From 34066935c0cb91887389b1ba17fe2a41d2f257af Mon Sep 17 00:00:00 2001 From: Alena Prokharchyk Date: Fri, 13 Jul 2012 12:47:36 -0700 Subject: [PATCH 1/5] VPC: CS-15564 - when send the rules to the backend, form the list of rules after the rules were marked with Revoke state --- .../com/cloud/network/vpc/NetworkACLManagerImpl.java | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java index ec6e5ce5c85..7637892635b 100644 --- a/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java +++ b/server/src/com/cloud/network/vpc/NetworkACLManagerImpl.java @@ -400,18 +400,26 @@ public class NetworkACLManagerImpl implements Manager,NetworkACLManager{ public boolean revokeAllNetworkACLsForNetwork(long networkId, long userId, Account caller) throws ResourceUnavailableException { List ACLs = _firewallDao.listByNetworkAndPurpose(networkId, Purpose.NetworkACL); + + if (ACLs.isEmpty()) { + s_logger.debug("Found no network ACLs for network id=" + networkId); + return true; + } + if (s_logger.isDebugEnabled()) { s_logger.debug("Releasing " + ACLs.size() + " Network ACLs for network id=" + networkId); } for (FirewallRuleVO ACL : ACLs) { - // Mark all Firewall rules as Revoke, but don't revoke them yet - we have to revoke all rules for ip, no + // Mark all Network ACLs rules as Revoke, but don't revoke them yet - we have to revoke all rules for ip, no // need to send them one by one revokeNetworkACL(ACL.getId(), false, caller, Account.ACCOUNT_ID_SYSTEM); } + + List ACLsToRevoke = _firewallDao.listByNetworkAndPurpose(networkId, Purpose.NetworkACL); // now send everything to the backend - boolean success = _firewallMgr.applyFirewallRules(ACLs, false, caller); + boolean success = _firewallMgr.applyFirewallRules(ACLsToRevoke, false, caller); if (s_logger.isDebugEnabled()) { s_logger.debug("Successfully released Network ACLs for network id=" + networkId + " and # of rules now = " + ACLs.size()); From f9552f47076ea76edd64e11fc22102ce7687afd6 Mon Sep 17 00:00:00 2001 From: Alena Prokharchyk Date: Fri, 13 Jul 2012 13:06:36 -0700 Subject: [PATCH 2/5] VPC: CS-15562 - get info about VR's guest networks from nics table --- .../cloud/network/firewall/FirewallManagerImpl.java | 2 +- .../router/VpcVirtualNetworkApplianceManagerImpl.java | 10 ++++------ 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java index 8c7479a726f..ac15d60f0e9 100644 --- a/server/src/com/cloud/network/firewall/FirewallManagerImpl.java +++ b/server/src/com/cloud/network/firewall/FirewallManagerImpl.java @@ -592,7 +592,7 @@ public class FirewallManagerImpl implements FirewallService, FirewallManager, Ma for (FirewallRuleVO rule : fwRules) { // Mark all Firewall rules as Revoke, but don't revoke them yet - we have to revoke all rules for ip, no -// need to send them one by one + // need to send them one by one revokeFirewallRule(rule.getId(), false, caller, Account.ACCOUNT_ID_SYSTEM); } diff --git a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java index dc632e411f5..e11ae553002 100644 --- a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java +++ b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java @@ -791,7 +791,6 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian finalizeSshAndVersionOnStart(cmds, profile, router, controlNic); - //2) FORM PLUG NIC COMMANDS Map guestNics = new HashMap(); Map publicNics = new HashMap(); @@ -908,14 +907,13 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian throw new CloudRuntimeException("Cannot find related provider of virtual router provider: " + vrProvider.getType().toString()); } - List routerGuestNtwkIds = _routerDao.getRouterNetworks(router.getId()); - for (Long guestNetworkId : routerGuestNtwkIds) { + for (Nic nic : guestNics.keySet()) { if (reprogramGuestNtwks) { - finalizeIpAssocForNetwork(cmds, router, provider, guestNetworkId); - finalizeNetworkRulesForNetwork(cmds, router, provider, guestNetworkId); + finalizeIpAssocForNetwork(cmds, router, provider, nic.getNetworkId()); + finalizeNetworkRulesForNetwork(cmds, router, provider, nic.getNetworkId()); } - finalizeUserDataAndDhcpOnStart(cmds, router, provider, guestNetworkId); + finalizeUserDataAndDhcpOnStart(cmds, router, provider, nic.getNetworkId()); } return true; From 32873b3c4ec06ecfd1c228826dce2955e87927c4 Mon Sep 17 00:00:00 2001 From: Jessica Wang Date: Fri, 13 Jul 2012 13:07:11 -0700 Subject: [PATCH 3/5] cloudstack 3.0 UI - VPC - tier - tier detail - hide View IP Addresses until JS error "$browser is undefined" is fixed. --- ui/scripts/vpc.js | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/ui/scripts/vpc.js b/ui/scripts/vpc.js index f444acb2cd7..8192c908a8e 100644 --- a/ui/scripts/vpc.js +++ b/ui/scripts/vpc.js @@ -1096,6 +1096,9 @@ tiers: { detailView: { //duplicate from cloudStack.sections.network.sections.networks.listView.detailView (begin) name: 'Guest network details', + + //comment out until JS error "$browser is undefined" is fixed + /* viewAll: { path: 'network.ipAddresses', label: 'label.menu.ipaddresses', @@ -1152,6 +1155,8 @@ return false; } }, + */ + actions: { edit: { label: 'label.edit', From c73b29b2eedb16a36f13958e0fb0896533688bde Mon Sep 17 00:00:00 2001 From: Jessica Wang Date: Fri, 13 Jul 2012 13:30:12 -0700 Subject: [PATCH 4/5] cloudstack 3.0 UI - VPC - IP Address - Enable static NAT - no VM listing until a tier is selected. --- ui/scripts/network.js | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ui/scripts/network.js b/ui/scripts/network.js index 2b27456ecbb..a404a67af1b 100644 --- a/ui/scripts/network.js +++ b/ui/scripts/network.js @@ -1308,6 +1308,10 @@ if ($tierSelect.size() && $tierSelect.val() != '-1') { data.networkid = $tierSelect.val(); } + else { + args.response.success({ data: null }); + return; + } if('vpc' in args.context) { $.extend(data, { From 9c59082658903f1605c860c85bc682a551c2747d Mon Sep 17 00:00:00 2001 From: Brian Federle Date: Fri, 13 Jul 2012 13:39:29 -0700 Subject: [PATCH 5/5] Add tier name to ACL and VM list dialogs --- ui/scripts/ui-custom/vpc.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ui/scripts/ui-custom/vpc.js b/ui/scripts/ui-custom/vpc.js index 964582fa19b..82d64fcf29c 100644 --- a/ui/scripts/ui-custom/vpc.js +++ b/ui/scripts/ui-custom/vpc.js @@ -167,7 +167,7 @@ $dialog.append($listView); $dialog.dialog({ - title: 'VMs in this tier', + title: 'VMs in tier: ' + name, dialogClass: 'multi-edit-add-list panel configure-acl', width: 825, height: 600, @@ -457,7 +457,7 @@ context: context }) ).dialog({ - title: 'Configure ACL', + title: 'Configure ACL for tier: ' + $tier.find('.title').html(), dialogClass: 'configure-acl', width: 900, height: 600,