etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Passing correct subnet mask while creating edge firewall in VNMC

This commit is contained in:
Koushik Das 2013-04-07 21:22:22 +05:30
parent 05e3d04b55
commit 9c1e193fca
4 changed files with 16 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnection.java
View File

@ -181,7 +181,7 @@ public interface CiscoVnmcConnection {
throws ExecutionException;
public boolean createEdgeFirewall(String tenantName, String publicIp,
String insideIp, String insideSubnet, String outsideSubnet)
String insideIp, String publicSubnet, String insideSubnet)
throws ExecutionException;
public boolean deleteEdgeFirewall(String tenantName) throws ExecutionException;

4
plugins/network-elements/cisco-vnmc/src/com/cloud/network/cisco/CiscoVnmcConnectionImpl.java
View File

@ -1226,7 +1226,7 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
@Override
public boolean createEdgeFirewall(String tenantName, String publicIp, String insideIp,
String insideSubnet, String outsideSubnet) throws ExecutionException {
String publicSubnet, String insideSubnet) throws ExecutionException {
String xml = VnmcXml.CREATE_EDGE_FIREWALL.getXml();
String service = VnmcXml.CREATE_EDGE_FIREWALL.getService();
xml = replaceXmlValue(xml, "cookie", _cookie);
@ -1248,7 +1248,7 @@ public class CiscoVnmcConnectionImpl implements CiscoVnmcConnection {
xml = replaceXmlValue(xml, "insideip", insideIp);
xml = replaceXmlValue(xml, "publicip", publicIp);
xml = replaceXmlValue(xml, "insidesubnet", insideSubnet);
xml = replaceXmlValue(xml, "outsidesubnet", outsideSubnet);
xml = replaceXmlValue(xml, "outsidesubnet", publicSubnet);
String response = sendRequest(service, xml);
return verifySuccess(response);

13
plugins/network-elements/cisco-vnmc/src/com/cloud/network/element/CiscoVnmcElement.java
View File

@ -116,6 +116,7 @@ import com.cloud.user.Account;
import com.cloud.utils.component.AdapterBase;
import com.cloud.utils.db.Transaction;
import com.cloud.utils.exception.CloudRuntimeException;
import com.cloud.utils.net.NetUtils;
import com.cloud.vm.NicProfile;
import com.cloud.vm.ReservationContext;
import com.cloud.vm.VirtualMachine;
@ -213,9 +214,11 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro
return Provider.CiscoVnmc;
}
private boolean createLogicalEdgeFirewall(long vlanId, String gateway,
String publicIp, List<String> publicGateways, long hostId) {
CreateLogicalEdgeFirewallCommand cmd = new CreateLogicalEdgeFirewallCommand(vlanId, publicIp, gateway, "255.255.255.0", "255.255.255.0");
private boolean createLogicalEdgeFirewall(long vlanId,
String gateway, String gatewayNetmask,
String publicIp, String publicNetmask,
List<String> publicGateways, long hostId) {
CreateLogicalEdgeFirewallCommand cmd = new CreateLogicalEdgeFirewallCommand(vlanId, publicIp, gateway, publicNetmask, gatewayNetmask);
for (String publicGateway : publicGateways) {
cmd.getPublicGateways().add(publicGateway);
}
@ -336,7 +339,9 @@ public class CiscoVnmcElement extends AdapterBase implements SourceNatServicePro
}
// create logical edge firewall in VNMC
if (!createLogicalEdgeFirewall(vlanId, network.getGateway(), sourceNatIp.getAddress().addr(), publicGateways, ciscoVnmcHost.getId())) {
String gatewayNetmask = NetUtils.getCidrNetmask(network.getCidr());
if (!createLogicalEdgeFirewall(vlanId, network.getGateway(), gatewayNetmask,
sourceNatIp.getAddress().addr(), sourceNatIp.getNetmask(), publicGateways, ciscoVnmcHost.getId())) {
s_logger.error("Failed to create logical edge firewall in Cisco VNMC device for network " + network.getName());
return false;
}

4
plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java
View File

@ -443,6 +443,10 @@ public class CiscoVnmcResource implements ServerResource {
throw new Exception("Failed to create ACL ingress policy set in VNMC for guest network with vlan " + vlanId);
}
if (!_connection.createTenantVDCAclPolicySet(tenant, false)) {
throw new Exception("Failed to create ACL egress policy set in VNMC for guest network with vlan " + vlanId);
}
for (String publicIp : publicIpRulesMap.keySet()) {
String policyIdentifier = publicIp.replace('.', '-');