diff --git a/api/src/com/cloud/api/commands/CreateVpnGatewayCmd.java b/api/src/com/cloud/api/commands/CreateVpnGatewayCmd.java index 95401102742..c6cc76568c7 100644 --- a/api/src/com/cloud/api/commands/CreateVpnGatewayCmd.java +++ b/api/src/com/cloud/api/commands/CreateVpnGatewayCmd.java @@ -23,9 +23,9 @@ import com.cloud.api.Parameter; import com.cloud.api.ServerApiException; import com.cloud.api.response.Site2SiteVpnGatewayResponse; import com.cloud.event.EventTypes; -import com.cloud.exception.InvalidParameterValueException; -import com.cloud.network.IpAddress; import com.cloud.network.Site2SiteVpnGateway; +import com.cloud.user.Account; +import com.cloud.user.UserContext; @Implementation(description="Creates site to site vpn local gateway", responseObject=Site2SiteVpnGatewayResponse.class) public class CreateVpnGatewayCmd extends BaseAsyncCmd { @@ -36,9 +36,9 @@ public class CreateVpnGatewayCmd extends BaseAsyncCmd { ///////////////////////////////////////////////////// //////////////// API parameters ///////////////////// ///////////////////////////////////////////////////// - @IdentityMapper(entityTableName="user_ip_address") - @Parameter(name=ApiConstants.PUBLIC_IP_ID, type=CommandType.LONG, required=true, description="public ip address id of the vpn gateway") - private Long publicIpId; + @IdentityMapper(entityTableName="vpc") + @Parameter(name=ApiConstants.VPC_ID, type=CommandType.LONG, required=true, description="public ip address id of the vpn gateway") + private Long vpcId; @Parameter(name=ApiConstants.ACCOUNT, type=CommandType.STRING, description="the account associated with the connection. Must be used with the domainId parameter.") private String accountName; @@ -53,11 +53,11 @@ public class CreateVpnGatewayCmd extends BaseAsyncCmd { ///////////////////////////////////////////////////// public String getEntityTable() { - return "user_ip_address"; + return "s2s_vpn_gateway"; } - public Long getPublicIpId() { - return publicIpId; + public Long getVpcId() { + return vpcId; } public String getAccountName() { @@ -80,18 +80,20 @@ public class CreateVpnGatewayCmd extends BaseAsyncCmd { @Override public long getEntityOwnerId() { - IpAddress ip = _networkService.getIp(publicIpId); - - if (ip == null) { - throw new InvalidParameterValueException("Unable to find ip address by id", null); + Long accountId = finalyzeAccountId(accountName, domainId, null, true); + if (accountId == null) { + accountId = UserContext.current().getCaller().getId(); } - - return ip.getAccountId(); + + if (accountId == null) { + accountId = Account.ACCOUNT_ID_SYSTEM; + } + return accountId; } @Override public String getEventDescription() { - return "Create site-to-site VPN gateway for account " + getEntityOwnerId() + " using public ip id=" + publicIpId; + return "Create site-to-site VPN gateway for account " + getEntityOwnerId(); } @Override @@ -101,7 +103,8 @@ public class CreateVpnGatewayCmd extends BaseAsyncCmd { @Override public void execute(){ - Site2SiteVpnGateway result = _s2sVpnService.createVpnGateway(this); + Site2SiteVpnGateway result; + result = _s2sVpnService.createVpnGateway(this); if (result != null) { Site2SiteVpnGatewayResponse response = _responseGenerator.createSite2SiteVpnGatewayResponse(result); response.setResponseName(getCommandName()); @@ -118,14 +121,6 @@ public class CreateVpnGatewayCmd extends BaseAsyncCmd { @Override public Long getSyncObjId() { - return getIp().getVpcId(); - } - - private IpAddress getIp() { - IpAddress ip = _networkService.getIp(publicIpId); - if (ip == null) { - throw new InvalidParameterValueException("Unable to find ip address by id", null); - } - return ip; + return getVpcId(); } } diff --git a/api/src/com/cloud/api/commands/DeleteVpnGatewayCmd.java b/api/src/com/cloud/api/commands/DeleteVpnGatewayCmd.java index 34ee1a0ac0b..334a77c62d2 100644 --- a/api/src/com/cloud/api/commands/DeleteVpnGatewayCmd.java +++ b/api/src/com/cloud/api/commands/DeleteVpnGatewayCmd.java @@ -16,16 +16,13 @@ import org.apache.log4j.Logger; import com.cloud.api.ApiConstants; import com.cloud.api.BaseAsyncCmd; -import com.cloud.api.BaseAsyncCreateCmd; import com.cloud.api.BaseCmd; import com.cloud.api.IdentityMapper; import com.cloud.api.Implementation; import com.cloud.api.Parameter; import com.cloud.api.ServerApiException; -import com.cloud.api.response.Site2SiteVpnGatewayResponse; import com.cloud.api.response.SuccessResponse; import com.cloud.event.EventTypes; -import com.cloud.network.Site2SiteVpnGateway; import com.cloud.user.Account; import com.cloud.user.UserContext; @@ -100,7 +97,8 @@ public class DeleteVpnGatewayCmd extends BaseAsyncCmd { @Override public void execute(){ - boolean result = _s2sVpnService.deleteVpnGateway(this); + boolean result = false; + result = _s2sVpnService.deleteVpnGateway(this); if (result) { SuccessResponse response = new SuccessResponse(getCommandName()); this.setResponseObject(response); diff --git a/api/src/com/cloud/api/response/Site2SiteVpnGatewayResponse.java b/api/src/com/cloud/api/response/Site2SiteVpnGatewayResponse.java index c6e60a829d0..20a596a4af6 100644 --- a/api/src/com/cloud/api/response/Site2SiteVpnGatewayResponse.java +++ b/api/src/com/cloud/api/response/Site2SiteVpnGatewayResponse.java @@ -27,6 +27,9 @@ public class Site2SiteVpnGatewayResponse extends BaseResponse implements Control @SerializedName(ApiConstants.PUBLIC_IP) @Param(description="the public IP address") private String ip; + @SerializedName(ApiConstants.VPC_ID) @Param(description="the vpc id of this gateway") + private Long vpcId; + @SerializedName(ApiConstants.ACCOUNT) @Param(description="the owner") private String accountName; @@ -53,6 +56,10 @@ public class Site2SiteVpnGatewayResponse extends BaseResponse implements Control this.ip = ip; } + public void setVpcId(Long vpcId) { + this.vpcId = vpcId; + } + public void setRemoved(Date removed) { this.removed = removed; } diff --git a/api/src/com/cloud/network/Site2SiteVpnGateway.java b/api/src/com/cloud/network/Site2SiteVpnGateway.java index 2e4aa379841..f435f07ee6f 100644 --- a/api/src/com/cloud/network/Site2SiteVpnGateway.java +++ b/api/src/com/cloud/network/Site2SiteVpnGateway.java @@ -7,5 +7,6 @@ import com.cloud.acl.ControlledEntity; public interface Site2SiteVpnGateway extends ControlledEntity { public long getId(); public long getAddrId(); + public long getVpcId(); public Date getRemoved(); } diff --git a/api/src/com/cloud/network/element/VpcProvider.java b/api/src/com/cloud/network/element/VpcProvider.java index 3e369b3e721..212bc54852a 100644 --- a/api/src/com/cloud/network/element/VpcProvider.java +++ b/api/src/com/cloud/network/element/VpcProvider.java @@ -23,6 +23,7 @@ import com.cloud.exception.ResourceUnavailableException; import com.cloud.network.vpc.PrivateGateway; import com.cloud.network.vpc.StaticRouteProfile; import com.cloud.network.vpc.Vpc; +import com.cloud.network.vpc.VpcGateway; import com.cloud.vm.ReservationContext; /** diff --git a/api/src/com/cloud/network/vpc/VpcService.java b/api/src/com/cloud/network/vpc/VpcService.java index c55a0290796..98eb27eed87 100644 --- a/api/src/com/cloud/network/vpc/VpcService.java +++ b/api/src/com/cloud/network/vpc/VpcService.java @@ -26,6 +26,7 @@ import com.cloud.exception.ResourceUnavailableException; import com.cloud.network.Network; import com.cloud.network.Network.Provider; import com.cloud.network.Network.Service; +import com.cloud.network.Site2SiteVpnGateway; /** * @author Alena Prokharchyk @@ -220,5 +221,4 @@ public interface VpcService { * @return */ VpcGateway getVpcGateway(long id); - } diff --git a/patches/systemvm/debian/buildsystemvm.sh b/patches/systemvm/debian/buildsystemvm.sh index dff86017d84..4a4bee7dc8b 100755 --- a/patches/systemvm/debian/buildsystemvm.sh +++ b/patches/systemvm/debian/buildsystemvm.sh @@ -59,16 +59,11 @@ EOF fi cat > etc/apt/sources.list << EOF -deb http://ftp.us.debian.org/debian/ squeeze main non-free -deb-src http://ftp.us.debian.org/debian/ squeeze main non-free +deb http://ftp.us.debian.org/debian/ squeeze main contrib non-free +deb-src http://ftp.us.debian.org/debian/ squeeze main contrib non-free deb http://security.debian.org/ squeeze/updates main deb-src http://security.debian.org/ squeeze/updates main - -deb http://volatile.debian.org/debian-volatile squeeze/volatile main -deb-src http://volatile.debian.org/debian-volatile squeeze/volatile main - -deb http://ftp.us.debian.org/debian testing main contrib non-free EOF cat >> etc/apt/apt.conf << EOF @@ -79,10 +74,6 @@ EOF Package: * Pin: release o=Debian,a=stable Pin-Priority: 900 - -Package: * -Pin: release o=Debian,a=testing -Pin-Priority: 400 EOF #apt-key exportall | chroot . apt-key add - && diff --git a/server/src/com/cloud/api/ApiResponseHelper.java b/server/src/com/cloud/api/ApiResponseHelper.java index 37e0bb04eff..c4e38c46d83 100755 --- a/server/src/com/cloud/api/ApiResponseHelper.java +++ b/server/src/com/cloud/api/ApiResponseHelper.java @@ -3805,6 +3805,7 @@ public class ApiResponseHelper implements ResponseGenerator { Site2SiteVpnGatewayResponse response = new Site2SiteVpnGatewayResponse(); response.setId(result.getId()); response.setIp(ApiDBUtils.findIpAddressById(result.getAddrId()).getAddress().toString()); + response.setVpcId(result.getVpcId()); response.setRemoved(result.getRemoved()); response.setObjectName("vpngateway"); diff --git a/server/src/com/cloud/network/NetworkManager.java b/server/src/com/cloud/network/NetworkManager.java index 923ae5abea8..d15bdd4fc5d 100755 --- a/server/src/com/cloud/network/NetworkManager.java +++ b/server/src/com/cloud/network/NetworkManager.java @@ -464,6 +464,8 @@ public interface NetworkManager extends NetworkService { */ NicProfile createNicForVm(Network network, NicProfile requested, ReservationContext context, VirtualMachineProfileImpl vmProfile, boolean prepare) throws InsufficientVirtualNetworkCapcityException, InsufficientAddressCapacityException, ConcurrentOperationException, InsufficientCapacityException, ResourceUnavailableException; - + + + PublicIp assignVpnGatewayIpAddress(long dcId, Account owner, long vpcId) throws InsufficientAddressCapacityException, ConcurrentOperationException; } diff --git a/server/src/com/cloud/network/NetworkManagerImpl.java b/server/src/com/cloud/network/NetworkManagerImpl.java index 4e39640e8a6..011df490bb1 100755 --- a/server/src/com/cloud/network/NetworkManagerImpl.java +++ b/server/src/com/cloud/network/NetworkManagerImpl.java @@ -512,7 +512,7 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag ipToReturn = new PublicIp(sourceNatIp, _vlanDao.findById(sourceNatIp.getVlanId()), NetUtils.createSequenceBasedMacAddress(sourceNatIp.getMacAddress())); } else { - ipToReturn = assignSourceNatIpAddress(owner, null, vpc.getId(), dcId); + ipToReturn = assignDedicateIpAddress(owner, null, vpc.getId(), dcId, true); } return ipToReturn; @@ -532,14 +532,20 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag ipToReturn = new PublicIp(sourceNatIp, _vlanDao.findById(sourceNatIp.getVlanId()), NetUtils.createSequenceBasedMacAddress(sourceNatIp.getMacAddress())); } else { - ipToReturn = assignSourceNatIpAddress(owner, guestNetwork.getId(), null, dcId); + ipToReturn = assignDedicateIpAddress(owner, guestNetwork.getId(), null, dcId, true); } return ipToReturn; } + + @Override + public PublicIp assignVpnGatewayIpAddress(long dcId, Account owner, long vpcId) throws InsufficientAddressCapacityException, ConcurrentOperationException { + return assignDedicateIpAddress(owner, null, vpcId, dcId, false); + } + @DB - public PublicIp assignSourceNatIpAddress(Account owner, Long guestNtwkId, Long vpcId, long dcId) + public PublicIp assignDedicateIpAddress(Account owner, Long guestNtwkId, Long vpcId, long dcId, boolean isSourceNat) throws ConcurrentOperationException, InsufficientAddressCapacityException { long ownerId = owner.getId(); @@ -580,11 +586,11 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag } ip = fetchNewPublicIp(dcId, null, vlanId, owner, VlanType.VirtualNetwork, guestNtwkId, - true, false, null, false, vpcId); - IPAddressVO sourceNatIp = ip.ip(); + isSourceNat, false, null, false, vpcId); + IPAddressVO publicIp = ip.ip(); - markPublicIpAsAllocated(sourceNatIp); - _ipAddressDao.update(sourceNatIp.getId(), sourceNatIp); + markPublicIpAsAllocated(publicIp); + _ipAddressDao.update(publicIp.getId(), publicIp); txn.commit(); return ip; @@ -746,7 +752,6 @@ public class NetworkManagerImpl implements NetworkManager, NetworkService, Manag } purposes.add(Purpose.StaticNat); } - //TODO Need to check site 2 site vpn ip assignment if (purposes == null || purposes.isEmpty()) { // since no active rules are there check if any rules are applied on the public IP but are in // revoking state diff --git a/server/src/com/cloud/network/Site2SiteVpnGatewayVO.java b/server/src/com/cloud/network/Site2SiteVpnGatewayVO.java index 84a3bf22a0f..5fe7ea52486 100644 --- a/server/src/com/cloud/network/Site2SiteVpnGatewayVO.java +++ b/server/src/com/cloud/network/Site2SiteVpnGatewayVO.java @@ -26,6 +26,9 @@ public class Site2SiteVpnGatewayVO implements Site2SiteVpnGateway { @Column(name="addr_id") private long addrId; + @Column(name="vpc_id") + private long vpcId; + @Column(name="domain_id") private Long domainId; @@ -37,9 +40,10 @@ public class Site2SiteVpnGatewayVO implements Site2SiteVpnGateway { public Site2SiteVpnGatewayVO() { } - public Site2SiteVpnGatewayVO(long accountId, long domainId, long addrId) { + public Site2SiteVpnGatewayVO(long accountId, long domainId, long addrId, long vpcId) { this.uuid = UUID.randomUUID().toString(); this.setAddrId(addrId); + this.setVpcId(vpcId); this.accountId = accountId; this.domainId = domainId; } @@ -49,6 +53,15 @@ public class Site2SiteVpnGatewayVO implements Site2SiteVpnGateway { return id; } + @Override + public long getVpcId() { + return vpcId; + } + + public void setVpcId(long vpcId) { + this.vpcId = vpcId; + } + @Override public long getAddrId() { return addrId; diff --git a/server/src/com/cloud/network/dao/Site2SiteVpnConnectionDao.java b/server/src/com/cloud/network/dao/Site2SiteVpnConnectionDao.java index 26cdc47102b..69542877a2e 100644 --- a/server/src/com/cloud/network/dao/Site2SiteVpnConnectionDao.java +++ b/server/src/com/cloud/network/dao/Site2SiteVpnConnectionDao.java @@ -6,7 +6,8 @@ import com.cloud.network.Site2SiteVpnConnectionVO; import com.cloud.utils.db.GenericDao; public interface Site2SiteVpnConnectionDao extends GenericDao { - Site2SiteVpnConnectionVO findByCustomerGatewayId(long id); - Site2SiteVpnConnectionVO findByVpnGatewayId(long id); + List listByCustomerGatewayId(long id); + List listByVpnGatewayId(long id); List listByVpcId(long vpcId); + Site2SiteVpnConnectionVO findByVpnGatewayIdAndCustomerGatewayId(long vpnId, long customerId); } diff --git a/server/src/com/cloud/network/dao/Site2SiteVpnConnectionDaoImpl.java b/server/src/com/cloud/network/dao/Site2SiteVpnConnectionDaoImpl.java index 113b43864a0..8940192d1d0 100644 --- a/server/src/com/cloud/network/dao/Site2SiteVpnConnectionDaoImpl.java +++ b/server/src/com/cloud/network/dao/Site2SiteVpnConnectionDaoImpl.java @@ -25,7 +25,6 @@ public class Site2SiteVpnConnectionDaoImpl extends GenericDaoBase AllFieldsSearch; private final SearchBuilder VpcSearch; private final SearchBuilder VpnGatewaySearch; - private final SearchBuilder AddrSearch; protected Site2SiteVpnConnectionDaoImpl() { AllFieldsSearch = createSearchBuilder(); @@ -34,32 +33,38 @@ public class Site2SiteVpnConnectionDaoImpl extends GenericDaoBase listByCustomerGatewayId(long id) { SearchCriteria sc = AllFieldsSearch.create(); sc.setParameters("customerGatewayId", id); - return findOneBy(sc); + return listBy(sc); } @Override - public Site2SiteVpnConnectionVO findByVpnGatewayId(long id) { + public List listByVpnGatewayId(long id) { SearchCriteria sc = AllFieldsSearch.create(); sc.setParameters("vpnGatewayId", id); - return findOneBy(sc); + return listBy(sc); } @Override public List listByVpcId(long vpcId) { SearchCriteria sc = VpcSearch.create(); - sc.setJoinParameters("addrSearch", "vpcId", vpcId); + sc.setJoinParameters("vpnGatewaySearch", "vpcId", vpcId); return listBy(sc); } + + @Override + public Site2SiteVpnConnectionVO findByVpnGatewayIdAndCustomerGatewayId(long vpnId, long customerId) { + SearchCriteria sc = AllFieldsSearch.create(); + sc.setParameters("vpnGatewayId", vpnId); + sc.setParameters("customerGatewayId", customerId); + return findOneBy(sc); + } } diff --git a/server/src/com/cloud/network/dao/Site2SiteVpnGatewayDao.java b/server/src/com/cloud/network/dao/Site2SiteVpnGatewayDao.java index c1d075e2768..3d76d9a9ef7 100644 --- a/server/src/com/cloud/network/dao/Site2SiteVpnGatewayDao.java +++ b/server/src/com/cloud/network/dao/Site2SiteVpnGatewayDao.java @@ -1,11 +1,8 @@ package com.cloud.network.dao; -import java.util.List; - import com.cloud.network.Site2SiteVpnGatewayVO; import com.cloud.utils.db.GenericDao; public interface Site2SiteVpnGatewayDao extends GenericDao { - Site2SiteVpnGatewayVO findByIpAddrId(long id); - List listByVpcId(long vpcId); + Site2SiteVpnGatewayVO findByVpcId(long vpcId); } diff --git a/server/src/com/cloud/network/dao/Site2SiteVpnGatewayDaoImpl.java b/server/src/com/cloud/network/dao/Site2SiteVpnGatewayDaoImpl.java index 4963d827ec9..2552187d3d5 100644 --- a/server/src/com/cloud/network/dao/Site2SiteVpnGatewayDaoImpl.java +++ b/server/src/com/cloud/network/dao/Site2SiteVpnGatewayDaoImpl.java @@ -1,17 +1,12 @@ package com.cloud.network.dao; -import java.util.List; - import javax.ejb.Local; import org.apache.log4j.Logger; -import com.cloud.network.IPAddressVO; import com.cloud.network.Site2SiteVpnGatewayVO; import com.cloud.utils.component.ComponentLocator; -import com.cloud.utils.component.Inject; import com.cloud.utils.db.GenericDaoBase; -import com.cloud.utils.db.JoinBuilder.JoinType; import com.cloud.utils.db.SearchBuilder; import com.cloud.utils.db.SearchCriteria; @@ -22,32 +17,17 @@ public class Site2SiteVpnGatewayDaoImpl extends GenericDaoBase AllFieldsSearch; - private final SearchBuilder VpcSearch; - private final SearchBuilder AddrSearch; protected Site2SiteVpnGatewayDaoImpl() { AllFieldsSearch = createSearchBuilder(); - AllFieldsSearch.and("addrId", AllFieldsSearch.entity().getAddrId(), SearchCriteria.Op.EQ); + AllFieldsSearch.and("vpcId", AllFieldsSearch.entity().getVpcId(), SearchCriteria.Op.EQ); AllFieldsSearch.done(); - - VpcSearch = createSearchBuilder(); - AddrSearch = _addrDao.createSearchBuilder(); - AddrSearch.and("vpcId", AddrSearch.entity().getVpcId(), SearchCriteria.Op.EQ); - VpcSearch.join("addrSearch", AddrSearch, AddrSearch.entity().getId(), VpcSearch.entity().getAddrId(), JoinType.INNER); - VpcSearch.done(); } @Override - public Site2SiteVpnGatewayVO findByIpAddrId(long id) { + public Site2SiteVpnGatewayVO findByVpcId(long vpcId) { SearchCriteria sc = AllFieldsSearch.create(); - sc.setParameters("addrId", id); + sc.setParameters("vpcId", vpcId); return findOneBy(sc); } - - @Override - public List listByVpcId(long vpcId) { - SearchCriteria sc = VpcSearch.create(); - sc.setJoinParameters("addrSearch", "vpcId", vpcId); - return listBy(sc); - } } diff --git a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManager.java b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManager.java index fd05e984217..aa8139c3fe5 100644 --- a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManager.java +++ b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManager.java @@ -26,6 +26,7 @@ import com.cloud.network.rules.FirewallRule; import com.cloud.network.vpc.PrivateGateway; import com.cloud.network.vpc.StaticRouteProfile; import com.cloud.network.vpc.Vpc; +import com.cloud.network.vpc.VpcGateway; import com.cloud.user.Account; import com.cloud.vm.DomainRouterVO; import com.cloud.vm.VirtualMachineProfile.Param; diff --git a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java index e11ae553002..fb7718c46ac 100644 --- a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java +++ b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java @@ -72,12 +72,15 @@ import com.cloud.network.PhysicalNetworkServiceProvider; import com.cloud.network.PublicIpAddress; import com.cloud.network.Site2SiteCustomerGatewayVO; import com.cloud.network.Site2SiteVpnConnection; +import com.cloud.network.Site2SiteVpnGateway; import com.cloud.network.Site2SiteVpnGatewayVO; import com.cloud.network.VirtualRouterProvider; import com.cloud.network.VirtualRouterProvider.VirtualRouterProviderType; import com.cloud.network.VpcVirtualNetworkApplianceService; import com.cloud.network.addr.PublicIp; +import com.cloud.network.dao.IPAddressDao; import com.cloud.network.dao.PhysicalNetworkDao; +import com.cloud.network.dao.Site2SiteVpnGatewayDao; import com.cloud.network.rules.FirewallRule; import com.cloud.network.vpc.NetworkACLManager; import com.cloud.network.vpc.PrivateGateway; @@ -134,6 +137,10 @@ public class VpcVirtualNetworkApplianceManagerImpl extends VirtualNetworkApplian VpcManager _vpcMgr; @Inject PrivateIpDao _privateIpDao; + @Inject + IPAddressDao _ipAddrDao; + @Inject + Site2SiteVpnGatewayDao _vpnGatewayDao; @Override public List deployVirtualRouterInVpc(Vpc vpc, DeployDestination dest, Account owner, diff --git a/server/src/com/cloud/network/vpc/Dao/VpcGatewayDao.java b/server/src/com/cloud/network/vpc/Dao/VpcGatewayDao.java index 0984cb5c9c4..f1b3791f3fe 100644 --- a/server/src/com/cloud/network/vpc/Dao/VpcGatewayDao.java +++ b/server/src/com/cloud/network/vpc/Dao/VpcGatewayDao.java @@ -20,4 +20,5 @@ import com.cloud.utils.db.GenericDao; */ public interface VpcGatewayDao extends GenericDao{ VpcGatewayVO getPrivateGatewayForVpc(long vpcId); + VpcGatewayVO getVpnGatewayForVpc(long vpcId); } diff --git a/server/src/com/cloud/network/vpc/Dao/VpcGatewayDaoImpl.java b/server/src/com/cloud/network/vpc/Dao/VpcGatewayDaoImpl.java index 550eb8c84e6..23fabd40ea6 100644 --- a/server/src/com/cloud/network/vpc/Dao/VpcGatewayDaoImpl.java +++ b/server/src/com/cloud/network/vpc/Dao/VpcGatewayDaoImpl.java @@ -47,4 +47,13 @@ public class VpcGatewayDaoImpl extends GenericDaoBase implem return findOneBy(sc); } + @Override + public VpcGatewayVO getVpnGatewayForVpc(long vpcId) { + SearchCriteria sc = AllFieldsSearch.create(); + sc.setParameters("vpcId", vpcId); + sc.setParameters("type", VpcGateway.Type.Vpn); + + return findOneBy(sc); + } + } diff --git a/server/src/com/cloud/network/vpc/VpcManagerImpl.java b/server/src/com/cloud/network/vpc/VpcManagerImpl.java index 9185f20bbd3..9187f71dfeb 100644 --- a/server/src/com/cloud/network/vpc/VpcManagerImpl.java +++ b/server/src/com/cloud/network/vpc/VpcManagerImpl.java @@ -54,9 +54,12 @@ import com.cloud.network.NetworkVO; import com.cloud.network.Networks.BroadcastDomainType; import com.cloud.network.Networks.TrafficType; import com.cloud.network.PhysicalNetwork; +import com.cloud.network.Site2SiteVpnGateway; +import com.cloud.network.addr.PublicIp; import com.cloud.network.dao.IPAddressDao; import com.cloud.network.dao.NetworkDao; import com.cloud.network.dao.PhysicalNetworkDao; +import com.cloud.network.dao.Site2SiteVpnGatewayDao; import com.cloud.network.element.VpcProvider; import com.cloud.network.vpc.VpcOffering.State; import com.cloud.network.vpc.Dao.PrivateIpDao; @@ -141,6 +144,8 @@ public class VpcManagerImpl implements VpcManager, Manager{ PhysicalNetworkDao _pNtwkDao; @Inject ResourceTagDao _resourceTagDao; + @Inject + Site2SiteVpnGatewayDao _vpnGatewayDao; private final ScheduledExecutorService _executor = Executors.newScheduledThreadPool(1, new NamedThreadFactory("VpcChecker")); diff --git a/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java b/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java index 39aa2fb719b..b3de9040ddb 100644 --- a/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java +++ b/server/src/com/cloud/network/vpn/Site2SiteVpnManagerImpl.java @@ -24,6 +24,7 @@ import com.cloud.domain.Domain; import com.cloud.exception.InvalidParameterValueException; import com.cloud.exception.NetworkRuleConflictException; import com.cloud.exception.ResourceUnavailableException; +import com.cloud.network.IPAddressVO; import com.cloud.network.IpAddress; import com.cloud.network.NetworkManager; import com.cloud.network.Site2SiteCustomerGateway; @@ -38,9 +39,13 @@ import com.cloud.network.dao.Site2SiteCustomerGatewayDao; import com.cloud.network.dao.Site2SiteVpnConnectionDao; import com.cloud.network.dao.Site2SiteVpnGatewayDao; import com.cloud.network.element.Site2SiteVpnServiceProvider; +import com.cloud.network.vpc.VpcManager; +import com.cloud.network.vpc.VpcVO; import com.cloud.network.vpc.Dao.VpcDao; +import com.cloud.user.dao.AccountDao; import com.cloud.utils.component.Inject; import com.cloud.utils.component.Manager; +import com.cloud.utils.exception.CloudRuntimeException; import com.cloud.utils.net.NetUtils; @Local(value = Site2SiteVpnService.class) @@ -53,6 +58,8 @@ public class Site2SiteVpnManagerImpl implements Site2SiteVpnService, Manager { @Inject NetworkManager _networkMgr; @Inject VpcDao _vpcDao; @Inject IPAddressDao _ipAddressDao; + @Inject AccountDao _accountDao; + @Inject VpcManager _vpcMgr; String _name; @@ -79,17 +86,13 @@ public class Site2SiteVpnManagerImpl implements Site2SiteVpnService, Manager { @Override public Site2SiteVpnGateway createVpnGateway(CreateVpnGatewayCmd cmd) { - Long ipId = cmd.getPublicIpId(); - IpAddress ip = _networkMgr.getIp(ipId); - Long vpcId = ip.getVpcId(); - if (ip.getVpcId() == null) { - throw new InvalidParameterValueException("The VPN gateway cannot create with ip not belong to VPC"); - } - if (_vpnGatewayDao.findByIpAddrId(ipId) != null) { - throw new InvalidParameterValueException("The VPN gateway with ip ID " + ipId + " already existed!"); + Long vpcId = cmd.getVpcId(); + VpcVO vpc = _vpcDao.findById(vpcId); + if (vpc == null) { + throw new InvalidParameterValueException("Invalid VPC " + vpcId + " for site to site vpn gateway creation!"); } - List gws = _vpnGatewayDao.listByVpcId(vpcId); - if (gws != null && gws.size() != 0) { + Site2SiteVpnGatewayVO gws = _vpnGatewayDao.findByVpcId(vpcId); + if (gws != null) { throw new InvalidParameterValueException("The VPN gateway of VPC " + vpcId + " already existed!"); } Long accountId = cmd.getEntityOwnerId(); @@ -97,7 +100,13 @@ public class Site2SiteVpnManagerImpl implements Site2SiteVpnService, Manager { if (domainId == null) { domainId = Domain.ROOT_DOMAIN; } - Site2SiteVpnGatewayVO gw = new Site2SiteVpnGatewayVO(accountId, domainId, ipId); + //Use source NAT ip for VPC + List ips = _ipAddressDao.listByAssociatedVpc(vpcId, true); + if (ips.size() != 1) { + throw new CloudRuntimeException("Cannot found source nat ip of vpc " + vpcId); + } + + Site2SiteVpnGatewayVO gw = new Site2SiteVpnGatewayVO(accountId, domainId, ips.get(0).getId(), vpcId); _vpnGatewayDao.persist(gw); return gw; } @@ -155,8 +164,7 @@ public class Site2SiteVpnManagerImpl implements Site2SiteVpnService, Manager { if (vpnGateway == null) { throw new InvalidParameterValueException("Unable to found specified Site to Site VPN gateway " + vpnGatewayId + " !"); } - if (_vpnConnectionDao.findByCustomerGatewayId(customerGatewayId) != null || - _vpnConnectionDao.findByVpnGatewayId(vpnGatewayId) != null) { + if (_vpnConnectionDao.findByVpnGatewayIdAndCustomerGatewayId(vpnGatewayId, customerGatewayId) != null) { throw new InvalidParameterValueException("The vpn connection with customer gateway id " + customerGatewayId + " or vpn gateway id " + vpnGatewayId + " already existed!"); } @@ -210,6 +218,10 @@ public class Site2SiteVpnManagerImpl implements Site2SiteVpnService, Manager { if (customerGateway == null) { throw new InvalidParameterValueException("Fail to find customer gateway with " + id + " !"); } + List vpnConnections = _vpnConnectionDao.listByCustomerGatewayId(id); + if (vpnConnections != null && vpnConnections.size() != 0) { + throw new InvalidParameterValueException("Unable to delete VPN customer gateway " + id + " because there is still related VPN connections!"); + } _customerGatewayDao.remove(id); return true; } @@ -221,6 +233,10 @@ public class Site2SiteVpnManagerImpl implements Site2SiteVpnService, Manager { if (vpnGateway == null) { throw new InvalidParameterValueException("Fail to find vpn gateway with " + id + " !"); } + List conns = _vpnConnectionDao.listByVpnGatewayId(id); + if (conns != null && conns.size() != 0) { + throw new InvalidParameterValueException("Unable to delete VPN gateway " + id + " because there is still related VPN connections!"); + } _vpnGatewayDao.remove(id); return true; } @@ -232,10 +248,13 @@ public class Site2SiteVpnManagerImpl implements Site2SiteVpnService, Manager { if (gw == null) { throw new InvalidParameterValueException("Find to find customer gateway with id " + id); } - Site2SiteVpnConnection conn = _vpnConnectionDao.findByCustomerGatewayId(id); - if (conn != null && (conn.getState() != State.Disconnected || conn.getState() != State.Error)) { - throw new InvalidParameterValueException("Unable to update customer gateway because there is the correlate VPN connection " + conn.getId() - + " still active!"); + List conns = _vpnConnectionDao.listByCustomerGatewayId(id); + if (conns != null) { + for (Site2SiteVpnConnection conn : conns) { + if (conn.getState() != State.Disconnected || conn.getState() != State.Error) { + throw new InvalidParameterValueException("Unable to update customer gateway because there is active VPN connection " + conn.getId()); + } + } } String gatewayIp = cmd.getGatewayIp(); if (!NetUtils.isValidIp(gatewayIp)) { @@ -314,6 +333,9 @@ public class Site2SiteVpnManagerImpl implements Site2SiteVpnService, Manager { if (conn == null) { throw new InvalidParameterValueException("Fail to find site to site VPN connection " + id + " to reset!"); } + if (conn.getState() == State.Pending) { + throw new InvalidParameterValueException("VPN connection " + id + " cannot be reseted when state is Pending!"); + } if (conn.getState() == State.Connected || conn.getState() == State.Error) { stopVpnConnection(id); } @@ -342,7 +364,7 @@ public class Site2SiteVpnManagerImpl implements Site2SiteVpnService, Manager { if (id != null) { results.add(_vpnGatewayDao.findById(cmd.getId())); } else if (vpcId != null) { - results.addAll(_vpnGatewayDao.listByVpcId(vpcId)); + results.add(_vpnGatewayDao.findByVpcId(vpcId)); } else { //id == null && vpcId == null results.addAll(_vpnGatewayDao.listAll()); } diff --git a/setup/db/create-schema.sql b/setup/db/create-schema.sql index 7ec93adc829..7e3a1ee9f5b 100755 --- a/setup/db/create-schema.sql +++ b/setup/db/create-schema.sql @@ -2138,11 +2138,13 @@ CREATE TABLE `cloud`.`s2s_vpn_gateway` ( `id` bigint unsigned NOT NULL auto_increment COMMENT 'id', `uuid` varchar(40), `addr_id` bigint unsigned NOT NULL, + `vpc_id` bigint unsigned NOT NULL, `domain_id` bigint unsigned NOT NULL, `account_id` bigint unsigned NOT NULL, `removed` datetime COMMENT 'date removed if not null', PRIMARY KEY (`id`), CONSTRAINT `fk_s2s_vpn_gateway__addr_id` FOREIGN KEY (`addr_id`) REFERENCES `user_ip_address` (`id`) ON DELETE CASCADE, + CONSTRAINT `fk_s2s_vpn_gateway__vpc_id` FOREIGN KEY (`vpc_id`) REFERENCES `vpc` (`id`) ON DELETE CASCADE, CONSTRAINT `fk_s2s_vpn_gateway__account_id` FOREIGN KEY (`account_id`) REFERENCES `account`(`id`) ON DELETE CASCADE, CONSTRAINT `fk_s2s_vpn_gateway__domain_id` FOREIGN KEY (`domain_id`) REFERENCES `domain`(`id`) ON DELETE CASCADE, CONSTRAINT `uc_s2s_vpn_gateway__uuid` UNIQUE (`uuid`)