From 7aed9ea76d9294a8123c0d2aa04f40bc0d7300cb Mon Sep 17 00:00:00 2001 From: Sheng Yang Date: Tue, 6 Dec 2011 15:10:42 -0800 Subject: [PATCH] Add checking for specified cidr when create network and update network --- api/src/com/cloud/network/Network.java | 2 ++ api/src/com/cloud/network/NetworkProfile.java | 12 ++++++++ .../src/com/cloud/network/NetworkManager.java | 2 ++ .../com/cloud/network/NetworkManagerImpl.java | 28 +++++++++++++++++++ server/src/com/cloud/network/NetworkVO.java | 2 ++ .../cloud/network/guru/DirectNetworkGuru.java | 2 +- .../cloud/network/guru/GuestNetworkGuru.java | 2 +- .../dao/NetworkOfferingServiceMapDao.java | 2 ++ .../dao/NetworkOfferingServiceMapDaoImpl.java | 14 ++++++++++ 9 files changed, 64 insertions(+), 2 deletions(-) diff --git a/api/src/com/cloud/network/Network.java b/api/src/com/cloud/network/Network.java index 65e9a5209aa..38011d044db 100644 --- a/api/src/com/cloud/network/Network.java +++ b/api/src/com/cloud/network/Network.java @@ -286,4 +286,6 @@ public interface Network extends ControlledEntity { void setPhysicalNetworkId(Long physicalNetworkId); ACLType getAclType(); + + boolean isSpecifiedCidr(); } diff --git a/api/src/com/cloud/network/NetworkProfile.java b/api/src/com/cloud/network/NetworkProfile.java index 4b6f6f0cb8e..ca4447a9b13 100644 --- a/api/src/com/cloud/network/NetworkProfile.java +++ b/api/src/com/cloud/network/NetworkProfile.java @@ -48,6 +48,7 @@ public class NetworkProfile implements Network { private Network.GuestType guestType; private Long physicalNetworkId; private ACLType aclType; + private boolean specifiedCidr; public NetworkProfile(Network network) { this.id = network.getId(); @@ -70,6 +71,7 @@ public class NetworkProfile implements Network { this.guestType = network.getGuestType(); this.physicalNetworkId = network.getPhysicalNetworkId(); this.aclType = network.getAclType(); + this.specifiedCidr = network.isSpecifiedCidr(); } public String getDns1() { @@ -196,4 +198,14 @@ public class NetworkProfile implements Network { public ACLType getAclType() { return aclType; } + + @Override + public boolean isSpecifiedCidr() { + return specifiedCidr; + } + + public void setSpecifiedCidr(boolean specifiedCidr) { + this.specifiedCidr = specifiedCidr; + } + } diff --git a/server/src/com/cloud/network/NetworkManager.java b/server/src/com/cloud/network/NetworkManager.java index c7511feeb9f..23f170e822d 100644 --- a/server/src/com/cloud/network/NetworkManager.java +++ b/server/src/com/cloud/network/NetworkManager.java @@ -248,6 +248,8 @@ public interface NetworkManager extends NetworkService { boolean getAllowSubdomainAccessGlobal(); boolean isProviderForNetwork(Provider provider, long networkId); + + boolean isProviderForNetworkOffering(Provider provider, long networkOfferingId); void canProviderSupportServices(Map> providersMap); diff --git a/server/src/com/cloud/network/NetworkManagerImpl.java b/server/src/com/cloud/network/NetworkManagerImpl.java index ab78577d680..066f374e08b 100755 --- a/server/src/com/cloud/network/NetworkManagerImpl.java +++ b/server/src/com/cloud/network/NetworkManagerImpl.java @@ -1871,6 +1871,10 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag throw new InvalidParameterValueException("Cidr size can't be less than " + _cidrLimit); } } + + if (cidr != null && networkOfferingIsConfiguredForExternalNetworking(networkOfferingId)) { + throw new InvalidParameterValueException("Cannot specify CIDR when using network offering with external firewall!"); + } Transaction txn = Transaction.currentTxn(); txn.start(); @@ -3112,6 +3116,18 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag } } + public boolean networkOfferingIsConfiguredForExternalNetworking(long networkOfferingId) { + boolean netscalerInNetworkOffering = isProviderForNetworkOffering(Network.Provider.Netscaler, networkOfferingId); + boolean juniperInNetworkOffering = isProviderForNetworkOffering(Network.Provider.JuniperSRX, networkOfferingId); + boolean f5InNetworkOffering = isProviderForNetworkOffering(Network.Provider.F5BigIp, networkOfferingId); + + if (netscalerInNetworkOffering || juniperInNetworkOffering || f5InNetworkOffering) { + return true; + } else { + return false; + } + } + @Override public boolean areServicesSupportedByNetworkOffering(long networkOfferingId, Service... services) { return (_ntwkOfferingSrvcDao.areServicesSupportedByNetworkOffering(networkOfferingId, services)); @@ -3342,6 +3358,9 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag } if (networkOfferingId != oldNetworkOfferingId) { + if (network.isSpecifiedCidr() && networkOfferingIsConfiguredForExternalNetworking(networkOfferingId)) { + throw new InvalidParameterValueException("Network offering " + networkOffering + " contained external network elements, can't be upgraded from a CIDR specify network!"); + } //check if the network is upgradable if (!canUpgrade(oldNetworkOfferingId, networkOfferingId)) { throw new InvalidParameterValueException("Can't upgrade from network offering " + oldNetworkOfferingId + " to " + networkOfferingId + "; check logs for more information"); @@ -5094,6 +5113,15 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag } } + @Override + public boolean isProviderForNetworkOffering(Provider provider, long networkOfferingId) { + if (_ntwkOfferingSrvcDao.isProviderForNetworkOffering(networkOfferingId, provider)) { + return true; + } else { + return false; + } + } + @Override public void canProviderSupportServices(Map> providersMap) { for (Provider provider : providersMap.keySet()) { diff --git a/server/src/com/cloud/network/NetworkVO.java b/server/src/com/cloud/network/NetworkVO.java index 422de468216..a30138136ab 100644 --- a/server/src/com/cloud/network/NetworkVO.java +++ b/server/src/com/cloud/network/NetworkVO.java @@ -188,6 +188,7 @@ public class NetworkVO implements Network, Identity { state = State.Allocated; } this.uuid = UUID.randomUUID().toString(); + this.specifiedCidr = that.isSpecifiedCidr(); } /** @@ -464,6 +465,7 @@ public class NetworkVO implements Network, Identity { return aclType; } + @Override public boolean isSpecifiedCidr() { return specifiedCidr; } diff --git a/server/src/com/cloud/network/guru/DirectNetworkGuru.java b/server/src/com/cloud/network/guru/DirectNetworkGuru.java index f74dc018411..e615bc31273 100644 --- a/server/src/com/cloud/network/guru/DirectNetworkGuru.java +++ b/server/src/com/cloud/network/guru/DirectNetworkGuru.java @@ -108,6 +108,7 @@ public class DirectNetworkGuru extends AdapterBase implements NetworkGuru { if (userSpecified.getCidr() != null) { config.setCidr(userSpecified.getCidr()); config.setGateway(userSpecified.getGateway()); + config.setSpecifiedCidr(true); } if (userSpecified.getBroadcastUri() != null) { @@ -118,7 +119,6 @@ public class DirectNetworkGuru extends AdapterBase implements NetworkGuru { if (userSpecified.getBroadcastDomainType() != null) { config.setBroadcastDomainType(userSpecified.getBroadcastDomainType()); } - } boolean isSecurityGroupEnabled = _networkMgr.areServicesSupportedByNetworkOffering(offering.getId(), Service.SecurityGroup); diff --git a/server/src/com/cloud/network/guru/GuestNetworkGuru.java b/server/src/com/cloud/network/guru/GuestNetworkGuru.java index 175b2a08b23..eb8dd724d69 100755 --- a/server/src/com/cloud/network/guru/GuestNetworkGuru.java +++ b/server/src/com/cloud/network/guru/GuestNetworkGuru.java @@ -111,6 +111,7 @@ public class GuestNetworkGuru extends AdapterBase implements NetworkGuru { if (userSpecified.getCidr() != null) { network.setCidr(userSpecified.getCidr()); network.setGateway(userSpecified.getGateway()); + network.setSpecifiedCidr(true); } else { String guestNetworkCidr = dc.getGuestNetworkCidr(); // guest network cidr can be null for Basic zone @@ -125,7 +126,6 @@ public class GuestNetworkGuru extends AdapterBase implements NetworkGuru { network.setBroadcastUri(userSpecified.getBroadcastUri()); network.setState(State.Setup); } - network.setSpecifiedCidr(true); } else { String guestNetworkCidr = dc.getGuestNetworkCidr(); String[] cidrTuple = guestNetworkCidr.split("\\/"); diff --git a/server/src/com/cloud/offerings/dao/NetworkOfferingServiceMapDao.java b/server/src/com/cloud/offerings/dao/NetworkOfferingServiceMapDao.java index 1e156553c5d..ee774576b51 100644 --- a/server/src/com/cloud/offerings/dao/NetworkOfferingServiceMapDao.java +++ b/server/src/com/cloud/offerings/dao/NetworkOfferingServiceMapDao.java @@ -19,6 +19,7 @@ package com.cloud.offerings.dao; import java.util.List; +import com.cloud.network.Network.Provider; import com.cloud.network.Network.Service; import com.cloud.offerings.NetworkOfferingServiceMapVO; import com.cloud.utils.db.GenericDao; @@ -33,6 +34,7 @@ public interface NetworkOfferingServiceMapDao extends GenericDao listByNetworkOfferingId(long networkOfferingId); void deleteByOfferingId(long networkOfferingId); List listProvidersForServiceForNetworkOffering(long networkOfferingId, Service service); + boolean isProviderForNetworkOffering(long networkOfferingId, Provider provider); } diff --git a/server/src/com/cloud/offerings/dao/NetworkOfferingServiceMapDaoImpl.java b/server/src/com/cloud/offerings/dao/NetworkOfferingServiceMapDaoImpl.java index 1ecf0b1be49..7620b7953aa 100644 --- a/server/src/com/cloud/offerings/dao/NetworkOfferingServiceMapDaoImpl.java +++ b/server/src/com/cloud/offerings/dao/NetworkOfferingServiceMapDaoImpl.java @@ -25,6 +25,7 @@ import javax.ejb.Local; import com.cloud.exception.UnsupportedServiceException; import com.cloud.network.NetworkServiceMapVO; import com.cloud.network.Network.Service; +import com.cloud.network.Network.Provider; import com.cloud.offerings.NetworkOfferingServiceMapVO; import com.cloud.utils.db.DB; import com.cloud.utils.db.GenericDaoBase; @@ -113,4 +114,17 @@ public class NetworkOfferingServiceMapDaoImpl extends GenericDaoBase sc = AllFieldsSearch.create();; + + sc.setParameters("networkOfferingId", networkOfferingId); + sc.setParameters("provider", provider.getName()); + + if (findOneBy(sc) != null) { + return true; + } + return false; + } }