From d7201dfe1f49fb75054e1f0b6922ed21446ad130 Mon Sep 17 00:00:00 2001 From: anthony Date: Thu, 24 Jan 2013 17:26:51 -0800 Subject: [PATCH] CLOUDSTACK-737 add xenserver support in UI only XenServer and KVM clusters are allowed in security enabled zone. only shared security enabled networks are allowed in security enabled zone. --- .../src/com/cloud/network/NetworkManagerImpl.java | 15 +++++++++------ .../com/cloud/resource/ResourceManagerImpl.java | 6 ++++++ ui/scripts/zoneWizard.js | 1 - 3 files changed, 15 insertions(+), 7 deletions(-) diff --git a/server/src/com/cloud/network/NetworkManagerImpl.java b/server/src/com/cloud/network/NetworkManagerImpl.java index bb60dcfcdc8..b3273919002 100755 --- a/server/src/com/cloud/network/NetworkManagerImpl.java +++ b/server/src/com/cloud/network/NetworkManagerImpl.java @@ -1870,13 +1870,16 @@ public class NetworkManagerImpl implements NetworkManager, Manager, Listener { } else if (zone.getNetworkType() == NetworkType.Advanced) { if (zone.isSecurityGroupEnabled()) { - // Only Account specific Isolated network with sourceNat service disabled are allowed in security group + // Only shared network with sourceNat service disabled are allowed in security group // enabled zone - boolean allowCreation = (ntwkOff.getGuestType() == GuestType.Isolated - && !_networkModel.areServicesSupportedByNetworkOffering(ntwkOff.getId(), Service.SourceNat)); - if (!allowCreation) { - throw new InvalidParameterValueException("Only Account specific Isolated network with sourceNat " + - "service disabled are allowed in security group enabled zone"); + if ( ntwkOff.getGuestType() != GuestType.Shared ){ + throw new InvalidParameterValueException("Only shared guest network can be created in security group enabled zone"); + } + if ( _networkModel.areServicesSupportedByNetworkOffering(ntwkOff.getId(), Service.SourceNat)) { + throw new InvalidParameterValueException("Service SourceNat is not allowed in security group enabled zone"); + } + if ( _networkModel.areServicesSupportedByNetworkOffering(ntwkOff.getId(), Service.SecurityGroup)) { + throw new InvalidParameterValueException("network must have SecurityGroup provider in security group enabled zone"); } } diff --git a/server/src/com/cloud/resource/ResourceManagerImpl.java b/server/src/com/cloud/resource/ResourceManagerImpl.java index f82424a10c2..5817d4d827e 100755 --- a/server/src/com/cloud/resource/ResourceManagerImpl.java +++ b/server/src/com/cloud/resource/ResourceManagerImpl.java @@ -388,6 +388,12 @@ public class ResourceManagerImpl implements ResourceManager, ResourceService, Ma throw new InvalidParameterValueException("Unable to resolve " + cmd.getHypervisor() + " to a supported "); } + if (zone.isSecurityGroupEnabled()) { + if( hypervisorType != HypervisorType.KVM && hypervisorType != HypervisorType.XenServer ) { + throw new InvalidParameterValueException("Don't support hypervisor type " + hypervisorType + " in advanced security enabled zone"); + } + } + Cluster.ClusterType clusterType = null; if (cmd.getClusterType() != null && !cmd.getClusterType().isEmpty()) { clusterType = Cluster.ClusterType.valueOf(cmd.getClusterType()); diff --git a/ui/scripts/zoneWizard.js b/ui/scripts/zoneWizard.js index 26838a173c3..141cd6dd24a 100755 --- a/ui/scripts/zoneWizard.js +++ b/ui/scripts/zoneWizard.js @@ -373,7 +373,6 @@ var nonSupportedHypervisors = {}; if(args.context.zones[0]['network-model'] == "Advanced" && args.context.zones[0]['zone-advanced-sg-enabled'] == "on") { firstOption = "KVM"; - nonSupportedHypervisors["XenServer"] = 1; //to developers: comment this line if you need to test Advanced SG-enabled zone with XenServer hypervisor nonSupportedHypervisors["VMware"] = 1; nonSupportedHypervisors["BareMetal"] = 1; nonSupportedHypervisors["Ovm"] = 1;