etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

VPC: CS-15553 and CS-15549 - more checks during automatic ip assoc to VPC network

This commit is contained in:
Alena Prokharchyk 2012-07-12 10:00:29 -07:00
parent 988831327a
commit 7e73ae8e74
8 changed files with 77 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
api/src/com/cloud/api/commands/CreateLoadBalancerRuleCmd.java
View File

@ -317,7 +317,7 @@ public class CreateLoadBalancerRuleCmd extends BaseAsyncCreateCmd /*implements
throw new InvalidParameterValueException("Unable to find account " + account + " in domain with specified id", idList);
}
} else {
throw new InvalidParameterValueException("Can't define IP owner. Either specify account/domainId or ipAddressId", null);
throw new InvalidParameterValueException("Can't define IP owner. Either specify account/domainId or publicIpId", null);
}
}

2
server/src/com/cloud/network/NetworkManager.java
View File

@ -266,7 +266,7 @@ public interface NetworkManager extends NetworkService {
public Map<Provider, ArrayList<PublicIp>> getProviderToIpList(Network network, Map<PublicIp, Set<Service>> ipToServices);
public boolean checkIpForService(IPAddressVO ip, Service service);
public boolean checkIpForService(IPAddressVO ip, Service service, Long networkId);
void checkVirtualNetworkCidrOverlap(Long zoneId, String cidr);

7
server/src/com/cloud/network/NetworkManagerImpl.java
View File

@ -6938,8 +6938,11 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag
}
@Override
public boolean checkIpForService(IPAddressVO userIp, Service service) {
Long networkId = userIp.getAssociatedWithNetworkId();
public boolean checkIpForService(IPAddressVO userIp, Service service, Long networkId) {
if (networkId == null) {
networkId = userIp.getAssociatedWithNetworkId();
}
NetworkVO network = _networksDao.findById(networkId);
NetworkOfferingVO offering = _networkOfferingDao.findById(network.getNetworkOfferingId());
if (offering.getGuestType() != GuestType.Isolated) {

2
server/src/com/cloud/network/firewall/FirewallManagerImpl.java
View File

@ -157,7 +157,7 @@ public class FirewallManagerImpl implements FirewallService, FirewallManager, Ma
"couldn't locate IP address by id in the system", null);
}
_networkMgr.checkIpForService(ipAddress, Service.Firewall);
_networkMgr.checkIpForService(ipAddress, Service.Firewall, null);
validateFirewallRule(caller, ipAddress, portStart, portEnd, protocol, Purpose.Firewall, type);

29
server/src/com/cloud/network/lb/LoadBalancingRulesManagerImpl.java
View File

@ -749,19 +749,28 @@ public class LoadBalancingRulesManagerImpl<Type> implements LoadBalancingRulesMa
}
try {
Network network = _networkMgr.getNetwork(lb.getNetworkId());
if (ipVO != null) {
if (ipVO.getAssociatedWithNetworkId() == null) {
//set networkId just for verification purposes
ipVO.setAssociatedWithNetworkId(lb.getNetworkId());
_networkMgr.checkIpForService(ipVO, Service.Lb);
boolean assignToVpcNtwk = network.getVpcId() != null
&& ipVO.getVpcId() != null && ipVO.getVpcId().longValue() == network.getVpcId();
if (assignToVpcNtwk) {
//set networkId just for verification purposes
ipVO.setAssociatedWithNetworkId(lb.getNetworkId());
_networkMgr.checkIpForService(ipVO, Service.Lb, lb.getNetworkId());
s_logger.debug("The ip is not associated with the network id="+ lb.getNetworkId() + " so assigning");
ipVO = _networkMgr.associateIPToGuestNetwork(ipAddrId, lb.getNetworkId());
performedIpAssoc = true;
} else {
_networkMgr.checkIpForService(ipVO, Service.Lb);
}
}
s_logger.debug("The ip is not associated with the VPC network id="+ lb.getNetworkId() + " so assigning");
ipVO = _networkMgr.associateIPToGuestNetwork(ipAddrId, lb.getNetworkId());
performedIpAssoc = true;
}
} else {
_networkMgr.checkIpForService(ipVO, Service.Lb, null);
}
}
if (ipVO.getAssociatedWithNetworkId() == null) {
throw new InvalidParameterValueException("Ip address " + ipVO + " is not assigned to the network " + network);
}
if (lb.getSourceIpAddressId() == null) {
throw new CloudRuntimeException("No ip address is defined to assign the LB to");

74
server/src/com/cloud/network/rules/RulesManagerImpl.java
View File

@ -183,23 +183,32 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
}
Long networkId = rule.getNetworkId();
Network network = _networkMgr.getNetwork(networkId);
//associate ip address to network (if needed)
boolean performedIpAssoc = false;
if (ipAddress.getAssociatedWithNetworkId() == null) {
//set networkId just for verification purposes
ipAddress.setAssociatedWithNetworkId(networkId);
_networkMgr.checkIpForService(ipAddress, Service.PortForwarding);
boolean assignToVpcNtwk = network.getVpcId() != null
&& ipAddress.getVpcId() != null && ipAddress.getVpcId().longValue() == network.getVpcId();
if (assignToVpcNtwk) {
//set networkId just for verification purposes
ipAddress.setAssociatedWithNetworkId(networkId);
_networkMgr.checkIpForService(ipAddress, Service.PortForwarding, networkId);
s_logger.debug("The ip is not associated with the network id="+ networkId + " so assigning");
try {
ipAddress = _networkMgr.associateIPToGuestNetwork(ipAddrId, networkId);
performedIpAssoc = true;
} catch (Exception ex) {
throw new CloudRuntimeException("Failed to associate ip to network as " +
"a part of port forwarding rule creation");
s_logger.debug("The ip is not associated with the VPC network id="+ networkId + ", so assigning");
try {
ipAddress = _networkMgr.associateIPToGuestNetwork(ipAddrId, networkId);
performedIpAssoc = true;
} catch (Exception ex) {
throw new CloudRuntimeException("Failed to associate ip to VPC network as " +
"a part of port forwarding rule creation");
}
}
} else {
_networkMgr.checkIpForService(ipAddress, Service.PortForwarding);
_networkMgr.checkIpForService(ipAddress, Service.PortForwarding, null);
}
if (ipAddress.getAssociatedWithNetworkId() == null) {
throw new InvalidParameterValueException("Ip address " + ipAddress + " is not assigned to the network " + network);
}
try {
@ -318,7 +327,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
Long accountId = ipAddress.getAllocatedToAccountId();
Long domainId = ipAddress.getAllocatedInDomainId();
_networkMgr.checkIpForService(ipAddress, Service.StaticNat);
_networkMgr.checkIpForService(ipAddress, Service.StaticNat, null);
Network network = _networkMgr.getNetwork(networkId);
NetworkOffering off = _configMgr.getNetworkOffering(network.getNetworkOfferingId());
@ -393,21 +402,37 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
// Verify input parameters
boolean setNetworkId = false;
Network network = _networkMgr.getNetwork(networkId);
if (network == null) {
throw new InvalidParameterValueException("Unable to find network by id", null);
}
if (!isSystemVm) {
//associate ip address to network (if needed)
if (ipAddress.getAssociatedWithNetworkId() == null) {
s_logger.debug("The ip is not associated with the network id="+ networkId + " so assigning");
try {
ipAddress = _networkMgr.associateIPToGuestNetwork(ipId, networkId);
} catch (Exception ex) {
s_logger.warn("Failed to associate ip id=" + ipId + " to network id=" + networkId + " as " +
"a part of enable static nat");
return false;
boolean assignToVpcNtwk = network.getVpcId() != null
&& ipAddress.getVpcId() != null && ipAddress.getVpcId().longValue() == network.getVpcId();
if (assignToVpcNtwk) {
_networkMgr.checkIpForService(ipAddress, Service.StaticNat, networkId);
s_logger.debug("The ip is not associated with the VPC network id="+ networkId + ", so assigning");
try {
ipAddress = _networkMgr.associateIPToGuestNetwork(ipId, networkId);
} catch (Exception ex) {
s_logger.warn("Failed to associate ip id=" + ipId + " to VPC network id=" + networkId + " as " +
"a part of enable static nat");
return false;
}
setNetworkId = true;
}
setNetworkId = true;
} else {
_networkMgr.checkIpForService(ipAddress, Service.StaticNat, null);
}
if (ipAddress.getAssociatedWithNetworkId() == null) {
throw new InvalidParameterValueException("Ip address " + ipAddress + " is not assigned to the network " + network);
}
_networkMgr.checkIpForService(ipAddress, Service.StaticNat);
// Check permissions
checkIpAndUserVm(ipAddress, vm, caller);
@ -421,10 +446,7 @@ public class RulesManagerImpl implements RulesManager, RulesService, Manager {
throw new InvalidParameterValueException("Vm doesn't belong to the network with specified id", idList);
}
Network network = _networkMgr.getNetwork(networkId);
if (network == null) {
throw new InvalidParameterValueException("Unable to find network by id", null);
}
if (!_networkMgr.areServicesSupportedInNetwork(network.getId(), Service.StaticNat)) {
List<IdentityProxy> idList = new ArrayList<IdentityProxy>();
idList.add(new IdentityProxy(network, networkId, "networkId"));

2
server/src/com/cloud/network/vpn/RemoteAccessVpnManagerImpl.java
View File

@ -120,7 +120,7 @@ public class RemoteAccessVpnManagerImpl implements RemoteAccessVpnService, Manag
}
IPAddressVO ipAddress = _ipAddressDao.findById(publicIpId);
_networkMgr.checkIpForService(ipAddress, Service.Vpn);
_networkMgr.checkIpForService(ipAddress, Service.Vpn, null);
RemoteAccessVpnVO vpnVO = _remoteAccessVpnDao.findByPublicIpAddress(publicIpId);

2
server/test/com/cloud/network/MockNetworkManagerImpl.java
View File

@ -741,7 +741,7 @@ public class MockNetworkManagerImpl implements NetworkManager, Manager, NetworkS
}
@Override
public boolean checkIpForService(IPAddressVO ip, Service service) {
public boolean checkIpForService(IPAddressVO ip, Service service, Long networkId) {
// TODO Auto-generated method stub
return false;
}