diff --git a/server/src/com/cloud/network/NetworkManager.java b/server/src/com/cloud/network/NetworkManager.java index c95b6091c52..25011e80640 100755 --- a/server/src/com/cloud/network/NetworkManager.java +++ b/server/src/com/cloud/network/NetworkManager.java @@ -410,8 +410,9 @@ public interface NetworkManager extends NetworkService { /** * @param ipId + * @param networkId TODO */ - void unassignIPFromVpcNetwork(long ipId); + void unassignIPFromVpcNetwork(long ipId, long networkId); /** @@ -472,4 +473,11 @@ public interface NetworkManager extends NetworkService { InsufficientAddressCapacityException, ConcurrentOperationException, InsufficientCapacityException, ResourceUnavailableException; + + /** + * @param ip + * @return + */ + boolean ipUsedInVpc(IpAddress ip); + } diff --git a/server/src/com/cloud/network/NetworkManagerImpl.java b/server/src/com/cloud/network/NetworkManagerImpl.java index f0e49ab5916..02f19efb646 100755 --- a/server/src/com/cloud/network/NetworkManagerImpl.java +++ b/server/src/com/cloud/network/NetworkManagerImpl.java @@ -2413,21 +2413,22 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag } boolean success = disassociatePublicIpAddress(ipAddressId, userId, caller); - - Long networkId = ipVO.getAssociatedWithNetworkId(); - if (success && networkId != null) { - Network guestNetwork = getNetwork(networkId); - NetworkOffering offering = _configMgr.getNetworkOffering(guestNetwork.getNetworkOfferingId()); - Long vmId = ipVO.getAssociatedWithVmId(); - if (offering.getElasticIp() && vmId != null) { - _rulesMgr.getSystemIpAndEnableStaticNatForVm(_userVmDao.findById(vmId), true); - return true; + + if (success) { + Long networkId = ipVO.getAssociatedWithNetworkId(); + if (networkId != null) { + Network guestNetwork = getNetwork(networkId); + NetworkOffering offering = _configMgr.getNetworkOffering(guestNetwork.getNetworkOfferingId()); + Long vmId = ipVO.getAssociatedWithVmId(); + if (offering.getElasticIp() && vmId != null) { + _rulesMgr.getSystemIpAndEnableStaticNatForVm(_userVmDao.findById(vmId), true); + return true; + } } - return true; } else { s_logger.warn("Failed to release public ip address id=" + ipAddressId); - return false; } + return success; } @Deprecated @@ -6062,7 +6063,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag IPAddressVO ip = markIpAsUnavailable(ipToRelease.getId()); assert (ip != null) : "Unable to mark the ip address id=" + ipToRelease.getId() + " as unavailable."; } else { - unassignIPFromVpcNetwork(ipToRelease.getId()); + unassignIPFromVpcNetwork(ipToRelease.getId(), network.getId()); } } @@ -7252,17 +7253,44 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag @Override - public void unassignIPFromVpcNetwork(long ipId) { + public void unassignIPFromVpcNetwork(long ipId, long networkId) { IPAddressVO ip = _ipAddressDao.findById(ipId); - Long vpcId = ip.getVpcId(); - - if (vpcId == null) { + + if (ipUsedInVpc(ip)) { return; } - ip.setAssociatedWithNetworkId(null); - _ipAddressDao.update(ipId, ip); - s_logger.debug("IP address " + ip + " is no longer associated with the network inside vpc id=" + vpcId); + if (ip == null || ip.getVpcId() == null) { + return; + } + + s_logger.debug("Releasing VPC ip address " + ip + " from vpc network id=" + networkId); + + long vpcId = ip.getVpcId(); + boolean success = false; + try { + //unassign ip from the VPC router + success = applyIpAssociations(getNetwork(networkId), true); + } catch (ResourceUnavailableException ex) { + throw new CloudRuntimeException("Failed to apply ip associations for network id=" + networkId + + " as a part of unassigning ip " + ipId + " from vpc", ex); + } + + if (success) { + ip.setAssociatedWithNetworkId(null); + _ipAddressDao.update(ipId, ip); + s_logger.debug("IP address " + ip + " is no longer associated with the network inside vpc id=" + vpcId); + } else { + throw new CloudRuntimeException("Failed to apply ip associations for network id=" + networkId + + " as a part of unassigning ip " + ipId + " from vpc"); + } + s_logger.debug("Successfully released VPC ip address " + ip + " back to VPC pool "); + } + + @Override + public boolean ipUsedInVpc(IpAddress ip) { + return (ip != null && ip.getVpcId() != null && + (ip.isOneToOneNat() || !_firewallDao.listByIp(ip.getId()).isEmpty())); } @Override @DB @@ -7435,4 +7463,5 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag } return nic; } + } diff --git a/server/src/com/cloud/network/element/VirtualRouterElement.java b/server/src/com/cloud/network/element/VirtualRouterElement.java index 80e76285868..d6701aa911f 100755 --- a/server/src/com/cloud/network/element/VirtualRouterElement.java +++ b/server/src/com/cloud/network/element/VirtualRouterElement.java @@ -432,7 +432,7 @@ public class VirtualRouterElement extends AdapterBase implements VirtualRouterEl return true; } - return _routerMgr.associateIP(network, ipAddress, routers); + return _routerMgr.associatePublicIP(network, ipAddress, routers); } else { return false; } diff --git a/server/src/com/cloud/network/element/VpcVirtualRouterElement.java b/server/src/com/cloud/network/element/VpcVirtualRouterElement.java index 17055c4bd34..35897a5aef1 100644 --- a/server/src/com/cloud/network/element/VpcVirtualRouterElement.java +++ b/server/src/com/cloud/network/element/VpcVirtualRouterElement.java @@ -388,7 +388,7 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc return true; } - return _vpcRouterMgr.associateIP(network, ipAddress, routers); + return _vpcRouterMgr.associatePublicIP(network, ipAddress, routers); } else { return false; } diff --git a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java index 53741b9b35c..854d3462217 100644 --- a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java +++ b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java @@ -449,22 +449,15 @@ public class FirewallManagerImpl implements FirewallService, FirewallManager, Ma return success; } - @DB @Override public void removeRule(FirewallRule rule) { - - Transaction txn = Transaction.currentTxn(); - txn.start(); + //remove the rule _firewallDao.remove(rule.getId()); //if the rule is the last one for the ip address assigned to VPC, unassign it from the network IpAddress ip = _ipAddressDao.findById(rule.getSourceIpAddressId()); - if (ip != null && ip.getVpcId() != null && _firewallDao.listByIp(ip.getId()).isEmpty()) { - _networkMgr.unassignIPFromVpcNetwork(ip.getId()); - } - - txn.commit(); + _networkMgr.unassignIPFromVpcNetwork(ip.getId(), rule.getNetworkId()); } @Override diff --git a/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java b/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java index 14ea41c1169..d42f2734291 100755 --- a/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java +++ b/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java @@ -780,12 +780,9 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesMa } // release ip address if ipassoc was perfored if (performedIpAssoc) { - //if the rule is the last one for the ip address assigned to VPC, unassign it from the network ipVO = _ipAddressDao.findById(ipVO.getId()); - if (ipVO != null && ipVO.getVpcId() != null && _firewallDao.listByIp(ipVO.getId()).isEmpty()) { - s_logger.debug("Releasing VPC ip address " + ipVO + " as LB rule failed to create"); - _networkMgr.unassignIPFromVpcNetwork(ipVO.getId()); - } + _networkMgr.unassignIPFromVpcNetwork(ipVO.getId(), lb.getNetworkId()); + } } } @@ -1348,17 +1345,13 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesMa return _lbDao.findById(lbId); } - @DB protected void removeLBRule(LoadBalancerVO rule) { - Transaction txn = Transaction.currentTxn(); - txn.start(); + + //remove the rule _lbDao.remove(rule.getId()); + //if the rule is the last one for the ip address assigned to VPC, unassign it from the network IpAddress ip = _ipAddressDao.findById(rule.getSourceIpAddressId()); - if (ip != null && ip.getVpcId() != null && _firewallDao.listByIp(ip.getId()).isEmpty()) { - _networkMgr.unassignIPFromVpcNetwork(ip.getId()); - } - - txn.commit(); + _networkMgr.unassignIPFromVpcNetwork(ip.getId(), rule.getNetworkId()); } } diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java index ec99c3299cd..c57e4725b76 100644 --- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java +++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java @@ -73,7 +73,7 @@ public interface VirtualNetworkApplianceManager extends Manager, VirtualNetworkA boolean deleteRemoteAccessVpn(Network network, RemoteAccessVpn vpn, List routers) throws ResourceUnavailableException; - boolean associateIP (Network network, final List ipAddress, + boolean associatePublicIP (Network network, final List ipAddress, List routers) throws ResourceUnavailableException; boolean applyFirewallRules(Network network, final List rules, diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java index 41ce6cc562c..9c52a2aefc0 100755 --- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java +++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java @@ -2863,7 +2863,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian } @Override - public boolean associateIP(Network network, final List ipAddress, List routers) + public boolean associatePublicIP(Network network, final List ipAddress, List routers) throws ResourceUnavailableException { if (ipAddress == null || ipAddress.isEmpty()) { s_logger.debug("No ip association rules to be applied for network " + network.getId()); diff --git a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java index 3435358f44c..4b3d5a12913 100644 --- a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java +++ b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java @@ -79,7 +79,10 @@ import com.cloud.network.VirtualRouterProvider; import com.cloud.network.VirtualRouterProvider.VirtualRouterProviderType; import com.cloud.network.VpcVirtualNetworkApplianceService; import com.cloud.network.addr.PublicIp; +import com.cloud.network.dao.FirewallRulesDao; +import com.cloud.network.dao.IPAddressDao; import com.cloud.network.dao.PhysicalNetworkDao; +import com.cloud.network.dao.Site2SiteVpnGatewayDao; import com.cloud.network.rules.FirewallRule; import com.cloud.network.vpc.NetworkACLManager; import com.cloud.network.vpc.PrivateGateway; @@ -133,6 +136,12 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian VpcManager _vpcMgr; @Inject PrivateIpDao _privateIpDao; + @Inject + IPAddressDao _ipAddrDao; + @Inject + Site2SiteVpnGatewayDao _vpnGatewayDao; + @Inject + FirewallRulesDao _firewallDao; @Override public List deployVirtualRouterInVpc(Vpc vpc, DeployDestination dest, Account owner, @@ -281,108 +290,6 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian return result; } - protected boolean addPublicIpToVpc(VirtualRouter router, Network publicNetwork, PublicIp ipAddress) - throws ConcurrentOperationException,ResourceUnavailableException, InsufficientCapacityException { - - if (publicNetwork.getTrafficType() != TrafficType.Public) { - s_logger.warn("Network " + publicNetwork + " is not of type " + TrafficType.Public); - return false; - } - - //Add router to the Public network - boolean result = true; - try { - NicProfile defaultNic = new NicProfile(); - if (ipAddress.isSourceNat()) { - defaultNic.setDefaultNic(true); - } - defaultNic.setIp4Address(ipAddress.getAddress().addr()); - defaultNic.setGateway(ipAddress.getGateway()); - defaultNic.setNetmask(ipAddress.getNetmask()); - defaultNic.setMacAddress(ipAddress.getMacAddress()); - defaultNic.setBroadcastType(BroadcastDomainType.Vlan); - defaultNic.setBroadcastUri(BroadcastDomainType.Vlan.toUri(ipAddress.getVlanTag())); - defaultNic.setIsolationUri(IsolationType.Vlan.toUri(ipAddress.getVlanTag())); - - NicProfile publicNic = _itMgr.addVmToNetwork(router, publicNetwork, defaultNic); - //setup public network - if (publicNic != null) { - if (ipAddress.isSourceNat()) { - if (router.getPublicIpAddress() == null) { - DomainRouterVO routerVO = _routerDao.findById(router.getId()); - routerVO.setPublicIpAddress(ipAddress.getAddress().toString()); - routerVO.setPublicNetmask(ipAddress.getNetmask()); - routerVO.setPublicMacAddress(ipAddress.getMacAddress()); - _routerDao.update(routerVO.getId(), routerVO); - } - } - publicNic.setDefaultNic(true); - if (ipAddress != null) { - IPAddressVO ipVO = _ipAddressDao.findById(ipAddress.getId()); - PublicIp publicIp = new PublicIp(ipVO, _vlanDao.findById(ipVO.getVlanId()), - NetUtils.createSequenceBasedMacAddress(ipVO.getMacAddress())); - result = associtePublicIpInVpc(publicNetwork, router, false, publicIp); - } - } else { - result = false; - s_logger.warn("Failed to add public ip " + ipAddress + " to VPC router " + router); - } - } catch (Exception ex) { - s_logger.warn("Failed to add ip address " + ipAddress + " from the public network " + publicNetwork + - " to VPC router " + router + " due to ", ex); - result = false; - } - - return result; - } - - - protected boolean removePublicIpFromVpcRouter(VirtualRouter router, Network publicNetwork, PublicIp ipAddress) - throws ConcurrentOperationException, ResourceUnavailableException { - - if (publicNetwork.getTrafficType() != TrafficType.Public) { - s_logger.warn("Network " + publicNetwork + " is not of type " + TrafficType.Public); - return false; - } - - boolean result = true; - IPAddressVO ipVO = _ipAddressDao.findById(ipAddress.getId()); - _networkMgr.markIpAsUnavailable(ipVO.getId()); - PublicIp publicIp = new PublicIp(ipVO, _vlanDao.findById(ipVO.getVlanId()), - NetUtils.createSequenceBasedMacAddress(ipVO.getMacAddress())); - result = associtePublicIpInVpc(publicNetwork, router, false, publicIp); - - if (!result) { - s_logger.warn("Failed to disassociate public ip " + ipAddress + " from router " + router); - return false; - } - - URI broadcastUri = BroadcastDomainType.Vlan.toUri(ipAddress.getVlanTag()); - if (_itMgr.removeVmFromNetwork(router, publicNetwork, broadcastUri)) { - s_logger.debug("Successfully removed router " + router + " from vlan " + ipAddress.getVlanTag() +" of public network " + publicNetwork); - return true; - } else { - s_logger.warn("Failed to remove router " + router + " from vlan " + ipAddress.getVlanTag() +" of public network " + publicNetwork); - return false; - } - } - - protected boolean associtePublicIpInVpc(Network network, VirtualRouter router, boolean add, PublicIp ipAddress) - throws ConcurrentOperationException, ResourceUnavailableException{ - - List publicIps = new ArrayList(1); - publicIps.add(ipAddress); - Commands cmds = new Commands(OnError.Stop); - createVpcAssociatePublicIPCommands(router, publicIps, cmds); - - if (sendCommandsToRouter(router, cmds)) { - s_logger.debug("Successfully applied ip association for ip " + ipAddress + " in vpc network " + network); - return true; - } else { - s_logger.warn("Failed to associate ip address " + ipAddress + " in vpc network " + network); - return false; - } - } protected DomainRouterVO deployVpcRouter(Account owner, DeployDestination dest, DeploymentPlan plan, Map params, boolean isRedundant, VirtualRouterProvider vrProvider, long svcOffId, @@ -605,64 +512,107 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian } protected NicTO getNicTO(final VirtualRouter router, Long guestNetworkId) { - VirtualMachine vm = _vmDao.findById(router.getId()); NicProfile nicProfile = _networkMgr.getNicProfile(router, guestNetworkId); return _itMgr.toNicTO(nicProfile, router.getHypervisorType()); } @Override - public boolean associateIP(Network network, final List ipAddress, List routers) + public boolean associatePublicIP(Network network, final List ipAddress, + List routers) throws ResourceUnavailableException { if (ipAddress == null || ipAddress.isEmpty()) { s_logger.debug("No ip association rules to be applied for network " + network.getId()); return true; } - //1) check which nics need to be plugged and plug them + //only one router is supported in VPC now + VirtualRouter router = routers.get(0); + + //1) check which nics need to be plugged/unplugged and plug/unplug them + Map nicsToPlug = new HashMap(); + Map nicsToUnPlug = new HashMap(); + + //find out nics to unplug for (PublicIpAddress ip : ipAddress) { - for (VirtualRouter router : routers) { - URI broadcastUri = BroadcastDomainType.Vlan.toUri(ip.getVlanTag()); - Nic nic = _nicDao.findByInstanceIdNetworkIdAndBroadcastUri(network.getId(), router.getId(), - broadcastUri.toString()); + long publicNtwkId = ip.getNetworkId(); + + //if ip is not associated to any network, and there are no firewall rules, release it on the backend + if (!_networkMgr.ipUsedInVpc(ip)) { + ip.setState(IpAddress.State.Releasing); + } + + if (ip.getState() == IpAddress.State.Releasing) { + Nic nic = _nicDao.findByIp4AddressAndNetworkIdAndInstanceId(publicNtwkId, router.getId(), ip.getAddress().addr()); if (nic != null) { - //have to plug the nic(s) - NicProfile defaultNic = new NicProfile(); - if (ip.isSourceNat()) { - defaultNic.setDefaultNic(true); - } - defaultNic.setIp4Address(ip.getAddress().addr()); - defaultNic.setGateway(ip.getGateway()); - defaultNic.setNetmask(ip.getNetmask()); - defaultNic.setMacAddress(ip.getMacAddress()); - defaultNic.setBroadcastType(BroadcastDomainType.Vlan); - defaultNic.setBroadcastUri(BroadcastDomainType.Vlan.toUri(ip.getVlanTag())); - defaultNic.setIsolationUri(IsolationType.Vlan.toUri(ip.getVlanTag())); - - NicProfile publicNic = null; - Network publicNtwk = null; - try { - publicNtwk = _networkMgr.getNetwork(ip.getNetworkId()); - publicNic = _itMgr.addVmToNetwork(router, publicNtwk, defaultNic); - } catch (ConcurrentOperationException e) { - s_logger.warn("Failed to add router " + router + " to vlan " + ip.getVlanTag() + - " in public network " + publicNtwk + " due to ", e); - } catch (InsufficientCapacityException e) { - s_logger.warn("Failed to add router " + router + " to vlan " + ip.getVlanTag() + - " in public network " + publicNtwk + " due to ", e); - } finally { - if (publicNic == null) { - s_logger.warn("Failed to add router " + router + " to vlan " + ip.getVlanTag() + - " in public network " + publicNtwk); - return false; - } - } + nicsToUnPlug.put(ip.getVlanTag(), ip); + s_logger.debug("Need to unplug the nic for ip=" + ip + "; vlan=" + ip.getVlanTag() + + " in public network id =" + publicNtwkId); } } } - //2) apply the ips - return applyRules(network, routers, "vpc ip association", false, null, false, new RuleApplier() { + //find out nics to plug + for (PublicIpAddress ip : ipAddress) { + URI broadcastUri = BroadcastDomainType.Vlan.toUri(ip.getVlanTag()); + long publicNtwkId = ip.getNetworkId(); + + //if ip is not associated to any network, and there are no firewall rules, release it on the backend + if (!_networkMgr.ipUsedInVpc(ip)) { + ip.setState(IpAddress.State.Releasing); + } + + if (ip.getState() == IpAddress.State.Allocated || ip.getState() == IpAddress.State.Allocating) { + //nic has to be plugged only when there are no nics for this vlan tag exist on VR + Nic nic = _nicDao.findByInstanceIdNetworkIdAndBroadcastUri(publicNtwkId, router.getId(), + broadcastUri.toString()); + + if ((nic == null && nicsToPlug.get(ip.getVlanTag()) == null) || nicsToUnPlug.get(ip.getVlanTag()) != null) { + nicsToPlug.put(ip.getVlanTag(), ip); + s_logger.debug("Need to plug the nic for ip=" + ip + "; vlan=" + ip.getVlanTag() + + " in public network id =" + publicNtwkId); + } + } + } + + //2) Plug the nics + for (String vlanTag : nicsToPlug.keySet()) { + PublicIpAddress ip = nicsToPlug.get(vlanTag); + //have to plug the nic(s) + NicProfile defaultNic = new NicProfile(); + if (ip.isSourceNat()) { + defaultNic.setDefaultNic(true); + } + defaultNic.setIp4Address(ip.getAddress().addr()); + defaultNic.setGateway(ip.getGateway()); + defaultNic.setNetmask(ip.getNetmask()); + defaultNic.setMacAddress(ip.getMacAddress()); + defaultNic.setBroadcastType(BroadcastDomainType.Vlan); + defaultNic.setBroadcastUri(BroadcastDomainType.Vlan.toUri(ip.getVlanTag())); + defaultNic.setIsolationUri(IsolationType.Vlan.toUri(ip.getVlanTag())); + + NicProfile publicNic = null; + Network publicNtwk = null; + try { + publicNtwk = _networkMgr.getNetwork(ip.getNetworkId()); + publicNic = _itMgr.addVmToNetwork(router, publicNtwk, defaultNic); + } catch (ConcurrentOperationException e) { + s_logger.warn("Failed to add router " + router + " to vlan " + vlanTag + + " in public network " + publicNtwk + " due to ", e); + } catch (InsufficientCapacityException e) { + s_logger.warn("Failed to add router " + router + " to vlan " + vlanTag + + " in public network " + publicNtwk + " due to ", e); + } finally { + if (publicNic == null) { + s_logger.warn("Failed to add router " + router + " to vlan " + vlanTag + + " in public network " + publicNtwk); + return false; + } + } + } + + //3) apply the ips + boolean result = applyRules(network, routers, "vpc ip association", false, null, false, new RuleApplier() { @Override public boolean execute(Network network, VirtualRouter router) throws ResourceUnavailableException { Commands cmds = new Commands(OnError.Continue); @@ -670,6 +620,22 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian return sendCommandsToRouter(router, cmds); } }); + + //4) Unplug the nics + for (String vlanTag : nicsToUnPlug.keySet()) { + Network publicNtwk = null; + try { + publicNtwk = _networkMgr.getNetwork(nicsToUnPlug.get(vlanTag).getNetworkId()); + URI broadcastUri = BroadcastDomainType.Vlan.toUri(vlanTag); + _itMgr.removeVmFromNetwork(router, publicNtwk, broadcastUri); + } catch (ConcurrentOperationException e) { + s_logger.warn("Failed to remove router " + router + " from vlan " + vlanTag + + " in public network " + publicNtwk + " due to ", e); + return false; + } + } + + return result; } @@ -962,7 +928,7 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian * @param add * @param privateNic * @return - * @throws ResourceUnavailableException TODO + * @throws ResourceUnavailableException */ protected boolean setupVpcPrivateNetwork(VirtualRouter router, boolean add, NicProfile privateNic) throws ResourceUnavailableException { diff --git a/server/src/com/cloud/network/rules/RulesManagerImpl.java b/server/src/com/cloud/network/rules/RulesManagerImpl.java index da312fc76fb..224b63548c4 100755 --- a/server/src/com/cloud/network/rules/RulesManagerImpl.java +++ b/server/src/com/cloud/network/rules/RulesManagerImpl.java @@ -27,6 +27,7 @@ import javax.naming.ConfigurationException; import org.apache.log4j.Logger; +import com.citrix.netscaler.nitro.resource.config.network.vlan; import com.cloud.api.commands.ListPortForwardingRulesCmd; import com.cloud.configuration.ConfigurationManager; import com.cloud.domain.dao.DomainDao; @@ -289,14 +290,9 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager { if (performedIpAssoc) { //if the rule is the last one for the ip address assigned to VPC, unassign it from the network IpAddress ip = _ipAddressDao.findById(ipAddress.getId()); - if (ip != null && ip.getVpcId() != null && _firewallDao.listByIp(ip.getId()).isEmpty()) { - s_logger.debug("Releasing VPC ip address " + ip + " as PF rule failed to create"); - _networkMgr.unassignIPFromVpcNetwork(ip.getId()); - } + _networkMgr.unassignIPFromVpcNetwork(ip.getId(), networkId); } } - - } @Override @@ -376,7 +372,6 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager { } @Override - @DB public boolean enableStaticNat(long ipId, long vmId, long networkId, boolean isSystemVm) throws NetworkRuleConflictException, ResourceUnavailableException { UserContext ctx = UserContext.current(); @@ -465,20 +460,15 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager { } } finally { if (!result) { - Transaction txn = Transaction.currentTxn(); - txn.start(); ipAddress.setOneToOneNat(false); ipAddress.setAssociatedWithVmId(null); - _ipAddressDao.update(ipAddress.getId(), ipAddress); + _ipAddressDao.update(ipAddress.getId(), ipAddress); + if (performedIpAssoc) { //if the rule is the last one for the ip address assigned to VPC, unassign it from the network IpAddress ip = _ipAddressDao.findById(ipAddress.getId()); - if (ip != null && ip.getVpcId() != null && _firewallDao.listByIp(ip.getId()).isEmpty()) { - s_logger.debug("Releasing VPC ip address " + ip + " as PF rule failed to create"); - _networkMgr.unassignIPFromVpcNetwork(ip.getId()); - } - } - txn.commit(); + _networkMgr.unassignIPFromVpcNetwork(ip.getId(), networkId); + } } } return result; @@ -1178,12 +1168,12 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager { } @Override - @DB public boolean disableStaticNat(long ipId, Account caller, long callerUserId, boolean releaseIpIfElastic) throws ResourceUnavailableException { boolean success = true; IPAddressVO ipAddress = _ipAddressDao.findById(ipId); checkIpAndUserVm(ipAddress, null, caller); + long networkId = ipAddress.getAssociatedWithNetworkId(); if (!ipAddress.isOneToOneNat()) { InvalidParameterValueException ex = new InvalidParameterValueException("One to one nat is not enabled for the specified ip id"); @@ -1209,8 +1199,6 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager { } if (success) { - Transaction txn = Transaction.currentTxn(); - txn.start(); boolean isIpSystem = ipAddress.getSystem(); ipAddress.setOneToOneNat(false); ipAddress.setAssociatedWithVmId(null); @@ -1218,8 +1206,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager { ipAddress.setSystem(false); } _ipAddressDao.update(ipAddress.getId(), ipAddress); - _networkMgr.unassignIPFromVpcNetwork(ipAddress.getId()); - txn.commit(); + _networkMgr.unassignIPFromVpcNetwork(ipAddress.getId(), networkId); if (isIpSystem && releaseIpIfElastic && !_networkMgr.handleSystemIpRelease(ipAddress)) { s_logger.warn("Failed to release system ip address " + ipAddress); @@ -1366,18 +1353,14 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager { } } } + - @DB protected void removePFRule(PortForwardingRuleVO rule) { - Transaction txn = Transaction.currentTxn(); - txn.start(); + _portForwardingDao.remove(rule.getId()); + //if the rule is the last one for the ip address assigned to VPC, unassign it from the network IpAddress ip = _ipAddressDao.findById(rule.getSourceIpAddressId()); - if (ip != null && ip.getVpcId() != null && _firewallDao.listByIp(ip.getId()).isEmpty()) { - _networkMgr.unassignIPFromVpcNetwork(ip.getId()); - } - - txn.commit(); + _networkMgr.unassignIPFromVpcNetwork(ip.getId(), rule.getNetworkId()); } } diff --git a/server/src/com/cloud/network/vpc/VpcManager.java b/server/src/com/cloud/network/vpc/VpcManager.java index 8b0008e4cc7..af461701dd1 100644 --- a/server/src/com/cloud/network/vpc/VpcManager.java +++ b/server/src/com/cloud/network/vpc/VpcManager.java @@ -22,6 +22,7 @@ import java.util.Set; import com.cloud.exception.ConcurrentOperationException; import com.cloud.exception.ResourceUnavailableException; +import com.cloud.network.IpAddress; import com.cloud.network.Network.Provider; import com.cloud.network.Network.Service; import com.cloud.network.element.VpcProvider; diff --git a/server/src/com/cloud/network/vpc/VpcManagerImpl.java b/server/src/com/cloud/network/vpc/VpcManagerImpl.java index 40326fd24fe..d915a11b50d 100644 --- a/server/src/com/cloud/network/vpc/VpcManagerImpl.java +++ b/server/src/com/cloud/network/vpc/VpcManagerImpl.java @@ -58,6 +58,7 @@ import com.cloud.network.NetworkVO; import com.cloud.network.Networks.BroadcastDomainType; import com.cloud.network.Networks.TrafficType; import com.cloud.network.PhysicalNetwork; +import com.cloud.network.dao.FirewallRulesDao; import com.cloud.network.dao.IPAddressDao; import com.cloud.network.dao.NetworkDao; import com.cloud.network.dao.PhysicalNetworkDao; @@ -74,6 +75,7 @@ import com.cloud.offerings.NetworkOfferingServiceMapVO; import com.cloud.offerings.dao.NetworkOfferingServiceMapDao; import com.cloud.org.Grouping; import com.cloud.projects.Project.ListProjectResourcesCriteria; +import com.cloud.tags.dao.ResourceTagDao; import com.cloud.user.Account; import com.cloud.user.AccountManager; import com.cloud.user.User; @@ -135,7 +137,11 @@ public class VpcManagerImpl implements VpcManager, Manager{ VpcOfferingServiceMapDao _vpcOffServiceDao; @Inject PhysicalNetworkDao _pNtwkDao; - + @Inject + ResourceTagDao _resourceTagDao; + @Inject + FirewallRulesDao _firewallDao; + private final ScheduledExecutorService _executor = Executors.newScheduledThreadPool(1, new NamedThreadFactory("VpcChecker")); private VpcProvider vpcElement = null; @@ -1585,4 +1591,5 @@ public class VpcManagerImpl implements VpcManager, Manager{ public VpcGateway getPrivateGatewayForVpc(long vpcId) { return _vpcGatewayDao.getPrivateGatewayForVpc(vpcId); } + } diff --git a/server/src/com/cloud/vm/VirtualMachineManagerImpl.java b/server/src/com/cloud/vm/VirtualMachineManagerImpl.java index 64efd87a828..e0bed24c584 100755 --- a/server/src/com/cloud/vm/VirtualMachineManagerImpl.java +++ b/server/src/com/cloud/vm/VirtualMachineManagerImpl.java @@ -2526,7 +2526,7 @@ public class VirtualMachineManagerImpl implements VirtualMachineManager, Listene Nic nic = null; if (broadcastUri != null) { - nic = _nicsDao.findByInstanceIdNetworkIdAndBroadcastUri(network.getId(), vm.getId(), broadcastUri.getHost()); + nic = _nicsDao.findByInstanceIdNetworkIdAndBroadcastUri(network.getId(), vm.getId(), broadcastUri.toString()); } else { nic = _networkMgr.getNicInNetwork(vm.getId(), network.getId()); } diff --git a/server/src/com/cloud/vm/dao/NicDao.java b/server/src/com/cloud/vm/dao/NicDao.java index dd24e2d0fb9..ac0157e568f 100644 --- a/server/src/com/cloud/vm/dao/NicDao.java +++ b/server/src/com/cloud/vm/dao/NicDao.java @@ -54,4 +54,6 @@ public interface NicDao extends GenericDao { int countNics(long instanceId); NicVO findByInstanceIdNetworkIdAndBroadcastUri(long networkId, long instanceId, String broadcastUri); + + NicVO findByIp4AddressAndNetworkIdAndInstanceId(long networkId, long instanceId, String ip4Address); } diff --git a/server/src/com/cloud/vm/dao/NicDaoImpl.java b/server/src/com/cloud/vm/dao/NicDaoImpl.java index f71eeff28b9..4e8d1f0880d 100644 --- a/server/src/com/cloud/vm/dao/NicDaoImpl.java +++ b/server/src/com/cloud/vm/dao/NicDaoImpl.java @@ -180,5 +180,13 @@ public class NicDaoImpl extends GenericDaoBase implements NicDao { sc.setParameters("broadcastUri", broadcastUri); return findOneBy(sc); } - + + @Override + public NicVO findByIp4AddressAndNetworkIdAndInstanceId(long networkId, long instanceId, String ip4Address) { + SearchCriteria sc = AllFieldsSearch.create(); + sc.setParameters("network", networkId); + sc.setParameters("instance", instanceId); + sc.setParameters("address", ip4Address); + return findOneBy(sc); + } } diff --git a/server/test/com/cloud/network/MockNetworkManagerImpl.java b/server/test/com/cloud/network/MockNetworkManagerImpl.java index afdd1faae25..6f48bed3a83 100755 --- a/server/test/com/cloud/network/MockNetworkManagerImpl.java +++ b/server/test/com/cloud/network/MockNetworkManagerImpl.java @@ -821,15 +821,6 @@ public class MockNetworkManagerImpl implements NetworkManager, Manager, NetworkS return null; } - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#unassignIPFromVpcNetwork(long) - */ - @Override - public void unassignIPFromVpcNetwork(long ipId) { - // TODO Auto-generated method stub - - } - /* (non-Javadoc) * @see com.cloud.network.NetworkService#allocateIP(com.cloud.user.Account, boolean, long) */ @@ -957,15 +948,6 @@ public class MockNetworkManagerImpl implements NetworkManager, Manager, NetworkS } - /* (non-Javadoc) - * @see com.cloud.network.NetworkManager#getDefaultManagementTrafficLabel(long, com.cloud.hypervisor.Hypervisor.HypervisorType) - */ - @Override - public String getDefaultManagementTrafficLabel(long zoneId, HypervisorType hypervisorType) { - // TODO Auto-generated method stub - return null; - } - /* (non-Javadoc) * @see com.cloud.network.NetworkManager#getDefaultGuestTrafficLabel(long, com.cloud.hypervisor.Hypervisor.HypervisorType) */ @@ -1129,4 +1111,31 @@ public class MockNetworkManagerImpl implements NetworkManager, Manager, NetworkS // TODO Auto-generated method stub return null; } + + /* (non-Javadoc) + * @see com.cloud.network.NetworkManager#getDefaultManagementTrafficLabel(long, com.cloud.hypervisor.Hypervisor.HypervisorType) + */ + @Override + public String getDefaultManagementTrafficLabel(long zoneId, HypervisorType hypervisorType) { + // TODO Auto-generated method stub + return null; + } + + /* (non-Javadoc) + * @see com.cloud.network.NetworkManager#unassignIPFromVpcNetwork(long, long) + */ + @Override + public void unassignIPFromVpcNetwork(long ipId, long networkId) { + // TODO Auto-generated method stub + + } + + /* (non-Javadoc) + * @see com.cloud.network.NetworkManager#ipUsedInVpc(com.cloud.network.IpAddress) + */ + @Override + public boolean ipUsedInVpc(IpAddress ip) { + // TODO Auto-generated method stub + return false; + } }