etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge S2S VPN for VMware

This commit is contained in:
Sheng Yang 2012-08-29 14:17:29 -07:00
parent 0f0c08373f
commit 60df21a023
1 changed files with 74 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

74
plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
View File

@ -138,6 +138,7 @@ import com.cloud.agent.api.routing.SetSourceNatCommand;
import com.cloud.agent.api.routing.SetSourceNatAnswer;
import com.cloud.agent.api.routing.SetStaticNatRulesAnswer;
import com.cloud.agent.api.routing.SetStaticNatRulesCommand;
import com.cloud.agent.api.routing.Site2SiteVpnCfgCommand;
import com.cloud.agent.api.routing.VmDataCommand;
import com.cloud.agent.api.routing.VpnUsersCfgCommand;
import com.cloud.agent.api.storage.CopyVolumeAnswer;
@ -442,6 +443,10 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa
answer = execute((SetNetworkACLCommand) cmd);
} else if (clz == SetPortForwardingRulesVpcCommand.class) {
answer = execute((SetPortForwardingRulesVpcCommand) cmd);
} else if (clz == Site2SiteVpnCfgCommand.class) {
answer = execute((Site2SiteVpnCfgCommand) cmd);
} else if (clz == CheckS2SVpnConnectionsCommand.class) {
answer = execute((CheckS2SVpnConnectionsCommand) cmd);
} else {
answer = Answer.createUnsupportedCommandAnswer(cmd);
}
@ -1114,6 +1119,75 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa
return new SetPortForwardingRulesAnswer(cmd, results, endResult);
}
protected Answer execute(Site2SiteVpnCfgCommand cmd) {
if (s_logger.isInfoEnabled()) {
s_logger.info("Executing resource Site2SiteVpnCfgCommand " + _gson.toJson(cmd));
}
VmwareManager mgr = getServiceContext().getStockObject(VmwareManager.CONTEXT_STOCK_NAME);
String routerIp = getRouterSshControlIp(cmd);
String args ="";
if (cmd.isCreate()) {
args += " -A";
args += " -l ";
args += cmd.getLocalPublicIp();
args += " -n ";
args += cmd.getLocalGuestCidr();
args += " -g ";
args += cmd.getLocalPublicGateway();
args += " -r ";
args += cmd.getPeerGatewayIp();
args += " -N ";
args += cmd.getPeerGuestCidrList();
args += " -e ";
args += "\"" + cmd.getEspPolicy() + "\"";
args += " -i ";
args += "\"" + cmd.getIkePolicy() + "\"";
args += " -t ";
args += Long.toString(cmd.getIkeLifetime());
args += " -T ";
args += Long.toString(cmd.getEspLifetime());
args += " -s ";
args += "\"" + cmd.getIpsecPsk() + "\"";
args += " -d ";
if (cmd.getDpd()) {
args += "1";
} else {
args += "0";
}
} else {
args += " -D";
args += " -r ";
args += cmd.getPeerGatewayIp();
args += " -n ";
args += cmd.getLocalGuestCidr();
args += " -N ";
args += cmd.getPeerGuestCidrList();
}
Pair<Boolean, String> result;
try {
result = SshHelper.sshExecute(routerIp, DEFAULT_DOMR_SSHPORT, "root", mgr.getSystemVMKeyFile(), null,
"/opt/cloud/bin/ipsectunnel.sh " + args);
if (!result.first()) {
s_logger.error("Setup site2site VPN " + cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP) + " failed, message: " + result.second());
return new Answer(cmd, false, "Setup site2site VPN falied due to " + result.second());
}
if (s_logger.isDebugEnabled()) {
s_logger.debug("setup site 2 site vpn on router " + cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP) + " completed");
}
} catch (Throwable e) {
String msg = "Setup site2site VPN falied due to " + VmwareHelper.getExceptionMessage(e);
s_logger.error(msg, e);
return new Answer(cmd, false, "Setup site2site VPN failed due to " + VmwareHelper.getExceptionMessage(e));
}
return new Answer(cmd, true, result.second());
}
private PlugNicAnswer execute(PlugNicCommand cmd) {
if (s_logger.isInfoEnabled()) {