CS-15447: Don't enable s2s vpn when provider is disabled

2012-07-06 15:04:28 -07:00 · 2012-07-06 15:04:28 -07:00 · 987cf9bc93
parent c49cc27b1c
commit 987cf9bc93
3 changed files with 39 additions and 24 deletions
--- a/server/src/com/cloud/network/element/VpcVirtualRouterElement.java
+++ b/server/src/com/cloud/network/element/VpcVirtualRouterElement.java
@ -85,7 +85,6 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc
    
    private static final Map<Service, Map<Capability, String>> capabilities = setCapabilities();
    
-    
    @Override
    protected boolean canHandle(Network network, Service service) {
        Long physicalNetworkId = _networkMgr.getPhysicalNetworkId(network);
@ -441,21 +440,24 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc
        Site2SiteVpnGateway vpnGw = _vpnGatewayDao.findById(conn.getVpnGatewayId());
        IpAddress ip = _ipAddressDao.findById(vpnGw.getAddrId());

-        /*
-        if (!canHandle(network, Service.Vpn)) {
-            return false;
-        }
-        */
-
        Map<Capability, String> vpnCapabilities = capabilities.get(Service.Vpn);
        if (!vpnCapabilities.get(Capability.VpnTypes).contains("s2svpn")) {
+            s_logger.error("try to start site 2 site vpn on unsupported network element?");
            return false;
        }
+        
+        Long vpcId = ip.getVpcId();
+        Vpc vpc = _vpcMgr.getVpc(vpcId);
+        
+        if (!_vpcMgr.vpcProviderEnabledInZone(vpc.getZoneId())) {
+            throw new ResourceUnavailableException("VPC provider is not enabled in zone " + vpc.getZoneId(),
+                    DataCenter.class, vpc.getZoneId());
+        }

        List<DomainRouterVO> routers = _vpcMgr.getVpcRouters(ip.getVpcId());
        if (routers == null || routers.size() != 1) {
-            s_logger.debug("Cannot enable site-to-site VPN on the backend; virtual router doesn't exist in the vpc " + ip.getVpcId());
-            return true;
+            throw new ResourceUnavailableException("Cannot enable site-to-site VPN on the backend; virtual router doesn't exist in the vpc " + ip.getVpcId(),
+                    DataCenter.class, vpc.getZoneId());
        }

        return _vpcRouterMgr.startSite2SiteVpn(conn, routers.get(0));
@ -466,21 +468,24 @@ public class VpcVirtualRouterElement extends VirtualRouterElement implements Vpc
        Site2SiteVpnGateway vpnGw = _vpnGatewayDao.findById(conn.getVpnGatewayId());
        IpAddress ip = _ipAddressDao.findById(vpnGw.getAddrId());

-        /*
-        if (!canHandle(network, Service.Vpn)) {
-            return false;
-        }
-        */
-
        Map<Capability, String> vpnCapabilities = capabilities.get(Service.Vpn);
        if (!vpnCapabilities.get(Capability.VpnTypes).contains("s2svpn")) {
+            s_logger.error("try to stop site 2 site vpn on unsupported network element?");
            return false;
        }
+        
+        Long vpcId = ip.getVpcId();
+        Vpc vpc = _vpcMgr.getVpc(vpcId);
+        
+        if (!_vpcMgr.vpcProviderEnabledInZone(vpc.getZoneId())) {
+            throw new ResourceUnavailableException("VPC provider is not enabled in zone " + vpc.getZoneId(),
+                    DataCenter.class, vpc.getZoneId());
+        }

        List<DomainRouterVO> routers = _vpcMgr.getVpcRouters(ip.getVpcId());
        if (routers == null || routers.size() != 1) {
-            s_logger.debug("Cannot disable site-to-site VPN on the backend; virtual router doesn't exist in the vpc " + ip.getVpcId());
-            return true;
+            throw new ResourceUnavailableException("Cannot enable site-to-site VPN on the backend; virtual router doesn't exist in the vpc " + ip.getVpcId(),
+                    DataCenter.class, vpc.getZoneId());
        }

        return _vpcRouterMgr.stopSite2SiteVpn(conn, routers.get(0));
--- a/server/src/com/cloud/network/vpc/VpcManager.java
+++ b/server/src/com/cloud/network/vpc/VpcManager.java
@ -96,4 +96,10 @@ public interface VpcManager extends VpcService{
     * @return
     */
    List<DomainRouterVO> getVpcRouters(long vpcId);
+
+    /**
+     * @param zoneId
+     * @return
+     */
+    boolean vpcProviderEnabledInZone(long zoneId);
 }
--- a/server/src/com/cloud/network/vpc/VpcManagerImpl.java
+++ b/server/src/com/cloud/network/vpc/VpcManagerImpl.java
@ -516,19 +516,23 @@ public class VpcManagerImpl implements VpcManager, Manager{
    }
    
    @Override
-    public Vpc createVpc(long zoneId, long vpcOffId, Account vpcOwner, String vpcName, String displayText, String cidr, 
-            String networkDomain) {
-        
+    public boolean vpcProviderEnabledInZone(long zoneId)
+    {
        //the provider has to be enabled at least in one network in the zone
-        boolean providerEnabled = false;
        for (PhysicalNetwork pNtwk : _pNtwkDao.listByZone(zoneId)) {
            if (_ntwkMgr.isProviderEnabledInPhysicalNetwork(pNtwk.getId(), Provider.VPCVirtualRouter.getName())) {
-                providerEnabled = true;
-                break;
+                return true;
            }
        }
        
-        if (!providerEnabled) {
+        return false;
+    }
+    
+    @Override
+    public Vpc createVpc(long zoneId, long vpcOffId, Account vpcOwner, String vpcName, String displayText, String cidr, 
+            String networkDomain) {
+        
+        if (!vpcProviderEnabledInZone(zoneId)) {
            throw new InvalidParameterValueException("Provider " + Provider.VPCVirtualRouter.getName() +
                    " should be enabled in at least one physical network of the zone specified");
        }