etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

VPC: CS-15638: Plug nic for the public ip address if the ip address from the diff vlan range than sourceNat ip 

Conflicts:

	server/src/com/cloud/network/NetworkManagerImpl.java
	server/src/com/cloud/network/firewall/FirewallManagerImpl.java
	server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
	server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java
	server/src/com/cloud/network/rules/RulesManagerImpl.java
	server/src/com/cloud/network/vpc/VpcManagerImpl.java
	server/test/com/cloud/network/MockNetworkManagerImpl.java
This commit is contained in:
Alena Prokharchyk 2012-07-20 13:24:25 -07:00
parent 8712812ca7
commit 5a64d4fbb1
16 changed files with 238 additions and 239 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
server/src/com/cloud/network/NetworkManager.java
View File

@ -410,8 +410,9 @@ public interface NetworkManager extends NetworkService {
/**
* @param ipId
* @param networkId TODO
*/
void unassignIPFromVpcNetwork(long ipId);
void unassignIPFromVpcNetwork(long ipId, long networkId);
/**
@ -472,4 +473,11 @@ public interface NetworkManager extends NetworkService {
InsufficientAddressCapacityException, ConcurrentOperationException, InsufficientCapacityException, ResourceUnavailableException;
/**
* @param ip
* @return
*/
boolean ipUsedInVpc(IpAddress ip);
}

67
server/src/com/cloud/network/NetworkManagerImpl.java
View File

@ -2413,21 +2413,22 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
}
boolean success = disassociatePublicIpAddress(ipAddressId, userId, caller);
Long networkId = ipVO.getAssociatedWithNetworkId();
if (success && networkId != null) {
Network guestNetwork = getNetwork(networkId);
NetworkOffering offering = _configMgr.getNetworkOffering(guestNetwork.getNetworkOfferingId());
Long vmId = ipVO.getAssociatedWithVmId();
if (offering.getElasticIp() && vmId != null) {
_rulesMgr.getSystemIpAndEnableStaticNatForVm(_userVmDao.findById(vmId), true);
return true;
if (success) {
Long networkId = ipVO.getAssociatedWithNetworkId();
if (networkId != null) {
Network guestNetwork = getNetwork(networkId);
NetworkOffering offering = _configMgr.getNetworkOffering(guestNetwork.getNetworkOfferingId());
Long vmId = ipVO.getAssociatedWithVmId();
if (offering.getElasticIp() && vmId != null) {
_rulesMgr.getSystemIpAndEnableStaticNatForVm(_userVmDao.findById(vmId), true);
return true;
}
}
return true;
} else {
s_logger.warn("Failed to release public ip address id=" + ipAddressId);
return false;
}
return success;
}
@Deprecated
@ -6062,7 +6063,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
IPAddressVO ip = markIpAsUnavailable(ipToRelease.getId());
assert (ip != null) : "Unable to mark the ip address id=" + ipToRelease.getId() + " as unavailable.";
} else {
unassignIPFromVpcNetwork(ipToRelease.getId());
unassignIPFromVpcNetwork(ipToRelease.getId(), network.getId());
}
}
@ -7252,17 +7253,44 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
@Override
public void unassignIPFromVpcNetwork(long ipId) {
public void unassignIPFromVpcNetwork(long ipId, long networkId) {
IPAddressVO ip = _ipAddressDao.findById(ipId);
Long vpcId = ip.getVpcId();
if (vpcId == null) {
if (ipUsedInVpc(ip)) {
return;
}
ip.setAssociatedWithNetworkId(null);
_ipAddressDao.update(ipId, ip);
s_logger.debug("IP address " + ip + " is no longer associated with the network inside vpc id=" + vpcId);
if (ip == null || ip.getVpcId() == null) {
return;
}
s_logger.debug("Releasing VPC ip address " + ip + " from vpc network id=" + networkId);
long vpcId = ip.getVpcId();
boolean success = false;
try {
//unassign ip from the VPC router
success = applyIpAssociations(getNetwork(networkId), true);
} catch (ResourceUnavailableException ex) {
throw new CloudRuntimeException("Failed to apply ip associations for network id=" + networkId +
" as a part of unassigning ip " + ipId + " from vpc", ex);
}
if (success) {
ip.setAssociatedWithNetworkId(null);
_ipAddressDao.update(ipId, ip);
s_logger.debug("IP address " + ip + " is no longer associated with the network inside vpc id=" + vpcId);
} else {
throw new CloudRuntimeException("Failed to apply ip associations for network id=" + networkId +
" as a part of unassigning ip " + ipId + " from vpc");
}
s_logger.debug("Successfully released VPC ip address " + ip + " back to VPC pool ");
}
@Override
public boolean ipUsedInVpc(IpAddress ip) {
return (ip != null && ip.getVpcId() != null &&
(ip.isOneToOneNat() || !_firewallDao.listByIp(ip.getId()).isEmpty()));
}
@Override @DB
@ -7435,4 +7463,5 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
}
return nic;
}
}

2
server/src/com/cloud/network/element/VirtualRouterElement.java
View File

@ -432,7 +432,7 @@ public class VirtualRouterElement extends AdapterBase implements VirtualRouterEl
return true;
}
return _routerMgr.associateIP(network, ipAddress, routers);
return _routerMgr.associatePublicIP(network, ipAddress, routers);
} else {
return false;
}

2
server/src/com/cloud/network/element/VpcVirtualRouterElement.java
View File

@ -388,7 +388,7 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc
return true;
}
return _vpcRouterMgr.associateIP(network, ipAddress, routers);
return _vpcRouterMgr.associatePublicIP(network, ipAddress, routers);
} else {
return false;
}

11
server/src/com/cloud/network/firewall/FirewallManagerImpl.java
View File

@ -449,22 +449,15 @@ public class FirewallManagerImpl implements FirewallService, FirewallManager, Ma
return success;
}
@DB
@Override
public void removeRule(FirewallRule rule) {
Transaction txn = Transaction.currentTxn();
txn.start();
//remove the rule
_firewallDao.remove(rule.getId());
//if the rule is the last one for the ip address assigned to VPC, unassign it from the network
IpAddress ip = _ipAddressDao.findById(rule.getSourceIpAddressId());
if (ip != null && ip.getVpcId() != null && _firewallDao.listByIp(ip.getId()).isEmpty()) {
_networkMgr.unassignIPFromVpcNetwork(ip.getId());
}
txn.commit();
_networkMgr.unassignIPFromVpcNetwork(ip.getId(), rule.getNetworkId());
}
@Override

19
server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
View File

@ -780,12 +780,9 @@ public class LoadBalancingRulesManagerImpl<Type> implements LoadBalancingRulesMa
}
// release ip address if ipassoc was perfored
if (performedIpAssoc) {
//if the rule is the last one for the ip address assigned to VPC, unassign it from the network
ipVO = _ipAddressDao.findById(ipVO.getId());
if (ipVO != null && ipVO.getVpcId() != null && _firewallDao.listByIp(ipVO.getId()).isEmpty()) {
s_logger.debug("Releasing VPC ip address " + ipVO + " as LB rule failed to create");
_networkMgr.unassignIPFromVpcNetwork(ipVO.getId());
}
_networkMgr.unassignIPFromVpcNetwork(ipVO.getId(), lb.getNetworkId());
}
}
}
@ -1348,17 +1345,13 @@ public class LoadBalancingRulesManagerImpl<Type> implements LoadBalancingRulesMa
return _lbDao.findById(lbId);
}
@DB
protected void removeLBRule(LoadBalancerVO rule) {
Transaction txn = Transaction.currentTxn();
txn.start();
//remove the rule
_lbDao.remove(rule.getId());
//if the rule is the last one for the ip address assigned to VPC, unassign it from the network
IpAddress ip = _ipAddressDao.findById(rule.getSourceIpAddressId());
if (ip != null && ip.getVpcId() != null && _firewallDao.listByIp(ip.getId()).isEmpty()) {
_networkMgr.unassignIPFromVpcNetwork(ip.getId());
}
txn.commit();
_networkMgr.unassignIPFromVpcNetwork(ip.getId(), rule.getNetworkId());
}
}

2
server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java
View File

@ -73,7 +73,7 @@ public interface VirtualNetworkApplianceManager extends Manager, VirtualNetworkA
boolean deleteRemoteAccessVpn(Network network, RemoteAccessVpn vpn, List<? extends VirtualRouter> routers)
throws ResourceUnavailableException;
boolean associateIP (Network network, final List<? extends PublicIpAddress> ipAddress,
boolean associatePublicIP (Network network, final List<? extends PublicIpAddress> ipAddress,
List<? extends VirtualRouter> routers) throws ResourceUnavailableException;
boolean applyFirewallRules(Network network, final List<? extends FirewallRule> rules,

2
server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
View File

@ -2863,7 +2863,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian
}
@Override
public boolean associateIP(Network network, final List<? extends PublicIpAddress> ipAddress, List<? extends VirtualRouter> routers)
public boolean associatePublicIP(Network network, final List<? extends PublicIpAddress> ipAddress, List<? extends VirtualRouter> routers)
throws ResourceUnavailableException {
if (ipAddress == null || ipAddress.isEmpty()) {
s_logger.debug("No ip association rules to be applied for network " + network.getId());

252
server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java
View File

@ -79,7 +79,10 @@ import com.cloud.network.VirtualRouterProvider;
import com.cloud.network.VirtualRouterProvider.VirtualRouterProviderType;
import com.cloud.network.VpcVirtualNetworkApplianceService;
import com.cloud.network.addr.PublicIp;
import com.cloud.network.dao.FirewallRulesDao;
import com.cloud.network.dao.IPAddressDao;
import com.cloud.network.dao.PhysicalNetworkDao;
import com.cloud.network.dao.Site2SiteVpnGatewayDao;
import com.cloud.network.rules.FirewallRule;
import com.cloud.network.vpc.NetworkACLManager;
import com.cloud.network.vpc.PrivateGateway;
@ -133,6 +136,12 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian
VpcManager _vpcMgr;
@Inject
PrivateIpDao _privateIpDao;
@Inject
IPAddressDao _ipAddrDao;
@Inject
Site2SiteVpnGatewayDao _vpnGatewayDao;
@Inject
FirewallRulesDao _firewallDao;
@Override
public List<DomainRouterVO> deployVirtualRouterInVpc(Vpc vpc, DeployDestination dest, Account owner,
@ -281,108 +290,6 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian
return result;
}
protected boolean addPublicIpToVpc(VirtualRouter router, Network publicNetwork, PublicIp ipAddress)
throws ConcurrentOperationException,ResourceUnavailableException, InsufficientCapacityException {
if (publicNetwork.getTrafficType() != TrafficType.Public) {
s_logger.warn("Network " + publicNetwork + " is not of type " + TrafficType.Public);
return false;
}
//Add router to the Public network
boolean result = true;
try {
NicProfile defaultNic = new NicProfile();
if (ipAddress.isSourceNat()) {
defaultNic.setDefaultNic(true);
}
defaultNic.setIp4Address(ipAddress.getAddress().addr());
defaultNic.setGateway(ipAddress.getGateway());
defaultNic.setNetmask(ipAddress.getNetmask());
defaultNic.setMacAddress(ipAddress.getMacAddress());
defaultNic.setBroadcastType(BroadcastDomainType.Vlan);
defaultNic.setBroadcastUri(BroadcastDomainType.Vlan.toUri(ipAddress.getVlanTag()));
defaultNic.setIsolationUri(IsolationType.Vlan.toUri(ipAddress.getVlanTag()));
NicProfile publicNic = _itMgr.addVmToNetwork(router, publicNetwork, defaultNic);
//setup public network
if (publicNic != null) {
if (ipAddress.isSourceNat()) {
if (router.getPublicIpAddress() == null) {
DomainRouterVO routerVO = _routerDao.findById(router.getId());
routerVO.setPublicIpAddress(ipAddress.getAddress().toString());
routerVO.setPublicNetmask(ipAddress.getNetmask());
routerVO.setPublicMacAddress(ipAddress.getMacAddress());
_routerDao.update(routerVO.getId(), routerVO);
}
}
publicNic.setDefaultNic(true);
if (ipAddress != null) {
IPAddressVO ipVO = _ipAddressDao.findById(ipAddress.getId());
PublicIp publicIp = new PublicIp(ipVO, _vlanDao.findById(ipVO.getVlanId()),
NetUtils.createSequenceBasedMacAddress(ipVO.getMacAddress()));
result = associtePublicIpInVpc(publicNetwork, router, false, publicIp);
}
} else {
result = false;
s_logger.warn("Failed to add public ip " + ipAddress + " to VPC router " + router);
}
} catch (Exception ex) {
s_logger.warn("Failed to add ip address " + ipAddress + " from the public network " + publicNetwork +
" to VPC router " + router + " due to ", ex);
result = false;
}
return result;
}
protected boolean removePublicIpFromVpcRouter(VirtualRouter router, Network publicNetwork, PublicIp ipAddress)
throws ConcurrentOperationException, ResourceUnavailableException {
if (publicNetwork.getTrafficType() != TrafficType.Public) {
s_logger.warn("Network " + publicNetwork + " is not of type " + TrafficType.Public);
return false;
}
boolean result = true;
IPAddressVO ipVO = _ipAddressDao.findById(ipAddress.getId());
_networkMgr.markIpAsUnavailable(ipVO.getId());
PublicIp publicIp = new PublicIp(ipVO, _vlanDao.findById(ipVO.getVlanId()),
NetUtils.createSequenceBasedMacAddress(ipVO.getMacAddress()));
result = associtePublicIpInVpc(publicNetwork, router, false, publicIp);
if (!result) {
s_logger.warn("Failed to disassociate public ip " + ipAddress + " from router " + router);
return false;
}
URI broadcastUri = BroadcastDomainType.Vlan.toUri(ipAddress.getVlanTag());
if (_itMgr.removeVmFromNetwork(router, publicNetwork, broadcastUri)) {
s_logger.debug("Successfully removed router " + router + " from vlan " + ipAddress.getVlanTag() +" of public network " + publicNetwork);
return true;
} else {
s_logger.warn("Failed to remove router " + router + " from vlan " + ipAddress.getVlanTag() +" of public network " + publicNetwork);
return false;
}
}
protected boolean associtePublicIpInVpc(Network network, VirtualRouter router, boolean add, PublicIp ipAddress)
throws ConcurrentOperationException, ResourceUnavailableException{
List<PublicIp> publicIps = new ArrayList<PublicIp>(1);
publicIps.add(ipAddress);
Commands cmds = new Commands(OnError.Stop);
createVpcAssociatePublicIPCommands(router, publicIps, cmds);
if (sendCommandsToRouter(router, cmds)) {
s_logger.debug("Successfully applied ip association for ip " + ipAddress + " in vpc network " + network);
return true;
} else {
s_logger.warn("Failed to associate ip address " + ipAddress + " in vpc network " + network);
return false;
}
}
protected DomainRouterVO deployVpcRouter(Account owner, DeployDestination dest, DeploymentPlan plan, Map<Param, Object> params,
boolean isRedundant, VirtualRouterProvider vrProvider, long svcOffId,
@ -605,64 +512,107 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian
}
protected NicTO getNicTO(final VirtualRouter router, Long guestNetworkId) {
VirtualMachine vm = _vmDao.findById(router.getId());
NicProfile nicProfile = _networkMgr.getNicProfile(router, guestNetworkId);
return _itMgr.toNicTO(nicProfile, router.getHypervisorType());
}
@Override
public boolean associateIP(Network network, final List<? extends PublicIpAddress> ipAddress, List<? extends VirtualRouter> routers)
public boolean associatePublicIP(Network network, final List<? extends PublicIpAddress> ipAddress,
List<? extends VirtualRouter> routers)
throws ResourceUnavailableException {
if (ipAddress == null || ipAddress.isEmpty()) {
s_logger.debug("No ip association rules to be applied for network " + network.getId());
return true;
}
//1) check which nics need to be plugged and plug them
//only one router is supported in VPC now
VirtualRouter router = routers.get(0);
//1) check which nics need to be plugged/unplugged and plug/unplug them
Map<String, PublicIpAddress> nicsToPlug = new HashMap<String, PublicIpAddress>();
Map<String, PublicIpAddress> nicsToUnPlug = new HashMap<String, PublicIpAddress>();
//find out nics to unplug
for (PublicIpAddress ip : ipAddress) {
for (VirtualRouter router : routers) {
URI broadcastUri = BroadcastDomainType.Vlan.toUri(ip.getVlanTag());
Nic nic = _nicDao.findByInstanceIdNetworkIdAndBroadcastUri(network.getId(), router.getId(),
broadcastUri.toString());
long publicNtwkId = ip.getNetworkId();
//if ip is not associated to any network, and there are no firewall rules, release it on the backend
if (!_networkMgr.ipUsedInVpc(ip)) {
ip.setState(IpAddress.State.Releasing);
}
if (ip.getState() == IpAddress.State.Releasing) {
Nic nic = _nicDao.findByIp4AddressAndNetworkIdAndInstanceId(publicNtwkId, router.getId(), ip.getAddress().addr());
if (nic != null) {
//have to plug the nic(s)
NicProfile defaultNic = new NicProfile();
if (ip.isSourceNat()) {
defaultNic.setDefaultNic(true);
}
defaultNic.setIp4Address(ip.getAddress().addr());
defaultNic.setGateway(ip.getGateway());
defaultNic.setNetmask(ip.getNetmask());
defaultNic.setMacAddress(ip.getMacAddress());
defaultNic.setBroadcastType(BroadcastDomainType.Vlan);
defaultNic.setBroadcastUri(BroadcastDomainType.Vlan.toUri(ip.getVlanTag()));
defaultNic.setIsolationUri(IsolationType.Vlan.toUri(ip.getVlanTag()));
NicProfile publicNic = null;
Network publicNtwk = null;
try {
publicNtwk = _networkMgr.getNetwork(ip.getNetworkId());
publicNic = _itMgr.addVmToNetwork(router, publicNtwk, defaultNic);
} catch (ConcurrentOperationException e) {
s_logger.warn("Failed to add router " + router + " to vlan " + ip.getVlanTag() +
" in public network " + publicNtwk + " due to ", e);
} catch (InsufficientCapacityException e) {
s_logger.warn("Failed to add router " + router + " to vlan " + ip.getVlanTag() +
" in public network " + publicNtwk + " due to ", e);
} finally {
if (publicNic == null) {
s_logger.warn("Failed to add router " + router + " to vlan " + ip.getVlanTag() +
" in public network " + publicNtwk);
return false;
}
}
nicsToUnPlug.put(ip.getVlanTag(), ip);
s_logger.debug("Need to unplug the nic for ip=" + ip + "; vlan=" + ip.getVlanTag() +
" in public network id =" + publicNtwkId);
}
}
}
//2) apply the ips
return applyRules(network, routers, "vpc ip association", false, null, false, new RuleApplier() {
//find out nics to plug
for (PublicIpAddress ip : ipAddress) {
URI broadcastUri = BroadcastDomainType.Vlan.toUri(ip.getVlanTag());
long publicNtwkId = ip.getNetworkId();
//if ip is not associated to any network, and there are no firewall rules, release it on the backend
if (!_networkMgr.ipUsedInVpc(ip)) {
ip.setState(IpAddress.State.Releasing);
}
if (ip.getState() == IpAddress.State.Allocated || ip.getState() == IpAddress.State.Allocating) {
//nic has to be plugged only when there are no nics for this vlan tag exist on VR
Nic nic = _nicDao.findByInstanceIdNetworkIdAndBroadcastUri(publicNtwkId, router.getId(),
broadcastUri.toString());
if ((nic == null && nicsToPlug.get(ip.getVlanTag()) == null) || nicsToUnPlug.get(ip.getVlanTag()) != null) {
nicsToPlug.put(ip.getVlanTag(), ip);
s_logger.debug("Need to plug the nic for ip=" + ip + "; vlan=" + ip.getVlanTag() +
" in public network id =" + publicNtwkId);
}
}
}
//2) Plug the nics
for (String vlanTag : nicsToPlug.keySet()) {
PublicIpAddress ip = nicsToPlug.get(vlanTag);
//have to plug the nic(s)
NicProfile defaultNic = new NicProfile();
if (ip.isSourceNat()) {
defaultNic.setDefaultNic(true);
}
defaultNic.setIp4Address(ip.getAddress().addr());
defaultNic.setGateway(ip.getGateway());
defaultNic.setNetmask(ip.getNetmask());
defaultNic.setMacAddress(ip.getMacAddress());
defaultNic.setBroadcastType(BroadcastDomainType.Vlan);
defaultNic.setBroadcastUri(BroadcastDomainType.Vlan.toUri(ip.getVlanTag()));
defaultNic.setIsolationUri(IsolationType.Vlan.toUri(ip.getVlanTag()));
NicProfile publicNic = null;
Network publicNtwk = null;
try {
publicNtwk = _networkMgr.getNetwork(ip.getNetworkId());
publicNic = _itMgr.addVmToNetwork(router, publicNtwk, defaultNic);
} catch (ConcurrentOperationException e) {
s_logger.warn("Failed to add router " + router + " to vlan " + vlanTag +
" in public network " + publicNtwk + " due to ", e);
} catch (InsufficientCapacityException e) {
s_logger.warn("Failed to add router " + router + " to vlan " + vlanTag +
" in public network " + publicNtwk + " due to ", e);
} finally {
if (publicNic == null) {
s_logger.warn("Failed to add router " + router + " to vlan " + vlanTag +
" in public network " + publicNtwk);
return false;
}
}
}
//3) apply the ips
boolean result = applyRules(network, routers, "vpc ip association", false, null, false, new RuleApplier() {
@Override
public boolean execute(Network network, VirtualRouter router) throws ResourceUnavailableException {
Commands cmds = new Commands(OnError.Continue);
@ -670,6 +620,22 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian
return sendCommandsToRouter(router, cmds);
}
});
//4) Unplug the nics
for (String vlanTag : nicsToUnPlug.keySet()) {
Network publicNtwk = null;
try {
publicNtwk = _networkMgr.getNetwork(nicsToUnPlug.get(vlanTag).getNetworkId());
URI broadcastUri = BroadcastDomainType.Vlan.toUri(vlanTag);
_itMgr.removeVmFromNetwork(router, publicNtwk, broadcastUri);
} catch (ConcurrentOperationException e) {
s_logger.warn("Failed to remove router " + router + " from vlan " + vlanTag +
" in public network " + publicNtwk + " due to ", e);
return false;
}
}
return result;
}
@ -962,7 +928,7 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian
* @param add
* @param privateNic
* @return
* @throws ResourceUnavailableException TODO
* @throws ResourceUnavailableException
*/
protected boolean setupVpcPrivateNetwork(VirtualRouter router, boolean add, NicProfile privateNic)
throws ResourceUnavailableException {

41
server/src/com/cloud/network/rules/RulesManagerImpl.java
View File

@ -27,6 +27,7 @@ import javax.naming.ConfigurationException;
import org.apache.log4j.Logger;
import com.citrix.netscaler.nitro.resource.config.network.vlan;
import com.cloud.api.commands.ListPortForwardingRulesCmd;
import com.cloud.configuration.ConfigurationManager;
import com.cloud.domain.dao.DomainDao;
@ -289,14 +290,9 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
if (performedIpAssoc) {
//if the rule is the last one for the ip address assigned to VPC, unassign it from the network
IpAddress ip = _ipAddressDao.findById(ipAddress.getId());
if (ip != null && ip.getVpcId() != null && _firewallDao.listByIp(ip.getId()).isEmpty()) {
s_logger.debug("Releasing VPC ip address " + ip + " as PF rule failed to create");
_networkMgr.unassignIPFromVpcNetwork(ip.getId());
}
_networkMgr.unassignIPFromVpcNetwork(ip.getId(), networkId);
}
}
}
@Override
@ -376,7 +372,6 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
@Override
@DB
public boolean enableStaticNat(long ipId, long vmId, long networkId, boolean isSystemVm)
throws NetworkRuleConflictException, ResourceUnavailableException {
UserContext ctx = UserContext.current();
@ -465,20 +460,15 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
} finally {
if (!result) {
Transaction txn = Transaction.currentTxn();
txn.start();
ipAddress.setOneToOneNat(false);
ipAddress.setAssociatedWithVmId(null);
_ipAddressDao.update(ipAddress.getId(), ipAddress);
_ipAddressDao.update(ipAddress.getId(), ipAddress);
if (performedIpAssoc) {
//if the rule is the last one for the ip address assigned to VPC, unassign it from the network
IpAddress ip = _ipAddressDao.findById(ipAddress.getId());
if (ip != null && ip.getVpcId() != null && _firewallDao.listByIp(ip.getId()).isEmpty()) {
s_logger.debug("Releasing VPC ip address " + ip + " as PF rule failed to create");
_networkMgr.unassignIPFromVpcNetwork(ip.getId());
}
}
txn.commit();
_networkMgr.unassignIPFromVpcNetwork(ip.getId(), networkId);
}
}
}
return result;
@ -1178,12 +1168,12 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
@Override
@DB
public boolean disableStaticNat(long ipId, Account caller, long callerUserId, boolean releaseIpIfElastic) throws ResourceUnavailableException {
boolean success = true;
IPAddressVO ipAddress = _ipAddressDao.findById(ipId);
checkIpAndUserVm(ipAddress, null, caller);
long networkId = ipAddress.getAssociatedWithNetworkId();
if (!ipAddress.isOneToOneNat()) {
InvalidParameterValueException ex = new InvalidParameterValueException("One to one nat is not enabled for the specified ip id");
@ -1209,8 +1199,6 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
if (success) {
Transaction txn = Transaction.currentTxn();
txn.start();
boolean isIpSystem = ipAddress.getSystem();
ipAddress.setOneToOneNat(false);
ipAddress.setAssociatedWithVmId(null);
@ -1218,8 +1206,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
ipAddress.setSystem(false);
}
_ipAddressDao.update(ipAddress.getId(), ipAddress);
_networkMgr.unassignIPFromVpcNetwork(ipAddress.getId());
txn.commit();
_networkMgr.unassignIPFromVpcNetwork(ipAddress.getId(), networkId);
if (isIpSystem && releaseIpIfElastic && !_networkMgr.handleSystemIpRelease(ipAddress)) {
s_logger.warn("Failed to release system ip address " + ipAddress);
@ -1366,18 +1353,14 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
}
}
@DB
protected void removePFRule(PortForwardingRuleVO rule) {
Transaction txn = Transaction.currentTxn();
txn.start();
_portForwardingDao.remove(rule.getId());
//if the rule is the last one for the ip address assigned to VPC, unassign it from the network
IpAddress ip = _ipAddressDao.findById(rule.getSourceIpAddressId());
if (ip != null && ip.getVpcId() != null && _firewallDao.listByIp(ip.getId()).isEmpty()) {
_networkMgr.unassignIPFromVpcNetwork(ip.getId());
}
txn.commit();
_networkMgr.unassignIPFromVpcNetwork(ip.getId(), rule.getNetworkId());
}
}

1
server/src/com/cloud/network/vpc/VpcManager.java
View File

@ -22,6 +22,7 @@ import java.util.Set;
import com.cloud.exception.ConcurrentOperationException;
import com.cloud.exception.ResourceUnavailableException;
import com.cloud.network.IpAddress;
import com.cloud.network.Network.Provider;
import com.cloud.network.Network.Service;
import com.cloud.network.element.VpcProvider;

9
server/src/com/cloud/network/vpc/VpcManagerImpl.java
View File

@ -58,6 +58,7 @@ import com.cloud.network.NetworkVO;
import com.cloud.network.Networks.BroadcastDomainType;
import com.cloud.network.Networks.TrafficType;
import com.cloud.network.PhysicalNetwork;
import com.cloud.network.dao.FirewallRulesDao;
import com.cloud.network.dao.IPAddressDao;
import com.cloud.network.dao.NetworkDao;
import com.cloud.network.dao.PhysicalNetworkDao;
@ -74,6 +75,7 @@ import com.cloud.offerings.NetworkOfferingServiceMapVO;
import com.cloud.offerings.dao.NetworkOfferingServiceMapDao;
import com.cloud.org.Grouping;
import com.cloud.projects.Project.ListProjectResourcesCriteria;
import com.cloud.tags.dao.ResourceTagDao;
import com.cloud.user.Account;
import com.cloud.user.AccountManager;
import com.cloud.user.User;
@ -135,7 +137,11 @@ public class VpcManagerImpl implements VpcManager, Manager{
VpcOfferingServiceMapDao _vpcOffServiceDao;
@Inject
PhysicalNetworkDao _pNtwkDao;
@Inject
ResourceTagDao _resourceTagDao;
@Inject
FirewallRulesDao _firewallDao;
private final ScheduledExecutorService _executor = Executors.newScheduledThreadPool(1, new NamedThreadFactory("VpcChecker"));
private VpcProvider vpcElement = null;
@ -1585,4 +1591,5 @@ public class VpcManagerImpl implements VpcManager, Manager{
public VpcGateway getPrivateGatewayForVpc(long vpcId) {
return _vpcGatewayDao.getPrivateGatewayForVpc(vpcId);
}
}

2
server/src/com/cloud/vm/VirtualMachineManagerImpl.java
View File

@ -2526,7 +2526,7 @@ public class VirtualMachineManagerImpl implements VirtualMachineManager, Listene
Nic nic = null;
if (broadcastUri != null) {
nic = _nicsDao.findByInstanceIdNetworkIdAndBroadcastUri(network.getId(), vm.getId(), broadcastUri.getHost());
nic = _nicsDao.findByInstanceIdNetworkIdAndBroadcastUri(network.getId(), vm.getId(), broadcastUri.toString());
} else {
nic = _networkMgr.getNicInNetwork(vm.getId(), network.getId());
}

2
server/src/com/cloud/vm/dao/NicDao.java
View File

@ -54,4 +54,6 @@ public interface NicDao extends GenericDao<NicVO, Long> {
int countNics(long instanceId);
NicVO findByInstanceIdNetworkIdAndBroadcastUri(long networkId, long instanceId, String broadcastUri);
NicVO findByIp4AddressAndNetworkIdAndInstanceId(long networkId, long instanceId, String ip4Address);
}

10
server/src/com/cloud/vm/dao/NicDaoImpl.java
View File

@ -180,5 +180,13 @@ public class NicDaoImpl extends GenericDaoBase<NicVO, Long> implements NicDao {
sc.setParameters("broadcastUri", broadcastUri);
return findOneBy(sc);
}
@Override
public NicVO findByIp4AddressAndNetworkIdAndInstanceId(long networkId, long instanceId, String ip4Address) {
SearchCriteria<NicVO> sc = AllFieldsSearch.create();
sc.setParameters("network", networkId);
sc.setParameters("instance", instanceId);
sc.setParameters("address", ip4Address);
return findOneBy(sc);
}
}

45
server/test/com/cloud/network/MockNetworkManagerImpl.java
View File

@ -821,15 +821,6 @@ public class MockNetworkManagerImpl implements NetworkManager, Manager, NetworkS
return null;
}
/* (non-Javadoc)
* @see com.cloud.network.NetworkManager#unassignIPFromVpcNetwork(long)
*/
@Override
public void unassignIPFromVpcNetwork(long ipId) {
// TODO Auto-generated method stub
}
/* (non-Javadoc)
* @see com.cloud.network.NetworkService#allocateIP(com.cloud.user.Account, boolean, long)
*/
@ -957,15 +948,6 @@ public class MockNetworkManagerImpl implements NetworkManager, Manager, NetworkS
}
/* (non-Javadoc)
* @see com.cloud.network.NetworkManager#getDefaultManagementTrafficLabel(long, com.cloud.hypervisor.Hypervisor.HypervisorType)
*/
@Override
public String getDefaultManagementTrafficLabel(long zoneId, HypervisorType hypervisorType) {
// TODO Auto-generated method stub
return null;
}
/* (non-Javadoc)
* @see com.cloud.network.NetworkManager#getDefaultGuestTrafficLabel(long, com.cloud.hypervisor.Hypervisor.HypervisorType)
*/
@ -1129,4 +1111,31 @@ public class MockNetworkManagerImpl implements NetworkManager, Manager, NetworkS
// TODO Auto-generated method stub
return null;
}
/* (non-Javadoc)
* @see com.cloud.network.NetworkManager#getDefaultManagementTrafficLabel(long, com.cloud.hypervisor.Hypervisor.HypervisorType)
*/
@Override
public String getDefaultManagementTrafficLabel(long zoneId, HypervisorType hypervisorType) {
// TODO Auto-generated method stub
return null;
}
/* (non-Javadoc)
* @see com.cloud.network.NetworkManager#unassignIPFromVpcNetwork(long, long)
*/
@Override
public void unassignIPFromVpcNetwork(long ipId, long networkId) {
// TODO Auto-generated method stub
}
/* (non-Javadoc)
* @see com.cloud.network.NetworkManager#ipUsedInVpc(com.cloud.network.IpAddress)
*/
@Override
public boolean ipUsedInVpc(IpAddress ip) {
// TODO Auto-generated method stub
return false;
}
}