diff --git a/core/src/com/cloud/agent/api/CleanupNetworkRulesCmd.java b/core/src/com/cloud/agent/api/CleanupNetworkRulesCmd.java new file mode 100644 index 00000000000..a82d6f8a0f3 --- /dev/null +++ b/core/src/com/cloud/agent/api/CleanupNetworkRulesCmd.java @@ -0,0 +1,46 @@ +/** + * Copyright (C) 2010 Cloud.com. All rights reserved. + * + * This software is licensed under the GNU General Public License v3 or later. + * + * It is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or any later +version. + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + * + */ +package com.cloud.agent.api; + +import java.util.Random; + + +public class CleanupNetworkRulesCmd extends Command implements CronCommand { + + static private Random random = new Random(); + private int interval = 10*60; + + @Override + public boolean executeInSequence() { + return false; + } + + + public CleanupNetworkRulesCmd() { + super(); + interval = 8*60 + random.nextInt(120); + } + + + @Override + public int getInterval() { + return interval; + } + +} diff --git a/core/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java b/core/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java index 62e3c296d54..d31a47eb6b8 100644 --- a/core/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java +++ b/core/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java @@ -64,6 +64,7 @@ import com.cloud.agent.api.CheckOnHostAnswer; import com.cloud.agent.api.CheckOnHostCommand; import com.cloud.agent.api.CheckVirtualMachineAnswer; import com.cloud.agent.api.CheckVirtualMachineCommand; +import com.cloud.agent.api.CleanupNetworkRulesCmd; import com.cloud.agent.api.Command; import com.cloud.agent.api.CreatePrivateTemplateFromSnapshotCommand; import com.cloud.agent.api.CreatePrivateTemplateFromVolumeCommand; @@ -456,6 +457,8 @@ public abstract class CitrixResourceBase implements ServerResource { return execute((OvsSetTagAndFlowCommand)cmd); } else if (cmd instanceof OvsDeleteFlowCommand) { return execute((OvsDeleteFlowCommand)cmd); + } else if (cmd instanceof CleanupNetworkRulesCmd){ + return execute((CleanupNetworkRulesCmd)cmd); } else { return Answer.createUnsupportedCommandAnswer(cmd); } @@ -637,6 +640,7 @@ public abstract class CitrixResourceBase implements ServerResource { } } +<<<<<<< HEAD protected VBD createVbd(Connection conn, VolumeTO volume, String vmName, VM vm, BootloaderType bootLoaderType) throws XmlRpcException, XenAPIException { VolumeType type = volume.getType(); @@ -5701,6 +5705,24 @@ public abstract class CitrixResourceBase implements ServerResource { return new Answer(cmd, false, msg); } } + + private Answer execute(CleanupNetworkRulesCmd cmd) { + if (!_canBridgeFirewall) { + return new Answer(cmd, true, null); + } + String result = callHostPlugin("cleanup_rules"); + int numCleaned = Integer.parseInt(result); + if (result == null || result.isEmpty() || (numCleaned < 0)) { + s_logger.warn("Failed to cleanup rules for host " + _host.ip); + return new Answer(cmd, false, result); + } + if (numCleaned > 0) { + s_logger.info("Cleaned up rules for " + result + " vms on host " + _host.ip); + } + return new Answer(cmd, true, result); + } + + protected class Nic { public Network n; diff --git a/scripts/vm/hypervisor/xenserver/vmops b/scripts/vm/hypervisor/xenserver/vmops index 02e7702cf87..a5d938ff061 100755 --- a/scripts/vm/hypervisor/xenserver/vmops +++ b/scripts/vm/hypervisor/xenserver/vmops @@ -862,7 +862,6 @@ def cleanup_rules(session, args): util.SMlog("Failed to cleanup rules !") return '-1'; - @echo def check_rule_log_for_vm(vmName, vmID, vmIP, domID, signature, seqno): vm_name = vmName; diff --git a/server/src/com/cloud/network/security/SecurityGroupListener.java b/server/src/com/cloud/network/security/SecurityGroupListener.java index 715d4549213..ee6b5dd64e5 100644 --- a/server/src/com/cloud/network/security/SecurityGroupListener.java +++ b/server/src/com/cloud/network/security/SecurityGroupListener.java @@ -28,10 +28,14 @@ import com.cloud.agent.Listener; import com.cloud.agent.api.AgentControlAnswer; import com.cloud.agent.api.AgentControlCommand; import com.cloud.agent.api.Answer; +import com.cloud.agent.api.CleanupNetworkRulesCmd; import com.cloud.agent.api.Command; import com.cloud.agent.api.SecurityIngressRuleAnswer; import com.cloud.agent.api.PingRoutingWithNwGroupsCommand; import com.cloud.agent.api.StartupCommand; +import com.cloud.agent.api.StartupRoutingCommand; +import com.cloud.agent.manager.Commands; +import com.cloud.exception.AgentUnavailableException; import com.cloud.host.HostVO; import com.cloud.host.Status; import com.cloud.network.security.SecurityGroupWorkVO.Step; @@ -112,6 +116,23 @@ public class SecurityGroupListener implements Listener { @Override public void processConnect(HostVO host, StartupCommand cmd) { + if(s_logger.isInfoEnabled()) + s_logger.info("Received a host startup notification"); + + if (cmd instanceof StartupRoutingCommand) { + //if (Boolean.toString(true).equals(host.getDetail("can_bridge_firewall"))) { + try { + CleanupNetworkRulesCmd cleanupCmd = new CleanupNetworkRulesCmd(); + Commands c = new Commands(cleanupCmd); + _agentMgr.send(host.getId(), c, this); + if(s_logger.isInfoEnabled()) + s_logger.info("Scheduled network rules cleanup, interval=" + cleanupCmd.getInterval()); + } catch (AgentUnavailableException e) { + s_logger.warn("Unable to schedule network rules cleanup"); + } + + } + }