diff --git a/api/src/com/cloud/api/commands/CreateIpForwardingRuleCmd.java b/api/src/com/cloud/api/commands/CreateIpForwardingRuleCmd.java index e739911d588..d9a5377d89c 100644 --- a/api/src/com/cloud/api/commands/CreateIpForwardingRuleCmd.java +++ b/api/src/com/cloud/api/commands/CreateIpForwardingRuleCmd.java @@ -191,7 +191,8 @@ public class CreateIpForwardingRuleCmd extends BaseAsyncCreateCmd implements Por @Override public long getDomainId() { - throw new UnsupportedOperationException("Don't call me"); + IpAddress ip = _networkService.getIp(ipAddressId); + return ip.getDomainId(); } @Override @@ -215,7 +216,8 @@ public class CreateIpForwardingRuleCmd extends BaseAsyncCreateCmd implements Por @Override public long getAccountId() { - throw new UnsupportedOperationException("Get the account id from network"); + IpAddress ip = _networkService.getIp(ipAddressId); + return ip.getAccountId(); } @Override diff --git a/api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java b/api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java index 34b15512df3..c7f6fbd73ef 100644 --- a/api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java +++ b/api/src/com/cloud/api/commands/CreatePortForwardingRuleCmd.java @@ -30,6 +30,7 @@ import com.cloud.api.response.FirewallRuleResponse; import com.cloud.event.EventTypes; import com.cloud.exception.NetworkRuleConflictException; import com.cloud.exception.ResourceUnavailableException; +import com.cloud.network.IpAddress; import com.cloud.network.rules.PortForwardingRule; import com.cloud.user.Account; import com.cloud.user.UserContext; @@ -175,7 +176,8 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements @Override public long getDomainId() { - throw new UnsupportedOperationException("Get the domain id from network"); + IpAddress ip = _networkService.getIp(ipAddressId); + return ip.getDomainId(); } @Override @@ -217,7 +219,8 @@ public class CreatePortForwardingRuleCmd extends BaseAsyncCreateCmd implements @Override public long getAccountId() { - throw new UnsupportedOperationException("Get the account id from network"); + IpAddress ip = _networkService.getIp(ipAddressId); + return ip.getAccountId(); } @Override diff --git a/api/src/com/cloud/api/commands/DisassociateIPAddrCmd.java b/api/src/com/cloud/api/commands/DisassociateIPAddrCmd.java index 4be3f9fb138..02db762a7e0 100644 --- a/api/src/com/cloud/api/commands/DisassociateIPAddrCmd.java +++ b/api/src/com/cloud/api/commands/DisassociateIPAddrCmd.java @@ -36,15 +36,15 @@ public class DisassociateIPAddrCmd extends BaseCmd { //////////////// API parameters ///////////////////// ///////////////////////////////////////////////////// - @Parameter(name=ApiConstants.IP_ADDRESS_ID, type=CommandType.LONG, required=true, description="the id of the public ip address to disassociate") - private Long ipAddressId; + @Parameter(name=ApiConstants.ID, type=CommandType.LONG, required=true, description="the id of the public ip address to disassociate") + private Long id; ///////////////////////////////////////////////////// /////////////////// Accessors /////////////////////// ///////////////////////////////////////////////////// public Long getIpAddressId() { - return ipAddressId; + return id; } ///////////////////////////////////////////////////// diff --git a/api/src/com/cloud/api/commands/RebootRouterCmd.java b/api/src/com/cloud/api/commands/RebootRouterCmd.java index 09ee0479b4b..3180e8ac691 100644 --- a/api/src/com/cloud/api/commands/RebootRouterCmd.java +++ b/api/src/com/cloud/api/commands/RebootRouterCmd.java @@ -95,7 +95,7 @@ public class RebootRouterCmd extends BaseAsyncCmd { @Override public void execute() throws ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException{ - VirtualRouter result = _routerService.rebootRouter(this.getId()); + VirtualRouter result = _routerService.rebootRouter(this.getId(), true); if (result != null){ DomainRouterResponse response = _responseGenerator.createDomainRouterResponse(result); response.setResponseName("router"); diff --git a/api/src/com/cloud/api/commands/StartRouterCmd.java b/api/src/com/cloud/api/commands/StartRouterCmd.java index 63db3bb432a..3a2e1c6565c 100644 --- a/api/src/com/cloud/api/commands/StartRouterCmd.java +++ b/api/src/com/cloud/api/commands/StartRouterCmd.java @@ -101,7 +101,7 @@ public class StartRouterCmd extends BaseAsyncCmd { @Override public void execute() throws ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException{ - VirtualRouter result = _routerService.startRouter(this.getId()); + VirtualRouter result = _routerService.startRouter(this.getId(), true); if (result != null){ DomainRouterResponse routerResponse = _responseGenerator.createDomainRouterResponse(result); routerResponse.setResponseName(getCommandName()); diff --git a/api/src/com/cloud/network/VirtualNetworkApplianceService.java b/api/src/com/cloud/network/VirtualNetworkApplianceService.java index 4f569a642d0..ed820f15d6c 100644 --- a/api/src/com/cloud/network/VirtualNetworkApplianceService.java +++ b/api/src/com/cloud/network/VirtualNetworkApplianceService.java @@ -32,7 +32,7 @@ public interface VirtualNetworkApplianceService{ * @return DomainRouter object * @throws InvalidParameterValueException, PermissionDeniedException */ - VirtualRouter startRouter(long routerId) throws InvalidParameterValueException, PermissionDeniedException, ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException; + VirtualRouter startRouter(long routerId, boolean restartNetwork) throws InvalidParameterValueException, PermissionDeniedException, ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException; /** * Reboots domain router @@ -40,7 +40,7 @@ public interface VirtualNetworkApplianceService{ * @return router if successful * @throws InvalidParameterValueException, PermissionDeniedException */ - VirtualRouter rebootRouter(long routerId) throws InvalidParameterValueException, PermissionDeniedException, ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException; + VirtualRouter rebootRouter(long routerId, boolean restartNetwork) throws InvalidParameterValueException, PermissionDeniedException, ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException; VirtualRouter upgradeRouter(UpgradeRouterCmd cmd); diff --git a/api/src/com/cloud/network/vpn/RemoteAccessVpnService.java b/api/src/com/cloud/network/vpn/RemoteAccessVpnService.java index 7266199f162..16c3c7bd8fe 100644 --- a/api/src/com/cloud/network/vpn/RemoteAccessVpnService.java +++ b/api/src/com/cloud/network/vpn/RemoteAccessVpnService.java @@ -40,5 +40,7 @@ public interface RemoteAccessVpnService { List searchForRemoteAccessVpns(ListRemoteAccessVpnsCmd cmd); List searchForVpnUsers(ListVpnUsersCmd cmd); + + List listRemoteAccessVpns(long networkId); } diff --git a/api/src/com/cloud/vm/VirtualMachineProfile.java b/api/src/com/cloud/vm/VirtualMachineProfile.java index d48e61f3906..9804cf38b26 100644 --- a/api/src/com/cloud/vm/VirtualMachineProfile.java +++ b/api/src/com/cloud/vm/VirtualMachineProfile.java @@ -18,6 +18,7 @@ package com.cloud.vm; import java.util.List; +import java.util.Map; import com.cloud.agent.api.to.VolumeTO; import com.cloud.hypervisor.Hypervisor.HypervisorType; @@ -43,6 +44,7 @@ public interface VirtualMachineProfile { enum Param { VmPassword, ControlNic, + RestartNetwork, } String getHostName(); @@ -115,4 +117,6 @@ public interface VirtualMachineProfile { void setBootLoaderType(BootloaderType bootLoader); BootloaderType getBootLoaderType(); + + Map getParameters(); } diff --git a/server/src/com/cloud/network/NetworkManagerImpl.java b/server/src/com/cloud/network/NetworkManagerImpl.java index b68fd00514d..aaf070ad760 100755 --- a/server/src/com/cloud/network/NetworkManagerImpl.java +++ b/server/src/com/cloud/network/NetworkManagerImpl.java @@ -93,6 +93,7 @@ import com.cloud.network.rules.FirewallRule; import com.cloud.network.rules.RulesManager; import com.cloud.network.vpn.PasswordResetElement; import com.cloud.network.vpn.RemoteAccessVpnElement; +import com.cloud.network.vpn.RemoteAccessVpnService; import com.cloud.offering.NetworkOffering; import com.cloud.offering.NetworkOffering.Availability; import com.cloud.offerings.NetworkOfferingVO; @@ -185,6 +186,8 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag @Inject UsageEventDao _usageEventDao; @Inject + RemoteAccessVpnService _vpnMgr; + @Inject PodVlanMapDao _podVlanMapDao; @Inject(adapter = NetworkGuru.class) Adapters _networkGurus; @@ -225,7 +228,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag } else { sc = AssignIpAddressSearch.create(); } - + if (vlanDbId != null) { sc.addAnd("vlanId", SearchCriteria.Op.EQ, vlanDbId); } @@ -249,11 +252,11 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag assert (addrs.size() == 1) : "Return size is incorrect: " + addrs.size(); IPAddressVO addr = addrs.get(0); - addr.setSourceNat(sourceNat); + addr.setSourceNat(sourceNat); addr.setAllocatedTime(new Date()); addr.setAllocatedInDomainId(owner.getDomainId()); addr.setAllocatedToAccountId(owner.getId()); - + addr.setState(assign ? IpAddress.State.Allocated : IpAddress.State.Allocating); if (vlanUse == VlanType.DirectAttached) { @@ -265,8 +268,8 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag if (!_ipAddressDao.update(addr.getId(), addr)) { throw new CloudRuntimeException("Found address to allocate but unable to update: " + addr); } - if(owner.getAccountId() != Account.ACCOUNT_ID_SYSTEM){ - long isSourceNat = (sourceNat) ? 1 : 0 ; + if (owner.getAccountId() != Account.ACCOUNT_ID_SYSTEM) { + long isSourceNat = (sourceNat) ? 1 : 0; UsageEventVO usageEvent = new UsageEventVO(EventTypes.EVENT_NET_IP_ASSIGN, owner.getAccountId(), dcId, isSourceNat, addr.getAddress().toString()); _usageEventDao.persist(usageEvent); } @@ -311,13 +314,13 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag s_logger.debug("assigning a new ip address in " + dcId + " to " + owner); } - //If account has Account specific ip ranges, try to allocate ip from there + // If account has Account specific ip ranges, try to allocate ip from there Long vlanId = null; List maps = _accountVlanMapDao.listAccountVlanMapsByAccount(ownerId); if (maps != null && !maps.isEmpty()) { vlanId = maps.get(0).getVlanDbId(); } - + ip = fetchNewPublicIp(dcId, null, vlanId, owner, VlanType.VirtualNetwork, network.getId(), true, false); sourceNat = ip.ip(); sourceNat.setState(IpAddress.State.Allocated); @@ -445,9 +448,10 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag return _networksDao.listBy(owner.getId(), zoneId, GuestIpType.Virtual); } - - @Override @DB - public IpAddress allocateIP(AssociateIPAddrCmd cmd) throws ResourceAllocationException, InsufficientAddressCapacityException, ConcurrentOperationException{ + + @Override + @DB + public IpAddress allocateIP(AssociateIPAddrCmd cmd) throws ResourceAllocationException, InsufficientAddressCapacityException, ConcurrentOperationException { String accountName = cmd.getAccountName(); long domainId = cmd.getDomainId(); Long zoneId = cmd.getZoneId(); @@ -472,7 +476,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag } PublicIp ip = null; - + Transaction txn = Transaction.currentTxn(); Account accountToLock = null; try { @@ -517,15 +521,16 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag s_logger.debug("Associate IP address lock released"); } } - + return ip; } - @Override @DB + @Override + @DB public IpAddress associateIP(AssociateIPAddrCmd cmd) throws ResourceAllocationException, ResourceUnavailableException, InsufficientAddressCapacityException, ConcurrentOperationException { Account caller = UserContext.current().getCaller(); Account owner = null; - + IpAddress ipToAssoc = getIp(cmd.getEntityId()); if (ipToAssoc != null) { _accountMgr.checkAccess(caller, ipToAssoc); @@ -534,7 +539,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag s_logger.debug("Unable to find ip address by id: " + cmd.getEntityId()); return null; } - + Network network = _networksDao.findById(ipToAssoc.getAssociatedWithNetworkId()); IpAddress ip = _ipAddressDao.findById(cmd.getEntityId()); @@ -613,13 +618,13 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag if (success) { _ipAddressDao.unassignIpAddress(addrId); - s_logger.debug("released a public ip id=" + addrId); - if(ownerId != Account.ACCOUNT_ID_SYSTEM){ + s_logger.debug("released a public ip id=" + addrId); + if (ownerId != Account.ACCOUNT_ID_SYSTEM) { UsageEventVO usageEvent = new UsageEventVO(EventTypes.EVENT_NET_IP_RELEASE, ownerId, ip.getDataCenterId(), addrId, null); _usageEventDao.persist(usageEvent); } - _accountMgr.decrementResourceCount(ownerId, ResourceType.public_ip); + _accountMgr.decrementResourceCount(ownerId, ResourceType.public_ip); } return success; @@ -695,7 +700,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag virtualNetworkVlanSB.and("vlanType", virtualNetworkVlanSB.entity().getVlanType(), Op.EQ); IpAddressSearch.join("virtualNetworkVlanSB", virtualNetworkVlanSB, IpAddressSearch.entity().getVlanId(), virtualNetworkVlanSB.entity().getId(), JoinBuilder.JoinType.INNER); IpAddressSearch.done(); - + NicForTrafficTypeSearch = _nicDao.createSearchBuilder(); SearchBuilder networkSearch = _networksDao.createSearchBuilder(); NicForTrafficTypeSearch.join("network", networkSearch, networkSearch.entity().getId(), NicForTrafficTypeSearch.entity().getNetworkId(), JoinType.INNER); @@ -924,8 +929,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag vo.setState(Nic.State.Allocated); return deviceId; } - - + protected void applyProfileToNicForRelease(NicVO vo, NicProfile profile) { vo.setGateway(profile.getGateway()); vo.setAddressFormat(profile.getFormat()); @@ -1092,7 +1096,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag NetworkVO network = _networksDao.findById(nic.getNetworkId()); NetworkOffering no = _configMgr.getNetworkOffering(network.getNetworkOfferingId()); Integer networkRate = _configMgr.getNetworkRate(no.getId()); - + NetworkGuru concierge = _networkGurus.get(network.getGuruName()); NicProfile profile = new NicProfile(nic, network, nic.getBroadcastUri(), nic.getIsolationUri(), networkRate); concierge.updateNicProfile(profile, network); @@ -1141,25 +1145,24 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag } return null; } - - + @Override public List getNicProfiles(VirtualMachine vm) { List nics = _nicDao.listBy(vm.getId()); List profiles = new ArrayList(); - + if (nics != null) { for (Nic nic : nics) { NetworkVO network = _networksDao.findById(nic.getNetworkId()); NetworkOffering no = _configMgr.getNetworkOffering(network.getNetworkOfferingId()); Integer networkRate = _configMgr.getNetworkRate(no.getId()); - + NetworkGuru concierge = _networkGurus.get(network.getGuruName()); NicProfile profile = new NicProfile(nic, network, nic.getBroadcastUri(), nic.getIsolationUri(), networkRate); concierge.updateNicProfile(profile, network); profiles.add(profile); } - } + } return profiles; } @@ -1310,17 +1313,17 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag _nicDao.remove(nic.getId()); } } - + @Override public void expungeNics(VirtualMachineProfile vm) { List nics = _nicDao.listIncludingRemovedBy(vm.getId()); - for (NicVO nic : nics) { + for (NicVO nic : nics) { _nicDao.expunge(nic.getId()); } } - + @Override - public Network createNetwork(CreateNetworkCmd cmd) throws InvalidParameterValueException, PermissionDeniedException { + public Network createNetwork(CreateNetworkCmd cmd) throws InvalidParameterValueException, PermissionDeniedException { Long networkOfferingId = cmd.getNetworkOfferingId(); Long zoneId = cmd.getZoneId(); String gateway = cmd.getGateway(); @@ -1333,19 +1336,21 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag String displayText = cmd.getDisplayText(); Boolean isShared = cmd.getIsShared(); Boolean isDefault = cmd.isDefault(); - - //finalize owner for the network + + // finalize owner for the network Account ctxAccount = UserContext.current().getCaller(); String accountName = cmd.getAccountName(); Long domainId = cmd.getDomainId(); - + Account owner = _accountMgr.finalizeOwner(ctxAccount, accountName, domainId); - + return createNetwork(networkOfferingId, name, displayText, isShared, isDefault, zoneId, gateway, startIP, endIP, netmask, vlanId, networkDomain, owner); } - - @Override @DB - public Network createNetwork(long networkOfferingId, String name, String displayText, Boolean isShared, Boolean isDefault, Long zoneId, String gateway, String startIP, String endIP, String netmask, String vlanId, String networkDomain, Account owner) throws InvalidParameterValueException, PermissionDeniedException { + + @Override + @DB + public Network createNetwork(long networkOfferingId, String name, String displayText, Boolean isShared, Boolean isDefault, Long zoneId, String gateway, String startIP, String endIP, String netmask, String vlanId, String networkDomain, Account owner) + throws InvalidParameterValueException, PermissionDeniedException { Account ctxAccount = UserContext.current().getCaller(); Long userId = UserContext.current().getCallerUserId(); String cidr = null; @@ -1686,21 +1691,21 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag } boolean success = true; - - //release ip addresses associated with the network if there are any + + // release ip addresses associated with the network if there are any List ipsToRelease = _ipAddressDao.listByAssociatedNetwork(networkId); if (ipsToRelease != null && !ipsToRelease.isEmpty()) { for (IPAddressVO ip : ipsToRelease) { _ipAddressDao.unassignIpAddress(ip.getId()); - if(ip.getAccountId() != Account.ACCOUNT_ID_SYSTEM){ + if (ip.getAccountId() != Account.ACCOUNT_ID_SYSTEM) { UsageEventVO usageEvent = new UsageEventVO(EventTypes.EVENT_NET_IP_RELEASE, ip.getAccountId(), ip.getDataCenterId(), 0, ip.getAddress().toString()); _usageEventDao.persist(usageEvent); } } - + s_logger.debug("Ip addresses are unassigned successfully as a part of network id=" + networkId + " destroy"); } - + for (NetworkElement element : _networkElements) { try { if (s_logger.isDebugEnabled()) { @@ -1727,7 +1732,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag Account owner = _accountMgr.getAccount(network.getAccountId()); Transaction txn = Transaction.currentTxn(); - txn.start(); + txn.start(); guru.trash(network, _networkOfferingDao.findById(network.getNetworkOfferingId()), owner); if (!deleteVlansInNetwork(network.getId(), callerUserId)) { @@ -1828,7 +1833,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag public boolean restartNetwork(RestartNetworkCmd cmd) throws ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException { // This method restarts all network elements belonging to the network Long networkId = cmd.getNetworkId(); - Network network = _networksDao.findById(networkId); + NetworkVO network = _networksDao.findById(networkId); Account owner = _accountMgr.getAccount(network.getAccountId()); User caller = _accountMgr.getActiveUser(UserContext.current().getCallerUserId()); Account callerAccount = _accountMgr.getActiveAccount(caller.getAccountId()); @@ -1838,17 +1843,43 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag _accountMgr.checkAccess(callerAccount, network); s_logger.debug("Restarting network " + networkId + "..."); - - boolean success = true; for (NetworkElement element : _networkElements) { - success = element.restart(network, context); - if (!success) { - s_logger.warn("Failed to restart network element " + element + " as a part of network restart"); - return success; + //stop and start the network element + if (!element.restart(network, context)) { + s_logger.warn("Failed to restart network element(s) as a part of network id" + networkId + " restart"); + return false; + } + } + + //associate all ip addresses + if (!applyIpAssociations(network, false)) { + s_logger.warn("Failed to apply ip addresses as a part of network id" + networkId + " restart"); + return false; + } + + //apply port forwarding rules + if (!_rulesMgr.applyPortForwardingRulesForNetwork(networkId, false, context.getAccount())) { + s_logger.warn("Failed to reapply firewall rule(s) as a part of network id=" + networkId + " restart"); + } + + //apply load balancer rules + if (!_lbMgr.applyLoadBalancersForNetwork(networkId)) { + s_logger.warn("Failed to reapply load balancer rules as a part of network id=" + networkId + " restart"); + return false; + } + + //apply vpn rules + List vpnsToReapply = _vpnMgr.listRemoteAccessVpns(networkId); + if (vpnsToReapply != null) { + for (RemoteAccessVpn vpn : vpnsToReapply) { + if (_vpnMgr.startRemoteAccessVpn(vpn.getServerAddressId()) == null) { + s_logger.warn("Failed to reapply load balancer rules as a part of network id=" + networkId + " restart"); + return false; + } } } - - s_logger.debug("Network " + networkId + " is restarted successfully."); + + s_logger.debug("Network id=" + networkId + " is restarted successfully."); return true; } @@ -1963,50 +1994,50 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag return networks; } - + @Override public Nic getNicInNetwork(long vmId, long networkId) { return _nicDao.findByInstanceIdAndNetworkId(networkId, vmId); } - @Override @DB - public boolean associateIpAddressListToAccount(long userId, long accountId, long zoneId, Long vlanId) throws InsufficientAddressCapacityException, - ConcurrentOperationException, ResourceUnavailableException { - - Account account = _accountMgr.getActiveAccount(accountId); + @Override + @DB + public boolean associateIpAddressListToAccount(long userId, long accountId, long zoneId, Long vlanId) throws InsufficientAddressCapacityException, ConcurrentOperationException, ResourceUnavailableException { + + Account account = _accountMgr.getActiveAccount(accountId); if (account == null) { s_logger.warn("Unable to find active account: " + accountId); - } - + } + Network network = null; long allocatedIps = 0; - - //create new Virtual network for the user if it doesn't exist + + // create new Virtual network for the user if it doesn't exist List networks = getVirtualNetworksOwnedByAccountInZone(account.getAccountName(), account.getDomainId(), zoneId); if (networks.size() == 0) { List offerings = _configMgr.listNetworkOfferings(TrafficType.Guest, false); network = createNetwork(offerings.get(0).getId(), account.getAccountName() + "-network", account.getAccountName() + "-network", false, null, zoneId, null, null, null, null, null, null, account); - - if (network == null){ + + if (network == null) { s_logger.warn("Failed to create default Virtual network for the account " + accountId + "in zone " + zoneId); return false; } else { - //sourceNat ip is allocated as a part of networkCreate + // sourceNat ip is allocated as a part of networkCreate allocatedIps++; } } else { assert (networks.size() <= 1) : "Too many virtual networks. This logic should be obsolete"; network = networks.get(0); } - - //Associate ip addresses + + // Associate ip addresses long ipCount = _ipAddressDao.countIPs(zoneId, vlanId, false); if (ipCount > 0) { while (allocatedIps < ipCount) { fetchNewPublicIp(zoneId, null, vlanId, account, VlanType.VirtualNetwork, network.getId(), false, true); allocatedIps++; } - + if (network.getState() == Network.State.Implemented) { s_logger.debug("Applying ip associations for vlan id=" + vlanId + " in network " + network); return applyIpAssociations(network, false); @@ -2019,33 +2050,33 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag return true; } } - + @Override public Nic getNicForTraffic(long vmId, TrafficType type) { SearchCriteria sc = NicForTrafficTypeSearch.create(); sc.setParameters("instance", vmId); sc.setJoinParameters("network", "traffictype", type); - + List vos = _nicDao.search(sc, null); assert vos.size() <= 1 : "If we have multiple networks of the same type, then this method should no longer be used."; return vos.size() == 1 ? vos.get(0) : null; } - + @Override public IpAddress getIp(long ipAddressId) { return _ipAddressDao.findById(ipAddressId); } - + @Override public NetworkProfile getNetworkProfile(long networkId) { NetworkVO network = _networksDao.findById(networkId); NetworkGuru concierge = _networkGurus.get(network.getGuruName()); NetworkProfile profile = new NetworkProfile(network, null, null); concierge.updateNetworkProfile(profile); - + return profile; } - + @Override public Network getDefaultNetworkForVm(long vmId) { Nic defaultNic = getDefaultNic(vmId); @@ -2055,14 +2086,13 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag return _networksDao.findById(defaultNic.getNetworkId()); } } - - + @Override public Nic getDefaultNic(long vmId) { List nics = _nicDao.listBy(vmId); Nic defaultNic = null; if (nics != null) { - for (Nic nic: nics) { + for (Nic nic : nics) { if (nic.isDefaultNic()) { defaultNic = nic; break; @@ -2072,15 +2102,15 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag s_logger.debug("Unable to find default network for the vm; vm doesn't have any nics"); return null; } - + if (defaultNic == null) { s_logger.debug("Unable to find default network for the vm; vm doesn't have default nic"); } - + return defaultNic; - + } - + @Override public List getPasswordResetElements() { List elements = new ArrayList(); @@ -2091,13 +2121,12 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag } return elements; } - - public boolean zoneIsConfiguredForExternalNetworking(long zoneId) { - DataCenterVO zone = _dcDao.findById(zoneId); - return (zone.getGatewayProvider().equals(Network.Provider.ExternalFirewall.getName()) && - zone.getFirewallProvider().equals(Network.Provider.ExternalFirewall.getName()) && - zone.getLoadBalancerProvider().equals(Network.Provider.ExternalLoadBalancer.getName())); + public boolean zoneIsConfiguredForExternalNetworking(long zoneId) { + DataCenterVO zone = _dcDao.findById(zoneId); + + return (zone.getGatewayProvider().equals(Network.Provider.ExternalFirewall.getName()) && zone.getFirewallProvider().equals(Network.Provider.ExternalFirewall.getName()) && zone.getLoadBalancerProvider().equals( + Network.Provider.ExternalLoadBalancer.getName())); } } diff --git a/server/src/com/cloud/network/dao/IPAddressDao.java b/server/src/com/cloud/network/dao/IPAddressDao.java index 11f5e6220a5..e2245bfbfbb 100644 --- a/server/src/com/cloud/network/dao/IPAddressDao.java +++ b/server/src/com/cloud/network/dao/IPAddressDao.java @@ -30,7 +30,9 @@ public interface IPAddressDao extends GenericDao { void unassignIpAddress(long ipAddressId); - List listByAccount(long accountId); + List listByAccount(long accountId); + + List listByVlanId(long vlanId); List listByDcIdIpAddress(long dcId, String ipAddress); diff --git a/server/src/com/cloud/network/dao/IPAddressDaoImpl.java b/server/src/com/cloud/network/dao/IPAddressDaoImpl.java index db67278a143..acc7d8082cb 100644 --- a/server/src/com/cloud/network/dao/IPAddressDaoImpl.java +++ b/server/src/com/cloud/network/dao/IPAddressDaoImpl.java @@ -168,6 +168,13 @@ public class IPAddressDaoImpl extends GenericDaoBase implemen return listBy(sc); } + @Override + public List listByVlanId(long vlanId) { + SearchCriteria sc = AllFieldsSearch.create(); + sc.setParameters("vlan", vlanId); + return listBy(sc); + } + @Override public IPAddressVO findByAccountAndIp(long accountId, String ipAddress) { SearchCriteria sc = AllFieldsSearch.create(); diff --git a/server/src/com/cloud/network/dao/RemoteAccessVpnDao.java b/server/src/com/cloud/network/dao/RemoteAccessVpnDao.java index c987462255c..9e324e2bc64 100644 --- a/server/src/com/cloud/network/dao/RemoteAccessVpnDao.java +++ b/server/src/com/cloud/network/dao/RemoteAccessVpnDao.java @@ -28,5 +28,6 @@ public interface RemoteAccessVpnDao extends GenericDao RemoteAccessVpnVO findByPublicIpAddress(long ipAddressId); RemoteAccessVpnVO findByPublicIpAddressAndState(long ipAddressId, RemoteAccessVpn.State state); RemoteAccessVpnVO findByAccountAndNetwork(Long accountId, Long zoneId); - List findByAccount(Long accountId); + List findByAccount(Long accountId); + List listByNetworkId(Long networkId); } diff --git a/server/src/com/cloud/network/dao/RemoteAccessVpnDaoImpl.java b/server/src/com/cloud/network/dao/RemoteAccessVpnDaoImpl.java index 8da0b8f77b8..92de55b5cc0 100644 --- a/server/src/com/cloud/network/dao/RemoteAccessVpnDaoImpl.java +++ b/server/src/com/cloud/network/dao/RemoteAccessVpnDaoImpl.java @@ -74,5 +74,12 @@ public class RemoteAccessVpnDaoImpl extends GenericDaoBase listByNetworkId(Long networkId) { + SearchCriteria sc = AllFieldsSearch.create(); + sc.setParameters("networkId", networkId); + return listBy(sc); } } diff --git a/server/src/com/cloud/network/element/DhcpElement.java b/server/src/com/cloud/network/element/DhcpElement.java index 33f7a62e191..3546e6aed58 100644 --- a/server/src/com/cloud/network/element/DhcpElement.java +++ b/server/src/com/cloud/network/element/DhcpElement.java @@ -49,7 +49,6 @@ import com.cloud.offering.NetworkOffering; import com.cloud.uservm.UserVm; import com.cloud.utils.component.AdapterBase; import com.cloud.utils.component.Inject; -import com.cloud.utils.exception.CloudRuntimeException; import com.cloud.vm.DomainRouterVO; import com.cloud.vm.NicProfile; import com.cloud.vm.ReservationContext; @@ -95,7 +94,10 @@ public class DhcpElement extends AdapterBase implements NetworkElement, Password if (!canHandle(network.getGuestType(), dest, offering.getTrafficType())) { return false; } - _routerMgr.deployDhcp(network, dest, context.getAccount()); + + Map params = new HashMap(1); + params.put(VirtualMachineProfile.Param.RestartNetwork, true); + _routerMgr.deployDhcp(network, dest, context.getAccount(), params); return true; } @@ -109,7 +111,8 @@ public class DhcpElement extends AdapterBase implements NetworkElement, Password @SuppressWarnings("unchecked") VirtualMachineProfile uservm = (VirtualMachineProfile)vm; - + Map params = new HashMap(1); + params.put(VirtualMachineProfile.Param.RestartNetwork, true); return _routerMgr.addVirtualMachineIntoNetwork(network, nic, uservm, dest, context, true) != null; } else { return false; @@ -184,9 +187,9 @@ public class DhcpElement extends AdapterBase implements NetworkElement, Password VirtualRouter result = null; if (canHandle(network.getGuestType(), dest, offering.getTrafficType())) { if (router.getState() == State.Stopped) { - result = _routerMgr.startRouter(router.getId()); + result = _routerMgr.startRouter(router.getId(), false); } else { - result = _routerMgr.rebootRouter(router.getId()); + result = _routerMgr.rebootRouter(router.getId(), false); } if (result == null) { s_logger.warn("Failed to restart dhcp element " + router + " as a part of netowrk " + network + " restart"); diff --git a/server/src/com/cloud/network/element/VirtualRouterElement.java b/server/src/com/cloud/network/element/VirtualRouterElement.java index 2b985382f33..93987b869e2 100644 --- a/server/src/com/cloud/network/element/VirtualRouterElement.java +++ b/server/src/com/cloud/network/element/VirtualRouterElement.java @@ -48,10 +48,11 @@ import com.cloud.network.lb.LoadBalancingRule; import com.cloud.network.lb.LoadBalancingRule.LbDestination; import com.cloud.network.lb.LoadBalancingRulesManager; import com.cloud.network.router.VirtualNetworkApplianceManager; +import com.cloud.network.router.VirtualRouter; import com.cloud.network.rules.FirewallRule; -import com.cloud.network.rules.RulesManager; import com.cloud.network.rules.FirewallRule.Purpose; import com.cloud.network.rules.PortForwardingRule; +import com.cloud.network.rules.RulesManager; import com.cloud.network.vpn.RemoteAccessVpnElement; import com.cloud.offering.NetworkOffering; import com.cloud.offerings.dao.NetworkOfferingDao; @@ -64,8 +65,8 @@ import com.cloud.vm.NicProfile; import com.cloud.vm.ReservationContext; import com.cloud.vm.UserVmManager; import com.cloud.vm.VirtualMachine; -import com.cloud.vm.VirtualMachineProfile; import com.cloud.vm.VirtualMachine.State; +import com.cloud.vm.VirtualMachineProfile; import com.cloud.vm.dao.DomainRouterDao; import com.cloud.vm.dao.UserVmDao; @@ -104,7 +105,9 @@ public class VirtualRouterElement extends DhcpElement implements NetworkElement, return false; } - _routerMgr.deployVirtualRouter(guestConfig, dest, context.getAccount()); + Map params = new HashMap(1); + params.put(VirtualMachineProfile.Param.RestartNetwork, true); + _routerMgr.deployVirtualRouter(guestConfig, dest, context.getAccount(), params); return true; } @@ -125,6 +128,35 @@ public class VirtualRouterElement extends DhcpElement implements NetworkElement, return false; } } + + @Override + public boolean restart(Network network, ReservationContext context) throws ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException{ + DataCenter dc = _configMgr.getZone(network.getDataCenterId()); + DeployDestination dest = new DeployDestination(dc, null, null, null); + DomainRouterVO router = _routerDao.findByNetworkConfiguration(network.getId()); + if (router == null) { + s_logger.trace("Can't find virtual router element in network " + network.getId()); + return true; + } + + VirtualRouter result = null; + if (canHandle(network.getGuestType(), dest.getDataCenter())) { + if (router.getState() == State.Stopped) { + result = _routerMgr.startRouter(router.getId(), false); + } else { + result = _routerMgr.rebootRouter(router.getId(), false); + } + if (result == null) { + s_logger.warn("Failed to restart virtual router element " + router + " as a part of netowrk " + network + " restart"); + return false; + } else { + return true; + } + } else { + s_logger.trace("Virtual router element doesn't handle network restart for the network " + network); + return true; + } + } @Override public boolean applyRules(Network config, List rules) throws ResourceUnavailableException { diff --git a/server/src/com/cloud/network/lb/LoadBalancingRulesManager.java b/server/src/com/cloud/network/lb/LoadBalancingRulesManager.java index 48554aa11b8..b588eec90cd 100644 --- a/server/src/com/cloud/network/lb/LoadBalancingRulesManager.java +++ b/server/src/com/cloud/network/lb/LoadBalancingRulesManager.java @@ -19,6 +19,7 @@ package com.cloud.network.lb; import java.util.List; +import com.cloud.exception.ResourceUnavailableException; import com.cloud.network.lb.LoadBalancingRule.LbDestination; public interface LoadBalancingRulesManager extends LoadBalancingRulesService { @@ -31,4 +32,6 @@ public interface LoadBalancingRulesManager extends LoadBalancingRulesService { * @return true if removal is successful */ boolean removeVmFromLoadBalancers(long vmId); + + boolean applyLoadBalancersForNetwork(long networkId) throws ResourceUnavailableException; } diff --git a/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java b/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java index 07fc87fffa8..dfffb233e69 100644 --- a/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java +++ b/server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java @@ -368,26 +368,47 @@ public class LoadBalancingRulesManagerImpl implements LoadBalancingRulesManager, @Override public boolean applyLoadBalancerConfig(long lbRuleId) throws ResourceUnavailableException { + List lbs = new ArrayList(1); + lbs.add(_lbDao.findById(lbRuleId)); + return applyLoadBalancerRules(lbs); + } + + @Override + public boolean applyLoadBalancersForNetwork(long networkId) throws ResourceUnavailableException { + List lbs = _lbDao.listByNetworkId(networkId); + + if (lbs != null) { + return applyLoadBalancerRules(lbs); + } else { + s_logger.info("Network id=" + networkId + " doesn't have load balancer rules, nothing to apply"); + return true; + } + } + + private boolean applyLoadBalancerRules(List lbs) throws ResourceUnavailableException{ List rules = new ArrayList(); - LoadBalancerVO lb = _lbDao.findById(lbRuleId); - List dstList = getExistingDestinations(lb.getId()); - - if (dstList != null && !dstList.isEmpty()) { - LoadBalancingRule loadBalancing = new LoadBalancingRule(lb, dstList); - rules.add(loadBalancing); - - if (!_networkMgr.applyRules(rules, false)) { - s_logger.debug("LB rules are not completely applied"); - return false; - } + for (LoadBalancerVO lb : lbs) { + List dstList = getExistingDestinations(lb.getId()); + if (dstList != null && !dstList.isEmpty()) { + LoadBalancingRule loadBalancing = new LoadBalancingRule(lb, dstList); + rules.add(loadBalancing); + } + } + + if (!_networkMgr.applyRules(rules, false)) { + s_logger.debug("LB rules are not completely applied"); + return false; + } + + for (LoadBalancerVO lb : lbs) { if (lb.getState() == FirewallRule.State.Revoke) { _lbDao.remove(lb.getId()); s_logger.debug("LB " + lb.getId() + " is successfully removed"); } else if (lb.getState() == FirewallRule.State.Add) { lb.setState(FirewallRule.State.Active); - s_logger.debug("LB rule " + lbRuleId + " state is set to Active"); + s_logger.debug("LB rule " + lb.getId() + " state is set to Active"); _lbDao.persist(lb); } } diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java index 8586ee53fc4..682191262a9 100644 --- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java +++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManager.java @@ -35,7 +35,6 @@ import com.cloud.network.RemoteAccessVpn; import com.cloud.network.VirtualNetworkApplianceService; import com.cloud.network.VpnUser; import com.cloud.network.lb.LoadBalancingRule; -import com.cloud.network.rules.PortForwardingRule; import com.cloud.user.Account; import com.cloud.uservm.UserVm; import com.cloud.utils.component.Manager; @@ -76,9 +75,9 @@ public interface VirtualNetworkApplianceManager extends Manager, VirtualNetworkA DomainRouterVO getRouter(long accountId, long zoneId); DomainRouterVO getRouter(String publicIpAddress); - VirtualRouter deployVirtualRouter(Network guestNetwork, DeployDestination dest, Account owner) throws InsufficientCapacityException, ResourceUnavailableException, ConcurrentOperationException; + VirtualRouter deployVirtualRouter(Network guestNetwork, DeployDestination dest, Account owner, Map params) throws InsufficientCapacityException, ResourceUnavailableException, ConcurrentOperationException; - VirtualRouter deployDhcp(Network guestNetwork, DeployDestination dest, Account owner) throws InsufficientCapacityException, ResourceUnavailableException, ConcurrentOperationException; + VirtualRouter deployDhcp(Network guestNetwork, DeployDestination dest, Account owner, Map params) throws InsufficientCapacityException, ResourceUnavailableException, ConcurrentOperationException; boolean startRemoteAccessVpn(Network network, RemoteAccessVpn vpn) throws ResourceUnavailableException; diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java index 1e555df61df..a66c8271231 100644 --- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java +++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java @@ -523,7 +523,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian } @Override - public VirtualRouter rebootRouter(long routerId) throws InvalidParameterValueException, PermissionDeniedException, ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException { + public VirtualRouter rebootRouter(long routerId, boolean restartNetwork) throws InvalidParameterValueException, PermissionDeniedException, ConcurrentOperationException, ResourceUnavailableException, InsufficientCapacityException { Account account = UserContext.current().getCaller(); // verify parameters @@ -545,7 +545,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian s_logger.debug("Stopping and starting router " + router + " as a part of router reboot"); if (stopRouter(routerId) != null) { - return startRouter(routerId); + return startRouter(routerId, restartNetwork); } else { throw new CloudRuntimeException("Failed to reboot router " + router); } @@ -766,7 +766,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian } @Override - public VirtualRouter deployVirtualRouter(Network guestNetwork, DeployDestination dest, Account owner) throws InsufficientCapacityException, + public VirtualRouter deployVirtualRouter(Network guestNetwork, DeployDestination dest, Account owner, Map params) throws InsufficientCapacityException, ConcurrentOperationException, ResourceUnavailableException { long dcId = dest.getDataCenter().getId(); @@ -828,14 +828,14 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian State state = router.getState(); if (state != State.Starting && state != State.Running) { - router = this.start(router, _accountService.getSystemUser(), _accountService.getSystemAccount()); + router = this.start(router, _accountService.getSystemUser(), _accountService.getSystemAccount(), params); } return router; } @Override - public VirtualRouter deployDhcp(Network guestNetwork, DeployDestination dest, Account owner) throws InsufficientCapacityException, + public VirtualRouter deployDhcp(Network guestNetwork, DeployDestination dest, Account owner, Map params) throws InsufficientCapacityException, StorageUnavailableException, ConcurrentOperationException, ResourceUnavailableException { long dcId = dest.getDataCenter().getId(); @@ -883,7 +883,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian } State state = router.getState(); if (state != State.Starting && state != State.Running) { - router = this.start(router, _accountService.getSystemUser(), _accountService.getSystemAccount()); + router = this.start(router, _accountService.getSystemUser(), _accountService.getSystemAccount(), params); } return router; } @@ -1020,9 +1020,9 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian } _routerDao.update(router.getId(), router); - //The commands should be sent for domR only, skip for DHCP - if (router.getRole() == VirtualRouter.Role.DHCP_FIREWALL_LB_PASSWD_USERDATA) { + if (router.getRole() == VirtualRouter.Role.DHCP_FIREWALL_LB_PASSWD_USERDATA && ((Boolean)profile.getParameter(Param.RestartNetwork))== true) { + s_logger.debug("Resending ipAssoc, port forwarding, load balancing rules as a part of Virtual router start"); long networkId = router.getNetworkId(); long ownerId = router.getAccountId(); long zoneId = router.getDataCenterId(); @@ -1189,10 +1189,10 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian return sendCommandsToRouter(router, cmds); } - private DomainRouterVO start(DomainRouterVO router, User user, Account caller) throws StorageUnavailableException, InsufficientCapacityException, + private DomainRouterVO start(DomainRouterVO router, User user, Account caller, Map params) throws StorageUnavailableException, InsufficientCapacityException, ConcurrentOperationException, ResourceUnavailableException { s_logger.debug("Starting router " + router); - if (_itMgr.start(router, null, user, caller) != null) { + if (_itMgr.start(router, params, user, caller) != null) { return _routerDao.findById(router.getId()); } else { return null; @@ -1213,7 +1213,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian public VirtualRouter addVirtualMachineIntoNetwork(Network network, NicProfile nic, VirtualMachineProfile profile, DeployDestination dest, ReservationContext context, Boolean startDhcp) throws ConcurrentOperationException, InsufficientCapacityException, ResourceUnavailableException { - VirtualRouter router = startDhcp ? deployDhcp(network, dest, profile.getOwner()) : deployVirtualRouter(network, dest, profile.getOwner()); + VirtualRouter router = startDhcp ? deployDhcp(network, dest, profile.getOwner(), profile.getParameters()) : deployVirtualRouter(network, dest, profile.getOwner(), profile.getParameters()); _userVmDao.loadDetails((UserVmVO) profile.getVirtualMachine()); @@ -1342,7 +1342,7 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian } @Override - public VirtualRouter startRouter(long routerId) throws ResourceUnavailableException, InsufficientCapacityException, ConcurrentOperationException { + public VirtualRouter startRouter(long routerId, boolean restartNetwork) throws ResourceUnavailableException, InsufficientCapacityException, ConcurrentOperationException { Account account = UserContext.current().getCaller(); // verify parameters @@ -1353,8 +1353,13 @@ public class VirtualNetworkApplianceManagerImpl implements VirtualNetworkApplian _accountMgr.checkAccess(account, router); UserVO user = _userDao.findById(UserContext.current().getCallerUserId()); - - return this.start(router, user, account); + Map params = new HashMap(); + if (restartNetwork) { + params.put(Param.RestartNetwork, true); + } else { + params.put(Param.RestartNetwork, false); + } + return this.start(router, user, account, params); } private void createAssociateIPCommands(final DomainRouterVO router, final List ips, Commands cmds, long vmId) { diff --git a/server/src/com/cloud/network/rules/RulesManager.java b/server/src/com/cloud/network/rules/RulesManager.java index f1a2a42b57c..ce864f58fab 100644 --- a/server/src/com/cloud/network/rules/RulesManager.java +++ b/server/src/com/cloud/network/rules/RulesManager.java @@ -33,7 +33,9 @@ import com.cloud.uservm.UserVm; */ public interface RulesManager extends RulesService { - boolean applyPortForwardingRules(long ipAddressId, boolean continueOnError); + boolean applyPortForwardingRules(long ipAddressId, boolean continueOnError, Account caller); + + boolean applyPortForwardingRulesForNetwork(long networkId, boolean continueOnError, Account caller); /** * detectRulesConflict finds conflicts in networking rules. It checks for @@ -76,5 +78,5 @@ public interface RulesManager extends RulesService { FirewallRule[] reservePorts(IpAddress ip, String protocol, FirewallRule.Purpose purpose, int... ports) throws NetworkRuleConflictException; boolean releasePorts(long ipId, String protocol, FirewallRule.Purpose purpose, int... ports); - List listByNetworkId(long networkId); + List listByNetworkId(long networkId); } diff --git a/server/src/com/cloud/network/rules/RulesManagerImpl.java b/server/src/com/cloud/network/rules/RulesManagerImpl.java index 9e28cfb68c8..5fc614f1de1 100644 --- a/server/src/com/cloud/network/rules/RulesManagerImpl.java +++ b/server/src/com/cloud/network/rules/RulesManagerImpl.java @@ -353,7 +353,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager { boolean success = false; if (apply) { - success = applyPortForwardingRules(rule.getSourceIpAddressId(), true); + success = applyPortForwardingRules(rule.getSourceIpAddressId(), true, caller); } else { success = true; } @@ -430,20 +430,12 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager { return _forwardingDao.search(sc, filter); } - @Override - public boolean applyPortForwardingRules(long ipId, boolean continueOnError) { - try { - return applyPortForwardingRules(ipId, continueOnError, null); - } catch (ResourceUnavailableException e) { - s_logger.warn("Unable to reapply port forwarding rules for Ip id=" + ipId); - return false; - } - } - - protected boolean applyPortForwardingRules(long ipId, boolean continueOnError, Account caller) throws ResourceUnavailableException { + + @Override + public boolean applyPortForwardingRules(long ipId, boolean continueOnError, Account caller){ List rules = _forwardingDao.listForApplication(ipId); if (rules.size() == 0) { - s_logger.debug("There are no rules to apply for ip id=" + ipId); + s_logger.debug("There are no firwall rules to apply for ip id=" + ipId); return true; } @@ -451,23 +443,59 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager { _accountMgr.checkAccess(caller, rules.toArray(new PortForwardingRuleVO[rules.size()])); } - if (!_networkMgr.applyRules(rules, continueOnError)) { - s_logger.debug("Rules are not completely applied"); + try { + if (!applyRules(rules, continueOnError)) { + return false; + } + } catch (ResourceUnavailableException ex) { + s_logger.warn("Failed to apply firewall rules due to ", ex); return false; } - for (PortForwardingRuleVO rule : rules) { - if (rule.getState() == FirewallRule.State.Revoke) { - _forwardingDao.remove(rule.getId()); - } else if (rule.getState() == FirewallRule.State.Add) { - rule.setState(FirewallRule.State.Active); - _forwardingDao.update(rule.getId(), rule); + return true; + } + + @Override + public boolean applyPortForwardingRulesForNetwork(long networkId, boolean continueOnError, Account caller){ + List rules = listByNetworkId(networkId); + if (rules.size() == 0) { + s_logger.debug("There are no firewall rules to apply for network id=" + networkId); + return true; + } + + if (caller != null) { + _accountMgr.checkAccess(caller, rules.toArray(new PortForwardingRuleVO[rules.size()])); + } + + try { + if (!applyRules(rules, continueOnError)) { + return false; } + } catch (ResourceUnavailableException ex) { + s_logger.warn("Failed to apply firewall rules due to ", ex); + return false; } return true; } + private boolean applyRules(List rules, boolean continueOnError) throws ResourceUnavailableException{ + if (!_networkMgr.applyRules(rules, continueOnError)) { + s_logger.warn("Rules are not completely applied"); + return false; + } else { + for (PortForwardingRuleVO rule : rules) { + if (rule.getState() == FirewallRule.State.Revoke) { + _forwardingDao.remove(rule.getId()); + } else if (rule.getState() == FirewallRule.State.Add) { + rule.setState(FirewallRule.State.Active); + _forwardingDao.update(rule.getId(), rule); + } + } + return true; + } + } + @Override public List searchForIpForwardingRules(Long ipId, Long id, Long vmId, Long start, Long size) { return _forwardingDao.searchNatRules(ipId, id, vmId, start, size); @@ -593,7 +621,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager { } @Override - public List listByNetworkId(long networkId) { + public List listByNetworkId(long networkId) { return _forwardingDao.listByNetworkId(networkId); } @@ -636,7 +664,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager { } } - if (applyPortForwardingRules(ipId, true)) { + if (applyPortForwardingRules(ipId, true, caller)) { ipAddress.setOneToOneNat(false); ipAddress.setAssociatedWithVmId(null); _ipAddressDao.update(ipAddress.getId(), ipAddress); diff --git a/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java b/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java index 58b5f0d66bf..79ec142aae5 100644 --- a/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java +++ b/server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java @@ -559,5 +559,10 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag public String getName() { return _name; } + + @Override + public List listRemoteAccessVpns(long networkId) { + return _remoteAccessVpnDao.listByNetworkId(networkId); + } } diff --git a/server/src/com/cloud/server/ConfigurationServerImpl.java b/server/src/com/cloud/server/ConfigurationServerImpl.java index c7bd6f70d8c..717f5f79bb2 100644 --- a/server/src/com/cloud/server/ConfigurationServerImpl.java +++ b/server/src/com/cloud/server/ConfigurationServerImpl.java @@ -60,12 +60,14 @@ import com.cloud.domain.dao.DomainDao; import com.cloud.exception.InternalErrorException; import com.cloud.exception.InvalidParameterValueException; import com.cloud.hypervisor.Hypervisor.HypervisorType; +import com.cloud.network.IPAddressVO; import com.cloud.network.Network; import com.cloud.network.Network.State; import com.cloud.network.NetworkVO; import com.cloud.network.Networks.BroadcastDomainType; import com.cloud.network.Networks.Mode; import com.cloud.network.Networks.TrafficType; +import com.cloud.network.dao.IPAddressDao; import com.cloud.network.dao.NetworkDao; import com.cloud.network.guru.ControlNetworkGuru; import com.cloud.network.guru.DirectPodBasedNetworkGuru; @@ -81,6 +83,8 @@ import com.cloud.storage.DiskOfferingVO; import com.cloud.storage.SnapshotPolicyVO; import com.cloud.storage.dao.DiskOfferingDao; import com.cloud.storage.dao.SnapshotPolicyDao; +import com.cloud.test.DatabaseConfig; +import com.cloud.test.IPRangeConfig; import com.cloud.user.Account; import com.cloud.user.User; import com.cloud.utils.PasswordGenerator; @@ -106,6 +110,7 @@ public class ConfigurationServerImpl implements ConfigurationServer { private final DataCenterDao _dataCenterDao; private final NetworkDao _networkDao; private final VlanDao _vlanDao; + private final IPAddressDao _ipAddressDao; public ConfigurationServerImpl() { @@ -121,9 +126,10 @@ public class ConfigurationServerImpl implements ConfigurationServer { _dataCenterDao = locator.getDao(DataCenterDao.class); _networkDao = locator.getDao(NetworkDao.class); _vlanDao = locator.getDao(VlanDao.class); + _ipAddressDao = locator.getDao(IPAddressDao.class); } - @Override + @Override @DB public void persistDefaultValues() throws InvalidParameterValueException, InternalErrorException { // Create system user and admin user @@ -220,15 +226,33 @@ public class ConfigurationServerImpl implements ConfigurationServer { //Create default networks createDefaultNetworks(); + //Create userIpAddress ranges + + //Update existing vlans with networkId + Transaction txn = Transaction.currentTxn(); + List vlans = _vlanDao.listAll(); if (vlans != null && !vlans.isEmpty()) { for (VlanVO vlan : vlans) { if (vlan.getNetworkId().longValue() == 0) { updateVlanWithNetworkId(vlan); } + + //Create vlan user_ip_address range + String ipPange = vlan.getIpRange(); + String[] range = ipPange.split("-"); + String startIp = range[0]; + String endIp = range[1]; + + txn.start(); + IPRangeConfig config = new IPRangeConfig(); + long startIPLong = NetUtils.ip2Long(startIp); + long endIPLong = NetUtils.ip2Long(endIp); + config.savePublicIPRange(txn, startIPLong, endIPLong, vlan.getDataCenterId(), vlan.getId(), vlan.getNetworkId()); + txn.commit(); } - } + } } // store the public and private keys in the database diff --git a/server/src/com/cloud/test/DatabaseConfig.java b/server/src/com/cloud/test/DatabaseConfig.java index f38d08d0e57..bfb8939f492 100755 --- a/server/src/com/cloud/test/DatabaseConfig.java +++ b/server/src/com/cloud/test/DatabaseConfig.java @@ -670,7 +670,7 @@ public class DatabaseConfig { pzc.modifyVlan(zoneName, true, vlanId, gateway, netmask, vlanPodName, vlanType, publicIpRange, 0); long vlanDbId = pzc.getVlanDbId(zoneName, vlanId); - iprc.saveIPRange("public", -1, zoneDbId, vlanDbId, startIP, endIP, 1L); + iprc.saveIPRange("public", -1, zoneDbId, vlanDbId, startIP, endIP, null); } @@ -1176,7 +1176,6 @@ public class DatabaseConfig { } return name; } - } public static List genReturnList(String success, String message) { diff --git a/server/src/com/cloud/test/IPRangeConfig.java b/server/src/com/cloud/test/IPRangeConfig.java index 4bd6b39c6a1..52aec125ca5 100644 --- a/server/src/com/cloud/test/IPRangeConfig.java +++ b/server/src/com/cloud/test/IPRangeConfig.java @@ -449,7 +449,7 @@ public class IPRangeConfig { return problemIPs; } - public Vector savePublicIPRange(Transaction txn, long startIP, long endIP, long zoneId, long vlanDbId, long sourceNetworkId) { + public Vector savePublicIPRange(Transaction txn, long startIP, long endIP, long zoneId, long vlanDbId, Long sourceNetworkId) { String insertSql = "INSERT INTO `cloud`.`user_ip_address` (public_ip_address, data_center_id, vlan_db_id, mac_address, source_network_id) VALUES (?, ?, ?, (select mac_address from `cloud`.`data_center` where id=?), ?)"; String updateSql = "UPDATE `cloud`.`data_center` set mac_address = mac_address+1 where id=?"; Vector problemIPs = new Vector(); diff --git a/server/src/com/cloud/vm/VirtualMachineProfileImpl.java b/server/src/com/cloud/vm/VirtualMachineProfileImpl.java index 52a9698c237..ecb826501fb 100644 --- a/server/src/com/cloud/vm/VirtualMachineProfileImpl.java +++ b/server/src/com/cloud/vm/VirtualMachineProfileImpl.java @@ -224,4 +224,9 @@ public class VirtualMachineProfileImpl implements Virtua public BootloaderType getBootLoaderType() { return this._bootloader; } + + @Override + public Map getParameters() { + return _params; + } }