgr.submitAsyncJob(job, true); +// } @Override public List listLoadBalancerInstances(ListLoadBalancerRuleInstancesCmd cmd) throws PermissionDeniedException {